162306a36Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0-or-later 262306a36Sopenharmony_ci/* 362306a36Sopenharmony_ci * Copyright (c) 2016, Amir Vadai <amir@vadai.me> 462306a36Sopenharmony_ci * Copyright (c) 2016, Mellanox Technologies. All rights reserved. 562306a36Sopenharmony_ci */ 662306a36Sopenharmony_ci 762306a36Sopenharmony_ci#include <linux/module.h> 862306a36Sopenharmony_ci#include <linux/init.h> 962306a36Sopenharmony_ci#include <linux/kernel.h> 1062306a36Sopenharmony_ci#include <linux/skbuff.h> 1162306a36Sopenharmony_ci#include <linux/rtnetlink.h> 1262306a36Sopenharmony_ci#include <net/geneve.h> 1362306a36Sopenharmony_ci#include <net/vxlan.h> 1462306a36Sopenharmony_ci#include <net/erspan.h> 1562306a36Sopenharmony_ci#include <net/netlink.h> 1662306a36Sopenharmony_ci#include <net/pkt_sched.h> 1762306a36Sopenharmony_ci#include <net/dst.h> 1862306a36Sopenharmony_ci#include <net/pkt_cls.h> 1962306a36Sopenharmony_ci#include <net/tc_wrapper.h> 2062306a36Sopenharmony_ci 2162306a36Sopenharmony_ci#include <linux/tc_act/tc_tunnel_key.h> 2262306a36Sopenharmony_ci#include <net/tc_act/tc_tunnel_key.h> 2362306a36Sopenharmony_ci 2462306a36Sopenharmony_cistatic struct tc_action_ops act_tunnel_key_ops; 2562306a36Sopenharmony_ci 2662306a36Sopenharmony_ciTC_INDIRECT_SCOPE int tunnel_key_act(struct sk_buff *skb, 2762306a36Sopenharmony_ci const struct tc_action *a, 2862306a36Sopenharmony_ci struct tcf_result *res) 2962306a36Sopenharmony_ci{ 3062306a36Sopenharmony_ci struct tcf_tunnel_key *t = to_tunnel_key(a); 3162306a36Sopenharmony_ci struct tcf_tunnel_key_params *params; 3262306a36Sopenharmony_ci int action; 3362306a36Sopenharmony_ci 3462306a36Sopenharmony_ci params = rcu_dereference_bh(t->params); 3562306a36Sopenharmony_ci 3662306a36Sopenharmony_ci tcf_lastuse_update(&t->tcf_tm); 3762306a36Sopenharmony_ci tcf_action_update_bstats(&t->common, skb); 3862306a36Sopenharmony_ci action = READ_ONCE(t->tcf_action); 3962306a36Sopenharmony_ci 4062306a36Sopenharmony_ci switch (params->tcft_action) { 4162306a36Sopenharmony_ci case TCA_TUNNEL_KEY_ACT_RELEASE: 4262306a36Sopenharmony_ci skb_dst_drop(skb); 4362306a36Sopenharmony_ci break; 4462306a36Sopenharmony_ci case TCA_TUNNEL_KEY_ACT_SET: 4562306a36Sopenharmony_ci skb_dst_drop(skb); 4662306a36Sopenharmony_ci skb_dst_set(skb, dst_clone(¶ms->tcft_enc_metadata->dst)); 4762306a36Sopenharmony_ci break; 4862306a36Sopenharmony_ci default: 4962306a36Sopenharmony_ci WARN_ONCE(1, "Bad tunnel_key action %d.\n", 5062306a36Sopenharmony_ci params->tcft_action); 5162306a36Sopenharmony_ci break; 5262306a36Sopenharmony_ci } 5362306a36Sopenharmony_ci 5462306a36Sopenharmony_ci return action; 5562306a36Sopenharmony_ci} 5662306a36Sopenharmony_ci 5762306a36Sopenharmony_cistatic const struct nla_policy 5862306a36Sopenharmony_cienc_opts_policy[TCA_TUNNEL_KEY_ENC_OPTS_MAX + 1] = { 5962306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPTS_UNSPEC] = { 6062306a36Sopenharmony_ci .strict_start_type = TCA_TUNNEL_KEY_ENC_OPTS_VXLAN }, 6162306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPTS_GENEVE] = { .type = NLA_NESTED }, 6262306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPTS_VXLAN] = { .type = NLA_NESTED }, 6362306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPTS_ERSPAN] = { .type = NLA_NESTED }, 6462306a36Sopenharmony_ci}; 6562306a36Sopenharmony_ci 6662306a36Sopenharmony_cistatic const struct nla_policy 6762306a36Sopenharmony_cigeneve_opt_policy[TCA_TUNNEL_KEY_ENC_OPT_GENEVE_MAX + 1] = { 6862306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPT_GENEVE_CLASS] = { .type = NLA_U16 }, 6962306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPT_GENEVE_TYPE] = { .type = NLA_U8 }, 7062306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPT_GENEVE_DATA] = { .type = NLA_BINARY, 7162306a36Sopenharmony_ci .len = 128 }, 7262306a36Sopenharmony_ci}; 7362306a36Sopenharmony_ci 7462306a36Sopenharmony_cistatic const struct nla_policy 7562306a36Sopenharmony_civxlan_opt_policy[TCA_TUNNEL_KEY_ENC_OPT_VXLAN_MAX + 1] = { 7662306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPT_VXLAN_GBP] = { .type = NLA_U32 }, 7762306a36Sopenharmony_ci}; 7862306a36Sopenharmony_ci 7962306a36Sopenharmony_cistatic const struct nla_policy 8062306a36Sopenharmony_cierspan_opt_policy[TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_MAX + 1] = { 8162306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_VER] = { .type = NLA_U8 }, 8262306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_INDEX] = { .type = NLA_U32 }, 8362306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_DIR] = { .type = NLA_U8 }, 8462306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_HWID] = { .type = NLA_U8 }, 8562306a36Sopenharmony_ci}; 8662306a36Sopenharmony_ci 8762306a36Sopenharmony_cistatic int 8862306a36Sopenharmony_citunnel_key_copy_geneve_opt(const struct nlattr *nla, void *dst, int dst_len, 8962306a36Sopenharmony_ci struct netlink_ext_ack *extack) 9062306a36Sopenharmony_ci{ 9162306a36Sopenharmony_ci struct nlattr *tb[TCA_TUNNEL_KEY_ENC_OPT_GENEVE_MAX + 1]; 9262306a36Sopenharmony_ci int err, data_len, opt_len; 9362306a36Sopenharmony_ci u8 *data; 9462306a36Sopenharmony_ci 9562306a36Sopenharmony_ci err = nla_parse_nested_deprecated(tb, 9662306a36Sopenharmony_ci TCA_TUNNEL_KEY_ENC_OPT_GENEVE_MAX, 9762306a36Sopenharmony_ci nla, geneve_opt_policy, extack); 9862306a36Sopenharmony_ci if (err < 0) 9962306a36Sopenharmony_ci return err; 10062306a36Sopenharmony_ci 10162306a36Sopenharmony_ci if (!tb[TCA_TUNNEL_KEY_ENC_OPT_GENEVE_CLASS] || 10262306a36Sopenharmony_ci !tb[TCA_TUNNEL_KEY_ENC_OPT_GENEVE_TYPE] || 10362306a36Sopenharmony_ci !tb[TCA_TUNNEL_KEY_ENC_OPT_GENEVE_DATA]) { 10462306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Missing tunnel key geneve option