net/sched/act_ife.c

0001 // SPDX-License-Identifier: GPL-2.0-or-later
0002 /*
0003  * net/sched/ife.c  Inter-FE action based on ForCES WG InterFE LFB
0004  *
0005  *      Refer to:
0006  *      draft-ietf-forces-interfelfb-03
0007  *      and
0008  *      netdev01 paper:
0009  *      "Distributing Linux Traffic Control Classifier-Action
0010  *      Subsystem"
0011  *      Authors: Jamal Hadi Salim and Damascene M. Joachimpillai
0012  *
0013  * copyright Jamal Hadi Salim (2015)
0014 */
0015
0016 #include <linux/types.h>
0017 #include <linux/kernel.h>
0018 #include <linux/string.h>
0019 #include <linux/errno.h>
0020 #include <linux/skbuff.h>
0021 #include <linux/rtnetlink.h>
0022 #include <linux/module.h>
0023 #include <linux/init.h>
0024 #include <net/net_namespace.h>
0025 #include <net/netlink.h>
0026 #include <net/pkt_sched.h>
0027 #include <net/pkt_cls.h>
0028 #include <uapi/linux/tc_act/tc_ife.h>
0029 #include <net/tc_act/tc_ife.h>
0030 #include <linux/etherdevice.h>
0031 #include <net/ife.h>
0032
0033 static unsigned int ife_net_id;
0034 static int max_metacnt = IFE_META_MAX + 1;
0035 static struct tc_action_ops act_ife_ops;
0036
0037 static const struct nla_policy ife_policy[TCA_IFE_MAX + 1] = {
0038     [TCA_IFE_PARMS] = { .len = sizeof(struct tc_ife)},
0039     [TCA_IFE_DMAC] = { .len = ETH_ALEN},
0040     [TCA_IFE_SMAC] = { .len = ETH_ALEN},
0041     [TCA_IFE_TYPE] = { .type = NLA_U16},
0042 };
0043
0044 int ife_encode_meta_u16(u16 metaval, void *skbdata, struct tcf_meta_info *mi)
0045 {
0046     u16 edata = 0;
0047
0048     if (mi->metaval)
0049         edata = *(u16 *)mi->metaval;
0050     else if (metaval)
0051         edata = metaval;
0052
0053     if (!edata) /* will not encode */
0054         return 0;
0055
0056     edata = htons(edata);
0057     return ife_tlv_meta_encode(skbdata, mi->metaid, 2, &edata);
0058 }
0059 EXPORT_SYMBOL_GPL(ife_encode_meta_u16);
0060
0061 int ife_get_meta_u32(struct sk_buff *skb, struct tcf_meta_info *mi)
0062 {
0063     if (mi->metaval)
0064         return nla_put_u32(skb, mi->metaid, *(u32 *)mi->metaval);
0065     else
0066         return nla_put(skb, mi->metaid, 0, NULL);
0067 }
0068 EXPORT_SYMBOL_GPL(ife_get_meta_u32);
0069
0070 int ife_check_meta_u32(u32 metaval, struct tcf_meta_info *mi)
0071 {
0072     if (metaval || mi->metaval)
0073         return 8; /* T+L+V == 2+2+4 */
0074
0075     return 0;
0076 }
0077 EXPORT_SYMBOL_GPL(ife_check_meta_u32);
0078
0079 int ife_check_meta_u16(u16 metaval, struct tcf_meta_info *mi)
0080 {
0081     if (metaval || mi->metaval)
0082         return 8; /* T+L+(V) == 2+2+(2+2bytepad) */
0083
0084     return 0;
0085 }
0086 EXPORT_SYMBOL_GPL(ife_check_meta_u16);
0087
0088 int ife_encode_meta_u32(u32 metaval, void *skbdata, struct tcf_meta_info *mi)
0089 {
0090     u32 edata = metaval;
0091
0092     if (mi->metaval)
0093         edata = *(u32 *)mi->metaval;
0094     else if (metaval)
0095         edata = metaval;
0096
0097     if (!edata) /* will not encode */
0098         return 0;
0099
0100     edata = htonl(edata);
0101     return ife_tlv_meta_encode(skbdata, mi->metaid, 4, &edata);
0102 }
0103 EXPORT_SYMBOL_GPL(ife_encode_meta_u32);
0104
0105 int ife_get_meta_u16(struct sk_buff *skb, struct tcf_meta_info *mi)
0106 {
0107     if (mi->metaval)
0108         return nla_put_u16(skb, mi->metaid, *(u16 *)mi->metaval);
0109     else
0110         return nla_put(skb, mi->metaid, 0, NULL);
0111 }
0112 EXPORT_SYMBOL_GPL(ife_get_meta_u16);
0113
