2 * Copyright (c) 2007-2011 Nicira Networks.
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of version 2 of the GNU General Public
6 * License as published by the Free Software Foundation.
8 * This program is distributed in the hope that it will be useful, but
9 * WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
11 * General Public License for more details.
13 * You should have received a copy of the GNU General Public License
14 * along with this program; if not, write to the Free Software
15 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
19 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
21 #include <linux/init.h>
22 #include <linux/module.h>
23 #include <linux/if_arp.h>
24 #include <linux/if_vlan.h>
27 #include <linux/jhash.h>
28 #include <linux/delay.h>
29 #include <linux/time.h>
30 #include <linux/etherdevice.h>
31 #include <linux/genetlink.h>
32 #include <linux/kernel.h>
33 #include <linux/kthread.h>
34 #include <linux/mutex.h>
35 #include <linux/percpu.h>
36 #include <linux/rcupdate.h>
37 #include <linux/tcp.h>
38 #include <linux/udp.h>
39 #include <linux/version.h>
40 #include <linux/ethtool.h>
41 #include <linux/wait.h>
42 #include <asm/system.h>
43 #include <asm/div64.h>
44 #include <linux/highmem.h>
45 #include <linux/netfilter_bridge.h>
46 #include <linux/netfilter_ipv4.h>
47 #include <linux/inetdevice.h>
48 #include <linux/list.h>
49 #include <linux/openvswitch.h>
50 #include <linux/rculist.h>
51 #include <linux/dmi.h>
52 #include <net/genetlink.h>
59 #include "vport-internal_dev.h"
61 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,18) || \
62 LINUX_VERSION_CODE > KERNEL_VERSION(3,2,0)
63 #error Kernels before 2.6.18 or after 3.2 are not supported by this version of Open vSwitch.
66 int (*dp_ioctl_hook)(struct net_device *dev, struct ifreq *rq, int cmd);
67 EXPORT_SYMBOL(dp_ioctl_hook);
72 * Writes to device state (add/remove datapath, port, set operations on vports,
73 * etc.) are protected by RTNL.
75 * Writes to other state (flow table modifications, set miscellaneous datapath
76 * parameters, etc.) are protected by genl_mutex. The RTNL lock nests inside
79 * Reads are protected by RCU.
81 * There are a few special cases (mostly stats) that have their own
82 * synchronization but they nest under all of above and don't interact with
86 /* Global list of datapaths to enable dumping them all out.
87 * Protected by genl_mutex.
89 static LIST_HEAD(dps);
91 static struct vport *new_vport(const struct vport_parms *);
92 static int queue_gso_packets(int dp_ifindex, struct sk_buff *,
93 const struct dp_upcall_info *);
94 static int queue_userspace_packet(int dp_ifindex, struct sk_buff *,
95 const struct dp_upcall_info *);
97 /* Must be called with rcu_read_lock, genl_mutex, or RTNL lock. */
98 static struct datapath *get_dp(int dp_ifindex)
100 struct datapath *dp = NULL;
101 struct net_device *dev;
104 dev = dev_get_by_index_rcu(&init_net, dp_ifindex);
106 struct vport *vport = internal_dev_get_vport(dev);
115 /* Must be called with genl_mutex. */
116 static struct flow_table *get_table_protected(struct datapath *dp)
118 return rcu_dereference_protected(dp->table, lockdep_genl_is_held());
121 /* Must be called with rcu_read_lock or RTNL lock. */
122 static struct vport *get_vport_protected(struct datapath *dp, u16 port_no)
124 return rcu_dereference_rtnl(dp->ports[port_no]);
127 /* Must be called with rcu_read_lock or RTNL lock. */
128 const char *dp_name(const struct datapath *dp)
130 struct vport *vport = rcu_dereference_rtnl(dp->ports[OVSP_LOCAL]);
131 return vport->ops->get_name(vport);
134 static int get_dpifindex(struct datapath *dp)
141 local = get_vport_protected(dp, OVSP_LOCAL);
143 ifindex = local->ops->get_ifindex(local);
152 static size_t br_nlmsg_size(void)
154 return NLMSG_ALIGN(sizeof(struct ifinfomsg))
155 + nla_total_size(IFNAMSIZ) /* IFLA_IFNAME */
156 + nla_total_size(MAX_ADDR_LEN) /* IFLA_ADDRESS */
157 + nla_total_size(4) /* IFLA_MASTER */
158 + nla_total_size(4) /* IFLA_MTU */
159 + nla_total_size(1); /* IFLA_OPERSTATE */
162 /* Caller must hold RTNL lock. */
163 static int dp_fill_ifinfo(struct sk_buff *skb,
164 const struct vport *port,
165 int event, unsigned int flags)
167 struct datapath *dp = port->dp;
168 struct ifinfomsg *hdr;
169 struct nlmsghdr *nlh;
171 if (!port->ops->get_ifindex)
174 nlh = nlmsg_put(skb, 0, 0, event, sizeof(*hdr), flags);
178 hdr = nlmsg_data(nlh);
179 hdr->ifi_family = AF_BRIDGE;
181 hdr->ifi_type = ARPHRD_ETHER;
182 hdr->ifi_index = port->ops->get_ifindex(port);
183 hdr->ifi_flags = port->ops->get_dev_flags(port);
186 NLA_PUT_STRING(skb, IFLA_IFNAME, port->ops->get_name(port));
187 NLA_PUT_U32(skb, IFLA_MASTER, get_dpifindex(dp));
188 NLA_PUT_U32(skb, IFLA_MTU, port->ops->get_mtu(port));
189 #ifdef IFLA_OPERSTATE
190 NLA_PUT_U8(skb, IFLA_OPERSTATE,
191 port->ops->is_running(port)
192 ? port->ops->get_operstate(port)
196 NLA_PUT(skb, IFLA_ADDRESS, ETH_ALEN, port->ops->get_addr(port));
198 return nlmsg_end(skb, nlh);
201 nlmsg_cancel(skb, nlh);
205 /* Caller must hold RTNL lock. */
206 static void dp_ifinfo_notify(int event, struct vport *port)
211 skb = nlmsg_new(br_nlmsg_size(), GFP_KERNEL);
217 err = dp_fill_ifinfo(skb, port, event, 0);
219 if (err == -ENODEV) {
222 /* -EMSGSIZE implies BUG in br_nlmsg_size() */
223 WARN_ON(err == -EMSGSIZE);
228 rtnl_notify(skb, &init_net, 0, RTNLGRP_LINK, NULL, GFP_KERNEL);
232 rtnl_set_sk_err(&init_net, RTNLGRP_LINK, err);
237 static void release_dp(struct kobject *kobj)
239 struct datapath *dp = container_of(kobj, struct datapath, ifobj);
