X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=datapath%2Fdatapath.c;h=1d007b04b083f5a6ee9ad1032d3733ef7ac5e66d;hb=7183d1ecce62da62b31ea973c01fd77721f42c2c;hp=a7b20f5f5c03bb0cabc08d84716b7cf1b7045282;hpb=f2459fe7d91c4c325dfaa3ed18f56200b63ae27e;p=openvswitch diff --git a/datapath/datapath.c b/datapath/datapath.c index a7b20f5f..1d007b04 100644 --- a/datapath/datapath.c +++ b/datapath/datapath.c @@ -40,11 +40,14 @@ #include #include #include +#include #include "openvswitch/datapath-protocol.h" #include "datapath.h" #include "actions.h" #include "flow.h" +#include "odp-compat.h" +#include "table.h" #include "vport-internal_dev.h" #include "compat.h" @@ -201,10 +204,14 @@ static int create_dp(int dp_idx, const char __user *devnamep) int i; if (devnamep) { - err = -EFAULT; - if (strncpy_from_user(devname, devnamep, IFNAMSIZ - 1) < 0) + int retval = strncpy_from_user(devname, devnamep, IFNAMSIZ); + if (retval < 0) { + err = -EFAULT; goto err; - devname[IFNAMSIZ - 1] = '\0'; + } else if (retval >= IFNAMSIZ) { + err = -ENAMETOOLONG; + goto err; + } } else { snprintf(devname, sizeof devname, "of%d", dp_idx); } @@ -240,12 +247,13 @@ static int create_dp(int dp_idx, const char __user *devnamep) /* Allocate table. */ err = -ENOMEM; - rcu_assign_pointer(dp->table, dp_table_create(DP_L1_SIZE)); + rcu_assign_pointer(dp->table, tbl_create(0)); if (!dp->table) goto err_free_dp; /* Set up our datapath device. */ - strncpy(internal_dev_port.devname, devname, IFNAMSIZ - 1); + BUILD_BUG_ON(sizeof(internal_dev_port.devname) != sizeof(devname)); + strcpy(internal_dev_port.devname, devname); internal_dev_port.flags = ODP_PORT_INTERNAL; err = new_dp_port(dp, &internal_dev_port, ODPP_LOCAL); if (err) { @@ -271,7 +279,7 @@ static int create_dp(int dp_idx, const char __user *devnamep) err_destroy_local_port: dp_detach_port(dp->ports[ODPP_LOCAL], 1); err_destroy_table: - dp_table_destroy(dp->table, 0); + tbl_destroy(dp->table, NULL); err_free_dp: kfree(dp); err_put_module: @@ -298,7 +306,7 @@ static void do_destroy_dp(struct datapath *dp) dp_detach_port(dp->ports[ODPP_LOCAL], 1); - dp_table_destroy(dp->table, 1); + tbl_destroy(dp->table, flow_free_tbl); for (i = 0; i < DP_N_QUEUES; i++) skb_queue_purge(&dp->queues[i]); @@ -422,11 +430,10 @@ got_port_no: if (err) goto out_unlock_dp; - if (!(port.flags & ODP_PORT_INTERNAL)) - set_internal_devs_mtu(dp); + set_internal_devs_mtu(dp); dp_sysfs_add_if(dp->ports[port_no]); - err = __put_user(port_no, &portp->port); + err = put_user(port_no, &portp->port); out_unlock_dp: mutex_unlock(&dp->mutex); @@ -505,61 +512,52 @@ out: return err; } -/* Must be called with rcu_read_lock and with bottom-halves disabled. */ +/* Must be called with rcu_read_lock. */ void dp_process_received_packet(struct dp_port *p, struct sk_buff *skb) { struct datapath *dp = p->dp; struct dp_stats_percpu *stats; + int stats_counter_off; struct odp_flow_key key; - struct sw_flow *flow; + struct tbl_node *flow_node; WARN_ON_ONCE(skb_shared(skb)); skb_warn_if_lro(skb); OVS_CB(skb)->dp_port = p; - compute_ip_summed(skb, false); - - /* BHs are off so we don't have to use get_cpu()/put_cpu() here. */ - stats = percpu_ptr(dp->stats_percpu, smp_processor_id()); if (flow_extract(skb, p ? p->port_no : ODPP_NONE, &key)) { if (dp->drop_frags) { kfree_skb(skb); - stats->n_frags++; - return; + stats_counter_off = offsetof(struct dp_stats_percpu, n_frags); + goto out; } } - flow = dp_table_lookup(rcu_dereference(dp->table), &key); - if (flow) { + flow_node = tbl_lookup(rcu_dereference(dp->table), &key, flow_hash(&key), flow_cmp); + if (flow_node) { + struct sw_flow *flow = flow_cast(flow_node); struct sw_flow_actions *acts = rcu_dereference(flow->sf_acts); flow_used(flow, skb); execute_actions(dp, skb, &key, acts->actions, acts->n_actions, GFP_ATOMIC); - stats->n_hit++; + stats_counter_off = offsetof(struct dp_stats_percpu, n_hit); } else { - stats->n_missed++; + stats_counter_off = offsetof(struct dp_stats_percpu, n_missed); dp_output_control(dp, skb, _ODPL_MISS_NR, OVS_CB(skb)->tun_id); } -} -#if defined(CONFIG_XEN) && defined(HAVE_PROTO_DATA_VALID) -/* This code is based on a skb_checksum_setup from net/dev/core.c from a - * combination of Lenny's 2.6.26 Xen kernel and Xen's - * linux-2.6.18-92.1.10.el5.xs5.0.0.394.644. We can't call this function - * directly because it isn't exported in all versions. */ -static int skb_pull_up_to(struct sk_buff *skb, void *ptr) -{ - if (ptr < (void *)skb->tail) - return 1; - if (__pskb_pull_tail(skb, - ptr - (void *)skb->data - skb_headlen(skb))) { - return 1; - } else { - return 0; - } +out: + local_bh_disable(); + stats = per_cpu_ptr(dp->stats_percpu, smp_processor_id()); + (*(u64 *)((u8 *)stats + stats_counter_off))++; + local_bh_enable(); } +#if defined(CONFIG_XEN) && defined(HAVE_PROTO_DATA_VALID) +/* This code is based on skb_checksum_setup() from Xen's net/dev/core.c. We + * can't call this function directly because it isn't exported in all + * versions. */ int vswitch_skb_checksum_setup(struct sk_buff *skb) { struct iphdr *iph; @@ -573,7 +571,7 @@ int vswitch_skb_checksum_setup(struct sk_buff *skb) if (skb->protocol != htons(ETH_P_IP)) goto out; - if (!skb_pull_up_to(skb, skb_network_header(skb) + sizeof(struct iphdr))) + if (!pskb_may_pull(skb, skb_network_header(skb) + sizeof(struct iphdr) - skb->data)) goto out; iph = ip_hdr(skb); @@ -595,7 +593,7 @@ int vswitch_skb_checksum_setup(struct sk_buff *skb) goto out; } - if (!skb_pull_up_to(skb, th + csum_offset + 2)) + if (!pskb_may_pull(skb, th + csum_offset + 2 - skb->data)) goto out; skb->ip_summed = CHECKSUM_PARTIAL; @@ -632,8 +630,7 @@ out: * be computed if it is sent off box. Unfortunately on earlier kernels, * this case is impossible to distinguish from #2, despite having opposite * meanings. Xen adds an extra field on earlier kernels (see #4) in order - * to distinguish the different states. The only real user of this type - * with bridging is Xen (on later kernels). + * to distinguish the different states. * 4. CHECKSUM_UNNECESSARY (with proto_csum_blank true): This packet was * generated locally by a Xen DomU and has a partial checksum. If it is * handled on this machine (Dom0 or DomU), then the checksum will not be @@ -657,12 +654,7 @@ out: * packet is processed by the local IP stack, in which case it will need to * be reverified). If we receive a packet with CHECKSUM_HW that really means * CHECKSUM_PARTIAL, it will be sent with the wrong checksum. However, there - * shouldn't be any devices that do this with bridging. - * - * The bridge has similar behavior and this function closely resembles - * skb_forward_csum(). It is slightly different because we are only concerned - * with bridging and not other types of forwarding and can get away with - * slightly more optimal behavior.*/ + * shouldn't be any devices that do this with bridging. */ void compute_ip_summed(struct sk_buff *skb, bool xmit) { @@ -677,14 +669,14 @@ compute_ip_summed(struct sk_buff *skb, bool xmit) break; #ifdef CHECKSUM_HW /* In theory this could be either CHECKSUM_PARTIAL or CHECKSUM_COMPLETE. - * However, we should only get CHECKSUM_PARTIAL packets from Xen, which - * uses some special fields to represent this (see below). Since we - * can only make one type work, pick the one that actually happens in - * practice. + * However, on the receive side we should only get CHECKSUM_PARTIAL + * packets from Xen, which uses some special fields to represent this + * (see below). Since we can only make one type work, pick the one + * that actually happens in practice. * - * The one exception to this is if we are on the transmit path - * (basically after skb_checksum_setup() has been run) the type has - * already been converted, so we should stay with that. */ + * On the transmit side (basically after skb_checksum_setup() + * has been run or on internal dev transmit), packets with + * CHECKSUM_COMPLETE aren't generated, so assume CHECKSUM_PARTIAL. */ case CHECKSUM_HW: if (!xmit) OVS_CB(skb)->ip_summed = OVS_CSUM_COMPLETE; @@ -717,6 +709,10 @@ compute_ip_summed(struct sk_buff *skb, bool xmit) #endif } +/* This function closely resembles skb_forward_csum() used by the bridge. It + * is slightly different because we are only concerned with bridging and not + * other types of forwarding and can get away with slightly more optimal + * behavior.*/ void forward_ip_summed(struct sk_buff *skb) { @@ -748,15 +744,14 @@ queue_control_packets(struct sk_buff *skb, struct sk_buff_head *queue, skb->next = NULL; /* If a checksum-deferred packet is forwarded to the - * controller, correct the pointers and checksum. This happens - * on a regular basis only on Xen, on which VMs can pass up - * packets that do not have their checksum computed. + * controller, correct the pointers and checksum. */ err = vswitch_skb_checksum_setup(skb); if (err) goto err_kfree_skbs; -#ifndef CHECKSUM_HW + if (skb->ip_summed == CHECKSUM_PARTIAL) { + #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22) /* Until 2.6.22, the start of the transport header was * also the start of data to be checksummed. Linux @@ -767,17 +762,11 @@ queue_control_packets(struct sk_buff *skb, struct sk_buff_head *queue, skb_set_transport_header(skb, skb->csum_start - skb_headroom(skb)); #endif + err = skb_checksum_help(skb); if (err) goto err_kfree_skbs; } -#else - if (skb->ip_summed == CHECKSUM_HW) { - err = skb_checksum_help(skb, 0); - if (err) - goto err_kfree_skbs; - } -#endif err = skb_cow(skb, sizeof *header); if (err) @@ -845,17 +834,28 @@ dp_output_control(struct datapath *dp, struct sk_buff *skb, int queue_no, err_kfree_skb: kfree_skb(skb); err: - stats = percpu_ptr(dp->stats_percpu, get_cpu()); + local_bh_disable(); + stats = per_cpu_ptr(dp->stats_percpu, smp_processor_id()); stats->n_lost++; - put_cpu(); + local_bh_enable(); return err; } static int flush_flows(struct datapath *dp) { - dp->n_flows = 0; - return dp_table_flush(dp); + struct tbl *old_table = rcu_dereference(dp->table); + struct tbl *new_table; + + new_table = tbl_create(0); + if (!new_table) + return -ENOMEM; + + rcu_assign_pointer(dp->table, new_table); + + tbl_deferred_destroy(old_table, flow_free_tbl); + + return 0; } static int validate_actions(const struct sw_flow_actions *actions) @@ -952,36 +952,44 @@ static void clear_stats(struct sw_flow *flow) flow->byte_count = 0; } -static int put_flow(struct datapath *dp, struct odp_flow_put __user *ufp) +static int expand_table(struct datapath *dp) { - struct odp_flow_put uf; + struct tbl *old_table = rcu_dereference(dp->table); + struct tbl *new_table; + + new_table = tbl_expand(old_table); + if (IS_ERR(new_table)) + return PTR_ERR(new_table); + + rcu_assign_pointer(dp->table, new_table); + tbl_deferred_destroy(old_table, NULL); + + return 0; +} + +static int do_put_flow(struct datapath *dp, struct odp_flow_put *uf, + struct odp_flow_stats *stats) +{ + struct tbl_node *flow_node; struct sw_flow *flow; - struct dp_table *table; - struct odp_flow_stats stats; + struct tbl *table; int error; - error = -EFAULT; - if (copy_from_user(&uf, ufp, sizeof(struct odp_flow_put))) - goto error; - memset(uf.flow.key.reserved, 0, sizeof uf.flow.key.reserved); + memset(uf->flow.key.reserved, 0, sizeof uf->flow.key.reserved); table = rcu_dereference(dp->table); - flow = dp_table_lookup(table, &uf.flow.key); - if (!flow) { + flow_node = tbl_lookup(table, &uf->flow.key, flow_hash(&uf->flow.key), flow_cmp); + if (!flow_node) { /* No such flow. */ struct sw_flow_actions *acts; error = -ENOENT; - if (!