]> git.proxmox.com Git - mirror_ovs.git/blob - datapath/datapath.c
projects / mirror_ovs.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
datapath: Remove flow member from struct ovs_skb_cb
[mirror_ovs.git] / datapath / datapath.c
1 /*
2 * Copyright (c) 2007-2014 Nicira, Inc.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of version 2 of the GNU General Public
6 * License as published by the Free Software Foundation.
7 *
8 * This program is distributed in the hope that it will be useful, but
9 * WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
11 * General Public License for more details.
12 *
13 * You should have received a copy of the GNU General Public License
14 * along with this program; if not, write to the Free Software
15 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
16 * 02110-1301, USA
17 */
18
19 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
20
21 #include <linux/init.h>
22 #include <linux/module.h>
23 #include <linux/if_arp.h>
24 #include <linux/if_vlan.h>
25 #include <linux/in.h>
26 #include <linux/ip.h>
27 #include <linux/jhash.h>
28 #include <linux/delay.h>
29 #include <linux/time.h>
30 #include <linux/etherdevice.h>
31 #include <linux/genetlink.h>
32 #include <linux/kernel.h>
33 #include <linux/kthread.h>
34 #include <linux/mutex.h>
35 #include <linux/percpu.h>
36 #include <linux/rcupdate.h>
37 #include <linux/tcp.h>
38 #include <linux/udp.h>
39 #include <linux/version.h>
40 #include <linux/ethtool.h>
41 #include <linux/wait.h>
42 #include <asm/div64.h>
43 #include <linux/highmem.h>
44 #include <linux/netfilter_bridge.h>
45 #include <linux/netfilter_ipv4.h>
46 #include <linux/inetdevice.h>
47 #include <linux/list.h>
48 #include <linux/openvswitch.h>
49 #include <linux/rculist.h>
50 #include <linux/dmi.h>
51 #include <linux/genetlink.h>
52 #include <net/genetlink.h>
53 #include <net/genetlink.h>
54 #include <net/net_namespace.h>
55 #include <net/netns/generic.h>
56
57 #include "datapath.h"
58 #include "flow.h"
59 #include "flow_table.h"
60 #include "flow_netlink.h"
61 #include "vlan.h"
62 #include "vport-internal_dev.h"
63 #include "vport-netdev.h"
64
65 int ovs_net_id __read_mostly;
66
67 static struct genl_family dp_packet_genl_family;
68 static struct genl_family dp_flow_genl_family;
69 static struct genl_family dp_datapath_genl_family;
70
71 static struct genl_multicast_group ovs_dp_flow_multicast_group = {
72 .name = OVS_FLOW_MCGROUP
73 };
74
75 static struct genl_multicast_group ovs_dp_datapath_multicast_group = {
76 .name = OVS_DATAPATH_MCGROUP
77 };
78
79 struct genl_multicast_group ovs_dp_vport_multicast_group = {
80 .name = OVS_VPORT_MCGROUP
81 };
82
83 /* Check if need to build a reply message.
84 * OVS userspace sets the NLM_F_ECHO flag if it needs the reply. */
85 static bool ovs_must_notify(struct genl_info *info,
86 const struct genl_multicast_group *grp)
87 {
88 return info->nlhdr->nlmsg_flags & NLM_F_ECHO ||
89 netlink_has_listeners(genl_info_net(info)->genl_sock, GROUP_ID(grp));
90 }
91
92 static void ovs_notify(struct genl_family *family, struct genl_multicast_group *grp,
93 struct sk_buff *skb, struct genl_info *info)
94 {
95 genl_notify(family, skb, genl_info_net(info),
96 info->snd_portid, GROUP_ID(grp), info->nlhdr, GFP_KERNEL);
97 }
98
99 /**
100 * DOC: Locking:
101 *
102 * All writes e.g. Writes to device state (add/remove datapath, port, set
103 * operations on vports, etc.), Writes to other state (flow table
104 * modifications, set miscellaneous datapath parameters, etc.) are protected
105 * by ovs_lock.
106 *
107 * Reads are protected by RCU.
108 *
109 * There are a few special cases (mostly stats) that have their own
110 * synchronization but they nest under all of above and don't interact with
111 * each other.
112 *
113 * The RTNL lock nests inside ovs_mutex.
114 */
115
116 static DEFINE_MUTEX(ovs_mutex);
117
118 void ovs_lock(void)
119 {
120 mutex_lock(&ovs_mutex);
121 }
122
123 void ovs_unlock(void)
124 {
125 mutex_unlock(&ovs_mutex);
126 }
127
128 #ifdef CONFIG_LOCKDEP
129 int lockdep_ovsl_is_held(void)
130 {
131 if (debug_locks)
132 return lockdep_is_held(&ovs_mutex);
133 else
134 return 1;
135 }
136 #endif
137
138 static int queue_gso_packets(struct datapath *dp, struct sk_buff *,
139 const struct dp_upcall_info *);
140 static int queue_userspace_packet(struct datapath *dp, struct sk_buff *,
141 const struct dp_upcall_info *);
142
143 /* Must be called with rcu_read_lock. */
144 static struct datapath *get_dp_rcu(struct net *net, int dp_ifindex)
145 {
146 struct net_device *dev = dev_get_by_index_rcu(net, dp_ifindex);
147
148 if (dev) {
149 struct vport *vport = ovs_internal_dev_get_vport(dev);
150 if (vport)
151 return vport->dp;
152 }
153
154 return NULL;
155 }
156
157 /* The caller must hold either ovs_mutex or rcu_read_lock to keep the
158 * returned dp pointer valid. */
159 static inline struct datapath *get_dp(struct net *net, int dp_ifindex)
160 {
161 struct datapath *dp;
162
163 WARN_ON_ONCE(!rcu_read_lock_held() && !lockdep_ovsl_is_held());
164 rcu_read_lock();
165 dp = get_dp_rcu(net, dp_ifindex);
166 rcu_read_unlock();
167
168 return dp;
169 }
170
171 /* Must be called with rcu_read_lock or ovs_mutex. */
172 const char *ovs_dp_name(const struct datapath *dp)
173 {
174 struct vport *vport = ovs_vport_ovsl_rcu(dp, OVSP_LOCAL);
175 return vport->ops->get_name(vport);
176 }
177
178 static int get_dpifindex(struct datapath *dp)
179 {
180 struct vport *local;
181 int ifindex;
182
183 rcu_read_lock();
184
185 local = ovs_vport_rcu(dp, OVSP_LOCAL);
186 if (local)
187 ifindex = netdev_vport_priv(local)->dev->ifindex;
188 else
189 ifindex = 0;
190
191 rcu_read_unlock();
192
193 return ifindex;
194 }
195
196 static void destroy_dp_rcu(struct rcu_head *rcu)
197 {
198 struct datapath *dp = container_of(rcu, struct datapath, rcu);
199
200 ovs_flow_tbl_destroy(&dp->table);
201 free_percpu(dp->stats_percpu);
202 release_net(ovs_dp_get_net(dp));
203 kfree(dp->ports);
204 kfree(dp);
205 }
206
207 static struct hlist_head *vport_hash_bucket(const struct datapath *dp,
208 u16 port_no)
209 {
210 return &dp->ports[port_no & (DP_VPORT_HASH_BUCKETS - 1)];
211 }
212
213 /* Called with ovs_mutex or RCU read lock. */
214 struct vport *ovs_lookup_vport(const struct datapath *dp, u16 port_no)
215 {
216 struct vport *vport;
217 struct hlist_head *head;
218
219 head = vport_hash_bucket(dp, port_no);
220 hlist_for_each_entry_rcu(vport, head, dp_hash_node) {
221 if (vport->port_no == port_no)
222 return vport;
223 }
224 return NULL;
225 }
226
227 /* Called with ovs_mutex. */
228 static struct vport *new_vport(const struct vport_parms *parms)
229 {
230 struct vport *vport;
231
232 vport = ovs_vport_add(parms);
233 if (!IS_ERR(vport)) {
234 struct datapath *dp = parms->dp;
235 struct hlist_head *head = vport_hash_bucket(dp, vport->port_no);
236
237 hlist_add_head_rcu(&vport->dp_hash_node, head);
238 }
239 return vport;
240 }
241
242 void ovs_dp_detach_port(struct vport *p)
243 {
244 ASSERT_OVSL();
245
246 /* First drop references to device. */
247 hlist_del_rcu(&p->dp_hash_node);
248
249 /* Then destroy it. */
250 ovs_vport_del(p);
251 }
252
253 /* Must be called with rcu_read_lock. */
254 void ovs_dp_process_packet(struct sk_buff *skb, bool recirc)
255 {
256 const struct vport *p = OVS_CB(skb)->input_vport;
257 struct sw_flow_key *pkt_key = OVS_CB(skb)->pkt_key;
258 struct datapath *dp = p->dp;
259 struct sw_flow *flow;
260 struct sw_flow_actions *sf_acts;
261 struct dp_stats_percpu *stats;
262 u64 *stats_counter;
263 u32 n_mask_hit;
264
265 stats = this_cpu_ptr(dp->stats_percpu);
266
267 /* Look up flow. */
268 flow = ovs_flow_tbl_lookup_stats(&dp->table, pkt_key, skb_get_hash(skb),
269 &n_mask_hit);
270 if (unlikely(!flow)) {
271 struct dp_upcall_info upcall;
272
273 upcall.cmd = OVS_PACKET_CMD_MISS;
274 upcall.userdata = NULL;
275 upcall.portid = ovs_vport_find_upcall_portid(p, skb);
276 upcall.egress_tun_info = NULL;
277 ovs_dp_upcall(dp, skb, &upcall);
278 consume_skb(skb);
279 stats_counter = &stats->n_missed;
280 goto out;
281 }
282
283 ovs_flow_stats_update(flow, pkt_key->tp.flags, skb);
284
285 sf_acts = rcu_dereference(flow->sf_acts);
286 ovs_execute_actions(dp, skb, sf_acts, recirc);
287 stats_counter = &stats->n_hit;
288
289 out:
290 /* Update datapath statistics. */
291 u64_stats_update_begin(&stats->sync);
292 (*stats_counter)++;
293 stats->n_mask_hit += n_mask_hit;
294 u64_stats_update_end(&stats->sync);
295 }
296
297 int ovs_dp_upcall(struct datapath *dp, struct sk_buff *skb,
298 const struct dp_upcall_info *upcall_info)
299 {
300 struct dp_stats_percpu *stats;
301 int err;
302
303 BUG_ON(!OVS_CB(skb)->pkt_key);
304
305 if (upcall_info->portid == 0) {
306 err = -ENOTCONN;
307 goto err;
308 }
309
310 if (!skb_is_gso(skb))
311 err = queue_userspace_packet(dp, skb, upcall_info);
312 else
313 err = queue_gso_packets(dp, skb, upcall_info);
314 if (err)
315 goto err;
316
317 return 0;
318
319 err:
320 stats = this_cpu_ptr(dp->stats_percpu);
321
322 u64_stats_update_begin(&stats->sync);
323 stats->n_lost++;
324 u64_stats_update_end(&stats->sync);
325
326 return err;
327 }
328
329 static int queue_gso_packets(struct datapath *dp, struct sk_buff *skb,
330 const struct dp_upcall_info *upcall_info)
331 {
332 unsigned short gso_type = skb_shinfo(skb)->gso_type;
333 struct sw_flow_key later_key;
334 struct sk_buff *segs, *nskb;
335 int err;
336
337 segs = __skb_gso_segment(skb, NETIF_F_SG, false);
338 if (IS_ERR(segs))
339 return PTR_ERR(segs);
340
341 if (gso_type & SKB_GSO_UDP) {
342 /* The initial flow key extracted by ovs_flow_key_extract()
343 * in this case is for a first fragment, so we need to
344 * properly mark later fragments.
