2 * net/sched/cls_flower.c Flower classifier
4 * Copyright (c) 2015 Jiri Pirko <jiri@resnulli.us>
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
12 #include <linux/kernel.h>
13 #include <linux/init.h>
14 #include <linux/module.h>
15 #include <linux/rhashtable.h>
16 #include <linux/workqueue.h>
18 #include <linux/if_ether.h>
19 #include <linux/in6.h>
21 #include <linux/mpls.h>
23 #include <net/sch_generic.h>
24 #include <net/pkt_cls.h>
26 #include <net/flow_dissector.h>
29 #include <net/dst_metadata.h>
33 struct flow_dissector_key_control control;
34 struct flow_dissector_key_control enc_control;
35 struct flow_dissector_key_basic basic;
36 struct flow_dissector_key_eth_addrs eth;
37 struct flow_dissector_key_vlan vlan;
39 struct flow_dissector_key_ipv4_addrs ipv4;
40 struct flow_dissector_key_ipv6_addrs ipv6;
42 struct flow_dissector_key_ports tp;
43 struct flow_dissector_key_icmp icmp;
44 struct flow_dissector_key_arp arp;
45 struct flow_dissector_key_keyid enc_key_id;
47 struct flow_dissector_key_ipv4_addrs enc_ipv4;
48 struct flow_dissector_key_ipv6_addrs enc_ipv6;
50 struct flow_dissector_key_ports enc_tp;
51 struct flow_dissector_key_mpls mpls;
52 struct flow_dissector_key_tcp tcp;
53 } __aligned(BITS_PER_LONG / 8); /* Ensure that we can do comparisons as longs. */
55 struct fl_flow_mask_range {
56 unsigned short int start;
57 unsigned short int end;
61 struct fl_flow_key key;
62 struct fl_flow_mask_range range;
68 struct fl_flow_mask mask;
69 struct flow_dissector dissector;
72 struct list_head filters;
73 struct rhashtable_params ht_params;
75 struct work_struct work;
80 struct cls_fl_filter {
81 struct rhash_head ht_node;
82 struct fl_flow_key mkey;
84 struct tcf_result res;
85 struct fl_flow_key key;
86 struct list_head list;
90 struct tc_to_netdev tc;
91 struct net_device *hw_dev;
94 static unsigned short int fl_mask_range(const struct fl_flow_mask *mask)
96 return mask->range.end - mask->range.start;
99 static void fl_mask_update_range(struct fl_flow_mask *mask)
101 const u8 *bytes = (const u8 *) &mask->key;
102 size_t size = sizeof(mask->key);
103 size_t i, first = 0, last = size - 1;
105 for (i = 0; i < sizeof(mask->key); i++) {
112 mask->range.start = rounddown(first, sizeof(long));
113 mask->range.end = roundup(last + 1, sizeof(long));
116 static void *fl_key_get_start(struct fl_flow_key *key,
117 const struct fl_flow_mask *mask)
119 return (u8 *) key + mask->range.start;
122 static void fl_set_masked_key(struct fl_flow_key *mkey, struct fl_flow_key *key,
123 struct fl_flow_mask *mask)
125 const long *lkey = fl_key_get_start(key, mask);
126 const long *lmask = fl_key_get_start(&mask->key, mask);
127 long *lmkey = fl_key_get_start(mkey, mask);
130 for (i = 0; i < fl_mask_range(mask); i += sizeof(long))
131 *lmkey++ = *lkey++ & *lmask++;
134 static void fl_clear_masked_range(struct fl_flow_key *key,
135 struct fl_flow_mask *mask)
137 memset(fl_key_get_start(key, mask), 0, fl_mask_range(mask));
140 static struct cls_fl_filter *fl_lookup(struct cls_fl_head *head,
141 struct fl_flow_key *mkey)
143 return rhashtable_lookup_fast(&head->ht,
144 fl_key_get_start(mkey, &head->mask),
148 static int fl_classify(struct sk_buff *skb, const struct tcf_proto *tp,
149 struct tcf_result *res)
151 struct cls_fl_head *head = rcu_dereference_bh(tp->root);
152 struct cls_fl_filter *f;
153 struct fl_flow_key skb_key;
154 struct fl_flow_key skb_mkey;
155 struct ip_tunnel_info *info;
157 if (!atomic_read(&head->ht.nelems))
160 fl_clear_masked_range(&skb_key, &head->mask);
162 info = skb_tunnel_info(skb);
164 struct ip_tunnel_key *key = &info->key;
166 switch (ip_tunnel_info_af(info)) {
168 skb_key.enc_control.addr_type =
169 FLOW_DISSECTOR_KEY_IPV4_ADDRS;
170 skb_key.enc_ipv4.src = key->u.ipv4.src;
171 skb_key.enc_ipv4.dst = key->u.ipv4.dst;
174 skb_key.enc_control.addr_type =
175 FLOW_DISSECTOR_KEY_IPV6_ADDRS;
176 skb_key.enc_ipv6.src = key->u.ipv6.src;
177 skb_key.enc_ipv6.dst = key->u.ipv6.dst;
181 skb_key.enc_key_id.keyid = tunnel_id_to_key32(key->tun_id);
182 skb_key.enc_tp.src = key->tp_src;
183 skb_key.enc_tp.dst = key->tp_dst;
186 skb_key.indev_ifindex = skb->skb_iif;
187 /* skb_flow_dissect() does not set n_proto in case an unknown protocol,
188 * so do it rather here.
