Blame - net/sched/cls_flower.c - SHIFTPHONES/mainline/linux

blob: 1e11e57e6947e44968e3e39e8de1d231254ea10c [file] [log] [blame]

Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	1	/*
				2	* net/sched/cls_flower.c Flower classifier
				3	*
				4	* Copyright (c) 2015 Jiri Pirko <jiri@resnulli.us>
				5	*
				6	* This program is free software; you can redistribute it and/or modify
				7	* it under the terms of the GNU General Public License as published by
				8	* the Free Software Foundation; either version 2 of the License, or
				9	* (at your option) any later version.
				10	*/
				11
				12	#include <linux/kernel.h>
				13	#include <linux/init.h>
				14	#include <linux/module.h>
				15	#include <linux/rhashtable.h>
				16
				17	#include <linux/if_ether.h>
				18	#include <linux/in6.h>
				19	#include <linux/ip.h>
				20
				21	#include <net/sch_generic.h>
				22	#include <net/pkt_cls.h>
				23	#include <net/ip.h>
				24	#include <net/flow_dissector.h>
				25
				26	struct fl_flow_key {
				27	int indev_ifindex;
Tom Herbert	42aecaa	2015-06-04 09:16:39 -0700	[diff] [blame]	28	struct flow_dissector_key_control control;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	29	struct flow_dissector_key_basic basic;
				30	struct flow_dissector_key_eth_addrs eth;
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame^]	31	struct flow_dissector_key_vlan vlan;
Tom Herbert	c3f8324	2015-06-04 09:16:40 -0700	[diff] [blame]	32	struct flow_dissector_key_addrs ipaddrs;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	33	union {
Tom Herbert	c3f8324	2015-06-04 09:16:40 -0700	[diff] [blame]	34	struct flow_dissector_key_ipv4_addrs ipv4;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	35	struct flow_dissector_key_ipv6_addrs ipv6;
				36	};
				37	struct flow_dissector_key_ports tp;
				38	} __aligned(BITS_PER_LONG / 8); /* Ensure that we can do comparisons as longs. */
				39
				40	struct fl_flow_mask_range {
				41	unsigned short int start;
				42	unsigned short int end;
				43	};
				44
				45	struct fl_flow_mask {
				46	struct fl_flow_key key;
				47	struct fl_flow_mask_range range;
				48	struct rcu_head rcu;
				49	};
				50
				51	struct cls_fl_head {
				52	struct rhashtable ht;
				53	struct fl_flow_mask mask;
				54	struct flow_dissector dissector;
				55	u32 hgen;
				56	bool mask_assigned;
				57	struct list_head filters;
				58	struct rhashtable_params ht_params;
				59	struct rcu_head rcu;
				60	};
				61
				62	struct cls_fl_filter {
				63	struct rhash_head ht_node;
				64	struct fl_flow_key mkey;
				65	struct tcf_exts exts;
				66	struct tcf_result res;
				67	struct fl_flow_key key;
				68	struct list_head list;
				69	u32 handle;
Amir Vadai	e69985c	2016-06-05 17:11:18 +0300	[diff] [blame]	70	u32 flags;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	71	struct rcu_head rcu;
				72	};
				73
				74	static unsigned short int fl_mask_range(const struct fl_flow_mask *mask)
				75	{
				76	return mask->range.end - mask->range.start;
				77	}
				78
				79	static void fl_mask_update_range(struct fl_flow_mask *mask)
				80	{
				81	const u8 bytes = (const u8 ) &mask->key;
				82	size_t size = sizeof(mask->key);
				83	size_t i, first = 0, last = size - 1;
				84
				85	for (i = 0; i < sizeof(mask->key); i++) {
				86	if (bytes[i]) {
				87	if (!first && i)
				88	first = i;
				89	last = i;
				90	}
				91	}
				92	mask->range.start = rounddown(first, sizeof(long));
				93	mask->range.end = roundup(last + 1, sizeof(long));
				94	}
				95
				96	static void fl_key_get_start(struct fl_flow_key key,
				97	const struct fl_flow_mask *mask)
				98	{
				99	return (u8 *) key + mask->range.start;
				100	}
				101
				102	static void fl_set_masked_key(struct fl_flow_key mkey, struct fl_flow_key key,
				103	struct fl_flow_mask *mask)
				104	{
				105	const long *lkey = fl_key_get_start(key, mask);
				106	const long *lmask = fl_key_get_start(&mask->key, mask);
				107	long *lmkey = fl_key_get_start(mkey, mask);
				108	int i;
				109
				110	for (i = 0; i < fl_mask_range(mask); i += sizeof(long))
				111	lmkey++ = lkey++ & *lmask++;
				112	}
				113
				114	static void fl_clear_masked_range(struct fl_flow_key *key,
				115	struct fl_flow_mask *mask)
				116	{
				117	memset(fl_key_get_start(key, mask), 0, fl_mask_range(mask));
				118	}
				119
				120	static int fl_classify(struct sk_buff skb, const struct tcf_proto tp,
				121	struct tcf_result *res)
				122	{
				123	struct cls_fl_head *head = rcu_dereference_bh(tp->root);
				124	struct cls_fl_filter *f;
				125	struct fl_flow_key skb_key;
				126	struct fl_flow_key skb_mkey;
				127
Amir Vadai	e69985c	2016-06-05 17:11:18 +0300	[diff] [blame]	128	if (!atomic_read(&head->ht.nelems))
				129	return -1;
				130
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	131	fl_clear_masked_range(&skb_key, &head->mask);
				132	skb_key.indev_ifindex = skb->skb_iif;
				133	/* skb_flow_dissect() does not set n_proto in case an unknown protocol,
				134	* so do it rather here.
