18c2ecf20Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0-or-later 28c2ecf20Sopenharmony_ci/* 38c2ecf20Sopenharmony_ci * Copyright (c) 2016, Amir Vadai <amir@vadai.me> 48c2ecf20Sopenharmony_ci * Copyright (c) 2016, Mellanox Technologies. All rights reserved. 58c2ecf20Sopenharmony_ci */ 68c2ecf20Sopenharmony_ci 78c2ecf20Sopenharmony_ci#include <linux/module.h> 88c2ecf20Sopenharmony_ci#include <linux/init.h> 98c2ecf20Sopenharmony_ci#include <linux/kernel.h> 108c2ecf20Sopenharmony_ci#include <linux/skbuff.h> 118c2ecf20Sopenharmony_ci#include <linux/rtnetlink.h> 128c2ecf20Sopenharmony_ci#include <net/geneve.h> 138c2ecf20Sopenharmony_ci#include <net/vxlan.h> 148c2ecf20Sopenharmony_ci#include <net/erspan.h> 158c2ecf20Sopenharmony_ci#include <net/netlink.h> 168c2ecf20Sopenharmony_ci#include <net/pkt_sched.h> 178c2ecf20Sopenharmony_ci#include <net/dst.h> 188c2ecf20Sopenharmony_ci#include <net/pkt_cls.h> 198c2ecf20Sopenharmony_ci 208c2ecf20Sopenharmony_ci#include <linux/tc_act/tc_tunnel_key.h> 218c2ecf20Sopenharmony_ci#include <net/tc_act/tc_tunnel_key.h> 228c2ecf20Sopenharmony_ci 238c2ecf20Sopenharmony_cistatic unsigned int tunnel_key_net_id; 248c2ecf20Sopenharmony_cistatic struct tc_action_ops act_tunnel_key_ops; 258c2ecf20Sopenharmony_ci 268c2ecf20Sopenharmony_cistatic int tunnel_key_act(struct sk_buff *skb, const struct tc_action *a, 278c2ecf20Sopenharmony_ci struct tcf_result *res) 288c2ecf20Sopenharmony_ci{ 298c2ecf20Sopenharmony_ci struct tcf_tunnel_key *t = to_tunnel_key(a); 308c2ecf20Sopenharmony_ci struct tcf_tunnel_key_params *params; 318c2ecf20Sopenharmony_ci int action; 328c2ecf20Sopenharmony_ci 338c2ecf20Sopenharmony_ci params = rcu_dereference_bh(t->params); 348c2ecf20Sopenharmony_ci 358c2ecf20Sopenharmony_ci tcf_lastuse_update(&t->tcf_tm); 368c2ecf20Sopenharmony_ci tcf_action_update_bstats(&t->common, skb); 378c2ecf20Sopenharmony_ci action = READ_ONCE(t->tcf_action); 388c2ecf20Sopenharmony_ci 398c2ecf20Sopenharmony_ci switch (params->tcft_action) { 408c2ecf20Sopenharmony_ci case TCA_TUNNEL_KEY_ACT_RELEASE: 418c2ecf20Sopenharmony_ci skb_dst_drop(skb); 428c2ecf20Sopenharmony_ci break; 438c2ecf20Sopenharmony_ci case TCA_TUNNEL_KEY_ACT_SET: 448c2ecf20Sopenharmony_ci skb_dst_drop(skb); 458c2ecf20Sopenharmony_ci skb_dst_set(skb, dst_clone(¶ms->tcft_enc_metadata->dst)); 468c2ecf20Sopenharmony_ci break; 478c2ecf20Sopenharmony_ci default: 488c2ecf20Sopenharmony_ci WARN_ONCE(1, "Bad tunnel_key action %d.\n", 498c2ecf20Sopenharmony_ci params->tcft_action); 508c2ecf20Sopenharmony_ci break; 518c2ecf20Sopenharmony_ci } 528c2ecf20Sopenharmony_ci 538c2ecf20Sopenharmony_ci return action; 548c2ecf20Sopenharmony_ci} 558c2ecf20Sopenharmony_ci 568c2ecf20Sopenharmony_cistatic const struct nla_policy 578c2ecf20Sopenharmony_cienc_opts_policy[TCA_TUNNEL_KEY_ENC_OPTS_MAX + 1] = { 588c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPTS_UNSPEC] = { 598c2ecf20Sopenharmony_ci .strict_start_type = TCA_TUNNEL_KEY_ENC_OPTS_VXLAN }, 608c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPTS_GENEVE] = { .type = NLA_NESTED }, 618c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPTS_VXLAN] = { .type = NLA_NESTED }, 628c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPTS_ERSPAN] = { .type = NLA_NESTED }, 638c2ecf20Sopenharmony_ci}; 648c2ecf20Sopenharmony_ci 658c2ecf20Sopenharmony_cistatic const struct nla_policy 668c2ecf20Sopenharmony_cigeneve_opt_policy[TCA_TUNNEL_KEY_ENC_OPT_GENEVE_MAX + 1] = { 678c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPT_GENEVE_CLASS] = { .type = NLA_U16 }, 688c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPT_GENEVE_TYPE] = { .type = NLA_U8 }, 698c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPT_GENEVE_DATA] = { .type = NLA_BINARY, 708c2ecf20Sopenharmony_ci .len = 128 }, 718c2ecf20Sopenharmony_ci}; 728c2ecf20Sopenharmony_ci 738c2ecf20Sopenharmony_cistatic const struct nla_policy 748c2ecf20Sopenharmony_civxlan_opt_policy[TCA_TUNNEL_KEY_ENC_OPT_VXLAN_MAX + 1] = { 758c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPT_VXLAN_GBP] = { .type = NLA_U32 }, 768c2ecf20Sopenharmony_ci}; 778c2ecf20Sopenharmony_ci 788c2ecf20Sopenharmony_cistatic const struct nla_policy 798c2ecf20Sopenharmony_cierspan_opt_policy[TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_MAX + 1] = { 808c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_VER] = { .type = NLA_U8 }, 818c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_INDEX] = { .type = NLA_U32 }, 828c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_DIR] = { .type = NLA_U8 }, 838c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_HWID] = { .type = NLA_U8 }, 848c2ecf20Sopenharmony_ci}; 858c2ecf20Sopenharmony_ci 868c2ecf20Sopenharmony_cistatic int 878c2ecf20Sopenharmony_citunnel_key_copy_geneve_opt(const struct nlattr *nla, void *dst, int dst_len, 888c2ecf20Sopenharmony_ci struct netlink_ext_ack *extack) 898c2ecf20Sopenharmony_ci{ 908c2ecf20Sopenharmony_ci struct nlattr *tb[TCA_TUNNEL_KEY_ENC_OPT_GENEVE_MAX + 1]; 918c2ecf20Sopenharmony_ci int err, data_len, opt_len; 928c2ecf20Sopenharmony_ci u8 *data; 938c2ecf20Sopenharmony_ci 948c2ecf20Sopenharmony_ci err = nla_parse_nested_deprecated(tb, 958c2ecf20Sopenharmony_ci TCA_TUNNEL_KEY_ENC_OPT_GENEVE_MAX, 968c2ecf20Sopenharmony_ci nla, geneve_opt_policy, extack); 978c2ecf20Sopenharmony_ci if (err < 0) 988c2ecf20Sopenharmony_ci return err; 998c2ecf20Sopenharmony_ci 1008c2ecf20Sopenharmony_ci if (!tb[TCA_TUNNEL_KEY_ENC_OPT_GENEVE_CLASS] || 1018c2ecf20Sopenharmony_ci !tb[TCA_TUNNEL_KEY_ENC_OPT_GENEVE_TYPE] || 1028c2ecf20Sopenharmony_ci !tb[TCA_TUNNEL_KEY_ENC_OPT_GENEVE_DATA]) { 1038c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Missing tunnel key geneve option class, type or data"); 1048c2ecf20Sopenharmony_ci return -EINVAL; 1058c2ecf20Sopenharmony_ci } 1068c2ecf20Sopenharmony_ci 1078c2ecf20Sopenharmony_ci data = nla_data(tb[TCA_TUNNEL_KEY_ENC_OPT_GENEVE_DATA]); 1088c2ecf20Sopenharmony_ci data_len = nla_len(tb[TCA_TUNNEL_KEY_ENC_OPT_GENEVE_DATA]); 1098c2ecf20Sopenharmony_ci if (data_len < 4) { 1108c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Tunnel key geneve option data is less than 4 bytes long"); 1118c2ecf20Sopenharmony_ci return -ERANGE; 1128c2ecf20Sopenharmony_ci } 1138c2ecf20Sopenharmony_ci if (data_len % 4) { 1148c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Tunnel key geneve option data is not a multiple of 4 bytes long"); 1158c2ecf20Sopenharmony_ci return -ERANGE; 1168c2ecf20Sopenharmony_ci } 1178c2ecf20Sopenharmony_ci 1188c2ecf20Sopenharmony_ci opt_len = sizeof(struct geneve_opt) + data_len; 1198c2ecf20Sopenharmony_ci if (dst) { 1208c2ecf20Sopenharmony_ci struct geneve_opt *opt = dst; 1218c2ecf20Sopenharmony_ci 1228c2ecf20Sopenharmony_ci WARN_ON(dst_len < opt_len); 1238c2ecf20Sopenharmony_ci 1248c2ecf20Sopenharmony_ci opt->opt_class = 1258c2ecf20Sopenharmony_ci nla_get_be16(tb[TCA_TUNNEL_KEY_ENC_OPT_GENEVE_CLASS]); 1268c2ecf20Sopenharmony_ci opt->type = nla_get_u8(tb[TCA_TUNNEL_KEY_ENC_OPT_GENEVE_TYPE]); 1278c2ecf20Sopenharmony_ci opt->length = data_len / 4; /* length is in units of 4 bytes */ 1288c2ecf20Sopenharmony_ci opt->r1 = 0; 1298c2ecf20Sopenharmony_ci opt->r2 = 0; 1308c2ecf20Sopenharmony_ci opt->r3 = 0; 1318c2ecf20Sopenharmony_ci 1328c2ecf20Sopenharmony_ci memcpy(opt + 1, data, data_len); 1338c2ecf20Sopenharmony_ci } 1348c2ecf20Sopenharmony_ci 1358c2ecf20Sopenharmony_ci return opt_len; 1368c2ecf20Sopenharmony_ci} 1378c2ecf20Sopenharmony_ci 1388c2ecf20Sopenharmony_cistatic int 1398c2ecf20Sopenharmony_citunnel_key_copy_vxlan_opt(const struct nlattr *nla, void *dst, int dst_len, 1408c2ecf20Sopenharmony_ci struct netlink_ext_ack *extack) 1418c2ecf20Sopenharmony_ci{ 1428c2ecf20Sopenharmony_ci struct nlattr *tb[TCA_TUNNEL_KEY_ENC_OPT_VXLAN_MAX + 1]; 1438c2ecf20Sopenharmony_ci int err; 1448c2ecf20Sopenharmony_ci 1458c2ecf20Sopenharmony_ci err = nla_parse_nested(tb, TCA_TUNNEL_KEY_ENC_OPT_VXLAN_MAX, nla, 1468c2ecf20Sopenharmony_ci vxlan_opt_policy, extack); 1478c2ecf20Sopenharmony_ci if (err < 0) 1488c2ecf20Sopenharmony_ci return err; 1498c2ecf20Sopenharmony_ci 1508c2ecf20Sopenharmony_ci if (!tb[TCA_TUNNEL_KEY_ENC_OPT_VXLAN_GBP]) { 1518c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Missing tunnel key vxlan option gbp"); 1528c2ecf20Sopenharmony_ci return -EINVAL; 1538c2ecf20Sopenharmony_ci } 1548c2ecf20Sopenharmony_ci 1558c2ecf20Sopenharmony_ci if (dst) { 1568c2ecf20Sopenharmony_ci struct vxlan_metadata *md = dst; 1578c2ecf20Sopenharmony_ci 1588c2ecf20Sopenharmony_ci md->gbp = nla_get_u32(tb[TCA_TUNNEL_KEY_ENC_OPT_VXLAN_GBP]); 1598c2ecf20Sopenharmony_ci md->gbp &= VXLAN_GBP_MASK; 1608c2ecf20Sopenharmony_ci } 1618c2ecf20Sopenharmony_ci 1628c2ecf20Sopenharmony_ci return sizeof(struct vxlan_metadata); 1638c2ecf20Sopenharmony_ci} 1648c2ecf20Sopenharmony_ci 1658c2ecf20Sopenharmony_cistatic int 1668c2ecf20Sopenharmony_citunnel_key_copy_erspan_opt(const struct nlattr *nla, void *dst, int dst_len, 1678c2ecf20Sopenharmony_ci struct netlink_ext_ack *extack) 1688c2ecf20Sopenharmony_ci{ 1698c2ecf20Sopenharmony_ci struct nlattr *tb[TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_MAX + 1]; 1708c2ecf20Sopenharmony_ci int err; 1718c2ecf20Sopenharmony_ci u8 ver; 1728c2ecf20Sopenharmony_ci 1738c2ecf20Sopenharmony_ci err = nla_parse_nested(tb, TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_MAX, nla, 1748c2ecf20Sopenharmony_ci erspan_opt_policy, extack); 1758c2ecf20Sopenharmony_ci if (err < 0) 1768c2ecf20Sopenharmony_ci return err; 1778c2ecf20Sopenharmony_ci 1788c2ecf20Sopenharmony_ci if (!tb[TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_VER]) { 1798c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Missing tunnel key erspan option ver"); 1808c2ecf20Sopenharmony_ci return -EINVAL; 1818c2ecf20Sopenharmony_ci } 1828c2ecf20Sopenharmony_ci 1838c2ecf20Sopenharmony_ci ver = nla_get_u8(tb[TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_VER]); 1848c2ecf20Sopenharmony_ci if (ver == 1) { 1858c2ecf20Sopenharmony_ci if (!tb[TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_INDEX]) { 1868c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Missing tunnel key erspan option index"); 1878c2ecf20Sopenharmony_ci return -EINVAL; 1888c2ecf20Sopenharmony_ci } 1898c2ecf20Sopenharmony_ci } else if (ver == 2) { 1908c2ecf20Sopenharmony_ci if (!tb[TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_DIR] || 1918c2ecf20Sopenharmony_ci !tb[TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_HWID]) { 1928c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Missing tunnel key erspan option dir or hwid"); 1938c2ecf20Sopenharmony_ci return -EINVAL; 1948c2ecf20Sopenharmony_ci } 1958c2ecf20Sopenharmony_ci } else { 1968c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Tunnel key erspan option ver is incorrect"); 1978c2ecf20Sopenharmony_ci return -EINVAL; 1988c2ecf20Sopenharmony_ci } 1998c2ecf20Sopenharmony_ci 2008c2ecf20Sopenharmony_ci if (dst) { 2018c2ecf20Sopenharmony_ci struct erspan_metadata *md = dst; 2028c2ecf20Sopenharmony_ci 