345 */
346 later_key = *OVS_CB(skb)->pkt_key;
347 later_key.ip.frag = OVS_FRAG_TYPE_LATER;
348 }
349
350 /* Queue all of the segments. */
351 skb = segs;
352 do {
353 if (gso_type & SKB_GSO_UDP && skb != segs)
354 OVS_CB(skb)->pkt_key = &later_key;
355
356 err = queue_userspace_packet(dp, skb, upcall_info);
357 if (err)
358 break;
359
360 } while ((skb = skb->next));
361
362 /* Free all of the segments. */
363 skb = segs;
364 do {
365 nskb = skb->next;
366 if (err)
367 kfree_skb(skb);
368 else
369 consume_skb(skb);
370 } while ((skb = nskb));
371 return err;
372 }
373
374 static size_t upcall_msg_size(const struct dp_upcall_info *upcall_info,
375 unsigned int hdrlen)
376 {
377 size_t size = NLMSG_ALIGN(sizeof(struct ovs_header))
378 + nla_total_size(hdrlen) /* OVS_PACKET_ATTR_PACKET */
379 + nla_total_size(ovs_key_attr_size()); /* OVS_PACKET_ATTR_KEY */
380
381 /* OVS_PACKET_ATTR_USERDATA */
382 if (upcall_info->userdata)
383 size += NLA_ALIGN(upcall_info->userdata->nla_len);
384
385 /* OVS_PACKET_ATTR_EGRESS_TUN_KEY */
386 if (upcall_info->egress_tun_info)
387 size += nla_total_size(ovs_tun_key_attr_size());
388
389 return size;
390 }
391
392 static int queue_userspace_packet(struct datapath *dp, struct sk_buff *skb,
393 const struct dp_upcall_info *upcall_info)
394 {
395 struct ovs_header *upcall;
396 struct sk_buff *nskb = NULL;
397 struct sk_buff *user_skb; /* to be queued to userspace */
398 struct sw_flow_key *pkt_key = OVS_CB(skb)->pkt_key;
399 struct nlattr *nla;
400 struct genl_info info = {
401 #if LINUX_VERSION_CODE >= KERNEL_VERSION(3,14,0)
402 .dst_sk = ovs_dp_get_net(dp)->genl_sock,
403 #endif
404 .snd_portid = upcall_info->portid,
405 };
406 size_t len;
407 unsigned int hlen;
408 int err, dp_ifindex;
409
410 dp_ifindex = get_dpifindex(dp);
411 if (!dp_ifindex)
412 return -ENODEV;
413
414 if (vlan_tx_tag_present(skb)) {
415 nskb = skb_clone(skb, GFP_ATOMIC);
416 if (!nskb)
417 return -ENOMEM;
418
419 nskb = __vlan_put_tag(nskb, nskb->vlan_proto, vlan_tx_tag_get(nskb));
420 if (!nskb)
421 return -ENOMEM;
422
423 vlan_set_tci(nskb, 0);
424
425 skb = nskb;
426 }
427
428 if (nla_attr_size(skb->len) > USHRT_MAX) {
429 err = -EFBIG;
430 goto out;
431 }
432
433 /* Complete checksum if needed */
434 if (skb->ip_summed == CHECKSUM_PARTIAL &&
435 (err = skb_checksum_help(skb)))
436 goto out;
437
438 /* Older versions of OVS user space enforce alignment of the last
439 * Netlink attribute to NLA_ALIGNTO which would require extensive
440 * padding logic. Only perform zerocopy if padding is not required.
441 */
442 if (dp->user_features & OVS_DP_F_UNALIGNED)
443 hlen = skb_zerocopy_headlen(skb);
444 else
445 hlen = skb->len;
446
447 len = upcall_msg_size(upcall_info, hlen);
448 user_skb = genlmsg_new_unicast(len, &info, GFP_ATOMIC);
449 if (!user_skb) {
450 err = -ENOMEM;
451 goto out;
452 }
453
454 upcall = genlmsg_put(user_skb, 0, 0, &dp_packet_genl_family,
455 0, upcall_info->cmd);
456 upcall->dp_ifindex = dp_ifindex;
457
458 nla = nla_nest_start(user_skb, OVS_PACKET_ATTR_KEY);
459 err = ovs_nla_put_flow(dp, pkt_key, pkt_key, user_skb);
460 BUG_ON(err);
461 nla_nest_end(user_skb, nla);
462
463 if (upcall_info->userdata)
464 __nla_put(user_skb, OVS_PACKET_ATTR_USERDATA,
465 nla_len(upcall_info->userdata),
466 nla_data(upcall_info->userdata));
467
468 if (upcall_info->egress_tun_info) {
469 nla = nla_nest_start(user_skb, OVS_PACKET_ATTR_EGRESS_TUN_KEY);
470 err = ovs_nla_put_egress_tunnel_key(user_skb,
471 upcall_info->egress_tun_info);
472 BUG_ON(err);
473 nla_nest_end(user_skb, nla);
474 }
475
476 /* Only reserve room for attribute header, packet data is added
477 * in skb_zerocopy() */
478 if (!(nla = nla_reserve(user_skb, OVS_PACKET_ATTR_PACKET, 0))) {
479 err = -ENOBUFS;
480 goto out;
481 }
482 nla->nla_len = nla_attr_size(skb->len);
483
484 err = skb_zerocopy(user_skb, skb, skb->len, hlen);
485 if (err)
486 goto out;
487
488 /* Pad OVS_PACKET_ATTR_PACKET if linear copy was performed */
489 if (!(dp->user_features & OVS_DP_F_UNALIGNED)) {
490 size_t plen = NLA_ALIGN(user_skb->len) - user_skb->len;
491
492 if (plen > 0)
493 memset(skb_put(user_skb, plen), 0, plen);
494 }
495
496 ((struct nlmsghdr *) user_skb->data)->nlmsg_len = user_skb->len;
497
498 err = genlmsg_unicast(ovs_dp_get_net(dp), user_skb, upcall_info->portid);
499 out:
500 if (err)
501 skb_tx_error(skb);
502 kfree_skb(nskb);
503 return err;
504 }
505
506 static int ovs_packet_cmd_execute(struct sk_buff *skb, struct genl_info *info)
507 {
508 struct ovs_header *ovs_header = info->userhdr;
509 struct nlattr **a = info->attrs;
510 struct sw_flow_actions *acts;
511 struct sk_buff *packet;
512 struct sw_flow *flow;
513 struct sw_flow_actions *sf_acts;
514 struct datapath *dp;
515 struct ethhdr *eth;
516 struct vport *input_vport;
517 int len;
518 int err;
519
520 err = -EINVAL;
521 if (!a[OVS_PACKET_ATTR_PACKET] || !a[OVS_PACKET_ATTR_KEY] ||
522 !a[OVS_PACKET_ATTR_ACTIONS])
523 goto err;
524
525 len = nla_len(a[OVS_PACKET_ATTR_PACKET]);
526 packet = __dev_alloc_skb(NET_IP_ALIGN + len, GFP_KERNEL);
527 err = -ENOMEM;
528 if (!packet)
529 goto err;
530 skb_reserve(packet, NET_IP_ALIGN);
531
532 nla_memcpy(__skb_put(packet, len), a[OVS_PACKET_ATTR_PACKET], len);
533
534 skb_reset_mac_header(packet);
535 eth = eth_hdr(packet);
536
537 /* Normally, setting the skb 'protocol' field would be handled by a
538 * call to eth_type_trans(), but it assumes there's a sending
539 * device, which we may not have. */
540 if (ntohs(eth->h_proto) >= ETH_P_802_3_MIN)
541 packet->protocol = eth->h_proto;
542 else
543 packet->protocol = htons(ETH_P_802_2);
544
545 /* Build an sw_flow for sending this packet. */
546 flow = ovs_flow_alloc();
547 err = PTR_ERR(flow);
548 if (IS_ERR(flow))
549 goto err_kfree_skb;
550
551 err = ovs_flow_key_extract_userspace(a[OVS_PACKET_ATTR_KEY], packet,
552 &flow->key);
553 if (err)
554 goto err_flow_free;
555
556 err = ovs_nla_copy_actions(a[OVS_PACKET_ATTR_ACTIONS],
557 &flow->key, &acts);
558 if (err)
559 goto err_flow_free;
560
561 rcu_assign_pointer(flow->sf_acts, acts);
562 OVS_CB(packet)->pkt_key = &flow->key;
563 OVS_CB(skb)->egress_tun_info = NULL;
564 packet->priority = flow->key.phy.priority;
565 packet->mark = flow->key.phy.skb_mark;
566
567 rcu_read_lock();
568 dp = get_dp_rcu(sock_net(skb->sk), ovs_header->dp_ifindex);
569 err = -ENODEV;
570 if (!dp)
571 goto err_unlock;
572
573 input_vport = ovs_vport_rcu(dp, flow->key.phy.in_port);
574 if (!input_vport)
575 input_vport = ovs_vport_rcu(dp, OVSP_LOCAL);
576
577 if (!input_vport)
578 goto err_unlock;
579
580 OVS_CB(packet)->input_vport = input_vport;
581 sf_acts = rcu_dereference(flow->sf_acts);
582
583 local_bh_disable();
584 err = ovs_execute_actions(dp, packet, sf_acts, false);
585 local_bh_enable();
586 rcu_read_unlock();
587
588 ovs_flow_free(flow, false);
589 return err;
590
591 err_unlock:
592 rcu_read_unlock();
593 err_flow_free:
594 ovs_flow_free(flow, false);
595 err_kfree_skb:
596 kfree_skb(packet);
597 err:
598 return err;
599 }
600
601 static const struct nla_policy packet_policy[OVS_PACKET_ATTR_MAX + 1] = {
602 [OVS_PACKET_ATTR_PACKET] = { .len = ETH_HLEN },
603 [OVS_PACKET_ATTR_KEY] = { .type = NLA_NESTED },
604 [OVS_PACKET_ATTR_ACTIONS] = { .type = NLA_NESTED },
605 };
606
607 static struct genl_ops dp_packet_genl_ops[] = {
608 { .cmd = OVS_PACKET_CMD_EXECUTE,
609 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
610 .policy = packet_policy,
611 .doit = ovs_packet_cmd_execute
612 }
613 };
614
615 static struct genl_family dp_packet_genl_family = {
616 .id = GENL_ID_GENERATE,
617 .hdrsize = sizeof(struct ovs_header),
618 .name = OVS_PACKET_FAMILY,
619 .version = OVS_PACKET_VERSION,
620 .maxattr = OVS_PACKET_ATTR_MAX,
621 .netnsok = true,
622 .parallel_ops = true,
623 .ops = dp_packet_genl_ops,
624 .n_ops = ARRAY_SIZE(dp_packet_genl_ops),
625 };
626
627 static void get_dp_stats(struct datapath *dp, struct ovs_dp_stats *stats,
628 struct ovs_dp_megaflow_stats *mega_stats)
629 {
630 int i;
631
632 memset(mega_stats, 0, sizeof(*mega_stats));
633
634 stats->n_flows = ovs_flow_tbl_count(&dp->table);
635 mega_stats->n_masks = ovs_flow_tbl_num_masks(&dp->table);
