search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge tag 'rproc-v6.14' of git://git.kernel.org/pub/scm/linux/kernel/git/remoteproc...
[linux.git] / net / ipv6 / ila / ila_xlat.c
blob1d41b2ab48846ca77623bb0c18b113cbe95a4440
1 // SPDX-License-Identifier: GPL-2.0
2 #include <linux/jhash.h>
3 #include <linux/netfilter.h>
4 #include <linux/rcupdate.h>
5 #include <linux/rhashtable.h>
6 #include <linux/vmalloc.h>
7 #include <net/genetlink.h>
8 #include <net/netns/generic.h>
9 #include <uapi/linux/genetlink.h>
10 #include "ila.h"
11
12 struct ila_xlat_params {
13 struct ila_params ip;
14 int ifindex;
15 };
16
17 struct ila_map {
18 struct ila_xlat_params xp;
19 struct rhash_head node;
20 struct ila_map __rcu *next;
21 struct rcu_head rcu;
22 };
23
24 #define MAX_LOCKS 1024
25 #define LOCKS_PER_CPU 10
26
27 static int alloc_ila_locks(struct ila_net *ilan)
28 {
29 return alloc_bucket_spinlocks(&ilan->xlat.locks, &ilan->xlat.locks_mask,
30 MAX_LOCKS, LOCKS_PER_CPU,
31 GFP_KERNEL);
32 }
33
34 static u32 hashrnd __read_mostly;
35 static __always_inline void __ila_hash_secret_init(void)
36 {
37 net_get_random_once(&hashrnd, sizeof(hashrnd));
38 }
39
40 static inline u32 ila_locator_hash(struct ila_locator loc)
41 {
42 u32 *v = (u32 *)loc.v32;
43
44 __ila_hash_secret_init();
45 return jhash_2words(v[0], v[1], hashrnd);
46 }
47
48 static inline spinlock_t *ila_get_lock(struct ila_net *ilan,
49 struct ila_locator loc)
50 {
51 return &ilan->xlat.locks[ila_locator_hash(loc) & ilan->xlat.locks_mask];
52 }
53
54 static inline int ila_cmp_wildcards(struct ila_map *ila,
55 struct ila_addr *iaddr, int ifindex)
56 {
57 return (ila->xp.ifindex && ila->xp.ifindex != ifindex);
58 }
59
60 static inline int ila_cmp_params(struct ila_map *ila,
61 struct ila_xlat_params *xp)
62 {
63 return (ila->xp.ifindex != xp->ifindex);
64 }
65
66 static int ila_cmpfn(struct rhashtable_compare_arg *arg,
67 const void *obj)
68 {
69 const struct ila_map *ila = obj;
70
71 return (ila->xp.ip.locator_match.v64 != *(__be64 *)arg->key);
72 }
73
74 static inline int ila_order(struct ila_map *ila)
75 {
76 int score = 0;
77
78 if (ila->xp.ifindex)
79 score += 1 << 1;
80
81 return score;
82 }
83
84 static const struct rhashtable_params rht_params = {
85 .nelem_hint = 1024,
86 .head_offset = offsetof(struct ila_map, node),
87 .key_offset = offsetof(struct ila_map, xp.ip.locator_match),
88 .key_len = sizeof(u64), /* identifier */
89 .max_size = 1048576,
90 .min_size = 256,
91 .automatic_shrinking = true,
92 .obj_cmpfn = ila_cmpfn,
93 };
94
95 static int parse_nl_config(struct genl_info *info,
96 struct ila_xlat_params *xp)
97 {
98 memset(xp, 0, sizeof(*xp));
99
100 if (info->attrs[ILA_ATTR_LOCATOR])
101 xp->ip.locator.v64 = (__force __be64)nla_get_u64(
