2 * Checksum updating actions
4 * Copyright (c) 2010 Gregoire Baron <baronchon@n7mm.org>
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the Free
8 * Software Foundation; either version 2 of the License, or (at your option)
13 #include <linux/types.h>
14 #include <linux/init.h>
15 #include <linux/kernel.h>
16 #include <linux/module.h>
17 #include <linux/spinlock.h>
19 #include <linux/netlink.h>
20 #include <net/netlink.h>
21 #include <linux/rtnetlink.h>
23 #include <linux/skbuff.h>
28 #include <linux/icmpv6.h>
29 #include <linux/igmp.h>
32 #include <net/ip6_checksum.h>
34 #include <net/act_api.h>
36 #include <linux/tc_act/tc_csum.h>
37 #include <net/tc_act/tc_csum.h>
39 #define CSUM_TAB_MASK 15
41 static const struct nla_policy csum_policy[TCA_CSUM_MAX + 1] = {
42 [TCA_CSUM_PARMS] = { .len = sizeof(struct tc_csum), },
45 static int csum_net_id;
46 static struct tc_action_ops act_csum_ops;
48 static int tcf_csum_init(struct net *net, struct nlattr *nla,
49 struct nlattr *est, struct tc_action **a, int ovr,
52 struct tc_action_net *tn = net_generic(net, csum_net_id);
53 struct nlattr *tb[TCA_CSUM_MAX + 1];
61 err = nla_parse_nested(tb, TCA_CSUM_MAX, nla, csum_policy);
65 if (tb[TCA_CSUM_PARMS] == NULL)
67 parm = nla_data(tb[TCA_CSUM_PARMS]);
69 if (!tcf_hash_check(tn, parm->index, a, bind)) {
70 ret = tcf_hash_create(tn, parm->index, est, a,
71 &act_csum_ops, bind, false);
76 if (bind)/* dont override defaults */
78 tcf_hash_release(*a, bind);
84 spin_lock_bh(&p->tcf_lock);
85 p->tcf_action = parm->action;
86 p->update_flags = parm->update_flags;
87 spin_unlock_bh(&p->tcf_lock);
89 if (ret == ACT_P_CREATED)
90 tcf_hash_insert(tn, *a);
96 * tcf_csum_skb_nextlayer - Get next layer pointer
97 * @skb: sk_buff to use
98 * @ihl: previous summed headers length
99 * @ipl: complete packet length
100 * @jhl: next header length
102 * Check the expected next layer availability in the specified sk_buff.
103 * Return the next layer pointer if pass, NULL otherwise.
105 static void *tcf_csum_skb_nextlayer(struct sk_buff *skb,
106 unsigned int ihl, unsigned int ipl,
109 int ntkoff = skb_network_offset(skb);
112 if (!pskb_may_pull(skb, ipl + ntkoff) || (ipl < hl) ||
113 skb_try_make_writable(skb, hl + ntkoff))
116 return (void *)(skb_network_header(skb) + ihl);
119 static int tcf_csum_ipv4_icmp(struct sk_buff *skb, unsigned int ihl,
122 struct icmphdr *icmph;
124 icmph = tcf_csum_skb_nextlayer(skb, ihl, ipl, sizeof(*icmph));
129 skb->csum = csum_partial(icmph, ipl - ihl, 0);
130 icmph->checksum = csum_fold(skb->csum);
132 skb->ip_summed = CHECKSUM_NONE;
137 static int tcf_csum_ipv4_igmp(struct sk_buff *skb,
138 unsigned int ihl, unsigned int ipl)
140 struct igmphdr *igmph;
142 igmph = tcf_csum_skb_nextlayer(skb, ihl, ipl, sizeof(*igmph));
147 skb->csum = csum_partial(igmph, ipl - ihl, 0);