636
637 stats->n_hit = stats->n_missed = stats->n_lost = 0;
638
639 for_each_possible_cpu(i) {
640 const struct dp_stats_percpu *percpu_stats;
641 struct dp_stats_percpu local_stats;
642 unsigned int start;
643
644 percpu_stats = per_cpu_ptr(dp->stats_percpu, i);
645
646 do {
647 start = u64_stats_fetch_begin_irq(&percpu_stats->sync);
648 local_stats = *percpu_stats;
649 } while (u64_stats_fetch_retry_irq(&percpu_stats->sync, start));
650
651 stats->n_hit += local_stats.n_hit;
652 stats->n_missed += local_stats.n_missed;
653 stats->n_lost += local_stats.n_lost;
654 mega_stats->n_mask_hit += local_stats.n_mask_hit;
655 }
656 }
657
658 static size_t ovs_flow_cmd_msg_size(const struct sw_flow_actions *acts)
659 {
660 return NLMSG_ALIGN(sizeof(struct ovs_header))
661 + nla_total_size(ovs_key_attr_size()) /* OVS_FLOW_ATTR_KEY */
662 + nla_total_size(ovs_key_attr_size()) /* OVS_FLOW_ATTR_MASK */
663 + nla_total_size(sizeof(struct ovs_flow_stats)) /* OVS_FLOW_ATTR_STATS */
664 + nla_total_size(1) /* OVS_FLOW_ATTR_TCP_FLAGS */
665 + nla_total_size(8) /* OVS_FLOW_ATTR_USED */
666 + nla_total_size(acts->actions_len); /* OVS_FLOW_ATTR_ACTIONS */
667 }
668
669 /* Called with ovs_mutex or RCU read lock. */
670 static int ovs_flow_cmd_fill_match(struct datapath *dp,
671 const struct sw_flow *flow,
672 struct sk_buff *skb)
673 {
674 struct nlattr *nla;
675 int err;
676
677 /* Fill flow key. */
678 nla = nla_nest_start(skb, OVS_FLOW_ATTR_KEY);
679 if (!nla)
680 return -EMSGSIZE;
681
682 err = ovs_nla_put_flow(dp, &flow->unmasked_key,
683 &flow->unmasked_key, skb);
684 if (err)
685 return err;
686 nla_nest_end(skb, nla);
687
688 /* Fill flow mask. */
689 nla = nla_nest_start(skb, OVS_FLOW_ATTR_MASK);
690 if (!nla)
691 return -EMSGSIZE;
692
693 err = ovs_nla_put_flow(dp, &flow->key, &flow->mask->key, skb);
694 if (err)
695 return err;
696 nla_nest_end(skb, nla);
697
698 return 0;
699 }
700
701 /* Called with ovs_mutex or RCU read lock. */
702 static int ovs_flow_cmd_fill_stats(const struct sw_flow *flow,
703 struct sk_buff *skb)
704 {
705 struct ovs_flow_stats stats;
706 __be16 tcp_flags;
707 unsigned long used;
708
709 ovs_flow_stats_get(flow, &stats, &used, &tcp_flags);
710
711 if (used &&
712 nla_put_u64(skb, OVS_FLOW_ATTR_USED, ovs_flow_used_time(used)))
713 return -EMSGSIZE;
714
715 if (stats.n_packets &&
716 nla_put(skb, OVS_FLOW_ATTR_STATS, sizeof(struct ovs_flow_stats), &stats))
717 return -EMSGSIZE;
718
719 if ((u8)ntohs(tcp_flags) &&
720 nla_put_u8(skb, OVS_FLOW_ATTR_TCP_FLAGS, (u8)ntohs(tcp_flags)))
721 return -EMSGSIZE;
722
723 return 0;
724 }
725
726 /* Called with ovs_mutex or RCU read lock. */
727 static int ovs_flow_cmd_fill_actions(const struct sw_flow *flow,
728 struct sk_buff *skb, int skb_orig_len)
729 {
730 struct nlattr *start;
731 int err;
732
733 /* If OVS_FLOW_ATTR_ACTIONS doesn't fit, skip dumping the actions if
734 * this is the first flow to be dumped into 'skb'. This is unusual for
735 * Netlink but individual action lists can be longer than
736 * NLMSG_GOODSIZE and thus entirely undumpable if we didn't do this.
737 * The userspace caller can always fetch the actions separately if it
738 * really wants them. (Most userspace callers in fact don't care.)
739 *
740 * This can only fail for dump operations because the skb is always
741 * properly sized for single flows.
742 */
743 start = nla_nest_start(skb, OVS_FLOW_ATTR_ACTIONS);
744 if (start) {
745 const struct sw_flow_actions *sf_acts;
746
747 sf_acts = rcu_dereference_ovsl(flow->sf_acts);
748 err = ovs_nla_put_actions(sf_acts->actions,
749 sf_acts->actions_len, skb);
750
751 if (!err)
752 nla_nest_end(skb, start);
753 else {
754 if (skb_orig_len)
755 return err;
756
757 nla_nest_cancel(skb, start);
758 }
759 } else if (skb_orig_len) {
760 return -EMSGSIZE;
761 }
762
763 return 0;
764 }
765
766 /* Called with ovs_mutex or RCU read lock. */
767 static int ovs_flow_cmd_fill_info(struct datapath *dp,
768 const struct sw_flow *flow, int dp_ifindex,
769 struct sk_buff *skb, u32 portid,
770 u32 seq, u32 flags, u8 cmd)
771 {
772 const int skb_orig_len = skb->len;
773 struct ovs_header *ovs_header;
774 int err;
775
776 ovs_header = genlmsg_put(skb, portid, seq, &dp_flow_genl_family, flags, cmd);
777 if (!ovs_header)
778 return -EMSGSIZE;
779 ovs_header->dp_ifindex = dp_ifindex;
780
781 err = ovs_flow_cmd_fill_match(dp, flow, skb);
782 if (err)
783 goto error;
784
785 err = ovs_flow_cmd_fill_stats(flow, skb);
786 if (err)
787 goto error;
788
789 err = ovs_flow_cmd_fill_actions(flow, skb, skb_orig_len);
790 if (err)
791 goto error;
792
793 return genlmsg_end(skb, ovs_header);
794
795 error:
796 genlmsg_cancel(skb, ovs_header);
797 return err;
798 }
799
800 /* May not be called with RCU read lock. */
801 static struct sk_buff *ovs_flow_cmd_alloc_info(const struct sw_flow_actions *acts,
802 struct genl_info *info,
803 bool always)
804 {
805 struct sk_buff *skb;
806
807 if (!always && !ovs_must_notify(info, &ovs_dp_flow_multicast_group))
808 return NULL;
809
810 skb = genlmsg_new_unicast(ovs_flow_cmd_msg_size(acts), info, GFP_KERNEL);
811
812 if (!skb)
813 return ERR_PTR(-ENOMEM);
814
815 return skb;
816 }
817
818 /* Called with ovs_mutex. */
819 static struct sk_buff *ovs_flow_cmd_build_info(struct datapath *dp,
820 const struct sw_flow *flow,
821 int dp_ifindex,
822 struct genl_info *info, u8 cmd,
823 bool always)
824 {
825 struct sk_buff *skb;
826 int retval;
827
828 skb = ovs_flow_cmd_alloc_info(ovsl_dereference(flow->sf_acts), info,
829 always);
830 if (!skb || IS_ERR(skb))
831 return skb;
832
833 retval = ovs_flow_cmd_fill_info(dp, flow, dp_ifindex, skb,
834 info->snd_portid, info->snd_seq, 0,
835 cmd);
836 BUG_ON(retval < 0);
837 return skb;
838 }
839
840 static int ovs_flow_cmd_new(struct sk_buff *skb, struct genl_info *info)
841 {
842 struct nlattr **a = info->attrs;
843 struct ovs_header *ovs_header = info->userhdr;
844 struct sw_flow *flow, *new_flow;
845 struct sw_flow_mask mask;
846 struct sk_buff *reply;
847 struct datapath *dp;
848 struct sw_flow_actions *acts;
849 struct sw_flow_match match;
850 int error;
851
852 /* Must have key and actions. */
853 error = -EINVAL;
854 if (!a[OVS_FLOW_ATTR_KEY]) {
855 OVS_NLERR("Flow key attribute not present in new flow.\n");
856 goto error;
857 }
858 if (!a[OVS_FLOW_ATTR_ACTIONS]) {
859 OVS_NLERR("Flow actions attribute not present in new flow.\n");
860 goto error;
861 }
862
863 /* Most of the time we need to allocate a new flow, do it before
864 * locking. */
865 new_flow = ovs_flow_alloc();
866 if (IS_ERR(new_flow)) {
867 error = PTR_ERR(new_flow);
868 goto error;
869 }
870
871 /* Extract key. */
872 ovs_match_init(&match, &new_flow->unmasked_key, &mask);
873 error = ovs_nla_get_match(&match,
874 a[OVS_FLOW_ATTR_KEY], a[OVS_FLOW_ATTR_MASK]);
875 if (error)
876 goto err_kfree_flow;
877
878 ovs_flow_mask_key(&new_flow->key, &new_flow->unmasked_key, &mask);
879
880 /* Validate actions. */
881 error = ovs_nla_copy_actions(a[OVS_FLOW_ATTR_ACTIONS], &new_flow->key,
882 &acts);
883 if (error) {
884 OVS_NLERR("Flow actions may not be safe on all matching packets.\n");
885 goto err_kfree_acts;
886 }
887
888 reply = ovs_flow_cmd_alloc_info(acts, info, false);
889 if (IS_ERR(reply)) {
890 error = PTR_ERR(reply);
891 goto err_kfree_acts;
892 }
893
894 ovs_lock();
895 dp = get_dp(sock_net(skb->sk), ovs_header->dp_ifindex);
896 if (unlikely(!dp)) {
897 error = -ENODEV;
898 goto err_unlock_ovs;
899 }
900 /* Check if this is a duplicate flow */
901 flow = ovs_flow_tbl_lookup(&dp->table, &new_flow->unmasked_key);
902 if (likely(!flow)) {
903 rcu_assign_pointer(new_flow->sf_acts, acts);
904
905 /* Put flow in bucket. */
906 error = ovs_flow_tbl_insert(&dp->table, new_flow, &mask);
907 if (unlikely(error)) {
908 acts = NULL;
909 goto err_unlock_ovs;
910 }
911
912 if (unlikely(reply)) {
913 error = ovs_flow_cmd_fill_info(dp, new_flow,
914 ovs_header->dp_ifindex,
915 reply, info->snd_portid,
916 info->snd_seq, 0,
917 OVS_FLOW_CMD_NEW);
918 BUG_ON(error < 0);
919 }
920 ovs_unlock();
921 } else {
922 struct sw_flow_actions *old_acts;
923
924 /* Bail out if we're not allowed to modify an existing flow.
