1
2
3
4
5
6
7
8
9
10
11
12#include <linux/module.h>
13#include <linux/slab.h>
14#include <linux/types.h>
15#include <linux/kernel.h>
16#include <linux/string.h>
17#include <linux/errno.h>
18#include <linux/rtnetlink.h>
19#include <linux/skbuff.h>
20#include <linux/idr.h>
21#include <net/netlink.h>
22#include <net/act_api.h>
23#include <net/pkt_cls.h>
24
25struct basic_head {
26 struct list_head flist;
27 struct idr handle_idr;
28 struct rcu_head rcu;
29};
30
31struct basic_filter {
32 u32 handle;
33 struct tcf_exts exts;
34 struct tcf_ematch_tree ematches;
35 struct tcf_result res;
36 struct tcf_proto *tp;
37 struct list_head link;
38 union {
39 struct work_struct work;
40 struct rcu_head rcu;
41 };
42};
43
44static int basic_classify(struct sk_buff *skb, const struct tcf_proto *tp,
45 struct tcf_result *res)
46{
47 int r;
48 struct basic_head *head = rcu_dereference_bh(tp->root);
49 struct basic_filter *f;
50
51 list_for_each_entry_rcu(f, &head->flist, link) {
52 if (!tcf_em_tree_match(skb, &f->ematches, NULL))
53 continue;
54 *res = f->res;
55 r = tcf_exts_exec(skb, &f->exts, res);
56 if (r < 0)
57 continue;
58 return r;
59 }
60 return -1;
61}
62
63static void *basic_get(struct tcf_proto *tp, u32 handle)
64{
65 struct basic_head *head = rtnl_dereference(tp->root);
66 struct basic_filter *f;
67
68 list_for_each_entry(f, &head->flist, link) {
69 if (f->handle == handle) {
70 return f;
71 }
72 }
73
74 return NULL;
75}
76
77static int basic_init(struct tcf_proto *tp)
78{
79 struct basic_head *head;
80
81 head = kzalloc(sizeof(*head), GFP_KERNEL);
82 if (head == NULL)
83 return -ENOBUFS;
84 INIT_LIST_HEAD(&head->flist);
85 idr_init(&head->handle_idr);
86 rcu_assign_pointer(tp->root, head);
87 return 0;
88}
89
90static void __basic_delete_filter(struct basic_filter *f)
91{
92 tcf_exts_destroy(&f->exts);
93 tcf_em_tree_destroy(&f->ematches);
94 tcf_exts_put_net(&f->exts);
95 kfree(f);
96}
97
98static void basic_delete_filter_work(struct work_struct *work)
99{
100 struct basic_filter *f = container_of(work, struct basic_filter, work);
101
102 rtnl_lock();
103 __basic_delete_filter(f);
104 rtnl_unlock();
105}
106
107static void basic_delete_filter(struct rcu_head *head)
108{
109 struct basic_filter *f = container_of(head, struct basic_filter, rcu);
110
111 INIT_WORK(&f->work, basic_delete_filter_work);
112 tcf_queue_work(&f->work);
113}
114
115static void basic_destroy(struct tcf_proto *tp, struct netlink_ext_ack *extack)
116{
117 struct basic_head *head = rtnl_dereference(tp->root);
118 struct basic_filter *f, *n;
119
120 list_for_each_entry_safe(f, n, &head->flist, link) {
121 list_del_rcu(&f->link);
122 tcf_unbind_filter(tp, &f->res);
123 idr_remove(&head->handle_idr, f->handle);
124 if (tcf_exts_get_net(&f->exts))
125 call_rcu(&f->rcu, basic_delete_filter);
126 else
127 __basic_delete_filter(f);
128 }
129 idr_destroy(&head->handle_idr);
130 kfree_rcu(head, rcu);
131}
132
133static int basic_delete(struct tcf_proto *tp, void *arg, bool *last,
134 struct netlink_ext_ack *extack)
135{
136 struct basic_head *head = rtnl_dereference(tp->root);
137 struct basic_filter *f = arg;
138
139 list_del_rcu(&f->link);
140 tcf_unbind_filter(tp, &f->res);
141 idr_remove(&head->handle_idr, f->handle);
142 tcf_exts_get_net(&f->exts);
143 call_rcu(&f->rcu, basic_delete_filter);
144 *last = list_empty(&head->flist);
145 return 0;
146}
147
148static const struct nla_policy basic_policy[TCA_BASIC_MAX + 1] = {
149 [TCA_BASIC_CLASSID] = { .type = NLA_U32 },
150 [TCA_BASIC_EMATCHES] = { .type = NLA_NESTED },
151};
152
153static int basic_set_parms(struct net *net, struct tcf_proto *tp,
154 struct basic_filter *f, unsigned long base,
155 struct nlattr **tb,
156 struct nlattr *est, bool ovr,
157 struct netlink_ext_ack *extack)
158{
159 int err;
160
161 err = tcf_exts_validate(net, tp, tb, est, &f->exts, ovr, extack);
162 if (err < 0)
163 return err;
164
165 err = tcf_em_tree_validate(tp, tb[TCA_BASIC_EMATCHES], &f->ematches);
166 if (err < 0)
167 return err;
168
169 if (tb[TCA_BASIC_CLASSID]) {