190 skb_key.basic.n_proto = skb->protocol;
191 skb_flow_dissect(skb, &head->dissector, &skb_key, 0);
193 fl_set_masked_key(&skb_mkey, &skb_key, &head->mask);
195 f = fl_lookup(head, &skb_mkey);
196 if (f && !tc_skip_sw(f->flags)) {
198 return tcf_exts_exec(skb, &f->exts, res);
203 static int fl_init(struct tcf_proto *tp)
205 struct cls_fl_head *head;
207 head = kzalloc(sizeof(*head), GFP_KERNEL);
211 INIT_LIST_HEAD_RCU(&head->filters);
212 rcu_assign_pointer(tp->root, head);
217 static void fl_destroy_filter(struct rcu_head *head)
219 struct cls_fl_filter *f = container_of(head, struct cls_fl_filter, rcu);
221 tcf_exts_destroy(&f->exts);
225 static void fl_hw_destroy_filter(struct tcf_proto *tp, struct cls_fl_filter *f)
227 struct tc_cls_flower_offload offload = {0};
228 struct net_device *dev = f->hw_dev;
229 struct tc_to_netdev *tc = &f->tc;
231 if (!tc_can_offload(dev, tp))
234 offload.command = TC_CLSFLOWER_DESTROY;
235 offload.prio = tp->prio;
236 offload.cookie = (unsigned long)f;
238 tc->type = TC_SETUP_CLSFLOWER;
239 tc->cls_flower = &offload;
241 dev->netdev_ops->ndo_setup_tc(dev, tp->q->handle, tp->protocol, tc);
244 static int fl_hw_replace_filter(struct tcf_proto *tp,
245 struct flow_dissector *dissector,
246 struct fl_flow_key *mask,
247 struct cls_fl_filter *f)
249 struct net_device *dev = tp->q->dev_queue->dev;
250 struct tc_cls_flower_offload offload = {0};
251 struct tc_to_netdev *tc = &f->tc;
254 if (!tc_can_offload(dev, tp)) {
255 if (tcf_exts_get_dev(dev, &f->exts, &f->hw_dev) ||
256 (f->hw_dev && !tc_can_offload(f->hw_dev, tp))) {
258 return tc_skip_sw(f->flags) ? -EINVAL : 0;
261 tc->egress_dev = true;
266 offload.command = TC_CLSFLOWER_REPLACE;
267 offload.prio = tp->prio;
268 offload.cookie = (unsigned long)f;
269 offload.dissector = dissector;
271 offload.key = &f->mkey;
272 offload.exts = &f->exts;
274 tc->type = TC_SETUP_CLSFLOWER;
275 tc->cls_flower = &offload;
277 err = dev->netdev_ops->ndo_setup_tc(dev, tp->q->handle, tp->protocol,
280 f->flags |= TCA_CLS_FLAGS_IN_HW;
282 if (tc_skip_sw(f->flags))
287 static void fl_hw_update_stats(struct tcf_proto *tp, struct cls_fl_filter *f)
289 struct tc_cls_flower_offload offload = {0};
290 struct net_device *dev = f->hw_dev;
291 struct tc_to_netdev *tc = &f->tc;
293 if (!tc_can_offload(dev, tp))
296 offload.command = TC_CLSFLOWER_STATS;
297 offload.prio = tp->prio;
298 offload.cookie = (unsigned long)f;
299 offload.exts = &f->exts;
301 tc->type = TC_SETUP_CLSFLOWER;
302 tc->cls_flower = &offload;
304 dev->netdev_ops->ndo_setup_tc(dev, tp->q->handle, tp->protocol, tc);
307 static void __fl_delete(struct tcf_proto *tp, struct cls_fl_filter *f)
309 list_del_rcu(&f->list);
310 if (!tc_skip_hw(f->flags))
311 fl_hw_destroy_filter(tp, f);
312 tcf_unbind_filter(tp, &f->res);
313 call_rcu(&f->rcu, fl_destroy_filter);
316 static void fl_destroy_sleepable(struct work_struct *work)
318 struct cls_fl_head *head = container_of(work, struct cls_fl_head,
320 if (head->mask_assigned)
321 rhashtable_destroy(&head->ht);
323 module_put(THIS_MODULE);
326 static void fl_destroy_rcu(struct rcu_head *rcu)
328 struct cls_fl_head *head = container_of(rcu, struct cls_fl_head, rcu);
330 INIT_WORK(&head->work, fl_destroy_sleepable);
331 schedule_work(&head->work);
334 static void fl_destroy(struct tcf_proto *tp)
336 struct cls_fl_head *head = rtnl_dereference(tp->root);
337 struct cls_fl_filter *f, *next;
339 list_for_each_entry_safe(f, next, &head->filters, list)
342 __module_get(THIS_MODULE);
343 call_rcu(&head->rcu, fl_destroy_rcu);
346 static unsigned long fl_get(struct tcf_proto *tp, u32 handle)
348 struct cls_fl_head *head = rtnl_dereference(tp->root);
349 struct cls_fl_filter *f;
351 list_for_each_entry(f, &head->filters, list)
352 if (f->handle == handle)
353 return (unsigned long) f;
357 static const struct nla_policy fl_policy[TCA_FLOWER_MAX + 1] = {
358 [TCA_FLOWER_UNSPEC] = { .type = NLA_UNSPEC },
359 [TCA_FLOWER_CLASSID] = { .type = NLA_U32 },
360 [TCA_FLOWER_INDEV] = { .type = NLA_STRING,
362 [TCA_FLOWER_KEY_ETH_DST] = { .len = ETH_ALEN },
363 [TCA_FLOWER_KEY_ETH_DST_MASK] = { .len = ETH_ALEN },
364 [TCA_FLOWER_KEY_ETH_SRC] = { .len = ETH_ALEN },
365 [TCA_FLOWER_KEY_ETH_SRC_MASK] = { .len = ETH_ALEN },
366 [TCA_FLOWER_KEY_ETH_TYPE] = { .type = NLA_U16 },
367 [TCA_FLOWER_KEY_IP_PROTO] = { .type = NLA_U8 },
368 [TCA_FLOWER_KEY_IPV4_SRC] = { .type = NLA_U32 },
369 [TCA_FLOWER_KEY_IPV4_SRC_MASK] = { .type = NLA_U32 },
370 [TCA_FLOWER_KEY_IPV4_DST] = { .type = NLA_U32 },
371 [TCA_FLOWER_KEY_IPV4_DST_MASK] = { .type = NLA_U32 },
372 [TCA_FLOWER_KEY_IPV6_SRC] = { .len = sizeof(struct in6_addr) },
373 [TCA_FLOWER_KEY_IPV6_SRC_MASK] = { .len = sizeof(struct in6_addr) },
374 [TCA_FLOWER_KEY_IPV6_DST] = { .len = sizeof(struct in6_addr) },
375 [TCA_FLOWER_KEY_IPV6_DST_MASK] = { .len = sizeof(struct in6_addr) },
