2 * net/sched/cls_api.c Packet classifier API.
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
9 * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
13 * Eduardo J. Blanco <ejbs@netlabs.com.uy> :990222: kmod support
17 #include <linux/module.h>
18 #include <linux/types.h>
19 #include <linux/kernel.h>
20 #include <linux/string.h>
21 #include <linux/errno.h>
22 #include <linux/err.h>
23 #include <linux/skbuff.h>
24 #include <linux/init.h>
25 #include <linux/kmod.h>
26 #include <linux/slab.h>
27 #include <net/net_namespace.h>
29 #include <net/netlink.h>
30 #include <net/pkt_sched.h>
31 #include <net/pkt_cls.h>
33 /* The list of all installed classifier types */
34 static LIST_HEAD(tcf_proto_base);
36 /* Protects list of registered TC modules. It is pure SMP lock. */
37 static DEFINE_RWLOCK(cls_mod_lock);
39 /* Find classifier type by string name */
41 static const struct tcf_proto_ops *tcf_proto_lookup_ops(const char *kind)
43 const struct tcf_proto_ops *t, *res = NULL;
46 read_lock(&cls_mod_lock);
47 list_for_each_entry(t, &tcf_proto_base, head) {
48 if (strcmp(kind, t->kind) == 0) {
49 if (try_module_get(t->owner))
54 read_unlock(&cls_mod_lock);
59 /* Register(unregister) new classifier type */
61 int register_tcf_proto_ops(struct tcf_proto_ops *ops)
63 struct tcf_proto_ops *t;
66 write_lock(&cls_mod_lock);
67 list_for_each_entry(t, &tcf_proto_base, head)
68 if (!strcmp(ops->kind, t->kind))
71 list_add_tail(&ops->head, &tcf_proto_base);
74 write_unlock(&cls_mod_lock);
77 EXPORT_SYMBOL(register_tcf_proto_ops);
79 static struct workqueue_struct *tc_filter_wq;
81 int unregister_tcf_proto_ops(struct tcf_proto_ops *ops)
83 struct tcf_proto_ops *t;
86 /* Wait for outstanding call_rcu()s, if any, from a
87 * tcf_proto_ops's destroy() handler.
90 flush_workqueue(tc_filter_wq);
92 write_lock(&cls_mod_lock);
93 list_for_each_entry(t, &tcf_proto_base, head) {
100 write_unlock(&cls_mod_lock);
103 EXPORT_SYMBOL(unregister_tcf_proto_ops);
105 bool tcf_queue_work(struct work_struct *work)
107 return queue_work(tc_filter_wq, work);
109 EXPORT_SYMBOL(tcf_queue_work);
111 /* Select new prio value from the range, managed by kernel. */
113 static inline u32 tcf_auto_prio(struct tcf_proto *tp)
115 u32 first = TC_H_MAKE(0xC0000000U, 0U);
118 first = tp->prio - 1;
120 return TC_H_MAJ(first);
123 static struct tcf_proto *tcf_proto_create(const char *kind, u32 protocol,
124 u32 prio, u32 parent, struct Qdisc *q,
125 struct tcf_chain *chain)
127 struct tcf_proto *tp;
130 tp = kzalloc(sizeof(*tp), GFP_KERNEL);
132 return ERR_PTR(-ENOBUFS);
135 tp->ops = tcf_proto_lookup_ops(kind);
137 #ifdef CONFIG_MODULES
139 request_module("cls_%s", kind);
141 tp->ops = tcf_proto_lookup_ops(kind);
142 /* We dropped the RTNL semaphore in order to perform
143 * the module load. So, even if we succeeded in loading
144 * the module we have to replay the request. We indicate
145 * this using -EAGAIN.