class, type or data"); 10562306a36Sopenharmony_ci return -EINVAL; 10662306a36Sopenharmony_ci } 10762306a36Sopenharmony_ci 10862306a36Sopenharmony_ci data = nla_data(tb[TCA_TUNNEL_KEY_ENC_OPT_GENEVE_DATA]); 10962306a36Sopenharmony_ci data_len = nla_len(tb[TCA_TUNNEL_KEY_ENC_OPT_GENEVE_DATA]); 11062306a36Sopenharmony_ci if (data_len < 4) { 11162306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Tunnel key geneve option data is less than 4 bytes long"); 11262306a36Sopenharmony_ci return -ERANGE; 11362306a36Sopenharmony_ci } 11462306a36Sopenharmony_ci if (data_len % 4) { 11562306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Tunnel key geneve option data is not a multiple of 4 bytes long"); 11662306a36Sopenharmony_ci return -ERANGE; 11762306a36Sopenharmony_ci } 11862306a36Sopenharmony_ci 11962306a36Sopenharmony_ci opt_len = sizeof(struct geneve_opt) + data_len; 12062306a36Sopenharmony_ci if (dst) { 12162306a36Sopenharmony_ci struct geneve_opt *opt = dst; 12262306a36Sopenharmony_ci 12362306a36Sopenharmony_ci WARN_ON(dst_len < opt_len); 12462306a36Sopenharmony_ci 12562306a36Sopenharmony_ci opt->opt_class = 12662306a36Sopenharmony_ci nla_get_be16(tb[TCA_TUNNEL_KEY_ENC_OPT_GENEVE_CLASS]); 12762306a36Sopenharmony_ci opt->type = nla_get_u8(tb[TCA_TUNNEL_KEY_ENC_OPT_GENEVE_TYPE]); 12862306a36Sopenharmony_ci opt->length = data_len / 4; /* length is in units of 4 bytes */ 12962306a36Sopenharmony_ci opt->r1 = 0; 13062306a36Sopenharmony_ci opt->r2 = 0; 13162306a36Sopenharmony_ci opt->r3 = 0; 13262306a36Sopenharmony_ci 13362306a36Sopenharmony_ci memcpy(opt + 1, data, data_len); 13462306a36Sopenharmony_ci } 13562306a36Sopenharmony_ci 13662306a36Sopenharmony_ci return opt_len; 13762306a36Sopenharmony_ci} 13862306a36Sopenharmony_ci 13962306a36Sopenharmony_cistatic int 14062306a36Sopenharmony_citunnel_key_copy_vxlan_opt(const struct nlattr *nla, void *dst, int dst_len, 14162306a36Sopenharmony_ci struct netlink_ext_ack *extack) 14262306a36Sopenharmony_ci{ 14362306a36Sopenharmony_ci struct nlattr *tb[TCA_TUNNEL_KEY_ENC_OPT_VXLAN_MAX + 1]; 14462306a36Sopenharmony_ci int err; 14562306a36Sopenharmony_ci 14662306a36Sopenharmony_ci err = nla_parse_nested(tb, TCA_TUNNEL_KEY_ENC_OPT_VXLAN_MAX, nla, 14762306a36Sopenharmony_ci vxlan_opt_policy, extack); 14862306a36Sopenharmony_ci if (err < 0) 14962306a36Sopenharmony_ci return err; 15062306a36Sopenharmony_ci 15162306a36Sopenharmony_ci if (!tb[TCA_TUNNEL_KEY_ENC_OPT_VXLAN_GBP]) { 15262306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Missing tunnel key vxlan option gbp"); 15362306a36Sopenharmony_ci return -EINVAL; 15462306a36Sopenharmony_ci } 15562306a36Sopenharmony_ci 15662306a36Sopenharmony_ci if (dst) { 15762306a36Sopenharmony_ci struct vxlan_metadata *md = dst; 15862306a36Sopenharmony_ci 15962306a36Sopenharmony_ci md->gbp = nla_get_u32(tb[TCA_TUNNEL_KEY_ENC_OPT_VXLAN_GBP]); 16062306a36Sopenharmony_ci md->gbp &= VXLAN_GBP_MASK; 16162306a36Sopenharmony_ci } 16262306a36Sopenharmony_ci 16362306a36Sopenharmony_ci return sizeof(struct vxlan_metadata); 16462306a36Sopenharmony_ci} 16562306a36Sopenharmony_ci 16662306a36Sopenharmony_cistatic int 16762306a36Sopenharmony_citunnel_key_copy_erspan_opt(const struct nlattr *nla, void *dst, int dst_len, 16862306a36Sopenharmony_ci struct netlink_ext_ack *extack) 16962306a36Sopenharmony_ci{ 17062306a36Sopenharmony_ci struct nlattr *tb[TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_MAX + 1]; 17162306a36Sopenharmony_ci int err; 17262306a36Sopenharmony_ci u8 ver; 17362306a36Sopenharmony_ci 17462306a36Sopenharmony_ci err = nla_parse_nested(tb, TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_MAX, nla, 17562306a36Sopenharmony_ci erspan_opt_policy, extack); 17662306a36Sopenharmony_ci if (err < 0) 17762306a36Sopenharmony_ci return err; 17862306a36Sopenharmony_ci 17962306a36Sopenharmony_ci if (!tb[TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_VER]) { 18062306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Missing tunnel key erspan option ver"); 18162306a36Sopenharmony_ci return -EINVAL; 18262306a36Sopenharmony_ci } 18362306a36Sopenharmony_ci 18462306a36Sopenharmony_ci ver = nla_get_u8(tb[TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_VER]); 18562306a36Sopenharmony_ci if (ver == 1) { 18662306a36Sopenharmony_ci if (!tb[TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_INDEX]) { 18762306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Missing tunnel key erspan option index"); 18862306a36Sopenharmony_ci return -EINVAL; 18962306a36Sopenharmony_ci } 19062306a36Sopenharmony_ci } else if (ver == 2) { 19162306a36Sopenharmony_ci if (!tb[TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_DIR] || 19262306a36Sopenharmony_ci !tb[TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_HWID]) { 19362306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Missing tunnel key erspan option dir or hwid"); 19462306a36Sopenharmony_ci return -EINVAL; 19562306a36Sopenharmony_ci } 19662306a36Sopenharmony_ci } else { 19762306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Tunnel key erspan option ver is incorrect"); 19862306a36Sopenharmony_ci return -EINVAL; 19962306a36Sopenharmony_ci } 20062306a36Sopenharmony_ci 20162306a36Sopenharmony_ci if (dst) { 20262306a36Sopenharmony_ci struct erspan_metadata *md = dst; 20362306a36Sopenharmony_ci 20462306a36Sopenharmony_ci md->version = ver; 20562306a36Sopenharmony_ci if (ver == 1) { 20662306a36Sopenharmony_ci nla = tb[TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_INDEX]; 20762306a36Sopenharmony_ci md->u.index = nla_get_be32(nla); 20862306a36Sopenharmony_ci } else { 20962306a36Sopenharmony_ci nla = tb[TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_DIR]; 21062306a36Sopenharmony_ci md->u.md2.dir = nla_get_u8(nla); 