				135	*/
				136	skb_key.basic.n_proto = skb->protocol;
Tom Herbert	cd79a23	2015-09-01 09:24:27 -0700	[diff] [blame]	137	skb_flow_dissect(skb, &head->dissector, &skb_key, 0);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	138
				139	fl_set_masked_key(&skb_mkey, &skb_key, &head->mask);
				140
				141	f = rhashtable_lookup_fast(&head->ht,
				142	fl_key_get_start(&skb_mkey, &head->mask),
				143	head->ht_params);
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	144	if (f && !tc_skip_sw(f->flags)) {
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	145	*res = f->res;
				146	return tcf_exts_exec(skb, &f->exts, res);
				147	}
				148	return -1;
				149	}
				150
				151	static int fl_init(struct tcf_proto *tp)
				152	{
				153	struct cls_fl_head *head;
				154
				155	head = kzalloc(sizeof(*head), GFP_KERNEL);
				156	if (!head)
				157	return -ENOBUFS;
				158
				159	INIT_LIST_HEAD_RCU(&head->filters);
				160	rcu_assign_pointer(tp->root, head);
				161
				162	return 0;
				163	}
				164
				165	static void fl_destroy_filter(struct rcu_head *head)
				166	{
				167	struct cls_fl_filter *f = container_of(head, struct cls_fl_filter, rcu);
				168
				169	tcf_exts_destroy(&f->exts);
				170	kfree(f);
				171	}
				172
Amir Vadai	8208d21	2016-03-11 11:08:45 +0200	[diff] [blame]	173	static void fl_hw_destroy_filter(struct tcf_proto *tp, unsigned long cookie)
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	174	{
				175	struct net_device *dev = tp->q->dev_queue->dev;
				176	struct tc_cls_flower_offload offload = {0};
				177	struct tc_to_netdev tc;
				178
Daniel Borkmann	92c075d	2016-06-06 22:50:39 +0200	[diff] [blame]	179	if (!tc_should_offload(dev, tp, 0))
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	180	return;
				181
				182	offload.command = TC_CLSFLOWER_DESTROY;
				183	offload.cookie = cookie;
				184
				185	tc.type = TC_SETUP_CLSFLOWER;
				186	tc.cls_flower = &offload;
				187
				188	dev->netdev_ops->ndo_setup_tc(dev, tp->q->handle, tp->protocol, &tc);
				189	}
				190
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	191	static int fl_hw_replace_filter(struct tcf_proto *tp,
				192	struct flow_dissector *dissector,
				193	struct fl_flow_key *mask,
				194	struct fl_flow_key *key,
				195	struct tcf_exts *actions,
				196	unsigned long cookie, u32 flags)
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	197	{
				198	struct net_device *dev = tp->q->dev_queue->dev;
				199	struct tc_cls_flower_offload offload = {0};
				200	struct tc_to_netdev tc;
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	201	int err;
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	202
Daniel Borkmann	92c075d	2016-06-06 22:50:39 +0200	[diff] [blame]	203	if (!tc_should_offload(dev, tp, flags))
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	204	return tc_skip_sw(flags) ? -EINVAL : 0;
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	205
				206	offload.command = TC_CLSFLOWER_REPLACE;
				207	offload.cookie = cookie;
				208	offload.dissector = dissector;
				209	offload.mask = mask;
				210	offload.key = key;
				211	offload.exts = actions;
				212
				213	tc.type = TC_SETUP_CLSFLOWER;
				214	tc.cls_flower = &offload;
				215
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	216	err = dev->netdev_ops->ndo_setup_tc(dev, tp->q->handle, tp->protocol, &tc);
				217
				218	if (tc_skip_sw(flags))
				219	return err;
				220
				221	return 0;
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	222	}
				223
Amir Vadai	10cbc68	2016-05-13 12:55:37 +0000	[diff] [blame]	224	static void fl_hw_update_stats(struct tcf_proto tp, struct cls_fl_filter f)
				225	{
				226	struct net_device *dev = tp->q->dev_queue->dev;
				227	struct tc_cls_flower_offload offload = {0};
				228	struct tc_to_netdev tc;
				229
Daniel Borkmann	92c075d	2016-06-06 22:50:39 +0200	[diff] [blame]	230	if (!tc_should_offload(dev, tp, 0))
Amir Vadai	10cbc68	2016-05-13 12:55:37 +0000	[diff] [blame]	231	return;
				232
				233	offload.command = TC_CLSFLOWER_STATS;