243 static struct kobj_type dp_ktype = {
244 .release = release_dp
247 static void destroy_dp_rcu(struct rcu_head *rcu)
249 struct datapath *dp = container_of(rcu, struct datapath, rcu);
251 flow_tbl_destroy((__force struct flow_table *)dp->table);
252 free_percpu(dp->stats_percpu);
253 kobject_put(&dp->ifobj);
256 /* Called with RTNL lock and genl_lock. */
257 static struct vport *new_vport(const struct vport_parms *parms)
261 vport = vport_add(parms);
262 if (!IS_ERR(vport)) {
263 struct datapath *dp = parms->dp;
265 rcu_assign_pointer(dp->ports[parms->port_no], vport);
266 list_add(&vport->node, &dp->port_list);
268 dp_ifinfo_notify(RTM_NEWLINK, vport);
274 /* Called with RTNL lock. */
275 void dp_detach_port(struct vport *p)
279 if (p->port_no != OVSP_LOCAL)
281 dp_ifinfo_notify(RTM_DELLINK, p);
283 /* First drop references to device. */
285 rcu_assign_pointer(p->dp->ports[p->port_no], NULL);
287 /* Then destroy it. */
291 /* Must be called with rcu_read_lock. */
292 void dp_process_received_packet(struct vport *p, struct sk_buff *skb)
294 struct datapath *dp = p->dp;
295 struct sw_flow *flow;
296 struct dp_stats_percpu *stats;
300 stats = per_cpu_ptr(dp->stats_percpu, smp_processor_id());
302 if (!OVS_CB(skb)->flow) {
303 struct sw_flow_key key;
306 /* Extract flow from 'skb' into 'key'. */
307 error = flow_extract(skb, p->port_no, &key, &key_len);
308 if (unlikely(error)) {
314 flow = flow_tbl_lookup(rcu_dereference(dp->table),
316 if (unlikely(!flow)) {
317 struct dp_upcall_info upcall;
319 upcall.cmd = OVS_PACKET_CMD_MISS;
321 upcall.userdata = NULL;
322 upcall.pid = p->upcall_pid;
323 dp_upcall(dp, skb, &upcall);
325 stats_counter = &stats->n_missed;
329 OVS_CB(skb)->flow = flow;
332 stats_counter = &stats->n_hit;
333 flow_used(OVS_CB(skb)->flow, skb);
334 execute_actions(dp, skb);
337 /* Update datapath statistics. */
339 write_seqcount_begin(&stats->seqlock);
341 write_seqcount_end(&stats->seqlock);
344 static struct genl_family dp_packet_genl_family = {
345 .id = GENL_ID_GENERATE,
346 .hdrsize = sizeof(struct ovs_header),
347 .name = OVS_PACKET_FAMILY,
348 .version = OVS_PACKET_VERSION,
349 .maxattr = OVS_PACKET_ATTR_MAX
352 int dp_upcall(struct datapath *dp, struct sk_buff *skb,
353 const struct dp_upcall_info *upcall_info)
355 struct dp_stats_percpu *stats;
359 if (upcall_info->pid == 0) {
364 dp_ifindex = get_dpifindex(dp);
370 forward_ip_summed(skb, true);
372 if (!skb_is_gso(skb))
373 err = queue_userspace_packet(dp_ifindex, skb, upcall_info);
375 err = queue_gso_packets(dp_ifindex, skb, upcall_info);
382 stats = per_cpu_ptr(dp->stats_percpu, smp_processor_id());
384 write_seqcount_begin(&stats->seqlock);
386 write_seqcount_end(&stats->seqlock);
391 static int queue_gso_packets(int dp_ifindex, struct sk_buff *skb,
392 const struct dp_upcall_info *upcall_info)
394 struct dp_upcall_info later_info;
395 struct sw_flow_key later_key;
396 struct sk_buff *segs, *nskb;
399 segs = skb_gso_segment(skb, NETIF_F_SG | NETIF_F_HW_CSUM);
403 /* Queue all of the segments. */
406 err = queue_userspace_packet(dp_ifindex, skb, upcall_info);
410 if (skb == segs && skb_shinfo(skb)->gso_type & SKB_GSO_UDP) {
411 /* The initial flow key extracted by flow_extract() in
412 * this case is for a first fragment, so we need to
413 * properly mark later fragments.
415 later_key = *upcall_info->key;
416 later_key.ip.frag = OVS_FRAG_TYPE_LATER;
418 later_info = *upcall_info;
419 later_info.key = &later_key;
420 upcall_info = &later_info;
422 } while ((skb = skb->next));
424 /* Free all of the segments. */
432 } while ((skb = nskb));
436 static int queue_userspace_packet(int dp_ifindex, struct sk_buff *skb,
437 const struct dp_upcall_info *upcall_info)
439 struct ovs_header *upcall;
440 struct sk_buff *nskb = NULL;
441 struct sk_buff *user_skb; /* to be queued to userspace */
446 if (vlan_tx_tag_present(skb)) {
447 nskb = skb_clone(skb, GFP_ATOMIC);
451 err = vlan_deaccel_tag(nskb);
458 if (nla_attr_size(skb->len) > USHRT_MAX) {
463 len = sizeof(struct ovs_header);
464 len += nla_total_size(skb->len);
465 len += nla_total_size(FLOW_BUFSIZE);
466 if (upcall_info->cmd == OVS_PACKET_CMD_ACTION)
467 len += nla_total_size(8);
469 user_skb = genlmsg_new(len, GFP_ATOMIC);
475 upcall = genlmsg_put(user_skb, 0, 0, &dp_packet_genl_family,
476 0, upcall_info->cmd);
477 upcall->dp_ifindex = dp_ifindex;
479 nla = nla_nest_start(user_skb, OVS_PACKET_ATTR_KEY);
480 flow_to_nlattrs(upcall_info->key, user_skb);
481 nla_nest_end(user_skb, nla);
483 if (upcall_info->userdata)
484 nla_put_u64(user_skb, OVS_PACKET_ATTR_USERDATA,
485 nla_get_u64(upcall_info->userdata));
487 nla = __nla_reserve(user_skb, OVS_PACKET_ATTR_PACKET, skb->len);
489 skb_copy_and_csum_dev(skb, nla_data(nla));
491 err = genlmsg_unicast(&init_net, user_skb, upcall_info->pid);
498 /* Called with genl_mutex. */
499 static int flush_flows(int dp_ifindex)
501 struct flow_table *old_table;
502 struct flow_table *new_table;
505 dp = get_dp(dp_ifindex);
509 old_table = get_table_protected(dp);
510 new_table = flow_tbl_alloc(TBL_MIN_BUCKETS);
514 rcu_assign_pointer(dp->table, new_table);
516 flow_tbl_deferred_destroy(old_table);
520 static int validate_actions(const struct nlattr *attr,
521 const struct sw_flow_key *key, int depth);
523 static int validate_sample(const struct nlattr *attr,
524 const struct sw_flow_key *key, int depth)
526 const struct nlattr *attrs[OVS_SAMPLE_ATTR_MAX + 1];
527 const struct nlattr *probability, *actions;
528 const struct nlattr *a;
531 memset(attrs, 0, sizeof(attrs));