0114 int ife_alloc_meta_u32(struct tcf_meta_info *mi, void *metaval, gfp_t gfp)
0115 {
0116     mi->metaval = kmemdup(metaval, sizeof(u32), gfp);
0117     if (!mi->metaval)
0118         return -ENOMEM;
0119
0120     return 0;
0121 }
0122 EXPORT_SYMBOL_GPL(ife_alloc_meta_u32);
0123
0124 int ife_alloc_meta_u16(struct tcf_meta_info *mi, void *metaval, gfp_t gfp)
0125 {
0126     mi->metaval = kmemdup(metaval, sizeof(u16), gfp);
0127     if (!mi->metaval)
0128         return -ENOMEM;
0129
0130     return 0;
0131 }
0132 EXPORT_SYMBOL_GPL(ife_alloc_meta_u16);
0133
0134 void ife_release_meta_gen(struct tcf_meta_info *mi)
0135 {
0136     kfree(mi->metaval);
0137 }
0138 EXPORT_SYMBOL_GPL(ife_release_meta_gen);
0139
0140 int ife_validate_meta_u32(void *val, int len)
0141 {
0142     if (len == sizeof(u32))
0143         return 0;
0144
0145     return -EINVAL;
0146 }
0147 EXPORT_SYMBOL_GPL(ife_validate_meta_u32);
0148
0149 int ife_validate_meta_u16(void *val, int len)
0150 {
0151     /* length will not include padding */
0152     if (len == sizeof(u16))
0153         return 0;
0154
0155     return -EINVAL;
0156 }
0157 EXPORT_SYMBOL_GPL(ife_validate_meta_u16);
0158
0159 static LIST_HEAD(ifeoplist);
0160 static DEFINE_RWLOCK(ife_mod_lock);
0161
0162 static struct tcf_meta_ops *find_ife_oplist(u16 metaid)
0163 {
0164     struct tcf_meta_ops *o;
0165
0166     read_lock(&ife_mod_lock);
0167     list_for_each_entry(o, &ifeoplist, list) {
0168         if (o->metaid == metaid) {
0169             if (!try_module_get(o->owner))
0170                 o = NULL;
0171             read_unlock(&ife_mod_lock);
0172             return o;
0173         }
0174     }
0175     read_unlock(&ife_mod_lock);
0176
0177     return NULL;
0178 }
0179
0180 int register_ife_op(struct tcf_meta_ops *mops)
0181 {
0182     struct tcf_meta_ops *m;
0183
0184     if (!mops->metaid || !mops->metatype || !mops->name ||
0185         !mops->check_presence || !mops->encode || !mops->decode ||
0186         !mops->get || !mops->alloc)
0187         return -EINVAL;
0188
0189     write_lock(&ife_mod_lock);
0190
0191     list_for_each_entry(m, &ifeoplist, list) {
0192         if (m->metaid == mops->metaid ||
0193             (strcmp(mops->name, m->name) == 0)) {
0194             write_unlock(&ife_mod_lock);
0195             return -EEXIST;
0196         }
0197     }
0198
0199     if (!mops->release)
0200         mops->release = ife_release_meta_gen;
0201
0202     list_add_tail(&mops->list, &ifeoplist);
0203     write_unlock(&ife_mod_lock);
0204     return 0;
0205 }
0206 EXPORT_SYMBOL_GPL(unregister_ife_op);
0207
0208 int unregister_ife_op(struct tcf_meta_ops *mops)
0209 {
0210     struct tcf_meta_ops *m;
0211     int err = -ENOENT;
0212
0213     write_lock(&ife_mod_lock);
0214     list_for_each_entry(m, &ifeoplist, list) {
0215         if (m->metaid == mops->metaid) {
0216             list_del(&mops->list);
0217             err = 0;
0218             break;
0219         }
0220     }
0221     write_unlock(&ife_mod_lock);
0222
0223     return err;
0224 }
0225 EXPORT_SYMBOL_GPL(register_ife_op);
0226
0227 static int ife_validate_metatype(struct tcf_meta_ops *ops, void *val, int len)
0228 {
0229     int ret = 0;
0230     /* XXX: unfortunately cant use nla_policy at this point
0231     * because a length of 0 is valid in the case of
0232     * "allow". "use" semantics do enforce for proper
0233     * length and i couldve use nla_policy but it makes it hard
0234     * to use it just for that..