148 module_put(tp->ops->owner);
156 tp->classify = tp->ops->classify;
157 tp->protocol = protocol;
159 tp->classid = parent;
163 err = tp->ops->init(tp);
165 module_put(tp->ops->owner);
175 static void tcf_proto_destroy(struct tcf_proto *tp)
177 tp->ops->destroy(tp);
178 module_put(tp->ops->owner);
182 static struct tcf_chain *tcf_chain_create(struct tcf_block *block,
185 struct tcf_chain *chain;
187 chain = kzalloc(sizeof(*chain), GFP_KERNEL);
190 list_add_tail(&chain->list, &block->chain_list);
191 chain->block = block;
192 chain->index = chain_index;
197 static void tcf_chain_head_change(struct tcf_chain *chain,
198 struct tcf_proto *tp_head)
200 if (chain->chain_head_change)
201 chain->chain_head_change(tp_head,
202 chain->chain_head_change_priv);
205 static void tcf_chain_flush(struct tcf_chain *chain)
207 struct tcf_proto *tp = rtnl_dereference(chain->filter_chain);
209 tcf_chain_head_change(chain, NULL);
211 RCU_INIT_POINTER(chain->filter_chain, tp->next);
212 tcf_proto_destroy(tp);
213 tp = rtnl_dereference(chain->filter_chain);
214 tcf_chain_put(chain);
218 static void tcf_chain_destroy(struct tcf_chain *chain)
220 list_del(&chain->list);
224 static void tcf_chain_hold(struct tcf_chain *chain)
229 struct tcf_chain *tcf_chain_get(struct tcf_block *block, u32 chain_index,
232 struct tcf_chain *chain;
234 list_for_each_entry(chain, &block->chain_list, list) {
235 if (chain->index == chain_index) {
236 tcf_chain_hold(chain);
241 return create ? tcf_chain_create(block, chain_index) : NULL;
243 EXPORT_SYMBOL(tcf_chain_get);
245 void tcf_chain_put(struct tcf_chain *chain)
247 if (--chain->refcnt == 0)
248 tcf_chain_destroy(chain);
250 EXPORT_SYMBOL(tcf_chain_put);
252 static void tcf_block_offload_cmd(struct tcf_block *block, struct Qdisc *q,
253 struct tcf_block_ext_info *ei,
254 enum tc_block_command command)
256 struct net_device *dev = q->dev_queue->dev;
257 struct tc_block_offload bo = {};
259 if (!dev->netdev_ops->ndo_setup_tc)
261 bo.command = command;
262 bo.binder_type = ei->binder_type;
264 dev->netdev_ops->ndo_setup_tc(dev, TC_SETUP_BLOCK, &bo);
267 static void tcf_block_offload_bind(struct tcf_block *block, struct Qdisc *q,
268 struct tcf_block_ext_info *ei)
270 tcf_block_offload_cmd(block, q, ei, TC_BLOCK_BIND);
273 static void tcf_block_offload_unbind(struct tcf_block *block, struct Qdisc *q,
274 struct tcf_block_ext_info *ei)
276 tcf_block_offload_cmd(block, q, ei, TC_BLOCK_UNBIND);
279 int tcf_block_get_ext(struct tcf_block **p_block, struct Qdisc *q,
280 struct tcf_block_ext_info *ei)
282 struct tcf_block *block = kzalloc(sizeof(*block), GFP_KERNEL);
283 struct tcf_chain *chain;
288 INIT_LIST_HEAD(&block->chain_list);
289 INIT_LIST_HEAD(&block->cb_list);
291 /* Create chain 0 by default, it has to be always present. */
292 chain = tcf_chain_create(block, 0);
295 goto err_chain_create;
297 WARN_ON(!ei->chain_head_change);
298 chain->chain_head_change = ei->chain_head_change;
299 chain->chain_head_change_priv = ei->chain_head_change_priv;
300 block->net = qdisc_net(q);
302 tcf_block_offload_bind(block, q, ei);
310 EXPORT_SYMBOL(tcf_block_get_ext);
312 static void tcf_chain_head_change_dflt(struct tcf_proto *tp_head, void *priv)
314 struct tcf_proto __rcu **p_filter_chain = priv;
316 rcu_assign_pointer(*p_filter_chain, tp_head);
319 int tcf_block_get(struct tcf_block **p_block,
320 struct tcf_proto __rcu **p_filter_chain, struct Qdisc *q)
322 struct tcf_block_ext_info ei = {
323 .chain_head_change = tcf_chain_head_change_dflt,
324 .chain_head_change_priv = p_filter_chain,
327 WARN_ON(!p_filter_chain);
328 return tcf_block_get_ext(p_block, q, &ei);
330 EXPORT_SYMBOL(tcf_block_get);
332 static void tcf_block_put_final(struct work_struct *work)
334 struct tcf_block *block = container_of(work, struct tcf_block, work);
335 struct tcf_chain *chain, *tmp;
339 /* At this point, all the chains should have refcnt == 1. */
340 list_for_each_entry_safe(chain, tmp, &block->chain_list, list)
341 tcf_chain_put(chain);
346 /* XXX: Standalone actions are not allowed to jump to any chain, and bound
347 * actions should be all removed after flushing.
