2 * Copyright (c) 2007, 2008, 2009, 2010, 2011 Nicira Networks.
3 * Distributed under the terms of the GNU GPL version 2.
5 * Significant portions of this file may be copied from parts of the Linux
6 * kernel, by Linus Torvalds and others.
9 /* Functions for managing the dp interface/device. */
11 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
13 #include <linux/init.h>
14 #include <linux/module.h>
15 #include <linux/if_arp.h>
16 #include <linux/if_vlan.h>
19 #include <linux/jhash.h>
20 #include <linux/delay.h>
21 #include <linux/time.h>
22 #include <linux/etherdevice.h>
23 #include <linux/genetlink.h>
24 #include <linux/kernel.h>
25 #include <linux/kthread.h>
26 #include <linux/mutex.h>
27 #include <linux/percpu.h>
28 #include <linux/rcupdate.h>
29 #include <linux/tcp.h>
30 #include <linux/udp.h>
31 #include <linux/version.h>
32 #include <linux/ethtool.h>
33 #include <linux/wait.h>
34 #include <asm/system.h>
35 #include <asm/div64.h>
37 #include <linux/highmem.h>
38 #include <linux/netfilter_bridge.h>
39 #include <linux/netfilter_ipv4.h>
40 #include <linux/inetdevice.h>
41 #include <linux/list.h>
42 #include <linux/rculist.h>
43 #include <linux/dmi.h>
44 #include <net/inet_ecn.h>
45 #include <net/genetlink.h>
47 #include "openvswitch/datapath-protocol.h"
54 #include "vport-internal_dev.h"
56 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,18) || \
57 LINUX_VERSION_CODE >= KERNEL_VERSION(3,1,0)
58 #error Kernels before 2.6.18 or after 3.0 are not supported by this version of Open vSwitch.
61 int (*dp_ioctl_hook)(struct net_device *dev, struct ifreq *rq, int cmd);
62 EXPORT_SYMBOL(dp_ioctl_hook);
67 * Writes to device state (add/remove datapath, port, set operations on vports,
68 * etc.) are protected by RTNL.
70 * Writes to other state (flow table modifications, set miscellaneous datapath
71 * parameters such as drop frags, etc.) are protected by genl_mutex. The RTNL
72 * lock nests inside genl_mutex.
74 * Reads are protected by RCU.
76 * There are a few special cases (mostly stats) that have their own
77 * synchronization but they nest under all of above and don't interact with
81 /* Global list of datapaths to enable dumping them all out.
82 * Protected by genl_mutex.
84 static LIST_HEAD(dps);
86 static struct vport *new_vport(const struct vport_parms *);
87 static int queue_userspace_packets(struct datapath *, struct sk_buff *,
88 const struct dp_upcall_info *);
90 /* Must be called with rcu_read_lock, genl_mutex, or RTNL lock. */
91 struct datapath *get_dp(int dp_ifindex)
93 struct datapath *dp = NULL;
94 struct net_device *dev;
97 dev = dev_get_by_index_rcu(&init_net, dp_ifindex);
99 struct vport *vport = internal_dev_get_vport(dev);
107 EXPORT_SYMBOL_GPL(get_dp);
109 /* Must be called with genl_mutex. */
110 static struct flow_table *get_table_protected(struct datapath *dp)
112 return rcu_dereference_protected(dp->table, lockdep_genl_is_held());
115 /* Must be called with rcu_read_lock or RTNL lock. */
116 static struct vport *get_vport_protected(struct datapath *dp, u16 port_no)
118 return rcu_dereference_rtnl(dp->ports[port_no]);
121 /* Must be called with rcu_read_lock or RTNL lock. */
122 const char *dp_name(const struct datapath *dp)
124 return vport_get_name(rcu_dereference_rtnl(dp->ports[OVSP_LOCAL]));
127 static inline size_t br_nlmsg_size(void)
129 return NLMSG_ALIGN(sizeof(struct ifinfomsg))
130 + nla_total_size(IFNAMSIZ) /* IFLA_IFNAME */
131 + nla_total_size(MAX_ADDR_LEN) /* IFLA_ADDRESS */
132 + nla_total_size(4) /* IFLA_MASTER */
133 + nla_total_size(4) /* IFLA_MTU */
134 + nla_total_size(1); /* IFLA_OPERSTATE */
137 /* Caller must hold RTNL lock. */
138 static int dp_fill_ifinfo(struct sk_buff *skb,
139 const struct vport *port,
140 int event, unsigned int flags)
142 struct datapath *dp = port->dp;
143 int ifindex = vport_get_ifindex(port);
144 struct ifinfomsg *hdr;
145 struct nlmsghdr *nlh;
150 nlh = nlmsg_put(skb, 0, 0, event, sizeof(*hdr), flags);
154 hdr = nlmsg_data(nlh);
155 hdr->ifi_family = AF_BRIDGE;
157 hdr->ifi_type = ARPHRD_ETHER;
158 hdr->ifi_index = ifindex;
159 hdr->ifi_flags = vport_get_flags(port);
162 NLA_PUT_STRING(skb, IFLA_IFNAME, vport_get_name(port));
163 NLA_PUT_U32(skb, IFLA_MASTER,
164 vport_get_ifindex(get_vport_protected(dp, OVSP_LOCAL)));
165 NLA_PUT_U32(skb, IFLA_MTU, vport_get_mtu(port));
166 #ifdef IFLA_OPERSTATE
167 NLA_PUT_U8(skb, IFLA_OPERSTATE,
168 vport_is_running(port)
169 ? vport_get_operstate(port)
173 NLA_PUT(skb, IFLA_ADDRESS, ETH_ALEN, vport_get_addr(port));
175 return nlmsg_end(skb, nlh);
178 nlmsg_cancel(skb, nlh);
182 /* Caller must hold RTNL lock. */
183 static void dp_ifinfo_notify(int event, struct vport *port)
188 skb = nlmsg_new(br_nlmsg_size(), GFP_KERNEL);
192 err = dp_fill_ifinfo(skb, port, event, 0);
194 /* -EMSGSIZE implies BUG in br_nlmsg_size() */
195 WARN_ON(err == -EMSGSIZE);
199 rtnl_notify(skb, &init_net, 0, RTNLGRP_LINK, NULL, GFP_KERNEL);
203 rtnl_set_sk_err(&init_net, RTNLGRP_LINK, err);
206 static void release_dp(struct kobject *kobj)
208 struct datapath *dp = container_of(kobj, struct datapath, ifobj);
212 static struct kobj_type dp_ktype = {
213 .release = release_dp
216 static void destroy_dp_rcu(struct rcu_head *rcu)
218 struct datapath *dp = container_of(rcu, struct datapath, rcu);
220 flow_tbl_destroy(dp->table);
221 free_percpu(dp->stats_percpu);
222 kobject_put(&dp->ifobj);
225 /* Called with RTNL lock and genl_lock. */
226 static struct vport *new_vport(const struct vport_parms *parms)
230 vport = vport_add(parms);
231 if (!IS_ERR(vport)) {
232 struct datapath *dp = parms->dp;
234 rcu_assign_pointer(dp->ports[parms->port_no], vport);
235 list_add(&vport->node, &dp->port_list);