0235     */
0236     if (ops->validate)
0237         return ops->validate(val, len);
0238
0239     if (ops->metatype == NLA_U32)
0240         ret = ife_validate_meta_u32(val, len);
0241     else if (ops->metatype == NLA_U16)
0242         ret = ife_validate_meta_u16(val, len);
0243
0244     return ret;
0245 }
0246
0247 #ifdef CONFIG_MODULES
0248 static const char *ife_meta_id2name(u32 metaid)
0249 {
0250     switch (metaid) {
0251     case IFE_META_SKBMARK:
0252         return "skbmark";
0253     case IFE_META_PRIO:
0254         return "skbprio";
0255     case IFE_META_TCINDEX:
0256         return "tcindex";
0257     default:
0258         return "unknown";
0259     }
0260 }
0261 #endif
0262
0263 /* called when adding new meta information
0264 */
0265 static int load_metaops_and_vet(u32 metaid, void *val, int len, bool rtnl_held)
0266 {
0267     struct tcf_meta_ops *ops = find_ife_oplist(metaid);
0268     int ret = 0;
0269
0270     if (!ops) {
0271         ret = -ENOENT;
0272 #ifdef CONFIG_MODULES
0273         if (rtnl_held)
0274             rtnl_unlock();
0275         request_module("ife-meta-%s", ife_meta_id2name(metaid));
0276         if (rtnl_held)
0277             rtnl_lock();
0278         ops = find_ife_oplist(metaid);
0279 #endif
0280     }
0281
0282     if (ops) {
0283         ret = 0;
0284         if (len)
0285             ret = ife_validate_metatype(ops, val, len);
0286
0287         module_put(ops->owner);
0288     }
0289
0290     return ret;
0291 }
0292
0293 /* called when adding new meta information
0294 */
0295 static int __add_metainfo(const struct tcf_meta_ops *ops,
0296               struct tcf_ife_info *ife, u32 metaid, void *metaval,
0297               int len, bool atomic, bool exists)
0298 {
0299     struct tcf_meta_info *mi = NULL;
0300     int ret = 0;
0301
0302     mi = kzalloc(sizeof(*mi), atomic ? GFP_ATOMIC : GFP_KERNEL);
0303     if (!mi)
0304         return -ENOMEM;
0305
0306     mi->metaid = metaid;
0307     mi->ops = ops;
0308     if (len > 0) {
0309         ret = ops->alloc(mi, metaval, atomic ? GFP_ATOMIC : GFP_KERNEL);
0310         if (ret != 0) {
0311             kfree(mi);
0312             return ret;
0313         }
0314     }
0315
0316     if (exists)
0317         spin_lock_bh(&ife->tcf_lock);
0318     list_add_tail(&mi->metalist, &ife->metalist);
0319     if (exists)
0320         spin_unlock_bh(&ife->tcf_lock);
0321
0322     return ret;
0323 }
0324
0325 static int add_metainfo_and_get_ops(const struct tcf_meta_ops *ops,
0326                     struct tcf_ife_info *ife, u32 metaid,
0327                     bool exists)
0328 {
0329     int ret;
0330
0331     if (!try_module_get(ops->owner))
0332         return -ENOENT;
0333     ret = __add_metainfo(ops, ife, metaid, NULL, 0, true, exists);
0334     if (ret)
0335         module_put(ops->owner);
0336     return ret;
0337 }
0338
0339 static int add_metainfo(struct tcf_ife_info *ife, u32 metaid, void *metaval,
0340             int len, bool exists)
0341 {
0342     const struct tcf_meta_ops *ops = find_ife_oplist(metaid);
0343     int ret;
0344
0345     if (!ops)
0346         return -ENOENT;
0347     ret = __add_metainfo(ops, ife, metaid, metaval, len, false, exists);
0348     if (ret)
0349         /*put back what find_ife_oplist took */
0350         module_put(ops->owner);
0351     return ret;
0352 }
0353
0354 static int use_all_metadata(struct tcf_ife_info *ife, bool exists)
0355 {
0356     struct tcf_meta_ops *o;
0357     int rc = 0;
0358     int installed = 0;
0359
0360     read_lock(&ife_mod_lock);
0361     list_for_each_entry(o, &ifeoplist, list) {
0362         rc = add_metainfo_and_get_ops(o, ife, o->metaid, exists);
0363         if (rc == 0)
0364             installed += 1;
0365     }
0366     read_unlock(&ife_mod_lock);
0367
0368     if (installed)
0369         return 0;
0370     else
0371         return -EINVAL;
0372 }
0373
0374 static int dump_metalist(struct sk_buff *skb, struct tcf_ife_info *ife)
0375 {
0376     struct tcf_meta_info *e;
0377     struct nlattr *nest;
