Blame - net/sched/cls_flower.c - SHIFTPHONES/mainline/linux

blob: cf9ad5b508899d4fb0ba812a84647a916c3d5f31 [file] [log] [blame]

Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	1	/*
				2	* net/sched/cls_flower.c Flower classifier
				3	*
				4	* Copyright (c) 2015 Jiri Pirko <jiri@resnulli.us>
				5	*
				6	* This program is free software; you can redistribute it and/or modify
				7	* it under the terms of the GNU General Public License as published by
				8	* the Free Software Foundation; either version 2 of the License, or
				9	* (at your option) any later version.
				10	*/
				11
				12	#include <linux/kernel.h>
				13	#include <linux/init.h>
				14	#include <linux/module.h>
				15	#include <linux/rhashtable.h>
				16
				17	#include <linux/if_ether.h>
				18	#include <linux/in6.h>
				19	#include <linux/ip.h>
				20
				21	#include <net/sch_generic.h>
				22	#include <net/pkt_cls.h>
				23	#include <net/ip.h>
				24	#include <net/flow_dissector.h>
				25
				26	struct fl_flow_key {
				27	int indev_ifindex;
Tom Herbert	42aecaa	2015-06-04 09:16:39 -0700	[diff] [blame]	28	struct flow_dissector_key_control control;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	29	struct flow_dissector_key_basic basic;
				30	struct flow_dissector_key_eth_addrs eth;
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame]	31	struct flow_dissector_key_vlan vlan;
Tom Herbert	c3f8324	2015-06-04 09:16:40 -0700	[diff] [blame]	32	struct flow_dissector_key_addrs ipaddrs;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	33	union {
Tom Herbert	c3f8324	2015-06-04 09:16:40 -0700	[diff] [blame]	34	struct flow_dissector_key_ipv4_addrs ipv4;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	35	struct flow_dissector_key_ipv6_addrs ipv6;
				36	};
				37	struct flow_dissector_key_ports tp;
				38	} __aligned(BITS_PER_LONG / 8); /* Ensure that we can do comparisons as longs. */
				39
				40	struct fl_flow_mask_range {
				41	unsigned short int start;
				42	unsigned short int end;
				43	};
				44
				45	struct fl_flow_mask {
				46	struct fl_flow_key key;
				47	struct fl_flow_mask_range range;
				48	struct rcu_head rcu;
				49	};
				50
				51	struct cls_fl_head {
				52	struct rhashtable ht;
				53	struct fl_flow_mask mask;
				54	struct flow_dissector dissector;
				55	u32 hgen;
				56	bool mask_assigned;
				57	struct list_head filters;
				58	struct rhashtable_params ht_params;
				59	struct rcu_head rcu;
				60	};
				61
				62	struct cls_fl_filter {
				63	struct rhash_head ht_node;
				64	struct fl_flow_key mkey;
				65	struct tcf_exts exts;
				66	struct tcf_result res;
				67	struct fl_flow_key key;
				68	struct list_head list;
				69	u32 handle;
Amir Vadai	e69985c	2016-06-05 17:11:18 +0300	[diff] [blame]	70	u32 flags;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	71	struct rcu_head rcu;
				72	};
				73
				74	static unsigned short int fl_mask_range(const struct fl_flow_mask *mask)
				75	{
				76	return mask->range.end - mask->range.start;
				77	}
				78
				79	static void fl_mask_update_range(struct fl_flow_mask *mask)
				80	{
				81	const u8 bytes = (const u8 ) &mask->key;
				82	size_t size = sizeof(mask->key);
				83	size_t i, first = 0, last = size - 1;
				84
				85	for (i = 0; i < sizeof(mask->key); i++) {
				86	if (bytes[i]) {
				87	if (!first && i)
				88	first = i;
				89	last = i;
				90	}
				91	}
				92	mask->range.start = rounddown(first, sizeof(long));
				93	mask->range.end = roundup(last + 1, sizeof(long));
				94	}
				95
				96	static void fl_key_get_start(struct fl_flow_key key,
				97	const struct fl_flow_mask *mask)
				98	{
				99	return (u8 *) key + mask->range.start;
				100	}
				101
				102	static void fl_set_masked_key(struct fl_flow_key mkey, struct fl_flow_key key,
				103	struct fl_flow_mask *mask)
				104	{
				105	const long *lkey = fl_key_get_start(key, mask);
				106	const long *lmask = fl_key_get_start(&mask->key, mask);
				107	long *lmkey = fl_key_get_start(mkey, mask);
				108	int i;
				109
				110	for (i = 0; i < fl_mask_range(mask); i += sizeof(long))
				111	lmkey++ = lkey++ & *lmask++;
				112	}
				113
				114	static void fl_clear_masked_range(struct fl_flow_key *key,
				115	struct fl_flow_mask *mask)
				116	{
				117	memset(fl_key_get_start(key, mask), 0, fl_mask_range(mask));
				118	}
				119
				120	static int fl_classify(struct sk_buff skb, const struct tcf_proto tp,
				121	struct tcf_result *res)
				122	{
				123	struct cls_fl_head *head = rcu_dereference_bh(tp->root);
				124	struct cls_fl_filter *f;
				125	struct fl_flow_key skb_key;
				126	struct fl_flow_key skb_mkey;
				127
Amir Vadai	e69985c	2016-06-05 17:11:18 +0300	[diff] [blame]	128	if (!atomic_read(&head->ht.nelems))
				129	return -1;
				130
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	131	fl_clear_masked_range(&skb_key, &head->mask);
				132	skb_key.indev_ifindex = skb->skb_iif;
				133	/* skb_flow_dissect() does not set n_proto in case an unknown protocol,
				134	* so do it rather here.