925 * We accept NLM_F_CREATE in place of the intended NLM_F_EXCL
926 * because Generic Netlink treats the latter as a dump
927 * request. We also accept NLM_F_EXCL in case that bug ever
928 * gets fixed.
929 */
930 if (unlikely(info->nlhdr->nlmsg_flags & (NLM_F_CREATE
931 | NLM_F_EXCL))) {
932 error = -EEXIST;
933 goto err_unlock_ovs;
934 }
935 /* The unmasked key has to be the same for flow updates. */
936 if (unlikely(!ovs_flow_cmp_unmasked_key(flow, &match))) {
937 /* Look for any overlapping flow. */
938 flow = ovs_flow_tbl_lookup_exact(&dp->table, &match);
939 if (!flow) {
940 error = -ENOENT;
941 goto err_unlock_ovs;
942 }
943 }
944 /* Update actions. */
945 old_acts = ovsl_dereference(flow->sf_acts);
946 rcu_assign_pointer(flow->sf_acts, acts);
947
948 if (unlikely(reply)) {
949 error = ovs_flow_cmd_fill_info(dp, flow,
950 ovs_header->dp_ifindex,
951 reply, info->snd_portid,
952 info->snd_seq, 0,
953 OVS_FLOW_CMD_NEW);
954 BUG_ON(error < 0);
955 }
956 ovs_unlock();
957
958 ovs_nla_free_flow_actions(old_acts);
959 ovs_flow_free(new_flow, false);
960 }
961
962 if (reply)
963 ovs_notify(&dp_flow_genl_family, &ovs_dp_flow_multicast_group, reply, info);
964 return 0;
965
966 err_unlock_ovs:
967 ovs_unlock();
968 kfree_skb(reply);
969 err_kfree_acts:
970 kfree(acts);
971 err_kfree_flow:
972 ovs_flow_free(new_flow, false);
973 error:
974 return error;
975 }
976
977 /* Factor out action copy to avoid "Wframe-larger-than=1024" warning. */
978 static struct sw_flow_actions *get_flow_actions(const struct nlattr *a,
979 const struct sw_flow_key *key,
980 const struct sw_flow_mask *mask)
981 {
982 struct sw_flow_actions *acts;
983 struct sw_flow_key masked_key;
984 int error;
985
986 ovs_flow_mask_key(&masked_key, key, mask);
987 error = ovs_nla_copy_actions(a, &masked_key, &acts);
988 if (error) {
989 OVS_NLERR("Actions may not be safe on all matching packets.\n");
990 return ERR_PTR(error);
991 }
992
993 return acts;
994 }
995
996 static int ovs_flow_cmd_set(struct sk_buff *skb, struct genl_info *info)
997 {
998 struct nlattr **a = info->attrs;
999 struct ovs_header *ovs_header = info->userhdr;
1000 struct sw_flow_key key;
1001 struct sw_flow *flow;
1002 struct sw_flow_mask mask;
1003 struct sk_buff *reply = NULL;
1004 struct datapath *dp;
1005 struct sw_flow_actions *old_acts = NULL, *acts = NULL;
1006 struct sw_flow_match match;
1007 int error;
1008
1009 /* Extract key. */
1010 error = -EINVAL;
1011 if (!a[OVS_FLOW_ATTR_KEY]) {
1012 OVS_NLERR("Flow key attribute not present in set flow.\n");
1013 goto error;
1014 }
1015
1016 ovs_match_init(&match, &key, &mask);
1017 error = ovs_nla_get_match(&match,
1018 a[OVS_FLOW_ATTR_KEY], a[OVS_FLOW_ATTR_MASK]);
1019 if (error)
1020 goto error;
1021
1022 /* Validate actions. */
1023 if (a[OVS_FLOW_ATTR_ACTIONS]) {
1024 acts = get_flow_actions(a[OVS_FLOW_ATTR_ACTIONS], &key, &mask);
1025 if (IS_ERR(acts)) {
1026 error = PTR_ERR(acts);
1027 goto error;
1028 }
1029
1030 /* Can allocate before locking if have acts. */
1031 reply = ovs_flow_cmd_alloc_info(acts, info, false);
1032 if (IS_ERR(reply)) {
1033 error = PTR_ERR(reply);
1034 goto err_kfree_acts;
1035 }
1036 }
1037
1038 ovs_lock();
1039 dp = get_dp(sock_net(skb->sk), ovs_header->dp_ifindex);
1040 if (unlikely(!dp)) {
1041 error = -ENODEV;
1042 goto err_unlock_ovs;
1043 }
1044 /* Check that the flow exists. */
1045 flow = ovs_flow_tbl_lookup_exact(&dp->table, &match);
1046 if (unlikely(!flow)) {
1047 error = -ENOENT;
1048 goto err_unlock_ovs;
1049 }
1050
1051 /* Update actions, if present. */
1052 if (likely(acts)) {
1053 old_acts = ovsl_dereference(flow->sf_acts);
1054 rcu_assign_pointer(flow->sf_acts, acts);
1055
1056 if (unlikely(reply)) {
1057 error = ovs_flow_cmd_fill_info(dp, flow,
1058 ovs_header->dp_ifindex,
1059 reply, info->snd_portid,
1060 info->snd_seq, 0,
1061 OVS_FLOW_CMD_NEW);
1062 BUG_ON(error < 0);
1063 }
1064 } else {
1065 /* Could not alloc without acts before locking. */
1066 reply = ovs_flow_cmd_build_info(dp, flow,
1067 ovs_header->dp_ifindex,
1068 info, OVS_FLOW_CMD_NEW, false);
1069 if (unlikely(IS_ERR(reply))) {
1070 error = PTR_ERR(reply);
1071 goto err_unlock_ovs;
1072 }
1073 }
1074
1075 /* Clear stats. */
1076 if (a[OVS_FLOW_ATTR_CLEAR])
1077 ovs_flow_stats_clear(flow);
1078 ovs_unlock();
1079
1080 if (reply)
1081 ovs_notify(&dp_flow_genl_family, &ovs_dp_flow_multicast_group, reply, info);
1082 if (old_acts)
1083 ovs_nla_free_flow_actions(old_acts);
1084 return 0;
1085
1086 err_unlock_ovs:
1087 ovs_unlock();
1088 kfree_skb(reply);
1089 err_kfree_acts:
1090 kfree(acts);
1091 error:
1092 return error;
1093 }
1094
1095 static int ovs_flow_cmd_get(struct sk_buff *skb, struct genl_info *info)
1096 {
1097 struct nlattr **a = info->attrs;
1098 struct ovs_header *ovs_header = info->userhdr;
1099 struct sw_flow_key key;
1100 struct sk_buff *reply;
1101 struct sw_flow *flow;
1102 struct datapath *dp;
1103 struct sw_flow_match match;
1104 int err;
1105
1106 if (!a[OVS_FLOW_ATTR_KEY]) {
1107 OVS_NLERR("Flow get message rejected, Key attribute missing.\n");
1108 return -EINVAL;
1109 }
1110
1111 ovs_match_init(&match, &key, NULL);
1112 err = ovs_nla_get_match(&match, a[OVS_FLOW_ATTR_KEY], NULL);
1113 if (err)
1114 return err;
1115
1116 ovs_lock();
1117 dp = get_dp(sock_net(skb->sk), ovs_header->dp_ifindex);
1118 if (!dp) {
1119 err = -ENODEV;
1120 goto unlock;
1121 }
1122
1123 flow = ovs_flow_tbl_lookup_exact(&dp->table, &match);
1124 if (!flow) {
1125 err = -ENOENT;
1126 goto unlock;
1127 }
1128
1129 reply = ovs_flow_cmd_build_info(dp, flow, ovs_header->dp_ifindex, info,
1130 OVS_FLOW_CMD_NEW, true);
1131 if (IS_ERR(reply)) {
1132 err = PTR_ERR(reply);
1133 goto unlock;
1134 }
1135
1136 ovs_unlock();
1137 return genlmsg_reply(reply, info);
1138 unlock:
1139 ovs_unlock();
1140 return err;
1141 }
1142
1143 static int ovs_flow_cmd_del(struct sk_buff *skb, struct genl_info *info)
1144 {
1145 struct nlattr **a = info->attrs;
1146 struct ovs_header *ovs_header = info->userhdr;
1147 struct sw_flow_key key;
1148 struct sk_buff *reply;
1149 struct sw_flow *flow;
1150 struct datapath *dp;
1151 struct sw_flow_match match;
1152 int err;
1153
1154 if (likely(a[OVS_FLOW_ATTR_KEY])) {
1155 ovs_match_init(&match, &key, NULL);
1156 err = ovs_nla_get_match(&match, a[OVS_FLOW_ATTR_KEY], NULL);
1157 if (unlikely(err))
1158 return err;
1159 }
1160
1161 ovs_lock();
1162 dp = get_dp(sock_net(skb->sk), ovs_header->dp_ifindex);
1163 if (unlikely(!dp)) {
1164 err = -ENODEV;
1165 goto unlock;
1166 }
1167 if (unlikely(!a[OVS_FLOW_ATTR_KEY])) {
1168 err = ovs_flow_tbl_flush(&dp->table);
1169 goto unlock;
1170 }
1171 flow = ovs_flow_tbl_lookup_exact(&dp->table, &match);
1172 if (unlikely(!flow)) {
1173 err = -ENOENT;
1174 goto unlock;
1175 }
1176
1177 ovs_flow_tbl_remove(&dp->table, flow);
1178 ovs_unlock();
1179
1180 reply = ovs_flow_cmd_alloc_info((const struct sw_flow_actions __force *)flow->sf_acts,
