#include <linux/netfilter_ipv4.h>
#include <linux/inetdevice.h>
#include <linux/list.h>
+#include <linux/openvswitch.h>
#include <linux/rculist.h>
#include <linux/dmi.h>
#include <net/inet_ecn.h>
#include <net/genetlink.h>
-#include "openvswitch/datapath-protocol.h"
#include "checksum.h"
#include "datapath.h"
#include "actions.h"
static LIST_HEAD(dps);
static struct vport *new_vport(const struct vport_parms *);
-static int queue_userspace_packets(struct datapath *, u32 pid, struct sk_buff *,
+static int queue_userspace_packets(struct datapath *, struct sk_buff *,
const struct dp_upcall_info *);
/* Must be called with rcu_read_lock, genl_mutex, or RTNL lock. */
upcall.cmd = OVS_PACKET_CMD_MISS;
upcall.key = &key;
+ upcall.userdata = NULL;
+ upcall.pid = p->upcall_pid;
dp_upcall(dp, skb, &upcall);
kfree_skb(skb);
stats_counter = &stats->n_missed;
{
struct sk_buff *segs = NULL;
struct dp_stats_percpu *stats;
- u32 pid;
int err;
- if (OVS_CB(skb)->flow)
- pid = OVS_CB(skb)->flow->upcall_pid;
- else
- pid = OVS_CB(skb)->vport->upcall_pid;
-
- if (pid == 0) {
+ if (upcall_info->pid == 0) {
err = -ENOTCONN;
goto err;
}
skb = segs;
}
- err = queue_userspace_packets(dp, pid, skb, upcall_info);
+ err = queue_userspace_packets(dp, skb, upcall_info);
if (segs) {
struct sk_buff *next;
/* Free GSO-segments */
* 'upcall_info'. There will be only one packet unless we broke up a GSO
* packet.
*/
-static int queue_userspace_packets(struct datapath *dp, u32 pid,
- struct sk_buff *skb,
+static int queue_userspace_packets(struct datapath *dp, struct sk_buff *skb,
const struct dp_upcall_info *upcall_info)
{
int dp_ifindex;
flow_to_nlattrs(upcall_info->key, user_skb);
nla_nest_end(user_skb, nla);
- if (upcall_info->cmd == OVS_PACKET_CMD_ACTION)
+ if (upcall_info->userdata)
nla_put_u64(user_skb, OVS_PACKET_ATTR_USERDATA,
- upcall_info->userdata);
+ nla_get_u64(upcall_info->userdata));
nla = __nla_reserve(user_skb, OVS_PACKET_ATTR_PACKET, skb->len);
if (skb->ip_summed == CHECKSUM_PARTIAL)
else
skb_copy_bits(skb, 0, nla_data(nla), skb->len);
- err = genlmsg_unicast(&init_net, user_skb, pid);
+ err = genlmsg_unicast(&init_net, user_skb, upcall_info->pid);
if (err)
return err;
return validate_actions(a[OVS_SAMPLE_ATTR_ACTIONS], (depth + 1));
}
+static int validate_userspace(const struct nlattr *attr)
+{
+ static const struct nla_policy userspace_policy[OVS_USERSPACE_ATTR_MAX + 1] =
+ {
+ [OVS_USERSPACE_ATTR_PID] = {.type = NLA_U32 },
+ [OVS_USERSPACE_ATTR_USERDATA] = {.type = NLA_U64 },
+ };
+ struct nlattr *a[OVS_USERSPACE_ATTR_MAX + 1];
+ int error;
+
+ error = nla_parse_nested(a, OVS_USERSPACE_ATTR_MAX, attr, userspace_policy);
+ if (error)
+ return error;
+
+ if (!a[OVS_USERSPACE_ATTR_PID] || !nla_get_u32(a[OVS_USERSPACE_ATTR_PID]))
+ return -EINVAL;
+
+ return 0;
+}
+
static int validate_actions(const struct nlattr *attr, int depth)
{
const struct nlattr *a;
return -EOVERFLOW;
nla_for_each_nested(a, attr, rem) {
+ /* Expected argument lengths, (u32)-1 for variable length. */
static const u32 action_lens[OVS_ACTION_ATTR_MAX + 1] = {
[OVS_ACTION_ATTR_OUTPUT] = 4,
- [OVS_ACTION_ATTR_USERSPACE] = 8,
+ [OVS_ACTION_ATTR_USERSPACE] = (u32)-1,
[OVS_ACTION_ATTR_PUSH_VLAN] = 2,
[OVS_ACTION_ATTR_POP_VLAN] = 0,
[OVS_ACTION_ATTR_SET_DL_SRC] = ETH_ALEN,
[OVS_ACTION_ATTR_SET_TUNNEL] = 8,
[OVS_ACTION_ATTR_SET_PRIORITY] = 4,
[OVS_ACTION_ATTR_POP_PRIORITY] = 0,
+ [OVS_ACTION_ATTR_SAMPLE] = (u32)-1
};
int type = nla_type(a);
- /* Match expected attr len for given attr len except for
- * OVS_ACTION_ATTR_SAMPLE, as it has nested actions list which