				135	*/
				136	skb_key.basic.n_proto = skb->protocol;
Tom Herbert	cd79a23	2015-09-01 09:24:27 -0700	[diff] [blame]	137	skb_flow_dissect(skb, &head->dissector, &skb_key, 0);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	138
				139	fl_set_masked_key(&skb_mkey, &skb_key, &head->mask);
				140
				141	f = rhashtable_lookup_fast(&head->ht,
				142	fl_key_get_start(&skb_mkey, &head->mask),
				143	head->ht_params);
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	144	if (f && !tc_skip_sw(f->flags)) {
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	145	*res = f->res;
				146	return tcf_exts_exec(skb, &f->exts, res);
				147	}
				148	return -1;
				149	}
				150
				151	static int fl_init(struct tcf_proto *tp)
				152	{
				153	struct cls_fl_head *head;
				154
				155	head = kzalloc(sizeof(*head), GFP_KERNEL);
				156	if (!head)
				157	return -ENOBUFS;
				158
				159	INIT_LIST_HEAD_RCU(&head->filters);
				160	rcu_assign_pointer(tp->root, head);
				161
				162	return 0;
				163	}
				164
				165	static void fl_destroy_filter(struct rcu_head *head)
				166	{
				167	struct cls_fl_filter *f = container_of(head, struct cls_fl_filter, rcu);
				168
				169	tcf_exts_destroy(&f->exts);
				170	kfree(f);
				171	}
				172
Amir Vadai	8208d21	2016-03-11 11:08:45 +0200	[diff] [blame]	173	static void fl_hw_destroy_filter(struct tcf_proto *tp, unsigned long cookie)
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	174	{
				175	struct net_device *dev = tp->q->dev_queue->dev;
				176	struct tc_cls_flower_offload offload = {0};
				177	struct tc_to_netdev tc;
				178
Daniel Borkmann	92c075d	2016-06-06 22:50:39 +0200	[diff] [blame]	179	if (!tc_should_offload(dev, tp, 0))
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	180	return;
				181
				182	offload.command = TC_CLSFLOWER_DESTROY;
				183	offload.cookie = cookie;
				184
				185	tc.type = TC_SETUP_CLSFLOWER;
				186	tc.cls_flower = &offload;
				187
				188	dev->netdev_ops->ndo_setup_tc(dev, tp->q->handle, tp->protocol, &tc);
				189	}
				190
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	191	static int fl_hw_replace_filter(struct tcf_proto *tp,
				192	struct flow_dissector *dissector,
				193	struct fl_flow_key *mask,
				194	struct fl_flow_key *key,
				195	struct tcf_exts *actions,
				196	unsigned long cookie, u32 flags)
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	197	{
				198	struct net_device *dev = tp->q->dev_queue->dev;
				199	struct tc_cls_flower_offload offload = {0};
				200	struct tc_to_netdev tc;
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	201	int err;
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	202
Daniel Borkmann	92c075d	2016-06-06 22:50:39 +0200	[diff] [blame]	203	if (!tc_should_offload(dev, tp, flags))
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	204	return tc_skip_sw(flags) ? -EINVAL : 0;
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	205
				206	offload.command = TC_CLSFLOWER_REPLACE;
				207	offload.cookie = cookie;
				208	offload.dissector = dissector;
				209	offload.mask = mask;
				210	offload.key = key;
				211	offload.exts = actions;
				212
				213	tc.type = TC_SETUP_CLSFLOWER;
				214	tc.cls_flower = &offload;
				215
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	216	err = dev->netdev_ops->ndo_setup_tc(dev, tp->q->handle, tp->protocol, &tc);
				217
				218	if (tc_skip_sw(flags))
				219	return err;
				220
				221	return 0;
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	222	}
				223
Amir Vadai	10cbc68	2016-05-13 12:55:37 +0000	[diff] [blame]	224	static void fl_hw_update_stats(struct tcf_proto tp, struct cls_fl_filter f)
				225	{
				226	struct net_device *dev = tp->q->dev_queue->dev;
				227	struct tc_cls_flower_offload offload = {0};
				228	struct tc_to_netdev tc;
				229
Daniel Borkmann	92c075d	2016-06-06 22:50:39 +0200	[diff] [blame]	230	if (!tc_should_offload(dev, tp, 0))
Amir Vadai	10cbc68	2016-05-13 12:55:37 +0000	[diff] [blame]	231	return;
				232
				233	offload.command = TC_CLSFLOWER_STATS;
				234	offload.cookie = (unsigned long)f;