532 nla_for_each_nested(a, attr, rem) {
533 int type = nla_type(a);
534 if (!type || type > OVS_SAMPLE_ATTR_MAX || attrs[type])
541 probability = attrs[OVS_SAMPLE_ATTR_PROBABILITY];
542 if (!probability || nla_len(probability) != sizeof(u32))
545 actions = attrs[OVS_SAMPLE_ATTR_ACTIONS];
546 if (!actions || (nla_len(actions) && nla_len(actions) < NLA_HDRLEN))
548 return validate_actions(actions, key, depth + 1);
551 static int validate_set(const struct nlattr *a,
552 const struct sw_flow_key *flow_key)
554 const struct nlattr *ovs_key = nla_data(a);
555 int key_type = nla_type(ovs_key);
557 /* There can be only one key in a action */
558 if (nla_total_size(nla_len(ovs_key)) != nla_len(a))
561 if (key_type > OVS_KEY_ATTR_MAX ||
562 nla_len(ovs_key) != ovs_key_lens[key_type])
566 const struct ovs_key_ipv4 *ipv4_key;
568 case OVS_KEY_ATTR_PRIORITY:
569 case OVS_KEY_ATTR_TUN_ID:
570 case OVS_KEY_ATTR_ETHERNET:
573 case OVS_KEY_ATTR_IPV4:
574 if (flow_key->eth.type != htons(ETH_P_IP))
577 if (!flow_key->ipv4.addr.src || !flow_key->ipv4.addr.dst)
580 ipv4_key = nla_data(ovs_key);
581 if (ipv4_key->ipv4_proto != flow_key->ip.proto)
584 if (ipv4_key->ipv4_frag != flow_key->ip.frag)
589 case OVS_KEY_ATTR_TCP:
590 if (flow_key->ip.proto != IPPROTO_TCP)
593 if (!flow_key->ipv4.tp.src || !flow_key->ipv4.tp.dst)
598 case OVS_KEY_ATTR_UDP:
599 if (flow_key->ip.proto != IPPROTO_UDP)
602 if (!flow_key->ipv4.tp.src || !flow_key->ipv4.tp.dst)
613 static int validate_userspace(const struct nlattr *attr)
615 static const struct nla_policy userspace_policy[OVS_USERSPACE_ATTR_MAX + 1] = {
616 [OVS_USERSPACE_ATTR_PID] = {.type = NLA_U32 },
617 [OVS_USERSPACE_ATTR_USERDATA] = {.type = NLA_U64 },
619 struct nlattr *a[OVS_USERSPACE_ATTR_MAX + 1];
622 error = nla_parse_nested(a, OVS_USERSPACE_ATTR_MAX,
623 attr, userspace_policy);
627 if (!a[OVS_USERSPACE_ATTR_PID] ||
628 !nla_get_u32(a[OVS_USERSPACE_ATTR_PID]))
634 static int validate_actions(const struct nlattr *attr,
635 const struct sw_flow_key *key, int depth)
637 const struct nlattr *a;
640 if (depth >= SAMPLE_ACTION_DEPTH)
643 nla_for_each_nested(a, attr, rem) {
644 /* Expected argument lengths, (u32)-1 for variable length. */
645 static const u32 action_lens[OVS_ACTION_ATTR_MAX + 1] = {
646 [OVS_ACTION_ATTR_OUTPUT] = sizeof(u32),
647 [OVS_ACTION_ATTR_USERSPACE] = (u32)-1,
648 [OVS_ACTION_ATTR_PUSH_VLAN] = sizeof(struct ovs_action_push_vlan),
649 [OVS_ACTION_ATTR_POP_VLAN] = 0,
650 [OVS_ACTION_ATTR_SET] = (u32)-1,
651 [OVS_ACTION_ATTR_SAMPLE] = (u32)-1
653 const struct ovs_action_push_vlan *vlan;
654 int type = nla_type(a);
656 if (type > OVS_ACTION_ATTR_MAX ||
657 (action_lens[type] != nla_len(a) &&
658 action_lens[type] != (u32)-1))
662 case OVS_ACTION_ATTR_UNSPEC:
665 case OVS_ACTION_ATTR_USERSPACE:
666 err = validate_userspace(a);
671 case OVS_ACTION_ATTR_OUTPUT:
672 if (nla_get_u32(a) >= DP_MAX_PORTS)
677 case OVS_ACTION_ATTR_POP_VLAN:
680 case OVS_ACTION_ATTR_PUSH_VLAN:
682 if (vlan->vlan_tpid != htons(ETH_P_8021Q))
684 if (!(vlan->vlan_tci & htons(VLAN_TAG_PRESENT)))
688 case OVS_ACTION_ATTR_SET:
689 err = validate_set(a, key);
694 case OVS_ACTION_ATTR_SAMPLE:
695 err = validate_sample(a, key, depth);
711 static void clear_stats(struct sw_flow *flow)
715 flow->packet_count = 0;
716 flow->byte_count = 0;
719 static int ovs_packet_cmd_execute(struct sk_buff *skb, struct genl_info *info)
721 struct ovs_header *ovs_header = info->userhdr;
722 struct nlattr **a = info->attrs;
723 struct sw_flow_actions *acts;
724 struct sk_buff *packet;
725 struct sw_flow *flow;
733 if (!a[OVS_PACKET_ATTR_PACKET] || !a[OVS_PACKET_ATTR_KEY] ||
734 !a[OVS_PACKET_ATTR_ACTIONS] ||
735 nla_len(a[OVS_PACKET_ATTR_PACKET]) < ETH_HLEN)
738 len = nla_len(a[OVS_PACKET_ATTR_PACKET]);
739 packet = __dev_alloc_skb(NET_IP_ALIGN + len, GFP_KERNEL);
743 skb_reserve(packet, NET_IP_ALIGN);
745 memcpy(__skb_put(packet, len), nla_data(a[OVS_PACKET_ATTR_PACKET]), len);
747 skb_reset_mac_header(packet);
748 eth = eth_hdr(packet);
750 /* Normally, setting the skb 'protocol' field would be handled by a
751 * call to eth_type_trans(), but it assumes there's a sending
752 * device, which we may not have. */
753 if (ntohs(eth->h_proto) >= 1536)
754 packet->protocol = eth->h_proto;
756 packet->protocol = htons(ETH_P_802_2);
758 /* Build an sw_flow for sending this packet. */
764 err = flow_extract(packet, -1, &flow->key, &key_len);
768 err = flow_metadata_from_nlattrs(&flow->key.phy.priority,
769 &flow->key.phy.in_port,
770 &flow->key.phy.tun_id,
771 a[OVS_PACKET_ATTR_KEY]);
775 err = validate_actions(a[OVS_PACKET_ATTR_ACTIONS], &flow->key, 0);
779 flow->hash = flow_hash(&flow->key, key_len);
781 acts = flow_actions_alloc(a[OVS_PACKET_ATTR_ACTIONS]);
785 rcu_assign_pointer(flow->sf_acts, acts);
787 OVS_CB(packet)->flow = flow;
788 packet->priority = flow->key.phy.priority;
791 dp = get_dp(ovs_header->dp_ifindex);
797 err = execute_actions(dp, packet);
814 static const struct nla_policy packet_policy[OVS_PACKET_ATTR_MAX + 1] = {
815 [OVS_PACKET_ATTR_PACKET] = { .type = NLA_UNSPEC },
816 [OVS_PACKET_ATTR_KEY] = { .type = NLA_NESTED },
817 [OVS_PACKET_ATTR_ACTIONS] = { .type = NLA_NESTED },
820 static struct genl_ops dp_packet_genl_ops[] = {
821 { .cmd = OVS_PACKET_CMD_EXECUTE,
822 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
823 .policy = packet_policy,
824 .doit = ovs_packet_cmd_execute
828 static void get_dp_stats(struct datapath *dp, struct ovs_dp_stats *stats)
831 struct flow_table *table = get_table_protected(dp);