				234	offload.cookie = (unsigned long)f;
				235	offload.exts = &f->exts;
				236
				237	tc.type = TC_SETUP_CLSFLOWER;
				238	tc.cls_flower = &offload;
				239
				240	dev->netdev_ops->ndo_setup_tc(dev, tp->q->handle, tp->protocol, &tc);
				241	}
				242
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	243	static bool fl_destroy(struct tcf_proto *tp, bool force)
				244	{
				245	struct cls_fl_head *head = rtnl_dereference(tp->root);
				246	struct cls_fl_filter f, next;
				247
				248	if (!force && !list_empty(&head->filters))
				249	return false;
				250
				251	list_for_each_entry_safe(f, next, &head->filters, list) {
Amir Vadai	8208d21	2016-03-11 11:08:45 +0200	[diff] [blame]	252	fl_hw_destroy_filter(tp, (unsigned long)f);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	253	list_del_rcu(&f->list);
				254	call_rcu(&f->rcu, fl_destroy_filter);
				255	}
				256	RCU_INIT_POINTER(tp->root, NULL);
				257	if (head->mask_assigned)
				258	rhashtable_destroy(&head->ht);
				259	kfree_rcu(head, rcu);
				260	return true;
				261	}
				262
				263	static unsigned long fl_get(struct tcf_proto *tp, u32 handle)
				264	{
				265	struct cls_fl_head *head = rtnl_dereference(tp->root);
				266	struct cls_fl_filter *f;
				267
				268	list_for_each_entry(f, &head->filters, list)
				269	if (f->handle == handle)
				270	return (unsigned long) f;
				271	return 0;
				272	}
				273
				274	static const struct nla_policy fl_policy[TCA_FLOWER_MAX + 1] = {
				275	[TCA_FLOWER_UNSPEC] = { .type = NLA_UNSPEC },
				276	[TCA_FLOWER_CLASSID] = { .type = NLA_U32 },
				277	[TCA_FLOWER_INDEV] = { .type = NLA_STRING,
				278	.len = IFNAMSIZ },
				279	[TCA_FLOWER_KEY_ETH_DST] = { .len = ETH_ALEN },
				280	[TCA_FLOWER_KEY_ETH_DST_MASK] = { .len = ETH_ALEN },
				281	[TCA_FLOWER_KEY_ETH_SRC] = { .len = ETH_ALEN },
				282	[TCA_FLOWER_KEY_ETH_SRC_MASK] = { .len = ETH_ALEN },
				283	[TCA_FLOWER_KEY_ETH_TYPE] = { .type = NLA_U16 },
				284	[TCA_FLOWER_KEY_IP_PROTO] = { .type = NLA_U8 },
				285	[TCA_FLOWER_KEY_IPV4_SRC] = { .type = NLA_U32 },
				286	[TCA_FLOWER_KEY_IPV4_SRC_MASK] = { .type = NLA_U32 },
				287	[TCA_FLOWER_KEY_IPV4_DST] = { .type = NLA_U32 },
				288	[TCA_FLOWER_KEY_IPV4_DST_MASK] = { .type = NLA_U32 },
				289	[TCA_FLOWER_KEY_IPV6_SRC] = { .len = sizeof(struct in6_addr) },
				290	[TCA_FLOWER_KEY_IPV6_SRC_MASK] = { .len = sizeof(struct in6_addr) },
				291	[TCA_FLOWER_KEY_IPV6_DST] = { .len = sizeof(struct in6_addr) },
				292	[TCA_FLOWER_KEY_IPV6_DST_MASK] = { .len = sizeof(struct in6_addr) },
				293	[TCA_FLOWER_KEY_TCP_SRC] = { .type = NLA_U16 },
				294	[TCA_FLOWER_KEY_TCP_DST] = { .type = NLA_U16 },
Jamal Hadi Salim	b175c3a	2015-06-25 06:55:27 -0400	[diff] [blame]	295	[TCA_FLOWER_KEY_UDP_SRC] = { .type = NLA_U16 },
				296	[TCA_FLOWER_KEY_UDP_DST] = { .type = NLA_U16 },
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame^]	297	[TCA_FLOWER_KEY_VLAN_ID] = { .type = NLA_U16 },
				298	[TCA_FLOWER_KEY_VLAN_PRIO] = { .type = NLA_U8 },
				299	[TCA_FLOWER_KEY_VLAN_ETH_TYPE] = { .type = NLA_U16 },
				300
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	301	};
				302
				303	static void fl_set_key_val(struct nlattr **tb,
				304	void *val, int val_type,
				305	void *mask, int mask_type, int len)
				306	{
				307	if (!tb[val_type])
				308	return;
				309	memcpy(val, nla_data(tb[val_type]), len);
				310	if (mask_type == TCA_FLOWER_UNSPEC \|\| !tb[mask_type])
				311	memset(mask, 0xff, len);
				312	else
				313	memcpy(mask, nla_data(tb[mask_type]), len);
				314	}
				315
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame^]	316	static void fl_set_key_vlan(struct nlattr **tb,
				317	struct flow_dissector_key_vlan *key_val,
				318	struct flow_dissector_key_vlan *key_mask)
				319	{
				320	#define VLAN_PRIORITY_MASK 0x7
				321
				322	if (tb[TCA_FLOWER_KEY_VLAN_ID]) {
				323	key_val->vlan_id =
				324	nla_get_u16(tb[TCA_FLOWER_KEY_VLAN_ID]) & VLAN_VID_MASK;
				325	key_mask->vlan_id = VLAN_VID_MASK;
				326	}
				327	if (tb[TCA_FLOWER_KEY_VLAN_PRIO]) {