102 info->attrs[ILA_ATTR_LOCATOR]);
103
104 if (info->attrs[ILA_ATTR_LOCATOR_MATCH])
105 xp->ip.locator_match.v64 = (__force __be64)nla_get_u64(
106 info->attrs[ILA_ATTR_LOCATOR_MATCH]);
107
108 xp->ip.csum_mode = nla_get_u8_default(info->attrs[ILA_ATTR_CSUM_MODE],
109 ILA_CSUM_NO_ACTION);
110
111 xp->ip.ident_type = nla_get_u8_default(info->attrs[ILA_ATTR_IDENT_TYPE],
112 ILA_ATYPE_USE_FORMAT);
113
114 if (info->attrs[ILA_ATTR_IFINDEX])
115 xp->ifindex = nla_get_s32(info->attrs[ILA_ATTR_IFINDEX]);
116
117 return 0;
118 }
119
120 /* Must be called with rcu readlock */
121 static inline struct ila_map *ila_lookup_wildcards(struct ila_addr *iaddr,
122 int ifindex,
123 struct ila_net *ilan)
124 {
125 struct ila_map *ila;
126
127 ila = rhashtable_lookup_fast(&ilan->xlat.rhash_table, &iaddr->loc,
128 rht_params);
129 while (ila) {
130 if (!ila_cmp_wildcards(ila, iaddr, ifindex))
131 return ila;
132 ila = rcu_access_pointer(ila->next);
133 }
134
135 return NULL;
136 }
137
138 /* Must be called with rcu readlock */
139 static inline struct ila_map *ila_lookup_by_params(struct ila_xlat_params *xp,
140 struct ila_net *ilan)
141 {
142 struct ila_map *ila;
143
144 ila = rhashtable_lookup_fast(&ilan->xlat.rhash_table,
145 &xp->ip.locator_match,
146 rht_params);
147 while (ila) {
148 if (!ila_cmp_params(ila, xp))
149 return ila;
150 ila = rcu_access_pointer(ila->next);
151 }
152
153 return NULL;
154 }
155
156 static inline void ila_release(struct ila_map *ila)
157 {
158 kfree_rcu(ila, rcu);
159 }
160
161 static void ila_free_node(struct ila_map *ila)
162 {
163 struct ila_map *next;
164
165 /* Assume rcu_readlock held */
166 while (ila) {
167 next = rcu_access_pointer(ila->next);
168 ila_release(ila);
169 ila = next;
170 }
171 }
172
173 static void ila_free_cb(void *ptr, void *arg)
174 {
175 ila_free_node((struct ila_map *)ptr);
176 }
177
178 static int ila_xlat_addr(struct sk_buff *skb, bool sir2ila);
179
180 static unsigned int
181 ila_nf_input(void *priv,
182 struct sk_buff *skb,
183 const struct nf_hook_state *state)
184 {
185 ila_xlat_addr(skb, false);
186 return NF_ACCEPT;
187 }
188
189 static const struct nf_hook_ops ila_nf_hook_ops[] = {
190 {
191 .hook = ila_nf_input,
192 .pf = NFPROTO_IPV6,
193 .hooknum = NF_INET_PRE_ROUTING,
194 .priority = -1,
195 },
196 };
197
198 static DEFINE_MUTEX(ila_mutex);
199
200 static int ila_add_mapping(struct net *net, struct ila_xlat_params *xp)
201 {
202 struct ila_net *ilan = net_generic(net, ila_net_id);
203 struct ila_map *ila, *head;
204 spinlock_t *lock = ila_get_lock(ilan, xp->ip.locator_match);
205 int err = 0, order;
206
207 if (!READ_ONCE(ilan->xlat.hooks_registered)) {
208 /* We defer registering net hooks in the namespace until the
209 * first mapping is added.