1181 info, false);
1182
1183 if (likely(reply)) {
1184 if (likely(!IS_ERR(reply))) {
1185 rcu_read_lock(); /* Keep RCU checker happy. */
1186 err = ovs_flow_cmd_fill_info(dp, flow,
1187 ovs_header->dp_ifindex,
1188 reply, info->snd_portid,
1189 info->snd_seq, 0,
1190 OVS_FLOW_CMD_DEL);
1191 rcu_read_unlock();
1192 BUG_ON(err < 0);
1193 ovs_notify(&dp_flow_genl_family, &ovs_dp_flow_multicast_group, reply, info);
1194 } else {
1195 genl_set_err(&dp_flow_genl_family, sock_net(skb->sk), 0,
1196 GROUP_ID(&ovs_dp_flow_multicast_group), PTR_ERR(reply));
1197
1198 }
1199 }
1200
1201 ovs_flow_free(flow, true);
1202 return 0;
1203 unlock:
1204 ovs_unlock();
1205 return err;
1206 }
1207
1208 static int ovs_flow_cmd_dump(struct sk_buff *skb, struct netlink_callback *cb)
1209 {
1210 struct ovs_header *ovs_header = genlmsg_data(nlmsg_data(cb->nlh));
1211 struct table_instance *ti;
1212 struct datapath *dp;
1213
1214 rcu_read_lock();
1215 dp = get_dp_rcu(sock_net(skb->sk), ovs_header->dp_ifindex);
1216 if (!dp) {
1217 rcu_read_unlock();
1218 return -ENODEV;
1219 }
1220
1221 ti = rcu_dereference(dp->table.ti);
1222 for (;;) {
1223 struct sw_flow *flow;
1224 u32 bucket, obj;
1225
1226 bucket = cb->args[0];
1227 obj = cb->args[1];
1228 flow = ovs_flow_tbl_dump_next(ti, &bucket, &obj);
1229 if (!flow)
1230 break;
1231
1232 if (ovs_flow_cmd_fill_info(dp, flow, ovs_header->dp_ifindex, skb,
1233 NETLINK_CB(cb->skb).portid,
1234 cb->nlh->nlmsg_seq, NLM_F_MULTI,
1235 OVS_FLOW_CMD_NEW) < 0)
1236 break;
1237
1238 cb->args[0] = bucket;
1239 cb->args[1] = obj;
1240 }
1241 rcu_read_unlock();
1242 return skb->len;
1243 }
1244
1245 static const struct nla_policy flow_policy[OVS_FLOW_ATTR_MAX + 1] = {
1246 [OVS_FLOW_ATTR_KEY] = { .type = NLA_NESTED },
1247 [OVS_FLOW_ATTR_ACTIONS] = { .type = NLA_NESTED },
1248 [OVS_FLOW_ATTR_CLEAR] = { .type = NLA_FLAG },
1249 };
1250
1251 static struct genl_ops dp_flow_genl_ops[] = {
1252 { .cmd = OVS_FLOW_CMD_NEW,
1253 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1254 .policy = flow_policy,
1255 .doit = ovs_flow_cmd_new
1256 },
1257 { .cmd = OVS_FLOW_CMD_DEL,
1258 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1259 .policy = flow_policy,
1260 .doit = ovs_flow_cmd_del
1261 },
1262 { .cmd = OVS_FLOW_CMD_GET,
1263 .flags = 0, /* OK for unprivileged users. */
1264 .policy = flow_policy,
1265 .doit = ovs_flow_cmd_get,
1266 .dumpit = ovs_flow_cmd_dump
1267 },
1268 { .cmd = OVS_FLOW_CMD_SET,
1269 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1270 .policy = flow_policy,
1271 .doit = ovs_flow_cmd_set,
1272 },
1273 };
1274
1275 static struct genl_family dp_flow_genl_family = {
1276 .id = GENL_ID_GENERATE,
1277 .hdrsize = sizeof(struct ovs_header),
1278 .name = OVS_FLOW_FAMILY,
1279 .version = OVS_FLOW_VERSION,
1280 .maxattr = OVS_FLOW_ATTR_MAX,
1281 .netnsok = true,
1282 .parallel_ops = true,
1283 .ops = dp_flow_genl_ops,
1284 .n_ops = ARRAY_SIZE(dp_flow_genl_ops),
1285 .mcgrps = &ovs_dp_flow_multicast_group,
1286 .n_mcgrps = 1,
1287 };
1288
1289 static size_t ovs_dp_cmd_msg_size(void)
1290 {
1291 size_t msgsize = NLMSG_ALIGN(sizeof(struct ovs_header));
1292
1293 msgsize += nla_total_size(IFNAMSIZ);
1294 msgsize += nla_total_size(sizeof(struct ovs_dp_stats));
1295 msgsize += nla_total_size(sizeof(struct ovs_dp_megaflow_stats));
1296 msgsize += nla_total_size(sizeof(u32)); /* OVS_DP_ATTR_USER_FEATURES */
1297
1298 return msgsize;
1299 }
1300
1301 /* Called with ovs_mutex or RCU read lock. */
1302 static int ovs_dp_cmd_fill_info(struct datapath *dp, struct sk_buff *skb,
1303 u32 portid, u32 seq, u32 flags, u8 cmd)
1304 {
1305 struct ovs_header *ovs_header;
1306 struct ovs_dp_stats dp_stats;
1307 struct ovs_dp_megaflow_stats dp_megaflow_stats;
1308 int err;
1309
1310 ovs_header = genlmsg_put(skb, portid, seq, &dp_datapath_genl_family,
1311 flags, cmd);
1312 if (!ovs_header)
1313 goto error;
1314
1315 ovs_header->dp_ifindex = get_dpifindex(dp);
1316
1317 err = nla_put_string(skb, OVS_DP_ATTR_NAME, ovs_dp_name(dp));
1318 if (err)
1319 goto nla_put_failure;
1320
1321 get_dp_stats(dp, &dp_stats, &dp_megaflow_stats);
1322 if (nla_put(skb, OVS_DP_ATTR_STATS, sizeof(struct ovs_dp_stats),
1323 &dp_stats))
1324 goto nla_put_failure;
1325
1326 if (nla_put(skb, OVS_DP_ATTR_MEGAFLOW_STATS,
1327 sizeof(struct ovs_dp_megaflow_stats),
1328 &dp_megaflow_stats))
1329 goto nla_put_failure;
1330
1331 if (nla_put_u32(skb, OVS_DP_ATTR_USER_FEATURES, dp->user_features))
1332 goto nla_put_failure;
1333
1334 return genlmsg_end(skb, ovs_header);
1335
1336 nla_put_failure:
1337 genlmsg_cancel(skb, ovs_header);
1338 error:
1339 return -EMSGSIZE;
1340 }
1341
1342 static struct sk_buff *ovs_dp_cmd_alloc_info(struct genl_info *info)
1343 {
1344 return genlmsg_new_unicast(ovs_dp_cmd_msg_size(), info, GFP_KERNEL);
1345 }
1346
1347 /* Called with rcu_read_lock or ovs_mutex. */
1348 static struct datapath *lookup_datapath(struct net *net,
1349 struct ovs_header *ovs_header,
1350 struct nlattr *a[OVS_DP_ATTR_MAX + 1])
1351 {
1352 struct datapath *dp;
1353
1354 if (!a[OVS_DP_ATTR_NAME])
1355 dp = get_dp(net, ovs_header->dp_ifindex);
1356 else {
1357 struct vport *vport;
1358
1359 vport = ovs_vport_locate(net, nla_data(a[OVS_DP_ATTR_NAME]));
1360 dp = vport && vport->port_no == OVSP_LOCAL ? vport->dp : NULL;
1361 }
1362 return dp ? dp : ERR_PTR(-ENODEV);
1363 }
1364
1365 static void ovs_dp_reset_user_features(struct sk_buff *skb, struct genl_info *info)
1366 {
1367 struct datapath *dp;
1368
1369 dp = lookup_datapath(sock_net(skb->sk), info->userhdr, info->attrs);
1370 if (IS_ERR(dp))
1371 return;
1372
1373 WARN(dp->user_features, "Dropping previously announced user features\n");
1374 dp->user_features = 0;
1375 }
1376
1377 static void ovs_dp_change(struct datapath *dp, struct nlattr **a)
1378 {
1379 if (a[OVS_DP_ATTR_USER_FEATURES])
1380 dp->user_features = nla_get_u32(a[OVS_DP_ATTR_USER_FEATURES]);
1381 }
1382
1383 static int ovs_dp_cmd_new(struct sk_buff *skb, struct genl_info *info)
1384 {
1385 struct nlattr **a = info->attrs;
1386 struct vport_parms parms;
1387 struct sk_buff *reply;
1388 struct datapath *dp;
1389 struct vport *vport;
1390 struct ovs_net *ovs_net;
1391 int err, i;
1392
1393 err = -EINVAL;
1394 if (!a[OVS_DP_ATTR_NAME] || !a[OVS_DP_ATTR_UPCALL_PID])
1395 goto err;
1396
1397 reply = ovs_dp_cmd_alloc_info(info);
1398 if (!reply)
1399 return -ENOMEM;
1400
1401 err = -ENOMEM;
1402 dp = kzalloc(sizeof(*dp), GFP_KERNEL);
1403 if (dp == NULL)
1404 goto err_free_reply;
1405
1406 ovs_dp_set_net(dp, hold_net(sock_net(skb->sk)));
1407
1408 /* Allocate table. */
1409 err = ovs_flow_tbl_init(&dp->table);
1410 if (err)
1411 goto err_free_dp;
1412
1413 dp->stats_percpu = alloc_percpu(struct dp_stats_percpu);
1414 if (!dp->stats_percpu) {
1415 err = -ENOMEM;
1416 goto err_destroy_table;
1417 }
1418
1419 for_each_possible_cpu(i) {
1420 struct dp_stats_percpu *dpath_stats;