349 void tcf_block_put_ext(struct tcf_block *block, struct Qdisc *q,
350 struct tcf_block_ext_info *ei)
352 struct tcf_chain *chain;
354 /* Hold a refcnt for all chains, except 0, so that they don't disappear
355 * while we are iterating.
357 list_for_each_entry(chain, &block->chain_list, list)
359 tcf_chain_hold(chain);
361 list_for_each_entry(chain, &block->chain_list, list)
362 tcf_chain_flush(chain);
364 tcf_block_offload_unbind(block, q, ei);
366 INIT_WORK(&block->work, tcf_block_put_final);
367 /* Wait for existing RCU callbacks to cool down, make sure their works
368 * have been queued before this. We can not flush pending works here
369 * because we are holding the RTNL lock.
372 tcf_queue_work(&block->work);
374 EXPORT_SYMBOL(tcf_block_put_ext);
376 void tcf_block_put(struct tcf_block *block)
378 struct tcf_block_ext_info ei = {0, };
382 tcf_block_put_ext(block, block->q, &ei);
385 EXPORT_SYMBOL(tcf_block_put);
387 struct tcf_block_cb {
388 struct list_head list;
395 void *tcf_block_cb_priv(struct tcf_block_cb *block_cb)
397 return block_cb->cb_priv;
399 EXPORT_SYMBOL(tcf_block_cb_priv);
401 struct tcf_block_cb *tcf_block_cb_lookup(struct tcf_block *block,
402 tc_setup_cb_t *cb, void *cb_ident)
403 { struct tcf_block_cb *block_cb;
405 list_for_each_entry(block_cb, &block->cb_list, list)
406 if (block_cb->cb == cb && block_cb->cb_ident == cb_ident)
410 EXPORT_SYMBOL(tcf_block_cb_lookup);
412 void tcf_block_cb_incref(struct tcf_block_cb *block_cb)
416 EXPORT_SYMBOL(tcf_block_cb_incref);
418 unsigned int tcf_block_cb_decref(struct tcf_block_cb *block_cb)
420 return --block_cb->refcnt;
422 EXPORT_SYMBOL(tcf_block_cb_decref);
424 struct tcf_block_cb *__tcf_block_cb_register(struct tcf_block *block,
425 tc_setup_cb_t *cb, void *cb_ident,
428 struct tcf_block_cb *block_cb;
430 block_cb = kzalloc(sizeof(*block_cb), GFP_KERNEL);
434 block_cb->cb_ident = cb_ident;
435 block_cb->cb_priv = cb_priv;
436 list_add(&block_cb->list, &block->cb_list);
439 EXPORT_SYMBOL(__tcf_block_cb_register);
441 int tcf_block_cb_register(struct tcf_block *block,
442 tc_setup_cb_t *cb, void *cb_ident,
445 struct tcf_block_cb *block_cb;
447 block_cb = __tcf_block_cb_register(block, cb, cb_ident, cb_priv);
448 return block_cb ? 0 : -ENOMEM;
450 EXPORT_SYMBOL(tcf_block_cb_register);
452 void __tcf_block_cb_unregister(struct tcf_block_cb *block_cb)
454 list_del(&block_cb->list);
457 EXPORT_SYMBOL(__tcf_block_cb_unregister);
459 void tcf_block_cb_unregister(struct tcf_block *block,
460 tc_setup_cb_t *cb, void *cb_ident)
462 struct tcf_block_cb *block_cb;
464 block_cb = tcf_block_cb_lookup(block, cb, cb_ident);
467 __tcf_block_cb_unregister(block_cb);
469 EXPORT_SYMBOL(tcf_block_cb_unregister);
471 static int tcf_block_cb_call(struct tcf_block *block, enum tc_setup_type type,
472 void *type_data, bool err_stop)
474 struct tcf_block_cb *block_cb;
478 list_for_each_entry(block_cb, &block->cb_list, list) {
479 err = block_cb->cb(type, type_data, block_cb->cb_priv);
490 /* Main classifier routine: scans classifier chain attached
491 * to this qdisc, (optionally) tests for protocol and asks
492 * specific classifiers.
