projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
net sched actions: introduce timestamp for firsttime use
[deliverable/linux.git] / net / sched / act_bpf.c
1 /*
2 * Copyright (c) 2015 Jiri Pirko <jiri@resnulli.us>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
8 */
9
10 #include <linux/module.h>
11 #include <linux/init.h>
12 #include <linux/kernel.h>
13 #include <linux/skbuff.h>
14 #include <linux/rtnetlink.h>
15 #include <linux/filter.h>
16 #include <linux/bpf.h>
17
18 #include <net/netlink.h>
19 #include <net/pkt_sched.h>
20
21 #include <linux/tc_act/tc_bpf.h>
22 #include <net/tc_act/tc_bpf.h>
23
24 #define BPF_TAB_MASK 15
25 #define ACT_BPF_NAME_LEN 256
26
27 struct tcf_bpf_cfg {
28 struct bpf_prog *filter;
29 struct sock_filter *bpf_ops;
30 const char *bpf_name;
31 u32 bpf_fd;
32 u16 bpf_num_ops;
33 bool is_ebpf;
34 };
35
36 static int bpf_net_id;
37
38 static int tcf_bpf(struct sk_buff *skb, const struct tc_action *act,
39 struct tcf_result *res)
40 {
41 struct tcf_bpf *prog = act->priv;
42 struct bpf_prog *filter;
43 int action, filter_res;
44 bool at_ingress = G_TC_AT(skb->tc_verd) & AT_INGRESS;
45
46 if (unlikely(!skb_mac_header_was_set(skb)))
47 return TC_ACT_UNSPEC;
48
49 tcf_lastuse_update(&prog->tcf_tm);
50 bstats_cpu_update(this_cpu_ptr(prog->common.cpu_bstats), skb);
51
52 rcu_read_lock();
53 filter = rcu_dereference(prog->filter);
54 if (at_ingress) {
55 __skb_push(skb, skb->mac_len);
56 bpf_compute_data_end(skb);
57 filter_res = BPF_PROG_RUN(filter, skb);
58 __skb_pull(skb, skb->mac_len);
59 } else {
60 bpf_compute_data_end(skb);
61 filter_res = BPF_PROG_RUN(filter, skb);
62 }
63 rcu_read_unlock();
64
65 /* A BPF program may overwrite the default action opcode.
66 * Similarly as in cls_bpf, if filter_res == -1 we use the
67 * default action specified from tc.
68 *
69 * In case a different well-known TC_ACT opcode has been
70 * returned, it will overwrite the default one.
71 *
72 * For everything else that is unkown, TC_ACT_UNSPEC is
73 * returned.
74 */
75 switch (filter_res) {
76 case TC_ACT_PIPE:
77 case TC_ACT_RECLASSIFY:
78 case TC_ACT_OK:
79 case TC_ACT_REDIRECT:
80 action = filter_res;
81 break;
82 case TC_ACT_SHOT:
83 action = filter_res;
84 qstats_drop_inc(this_cpu_ptr(prog->common.cpu_qstats));
85 break;
86 case TC_ACT_UNSPEC:
87 action = prog->tcf_action;
88 break;
89 default:
90 action = TC_ACT_UNSPEC;
91 break;
92 }
93
94 return action;
95 }
96
97 static bool tcf_bpf_is_ebpf(const struct tcf_bpf *prog)
98 {
99 return !prog->bpf_ops;
100 }
101
102 static int tcf_bpf_dump_bpf_info(const struct tcf_bpf *prog,
103 struct sk_buff *skb)
104 {
105 struct nlattr *nla;
106
107 if (nla_put_u16(skb, TCA_ACT_BPF_OPS_LEN, prog->bpf_num_ops))
108 return -EMSGSIZE;
109
110 nla = nla_reserve(skb, TCA_ACT_BPF_OPS, prog->bpf_num_ops *
111 sizeof(struct sock_filter));