1421 dpath_stats = per_cpu_ptr(dp->stats_percpu, i);
1422 u64_stats_init(&dpath_stats->sync);
1423 }
1424
1425 dp->ports = kmalloc(DP_VPORT_HASH_BUCKETS * sizeof(struct hlist_head),
1426 GFP_KERNEL);
1427 if (!dp->ports) {
1428 err = -ENOMEM;
1429 goto err_destroy_percpu;
1430 }
1431
1432 for (i = 0; i < DP_VPORT_HASH_BUCKETS; i++)
1433 INIT_HLIST_HEAD(&dp->ports[i]);
1434
1435 /* Set up our datapath device. */
1436 parms.name = nla_data(a[OVS_DP_ATTR_NAME]);
1437 parms.type = OVS_VPORT_TYPE_INTERNAL;
1438 parms.options = NULL;
1439 parms.dp = dp;
1440 parms.port_no = OVSP_LOCAL;
1441 parms.upcall_portids = a[OVS_DP_ATTR_UPCALL_PID];
1442
1443 ovs_dp_change(dp, a);
1444
1445 /* So far only local changes have been made, now need the lock. */
1446 ovs_lock();
1447
1448 vport = new_vport(&parms);
1449 if (IS_ERR(vport)) {
1450 err = PTR_ERR(vport);
1451 if (err == -EBUSY)
1452 err = -EEXIST;
1453
1454 if (err == -EEXIST) {
1455 /* An outdated user space instance that does not understand
1456 * the concept of user_features has attempted to create a new
1457 * datapath and is likely to reuse it. Drop all user features.
1458 */
1459 if (info->genlhdr->version < OVS_DP_VER_FEATURES)
1460 ovs_dp_reset_user_features(skb, info);
1461 }
1462
1463 goto err_destroy_ports_array;
1464 }
1465
1466 err = ovs_dp_cmd_fill_info(dp, reply, info->snd_portid,
1467 info->snd_seq, 0, OVS_DP_CMD_NEW);
1468 BUG_ON(err < 0);
1469
1470 ovs_net = net_generic(ovs_dp_get_net(dp), ovs_net_id);
1471 list_add_tail_rcu(&dp->list_node, &ovs_net->dps);
1472
1473 ovs_unlock();
1474
1475 ovs_notify(&dp_datapath_genl_family, &ovs_dp_datapath_multicast_group, reply, info);
1476 return 0;
1477
1478 err_destroy_ports_array:
1479 ovs_unlock();
1480 kfree(dp->ports);
1481 err_destroy_percpu:
1482 free_percpu(dp->stats_percpu);
1483 err_destroy_table:
1484 ovs_flow_tbl_destroy(&dp->table);
1485 err_free_dp:
1486 release_net(ovs_dp_get_net(dp));
1487 kfree(dp);
1488 err_free_reply:
1489 kfree_skb(reply);
1490 err:
1491 return err;
1492 }
1493
1494 /* Called with ovs_mutex. */
1495 static void __dp_destroy(struct datapath *dp)
1496 {
1497 int i;
1498
1499 for (i = 0; i < DP_VPORT_HASH_BUCKETS; i++) {
1500 struct vport *vport;
1501 struct hlist_node *n;
1502
1503 hlist_for_each_entry_safe(vport, n, &dp->ports[i], dp_hash_node)
1504 if (vport->port_no != OVSP_LOCAL)
1505 ovs_dp_detach_port(vport);
1506 }
1507
1508 list_del_rcu(&dp->list_node);
1509
1510 /* OVSP_LOCAL is datapath internal port. We need to make sure that
1511 * all ports in datapath are destroyed first before freeing datapath.
1512 */
1513 ovs_dp_detach_port(ovs_vport_ovsl(dp, OVSP_LOCAL));
1514
1515 /* RCU destroy the flow table */
1516 call_rcu(&dp->rcu, destroy_dp_rcu);
1517 }
1518
1519 static int ovs_dp_cmd_del(struct sk_buff *skb, struct genl_info *info)
1520 {
1521 struct sk_buff *reply;
1522 struct datapath *dp;
1523 int err;
1524
1525 reply = ovs_dp_cmd_alloc_info(info);
1526 if (!reply)
1527 return -ENOMEM;
1528
1529 ovs_lock();
1530 dp = lookup_datapath(sock_net(skb->sk), info->userhdr, info->attrs);
1531 err = PTR_ERR(dp);
1532 if (IS_ERR(dp))
1533 goto err_unlock_free;
1534
1535 err = ovs_dp_cmd_fill_info(dp, reply, info->snd_portid,
1536 info->snd_seq, 0, OVS_DP_CMD_DEL);
1537 BUG_ON(err < 0);
1538
1539 __dp_destroy(dp);
1540
1541 ovs_unlock();
1542 ovs_notify(&dp_datapath_genl_family, &ovs_dp_datapath_multicast_group, reply, info);
1543 return 0;
1544
1545 err_unlock_free:
1546 ovs_unlock();
1547 kfree_skb(reply);
1548 return err;
1549 }
1550
1551 static int ovs_dp_cmd_set(struct sk_buff *skb, struct genl_info *info)
1552 {
1553 struct sk_buff *reply;
1554 struct datapath *dp;
1555 int err;
1556
1557 reply = ovs_dp_cmd_alloc_info(info);
1558 if (!reply)
1559 return -ENOMEM;
1560
1561 ovs_lock();
1562 dp = lookup_datapath(sock_net(skb->sk), info->userhdr, info->attrs);
1563 err = PTR_ERR(dp);
1564 if (IS_ERR(dp))
1565 goto err_unlock_free;
1566
1567 ovs_dp_change(dp, info->attrs);
1568
1569 err = ovs_dp_cmd_fill_info(dp, reply, info->snd_portid,
1570 info->snd_seq, 0, OVS_DP_CMD_NEW);
1571 BUG_ON(err < 0);
1572
1573 ovs_unlock();
1574 ovs_notify(&dp_datapath_genl_family, &ovs_dp_datapath_multicast_group, reply, info);
1575 return 0;
1576
1577 err_unlock_free:
1578 ovs_unlock();
1579 kfree_skb(reply);
1580 return err;
1581 }
1582
1583 static int ovs_dp_cmd_get(struct sk_buff *skb, struct genl_info *info)
1584 {
1585 struct sk_buff *reply;
1586 struct datapath *dp;
1587 int err;
1588
1589 reply = ovs_dp_cmd_alloc_info(info);
1590 if (!reply)
1591 return -ENOMEM;
1592
1593 rcu_read_lock();
1594 dp = lookup_datapath(sock_net(skb->sk), info->userhdr, info->attrs);
1595 if (IS_ERR(dp)) {
1596 err = PTR_ERR(dp);
1597 goto err_unlock_free;
1598 }
1599 err = ovs_dp_cmd_fill_info(dp, reply, info->snd_portid,
1600 info->snd_seq, 0, OVS_DP_CMD_NEW);
1601 BUG_ON(err < 0);
1602 rcu_read_unlock();
1603
1604 return genlmsg_reply(reply, info);
1605
1606 err_unlock_free:
1607 rcu_read_unlock();
1608 kfree_skb(reply);
1609 return err;
1610 }
1611
1612 static int ovs_dp_cmd_dump(struct sk_buff *skb, struct netlink_callback *cb)
1613 {
1614 struct ovs_net *ovs_net = net_generic(sock_net(skb->sk), ovs_net_id);
1615 struct datapath *dp;
1616 int skip = cb->args[0];
1617 int i = 0;
1618
1619 rcu_read_lock();
1620 list_for_each_entry_rcu(dp, &ovs_net->dps, list_node) {
1621 if (i >= skip &&
1622 ovs_dp_cmd_fill_info(dp, skb, NETLINK_CB(cb->skb).portid,
1623 cb->nlh->nlmsg_seq, NLM_F_MULTI,
1624 OVS_DP_CMD_NEW) < 0)
1625 break;
1626 i++;
1627 }
1628 rcu_read_unlock();
1629
1630 cb->args[0] = i;
1631
1632 return skb->len;
1633 }
1634
1635 static const struct nla_policy datapath_policy[OVS_DP_ATTR_MAX + 1] = {
1636 [OVS_DP_ATTR_NAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ - 1 },
1637 [OVS_DP_ATTR_UPCALL_PID] = { .type = NLA_U32 },
1638 [OVS_DP_ATTR_USER_FEATURES] = { .type = NLA_U32 },
1639 };
1640
1641 static struct genl_ops dp_datapath_genl_ops[] = {
1642 { .cmd = OVS_DP_CMD_NEW,
1643 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1644 .policy = datapath_policy,
1645 .doit = ovs_dp_cmd_new
1646 },
1647 { .cmd = OVS_DP_CMD_DEL,
1648 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1649 .policy = datapath_policy,
1650 .doit = ovs_dp_cmd_del
1651 },
1652 { .cmd = OVS_DP_CMD_GET,
1653 .flags = 0, /* OK for unprivileged users. */
1654 .policy = datapath_policy,
1655 .doit = ovs_dp_cmd_get,
1656 .dumpit = ovs_dp_cmd_dump
1657 },
1658 { .cmd = OVS_DP_CMD_SET,
1659 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1660 .policy = datapath_policy,
1661 .doit = ovs_dp_cmd_set,
1662 },
1663 };
1664
1665 static struct genl_family dp_datapath_genl_family = {
1666 .id = GENL_ID_GENERATE,
1667 .hdrsize = sizeof(struct ovs_header),
1668 .name = OVS_DATAPATH_FAMILY,
1669 .version = OVS_DATAPATH_VERSION,
1670 .maxattr = OVS_DP_ATTR_MAX,