0378     unsigned char *b = skb_tail_pointer(skb);
0379     int total_encoded = 0;
0380
0381     /*can only happen on decode */
0382     if (list_empty(&ife->metalist))
0383         return 0;
0384
0385     nest = nla_nest_start_noflag(skb, TCA_IFE_METALST);
0386     if (!nest)
0387         goto out_nlmsg_trim;
0388
0389     list_for_each_entry(e, &ife->metalist, metalist) {
0390         if (!e->ops->get(skb, e))
0391             total_encoded += 1;
0392     }
0393
0394     if (!total_encoded)
0395         goto out_nlmsg_trim;
0396
0397     nla_nest_end(skb, nest);
0398
0399     return 0;
0400
0401 out_nlmsg_trim:
0402     nlmsg_trim(skb, b);
0403     return -1;
0404 }
0405
0406 /* under ife->tcf_lock */
0407 static void _tcf_ife_cleanup(struct tc_action *a)
0408 {
0409     struct tcf_ife_info *ife = to_ife(a);
0410     struct tcf_meta_info *e, *n;
0411
0412     list_for_each_entry_safe(e, n, &ife->metalist, metalist) {
0413         list_del(&e->metalist);
0414         if (e->metaval) {
0415             if (e->ops->release)
0416                 e->ops->release(e);
0417             else
0418                 kfree(e->metaval);
0419         }
0420         module_put(e->ops->owner);
0421         kfree(e);
0422     }
0423 }
0424
0425 static void tcf_ife_cleanup(struct tc_action *a)
0426 {
0427     struct tcf_ife_info *ife = to_ife(a);
0428     struct tcf_ife_params *p;
0429
0430     spin_lock_bh(&ife->tcf_lock);
0431     _tcf_ife_cleanup(a);
0432     spin_unlock_bh(&ife->tcf_lock);
0433
0434     p = rcu_dereference_protected(ife->params, 1);
0435     if (p)
0436         kfree_rcu(p, rcu);
0437 }
0438
0439 static int load_metalist(struct nlattr **tb, bool rtnl_held)
0440 {
0441     int i;
0442
0443     for (i = 1; i < max_metacnt; i++) {
0444         if (tb[i]) {
0445             void *val = nla_data(tb[i]);
0446             int len = nla_len(tb[i]);
0447             int rc;
0448
0449             rc = load_metaops_and_vet(i, val, len, rtnl_held);
0450             if (rc != 0)
0451                 return rc;
0452         }
0453     }
0454
0455     return 0;
0456 }
0457
0458 static int populate_metalist(struct tcf_ife_info *ife, struct nlattr **tb,
0459                  bool exists, bool rtnl_held)
0460 {
0461     int len = 0;
0462     int rc = 0;
0463     int i = 0;
0464     void *val;
0465
0466     for (i = 1; i < max_metacnt; i++) {
0467         if (tb[i]) {
0468             val = nla_data(tb[i]);
0469             len = nla_len(tb[i]);
0470
0471             rc = add_metainfo(ife, i, val, len, exists);
0472             if (rc)
0473                 return rc;
0474         }
0475     }
0476
0477     return rc;
0478 }
0479
0480 static int tcf_ife_init(struct net *net, struct nlattr *nla,
0481             struct nlattr *est, struct tc_action **a,
0482             struct tcf_proto *tp, u32 flags,
0483             struct netlink_ext_ack *extack)
0484 {
0485     struct tc_action_net *tn = net_generic(net, ife_net_id);
0486     bool bind = flags & TCA_ACT_FLAGS_BIND;
0487     struct nlattr *tb[TCA_IFE_MAX + 1];
0488     struct nlattr *tb2[IFE_META_MAX + 1];
0489     struct tcf_chain *goto_ch = NULL;
0490     struct tcf_ife_params *p;
0491     struct tcf_ife_info *ife;
0492     u16 ife_type = ETH_P_IFE;
0493     struct tc_ife *parm;
0494     u8 *daddr = NULL;
0495     u8 *saddr = NULL;
0496     bool exists = false;
0497     int ret = 0;
0498     u32 index;
0499     int err;
0500
0501     if (!nla) {
0502         NL_SET_ERR_MSG_MOD(extack, "IFE requires attributes to be passed");
0503         return -EINVAL;
0504     }
0505
0506     err = nla_parse_nested_deprecated(tb, TCA_IFE_MAX, nla, ife_policy,
0507                       NULL);
0508     if (err < 0)
0509         return err;
0510
0511     if (!tb[TCA_IFE_PARMS])
0512         return -EINVAL;
0513
0514     parm = nla_data(tb[TCA_IFE_PARMS]);
0515
0516     /* IFE_DECODE is 0 and indicates the opposite of IFE_ENCODE because
0517      * they cannot run as the same time. Check on all other values which
0518      * are not supported right now.