112 if (nla == NULL)
113 return -EMSGSIZE;
114
115 memcpy(nla_data(nla), prog->bpf_ops, nla_len(nla));
116
117 return 0;
118 }
119
120 static int tcf_bpf_dump_ebpf_info(const struct tcf_bpf *prog,
121 struct sk_buff *skb)
122 {
123 if (nla_put_u32(skb, TCA_ACT_BPF_FD, prog->bpf_fd))
124 return -EMSGSIZE;
125
126 if (prog->bpf_name &&
127 nla_put_string(skb, TCA_ACT_BPF_NAME, prog->bpf_name))
128 return -EMSGSIZE;
129
130 return 0;
131 }
132
133 static int tcf_bpf_dump(struct sk_buff *skb, struct tc_action *act,
134 int bind, int ref)
135 {
136 unsigned char *tp = skb_tail_pointer(skb);
137 struct tcf_bpf *prog = act->priv;
138 struct tc_act_bpf opt = {
139 .index = prog->tcf_index,
140 .refcnt = prog->tcf_refcnt - ref,
141 .bindcnt = prog->tcf_bindcnt - bind,
142 .action = prog->tcf_action,
143 };
144 struct tcf_t tm;
145 int ret;
146
147 if (nla_put(skb, TCA_ACT_BPF_PARMS, sizeof(opt), &opt))
148 goto nla_put_failure;
149
150 if (tcf_bpf_is_ebpf(prog))
151 ret = tcf_bpf_dump_ebpf_info(prog, skb);
152 else
153 ret = tcf_bpf_dump_bpf_info(prog, skb);
154 if (ret)
155 goto nla_put_failure;
156
157 tm.install = jiffies_to_clock_t(jiffies - prog->tcf_tm.install);
158 tm.lastuse = jiffies_to_clock_t(jiffies - prog->tcf_tm.lastuse);
159 tm.firstuse = jiffies_to_clock_t(jiffies - prog->tcf_tm.firstuse);
160 tm.expires = jiffies_to_clock_t(prog->tcf_tm.expires);
161
162 if (nla_put_64bit(skb, TCA_ACT_BPF_TM, sizeof(tm), &tm,
163 TCA_ACT_BPF_PAD))
164 goto nla_put_failure;
165
166 return skb->len;
167
168 nla_put_failure:
169 nlmsg_trim(skb, tp);
170 return -1;
171 }
172
173 static const struct nla_policy act_bpf_policy[TCA_ACT_BPF_MAX + 1] = {
174 [TCA_ACT_BPF_PARMS] = { .len = sizeof(struct tc_act_bpf) },
175 [TCA_ACT_BPF_FD] = { .type = NLA_U32 },
176 [TCA_ACT_BPF_NAME] = { .type = NLA_NUL_STRING, .len = ACT_BPF_NAME_LEN },
177 [TCA_ACT_BPF_OPS_LEN] = { .type = NLA_U16 },
178 [TCA_ACT_BPF_OPS] = { .type = NLA_BINARY,
179 .len = sizeof(struct sock_filter) * BPF_MAXINSNS },
180 };
181
182 static int tcf_bpf_init_from_ops(struct nlattr **tb, struct tcf_bpf_cfg *cfg)
183 {
184 struct sock_filter *bpf_ops;
185 struct sock_fprog_kern fprog_tmp;
186 struct bpf_prog *fp;
187 u16 bpf_size, bpf_num_ops;
188 int ret;
189
190 bpf_num_ops = nla_get_u16(tb[TCA_ACT_BPF_OPS_LEN]);
191 if (bpf_num_ops > BPF_MAXINSNS || bpf_num_ops == 0)
192 return -EINVAL;
193
194 bpf_size = bpf_num_ops * sizeof(*bpf_ops);
195 if (bpf_size != nla_len(tb[TCA_ACT_BPF_OPS]))
196 return -EINVAL;
197
198 bpf_ops = kzalloc(bpf_size, GFP_KERNEL);
199 if (bpf_ops == NULL)
200 return -ENOMEM;
201
202 memcpy(bpf_ops, nla_data(tb[TCA_ACT_BPF_OPS]), bpf_size);
203
204 fprog_tmp.len = bpf_num_ops;
205 fprog_tmp.filter = bpf_ops;
206
207 ret = bpf_prog_create(&fp, &fprog_tmp);
208 if (ret < 0) {
209 kfree(bpf_ops);
210 return ret;