494 int tcf_classify(struct sk_buff *skb, const struct tcf_proto *tp,
495 struct tcf_result *res, bool compat_mode)
497 __be16 protocol = tc_skb_protocol(skb);
498 #ifdef CONFIG_NET_CLS_ACT
499 const int max_reclassify_loop = 4;
500 const struct tcf_proto *orig_tp = tp;
501 const struct tcf_proto *first_tp;
506 for (; tp; tp = rcu_dereference_bh(tp->next)) {
509 if (tp->protocol != protocol &&
510 tp->protocol != htons(ETH_P_ALL))
513 err = tp->classify(skb, tp, res);
514 #ifdef CONFIG_NET_CLS_ACT
515 if (unlikely(err == TC_ACT_RECLASSIFY && !compat_mode)) {
518 } else if (unlikely(TC_ACT_EXT_CMP(err, TC_ACT_GOTO_CHAIN))) {
519 first_tp = res->goto_tp;
527 return TC_ACT_UNSPEC; /* signal: continue lookup */
528 #ifdef CONFIG_NET_CLS_ACT
530 if (unlikely(limit++ >= max_reclassify_loop)) {
531 net_notice_ratelimited("%s: reclassify loop, rule prio %u, protocol %02x\n",
532 tp->q->ops->id, tp->prio & 0xffff,
533 ntohs(tp->protocol));
538 protocol = tc_skb_protocol(skb);
542 EXPORT_SYMBOL(tcf_classify);
544 struct tcf_chain_info {
545 struct tcf_proto __rcu **pprev;
546 struct tcf_proto __rcu *next;
549 static struct tcf_proto *tcf_chain_tp_prev(struct tcf_chain_info *chain_info)
551 return rtnl_dereference(*chain_info->pprev);
554 static void tcf_chain_tp_insert(struct tcf_chain *chain,
555 struct tcf_chain_info *chain_info,
556 struct tcf_proto *tp)
558 if (*chain_info->pprev == chain->filter_chain)
559 tcf_chain_head_change(chain, tp);
560 RCU_INIT_POINTER(tp->next, tcf_chain_tp_prev(chain_info));
561 rcu_assign_pointer(*chain_info->pprev, tp);
562 tcf_chain_hold(chain);
565 static void tcf_chain_tp_remove(struct tcf_chain *chain,
566 struct tcf_chain_info *chain_info,
567 struct tcf_proto *tp)
569 struct tcf_proto *next = rtnl_dereference(chain_info->next);
571 if (tp == chain->filter_chain)
572 tcf_chain_head_change(chain, next);
573 RCU_INIT_POINTER(*chain_info->pprev, next);
574 tcf_chain_put(chain);
577 static struct tcf_proto *tcf_chain_tp_find(struct tcf_chain *chain,
578 struct tcf_chain_info *chain_info,
579 u32 protocol, u32 prio,
582 struct tcf_proto **pprev;
583 struct tcf_proto *tp;
585 /* Check the chain for existence of proto-tcf with this priority */
586 for (pprev = &chain->filter_chain;
587 (tp = rtnl_dereference(*pprev)); pprev = &tp->next) {
588 if (tp->prio >= prio) {
589 if (tp->prio == prio) {
591 (tp->protocol != protocol && protocol))
592 return ERR_PTR(-EINVAL);
599 chain_info->pprev = pprev;
600 chain_info->next = tp ? tp->next : NULL;
604 static int tcf_fill_node(struct net *net, struct sk_buff *skb,
605 struct tcf_proto *tp, struct Qdisc *q, u32 parent,
606 void *fh, u32 portid, u32 seq, u16 flags, int event)
609 struct nlmsghdr *nlh;
610 unsigned char *b = skb_tail_pointer(skb);
612 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*tcm), flags);
615 tcm = nlmsg_data(nlh);
616 tcm->tcm_family = AF_UNSPEC;