0519      */
0520     if (parm->flags & ~IFE_ENCODE)
0521         return -EINVAL;
0522
0523     p = kzalloc(sizeof(*p), GFP_KERNEL);
0524     if (!p)
0525         return -ENOMEM;
0526
0527     if (tb[TCA_IFE_METALST]) {
0528         err = nla_parse_nested_deprecated(tb2, IFE_META_MAX,
0529                           tb[TCA_IFE_METALST], NULL,
0530                           NULL);
0531         if (err) {
0532             kfree(p);
0533             return err;
0534         }
0535         err = load_metalist(tb2, !(flags & TCA_ACT_FLAGS_NO_RTNL));
0536         if (err) {
0537             kfree(p);
0538             return err;
0539         }
0540     }
0541
0542     index = parm->index;
0543     err = tcf_idr_check_alloc(tn, &index, a, bind);
0544     if (err < 0) {
0545         kfree(p);
0546         return err;
0547     }
0548     exists = err;
0549     if (exists && bind) {
0550         kfree(p);
0551         return 0;
0552     }
0553
0554     if (!exists) {
0555         ret = tcf_idr_create(tn, index, est, a, &act_ife_ops,
0556                      bind, true, flags);
0557         if (ret) {
0558             tcf_idr_cleanup(tn, index);
0559             kfree(p);
0560             return ret;
0561         }
0562         ret = ACT_P_CREATED;
0563     } else if (!(flags & TCA_ACT_FLAGS_REPLACE)) {
0564         tcf_idr_release(*a, bind);
0565         kfree(p);
0566         return -EEXIST;
0567     }
0568
0569     ife = to_ife(*a);
0570     if (ret == ACT_P_CREATED)
0571         INIT_LIST_HEAD(&ife->metalist);
0572
0573     err = tcf_action_check_ctrlact(parm->action, tp, &goto_ch, extack);
0574     if (err < 0)
0575         goto release_idr;
0576
0577     p->flags = parm->flags;
0578
0579     if (parm->flags & IFE_ENCODE) {
0580         if (tb[TCA_IFE_TYPE])
0581             ife_type = nla_get_u16(tb[TCA_IFE_TYPE]);
0582         if (tb[TCA_IFE_DMAC])
0583             daddr = nla_data(tb[TCA_IFE_DMAC]);
0584         if (tb[TCA_IFE_SMAC])
0585             saddr = nla_data(tb[TCA_IFE_SMAC]);
0586     }
0587
0588     if (parm->flags & IFE_ENCODE) {
0589         if (daddr)
0590             ether_addr_copy(p->eth_dst, daddr);
0591         else
0592             eth_zero_addr(p->eth_dst);
0593
0594         if (saddr)
0595             ether_addr_copy(p->eth_src, saddr);
0596         else
0597             eth_zero_addr(p->eth_src);
0598
0599         p->eth_type = ife_type;
0600     }
0601
0602     if (tb[TCA_IFE_METALST]) {
0603         err = populate_metalist(ife, tb2, exists,
0604                     !(flags & TCA_ACT_FLAGS_NO_RTNL));
0605         if (err)
0606             goto metadata_parse_err;
0607     } else {
0608         /* if no passed metadata allow list or passed allow-all
0609          * then here we process by adding as many supported metadatum
0610          * as we can. You better have at least one else we are
0611          * going to bail out
0612          */
0613         err = use_all_metadata(ife, exists);
0614         if (err)
0615             goto metadata_parse_err;
0616     }
0617
0618     if (exists)
0619         spin_lock_bh(&ife->tcf_lock);
0620     /* protected by tcf_lock when modifying existing action */
0621     goto_ch = tcf_action_set_ctrlact(*a, parm->action, goto_ch);
0622     p = rcu_replace_pointer(ife->params, p, 1);
0623
0624     if (exists)
0625         spin_unlock_bh(&ife->tcf_lock);
0626     if (goto_ch)
0627         tcf_chain_put_by_act(goto_ch);
0628     if (p)
0629         kfree_rcu(p, rcu);