170 f->res.classid = nla_get_u32(tb[TCA_BASIC_CLASSID]);
171 tcf_bind_filter(tp, &f->res, base);
172 }
173
174 f->tp = tp;
175 return 0;
176}
177
178static int basic_change(struct net *net, struct sk_buff *in_skb,
179 struct tcf_proto *tp, unsigned long base, u32 handle,
180 struct nlattr **tca, void **arg, bool ovr,
181 struct netlink_ext_ack *extack)
182{
183 int err;
184 struct basic_head *head = rtnl_dereference(tp->root);
185 struct nlattr *tb[TCA_BASIC_MAX + 1];
186 struct basic_filter *fold = (struct basic_filter *) *arg;
187 struct basic_filter *fnew;
188
189 if (tca[TCA_OPTIONS] == NULL)
190 return -EINVAL;
191
192 err = nla_parse_nested(tb, TCA_BASIC_MAX, tca[TCA_OPTIONS],
193 basic_policy, NULL);
194 if (err < 0)
195 return err;
196
197 if (fold != NULL) {
198 if (handle && fold->handle != handle)
199 return -EINVAL;
200 }
201
202 fnew = kzalloc(sizeof(*fnew), GFP_KERNEL);
203 if (!fnew)
204 return -ENOBUFS;
205
206 err = tcf_exts_init(&fnew->exts, TCA_BASIC_ACT, TCA_BASIC_POLICE);
207 if (err < 0)
208 goto errout;
209
210 if (!handle) {
211 handle = 1;
212 err = idr_alloc_u32(&head->handle_idr, fnew, &handle,
213 INT_MAX, GFP_KERNEL);
214 } else if (!fold) {
215 err = idr_alloc_u32(&head->handle_idr, fnew, &handle,
216 handle, GFP_KERNEL);
217 }
218 if (err)
219 goto errout;
220 fnew->handle = handle;
221
222 err = basic_set_parms(net, tp, fnew, base, tb, tca[TCA_RATE], ovr,
223 extack);
224 if (err < 0) {
225 if (!fold)
226 idr_remove(&head->handle_idr, fnew->handle);
227 goto errout;
228 }
229
230 *arg = fnew;
231
232 if (fold) {
233 idr_replace(&head->handle_idr, fnew, fnew->handle);
234 list_replace_rcu(&fold->link, &fnew->link);
235 tcf_unbind_filter(tp, &fold->res);
236 tcf_exts_get_net(&fold->exts);
237 call_rcu(&fold->rcu, basic_delete_filter);
238 } else {
239 list_add_rcu(&fnew->link, &head->flist);
240 }
241
242 return 0;
243errout:
244 tcf_exts_destroy(&fnew->exts);
245 kfree(fnew);
246 return err;
247}
248
249static void basic_walk(struct tcf_proto *tp, struct tcf_walker *arg)
250{
251 struct basic_head *head = rtnl_dereference(tp->root);
252 struct basic_filter *f;
253
254 list_for_each_entry(f, &head->flist, link) {
255 if (arg->count < arg->skip)
256 goto skip;
257
258 if (arg->fn(tp, f, arg) < 0) {
259 arg->stop = 1;
260 break;
261 }
262skip:
263 arg->count++;
264 }
265}
266
267static void basic_bind_class(void *fh, u32 classid, unsigned long cl)
268{
269 struct basic_filter *f = fh;
270
271 if (f && f->res.classid == classid)
272 f->res.class = cl;
273}
274
275static int basic_dump(struct net *net, struct tcf_proto *tp, void *fh,
276 struct sk_buff *skb, struct tcmsg *t)
277{
278 struct basic_filter *f = fh;
279 struct nlattr *nest;
280
281 if (f == NULL)
282 return skb->len;
283
284 t->tcm_handle = f->handle;
285
286 nest = nla_nest_start(skb, TCA_OPTIONS);
287 if (nest == NULL)
288 goto nla_put_failure;
289
290 if (f->res.classid &&
291 nla_put_u32(skb, TCA_BASIC_CLASSID, f->res.classid))
292 goto nla_put_failure;
293
294 if (tcf_exts_dump(skb, &f->exts) < 0 ||
295 tcf_em_tree_dump(skb, &f->ematches, TCA_BASIC_EMATCHES) < 0)
296 goto nla_put_failure;
297
298 nla_nest_end(skb, nest);
299
300 if (tcf_exts_dump_stats(skb, &f->exts) < 0)
301 goto nla_put_failure;
302
303 return skb->len;
304
305nla_put_failure:
306 nla_nest_cancel(skb, nest);
307 return -1;
308}
309
310static struct tcf_proto_ops cls_basic_ops __read_mostly = {
311 .kind = "basic",
312 .classify = basic_classify,
313 .init = basic_init,
314 .destroy = basic_destroy,
315 .get = basic_get,
316 .change = basic_change,
317 .delete = basic_delete,
318 .walk = basic_walk,
319 .dump = basic_dump,
320 .bind_class = basic_bind_class,
321 .owner = THIS_MODULE,
322};
323
324static int __init init_basic(void)
325{
326 return register_tcf_proto_ops(&cls_basic_ops);
327}
328
329static void __exit exit_basic(void)
330{
331 unregister_tcf_proto_ops(&cls_basic_ops);
332}
333
334module_init(init_basic)
335module_exit(exit_basic)
336MODULE_LICENSE("GPL");
337
338