210 */
211 mutex_lock(&ila_mutex);
212 if (!ilan->xlat.hooks_registered) {
213 err = nf_register_net_hooks(net, ila_nf_hook_ops,
214 ARRAY_SIZE(ila_nf_hook_ops));
215 if (!err)
216 WRITE_ONCE(ilan->xlat.hooks_registered, true);
217 }
218 mutex_unlock(&ila_mutex);
219 if (err)
220 return err;
221 }
222
223 ila = kzalloc(sizeof(*ila), GFP_KERNEL);
224 if (!ila)
225 return -ENOMEM;
226
227 ila_init_saved_csum(&xp->ip);
228
229 ila->xp = *xp;
230
231 order = ila_order(ila);
232
233 spin_lock(lock);
234
235 head = rhashtable_lookup_fast(&ilan->xlat.rhash_table,
236 &xp->ip.locator_match,
237 rht_params);
238 if (!head) {
239 /* New entry for the rhash_table */
240 err = rhashtable_lookup_insert_fast(&ilan->xlat.rhash_table,
241 &ila->node, rht_params);
242 } else {
243 struct ila_map *tila = head, *prev = NULL;
244
245 do {
246 if (!ila_cmp_params(tila, xp)) {
247 err = -EEXIST;
248 goto out;
249 }
250
251 if (order > ila_order(tila))
252 break;
253
254 prev = tila;
255 tila = rcu_dereference_protected(tila->next,
256 lockdep_is_held(lock));
257 } while (tila);
258
259 if (prev) {
260 /* Insert in sub list of head */
261 RCU_INIT_POINTER(ila->next, tila);
262 rcu_assign_pointer(prev->next, ila);
263 } else {
264 /* Make this ila new head */
265 RCU_INIT_POINTER(ila->next, head);
266 err = rhashtable_replace_fast(&ilan->xlat.rhash_table,
267 &head->node,
268 &ila->node, rht_params);
269 if (err)
270 goto out;
271 }
272 }
273
274 out:
275 spin_unlock(lock);
276
277 if (err)
278 kfree(ila);
279
280 return err;
281 }
282
283 static int ila_del_mapping(struct net *net, struct ila_xlat_params *xp)
284 {
285 struct ila_net *ilan = net_generic(net, ila_net_id);
286 struct ila_map *ila, *head, *prev;
287 spinlock_t *lock = ila_get_lock(ilan, xp->ip.locator_match);
288 int err = -ENOENT;
289
290 spin_lock(lock);
291
292 head = rhashtable_lookup_fast(&ilan->xlat.rhash_table,
293 &xp->ip.locator_match, rht_params);
294 ila = head;
295
296 prev = NULL;
297
298 while (ila) {
299 if (ila_cmp_params(ila, xp)) {
300 prev = ila;
301 ila = rcu_dereference_protected(ila->next,
302 lockdep_is_held(lock));
303 continue;
304 }
305
306 err = 0;
307
308 if (prev) {
309 /* Not head, just delete from list */
310 rcu_assign_pointer(prev->next, ila->next);
311 } else {
312 /* It is the head. If there is something in the
313 * sublist we need to make a new head.
314 */
315 head = rcu_dereference_protected(ila->next,
316 lockdep_is_held(lock));
317 if (head) {
318 /* Put first entry in the sublist into the
319 * table
320 */
321 err = rhashtable_replace_fast(
322 &ilan->xlat.rhash_table, &ila->node,
323 &head->node, rht_params);
324 if (err)
325 goto out;
326 } else {
327 /* Entry no longer used */
328 err = rhashtable_remove_fast(
329 &ilan->xlat.rhash_table,
330 &ila->node, rht_params);
331 }
332 }
333
334 ila_release(ila);
335
336 break;
337 }
338
339 out:
340 spin_unlock(lock);
341
342 return err;
343 }
344
345 int ila_xlat_nl_cmd_add_mapping(struct sk_buff *skb, struct genl_info *info)
346 {
347 struct net *net = genl_info_net(info);
348 struct ila_xlat_params p;
349 int err;
350
351 err = parse_nl_config(info, &p);
352 if (err)
353 return err;
354
355 return ila_add_mapping(net, &p);
356 }
357
358 int ila_xlat_nl_cmd_del_mapping(struct sk_buff *skb, struct genl_info *info)
359 {
360 struct net *net = genl_info_net(info);
361 struct ila_xlat_params xp;
362 int err;
363
364 err = parse_nl_config(info, &xp);
365 if (err)
366 return err;
367
368 ila_del_mapping(net, &xp);
369
370 return 0;
371 }
372
373 static inline spinlock_t *lock_from_ila_map(struct ila_net *ilan,
374 struct ila_map *ila)
375 {
376 return ila_get_lock(ilan, ila->xp.ip.locator_match);
377 }
378
379 int ila_xlat_nl_cmd_flush(struct sk_buff *skb, struct genl_info *info)
380 {
381 struct net *net = genl_info_net(info);
382 struct ila_net *ilan = net_generic(net, ila_net_id);