0630
0631     return ret;
0632 metadata_parse_err:
0633     if (goto_ch)
0634         tcf_chain_put_by_act(goto_ch);
0635 release_idr:
0636     kfree(p);
0637     tcf_idr_release(*a, bind);
0638     return err;
0639 }
0640
0641 static int tcf_ife_dump(struct sk_buff *skb, struct tc_action *a, int bind,
0642             int ref)
0643 {
0644     unsigned char *b = skb_tail_pointer(skb);
0645     struct tcf_ife_info *ife = to_ife(a);
0646     struct tcf_ife_params *p;
0647     struct tc_ife opt = {
0648         .index = ife->tcf_index,
0649         .refcnt = refcount_read(&ife->tcf_refcnt) - ref,
0650         .bindcnt = atomic_read(&ife->tcf_bindcnt) - bind,
0651     };
0652     struct tcf_t t;
0653
0654     spin_lock_bh(&ife->tcf_lock);
0655     opt.action = ife->tcf_action;
0656     p = rcu_dereference_protected(ife->params,
0657                       lockdep_is_held(&ife->tcf_lock));
0658     opt.flags = p->flags;
0659
0660     if (nla_put(skb, TCA_IFE_PARMS, sizeof(opt), &opt))
0661         goto nla_put_failure;
0662
0663     tcf_tm_dump(&t, &ife->tcf_tm);
0664     if (nla_put_64bit(skb, TCA_IFE_TM, sizeof(t), &t, TCA_IFE_PAD))
0665         goto nla_put_failure;
0666
0667     if (!is_zero_ether_addr(p->eth_dst)) {
0668         if (nla_put(skb, TCA_IFE_DMAC, ETH_ALEN, p->eth_dst))
0669             goto nla_put_failure;
0670     }
0671
0672     if (!is_zero_ether_addr(p->eth_src)) {
0673         if (nla_put(skb, TCA_IFE_SMAC, ETH_ALEN, p->eth_src))
0674             goto nla_put_failure;
0675     }
0676
0677     if (nla_put(skb, TCA_IFE_TYPE, 2, &p->eth_type))
0678         goto nla_put_failure;
0679
0680     if (dump_metalist(skb, ife)) {
0681         /*ignore failure to dump metalist */
0682         pr_info("Failed to dump metalist\n");
0683     }
0684
0685     spin_unlock_bh(&ife->tcf_lock);
0686     return skb->len;
0687
0688 nla_put_failure:
0689     spin_unlock_bh(&ife->tcf_lock);
0690     nlmsg_trim(skb, b);
0691     return -1;
0692 }
0693
0694 static int find_decode_metaid(struct sk_buff *skb, struct tcf_ife_info *ife,
0695                   u16 metaid, u16 mlen, void *mdata)
0696 {
0697     struct tcf_meta_info *e;
0698
0699     /* XXX: use hash to speed up */
0700     list_for_each_entry(e, &ife->metalist, metalist) {
0701         if (metaid == e->metaid) {
0702             if (e->ops) {
0703                 /* We check for decode presence already */
0704                 return e->ops->decode(skb, mdata, mlen);
0705             }
0706         }
0707     }
0708
0709     return -ENOENT;
0710 }
0711
0712 static int tcf_ife_decode(struct sk_buff *skb, const struct tc_action *a,
0713               struct tcf_result *res)
0714 {
0715     struct tcf_ife_info *ife = to_ife(a);
0716     int action = ife->tcf_action;
0717     u8 *ifehdr_end;
0718     u8 *tlv_data;
0719     u16 metalen;
0720
0721     bstats_update(this_cpu_ptr(ife->common.cpu_bstats), skb);
0722     tcf_lastuse_update(&ife->tcf_tm);
0723
0724     if (skb_at_tc_ingress(skb))
0725         skb_push(skb, skb->dev->hard_header_len);
0726
0727     tlv_data = ife_decode(skb, &metalen);
0728     if (unlikely(!tlv_data)) {
0729         qstats_drop_inc(this_cpu_ptr(ife->common.cpu_qstats));
0730         return TC_ACT_SHOT;
0731     }
0732
0733     ifehdr_end = tlv_data + metalen;
0734     for (; tlv_data < ifehdr_end; tlv_data = ife_tlv_meta_next(tlv_data)) {
0735         u8 *curr_data;
0736         u16 mtype;
0737         u16 dlen;
0738