21162306a36Sopenharmony_ci nla = tb[TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_HWID]; 21262306a36Sopenharmony_ci set_hwid(&md->u.md2, nla_get_u8(nla)); 21362306a36Sopenharmony_ci } 21462306a36Sopenharmony_ci } 21562306a36Sopenharmony_ci 21662306a36Sopenharmony_ci return sizeof(struct erspan_metadata); 21762306a36Sopenharmony_ci} 21862306a36Sopenharmony_ci 21962306a36Sopenharmony_cistatic int tunnel_key_copy_opts(const struct nlattr *nla, u8 *dst, 22062306a36Sopenharmony_ci int dst_len, struct netlink_ext_ack *extack) 22162306a36Sopenharmony_ci{ 22262306a36Sopenharmony_ci int err, rem, opt_len, len = nla_len(nla), opts_len = 0, type = 0; 22362306a36Sopenharmony_ci const struct nlattr *attr, *head = nla_data(nla); 22462306a36Sopenharmony_ci 22562306a36Sopenharmony_ci err = nla_validate_deprecated(head, len, TCA_TUNNEL_KEY_ENC_OPTS_MAX, 22662306a36Sopenharmony_ci enc_opts_policy, extack); 22762306a36Sopenharmony_ci if (err) 22862306a36Sopenharmony_ci return err; 22962306a36Sopenharmony_ci 23062306a36Sopenharmony_ci nla_for_each_attr(attr, head, len, rem) { 23162306a36Sopenharmony_ci switch (nla_type(attr)) { 23262306a36Sopenharmony_ci case TCA_TUNNEL_KEY_ENC_OPTS_GENEVE: 23362306a36Sopenharmony_ci if (type && type != TUNNEL_GENEVE_OPT) { 23462306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Duplicate type for geneve options"); 23562306a36Sopenharmony_ci return -EINVAL; 23662306a36Sopenharmony_ci } 23762306a36Sopenharmony_ci opt_len = tunnel_key_copy_geneve_opt(attr, dst, 23862306a36Sopenharmony_ci dst_len, extack); 23962306a36Sopenharmony_ci if (opt_len < 0) 24062306a36Sopenharmony_ci return opt_len; 24162306a36Sopenharmony_ci opts_len += opt_len; 24262306a36Sopenharmony_ci if (opts_len > IP_TUNNEL_OPTS_MAX) { 24362306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Tunnel options exceeds max size"); 24462306a36Sopenharmony_ci return -EINVAL; 24562306a36Sopenharmony_ci } 24662306a36Sopenharmony_ci if (dst) { 24762306a36Sopenharmony_ci dst_len -= opt_len; 24862306a36Sopenharmony_ci dst += opt_len; 24962306a36Sopenharmony_ci } 25062306a36Sopenharmony_ci type = TUNNEL_GENEVE_OPT; 25162306a36Sopenharmony_ci break; 25262306a36Sopenharmony_ci case TCA_TUNNEL_KEY_ENC_OPTS_VXLAN: 25362306a36Sopenharmony_ci if (type) { 25462306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Duplicate type for vxlan options"); 25562306a36Sopenharmony_ci return -EINVAL; 25662306a36Sopenharmony_ci } 25762306a36Sopenharmony_ci opt_len = tunnel_key_copy_vxlan_opt(attr, dst, 25862306a36Sopenharmony_ci dst_len, extack); 25962306a36Sopenharmony_ci if (opt_len < 0) 26062306a36Sopenharmony_ci return opt_len; 26162306a36Sopenharmony_ci opts_len += opt_len; 26262306a36Sopenharmony_ci type = TUNNEL_VXLAN_OPT; 26362306a36Sopenharmony_ci break; 26462306a36Sopenharmony_ci case TCA_TUNNEL_KEY_ENC_OPTS_ERSPAN: 26562306a36Sopenharmony_ci if (type) { 26662306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Duplicate type for erspan options"); 26762306a36Sopenharmony_ci return -EINVAL; 26862306a36Sopenharmony_ci } 26962306a36Sopenharmony_ci opt_len = tunnel_key_copy_erspan_opt(attr, dst, 27062306a36Sopenharmony_ci dst_len, extack); 27162306a36Sopenharmony_ci if (opt_len < 0) 27262306a36Sopenharmony_ci return opt_len; 27362306a36Sopenharmony_ci opts_len += opt_len; 27462306a36Sopenharmony_ci type = TUNNEL_ERSPAN_OPT; 27562306a36Sopenharmony_ci break; 27662306a36Sopenharmony_ci } 27762306a36Sopenharmony_ci } 27862306a36Sopenharmony_ci 27962306a36Sopenharmony_ci if (!opts_len) { 28062306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Empty list of tunnel options"); 28162306a36Sopenharmony_ci return -EINVAL; 28262306a36Sopenharmony_ci } 28362306a36Sopenharmony_ci 28462306a36Sopenharmony_ci if (rem > 0) { 28562306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Trailing data after parsing tunnel key options attributes"); 28662306a36Sopenharmony_ci return -EINVAL; 28762306a36Sopenharmony_ci } 28862306a36Sopenharmony_ci 28962306a36Sopenharmony_ci return opts_len; 29062306a36Sopenharmony_ci} 29162306a36Sopenharmony_ci 29262306a36Sopenharmony_cistatic int tunnel_key_get_opts_len(struct nlattr *nla, 29362306a36Sopenharmony_ci struct netlink_ext_ack *extack) 29462306a36Sopenharmony_ci{ 29562306a36Sopenharmony_ci return tunnel_key_copy_opts(nla, NULL, 0, extack); 29662306a36Sopenharmony_ci} 29762306a36Sopenharmony_ci 29862306a36Sopenharmony_cistatic int tunnel_key_opts_set(struct nlattr *nla, struct ip_tunnel_info *info, 29962306a36Sopenharmony_ci int opts_len, struct netlink_ext_ack *extack) 30062306a36Sopenharmony_ci{ 30162306a36Sopenharmony_ci info->options_len = opts_len; 30262306a36Sopenharmony_ci switch (nla_type(nla_data(nla))) { 30362306a36Sopenharmony_ci case TCA_TUNNEL_KEY_ENC_OPTS_GENEVE: 30462306a36Sopenharmony_ci#if IS_ENABLED(CONFIG_INET) 30562306a36Sopenharmony_ci info->key.tun_flags |= TUNNEL_GENEVE_OPT; 30662306a36Sopenharmony_ci return tunnel_key_copy_opts(nla, ip_tunnel_info_opts(info), 30762306a36Sopenharmony_ci opts_len, extack); 30862306a36Sopenharmony_ci#else 30962306a36Sopenharmony_ci return -EAFNOSUPPORT; 31062306a36Sopenharmony_ci#endif 31162306a36Sopenharmony_ci case TCA_TUNNEL_KEY_ENC_OPTS_VXLAN: 31262306a36Sopenharmony_ci#if IS_ENABLED(CONFIG_INET) 31362306a36Sopenharmony_ci info->key.tun_flags |= TUNNEL_VXLAN_OPT; 31462306a36Sopenharmony_ci return tunnel_key_copy_opts(nla, ip_tunnel_info_opts(info), 31562306a36Sopenharmony_ci opts_len, extack); 31662306a36Sopenharmony_ci#else 31762306a36Sopenharmony_ci return -EAFNOSUPPORT; 31862306a36Sopenharmony_ci#endif 31962306a36Sopenharmony_ci case TCA_TUNNEL_KEY_ENC_OPTS_ERSPAN: 32062306a36Sopenharmony_ci#if IS_ENABLED(CONFIG_INET) 32162306a36Sopenharmony_ci info->key.tun_flags |= TUNNEL_ERSPAN_OPT; 32262306a36Sopenharmony_ci