237 dp_ifinfo_notify(RTM_NEWLINK, vport);
243 /* Called with RTNL lock. */
244 void dp_detach_port(struct vport *p)
248 if (p->port_no != OVSP_LOCAL)
250 dp_ifinfo_notify(RTM_DELLINK, p);
252 /* First drop references to device. */
254 rcu_assign_pointer(p->dp->ports[p->port_no], NULL);
256 /* Then destroy it. */
260 /* Must be called with rcu_read_lock. */
261 void dp_process_received_packet(struct vport *p, struct sk_buff *skb)
263 struct datapath *dp = p->dp;
264 struct sw_flow *flow;
265 struct dp_stats_percpu *stats;
266 int stats_counter_off;
269 OVS_CB(skb)->vport = p;
271 if (!OVS_CB(skb)->flow) {
272 struct sw_flow_key key;
276 /* Extract flow from 'skb' into 'key'. */
277 error = flow_extract(skb, p->port_no, &key, &key_len, &is_frag);
278 if (unlikely(error)) {
283 if (is_frag && dp->drop_frags) {
285 stats_counter_off = offsetof(struct dp_stats_percpu, n_frags);
290 flow = flow_tbl_lookup(rcu_dereference(dp->table), &key, key_len);
291 if (unlikely(!flow)) {
292 struct dp_upcall_info upcall;
294 upcall.cmd = OVS_PACKET_CMD_MISS;
297 upcall.sample_pool = 0;
298 upcall.actions = NULL;
299 upcall.actions_len = 0;
300 dp_upcall(dp, skb, &upcall);
301 stats_counter_off = offsetof(struct dp_stats_percpu, n_missed);
305 OVS_CB(skb)->flow = flow;
308 stats_counter_off = offsetof(struct dp_stats_percpu, n_hit);
309 flow_used(OVS_CB(skb)->flow, skb);
310 execute_actions(dp, skb);
313 /* Update datapath statistics. */
315 stats = per_cpu_ptr(dp->stats_percpu, smp_processor_id());
317 write_seqcount_begin(&stats->seqlock);
318 (*(u64 *)((u8 *)stats + stats_counter_off))++;
319 write_seqcount_end(&stats->seqlock);
324 static void copy_and_csum_skb(struct sk_buff *skb, void *to)
326 u16 csum_start, csum_offset;
329 get_skb_csum_pointers(skb, &csum_start, &csum_offset);
330 csum_start -= skb_headroom(skb);
332 skb_copy_bits(skb, 0, to, csum_start);
334 csum = skb_copy_and_csum_bits(skb, csum_start, to + csum_start,
335 skb->len - csum_start, 0);
336 *(__sum16 *)(to + csum_start + csum_offset) = csum_fold(csum);
339 static struct genl_family dp_packet_genl_family = {
340 .id = GENL_ID_GENERATE,
341 .hdrsize = sizeof(struct ovs_header),
342 .name = OVS_PACKET_FAMILY,
344 .maxattr = OVS_PACKET_ATTR_MAX
347 /* Generic Netlink multicast groups for upcalls.
349 * We really want three unique multicast groups per datapath, but we can't even
350 * get one, because genl_register_mc_group() takes genl_lock, which is also
351 * held during Generic Netlink message processing, so trying to acquire
352 * multicast groups during OVS_DP_NEW processing deadlocks. Instead, we
353 * preallocate a few groups and use them round-robin for datapaths. Collision
354 * isn't fatal--multicast listeners should check that the family is the one
355 * that they want and discard others--but it wastes time and memory to receive
358 #define PACKET_N_MC_GROUPS 16
359 static struct genl_multicast_group packet_mc_groups[PACKET_N_MC_GROUPS];
361 static u32 packet_mc_group(struct datapath *dp, u8 cmd)
364 BUILD_BUG_ON_NOT_POWER_OF_2(PACKET_N_MC_GROUPS);
366 idx = jhash_2words(dp->dp_ifindex, cmd, 0) & (PACKET_N_MC_GROUPS - 1);
367 return packet_mc_groups[idx].id;
370 static int packet_register_mc_groups(void)
374 for (i = 0; i < PACKET_N_MC_GROUPS; i++) {
375 struct genl_multicast_group *group = &packet_mc_groups[i];
378 sprintf(group->name, "packet%d", i);
379 error = genl_register_mc_group(&dp_packet_genl_family, group);
386 int dp_upcall(struct datapath *dp, struct sk_buff *skb, const struct dp_upcall_info *upcall_info)
388 struct dp_stats_percpu *stats;
391 WARN_ON_ONCE(skb_shared(skb));
393 forward_ip_summed(skb, true);
395 /* Break apart GSO packets into their component pieces. Otherwise
396 * userspace may try to stuff a 64kB packet into a 1500-byte MTU. */
397 if (skb_is_gso(skb)) {
398 struct sk_buff *nskb = skb_gso_segment(skb, NETIF_F_SG | NETIF_F_HW_CSUM);
409 err = queue_userspace_packets(dp, skb, upcall_info);
417 stats = per_cpu_ptr(dp->stats_percpu, smp_processor_id());
419 write_seqcount_begin(&stats->seqlock);
421 write_seqcount_end(&stats->seqlock);
428 /* Send each packet in the 'skb' list to userspace for 'dp' as directed by
429 * 'upcall_info'. There will be only one packet unless we broke up a GSO
432 static int queue_userspace_packets(struct datapath *dp, struct sk_buff *skb,
433 const struct dp_upcall_info *upcall_info)
435 u32 group = packet_mc_group(dp, upcall_info->cmd);
436 struct sk_buff *nskb;
440 struct ovs_header *upcall;
441 struct sk_buff *user_skb; /* to be queued to userspace */
448 err = vlan_deaccel_tag(skb);
452 if (nla_attr_size(skb->len) > USHRT_MAX)
455 len = sizeof(struct ovs_header);
456 len += nla_total_size(skb->len);
457 len += nla_total_size(FLOW_BUFSIZE);
458 if (upcall_info->userdata)
459 len += nla_total_size(8);
460 if (upcall_info->sample_pool)
461 len += nla_total_size(4);
462 if (upcall_info->actions_len)
463 len += nla_total_size(upcall_info->actions_len);
465 user_skb = genlmsg_new(len, GFP_ATOMIC);
467 netlink_set_err(INIT_NET_GENL_SOCK, 0, group, -ENOBUFS);
471 upcall = genlmsg_put(user_skb, 0, 0, &dp_packet_genl_family, 0, upcall_info->cmd);
472 upcall->dp_ifindex = dp->dp_ifindex;
474 nla = nla_nest_start(user_skb, OVS_PACKET_ATTR_KEY);
475 flow_to_nlattrs(upcall_info->key, user_skb);
476 nla_nest_end(user_skb, nla);
478 if (upcall_info->userdata)
479 nla_put_u64(user_skb, OVS_PACKET_ATTR_USERDATA, upcall_info->userdata);
480 if (upcall_info->sample_pool)
481 nla_put_u32(user_skb, OVS_PACKET_ATTR_SAMPLE_POOL, upcall_info->sample_pool);
482 if (upcall_info->actions_len) {
483 const struct nlattr *actions = upcall_info->actions;
484 u32 actions_len = upcall_info->actions_len;
