search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
btrfs: check page->mapping when loading free space cache
[linux/fpc-iii.git] / net / sched / act_mirred.c
blob08923b21e56607f4b163dafa4e2f97d348a34061
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * net/sched/act_mirred.c packet mirroring and redirect actions
4 *
5 * Authors: Jamal Hadi Salim (2002-4)
6 *
7 * TODO: Add ingress support (and socket redirect support)
8 */
9
10 #include <linux/types.h>
11 #include <linux/kernel.h>
12 #include <linux/string.h>
13 #include <linux/errno.h>
14 #include <linux/skbuff.h>
15 #include <linux/rtnetlink.h>
16 #include <linux/module.h>
17 #include <linux/init.h>
18 #include <linux/gfp.h>
19 #include <linux/if_arp.h>
20 #include <net/net_namespace.h>
21 #include <net/netlink.h>
22 #include <net/pkt_sched.h>
23 #include <net/pkt_cls.h>
24 #include <linux/tc_act/tc_mirred.h>
25 #include <net/tc_act/tc_mirred.h>
26
27 static LIST_HEAD(mirred_list);
28 static DEFINE_SPINLOCK(mirred_list_lock);
29
30 #define MIRRED_RECURSION_LIMIT 4
31 static DEFINE_PER_CPU(unsigned int, mirred_rec_level);
32
33 static bool tcf_mirred_is_act_redirect(int action)
34 {
35 return action == TCA_EGRESS_REDIR || action == TCA_INGRESS_REDIR;
36 }
37
38 static bool tcf_mirred_act_wants_ingress(int action)
39 {
40 switch (action) {
41 case TCA_EGRESS_REDIR:
42 case TCA_EGRESS_MIRROR:
43 return false;
44 case TCA_INGRESS_REDIR:
45 case TCA_INGRESS_MIRROR:
46 return true;
47 default:
48 BUG();
49 }
50 }
51
52 static bool tcf_mirred_can_reinsert(int action)
53 {
54 switch (action) {
55 case TC_ACT_SHOT:
56 case TC_ACT_STOLEN:
57 case TC_ACT_QUEUED:
58 case TC_ACT_TRAP:
59 return true;
60 }
61 return false;
62 }
63
64 static struct net_device *tcf_mirred_dev_dereference(struct tcf_mirred *m)
65 {
66 return rcu_dereference_protected(m->tcfm_dev,
67 lockdep_is_held(&m->tcf_lock));
68 }
69
70 static void tcf_mirred_release(struct tc_action *a)
71 {
72 struct tcf_mirred *m = to_mirred(a);
73 struct net_device *dev;
74
75 spin_lock(&mirred_list_lock);
76 list_del(&m->tcfm_list);
77 spin_unlock(&mirred_list_lock);
78
79 /* last reference to action, no need to lock */
80 dev = rcu_dereference_protected(m->tcfm_dev, 1);
81 if (dev)
82 dev_put(dev);
83 }
84
85 static const struct nla_policy mirred_policy[TCA_MIRRED_MAX + 1] = {
86 [TCA_MIRRED_PARMS] = { .len = sizeof(struct tc_mirred) },
87 };
88
89 static unsigned int mirred_net_id;
90 static struct tc_action_ops act_mirred_ops;
91
92 static int tcf_mirred_init(struct net *net, struct nlattr *nla,
93 struct nlattr *est, struct tc_action **a,
94 int ovr, int bind, bool rtnl_held,
95 struct tcf_proto *tp,
96 struct netlink_ext_ack *extack)
97 {
98 struct tc_action_net *tn = net_generic(net, mirred_net_id);
99 struct nlattr *tb[TCA_MIRRED_MAX + 1];
100 struct tcf_chain *goto_ch = NULL;
101 bool mac_header_xmit = false;
102 struct tc_mirred *parm;
103 struct tcf_mirred *m;
104 struct net_device *dev;
105 bool exists = false;
106 int ret, err;
107 u32 index;
108
109 if (!nla) {
110 NL_SET_ERR_MSG_MOD(extack, "Mirred requires attributes to be passed");
111 return -EINVAL;
112 }
113 ret = nla_parse_nested_deprecated(tb, TCA_MIRRED_MAX, nla,
114 mirred_policy, extack);
115 if (ret < 0)
116 return ret;
117 if (!tb[TCA_MIRRED_PARMS]) {
118 NL_SET_ERR_MSG_MOD(extack, "Missing required mirred parameters");
119 return -EINVAL;
120 }
121 parm = nla_data(tb[TCA_MIRRED_PARMS]);
122 index = parm->index;
123 err = tcf_idr_check_alloc(tn, &index, a, bind);