2038c2ecf20Sopenharmony_ci md->version = ver; 2048c2ecf20Sopenharmony_ci if (ver == 1) { 2058c2ecf20Sopenharmony_ci nla = tb[TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_INDEX]; 2068c2ecf20Sopenharmony_ci md->u.index = nla_get_be32(nla); 2078c2ecf20Sopenharmony_ci } else { 2088c2ecf20Sopenharmony_ci nla = tb[TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_DIR]; 2098c2ecf20Sopenharmony_ci md->u.md2.dir = nla_get_u8(nla); 2108c2ecf20Sopenharmony_ci nla = tb[TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_HWID]; 2118c2ecf20Sopenharmony_ci set_hwid(&md->u.md2, nla_get_u8(nla)); 2128c2ecf20Sopenharmony_ci } 2138c2ecf20Sopenharmony_ci } 2148c2ecf20Sopenharmony_ci 2158c2ecf20Sopenharmony_ci return sizeof(struct erspan_metadata); 2168c2ecf20Sopenharmony_ci} 2178c2ecf20Sopenharmony_ci 2188c2ecf20Sopenharmony_cistatic int tunnel_key_copy_opts(const struct nlattr *nla, u8 *dst, 2198c2ecf20Sopenharmony_ci int dst_len, struct netlink_ext_ack *extack) 2208c2ecf20Sopenharmony_ci{ 2218c2ecf20Sopenharmony_ci int err, rem, opt_len, len = nla_len(nla), opts_len = 0, type = 0; 2228c2ecf20Sopenharmony_ci const struct nlattr *attr, *head = nla_data(nla); 2238c2ecf20Sopenharmony_ci 2248c2ecf20Sopenharmony_ci err = nla_validate_deprecated(head, len, TCA_TUNNEL_KEY_ENC_OPTS_MAX, 2258c2ecf20Sopenharmony_ci enc_opts_policy, extack); 2268c2ecf20Sopenharmony_ci if (err) 2278c2ecf20Sopenharmony_ci return err; 2288c2ecf20Sopenharmony_ci 2298c2ecf20Sopenharmony_ci nla_for_each_attr(attr, head, len, rem) { 2308c2ecf20Sopenharmony_ci switch (nla_type(attr)) { 2318c2ecf20Sopenharmony_ci case TCA_TUNNEL_KEY_ENC_OPTS_GENEVE: 2328c2ecf20Sopenharmony_ci if (type && type != TUNNEL_GENEVE_OPT) { 2338c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Duplicate type for geneve options"); 2348c2ecf20Sopenharmony_ci return -EINVAL; 2358c2ecf20Sopenharmony_ci } 2368c2ecf20Sopenharmony_ci opt_len = tunnel_key_copy_geneve_opt(attr, dst, 2378c2ecf20Sopenharmony_ci dst_len, extack); 2388c2ecf20Sopenharmony_ci if (opt_len < 0) 2398c2ecf20Sopenharmony_ci return opt_len; 2408c2ecf20Sopenharmony_ci opts_len += opt_len; 2418c2ecf20Sopenharmony_ci if (opts_len > IP_TUNNEL_OPTS_MAX) { 2428c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Tunnel options exceeds max size"); 2438c2ecf20Sopenharmony_ci return -EINVAL; 2448c2ecf20Sopenharmony_ci } 2458c2ecf20Sopenharmony_ci if (dst) { 2468c2ecf20Sopenharmony_ci dst_len -= opt_len; 2478c2ecf20Sopenharmony_ci dst += opt_len; 2488c2ecf20Sopenharmony_ci } 2498c2ecf20Sopenharmony_ci type = TUNNEL_GENEVE_OPT; 2508c2ecf20Sopenharmony_ci break; 2518c2ecf20Sopenharmony_ci case TCA_TUNNEL_KEY_ENC_OPTS_VXLAN: 2528c2ecf20Sopenharmony_ci if (type) { 2538c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Duplicate type for vxlan options"); 2548c2ecf20Sopenharmony_ci return -EINVAL; 2558c2ecf20Sopenharmony_ci } 2568c2ecf20Sopenharmony_ci opt_len = tunnel_key_copy_vxlan_opt(attr, dst, 2578c2ecf20Sopenharmony_ci dst_len, extack); 2588c2ecf20Sopenharmony_ci if (opt_len < 0) 2598c2ecf20Sopenharmony_ci return opt_len; 2608c2ecf20Sopenharmony_ci opts_len += opt_len; 2618c2ecf20Sopenharmony_ci type = TUNNEL_VXLAN_OPT; 2628c2ecf20Sopenharmony_ci break; 2638c2ecf20Sopenharmony_ci case TCA_TUNNEL_KEY_ENC_OPTS_ERSPAN: 2648c2ecf20Sopenharmony_ci if (type) { 2658c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Duplicate type for erspan options"); 2668c2ecf20Sopenharmony_ci return -EINVAL; 2678c2ecf20Sopenharmony_ci } 2688c2ecf20Sopenharmony_ci opt_len = tunnel_key_copy_erspan_opt(attr, dst, 2698c2ecf20Sopenharmony_ci dst_len, extack); 2708c2ecf20Sopenharmony_ci if (opt_len < 0) 2718c2ecf20Sopenharmony_ci return opt_len; 2728c2ecf20Sopenharmony_ci opts_len += opt_len; 2738c2ecf20Sopenharmony_ci type = TUNNEL_ERSPAN_OPT; 2748c2ecf20Sopenharmony_ci break; 2758c2ecf20Sopenharmony_ci } 2768c2ecf20Sopenharmony_ci } 2778c2ecf20Sopenharmony_ci 2788c2ecf20Sopenharmony_ci if (!opts_len) { 2798c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Empty list of tunnel options"); 2808c2ecf20Sopenharmony_ci return -EINVAL; 2818c2ecf20Sopenharmony_ci } 2828c2ecf20Sopenharmony_ci 2838c2ecf20Sopenharmony_ci if (rem > 0) { 2848c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Trailing data after parsing tunnel key options attributes"); 2858c2ecf20Sopenharmony_ci return -EINVAL; 2868c2ecf20Sopenharmony_ci } 2878c2ecf20Sopenharmony_ci 2888c2ecf20Sopenharmony_ci return opts_len; 2898c2ecf20Sopenharmony_ci} 2908c2ecf20Sopenharmony_ci 2918c2ecf20Sopenharmony_cistatic int tunnel_key_get_opts_len(struct nlattr *nla, 2928c2ecf20Sopenharmony_ci struct netlink_ext_ack *extack) 2938c2ecf20Sopenharmony_ci{ 2948c2ecf20Sopenharmony_ci return tunnel_key_copy_opts(nla, NULL, 0, extack); 2958c2ecf20Sopenharmony_ci} 2968c2ecf20Sopenharmony_ci 2978c2ecf20Sopenharmony_cistatic int tunnel_key_opts_set(struct nlattr *nla, struct ip_tunnel_info *info, 2988c2ecf20Sopenharmony_ci int opts_len, struct netlink_ext_ack *extack) 2998c2ecf20Sopenharmony_ci{ 3008c2ecf20Sopenharmony_ci info->options_len = opts_len; 3018c2ecf20Sopenharmony_ci switch (nla_type(nla_data(nla))) { 3028c2ecf20Sopenharmony_ci case TCA_TUNNEL_KEY_ENC_OPTS_GENEVE: 3038c2ecf20Sopenharmony_ci#if IS_ENABLED(CONFIG_INET) 3048c2ecf20Sopenharmony_ci info->key.tun_flags |= TUNNEL_GENEVE_OPT; 3058c2ecf20Sopenharmony_ci return tunnel_key_copy_opts(nla, ip_tunnel_info_opts(info), 3068c2ecf20Sopenharmony_ci opts_len, extack); 3078c2ecf20Sopenharmony_ci#else 3088c2ecf20Sopenharmony_ci