1671 .netnsok = true,
1672 .parallel_ops = true,
1673 .ops = dp_datapath_genl_ops,
1674 .n_ops = ARRAY_SIZE(dp_datapath_genl_ops),
1675 .mcgrps = &ovs_dp_datapath_multicast_group,
1676 .n_mcgrps = 1,
1677 };
1678
1679 /* Called with ovs_mutex or RCU read lock. */
1680 static int ovs_vport_cmd_fill_info(struct vport *vport, struct sk_buff *skb,
1681 u32 portid, u32 seq, u32 flags, u8 cmd)
1682 {
1683 struct ovs_header *ovs_header;
1684 struct ovs_vport_stats vport_stats;
1685 int err;
1686
1687 ovs_header = genlmsg_put(skb, portid, seq, &dp_vport_genl_family,
1688 flags, cmd);
1689 if (!ovs_header)
1690 return -EMSGSIZE;
1691
1692 ovs_header->dp_ifindex = get_dpifindex(vport->dp);
1693
1694 if (nla_put_u32(skb, OVS_VPORT_ATTR_PORT_NO, vport->port_no) ||
1695 nla_put_u32(skb, OVS_VPORT_ATTR_TYPE, vport->ops->type) ||
1696 nla_put_string(skb, OVS_VPORT_ATTR_NAME, vport->ops->get_name(vport)))
1697 goto nla_put_failure;
1698
1699 ovs_vport_get_stats(vport, &vport_stats);
1700 if (nla_put(skb, OVS_VPORT_ATTR_STATS, sizeof(struct ovs_vport_stats),
1701 &vport_stats))
1702 goto nla_put_failure;
1703
1704 if (ovs_vport_get_upcall_portids(vport, skb))
1705 goto nla_put_failure;
1706
1707 err = ovs_vport_get_options(vport, skb);
1708 if (err == -EMSGSIZE)
1709 goto error;
1710
1711 return genlmsg_end(skb, ovs_header);
1712
1713 nla_put_failure:
1714 err = -EMSGSIZE;
1715 error:
1716 genlmsg_cancel(skb, ovs_header);
1717 return err;
1718 }
1719
1720 static struct sk_buff *ovs_vport_cmd_alloc_info(void)
1721 {
1722 return nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
1723 }
1724
1725 /* Called with ovs_mutex, only via ovs_dp_notify_wq(). */
1726 struct sk_buff *ovs_vport_cmd_build_info(struct vport *vport, u32 portid,
1727 u32 seq, u8 cmd)
1728 {
1729 struct sk_buff *skb;
1730 int retval;
1731
1732 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
1733 if (!skb)
1734 return ERR_PTR(-ENOMEM);
1735
1736 retval = ovs_vport_cmd_fill_info(vport, skb, portid, seq, 0, cmd);
1737 BUG_ON(retval < 0);
1738
1739 return skb;
1740 }
1741
1742 /* Called with ovs_mutex or RCU read lock. */
1743 static struct vport *lookup_vport(struct net *net,
1744 struct ovs_header *ovs_header,
1745 struct nlattr *a[OVS_VPORT_ATTR_MAX + 1])
1746 {
1747 struct datapath *dp;
1748 struct vport *vport;
1749
1750 if (a[OVS_VPORT_ATTR_NAME]) {
1751 vport = ovs_vport_locate(net, nla_data(a[OVS_VPORT_ATTR_NAME]));
1752 if (!vport)
1753 return ERR_PTR(-ENODEV);
1754 if (ovs_header->dp_ifindex &&
1755 ovs_header->dp_ifindex != get_dpifindex(vport->dp))
1756 return ERR_PTR(-ENODEV);
1757 return vport;
1758 } else if (a[OVS_VPORT_ATTR_PORT_NO]) {
1759 u32 port_no = nla_get_u32(a[OVS_VPORT_ATTR_PORT_NO]);
1760
1761 if (port_no >= DP_MAX_PORTS)
1762 return ERR_PTR(-EFBIG);
1763
1764 dp = get_dp(net, ovs_header->dp_ifindex);
1765 if (!dp)
1766 return ERR_PTR(-ENODEV);
1767
1768 vport = ovs_vport_ovsl_rcu(dp, port_no);
1769 if (!vport)
1770 return ERR_PTR(-ENODEV);
1771 return vport;
1772 } else
1773 return ERR_PTR(-EINVAL);
1774 }
1775
1776 static int ovs_vport_cmd_new(struct sk_buff *skb, struct genl_info *info)
1777 {
1778 struct nlattr **a = info->attrs;
1779 struct ovs_header *ovs_header = info->userhdr;
1780 struct vport_parms parms;
1781 struct sk_buff *reply;
1782 struct vport *vport;
1783 struct datapath *dp;
1784 u32 port_no;
1785 int err;
1786
1787 if (!a[OVS_VPORT_ATTR_NAME] || !a[OVS_VPORT_ATTR_TYPE] ||
1788 !a[OVS_VPORT_ATTR_UPCALL_PID])
1789 return -EINVAL;
1790
1791 port_no = a[OVS_VPORT_ATTR_PORT_NO]
1792 ? nla_get_u32(a[OVS_VPORT_ATTR_PORT_NO]) : 0;
1793 if (port_no >= DP_MAX_PORTS)
1794 return -EFBIG;
1795
1796 reply = ovs_vport_cmd_alloc_info();
1797 if (!reply)
1798 return -ENOMEM;
1799
1800 ovs_lock();
1801 dp = get_dp(sock_net(skb->sk), ovs_header->dp_ifindex);
1802 err = -ENODEV;
1803 if (!dp)
1804 goto exit_unlock_free;
1805
1806 if (port_no) {
1807 vport = ovs_vport_ovsl(dp, port_no);
1808 err = -EBUSY;
1809 if (vport)
1810 goto exit_unlock_free;
1811 } else {
1812 for (port_no = 1; ; port_no++) {
1813 if (port_no >= DP_MAX_PORTS) {
1814 err = -EFBIG;
1815 goto exit_unlock_free;
1816 }
1817 vport = ovs_vport_ovsl(dp, port_no);
1818 if (!vport)
1819 break;
1820 }
1821 }
1822
1823 parms.name = nla_data(a[OVS_VPORT_ATTR_NAME]);
1824 parms.type = nla_get_u32(a[OVS_VPORT_ATTR_TYPE]);
1825 parms.options = a[OVS_VPORT_ATTR_OPTIONS];
1826 parms.dp = dp;
1827 parms.port_no = port_no;
1828 parms.upcall_portids = a[OVS_VPORT_ATTR_UPCALL_PID];
1829
1830 vport = new_vport(&parms);
1831 err = PTR_ERR(vport);
1832 if (IS_ERR(vport))
1833 goto exit_unlock_free;
1834
1835 err = 0;
1836 if (a[OVS_VPORT_ATTR_STATS])
1837 ovs_vport_set_stats(vport, nla_data(a[OVS_VPORT_ATTR_STATS]));
1838
1839 err = ovs_vport_cmd_fill_info(vport, reply, info->snd_portid,
1840 info->snd_seq, 0, OVS_VPORT_CMD_NEW);
1841 BUG_ON(err < 0);
1842 ovs_unlock();
1843
1844 ovs_notify(&dp_vport_genl_family, &ovs_dp_vport_multicast_group, reply, info);
1845 return 0;
1846
1847 exit_unlock_free:
1848 ovs_unlock();
1849 kfree_skb(reply);
1850 return err;
1851 }
1852
1853 static int ovs_vport_cmd_set(struct sk_buff *skb, struct genl_info *info)
1854 {
1855 struct nlattr **a = info->attrs;
1856 struct sk_buff *reply;
1857 struct vport *vport;
1858 int err;
1859
1860 reply = ovs_vport_cmd_alloc_info();
1861 if (!reply)
1862 return -ENOMEM;
1863
1864 ovs_lock();
1865 vport = lookup_vport(sock_net(skb->sk), info->userhdr, a);
1866 err = PTR_ERR(vport);
1867 if (IS_ERR(vport))
1868 goto exit_unlock_free;
1869
1870 if (a[OVS_VPORT_ATTR_TYPE] &&
1871 nla_get_u32(a[OVS_VPORT_ATTR_TYPE]) != vport->ops->type) {
1872 err = -EINVAL;
1873 goto exit_unlock_free;
1874 }
1875
1876 if (a[OVS_VPORT_ATTR_OPTIONS]) {
1877 err = ovs_vport_set_options(vport, a[OVS_VPORT_ATTR_OPTIONS]);
1878 if (err)
1879 goto exit_unlock_free;
1880 }
1881
1882 if (a[OVS_VPORT_ATTR_STATS])
1883 ovs_vport_set_stats(vport, nla_data(a[OVS_VPORT_ATTR_STATS]));
1884
1885
1886 if (a[OVS_VPORT_ATTR_UPCALL_PID]) {
1887 err = ovs_vport_set_upcall_portids(vport,
1888 a[OVS_VPORT_ATTR_UPCALL_PID]);
1889 if (err)
1890 goto exit_unlock_free;
1891 }
1892
1893 err = ovs_vport_cmd_fill_info(vport, reply, info->snd_portid,
1894 info->snd_seq, 0, OVS_VPORT_CMD_NEW);
1895 BUG_ON(err < 0);
1896 ovs_unlock();
1897
1898 ovs_notify(&dp_vport_genl_family, &ovs_dp_vport_multicast_group, reply, info);
1899 return 0;
1900
1901 exit_unlock_free:
1902 ovs_unlock();
1903 kfree_skb(reply);
1904 return err;
1905 }
1906
1907 static int ovs_vport_cmd_del(struct sk_buff *skb, struct genl_info *info)
1908 {
1909 struct nlattr **a = info->attrs;
1910 struct sk_buff *reply;
1911 struct vport *vport;
1912 int err;
1913
1914 reply = ovs_vport_cmd_alloc_info();
1915 if (!reply)
1916 return -ENOMEM;
1917
1918 ovs_lock();
1919 vport = lookup_vport(sock_net(skb->sk), info->userhdr, a);
1920 err = PTR_ERR(vport);