486 nla = nla_nest_start(user_skb, OVS_PACKET_ATTR_ACTIONS);
487 memcpy(__skb_put(user_skb, actions_len), actions, actions_len);
488 nla_nest_end(user_skb, nla);
491 nla = __nla_reserve(user_skb, OVS_PACKET_ATTR_PACKET, skb->len);
492 if (skb->ip_summed == CHECKSUM_PARTIAL)
493 copy_and_csum_skb(skb, nla_data(nla));
495 skb_copy_bits(skb, 0, nla_data(nla), skb->len);
497 err = genlmsg_multicast(user_skb, 0, group, GFP_ATOMIC);
508 while ((skb = nskb) != NULL) {
515 /* Called with genl_mutex. */
516 static int flush_flows(int dp_ifindex)
518 struct flow_table *old_table;
519 struct flow_table *new_table;
522 dp = get_dp(dp_ifindex);
526 old_table = get_table_protected(dp);
527 new_table = flow_tbl_alloc(TBL_MIN_BUCKETS);
531 rcu_assign_pointer(dp->table, new_table);
533 flow_tbl_deferred_destroy(old_table);
537 static int validate_actions(const struct nlattr *attr)
539 const struct nlattr *a;
542 nla_for_each_nested(a, attr, rem) {
543 static const u32 action_lens[OVS_ACTION_ATTR_MAX + 1] = {
544 [OVS_ACTION_ATTR_OUTPUT] = 4,
545 [OVS_ACTION_ATTR_USERSPACE] = 8,
546 [OVS_ACTION_ATTR_PUSH_VLAN] = 2,
547 [OVS_ACTION_ATTR_POP_VLAN] = 0,
548 [OVS_ACTION_ATTR_SET_DL_SRC] = ETH_ALEN,
549 [OVS_ACTION_ATTR_SET_DL_DST] = ETH_ALEN,
550 [OVS_ACTION_ATTR_SET_NW_SRC] = 4,
551 [OVS_ACTION_ATTR_SET_NW_DST] = 4,
552 [OVS_ACTION_ATTR_SET_NW_TOS] = 1,
553 [OVS_ACTION_ATTR_SET_TP_SRC] = 2,
554 [OVS_ACTION_ATTR_SET_TP_DST] = 2,
555 [OVS_ACTION_ATTR_SET_TUNNEL] = 8,
556 [OVS_ACTION_ATTR_SET_PRIORITY] = 4,
557 [OVS_ACTION_ATTR_POP_PRIORITY] = 0,
559 int type = nla_type(a);
561 if (type > OVS_ACTION_ATTR_MAX || nla_len(a) != action_lens[type])
565 case OVS_ACTION_ATTR_UNSPEC:
568 case OVS_ACTION_ATTR_USERSPACE:
569 case OVS_ACTION_ATTR_POP_VLAN:
570 case OVS_ACTION_ATTR_SET_DL_SRC:
571 case OVS_ACTION_ATTR_SET_DL_DST:
572 case OVS_ACTION_ATTR_SET_NW_SRC:
573 case OVS_ACTION_ATTR_SET_NW_DST:
574 case OVS_ACTION_ATTR_SET_TP_SRC:
575 case OVS_ACTION_ATTR_SET_TP_DST:
576 case OVS_ACTION_ATTR_SET_TUNNEL:
577 case OVS_ACTION_ATTR_SET_PRIORITY:
578 case OVS_ACTION_ATTR_POP_PRIORITY:
579 /* No validation needed. */
582 case OVS_ACTION_ATTR_OUTPUT:
583 if (nla_get_u32(a) >= DP_MAX_PORTS)
587 case OVS_ACTION_ATTR_PUSH_VLAN:
588 if (nla_get_be16(a) & htons(VLAN_CFI_MASK))
592 case OVS_ACTION_ATTR_SET_NW_TOS:
593 if (nla_get_u8(a) & INET_ECN_MASK)
607 static void clear_stats(struct sw_flow *flow)
611 flow->packet_count = 0;
612 flow->byte_count = 0;
615 static int ovs_packet_cmd_execute(struct sk_buff *skb, struct genl_info *info)
617 struct ovs_header *ovs_header = info->userhdr;
618 struct nlattr **a = info->attrs;
619 struct sw_flow_actions *acts;
620 struct sk_buff *packet;
621 struct sw_flow *flow;
630 if (!a[OVS_PACKET_ATTR_PACKET] || !a[OVS_PACKET_ATTR_KEY] ||
631 !a[OVS_PACKET_ATTR_ACTIONS] ||
632 nla_len(a[OVS_PACKET_ATTR_PACKET]) < ETH_HLEN)
635 err = validate_actions(a[OVS_PACKET_ATTR_ACTIONS]);
639 len = nla_len(a[OVS_PACKET_ATTR_PACKET]);
640 packet = __dev_alloc_skb(NET_IP_ALIGN + len, GFP_KERNEL);
644 skb_reserve(packet, NET_IP_ALIGN);
646 memcpy(__skb_put(packet, len), nla_data(a[OVS_PACKET_ATTR_PACKET]), len);
648 skb_reset_mac_header(packet);
649 eth = eth_hdr(packet);
651 /* Normally, setting the skb 'protocol' field would be handled by a
652 * call to eth_type_trans(), but it assumes there's a sending
653 * device, which we may not have. */
654 if (ntohs(eth->h_proto) >= 1536)
655 packet->protocol = eth->h_proto;
657 packet->protocol = htons(ETH_P_802_2);
659 /* Build an sw_flow for sending this packet. */
665 err = flow_extract(packet, -1, &flow->key, &key_len, &is_frag);
669 err = flow_metadata_from_nlattrs(&flow->key.eth.in_port,
670 &flow->key.eth.tun_id,
671 a[OVS_PACKET_ATTR_KEY]);
675 flow->hash = flow_hash(&flow->key, key_len);
677 acts = flow_actions_alloc(a[OVS_PACKET_ATTR_ACTIONS]);
681 rcu_assign_pointer(flow->sf_acts, acts);
683 OVS_CB(packet)->flow = flow;
686 dp = get_dp(ovs_header->dp_ifindex);
690 err = execute_actions(dp, packet);
706 static const struct nla_policy packet_policy[OVS_PACKET_ATTR_MAX + 1] = {
707 [OVS_PACKET_ATTR_PACKET] = { .type = NLA_UNSPEC },
708 [OVS_PACKET_ATTR_KEY] = { .type = NLA_NESTED },
709 [OVS_PACKET_ATTR_ACTIONS] = { .type = NLA_NESTED },
712 static struct genl_ops dp_packet_genl_ops[] = {
713 { .cmd = OVS_PACKET_CMD_EXECUTE,
714 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
715 .policy = packet_policy,
716 .doit = ovs_packet_cmd_execute
720 static void get_dp_stats(struct datapath *dp, struct ovs_dp_stats *stats)
723 struct flow_table *table = get_table_protected(dp);
725 stats->n_flows = flow_tbl_count(table);
727 stats->n_frags = stats->n_hit = stats->n_missed = stats->n_lost = 0;
728 for_each_possible_cpu(i) {
729 const struct dp_stats_percpu *percpu_stats;
730 struct dp_stats_percpu local_stats;
733 percpu_stats = per_cpu_ptr(dp->stats_percpu, i);
736 seqcount = read_seqcount_begin(&percpu_stats->seqlock);
737 local_stats = *percpu_stats;
738 } while (read_seqcount_retry(&percpu_stats->seqlock, seqcount));
740 stats->n_frags += local_stats.n_frags;
741 stats->n_hit += local_stats.n_hit;
742 stats->n_missed += local_stats.n_missed;
743 stats->n_lost += local_stats.n_lost;
747 /* MTU of the dp pseudo-device: ETH_DATA_LEN or the minimum of the ports.
748 * Called with RTNL lock.
750 int dp_min_mtu(const struct datapath *dp)
757 list_for_each_entry (p, &dp->port_list, node) {
760 /* Skip any internal ports, since that's what we're trying to
762 if (is_internal_vport(p))
765 dev_mtu = vport_get_mtu(p);
768 if (!mtu || dev_mtu < mtu)
772 return mtu ? mtu : ETH_DATA_LEN;
775 /* Sets the MTU of all datapath devices to the minimum of the ports
776 * Called with RTNL lock.