124 if (err < 0)
125 return err;
126 exists = err;
127 if (exists && bind)
128 return 0;
129
130 switch (parm->eaction) {
131 case TCA_EGRESS_MIRROR:
132 case TCA_EGRESS_REDIR:
133 case TCA_INGRESS_REDIR:
134 case TCA_INGRESS_MIRROR:
135 break;
136 default:
137 if (exists)
138 tcf_idr_release(*a, bind);
139 else
140 tcf_idr_cleanup(tn, index);
141 NL_SET_ERR_MSG_MOD(extack, "Unknown mirred option");
142 return -EINVAL;
143 }
144
145 if (!exists) {
146 if (!parm->ifindex) {
147 tcf_idr_cleanup(tn, index);
148 NL_SET_ERR_MSG_MOD(extack, "Specified device does not exist");
149 return -EINVAL;
150 }
151 ret = tcf_idr_create(tn, index, est, a,
152 &act_mirred_ops, bind, true);
153 if (ret) {
154 tcf_idr_cleanup(tn, index);
155 return ret;
156 }
157 ret = ACT_P_CREATED;
158 } else if (!ovr) {
159 tcf_idr_release(*a, bind);
160 return -EEXIST;
161 }
162
163 m = to_mirred(*a);
164 if (ret == ACT_P_CREATED)
165 INIT_LIST_HEAD(&m->tcfm_list);
166
167 err = tcf_action_check_ctrlact(parm->action, tp, &goto_ch, extack);
168 if (err < 0)
169 goto release_idr;
170
171 spin_lock_bh(&m->tcf_lock);
172
173 if (parm->ifindex) {
174 dev = dev_get_by_index(net, parm->ifindex);
175 if (!dev) {
176 spin_unlock_bh(&m->tcf_lock);
177 err = -ENODEV;
178 goto put_chain;
179 }
180 mac_header_xmit = dev_is_mac_header_xmit(dev);
181 rcu_swap_protected(m->tcfm_dev, dev,
182 lockdep_is_held(&m->tcf_lock));
183 if (dev)
184 dev_put(dev);
185 m->tcfm_mac_header_xmit = mac_header_xmit;
186 }
187 goto_ch = tcf_action_set_ctrlact(*a, parm->action, goto_ch);
188 m->tcfm_eaction = parm->eaction;
189 spin_unlock_bh(&m->tcf_lock);
190 if (goto_ch)
191 tcf_chain_put_by_act(goto_ch);
192
193 if (ret == ACT_P_CREATED) {
194 spin_lock(&mirred_list_lock);
195 list_add(&m->tcfm_list, &mirred_list);
196 spin_unlock(&mirred_list_lock);
197
198 tcf_idr_insert(tn, *a);
199 }
200
201 return ret;
202 put_chain:
203 if (goto_ch)
204 tcf_chain_put_by_act(goto_ch);
205 release_idr:
206 tcf_idr_release(*a, bind);
207 return err;
208 }
209
210 static int tcf_mirred_act(struct sk_buff *skb, const struct tc_action *a,
211 struct tcf_result *res)
212 {
213 struct tcf_mirred *m = to_mirred(a);
214 struct sk_buff *skb2 = skb;
215 bool m_mac_header_xmit;
216 struct net_device *dev;
217 unsigned int rec_level;
218 int retval, err = 0;
219 bool use_reinsert;
220 bool want_ingress;
221 bool is_redirect;
222 int m_eaction;
223 int mac_len;
224
225 rec_level = __this_cpu_inc_return(mirred_rec_level);
226 if (unlikely(rec_level > MIRRED_RECURSION_LIMIT)) {
227 net_warn_ratelimited("Packet exceeded mirred recursion limit on dev %s\n",
228 netdev_name(skb->dev));
229 __this_cpu_dec(mirred_rec_level);
230 return TC_ACT_SHOT;
231 }
232
233 tcf_lastuse_update(&m->tcf_tm);
234 bstats_cpu_update(this_cpu_ptr(m->common.cpu_bstats), skb);
235
236 m_mac_header_xmit = READ_ONCE(m->tcfm_mac_header_xmit);
237 m_eaction = READ_ONCE(m->tcfm_eaction);
238 retval = READ_ONCE(m->tcf_action);
239 dev = rcu_dereference_bh(m->tcfm_dev);
240 if (unlikely(!dev)) {
241 pr_notice_once("tc mirred: target device is gone\n");
242 goto out;
243 }
244
245 if (unlikely(!(dev->flags & IFF_UP))) {
246 net_notice_ratelimited("tc mirred to Houston: device %s is down\n",
247 dev->name);
248 goto out;
249 }
250
251 /* we could easily avoid the clone only if called by ingress and clsact;
252 * since we can't easily detect the clsact caller, skip clone only for
253 * ingress - that covers the TC S/W datapath.