return -EAFNOSUPPORT; 3098c2ecf20Sopenharmony_ci#endif 3108c2ecf20Sopenharmony_ci case TCA_TUNNEL_KEY_ENC_OPTS_VXLAN: 3118c2ecf20Sopenharmony_ci#if IS_ENABLED(CONFIG_INET) 3128c2ecf20Sopenharmony_ci info->key.tun_flags |= TUNNEL_VXLAN_OPT; 3138c2ecf20Sopenharmony_ci return tunnel_key_copy_opts(nla, ip_tunnel_info_opts(info), 3148c2ecf20Sopenharmony_ci opts_len, extack); 3158c2ecf20Sopenharmony_ci#else 3168c2ecf20Sopenharmony_ci return -EAFNOSUPPORT; 3178c2ecf20Sopenharmony_ci#endif 3188c2ecf20Sopenharmony_ci case TCA_TUNNEL_KEY_ENC_OPTS_ERSPAN: 3198c2ecf20Sopenharmony_ci#if IS_ENABLED(CONFIG_INET) 3208c2ecf20Sopenharmony_ci info->key.tun_flags |= TUNNEL_ERSPAN_OPT; 3218c2ecf20Sopenharmony_ci return tunnel_key_copy_opts(nla, ip_tunnel_info_opts(info), 3228c2ecf20Sopenharmony_ci opts_len, extack); 3238c2ecf20Sopenharmony_ci#else 3248c2ecf20Sopenharmony_ci return -EAFNOSUPPORT; 3258c2ecf20Sopenharmony_ci#endif 3268c2ecf20Sopenharmony_ci default: 3278c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Cannot set tunnel options for unknown tunnel type"); 3288c2ecf20Sopenharmony_ci return -EINVAL; 3298c2ecf20Sopenharmony_ci } 3308c2ecf20Sopenharmony_ci} 3318c2ecf20Sopenharmony_ci 3328c2ecf20Sopenharmony_cistatic const struct nla_policy tunnel_key_policy[TCA_TUNNEL_KEY_MAX + 1] = { 3338c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_PARMS] = { .len = sizeof(struct tc_tunnel_key) }, 3348c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_IPV4_SRC] = { .type = NLA_U32 }, 3358c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_IPV4_DST] = { .type = NLA_U32 }, 3368c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_IPV6_SRC] = { .len = sizeof(struct in6_addr) }, 3378c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_IPV6_DST] = { .len = sizeof(struct in6_addr) }, 3388c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_KEY_ID] = { .type = NLA_U32 }, 3398c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_DST_PORT] = {.type = NLA_U16}, 3408c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_NO_CSUM] = { .type = NLA_U8 }, 3418c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPTS] = { .type = NLA_NESTED }, 3428c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_TOS] = { .type = NLA_U8 }, 3438c2ecf20Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_TTL] = { .type = NLA_U8 }, 3448c2ecf20Sopenharmony_ci}; 3458c2ecf20Sopenharmony_ci 3468c2ecf20Sopenharmony_cistatic void tunnel_key_release_params(struct tcf_tunnel_key_params *p) 3478c2ecf20Sopenharmony_ci{ 3488c2ecf20Sopenharmony_ci if (!p) 3498c2ecf20Sopenharmony_ci return; 3508c2ecf20Sopenharmony_ci if (p->tcft_action == TCA_TUNNEL_KEY_ACT_SET) 3518c2ecf20Sopenharmony_ci dst_release(&p->tcft_enc_metadata->dst); 3528c2ecf20Sopenharmony_ci 3538c2ecf20Sopenharmony_ci kfree_rcu(p, rcu); 3548c2ecf20Sopenharmony_ci} 3558c2ecf20Sopenharmony_ci 3568c2ecf20Sopenharmony_cistatic int tunnel_key_init(struct net *net, struct nlattr *nla, 3578c2ecf20Sopenharmony_ci struct nlattr *est, struct tc_action **a, 3588c2ecf20Sopenharmony_ci int ovr, int bind, bool rtnl_held, 3598c2ecf20Sopenharmony_ci struct tcf_proto *tp, u32 act_flags, 3608c2ecf20Sopenharmony_ci struct netlink_ext_ack *extack) 3618c2ecf20Sopenharmony_ci{ 3628c2ecf20Sopenharmony_ci struct tc_action_net *tn = net_generic(net, tunnel_key_net_id); 3638c2ecf20Sopenharmony_ci struct nlattr *tb[TCA_TUNNEL_KEY_MAX + 1]; 3648c2ecf20Sopenharmony_ci struct tcf_tunnel_key_params *params_new; 3658c2ecf20Sopenharmony_ci struct metadata_dst *metadata = NULL; 3668c2ecf20Sopenharmony_ci struct tcf_chain *goto_ch = NULL; 3678c2ecf20Sopenharmony_ci struct tc_tunnel_key *parm; 3688c2ecf20Sopenharmony_ci struct tcf_tunnel_key *t; 3698c2ecf20Sopenharmony_ci bool exists = false; 3708c2ecf20Sopenharmony_ci __be16 dst_port = 0; 3718c2ecf20Sopenharmony_ci __be64 key_id = 0; 3728c2ecf20Sopenharmony_ci int opts_len = 0; 3738c2ecf20Sopenharmony_ci __be16 flags = 0; 3748c2ecf20Sopenharmony_ci u8 tos, ttl; 3758c2ecf20Sopenharmony_ci int ret = 0; 3768c2ecf20Sopenharmony_ci u32 index; 3778c2ecf20Sopenharmony_ci int err; 3788c2ecf20Sopenharmony_ci 3798c2ecf20Sopenharmony_ci if (!nla) { 3808c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Tunnel requires attributes to be passed"); 3818c2ecf20Sopenharmony_ci return -EINVAL; 3828c2ecf20Sopenharmony_ci } 3838c2ecf20Sopenharmony_ci 3848c2ecf20Sopenharmony_ci err = nla_parse_nested_deprecated(tb, TCA_TUNNEL_KEY_MAX, nla, 3858c2ecf20Sopenharmony_ci tunnel_key_policy, extack); 3868c2ecf20Sopenharmony_ci if (err < 0) { 3878c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Failed to parse nested tunnel key attributes"); 3888c2ecf20Sopenharmony_ci return err; 3898c2ecf20Sopenharmony_ci } 3908c2ecf20Sopenharmony_ci 3918c2ecf20Sopenharmony_ci if (!tb[TCA_TUNNEL_KEY_PARMS]) { 3928c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Missing tunnel key parameters"); 3938c2ecf20Sopenharmony_ci return -EINVAL; 3948c2ecf20Sopenharmony_ci } 3958c2ecf20Sopenharmony_ci 3968c2ecf20Sopenharmony_ci parm = nla_data(tb[TCA_TUNNEL_KEY_PARMS]); 3978c2ecf20Sopenharmony_ci index = parm->index; 3988c2ecf20Sopenharmony_ci err = tcf_idr_check_alloc(tn, &index, a, bind); 3998c2ecf20Sopenharmony_ci if (err < 0) 4008c2ecf20Sopenharmony_ci return err; 4018c2ecf20Sopenharmony_ci exists = err; 4028c2ecf20Sopenharmony_ci if (exists && bind) 4038c2ecf20Sopenharmony_ci return 0; 4048c2ecf20Sopenharmony_ci 4058c2ecf20Sopenharmony_ci switch (parm->t_action) { 4068c2ecf20Sopenharmony_ci