search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
drm/tests: hdmi: Fix memory leaks in drm_display_mode_from_cea_vic()
[drm/drm-misc.git] / net / sched / act_connmark.c
blob0fce631e7c91113e5559d12ddc4d0ebeef1237e4
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * net/sched/act_connmark.c netfilter connmark retriever action
4 * skb mark is over-written
5 *
6 * Copyright (c) 2011 Felix Fietkau <nbd@openwrt.org>
7 */
8
9 #include <linux/module.h>
10 #include <linux/init.h>
11 #include <linux/kernel.h>
12 #include <linux/skbuff.h>
13 #include <linux/rtnetlink.h>
14 #include <linux/pkt_cls.h>
15 #include <linux/ip.h>
16 #include <linux/ipv6.h>
17 #include <net/netlink.h>
18 #include <net/pkt_sched.h>
19 #include <net/act_api.h>
20 #include <net/pkt_cls.h>
21 #include <uapi/linux/tc_act/tc_connmark.h>
22 #include <net/tc_act/tc_connmark.h>
23 #include <net/tc_wrapper.h>
24
25 #include <net/netfilter/nf_conntrack.h>
26 #include <net/netfilter/nf_conntrack_core.h>
27 #include <net/netfilter/nf_conntrack_zones.h>
28
29 static struct tc_action_ops act_connmark_ops;
30
31 TC_INDIRECT_SCOPE int tcf_connmark_act(struct sk_buff *skb,
32 const struct tc_action *a,
33 struct tcf_result *res)
34 {
35 const struct nf_conntrack_tuple_hash *thash;
36 struct nf_conntrack_tuple tuple;
37 enum ip_conntrack_info ctinfo;
38 struct tcf_connmark_info *ca = to_connmark(a);
39 struct tcf_connmark_parms *parms;
40 struct nf_conntrack_zone zone;
41 struct nf_conn *c;
42 int proto;
43
44 tcf_lastuse_update(&ca->tcf_tm);
45 tcf_action_update_bstats(&ca->common, skb);
46
47 parms = rcu_dereference_bh(ca->parms);
48
49 switch (skb_protocol(skb, true)) {
50 case htons(ETH_P_IP):
51 if (skb->len < sizeof(struct iphdr))
52 goto out;
53
54 proto = NFPROTO_IPV4;
55 break;
56 case htons(ETH_P_IPV6):
57 if (skb->len < sizeof(struct ipv6hdr))
58 goto out;
59
60 proto = NFPROTO_IPV6;
61 break;
62 default:
63 goto out;
64 }
65
66 c = nf_ct_get(skb, &ctinfo);
67 if (c) {
68 skb->mark = READ_ONCE(c->mark);
69 goto count;
70 }
71
72 if (!nf_ct_get_tuplepr(skb, skb_network_offset(skb), proto, parms->net,
73 &tuple))
74 goto out;
75
76 zone.id = parms->zone;
77 zone.dir = NF_CT_DEFAULT_ZONE_DIR;
78
79 thash = nf_conntrack_find_get(parms->net, &zone, &tuple);
80 if (!thash)
81 goto out;
82
83 c = nf_ct_tuplehash_to_ctrack(thash);
84 skb->mark = READ_ONCE(c->mark);
85 nf_ct_put(c);
86
87 count:
88 /* using overlimits stats to count how many packets marked */
89 tcf_action_inc_overlimit_qstats(&ca->common);
90 out:
91 return READ_ONCE(ca->tcf_action);
92 }
93
94 static const struct nla_policy connmark_policy[TCA_CONNMARK_MAX + 1] = {
95 [TCA_CONNMARK_PARMS] = { .len = sizeof(struct tc_connmark) },
96 };
97
98 static int tcf_connmark_init(struct net *net, struct nlattr *nla,
99 struct nlattr *est, struct tc_action **a,
100 struct tcf_proto *tp, u32 flags,
101 struct netlink_ext_ack *extack)
102 {
103 struct tc_action_net *tn = net_generic(net, act_connmark_ops.net_id);
104 struct tcf_connmark_parms *nparms, *oparms;
105 struct nlattr *tb[TCA_CONNMARK_MAX + 1];
106 bool bind = flags & TCA_ACT_FLAGS_BIND;
107 struct tcf_chain *goto_ch = NULL;
108 struct tcf_connmark_info *ci;
109 struct tc_connmark *parm;
110 int ret = 0, err;
111 u32 index;
112
113 if (!nla)
114 return -EINVAL;
115
116 ret = nla_parse_nested_deprecated(tb, TCA_CONNMARK_MAX, nla,
117 connmark_policy, NULL);
118 if (ret < 0)
119 return ret;
120
121 if (!tb[TCA_CONNMARK_PARMS])
122 return -EINVAL;
123
124 nparms = kzalloc(sizeof(*nparms), GFP_KERNEL);
125 if (!nparms)
126 return -ENOMEM;
127
128 parm = nla_data(tb[TCA_CONNMARK_PARMS]);
129 index = parm->index;
130 ret = tcf_idr_check_alloc(tn, &index, a, bind);
131 if (!ret) {
132 ret = tcf_idr_create_from_flags(tn, index, est, a,
133 &act_connmark_ops, bind, flags);
134 if (ret) {
135 tcf_idr_cleanup(tn, index);