254 */
255 is_redirect = tcf_mirred_is_act_redirect(m_eaction);
256 use_reinsert = skb_at_tc_ingress(skb) && is_redirect &&
257 tcf_mirred_can_reinsert(retval);
258 if (!use_reinsert) {
259 skb2 = skb_clone(skb, GFP_ATOMIC);
260 if (!skb2)
261 goto out;
262 }
263
264 /* If action's target direction differs than filter's direction,
265 * and devices expect a mac header on xmit, then mac push/pull is
266 * needed.
267 */
268 want_ingress = tcf_mirred_act_wants_ingress(m_eaction);
269 if (skb_at_tc_ingress(skb) != want_ingress && m_mac_header_xmit) {
270 if (!skb_at_tc_ingress(skb)) {
271 /* caught at egress, act ingress: pull mac */
272 mac_len = skb_network_header(skb) - skb_mac_header(skb);
273 skb_pull_rcsum(skb2, mac_len);
274 } else {
275 /* caught at ingress, act egress: push mac */
276 skb_push_rcsum(skb2, skb->mac_len);
277 }
278 }
279
280 skb2->skb_iif = skb->dev->ifindex;
281 skb2->dev = dev;
282
283 /* mirror is always swallowed */
284 if (is_redirect) {
285 skb2->tc_redirected = 1;
286 skb2->tc_from_ingress = skb2->tc_at_ingress;
287 if (skb2->tc_from_ingress)
288 skb2->tstamp = 0;
289 /* let's the caller reinsert the packet, if possible */
290 if (use_reinsert) {
291 res->ingress = want_ingress;
292 res->qstats = this_cpu_ptr(m->common.cpu_qstats);
293 skb_tc_reinsert(skb, res);
294 __this_cpu_dec(mirred_rec_level);
295 return TC_ACT_CONSUMED;
296 }
297 }
298
299 if (!want_ingress)
300 err = dev_queue_xmit(skb2);
301 else
302 err = netif_receive_skb(skb2);
303
304 if (err) {
305 out:
306 qstats_overlimit_inc(this_cpu_ptr(m->common.cpu_qstats));
307 if (tcf_mirred_is_act_redirect(m_eaction))
308 retval = TC_ACT_SHOT;
309 }
310 __this_cpu_dec(mirred_rec_level);
311
312 return retval;
313 }
314
315 static void tcf_stats_update(struct tc_action *a, u64 bytes, u32 packets,
316 u64 lastuse, bool hw)
317 {
318 struct tcf_mirred *m = to_mirred(a);
319 struct tcf_t *tm = &m->tcf_tm;
320
321 _bstats_cpu_update(this_cpu_ptr(a->cpu_bstats), bytes, packets);
322 if (hw)
323 _bstats_cpu_update(this_cpu_ptr(a->cpu_bstats_hw),
324 bytes, packets);
325 tm->lastuse = max_t(u64, tm->lastuse, lastuse);
326 }
327
328 static int tcf_mirred_dump(struct sk_buff *skb, struct tc_action *a, int bind,
329 int ref)
330 {
331 unsigned char *b = skb_tail_pointer(skb);
332 struct tcf_mirred *m = to_mirred(a);
333 struct tc_mirred opt = {
334 .index = m->tcf_index,
335 .refcnt = refcount_read(&m->tcf_refcnt) - ref,
336 .bindcnt = atomic_read(&m->tcf_bindcnt) - bind,
337 };
338 struct net_device *dev;
339 struct tcf_t t;
340
341 spin_lock_bh(&m->tcf_lock);
342 opt.action = m->tcf_action;
343 opt.eaction = m->tcfm_eaction;
344 dev = tcf_mirred_dev_dereference(m);
345 if (dev)
346 opt.ifindex = dev->ifindex;
347
348 if (nla_put(skb, TCA_MIRRED_PARMS, sizeof(opt), &opt))
349 goto nla_put_failure;
350
351 tcf_tm_dump(&t, &m->tcf_tm);
352 if (nla_put_64bit(skb, TCA_MIRRED_TM, sizeof(t), &t, TCA_MIRRED_PAD))
353 goto nla_put_failure;
354 spin_unlock_bh(&m->tcf_lock);
355
356 return skb->len;
357
358 nla_put_failure:
359 spin_unlock_bh(&m->tcf_lock);
360 nlmsg_trim(skb, b);
361 return -1;
362 }
363
364 static int tcf_mirred_walker(struct net *net, struct sk_buff *skb,
365 struct netlink_callback *cb, int type,
366 const struct tc_action_ops *ops,
367 struct netlink_ext_ack *extack)
368 {
369 struct tc_action_net *tn = net_generic(net, mirred_net_id);
370
371 return tcf_generic_walker(tn, skb, cb, type, ops, extack);
372 }
373
374 static int tcf_mirred_search(struct net *net, struct tc_action **a, u32 index)
375 {
376 struct tc_action_net *tn = net_generic(net, mirred_net_id);
377
378 return tcf_idr_search(tn, a, index);
379 }
380
381 static int mirred_device_event(struct notifier_block *unused,
382 unsigned long event, void *ptr)
383 {
384 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
385 struct tcf_mirred *m;
386
387 ASSERT_RTNL();
388 if (event == NETDEV_UNREGISTER) {
389 spin_lock(&mirred_list_lock);
390 list_for_each_entry(m, &mirred_list, tcfm_list) {
391 spin_lock_bh(&m->tcf_lock);
392 if (tcf_mirred_dev_dereference(m) == dev) {
393 dev_put(dev);
394 /* Note : no rcu grace period necessary, as
395 * net_device are already rcu protected.