case TCA_TUNNEL_KEY_ACT_RELEASE: 4078c2ecf20Sopenharmony_ci break; 4088c2ecf20Sopenharmony_ci case TCA_TUNNEL_KEY_ACT_SET: 4098c2ecf20Sopenharmony_ci if (tb[TCA_TUNNEL_KEY_ENC_KEY_ID]) { 4108c2ecf20Sopenharmony_ci __be32 key32; 4118c2ecf20Sopenharmony_ci 4128c2ecf20Sopenharmony_ci key32 = nla_get_be32(tb[TCA_TUNNEL_KEY_ENC_KEY_ID]); 4138c2ecf20Sopenharmony_ci key_id = key32_to_tunnel_id(key32); 4148c2ecf20Sopenharmony_ci flags = TUNNEL_KEY; 4158c2ecf20Sopenharmony_ci } 4168c2ecf20Sopenharmony_ci 4178c2ecf20Sopenharmony_ci flags |= TUNNEL_CSUM; 4188c2ecf20Sopenharmony_ci if (tb[TCA_TUNNEL_KEY_NO_CSUM] && 4198c2ecf20Sopenharmony_ci nla_get_u8(tb[TCA_TUNNEL_KEY_NO_CSUM])) 4208c2ecf20Sopenharmony_ci flags &= ~TUNNEL_CSUM; 4218c2ecf20Sopenharmony_ci 4228c2ecf20Sopenharmony_ci if (tb[TCA_TUNNEL_KEY_ENC_DST_PORT]) 4238c2ecf20Sopenharmony_ci dst_port = nla_get_be16(tb[TCA_TUNNEL_KEY_ENC_DST_PORT]); 4248c2ecf20Sopenharmony_ci 4258c2ecf20Sopenharmony_ci if (tb[TCA_TUNNEL_KEY_ENC_OPTS]) { 4268c2ecf20Sopenharmony_ci opts_len = tunnel_key_get_opts_len(tb[TCA_TUNNEL_KEY_ENC_OPTS], 4278c2ecf20Sopenharmony_ci extack); 4288c2ecf20Sopenharmony_ci if (opts_len < 0) { 4298c2ecf20Sopenharmony_ci ret = opts_len; 4308c2ecf20Sopenharmony_ci goto err_out; 4318c2ecf20Sopenharmony_ci } 4328c2ecf20Sopenharmony_ci } 4338c2ecf20Sopenharmony_ci 4348c2ecf20Sopenharmony_ci tos = 0; 4358c2ecf20Sopenharmony_ci if (tb[TCA_TUNNEL_KEY_ENC_TOS]) 4368c2ecf20Sopenharmony_ci tos = nla_get_u8(tb[TCA_TUNNEL_KEY_ENC_TOS]); 4378c2ecf20Sopenharmony_ci ttl = 0; 4388c2ecf20Sopenharmony_ci if (tb[TCA_TUNNEL_KEY_ENC_TTL]) 4398c2ecf20Sopenharmony_ci ttl = nla_get_u8(tb[TCA_TUNNEL_KEY_ENC_TTL]); 4408c2ecf20Sopenharmony_ci 4418c2ecf20Sopenharmony_ci if (tb[TCA_TUNNEL_KEY_ENC_IPV4_SRC] && 4428c2ecf20Sopenharmony_ci tb[TCA_TUNNEL_KEY_ENC_IPV4_DST]) { 4438c2ecf20Sopenharmony_ci __be32 saddr; 4448c2ecf20Sopenharmony_ci __be32 daddr; 4458c2ecf20Sopenharmony_ci 4468c2ecf20Sopenharmony_ci saddr = nla_get_in_addr(tb[TCA_TUNNEL_KEY_ENC_IPV4_SRC]); 4478c2ecf20Sopenharmony_ci daddr = nla_get_in_addr(tb[TCA_TUNNEL_KEY_ENC_IPV4_DST]); 4488c2ecf20Sopenharmony_ci 4498c2ecf20Sopenharmony_ci metadata = __ip_tun_set_dst(saddr, daddr, tos, ttl, 4508c2ecf20Sopenharmony_ci dst_port, flags, 4518c2ecf20Sopenharmony_ci key_id, opts_len); 4528c2ecf20Sopenharmony_ci } else if (tb[TCA_TUNNEL_KEY_ENC_IPV6_SRC] && 4538c2ecf20Sopenharmony_ci tb[TCA_TUNNEL_KEY_ENC_IPV6_DST]) { 4548c2ecf20Sopenharmony_ci struct in6_addr saddr; 4558c2ecf20Sopenharmony_ci struct in6_addr daddr; 4568c2ecf20Sopenharmony_ci 4578c2ecf20Sopenharmony_ci saddr = nla_get_in6_addr(tb[TCA_TUNNEL_KEY_ENC_IPV6_SRC]); 4588c2ecf20Sopenharmony_ci daddr = nla_get_in6_addr(tb[TCA_TUNNEL_KEY_ENC_IPV6_DST]); 4598c2ecf20Sopenharmony_ci 4608c2ecf20Sopenharmony_ci metadata = __ipv6_tun_set_dst(&saddr, &daddr, tos, ttl, dst_port, 4618c2ecf20Sopenharmony_ci 0, flags, 4628c2ecf20Sopenharmony_ci key_id, opts_len); 4638c2ecf20Sopenharmony_ci } else { 4648c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Missing either ipv4 or ipv6 src and dst"); 4658c2ecf20Sopenharmony_ci ret = -EINVAL; 4668c2ecf20Sopenharmony_ci goto err_out; 4678c2ecf20Sopenharmony_ci } 4688c2ecf20Sopenharmony_ci 4698c2ecf20Sopenharmony_ci if (!metadata) { 4708c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Cannot allocate tunnel metadata dst"); 4718c2ecf20Sopenharmony_ci ret = -ENOMEM; 4728c2ecf20Sopenharmony_ci goto err_out; 4738c2ecf20Sopenharmony_ci } 4748c2ecf20Sopenharmony_ci 4758c2ecf20Sopenharmony_ci#ifdef CONFIG_DST_CACHE 4768c2ecf20Sopenharmony_ci ret = dst_cache_init(&metadata->u.tun_info.dst_cache, GFP_KERNEL); 4778c2ecf20Sopenharmony_ci if (ret) 4788c2ecf20Sopenharmony_ci goto release_tun_meta; 4798c2ecf20Sopenharmony_ci#endif 4808c2ecf20Sopenharmony_ci 4818c2ecf20Sopenharmony_ci if (opts_len) { 4828c2ecf20Sopenharmony_ci ret = tunnel_key_opts_set(tb[TCA_TUNNEL_KEY_ENC_OPTS], 4838c2ecf20Sopenharmony_ci &metadata->u.tun_info, 4848c2ecf20Sopenharmony_ci opts_len, extack); 4858c2ecf20Sopenharmony_ci if (ret < 0) 4868c2ecf20Sopenharmony_ci goto release_tun_meta; 4878c2ecf20Sopenharmony_ci } 4888c2ecf20Sopenharmony_ci 4898c2ecf20Sopenharmony_ci metadata->u.tun_info.mode |= IP_TUNNEL_INFO_TX; 4908c2ecf20Sopenharmony_ci break; 4918c2ecf20Sopenharmony_ci default: 4928c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Unknown tunnel key action"); 4938c2ecf20Sopenharmony_ci ret = -EINVAL; 4948c2ecf20Sopenharmony_ci goto err_out; 4958c2ecf20Sopenharmony_ci } 4968c2ecf20Sopenharmony_ci 4978c2ecf20Sopenharmony_ci if (!exists) { 4988c2ecf20Sopenharmony_ci ret = tcf_idr_create_from_flags(tn, index, est, a, 4998c2ecf20Sopenharmony_ci &act_tunnel_key_ops, bind, 5008c2ecf20Sopenharmony_ci act_flags); 5018c2ecf20Sopenharmony_ci if (ret) { 5028c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Cannot create TC IDR"); 5038c2ecf20Sopenharmony_ci goto release_tun_meta; 5048c2ecf20Sopenharmony_ci } 5058c2ecf20Sopenharmony_ci 5068c2ecf20Sopenharmony_ci ret = ACT_P_CREATED; 5078c2ecf20Sopenharmony_ci } else if (!ovr) { 5088c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "TC IDR already exists"); 5098c2ecf20Sopenharmony_ci ret = -EEXIST; 5108c2ecf20Sopenharmony_ci goto release_tun_meta; 5118c2ecf20Sopenharmony_ci } 5128c2ecf20Sopenharmony_ci 5138c2ecf20Sopenharmony_ci err = tcf_action_check_ctrlact(parm->action, tp, &goto_ch, extack); 5148c2ecf20Sopenharmony_ci if (err < 0) { 5158c2ecf20Sopenharmony_ci ret = err; 5168c2ecf20Sopenharmony_ci exists = true; 5178c2ecf20Sopenharmony_ci goto release_tun_meta; 5188c2ecf20Sopenharmony_ci } 5198c2ecf20Sopenharmony_ci t = to_tunnel_key(*a); 5208c2ecf20Sopenharmony_ci 5218c2ecf20Sopenharmony_ci params_new = kzalloc(sizeof(*params_new), GFP_KERNEL); 5228c2ecf20Sopenharmony_ci if (unlikely(!params_new)) { 5238c2ecf20Sopenharmony_ci NL_SET_ERR_MSG(extack, "Cannot allocate tunnel key parameters"); 5248c2ecf20Sopenharmony_ci ret = -ENOMEM; 5258c2ecf20Sopenharmony_ci exists = true; 5268c2ecf20Sopenharmony_ci goto put_chain; 5278c2ecf20Sopenharmony_ci } 5288c2ecf20Sopenharmony_ci params_new->tcft_action = parm->t_action; 5298c2ecf20Sopenharmony_ci params_new->tcft_enc_metadata = metadata; 5308c2ecf20Sopenharmony_ci 5318c2ecf20Sopenharmony_ci spin_lock_bh(&t->tcf_lock); 5328c2ecf20Sopenharmony_ci goto_ch = tcf_action_set_ctrlact(*a, parm->action, goto_ch); 5338c2ecf20Sopenharmony_ci params_new = rcu_replace_pointer(t->params, params_new, 5348c2ecf20Sopenharmony_ci lockdep_is_held(&t->tcf_lock)); 5358c2ecf20Sopenharmony_ci spin_unlock_bh(&t->tcf_lock); 5368c2ecf20Sopenharmony_ci tunnel_key_release_params(params_new); 5378c2ecf20Sopenharmony_ci if (goto_ch) 5388c2ecf20Sopenharmony_ci tcf_chain_put_by_act(goto_ch); 5398c2ecf20Sopenharmony_ci 5408c2ecf20Sopenharmony_ci return ret; 5418c2ecf20Sopenharmony_ci 5428c2ecf20Sopenharmony_ciput_chain: 5438c2ecf20Sopenharmony_ci if (goto_ch) 5448c2ecf20Sopenharmony_ci tcf_chain_put_by_act(goto_ch); 5458c2ecf20Sopenharmony_ci 5468c2ecf20Sopenharmony_cirelease_tun_meta: 5478c2ecf20Sopenharmony_ci if (metadata) 5488c2ecf20Sopenharmony_ci dst_release(&metadata->dst); 5498c2ecf20Sopenharmony_ci 5508c2ecf20Sopenharmony_cierr_out: 5518c2ecf20Sopenharmony_ci if (exists) 5528c2ecf20Sopenharmony_ci tcf_idr_release(*a, bind); 5538c2ecf20Sopenharmony_ci else 5548c2ecf20Sopenharmony_ci tcf_idr_cleanup(tn, index); 5558c2ecf20Sopenharmony_ci return ret; 5568c2ecf20Sopenharmony_ci} 5578c2ecf20Sopenharmony_ci 5588c2ecf20Sopenharmony_cistatic void tunnel_key_release(struct tc_action *a) 5598c2ecf20Sopenharmony_ci{ 5608c2ecf20Sopenharmony_ci struct tcf_tunnel_key *t = to_tunnel_key(a); 5618c2ecf20Sopenharmony_ci struct tcf_tunnel_key_params *params; 5628c2ecf20Sopenharmony_ci 5638c2ecf20Sopenharmony_ci params = rcu_dereference_protected(t->params, 1); 5648c2ecf20Sopenharmony_ci tunnel_key_release_params(params); 5658c2ecf20Sopenharmony_ci} 5668c2ecf20Sopenharmony_ci 5678c2ecf20Sopenharmony_cistatic int tunnel_key_geneve_opts_dump(struct sk_buff *skb, 5688c2ecf20Sopenharmony_ci const struct ip_tunnel_info *info) 5698c2ecf20Sopenharmony_ci{ 5708c2ecf20Sopenharmony_ci int len = info->options_len; 5718c2ecf20Sopenharmony_ci u8 *src = (u8 *)(info + 1); 5728c2ecf20Sopenharmony_ci struct nlattr *start; 5738c2ecf20Sopenharmony_ci 5748c2ecf20Sopenharmony_ci start = nla_nest_start_noflag(skb, TCA_TUNNEL_KEY_ENC_OPTS_GENEVE); 5758c2ecf20Sopenharmony_ci if (!start) 5768c2ecf20Sopenharmony_ci return -EMSGSIZE; 5778c2ecf20Sopenharmony_ci 5788c2ecf20Sopenharmony_ci while (len > 0) { 5798c2ecf20Sopenharmony_ci struct geneve_opt *opt = (struct geneve_opt *)src; 5808c2ecf20Sopenharmony_ci 5818c2ecf20Sopenharmony_ci if (nla_put_be16(skb, TCA_TUNNEL_KEY_ENC_OPT_GENEVE_CLASS, 5828c2ecf20Sopenharmony_ci opt->opt_class) || 5838c2ecf20Sopenharmony_ci nla_put_u8(skb, TCA_TUNNEL_KEY_ENC_OPT_GENEVE_TYPE, 5848c2ecf20Sopenharmony_ci opt->type) || 5858c2ecf20Sopenharmony_ci nla_put(skb, TCA_TUNNEL_KEY_ENC_OPT_GENEVE_DATA, 5868c2ecf20Sopenharmony_ci opt->length * 4, opt + 1)) { 5878c2ecf20Sopenharmony_ci nla_nest_cancel(skb, start); 5888c2ecf20Sopenharmony_ci return -EMSGSIZE; 5898c2ecf20Sopenharmony_ci } 5908c2ecf20Sopenharmony_ci 5918c2ecf20Sopenharmony_ci len -= sizeof(struct geneve_opt) + opt->length * 4; 5928c2ecf20Sopenharmony_ci src += sizeof(struct geneve_opt) + opt->length * 4; 5938c2ecf20Sopenharmony_ci } 5948c2ecf20Sopenharmony_ci 5958c2ecf20Sopenharmony_ci nla_nest_end(skb, start); 5968c2ecf20Sopenharmony_ci return 0; 5978c2ecf20Sopenharmony_ci} 5988c2ecf20Sopenharmony_ci 5998c2ecf20Sopenharmony_cistatic int tunnel_key_vxlan_opts_dump(struct sk_buff *skb, 6008c2ecf20Sopenharmony_ci const struct ip_tunnel_info *info) 6018c2ecf20Sopenharmony_ci{ 6028c2ecf20Sopenharmony_ci struct vxlan_metadata *md = (struct vxlan_metadata *)(info + 1); 6038c2ecf20Sopenharmony_ci struct nlattr *start; 6048c2ecf20Sopenharmony_ci 6058c2ecf20Sopenharmony_ci start = nla_nest_start_noflag(skb, TCA_TUNNEL_KEY_ENC_OPTS_VXLAN); 6068c2ecf20Sopenharmony_ci if (!start) 6078c2ecf20Sopenharmony_ci return -EMSGSIZE; 6088c2ecf20Sopenharmony_ci 6098c2ecf20Sopenharmony_ci if (nla_put_u32(skb, TCA_TUNNEL_KEY_ENC_OPT_VXLAN_GBP, md->gbp)) { 6108c2ecf20Sopenharmony_ci nla_nest_cancel(skb, start); 6118c2ecf20Sopenharmony_ci return -EMSGSIZE; 6128c2ecf20Sopenharmony_ci } 6138c2ecf20Sopenharmony_ci 6148c2ecf20Sopenharmony_ci nla_nest_end(skb, start); 6158c2ecf20Sopenharmony_ci return 0; 6168c2ecf20Sopenharmony_ci} 6178c2ecf20Sopenharmony_ci 6188c2ecf20Sopenharmony_cistatic int tunnel_key_erspan_opts_dump(struct sk_buff *skb, 6198c2ecf20Sopenharmony_ci const struct ip_tunnel_info *info) 6208c2ecf20Sopenharmony_ci{ 6218c2ecf20Sopenharmony_ci struct erspan_metadata *md = (struct erspan_metadata *)(info + 1); 6228c2ecf20Sopenharmony_ci struct nlattr *start; 6238c2ecf20Sopenharmony_ci 6248c2ecf20Sopenharmony_ci start = nla_nest_start_noflag(skb, TCA_TUNNEL_KEY_ENC_OPTS_ERSPAN); 6258c2ecf20Sopenharmony_ci if (!start) 6268c2ecf20Sopenharmony_ci return -EMSGSIZE; 