return tunnel_key_copy_opts(nla, ip_tunnel_info_opts(info), 32362306a36Sopenharmony_ci opts_len, extack); 32462306a36Sopenharmony_ci#else 32562306a36Sopenharmony_ci return -EAFNOSUPPORT; 32662306a36Sopenharmony_ci#endif 32762306a36Sopenharmony_ci default: 32862306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Cannot set tunnel options for unknown tunnel type"); 32962306a36Sopenharmony_ci return -EINVAL; 33062306a36Sopenharmony_ci } 33162306a36Sopenharmony_ci} 33262306a36Sopenharmony_ci 33362306a36Sopenharmony_cistatic const struct nla_policy tunnel_key_policy[TCA_TUNNEL_KEY_MAX + 1] = { 33462306a36Sopenharmony_ci [TCA_TUNNEL_KEY_PARMS] = { .len = sizeof(struct tc_tunnel_key) }, 33562306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_IPV4_SRC] = { .type = NLA_U32 }, 33662306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_IPV4_DST] = { .type = NLA_U32 }, 33762306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_IPV6_SRC] = { .len = sizeof(struct in6_addr) }, 33862306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_IPV6_DST] = { .len = sizeof(struct in6_addr) }, 33962306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_KEY_ID] = { .type = NLA_U32 }, 34062306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_DST_PORT] = {.type = NLA_U16}, 34162306a36Sopenharmony_ci [TCA_TUNNEL_KEY_NO_CSUM] = { .type = NLA_U8 }, 34262306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_OPTS] = { .type = NLA_NESTED }, 34362306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_TOS] = { .type = NLA_U8 }, 34462306a36Sopenharmony_ci [TCA_TUNNEL_KEY_ENC_TTL] = { .type = NLA_U8 }, 34562306a36Sopenharmony_ci}; 34662306a36Sopenharmony_ci 34762306a36Sopenharmony_cistatic void tunnel_key_release_params(struct tcf_tunnel_key_params *p) 34862306a36Sopenharmony_ci{ 34962306a36Sopenharmony_ci if (!p) 35062306a36Sopenharmony_ci return; 35162306a36Sopenharmony_ci if (p->tcft_action == TCA_TUNNEL_KEY_ACT_SET) 35262306a36Sopenharmony_ci dst_release(&p->tcft_enc_metadata->dst); 35362306a36Sopenharmony_ci 35462306a36Sopenharmony_ci kfree_rcu(p, rcu); 35562306a36Sopenharmony_ci} 35662306a36Sopenharmony_ci 35762306a36Sopenharmony_cistatic int tunnel_key_init(struct net *net, struct nlattr *nla, 35862306a36Sopenharmony_ci struct nlattr *est, struct tc_action **a, 35962306a36Sopenharmony_ci struct tcf_proto *tp, u32 act_flags, 36062306a36Sopenharmony_ci struct netlink_ext_ack *extack) 36162306a36Sopenharmony_ci{ 36262306a36Sopenharmony_ci struct tc_action_net *tn = net_generic(net, act_tunnel_key_ops.net_id); 36362306a36Sopenharmony_ci bool bind = act_flags & TCA_ACT_FLAGS_BIND; 36462306a36Sopenharmony_ci struct nlattr *tb[TCA_TUNNEL_KEY_MAX + 1]; 36562306a36Sopenharmony_ci struct tcf_tunnel_key_params *params_new; 36662306a36Sopenharmony_ci struct metadata_dst *metadata = NULL; 36762306a36Sopenharmony_ci struct tcf_chain *goto_ch = NULL; 36862306a36Sopenharmony_ci struct tc_tunnel_key *parm; 36962306a36Sopenharmony_ci struct tcf_tunnel_key *t; 37062306a36Sopenharmony_ci bool exists = false; 37162306a36Sopenharmony_ci __be16 dst_port = 0; 37262306a36Sopenharmony_ci __be64 key_id = 0; 37362306a36Sopenharmony_ci int opts_len = 0; 37462306a36Sopenharmony_ci __be16 flags = 0; 37562306a36Sopenharmony_ci u8 tos, ttl; 37662306a36Sopenharmony_ci int ret = 0; 37762306a36Sopenharmony_ci u32 index; 37862306a36Sopenharmony_ci int err; 37962306a36Sopenharmony_ci 38062306a36Sopenharmony_ci if (!nla) { 38162306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Tunnel requires attributes to be passed"); 38262306a36Sopenharmony_ci return -EINVAL; 38362306a36Sopenharmony_ci } 38462306a36Sopenharmony_ci 38562306a36Sopenharmony_ci err = nla_parse_nested_deprecated(tb, TCA_TUNNEL_KEY_MAX, nla, 38662306a36Sopenharmony_ci tunnel_key_policy, extack); 38762306a36Sopenharmony_ci if (err < 0) { 38862306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Failed to parse nested tunnel key attributes"); 38962306a36Sopenharmony_ci return err; 39062306a36Sopenharmony_ci } 39162306a36Sopenharmony_ci 39262306a36Sopenharmony_ci if (!tb[TCA_TUNNEL_KEY_PARMS]) { 39362306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Missing tunnel key parameters"); 39462306a36Sopenharmony_ci return -EINVAL; 39562306a36Sopenharmony_ci } 39662306a36Sopenharmony_ci 39762306a36Sopenharmony_ci parm = nla_data(tb[TCA_TUNNEL_KEY_PARMS]); 39862306a36Sopenharmony_ci index = parm->index; 39962306a36Sopenharmony_ci err = tcf_idr_check_alloc(tn, &index, a, bind); 40062306a36Sopenharmony_ci if (err < 0) 40162306a36Sopenharmony_ci return err; 40262306a36Sopenharmony_ci exists = err; 40362306a36Sopenharmony_ci if (exists && bind) 40462306a36Sopenharmony_ci return 0; 40562306a36Sopenharmony_ci 40662306a36Sopenharmony_ci switch (parm->t_action) { 40762306a36Sopenharmony_ci case TCA_TUNNEL_KEY_ACT_RELEASE: 40862306a36Sopenharmony_ci break; 40962306a36Sopenharmony_ci case TCA_TUNNEL_KEY_ACT_SET: 41062306a36Sopenharmony_ci if (tb[TCA_TUNNEL_KEY_ENC_KEY_ID]) { 41162306a36Sopenharmony_ci __be32 key32; 41262306a36Sopenharmony_ci 41362306a36Sopenharmony_ci key32 = nla_get_be32(tb[TCA_TUNNEL_KEY_ENC_KEY_ID]); 41462306a36Sopenharmony_ci key_id = key32_to_tunnel_id(key32); 41562306a36Sopenharmony_ci flags = TUNNEL_KEY; 41662306a36Sopenharmony_ci } 41762306a36Sopenharmony_ci 41862306a36Sopenharmony_ci flags |= TUNNEL_CSUM; 41962306a36Sopenharmony_ci if (tb[TCA_TUNNEL_KEY_NO_CSUM] && 42062306a36Sopenharmony_ci nla_get_u8(tb[TCA_TUNNEL_KEY_NO_CSUM])) 42162306a36Sopenharmony_ci flags &= ~TUNNEL_CSUM; 42262306a36Sopenharmony_ci 42362306a36Sopenharmony_ci if (nla_get_flag(tb[TCA_TUNNEL_KEY_NO_FRAG])) 42462306a36Sopenharmony_ci flags |= TUNNEL_DONT_FRAGMENT; 42562306a36Sopenharmony_ci 42662306a36Sopenharmony_ci if (tb[TCA_TUNNEL_KEY_ENC_DST_PORT]) 