1921 if (IS_ERR(vport))
1922 goto exit_unlock_free;
1923
1924 if (vport->port_no == OVSP_LOCAL) {
1925 err = -EINVAL;
1926 goto exit_unlock_free;
1927 }
1928
1929 err = ovs_vport_cmd_fill_info(vport, reply, info->snd_portid,
1930 info->snd_seq, 0, OVS_VPORT_CMD_DEL);
1931 BUG_ON(err < 0);
1932 ovs_dp_detach_port(vport);
1933 ovs_unlock();
1934
1935 ovs_notify(&dp_vport_genl_family, &ovs_dp_vport_multicast_group, reply, info);
1936 return 0;
1937
1938 exit_unlock_free:
1939 ovs_unlock();
1940 kfree_skb(reply);
1941 return err;
1942 }
1943
1944 static int ovs_vport_cmd_get(struct sk_buff *skb, struct genl_info *info)
1945 {
1946 struct nlattr **a = info->attrs;
1947 struct ovs_header *ovs_header = info->userhdr;
1948 struct sk_buff *reply;
1949 struct vport *vport;
1950 int err;
1951
1952 reply = ovs_vport_cmd_alloc_info();
1953 if (!reply)
1954 return -ENOMEM;
1955
1956 rcu_read_lock();
1957 vport = lookup_vport(sock_net(skb->sk), ovs_header, a);
1958 err = PTR_ERR(vport);
1959 if (IS_ERR(vport))
1960 goto exit_unlock_free;
1961 err = ovs_vport_cmd_fill_info(vport, reply, info->snd_portid,
1962 info->snd_seq, 0, OVS_VPORT_CMD_NEW);
1963 BUG_ON(err < 0);
1964 rcu_read_unlock();
1965
1966 return genlmsg_reply(reply, info);
1967
1968 exit_unlock_free:
1969 rcu_read_unlock();
1970 kfree_skb(reply);
1971 return err;
1972 }
1973
1974 static int ovs_vport_cmd_dump(struct sk_buff *skb, struct netlink_callback *cb)
1975 {
1976 struct ovs_header *ovs_header = genlmsg_data(nlmsg_data(cb->nlh));
1977 struct datapath *dp;
1978 int bucket = cb->args[0], skip = cb->args[1];
1979 int i, j = 0;
1980
1981 rcu_read_lock();
1982 dp = get_dp_rcu(sock_net(skb->sk), ovs_header->dp_ifindex);
1983 if (!dp) {
1984 rcu_read_unlock();
1985 return -ENODEV;
1986 }
1987 for (i = bucket; i < DP_VPORT_HASH_BUCKETS; i++) {
1988 struct vport *vport;
1989
1990 j = 0;
1991 hlist_for_each_entry_rcu(vport, &dp->ports[i], dp_hash_node) {
1992 if (j >= skip &&
1993 ovs_vport_cmd_fill_info(vport, skb,
1994 NETLINK_CB(cb->skb).portid,
1995 cb->nlh->nlmsg_seq,
1996 NLM_F_MULTI,
1997 OVS_VPORT_CMD_NEW) < 0)
1998 goto out;
1999
2000 j++;
2001 }
2002 skip = 0;
2003 }
2004 out:
2005 rcu_read_unlock();
2006
2007 cb->args[0] = i;
2008 cb->args[1] = j;
2009
2010 return skb->len;
2011 }
2012
2013 static const struct nla_policy vport_policy[OVS_VPORT_ATTR_MAX + 1] = {
2014 [OVS_VPORT_ATTR_NAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ - 1 },
2015 [OVS_VPORT_ATTR_STATS] = { .len = sizeof(struct ovs_vport_stats) },
2016 [OVS_VPORT_ATTR_PORT_NO] = { .type = NLA_U32 },
2017 [OVS_VPORT_ATTR_TYPE] = { .type = NLA_U32 },
2018 [OVS_VPORT_ATTR_UPCALL_PID] = { .type = NLA_U32 },
2019 [OVS_VPORT_ATTR_OPTIONS] = { .type = NLA_NESTED },
2020 };
2021
2022 static struct genl_ops dp_vport_genl_ops[] = {
2023 { .cmd = OVS_VPORT_CMD_NEW,
2024 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
2025 .policy = vport_policy,
2026 .doit = ovs_vport_cmd_new
2027 },
2028 { .cmd = OVS_VPORT_CMD_DEL,
2029 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
2030 .policy = vport_policy,
2031 .doit = ovs_vport_cmd_del
2032 },
2033 { .cmd = OVS_VPORT_CMD_GET,
2034 .flags = 0, /* OK for unprivileged users. */
2035 .policy = vport_policy,
2036 .doit = ovs_vport_cmd_get,
2037 .dumpit = ovs_vport_cmd_dump
2038 },
2039 { .cmd = OVS_VPORT_CMD_SET,
2040 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
2041 .policy = vport_policy,
2042 .doit = ovs_vport_cmd_set,
2043 },
2044 };
2045
2046 struct genl_family dp_vport_genl_family = {
2047 .id = GENL_ID_GENERATE,
2048 .hdrsize = sizeof(struct ovs_header),
2049 .name = OVS_VPORT_FAMILY,
2050 .version = OVS_VPORT_VERSION,
2051 .maxattr = OVS_VPORT_ATTR_MAX,
2052 .netnsok = true,
2053 .parallel_ops = true,
2054 .ops = dp_vport_genl_ops,
2055 .n_ops = ARRAY_SIZE(dp_vport_genl_ops),
2056 .mcgrps = &ovs_dp_vport_multicast_group,
2057 .n_mcgrps = 1,
2058 };
2059
2060 static struct genl_family *dp_genl_families[] = {
2061 &dp_datapath_genl_family,
2062 &dp_vport_genl_family,
2063 &dp_flow_genl_family,
2064 &dp_packet_genl_family,
2065 };
2066
2067 static void dp_unregister_genl(int n_families)
2068 {
2069 int i;
2070
2071 for (i = 0; i < n_families; i++)
2072 genl_unregister_family(dp_genl_families[i]);
2073 }
2074
2075 static int dp_register_genl(void)
2076 {
2077 int err;
2078 int i;
2079
2080 for (i = 0; i < ARRAY_SIZE(dp_genl_families); i++) {
2081
2082 err = genl_register_family(dp_genl_families[i]);
2083 if (err)
2084 goto error;
2085 }
2086
2087 return 0;
2088
2089 error:
2090 dp_unregister_genl(i);
2091 return err;
2092 }
2093
2094 static int __net_init ovs_init_net(struct net *net)
2095 {
2096 struct ovs_net *ovs_net = net_generic(net, ovs_net_id);
2097
2098 INIT_LIST_HEAD(&ovs_net->dps);
2099 INIT_WORK(&ovs_net->dp_notify_work, ovs_dp_notify_wq);
2100 return 0;
2101 }
2102
2103 static void __net_exit ovs_exit_net(struct net *net)
2104 {
2105 struct datapath *dp, *dp_next;
2106 struct ovs_net *ovs_net = net_generic(net, ovs_net_id);
2107
2108 ovs_lock();
2109 list_for_each_entry_safe(dp, dp_next, &ovs_net->dps, list_node)
2110 __dp_destroy(dp);
2111 ovs_unlock();
2112
2113 cancel_work_sync(&ovs_net->dp_notify_work);
2114 }
2115
2116 static struct pernet_operations ovs_net_ops = {
2117 .init = ovs_init_net,
2118 .exit = ovs_exit_net,
2119 .id = &ovs_net_id,
2120 .size = sizeof(struct ovs_net),
2121 };
2122
2123 DEFINE_COMPAT_PNET_REG_FUNC(device);
2124
2125 static int __init dp_init(void)
2126 {
2127 int err;
2128
2129 BUILD_BUG_ON(sizeof(struct ovs_skb_cb) > FIELD_SIZEOF(struct sk_buff, cb));
2130
2131 pr_info("Open vSwitch switching datapath %s, built "__DATE__" "__TIME__"\n",
2132 VERSION);
2133
2134 err = ovs_flow_init();
2135 if (err)
2136 goto error;
2137
2138 err = ovs_vport_init();
2139 if (err)
2140 goto error_flow_exit;
2141
2142 err = register_pernet_device(&ovs_net_ops);
2143 if (err)
2144 goto error_vport_exit;
2145
2146 err = register_netdevice_notifier(&ovs_dp_device_notifier);
2147 if (err)
2148 goto error_netns_exit;
2149
2150 err = dp_register_genl();
2151 if (err < 0)
2152 goto error_unreg_notifier;
2153
2154 return 0;
2155
2156 error_unreg_notifier:
2157 unregister_netdevice_notifier(&ovs_dp_device_notifier);
2158 error_netns_exit:
2159 unregister_pernet_device(&ovs_net_ops);
2160 error_vport_exit:
2161 ovs_vport_exit();
2162 error_flow_exit:
2163 ovs_flow_exit();
2164 error:
2165 return err;
2166 }
2167
2168 static void dp_cleanup(void)
2169 {
2170 dp_unregister_genl(ARRAY_SIZE(dp_genl_families));
2171 unregister_netdevice_notifier(&ovs_dp_device_notifier);
2172 unregister_pernet_device(&ovs_net_ops);
2173 rcu_barrier();
2174 ovs_vport_exit();
2175 ovs_flow_exit();
2176 }
2177
2178 module_init(dp_init);
2179 module_exit(dp_cleanup);
2180
2181 MODULE_DESCRIPTION("Open vSwitch switching datapath");
2182 MODULE_LICENSE("GPL");
2183 MODULE_VERSION(VERSION);
openvswitch mirror