- * is variable size. */
if (type > OVS_ACTION_ATTR_MAX ||
- (nla_len(a) != action_lens[type] &&
- type != OVS_ACTION_ATTR_SAMPLE))
+ (action_lens[type] != nla_len(a) &&
+ action_lens[type] != (u32)-1))
return -EINVAL;
switch (type) {
case OVS_ACTION_ATTR_UNSPEC:
return -EINVAL;
- case OVS_ACTION_ATTR_USERSPACE:
case OVS_ACTION_ATTR_POP_VLAN:
case OVS_ACTION_ATTR_SET_DL_SRC:
case OVS_ACTION_ATTR_SET_DL_DST:
/* No validation needed. */
break;
+ case OVS_ACTION_ATTR_USERSPACE:
+ err = validate_userspace(a);
+ if (err)
+ return err;
+ break;
+
case OVS_ACTION_ATTR_OUTPUT:
if (nla_get_u32(a) >= DP_MAX_PORTS)
return -EINVAL;
flow->hash = flow_hash(&flow->key, key_len);
- if (a[OVS_PACKET_ATTR_UPCALL_PID])
- flow->upcall_pid = nla_get_u32(a[OVS_PACKET_ATTR_UPCALL_PID]);
- else
- flow->upcall_pid = NETLINK_CB(skb).pid;
-
acts = flow_actions_alloc(a[OVS_PACKET_ATTR_ACTIONS]);
err = PTR_ERR(acts);
if (IS_ERR(acts))
[OVS_PACKET_ATTR_PACKET] = { .type = NLA_UNSPEC },
[OVS_PACKET_ATTR_KEY] = { .type = NLA_NESTED },
[OVS_PACKET_ATTR_ACTIONS] = { .type = NLA_NESTED },
- [OVS_PACKET_ATTR_UPCALL_PID] = { .type = NLA_U32 },
};
static struct genl_ops dp_packet_genl_ops[] = {
static const struct nla_policy flow_policy[OVS_FLOW_ATTR_MAX + 1] = {
[OVS_FLOW_ATTR_KEY] = { .type = NLA_NESTED },
- [OVS_FLOW_ATTR_UPCALL_PID] = { .type = NLA_U32 },
[OVS_FLOW_ATTR_ACTIONS] = { .type = NLA_NESTED },
[OVS_FLOW_ATTR_CLEAR] = { .type = NLA_FLAG },
};
goto error;
nla_nest_end(skb, nla);
- NLA_PUT_U32(skb, OVS_FLOW_ATTR_UPCALL_PID, flow->upcall_pid);
-
spin_lock_bh(&flow->lock);
used = flow->used;
stats.n_packets = flow->packet_count;
flow->key = key;
clear_stats(flow);
- if (a[OVS_FLOW_ATTR_UPCALL_PID])
- flow->upcall_pid = nla_get_u32(a[OVS_FLOW_ATTR_UPCALL_PID]);
- else
- flow->upcall_pid = NETLINK_CB(skb).pid;
-
/* Obtain actions. */
acts = flow_actions_alloc(a[OVS_FLOW_ATTR_ACTIONS]);
error = PTR_ERR(acts);
reply = ovs_flow_cmd_build_info(flow, dp, info->snd_pid,
info->snd_seq, OVS_FLOW_CMD_NEW);
- if (a[OVS_FLOW_ATTR_UPCALL_PID])
- flow->upcall_pid = nla_get_u32(a[OVS_FLOW_ATTR_UPCALL_PID]);
-
/* Clear stats. */
if (a[OVS_FLOW_ATTR_CLEAR]) {
spin_lock_bh(&flow->lock);
int err;
err = -EINVAL;
- if (!a[OVS_DP_ATTR_NAME])
+ if (!a[OVS_DP_ATTR_NAME] || !a[OVS_DP_ATTR_UPCALL_PID])
goto err;
err = ovs_dp_cmd_validate(a);
parms.options = NULL;
parms.dp = dp;
parms.port_no = OVSP_LOCAL;
- if (a[OVS_DP_ATTR_UPCALL_PID])
- parms.upcall_pid = nla_get_u32(a[OVS_DP_ATTR_UPCALL_PID]);
- else
- parms.upcall_pid = NETLINK_CB(skb).pid;
+ parms.upcall_pid = nla_get_u32(a[OVS_DP_ATTR_UPCALL_PID]);
vport = new_vport(&parms);
if (IS_ERR(vport)) {
int err;
err = -EINVAL;
- if (!a[OVS_VPORT_ATTR_NAME] || !a[OVS_VPORT_ATTR_TYPE])
+ if (!a[OVS_VPORT_ATTR_NAME] || !a[OVS_VPORT_ATTR_TYPE] ||
+ !a[OVS_VPORT_ATTR_UPCALL_PID])
goto exit;
err = ovs_vport_cmd_validate(a);
parms.options = a[OVS_VPORT_ATTR_OPTIONS];
parms.dp = dp;
parms.port_no = port_no;
- if (a[OVS_VPORT_ATTR_UPCALL_PID])
- parms.upcall_pid = nla_get_u32(a[OVS_VPORT_ATTR_UPCALL_PID]);
- else
- parms.upcall_pid = NETLINK_CB(skb).pid;
+ parms.upcall_pid = nla_get_u32(a[OVS_VPORT_ATTR_UPCALL_PID]);
vport = new_vport(&parms);
err = PTR_ERR(vport);
goto exit_unlock;
err = 0;
- if (a[OVS_VPORT_ATTR_OPTIONS])
+ if (a[OVS_VPORT_ATTR_TYPE] && nla_get_u32(a[OVS_VPORT_ATTR_TYPE]) != vport_get_type(vport))
+ err = -EINVAL;
+ if (!err && a[OVS_VPORT_ATTR_OPTIONS])
err = vport_set_options(vport, a[OVS_VPORT_ATTR_OPTIONS]);
if (!err)
err = change_vport(vport, a);