net/sched/cls_fw.c

   1 // SPDX-License-Identifier: GPL-2.0-or-later
   2 /*
   3  * net/sched/cls_fw.c   Classifier mapping ipchains' fwmark to traffic class.
   4  *
   5  * Authors:     Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
   6  *
   7  * Changes:
   8  * Karlis Peisenieks <karlis@mt.lv> : 990415 : fw_walk off by one
   9  * Karlis Peisenieks <karlis@mt.lv> : 990415 : fw_delete killed all the filter (and kernel).
  10  * Alex <alex@pilotsoft.com> : 2004xxyy: Added Action extension
  11  */
  12
  13 #include <linux/module.h>
  14 #include <linux/slab.h>
  15 #include <linux/types.h>
  16 #include <linux/kernel.h>
  17 #include <linux/string.h>
  18 #include <linux/errno.h>
  19 #include <linux/skbuff.h>
  20 #include <net/netlink.h>
  21 #include <net/act_api.h>
  22 #include <net/pkt_cls.h>
  23 #include <net/sch_generic.h>
  24 #include <net/tc_wrapper.h>
  25
  26 #define HTSIZE 256
  27
  28 struct fw_head {
  29         u32                     mask;
  30         struct fw_filter __rcu  *ht[HTSIZE];
  31         struct rcu_head         rcu;
  32 };
  33
  34 struct fw_filter {
  35         struct fw_filter __rcu  *next;
  36         u32                     id;
  37         struct tcf_result       res;
  38         int                     ifindex;
  39         struct tcf_exts         exts;
  40         struct tcf_proto        *tp;
  41         struct rcu_work         rwork;
  42 };
  43
  44 static u32 fw_hash(u32 handle)
  45 {
  46         handle ^= (handle >> 16);
  47         handle ^= (handle >> 8);
  48         return handle % HTSIZE;
  49 }
  50
  51 TC_INDIRECT_SCOPE int fw_classify(struct sk_buff *skb,
  52                                   const struct tcf_proto *tp,
  53                                   struct tcf_result *res)
  54 {
  55         struct fw_head *head = rcu_dereference_bh(tp->root);
  56         struct fw_filter *f;
  57         int r;
  58         u32 id = skb->mark;
  59
  60         if (head != NULL) {
  61                 id &= head->mask;
  62
  63                 for (f = rcu_dereference_bh(head->ht[fw_hash(id)]); f;
  64                      f = rcu_dereference_bh(f->next)) {
  65                         if (f->id == id) {
  66                                 *res = f->res;
  67                                 if (!tcf_match_indev(skb, f->ifindex))
  68                                         continue;
  69                                 r = tcf_exts_exec(skb, &f->exts, res);
  70                                 if (r < 0)
  71                                         continue;
  72
  73                                 return r;
  74                         }
  75                 }
  76         } else {
  77                 struct Qdisc *q = tcf_block_q(tp->chain->block);
  78
  79                 /* Old method: classify the packet using its skb mark. */
  80                 if (id && (TC_H_MAJ(id) == 0 ||
  81                            !(TC_H_MAJ(id ^ q->handle)))) {
  82                         res->classid = id;
  83                         res->class = 0;
  84                         return 0;
  85                 }
  86         }
  87
  88         return -1;
  89 }
  90
  91 static void *fw_get(struct tcf_proto *tp, u32 handle)
  92 {
  93         struct fw_head *head = rtnl_dereference(tp->root);
  94         struct fw_filter *f;
  95
  96         if (head == NULL)
  97                 return NULL;
  98
  99         f = rtnl_dereference(head->ht[fw_hash(handle)]);
 100         for (; f; f = rtnl_dereference(f->next)) {
 101                 if (f->id == handle)
 102                         return f;
 103         }
 104         return NULL;
 105 }
 106
 107 static int fw_init(struct tcf_proto *tp)
 108 {
 109         /* We don't allocate fw_head here, because in the old method
 110          * we don't need it at all.