				235	offload.exts = &f->exts;
				236
				237	tc.type = TC_SETUP_CLSFLOWER;
				238	tc.cls_flower = &offload;
				239
				240	dev->netdev_ops->ndo_setup_tc(dev, tp->q->handle, tp->protocol, &tc);
				241	}
				242
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	243	static bool fl_destroy(struct tcf_proto *tp, bool force)
				244	{
				245	struct cls_fl_head *head = rtnl_dereference(tp->root);
				246	struct cls_fl_filter f, next;
				247
				248	if (!force && !list_empty(&head->filters))
				249	return false;
				250
				251	list_for_each_entry_safe(f, next, &head->filters, list) {
Amir Vadai	8208d21	2016-03-11 11:08:45 +0200	[diff] [blame]	252	fl_hw_destroy_filter(tp, (unsigned long)f);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	253	list_del_rcu(&f->list);
				254	call_rcu(&f->rcu, fl_destroy_filter);
				255	}
				256	RCU_INIT_POINTER(tp->root, NULL);
				257	if (head->mask_assigned)
				258	rhashtable_destroy(&head->ht);
				259	kfree_rcu(head, rcu);
				260	return true;
				261	}
				262
				263	static unsigned long fl_get(struct tcf_proto *tp, u32 handle)
				264	{
				265	struct cls_fl_head *head = rtnl_dereference(tp->root);
				266	struct cls_fl_filter *f;
				267
				268	list_for_each_entry(f, &head->filters, list)
				269	if (f->handle == handle)
				270	return (unsigned long) f;
				271	return 0;
				272	}
				273
				274	static const struct nla_policy fl_policy[TCA_FLOWER_MAX + 1] = {
				275	[TCA_FLOWER_UNSPEC] = { .type = NLA_UNSPEC },
				276	[TCA_FLOWER_CLASSID] = { .type = NLA_U32 },
				277	[TCA_FLOWER_INDEV] = { .type = NLA_STRING,
				278	.len = IFNAMSIZ },
				279	[TCA_FLOWER_KEY_ETH_DST] = { .len = ETH_ALEN },
				280	[TCA_FLOWER_KEY_ETH_DST_MASK] = { .len = ETH_ALEN },
				281	[TCA_FLOWER_KEY_ETH_SRC] = { .len = ETH_ALEN },
				282	[TCA_FLOWER_KEY_ETH_SRC_MASK] = { .len = ETH_ALEN },
				283	[TCA_FLOWER_KEY_ETH_TYPE] = { .type = NLA_U16 },
				284	[TCA_FLOWER_KEY_IP_PROTO] = { .type = NLA_U8 },
				285	[TCA_FLOWER_KEY_IPV4_SRC] = { .type = NLA_U32 },
				286	[TCA_FLOWER_KEY_IPV4_SRC_MASK] = { .type = NLA_U32 },
				287	[TCA_FLOWER_KEY_IPV4_DST] = { .type = NLA_U32 },
				288	[TCA_FLOWER_KEY_IPV4_DST_MASK] = { .type = NLA_U32 },
				289	[TCA_FLOWER_KEY_IPV6_SRC] = { .len = sizeof(struct in6_addr) },
				290	[TCA_FLOWER_KEY_IPV6_SRC_MASK] = { .len = sizeof(struct in6_addr) },
				291	[TCA_FLOWER_KEY_IPV6_DST] = { .len = sizeof(struct in6_addr) },
				292	[TCA_FLOWER_KEY_IPV6_DST_MASK] = { .len = sizeof(struct in6_addr) },
				293	[TCA_FLOWER_KEY_TCP_SRC] = { .type = NLA_U16 },
				294	[TCA_FLOWER_KEY_TCP_DST] = { .type = NLA_U16 },
Jamal Hadi Salim	b175c3a	2015-06-25 06:55:27 -0400	[diff] [blame]	295	[TCA_FLOWER_KEY_UDP_SRC] = { .type = NLA_U16 },
				296	[TCA_FLOWER_KEY_UDP_DST] = { .type = NLA_U16 },
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame]	297	[TCA_FLOWER_KEY_VLAN_ID] = { .type = NLA_U16 },
				298	[TCA_FLOWER_KEY_VLAN_PRIO] = { .type = NLA_U8 },
				299	[TCA_FLOWER_KEY_VLAN_ETH_TYPE] = { .type = NLA_U16 },
				300
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	301	};
				302
				303	static void fl_set_key_val(struct nlattr **tb,
				304	void *val, int val_type,
				305	void *mask, int mask_type, int len)
				306	{
				307	if (!tb[val_type])
				308	return;
				309	memcpy(val, nla_data(tb[val_type]), len);
				310	if (mask_type == TCA_FLOWER_UNSPEC \|\| !tb[mask_type])
				311	memset(mask, 0xff, len);
				312	else
				313	memcpy(mask, nla_data(tb[mask_type]), len);
				314	}
				315
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame]	316	static void fl_set_key_vlan(struct nlattr **tb,
				317	struct flow_dissector_key_vlan *key_val,
				318	struct flow_dissector_key_vlan *key_mask)
				319	{
				320	#define VLAN_PRIORITY_MASK 0x7
				321
				322	if (tb[TCA_FLOWER_KEY_VLAN_ID]) {
				323	key_val->vlan_id =
				324	nla_get_u16(tb[TCA_FLOWER_KEY_VLAN_ID]) & VLAN_VID_MASK;
				325	key_mask->vlan_id = VLAN_VID_MASK;
				326	}
				327	if (tb[TCA_FLOWER_KEY_VLAN_PRIO]) {
				328	key_val->vlan_priority =
				329	nla_get_u8(tb[TCA_FLOWER_KEY_VLAN_PRIO]) &