42762306a36Sopenharmony_ci dst_port = nla_get_be16(tb[TCA_TUNNEL_KEY_ENC_DST_PORT]); 42862306a36Sopenharmony_ci 42962306a36Sopenharmony_ci if (tb[TCA_TUNNEL_KEY_ENC_OPTS]) { 43062306a36Sopenharmony_ci opts_len = tunnel_key_get_opts_len(tb[TCA_TUNNEL_KEY_ENC_OPTS], 43162306a36Sopenharmony_ci extack); 43262306a36Sopenharmony_ci if (opts_len < 0) { 43362306a36Sopenharmony_ci ret = opts_len; 43462306a36Sopenharmony_ci goto err_out; 43562306a36Sopenharmony_ci } 43662306a36Sopenharmony_ci } 43762306a36Sopenharmony_ci 43862306a36Sopenharmony_ci tos = 0; 43962306a36Sopenharmony_ci if (tb[TCA_TUNNEL_KEY_ENC_TOS]) 44062306a36Sopenharmony_ci tos = nla_get_u8(tb[TCA_TUNNEL_KEY_ENC_TOS]); 44162306a36Sopenharmony_ci ttl = 0; 44262306a36Sopenharmony_ci if (tb[TCA_TUNNEL_KEY_ENC_TTL]) 44362306a36Sopenharmony_ci ttl = nla_get_u8(tb[TCA_TUNNEL_KEY_ENC_TTL]); 44462306a36Sopenharmony_ci 44562306a36Sopenharmony_ci if (tb[TCA_TUNNEL_KEY_ENC_IPV4_SRC] && 44662306a36Sopenharmony_ci tb[TCA_TUNNEL_KEY_ENC_IPV4_DST]) { 44762306a36Sopenharmony_ci __be32 saddr; 44862306a36Sopenharmony_ci __be32 daddr; 44962306a36Sopenharmony_ci 45062306a36Sopenharmony_ci saddr = nla_get_in_addr(tb[TCA_TUNNEL_KEY_ENC_IPV4_SRC]); 45162306a36Sopenharmony_ci daddr = nla_get_in_addr(tb[TCA_TUNNEL_KEY_ENC_IPV4_DST]); 45262306a36Sopenharmony_ci 45362306a36Sopenharmony_ci metadata = __ip_tun_set_dst(saddr, daddr, tos, ttl, 45462306a36Sopenharmony_ci dst_port, flags, 45562306a36Sopenharmony_ci key_id, opts_len); 45662306a36Sopenharmony_ci } else if (tb[TCA_TUNNEL_KEY_ENC_IPV6_SRC] && 45762306a36Sopenharmony_ci tb[TCA_TUNNEL_KEY_ENC_IPV6_DST]) { 45862306a36Sopenharmony_ci struct in6_addr saddr; 45962306a36Sopenharmony_ci struct in6_addr daddr; 46062306a36Sopenharmony_ci 46162306a36Sopenharmony_ci saddr = nla_get_in6_addr(tb[TCA_TUNNEL_KEY_ENC_IPV6_SRC]); 46262306a36Sopenharmony_ci daddr = nla_get_in6_addr(tb[TCA_TUNNEL_KEY_ENC_IPV6_DST]); 46362306a36Sopenharmony_ci 46462306a36Sopenharmony_ci metadata = __ipv6_tun_set_dst(&saddr, &daddr, tos, ttl, dst_port, 46562306a36Sopenharmony_ci 0, flags, 46662306a36Sopenharmony_ci key_id, opts_len); 46762306a36Sopenharmony_ci } else { 46862306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Missing either ipv4 or ipv6 src and dst"); 46962306a36Sopenharmony_ci ret = -EINVAL; 47062306a36Sopenharmony_ci goto err_out; 47162306a36Sopenharmony_ci } 47262306a36Sopenharmony_ci 47362306a36Sopenharmony_ci if (!metadata) { 47462306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Cannot allocate tunnel metadata dst"); 47562306a36Sopenharmony_ci ret = -ENOMEM; 47662306a36Sopenharmony_ci goto err_out; 47762306a36Sopenharmony_ci } 47862306a36Sopenharmony_ci 47962306a36Sopenharmony_ci#ifdef CONFIG_DST_CACHE 48062306a36Sopenharmony_ci ret = dst_cache_init(&metadata->u.tun_info.dst_cache, GFP_KERNEL); 48162306a36Sopenharmony_ci if (ret) 48262306a36Sopenharmony_ci goto release_tun_meta; 48362306a36Sopenharmony_ci#endif 48462306a36Sopenharmony_ci 48562306a36Sopenharmony_ci if (opts_len) { 48662306a36Sopenharmony_ci ret = tunnel_key_opts_set(tb[TCA_TUNNEL_KEY_ENC_OPTS], 48762306a36Sopenharmony_ci &metadata->u.tun_info, 48862306a36Sopenharmony_ci opts_len, extack); 48962306a36Sopenharmony_ci if (ret < 0) 49062306a36Sopenharmony_ci goto release_tun_meta; 49162306a36Sopenharmony_ci } 49262306a36Sopenharmony_ci 49362306a36Sopenharmony_ci metadata->u.tun_info.mode |= IP_TUNNEL_INFO_TX; 49462306a36Sopenharmony_ci break; 49562306a36Sopenharmony_ci default: 49662306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Unknown tunnel key action"); 49762306a36Sopenharmony_ci ret = -EINVAL; 49862306a36Sopenharmony_ci goto err_out; 49962306a36Sopenharmony_ci } 50062306a36Sopenharmony_ci 50162306a36Sopenharmony_ci if (!exists) { 50262306a36Sopenharmony_ci ret = tcf_idr_create_from_flags(tn, index, est, a, 50362306a36Sopenharmony_ci &act_tunnel_key_ops, bind, 50462306a36Sopenharmony_ci act_flags); 50562306a36Sopenharmony_ci if (ret) { 50662306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Cannot create TC IDR"); 50762306a36Sopenharmony_ci goto release_tun_meta; 50862306a36Sopenharmony_ci } 50962306a36Sopenharmony_ci 51062306a36Sopenharmony_ci ret = ACT_P_CREATED; 51162306a36Sopenharmony_ci } else if (!(act_flags & TCA_ACT_FLAGS_REPLACE)) { 51262306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "TC IDR already exists"); 51362306a36Sopenharmony_ci ret = -EEXIST; 51462306a36Sopenharmony_ci goto release_tun_meta; 51562306a36Sopenharmony_ci } 51662306a36Sopenharmony_ci 51762306a36Sopenharmony_ci err = tcf_action_check_ctrlact(parm->action, tp, &goto_ch, extack); 51862306a36Sopenharmony_ci if (err < 0) { 51962306a36Sopenharmony_ci ret = err; 52062306a36Sopenharmony_ci exists = true; 52162306a36Sopenharmony_ci goto release_tun_meta; 52262306a36Sopenharmony_ci } 52362306a36Sopenharmony_ci t = to_tunnel_key(*a); 52462306a36Sopenharmony_ci 52562306a36Sopenharmony_ci params_new = kzalloc(sizeof(*params_new), GFP_KERNEL); 52662306a36Sopenharmony_ci if (unlikely(!params_new)) { 52762306a36Sopenharmony_ci NL_SET_ERR_MSG(extack, "Cannot allocate tunnel key parameters"); 52862306a36Sopenharmony_ci ret = -ENOMEM; 52962306a36Sopenharmony_ci exists = true; 53062306a36Sopenharmony_ci goto put_chain; 53162306a36Sopenharmony_ci } 53262306a36Sopenharmony_ci params_new->tcft_action = parm->t_action; 53362306a36Sopenharmony_ci params_new->tcft_enc_metadata = metadata; 53462306a36Sopenharmony_ci 53562306a36Sopenharmony_ci spin_lock_bh(&t->tcf_lock); 53662306a36Sopenharmony_ci goto_ch = tcf_action_set_ctrlact(*a, parm->action, goto_ch); 53762306a36Sopenharmony_ci params_new = rcu_replace_pointer(t->params, params_new, 53862306a36Sopenharmony_ci lockdep_is_held(&t->tcf_lock)); 53962306a36Sopenharmony_ci