396 */
397 RCU_INIT_POINTER(m->tcfm_dev, NULL);
398 }
399 spin_unlock_bh(&m->tcf_lock);
400 }
401 spin_unlock(&mirred_list_lock);
402 }
403
404 return NOTIFY_DONE;
405 }
406
407 static struct notifier_block mirred_device_notifier = {
408 .notifier_call = mirred_device_event,
409 };
410
411 static void tcf_mirred_dev_put(void *priv)
412 {
413 struct net_device *dev = priv;
414
415 dev_put(dev);
416 }
417
418 static struct net_device *
419 tcf_mirred_get_dev(const struct tc_action *a,
420 tc_action_priv_destructor *destructor)
421 {
422 struct tcf_mirred *m = to_mirred(a);
423 struct net_device *dev;
424
425 rcu_read_lock();
426 dev = rcu_dereference(m->tcfm_dev);
427 if (dev) {
428 dev_hold(dev);
429 *destructor = tcf_mirred_dev_put;
430 }
431 rcu_read_unlock();
432
433 return dev;
434 }
435
436 static size_t tcf_mirred_get_fill_size(const struct tc_action *act)
437 {
438 return nla_total_size(sizeof(struct tc_mirred));
439 }
440
441 static struct tc_action_ops act_mirred_ops = {
442 .kind = "mirred",
443 .id = TCA_ID_MIRRED,
444 .owner = THIS_MODULE,
445 .act = tcf_mirred_act,
446 .stats_update = tcf_stats_update,
447 .dump = tcf_mirred_dump,
448 .cleanup = tcf_mirred_release,
449 .init = tcf_mirred_init,
450 .walk = tcf_mirred_walker,
451 .lookup = tcf_mirred_search,
452 .get_fill_size = tcf_mirred_get_fill_size,
453 .size = sizeof(struct tcf_mirred),
454 .get_dev = tcf_mirred_get_dev,
455 };
456
457 static __net_init int mirred_init_net(struct net *net)
458 {
459 struct tc_action_net *tn = net_generic(net, mirred_net_id);
460
461 return tc_action_net_init(net, tn, &act_mirred_ops);
462 }
463
464 static void __net_exit mirred_exit_net(struct list_head *net_list)
465 {
466 tc_action_net_exit(net_list, mirred_net_id);
467 }
468
469 static struct pernet_operations mirred_net_ops = {
470 .init = mirred_init_net,
471 .exit_batch = mirred_exit_net,
472 .id = &mirred_net_id,
473 .size = sizeof(struct tc_action_net),
474 };
475
476 MODULE_AUTHOR("Jamal Hadi Salim(2002)");
477 MODULE_DESCRIPTION("Device Mirror/redirect actions");
478 MODULE_LICENSE("GPL");
479
480 static int __init mirred_init_module(void)
481 {
482 int err = register_netdevice_notifier(&mirred_device_notifier);
483 if (err)
484 return err;
485
486 pr_info("Mirror/redirect action on\n");
487 err = tcf_register_action(&act_mirred_ops, &mirred_net_ops);
488 if (err)
489 unregister_netdevice_notifier(&mirred_device_notifier);
490
491 return err;
492 }
493
494 static void __exit mirred_cleanup_module(void)
495 {
496 tcf_unregister_action(&act_mirred_ops, &mirred_net_ops);
497 unregister_netdevice_notifier(&mirred_device_notifier);
498 }
499
500 module_init(mirred_init_module);
501 module_exit(mirred_cleanup_module);
Linux with added FPC-III support