				330	VLAN_PRIORITY_MASK;
				331	key_mask->vlan_priority = VLAN_PRIORITY_MASK;
				332	}
				333	}
				334
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	335	static int fl_set_key(struct net net, struct nlattr *tb,
				336	struct fl_flow_key key, struct fl_flow_key mask)
				337	{
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame]	338	__be16 ethertype;
Brian Haley	dd3aa3b	2015-05-14 13:20:15 -0400	[diff] [blame]	339	#ifdef CONFIG_NET_CLS_IND
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	340	if (tb[TCA_FLOWER_INDEV]) {
Brian Haley	dd3aa3b	2015-05-14 13:20:15 -0400	[diff] [blame]	341	int err = tcf_change_indev(net, tb[TCA_FLOWER_INDEV]);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	342	if (err < 0)
				343	return err;
				344	key->indev_ifindex = err;
				345	mask->indev_ifindex = 0xffffffff;
				346	}
Brian Haley	dd3aa3b	2015-05-14 13:20:15 -0400	[diff] [blame]	347	#endif
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	348
				349	fl_set_key_val(tb, key->eth.dst, TCA_FLOWER_KEY_ETH_DST,
				350	mask->eth.dst, TCA_FLOWER_KEY_ETH_DST_MASK,
				351	sizeof(key->eth.dst));
				352	fl_set_key_val(tb, key->eth.src, TCA_FLOWER_KEY_ETH_SRC,
				353	mask->eth.src, TCA_FLOWER_KEY_ETH_SRC_MASK,
				354	sizeof(key->eth.src));
Jamal Hadi Salim	66530bd	2016-01-10 11:47:01 -0500	[diff] [blame]	355
Arnd Bergmann	0b498a5	2016-08-26 17:25:45 +0200	[diff] [blame^]	356	if (tb[TCA_FLOWER_KEY_ETH_TYPE]) {
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame]	357	ethertype = nla_get_be16(tb[TCA_FLOWER_KEY_ETH_TYPE]);
				358
Arnd Bergmann	0b498a5	2016-08-26 17:25:45 +0200	[diff] [blame^]	359	if (ethertype == htons(ETH_P_8021Q)) {
				360	fl_set_key_vlan(tb, &key->vlan, &mask->vlan);
				361	fl_set_key_val(tb, &key->basic.n_proto,
				362	TCA_FLOWER_KEY_VLAN_ETH_TYPE,
				363	&mask->basic.n_proto, TCA_FLOWER_UNSPEC,
				364	sizeof(key->basic.n_proto));
				365	} else {
				366	key->basic.n_proto = ethertype;
				367	mask->basic.n_proto = cpu_to_be16(~0);
				368	}
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame]	369	}
Jamal Hadi Salim	66530bd	2016-01-10 11:47:01 -0500	[diff] [blame]	370
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	371	if (key->basic.n_proto == htons(ETH_P_IP) \|\|
				372	key->basic.n_proto == htons(ETH_P_IPV6)) {
				373	fl_set_key_val(tb, &key->basic.ip_proto, TCA_FLOWER_KEY_IP_PROTO,
				374	&mask->basic.ip_proto, TCA_FLOWER_UNSPEC,
				375	sizeof(key->basic.ip_proto));
				376	}
Jamal Hadi Salim	66530bd	2016-01-10 11:47:01 -0500	[diff] [blame]	377
				378	if (tb[TCA_FLOWER_KEY_IPV4_SRC] \|\| tb[TCA_FLOWER_KEY_IPV4_DST]) {
				379	key->control.addr_type = FLOW_DISSECTOR_KEY_IPV4_ADDRS;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	380	fl_set_key_val(tb, &key->ipv4.src, TCA_FLOWER_KEY_IPV4_SRC,
				381	&mask->ipv4.src, TCA_FLOWER_KEY_IPV4_SRC_MASK,
				382	sizeof(key->ipv4.src));
				383	fl_set_key_val(tb, &key->ipv4.dst, TCA_FLOWER_KEY_IPV4_DST,
				384	&mask->ipv4.dst, TCA_FLOWER_KEY_IPV4_DST_MASK,
				385	sizeof(key->ipv4.dst));
Jamal Hadi Salim	66530bd	2016-01-10 11:47:01 -0500	[diff] [blame]	386	} else if (tb[TCA_FLOWER_KEY_IPV6_SRC] \|\| tb[TCA_FLOWER_KEY_IPV6_DST]) {
				387	key->control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	388	fl_set_key_val(tb, &key->ipv6.src, TCA_FLOWER_KEY_IPV6_SRC,
				389	&mask->ipv6.src, TCA_FLOWER_KEY_IPV6_SRC_MASK,
				390	sizeof(key->ipv6.src));
				391	fl_set_key_val(tb, &key->ipv6.dst, TCA_FLOWER_KEY_IPV6_DST,
				392	&mask->ipv6.dst, TCA_FLOWER_KEY_IPV6_DST_MASK,
				393	sizeof(key->ipv6.dst));
				394	}
Jamal Hadi Salim	66530bd	2016-01-10 11:47:01 -0500	[diff] [blame]	395
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	396	if (key->basic.ip_proto == IPPROTO_TCP) {
				397	fl_set_key_val(tb, &key->tp.src, TCA_FLOWER_KEY_TCP_SRC,
				398	&mask->tp.src, TCA_FLOWER_UNSPEC,
				399	sizeof(key->tp.src));
				400	fl_set_key_val(tb, &key->tp.dst, TCA_FLOWER_KEY_TCP_DST,
				401	&mask->tp.dst, TCA_FLOWER_UNSPEC,
				402	sizeof(key->tp.dst));
				403	} else if (key->basic.ip_proto == IPPROTO_UDP) {