833 stats->n_flows = flow_tbl_count(table);
835 stats->n_hit = stats->n_missed = stats->n_lost = 0;
836 for_each_possible_cpu(i) {
837 const struct dp_stats_percpu *percpu_stats;
838 struct dp_stats_percpu local_stats;
841 percpu_stats = per_cpu_ptr(dp->stats_percpu, i);
844 seqcount = read_seqcount_begin(&percpu_stats->seqlock);
845 local_stats = *percpu_stats;
846 } while (read_seqcount_retry(&percpu_stats->seqlock, seqcount));
848 stats->n_hit += local_stats.n_hit;
849 stats->n_missed += local_stats.n_missed;
850 stats->n_lost += local_stats.n_lost;
854 static const struct nla_policy flow_policy[OVS_FLOW_ATTR_MAX + 1] = {
855 [OVS_FLOW_ATTR_KEY] = { .type = NLA_NESTED },
856 [OVS_FLOW_ATTR_ACTIONS] = { .type = NLA_NESTED },
857 [OVS_FLOW_ATTR_CLEAR] = { .type = NLA_FLAG },
860 static struct genl_family dp_flow_genl_family = {
861 .id = GENL_ID_GENERATE,
862 .hdrsize = sizeof(struct ovs_header),
863 .name = OVS_FLOW_FAMILY,
864 .version = OVS_FLOW_VERSION,
865 .maxattr = OVS_FLOW_ATTR_MAX
868 static struct genl_multicast_group dp_flow_multicast_group = {
869 .name = OVS_FLOW_MCGROUP
872 /* Called with genl_lock. */
873 static int ovs_flow_cmd_fill_info(struct sw_flow *flow, struct datapath *dp,
874 struct sk_buff *skb, u32 pid,
875 u32 seq, u32 flags, u8 cmd)
877 const int skb_orig_len = skb->len;
878 const struct sw_flow_actions *sf_acts;
879 struct ovs_flow_stats stats;
880 struct ovs_header *ovs_header;
886 sf_acts = rcu_dereference_protected(flow->sf_acts,
887 lockdep_genl_is_held());
889 ovs_header = genlmsg_put(skb, pid, seq, &dp_flow_genl_family, flags, cmd);
893 ovs_header->dp_ifindex = get_dpifindex(dp);
895 nla = nla_nest_start(skb, OVS_FLOW_ATTR_KEY);
897 goto nla_put_failure;
898 err = flow_to_nlattrs(&flow->key, skb);
901 nla_nest_end(skb, nla);
903 spin_lock_bh(&flow->lock);
905 stats.n_packets = flow->packet_count;
906 stats.n_bytes = flow->byte_count;
907 tcp_flags = flow->tcp_flags;
908 spin_unlock_bh(&flow->lock);
911 NLA_PUT_U64(skb, OVS_FLOW_ATTR_USED, flow_used_time(used));
914 NLA_PUT(skb, OVS_FLOW_ATTR_STATS,
915 sizeof(struct ovs_flow_stats), &stats);
918 NLA_PUT_U8(skb, OVS_FLOW_ATTR_TCP_FLAGS, tcp_flags);
920 /* If OVS_FLOW_ATTR_ACTIONS doesn't fit, skip dumping the actions if
921 * this is the first flow to be dumped into 'skb'. This is unusual for
922 * Netlink but individual action lists can be longer than
923 * NLMSG_GOODSIZE and thus entirely undumpable if we didn't do this.
924 * The userspace caller can always fetch the actions separately if it
925 * really wants them. (Most userspace callers in fact don't care.)
927 * This can only fail for dump operations because the skb is always
928 * properly sized for single flows.
930 err = nla_put(skb, OVS_FLOW_ATTR_ACTIONS, sf_acts->actions_len,
932 if (err < 0 && skb_orig_len)
935 return genlmsg_end(skb, ovs_header);
940 genlmsg_cancel(skb, ovs_header);
944 static struct sk_buff *ovs_flow_cmd_alloc_info(struct sw_flow *flow)
946 const struct sw_flow_actions *sf_acts;
949 sf_acts = rcu_dereference_protected(flow->sf_acts,
950 lockdep_genl_is_held());
952 /* OVS_FLOW_ATTR_KEY */
953 len = nla_total_size(FLOW_BUFSIZE);
954 /* OVS_FLOW_ATTR_ACTIONS */
955 len += nla_total_size(sf_acts->actions_len);
956 /* OVS_FLOW_ATTR_STATS */
957 len += nla_total_size(sizeof(struct ovs_flow_stats));
958 /* OVS_FLOW_ATTR_TCP_FLAGS */
959 len += nla_total_size(1);
960 /* OVS_FLOW_ATTR_USED */
961 len += nla_total_size(8);
963 len += NLMSG_ALIGN(sizeof(struct ovs_header));
965 return genlmsg_new(len, GFP_KERNEL);
968 static struct sk_buff *ovs_flow_cmd_build_info(struct sw_flow *flow,
970 u32 pid, u32 seq, u8 cmd)
975 skb = ovs_flow_cmd_alloc_info(flow);
977 return ERR_PTR(-ENOMEM);
979 retval = ovs_flow_cmd_fill_info(flow, dp, skb, pid, seq, 0, cmd);
984 static int ovs_flow_cmd_new_or_set(struct sk_buff *skb, struct genl_info *info)
986 struct nlattr **a = info->attrs;
987 struct ovs_header *ovs_header = info->userhdr;
988 struct sw_flow_key key;
989 struct sw_flow *flow;
990 struct sk_buff *reply;
992 struct flow_table *table;
998 if (!a[OVS_FLOW_ATTR_KEY])
1000 error = flow_from_nlattrs(&key, &key_len, a[OVS_FLOW_ATTR_KEY]);
1004 /* Validate actions. */
1005 if (a[OVS_FLOW_ATTR_ACTIONS]) {
1006 error = validate_actions(a[OVS_FLOW_ATTR_ACTIONS], &key, 0);
1009 } else if (info->genlhdr->cmd == OVS_FLOW_CMD_NEW) {
1014 dp = get_dp(ovs_header->dp_ifindex);
1019 table = get_table_protected(dp);
1020 flow = flow_tbl_lookup(table, &key, key_len);
1022 struct sw_flow_actions *acts;
1024 /* Bail out if we're not allowed to create a new flow. */
1026 if (info->genlhdr->cmd == OVS_FLOW_CMD_SET)
1029 /* Expand table, if necessary, to make room. */
1030 if (flow_tbl_need_to_expand(table)) {
1031 struct flow_table *new_table;
1033 new_table = flow_tbl_expand(table);
1034 if (!IS_ERR(new_table)) {
1035 rcu_assign_pointer(dp->table, new_table);
1036 flow_tbl_deferred_destroy(table);
1037 table = get_table_protected(dp);
1041 /* Allocate flow. */
1042 flow = flow_alloc();
1044 error = PTR_ERR(flow);
1050 /* Obtain actions. */
1051 acts = flow_actions_alloc(a[OVS_FLOW_ATTR_ACTIONS]);
1052 error = PTR_ERR(acts);
1054 goto error_free_flow;
1055 rcu_assign_pointer(flow->sf_acts, acts);
1057 /* Put flow in bucket. */
1058 flow->hash = flow_hash(&key, key_len);
1059 flow_tbl_insert(table, flow);
1061 reply = ovs_flow_cmd_build_info(flow, dp, info->snd_pid,
1065 /* We found a matching flow. */
1066 struct sw_flow_actions *old_acts;
1067 struct nlattr *acts_attrs;
1069 /* Bail out if we're not allowed to modify an existing flow.