 111          */
 112         return 0;
 113 }
 114
 115 static void __fw_delete_filter(struct fw_filter *f)
 116 {
 117         tcf_exts_destroy(&f->exts);
 118         tcf_exts_put_net(&f->exts);
 119         kfree(f);
 120 }
 121
 122 static void fw_delete_filter_work(struct work_struct *work)
 123 {
 124         struct fw_filter *f = container_of(to_rcu_work(work),
 125                                            struct fw_filter,
 126                                            rwork);
 127         rtnl_lock();
 128         __fw_delete_filter(f);
 129         rtnl_unlock();
 130 }
 131
 132 static void fw_destroy(struct tcf_proto *tp, bool rtnl_held,
 133                        struct netlink_ext_ack *extack)
 134 {
 135         struct fw_head *head = rtnl_dereference(tp->root);
 136         struct fw_filter *f;
 137         int h;
 138
 139         if (head == NULL)
 140                 return;
 141
 142         for (h = 0; h < HTSIZE; h++) {
 143                 while ((f = rtnl_dereference(head->ht[h])) != NULL) {
 144                         RCU_INIT_POINTER(head->ht[h],
 145                                          rtnl_dereference(f->next));
 146                         tcf_unbind_filter(tp, &f->res);
 147                         if (tcf_exts_get_net(&f->exts))
 148                                 tcf_queue_work(&f->rwork, fw_delete_filter_work);
 149                         else
 150                                 __fw_delete_filter(f);
 151                 }
 152         }
 153         kfree_rcu(head, rcu);
 154 }
 155
 156 static int fw_delete(struct tcf_proto *tp, void *arg, bool *last,
 157                      bool rtnl_held, struct netlink_ext_ack *extack)
 158 {
 159         struct fw_head *head = rtnl_dereference(tp->root);
 160         struct fw_filter *f = arg;
 161         struct fw_filter __rcu **fp;
 162         struct fw_filter *pfp;
 163         int ret = -EINVAL;
 164         int h;
 165
 166         if (head == NULL || f == NULL)
 167                 goto out;
 168
 169         fp = &head->ht[fw_hash(f->id)];
 170
 171         for (pfp = rtnl_dereference(*fp); pfp;
 172              fp = &pfp->next, pfp = rtnl_dereference(*fp)) {
 173                 if (pfp == f) {
 174                         RCU_INIT_POINTER(*fp, rtnl_dereference(f->next));
 175                         tcf_unbind_filter(tp, &f->res);
 176                         tcf_exts_get_net(&f->exts);
 177                         tcf_queue_work(&f->rwork, fw_delete_filter_work);
 178                         ret = 0;
 179                         break;
 180                 }
 181         }
 182
 183         *last = true;
 184         for (h = 0; h < HTSIZE; h++) {
 185                 if (rcu_access_pointer(head->ht[h])) {
 186                         *last = false;
 187                         break;
 188                 }
 189         }
 190
 191 out:
 192         return ret;
 193 }
 194
 195 static const struct nla_policy fw_policy[TCA_FW_MAX + 1] = {
 196         [TCA_FW_CLASSID]        = { .type = NLA_U32 },
 197         [TCA_FW_INDEV]          = { .type = NLA_STRING, .len = IFNAMSIZ },
 198         [TCA_FW_MASK]           = { .type = NLA_U32 },
 199 };
 200
 201 static int fw_set_parms(struct net *net, struct tcf_proto *tp,
 202                         struct fw_filter *f, struct nlattr **tb,
 203                         struct nlattr **tca, unsigned long base, u32 flags,
 204                         struct netlink_ext_ack *extack)
 205 {
 206         struct fw_head *head = rtnl_dereference(tp->root);
 207         u32 mask;
 208         int err;
 209
 210         err = tcf_exts_validate(net, tp, tb, tca[TCA_RATE], &f->exts, flags,
 211                                 extack);
 212         if (err < 0)
 213                 return err;
 214
 215         if (tb[TCA_FW_INDEV]) {
 216                 int ret;
 217                 ret = tcf_change_indev(net, tb[TCA_FW_INDEV], extack);
 218                 if (ret < 0)
 219                         return ret;