619 tcm->tcm_ifindex = qdisc_dev(q)->ifindex;
620 tcm->tcm_parent = parent;
621 tcm->tcm_info = TC_H_MAKE(tp->prio, tp->protocol);
622 if (nla_put_string(skb, TCA_KIND, tp->ops->kind))
623 goto nla_put_failure;
624 if (nla_put_u32(skb, TCA_CHAIN, tp->chain->index))
625 goto nla_put_failure;
629 if (tp->ops->dump && tp->ops->dump(net, tp, fh, skb, tcm) < 0)
630 goto nla_put_failure;
632 nlh->nlmsg_len = skb_tail_pointer(skb) - b;
641 static int tfilter_notify(struct net *net, struct sk_buff *oskb,
642 struct nlmsghdr *n, struct tcf_proto *tp,
643 struct Qdisc *q, u32 parent,
644 void *fh, int event, bool unicast)
647 u32 portid = oskb ? NETLINK_CB(oskb).portid : 0;
649 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
653 if (tcf_fill_node(net, skb, tp, q, parent, fh, portid, n->nlmsg_seq,
654 n->nlmsg_flags, event) <= 0) {
660 return netlink_unicast(net->rtnl, skb, portid, MSG_DONTWAIT);
662 return rtnetlink_send(skb, net, portid, RTNLGRP_TC,
663 n->nlmsg_flags & NLM_F_ECHO);
666 static int tfilter_del_notify(struct net *net, struct sk_buff *oskb,
667 struct nlmsghdr *n, struct tcf_proto *tp,
668 struct Qdisc *q, u32 parent,
669 void *fh, bool unicast, bool *last)
672 u32 portid = oskb ? NETLINK_CB(oskb).portid : 0;
675 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
679 if (tcf_fill_node(net, skb, tp, q, parent, fh, portid, n->nlmsg_seq,
680 n->nlmsg_flags, RTM_DELTFILTER) <= 0) {
685 err = tp->ops->delete(tp, fh, last);
692 return netlink_unicast(net->rtnl, skb, portid, MSG_DONTWAIT);
694 return rtnetlink_send(skb, net, portid, RTNLGRP_TC,
695 n->nlmsg_flags & NLM_F_ECHO);
698 static void tfilter_notify_chain(struct net *net, struct sk_buff *oskb,
699 struct Qdisc *q, u32 parent,
701 struct tcf_chain *chain, int event)
703 struct tcf_proto *tp;
705 for (tp = rtnl_dereference(chain->filter_chain);
706 tp; tp = rtnl_dereference(tp->next))
707 tfilter_notify(net, oskb, n, tp, q, parent, 0, event, false);
710 /* Add/change/delete/get a filter node */
712 static int tc_ctl_tfilter(struct sk_buff *skb, struct nlmsghdr *n,
713 struct netlink_ext_ack *extack)
715 struct net *net = sock_net(skb->sk);
716 struct nlattr *tca[TCA_MAX + 1];
723 struct net_device *dev;
725 struct tcf_chain_info chain_info;
726 struct tcf_chain *chain = NULL;
727 struct tcf_block *block;
728 struct tcf_proto *tp;
729 const struct Qdisc_class_ops *cops;
735 if ((n->nlmsg_type != RTM_GETTFILTER) &&
736 !netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN))
742 err = nlmsg_parse(n, sizeof(*t), tca, TCA_MAX, NULL, extack);
747 protocol = TC_H_MIN(t->tcm_info);
748 prio = TC_H_MAJ(t->tcm_info);
749 prio_allocate = false;
750 parent = t->tcm_parent;
754 switch (n->nlmsg_type) {
756 if (protocol || t->tcm_handle || tca[TCA_KIND])
760 /* If no priority is provided by the user,
763 if (n->nlmsg_flags & NLM_F_CREATE) {
764 prio = TC_H_MAKE(0x80000000U, 0U);
765 prio_allocate = true;