				404	fl_set_key_val(tb, &key->tp.src, TCA_FLOWER_KEY_UDP_SRC,
				405	&mask->tp.src, TCA_FLOWER_UNSPEC,
				406	sizeof(key->tp.src));
				407	fl_set_key_val(tb, &key->tp.dst, TCA_FLOWER_KEY_UDP_DST,
				408	&mask->tp.dst, TCA_FLOWER_UNSPEC,
				409	sizeof(key->tp.dst));
				410	}
				411
				412	return 0;
				413	}
				414
				415	static bool fl_mask_eq(struct fl_flow_mask *mask1,
				416	struct fl_flow_mask *mask2)
				417	{
				418	const long *lmask1 = fl_key_get_start(&mask1->key, mask1);
				419	const long *lmask2 = fl_key_get_start(&mask2->key, mask2);
				420
				421	return !memcmp(&mask1->range, &mask2->range, sizeof(mask1->range)) &&
				422	!memcmp(lmask1, lmask2, fl_mask_range(mask1));
				423	}
				424
				425	static const struct rhashtable_params fl_ht_params = {
				426	.key_offset = offsetof(struct cls_fl_filter, mkey), /* base offset */
				427	.head_offset = offsetof(struct cls_fl_filter, ht_node),
				428	.automatic_shrinking = true,
				429	};
				430
				431	static int fl_init_hashtable(struct cls_fl_head *head,
				432	struct fl_flow_mask *mask)
				433	{
				434	head->ht_params = fl_ht_params;
				435	head->ht_params.key_len = fl_mask_range(mask);
				436	head->ht_params.key_offset += mask->range.start;
				437
				438	return rhashtable_init(&head->ht, &head->ht_params);
				439	}
				440
				441	#define FL_KEY_MEMBER_OFFSET(member) offsetof(struct fl_flow_key, member)
				442	#define FL_KEY_MEMBER_SIZE(member) (sizeof(((struct fl_flow_key *) 0)->member))
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	443
Hadar Hen Zion	339ba87	2016-08-17 13:36:12 +0300	[diff] [blame]	444	#define FL_KEY_IS_MASKED(mask, member) \
				445	memchr_inv(((char *)mask) + FL_KEY_MEMBER_OFFSET(member), \
				446	0, FL_KEY_MEMBER_SIZE(member)) \
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	447
				448	#define FL_KEY_SET(keys, cnt, id, member) \
				449	do { \
				450	keys[cnt].key_id = id; \
				451	keys[cnt].offset = FL_KEY_MEMBER_OFFSET(member); \
				452	cnt++; \
				453	} while(0);
				454
Hadar Hen Zion	339ba87	2016-08-17 13:36:12 +0300	[diff] [blame]	455	#define FL_KEY_SET_IF_MASKED(mask, keys, cnt, id, member) \
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	456	do { \
Hadar Hen Zion	339ba87	2016-08-17 13:36:12 +0300	[diff] [blame]	457	if (FL_KEY_IS_MASKED(mask, member)) \
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	458	FL_KEY_SET(keys, cnt, id, member); \
				459	} while(0);
				460
				461	static void fl_init_dissector(struct cls_fl_head *head,
				462	struct fl_flow_mask *mask)
				463	{
				464	struct flow_dissector_key keys[FLOW_DISSECTOR_KEY_MAX];
				465	size_t cnt = 0;
				466
Tom Herbert	42aecaa	2015-06-04 09:16:39 -0700	[diff] [blame]	467	FL_KEY_SET(keys, cnt, FLOW_DISSECTOR_KEY_CONTROL, control);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	468	FL_KEY_SET(keys, cnt, FLOW_DISSECTOR_KEY_BASIC, basic);
Hadar Hen Zion	339ba87	2016-08-17 13:36:12 +0300	[diff] [blame]	469	FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
				470	FLOW_DISSECTOR_KEY_ETH_ADDRS, eth);
				471	FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
				472	FLOW_DISSECTOR_KEY_IPV4_ADDRS, ipv4);
				473	FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
				474	FLOW_DISSECTOR_KEY_IPV6_ADDRS, ipv6);
				475	FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
				476	FLOW_DISSECTOR_KEY_PORTS, tp);
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame]	477	FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
				478	FLOW_DISSECTOR_KEY_VLAN, vlan);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	479
				480	skb_flow_dissector_init(&head->dissector, keys, cnt);
				481	}
				482
				483	static int fl_check_assign_mask(struct cls_fl_head *head,
				484	struct fl_flow_mask *mask)
				485	{
				486	int err;
				487
				488	if (head->mask_assigned) {
				489	if (!fl_mask_eq(&head->mask, mask))
				490	return -EINVAL;
				491	else
				492	return 0;
				493	}
				494
				495	/* Mask is not assigned yet. So assign it and init hashtable
				496	* according to that.