spin_unlock_bh(&t->tcf_lock); 54062306a36Sopenharmony_ci tunnel_key_release_params(params_new); 54162306a36Sopenharmony_ci if (goto_ch) 54262306a36Sopenharmony_ci tcf_chain_put_by_act(goto_ch); 54362306a36Sopenharmony_ci 54462306a36Sopenharmony_ci return ret; 54562306a36Sopenharmony_ci 54662306a36Sopenharmony_ciput_chain: 54762306a36Sopenharmony_ci if (goto_ch) 54862306a36Sopenharmony_ci tcf_chain_put_by_act(goto_ch); 54962306a36Sopenharmony_ci 55062306a36Sopenharmony_cirelease_tun_meta: 55162306a36Sopenharmony_ci if (metadata) 55262306a36Sopenharmony_ci dst_release(&metadata->dst); 55362306a36Sopenharmony_ci 55462306a36Sopenharmony_cierr_out: 55562306a36Sopenharmony_ci if (exists) 55662306a36Sopenharmony_ci tcf_idr_release(*a, bind); 55762306a36Sopenharmony_ci else 55862306a36Sopenharmony_ci tcf_idr_cleanup(tn, index); 55962306a36Sopenharmony_ci return ret; 56062306a36Sopenharmony_ci} 56162306a36Sopenharmony_ci 56262306a36Sopenharmony_cistatic void tunnel_key_release(struct tc_action *a) 56362306a36Sopenharmony_ci{ 56462306a36Sopenharmony_ci struct tcf_tunnel_key *t = to_tunnel_key(a); 56562306a36Sopenharmony_ci struct tcf_tunnel_key_params *params; 56662306a36Sopenharmony_ci 56762306a36Sopenharmony_ci params = rcu_dereference_protected(t->params, 1); 56862306a36Sopenharmony_ci tunnel_key_release_params(params); 56962306a36Sopenharmony_ci} 57062306a36Sopenharmony_ci 57162306a36Sopenharmony_cistatic int tunnel_key_geneve_opts_dump(struct sk_buff *skb, 57262306a36Sopenharmony_ci const struct ip_tunnel_info *info) 57362306a36Sopenharmony_ci{ 57462306a36Sopenharmony_ci int len = info->options_len; 57562306a36Sopenharmony_ci u8 *src = (u8 *)(info + 1); 57662306a36Sopenharmony_ci struct nlattr *start; 57762306a36Sopenharmony_ci 57862306a36Sopenharmony_ci start = nla_nest_start_noflag(skb, TCA_TUNNEL_KEY_ENC_OPTS_GENEVE); 57962306a36Sopenharmony_ci if (!start) 58062306a36Sopenharmony_ci return -EMSGSIZE; 58162306a36Sopenharmony_ci 58262306a36Sopenharmony_ci while (len > 0) { 58362306a36Sopenharmony_ci struct geneve_opt *opt = (struct geneve_opt *)src; 58462306a36Sopenharmony_ci 58562306a36Sopenharmony_ci if (nla_put_be16(skb, TCA_TUNNEL_KEY_ENC_OPT_GENEVE_CLASS, 58662306a36Sopenharmony_ci opt->opt_class) || 58762306a36Sopenharmony_ci nla_put_u8(skb, TCA_TUNNEL_KEY_ENC_OPT_GENEVE_TYPE, 58862306a36Sopenharmony_ci opt->type) || 58962306a36Sopenharmony_ci nla_put(skb, TCA_TUNNEL_KEY_ENC_OPT_GENEVE_DATA, 59062306a36Sopenharmony_ci opt->length * 4, opt + 1)) { 59162306a36Sopenharmony_ci nla_nest_cancel(skb, start); 59262306a36Sopenharmony_ci return -EMSGSIZE; 59362306a36Sopenharmony_ci } 59462306a36Sopenharmony_ci 59562306a36Sopenharmony_ci len -= sizeof(struct geneve_opt) + opt->length * 4; 59662306a36Sopenharmony_ci src += sizeof(struct geneve_opt) + opt->length * 4; 59762306a36Sopenharmony_ci } 59862306a36Sopenharmony_ci 59962306a36Sopenharmony_ci nla_nest_end(skb, start); 60062306a36Sopenharmony_ci return 0; 60162306a36Sopenharmony_ci} 60262306a36Sopenharmony_ci 60362306a36Sopenharmony_cistatic int tunnel_key_vxlan_opts_dump(struct sk_buff *skb, 60462306a36Sopenharmony_ci const struct ip_tunnel_info *info) 60562306a36Sopenharmony_ci{ 60662306a36Sopenharmony_ci struct vxlan_metadata *md = (struct vxlan_metadata *)(info + 1); 60762306a36Sopenharmony_ci struct nlattr *start; 60862306a36Sopenharmony_ci 60962306a36Sopenharmony_ci start = nla_nest_start_noflag(skb, TCA_TUNNEL_KEY_ENC_OPTS_VXLAN); 61062306a36Sopenharmony_ci if (!start) 61162306a36Sopenharmony_ci return -EMSGSIZE; 61262306a36Sopenharmony_ci 61362306a36Sopenharmony_ci if (nla_put_u32(skb, TCA_TUNNEL_KEY_ENC_OPT_VXLAN_GBP, md->gbp)) { 61462306a36Sopenharmony_ci nla_nest_cancel(skb, start); 61562306a36Sopenharmony_ci return -EMSGSIZE; 61662306a36Sopenharmony_ci } 61762306a36Sopenharmony_ci 61862306a36Sopenharmony_ci nla_nest_end(skb, start); 61962306a36Sopenharmony_ci return 0; 62062306a36Sopenharmony_ci} 62162306a36Sopenharmony_ci 62262306a36Sopenharmony_cistatic int tunnel_key_erspan_opts_dump(struct sk_buff *skb, 62362306a36Sopenharmony_ci const struct ip_tunnel_info *info) 62462306a36Sopenharmony_ci{ 62562306a36Sopenharmony_ci struct erspan_metadata *md = (struct erspan_metadata *)(info + 1); 62662306a36Sopenharmony_ci struct nlattr *start; 62762306a36Sopenharmony_ci 62862306a36Sopenharmony_ci start = nla_nest_start_noflag(skb, TCA_TUNNEL_KEY_ENC_OPTS_ERSPAN); 62962306a36Sopenharmony_ci if (!start) 63062306a36Sopenharmony_ci return -EMSGSIZE; 63162306a36Sopenharmony_ci 63262306a36Sopenharmony_ci if (nla_put_u8(skb, TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_VER, md->version)) 63362306a36Sopenharmony_ci goto err; 63462306a36Sopenharmony_ci 63562306a36Sopenharmony_ci if (md->version == 1 && 63662306a36Sopenharmony_ci nla_put_be32(skb, TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_INDEX, md->u.index)) 63762306a36Sopenharmony_ci goto err; 63862306a36Sopenharmony_ci 63962306a36Sopenharmony_ci if (md->version == 2 && 64062306a36Sopenharmony_ci (nla_put_u8(skb, TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_DIR, 64162306a36Sopenharmony_ci md->u.md2.dir) || 64262306a36Sopenharmony_ci nla_put_u8(skb, TCA_TUNNEL_KEY_ENC_OPT_ERSPAN_HWID, 64362306a36Sopenharmony_ci get_hwid(&md->u.md2)))) 64462306a36Sopenharmony_ci goto err; 64562306a36Sopenharmony_ci 64662306a36Sopenharmony_ci nla_nest_end(skb, start); 64762306a36Sopenharmony_ci return 0; 64862306a36Sopenharmony_cierr: 64962306a36Sopenharmony_ci nla_nest_cancel(skb, start); 65062306a36Sopenharmony_ci return -EMSGSIZE; 65162306a36Sopenharmony_ci} 65262306a36Sopenharmony_ci 65362306a36Sopenharmony_cistatic int tunnel_key_opts_dump(struct sk_buff *skb, 65462306a36Sopenharmony_ci const struct ip_tunnel_info *info) 65562306a36Sopenharmony_ci{ 