778 void set_internal_devs_mtu(const struct datapath *dp)
785 mtu = dp_min_mtu(dp);
787 list_for_each_entry (p, &dp->port_list, node) {
788 if (is_internal_vport(p))
789 vport_set_mtu(p, mtu);
793 static const struct nla_policy flow_policy[OVS_FLOW_ATTR_MAX + 1] = {
794 [OVS_FLOW_ATTR_KEY] = { .type = NLA_NESTED },
795 [OVS_FLOW_ATTR_ACTIONS] = { .type = NLA_NESTED },
796 [OVS_FLOW_ATTR_CLEAR] = { .type = NLA_FLAG },
799 static struct genl_family dp_flow_genl_family = {
800 .id = GENL_ID_GENERATE,
801 .hdrsize = sizeof(struct ovs_header),
802 .name = OVS_FLOW_FAMILY,
804 .maxattr = OVS_FLOW_ATTR_MAX
807 static struct genl_multicast_group dp_flow_multicast_group = {
808 .name = OVS_FLOW_MCGROUP
811 /* Called with genl_lock. */
812 static int ovs_flow_cmd_fill_info(struct sw_flow *flow, struct datapath *dp,
813 struct sk_buff *skb, u32 pid, u32 seq, u32 flags, u8 cmd)
815 const int skb_orig_len = skb->len;
816 const struct sw_flow_actions *sf_acts;
817 struct ovs_flow_stats stats;
818 struct ovs_header *ovs_header;
824 sf_acts = rcu_dereference_protected(flow->sf_acts,
825 lockdep_genl_is_held());
827 ovs_header = genlmsg_put(skb, pid, seq, &dp_flow_genl_family, flags, cmd);
831 ovs_header->dp_ifindex = dp->dp_ifindex;
833 nla = nla_nest_start(skb, OVS_FLOW_ATTR_KEY);
835 goto nla_put_failure;
836 err = flow_to_nlattrs(&flow->key, skb);
839 nla_nest_end(skb, nla);
841 spin_lock_bh(&flow->lock);
843 stats.n_packets = flow->packet_count;
844 stats.n_bytes = flow->byte_count;
845 tcp_flags = flow->tcp_flags;
846 spin_unlock_bh(&flow->lock);
849 NLA_PUT_U64(skb, OVS_FLOW_ATTR_USED, flow_used_time(used));
852 NLA_PUT(skb, OVS_FLOW_ATTR_STATS, sizeof(struct ovs_flow_stats), &stats);
855 NLA_PUT_U8(skb, OVS_FLOW_ATTR_TCP_FLAGS, tcp_flags);
857 /* If OVS_FLOW_ATTR_ACTIONS doesn't fit, skip dumping the actions if
858 * this is the first flow to be dumped into 'skb'. This is unusual for
859 * Netlink but individual action lists can be longer than
860 * NLMSG_GOODSIZE and thus entirely undumpable if we didn't do this.
861 * The userspace caller can always fetch the actions separately if it
862 * really wants them. (Most userspace callers in fact don't care.)
864 * This can only fail for dump operations because the skb is always
865 * properly sized for single flows.
867 err = nla_put(skb, OVS_FLOW_ATTR_ACTIONS, sf_acts->actions_len,
869 if (err < 0 && skb_orig_len)
872 return genlmsg_end(skb, ovs_header);
877 genlmsg_cancel(skb, ovs_header);
881 static struct sk_buff *ovs_flow_cmd_alloc_info(struct sw_flow *flow)
883 const struct sw_flow_actions *sf_acts;
886 sf_acts = rcu_dereference_protected(flow->sf_acts,
887 lockdep_genl_is_held());
889 len = nla_total_size(FLOW_BUFSIZE); /* OVS_FLOW_ATTR_KEY */
890 len += nla_total_size(sf_acts->actions_len); /* OVS_FLOW_ATTR_ACTIONS */
891 len += nla_total_size(sizeof(struct ovs_flow_stats)); /* OVS_FLOW_ATTR_STATS */
892 len += nla_total_size(1); /* OVS_FLOW_ATTR_TCP_FLAGS */
893 len += nla_total_size(8); /* OVS_FLOW_ATTR_USED */
894 return genlmsg_new(NLMSG_ALIGN(sizeof(struct ovs_header)) + len, GFP_KERNEL);
897 static struct sk_buff *ovs_flow_cmd_build_info(struct sw_flow *flow, struct datapath *dp,
898 u32 pid, u32 seq, u8 cmd)
903 skb = ovs_flow_cmd_alloc_info(flow);
905 return ERR_PTR(-ENOMEM);
907 retval = ovs_flow_cmd_fill_info(flow, dp, skb, pid, seq, 0, cmd);
912 static int ovs_flow_cmd_new_or_set(struct sk_buff *skb, struct genl_info *info)
914 struct nlattr **a = info->attrs;
915 struct ovs_header *ovs_header = info->userhdr;
916 struct sw_flow_key key;
917 struct sw_flow *flow;
918 struct sk_buff *reply;
920 struct flow_table *table;
926 if (!a[OVS_FLOW_ATTR_KEY])
928 error = flow_from_nlattrs(&key, &key_len, a[OVS_FLOW_ATTR_KEY]);
932 /* Validate actions. */
933 if (a[OVS_FLOW_ATTR_ACTIONS]) {
934 error = validate_actions(a[OVS_FLOW_ATTR_ACTIONS]);
937 } else if (info->genlhdr->cmd == OVS_FLOW_CMD_NEW) {
942 dp = get_dp(ovs_header->dp_ifindex);
947 table = get_table_protected(dp);
948 flow = flow_tbl_lookup(table, &key, key_len);
950 struct sw_flow_actions *acts;
952 /* Bail out if we're not allowed to create a new flow. */
954 if (info->genlhdr->cmd == OVS_FLOW_CMD_SET)
957 /* Expand table, if necessary, to make room. */
958 if (flow_tbl_need_to_expand(table)) {
959 struct flow_table *new_table;
961 new_table = flow_tbl_expand(table);
962 if (!IS_ERR(new_table)) {
963 rcu_assign_pointer(dp->table, new_table);
964 flow_tbl_deferred_destroy(table);
965 table = get_table_protected(dp);
972 error = PTR_ERR(flow);
978 /* Obtain actions. */
979 acts = flow_actions_alloc(a[OVS_FLOW_ATTR_ACTIONS]);
980 error = PTR_ERR(acts);
982 goto error_free_flow;
983 rcu_assign_pointer(flow->sf_acts, acts);
985 /* Put flow in bucket. */
986 flow->hash = flow_hash(&key, key_len);
987 flow_tbl_insert(table, flow);
989 reply = ovs_flow_cmd_build_info(flow, dp, info->snd_pid,
990 info->snd_seq, OVS_FLOW_CMD_NEW);
992 /* We found a matching flow. */
993 struct sw_flow_actions *old_acts;
995 /* Bail out if we're not allowed to modify an existing flow.