376 [TCA_FLOWER_KEY_TCP_SRC] = { .type = NLA_U16 },
377 [TCA_FLOWER_KEY_TCP_DST] = { .type = NLA_U16 },
378 [TCA_FLOWER_KEY_UDP_SRC] = { .type = NLA_U16 },
379 [TCA_FLOWER_KEY_UDP_DST] = { .type = NLA_U16 },
380 [TCA_FLOWER_KEY_VLAN_ID] = { .type = NLA_U16 },
381 [TCA_FLOWER_KEY_VLAN_PRIO] = { .type = NLA_U8 },
382 [TCA_FLOWER_KEY_VLAN_ETH_TYPE] = { .type = NLA_U16 },
383 [TCA_FLOWER_KEY_ENC_KEY_ID] = { .type = NLA_U32 },
384 [TCA_FLOWER_KEY_ENC_IPV4_SRC] = { .type = NLA_U32 },
385 [TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK] = { .type = NLA_U32 },
386 [TCA_FLOWER_KEY_ENC_IPV4_DST] = { .type = NLA_U32 },
387 [TCA_FLOWER_KEY_ENC_IPV4_DST_MASK] = { .type = NLA_U32 },
388 [TCA_FLOWER_KEY_ENC_IPV6_SRC] = { .len = sizeof(struct in6_addr) },
389 [TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK] = { .len = sizeof(struct in6_addr) },
390 [TCA_FLOWER_KEY_ENC_IPV6_DST] = { .len = sizeof(struct in6_addr) },
391 [TCA_FLOWER_KEY_ENC_IPV6_DST_MASK] = { .len = sizeof(struct in6_addr) },
392 [TCA_FLOWER_KEY_TCP_SRC_MASK] = { .type = NLA_U16 },
393 [TCA_FLOWER_KEY_TCP_DST_MASK] = { .type = NLA_U16 },
394 [TCA_FLOWER_KEY_UDP_SRC_MASK] = { .type = NLA_U16 },
395 [TCA_FLOWER_KEY_UDP_DST_MASK] = { .type = NLA_U16 },
396 [TCA_FLOWER_KEY_SCTP_SRC_MASK] = { .type = NLA_U16 },
397 [TCA_FLOWER_KEY_SCTP_DST_MASK] = { .type = NLA_U16 },
398 [TCA_FLOWER_KEY_SCTP_SRC] = { .type = NLA_U16 },
399 [TCA_FLOWER_KEY_SCTP_DST] = { .type = NLA_U16 },
400 [TCA_FLOWER_KEY_ENC_UDP_SRC_PORT] = { .type = NLA_U16 },
401 [TCA_FLOWER_KEY_ENC_UDP_SRC_PORT_MASK] = { .type = NLA_U16 },
402 [TCA_FLOWER_KEY_ENC_UDP_DST_PORT] = { .type = NLA_U16 },
403 [TCA_FLOWER_KEY_ENC_UDP_DST_PORT_MASK] = { .type = NLA_U16 },
404 [TCA_FLOWER_KEY_FLAGS] = { .type = NLA_U32 },
405 [TCA_FLOWER_KEY_FLAGS_MASK] = { .type = NLA_U32 },
406 [TCA_FLOWER_KEY_ICMPV4_TYPE] = { .type = NLA_U8 },
407 [TCA_FLOWER_KEY_ICMPV4_TYPE_MASK] = { .type = NLA_U8 },
408 [TCA_FLOWER_KEY_ICMPV4_CODE] = { .type = NLA_U8 },
409 [TCA_FLOWER_KEY_ICMPV4_CODE_MASK] = { .type = NLA_U8 },
410 [TCA_FLOWER_KEY_ICMPV6_TYPE] = { .type = NLA_U8 },
411 [TCA_FLOWER_KEY_ICMPV6_TYPE_MASK] = { .type = NLA_U8 },
412 [TCA_FLOWER_KEY_ICMPV6_CODE] = { .type = NLA_U8 },
413 [TCA_FLOWER_KEY_ICMPV6_CODE_MASK] = { .type = NLA_U8 },
414 [TCA_FLOWER_KEY_ARP_SIP] = { .type = NLA_U32 },
415 [TCA_FLOWER_KEY_ARP_SIP_MASK] = { .type = NLA_U32 },
416 [TCA_FLOWER_KEY_ARP_TIP] = { .type = NLA_U32 },
417 [TCA_FLOWER_KEY_ARP_TIP_MASK] = { .type = NLA_U32 },
418 [TCA_FLOWER_KEY_ARP_OP] = { .type = NLA_U8 },
419 [TCA_FLOWER_KEY_ARP_OP_MASK] = { .type = NLA_U8 },
420 [TCA_FLOWER_KEY_ARP_SHA] = { .len = ETH_ALEN },
421 [TCA_FLOWER_KEY_ARP_SHA_MASK] = { .len = ETH_ALEN },
422 [TCA_FLOWER_KEY_ARP_THA] = { .len = ETH_ALEN },
423 [TCA_FLOWER_KEY_ARP_THA_MASK] = { .len = ETH_ALEN },
424 [TCA_FLOWER_KEY_MPLS_TTL] = { .type = NLA_U8 },
425 [TCA_FLOWER_KEY_MPLS_BOS] = { .type = NLA_U8 },
426 [TCA_FLOWER_KEY_MPLS_TC] = { .type = NLA_U8 },
427 [TCA_FLOWER_KEY_MPLS_LABEL] = { .type = NLA_U32 },
428 [TCA_FLOWER_KEY_TCP_FLAGS] = { .type = NLA_U16 },
429 [TCA_FLOWER_KEY_TCP_FLAGS_MASK] = { .type = NLA_U16 },
432 static void fl_set_key_val(struct nlattr **tb,
433 void *val, int val_type,
434 void *mask, int mask_type, int len)
438 memcpy(val, nla_data(tb[val_type]), len);
439 if (mask_type == TCA_FLOWER_UNSPEC || !tb[mask_type])
440 memset(mask, 0xff, len);
442 memcpy(mask, nla_data(tb[mask_type]), len);
445 static int fl_set_key_mpls(struct nlattr **tb,
446 struct flow_dissector_key_mpls *key_val,
447 struct flow_dissector_key_mpls *key_mask)
449 if (tb[TCA_FLOWER_KEY_MPLS_TTL]) {
450 key_val->mpls_ttl = nla_get_u8(tb[TCA_FLOWER_KEY_MPLS_TTL]);
451 key_mask->mpls_ttl = MPLS_TTL_MASK;
453 if (tb[TCA_FLOWER_KEY_MPLS_BOS]) {
454 u8 bos = nla_get_u8(tb[TCA_FLOWER_KEY_MPLS_BOS]);
456 if (bos & ~MPLS_BOS_MASK)
458 key_val->mpls_bos = bos;
459 key_mask->mpls_bos = MPLS_BOS_MASK;
461 if (tb[TCA_FLOWER_KEY_MPLS_TC]) {
462 u8 tc = nla_get_u8(tb[TCA_FLOWER_KEY_MPLS_TC]);
464 if (tc & ~MPLS_TC_MASK)
466 key_val->mpls_tc = tc;
467 key_mask->mpls_tc = MPLS_TC_MASK;
469 if (tb[TCA_FLOWER_KEY_MPLS_LABEL]) {
470 u32 label = nla_get_u32(tb[TCA_FLOWER_KEY_MPLS_LABEL]);
472 if (label & ~MPLS_LABEL_MASK)
474 key_val->mpls_label = label;
475 key_mask->mpls_label = MPLS_LABEL_MASK;
480 static void fl_set_key_vlan(struct nlattr **tb,
481 struct flow_dissector_key_vlan *key_val,
482 struct flow_dissector_key_vlan *key_mask)
484 #define VLAN_PRIORITY_MASK 0x7
486 if (tb[TCA_FLOWER_KEY_VLAN_ID]) {
488 nla_get_u16(tb[TCA_FLOWER_KEY_VLAN_ID]) & VLAN_VID_MASK;
489 key_mask->vlan_id = VLAN_VID_MASK;
491 if (tb[TCA_FLOWER_KEY_VLAN_PRIO]) {
492 key_val->vlan_priority =
493 nla_get_u8(tb[TCA_FLOWER_KEY_VLAN_PRIO]) &
495 key_mask->vlan_priority = VLAN_PRIORITY_MASK;
499 static void fl_set_key_flag(u32 flower_key, u32 flower_mask,