65662306a36Sopenharmony_ci struct nlattr *start; 65762306a36Sopenharmony_ci int err = -EINVAL; 65862306a36Sopenharmony_ci 65962306a36Sopenharmony_ci if (!info->options_len) 66062306a36Sopenharmony_ci return 0; 66162306a36Sopenharmony_ci 66262306a36Sopenharmony_ci start = nla_nest_start_noflag(skb, TCA_TUNNEL_KEY_ENC_OPTS); 66362306a36Sopenharmony_ci if (!start) 66462306a36Sopenharmony_ci return -EMSGSIZE; 66562306a36Sopenharmony_ci 66662306a36Sopenharmony_ci if (info->key.tun_flags & TUNNEL_GENEVE_OPT) { 66762306a36Sopenharmony_ci err = tunnel_key_geneve_opts_dump(skb, info); 66862306a36Sopenharmony_ci if (err) 66962306a36Sopenharmony_ci goto err_out; 67062306a36Sopenharmony_ci } else if (info->key.tun_flags & TUNNEL_VXLAN_OPT) { 67162306a36Sopenharmony_ci err = tunnel_key_vxlan_opts_dump(skb, info); 67262306a36Sopenharmony_ci if (err) 67362306a36Sopenharmony_ci goto err_out; 67462306a36Sopenharmony_ci } else if (info->key.tun_flags & TUNNEL_ERSPAN_OPT) { 67562306a36Sopenharmony_ci err = tunnel_key_erspan_opts_dump(skb, info); 67662306a36Sopenharmony_ci if (err) 67762306a36Sopenharmony_ci goto err_out; 67862306a36Sopenharmony_ci } else { 67962306a36Sopenharmony_cierr_out: 68062306a36Sopenharmony_ci nla_nest_cancel(skb, start); 68162306a36Sopenharmony_ci return err; 68262306a36Sopenharmony_ci } 68362306a36Sopenharmony_ci 68462306a36Sopenharmony_ci nla_nest_end(skb, start); 68562306a36Sopenharmony_ci return 0; 68662306a36Sopenharmony_ci} 68762306a36Sopenharmony_ci 68862306a36Sopenharmony_cistatic int tunnel_key_dump_addresses(struct sk_buff *skb, 68962306a36Sopenharmony_ci const struct ip_tunnel_info *info) 69062306a36Sopenharmony_ci{ 69162306a36Sopenharmony_ci unsigned short family = ip_tunnel_info_af(info); 69262306a36Sopenharmony_ci 69362306a36Sopenharmony_ci if (family == AF_INET) { 69462306a36Sopenharmony_ci __be32 saddr = info->key.u.ipv4.src; 69562306a36Sopenharmony_ci __be32 daddr = info->key.u.ipv4.dst; 69662306a36Sopenharmony_ci 69762306a36Sopenharmony_ci if (!nla_put_in_addr(skb, TCA_TUNNEL_KEY_ENC_IPV4_SRC, saddr) && 69862306a36Sopenharmony_ci !nla_put_in_addr(skb, TCA_TUNNEL_KEY_ENC_IPV4_DST, daddr)) 69962306a36Sopenharmony_ci return 0; 70062306a36Sopenharmony_ci } 70162306a36Sopenharmony_ci 70262306a36Sopenharmony_ci if (family == AF_INET6) { 70362306a36Sopenharmony_ci const struct in6_addr *saddr6 = &info->key.u.ipv6.src; 70462306a36Sopenharmony_ci const struct in6_addr *daddr6 = &info->key.u.ipv6.dst; 70562306a36Sopenharmony_ci 70662306a36Sopenharmony_ci if (!nla_put_in6_addr(skb, 70762306a36Sopenharmony_ci TCA_TUNNEL_KEY_ENC_IPV6_SRC, saddr6) && 70862306a36Sopenharmony_ci !nla_put_in6_addr(skb, 70962306a36Sopenharmony_ci TCA_TUNNEL_KEY_ENC_IPV6_DST, daddr6)) 71062306a36Sopenharmony_ci return 0; 71162306a36Sopenharmony_ci } 71262306a36Sopenharmony_ci 71362306a36Sopenharmony_ci return -EINVAL; 71462306a36Sopenharmony_ci} 71562306a36Sopenharmony_ci 71662306a36Sopenharmony_cistatic int tunnel_key_dump(struct sk_buff *skb, struct tc_action *a, 71762306a36Sopenharmony_ci int bind, int ref) 71862306a36Sopenharmony_ci{ 71962306a36Sopenharmony_ci unsigned char *b = skb_tail_pointer(skb); 72062306a36Sopenharmony_ci struct tcf_tunnel_key *t = to_tunnel_key(a); 72162306a36Sopenharmony_ci struct tcf_tunnel_key_params *params; 72262306a36Sopenharmony_ci struct tc_tunnel_key opt = { 72362306a36Sopenharmony_ci .index = t->tcf_index, 72462306a36Sopenharmony_ci .refcnt = refcount_read(&t->tcf_refcnt) - ref, 72562306a36Sopenharmony_ci .bindcnt = atomic_read(&t->tcf_bindcnt) - bind, 72662306a36Sopenharmony_ci }; 72762306a36Sopenharmony_ci struct tcf_t tm; 72862306a36Sopenharmony_ci 72962306a36Sopenharmony_ci spin_lock_bh(&t->tcf_lock); 73062306a36Sopenharmony_ci params = rcu_dereference_protected(t->params, 73162306a36Sopenharmony_ci lockdep_is_held(&t->tcf_lock)); 73262306a36Sopenharmony_ci opt.action = t->tcf_action; 73362306a36Sopenharmony_ci opt.t_action = params->tcft_action; 73462306a36Sopenharmony_ci 73562306a36Sopenharmony_ci if (nla_put(skb, TCA_TUNNEL_KEY_PARMS, sizeof(opt), &opt)) 73662306a36Sopenharmony_ci goto nla_put_failure; 73762306a36Sopenharmony_ci 73862306a36Sopenharmony_ci if (params->tcft_action == TCA_TUNNEL_KEY_ACT_SET) { 73962306a36Sopenharmony_ci struct ip_tunnel_info *info = 74062306a36Sopenharmony_ci ¶ms->tcft_enc_metadata->u.tun_info; 74162306a36Sopenharmony_ci struct ip_tunnel_key *key = &info->key; 74262306a36Sopenharmony_ci __be32 key_id = tunnel_id_to_key32(key->tun_id); 74362306a36Sopenharmony_ci 74462306a36Sopenharmony_ci if (((key->tun_flags & TUNNEL_KEY) && 74562306a36Sopenharmony_ci nla_put_be32(skb, TCA_TUNNEL_KEY_ENC_KEY_ID, key_id)) || 74662306a36Sopenharmony_ci tunnel_key_dump_addresses(skb, 74762306a36Sopenharmony_ci ¶ms->tcft_enc_metadata->u.tun_info) || 74862306a36Sopenharmony_ci (key->tp_dst && 74962306a36Sopenharmony_ci nla_put_be16(skb, TCA_TUNNEL_KEY_ENC_DST_PORT, 75062306a36Sopenharmony_ci key->tp_dst)) || 75162306a36Sopenharmony_ci nla_put_u8(skb, TCA_TUNNEL_KEY_NO_CSUM, 75262306a36Sopenharmony_ci !