				497	*/
				498	err = fl_init_hashtable(head, mask);
				499	if (err)
				500	return err;
				501	memcpy(&head->mask, mask, sizeof(head->mask));
				502	head->mask_assigned = true;
				503
				504	fl_init_dissector(head, mask);
				505
				506	return 0;
				507	}
				508
				509	static int fl_set_parms(struct net net, struct tcf_proto tp,
				510	struct cls_fl_filter f, struct fl_flow_mask mask,
				511	unsigned long base, struct nlattr **tb,
				512	struct nlattr *est, bool ovr)
				513	{
				514	struct tcf_exts e;
				515	int err;
				516
WANG Cong	b9a24bb	2016-08-19 12:36:54 -0700	[diff] [blame]	517	err = tcf_exts_init(&e, TCA_FLOWER_ACT, 0);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	518	if (err < 0)
				519	return err;
WANG Cong	b9a24bb	2016-08-19 12:36:54 -0700	[diff] [blame]	520	err = tcf_exts_validate(net, tp, tb, est, &e, ovr);
				521	if (err < 0)
				522	goto errout;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	523
				524	if (tb[TCA_FLOWER_CLASSID]) {
				525	f->res.classid = nla_get_u32(tb[TCA_FLOWER_CLASSID]);
				526	tcf_bind_filter(tp, &f->res, base);
				527	}
				528
				529	err = fl_set_key(net, tb, &f->key, &mask->key);
				530	if (err)
				531	goto errout;
				532
				533	fl_mask_update_range(mask);
				534	fl_set_masked_key(&f->mkey, &f->key, mask);
				535
				536	tcf_exts_change(tp, &f->exts, &e);
				537
				538	return 0;
				539	errout:
				540	tcf_exts_destroy(&e);
				541	return err;
				542	}
				543
				544	static u32 fl_grab_new_handle(struct tcf_proto *tp,
				545	struct cls_fl_head *head)
				546	{
				547	unsigned int i = 0x80000000;
				548	u32 handle;
				549
				550	do {
				551	if (++head->hgen == 0x7FFFFFFF)
				552	head->hgen = 1;
				553	} while (--i > 0 && fl_get(tp, head->hgen));
				554
				555	if (unlikely(i == 0)) {
				556	pr_err("Insufficient number of handles\n");
				557	handle = 0;
				558	} else {
				559	handle = head->hgen;
				560	}
				561
				562	return handle;
				563	}
				564
				565	static int fl_change(struct net net, struct sk_buff in_skb,
				566	struct tcf_proto *tp, unsigned long base,
				567	u32 handle, struct nlattr **tca,
				568	unsigned long *arg, bool ovr)
				569	{
				570	struct cls_fl_head *head = rtnl_dereference(tp->root);
				571	struct cls_fl_filter fold = (struct cls_fl_filter ) *arg;
				572	struct cls_fl_filter *fnew;
				573	struct nlattr *tb[TCA_FLOWER_MAX + 1];
				574	struct fl_flow_mask mask = {};
				575	int err;
				576
				577	if (!tca[TCA_OPTIONS])
				578	return -EINVAL;
				579
				580	err = nla_parse_nested(tb, TCA_FLOWER_MAX, tca[TCA_OPTIONS], fl_policy);
				581	if (err < 0)
				582	return err;
				583
				584	if (fold && handle && fold->handle != handle)
				585	return -EINVAL;
				586
				587	fnew = kzalloc(sizeof(*fnew), GFP_KERNEL);
				588	if (!fnew)
				589	return -ENOBUFS;
				590
WANG Cong	b9a24bb	2016-08-19 12:36:54 -0700	[diff] [blame]	591	err = tcf_exts_init(&fnew->exts, TCA_FLOWER_ACT, 0);
				592	if (err < 0)
				593	goto errout;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	594
				595	if (!handle) {
				596	handle = fl_grab_new_handle(tp, head);
				597	if (!handle) {
				598	err = -EINVAL;
				599	goto errout;
				600	}
				601	}
				602	fnew->handle = handle;
				603
Amir Vadai	e69985c	2016-06-05 17:11:18 +0300	[diff] [blame]	604	if (tb[TCA_FLOWER_FLAGS]) {
				605	fnew->flags = nla_get_u32(tb[TCA_FLOWER_FLAGS]);
				606
				607	if (!tc_flags_valid(fnew->flags)) {
				608	err = -EINVAL;
				609	goto errout;
				610	}
				611	}
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	612
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	613	err = fl_set_parms(net, tp, fnew, &mask, base, tb, tca[TCA_RATE], ovr);
				614	if (err)
				615	goto errout;
				616
				617	err = fl_check_assign_mask(head, &mask);
				618	if (err)
				619	goto errout;
				620
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	621	if (!tc_skip_sw(fnew->flags)) {
Amir Vadai	e69985c	2016-06-05 17:11:18 +0300	[diff] [blame]	622	err = rhashtable_insert_fast(&head->ht, &fnew->ht_node,
				623	head->ht_params);
				624	if (err)
				625	goto errout;
				626	}
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	627
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	628	err = fl_hw_replace_filter(tp,
				629	&head->dissector,
				630	&mask.key,
				631	&fnew->key,
				632	&fnew->exts,