				328	key_val->vlan_priority =
				329	nla_get_u8(tb[TCA_FLOWER_KEY_VLAN_PRIO]) &
				330	VLAN_PRIORITY_MASK;
				331	key_mask->vlan_priority = VLAN_PRIORITY_MASK;
				332	}
				333	}
				334
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	335	static int fl_set_key(struct net net, struct nlattr *tb,
				336	struct fl_flow_key key, struct fl_flow_key mask)
				337	{
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame^]	338	__be16 ethertype;
Brian Haley	dd3aa3b	2015-05-14 13:20:15 -0400	[diff] [blame]	339	#ifdef CONFIG_NET_CLS_IND
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	340	if (tb[TCA_FLOWER_INDEV]) {
Brian Haley	dd3aa3b	2015-05-14 13:20:15 -0400	[diff] [blame]	341	int err = tcf_change_indev(net, tb[TCA_FLOWER_INDEV]);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	342	if (err < 0)
				343	return err;
				344	key->indev_ifindex = err;
				345	mask->indev_ifindex = 0xffffffff;
				346	}
Brian Haley	dd3aa3b	2015-05-14 13:20:15 -0400	[diff] [blame]	347	#endif
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	348
				349	fl_set_key_val(tb, key->eth.dst, TCA_FLOWER_KEY_ETH_DST,
				350	mask->eth.dst, TCA_FLOWER_KEY_ETH_DST_MASK,
				351	sizeof(key->eth.dst));
				352	fl_set_key_val(tb, key->eth.src, TCA_FLOWER_KEY_ETH_SRC,
				353	mask->eth.src, TCA_FLOWER_KEY_ETH_SRC_MASK,
				354	sizeof(key->eth.src));
Jamal Hadi Salim	66530bd	2016-01-10 11:47:01 -0500	[diff] [blame]	355
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame^]	356	if (tb[TCA_FLOWER_KEY_ETH_TYPE])
				357	ethertype = nla_get_be16(tb[TCA_FLOWER_KEY_ETH_TYPE]);
				358
				359	if (ethertype == htons(ETH_P_8021Q)) {
				360	fl_set_key_vlan(tb, &key->vlan, &mask->vlan);
				361	fl_set_key_val(tb, &key->basic.n_proto,
				362	TCA_FLOWER_KEY_VLAN_ETH_TYPE,
				363	&mask->basic.n_proto, TCA_FLOWER_UNSPEC,
				364	sizeof(key->basic.n_proto));
				365	} else {
				366	key->basic.n_proto = ethertype;
				367	mask->basic.n_proto = cpu_to_be16(~0);
				368	}
Jamal Hadi Salim	66530bd	2016-01-10 11:47:01 -0500	[diff] [blame]	369
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	370	if (key->basic.n_proto == htons(ETH_P_IP) \|\|
				371	key->basic.n_proto == htons(ETH_P_IPV6)) {
				372	fl_set_key_val(tb, &key->basic.ip_proto, TCA_FLOWER_KEY_IP_PROTO,
				373	&mask->basic.ip_proto, TCA_FLOWER_UNSPEC,
				374	sizeof(key->basic.ip_proto));
				375	}
Jamal Hadi Salim	66530bd	2016-01-10 11:47:01 -0500	[diff] [blame]	376
				377	if (tb[TCA_FLOWER_KEY_IPV4_SRC] \|\| tb[TCA_FLOWER_KEY_IPV4_DST]) {
				378	key->control.addr_type = FLOW_DISSECTOR_KEY_IPV4_ADDRS;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	379	fl_set_key_val(tb, &key->ipv4.src, TCA_FLOWER_KEY_IPV4_SRC,
				380	&mask->ipv4.src, TCA_FLOWER_KEY_IPV4_SRC_MASK,
				381	sizeof(key->ipv4.src));
				382	fl_set_key_val(tb, &key->ipv4.dst, TCA_FLOWER_KEY_IPV4_DST,
				383	&mask->ipv4.dst, TCA_FLOWER_KEY_IPV4_DST_MASK,
				384	sizeof(key->ipv4.dst));
Jamal Hadi Salim	66530bd	2016-01-10 11:47:01 -0500	[diff] [blame]	385	} else if (tb[TCA_FLOWER_KEY_IPV6_SRC] \|\| tb[TCA_FLOWER_KEY_IPV6_DST]) {
				386	key->control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	387	fl_set_key_val(tb, &key->ipv6.src, TCA_FLOWER_KEY_IPV6_SRC,
				388	&mask->ipv6.src, TCA_FLOWER_KEY_IPV6_SRC_MASK,
				389	sizeof(key->ipv6.src));
				390	fl_set_key_val(tb, &key->ipv6.dst, TCA_FLOWER_KEY_IPV6_DST,
				391	&mask->ipv6.dst, TCA_FLOWER_KEY_IPV6_DST_MASK,
				392	sizeof(key->ipv6.dst));
				393	}
Jamal Hadi Salim	66530bd	2016-01-10 11:47:01 -0500	[diff] [blame]	394
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	395	if (key->basic.ip_proto == IPPROTO_TCP) {
				396	fl_set_key_val(tb, &key->tp.src, TCA_FLOWER_KEY_TCP_SRC,
				397	&mask->tp.src, TCA_FLOWER_UNSPEC,
				398	sizeof(key->tp.src));
				399	fl_set_key_val(tb, &key->tp.dst, TCA_FLOWER_KEY_TCP_DST,
				400	&mask->tp.dst, TCA_FLOWER_UNSPEC,
				401	sizeof(key->tp.dst));
				402	} else if (key->basic.ip_proto == IPPROTO_UDP) {
				403	fl_set_key_val(tb, &key->tp.src, TCA_FLOWER_KEY_UDP_SRC,