500 u32 *dissector_key, u32 *dissector_mask,
501 u32 flower_flag_bit, u32 dissector_flag_bit)
503 if (flower_mask & flower_flag_bit) {
504 *dissector_mask |= dissector_flag_bit;
505 if (flower_key & flower_flag_bit)
506 *dissector_key |= dissector_flag_bit;
510 static int fl_set_key_flags(struct nlattr **tb,
511 u32 *flags_key, u32 *flags_mask)
515 /* mask is mandatory for flags */
516 if (!tb[TCA_FLOWER_KEY_FLAGS_MASK])
519 key = be32_to_cpu(nla_get_u32(tb[TCA_FLOWER_KEY_FLAGS]));
520 mask = be32_to_cpu(nla_get_u32(tb[TCA_FLOWER_KEY_FLAGS_MASK]));
525 fl_set_key_flag(key, mask, flags_key, flags_mask,
526 TCA_FLOWER_KEY_FLAGS_IS_FRAGMENT, FLOW_DIS_IS_FRAGMENT);
531 static int fl_set_key(struct net *net, struct nlattr **tb,
532 struct fl_flow_key *key, struct fl_flow_key *mask)
536 #ifdef CONFIG_NET_CLS_IND
537 if (tb[TCA_FLOWER_INDEV]) {
538 int err = tcf_change_indev(net, tb[TCA_FLOWER_INDEV]);
541 key->indev_ifindex = err;
542 mask->indev_ifindex = 0xffffffff;
546 fl_set_key_val(tb, key->eth.dst, TCA_FLOWER_KEY_ETH_DST,
547 mask->eth.dst, TCA_FLOWER_KEY_ETH_DST_MASK,
548 sizeof(key->eth.dst));
549 fl_set_key_val(tb, key->eth.src, TCA_FLOWER_KEY_ETH_SRC,
550 mask->eth.src, TCA_FLOWER_KEY_ETH_SRC_MASK,
551 sizeof(key->eth.src));
553 if (tb[TCA_FLOWER_KEY_ETH_TYPE]) {
554 ethertype = nla_get_be16(tb[TCA_FLOWER_KEY_ETH_TYPE]);
556 if (ethertype == htons(ETH_P_8021Q)) {
557 fl_set_key_vlan(tb, &key->vlan, &mask->vlan);
558 fl_set_key_val(tb, &key->basic.n_proto,
559 TCA_FLOWER_KEY_VLAN_ETH_TYPE,
560 &mask->basic.n_proto, TCA_FLOWER_UNSPEC,
561 sizeof(key->basic.n_proto));
563 key->basic.n_proto = ethertype;
564 mask->basic.n_proto = cpu_to_be16(~0);
568 if (key->basic.n_proto == htons(ETH_P_IP) ||
569 key->basic.n_proto == htons(ETH_P_IPV6)) {
570 fl_set_key_val(tb, &key->basic.ip_proto, TCA_FLOWER_KEY_IP_PROTO,
571 &mask->basic.ip_proto, TCA_FLOWER_UNSPEC,
572 sizeof(key->basic.ip_proto));
575 if (tb[TCA_FLOWER_KEY_IPV4_SRC] || tb[TCA_FLOWER_KEY_IPV4_DST]) {
576 key->control.addr_type = FLOW_DISSECTOR_KEY_IPV4_ADDRS;
577 mask->control.addr_type = ~0;
578 fl_set_key_val(tb, &key->ipv4.src, TCA_FLOWER_KEY_IPV4_SRC,
579 &mask->ipv4.src, TCA_FLOWER_KEY_IPV4_SRC_MASK,
580 sizeof(key->ipv4.src));
581 fl_set_key_val(tb, &key->ipv4.dst, TCA_FLOWER_KEY_IPV4_DST,
582 &mask->ipv4.dst, TCA_FLOWER_KEY_IPV4_DST_MASK,
583 sizeof(key->ipv4.dst));
584 } else if (tb[TCA_FLOWER_KEY_IPV6_SRC] || tb[TCA_FLOWER_KEY_IPV6_DST]) {
585 key->control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS;
586 mask->control.addr_type = ~0;
587 fl_set_key_val(tb, &key->ipv6.src, TCA_FLOWER_KEY_IPV6_SRC,
588 &mask->ipv6.src, TCA_FLOWER_KEY_IPV6_SRC_MASK,
589 sizeof(key->ipv6.src));
590 fl_set_key_val(tb, &key->ipv6.dst, TCA_FLOWER_KEY_IPV6_DST,
591 &mask->ipv6.dst, TCA_FLOWER_KEY_IPV6_DST_MASK,
592 sizeof(key->ipv6.dst));
595 if (key->basic.ip_proto == IPPROTO_TCP) {
596 fl_set_key_val(tb, &key->tp.src, TCA_FLOWER_KEY_TCP_SRC,
597 &mask->tp.src, TCA_FLOWER_KEY_TCP_SRC_MASK,
598 sizeof(key->tp.src));
599 fl_set_key_val(tb, &key->tp.dst, TCA_FLOWER_KEY_TCP_DST,
600 &mask->tp.dst, TCA_FLOWER_KEY_TCP_DST_MASK,
601 sizeof(key->tp.dst));
602 fl_set_key_val(tb, &key->tcp.flags, TCA_FLOWER_KEY_TCP_FLAGS,
603 &mask->tcp.flags, TCA_FLOWER_KEY_TCP_FLAGS_MASK,
604 sizeof(key->tcp.flags));
605 } else if (key->basic.ip_proto == IPPROTO_UDP) {
606 fl_set_key_val(tb, &key->tp.src, TCA_FLOWER_KEY_UDP_SRC,
607 &mask->tp.src, TCA_FLOWER_KEY_UDP_SRC_MASK,
608 sizeof(key->tp.src));
609 fl_set_key_val(tb, &key->tp.dst, TCA_FLOWER_KEY_UDP_DST,
610 &mask->tp.dst, TCA_FLOWER_KEY_UDP_DST_MASK,
611 sizeof(key->tp.dst));
612 } else if (key->basic.ip_proto == IPPROTO_SCTP) {
613 fl_set_key_val(tb, &key->tp.src, TCA_FLOWER_KEY_SCTP_SRC,
614 &mask->tp.src, TCA_FLOWER_KEY_SCTP_SRC_MASK,
615 sizeof(key->tp.src));
616 fl_set_key_val(tb, &key->tp.dst, TCA_FLOWER_KEY_SCTP_DST,
617 &mask->tp.dst, TCA_FLOWER_KEY_SCTP_DST_MASK,
618 sizeof(key->tp.dst));
619 } else if (key->basic.n_proto == htons(ETH_P_IP) &&
620 key->basic.ip_proto == IPPROTO_ICMP) {
621 fl_set_key_val(tb, &key->icmp.type, TCA_FLOWER_KEY_ICMPV4_TYPE,
623 TCA_FLOWER_KEY_ICMPV4_TYPE_MASK,
624 sizeof(key->icmp.type));
625 fl_set_key_val(tb, &key->icmp.code, TCA_FLOWER_KEY_ICMPV4_CODE,
627 TCA_FLOWER_KEY_ICMPV4_CODE_MASK,
628 sizeof(key->icmp.code));
629 } else if (key->basic.n_proto == htons(ETH_P_IPV6) &&
630 key->basic.ip_proto == IPPROTO_ICMPV6) {
631 fl_set_key_val(tb, &key->icmp.type, TCA_FLOWER_KEY_ICMPV6_TYPE,
633 TCA_FLOWER_KEY_ICMPV6_TYPE_MASK,
634 sizeof(key->icmp.type));
635 fl_set_key_val(tb, &key->icmp.code, TCA_FLOWER_KEY_ICMPV6_CODE,
637 TCA_FLOWER_KEY_ICMPV6_CODE_MASK,
638 sizeof(key->icmp.code));
639 } else if (key->basic.n_proto == htons(ETH_P_MPLS_UC) ||
640 key->basic.n_proto == htons(ETH_P_MPLS_MC)) {
641 ret = fl_set_key_mpls(tb, &key->mpls, &mask->mpls);