211 }
212
213 cfg->bpf_ops = bpf_ops;
214 cfg->bpf_num_ops = bpf_num_ops;
215 cfg->filter = fp;
216 cfg->is_ebpf = false;
217
218 return 0;
219 }
220
221 static int tcf_bpf_init_from_efd(struct nlattr **tb, struct tcf_bpf_cfg *cfg)
222 {
223 struct bpf_prog *fp;
224 char *name = NULL;
225 u32 bpf_fd;
226
227 bpf_fd = nla_get_u32(tb[TCA_ACT_BPF_FD]);
228
229 fp = bpf_prog_get(bpf_fd);
230 if (IS_ERR(fp))
231 return PTR_ERR(fp);
232
233 if (fp->type != BPF_PROG_TYPE_SCHED_ACT) {
234 bpf_prog_put(fp);
235 return -EINVAL;
236 }
237
238 if (tb[TCA_ACT_BPF_NAME]) {
239 name = kmemdup(nla_data(tb[TCA_ACT_BPF_NAME]),
240 nla_len(tb[TCA_ACT_BPF_NAME]),
241 GFP_KERNEL);
242 if (!name) {
243 bpf_prog_put(fp);
244 return -ENOMEM;
245 }
246 }
247
248 cfg->bpf_fd = bpf_fd;
249 cfg->bpf_name = name;
250 cfg->filter = fp;
251 cfg->is_ebpf = true;
252
253 return 0;
254 }
255
256 static void tcf_bpf_cfg_cleanup(const struct tcf_bpf_cfg *cfg)
257 {
258 if (cfg->is_ebpf)
259 bpf_prog_put(cfg->filter);
260 else
261 bpf_prog_destroy(cfg->filter);
262
263 kfree(cfg->bpf_ops);
264 kfree(cfg->bpf_name);
265 }
266
267 static void tcf_bpf_prog_fill_cfg(const struct tcf_bpf *prog,
268 struct tcf_bpf_cfg *cfg)
269 {
270 cfg->is_ebpf = tcf_bpf_is_ebpf(prog);
271 /* updates to prog->filter are prevented, since it's called either
272 * with rtnl lock or during final cleanup in rcu callback
273 */
274 cfg->filter = rcu_dereference_protected(prog->filter, 1);
275
276 cfg->bpf_ops = prog->bpf_ops;
277 cfg->bpf_name = prog->bpf_name;
278 }
279
280 static int tcf_bpf_init(struct net *net, struct nlattr *nla,
281 struct nlattr *est, struct tc_action *act,
282 int replace, int bind)
283 {
284 struct tc_action_net *tn = net_generic(net, bpf_net_id);
285 struct nlattr *tb[TCA_ACT_BPF_MAX + 1];
286 struct tcf_bpf_cfg cfg, old;
287 struct tc_act_bpf *parm;
288 struct tcf_bpf *prog;
289 bool is_bpf, is_ebpf;
290 int ret, res = 0;
291
292 if (!nla)
293 return -EINVAL;
294
295 ret = nla_parse_nested(tb, TCA_ACT_BPF_MAX, nla, act_bpf_policy);
296 if (ret < 0)
297 return ret;
298
299 if (!tb[TCA_ACT_BPF_PARMS])
300 return -EINVAL;
301
302 parm = nla_data(tb[TCA_ACT_BPF_PARMS]);
303
304 if (!tcf_hash_check(tn, parm->index, act, bind)) {
305 ret = tcf_hash_create(tn, parm->index, est, act,
306 sizeof(*prog), bind, true);
307 if (ret < 0)
308 return ret;
309
310 res = ACT_P_CREATED;
311 } else {
312 /* Don't override defaults. */
313 if (bind)
314 return 0;
315
316 tcf_hash_release(act, bind);
317 if (!replace)
318 return -EEXIST;
319 }
320
321 is_bpf = tb[TCA_ACT_BPF_OPS_LEN] && tb[TCA_ACT_BPF_OPS];
322 is_ebpf = tb[TCA_ACT_BPF_FD];
323
324 if ((!is_bpf && !is_ebpf) || (is_bpf && is_ebpf)) {
325 ret = -EINVAL;
326 goto out;
327 }
328
329 memset(&cfg, 0, sizeof(cfg));
330
331 ret = is_bpf ? tcf_bpf_init_from_ops(tb, &cfg) :
