]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blob - net/sched/cls_route.c
projects / mirror_ubuntu-bionic-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
sched, cls: check if we could overwrite actions when changing a filter
[mirror_ubuntu-bionic-kernel.git] / net / sched / cls_route.c
1 /*
2 * net/sched/cls_route.c ROUTE4 classifier.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
8 *
9 * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
10 */
11
12 #include <linux/module.h>
13 #include <linux/slab.h>
14 #include <linux/types.h>
15 #include <linux/kernel.h>
16 #include <linux/string.h>
17 #include <linux/errno.h>
18 #include <linux/skbuff.h>
19 #include <net/dst.h>
20 #include <net/route.h>
21 #include <net/netlink.h>
22 #include <net/act_api.h>
23 #include <net/pkt_cls.h>
24
25 /*
26 * 1. For now we assume that route tags < 256.
27 * It allows to use direct table lookups, instead of hash tables.
28 * 2. For now we assume that "from TAG" and "fromdev DEV" statements
29 * are mutually exclusive.
30 * 3. "to TAG from ANY" has higher priority, than "to ANY from XXX"
31 */
32
33 struct route4_fastmap {
34 struct route4_filter *filter;
35 u32 id;
36 int iif;
37 };
38
39 struct route4_head {
40 struct route4_fastmap fastmap[16];
41 struct route4_bucket *table[256 + 1];
42 };
43
44 struct route4_bucket {
45 /* 16 FROM buckets + 16 IIF buckets + 1 wildcard bucket */
46 struct route4_filter *ht[16 + 16 + 1];
47 };
48
49 struct route4_filter {
50 struct route4_filter *next;
51 u32 id;
52 int iif;
53
54 struct tcf_result res;
55 struct tcf_exts exts;
56 u32 handle;
57 struct route4_bucket *bkt;
58 };
59
60 #define ROUTE4_FAILURE ((struct route4_filter *)(-1L))
61
62 static inline int route4_fastmap_hash(u32 id, int iif)
63 {
64 return id & 0xF;
65 }
66
67 static void
68 route4_reset_fastmap(struct Qdisc *q, struct route4_head *head, u32 id)
69 {
70 spinlock_t *root_lock = qdisc_root_sleeping_lock(q);
71
72 spin_lock_bh(root_lock);
73 memset(head->fastmap, 0, sizeof(head->fastmap));
74 spin_unlock_bh(root_lock);
75 }
76
77 static void
78 route4_set_fastmap(struct route4_head *head, u32 id, int iif,
79 struct route4_filter *f)
80 {
81 int h = route4_fastmap_hash(id, iif);
82
83 head->fastmap[h].id = id;
84 head->fastmap[h].iif = iif;
85 head->fastmap[h].filter = f;
86 }
87
88 static inline int route4_hash_to(u32 id)
89 {
90 return id & 0xFF;
91 }
92
93 static inline int route4_hash_from(u32 id)
94 {
95 return (id >> 16) & 0xF;
96 }
97
98 static inline int route4_hash_iif(int iif)
99 {
100 return 16 + ((iif >> 16) & 0xF);
101 }
102
103 static inline int route4_hash_wild(void)
104 {
105 return 32;
106 }
107
108 #define ROUTE4_APPLY_RESULT() \
109 { \
110 *res = f->res; \
111 if (tcf_exts_is_available(&f->exts)) { \
112 int r = tcf_exts_exec(skb, &f->exts, res); \
113 if (r < 0) { \