644 } else if (key->basic.n_proto == htons(ETH_P_ARP) ||
645 key->basic.n_proto == htons(ETH_P_RARP)) {
646 fl_set_key_val(tb, &key->arp.sip, TCA_FLOWER_KEY_ARP_SIP,
647 &mask->arp.sip, TCA_FLOWER_KEY_ARP_SIP_MASK,
648 sizeof(key->arp.sip));
649 fl_set_key_val(tb, &key->arp.tip, TCA_FLOWER_KEY_ARP_TIP,
650 &mask->arp.tip, TCA_FLOWER_KEY_ARP_TIP_MASK,
651 sizeof(key->arp.tip));
652 fl_set_key_val(tb, &key->arp.op, TCA_FLOWER_KEY_ARP_OP,
653 &mask->arp.op, TCA_FLOWER_KEY_ARP_OP_MASK,
654 sizeof(key->arp.op));
655 fl_set_key_val(tb, key->arp.sha, TCA_FLOWER_KEY_ARP_SHA,
656 mask->arp.sha, TCA_FLOWER_KEY_ARP_SHA_MASK,
657 sizeof(key->arp.sha));
658 fl_set_key_val(tb, key->arp.tha, TCA_FLOWER_KEY_ARP_THA,
659 mask->arp.tha, TCA_FLOWER_KEY_ARP_THA_MASK,
660 sizeof(key->arp.tha));
663 if (tb[TCA_FLOWER_KEY_ENC_IPV4_SRC] ||
664 tb[TCA_FLOWER_KEY_ENC_IPV4_DST]) {
665 key->enc_control.addr_type = FLOW_DISSECTOR_KEY_IPV4_ADDRS;
666 mask->enc_control.addr_type = ~0;
667 fl_set_key_val(tb, &key->enc_ipv4.src,
668 TCA_FLOWER_KEY_ENC_IPV4_SRC,
670 TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK,
671 sizeof(key->enc_ipv4.src));
672 fl_set_key_val(tb, &key->enc_ipv4.dst,
673 TCA_FLOWER_KEY_ENC_IPV4_DST,
675 TCA_FLOWER_KEY_ENC_IPV4_DST_MASK,
676 sizeof(key->enc_ipv4.dst));
679 if (tb[TCA_FLOWER_KEY_ENC_IPV6_SRC] ||
680 tb[TCA_FLOWER_KEY_ENC_IPV6_DST]) {
681 key->enc_control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS;
682 mask->enc_control.addr_type = ~0;
683 fl_set_key_val(tb, &key->enc_ipv6.src,
684 TCA_FLOWER_KEY_ENC_IPV6_SRC,
686 TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK,
687 sizeof(key->enc_ipv6.src));
688 fl_set_key_val(tb, &key->enc_ipv6.dst,
689 TCA_FLOWER_KEY_ENC_IPV6_DST,
691 TCA_FLOWER_KEY_ENC_IPV6_DST_MASK,
692 sizeof(key->enc_ipv6.dst));
695 fl_set_key_val(tb, &key->enc_key_id.keyid, TCA_FLOWER_KEY_ENC_KEY_ID,
696 &mask->enc_key_id.keyid, TCA_FLOWER_UNSPEC,
697 sizeof(key->enc_key_id.keyid));
699 fl_set_key_val(tb, &key->enc_tp.src, TCA_FLOWER_KEY_ENC_UDP_SRC_PORT,
700 &mask->enc_tp.src, TCA_FLOWER_KEY_ENC_UDP_SRC_PORT_MASK,
701 sizeof(key->enc_tp.src));
703 fl_set_key_val(tb, &key->enc_tp.dst, TCA_FLOWER_KEY_ENC_UDP_DST_PORT,
704 &mask->enc_tp.dst, TCA_FLOWER_KEY_ENC_UDP_DST_PORT_MASK,
705 sizeof(key->enc_tp.dst));
707 if (tb[TCA_FLOWER_KEY_FLAGS])
708 ret = fl_set_key_flags(tb, &key->control.flags, &mask->control.flags);
713 static bool fl_mask_eq(struct fl_flow_mask *mask1,
714 struct fl_flow_mask *mask2)
716 const long *lmask1 = fl_key_get_start(&mask1->key, mask1);
717 const long *lmask2 = fl_key_get_start(&mask2->key, mask2);
719 return !memcmp(&mask1->range, &mask2->range, sizeof(mask1->range)) &&
720 !memcmp(lmask1, lmask2, fl_mask_range(mask1));
723 static const struct rhashtable_params fl_ht_params = {
724 .key_offset = offsetof(struct cls_fl_filter, mkey), /* base offset */
725 .head_offset = offsetof(struct cls_fl_filter, ht_node),
726 .automatic_shrinking = true,
729 static int fl_init_hashtable(struct cls_fl_head *head,
730 struct fl_flow_mask *mask)
732 head->ht_params = fl_ht_params;
733 head->ht_params.key_len = fl_mask_range(mask);
734 head->ht_params.key_offset += mask->range.start;
736 return rhashtable_init(&head->ht, &head->ht_params);
739 #define FL_KEY_MEMBER_OFFSET(member) offsetof(struct fl_flow_key, member)
740 #define FL_KEY_MEMBER_SIZE(member) (sizeof(((struct fl_flow_key *) 0)->member))
742 #define FL_KEY_IS_MASKED(mask, member) \
743 memchr_inv(((char *)mask) + FL_KEY_MEMBER_OFFSET(member), \
744 0, FL_KEY_MEMBER_SIZE(member)) \
746 #define FL_KEY_SET(keys, cnt, id, member) \
748 keys[cnt].key_id = id; \
749 keys[cnt].offset = FL_KEY_MEMBER_OFFSET(member); \
753 #define FL_KEY_SET_IF_MASKED(mask, keys, cnt, id, member) \
755 if (FL_KEY_IS_MASKED(mask, member)) \
756 FL_KEY_SET(keys, cnt, id, member); \
759 static void fl_init_dissector(struct cls_fl_head *head,
760 struct fl_flow_mask *mask)
762 struct flow_dissector_key keys[FLOW_DISSECTOR_KEY_MAX];
765 FL_KEY_SET(keys, cnt, FLOW_DISSECTOR_KEY_CONTROL, control);
766 FL_KEY_SET(keys, cnt, FLOW_DISSECTOR_KEY_BASIC, basic);
767 FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
768 FLOW_DISSECTOR_KEY_ETH_ADDRS, eth);
769 FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
770 FLOW_DISSECTOR_KEY_IPV4_ADDRS, ipv4);
771 FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
772 FLOW_DISSECTOR_KEY_IPV6_ADDRS, ipv6);
773 FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
774 FLOW_DISSECTOR_KEY_PORTS, tp);
775 FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
776 FLOW_DISSECTOR_KEY_TCP, tcp);
777 FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
778 FLOW_DISSECTOR_KEY_ICMP, icmp);
779 FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
780 FLOW_DISSECTOR_KEY_ARP, arp);
781 FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