136 err = ret;
137 goto out_free;
138 }
139
140 ci = to_connmark(*a);
141
142 nparms->net = net;
143 nparms->zone = parm->zone;
144
145 ret = ACT_P_CREATED;
146 } else if (ret > 0) {
147 ci = to_connmark(*a);
148 if (bind) {
149 err = ACT_P_BOUND;
150 goto out_free;
151 }
152 if (!(flags & TCA_ACT_FLAGS_REPLACE)) {
153 err = -EEXIST;
154 goto release_idr;
155 }
156
157 nparms->net = rtnl_dereference(ci->parms)->net;
158 nparms->zone = parm->zone;
159
160 ret = 0;
161 } else {
162 err = ret;
163 goto out_free;
164 }
165
166 err = tcf_action_check_ctrlact(parm->action, tp, &goto_ch, extack);
167 if (err < 0)
168 goto release_idr;
169
170 spin_lock_bh(&ci->tcf_lock);
171 goto_ch = tcf_action_set_ctrlact(*a, parm->action, goto_ch);
172 oparms = rcu_replace_pointer(ci->parms, nparms, lockdep_is_held(&ci->tcf_lock));
173 spin_unlock_bh(&ci->tcf_lock);
174
175 if (goto_ch)
176 tcf_chain_put_by_act(goto_ch);
177
178 if (oparms)
179 kfree_rcu(oparms, rcu);
180
181 return ret;
182
183 release_idr:
184 tcf_idr_release(*a, bind);
185 out_free:
186 kfree(nparms);
187 return err;
188 }
189
190 static inline int tcf_connmark_dump(struct sk_buff *skb, struct tc_action *a,
191 int bind, int ref)
192 {
193 unsigned char *b = skb_tail_pointer(skb);
194 struct tcf_connmark_info *ci = to_connmark(a);
195 struct tc_connmark opt = {
196 .index = ci->tcf_index,
197 .refcnt = refcount_read(&ci->tcf_refcnt) - ref,
198 .bindcnt = atomic_read(&ci->tcf_bindcnt) - bind,
199 };
200 struct tcf_connmark_parms *parms;
201 struct tcf_t t;
202
203 spin_lock_bh(&ci->tcf_lock);
204 parms = rcu_dereference_protected(ci->parms, lockdep_is_held(&ci->tcf_lock));
205
206 opt.action = ci->tcf_action;
207 opt.zone = parms->zone;
208 if (nla_put(skb, TCA_CONNMARK_PARMS, sizeof(opt), &opt))
209 goto nla_put_failure;
210
211 tcf_tm_dump(&t, &ci->tcf_tm);
212 if (nla_put_64bit(skb, TCA_CONNMARK_TM, sizeof(t), &t,
213 TCA_CONNMARK_PAD))
214 goto nla_put_failure;
215 spin_unlock_bh(&ci->tcf_lock);
216
217 return skb->len;
218
219 nla_put_failure:
220 spin_unlock_bh(&ci->tcf_lock);
221 nlmsg_trim(skb, b);
222 return -1;
223 }
224
225 static void tcf_connmark_cleanup(struct tc_action *a)
226 {
227 struct tcf_connmark_info *ci = to_connmark(a);
228 struct tcf_connmark_parms *parms;
229
230 parms = rcu_dereference_protected(ci->parms, 1);
231 if (parms)
232 kfree_rcu(parms, rcu);
233 }
234
235 static struct tc_action_ops act_connmark_ops = {
236 .kind = "connmark",
237 .id = TCA_ID_CONNMARK,
238 .owner = THIS_MODULE,
239 .act = tcf_connmark_act,
240 .dump = tcf_connmark_dump,
241 .init = tcf_connmark_init,
242 .cleanup = tcf_connmark_cleanup,
243 .size = sizeof(struct tcf_connmark_info),
244 };
245 MODULE_ALIAS_NET_ACT("connmark");
246
247 static __net_init int connmark_init_net(struct net *net)
248 {
249 struct tc_action_net *tn = net_generic(net, act_connmark_ops.net_id);
250
251 return tc_action_net_init(net, tn, &act_connmark_ops);
252 }
253
254 static void __net_exit connmark_exit_net(struct list_head *net_list)
255 {
256 tc_action_net_exit(net_list, act_connmark_ops.net_id);
257 }
258
259 static struct pernet_operations connmark_net_ops = {
260 .init = connmark_init_net,
261 .exit_batch = connmark_exit_net,
262 .id = &act_connmark_ops.net_id,
263 .size = sizeof(struct tc_action_net),
264 };
265
266 static int __init connmark_init_module(void)
267 {
268 return tcf_register_action(&act_connmark_ops, &connmark_net_ops);
269 }
270
271 static void __exit connmark_cleanup_module(void)
272 {
273 tcf_unregister_action(&act_connmark_ops, &connmark_net_ops);
274 }
275
276 module_init(connmark_init_module);
277 module_exit(connmark_cleanup_module);
278 MODULE_AUTHOR("Felix Fietkau <nbd@openwrt.org>");
279 MODULE_DESCRIPTION("Connection tracking mark restoring");
280 MODULE_LICENSE("GPL");
Kernel DRM miscellaneous fixes and cross-tree changes