114 dont_cache = 1; \
115 continue; \
116 } \
117 return r; \
118 } else if (!dont_cache) \
119 route4_set_fastmap(head, id, iif, f); \
120 return 0; \
121 }
122
123 static int route4_classify(struct sk_buff *skb, const struct tcf_proto *tp,
124 struct tcf_result *res)
125 {
126 struct route4_head *head = tp->root;
127 struct dst_entry *dst;
128 struct route4_bucket *b;
129 struct route4_filter *f;
130 u32 id, h;
131 int iif, dont_cache = 0;
132
133 dst = skb_dst(skb);
134 if (!dst)
135 goto failure;
136
137 id = dst->tclassid;
138 if (head == NULL)
139 goto old_method;
140
141 iif = inet_iif(skb);
142
143 h = route4_fastmap_hash(id, iif);
144 if (id == head->fastmap[h].id &&
145 iif == head->fastmap[h].iif &&
146 (f = head->fastmap[h].filter) != NULL) {
147 if (f == ROUTE4_FAILURE)
148 goto failure;
149
150 *res = f->res;
151 return 0;
152 }
153
154 h = route4_hash_to(id);
155
156 restart:
157 b = head->table[h];
158 if (b) {
159 for (f = b->ht[route4_hash_from(id)]; f; f = f->next)
160 if (f->id == id)
161 ROUTE4_APPLY_RESULT();
162
163 for (f = b->ht[route4_hash_iif(iif)]; f; f = f->next)
164 if (f->iif == iif)
165 ROUTE4_APPLY_RESULT();
166
167 for (f = b->ht[route4_hash_wild()]; f; f = f->next)
168 ROUTE4_APPLY_RESULT();
169
170 }
171 if (h < 256) {
172 h = 256;
173 id &= ~0xFFFF;
174 goto restart;
175 }
176
177 if (!dont_cache)
178 route4_set_fastmap(head, id, iif, ROUTE4_FAILURE);
179 failure:
180 return -1;
181
182 old_method:
183 if (id && (TC_H_MAJ(id) == 0 ||
184 !(TC_H_MAJ(id^tp->q->handle)))) {
185 res->classid = id;
186 res->class = 0;
187 return 0;
188 }
189 return -1;
190 }
191
192 static inline u32 to_hash(u32 id)
193 {
194 u32 h = id & 0xFF;
195
196 if (id & 0x8000)
197 h += 256;
198 return h;
199 }
200
201 static inline u32 from_hash(u32 id)
202 {
203 id &= 0xFFFF;
204 if (id == 0xFFFF)
205 return 32;
206 if (!(id & 0x8000)) {
207 if (id > 255)
208 return 256;
209 return id & 0xF;
210 }
211 return 16 + (id & 0xF);
212 }
213
214 static unsigned long route4_get(struct tcf_proto *tp, u32 handle)
215 {
216 struct route4_head *head = tp->root;
217 struct route4_bucket *b;
218 struct route4_filter *f;
219 unsigned int h1, h2;
220
221 if (!head)
222 return 0;
223
224 h1 = to_hash(handle);
225 if (h1 > 256)
226 return 0;
227
228 h2 = from_hash(handle >> 16);
229 if (h2 > 32)
230 return 0;
231
232 b = head->table[h1];
233 if (b) {
234 for (f = b->ht[h2]; f; f = f->next)
235 if (f->handle == handle)
236 return (unsigned long)f;
237 }
238 return 0;
239 }
240
241 static void route4_put(struct tcf_proto *tp, unsigned long f)
242 {
243 }
244
245 static int route4_init(struct tcf_proto *tp)
246 {
247 return 0;
248 }
249
250 static void
251 route4_delete_filter(struct tcf_proto *tp, struct route4_filter *f)
252 {
253 tcf_unbind_filter(tp, &f->res);
254 tcf_exts_destroy(tp, &f->exts);
255 kfree(f);