782 FLOW_DISSECTOR_KEY_MPLS, mpls);
783 FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
784 FLOW_DISSECTOR_KEY_VLAN, vlan);
785 FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
786 FLOW_DISSECTOR_KEY_ENC_KEYID, enc_key_id);
787 FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
788 FLOW_DISSECTOR_KEY_ENC_IPV4_ADDRS, enc_ipv4);
789 FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
790 FLOW_DISSECTOR_KEY_ENC_IPV6_ADDRS, enc_ipv6);
791 if (FL_KEY_IS_MASKED(&mask->key, enc_ipv4) ||
792 FL_KEY_IS_MASKED(&mask->key, enc_ipv6))
793 FL_KEY_SET(keys, cnt, FLOW_DISSECTOR_KEY_ENC_CONTROL,
795 FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
796 FLOW_DISSECTOR_KEY_ENC_PORTS, enc_tp);
798 skb_flow_dissector_init(&head->dissector, keys, cnt);
801 static int fl_check_assign_mask(struct cls_fl_head *head,
802 struct fl_flow_mask *mask)
806 if (head->mask_assigned) {
807 if (!fl_mask_eq(&head->mask, mask))
813 /* Mask is not assigned yet. So assign it and init hashtable
816 err = fl_init_hashtable(head, mask);
819 memcpy(&head->mask, mask, sizeof(head->mask));
820 head->mask_assigned = true;
822 fl_init_dissector(head, mask);
827 static int fl_set_parms(struct net *net, struct tcf_proto *tp,
828 struct cls_fl_filter *f, struct fl_flow_mask *mask,
829 unsigned long base, struct nlattr **tb,
830 struct nlattr *est, bool ovr)
835 err = tcf_exts_init(&e, TCA_FLOWER_ACT, 0);
838 err = tcf_exts_validate(net, tp, tb, est, &e, ovr);
842 if (tb[TCA_FLOWER_CLASSID]) {
843 f->res.classid = nla_get_u32(tb[TCA_FLOWER_CLASSID]);
844 tcf_bind_filter(tp, &f->res, base);
847 err = fl_set_key(net, tb, &f->key, &mask->key);
851 fl_mask_update_range(mask);
852 fl_set_masked_key(&f->mkey, &f->key, mask);
854 tcf_exts_change(tp, &f->exts, &e);
858 tcf_exts_destroy(&e);
862 static u32 fl_grab_new_handle(struct tcf_proto *tp,
863 struct cls_fl_head *head)
865 unsigned int i = 0x80000000;
869 if (++head->hgen == 0x7FFFFFFF)
871 } while (--i > 0 && fl_get(tp, head->hgen));
873 if (unlikely(i == 0)) {
874 pr_err("Insufficient number of handles\n");
883 static int fl_change(struct net *net, struct sk_buff *in_skb,
884 struct tcf_proto *tp, unsigned long base,
885 u32 handle, struct nlattr **tca,
886 unsigned long *arg, bool ovr)
888 struct cls_fl_head *head = rtnl_dereference(tp->root);
889 struct cls_fl_filter *fold = (struct cls_fl_filter *) *arg;
890 struct cls_fl_filter *fnew;
892 struct fl_flow_mask mask = {};
895 if (!tca[TCA_OPTIONS])
898 tb = kcalloc(TCA_FLOWER_MAX + 1, sizeof(struct nlattr *), GFP_KERNEL);
902 err = nla_parse_nested(tb, TCA_FLOWER_MAX, tca[TCA_OPTIONS],
907 if (fold && handle && fold->handle != handle) {
912 fnew = kzalloc(sizeof(*fnew), GFP_KERNEL);
918 err = tcf_exts_init(&fnew->exts, TCA_FLOWER_ACT, 0);
923 handle = fl_grab_new_handle(tp, head);
929 fnew->handle = handle;
931 if (tb[TCA_FLOWER_FLAGS]) {
932 fnew->flags = nla_get_u32(tb[TCA_FLOWER_FLAGS]);
934 if (!tc_flags_valid(fnew->flags)) {
940 err = fl_set_parms(net, tp, fnew, &mask, base, tb, tca[TCA_RATE], ovr);
944 err = fl_check_assign_mask(head, &mask);
948 if (!tc_skip_sw(fnew->flags)) {
949 if (!fold && fl_lookup(head, &fnew->mkey)) {
954 err = rhashtable_insert_fast(&head->ht, &fnew->ht_node,
960 if (!tc_skip_hw(fnew->flags)) {
961 err = fl_hw_replace_filter(tp,
969 if (!tc_in_hw(fnew->flags))
970 fnew->flags |= TCA_CLS_FLAGS_NOT_IN_HW;
973 if (!tc_skip_sw(fold->flags))
974 rhashtable_remove_fast(&head->ht, &fold->ht_node,
976 if (!tc_skip_hw(fold->flags))
977 fl_hw_destroy_filter(tp, fold);
980 *arg = (unsigned long) fnew;
983 list_replace_rcu(&fold->list, &fnew->list);
984 tcf_unbind_filter(tp, &fold->res);
985 call_rcu(&fold->rcu, fl_destroy_filter);
987 list_add_tail_rcu(&fnew->list, &head->filters);
994 tcf_exts_destroy(&fnew->exts);
1001 static int fl_delete(struct tcf_proto *tp, unsigned long arg, bool *last)
1003 struct cls_fl_head *head = rtnl_dereference(tp->root);
1004 struct cls_fl_filter *f = (struct cls_fl_filter *) arg;
1006 if (!tc_skip_sw(f->flags))
1007 rhashtable_remove_fast(&head->ht, &f->ht_node,
1010 *last = list_empty(&head->filters);
1014 static void fl_walk(struct tcf_proto *tp, struct tcf_walker *arg)
1016 struct cls_fl_head *head = rtnl_dereference(tp->root);
1017 struct cls_fl_filter *f;
1019 list_for_each_entry_rcu(f, &head->filters, list) {
1020 if (arg->count < arg->skip)
1022 if (arg->fn(tp, (unsigned long) f, arg) < 0) {
1031 static int fl_dump_key_val(struct sk_buff *skb,
1032 void *val, int val_type,
1033 void *mask, int mask_type, int len)
1037 if (!memchr_inv(mask, 0, len))
1039 err = nla_put(skb, val_type, len, val);
1042 if (mask_type != TCA_FLOWER_UNSPEC) {
1043 err = nla_put(skb, mask_type, len, mask);
1050 static int fl_dump_key_mpls(struct sk_buff *skb,
1051 struct flow_dissector_key_mpls *mpls_key,
1052 struct flow_dissector_key_mpls *mpls_mask)