 220                 f->ifindex = ret;
 221         }
 222
 223         err = -EINVAL;
 224         if (tb[TCA_FW_MASK]) {
 225                 mask = nla_get_u32(tb[TCA_FW_MASK]);
 226                 if (mask != head->mask)
 227                         return err;
 228         } else if (head->mask != 0xFFFFFFFF)
 229                 return err;
 230
 231         if (tb[TCA_FW_CLASSID]) {
 232                 f->res.classid = nla_get_u32(tb[TCA_FW_CLASSID]);
 233                 tcf_bind_filter(tp, &f->res, base);
 234         }
 235
 236         return 0;
 237 }
 238
 239 static int fw_change(struct net *net, struct sk_buff *in_skb,
 240                      struct tcf_proto *tp, unsigned long base,
 241                      u32 handle, struct nlattr **tca, void **arg,
 242                      u32 flags, struct netlink_ext_ack *extack)
 243 {
 244         struct fw_head *head = rtnl_dereference(tp->root);
 245         struct fw_filter *f = *arg;
 246         struct nlattr *opt = tca[TCA_OPTIONS];
 247         struct nlattr *tb[TCA_FW_MAX + 1];
 248         int err;
 249
 250         if (!opt)
 251                 return handle ? -EINVAL : 0; /* Succeed if it is old method. */
 252
 253         err = nla_parse_nested_deprecated(tb, TCA_FW_MAX, opt, fw_policy,
 254                                           NULL);
 255         if (err < 0)
 256                 return err;
 257
 258         if (f) {
 259                 struct fw_filter *pfp, *fnew;
 260                 struct fw_filter __rcu **fp;
 261
 262                 if (f->id != handle && handle)
 263                         return -EINVAL;
 264
 265                 fnew = kzalloc(sizeof(struct fw_filter), GFP_KERNEL);
 266                 if (!fnew)
 267                         return -ENOBUFS;
 268
 269                 fnew->id = f->id;
 270                 fnew->ifindex = f->ifindex;
 271                 fnew->tp = f->tp;
 272
 273                 err = tcf_exts_init(&fnew->exts, net, TCA_FW_ACT,
 274                                     TCA_FW_POLICE);
 275                 if (err < 0) {
 276                         kfree(fnew);
 277                         return err;
 278                 }
 279
 280                 err = fw_set_parms(net, tp, fnew, tb, tca, base, flags, extack);
 281                 if (err < 0) {
 282                         tcf_exts_destroy(&fnew->exts);
 283                         kfree(fnew);
 284                         return err;
 285                 }
 286
 287                 fp = &head->ht[fw_hash(fnew->id)];
 288                 for (pfp = rtnl_dereference(*fp); pfp;
 289                      fp = &pfp->next, pfp = rtnl_dereference(*fp))
 290                         if (pfp == f)
 291                                 break;
 292
 293                 RCU_INIT_POINTER(fnew->next, rtnl_dereference(pfp->next));
 294                 rcu_assign_pointer(*fp, fnew);
 295                 tcf_unbind_filter(tp, &f->res);
 296                 tcf_exts_get_net(&f->exts);
 297                 tcf_queue_work(&f->rwork, fw_delete_filter_work);
 298
 299                 *arg = fnew;
 300                 return err;
 301         }
 302
 303         if (!handle)
 304                 return -EINVAL;
 305
 306         if (!head) {
 307                 u32 mask = 0xFFFFFFFF;
 308                 if (tb[TCA_FW_MASK])
 309                         mask = nla_get_u32(tb[TCA_FW_MASK]);
 310
 311                 head = kzalloc(sizeof(*head), GFP_KERNEL);
 312                 if (!head)
 313                         return -ENOBUFS;
 314                 head->mask = mask;
 315
 316                 rcu_assign_pointer(tp->root, head);
 317         }
 318
 319         f = kzalloc(sizeof(struct fw_filter), GFP_KERNEL);
 320         if (f == NULL)
 321                 return -ENOBUFS;
 322
 323         err = tcf_exts_init(&f->exts, net, TCA_FW_ACT, TCA_FW_POLICE);
 324         if (err < 0)
 325                 goto errout;
 326         f->id = handle;
 327         f->tp = tp;