256 }
257
258 static void route4_destroy(struct tcf_proto *tp)
259 {
260 struct route4_head *head = tp->root;
261 int h1, h2;
262
263 if (head == NULL)
264 return;
265
266 for (h1 = 0; h1 <= 256; h1++) {
267 struct route4_bucket *b;
268
269 b = head->table[h1];
270 if (b) {
271 for (h2 = 0; h2 <= 32; h2++) {
272 struct route4_filter *f;
273
274 while ((f = b->ht[h2]) != NULL) {
275 b->ht[h2] = f->next;
276 route4_delete_filter(tp, f);
277 }
278 }
279 kfree(b);
280 }
281 }
282 kfree(head);
283 }
284
285 static int route4_delete(struct tcf_proto *tp, unsigned long arg)
286 {
287 struct route4_head *head = tp->root;
288 struct route4_filter **fp, *f = (struct route4_filter *)arg;
289 unsigned int h = 0;
290 struct route4_bucket *b;
291 int i;
292
293 if (!head || !f)
294 return -EINVAL;
295
296 h = f->handle;
297 b = f->bkt;
298
299 for (fp = &b->ht[from_hash(h >> 16)]; *fp; fp = &(*fp)->next) {
300 if (*fp == f) {
301 tcf_tree_lock(tp);
302 *fp = f->next;
303 tcf_tree_unlock(tp);
304
305 route4_reset_fastmap(tp->q, head, f->id);
306 route4_delete_filter(tp, f);
307
308 /* Strip tree */
309
310 for (i = 0; i <= 32; i++)
311 if (b->ht[i])
312 return 0;
313
314 /* OK, session has no flows */
315 tcf_tree_lock(tp);
316 head->table[to_hash(h)] = NULL;
317 tcf_tree_unlock(tp);
318
319 kfree(b);
320 return 0;
321 }
322 }
323 return 0;
324 }
325
326 static const struct nla_policy route4_policy[TCA_ROUTE4_MAX + 1] = {
327 [TCA_ROUTE4_CLASSID] = { .type = NLA_U32 },
328 [TCA_ROUTE4_TO] = { .type = NLA_U32 },
329 [TCA_ROUTE4_FROM] = { .type = NLA_U32 },
330 [TCA_ROUTE4_IIF] = { .type = NLA_U32 },
331 };
332
333 static int route4_set_parms(struct net *net, struct tcf_proto *tp,
334 unsigned long base, struct route4_filter *f,
335 u32 handle, struct route4_head *head,
336 struct nlattr **tb, struct nlattr *est, int new,
337 bool ovr)
338 {
339 int err;
340 u32 id = 0, to = 0, nhandle = 0x8000;
341 struct route4_filter *fp;
342 unsigned int h1;
343 struct route4_bucket *b;
344 struct tcf_exts e;
345
346 tcf_exts_init(&e, TCA_ROUTE4_ACT, TCA_ROUTE4_POLICE);
347 err = tcf_exts_validate(net, tp, tb, est, &e, ovr);
348 if (err < 0)
349 return err;
350
351 err = -EINVAL;
352 if (tb[TCA_ROUTE4_TO]) {
353 if (new && handle & 0x8000)
354 goto errout;
355 to = nla_get_u32(tb[TCA_ROUTE4_TO]);
356 if (to > 0xFF)
357 goto errout;
358 nhandle = to;
359 }
360
361 if (tb[TCA_ROUTE4_FROM]) {
362 if (tb[TCA_ROUTE4_IIF])
363 goto errout;
364 id = nla_get_u32(tb[TCA_ROUTE4_FROM]);
365 if (id > 0xFF)
366 goto errout;
367 nhandle |= id << 16;
368 } else if (tb[TCA_ROUTE4_IIF]) {
369 id = nla_get_u32(tb[TCA_ROUTE4_IIF]);
370 if (id > 0x7FFF)
371 goto errout;
372 nhandle |= (id | 0x8000) << 16;
373 } else
374 nhandle |= 0xFFFF << 16;
375
376 if (handle && new) {
377 nhandle |= handle & 0x7F00;
378 if (nhandle != handle)