1070 * We accept NLM_F_CREATE in place of the intended NLM_F_EXCL
1071 * because Generic Netlink treats the latter as a dump
1072 * request. We also accept NLM_F_EXCL in case that bug ever
1076 if (info->genlhdr->cmd == OVS_FLOW_CMD_NEW &&
1077 info->nlhdr->nlmsg_flags & (NLM_F_CREATE | NLM_F_EXCL))
1080 /* Update actions. */
1081 old_acts = rcu_dereference_protected(flow->sf_acts,
1082 lockdep_genl_is_held());
1083 acts_attrs = a[OVS_FLOW_ATTR_ACTIONS];
1085 (old_acts->actions_len != nla_len(acts_attrs) ||
1086 memcmp(old_acts->actions, nla_data(acts_attrs),
1087 old_acts->actions_len))) {
1088 struct sw_flow_actions *new_acts;
1090 new_acts = flow_actions_alloc(acts_attrs);
1091 error = PTR_ERR(new_acts);
1092 if (IS_ERR(new_acts))
1095 rcu_assign_pointer(flow->sf_acts, new_acts);
1096 flow_deferred_free_acts(old_acts);
1099 reply = ovs_flow_cmd_build_info(flow, dp, info->snd_pid,
1100 info->snd_seq, OVS_FLOW_CMD_NEW);
1103 if (a[OVS_FLOW_ATTR_CLEAR]) {
1104 spin_lock_bh(&flow->lock);
1106 spin_unlock_bh(&flow->lock);
1111 genl_notify(reply, genl_info_net(info), info->snd_pid,
1112 dp_flow_multicast_group.id, info->nlhdr, GFP_KERNEL);
1114 netlink_set_err(INIT_NET_GENL_SOCK, 0,
1115 dp_flow_multicast_group.id, PTR_ERR(reply));
1124 static int ovs_flow_cmd_get(struct sk_buff *skb, struct genl_info *info)
1126 struct nlattr **a = info->attrs;
1127 struct ovs_header *ovs_header = info->userhdr;
1128 struct sw_flow_key key;
1129 struct sk_buff *reply;
1130 struct sw_flow *flow;
1131 struct datapath *dp;
1132 struct flow_table *table;
1136 if (!a[OVS_FLOW_ATTR_KEY])
1138 err = flow_from_nlattrs(&key, &key_len, a[OVS_FLOW_ATTR_KEY]);
1142 dp = get_dp(ovs_header->dp_ifindex);
1146 table = get_table_protected(dp);
1147 flow = flow_tbl_lookup(table, &key, key_len);
1151 reply = ovs_flow_cmd_build_info(flow, dp, info->snd_pid,
1152 info->snd_seq, OVS_FLOW_CMD_NEW);
1154 return PTR_ERR(reply);
1156 return genlmsg_reply(reply, info);
1159 static int ovs_flow_cmd_del(struct sk_buff *skb, struct genl_info *info)
1161 struct nlattr **a = info->attrs;
1162 struct ovs_header *ovs_header = info->userhdr;
1163 struct sw_flow_key key;
1164 struct sk_buff *reply;
1165 struct sw_flow *flow;
1166 struct datapath *dp;
1167 struct flow_table *table;
1171 if (!a[OVS_FLOW_ATTR_KEY])
1172 return flush_flows(ovs_header->dp_ifindex);
1173 err = flow_from_nlattrs(&key, &key_len, a[OVS_FLOW_ATTR_KEY]);
1177 dp = get_dp(ovs_header->dp_ifindex);
1181 table = get_table_protected(dp);
1182 flow = flow_tbl_lookup(table, &key, key_len);
1186 reply = ovs_flow_cmd_alloc_info(flow);
1190 flow_tbl_remove(table, flow);
1192 err = ovs_flow_cmd_fill_info(flow, dp, reply, info->snd_pid,
1193 info->snd_seq, 0, OVS_FLOW_CMD_DEL);
1196 flow_deferred_free(flow);
1198 genl_notify(reply, genl_info_net(info), info->snd_pid,
1199 dp_flow_multicast_group.id, info->nlhdr, GFP_KERNEL);
1203 static int ovs_flow_cmd_dump(struct sk_buff *skb, struct netlink_callback *cb)
1205 struct ovs_header *ovs_header = genlmsg_data(nlmsg_data(cb->nlh));
1206 struct datapath *dp;
1208 dp = get_dp(ovs_header->dp_ifindex);
1213 struct sw_flow *flow;
1216 bucket = cb->args[0];
1218 flow = flow_tbl_next(get_table_protected(dp), &bucket, &obj);
1222 if (ovs_flow_cmd_fill_info(flow, dp, skb,
1223 NETLINK_CB(cb->skb).pid,
1224 cb->nlh->nlmsg_seq, NLM_F_MULTI,
1225 OVS_FLOW_CMD_NEW) < 0)
1228 cb->args[0] = bucket;
1234 static struct genl_ops dp_flow_genl_ops[] = {
1235 { .cmd = OVS_FLOW_CMD_NEW,
1236 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1237 .policy = flow_policy,
1238 .doit = ovs_flow_cmd_new_or_set
1240 { .cmd = OVS_FLOW_CMD_DEL,
1241 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1242 .policy = flow_policy,
1243 .doit = ovs_flow_cmd_del
1245 { .cmd = OVS_FLOW_CMD_GET,
1246 .flags = 0, /* OK for unprivileged users. */
1247 .policy = flow_policy,
1248 .doit = ovs_flow_cmd_get,
1249 .dumpit = ovs_flow_cmd_dump
1251 { .cmd = OVS_FLOW_CMD_SET,
1252 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1253 .policy = flow_policy,
1254 .doit = ovs_flow_cmd_new_or_set,
1258 static const struct nla_policy datapath_policy[OVS_DP_ATTR_MAX + 1] = {
1259 #ifdef HAVE_NLA_NUL_STRING
1260 [OVS_DP_ATTR_NAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ - 1 },
1262 [OVS_DP_ATTR_UPCALL_PID] = { .type = NLA_U32 },
1265 static struct genl_family dp_datapath_genl_family = {
1266 .id = GENL_ID_GENERATE,
1267 .hdrsize = sizeof(struct ovs_header),
1268 .name = OVS_DATAPATH_FAMILY,
1269 .version = OVS_DATAPATH_VERSION,
1270 .maxattr = OVS_DP_ATTR_MAX
1273 static struct genl_multicast_group dp_datapath_multicast_group = {
1274 .name = OVS_DATAPATH_MCGROUP
1277 static int ovs_dp_cmd_fill_info(struct datapath *dp, struct sk_buff *skb,
1278 u32 pid, u32 seq, u32 flags, u8 cmd)
1280 struct ovs_header *ovs_header;
1281 struct ovs_dp_stats dp_stats;
1284 ovs_header = genlmsg_put(skb, pid, seq, &dp_datapath_genl_family,
1289 ovs_header->dp_ifindex = get_dpifindex(dp);
1292 err = nla_put_string(skb, OVS_DP_ATTR_NAME, dp_name(dp));
1295 goto nla_put_failure;
1297 get_dp_stats(dp, &dp_stats);
1298 NLA_PUT(skb, OVS_DP_ATTR_STATS, sizeof(struct ovs_dp_stats), &dp_stats);
1300 return genlmsg_end(skb, ovs_header);
1303 genlmsg_cancel(skb, ovs_header);