				404	&mask->tp.src, TCA_FLOWER_UNSPEC,
				405	sizeof(key->tp.src));
				406	fl_set_key_val(tb, &key->tp.dst, TCA_FLOWER_KEY_UDP_DST,
				407	&mask->tp.dst, TCA_FLOWER_UNSPEC,
				408	sizeof(key->tp.dst));
				409	}
				410
				411	return 0;
				412	}
				413
				414	static bool fl_mask_eq(struct fl_flow_mask *mask1,
				415	struct fl_flow_mask *mask2)
				416	{
				417	const long *lmask1 = fl_key_get_start(&mask1->key, mask1);
				418	const long *lmask2 = fl_key_get_start(&mask2->key, mask2);
				419
				420	return !memcmp(&mask1->range, &mask2->range, sizeof(mask1->range)) &&
				421	!memcmp(lmask1, lmask2, fl_mask_range(mask1));
				422	}
				423
				424	static const struct rhashtable_params fl_ht_params = {
				425	.key_offset = offsetof(struct cls_fl_filter, mkey), /* base offset */
				426	.head_offset = offsetof(struct cls_fl_filter, ht_node),
				427	.automatic_shrinking = true,
				428	};
				429
				430	static int fl_init_hashtable(struct cls_fl_head *head,
				431	struct fl_flow_mask *mask)
				432	{
				433	head->ht_params = fl_ht_params;
				434	head->ht_params.key_len = fl_mask_range(mask);
				435	head->ht_params.key_offset += mask->range.start;
				436
				437	return rhashtable_init(&head->ht, &head->ht_params);
				438	}
				439
				440	#define FL_KEY_MEMBER_OFFSET(member) offsetof(struct fl_flow_key, member)
				441	#define FL_KEY_MEMBER_SIZE(member) (sizeof(((struct fl_flow_key *) 0)->member))
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	442
Hadar Hen Zion	339ba87	2016-08-17 13:36:12 +0300	[diff] [blame]	443	#define FL_KEY_IS_MASKED(mask, member) \
				444	memchr_inv(((char *)mask) + FL_KEY_MEMBER_OFFSET(member), \
				445	0, FL_KEY_MEMBER_SIZE(member)) \
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	446
				447	#define FL_KEY_SET(keys, cnt, id, member) \
				448	do { \
				449	keys[cnt].key_id = id; \
				450	keys[cnt].offset = FL_KEY_MEMBER_OFFSET(member); \
				451	cnt++; \
				452	} while(0);
				453
Hadar Hen Zion	339ba87	2016-08-17 13:36:12 +0300	[diff] [blame]	454	#define FL_KEY_SET_IF_MASKED(mask, keys, cnt, id, member) \
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	455	do { \
Hadar Hen Zion	339ba87	2016-08-17 13:36:12 +0300	[diff] [blame]	456	if (FL_KEY_IS_MASKED(mask, member)) \
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	457	FL_KEY_SET(keys, cnt, id, member); \
				458	} while(0);
				459
				460	static void fl_init_dissector(struct cls_fl_head *head,
				461	struct fl_flow_mask *mask)
				462	{
				463	struct flow_dissector_key keys[FLOW_DISSECTOR_KEY_MAX];
				464	size_t cnt = 0;
				465
Tom Herbert	42aecaa	2015-06-04 09:16:39 -0700	[diff] [blame]	466	FL_KEY_SET(keys, cnt, FLOW_DISSECTOR_KEY_CONTROL, control);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	467	FL_KEY_SET(keys, cnt, FLOW_DISSECTOR_KEY_BASIC, basic);
Hadar Hen Zion	339ba87	2016-08-17 13:36:12 +0300	[diff] [blame]	468	FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
				469	FLOW_DISSECTOR_KEY_ETH_ADDRS, eth);
				470	FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
				471	FLOW_DISSECTOR_KEY_IPV4_ADDRS, ipv4);
				472	FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
				473	FLOW_DISSECTOR_KEY_IPV6_ADDRS, ipv6);
				474	FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
				475	FLOW_DISSECTOR_KEY_PORTS, tp);
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame^]	476	FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
				477	FLOW_DISSECTOR_KEY_VLAN, vlan);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	478
				479	skb_flow_dissector_init(&head->dissector, keys, cnt);
				480	}
				481
				482	static int fl_check_assign_mask(struct cls_fl_head *head,
				483	struct fl_flow_mask *mask)
				484	{
				485	int err;
				486
				487	if (head->mask_assigned) {
				488	if (!fl_mask_eq(&head->mask, mask))
				489	return -EINVAL;
				490	else
				491	return 0;
				492	}
				493
				494	/* Mask is not assigned yet. So assign it and init hashtable
				495	* according to that.