(uf.flags & ODPPF_CREATE)) + if (!(uf->flags & ODPPF_CREATE)) goto error; /* Expand table, if necessary, to make room. */ - if (dp->n_flows >= table->n_buckets) { - error = -ENOSPC; - if (table->n_buckets >= DP_MAX_BUCKETS) - goto error; - - error = dp_table_expand(dp); + if (tbl_count(table) >= tbl_n_buckets(table)) { + error = expand_table(dp); if (error) goto error; table = rcu_dereference(dp->table); @@ -992,35 +1000,36 @@ static int put_flow(struct datapath *dp, struct odp_flow_put __user *ufp) flow = kmem_cache_alloc(flow_cache, GFP_KERNEL); if (flow == NULL) goto error; - flow->key = uf.flow.key; + flow->key = uf->flow.key; spin_lock_init(&flow->lock); clear_stats(flow); /* Obtain actions. */ - acts = get_actions(&uf.flow); + acts = get_actions(&uf->flow); error = PTR_ERR(acts); if (IS_ERR(acts)) goto error_free_flow; rcu_assign_pointer(flow->sf_acts, acts); /* Put flow in bucket. */ - error = dp_table_insert(table, flow); + error = tbl_insert(table, &flow->tbl_node, flow_hash(&flow->key)); if (error) goto error_free_flow_acts; - dp->n_flows++; - memset(&stats, 0, sizeof(struct odp_flow_stats)); + + memset(stats, 0, sizeof(struct odp_flow_stats)); } else { /* We found a matching flow. */ struct sw_flow_actions *old_acts, *new_acts; - unsigned long int flags; + + flow = flow_cast(flow_node); /* Bail out if we're not allowed to modify an existing flow. */ error = -EEXIST; - if (!(uf.flags & ODPPF_MODIFY)) + if (!(uf->flags & ODPPF_MODIFY)) goto error; /* Swap actions. */ - new_acts = get_actions(&uf.flow); + new_acts = get_actions(&uf->flow); error = PTR_ERR(new_acts); if (IS_ERR(new_acts)) goto error; @@ -1035,17 +1044,13 @@ static int put_flow(struct datapath *dp, struct odp_flow_put __user *ufp) } /* Fetch stats, then clear them if necessary. */ - spin_lock_irqsave(&flow->lock, flags); - get_stats(flow, &stats); - if (uf.flags & ODPPF_ZERO_STATS) + spin_lock_bh(&flow->lock); + get_stats(flow, stats); + if (uf->flags & ODPPF_ZERO_STATS) clear_stats(flow); - spin_unlock_irqrestore(&flow->lock, flags); + spin_unlock_bh(&flow->lock); } - /* Copy stats to userspace. */ - if (__copy_to_user(&ufp->flow.stats, &stats, - sizeof(struct odp_flow_stats))) - return -EFAULT; return 0; error_free_flow_acts: @@ -1056,21 +1061,51 @@ error: return error; } -static int put_actions(const struct sw_flow *flow, struct odp_flow __user *ufp) +static int put_flow(struct datapath *dp, struct odp_flow_put __user *ufp) +{ + struct odp_flow_stats stats; + struct odp_flow_put uf; + int error; + + if (copy_from_user(&uf, ufp, sizeof(struct odp_flow_put))) + return -EFAULT; + + error = do_put_flow(dp, &uf, &stats); + if (error) + return error; + + if (copy_to_user(&ufp->flow.stats, &stats, + sizeof(struct odp_flow_stats))) + return -EFAULT; + + return 0; +} + +static int do_answer_query(struct sw_flow *flow, u32 query_flags, + struct odp_flow_stats __user *ustats, + union odp_action __user *actions, + u32 __user *n_actionsp) { - union odp_action __user *actions; struct sw_flow_actions *sf_acts; + struct odp_flow_stats stats; u32 n_actions; - if (__get_user(actions, &ufp->actions) || - __get_user(n_actions, &ufp->n_actions)) + spin_lock_bh(&flow->lock); + get_stats(flow, &stats); + if (query_flags & ODPFF_ZERO_TCP_FLAGS) + flow->tcp_flags = 0; + + spin_unlock_bh(&flow->lock); + + if (copy_to_user(ustats, &stats, sizeof(struct odp_flow_stats)) || + get_user(n_actions, n_actionsp)) return -EFAULT; if (!n_actions) return 0; sf_acts = rcu_dereference(flow->sf_acts); - if (__put_user(sf_acts->n_actions, &ufp->n_actions) || + if (put_user(sf_acts->n_actions, n_actionsp) || (actions && copy_to_user(actions, sf_acts->actions, sizeof(union odp_action) * min(sf_acts->n_actions, n_actions)))) @@ -1082,75 +1117,75 @@ static int put_actions(const struct sw_flow *flow, struct odp_flow __user *ufp) static int answer_query(struct sw_flow *flow, u32 query_flags, struct odp_flow __user *ufp) { - struct odp_flow_stats stats; - unsigned long int flags; + union odp_action *actions; - spin_lock_irqsave(&flow->lock, flags); - get_stats(flow, &stats); + if (get_user(actions, &ufp->actions)) + return -EFAULT; - if (query_flags & ODPFF_ZERO_TCP_FLAGS) { - flow->tcp_flags = 0; - } - spin_unlock_irqrestore(&flow->lock, flags); + return do_answer_query(flow, query_flags, + &ufp->stats, actions, &ufp->n_actions); +} - if (__copy_to_user(&ufp->stats, &stats, sizeof(struct odp_flow_stats))) - return -EFAULT; - return put_actions(flow, ufp); +static struct sw_flow *do_del_flow(struct datapath *dp, struct odp_flow_key *key) +{ + struct tbl *table = rcu_dereference(dp->table); + struct tbl_node *flow_node; + int error; + + memset(key->reserved, 0, sizeof key->reserved); + flow_node = tbl_lookup(table, key, flow_hash(key), flow_cmp); + if (!flow_node) + return ERR_PTR(-ENOENT); + + error = tbl_remove(table, flow_node); + if (error) + return ERR_PTR(error); + + /* XXX Returned flow_node's statistics might lose a few packets, since + * other CPUs can be using this flow. We used to synchronize_rcu() to + * make sure that we get completely accurate stats, but that blows our + * performance, badly. */ + return flow_cast(flow_node); } static int del_flow(struct datapath *dp, struct odp_flow __user *ufp) { - struct dp_table *table = rcu_dereference(dp->table); - struct odp_flow uf; struct sw_flow *flow; + struct odp_flow uf; int error; - error = -EFAULT; if (copy_from_user(&uf, ufp, sizeof uf)) - goto error; - memset(uf.key.reserved, 0, sizeof uf.key.reserved); - - flow = dp_table_lookup(table, &uf.key); - error = -ENOENT; - if (!flow) - goto error; + return -EFAULT; - /* XXX redundant lookup */ - error = dp_table_delete(table, flow); - if (error) - goto error; + flow = do_del_flow(dp, &uf.key); + if (IS_ERR(flow)) + return PTR_ERR(flow); - /* XXX These statistics might lose a few packets, since other CPUs can - * be using this flow. We used to synchronize_rcu() to make sure that - * we get completely accurate stats, but that blows our performance, - * badly. */ - dp->n_flows--; error = answer_query(flow, 0, ufp); flow_deferred_free(flow); - -error: return error; } -static int query_flows(struct datapath *dp, const struct odp_flowvec *flowvec) +static int do_query_flows(struct datapath *dp, const struct odp_flowvec *flowvec) { - struct dp_table *table = rcu_dereference(dp->table); - int i; + struct tbl *table = rcu_dereference(dp->table); + u32 i; + for (i = 0; i < flowvec->n_flows; i++) { - struct __user odp_flow *ufp = &flowvec->flows[i]; + struct odp_flow __user *ufp = &flowvec->flows[i]; struct odp_flow uf; - struct sw_flow *flow; + struct tbl_node *flow_node; int error; - if (__copy_from_user(&uf, ufp, sizeof uf)) + if (copy_from_user(&uf, ufp, sizeof uf)) return -EFAULT; memset(uf.key.reserved, 0, sizeof uf.key.reserved); - flow = dp_table_lookup(table, &uf.key); - if (!flow) - error = __put_user(ENOENT, &ufp->stats.error); + flow_node = tbl_lookup(table, &uf.key, flow_hash(&uf.key), flow_cmp); + if (!flow_node) + error = put_user(ENOENT, &ufp->stats.error); else - error = answer_query(flow, uf.flags, ufp); + error = answer_query(flow_cast(flow_node), uf.flags, ufp); if (error) return -EFAULT; } @@ -1159,17 +1194,18 @@ static int query_flows(struct datapath *dp, const struct odp_flowvec *flowvec) struct