148 igmph->csum = csum_fold(skb->csum);
150 skb->ip_summed = CHECKSUM_NONE;
155 static int tcf_csum_ipv6_icmp(struct sk_buff *skb, unsigned int ihl,
158 struct icmp6hdr *icmp6h;
159 const struct ipv6hdr *ip6h;
161 icmp6h = tcf_csum_skb_nextlayer(skb, ihl, ipl, sizeof(*icmp6h));
165 ip6h = ipv6_hdr(skb);
166 icmp6h->icmp6_cksum = 0;
167 skb->csum = csum_partial(icmp6h, ipl - ihl, 0);
168 icmp6h->icmp6_cksum = csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr,
169 ipl - ihl, IPPROTO_ICMPV6,
172 skb->ip_summed = CHECKSUM_NONE;
177 static int tcf_csum_ipv4_tcp(struct sk_buff *skb, unsigned int ihl,
181 const struct iphdr *iph;
183 if (skb_is_gso(skb) && skb_shinfo(skb)->gso_type & SKB_GSO_TCPV4)
186 tcph = tcf_csum_skb_nextlayer(skb, ihl, ipl, sizeof(*tcph));
192 skb->csum = csum_partial(tcph, ipl - ihl, 0);
193 tcph->check = tcp_v4_check(ipl - ihl,
194 iph->saddr, iph->daddr, skb->csum);
196 skb->ip_summed = CHECKSUM_NONE;
201 static int tcf_csum_ipv6_tcp(struct sk_buff *skb, unsigned int ihl,
205 const struct ipv6hdr *ip6h;
207 if (skb_is_gso(skb) && skb_shinfo(skb)->gso_type & SKB_GSO_TCPV6)
210 tcph = tcf_csum_skb_nextlayer(skb, ihl, ipl, sizeof(*tcph));
214 ip6h = ipv6_hdr(skb);
216 skb->csum = csum_partial(tcph, ipl - ihl, 0);
217 tcph->check = csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr,
218 ipl - ihl, IPPROTO_TCP,
221 skb->ip_summed = CHECKSUM_NONE;
226 static int tcf_csum_ipv4_udp(struct sk_buff *skb, unsigned int ihl,
227 unsigned int ipl, int udplite)
230 const struct iphdr *iph;
233 if (skb_is_gso(skb) && skb_shinfo(skb)->gso_type & SKB_GSO_UDP)
237 * Support both UDP and UDPLITE checksum algorithms, Don't use
238 * udph->len to get the real length without any protocol check,
239 * UDPLITE uses udph->len for another thing,
240 * Use iph->tot_len, or just ipl.
243 udph = tcf_csum_skb_nextlayer(skb, ihl, ipl, sizeof(*udph));
248 ul = ntohs(udph->len);
250 if (udplite || udph->check) {
256 skb->csum = csum_partial(udph, ipl - ihl, 0);
257 else if ((ul >= sizeof(*udph)) && (ul <= ipl - ihl))
258 skb->csum = csum_partial(udph, ul, 0);
260 goto ignore_obscure_skb;
263 goto ignore_obscure_skb;
265 skb->csum = csum_partial(udph, ul, 0);
268 udph->check = csum_tcpudp_magic(iph->saddr, iph->daddr,
273 udph->check = CSUM_MANGLED_0;
276 skb->ip_summed = CHECKSUM_NONE;
282 static int tcf_csum_ipv6_udp(struct sk_buff *skb, unsigned int ihl,
283 unsigned int ipl, int udplite)
286 const struct ipv6hdr *ip6h;
289 if (skb_is_gso(skb) && skb_shinfo(skb)->gso_type & SKB_GSO_UDP)
293 * Support both UDP and UDPLITE checksum algorithms, Don't use
294 * udph->len to get the real length without any protocol check,
295 * UDPLITE uses udph->len for another thing,
296 * Use ip6h->payload_len + sizeof(*ip6h) ... , or just ipl.