383 struct rhashtable_iter iter;
384 struct ila_map *ila;
385 spinlock_t *lock;
386 int ret = 0;
387
388 rhashtable_walk_enter(&ilan->xlat.rhash_table, &iter);
389 rhashtable_walk_start(&iter);
390
391 for (;;) {
392 ila = rhashtable_walk_next(&iter);
393
394 if (IS_ERR(ila)) {
395 if (PTR_ERR(ila) == -EAGAIN)
396 continue;
397 ret = PTR_ERR(ila);
398 goto done;
399 } else if (!ila) {
400 break;
401 }
402
403 lock = lock_from_ila_map(ilan, ila);
404
405 spin_lock(lock);
406
407 ret = rhashtable_remove_fast(&ilan->xlat.rhash_table,
408 &ila->node, rht_params);
409 if (!ret)
410 ila_free_node(ila);
411
412 spin_unlock(lock);
413
414 if (ret)
415 break;
416 }
417
418 done:
419 rhashtable_walk_stop(&iter);
420 rhashtable_walk_exit(&iter);
421 return ret;
422 }
423
424 static int ila_fill_info(struct ila_map *ila, struct sk_buff *msg)
425 {
426 if (nla_put_u64_64bit(msg, ILA_ATTR_LOCATOR,
427 (__force u64)ila->xp.ip.locator.v64,
428 ILA_ATTR_PAD) ||
429 nla_put_u64_64bit(msg, ILA_ATTR_LOCATOR_MATCH,
430 (__force u64)ila->xp.ip.locator_match.v64,
431 ILA_ATTR_PAD) ||
432 nla_put_s32(msg, ILA_ATTR_IFINDEX, ila->xp.ifindex) ||
433 nla_put_u8(msg, ILA_ATTR_CSUM_MODE, ila->xp.ip.csum_mode) ||
434 nla_put_u8(msg, ILA_ATTR_IDENT_TYPE, ila->xp.ip.ident_type))
435 return -1;
436
437 return 0;
438 }
439
440 static int ila_dump_info(struct ila_map *ila,
441 u32 portid, u32 seq, u32 flags,
442 struct sk_buff *skb, u8 cmd)
443 {
444 void *hdr;
445
446 hdr = genlmsg_put(skb, portid, seq, &ila_nl_family, flags, cmd);
447 if (!hdr)
448 return -ENOMEM;
449
450 if (ila_fill_info(ila, skb) < 0)
451 goto nla_put_failure;
452
453 genlmsg_end(skb, hdr);
454 return 0;
455
456 nla_put_failure:
457 genlmsg_cancel(skb, hdr);
458 return -EMSGSIZE;
459 }
460
461 int ila_xlat_nl_cmd_get_mapping(struct sk_buff *skb, struct genl_info *info)
462 {
463 struct net *net = genl_info_net(info);
464 struct ila_net *ilan = net_generic(net, ila_net_id);
465 struct sk_buff *msg;
466 struct ila_xlat_params xp;
467 struct ila_map *ila;
468 int ret;
469
470 ret = parse_nl_config(info, &xp);
471 if (ret)
472 return ret;
473
474 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
475 if (!msg)
476 return -ENOMEM;
477
478 rcu_read_lock();
479
480 ret = -ESRCH;
481 ila = ila_lookup_by_params(&xp, ilan);
482 if (ila) {
483 ret = ila_dump_info(ila,
484 info->snd_portid,
485 info->snd_seq, 0, msg,
486 info->genlhdr->cmd);
487 }
488
489 rcu_read_unlock();
490
491 if (ret < 0)
492 goto out_free;
493
494 return genlmsg_reply(msg, info);
495
496 out_free:
497 nlmsg_free(msg);
498 return ret;
499 }
500
501 struct ila_dump_iter {
502 struct rhashtable_iter rhiter;
503 int skip;
504 };
505
506 int ila_xlat_nl_dump_start(struct netlink_callback *cb)
507 {
508 struct net *net = sock_net(cb->skb->sk);
509 struct ila_net *ilan = net_generic(net, ila_net_id);
510 struct ila_dump_iter *iter;
511
512 iter = kmalloc(sizeof(*iter), GFP_KERNEL);
513 if (!iter)
514 return -ENOMEM;
515
516 rhashtable_walk_enter(&ilan->xlat.rhash_table, &iter->rhiter);
517
518 iter->skip = 0;
519 cb->args[0] = (long)iter;
520
521 return 0;
522 }
523
524 int ila_xlat_nl_dump_done(struct netlink_callback *cb)
525 {
526 struct ila_dump_iter *iter = (struct ila_dump_iter *)cb->args[0];
527
528 rhashtable_walk_exit(&iter->rhiter);
529
530 kfree(iter);
531
532 return 0;
533 }
534
535 int ila_xlat_nl_dump(struct sk_buff *skb, struct netlink_callback *cb)
536 {
537 struct ila_dump_iter *iter = (struct ila_dump_iter *)cb->args[0];
538 struct rhashtable_iter *rhiter = &iter->rhiter;
539 int skip = iter->skip;
540 struct ila_map *ila;
541 int ret;
542
543 rhashtable_walk_start(rhiter);
544
545 /* Get first entry */
546 ila = rhashtable_walk_peek(rhiter);
547
548 if (ila && !IS_ERR(ila) && skip) {
549 /* Skip over visited entries */
550
551 while (ila && skip) {
552 /* Skip over any ila entries in this list that we
553 * have already dumped.
