X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=datapath%2Fdatapath.c;h=3837e92050beae31ee4fc8bd27ef2636753b1422;hb=856081f683d3e7d5b5fa07af4233d285eb205c47;hp=cc7672058cecbd309445bddf9d629fd5f84fd00b;hpb=2d7ce2ee1af5c4925ebbc681bb72e660d87faa71;p=sliver-openvswitch.git diff --git a/datapath/datapath.c b/datapath/datapath.c index cc7672058..3837e9205 100644 --- a/datapath/datapath.c +++ b/datapath/datapath.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2008, 2009, 2010 Nicira Networks. + * Copyright (c) 2007, 2008, 2009, 2010, 2011 Nicira Networks. * Distributed under the terms of the GNU GPL version 2. * * Significant portions of this file may be copied from parts of the Linux @@ -41,6 +41,7 @@ #include #include #include +#include #include #include "openvswitch/datapath-protocol.h" @@ -53,8 +54,6 @@ #include "table.h" #include "vport-internal_dev.h" -#include "compat.h" - int (*dp_ioctl_hook)(struct net_device *dev, struct ifreq *rq, int cmd); EXPORT_SYMBOL(dp_ioctl_hook); @@ -67,7 +66,7 @@ EXPORT_SYMBOL(dp_ioctl_hook); * It is safe to access the datapath and vport structures with just * dp_mutex. */ -static struct datapath *dps[ODP_MAX]; +static struct datapath __rcu *dps[ODP_MAX]; static DEFINE_MUTEX(dp_mutex); static int new_vport(struct datapath *, struct odp_port *, int port_no); @@ -77,7 +76,8 @@ struct datapath *get_dp(int dp_idx) { if (dp_idx < 0 || dp_idx >= ODP_MAX) return NULL; - return rcu_dereference(dps[dp_idx]); + return rcu_dereference_check(dps[dp_idx], rcu_read_lock_held() || + lockdep_is_held(&dp_mutex)); } EXPORT_SYMBOL_GPL(get_dp); @@ -93,10 +93,22 @@ static struct datapath *get_dp_locked(int dp_idx) return dp; } +static struct tbl *get_table_protected(struct datapath *dp) +{ + return rcu_dereference_protected(dp->table, + lockdep_is_held(&dp->mutex)); +} + +static struct vport *get_vport_protected(struct datapath *dp, u16 port_no) +{ + return rcu_dereference_protected(dp->ports[port_no], + lockdep_is_held(&dp->mutex)); +} + /* Must be called with rcu_read_lock or RTNL lock. */ const char *dp_name(const struct datapath *dp) { - return vport_get_name(dp->ports[ODPP_LOCAL]); + return vport_get_name(rcu_dereference_rtnl(dp->ports[ODPP_LOCAL])); } static inline size_t br_nlmsg_size(void) @@ -114,7 +126,7 @@ static int dp_fill_ifinfo(struct sk_buff *skb, const struct vport *port, int event, unsigned int flags) { - const struct datapath *dp = port->dp; + struct datapath *dp = port->dp; int ifindex = vport_get_ifindex(port); int iflink = vport_get_iflink(port); struct ifinfomsg *hdr; @@ -139,7 +151,8 @@ static int dp_fill_ifinfo(struct sk_buff *skb, hdr->ifi_change = 0; NLA_PUT_STRING(skb, IFLA_IFNAME, vport_get_name(port)); - NLA_PUT_U32(skb, IFLA_MASTER, vport_get_ifindex(dp->ports[ODPP_LOCAL])); + NLA_PUT_U32(skb, IFLA_MASTER, + vport_get_ifindex(get_vport_protected(dp, ODPP_LOCAL))); NLA_PUT_U32(skb, IFLA_MTU, vport_get_mtu(port)); #ifdef IFLA_OPERSTATE NLA_PUT_U8(skb, IFLA_OPERSTATE, @@ -211,7 +224,7 @@ static int create_dp(int dp_idx, const char __user *devnamep) goto err; } } else { - snprintf(devname, sizeof devname, "of%d", dp_idx); + snprintf(devname, sizeof(devname), "of%d", dp_idx); } rtnl_lock(); @@ -228,11 +241,12 @@ static int create_dp(int dp_idx, const char __user *devnamep) goto err_put_module; err = -ENOMEM; - dp = kzalloc(sizeof *dp, GFP_KERNEL); + dp = kzalloc(sizeof(*dp), GFP_KERNEL); if (dp == NULL) goto err_put_module; INIT_LIST_HEAD(&dp->port_list); mutex_init(&dp->mutex); + mutex_lock(&dp->mutex); dp->dp_idx = dp_idx; for (i = 0; i < DP_N_QUEUES; i++) skb_queue_head_init(&dp->queues[i]); @@ -245,7 +259,7 @@ static int create_dp(int dp_idx, const char __user *devnamep) /* Allocate table. */ err = -ENOMEM; - rcu_assign_pointer(dp->table, tbl_create(0)); + rcu_assign_pointer(dp->table, tbl_create(TBL_MIN_BUCKETS)); if (!dp->table) goto err_free_dp; @@ -263,22 +277,26 @@ static int create_dp(int dp_idx, const char __user *devnamep) dp->drop_frags = 0; dp->stats_percpu = alloc_percpu(struct dp_stats_percpu); - if (!dp->stats_percpu) + if (!dp->stats_percpu) { + err = -ENOMEM; goto err_destroy_local_port; + } rcu_assign_pointer(dps[dp_idx], dp); dp_sysfs_add_dp(dp); + mutex_unlock(&dp->mutex); mutex_unlock(&dp_mutex); rtnl_unlock(); return 0; err_destroy_local_port: - dp_detach_port(dp->ports[ODPP_LOCAL]); + dp_detach_port(get_vport_protected(dp, ODPP_LOCAL)); err_destroy_table: - tbl_destroy(dp->table, NULL); + tbl_destroy(get_table_protected(dp), NULL); err_free_dp: + mutex_unlock(&dp->mutex); kfree(dp); err_put_module: module_put(THIS_MODULE); @@ -289,52 +307,54 @@ err: return err; } -static void do_destroy_dp(struct datapath *dp) +static void destroy_dp_rcu(struct rcu_head *rcu) { - struct vport *p, *n; + struct datapath *dp = container_of(rcu, struct datapath, rcu); int i; - list_for_each_entry_safe (p, n, &dp->port_list, node) - if (p->port_no != ODPP_LOCAL) - dp_detach_port(p); - - dp_sysfs_del_dp(dp); - - rcu_assign_pointer(dps[dp->dp_idx], NULL); - - dp_detach_port(dp->ports[ODPP_LOCAL]); - - tbl_destroy(dp->table, flow_free_tbl); - for (i = 0; i < DP_N_QUEUES; i++) skb_queue_purge(&dp->queues[i]); + + tbl_destroy((struct tbl __force *)dp->table, flow_free_tbl); free_percpu(dp->stats_percpu); kobject_put(&dp->ifobj); - module_put(THIS_MODULE); } static int destroy_dp(int dp_idx) { struct datapath *dp; - int err; + int err = 0; + struct vport *p, *n; rtnl_lock(); mutex_lock(&dp_mutex); dp = get_dp(dp_idx); - err = -ENODEV; - if (!dp) - goto err_unlock; + if (!dp) { + err = -ENODEV; + goto out; + } - do_destroy_dp(dp); - err = 0; + mutex_lock(&dp->mutex); -err_unlock: + list_for_each_entry_safe (p, n, &dp->port_list, node) + if (p->port_no != ODPP_LOCAL) + dp_detach_port(p); + + dp_sysfs_del_dp(dp); + rcu_assign_pointer(dps[dp->dp_idx], NULL); + dp_detach_port(get_vport_protected(dp, ODPP_LOCAL)); + + mutex_unlock(&dp->mutex); + call_rcu(&dp->rcu, destroy_dp_rcu); + module_put(THIS_MODULE); + +out: mutex_unlock(&dp_mutex); rtnl_unlock(); return err; } -/* Called with RTNL lock and dp_mutex. */ +/* Called with RTNL lock and dp->mutex. */ static int new_vport(struct datapath *dp, struct odp_port *odp_port, int port_no) { struct vport_parms parms; @@ -370,7 +390,7 @@ static int attach_port(int dp_idx, struct odp_port __user *portp) int err; err = -EFAULT; - if (copy_from_user(&port, portp, sizeof port)) + if (copy_from_user(&port, portp, sizeof(port))) goto out; port.devname[IFNAMSIZ - 1] = '\0'; port.type[VPORT_TYPE_SIZE - 1] = '\0'; @@ -393,7 +413,7 @@ got_port_no: goto out_unlock_dp; set_internal_devs_mtu(dp); - dp_sysfs_add_if(dp->ports[port_no]); + dp_sysfs_add_if(get_vport_protected(dp, port_no)); err = put_user(port_no, &portp->port); @@ -444,7 +464,7 @@ static int detach_port(int dp_idx, int port_no) if (!dp) goto out_unlock_rtnl; - p = dp->ports[port_no]; + p = get_vport_protected(dp, port_no); err = -ENOENT; if (!p) goto out_unlock_dp; @@ -472,7 +492,7 @@ void dp_process_received_packet(struct vport *p, struct sk_buff *skb) OVS_CB(skb)->vport = p; if (!OVS_CB(skb)->flow) { - struct odp_flow_key key; + struct sw_flow_key key; struct tbl_node *flow_node; bool is_frag; @@ -493,7 +513,15 @@ void dp_process_received_packet(struct vport *p, struct sk_buff *skb) flow_node = tbl_lookup(rcu_dereference(dp->table), &key, flow_hash(&key), flow_cmp); if (unlikely(!flow_node)) { - dp_output_control(dp, skb, _ODPL_MISS_NR, OVS_CB(skb)->tun_id); + struct dp_upcall_info upcall; + + upcall.type = _ODPL_MISS_NR; + upcall.key = &key; + upcall.userdata = 0; + upcall.sample_pool = 0; + upcall.actions = NULL; + upcall.actions_len = 0; + dp_upcall(dp, skb, &upcall); stats_counter_off = offsetof(struct dp_stats_percpu, n_missed); goto out; } @@ -501,6 +529,7 @@ void dp_process_received_packet(struct vport *p, struct sk_buff *skb) OVS_CB(skb)->flow = flow_cast(flow_node); } + stats_counter_off = offsetof(struct dp_stats_percpu, n_hit); flow_used(OVS_CB(skb)->flow, skb); acts = rcu_dereference(OVS_CB(skb)->flow->sf_acts); @@ -511,13 +540,13 @@ void dp_process_received_packet(struct vport *p, struct sk_buff *skb) loop->looping = true; if (unlikely(loop->looping)) { loop_suppress(dp, acts); + kfree_skb(skb); goto out_loop; } /* Execute actions. */ execute_actions(dp, skb, &OVS_CB(skb)->flow->key, acts->actions, acts->actions_len); - stats_counter_off = offsetof(struct dp_stats_percpu, n_hit); /* Check whether sub-actions looped too much. */ if (unlikely(loop->looping)) @@ -541,10 +570,26 @@ out: local_bh_enable(); } +static void copy_and_csum_skb(struct sk_buff *skb, void *to) +{ + u16 csum_start, csum_offset; + __wsum csum; + + get_skb_csum_pointers(skb, &csum_start, &csum_offset); + csum_start -= skb_headroom(skb); + BUG_ON(csum_start >= skb_headlen(skb)); + + skb_copy_bits(skb, 0, to, csum_start); + + csum = skb_copy_and_csum_bits(skb, csum_start, to + csum_start, + skb->len - csum_start, 0); + *(__sum16 *)(to + csum_start + csum_offset) = csum_fold(csum); +} + /* Append each packet in 'skb' list to 'queue'. There will be only one packet * unless we broke up a GSO packet. */ -static int queue_control_packets(struct sk_buff *skb, struct sk_buff_head *queue, - int queue_no, u64 arg) +static int queue_control_packets(struct datapath *dp, struct sk_buff *skb, + const struct dp_upcall_info *upcall_info) { struct sk_buff *nskb; int port_no; @@ -556,22 +601,61 @@ static int queue_control_packets(struct sk_buff *skb, struct sk_buff_head *queue port_no = ODPP_LOCAL; do { - struct odp_msg *header; + struct odp_packet *upcall; + struct sk_buff *user_skb; /* to be queued to userspace */ + struct nlattr *nla; + unsigned int len; nskb = skb->next; skb->next = NULL; - err = skb_cow(skb, sizeof *header); - if (err) + len = sizeof(struct odp_packet); + len += nla_total_size(4); /* ODP_PACKET_ATTR_TYPE. */ + len += nla_total_size(skb->len); + len += nla_total_size(FLOW_BUFSIZE); + if (upcall_info->userdata) + len += nla_total_size(8); + if (upcall_info->sample_pool) + len += nla_total_size(4); + if (upcall_info->actions_len) + len += nla_total_size(upcall_info->actions_len); + + user_skb = alloc_skb(len, GFP_ATOMIC); + if (!user_skb) goto err_kfree_skbs; - header = (struct odp_msg*)__skb_push(skb, sizeof *header); - header->type = queue_no; - header->length = skb->len; - header->port = port_no; - header->arg = arg; - skb_queue_tail(queue, skb); + upcall = (struct odp_packet *)__skb_put(user_skb, sizeof(*upcall)); + upcall->dp_idx = dp->dp_idx; + nla_put_u32(user_skb, ODP_PACKET_ATTR_TYPE, upcall_info->type); + + nla = nla_nest_start(user_skb, ODP_PACKET_ATTR_KEY); + flow_to_nlattrs(upcall_info->key, user_skb); + nla_nest_end(user_skb, nla); + + if (upcall_info->userdata) + nla_put_u64(user_skb, ODP_PACKET_ATTR_USERDATA, upcall_info->userdata); + if (upcall_info->sample_pool) + nla_put_u32(user_skb, ODP_PACKET_ATTR_SAMPLE_POOL, upcall_info->sample_pool); + if (upcall_info->actions_len) { + const struct nlattr *actions = upcall_info->actions; + u32 actions_len = upcall_info->actions_len; + + nla = nla_nest_start(user_skb, ODP_PACKET_ATTR_ACTIONS); + memcpy(__skb_put(user_skb, actions_len), actions, actions_len); + nla_nest_end(user_skb, nla); + } + + nla = __nla_reserve(user_skb, ODP_PACKET_ATTR_PACKET, skb->len); + if (skb->ip_summed == CHECKSUM_PARTIAL) + copy_and_csum_skb(skb, nla_data(nla)); + else + skb_copy_bits(skb, 0, nla_data(nla), skb->len); + + upcall->len = user_skb->len; + skb_queue_tail(&dp->queues[upcall_info->type], user_skb); + + kfree_skb(skb); skb = nskb; } while (skb); return 0; @@ -585,16 +669,16 @@ err_kfree_skbs: return err; } -int dp_output_control(struct datapath *dp, struct sk_buff *skb, int queue_no, - u64 arg) +int dp_upcall(struct datapath *dp, struct sk_buff *skb, const struct dp_upcall_info *upcall_info) { struct dp_stats_percpu *stats; struct sk_buff_head *queue; int err; WARN_ON_ONCE(skb_shared(skb)); - BUG_ON(queue_no != _ODPL_MISS_NR && queue_no != _ODPL_ACTION_NR && queue_no != _ODPL_SFLOW_NR); - queue = &dp->queues[queue_no]; + BUG_ON(upcall_info->type >= DP_N_QUEUES); + + queue = &dp->queues[upcall_info->type]; err = -ENOBUFS; if (skb_queue_len(queue) >= DP_MAX_QUEUE_LEN) goto err_kfree_skb; @@ -612,13 +696,13 @@ int dp_output_control(struct datapath *dp, struct sk_buff *skb, int queue_no, kfree_skb(skb); skb = nskb; - if (unlikely(IS_ERR(skb))) { + if (IS_ERR(skb)) { err = PTR_ERR(skb); goto err; } } - err = queue_control_packets(skb, queue, queue_no, arg); + err = queue_control_packets(dp, skb, upcall_info); wake_up_interruptible(&dp->waitqueue); return err; @@ -639,10 +723,10 @@ err: static int flush_flows(struct datapath *dp) { - struct tbl *old_table = rcu_dereference(dp->table); + struct tbl *old_table = get_table_protected(dp); struct tbl *new_table; - new_table = tbl_create(0); + new_table = tbl_create(TBL_MIN_BUCKETS); if (!new_table) return -ENOMEM; @@ -655,74 +739,75 @@ static int flush_flows(struct datapath *dp) static int validate_actions(const struct nlattr *actions, u32 actions_len) { - const struct nlattr *a; - int rem; - - nla_for_each_attr(a, actions, actions_len, rem) { - static const u32 action_lens[ODPAT_MAX + 1] = { - [ODPAT_OUTPUT] = 4, - [ODPAT_CONTROLLER] = 8, - [ODPAT_SET_DL_TCI] = 2, - [ODPAT_STRIP_VLAN] = 0, - [ODPAT_SET_DL_SRC] = ETH_ALEN, - [ODPAT_SET_DL_DST] = ETH_ALEN, - [ODPAT_SET_NW_SRC] = 4, - [ODPAT_SET_NW_DST] = 4, - [ODPAT_SET_NW_TOS] = 1, - [ODPAT_SET_TP_SRC] = 2, - [ODPAT_SET_TP_DST] = 2, - [ODPAT_SET_TUNNEL] = 8, - [ODPAT_SET_PRIORITY] = 4, - [ODPAT_POP_PRIORITY] = 0, - [ODPAT_DROP_SPOOFED_ARP] = 0, - }; - int type = nla_type(a); - - if (type > ODPAT_MAX || nla_len(a) != action_lens[type]) - return -EINVAL; - - switch (type) { + const struct nlattr *a; + int rem; + + nla_for_each_attr(a, actions, actions_len, rem) { + static const u32 action_lens[ODPAT_MAX + 1] = { + [ODPAT_OUTPUT] = 4, + [ODPAT_CONTROLLER] = 8, + [ODPAT_SET_DL_TCI] = 2, + [ODPAT_STRIP_VLAN] = 0, + [ODPAT_SET_DL_SRC] = ETH_ALEN, + [ODPAT_SET_DL_DST] = ETH_ALEN, + [ODPAT_SET_NW_SRC] = 4, + [ODPAT_SET_NW_DST] = 4, + [ODPAT_SET_NW_TOS] = 1, + [ODPAT_SET_TP_SRC] = 2, + [ODPAT_SET_TP_DST] = 2, + [ODPAT_SET_TUNNEL] = 8, + [ODPAT_SET_PRIORITY] = 4, + [ODPAT_POP_PRIORITY] = 0, + [ODPAT_DROP_SPOOFED_ARP] = 0, + }; + int type = nla_type(a); + + if (type > ODPAT_MAX || nla_len(a) != action_lens[type]) + return -EINVAL; + + switch (type) { case ODPAT_UNSPEC: return -EINVAL; - case ODPAT_CONTROLLER: - case ODPAT_STRIP_VLAN: - case ODPAT_SET_DL_SRC: - case ODPAT_SET_DL_DST: - case ODPAT_SET_NW_SRC: - case ODPAT_SET_NW_DST: - case ODPAT_SET_TP_SRC: - case ODPAT_SET_TP_DST: - case ODPAT_SET_TUNNEL: - case ODPAT_SET_PRIORITY: - case ODPAT_POP_PRIORITY: - case ODPAT_DROP_SPOOFED_ARP: - /* No validation needed. */ - break; - - case ODPAT_OUTPUT: - if (nla_get_u32(a) >= DP_MAX_PORTS) - return -EINVAL; - - case ODPAT_SET_DL_TCI: + case ODPAT_CONTROLLER: + case ODPAT_STRIP_VLAN: + case ODPAT_SET_DL_SRC: + case ODPAT_SET_DL_DST: + case ODPAT_SET_NW_SRC: + case ODPAT_SET_NW_DST: + case ODPAT_SET_TP_SRC: + case ODPAT_SET_TP_DST: + case ODPAT_SET_TUNNEL: + case ODPAT_SET_PRIORITY: + case ODPAT_POP_PRIORITY: + case ODPAT_DROP_SPOOFED_ARP: + /* No validation needed. */ + break; + + case ODPAT_OUTPUT: + if (nla_get_u32(a) >= DP_MAX_PORTS) + return -EINVAL; + break; + + case ODPAT_SET_DL_TCI: if (nla_get_be16(a) & htons(VLAN_CFI_MASK)) return -EINVAL; - break; + break; - case ODPAT_SET_NW_TOS: - if (nla_get_u8(a) & INET_ECN_MASK) - return -EINVAL; - break; + case ODPAT_SET_NW_TOS: + if (nla_get_u8(a) & INET_ECN_MASK) + return -EINVAL; + break; - default: - return -EOPNOTSUPP; - } - } + default: + return -EOPNOTSUPP; + } + } - if (rem > 0) - return -EINVAL; + if (rem > 0) + return -EINVAL; - return 0; + return 0; } static struct sw_flow_actions *get_actions(const struct odp_flow *flow) @@ -736,7 +821,9 @@ static struct sw_flow_actions *get_actions(const struct odp_flow *flow) goto error; error = -EFAULT; - if (copy_from_user(actions->actions, flow->actions, flow->actions_len)) + if (copy_from_user(actions->actions, + (struct nlattr __user __force *)flow->actions, + flow->actions_len)) goto error_free_actions; error = validate_actions(actions->actions, actions->actions_len); if (error) @@ -784,7 +871,7 @@ static void clear_stats(struct sw_flow *flow) static int expand_table(struct datapath *dp) { - struct tbl *old_table = rcu_dereference(dp->table); + struct tbl *old_table = get_table_protected(dp); struct tbl *new_table; new_table = tbl_expand(old_table); @@ -801,16 +888,23 @@ static int do_put_flow(struct datapath *dp, struct odp_flow_put *uf, struct odp_flow_stats *stats) { struct tbl_node *flow_node; + struct sw_flow_key key; struct sw_flow *flow; struct tbl *table; + struct sw_flow_actions *acts = NULL; int error; + u32 hash; + + error = flow_copy_from_user(&key, (const struct nlattr __force __user *)uf->flow.key, + uf->flow.key_len); + if (error) + return error; - table = rcu_dereference(dp->table); - flow_node = tbl_lookup(table, &uf->flow.key, flow_hash(&uf->flow.key), flow_cmp); + hash = flow_hash(&key); + table = get_table_protected(dp); + flow_node = tbl_lookup(table, &key, hash, flow_cmp); if (!flow_node) { /* No such flow. */ - struct sw_flow_actions *acts; - error = -ENOENT; if (!(uf->flags & ODPPF_CREATE)) goto error; @@ -820,7 +914,7 @@ static int do_put_flow(struct datapath *dp, struct odp_flow_put *uf, error = expand_table(dp); if (error) goto error; - table = rcu_dereference(dp->table); + table = get_table_protected(dp); } /* Allocate flow. */ @@ -829,7 +923,7 @@ static int do_put_flow(struct datapath *dp, struct odp_flow_put *uf, error = PTR_ERR(flow); goto error; } - flow->key = uf->flow.key; + flow->key = key; clear_stats(flow); /* Obtain actions. */ @@ -840,7 +934,7 @@ static int do_put_flow(struct datapath *dp, struct odp_flow_put *uf, rcu_assign_pointer(flow->sf_acts, acts); /* Put flow in bucket. */ - error = tbl_insert(table, &flow->tbl_node, flow_hash(&flow->key)); + error = tbl_insert(table, &flow->tbl_node, hash); if (error) goto error_free_flow_acts; @@ -861,7 +955,9 @@ static int do_put_flow(struct datapath *dp, struct odp_flow_put *uf, error = PTR_ERR(new_acts); if (IS_ERR(new_acts)) goto error; - old_acts = rcu_dereference(flow->sf_acts); + + old_acts = rcu_dereference_protected(flow->sf_acts, + lockdep_is_held(&dp->mutex)); if (old_acts->actions_len != new_acts->actions_len || memcmp(old_acts->actions, new_acts->actions, old_acts->actions_len)) { @@ -882,7 +978,7 @@ static int do_put_flow(struct datapath *dp, struct odp_flow_put *uf, return 0; error_free_flow_acts: - kfree(flow->sf_acts); + kfree(acts); error_free_flow: flow->sf_acts = NULL; flow_put(flow); @@ -910,7 +1006,8 @@ static int put_flow(struct datapath *dp, struct odp_flow_put __user *ufp) return 0; } -static int do_answer_query(struct sw_flow *flow, u32 query_flags, +static int do_answer_query(struct datapath *dp, struct sw_flow *flow, + u32 query_flags, struct odp_flow_stats __user *ustats, struct nlattr __user *actions, u32 __user *actions_lenp) @@ -933,7 +1030,8 @@ static int do_answer_query(struct sw_flow *flow, u32 query_flags, if (!actions_len) return 0; - sf_acts = rcu_dereference(flow->sf_acts); + sf_acts = rcu_dereference_protected(flow->sf_acts, + lockdep_is_held(&dp->mutex)); if (put_user(sf_acts->actions_len, actions_lenp) || (actions && copy_to_user(actions, sf_acts->actions, min(sf_acts->actions_len, actions_len)))) @@ -942,25 +1040,30 @@ static int do_answer_query(struct sw_flow *flow, u32 query_flags, return 0; } -static int answer_query(struct sw_flow *flow, u32 query_flags, - struct odp_flow __user *ufp) +static int answer_query(struct datapath *dp, struct sw_flow *flow, + u32 query_flags, struct odp_flow __user *ufp) { - struct nlattr *actions; + struct nlattr __user *actions; - if (get_user(actions, &ufp->actions)) + if (get_user(actions, (struct nlattr __user * __user *)&ufp->actions)) return -EFAULT; - return do_answer_query(flow, query_flags, + return do_answer_query(dp, flow, query_flags, &ufp->stats, actions, &ufp->actions_len); } -static struct sw_flow *do_del_flow(struct datapath *dp, struct odp_flow_key *key) +static struct sw_flow *do_del_flow(struct datapath *dp, const struct nlattr __user *key, u32 key_len) { - struct tbl *table = rcu_dereference(dp->table); + struct tbl *table = get_table_protected(dp); struct tbl_node *flow_node; + struct sw_flow_key swkey; int error; - flow_node = tbl_lookup(table, key, flow_hash(key), flow_cmp); + error = flow_copy_from_user(&swkey, key, key_len); + if (error) + return ERR_PTR(error); + + flow_node = tbl_lookup(table, &swkey, flow_hash(&swkey), flow_cmp); if (!flow_node) return ERR_PTR(-ENOENT); @@ -981,83 +1084,48 @@ static int del_flow(struct datapath *dp, struct odp_flow __user *ufp) struct odp_flow uf; int error; - if (copy_from_user(&uf, ufp, sizeof uf)) + if (copy_from_user(&uf, ufp, sizeof(uf))) return -EFAULT; - flow = do_del_flow(dp, &uf.key); + flow = do_del_flow(dp, (const struct nlattr __force __user *)uf.key, uf.key_len); if (IS_ERR(flow)) return PTR_ERR(flow); - error = answer_query(flow, 0, ufp); + error = answer_query(dp, flow, 0, ufp); flow_deferred_free(flow); return error; } static int do_query_flows(struct datapath *dp, const struct odp_flowvec *flowvec) { - struct tbl *table = rcu_dereference(dp->table); + struct tbl *table = get_table_protected(dp); u32 i; for (i = 0; i < flowvec->n_flows; i++) { - struct odp_flow __user *ufp = &flowvec->flows[i]; + struct odp_flow __user *ufp = (struct odp_flow __user __force *)&flowvec->flows[i]; + struct sw_flow_key key; struct odp_flow uf; struct tbl_node *flow_node; int error; - if (copy_from_user(&uf, ufp, sizeof uf)) + if (copy_from_user(&uf, ufp, sizeof(uf))) return -EFAULT; - flow_node = tbl_lookup(table, &uf.key, flow_hash(&uf.key), flow_cmp); + error = flow_copy_from_user(&key, (const struct nlattr __force __user *)uf.key, uf.key_len); + if (error) + return error; + + flow_node = tbl_lookup(table, &uf.key, flow_hash(&key), flow_cmp); if (!flow_node) error = put_user(ENOENT, &ufp->stats.error); else - error = answer_query(flow_cast(flow_node), uf.flags, ufp); + error = answer_query(dp, flow_cast(flow_node), uf.flags, ufp); if (error) return -EFAULT; } return flowvec->n_flows; } -struct list_flows_cbdata { - struct odp_flow __user *uflows; - u32 n_flows; - u32 listed_flows; -}; - -static int list_flow(struct tbl_node *node, void *cbdata_) -{ - struct sw_flow *flow = flow_cast(node); - struct list_flows_cbdata *cbdata = cbdata_; - struct odp_flow __user *ufp = &cbdata->uflows[cbdata->listed_flows++]; - int error; - - if (copy_to_user(&ufp->key, &flow->key, sizeof flow->key)) - return -EFAULT; - error = answer_query(flow, 0, ufp); - if (error) - return error; - - if (cbdata->listed_flows >= cbdata->n_flows) - return cbdata->listed_flows; - return 0; -} - -static int do_list_flows(struct datapath *dp, const struct odp_flowvec *flowvec) -{ - struct list_flows_cbdata cbdata; - int error; - - if (!flowvec->n_flows) - return 0; - - cbdata.uflows = flowvec->flows; - cbdata.n_flows = flowvec->n_flows; - cbdata.listed_flows = 0; - - error = tbl_foreach(rcu_dereference(dp->table), list_flow, &cbdata); - return error ? error : cbdata.listed_flows; -} - static int do_flowvec_ioctl(struct datapath *dp, unsigned long argp, int (*function)(struct datapath *, const struct odp_flowvec *)) @@ -1067,7 +1135,7 @@ static int do_flowvec_ioctl(struct datapath *dp, unsigned long argp, int retval; uflowvec = (struct odp_flowvec __user *)argp; - if (copy_from_user(&flowvec, uflowvec, sizeof flowvec)) + if (copy_from_user(&flowvec, uflowvec, sizeof(flowvec))) return -EFAULT; if (flowvec.n_flows > INT_MAX / sizeof(struct odp_flow)) @@ -1079,9 +1147,57 @@ static int do_flowvec_ioctl(struct datapath *dp, unsigned long argp, : put_user(retval, &uflowvec->n_flows)); } +static struct sw_flow *do_dump_flow(struct datapath *dp, u32 __user *state) +{ + struct tbl *table = get_table_protected(dp); + struct tbl_node *tbl_node; + u32 bucket, obj; + + if (get_user(bucket, &state[0]) || get_user(obj, &state[1])) + return ERR_PTR(-EFAULT); + + tbl_node = tbl_next(table, &bucket, &obj); + + if (put_user(bucket, &state[0]) || put_user(obj, &state[1])) + return ERR_PTR(-EFAULT); + + return tbl_node ? flow_cast(tbl_node) : NULL; +} + +static int dump_flow(struct datapath *dp, struct odp_flow_dump __user *udumpp) +{ + struct odp_flow __user *uflowp; + struct nlattr __user *ukey; + struct sw_flow *flow; + u32 key_len; + + flow = do_dump_flow(dp, udumpp->state); + if (IS_ERR(flow)) + return PTR_ERR(flow); + + if (get_user(uflowp, (struct odp_flow __user *__user*)&udumpp->flow)) + return -EFAULT; + + if (!flow) + return put_user(ODPFF_EOF, &uflowp->flags); + + if (put_user(0, &uflowp->flags) || + get_user(ukey, (struct nlattr __user * __user*)&uflowp->key) || + get_user(key_len, &uflowp->key_len)) + return -EFAULT; + + key_len = flow_copy_to_user(ukey, &flow->key, key_len); + if (key_len < 0) + return key_len; + if (put_user(key_len, &uflowp->key_len)) + return -EFAULT; + + return answer_query(dp, flow, 0, uflowp); +} + static int do_execute(struct datapath *dp, const struct odp_execute *execute) { - struct odp_flow_key key; + struct sw_flow_key key; struct sk_buff *skb; struct sw_flow_actions *actions; struct ethhdr *eth; @@ -1099,7 +1215,8 @@ static int do_execute(struct datapath *dp, const struct odp_execute *execute) } err = -EFAULT; - if (copy_from_user(actions->actions, execute->actions, execute->actions_len)) + if (copy_from_user(actions->actions, + (struct nlattr __user __force *)execute->actions, execute->actions_len)) goto error_free_actions; err = validate_actions(actions->actions, execute->actions_len); @@ -1112,7 +1229,8 @@ static int do_execute(struct datapath *dp, const struct odp_execute *execute) goto error_free_actions; err = -EFAULT; - if (copy_from_user(skb_put(skb, execute->length), execute->data, + if (copy_from_user(skb_put(skb, execute->length), + (const void __user __force *)execute->data, execute->length)) goto error_free_skb; @@ -1150,7 +1268,7 @@ static int execute_packet(struct datapath *dp, const struct odp_execute __user * { struct odp_execute execute; - if (copy_from_user(&execute, executep, sizeof execute)) + if (copy_from_user(&execute, executep, sizeof(execute))) return -EFAULT; return do_execute(dp, &execute); @@ -1158,7 +1276,7 @@ static int execute_packet(struct datapath *dp, const struct odp_execute __user * static int get_dp_stats(struct datapath *dp, struct odp_stats __user *statsp) { - struct tbl *table = rcu_dereference(dp->table); + struct tbl *table = get_table_protected(dp); struct odp_stats stats; int i; @@ -1187,7 +1305,7 @@ static int get_dp_stats(struct datapath *dp, struct odp_stats __user *statsp) } stats.max_miss_queue = DP_MAX_QUEUE_LEN; stats.max_action_queue = DP_MAX_QUEUE_LEN; - return copy_to_user(statsp, &stats, sizeof stats) ? -EFAULT : 0; + return copy_to_user(statsp, &stats, sizeof(stats)) ? -EFAULT : 0; } /* MTU of the dp pseudo-device: ETH_DATA_LEN or the minimum of the ports */ @@ -1235,60 +1353,48 @@ static int put_port(const struct vport *p, struct odp_port __user *uop) { struct odp_port op; - memset(&op, 0, sizeof op); + memset(&op, 0, sizeof(op)); rcu_read_lock(); - strncpy(op.devname, vport_get_name(p), sizeof op.devname); - strncpy(op.type, vport_get_type(p), sizeof op.type); + strncpy(op.devname, vport_get_name(p), sizeof(op.devname)); + strncpy(op.type, vport_get_type(p), sizeof(op.type)); + vport_get_config(p, op.config); rcu_read_unlock(); op.port = p->port_no; - return copy_to_user(uop, &op, sizeof op) ? -EFAULT : 0; + return copy_to_user(uop, &op, sizeof(op)) ? -EFAULT : 0; } static int query_port(struct datapath *dp, struct odp_port __user *uport) { struct odp_port port; + struct vport *vport; - if (copy_from_user(&port, uport, sizeof port)) + if (copy_from_user(&port, uport, sizeof(port))) return -EFAULT; if (port.devname[0]) { - struct vport *vport; - int err = 0; - port.devname[IFNAMSIZ - 1] = '\0'; vport_lock(); - rcu_read_lock(); - vport = vport_locate(port.devname); - if (!vport) { - err = -ENODEV; - goto error_unlock; - } - if (vport->dp != dp) { - err = -ENOENT; - goto error_unlock; - } - - port.port = vport->port_no; - -error_unlock: - rcu_read_unlock(); vport_unlock(); - if (err) - return err; + if (!vport) + return -ENODEV; + if (vport->dp != dp) + return -ENOENT; } else { if (port.port >= DP_MAX_PORTS) return -EINVAL; - if (!dp->ports[port.port]) + + vport = get_vport_protected(dp, port.port); + if (!vport) return -ENOENT; } - return put_port(dp->ports[port.port], uport); + return put_port(vport, uport); } static int do_list_ports(struct datapath *dp, struct odp_port __user *uports, @@ -1313,10 +1419,11 @@ static int list_ports(struct datapath *dp, struct odp_portvec __user *upv) struct odp_portvec pv; int retval; - if (copy_from_user(&pv, upv, sizeof pv)) + if (copy_from_user(&pv, upv, sizeof(pv))) return -EFAULT; - retval = do_list_ports(dp, pv.ports, pv.n_ports); + retval = do_list_ports(dp, (struct odp_port __user __force *)pv.ports, + pv.n_ports); if (retval < 0) return retval; @@ -1465,8 +1572,8 @@ static long openvswitch_ioctl(struct file *f, unsigned int cmd, err = do_flowvec_ioctl(dp, argp, do_query_flows); break; - case ODP_FLOW_LIST: - err = do_flowvec_ioctl(dp, argp, do_list_flows); + case ODP_FLOW_DUMP: + err = dump_flow(dp, (struct odp_flow_dump __user *)argp); break; case ODP_EXECUTE: @@ -1498,7 +1605,7 @@ static int compat_list_ports(struct datapath *dp, struct compat_odp_portvec __us struct compat_odp_portvec pv; int retval; - if (copy_from_user(&pv, upv, sizeof pv)) + if (copy_from_user(&pv, upv, sizeof(pv))) return -EFAULT; retval = do_list_ports(dp, compat_ptr(pv.ports), pv.n_ports); @@ -1510,17 +1617,19 @@ static int compat_list_ports(struct datapath *dp, struct