				496	*/
				497	err = fl_init_hashtable(head, mask);
				498	if (err)
				499	return err;
				500	memcpy(&head->mask, mask, sizeof(head->mask));
				501	head->mask_assigned = true;
				502
				503	fl_init_dissector(head, mask);
				504
				505	return 0;
				506	}
				507
				508	static int fl_set_parms(struct net net, struct tcf_proto tp,
				509	struct cls_fl_filter f, struct fl_flow_mask mask,
				510	unsigned long base, struct nlattr **tb,
				511	struct nlattr *est, bool ovr)
				512	{
				513	struct tcf_exts e;
				514	int err;
				515
				516	tcf_exts_init(&e, TCA_FLOWER_ACT, 0);
				517	err = tcf_exts_validate(net, tp, tb, est, &e, ovr);
				518	if (err < 0)
				519	return err;
				520
				521	if (tb[TCA_FLOWER_CLASSID]) {
				522	f->res.classid = nla_get_u32(tb[TCA_FLOWER_CLASSID]);
				523	tcf_bind_filter(tp, &f->res, base);
				524	}
				525
				526	err = fl_set_key(net, tb, &f->key, &mask->key);
				527	if (err)
				528	goto errout;
				529
				530	fl_mask_update_range(mask);
				531	fl_set_masked_key(&f->mkey, &f->key, mask);
				532
				533	tcf_exts_change(tp, &f->exts, &e);
				534
				535	return 0;
				536	errout:
				537	tcf_exts_destroy(&e);
				538	return err;
				539	}
				540
				541	static u32 fl_grab_new_handle(struct tcf_proto *tp,
				542	struct cls_fl_head *head)
				543	{
				544	unsigned int i = 0x80000000;
				545	u32 handle;
				546
				547	do {
				548	if (++head->hgen == 0x7FFFFFFF)
				549	head->hgen = 1;
				550	} while (--i > 0 && fl_get(tp, head->hgen));
				551
				552	if (unlikely(i == 0)) {
				553	pr_err("Insufficient number of handles\n");
				554	handle = 0;
				555	} else {
				556	handle = head->hgen;
				557	}
				558
				559	return handle;
				560	}
				561
				562	static int fl_change(struct net net, struct sk_buff in_skb,
				563	struct tcf_proto *tp, unsigned long base,
				564	u32 handle, struct nlattr **tca,
				565	unsigned long *arg, bool ovr)
				566	{
				567	struct cls_fl_head *head = rtnl_dereference(tp->root);
				568	struct cls_fl_filter fold = (struct cls_fl_filter ) *arg;
				569	struct cls_fl_filter *fnew;
				570	struct nlattr *tb[TCA_FLOWER_MAX + 1];
				571	struct fl_flow_mask mask = {};
				572	int err;
				573
				574	if (!tca[TCA_OPTIONS])
				575	return -EINVAL;
				576
				577	err = nla_parse_nested(tb, TCA_FLOWER_MAX, tca[TCA_OPTIONS], fl_policy);
				578	if (err < 0)
				579	return err;
				580
				581	if (fold && handle && fold->handle != handle)
				582	return -EINVAL;
				583
				584	fnew = kzalloc(sizeof(*fnew), GFP_KERNEL);
				585	if (!fnew)
				586	return -ENOBUFS;
				587
				588	tcf_exts_init(&fnew->exts, TCA_FLOWER_ACT, 0);
				589
				590	if (!handle) {
				591	handle = fl_grab_new_handle(tp, head);
				592	if (!handle) {
				593	err = -EINVAL;
				594	goto errout;
				595	}
				596	}
				597	fnew->handle = handle;
				598
Amir Vadai	e69985c	2016-06-05 17:11:18 +0300	[diff] [blame]	599	if (tb[TCA_FLOWER_FLAGS]) {
				600	fnew->flags = nla_get_u32(tb[TCA_FLOWER_FLAGS]);
				601
				602	if (!tc_flags_valid(fnew->flags)) {
				603	err = -EINVAL;
				604	goto errout;
				605	}
				606	}
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	607
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	608	err = fl_set_parms(net, tp, fnew, &mask, base, tb, tca[TCA_RATE], ovr);
				609	if (err)
				610	goto errout;
				611
				612	err = fl_check_assign_mask(head, &mask);
				613	if (err)
				614	goto errout;
				615
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	616	if (!tc_skip_sw(fnew->flags)) {
Amir Vadai	e69985c	2016-06-05 17:11:18 +0300	[diff] [blame]	617	err = rhashtable_insert_fast(&head->ht, &fnew->ht_node,
				618	head->ht_params);
				619	if (err)
				620	goto errout;
				621	}
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	622
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	623	err = fl_hw_replace_filter(tp,
				624	&head->dissector,
				625	&mask.key,
				626	&fnew->key,
				627	&fnew->exts,
				628	(unsigned long)fnew,
				629	fnew->flags);
				630	if (err)
				631	goto errout;
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	632
				633	if (fold) {
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	634	rhashtable_remove_fast(&head->ht, &fold->ht_node,