0739         curr_data = ife_tlv_meta_decode(tlv_data, ifehdr_end, &mtype,
0740                         &dlen, NULL);
0741         if (!curr_data) {
0742             qstats_drop_inc(this_cpu_ptr(ife->common.cpu_qstats));
0743             return TC_ACT_SHOT;
0744         }
0745
0746         if (find_decode_metaid(skb, ife, mtype, dlen, curr_data)) {
0747             /* abuse overlimits to count when we receive metadata
0748              * but dont have an ops for it
0749              */
0750             pr_info_ratelimited("Unknown metaid %d dlen %d\n",
0751                         mtype, dlen);
0752             qstats_overlimit_inc(this_cpu_ptr(ife->common.cpu_qstats));
0753         }
0754     }
0755
0756     if (WARN_ON(tlv_data != ifehdr_end)) {
0757         qstats_drop_inc(this_cpu_ptr(ife->common.cpu_qstats));
0758         return TC_ACT_SHOT;
0759     }
0760
0761     skb->protocol = eth_type_trans(skb, skb->dev);
0762     skb_reset_network_header(skb);
0763
0764     return action;
0765 }
0766
0767 /*XXX: check if we can do this at install time instead of current
0768  * send data path
0769 **/
0770 static int ife_get_sz(struct sk_buff *skb, struct tcf_ife_info *ife)
0771 {
0772     struct tcf_meta_info *e, *n;
0773     int tot_run_sz = 0, run_sz = 0;
0774
0775     list_for_each_entry_safe(e, n, &ife->metalist, metalist) {
0776         if (e->ops->check_presence) {
0777             run_sz = e->ops->check_presence(skb, e);
0778             tot_run_sz += run_sz;
0779         }
0780     }
0781
0782     return tot_run_sz;
0783 }
0784
0785 static int tcf_ife_encode(struct sk_buff *skb, const struct tc_action *a,
0786               struct tcf_result *res, struct tcf_ife_params *p)
0787 {
0788     struct tcf_ife_info *ife = to_ife(a);
0789     int action = ife->tcf_action;
0790     struct ethhdr *oethh;   /* outer ether header */
0791     struct tcf_meta_info *e;
0792     /*
0793        OUTERHDR:TOTMETALEN:{TLVHDR:Metadatum:TLVHDR..}:ORIGDATA
0794        where ORIGDATA = original ethernet header ...
0795      */
0796     u16 metalen = ife_get_sz(skb, ife);
0797     int hdrm = metalen + skb->dev->hard_header_len + IFE_METAHDRLEN;
0798     unsigned int skboff = 0;
0799     int new_len = skb->len + hdrm;
0800     bool exceed_mtu = false;
0801     void *ife_meta;
0802     int err = 0;
0803
0804     if (!skb_at_tc_ingress(skb)) {
0805         if (new_len > skb->dev->mtu)
0806             exceed_mtu = true;
0807     }
0808
0809     bstats_update(this_cpu_ptr(ife->common.cpu_bstats), skb);
0810     tcf_lastuse_update(&ife->tcf_tm);
0811
0812     if (!metalen) {     /* no metadata to send */
0813         /* abuse overlimits to count when we allow packet
0814          * with no metadata
0815          */
0816         qstats_overlimit_inc(this_cpu_ptr(ife->common.cpu_qstats));
0817         return action;
0818     }
0819     /* could be stupid policy setup or mtu config
0820      * so lets be conservative.. */
0821     if ((action == TC_ACT_SHOT) || exceed_mtu) {
0822         qstats_drop_inc(this_cpu_ptr(ife->common.cpu_qstats));
0823         return TC_ACT_SHOT;
0824     }
0825
0826     if (skb_at_tc_ingress(skb))
0827         skb_push(skb, skb->dev->hard_header_len);
0828
0829     ife_meta = ife_encode(skb, metalen);
0830
0831     spin_lock(&ife->tcf_lock);
0832
0833     /* XXX: we dont have a clever way of telling encode to
0834      * not repeat some of the computations that are done by
0835      * ops->presence_check...