1308 static struct sk_buff *ovs_dp_cmd_build_info(struct datapath *dp, u32 pid,
1311 struct sk_buff *skb;
1314 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
1316 return ERR_PTR(-ENOMEM);
1318 retval = ovs_dp_cmd_fill_info(dp, skb, pid, seq, 0, cmd);
1321 return ERR_PTR(retval);
1326 static int ovs_dp_cmd_validate(struct nlattr *a[OVS_DP_ATTR_MAX + 1])
1328 return CHECK_NUL_STRING(a[OVS_DP_ATTR_NAME], IFNAMSIZ - 1);
1331 /* Called with genl_mutex and optionally with RTNL lock also. */
1332 static struct datapath *lookup_datapath(struct ovs_header *ovs_header,
1333 struct nlattr *a[OVS_DP_ATTR_MAX + 1])
1335 struct datapath *dp;
1337 if (!a[OVS_DP_ATTR_NAME])
1338 dp = get_dp(ovs_header->dp_ifindex);
1340 struct vport *vport;
1343 vport = vport_locate(nla_data(a[OVS_DP_ATTR_NAME]));
1344 dp = vport && vport->port_no == OVSP_LOCAL ? vport->dp : NULL;
1347 return dp ? dp : ERR_PTR(-ENODEV);
1350 static int ovs_dp_cmd_new(struct sk_buff *skb, struct genl_info *info)
1352 struct nlattr **a = info->attrs;
1353 struct vport_parms parms;
1354 struct sk_buff *reply;
1355 struct datapath *dp;
1356 struct vport *vport;
1360 if (!a[OVS_DP_ATTR_NAME] || !a[OVS_DP_ATTR_UPCALL_PID])
1363 err = ovs_dp_cmd_validate(a);
1369 if (!try_module_get(THIS_MODULE))
1370 goto err_unlock_rtnl;
1373 dp = kzalloc(sizeof(*dp), GFP_KERNEL);
1375 goto err_put_module;
1376 INIT_LIST_HEAD(&dp->port_list);
1378 /* Initialize kobject for bridge. This will be added as
1379 * /sys/class/net/<devname>/brif later, if sysfs is enabled. */
1380 dp->ifobj.kset = NULL;
1381 kobject_init(&dp->ifobj, &dp_ktype);
1383 /* Allocate table. */
1385 rcu_assign_pointer(dp->table, flow_tbl_alloc(TBL_MIN_BUCKETS));
1389 dp->stats_percpu = alloc_percpu(struct dp_stats_percpu);
1390 if (!dp->stats_percpu) {
1392 goto err_destroy_table;
1395 /* Set up our datapath device. */
1396 parms.name = nla_data(a[OVS_DP_ATTR_NAME]);
1397 parms.type = OVS_VPORT_TYPE_INTERNAL;
1398 parms.options = NULL;
1400 parms.port_no = OVSP_LOCAL;
1401 parms.upcall_pid = nla_get_u32(a[OVS_DP_ATTR_UPCALL_PID]);
1403 vport = new_vport(&parms);
1404 if (IS_ERR(vport)) {
1405 err = PTR_ERR(vport);
1409 goto err_destroy_percpu;
1412 reply = ovs_dp_cmd_build_info(dp, info->snd_pid,
1413 info->snd_seq, OVS_DP_CMD_NEW);
1414 err = PTR_ERR(reply);
1416 goto err_destroy_local_port;
1418 list_add_tail(&dp->list_node, &dps);
1419 dp_sysfs_add_dp(dp);
1423 genl_notify(reply, genl_info_net(info), info->snd_pid,
1424 dp_datapath_multicast_group.id, info->nlhdr, GFP_KERNEL);
1427 err_destroy_local_port:
1428 dp_detach_port(get_vport_protected(dp, OVSP_LOCAL));
1430 free_percpu(dp->stats_percpu);
1432 flow_tbl_destroy(get_table_protected(dp));
1436 module_put(THIS_MODULE);
1443 static int ovs_dp_cmd_del(struct sk_buff *skb, struct genl_info *info)
1445 struct vport *vport, *next_vport;
1446 struct sk_buff *reply;
1447 struct datapath *dp;
1450 err = ovs_dp_cmd_validate(info->attrs);
1455 dp = lookup_datapath(info->userhdr, info->attrs);
1460 reply = ovs_dp_cmd_build_info(dp, info->snd_pid,
1461 info->snd_seq, OVS_DP_CMD_DEL);
1462 err = PTR_ERR(reply);
1466 list_for_each_entry_safe(vport, next_vport, &dp->port_list, node)
1467 if (vport->port_no != OVSP_LOCAL)
1468 dp_detach_port(vport);
1470 dp_sysfs_del_dp(dp);
1471 list_del(&dp->list_node);
1472 dp_detach_port(get_vport_protected(dp, OVSP_LOCAL));
1474 /* rtnl_unlock() will wait until all the references to devices that
1475 * are pending unregistration have been dropped. We do it here to
1476 * ensure that any internal devices (which contain DP pointers) are
1477 * fully destroyed before freeing the datapath.
1481 call_rcu(&dp->rcu, destroy_dp_rcu);
1482 module_put(THIS_MODULE);
1484 genl_notify(reply, genl_info_net(info), info->snd_pid,
1485 dp_datapath_multicast_group.id, info->nlhdr, GFP_KERNEL);
1495 static int ovs_dp_cmd_set(struct sk_buff *skb, struct genl_info *info)
1497 struct sk_buff *reply;
1498 struct datapath *dp;
1501 err = ovs_dp_cmd_validate(info->attrs);
1505 dp = lookup_datapath(info->userhdr, info->attrs);
1509 reply = ovs_dp_cmd_build_info(dp, info->snd_pid,
1510 info->snd_seq, OVS_DP_CMD_NEW);
1511 if (IS_ERR(reply)) {
1512 err = PTR_ERR(reply);
1513 netlink_set_err(INIT_NET_GENL_SOCK, 0,
1514 dp_datapath_multicast_group.id, err);
1518 genl_notify(reply, genl_info_net(info), info->snd_pid,
1519 dp_datapath_multicast_group.id, info->nlhdr, GFP_KERNEL);
1523 static int ovs_dp_cmd_get(struct sk_buff *skb, struct genl_info *info)
1525 struct sk_buff *reply;
1526 struct datapath *dp;
1529 err = ovs_dp_cmd_validate(info->attrs);
1533 dp = lookup_datapath(info->userhdr, info->attrs);
1537 reply = ovs_dp_cmd_build_info(dp, info->snd_pid,
1538 info->snd_seq, OVS_DP_CMD_NEW);
1540 return PTR_ERR(reply);
1542 return genlmsg_reply(reply, info);
1545 static int ovs_dp_cmd_dump(struct sk_buff *skb, struct netlink_callback *cb)
1547 struct datapath *dp;
1548 int skip = cb->args[0];
1551 list_for_each_entry(dp, &dps, list_node) {
1554 if (ovs_dp_cmd_fill_info(dp, skb, NETLINK_CB(cb->skb).pid,
1555 cb->nlh->nlmsg_seq, NLM_F_MULTI,
1556 OVS_DP_CMD_NEW) < 0)
1566 static struct genl_ops dp_datapath_genl_ops[] = {
1567 { .cmd = OVS_DP_CMD_NEW,
1568 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1569 .policy = datapath_policy,