				635	head->ht_params);
Amir Vadai	8208d21	2016-03-11 11:08:45 +0200	[diff] [blame]	636	fl_hw_destroy_filter(tp, (unsigned long)fold);
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	637	}
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	638
				639	*arg = (unsigned long) fnew;
				640
				641	if (fold) {
Daniel Borkmann	ff3532f	2015-07-17 22:38:44 +0200	[diff] [blame]	642	list_replace_rcu(&fold->list, &fnew->list);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	643	tcf_unbind_filter(tp, &fold->res);
				644	call_rcu(&fold->rcu, fl_destroy_filter);
				645	} else {
				646	list_add_tail_rcu(&fnew->list, &head->filters);
				647	}
				648
				649	return 0;
				650
				651	errout:
				652	kfree(fnew);
				653	return err;
				654	}
				655
				656	static int fl_delete(struct tcf_proto *tp, unsigned long arg)
				657	{
				658	struct cls_fl_head *head = rtnl_dereference(tp->root);
				659	struct cls_fl_filter f = (struct cls_fl_filter ) arg;
				660
				661	rhashtable_remove_fast(&head->ht, &f->ht_node,
				662	head->ht_params);
				663	list_del_rcu(&f->list);
Amir Vadai	8208d21	2016-03-11 11:08:45 +0200	[diff] [blame]	664	fl_hw_destroy_filter(tp, (unsigned long)f);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	665	tcf_unbind_filter(tp, &f->res);
				666	call_rcu(&f->rcu, fl_destroy_filter);
				667	return 0;
				668	}
				669
				670	static void fl_walk(struct tcf_proto tp, struct tcf_walker arg)
				671	{
				672	struct cls_fl_head *head = rtnl_dereference(tp->root);
				673	struct cls_fl_filter *f;
				674
				675	list_for_each_entry_rcu(f, &head->filters, list) {
				676	if (arg->count < arg->skip)
				677	goto skip;
				678	if (arg->fn(tp, (unsigned long) f, arg) < 0) {
				679	arg->stop = 1;
				680	break;
				681	}
				682	skip:
				683	arg->count++;
				684	}
				685	}
				686
				687	static int fl_dump_key_val(struct sk_buff *skb,
				688	void *val, int val_type,
				689	void *mask, int mask_type, int len)
				690	{
				691	int err;
				692
				693	if (!memchr_inv(mask, 0, len))
				694	return 0;
				695	err = nla_put(skb, val_type, len, val);
				696	if (err)
				697	return err;
				698	if (mask_type != TCA_FLOWER_UNSPEC) {
				699	err = nla_put(skb, mask_type, len, mask);
				700	if (err)
				701	return err;
				702	}
				703	return 0;
				704	}
				705
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame^]	706	static int fl_dump_key_vlan(struct sk_buff *skb,
				707	struct flow_dissector_key_vlan *vlan_key,
				708	struct flow_dissector_key_vlan *vlan_mask)
				709	{
				710	int err;
				711
				712	if (!memchr_inv(vlan_mask, 0, sizeof(*vlan_mask)))
				713	return 0;
				714	if (vlan_mask->vlan_id) {
				715	err = nla_put_u16(skb, TCA_FLOWER_KEY_VLAN_ID,
				716	vlan_key->vlan_id);
				717	if (err)
				718	return err;
				719	}
				720	if (vlan_mask->vlan_priority) {
				721	err = nla_put_u8(skb, TCA_FLOWER_KEY_VLAN_PRIO,
				722	vlan_key->vlan_priority);
				723	if (err)
				724	return err;
				725	}
				726	return 0;
				727	}
				728
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	729	static int fl_dump(struct net net, struct tcf_proto tp, unsigned long fh,
				730	struct sk_buff skb, struct tcmsg t)
				731	{
				732	struct cls_fl_head *head = rtnl_dereference(tp->root);
				733	struct cls_fl_filter f = (struct cls_fl_filter ) fh;
				734	struct nlattr *nest;
				735	struct fl_flow_key key, mask;
				736
				737	if (!f)
				738	return skb->len;
				739
				740	t->tcm_handle = f->handle;
				741
				742	nest = nla_nest_start(skb, TCA_OPTIONS);
				743	if (!nest)
				744	goto nla_put_failure;
				745
				746	if (f->res.classid &&
				747	nla_put_u32(skb, TCA_FLOWER_CLASSID, f->res.classid))
				748	goto nla_put_failure;
				749
				750	key = &f->key;
				751	mask = &head->mask.key;
				752
				753	if (mask->indev_ifindex) {
				754	struct net_device *dev;
				755
				756	dev = __dev_get_by_index(net, key->indev_ifindex);
				757	if (dev && nla_put_string(skb, TCA_FLOWER_INDEV, dev->name))
				758	goto nla_put_failure;
				759	}
				760
Amir Vadai	10cbc68	2016-05-13 12:55:37 +0000	[diff] [blame]	761	fl_hw_update_stats(tp, f);
				762