 328
 329         err = fw_set_parms(net, tp, f, tb, tca, base, flags, extack);
 330         if (err < 0)
 331                 goto errout;
 332
 333         RCU_INIT_POINTER(f->next, head->ht[fw_hash(handle)]);
 334         rcu_assign_pointer(head->ht[fw_hash(handle)], f);
 335
 336         *arg = f;
 337         return 0;
 338
 339 errout:
 340         tcf_exts_destroy(&f->exts);
 341         kfree(f);
 342         return err;
 343 }
 344
 345 static void fw_walk(struct tcf_proto *tp, struct tcf_walker *arg,
 346                     bool rtnl_held)
 347 {
 348         struct fw_head *head = rtnl_dereference(tp->root);
 349         int h;
 350
 351         if (head == NULL)
 352                 arg->stop = 1;
 353
 354         if (arg->stop)
 355                 return;
 356
 357         for (h = 0; h < HTSIZE; h++) {
 358                 struct fw_filter *f;
 359
 360                 for (f = rtnl_dereference(head->ht[h]); f;
 361                      f = rtnl_dereference(f->next)) {
 362                         if (!tc_cls_stats_dump(tp, arg, f))
 363                                 return;
 364                 }
 365         }
 366 }
 367
 368 static int fw_dump(struct net *net, struct tcf_proto *tp, void *fh,
 369                    struct sk_buff *skb, struct tcmsg *t, bool rtnl_held)
 370 {
 371         struct fw_head *head = rtnl_dereference(tp->root);
 372         struct fw_filter *f = fh;
 373         struct nlattr *nest;
 374
 375         if (f == NULL)
 376                 return skb->len;
 377
 378         t->tcm_handle = f->id;
 379
 380         if (!f->res.classid && !tcf_exts_has_actions(&f->exts))
 381                 return skb->len;
 382
 383         nest = nla_nest_start_noflag(skb, TCA_OPTIONS);
 384         if (nest == NULL)
 385                 goto nla_put_failure;
 386
 387         if (f->res.classid &&
 388             nla_put_u32(skb, TCA_FW_CLASSID, f->res.classid))
 389                 goto nla_put_failure;
 390         if (f->ifindex) {
 391                 struct net_device *dev;
 392                 dev = __dev_get_by_index(net, f->ifindex);
 393                 if (dev && nla_put_string(skb, TCA_FW_INDEV, dev->name))
 394                         goto nla_put_failure;
 395         }
 396         if (head->mask != 0xFFFFFFFF &&
 397             nla_put_u32(skb, TCA_FW_MASK, head->mask))
 398                 goto nla_put_failure;
 399
 400         if (tcf_exts_dump(skb, &f->exts) < 0)
 401                 goto nla_put_failure;
 402
 403         nla_nest_end(skb, nest);
 404
 405         if (tcf_exts_dump_stats(skb, &f->exts) < 0)
 406                 goto nla_put_failure;
 407
 408         return skb->len;
 409
 410 nla_put_failure:
 411         nla_nest_cancel(skb, nest);
 412         return -1;
 413 }
 414
 415 static void fw_bind_class(void *fh, u32 classid, unsigned long cl, void *q,
 416                           unsigned long base)
 417 {
 418         struct fw_filter *f = fh;
 419
 420         tc_cls_bind_class(classid, cl, q, &f->res, base);
 421 }
 422
 423 static struct tcf_proto_ops cls_fw_ops __read_mostly = {
 424         .kind           =       "fw",
 425         .classify       =       fw_classify,
 426         .init           =       fw_init,
 427         .destroy        =       fw_destroy,
 428         .get            =       fw_get,
 429         .change         =       fw_change,
 430         .delete         =       fw_delete,
 431         .walk           =       fw_walk,
 432         .dump           =       fw_dump,
 433         .bind_class     =       fw_bind_class,
 434         .owner          =       THIS_MODULE,
 435 };
 436
 437 static int __init init_fw(void)
 438 {
 439         return register_tcf_proto_ops(&cls_fw_ops);
 440 }
 441
 442 static void __exit exit_fw(void)
 443 {
 444         unregister_tcf_proto_ops(&cls_fw_ops);
 445 }
 446
 447 module_init(init_fw)
 448 module_exit(exit_fw)
 449 MODULE_DESCRIPTION("SKB mark based TC classifier");
 450 MODULE_LICENSE("GPL");