996 * We accept NLM_F_CREATE in place of the intended NLM_F_EXCL
997 * because Generic Netlink treats the latter as a dump
998 * request. We also accept NLM_F_EXCL in case that bug ever
1002 if (info->genlhdr->cmd == OVS_FLOW_CMD_NEW &&
1003 info->nlhdr->nlmsg_flags & (NLM_F_CREATE | NLM_F_EXCL))
1006 /* Update actions. */
1007 old_acts = rcu_dereference_protected(flow->sf_acts,
1008 lockdep_genl_is_held());
1009 if (a[OVS_FLOW_ATTR_ACTIONS] &&
1010 (old_acts->actions_len != nla_len(a[OVS_FLOW_ATTR_ACTIONS]) ||
1011 memcmp(old_acts->actions, nla_data(a[OVS_FLOW_ATTR_ACTIONS]),
1012 old_acts->actions_len))) {
1013 struct sw_flow_actions *new_acts;
1015 new_acts = flow_actions_alloc(a[OVS_FLOW_ATTR_ACTIONS]);
1016 error = PTR_ERR(new_acts);
1017 if (IS_ERR(new_acts))
1020 rcu_assign_pointer(flow->sf_acts, new_acts);
1021 flow_deferred_free_acts(old_acts);
1024 reply = ovs_flow_cmd_build_info(flow, dp, info->snd_pid,
1025 info->snd_seq, OVS_FLOW_CMD_NEW);
1028 if (a[OVS_FLOW_ATTR_CLEAR]) {
1029 spin_lock_bh(&flow->lock);
1031 spin_unlock_bh(&flow->lock);
1036 genl_notify(reply, genl_info_net(info), info->snd_pid,
1037 dp_flow_multicast_group.id, info->nlhdr, GFP_KERNEL);
1039 netlink_set_err(INIT_NET_GENL_SOCK, 0,
1040 dp_flow_multicast_group.id, PTR_ERR(reply));
1049 static int ovs_flow_cmd_get(struct sk_buff *skb, struct genl_info *info)
1051 struct nlattr **a = info->attrs;
1052 struct ovs_header *ovs_header = info->userhdr;
1053 struct sw_flow_key key;
1054 struct sk_buff *reply;
1055 struct sw_flow *flow;
1056 struct datapath *dp;
1057 struct flow_table *table;
1061 if (!a[OVS_FLOW_ATTR_KEY])
1063 err = flow_from_nlattrs(&key, &key_len, a[OVS_FLOW_ATTR_KEY]);
1067 dp = get_dp(ovs_header->dp_ifindex);
1071 table = get_table_protected(dp);
1072 flow = flow_tbl_lookup(table, &key, key_len);
1076 reply = ovs_flow_cmd_build_info(flow, dp, info->snd_pid, info->snd_seq, OVS_FLOW_CMD_NEW);
1078 return PTR_ERR(reply);
1080 return genlmsg_reply(reply, info);
1083 static int ovs_flow_cmd_del(struct sk_buff *skb, struct genl_info *info)
1085 struct nlattr **a = info->attrs;
1086 struct ovs_header *ovs_header = info->userhdr;
1087 struct sw_flow_key key;
1088 struct sk_buff *reply;
1089 struct sw_flow *flow;
1090 struct datapath *dp;
1091 struct flow_table *table;
1095 if (!a[OVS_FLOW_ATTR_KEY])
1096 return flush_flows(ovs_header->dp_ifindex);
1097 err = flow_from_nlattrs(&key, &key_len, a[OVS_FLOW_ATTR_KEY]);
1101 dp = get_dp(ovs_header->dp_ifindex);
1105 table = get_table_protected(dp);
1106 flow = flow_tbl_lookup(table, &key, key_len);
1110 reply = ovs_flow_cmd_alloc_info(flow);
1114 flow_tbl_remove(table, flow);
1116 err = ovs_flow_cmd_fill_info(flow, dp, reply, info->snd_pid,
1117 info->snd_seq, 0, OVS_FLOW_CMD_DEL);
1120 flow_deferred_free(flow);
1122 genl_notify(reply, genl_info_net(info), info->snd_pid,
1123 dp_flow_multicast_group.id, info->nlhdr, GFP_KERNEL);
1127 static int ovs_flow_cmd_dump(struct sk_buff *skb, struct netlink_callback *cb)
1129 struct ovs_header *ovs_header = genlmsg_data(nlmsg_data(cb->nlh));
1130 struct datapath *dp;
1132 dp = get_dp(ovs_header->dp_ifindex);
1137 struct sw_flow *flow;
1140 bucket = cb->args[0];
1142 flow = flow_tbl_next(get_table_protected(dp), &bucket, &obj);
1146 if (ovs_flow_cmd_fill_info(flow, dp, skb, NETLINK_CB(cb->skb).pid,
1147 cb->nlh->nlmsg_seq, NLM_F_MULTI,
1148 OVS_FLOW_CMD_NEW) < 0)
1151 cb->args[0] = bucket;
1157 static struct genl_ops dp_flow_genl_ops[] = {
1158 { .cmd = OVS_FLOW_CMD_NEW,
1159 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1160 .policy = flow_policy,
1161 .doit = ovs_flow_cmd_new_or_set
1163 { .cmd = OVS_FLOW_CMD_DEL,
1164 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1165 .policy = flow_policy,
1166 .doit = ovs_flow_cmd_del
1168 { .cmd = OVS_FLOW_CMD_GET,
1169 .flags = 0, /* OK for unprivileged users. */
1170 .policy = flow_policy,
1171 .doit = ovs_flow_cmd_get,
1172 .dumpit = ovs_flow_cmd_dump
1174 { .cmd = OVS_FLOW_CMD_SET,
1175 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1176 .policy = flow_policy,
1177 .doit = ovs_flow_cmd_new_or_set,
1181 static const struct nla_policy datapath_policy[OVS_DP_ATTR_MAX + 1] = {
1182 #ifdef HAVE_NLA_NUL_STRING
1183 [OVS_DP_ATTR_NAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ - 1 },
1185 [OVS_DP_ATTR_IPV4_FRAGS] = { .type = NLA_U32 },
1186 [OVS_DP_ATTR_SAMPLING] = { .type = NLA_U32 },
1189 static struct genl_family dp_datapath_genl_family = {
1190 .id = GENL_ID_GENERATE,
1191 .hdrsize = sizeof(struct ovs_header),
1192 .name = OVS_DATAPATH_FAMILY,
1194 .maxattr = OVS_DP_ATTR_MAX
1197 static struct genl_multicast_group dp_datapath_multicast_group = {
1198 .name = OVS_DATAPATH_MCGROUP
1201 static int ovs_dp_cmd_fill_info(struct datapath *dp, struct sk_buff *skb,
1202 u32 pid, u32 seq, u32 flags, u8 cmd)
1204 struct ovs_header *ovs_header;
1208 ovs_header = genlmsg_put(skb, pid, seq, &dp_datapath_genl_family,
1213 ovs_header->dp_ifindex = dp->dp_ifindex;