1056 if (!memchr_inv(mpls_mask, 0, sizeof(*mpls_mask)))
1058 if (mpls_mask->mpls_ttl) {
1059 err = nla_put_u8(skb, TCA_FLOWER_KEY_MPLS_TTL,
1060 mpls_key->mpls_ttl);
1064 if (mpls_mask->mpls_tc) {
1065 err = nla_put_u8(skb, TCA_FLOWER_KEY_MPLS_TC,
1070 if (mpls_mask->mpls_label) {
1071 err = nla_put_u32(skb, TCA_FLOWER_KEY_MPLS_LABEL,
1072 mpls_key->mpls_label);
1076 if (mpls_mask->mpls_bos) {
1077 err = nla_put_u8(skb, TCA_FLOWER_KEY_MPLS_BOS,
1078 mpls_key->mpls_bos);
1085 static int fl_dump_key_vlan(struct sk_buff *skb,
1086 struct flow_dissector_key_vlan *vlan_key,
1087 struct flow_dissector_key_vlan *vlan_mask)
1091 if (!memchr_inv(vlan_mask, 0, sizeof(*vlan_mask)))
1093 if (vlan_mask->vlan_id) {
1094 err = nla_put_u16(skb, TCA_FLOWER_KEY_VLAN_ID,
1099 if (vlan_mask->vlan_priority) {
1100 err = nla_put_u8(skb, TCA_FLOWER_KEY_VLAN_PRIO,
1101 vlan_key->vlan_priority);
1108 static void fl_get_key_flag(u32 dissector_key, u32 dissector_mask,
1109 u32 *flower_key, u32 *flower_mask,
1110 u32 flower_flag_bit, u32 dissector_flag_bit)
1112 if (dissector_mask & dissector_flag_bit) {
1113 *flower_mask |= flower_flag_bit;
1114 if (dissector_key & dissector_flag_bit)
1115 *flower_key |= flower_flag_bit;
1119 static int fl_dump_key_flags(struct sk_buff *skb, u32 flags_key, u32 flags_mask)
1125 if (!memchr_inv(&flags_mask, 0, sizeof(flags_mask)))
1131 fl_get_key_flag(flags_key, flags_mask, &key, &mask,
1132 TCA_FLOWER_KEY_FLAGS_IS_FRAGMENT, FLOW_DIS_IS_FRAGMENT);
1134 _key = cpu_to_be32(key);
1135 _mask = cpu_to_be32(mask);
1137 err = nla_put(skb, TCA_FLOWER_KEY_FLAGS, 4, &_key);
1141 return nla_put(skb, TCA_FLOWER_KEY_FLAGS_MASK, 4, &_mask);
1144 static int fl_dump(struct net *net, struct tcf_proto *tp, unsigned long fh,
1145 struct sk_buff *skb, struct tcmsg *t)
1147 struct cls_fl_head *head = rtnl_dereference(tp->root);
1148 struct cls_fl_filter *f = (struct cls_fl_filter *) fh;
1149 struct nlattr *nest;
1150 struct fl_flow_key *key, *mask;
1155 t->tcm_handle = f->handle;
1157 nest = nla_nest_start(skb, TCA_OPTIONS);
1159 goto nla_put_failure;
1161 if (f->res.classid &&
1162 nla_put_u32(skb, TCA_FLOWER_CLASSID, f->res.classid))
1163 goto nla_put_failure;
1166 mask = &head->mask.key;
1168 if (mask->indev_ifindex) {
1169 struct net_device *dev;
1171 dev = __dev_get_by_index(net, key->indev_ifindex);
1172 if (dev && nla_put_string(skb, TCA_FLOWER_INDEV, dev->name))
1173 goto nla_put_failure;
1176 if (!tc_skip_hw(f->flags))
1177 fl_hw_update_stats(tp, f);
1179 if (fl_dump_key_val(skb, key->eth.dst, TCA_FLOWER_KEY_ETH_DST,
1180 mask->eth.dst, TCA_FLOWER_KEY_ETH_DST_MASK,
1181 sizeof(key->eth.dst)) ||
1182 fl_dump_key_val(skb, key->eth.src, TCA_FLOWER_KEY_ETH_SRC,
1183 mask->eth.src, TCA_FLOWER_KEY_ETH_SRC_MASK,
1184 sizeof(key->eth.src)) ||
1185 fl_dump_key_val(skb, &key->basic.n_proto, TCA_FLOWER_KEY_ETH_TYPE,
1186 &mask->basic.n_proto, TCA_FLOWER_UNSPEC,
1187 sizeof(key->basic.n_proto)))
1188 goto nla_put_failure;
1190 if (fl_dump_key_mpls(skb, &key->mpls, &mask->mpls))
1191 goto nla_put_failure;
1193 if (fl_dump_key_vlan(skb, &key->vlan, &mask->vlan))
1194 goto nla_put_failure;
1196 if ((key->basic.n_proto == htons(ETH_P_IP) ||
1197 key->basic.n_proto == htons(ETH_P_IPV6)) &&
1198 fl_dump_key_val(skb, &key->basic.ip_proto, TCA_FLOWER_KEY_IP_PROTO,
1199 &mask->basic.ip_proto, TCA_FLOWER_UNSPEC,
1200 sizeof(key->basic.ip_proto)))
1201 goto nla_put_failure;
1203 if (key->control.addr_type == FLOW_DISSECTOR_KEY_IPV4_ADDRS &&
1204 (fl_dump_key_val(skb, &key->ipv4.src, TCA_FLOWER_KEY_IPV4_SRC,
1205 &mask->ipv4.src, TCA_FLOWER_KEY_IPV4_SRC_MASK,
1206 sizeof(key->ipv4.src)) ||
1207 fl_dump_key_val(skb, &key->ipv4.dst, TCA_FLOWER_KEY_IPV4_DST,
1208 &mask->ipv4.dst, TCA_FLOWER_KEY_IPV4_DST_MASK,
1209 sizeof(key->ipv4.dst))))
1210 goto nla_put_failure;
1211 else if (key->control.addr_type == FLOW_DISSECTOR_KEY_IPV6_ADDRS &&
1212 (fl_dump_key_val(skb, &key->ipv6.src, TCA_FLOWER_KEY_IPV6_SRC,
1213 &mask->ipv6.src, TCA_FLOWER_KEY_IPV6_SRC_MASK,
1214 sizeof(key->ipv6.src)) ||
1215 fl_dump_key_val(skb, &key->ipv6.dst, TCA_FLOWER_KEY_IPV6_DST,
1216 &mask->ipv6.dst, TCA_FLOWER_KEY_IPV6_DST_MASK,
1217 sizeof(key->ipv6.dst))))
1218 goto nla_put_failure;
1220 if (key->basic.ip_proto == IPPROTO_TCP &&
1221 (fl_dump_key_val(skb, &key->tp.src, TCA_FLOWER_KEY_TCP_SRC,
1222 &mask->tp.src, TCA_FLOWER_KEY_TCP_SRC_MASK,
1223 sizeof(key->tp.src)) ||
1224 fl_dump_key_val(skb, &key->tp.dst, TCA_FLOWER_KEY_TCP_DST,
1225 &mask->tp.dst, TCA_FLOWER_KEY_TCP_DST_MASK,
1226 sizeof(key->tp.dst)) ||
1227 fl_dump_key_val(skb, &key->tcp.flags, TCA_FLOWER_KEY_TCP_FLAGS,
1228 &mask->tcp.flags, TCA_FLOWER_KEY_TCP_FLAGS_MASK,
1229 sizeof(key->tcp.flags))))
1230 goto nla_put_failure;
1231 else if (key->basic.ip_proto == IPPROTO_UDP &&
1232 (fl_dump_key_val(skb, &key->tp.src, TCA_FLOWER_KEY_UDP_SRC,