774 /* Find head of filter chain. */
777 dev = __dev_get_by_index(net, t->tcm_ifindex);
786 q = qdisc_lookup(dev, TC_H_MAJ(t->tcm_parent));
791 /* Is it classful? */
792 cops = q->ops->cl_ops;
796 if (!cops->tcf_block)
799 /* Do we search for filter, attached to class? */
800 if (TC_H_MIN(parent)) {
801 cl = cops->find(q, parent);
806 /* And the last stroke */
807 block = cops->tcf_block(q, cl);
813 chain_index = tca[TCA_CHAIN] ? nla_get_u32(tca[TCA_CHAIN]) : 0;
814 if (chain_index > TC_ACT_EXT_VAL_MASK) {
818 chain = tcf_chain_get(block, chain_index,
819 n->nlmsg_type == RTM_NEWTFILTER);
821 err = n->nlmsg_type == RTM_NEWTFILTER ? -ENOMEM : -EINVAL;
825 if (n->nlmsg_type == RTM_DELTFILTER && prio == 0) {
826 tfilter_notify_chain(net, skb, q, parent, n,
827 chain, RTM_DELTFILTER);
828 tcf_chain_flush(chain);
833 tp = tcf_chain_tp_find(chain, &chain_info, protocol,
834 prio, prio_allocate);
841 /* Proto-tcf does not exist, create new one */
843 if (tca[TCA_KIND] == NULL || !protocol) {
848 if (n->nlmsg_type != RTM_NEWTFILTER ||
849 !(n->nlmsg_flags & NLM_F_CREATE)) {
855 prio = tcf_auto_prio(tcf_chain_tp_prev(&chain_info));
857 tp = tcf_proto_create(nla_data(tca[TCA_KIND]),
858 protocol, prio, parent, q, chain);
864 } else if (tca[TCA_KIND] && nla_strcmp(tca[TCA_KIND], tp->ops->kind)) {
869 fh = tp->ops->get(tp, t->tcm_handle);
872 if (n->nlmsg_type == RTM_DELTFILTER && t->tcm_handle == 0) {
873 tcf_chain_tp_remove(chain, &chain_info, tp);
874 tfilter_notify(net, skb, n, tp, q, parent, fh,
875 RTM_DELTFILTER, false);
876 tcf_proto_destroy(tp);
881 if (n->nlmsg_type != RTM_NEWTFILTER ||
882 !(n->nlmsg_flags & NLM_F_CREATE)) {
889 switch (n->nlmsg_type) {
891 if (n->nlmsg_flags & NLM_F_EXCL) {
893 tcf_proto_destroy(tp);
899 err = tfilter_del_notify(net, skb, n, tp, q, parent,
904 tcf_chain_tp_remove(chain, &chain_info, tp);
905 tcf_proto_destroy(tp);
909 err = tfilter_notify(net, skb, n, tp, q, parent, fh,
910 RTM_NEWTFILTER, true);
918 err = tp->ops->change(net, skb, tp, cl, t->tcm_handle, tca, &fh,
919 n->nlmsg_flags & NLM_F_CREATE ? TCA_ACT_NOREPLACE : TCA_ACT_REPLACE);
922 tcf_chain_tp_insert(chain, &chain_info, tp);
923 tfilter_notify(net, skb, n, tp, q, parent, fh,
924 RTM_NEWTFILTER, false);
927 tcf_proto_destroy(tp);
932 tcf_chain_put(chain);
934 /* Replay the request. */
939 struct tcf_dump_args {
942 struct netlink_callback *cb;
947 static int tcf_node_dump(struct tcf_proto *tp, void *n, struct tcf_walker *arg)
949 struct tcf_dump_args *a = (void *)arg;
950 struct net *net = sock_net(a->skb->sk);
952 return tcf_fill_node(net, a->skb, tp, a->q, a->parent,
953 n, NETLINK_CB(a->cb->skb).portid,
954 a->cb->nlh->nlmsg_seq, NLM_F_MULTI,
958 static bool tcf_chain_dump(struct tcf_chain *chain, struct Qdisc *q, u32 parent,
959 struct sk_buff *skb, struct netlink_callback *cb,
960 long index_start, long *p_index)
962 struct net *net = sock_net(skb->sk);