1216 err = nla_put_string(skb, OVS_DP_ATTR_NAME, dp_name(dp));
1219 goto nla_put_failure;
1221 nla = nla_reserve(skb, OVS_DP_ATTR_STATS, sizeof(struct ovs_dp_stats));
1223 goto nla_put_failure;
1224 get_dp_stats(dp, nla_data(nla));
1226 NLA_PUT_U32(skb, OVS_DP_ATTR_IPV4_FRAGS,
1227 dp->drop_frags ? OVS_DP_FRAG_DROP : OVS_DP_FRAG_ZERO);
1229 if (dp->sflow_probability)
1230 NLA_PUT_U32(skb, OVS_DP_ATTR_SAMPLING, dp->sflow_probability);
1232 nla = nla_nest_start(skb, OVS_DP_ATTR_MCGROUPS);
1234 goto nla_put_failure;
1235 NLA_PUT_U32(skb, OVS_PACKET_CMD_MISS, packet_mc_group(dp, OVS_PACKET_CMD_MISS));
1236 NLA_PUT_U32(skb, OVS_PACKET_CMD_ACTION, packet_mc_group(dp, OVS_PACKET_CMD_ACTION));
1237 NLA_PUT_U32(skb, OVS_PACKET_CMD_SAMPLE, packet_mc_group(dp, OVS_PACKET_CMD_SAMPLE));
1238 nla_nest_end(skb, nla);
1240 return genlmsg_end(skb, ovs_header);
1243 genlmsg_cancel(skb, ovs_header);
1248 static struct sk_buff *ovs_dp_cmd_build_info(struct datapath *dp, u32 pid,
1251 struct sk_buff *skb;
1254 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
1256 return ERR_PTR(-ENOMEM);
1258 retval = ovs_dp_cmd_fill_info(dp, skb, pid, seq, 0, cmd);
1261 return ERR_PTR(retval);
1266 static int ovs_dp_cmd_validate(struct nlattr *a[OVS_DP_ATTR_MAX + 1])
1268 if (a[OVS_DP_ATTR_IPV4_FRAGS]) {
1269 u32 frags = nla_get_u32(a[OVS_DP_ATTR_IPV4_FRAGS]);
1271 if (frags != OVS_DP_FRAG_ZERO && frags != OVS_DP_FRAG_DROP)
1275 return CHECK_NUL_STRING(a[OVS_DP_ATTR_NAME], IFNAMSIZ - 1);
1278 /* Called with genl_mutex and optionally with RTNL lock also. */
1279 static struct datapath *lookup_datapath(struct ovs_header *ovs_header, struct nlattr *a[OVS_DP_ATTR_MAX + 1])
1281 struct datapath *dp;
1283 if (!a[OVS_DP_ATTR_NAME])
1284 dp = get_dp(ovs_header->dp_ifindex);
1286 struct vport *vport;
1289 vport = vport_locate(nla_data(a[OVS_DP_ATTR_NAME]));
1290 dp = vport && vport->port_no == OVSP_LOCAL ? vport->dp : NULL;
1293 return dp ? dp : ERR_PTR(-ENODEV);
1296 /* Called with genl_mutex. */
1297 static void change_datapath(struct datapath *dp, struct nlattr *a[OVS_DP_ATTR_MAX + 1])
1299 if (a[OVS_DP_ATTR_IPV4_FRAGS])
1300 dp->drop_frags = nla_get_u32(a[OVS_DP_ATTR_IPV4_FRAGS]) == OVS_DP_FRAG_DROP;
1301 if (a[OVS_DP_ATTR_SAMPLING])
1302 dp->sflow_probability = nla_get_u32(a[OVS_DP_ATTR_SAMPLING]);
1305 static int ovs_dp_cmd_new(struct sk_buff *skb, struct genl_info *info)
1307 struct nlattr **a = info->attrs;
1308 struct vport_parms parms;
1309 struct sk_buff *reply;
1310 struct datapath *dp;
1311 struct vport *vport;
1315 if (!a[OVS_DP_ATTR_NAME])
1318 err = ovs_dp_cmd_validate(a);
1324 if (!try_module_get(THIS_MODULE))
1325 goto err_unlock_rtnl;
1328 dp = kzalloc(sizeof(*dp), GFP_KERNEL);
1330 goto err_put_module;
1331 INIT_LIST_HEAD(&dp->port_list);
1333 /* Initialize kobject for bridge. This will be added as
1334 * /sys/class/net/<devname>/brif later, if sysfs is enabled. */
1335 dp->ifobj.kset = NULL;
1336 kobject_init(&dp->ifobj, &dp_ktype);
1338 /* Allocate table. */
1340 rcu_assign_pointer(dp->table, flow_tbl_alloc(TBL_MIN_BUCKETS));
1344 /* Set up our datapath device. */
1345 parms.name = nla_data(a[OVS_DP_ATTR_NAME]);
1346 parms.type = OVS_VPORT_TYPE_INTERNAL;
1347 parms.options = NULL;
1349 parms.port_no = OVSP_LOCAL;
1350 vport = new_vport(&parms);
1351 if (IS_ERR(vport)) {
1352 err = PTR_ERR(vport);
1356 goto err_destroy_table;
1358 dp->dp_ifindex = vport_get_ifindex(vport);
1361 dp->stats_percpu = alloc_percpu(struct dp_stats_percpu);
1362 if (!dp->stats_percpu) {
1364 goto err_destroy_local_port;
1367 change_datapath(dp, a);
1369 reply = ovs_dp_cmd_build_info(dp, info->snd_pid, info->snd_seq, OVS_DP_CMD_NEW);
1370 err = PTR_ERR(reply);
1372 goto err_destroy_local_port;
1374 list_add_tail(&dp->list_node, &dps);
1375 dp_sysfs_add_dp(dp);
1379 genl_notify(reply, genl_info_net(info), info->snd_pid,
1380 dp_datapath_multicast_group.id, info->nlhdr, GFP_KERNEL);
1383 err_destroy_local_port:
1384 dp_detach_port(get_vport_protected(dp, OVSP_LOCAL));
1386 flow_tbl_destroy(get_table_protected(dp));
1390 module_put(THIS_MODULE);
1397 static int ovs_dp_cmd_del(struct sk_buff *skb, struct genl_info *info)
1399 struct vport *vport, *next_vport;
1400 struct sk_buff *reply;
1401 struct datapath *dp;
1404 err = ovs_dp_cmd_validate(info->attrs);
1409 dp = lookup_datapath(info->userhdr, info->attrs);
1414 reply = ovs_dp_cmd_build_info(dp, info->snd_pid, info->snd_seq, OVS_DP_CMD_DEL);
1415 err = PTR_ERR(reply);
1419 list_for_each_entry_safe (vport, next_vport, &dp->port_list, node)
1420 if (vport->port_no != OVSP_LOCAL)
1421 dp_detach_port(vport);
1423 dp_sysfs_del_dp(dp);
1424 list_del(&dp->list_node);
1425 dp_detach_port(get_vport_protected(dp, OVSP_LOCAL));
1427 /* rtnl_unlock() will wait until all the references to devices that
1428 * are pending unregistration have been dropped. We do it here to
1429 * ensure that any internal devices (which contain DP pointers) are
1430 * fully destroyed before freeing the datapath.