(key->tun_flags & TUNNEL_CSUM)) || 75362306a36Sopenharmony_ci ((key->tun_flags & TUNNEL_DONT_FRAGMENT) && 75462306a36Sopenharmony_ci nla_put_flag(skb, TCA_TUNNEL_KEY_NO_FRAG)) || 75562306a36Sopenharmony_ci tunnel_key_opts_dump(skb, info)) 75662306a36Sopenharmony_ci goto nla_put_failure; 75762306a36Sopenharmony_ci 75862306a36Sopenharmony_ci if (key->tos && nla_put_u8(skb, TCA_TUNNEL_KEY_ENC_TOS, key->tos)) 75962306a36Sopenharmony_ci goto nla_put_failure; 76062306a36Sopenharmony_ci 76162306a36Sopenharmony_ci if (key->ttl && nla_put_u8(skb, TCA_TUNNEL_KEY_ENC_TTL, key->ttl)) 76262306a36Sopenharmony_ci goto nla_put_failure; 76362306a36Sopenharmony_ci } 76462306a36Sopenharmony_ci 76562306a36Sopenharmony_ci tcf_tm_dump(&tm, &t->tcf_tm); 76662306a36Sopenharmony_ci if (nla_put_64bit(skb, TCA_TUNNEL_KEY_TM, sizeof(tm), 76762306a36Sopenharmony_ci &tm, TCA_TUNNEL_KEY_PAD)) 76862306a36Sopenharmony_ci goto nla_put_failure; 76962306a36Sopenharmony_ci spin_unlock_bh(&t->tcf_lock); 77062306a36Sopenharmony_ci 77162306a36Sopenharmony_ci return skb->len; 77262306a36Sopenharmony_ci 77362306a36Sopenharmony_cinla_put_failure: 77462306a36Sopenharmony_ci spin_unlock_bh(&t->tcf_lock); 77562306a36Sopenharmony_ci nlmsg_trim(skb, b); 77662306a36Sopenharmony_ci return -1; 77762306a36Sopenharmony_ci} 77862306a36Sopenharmony_ci 77962306a36Sopenharmony_cistatic void tcf_tunnel_encap_put_tunnel(void *priv) 78062306a36Sopenharmony_ci{ 78162306a36Sopenharmony_ci struct ip_tunnel_info *tunnel = priv; 78262306a36Sopenharmony_ci 78362306a36Sopenharmony_ci kfree(tunnel); 78462306a36Sopenharmony_ci} 78562306a36Sopenharmony_ci 78662306a36Sopenharmony_cistatic int tcf_tunnel_encap_get_tunnel(struct flow_action_entry *entry, 78762306a36Sopenharmony_ci const struct tc_action *act) 78862306a36Sopenharmony_ci{ 78962306a36Sopenharmony_ci entry->tunnel = tcf_tunnel_info_copy(act); 79062306a36Sopenharmony_ci if (!entry->tunnel) 79162306a36Sopenharmony_ci return -ENOMEM; 79262306a36Sopenharmony_ci entry->destructor = tcf_tunnel_encap_put_tunnel; 79362306a36Sopenharmony_ci entry->destructor_priv = entry->tunnel; 79462306a36Sopenharmony_ci return 0; 79562306a36Sopenharmony_ci} 79662306a36Sopenharmony_ci 79762306a36Sopenharmony_cistatic int tcf_tunnel_key_offload_act_setup(struct tc_action *act, 79862306a36Sopenharmony_ci void *entry_data, 79962306a36Sopenharmony_ci u32 *index_inc, 80062306a36Sopenharmony_ci bool bind, 80162306a36Sopenharmony_ci struct netlink_ext_ack *extack) 80262306a36Sopenharmony_ci{ 80362306a36Sopenharmony_ci int err; 80462306a36Sopenharmony_ci 80562306a36Sopenharmony_ci if (bind) { 80662306a36Sopenharmony_ci struct flow_action_entry *entry = entry_data; 80762306a36Sopenharmony_ci 80862306a36Sopenharmony_ci if (is_tcf_tunnel_set(act)) { 80962306a36Sopenharmony_ci entry->id = FLOW_ACTION_TUNNEL_ENCAP; 81062306a36Sopenharmony_ci err = tcf_tunnel_encap_get_tunnel(entry, act); 81162306a36Sopenharmony_ci if (err) 81262306a36Sopenharmony_ci return err; 81362306a36Sopenharmony_ci } else if (is_tcf_tunnel_release(act)) { 81462306a36Sopenharmony_ci entry->id = FLOW_ACTION_TUNNEL_DECAP; 81562306a36Sopenharmony_ci } else { 81662306a36Sopenharmony_ci NL_SET_ERR_MSG_MOD(extack, "Unsupported tunnel key mode offload"); 81762306a36Sopenharmony_ci return -EOPNOTSUPP; 81862306a36Sopenharmony_ci } 81962306a36Sopenharmony_ci *index_inc = 1; 82062306a36Sopenharmony_ci } else { 82162306a36Sopenharmony_ci struct flow_offload_action *fl_action = entry_data; 82262306a36Sopenharmony_ci 82362306a36Sopenharmony_ci if (is_tcf_tunnel_set(act)) 82462306a36Sopenharmony_ci fl_action->id = FLOW_ACTION_TUNNEL_ENCAP; 82562306a36Sopenharmony_ci else if (is_tcf_tunnel_release(act)) 82662306a36Sopenharmony_ci fl_action->id = FLOW_ACTION_TUNNEL_DECAP; 82762306a36Sopenharmony_ci else 82862306a36Sopenharmony_ci return -EOPNOTSUPP; 82962306a36Sopenharmony_ci } 83062306a36Sopenharmony_ci 83162306a36Sopenharmony_ci return 0; 83262306a36Sopenharmony_ci} 83362306a36Sopenharmony_ci 83462306a36Sopenharmony_cistatic struct tc_action_ops act_tunnel_key_ops = { 83562306a36Sopenharmony_ci .kind = "tunnel_key", 83662306a36Sopenharmony_ci .id = TCA_ID_TUNNEL_KEY, 83762306a36Sopenharmony_ci .owner = THIS_MODULE, 83862306a36Sopenharmony_ci .act = tunnel_key_act, 83962306a36Sopenharmony_ci .dump = tunnel_key_dump, 84062306a36Sopenharmony_ci .init = tunnel_key_init, 84162306a36Sopenharmony_ci .cleanup = tunnel_key_release, 84262306a36Sopenharmony_ci .offload_act_setup = tcf_tunnel_key_offload_act_setup, 84362306a36Sopenharmony_ci .size = sizeof(struct tcf_tunnel_key), 84462306a36Sopenharmony_ci}; 84562306a36Sopenharmony_ci 84662306a36Sopenharmony_cistatic __net_init int tunnel_key_init_net(struct net *net) 84762306a36Sopenharmony_ci{ 84862306a36Sopenharmony_ci struct tc_action_net *tn = net_generic(net, act_tunnel_key_ops.net_id); 84962306a36Sopenharmony_ci 85062306a36Sopenharmony_ci return tc_action_net_init(net, tn, &act_tunnel_key_ops); 85162306a36Sopenharmony_ci} 85262306a36Sopenharmony_ci 85362306a36Sopenharmony_cistatic void __net_exit tunnel_key_exit_net(struct list_head *net_list) 85462306a36Sopenharmony_ci{ 85562306a36Sopenharmony_ci tc_action_net_exit(net_list, act_tunnel_key_ops.net_id); 85662306a36Sopenharmony_ci} 85762306a36Sopenharmony_ci 85862306a36Sopenharmony_cistatic struct pernet_operations tunnel_key_net_ops = { 85962306a36Sopenharmony_ci .init = tunnel_key_init_net, 86062306a36Sopenharmony_ci .exit_batch = tunnel_key_exit_net, 86162306a36Sopenharmony_ci .id = &act_tunnel_key_ops.net_id, 86262306a36Sopenharmony_ci .size = sizeof(struct tc_action_net), 86362306a36Sopenharmony_ci}; 86462306a36Sopenharmony_ci 86562306a36Sopenharmony_cistatic int __init tunnel_key_init_module(void) 86662306a36Sopenharmony_ci{ 86762306a36Sopenharmony_ci return tcf_register_action(&act_tunnel_key_ops, &tunnel_key_net_ops); 86862306a36Sopenharmony_ci} 86962306a36Sopenharmony_ci 87062306a36Sopenharmony_cistatic void __exit tunnel_key_cleanup_module(void) 87162306a36Sopenharmony_ci{ 87262306a36Sopenharmony_ci tcf_unregister_action(&act_tunnel_key_ops, &tunnel_key_net_ops); 87362306a36Sopenharmony_ci} 87462306a36Sopenharmony_ci 87562306a36Sopenharmony_cimodule_init(tunnel_key_init_module); 87662306a36Sopenharmony_cimodule_exit(tunnel_key_cleanup_module); 87762306a36Sopenharmony_ci 87862306a36Sopenharmony_ciMODULE_AUTHOR("Amir Vadai <amir@vadai.me>"); 87962306a36Sopenharmony_ciMODULE_DESCRIPTION("ip tunnel manipulation actions"); 88062306a36Sopenharmony_ciMODULE_LICENSE("GPL v2"); 881