0836      */
0837     list_for_each_entry(e, &ife->metalist, metalist) {
0838         if (e->ops->encode) {
0839             err = e->ops->encode(skb, (void *)(ife_meta + skboff),
0840                          e);
0841         }
0842         if (err < 0) {
0843             /* too corrupt to keep around if overwritten */
0844             spin_unlock(&ife->tcf_lock);
0845             qstats_drop_inc(this_cpu_ptr(ife->common.cpu_qstats));
0846             return TC_ACT_SHOT;
0847         }
0848         skboff += err;
0849     }
0850     spin_unlock(&ife->tcf_lock);
0851     oethh = (struct ethhdr *)skb->data;
0852
0853     if (!is_zero_ether_addr(p->eth_src))
0854         ether_addr_copy(oethh->h_source, p->eth_src);
0855     if (!is_zero_ether_addr(p->eth_dst))
0856         ether_addr_copy(oethh->h_dest, p->eth_dst);
0857     oethh->h_proto = htons(p->eth_type);
0858
0859     if (skb_at_tc_ingress(skb))
0860         skb_pull(skb, skb->dev->hard_header_len);
0861
0862     return action;
0863 }
0864
0865 static int tcf_ife_act(struct sk_buff *skb, const struct tc_action *a,
0866                struct tcf_result *res)
0867 {
0868     struct tcf_ife_info *ife = to_ife(a);
0869     struct tcf_ife_params *p;
0870     int ret;
0871
0872     p = rcu_dereference_bh(ife->params);
0873     if (p->flags & IFE_ENCODE) {
0874         ret = tcf_ife_encode(skb, a, res, p);
0875         return ret;
0876     }
0877
0878     return tcf_ife_decode(skb, a, res);
0879 }
0880
0881 static int tcf_ife_walker(struct net *net, struct sk_buff *skb,
0882               struct netlink_callback *cb, int type,
0883               const struct tc_action_ops *ops,
0884               struct netlink_ext_ack *extack)
0885 {
0886     struct tc_action_net *tn = net_generic(net, ife_net_id);
0887
0888     return tcf_generic_walker(tn, skb, cb, type, ops, extack);
0889 }
0890
0891 static int tcf_ife_search(struct net *net, struct tc_action **a, u32 index)
0892 {
0893     struct tc_action_net *tn = net_generic(net, ife_net_id);
0894
0895     return tcf_idr_search(tn, a, index);
0896 }
0897
0898 static struct tc_action_ops act_ife_ops = {
0899     .kind = "ife",
0900     .id = TCA_ID_IFE,
0901     .owner = THIS_MODULE,
0902     .act = tcf_ife_act,
0903     .dump = tcf_ife_dump,
0904     .cleanup = tcf_ife_cleanup,
0905     .init = tcf_ife_init,
0906     .walk = tcf_ife_walker,
0907     .lookup = tcf_ife_search,
0908     .size = sizeof(struct tcf_ife_info),
0909 };
0910
0911 static __net_init int ife_init_net(struct net *net)
0912 {
0913     struct tc_action_net *tn = net_generic(net, ife_net_id);
0914
0915     return tc_action_net_init(net, tn, &act_ife_ops);
0916 }
0917
0918 static void __net_exit ife_exit_net(struct list_head *net_list)
0919 {
0920     tc_action_net_exit(net_list, ife_net_id);
0921 }
0922
0923 static struct pernet_operations ife_net_ops = {
0924     .init = ife_init_net,
0925     .exit_batch = ife_exit_net,
0926     .id   = &ife_net_id,
0927     .size = sizeof(struct tc_action_net),
0928 };
0929
0930 static int __init ife_init_module(void)
0931 {
0932     return tcf_register_action(&act_ife_ops, &ife_net_ops);
0933 }
0934
0935 static void __exit ife_cleanup_module(void)
0936 {
0937     tcf_unregister_action(&act_ife_ops, &ife_net_ops);
0938 }
0939
0940 module_init(ife_init_module);
0941 module_exit(ife_cleanup_module);
0942
0943 MODULE_AUTHOR("Jamal Hadi Salim(2015)");
0944 MODULE_DESCRIPTION("Inter-FE LFB action");
0945 MODULE_LICENSE("GPL");