963 struct tcmsg *tcm = nlmsg_data(cb->nlh);
964 struct tcf_dump_args arg;
965 struct tcf_proto *tp;
967 for (tp = rtnl_dereference(chain->filter_chain);
968 tp; tp = rtnl_dereference(tp->next), (*p_index)++) {
969 if (*p_index < index_start)
971 if (TC_H_MAJ(tcm->tcm_info) &&
972 TC_H_MAJ(tcm->tcm_info) != tp->prio)
974 if (TC_H_MIN(tcm->tcm_info) &&
975 TC_H_MIN(tcm->tcm_info) != tp->protocol)
977 if (*p_index > index_start)
978 memset(&cb->args[1], 0,
979 sizeof(cb->args) - sizeof(cb->args[0]));
980 if (cb->args[1] == 0) {
981 if (tcf_fill_node(net, skb, tp, q, parent, 0,
982 NETLINK_CB(cb->skb).portid,
983 cb->nlh->nlmsg_seq, NLM_F_MULTI,
984 RTM_NEWTFILTER) <= 0)
991 arg.w.fn = tcf_node_dump;
997 arg.w.skip = cb->args[1] - 1;
999 tp->ops->walk(tp, &arg.w);
1000 cb->args[1] = arg.w.count + 1;
1007 /* called with RTNL */
1008 static int tc_dump_tfilter(struct sk_buff *skb, struct netlink_callback *cb)
1010 struct net *net = sock_net(skb->sk);
1011 struct nlattr *tca[TCA_MAX + 1];
1012 struct net_device *dev;
1014 struct tcf_block *block;
1015 struct tcf_chain *chain;
1016 struct tcmsg *tcm = nlmsg_data(cb->nlh);
1017 unsigned long cl = 0;
1018 const struct Qdisc_class_ops *cops;
1024 if (nlmsg_len(cb->nlh) < sizeof(*tcm))
1027 err = nlmsg_parse(cb->nlh, sizeof(*tcm), tca, TCA_MAX, NULL, NULL);
1031 dev = __dev_get_by_index(net, tcm->tcm_ifindex);
1035 parent = tcm->tcm_parent;
1040 q = qdisc_lookup(dev, TC_H_MAJ(tcm->tcm_parent));
1044 cops = q->ops->cl_ops;
1047 if (!cops->tcf_block)
1049 if (TC_H_MIN(tcm->tcm_parent)) {
1050 cl = cops->find(q, tcm->tcm_parent);
1054 block = cops->tcf_block(q, cl);
1058 index_start = cb->args[0];
1061 list_for_each_entry(chain, &block->chain_list, list) {
1062 if (tca[TCA_CHAIN] &&
1063 nla_get_u32(tca[TCA_CHAIN]) != chain->index)
1065 if (!tcf_chain_dump(chain, q, parent, skb, cb,
1066 index_start, &index))
1070 cb->args[0] = index;
1076 void tcf_exts_destroy(struct tcf_exts *exts)
1078 #ifdef CONFIG_NET_CLS_ACT
1082 tcf_exts_to_list(exts, &actions);
1083 tcf_action_destroy(&actions, TCA_ACT_UNBIND);
1084 kfree(exts->actions);
1085 exts->nr_actions = 0;
1088 EXPORT_SYMBOL(tcf_exts_destroy);
1090 int tcf_exts_validate(struct net *net, struct tcf_proto *tp, struct nlattr **tb,
1091 struct nlattr *rate_tlv, struct tcf_exts *exts, bool ovr)
1093 #ifdef CONFIG_NET_CLS_ACT
1095 struct tc_action *act;
1097 if (exts->police && tb[exts->police]) {
1098 act = tcf_action_init_1(net, tp, tb[exts->police],
1099 rate_tlv, "police", ovr,
1102 return PTR_ERR(act);
1104 act->type = exts->type = TCA_OLD_COMPAT;
1105 exts->actions[0] = act;
1106 exts->nr_actions = 1;
1107 } else if (exts->action && tb[exts->action]) {
1111 err = tcf_action_init(net, tp, tb[exts->action],
1112 rate_tlv, NULL, ovr, TCA_ACT_BIND,
1116 list_for_each_entry(act, &actions, list)
1117 exts->actions[i++] = act;
1118 exts->nr_actions = i;