379 goto errout;
380 }
381
382 h1 = to_hash(nhandle);
383 b = head->table[h1];
384 if (!b) {
385 err = -ENOBUFS;
386 b = kzalloc(sizeof(struct route4_bucket), GFP_KERNEL);
387 if (b == NULL)
388 goto errout;
389
390 tcf_tree_lock(tp);
391 head->table[h1] = b;
392 tcf_tree_unlock(tp);
393 } else {
394 unsigned int h2 = from_hash(nhandle >> 16);
395
396 err = -EEXIST;
397 for (fp = b->ht[h2]; fp; fp = fp->next)
398 if (fp->handle == f->handle)
399 goto errout;
400 }
401
402 tcf_tree_lock(tp);
403 if (tb[TCA_ROUTE4_TO])
404 f->id = to;
405
406 if (tb[TCA_ROUTE4_FROM])
407 f->id = to | id<<16;
408 else if (tb[TCA_ROUTE4_IIF])
409 f->iif = id;
410
411 f->handle = nhandle;
412 f->bkt = b;
413 tcf_tree_unlock(tp);
414
415 if (tb[TCA_ROUTE4_CLASSID]) {
416 f->res.classid = nla_get_u32(tb[TCA_ROUTE4_CLASSID]);
417 tcf_bind_filter(tp, &f->res, base);
418 }
419
420 tcf_exts_change(tp, &f->exts, &e);
421
422 return 0;
423 errout:
424 tcf_exts_destroy(tp, &e);
425 return err;
426 }
427
428 static int route4_change(struct net *net, struct sk_buff *in_skb,
429 struct tcf_proto *tp, unsigned long base,
430 u32 handle,
431 struct nlattr **tca,
432 unsigned long *arg, bool ovr)
433 {
434 struct route4_head *head = tp->root;
435 struct route4_filter *f, *f1, **fp;
436 struct route4_bucket *b;
437 struct nlattr *opt = tca[TCA_OPTIONS];
438 struct nlattr *tb[TCA_ROUTE4_MAX + 1];
439 unsigned int h, th;
440 u32 old_handle = 0;
441 int err;
442
443 if (opt == NULL)
444 return handle ? -EINVAL : 0;
445
446 err = nla_parse_nested(tb, TCA_ROUTE4_MAX, opt, route4_policy);
447 if (err < 0)
448 return err;
449
450 f = (struct route4_filter *)*arg;
451 if (f) {
452 if (f->handle != handle && handle)
453 return -EINVAL;
454
455 if (f->bkt)
456 old_handle = f->handle;
457
458 err = route4_set_parms(net, tp, base, f, handle, head, tb,
459 tca[TCA_RATE], 0, ovr);
460 if (err < 0)
461 return err;
462
463 goto reinsert;
464 }
465
466 err = -ENOBUFS;
467 if (head == NULL) {
468 head = kzalloc(sizeof(struct route4_head), GFP_KERNEL);
469 if (head == NULL)
470 goto errout;
471
472 tcf_tree_lock(tp);
473 tp->root = head;
474 tcf_tree_unlock(tp);
475 }
476
477 f = kzalloc(sizeof(struct route4_filter), GFP_KERNEL);
478 if (f == NULL)
479 goto errout;
480
481 tcf_exts_init(&f->exts, TCA_ROUTE4_ACT, TCA_ROUTE4_POLICE);
482 err = route4_set_parms(net, tp, base, f, handle, head, tb,
483 tca[TCA_RATE], 1, ovr);
484 if (err < 0)
485 goto errout;
486
487 reinsert:
488 h = from_hash(f->handle >> 16);
489 for (fp = &f->bkt->ht[h]; (f1 = *fp) != NULL; fp = &f1->next)
490 if (f->handle < f1->handle)
491 break;
492
493 f->next = f1;
494 tcf_tree_lock(tp);
495 *fp = f;
496
497 if (old_handle && f->handle != old_handle) {
498 th = to_hash(old_handle);
499 h = from_hash(old_handle >> 16);
500 b = head->table[th];
501 if (b) {
502 for (fp = &b->ht[h]; *fp; fp = &(*fp)->next) {