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	763	if (fl_dump_key_val(skb, key->eth.dst, TCA_FLOWER_KEY_ETH_DST,
				764	mask->eth.dst, TCA_FLOWER_KEY_ETH_DST_MASK,
				765	sizeof(key->eth.dst)) \|\|
				766	fl_dump_key_val(skb, key->eth.src, TCA_FLOWER_KEY_ETH_SRC,
				767	mask->eth.src, TCA_FLOWER_KEY_ETH_SRC_MASK,
				768	sizeof(key->eth.src)) \|\|
				769	fl_dump_key_val(skb, &key->basic.n_proto, TCA_FLOWER_KEY_ETH_TYPE,
				770	&mask->basic.n_proto, TCA_FLOWER_UNSPEC,
				771	sizeof(key->basic.n_proto)))
				772	goto nla_put_failure;
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame^]	773
				774	if (fl_dump_key_vlan(skb, &key->vlan, &mask->vlan))
				775	goto nla_put_failure;
				776
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	777	if ((key->basic.n_proto == htons(ETH_P_IP) \|\|
				778	key->basic.n_proto == htons(ETH_P_IPV6)) &&
				779	fl_dump_key_val(skb, &key->basic.ip_proto, TCA_FLOWER_KEY_IP_PROTO,
				780	&mask->basic.ip_proto, TCA_FLOWER_UNSPEC,
				781	sizeof(key->basic.ip_proto)))
				782	goto nla_put_failure;
				783
Tom Herbert	c3f8324	2015-06-04 09:16:40 -0700	[diff] [blame]	784	if (key->control.addr_type == FLOW_DISSECTOR_KEY_IPV4_ADDRS &&
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	785	(fl_dump_key_val(skb, &key->ipv4.src, TCA_FLOWER_KEY_IPV4_SRC,
				786	&mask->ipv4.src, TCA_FLOWER_KEY_IPV4_SRC_MASK,
				787	sizeof(key->ipv4.src)) \|\|
				788	fl_dump_key_val(skb, &key->ipv4.dst, TCA_FLOWER_KEY_IPV4_DST,
				789	&mask->ipv4.dst, TCA_FLOWER_KEY_IPV4_DST_MASK,
				790	sizeof(key->ipv4.dst))))
				791	goto nla_put_failure;
Tom Herbert	c3f8324	2015-06-04 09:16:40 -0700	[diff] [blame]	792	else if (key->control.addr_type == FLOW_DISSECTOR_KEY_IPV6_ADDRS &&
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	793	(fl_dump_key_val(skb, &key->ipv6.src, TCA_FLOWER_KEY_IPV6_SRC,
				794	&mask->ipv6.src, TCA_FLOWER_KEY_IPV6_SRC_MASK,
				795	sizeof(key->ipv6.src)) \|\|
				796	fl_dump_key_val(skb, &key->ipv6.dst, TCA_FLOWER_KEY_IPV6_DST,
				797	&mask->ipv6.dst, TCA_FLOWER_KEY_IPV6_DST_MASK,
				798	sizeof(key->ipv6.dst))))
				799	goto nla_put_failure;
				800
				801	if (key->basic.ip_proto == IPPROTO_TCP &&
				802	(fl_dump_key_val(skb, &key->tp.src, TCA_FLOWER_KEY_TCP_SRC,
				803	&mask->tp.src, TCA_FLOWER_UNSPEC,
				804	sizeof(key->tp.src)) \|\|
				805	fl_dump_key_val(skb, &key->tp.dst, TCA_FLOWER_KEY_TCP_DST,
				806	&mask->tp.dst, TCA_FLOWER_UNSPEC,
				807	sizeof(key->tp.dst))))
				808	goto nla_put_failure;
				809	else if (key->basic.ip_proto == IPPROTO_UDP &&
				810	(fl_dump_key_val(skb, &key->tp.src, TCA_FLOWER_KEY_UDP_SRC,
				811	&mask->tp.src, TCA_FLOWER_UNSPEC,
				812	sizeof(key->tp.src)) \|\|
				813	fl_dump_key_val(skb, &key->tp.dst, TCA_FLOWER_KEY_UDP_DST,
				814	&mask->tp.dst, TCA_FLOWER_UNSPEC,
				815	sizeof(key->tp.dst))))
				816	goto nla_put_failure;
				817
Amir Vadai	e69985c	2016-06-05 17:11:18 +0300	[diff] [blame]	818	nla_put_u32(skb, TCA_FLOWER_FLAGS, f->flags);
				819
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	820	if (tcf_exts_dump(skb, &f->exts))
				821	goto nla_put_failure;
				822
				823	nla_nest_end(skb, nest);
				824
				825	if (tcf_exts_dump_stats(skb, &f->exts) < 0)
				826	goto nla_put_failure;
				827
				828	return skb->len;
				829
				830	nla_put_failure:
				831	nla_nest_cancel(skb, nest);
				832	return -1;
				833	}
				834
				835	static struct tcf_proto_ops cls_fl_ops __read_mostly = {
				836	.kind = "flower",
				837	.classify = fl_classify,
				838	.init = fl_init,
				839	.destroy = fl_destroy,
				840	.get = fl_get,
				841	.change = fl_change,
				842	.delete = fl_delete,
				843	.walk = fl_walk,
				844	.dump = fl_dump,
				845	.owner = THIS_MODULE,
				846	};
				847
				848	static int __init cls_fl_init(void)
				849	{
				850	return register_tcf_proto_ops(&cls_fl_ops);
				851	}
				852
				853	static void __exit cls_fl_exit(void)
				854	{
				855	unregister_tcf_proto_ops(&cls_fl_ops);
				856	}
				857
				858	module_init(cls_fl_init);
				859	module_exit(cls_fl_exit);
				860
				861	MODULE_AUTHOR("Jiri Pirko <jiri@resnulli.us>");
				862	MODULE_DESCRIPTION("Flower classifier");
				863	MODULE_LICENSE("GPL v2");