1123 if ((exts->action && tb[exts->action]) ||
1124 (exts->police && tb[exts->police]))
1130 EXPORT_SYMBOL(tcf_exts_validate);
1132 void tcf_exts_change(struct tcf_exts *dst, struct tcf_exts *src)
1134 #ifdef CONFIG_NET_CLS_ACT
1135 struct tcf_exts old = *dst;
1138 tcf_exts_destroy(&old);
1141 EXPORT_SYMBOL(tcf_exts_change);
1143 #ifdef CONFIG_NET_CLS_ACT
1144 static struct tc_action *tcf_exts_first_act(struct tcf_exts *exts)
1146 if (exts->nr_actions == 0)
1149 return exts->actions[0];
1153 int tcf_exts_dump(struct sk_buff *skb, struct tcf_exts *exts)
1155 #ifdef CONFIG_NET_CLS_ACT
1156 struct nlattr *nest;
1158 if (exts->action && tcf_exts_has_actions(exts)) {
1160 * again for backward compatible mode - we want
1161 * to work with both old and new modes of entering
1162 * tc data even if iproute2 was newer - jhs
1164 if (exts->type != TCA_OLD_COMPAT) {
1167 nest = nla_nest_start(skb, exts->action);
1169 goto nla_put_failure;
1171 tcf_exts_to_list(exts, &actions);
1172 if (tcf_action_dump(skb, &actions, 0, 0) < 0)
1173 goto nla_put_failure;
1174 nla_nest_end(skb, nest);
1175 } else if (exts->police) {
1176 struct tc_action *act = tcf_exts_first_act(exts);
1177 nest = nla_nest_start(skb, exts->police);
1178 if (nest == NULL || !act)
1179 goto nla_put_failure;
1180 if (tcf_action_dump_old(skb, act, 0, 0) < 0)
1181 goto nla_put_failure;
1182 nla_nest_end(skb, nest);
1188 nla_nest_cancel(skb, nest);
1194 EXPORT_SYMBOL(tcf_exts_dump);
1197 int tcf_exts_dump_stats(struct sk_buff *skb, struct tcf_exts *exts)
1199 #ifdef CONFIG_NET_CLS_ACT
1200 struct tc_action *a = tcf_exts_first_act(exts);
1201 if (a != NULL && tcf_action_copy_stats(skb, a, 1) < 0)
1206 EXPORT_SYMBOL(tcf_exts_dump_stats);
1208 static int tc_exts_setup_cb_egdev_call(struct tcf_exts *exts,
1209 enum tc_setup_type type,
1210 void *type_data, bool err_stop)
1213 #ifdef CONFIG_NET_CLS_ACT
1214 const struct tc_action *a;
1215 struct net_device *dev;
1218 if (!tcf_exts_has_actions(exts))
1221 for (i = 0; i < exts->nr_actions; i++) {
1222 a = exts->actions[i];
1223 if (!a->ops->get_dev)
1225 dev = a->ops->get_dev(a);
1228 ret = tc_setup_cb_egdev_call(dev, type, type_data, err_stop);
1237 int tc_setup_cb_call(struct tcf_block *block, struct tcf_exts *exts,
1238 enum tc_setup_type type, void *type_data, bool err_stop)
1243 ret = tcf_block_cb_call(block, type, type_data, err_stop);
1250 ret = tc_exts_setup_cb_egdev_call(exts, type, type_data, err_stop);
1257 EXPORT_SYMBOL(tc_setup_cb_call);
1259 static int __init tc_filter_init(void)
1261 tc_filter_wq = alloc_ordered_workqueue("tc_filter_workqueue", 0);
1265 rtnl_register(PF_UNSPEC, RTM_NEWTFILTER, tc_ctl_tfilter, NULL, 0);
1266 rtnl_register(PF_UNSPEC, RTM_DELTFILTER, tc_ctl_tfilter, NULL, 0);
1267 rtnl_register(PF_UNSPEC, RTM_GETTFILTER, tc_ctl_tfilter,
1268 tc_dump_tfilter, 0);
1273 subsys_initcall(tc_filter_init);
projects / linux-block.git / blob