503 if (*fp == f) {
504 *fp = f->next;
505 break;
506 }
507 }
508 }
509 }
510 tcf_tree_unlock(tp);
511
512 route4_reset_fastmap(tp->q, head, f->id);
513 *arg = (unsigned long)f;
514 return 0;
515
516 errout:
517 kfree(f);
518 return err;
519 }
520
521 static void route4_walk(struct tcf_proto *tp, struct tcf_walker *arg)
522 {
523 struct route4_head *head = tp->root;
524 unsigned int h, h1;
525
526 if (head == NULL)
527 arg->stop = 1;
528
529 if (arg->stop)
530 return;
531
532 for (h = 0; h <= 256; h++) {
533 struct route4_bucket *b = head->table[h];
534
535 if (b) {
536 for (h1 = 0; h1 <= 32; h1++) {
537 struct route4_filter *f;
538
539 for (f = b->ht[h1]; f; f = f->next) {
540 if (arg->count < arg->skip) {
541 arg->count++;
542 continue;
543 }
544 if (arg->fn(tp, (unsigned long)f, arg) < 0) {
545 arg->stop = 1;
546 return;
547 }
548 arg->count++;
549 }
550 }
551 }
552 }
553 }
554
555 static int route4_dump(struct net *net, struct tcf_proto *tp, unsigned long fh,
556 struct sk_buff *skb, struct tcmsg *t)
557 {
558 struct route4_filter *f = (struct route4_filter *)fh;
559 unsigned char *b = skb_tail_pointer(skb);
560 struct nlattr *nest;
561 u32 id;
562
563 if (f == NULL)
564 return skb->len;
565
566 t->tcm_handle = f->handle;
567
568 nest = nla_nest_start(skb, TCA_OPTIONS);
569 if (nest == NULL)
570 goto nla_put_failure;
571
572 if (!(f->handle & 0x8000)) {
573 id = f->id & 0xFF;
574 if (nla_put_u32(skb, TCA_ROUTE4_TO, id))
575 goto nla_put_failure;
576 }
577 if (f->handle & 0x80000000) {
578 if ((f->handle >> 16) != 0xFFFF &&
579 nla_put_u32(skb, TCA_ROUTE4_IIF, f->iif))
580 goto nla_put_failure;
581 } else {
582 id = f->id >> 16;
583 if (nla_put_u32(skb, TCA_ROUTE4_FROM, id))
584 goto nla_put_failure;
585 }
586 if (f->res.classid &&
587 nla_put_u32(skb, TCA_ROUTE4_CLASSID, f->res.classid))
588 goto nla_put_failure;
589
590 if (tcf_exts_dump(skb, &f->exts) < 0)
591 goto nla_put_failure;
592
593 nla_nest_end(skb, nest);
594
595 if (tcf_exts_dump_stats(skb, &f->exts) < 0)
596 goto nla_put_failure;
597
598 return skb->len;
599
600 nla_put_failure:
601 nlmsg_trim(skb, b);
602 return -1;
603 }
604
605 static struct tcf_proto_ops cls_route4_ops __read_mostly = {
606 .kind = "route",
607 .classify = route4_classify,
608 .init = route4_init,
609 .destroy = route4_destroy,
610 .get = route4_get,
611 .put = route4_put,
612 .change = route4_change,
613 .delete = route4_delete,
614 .walk = route4_walk,
615 .dump = route4_dump,
616 .owner = THIS_MODULE,
617 };
618
619 static int __init init_route4(void)
620 {
621 return register_tcf_proto_ops(&cls_route4_ops);
622 }
623
624 static void __exit exit_route4(void)
625 {
626 unregister_tcf_proto_ops(&cls_route4_ops);
627 }
628
629 module_init(init_route4)
630 module_exit(exit_route4)
631 MODULE_LICENSE("GPL");
ubuntu-bionic-kernel mirror