				633	(unsigned long)fnew,
				634	fnew->flags);
				635	if (err)
				636	goto errout;
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	637
				638	if (fold) {
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	639	rhashtable_remove_fast(&head->ht, &fold->ht_node,
				640	head->ht_params);
Amir Vadai	8208d21	2016-03-11 11:08:45 +0200	[diff] [blame]	641	fl_hw_destroy_filter(tp, (unsigned long)fold);
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	642	}
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	643
				644	*arg = (unsigned long) fnew;
				645
				646	if (fold) {
Daniel Borkmann	ff3532f	2015-07-17 22:38:44 +0200	[diff] [blame]	647	list_replace_rcu(&fold->list, &fnew->list);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	648	tcf_unbind_filter(tp, &fold->res);
				649	call_rcu(&fold->rcu, fl_destroy_filter);
				650	} else {
				651	list_add_tail_rcu(&fnew->list, &head->filters);
				652	}
				653
				654	return 0;
				655
				656	errout:
WANG Cong	b9a24bb	2016-08-19 12:36:54 -0700	[diff] [blame]	657	tcf_exts_destroy(&fnew->exts);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	658	kfree(fnew);
				659	return err;
				660	}
				661
				662	static int fl_delete(struct tcf_proto *tp, unsigned long arg)
				663	{
				664	struct cls_fl_head *head = rtnl_dereference(tp->root);
				665	struct cls_fl_filter f = (struct cls_fl_filter ) arg;
				666
				667	rhashtable_remove_fast(&head->ht, &f->ht_node,
				668	head->ht_params);
				669	list_del_rcu(&f->list);
Amir Vadai	8208d21	2016-03-11 11:08:45 +0200	[diff] [blame]	670	fl_hw_destroy_filter(tp, (unsigned long)f);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	671	tcf_unbind_filter(tp, &f->res);
				672	call_rcu(&f->rcu, fl_destroy_filter);
				673	return 0;
				674	}
				675
				676	static void fl_walk(struct tcf_proto tp, struct tcf_walker arg)
				677	{
				678	struct cls_fl_head *head = rtnl_dereference(tp->root);
				679	struct cls_fl_filter *f;
				680
				681	list_for_each_entry_rcu(f, &head->filters, list) {
				682	if (arg->count < arg->skip)
				683	goto skip;
				684	if (arg->fn(tp, (unsigned long) f, arg) < 0) {
				685	arg->stop = 1;
				686	break;
				687	}
				688	skip:
				689	arg->count++;
				690	}
				691	}
				692
				693	static int fl_dump_key_val(struct sk_buff *skb,
				694	void *val, int val_type,
				695	void *mask, int mask_type, int len)
				696	{
				697	int err;
				698
				699	if (!memchr_inv(mask, 0, len))
				700	return 0;
				701	err = nla_put(skb, val_type, len, val);
				702	if (err)
				703	return err;
				704	if (mask_type != TCA_FLOWER_UNSPEC) {
				705	err = nla_put(skb, mask_type, len, mask);
				706	if (err)
				707	return err;
				708	}
				709	return 0;
				710	}
				711
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame]	712	static int fl_dump_key_vlan(struct sk_buff *skb,
				713	struct flow_dissector_key_vlan *vlan_key,
				714	struct flow_dissector_key_vlan *vlan_mask)
				715	{
				716	int err;
				717
				718	if (!memchr_inv(vlan_mask, 0, sizeof(*vlan_mask)))
				719	return 0;
				720	if (vlan_mask->vlan_id) {
				721	err = nla_put_u16(skb, TCA_FLOWER_KEY_VLAN_ID,
				722	vlan_key->vlan_id);
				723	if (err)
				724	return err;
				725	}
				726	if (vlan_mask->vlan_priority) {
				727	err = nla_put_u8(skb, TCA_FLOWER_KEY_VLAN_PRIO,
				728	vlan_key->vlan_priority);
				729	if (err)
				730	return err;
				731	}
				732	return 0;
				733	}
				734
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	735	static int fl_dump(struct net net, struct tcf_proto tp, unsigned long fh,
				736	struct sk_buff skb, struct tcmsg t)
				737	{
				738	struct cls_fl_head *head = rtnl_dereference(tp->root);
				739	struct cls_fl_filter f = (struct cls_fl_filter ) fh;
				740	struct nlattr *nest;
				741	struct fl_flow_key key, mask;
				742
				743	if (!f)
				744	return skb->len;
				745
				746	t->tcm_handle = f->handle;
				747
				748	nest = nla_nest_start(skb, TCA_OPTIONS);
				749	if (!nest)
				750	goto nla_put_failure;
				751
				752	if (f->res.classid &&
				753	nla_put_u32(skb, TCA_FLOWER_CLASSID, f->res.classid))
				754	goto nla_put_failure;
				755
				756	key = &f->key;
				757	mask = &head->mask.key;
				758
				759	if (mask->indev_ifindex) {
				760	struct net_device *dev;
				761
				762	dev = __dev_get_by_index(net, key->indev_ifindex);
				763	if (dev && nla_put_string(skb, TCA_FLOWER_INDEV, dev->name))