6278c2ecf20Sopenharmony_ci 6288c2ecf20Sopenharmony_ci if (nla_put_u8(skb, TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_VER, md->version)) 6298c2ecf20Sopenharmony_ci goto err; 6308c2ecf20Sopenharmony_ci 6318c2ecf20Sopenharmony_ci if (md->version == 1 && 6328c2ecf20Sopenharmony_ci nla_put_be32(skb, TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_INDEX, md->u.index)) 6338c2ecf20Sopenharmony_ci goto err; 6348c2ecf20Sopenharmony_ci 6358c2ecf20Sopenharmony_ci if (md->version == 2 && 6368c2ecf20Sopenharmony_ci (nla_put_u8(skb, TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_DIR, 6378c2ecf20Sopenharmony_ci md->u.md2.dir) || 6388c2ecf20Sopenharmony_ci nla_put_u8(skb, TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_HWID, 6398c2ecf20Sopenharmony_ci get_hwid(&md->u.md2)))) 6408c2ecf20Sopenharmony_ci goto err; 6418c2ecf20Sopenharmony_ci 6428c2ecf20Sopenharmony_ci nla_nest_end(skb, start); 6438c2ecf20Sopenharmony_ci return 0; 6448c2ecf20Sopenharmony_cierr: 6458c2ecf20Sopenharmony_ci nla_nest_cancel(skb, start); 6468c2ecf20Sopenharmony_ci return -EMSGSIZE; 6478c2ecf20Sopenharmony_ci} 6488c2ecf20Sopenharmony_ci 6498c2ecf20Sopenharmony_cistatic int tunnel_key_opts_dump(struct sk_buff *skb, 6508c2ecf20Sopenharmony_ci const struct ip_tunnel_info *info) 6518c2ecf20Sopenharmony_ci{ 6528c2ecf20Sopenharmony_ci struct nlattr *start; 6538c2ecf20Sopenharmony_ci int err = -EINVAL; 6548c2ecf20Sopenharmony_ci 6558c2ecf20Sopenharmony_ci if (!info->options_len) 6568c2ecf20Sopenharmony_ci return 0; 6578c2ecf20Sopenharmony_ci 6588c2ecf20Sopenharmony_ci start = nla_nest_start_noflag(skb, TCA_TUNNEL_KEY_ENC_OPTS); 6598c2ecf20Sopenharmony_ci if (!start) 6608c2ecf20Sopenharmony_ci return -EMSGSIZE; 6618c2ecf20Sopenharmony_ci 6628c2ecf20Sopenharmony_ci if (info->key.tun_flags & TUNNEL_GENEVE_OPT) { 6638c2ecf20Sopenharmony_ci err = tunnel_key_geneve_opts_dump(skb, info); 6648c2ecf20Sopenharmony_ci if (err) 6658c2ecf20Sopenharmony_ci goto err_out; 6668c2ecf20Sopenharmony_ci } else if (info->key.tun_flags & TUNNEL_VXLAN_OPT) { 6678c2ecf20Sopenharmony_ci err = tunnel_key_vxlan_opts_dump(skb, info); 6688c2ecf20Sopenharmony_ci if (err) 6698c2ecf20Sopenharmony_ci goto err_out; 6708c2ecf20Sopenharmony_ci } else if (info->key.tun_flags & TUNNEL_ERSPAN_OPT) { 6718c2ecf20Sopenharmony_ci err = tunnel_key_erspan_opts_dump(skb, info); 6728c2ecf20Sopenharmony_ci if (err) 6738c2ecf20Sopenharmony_ci goto err_out; 6748c2ecf20Sopenharmony_ci } else { 6758c2ecf20Sopenharmony_cierr_out: 6768c2ecf20Sopenharmony_ci nla_nest_cancel(skb, start); 6778c2ecf20Sopenharmony_ci return err; 6788c2ecf20Sopenharmony_ci } 6798c2ecf20Sopenharmony_ci 6808c2ecf20Sopenharmony_ci nla_nest_end(skb, start); 6818c2ecf20Sopenharmony_ci return 0; 6828c2ecf20Sopenharmony_ci} 6838c2ecf20Sopenharmony_ci 6848c2ecf20Sopenharmony_cistatic int tunnel_key_dump_addresses(struct sk_buff *skb, 6858c2ecf20Sopenharmony_ci const struct ip_tunnel_info *info) 6868c2ecf20Sopenharmony_ci{ 6878c2ecf20Sopenharmony_ci unsigned short family = ip_tunnel_info_af(info); 6888c2ecf20Sopenharmony_ci 6898c2ecf20Sopenharmony_ci if (family == AF_INET) { 6908c2ecf20Sopenharmony_ci __be32 saddr = info->key.u.ipv4.src; 6918c2ecf20Sopenharmony_ci __be32 daddr = info->key.u.ipv4.dst; 6928c2ecf20Sopenharmony_ci 6938c2ecf20Sopenharmony_ci if (!nla_put_in_addr(skb, TCA_TUNNEL_KEY_ENC_IPV4_SRC, saddr) && 6948c2ecf20Sopenharmony_ci !nla_put_in_addr(skb, TCA_TUNNEL_KEY_ENC_IPV4_DST, daddr)) 6958c2ecf20Sopenharmony_ci return 0; 6968c2ecf20Sopenharmony_ci } 6978c2ecf20Sopenharmony_ci 6988c2ecf20Sopenharmony_ci if (family == AF_INET6) { 6998c2ecf20Sopenharmony_ci const struct in6_addr *saddr6 = &info->key.u.ipv6.src; 7008c2ecf20Sopenharmony_ci const struct in6_addr *daddr6 = &info->key.u.ipv6.dst; 7018c2ecf20Sopenharmony_ci 7028c2ecf20Sopenharmony_ci if (!nla_put_in6_addr(skb, 7038c2ecf20Sopenharmony_ci TCA_TUNNEL_KEY_ENC_IPV6_SRC, saddr6) && 7048c2ecf20Sopenharmony_ci !nla_put_in6_addr(skb, 7058c2ecf20Sopenharmony_ci TCA_TUNNEL_KEY_ENC_IPV6_DST, daddr6)) 7068c2ecf20Sopenharmony_ci return 0; 7078c2ecf20Sopenharmony_ci } 7088c2ecf20Sopenharmony_ci 7098c2ecf20Sopenharmony_ci return -EINVAL; 7108c2ecf20Sopenharmony_ci} 7118c2ecf20Sopenharmony_ci 7128c2ecf20Sopenharmony_cistatic int tunnel_key_dump(struct sk_buff *skb, struct tc_action *a, 7138c2ecf20Sopenharmony_ci int bind, int ref) 7148c2ecf20Sopenharmony_ci{ 7158c2ecf20Sopenharmony_ci unsigned char *b = skb_tail_pointer(skb); 7168c2ecf20Sopenharmony_ci struct tcf_tunnel_key *t = to_tunnel_key(a); 7178c2ecf20Sopenharmony_ci struct tcf_tunnel_key_params *params; 7188c2ecf20Sopenharmony_ci struct tc_tunnel_key opt = { 7198c2ecf20Sopenharmony_ci .index = t->tcf_index, 7208c2ecf20Sopenharmony_ci .refcnt = refcount_read(&t->tcf_refcnt) - ref, 7218c2ecf20Sopenharmony_ci .bindcnt = atomic_read(&t->tcf_bindcnt) - bind, 7228c2ecf20Sopenharmony_ci }; 7238c2ecf20Sopenharmony_ci struct tcf_t tm; 7248c2ecf20Sopenharmony_ci 7258c2ecf20Sopenharmony_ci spin_lock_bh(&t->tcf_lock); 7268c2ecf20Sopenharmony_ci params = rcu_dereference_protected(t->params, 7278c2ecf20Sopenharmony_ci lockdep_is_held(&t->tcf_lock)); 7288c2ecf20Sopenharmony_ci opt.action = t->tcf_action; 7298c2ecf20Sopenharmony_ci opt.t_action = params->tcft_action; 7308c2ecf20Sopenharmony_ci 7318c2ecf20Sopenharmony_ci if (nla_put(skb, TCA_TUNNEL_KEY_PARMS, sizeof(opt), &opt)) 7328c2ecf20Sopenharmony_ci goto nla_put_failure; 7338c2ecf20Sopenharmony_ci 7348c2ecf20Sopenharmony_ci if (params->tcft_action == TCA_TUNNEL_KEY_ACT_SET) { 7358c2ecf20Sopenharmony_ci struct ip_tunnel_info *info = 7368c2ecf20Sopenharmony_ci ¶ms->tcft_enc_metadata->u.tun_info; 7378c2ecf20Sopenharmony_ci struct ip_tunnel_key *key = &info->key; 7388c2ecf20Sopenharmony_ci __be32 key_id = tunnel_id_to_key32(key->tun_id); 7398c2ecf20Sopenharmony_ci 7408c2ecf20Sopenharmony_ci if (((key->tun_flags & TUNNEL_KEY) && 7418c2ecf20Sopenharmony_ci nla_put_be32(skb, TCA_TUNNEL_KEY_ENC_KEY_ID, key_id)) || 7428c2ecf20Sopenharmony_ci tunnel_key_dump_addresses(skb, 7438c2ecf20Sopenharmony_ci ¶ms->tcft_enc_metadata->u.tun_info) || 7448c2ecf20Sopenharmony_ci (key->tp_dst && 7458c2ecf20Sopenharmony_ci nla_put_be16(skb, TCA_TUNNEL_KEY_ENC_DST_PORT, 7468c2ecf20Sopenharmony_ci key->tp_dst)) || 7478c2ecf20Sopenharmony_ci nla_put_u8(skb, TCA_TUNNEL_KEY_NO_CSUM, 7488c2ecf20Sopenharmony_ci !(key->tun_flags & TUNNEL_CSUM)) || 7498c2ecf20Sopenharmony_ci tunnel_key_opts_dump(skb, info)) 7508c2ecf20Sopenharmony_ci goto nla_put_failure; 7518c2ecf20Sopenharmony_ci 7528c2ecf20Sopenharmony_ci if (key->tos && nla_put_u8(skb, TCA_TUNNEL_KEY_ENC_TOS, key->tos)) 7538c2ecf20Sopenharmony_ci goto nla_put_failure; 7548c2ecf20Sopenharmony_ci 7558c2ecf20Sopenharmony_ci if (key->ttl && nla_put_u8(skb, TCA_TUNNEL_KEY_ENC_TTL, key->ttl)) 7568c2ecf20Sopenharmony_ci goto nla_put_failure; 7578c2ecf20Sopenharmony_ci } 7588c2ecf20Sopenharmony_ci 7598c2ecf20Sopenharmony_ci tcf_tm_dump(&tm, &t->tcf_tm); 7608c2ecf20Sopenharmony_ci if (nla_put_64bit(skb, TCA_TUNNEL_KEY_TM, sizeof(tm), 7618c2ecf20Sopenharmony_ci &tm, TCA_TUNNEL_KEY_PAD)) 7628c2ecf20Sopenharmony_ci goto nla_put_failure; 7638c2ecf20Sopenharmony_ci spin_unlock_bh(&t->tcf_lock); 7648c2ecf20Sopenharmony_ci 7658c2ecf20Sopenharmony_ci return skb->len; 7668c2ecf20Sopenharmony_ci 7678c2ecf20Sopenharmony_cinla_put_failure: 7688c2ecf20Sopenharmony_ci spin_unlock_bh(&t->tcf_lock); 7698c2ecf20Sopenharmony_ci nlmsg_trim(skb, b); 7708c2ecf20Sopenharmony_ci return -1; 7718c2ecf20Sopenharmony_ci} 7728c2ecf20Sopenharmony_ci 7738c2ecf20Sopenharmony_cistatic int tunnel_key_walker(struct net *net, struct sk_buff *skb, 7748c2ecf20Sopenharmony_ci struct netlink_callback *cb, int type, 7758c2ecf20Sopenharmony_ci const struct tc_action_ops *ops, 7768c2ecf20Sopenharmony_ci struct netlink_ext_ack *extack) 7778c2ecf20Sopenharmony_ci{ 7788c2ecf20Sopenharmony_ci struct tc_action_net *tn = net_generic(net, tunnel_key_net_id); 7798c2ecf20Sopenharmony_ci 7808c2ecf20Sopenharmony_ci return tcf_generic_walker(tn, skb, cb, type, ops, extack); 7818c2ecf20Sopenharmony_ci} 7828c2ecf20Sopenharmony_ci 7838c2ecf20Sopenharmony_cistatic int tunnel_key_search(struct net *net, struct tc_action **a, u32 index) 7848c2ecf20Sopenharmony_ci{ 7858c2ecf20Sopenharmony_ci struct tc_action_net *tn = net_generic(net, tunnel_key_net_id); 7868c2ecf20Sopenharmony_ci 7878c2ecf20Sopenharmony_ci return tcf_idr_search(tn, a, index); 7888c2ecf20Sopenharmony_ci} 7898c2ecf20Sopenharmony_ci 7908c2ecf20Sopenharmony_cistatic struct tc_action_ops act_tunnel_key_ops = { 7918c2ecf20Sopenharmony_ci .kind = "tunnel_key", 7928c2ecf20Sopenharmony_ci .id = TCA_ID_TUNNEL_KEY, 7938c2ecf20Sopenharmony_ci .owner = THIS_MODULE, 7948c2ecf20Sopenharmony_ci .act = tunnel_key_act, 7958c2ecf20Sopenharmony_ci .dump = tunnel_key_dump, 7968c2ecf20Sopenharmony_ci .init = tunnel_key_init, 7978c2ecf20Sopenharmony_ci .cleanup = tunnel_key_release, 7988c2ecf20Sopenharmony_ci .walk = tunnel_key_walker, 7998c2ecf20Sopenharmony_ci .lookup = tunnel_key_search, 8008c2ecf20Sopenharmony_ci .size = sizeof(struct tcf_tunnel_key), 8018c2ecf20Sopenharmony_ci}; 8028c2ecf20Sopenharmony_ci 8038c2ecf20Sopenharmony_cistatic __net_init int tunnel_key_init_net(struct net *net) 8048c2ecf20Sopenharmony_ci{ 8058c2ecf20Sopenharmony_ci struct tc_action_net *tn = net_generic(net, tunnel_key_net_id); 8068c2ecf20Sopenharmony_ci 8078c2ecf20Sopenharmony_ci return tc_action_net_init(net, tn, &act_tunnel_key_ops); 8088c2ecf20Sopenharmony_ci} 8098c2ecf20Sopenharmony_ci 8108c2ecf20Sopenharmony_cistatic void __net_exit tunnel_key_exit_net(struct list_head *net_list) 8118c2ecf20Sopenharmony_ci{ 8128c2ecf20Sopenharmony_ci tc_action_net_exit(net_list, tunnel_key_net_id); 8138c2ecf20Sopenharmony_ci} 8148c2ecf20Sopenharmony_ci 8158c2ecf20Sopenharmony_cistatic struct pernet_operations tunnel_key_net_ops = { 8168c2ecf20Sopenharmony_ci .init = tunnel_key_init_net, 8178c2ecf20Sopenharmony_ci .exit_batch = tunnel_key_exit_net, 8188c2ecf20Sopenharmony_ci .id = &tunnel_key_net_id, 8198c2ecf20Sopenharmony_ci .size = sizeof(struct tc_action_net), 8208c2ecf20Sopenharmony_ci}; 8218c2ecf20Sopenharmony_ci 8228c2ecf20Sopenharmony_cistatic int __init tunnel_key_init_module(void) 8238c2ecf20Sopenharmony_ci{ 8248c2ecf20Sopenharmony_ci return tcf_register_action(&act_tunnel_key_ops, &tunnel_key_net_ops); 8258c2ecf20Sopenharmony_ci} 8268c2ecf20Sopenharmony_ci 8278c2ecf20Sopenharmony_cistatic void __exit tunnel_key_cleanup_module(void) 8288c2ecf20Sopenharmony_ci{ 8298c2ecf20Sopenharmony_ci tcf_unregister_action(&act_tunnel_key_ops, &tunnel_key_net_ops); 8308c2ecf20Sopenharmony_ci} 8318c2ecf20Sopenharmony_ci 8328c2ecf20Sopenharmony_cimodule_init(tunnel_key_init_module); 8338c2ecf20Sopenharmony_cimodule_exit(tunnel_key_cleanup_module); 8348c2ecf20Sopenharmony_ci 8358c2ecf20Sopenharmony_ciMODULE_AUTHOR("Amir Vadai <amir@vadai.me>"); 8368c2ecf20Sopenharmony_ciMODULE_DESCRIPTION("ip tunnel manipulation actions"); 8378c2ecf20Sopenharmony_ciMODULE_LICENSE("GPL v2"); 838