299 udph = tcf_csum_skb_nextlayer(skb, ihl, ipl, sizeof(*udph));
303 ip6h = ipv6_hdr(skb);
304 ul = ntohs(udph->len);
310 skb->csum = csum_partial(udph, ipl - ihl, 0);
312 else if ((ul >= sizeof(*udph)) && (ul <= ipl - ihl))
313 skb->csum = csum_partial(udph, ul, 0);
316 goto ignore_obscure_skb;
319 goto ignore_obscure_skb;
321 skb->csum = csum_partial(udph, ul, 0);
324 udph->check = csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr, ul,
325 udplite ? IPPROTO_UDPLITE : IPPROTO_UDP,
329 udph->check = CSUM_MANGLED_0;
331 skb->ip_summed = CHECKSUM_NONE;
337 static int tcf_csum_ipv4(struct sk_buff *skb, u32 update_flags)
339 const struct iphdr *iph;
342 ntkoff = skb_network_offset(skb);
344 if (!pskb_may_pull(skb, sizeof(*iph) + ntkoff))
349 switch (iph->frag_off & htons(IP_OFFSET) ? 0 : iph->protocol) {
351 if (update_flags & TCA_CSUM_UPDATE_FLAG_ICMP)
352 if (!tcf_csum_ipv4_icmp(skb, iph->ihl * 4,
353 ntohs(iph->tot_len)))
357 if (update_flags & TCA_CSUM_UPDATE_FLAG_IGMP)
358 if (!tcf_csum_ipv4_igmp(skb, iph->ihl * 4,
359 ntohs(iph->tot_len)))
363 if (update_flags & TCA_CSUM_UPDATE_FLAG_TCP)
364 if (!tcf_csum_ipv4_tcp(skb, iph->ihl * 4,
365 ntohs(iph->tot_len)))
369 if (update_flags & TCA_CSUM_UPDATE_FLAG_UDP)
370 if (!tcf_csum_ipv4_udp(skb, iph->ihl * 4,
371 ntohs(iph->tot_len), 0))
374 case IPPROTO_UDPLITE:
375 if (update_flags & TCA_CSUM_UPDATE_FLAG_UDPLITE)
376 if (!tcf_csum_ipv4_udp(skb, iph->ihl * 4,
377 ntohs(iph->tot_len), 1))
382 if (update_flags & TCA_CSUM_UPDATE_FLAG_IPV4HDR) {
383 if (skb_try_make_writable(skb, sizeof(*iph) + ntkoff))
386 ip_send_check(ip_hdr(skb));
395 static int tcf_csum_ipv6_hopopts(struct ipv6_opt_hdr *ip6xh, unsigned int ixhl,
398 int off, len, optlen;
399 unsigned char *xh = (void *)ip6xh;
401 off = sizeof(*ip6xh);
410 optlen = xh[off + 1] + 2;
411 if (optlen != 6 || len < 6 || (off & 3) != 2)
412 /* wrong jumbo option length/alignment */
414 *pl = ntohl(*(__be32 *)(xh + off + 2));
417 optlen = xh[off + 1] + 2;
419 /* ignore obscure options */
431 static int tcf_csum_ipv6(struct sk_buff *skb, u32 update_flags)
433 struct ipv6hdr *ip6h;
434 struct ipv6_opt_hdr *ip6xh;
435 unsigned int hl, ixhl;
440 ntkoff = skb_network_offset(skb);
444 if (!pskb_may_pull(skb, hl + ntkoff))
447 ip6h = ipv6_hdr(skb);
449 pl = ntohs(ip6h->payload_len);
450 nexthdr = ip6h->nexthdr;
454 case NEXTHDR_FRAGMENT:
456 case NEXTHDR_ROUTING:
459 if (!pskb_may_pull(skb, hl + sizeof(*ip6xh) + ntkoff))
461 ip6xh = (void *)(skb_network_header(skb) + hl);
462 ixhl = ipv6_optlen(ip6xh);
463 if (!pskb_may_pull(skb, hl + ixhl + ntkoff))
465 ip6xh = (void *)(skb_network_header(skb) + hl);
466 if ((nexthdr == NEXTHDR_HOP) &&
467 !(tcf_csum_ipv6_hopopts(ip6xh, ixhl, &pl)))
469 nexthdr = ip6xh->nexthdr;
473 if (update_flags & TCA_CSUM_UPDATE_FLAG_ICMP)
474 if (!tcf_csum_ipv6_icmp(skb,
475 hl, pl + sizeof(*ip6h)))
479 if (update_flags & TCA_CSUM_UPDATE_FLAG_TCP)
480 if (!tcf_csum_ipv6_tcp(skb,
481 hl, pl + sizeof(*ip6h)))
485 if (update_flags & TCA_CSUM_UPDATE_FLAG_UDP)
486 if (!tcf_csum_ipv6_udp(skb, hl,