1570 .doit = ovs_dp_cmd_new
1572 { .cmd = OVS_DP_CMD_DEL,
1573 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1574 .policy = datapath_policy,
1575 .doit = ovs_dp_cmd_del
1577 { .cmd = OVS_DP_CMD_GET,
1578 .flags = 0, /* OK for unprivileged users. */
1579 .policy = datapath_policy,
1580 .doit = ovs_dp_cmd_get,
1581 .dumpit = ovs_dp_cmd_dump
1583 { .cmd = OVS_DP_CMD_SET,
1584 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1585 .policy = datapath_policy,
1586 .doit = ovs_dp_cmd_set,
1590 static const struct nla_policy vport_policy[OVS_VPORT_ATTR_MAX + 1] = {
1591 #ifdef HAVE_NLA_NUL_STRING
1592 [OVS_VPORT_ATTR_NAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ - 1 },
1593 [OVS_VPORT_ATTR_STATS] = { .len = sizeof(struct ovs_vport_stats) },
1594 [OVS_VPORT_ATTR_ADDRESS] = { .len = ETH_ALEN },
1596 [OVS_VPORT_ATTR_STATS] = { .minlen = sizeof(struct ovs_vport_stats) },
1597 [OVS_VPORT_ATTR_ADDRESS] = { .minlen = ETH_ALEN },
1599 [OVS_VPORT_ATTR_PORT_NO] = { .type = NLA_U32 },
1600 [OVS_VPORT_ATTR_TYPE] = { .type = NLA_U32 },
1601 [OVS_VPORT_ATTR_UPCALL_PID] = { .type = NLA_U32 },
1602 [OVS_VPORT_ATTR_OPTIONS] = { .type = NLA_NESTED },
1605 static struct genl_family dp_vport_genl_family = {
1606 .id = GENL_ID_GENERATE,
1607 .hdrsize = sizeof(struct ovs_header),
1608 .name = OVS_VPORT_FAMILY,
1609 .version = OVS_VPORT_VERSION,
1610 .maxattr = OVS_VPORT_ATTR_MAX
1613 struct genl_multicast_group dp_vport_multicast_group = {
1614 .name = OVS_VPORT_MCGROUP
1617 /* Called with RTNL lock or RCU read lock. */
1618 static int ovs_vport_cmd_fill_info(struct vport *vport, struct sk_buff *skb,
1619 u32 pid, u32 seq, u32 flags, u8 cmd)
1621 struct ovs_header *ovs_header;
1622 struct ovs_vport_stats vport_stats;
1625 ovs_header = genlmsg_put(skb, pid, seq, &dp_vport_genl_family,
1630 ovs_header->dp_ifindex = get_dpifindex(vport->dp);
1632 NLA_PUT_U32(skb, OVS_VPORT_ATTR_PORT_NO, vport->port_no);
1633 NLA_PUT_U32(skb, OVS_VPORT_ATTR_TYPE, vport->ops->type);
1634 NLA_PUT_STRING(skb, OVS_VPORT_ATTR_NAME, vport->ops->get_name(vport));
1635 NLA_PUT_U32(skb, OVS_VPORT_ATTR_UPCALL_PID, vport->upcall_pid);
1637 vport_get_stats(vport, &vport_stats);
1638 NLA_PUT(skb, OVS_VPORT_ATTR_STATS, sizeof(struct ovs_vport_stats),
1641 NLA_PUT(skb, OVS_VPORT_ATTR_ADDRESS, ETH_ALEN,
1642 vport->ops->get_addr(vport));
1644 err = vport_get_options(vport, skb);
1645 if (err == -EMSGSIZE)
1648 return genlmsg_end(skb, ovs_header);
1653 genlmsg_cancel(skb, ovs_header);
1657 /* Called with RTNL lock or RCU read lock. */
1658 struct sk_buff *ovs_vport_cmd_build_info(struct vport *vport, u32 pid,
1661 struct sk_buff *skb;
1664 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
1666 return ERR_PTR(-ENOMEM);
1668 retval = ovs_vport_cmd_fill_info(vport, skb, pid, seq, 0, cmd);
1671 return ERR_PTR(retval);
1676 static int ovs_vport_cmd_validate(struct nlattr *a[OVS_VPORT_ATTR_MAX + 1])
1678 return CHECK_NUL_STRING(a[OVS_VPORT_ATTR_NAME], IFNAMSIZ - 1);
1681 /* Called with RTNL lock or RCU read lock. */
1682 static struct vport *lookup_vport(struct ovs_header *ovs_header,
1683 struct nlattr *a[OVS_VPORT_ATTR_MAX + 1])
1685 struct datapath *dp;
1686 struct vport *vport;
1688 if (a[OVS_VPORT_ATTR_NAME]) {
1689 vport = vport_locate(nla_data(a[OVS_VPORT_ATTR_NAME]));
1691 return ERR_PTR(-ENODEV);
1693 } else if (a[OVS_VPORT_ATTR_PORT_NO]) {
1694 u32 port_no = nla_get_u32(a[OVS_VPORT_ATTR_PORT_NO]);
1696 if (port_no >= DP_MAX_PORTS)
1697 return ERR_PTR(-EFBIG);
1699 dp = get_dp(ovs_header->dp_ifindex);
1701 return ERR_PTR(-ENODEV);
1703 vport = get_vport_protected(dp, port_no);
1705 return ERR_PTR(-ENOENT);
1708 return ERR_PTR(-EINVAL);
1711 /* Called with RTNL lock. */
1712 static int change_vport(struct vport *vport,
1713 struct nlattr *a[OVS_VPORT_ATTR_MAX + 1])
1717 if (a[OVS_VPORT_ATTR_STATS])
1718 vport_set_stats(vport, nla_data(a[OVS_VPORT_ATTR_STATS]));
1720 if (a[OVS_VPORT_ATTR_ADDRESS])
1721 err = vport_set_addr(vport, nla_data(a[OVS_VPORT_ATTR_ADDRESS]));
1726 static int ovs_vport_cmd_new(struct sk_buff *skb, struct genl_info *info)
1728 struct nlattr **a = info->attrs;
1729 struct ovs_header *ovs_header = info->userhdr;
1730 struct vport_parms parms;
1731 struct sk_buff *reply;
1732 struct vport *vport;
1733 struct datapath *dp;
1738 if (!a[OVS_VPORT_ATTR_NAME] || !a[OVS_VPORT_ATTR_TYPE] ||
1739 !a[OVS_VPORT_ATTR_UPCALL_PID])
1742 err = ovs_vport_cmd_validate(a);
1747 dp = get_dp(ovs_header->dp_ifindex);
1752 if (a[OVS_VPORT_ATTR_PORT_NO]) {
1753 port_no = nla_get_u32(a[OVS_VPORT_ATTR_PORT_NO]);
1756 if (port_no >= DP_MAX_PORTS)
1759 vport = get_vport_protected(dp, port_no);
1764 for (port_no = 1; ; port_no++) {
1765 if (port_no >= DP_MAX_PORTS) {
1769 vport = get_vport_protected(dp, port_no);
1775 parms.name = nla_data(a[OVS_VPORT_ATTR_NAME]);
1776 parms.type = nla_get_u32(a[OVS_VPORT_ATTR_TYPE]);
1777 parms.options = a[OVS_VPORT_ATTR_OPTIONS];
1779 parms.port_no = port_no;
1780 parms.upcall_pid = nla_get_u32(a[OVS_VPORT_ATTR_UPCALL_PID]);
1782 vport = new_vport(&parms);
1783 err = PTR_ERR(vport);
1787 dp_sysfs_add_if(vport);
1789 err = change_vport(vport, a);
1791 reply = ovs_vport_cmd_build_info(vport, info->snd_pid,
1795 err = PTR_ERR(reply);
1798 dp_detach_port(vport);
1801 genl_notify(reply, genl_info_net(info), info->snd_pid,