1434 call_rcu(&dp->rcu, destroy_dp_rcu);
1435 module_put(THIS_MODULE);
1437 genl_notify(reply, genl_info_net(info), info->snd_pid,
1438 dp_datapath_multicast_group.id, info->nlhdr, GFP_KERNEL);
1448 static int ovs_dp_cmd_set(struct sk_buff *skb, struct genl_info *info)
1450 struct sk_buff *reply;
1451 struct datapath *dp;
1454 err = ovs_dp_cmd_validate(info->attrs);
1458 dp = lookup_datapath(info->userhdr, info->attrs);
1462 change_datapath(dp, info->attrs);
1464 reply = ovs_dp_cmd_build_info(dp, info->snd_pid, info->snd_seq, OVS_DP_CMD_NEW);
1465 if (IS_ERR(reply)) {
1466 err = PTR_ERR(reply);
1467 netlink_set_err(INIT_NET_GENL_SOCK, 0,
1468 dp_datapath_multicast_group.id, err);
1472 genl_notify(reply, genl_info_net(info), info->snd_pid,
1473 dp_datapath_multicast_group.id, info->nlhdr, GFP_KERNEL);
1477 static int ovs_dp_cmd_get(struct sk_buff *skb, struct genl_info *info)
1479 struct sk_buff *reply;
1480 struct datapath *dp;
1483 err = ovs_dp_cmd_validate(info->attrs);
1487 dp = lookup_datapath(info->userhdr, info->attrs);
1491 reply = ovs_dp_cmd_build_info(dp, info->snd_pid, info->snd_seq, OVS_DP_CMD_NEW);
1493 return PTR_ERR(reply);
1495 return genlmsg_reply(reply, info);
1498 static int ovs_dp_cmd_dump(struct sk_buff *skb, struct netlink_callback *cb)
1500 struct datapath *dp;
1501 int skip = cb->args[0];
1504 list_for_each_entry (dp, &dps, list_node) {
1507 if (ovs_dp_cmd_fill_info(dp, skb, NETLINK_CB(cb->skb).pid,
1508 cb->nlh->nlmsg_seq, NLM_F_MULTI,
1509 OVS_DP_CMD_NEW) < 0)
1519 static struct genl_ops dp_datapath_genl_ops[] = {
1520 { .cmd = OVS_DP_CMD_NEW,
1521 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1522 .policy = datapath_policy,
1523 .doit = ovs_dp_cmd_new
1525 { .cmd = OVS_DP_CMD_DEL,
1526 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1527 .policy = datapath_policy,
1528 .doit = ovs_dp_cmd_del
1530 { .cmd = OVS_DP_CMD_GET,
1531 .flags = 0, /* OK for unprivileged users. */
1532 .policy = datapath_policy,
1533 .doit = ovs_dp_cmd_get,
1534 .dumpit = ovs_dp_cmd_dump
1536 { .cmd = OVS_DP_CMD_SET,
1537 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1538 .policy = datapath_policy,
1539 .doit = ovs_dp_cmd_set,
1543 static const struct nla_policy vport_policy[OVS_VPORT_ATTR_MAX + 1] = {
1544 #ifdef HAVE_NLA_NUL_STRING
1545 [OVS_VPORT_ATTR_NAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ - 1 },
1546 [OVS_VPORT_ATTR_PORT_NO] = { .type = NLA_U32 },
1547 [OVS_VPORT_ATTR_TYPE] = { .type = NLA_U32 },
1548 [OVS_VPORT_ATTR_STATS] = { .len = sizeof(struct rtnl_link_stats64) },
1549 [OVS_VPORT_ATTR_ADDRESS] = { .len = ETH_ALEN },
1551 [OVS_VPORT_ATTR_STATS] = { .minlen = sizeof(struct rtnl_link_stats64) },
1552 [OVS_VPORT_ATTR_ADDRESS] = { .minlen = ETH_ALEN },
1554 [OVS_VPORT_ATTR_OPTIONS] = { .type = NLA_NESTED },
1557 static struct genl_family dp_vport_genl_family = {
1558 .id = GENL_ID_GENERATE,
1559 .hdrsize = sizeof(struct ovs_header),
1560 .name = OVS_VPORT_FAMILY,
1562 .maxattr = OVS_VPORT_ATTR_MAX
1565 struct genl_multicast_group dp_vport_multicast_group = {
1566 .name = OVS_VPORT_MCGROUP
1569 /* Called with RTNL lock or RCU read lock. */
1570 static int ovs_vport_cmd_fill_info(struct vport *vport, struct sk_buff *skb,
1571 u32 pid, u32 seq, u32 flags, u8 cmd)
1573 struct ovs_header *ovs_header;
1578 ovs_header = genlmsg_put(skb, pid, seq, &dp_vport_genl_family,
1583 ovs_header->dp_ifindex = vport->dp->dp_ifindex;
1585 NLA_PUT_U32(skb, OVS_VPORT_ATTR_PORT_NO, vport->port_no);
1586 NLA_PUT_U32(skb, OVS_VPORT_ATTR_TYPE, vport_get_type(vport));
1587 NLA_PUT_STRING(skb, OVS_VPORT_ATTR_NAME, vport_get_name(vport));
1589 nla = nla_reserve(skb, OVS_VPORT_ATTR_STATS, sizeof(struct rtnl_link_stats64));
1591 goto nla_put_failure;
1592 if (vport_get_stats(vport, nla_data(nla)))
1593 __skb_trim(skb, skb->len - nla->nla_len);
1595 NLA_PUT(skb, OVS_VPORT_ATTR_ADDRESS, ETH_ALEN, vport_get_addr(vport));
1597 err = vport_get_options(vport, skb);
1598 if (err == -EMSGSIZE)
1601 ifindex = vport_get_ifindex(vport);
1603 NLA_PUT_U32(skb, OVS_VPORT_ATTR_IFINDEX, ifindex);
1605 return genlmsg_end(skb, ovs_header);
1610 genlmsg_cancel(skb, ovs_header);
1614 /* Called with RTNL lock or RCU read lock. */
1615 struct sk_buff *ovs_vport_cmd_build_info(struct vport *vport, u32 pid,
1618 struct sk_buff *skb;
1621 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
1623 return ERR_PTR(-ENOMEM);
1625 retval = ovs_vport_cmd_fill_info(vport, skb, pid, seq, 0, cmd);
1628 return ERR_PTR(retval);
1633 static int ovs_vport_cmd_validate(struct nlattr *a[OVS_VPORT_ATTR_MAX + 1])
1635 return CHECK_NUL_STRING(a[OVS_VPORT_ATTR_NAME], IFNAMSIZ - 1);
1638 /* Called with RTNL lock or RCU read lock. */
1639 static struct vport *lookup_vport(struct ovs_header *ovs_header,
1640 struct nlattr *a[OVS_VPORT_ATTR_MAX + 1])
1642 struct datapath *dp;
1643 struct vport *vport;
1645 if (a[OVS_VPORT_ATTR_NAME]) {
1646 vport = vport_locate(nla_data(a[OVS_VPORT_ATTR_NAME]));
1648 return ERR_PTR(-ENODEV);
1650 } else if (a[OVS_VPORT_ATTR_PORT_NO]) {
1651 u32 port_no = nla_get_u32(a[OVS_VPORT_ATTR_PORT_NO]);
1653 if (port_no >= DP_MAX_PORTS)
1654 return ERR_PTR(-EFBIG);
1656 dp = get_dp(ovs_header->dp_ifindex);
1658 return ERR_PTR(-ENODEV);
1660 vport = get_vport_protected(dp, port_no);
1662 return ERR_PTR(-ENOENT);
1665 return ERR_PTR(-EINVAL);
1668 /* Called with RTNL lock. */
1669 static int change_vport(struct vport *vport, struct nlattr *a[OVS_VPORT_ATTR_MAX + 1])
1672 if (a[OVS_VPORT_ATTR_STATS])
1673 err = vport_set_stats(vport, nla_data(a[OVS_VPORT_ATTR_STATS]));
1674 if (!err && a[OVS_VPORT_ATTR_ADDRESS])
1675 err = vport_set_addr(vport, nla_data(a[OVS_VPORT_ATTR_ADDRESS]));
1679 static int ovs_vport_cmd_new(struct sk_buff *skb, struct genl_info *info)
1681 struct nlattr **a = info->attrs;
1682 struct ovs_header *ovs_header = info->userhdr;
1683 struct vport_parms parms;
1684 struct sk_buff *reply;
1685 struct vport *vport;
1686 struct datapath *dp;
1691 if (!a[OVS_VPORT_ATTR_NAME] || !a[OVS_VPORT_ATTR_TYPE])