487 pl + sizeof(*ip6h), 0))
490 case IPPROTO_UDPLITE:
491 if (update_flags & TCA_CSUM_UPDATE_FLAG_UDPLITE)
492 if (!tcf_csum_ipv6_udp(skb, hl,
493 pl + sizeof(*ip6h), 1))
499 } while (pskb_may_pull(skb, hl + 1 + ntkoff));
509 static int tcf_csum(struct sk_buff *skb, const struct tc_action *a,
510 struct tcf_result *res)
512 struct tcf_csum *p = to_tcf_csum(a);
516 spin_lock(&p->tcf_lock);
517 tcf_lastuse_update(&p->tcf_tm);
518 bstats_update(&p->tcf_bstats, skb);
519 action = p->tcf_action;
520 update_flags = p->update_flags;
521 spin_unlock(&p->tcf_lock);
523 if (unlikely(action == TC_ACT_SHOT))
526 switch (tc_skb_protocol(skb)) {
527 case cpu_to_be16(ETH_P_IP):
528 if (!tcf_csum_ipv4(skb, update_flags))
531 case cpu_to_be16(ETH_P_IPV6):
532 if (!tcf_csum_ipv6(skb, update_flags))
540 spin_lock(&p->tcf_lock);
541 p->tcf_qstats.drops++;
542 spin_unlock(&p->tcf_lock);
546 static int tcf_csum_dump(struct sk_buff *skb, struct tc_action *a, int bind,
549 unsigned char *b = skb_tail_pointer(skb);
550 struct tcf_csum *p = to_tcf_csum(a);
551 struct tc_csum opt = {
552 .update_flags = p->update_flags,
553 .index = p->tcf_index,
554 .action = p->tcf_action,
555 .refcnt = p->tcf_refcnt - ref,
556 .bindcnt = p->tcf_bindcnt - bind,
560 if (nla_put(skb, TCA_CSUM_PARMS, sizeof(opt), &opt))
561 goto nla_put_failure;
563 tcf_tm_dump(&t, &p->tcf_tm);
564 if (nla_put_64bit(skb, TCA_CSUM_TM, sizeof(t), &t, TCA_CSUM_PAD))
565 goto nla_put_failure;
574 static int tcf_csum_walker(struct net *net, struct sk_buff *skb,
575 struct netlink_callback *cb, int type,
576 const struct tc_action_ops *ops)
578 struct tc_action_net *tn = net_generic(net, csum_net_id);
580 return tcf_generic_walker(tn, skb, cb, type, ops);
583 static int tcf_csum_search(struct net *net, struct tc_action **a, u32 index)
585 struct tc_action_net *tn = net_generic(net, csum_net_id);
587 return tcf_hash_search(tn, a, index);
590 static struct tc_action_ops act_csum_ops = {
592 .type = TCA_ACT_CSUM,
593 .owner = THIS_MODULE,
595 .dump = tcf_csum_dump,
596 .init = tcf_csum_init,
597 .walk = tcf_csum_walker,
598 .lookup = tcf_csum_search,
599 .size = sizeof(struct tcf_csum),
602 static __net_init int csum_init_net(struct net *net)
604 struct tc_action_net *tn = net_generic(net, csum_net_id);
606 return tc_action_net_init(tn, &act_csum_ops, CSUM_TAB_MASK);
609 static void __net_exit csum_exit_net(struct net *net)
611 struct tc_action_net *tn = net_generic(net, csum_net_id);
613 tc_action_net_exit(tn);
616 static struct pernet_operations csum_net_ops = {
617 .init = csum_init_net,
618 .exit = csum_exit_net,
620 .size = sizeof(struct tc_action_net),
623 MODULE_DESCRIPTION("Checksum updating actions");
624 MODULE_LICENSE("GPL");
626 static int __init csum_init_module(void)
628 return tcf_register_action(&act_csum_ops, &csum_net_ops);
631 static void __exit csum_cleanup_module(void)
633 tcf_unregister_action(&act_csum_ops, &csum_net_ops);
636 module_init(csum_init_module);
637 module_exit(csum_cleanup_module);
projects / releases.git / blob