compat_odp_portvec __us static int compat_get_flow(struct odp_flow *flow, const struct compat_odp_flow __user *compat) { - compat_uptr_t actions; + compat_uptr_t key, actions; if (!access_ok(VERIFY_READ, compat, sizeof(struct compat_odp_flow)) || __copy_from_user(&flow->stats, &compat->stats, sizeof(struct odp_flow_stats)) || - __copy_from_user(&flow->key, &compat->key, sizeof(struct odp_flow_key)) || + __get_user(key, &compat->key) || + __get_user(flow->key_len, &compat->key_len) || __get_user(actions, &compat->actions) || __get_user(flow->actions_len, &compat->actions_len) || __get_user(flow->flags, &compat->flags)) return -EFAULT; - flow->actions = compat_ptr(actions); + flow->key = (struct nlattr __force *)compat_ptr(key); + flow->actions = (struct nlattr __force *)compat_ptr(actions); return 0; } @@ -1545,7 +1654,8 @@ static int compat_put_flow(struct datapath *dp, struct compat_odp_flow_put __use return 0; } -static int compat_answer_query(struct sw_flow *flow, u32 query_flags, +static int compat_answer_query(struct datapath *dp, struct sw_flow *flow, + u32 query_flags, struct compat_odp_flow __user *ufp) { compat_uptr_t actions; @@ -1553,7 +1663,7 @@ static int compat_answer_query(struct sw_flow *flow, u32 query_flags, if (get_user(actions, &ufp->actions)) return -EFAULT; - return do_answer_query(flow, query_flags, &ufp->stats, + return do_answer_query(dp, flow, query_flags, &ufp->stats, compat_ptr(actions), &ufp->actions_len); } @@ -1566,83 +1676,84 @@ static int compat_del_flow(struct datapath *dp, struct compat_odp_flow __user *u if (compat_get_flow(&uf, ufp)) return -EFAULT; - flow = do_del_flow(dp, &uf.key); + flow = do_del_flow(dp, (const struct nlattr __force __user *)uf.key, uf.key_len); if (IS_ERR(flow)) return PTR_ERR(flow); - error = compat_answer_query(flow, 0, ufp); + error = compat_answer_query(dp, flow, 0, ufp); flow_deferred_free(flow); return error; } -static int compat_query_flows(struct datapath *dp, struct compat_odp_flow *flows, u32 n_flows) +static int compat_query_flows(struct datapath *dp, + struct compat_odp_flow __user *flows, + u32 n_flows) { - struct tbl *table = rcu_dereference(dp->table); + struct tbl *table = get_table_protected(dp); u32 i; for (i = 0; i < n_flows; i++) { struct compat_odp_flow __user *ufp = &flows[i]; struct odp_flow uf; struct tbl_node *flow_node; + struct sw_flow_key key; int error; if (compat_get_flow(&uf, ufp)) return -EFAULT; - flow_node = tbl_lookup(table, &uf.key, flow_hash(&uf.key), flow_cmp); + error = flow_copy_from_user(&key, (const struct nlattr __force __user *) uf.key, uf.key_len); + if (error) + return error; + + flow_node = tbl_lookup(table, &key, flow_hash(&key), flow_cmp); if (!flow_node) error = put_user(ENOENT, &ufp->stats.error); else - error = compat_answer_query(flow_cast(flow_node), uf.flags, ufp); + error = compat_answer_query(dp, flow_cast(flow_node), + uf.flags, ufp); if (error) return -EFAULT; } return n_flows; } -struct compat_list_flows_cbdata { - struct compat_odp_flow __user *uflows; - u32 n_flows; - u32 listed_flows; -}; - -static int compat_list_flow(struct tbl_node *node, void *cbdata_) +static int compat_dump_flow(struct datapath *dp, struct compat_odp_flow_dump __user *udumpp) { - struct sw_flow *flow = flow_cast(node); - struct compat_list_flows_cbdata *cbdata = cbdata_; - struct compat_odp_flow __user *ufp = &cbdata->uflows[cbdata->listed_flows++]; - int error; + struct compat_odp_flow __user *uflowp; + compat_uptr_t compat_ufp; + struct sw_flow *flow; + compat_uptr_t ukey; + u32 key_len; - if (copy_to_user(&ufp->key, &flow->key, sizeof flow->key)) - return -EFAULT; - error = compat_answer_query(flow, 0, ufp); - if (error) - return error; + flow = do_dump_flow(dp, udumpp->state); + if (IS_ERR(flow)) + return PTR_ERR(flow); - if (cbdata->listed_flows >= cbdata->n_flows) - return cbdata->listed_flows; - return 0; -} + if (get_user(compat_ufp, &udumpp->flow)) + return -EFAULT; + uflowp = compat_ptr(compat_ufp); -static int compat_list_flows(struct datapath *dp, struct compat_odp_flow *flows, u32 n_flows) -{ - struct compat_list_flows_cbdata cbdata; - int error; + if (!flow) + return put_user(ODPFF_EOF, &uflowp->flags); - if (!n_flows) - return 0; + if (put_user(0, &uflowp->flags) || + get_user(ukey, &uflowp->key) || + get_user(key_len, &uflowp->key_len)) + return -EFAULT; - cbdata.uflows = flows; - cbdata.n_flows = n_flows; - cbdata.listed_flows = 0; + key_len = flow_copy_to_user(compat_ptr(ukey), &flow->key, key_len); + if (key_len < 0) + return key_len; + if (put_user(key_len, &uflowp->key_len)) + return -EFAULT; - error = tbl_foreach(rcu_dereference(dp->table), compat_list_flow, &cbdata); - return error ? error : cbdata.listed_flows; + return compat_answer_query(dp, flow, 0, uflowp); } static int compat_flowvec_ioctl(struct datapath *dp, unsigned long argp, int (*function)(struct datapath *, - struct compat_odp_flow *, + struct compat_odp_flow __user *, u32 n_flows)) { struct compat_odp_flowvec __user *uflowvec; @@ -1651,8 +1762,8 @@ static int compat_flowvec_ioctl(struct datapath *dp, unsigned long argp, int retval; uflowvec = compat_ptr(argp); - if (!access_ok(VERIFY_WRITE, uflowvec, sizeof *uflowvec) || - copy_from_user(&flowvec, uflowvec, sizeof flowvec)) + if (!access_ok(VERIFY_WRITE, uflowvec, sizeof(*uflowvec)) || + copy_from_user(&flowvec, uflowvec, sizeof(flowvec))) return -EFAULT; if (flowvec.n_flows > INT_MAX / sizeof(struct compat_odp_flow)) @@ -1682,8 +1793,8 @@ static int compat_execute(struct datapath *dp, const struct compat_odp_execute _ __get_user(execute.length, &uexecute->length)) return -EFAULT; - execute.actions = compat_ptr(actions); - execute.data = compat_ptr(data); + execute.actions = (struct nlattr __force *)compat_ptr(actions); + execute.data = (const void __force *)compat_ptr(data); return do_execute(dp, &execute); } @@ -1744,8 +1855,8 @@ static long openvswitch_compat_ioctl(struct file *f, unsigned int cmd, unsigned err = compat_flowvec_ioctl(dp, argp, compat_query_flows); break; - case ODP_FLOW_LIST32: - err = compat_flowvec_ioctl(dp, argp, compat_list_flows); + case ODP_FLOW_DUMP32: + err = compat_dump_flow(dp, compat_ptr(argp)); break; case ODP_EXECUTE32: @@ -1762,100 +1873,6 @@ exit: } #endif -/* Unfortunately this function is not exported so this is a verbatim copy - * from net/core/datagram.c in 2.6.30. */ -static int skb_copy_and_csum_datagram(const struct sk_buff *skb, int offset, - u8 __user *to, int len, - __wsum *csump) -{ - int start = skb_headlen(skb); - int pos = 0; - int i, copy = start - offset; - - /* Copy header. */ - if (copy > 0) { - int err = 0; - if (copy > len) - copy = len; - *csump = csum_and_copy_to_user(skb->data + offset, to, copy, - *csump, &err); - if (err) - goto fault; - if ((len -= copy) == 0) - return 0; - offset += copy; - to += copy; - pos = copy; - } - - for (i = 0; i < skb_shinfo(skb)->nr_frags; i++) { - int end; - - WARN_ON(start > offset + len); - - end = start + skb_shinfo(skb)->frags[i].size; - if ((copy = end - offset) > 0) { - __wsum csum2; - int err = 0; - u8 *vaddr; - skb_frag_t *frag = &skb_shinfo(skb)->frags[i]; - struct page *page = frag->page; - - if (copy > len) - copy = len; - vaddr = kmap(page); - csum2 = csum_and_copy_to_user(vaddr + - frag->page_offset + - offset - start, - to, copy, 0, &err); - kunmap(page); - if (err) - goto fault; - *csump = csum_block_add(*csump, csum2, pos); - if (!(len -= copy)) - return 0; - offset += copy; - to += copy; - pos += copy; - } - start = end; - } - - if (skb_shinfo(skb)->frag_list) { - struct sk_buff *list = skb_shinfo(skb)->frag_list; - - for (; list; list=list->next) { - int end; - - WARN_ON(start > offset + len); - - end = start + list->len; - if ((copy = end - offset) > 0) { - __wsum csum2 = 0; - if (copy > len) - copy = len; - if (skb_copy_and_csum_datagram(list, - offset - start, - to, copy, - &csum2)) - goto fault; - *csump = csum_block_add(*csump, csum2, pos); - if ((len -= copy) == 0) - return 0; - offset += copy; - to += copy; - pos += copy; - } - start = end; - } - } - if (!len) - return 0; - -fault: - return -EFAULT; -} - static ssize_t openvswitch_read(struct file *f, char __user *buf, size_t nbytes, loff_t *ppos) { @@ -1863,7 +1880,7 @@ static ssize_t openvswitch_read(struct file *f, char __user *buf, int dp_idx = iminor(f->f_dentry->d_inode); struct datapath *dp = get_dp_locked(dp_idx); struct sk_buff *skb; - size_t copy_bytes, tot_copy_bytes; + struct iovec iov; int retval; if (!dp) @@ -1900,41 +1917,11 @@ static ssize_t openvswitch_read(struct file *f, char __user *buf, success: mutex_unlock(&dp->mutex); - copy_bytes = tot_copy_bytes = min_t(size_t, skb->len, nbytes); - - retval = 0; - if (skb->ip_summed == CHECKSUM_PARTIAL) { - if (copy_bytes == skb->len) { - __wsum csum = 0; - u16 csum_start, csum_offset; - - get_skb_csum_pointers(skb, &csum_start, &csum_offset); - BUG_ON(csum_start >= skb_headlen(skb)); - retval = skb_copy_and_csum_datagram(skb, csum_start, buf + csum_start, - copy_bytes - csum_start, &csum); - if (!retval) { - __sum16 __user *csump; - - copy_bytes = csum_start; - csump = (__sum16 __user *)(buf + csum_start + csum_offset); - - BUG_ON((char *)csump + sizeof(__sum16) > buf + nbytes); - put_user(csum_fold(csum), csump); - } - } else - retval = skb_checksum_help(skb); - } - - if (!retval) { - struct iovec __user iov; - - iov.iov_base = buf; - iov.iov_len = copy_bytes; - retval = skb_copy_datagram_iovec(skb, 0, &iov, iov.iov_len); - } - + iov.iov_base = buf; + iov.iov_len = min_t(size_t, skb->len, nbytes); + retval = skb_copy_datagram_iovec(skb, 0, &iov, iov.iov_len); if (!retval) - retval = tot_copy_bytes; + retval = skb->len; kfree_skb(skb); return retval; @@ -1963,6 +1950,7 @@ static unsigned int openvswitch_poll(struct file *file, poll_table *wait) } static struct file_operations openvswitch_fops = { + .owner = THIS_MODULE, .read = openvswitch_read, .poll = openvswitch_poll, .unlocked_ioctl = openvswitch_ioctl,