1694 err = ovs_vport_cmd_validate(a);
1699 dp = get_dp(ovs_header->dp_ifindex);
1704 if (a[OVS_VPORT_ATTR_PORT_NO]) {
1705 port_no = nla_get_u32(a[OVS_VPORT_ATTR_PORT_NO]);
1708 if (port_no >= DP_MAX_PORTS)
1711 vport = get_vport_protected(dp, port_no);
1716 for (port_no = 1; ; port_no++) {
1717 if (port_no >= DP_MAX_PORTS) {
1721 vport = get_vport_protected(dp, port_no);
1727 parms.name = nla_data(a[OVS_VPORT_ATTR_NAME]);
1728 parms.type = nla_get_u32(a[OVS_VPORT_ATTR_TYPE]);
1729 parms.options = a[OVS_VPORT_ATTR_OPTIONS];
1731 parms.port_no = port_no;
1733 vport = new_vport(&parms);
1734 err = PTR_ERR(vport);
1738 set_internal_devs_mtu(dp);
1739 dp_sysfs_add_if(vport);
1741 err = change_vport(vport, a);
1743 reply = ovs_vport_cmd_build_info(vport, info->snd_pid,
1744 info->snd_seq, OVS_VPORT_CMD_NEW);
1746 err = PTR_ERR(reply);
1749 dp_detach_port(vport);
1752 genl_notify(reply, genl_info_net(info), info->snd_pid,
1753 dp_vport_multicast_group.id, info->nlhdr, GFP_KERNEL);
1762 static int ovs_vport_cmd_set(struct sk_buff *skb, struct genl_info *info)
1764 struct nlattr **a = info->attrs;
1765 struct sk_buff *reply;
1766 struct vport *vport;
1769 err = ovs_vport_cmd_validate(a);
1774 vport = lookup_vport(info->userhdr, a);
1775 err = PTR_ERR(vport);
1780 if (a[OVS_VPORT_ATTR_OPTIONS])
1781 err = vport_set_options(vport, a[OVS_VPORT_ATTR_OPTIONS]);
1783 err = change_vport(vport, a);
1785 reply = ovs_vport_cmd_build_info(vport, info->snd_pid, info->snd_seq,
1787 if (IS_ERR(reply)) {
1788 err = PTR_ERR(reply);
1789 netlink_set_err(INIT_NET_GENL_SOCK, 0,
1790 dp_vport_multicast_group.id, err);
1794 genl_notify(reply, genl_info_net(info), info->snd_pid,
1795 dp_vport_multicast_group.id, info->nlhdr, GFP_KERNEL);
1803 static int ovs_vport_cmd_del(struct sk_buff *skb, struct genl_info *info)
1805 struct nlattr **a = info->attrs;
1806 struct sk_buff *reply;
1807 struct vport *vport;
1810 err = ovs_vport_cmd_validate(a);
1815 vport = lookup_vport(info->userhdr, a);
1816 err = PTR_ERR(vport);
1820 if (vport->port_no == OVSP_LOCAL) {
1825 reply = ovs_vport_cmd_build_info(vport, info->snd_pid, info->snd_seq,
1827 err = PTR_ERR(reply);
1831 dp_detach_port(vport);
1833 genl_notify(reply, genl_info_net(info), info->snd_pid,
1834 dp_vport_multicast_group.id, info->nlhdr, GFP_KERNEL);
1842 static int ovs_vport_cmd_get(struct sk_buff *skb, struct genl_info *info)
1844 struct nlattr **a = info->attrs;
1845 struct ovs_header *ovs_header = info->userhdr;
1846 struct sk_buff *reply;
1847 struct vport *vport;
1850 err = ovs_vport_cmd_validate(a);
1855 vport = lookup_vport(ovs_header, a);
1856 err = PTR_ERR(vport);
1860 reply = ovs_vport_cmd_build_info(vport, info->snd_pid, info->snd_seq,
1862 err = PTR_ERR(reply);
1868 return genlmsg_reply(reply, info);
1876 static int ovs_vport_cmd_dump(struct sk_buff *skb, struct netlink_callback *cb)
1878 struct ovs_header *ovs_header = genlmsg_data(nlmsg_data(cb->nlh));
1879 struct datapath *dp;
1883 dp = get_dp(ovs_header->dp_ifindex);
1888 for (port_no = cb->args[0]; port_no < DP_MAX_PORTS; port_no++) {
1889 struct vport *vport;
1891 vport = get_vport_protected(dp, port_no);
1895 if (ovs_vport_cmd_fill_info(vport, skb, NETLINK_CB(cb->skb).pid,
1896 cb->nlh->nlmsg_seq, NLM_F_MULTI,
1897 OVS_VPORT_CMD_NEW) < 0)
1902 cb->args[0] = port_no;
1908 static struct genl_ops dp_vport_genl_ops[] = {
1909 { .cmd = OVS_VPORT_CMD_NEW,
1910 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1911 .policy = vport_policy,
1912 .doit = ovs_vport_cmd_new
1914 { .cmd = OVS_VPORT_CMD_DEL,
1915 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1916 .policy = vport_policy,
1917 .doit = ovs_vport_cmd_del
1919 { .cmd = OVS_VPORT_CMD_GET,
1920 .flags = 0, /* OK for unprivileged users. */
1921 .policy = vport_policy,
1922 .doit = ovs_vport_cmd_get,
1923 .dumpit = ovs_vport_cmd_dump
1925 { .cmd = OVS_VPORT_CMD_SET,
1926 .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN privilege. */
1927 .policy = vport_policy,
1928 .doit = ovs_vport_cmd_set,
1932 struct genl_family_and_ops {
1933 struct genl_family *family;
1934 struct genl_ops *ops;
1936 struct genl_multicast_group *group;
1939 static const struct genl_family_and_ops dp_genl_families[] = {
1940 { &dp_datapath_genl_family,
1941 dp_datapath_genl_ops, ARRAY_SIZE(dp_datapath_genl_ops),
1942 &dp_datapath_multicast_group },
1943 { &dp_vport_genl_family,
1944 dp_vport_genl_ops, ARRAY_SIZE(dp_vport_genl_ops),
1945 &dp_vport_multicast_group },
1946 { &dp_flow_genl_family,
1947 dp_flow_genl_ops, ARRAY_SIZE(dp_flow_genl_ops),
1948 &dp_flow_multicast_group },
1949 { &dp_packet_genl_family,
1950 dp_packet_genl_ops, ARRAY_SIZE(dp_packet_genl_ops),
1954 static void dp_unregister_genl(int n_families)
1958 for (i = 0; i < n_families; i++)
1959 genl_unregister_family(dp_genl_families[i].family);
1962 static int dp_register_genl(void)
1969 for (i = 0; i < ARRAY_SIZE(dp_genl_families); i++) {
1970 const struct genl_family_and_ops *f = &dp_genl_families[i];
1972 err = genl_register_family_with_ops(f->family, f->ops,
1979 err = genl_register_mc_group(f->family, f->group);
1985 err = packet_register_mc_groups();
1991 dp_unregister_genl(n_registered);
1995 static int __init dp_init(void)
1997 struct sk_buff *dummy_skb;
2000 BUILD_BUG_ON(sizeof(struct ovs_skb_cb) > sizeof(dummy_skb->cb));
2002 printk("Open vSwitch %s, built "__DATE__" "__TIME__"\n", VERSION BUILDNR);
2010 goto error_tnl_exit;
2014 goto error_flow_exit;
2016 err = register_netdevice_notifier(&dp_device_notifier);
2018 goto error_vport_exit;
2020 err = dp_register_genl();
2022 goto error_unreg_notifier;
2026 error_unreg_notifier:
2027 unregister_netdevice_notifier(&dp_device_notifier);
2038 static void dp_cleanup(void)
2041 dp_unregister_genl(ARRAY_SIZE(dp_genl_families));
2042 unregister_netdevice_notifier(&dp_device_notifier);
2048 module_init(dp_init);
2049 module_exit(dp_cleanup);
2051 MODULE_DESCRIPTION("Open vSwitch switching datapath");
2052 MODULE_LICENSE("GPL");
projects / openvswitch / blob