				764	goto nla_put_failure;
				765	}
				766
Amir Vadai	10cbc68	2016-05-13 12:55:37 +0000	[diff] [blame]	767	fl_hw_update_stats(tp, f);
				768
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	769	if (fl_dump_key_val(skb, key->eth.dst, TCA_FLOWER_KEY_ETH_DST,
				770	mask->eth.dst, TCA_FLOWER_KEY_ETH_DST_MASK,
				771	sizeof(key->eth.dst)) \|\|
				772	fl_dump_key_val(skb, key->eth.src, TCA_FLOWER_KEY_ETH_SRC,
				773	mask->eth.src, TCA_FLOWER_KEY_ETH_SRC_MASK,
				774	sizeof(key->eth.src)) \|\|
				775	fl_dump_key_val(skb, &key->basic.n_proto, TCA_FLOWER_KEY_ETH_TYPE,
				776	&mask->basic.n_proto, TCA_FLOWER_UNSPEC,
				777	sizeof(key->basic.n_proto)))
				778	goto nla_put_failure;
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame]	779
				780	if (fl_dump_key_vlan(skb, &key->vlan, &mask->vlan))
				781	goto nla_put_failure;
				782
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	783	if ((key->basic.n_proto == htons(ETH_P_IP) \|\|
				784	key->basic.n_proto == htons(ETH_P_IPV6)) &&
				785	fl_dump_key_val(skb, &key->basic.ip_proto, TCA_FLOWER_KEY_IP_PROTO,
				786	&mask->basic.ip_proto, TCA_FLOWER_UNSPEC,
				787	sizeof(key->basic.ip_proto)))
				788	goto nla_put_failure;
				789
Tom Herbert	c3f8324	2015-06-04 09:16:40 -0700	[diff] [blame]	790	if (key->control.addr_type == FLOW_DISSECTOR_KEY_IPV4_ADDRS &&
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	791	(fl_dump_key_val(skb, &key->ipv4.src, TCA_FLOWER_KEY_IPV4_SRC,
				792	&mask->ipv4.src, TCA_FLOWER_KEY_IPV4_SRC_MASK,
				793	sizeof(key->ipv4.src)) \|\|
				794	fl_dump_key_val(skb, &key->ipv4.dst, TCA_FLOWER_KEY_IPV4_DST,
				795	&mask->ipv4.dst, TCA_FLOWER_KEY_IPV4_DST_MASK,
				796	sizeof(key->ipv4.dst))))
				797	goto nla_put_failure;
Tom Herbert	c3f8324	2015-06-04 09:16:40 -0700	[diff] [blame]	798	else if (key->control.addr_type == FLOW_DISSECTOR_KEY_IPV6_ADDRS &&
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	799	(fl_dump_key_val(skb, &key->ipv6.src, TCA_FLOWER_KEY_IPV6_SRC,
				800	&mask->ipv6.src, TCA_FLOWER_KEY_IPV6_SRC_MASK,
				801	sizeof(key->ipv6.src)) \|\|
				802	fl_dump_key_val(skb, &key->ipv6.dst, TCA_FLOWER_KEY_IPV6_DST,
				803	&mask->ipv6.dst, TCA_FLOWER_KEY_IPV6_DST_MASK,
				804	sizeof(key->ipv6.dst))))
				805	goto nla_put_failure;
				806
				807	if (key->basic.ip_proto == IPPROTO_TCP &&
				808	(fl_dump_key_val(skb, &key->tp.src, TCA_FLOWER_KEY_TCP_SRC,
				809	&mask->tp.src, TCA_FLOWER_UNSPEC,
				810	sizeof(key->tp.src)) \|\|
				811	fl_dump_key_val(skb, &key->tp.dst, TCA_FLOWER_KEY_TCP_DST,
				812	&mask->tp.dst, TCA_FLOWER_UNSPEC,
				813	sizeof(key->tp.dst))))
				814	goto nla_put_failure;
				815	else if (key->basic.ip_proto == IPPROTO_UDP &&
				816	(fl_dump_key_val(skb, &key->tp.src, TCA_FLOWER_KEY_UDP_SRC,
				817	&mask->tp.src, TCA_FLOWER_UNSPEC,
				818	sizeof(key->tp.src)) \|\|
				819	fl_dump_key_val(skb, &key->tp.dst, TCA_FLOWER_KEY_UDP_DST,
				820	&mask->tp.dst, TCA_FLOWER_UNSPEC,
				821	sizeof(key->tp.dst))))
				822	goto nla_put_failure;
				823
Amir Vadai	e69985c	2016-06-05 17:11:18 +0300	[diff] [blame]	824	nla_put_u32(skb, TCA_FLOWER_FLAGS, f->flags);
				825
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	826	if (tcf_exts_dump(skb, &f->exts))
				827	goto nla_put_failure;
				828
				829	nla_nest_end(skb, nest);
				830
				831	if (tcf_exts_dump_stats(skb, &f->exts) < 0)
				832	goto nla_put_failure;
				833
				834	return skb->len;
				835
				836	nla_put_failure:
				837	nla_nest_cancel(skb, nest);
				838	return -1;
				839	}
				840
				841	static struct tcf_proto_ops cls_fl_ops __read_mostly = {
				842	.kind = "flower",
				843	.classify = fl_classify,
				844	.init = fl_init,
				845	.destroy = fl_destroy,
				846	.get = fl_get,
				847	.change = fl_change,
				848	.delete = fl_delete,
				849	.walk = fl_walk,
				850	.dump = fl_dump,
				851	.owner = THIS_MODULE,
				852	};
				853
				854	static int __init cls_fl_init(void)
				855	{
				856	return register_tcf_proto_ops(&cls_fl_ops);
				857	}
				858
				859	static void __exit cls_fl_exit(void)
				860	{
				861	unregister_tcf_proto_ops(&cls_fl_ops);
				862	}
				863
				864	module_init(cls_fl_init);
				865	module_exit(cls_fl_exit);
				866
				867	MODULE_AUTHOR("Jiri Pirko <jiri@resnulli.us>");
				868	MODULE_DESCRIPTION("Flower classifier");
				869	MODULE_LICENSE("GPL v2");