554 */
555 ila = rcu_access_pointer(ila->next);
556 skip--;
557 }
558 }
559
560 skip = 0;
561
562 for (;;) {
563 if (IS_ERR(ila)) {
564 ret = PTR_ERR(ila);
565 if (ret == -EAGAIN) {
566 /* Table has changed and iter has reset. Return
567 * -EAGAIN to the application even if we have
568 * written data to the skb. The application
569 * needs to deal with this.
570 */
571
572 goto out_ret;
573 } else {
574 break;
575 }
576 } else if (!ila) {
577 ret = 0;
578 break;
579 }
580
581 while (ila) {
582 ret = ila_dump_info(ila, NETLINK_CB(cb->skb).portid,
583 cb->nlh->nlmsg_seq, NLM_F_MULTI,
584 skb, ILA_CMD_GET);
585 if (ret)
586 goto out;
587
588 skip++;
589 ila = rcu_access_pointer(ila->next);
590 }
591
592 skip = 0;
593 ila = rhashtable_walk_next(rhiter);
594 }
595
596 out:
597 iter->skip = skip;
598 ret = (skb->len ? : ret);
599
600 out_ret:
601 rhashtable_walk_stop(rhiter);
602 return ret;
603 }
604
605 int ila_xlat_init_net(struct net *net)
606 {
607 struct ila_net *ilan = net_generic(net, ila_net_id);
608 int err;
609
610 err = alloc_ila_locks(ilan);
611 if (err)
612 return err;
613
614 err = rhashtable_init(&ilan->xlat.rhash_table, &rht_params);
615 if (err) {
616 free_bucket_spinlocks(ilan->xlat.locks);
617 return err;
618 }
619
620 return 0;
621 }
622
623 void ila_xlat_pre_exit_net(struct net *net)
624 {
625 struct ila_net *ilan = net_generic(net, ila_net_id);
626
627 if (ilan->xlat.hooks_registered)
628 nf_unregister_net_hooks(net, ila_nf_hook_ops,
629 ARRAY_SIZE(ila_nf_hook_ops));
630 }
631
632 void ila_xlat_exit_net(struct net *net)
633 {
634 struct ila_net *ilan = net_generic(net, ila_net_id);
635
636 rhashtable_free_and_destroy(&ilan->xlat.rhash_table, ila_free_cb, NULL);
637
638 free_bucket_spinlocks(ilan->xlat.locks);
639 }
640
641 static int ila_xlat_addr(struct sk_buff *skb, bool sir2ila)
642 {
643 struct ila_map *ila;
644 struct ipv6hdr *ip6h = ipv6_hdr(skb);
645 struct net *net = dev_net(skb->dev);
646 struct ila_net *ilan = net_generic(net, ila_net_id);
647 struct ila_addr *iaddr = ila_a2i(&ip6h->daddr);
648
649 /* Assumes skb contains a valid IPv6 header that is pulled */
650
651 /* No check here that ILA type in the mapping matches what is in the
652 * address. We assume that whatever sender gaves us can be translated.
653 * The checksum mode however is relevant.
654 */
655
656 rcu_read_lock();
657
658 ila = ila_lookup_wildcards(iaddr, skb->dev->ifindex, ilan);
659 if (ila)
660 ila_update_ipv6_locator(skb, &ila->xp.ip, sir2ila);
661
662 rcu_read_unlock();
663
664 return 0;
665 }
Linux Kernel