332 tcf_bpf_init_from_efd(tb, &cfg);
333 if (ret < 0)
334 goto out;
335
336 prog = to_bpf(act);
337 ASSERT_RTNL();
338
339 if (res != ACT_P_CREATED)
340 tcf_bpf_prog_fill_cfg(prog, &old);
341
342 prog->bpf_ops = cfg.bpf_ops;
343 prog->bpf_name = cfg.bpf_name;
344
345 if (cfg.bpf_num_ops)
346 prog->bpf_num_ops = cfg.bpf_num_ops;
347 if (cfg.bpf_fd)
348 prog->bpf_fd = cfg.bpf_fd;
349
350 prog->tcf_action = parm->action;
351 rcu_assign_pointer(prog->filter, cfg.filter);
352
353 if (res == ACT_P_CREATED) {
354 tcf_hash_insert(tn, act);
355 } else {
356 /* make sure the program being replaced is no longer executing */
357 synchronize_rcu();
358 tcf_bpf_cfg_cleanup(&old);
359 }
360
361 return res;
362 out:
363 if (res == ACT_P_CREATED)
364 tcf_hash_cleanup(act, est);
365
366 return ret;
367 }
368
369 static void tcf_bpf_cleanup(struct tc_action *act, int bind)
370 {
371 struct tcf_bpf_cfg tmp;
372
373 tcf_bpf_prog_fill_cfg(act->priv, &tmp);
374 tcf_bpf_cfg_cleanup(&tmp);
375 }
376
377 static int tcf_bpf_walker(struct net *net, struct sk_buff *skb,
378 struct netlink_callback *cb, int type,
379 struct tc_action *a)
380 {
381 struct tc_action_net *tn = net_generic(net, bpf_net_id);
382
383 return tcf_generic_walker(tn, skb, cb, type, a);
384 }
385
386 static int tcf_bpf_search(struct net *net, struct tc_action *a, u32 index)
387 {
388 struct tc_action_net *tn = net_generic(net, bpf_net_id);
389
390 return tcf_hash_search(tn, a, index);
391 }
392
393 static struct tc_action_ops act_bpf_ops __read_mostly = {
394 .kind = "bpf",
395 .type = TCA_ACT_BPF,
396 .owner = THIS_MODULE,
397 .act = tcf_bpf,
398 .dump = tcf_bpf_dump,
399 .cleanup = tcf_bpf_cleanup,
400 .init = tcf_bpf_init,
401 .walk = tcf_bpf_walker,
402 .lookup = tcf_bpf_search,
403 };
404
405 static __net_init int bpf_init_net(struct net *net)
406 {
407 struct tc_action_net *tn = net_generic(net, bpf_net_id);
408
409 return tc_action_net_init(tn, &act_bpf_ops, BPF_TAB_MASK);
410 }
411
412 static void __net_exit bpf_exit_net(struct net *net)
413 {
414 struct tc_action_net *tn = net_generic(net, bpf_net_id);
415
416 tc_action_net_exit(tn);
417 }
418
419 static struct pernet_operations bpf_net_ops = {
420 .init = bpf_init_net,
421 .exit = bpf_exit_net,
422 .id = &bpf_net_id,
423 .size = sizeof(struct tc_action_net),
424 };
425
426 static int __init bpf_init_module(void)
427 {
428 return tcf_register_action(&act_bpf_ops, &bpf_net_ops);
429 }
430
431 static void __exit bpf_cleanup_module(void)
432 {
433 tcf_unregister_action(&act_bpf_ops, &bpf_net_ops);
434 }
435
436 module_init(bpf_init_module);
437 module_exit(bpf_cleanup_module);
438
439 MODULE_AUTHOR("Jiri Pirko <jiri@resnulli.us>");
440 MODULE_DESCRIPTION("TC BPF based action");
441 MODULE_LICENSE("GPL v2");
Linux kernel - Deliverables
This page took 0.043759 seconds and 5 git commands to generate.