1802 dp_vport_multicast_group.id, info->nlhdr, GFP_KERNEL);
1811 static int ovs_vport_cmd_set(struct sk_buff *skb, struct genl_info *info)
1813 struct nlattr **a = info->attrs;
1814 struct sk_buff *reply;
1815 struct vport *vport;
1818 err = ovs_vport_cmd_validate(a);
1823 vport = lookup_vport(info->userhdr, a);
1824 err = PTR_ERR(vport);
1829 if (a[OVS_VPORT_ATTR_TYPE] &&
1830 nla_get_u32(a[OVS_VPORT_ATTR_TYPE]) != vport->ops->type)
1833 if (!err && a[OVS_VPORT_ATTR_OPTIONS])
1834 err = vport_set_options(vport, a[OVS_VPORT_ATTR_OPTIONS]);
1836 err = change_vport(vport, a);
1837 if (!err && a[OVS_VPORT_ATTR_UPCALL_PID])
1838 vport->upcall_pid = nla_get_u32(a[OVS_VPORT_ATTR_UPCALL_PID]);
1840 reply = ovs_vport_cmd_build_info(vport, info->snd_pid, info->snd_seq,
1842 if (IS_ERR(reply)) {
1843 err = PTR_ERR(reply);
1844 netlink_set_err(INIT_NET_GENL_SOCK, 0,
1845 dp_vport_multicast_group.id, err);
1849 genl_notify(reply, genl_info_net(info), info->snd_pid,
1850 dp_vport_multicast_group.id, info->nlhdr, GFP_KERNEL);
1858 static int ovs_vport_cmd_del(struct sk_buff *skb, struct genl_info *info)
1860 struct nlattr **a = info->attrs;
1861 struct sk_buff *reply;
1862 struct vport *vport;
1865 err = ovs_vport_cmd_validate(a);
1870 vport = lookup_vport(info->userhdr, a);
1871 err = PTR_ERR(vport);
1875 if (vport->port_no == OVSP_LOCAL) {
1880 reply = ovs_vport_cmd_build_info(vport, info->snd_pid, info->snd_seq,
1882 err = PTR_ERR(reply);
1886 dp_detach_port(vport);
1888 genl_notify(reply, genl_info_net(info), info->snd_pid,
1889 dp_vport_multicast_group.id, info->nlhdr, GFP_KERNEL);
1897 static int ovs_vport_cmd_get(struct sk_buff *skb, struct genl_info *info)
1899 struct nlattr **a = info->attrs;
1900 struct ovs_header *ovs_header = info->userhdr;
1901 struct sk_buff *reply;
1902 struct vport *vport;
1905 err = ovs_vport_cmd_validate(a);
1910 vport = lookup_vport(ovs_header, a);
1911 err = PTR_ERR(vport);
1915 reply = ovs_vport_cmd_build_info(vport, info->snd_pid, info->snd_seq,
1917 err = PTR_ERR(reply);
1923 return genlmsg_reply(reply, info);
1931 static int ovs_vport_cmd_dump(struct sk_buff *skb, struct netlink_callback *cb)
1933 struct ovs_header *ovs_header = genlmsg_data(nlmsg_data(cb->nlh));
1934 struct datapath *dp;
1938 dp = get_dp(ovs_header->dp_ifindex);
1943 for (port_no = cb->args[0]; port_no < DP_MAX_PORTS; port_no++) {
1944 struct vport *vport;
1946 vport = get_vport_protected(dp, port_no);
1950 if (ovs_vport_cmd_fill_info(vport, skb, NETLINK_CB(cb->skb).pid,
1951 cb->nlh->nlmsg_seq, NLM_F_MULTI,
1952 OVS_VPORT_CMD_NEW) < 0)
1957 cb->args[0] = port_no;
1963 static struct genl_ops dp_vport_genl_ops[] = {
1964 { .cmd = OVS_VPORT_CMD_NEW,
1965 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1966 .policy = vport_policy,
1967 .doit = ovs_vport_cmd_new
1969 { .cmd = OVS_VPORT_CMD_DEL,
1970 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1971 .policy = vport_policy,
1972 .doit = ovs_vport_cmd_del
1974 { .cmd = OVS_VPORT_CMD_GET,
1975 .flags = 0, /* OK for unprivileged users. */
1976 .policy = vport_policy,
1977 .doit = ovs_vport_cmd_get,
1978 .dumpit = ovs_vport_cmd_dump
1980 { .cmd = OVS_VPORT_CMD_SET,
1981 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1982 .policy = vport_policy,
1983 .doit = ovs_vport_cmd_set,
1987 struct genl_family_and_ops {
1988 struct genl_family *family;
1989 struct genl_ops *ops;
1991 struct genl_multicast_group *group;
1994 static const struct genl_family_and_ops dp_genl_families[] = {
1995 { &dp_datapath_genl_family,
1996 dp_datapath_genl_ops, ARRAY_SIZE(dp_datapath_genl_ops),
1997 &dp_datapath_multicast_group },
1998 { &dp_vport_genl_family,
1999 dp_vport_genl_ops, ARRAY_SIZE(dp_vport_genl_ops),
2000 &dp_vport_multicast_group },
2001 { &dp_flow_genl_family,
2002 dp_flow_genl_ops, ARRAY_SIZE(dp_flow_genl_ops),
2003 &dp_flow_multicast_group },
2004 { &dp_packet_genl_family,
2005 dp_packet_genl_ops, ARRAY_SIZE(dp_packet_genl_ops),
2009 static void dp_unregister_genl(int n_families)
2013 for (i = 0; i < n_families; i++)
2014 genl_unregister_family(dp_genl_families[i].family);
2017 static int dp_register_genl(void)
2024 for (i = 0; i < ARRAY_SIZE(dp_genl_families); i++) {
2025 const struct genl_family_and_ops *f = &dp_genl_families[i];
2027 err = genl_register_family_with_ops(f->family, f->ops,
2034 err = genl_register_mc_group(f->family, f->group);
2043 dp_unregister_genl(n_registered);
2047 static int __init dp_init(void)
2049 struct sk_buff *dummy_skb;
2052 BUILD_BUG_ON(sizeof(struct ovs_skb_cb) > sizeof(dummy_skb->cb));
2054 pr_info("Open vSwitch switching datapath %s, built "__DATE__" "__TIME__"\n",
2063 goto error_tnl_exit;
2067 goto error_flow_exit;
2069 err = register_netdevice_notifier(&dp_device_notifier);
2071 goto error_vport_exit;
2073 err = dp_register_genl();
2075 goto error_unreg_notifier;
2079 error_unreg_notifier:
2080 unregister_netdevice_notifier(&dp_device_notifier);
2091 static void dp_cleanup(void)
2094 dp_unregister_genl(ARRAY_SIZE(dp_genl_families));
2095 unregister_netdevice_notifier(&dp_device_notifier);
2101 module_init(dp_init);
2102 module_exit(dp_cleanup);
2104 MODULE_DESCRIPTION("Open vSwitch switching datapath");
2105 MODULE_LICENSE("GPL");
git://git.onelab.eu / sliver-openvswitch.git / blob