1233 &mask->tp.src, TCA_FLOWER_KEY_UDP_SRC_MASK,
1234 sizeof(key->tp.src)) ||
1235 fl_dump_key_val(skb, &key->tp.dst, TCA_FLOWER_KEY_UDP_DST,
1236 &mask->tp.dst, TCA_FLOWER_KEY_UDP_DST_MASK,
1237 sizeof(key->tp.dst))))
1238 goto nla_put_failure;
1239 else if (key->basic.ip_proto == IPPROTO_SCTP &&
1240 (fl_dump_key_val(skb, &key->tp.src, TCA_FLOWER_KEY_SCTP_SRC,
1241 &mask->tp.src, TCA_FLOWER_KEY_SCTP_SRC_MASK,
1242 sizeof(key->tp.src)) ||
1243 fl_dump_key_val(skb, &key->tp.dst, TCA_FLOWER_KEY_SCTP_DST,
1244 &mask->tp.dst, TCA_FLOWER_KEY_SCTP_DST_MASK,
1245 sizeof(key->tp.dst))))
1246 goto nla_put_failure;
1247 else if (key->basic.n_proto == htons(ETH_P_IP) &&
1248 key->basic.ip_proto == IPPROTO_ICMP &&
1249 (fl_dump_key_val(skb, &key->icmp.type,
1250 TCA_FLOWER_KEY_ICMPV4_TYPE, &mask->icmp.type,
1251 TCA_FLOWER_KEY_ICMPV4_TYPE_MASK,
1252 sizeof(key->icmp.type)) ||
1253 fl_dump_key_val(skb, &key->icmp.code,
1254 TCA_FLOWER_KEY_ICMPV4_CODE, &mask->icmp.code,
1255 TCA_FLOWER_KEY_ICMPV4_CODE_MASK,
1256 sizeof(key->icmp.code))))
1257 goto nla_put_failure;
1258 else if (key->basic.n_proto == htons(ETH_P_IPV6) &&
1259 key->basic.ip_proto == IPPROTO_ICMPV6 &&
1260 (fl_dump_key_val(skb, &key->icmp.type,
1261 TCA_FLOWER_KEY_ICMPV6_TYPE, &mask->icmp.type,
1262 TCA_FLOWER_KEY_ICMPV6_TYPE_MASK,
1263 sizeof(key->icmp.type)) ||
1264 fl_dump_key_val(skb, &key->icmp.code,
1265 TCA_FLOWER_KEY_ICMPV6_CODE, &mask->icmp.code,
1266 TCA_FLOWER_KEY_ICMPV6_CODE_MASK,
1267 sizeof(key->icmp.code))))
1268 goto nla_put_failure;
1269 else if ((key->basic.n_proto == htons(ETH_P_ARP) ||
1270 key->basic.n_proto == htons(ETH_P_RARP)) &&
1271 (fl_dump_key_val(skb, &key->arp.sip,
1272 TCA_FLOWER_KEY_ARP_SIP, &mask->arp.sip,
1273 TCA_FLOWER_KEY_ARP_SIP_MASK,
1274 sizeof(key->arp.sip)) ||
1275 fl_dump_key_val(skb, &key->arp.tip,
1276 TCA_FLOWER_KEY_ARP_TIP, &mask->arp.tip,
1277 TCA_FLOWER_KEY_ARP_TIP_MASK,
1278 sizeof(key->arp.tip)) ||
1279 fl_dump_key_val(skb, &key->arp.op,
1280 TCA_FLOWER_KEY_ARP_OP, &mask->arp.op,
1281 TCA_FLOWER_KEY_ARP_OP_MASK,
1282 sizeof(key->arp.op)) ||
1283 fl_dump_key_val(skb, key->arp.sha, TCA_FLOWER_KEY_ARP_SHA,
1284 mask->arp.sha, TCA_FLOWER_KEY_ARP_SHA_MASK,
1285 sizeof(key->arp.sha)) ||
1286 fl_dump_key_val(skb, key->arp.tha, TCA_FLOWER_KEY_ARP_THA,
1287 mask->arp.tha, TCA_FLOWER_KEY_ARP_THA_MASK,
1288 sizeof(key->arp.tha))))
1289 goto nla_put_failure;
1291 if (key->enc_control.addr_type == FLOW_DISSECTOR_KEY_IPV4_ADDRS &&
1292 (fl_dump_key_val(skb, &key->enc_ipv4.src,
1293 TCA_FLOWER_KEY_ENC_IPV4_SRC, &mask->enc_ipv4.src,
1294 TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK,
1295 sizeof(key->enc_ipv4.src)) ||
1296 fl_dump_key_val(skb, &key->enc_ipv4.dst,
1297 TCA_FLOWER_KEY_ENC_IPV4_DST, &mask->enc_ipv4.dst,
1298 TCA_FLOWER_KEY_ENC_IPV4_DST_MASK,
1299 sizeof(key->enc_ipv4.dst))))
1300 goto nla_put_failure;
1301 else if (key->enc_control.addr_type == FLOW_DISSECTOR_KEY_IPV6_ADDRS &&
1302 (fl_dump_key_val(skb, &key->enc_ipv6.src,
1303 TCA_FLOWER_KEY_ENC_IPV6_SRC, &mask->enc_ipv6.src,
1304 TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK,
1305 sizeof(key->enc_ipv6.src)) ||
1306 fl_dump_key_val(skb, &key->enc_ipv6.dst,
1307 TCA_FLOWER_KEY_ENC_IPV6_DST,
1308 &mask->enc_ipv6.dst,
1309 TCA_FLOWER_KEY_ENC_IPV6_DST_MASK,
1310 sizeof(key->enc_ipv6.dst))))
1311 goto nla_put_failure;
1313 if (fl_dump_key_val(skb, &key->enc_key_id, TCA_FLOWER_KEY_ENC_KEY_ID,
1314 &mask->enc_key_id, TCA_FLOWER_UNSPEC,
1315 sizeof(key->enc_key_id)) ||
1316 fl_dump_key_val(skb, &key->enc_tp.src,
1317 TCA_FLOWER_KEY_ENC_UDP_SRC_PORT,
1319 TCA_FLOWER_KEY_ENC_UDP_SRC_PORT_MASK,
1320 sizeof(key->enc_tp.src)) ||
1321 fl_dump_key_val(skb, &key->enc_tp.dst,
1322 TCA_FLOWER_KEY_ENC_UDP_DST_PORT,
1324 TCA_FLOWER_KEY_ENC_UDP_DST_PORT_MASK,
1325 sizeof(key->enc_tp.dst)))
1326 goto nla_put_failure;
1328 if (fl_dump_key_flags(skb, key->control.flags, mask->control.flags))
1329 goto nla_put_failure;
1331 if (f->flags && nla_put_u32(skb, TCA_FLOWER_FLAGS, f->flags))
1332 goto nla_put_failure;
1334 if (tcf_exts_dump(skb, &f->exts))
1335 goto nla_put_failure;
1337 nla_nest_end(skb, nest);
1339 if (tcf_exts_dump_stats(skb, &f->exts) < 0)
1340 goto nla_put_failure;
1345 nla_nest_cancel(skb, nest);
1349 static struct tcf_proto_ops cls_fl_ops __read_mostly = {
1351 .classify = fl_classify,
1353 .destroy = fl_destroy,
1355 .change = fl_change,
1356 .delete = fl_delete,
1359 .owner = THIS_MODULE,
1362 static int __init cls_fl_init(void)
1364 return register_tcf_proto_ops(&cls_fl_ops);
1367 static void __exit cls_fl_exit(void)
1369 unregister_tcf_proto_ops(&cls_fl_ops);
1372 module_init(cls_fl_init);
1373 module_exit(cls_fl_exit);
1375 MODULE_AUTHOR("Jiri Pirko <jiri@resnulli.us>");
1376 MODULE_DESCRIPTION("Flower classifier");
1377 MODULE_LICENSE("GPL v2");
projects / linux-2.6-block.git / blob