list_flows_cbdata { struct odp_flow __user *uflows; - int n_flows; - int listed_flows; + u32 n_flows; + u32 listed_flows; }; -static int list_flow(struct sw_flow *flow, void *cbdata_) +static int list_flow(struct tbl_node *node, void *cbdata_) { + struct sw_flow *flow = flow_cast(node); struct list_flows_cbdata *cbdata = cbdata_; struct odp_flow __user *ufp = &cbdata->uflows[cbdata->listed_flows++]; int error; - if (__copy_to_user(&ufp->key, &flow->key, sizeof flow->key)) + if (copy_to_user(&ufp->key, &flow->key, sizeof flow->key)) return -EFAULT; error = answer_query(flow, 0, ufp); if (error) @@ -1180,7 +1216,7 @@ static int list_flow(struct sw_flow *flow, void *cbdata_) return 0; } -static int list_flows(struct datapath *dp, const struct odp_flowvec *flowvec) +static int do_list_flows(struct datapath *dp, const struct odp_flowvec *flowvec) { struct list_flows_cbdata cbdata; int error; @@ -1191,8 +1227,7 @@ static int list_flows(struct datapath *dp, const struct odp_flowvec *flowvec) cbdata.uflows = flowvec->flows; cbdata.n_flows = flowvec->n_flows; cbdata.listed_flows = 0; - error = dp_table_foreach(rcu_dereference(dp->table), - list_flow, &cbdata); + error = tbl_foreach(rcu_dereference(dp->table), list_flow, &cbdata); return error ? error : cbdata.listed_flows; } @@ -1205,48 +1240,38 @@ static int do_flowvec_ioctl(struct datapath *dp, unsigned long argp, int retval; uflowvec = (struct odp_flowvec __user *)argp; - if (!access_ok(VERIFY_WRITE, uflowvec, sizeof *uflowvec) || - copy_from_user(&flowvec, uflowvec, sizeof flowvec)) + if (copy_from_user(&flowvec, uflowvec, sizeof flowvec)) return -EFAULT; if (flowvec.n_flows > INT_MAX / sizeof(struct odp_flow)) return -EINVAL; - if (!access_ok(VERIFY_WRITE, flowvec.flows, - flowvec.n_flows * sizeof(struct odp_flow))) - return -EFAULT; - retval = function(dp, &flowvec); return (retval < 0 ? retval : retval == flowvec.n_flows ? 0 - : __put_user(retval, &uflowvec->n_flows)); + : put_user(retval, &uflowvec->n_flows)); } -static int do_execute(struct datapath *dp, const struct odp_execute *executep) +static int do_execute(struct datapath *dp, const struct odp_execute *execute) { - struct odp_execute execute; struct odp_flow_key key; struct sk_buff *skb; struct sw_flow_actions *actions; struct ethhdr *eth; int err; - err = -EFAULT; - if (copy_from_user(&execute, executep, sizeof execute)) - goto error; - err = -EINVAL; - if (execute.length < ETH_HLEN || execute.length > 65535) + if (execute->length < ETH_HLEN || execute->length > 65535) goto error; err = -ENOMEM; - actions = flow_actions_alloc(execute.n_actions); + actions = flow_actions_alloc(execute->n_actions); if (!actions) goto error; err = -EFAULT; - if (copy_from_user(actions->actions, execute.actions, - execute.n_actions * sizeof *execute.actions)) + if (copy_from_user(actions->actions, execute->actions, + execute->n_actions * sizeof *execute->actions)) goto error_free_actions; err = validate_actions(actions); @@ -1254,18 +1279,18 @@ static int do_execute(struct datapath *dp, const struct odp_execute *executep) goto error_free_actions; err = -ENOMEM; - skb = alloc_skb(execute.length, GFP_KERNEL); + skb = alloc_skb(execute->length, GFP_KERNEL); if (!skb) goto error_free_actions; - if (execute.in_port < DP_MAX_PORTS) - OVS_CB(skb)->dp_port = dp->ports[execute.in_port]; + if (execute->in_port < DP_MAX_PORTS) + OVS_CB(skb)->dp_port = dp->ports[execute->in_port]; else OVS_CB(skb)->dp_port = NULL; err = -EFAULT; - if (copy_from_user(skb_put(skb, execute.length), execute.data, - execute.length)) + if (copy_from_user(skb_put(skb, execute->length), execute->data, + execute->length)) goto error_free_skb; skb_reset_mac_header(skb); @@ -1279,9 +1304,13 @@ static int do_execute(struct datapath *dp, const struct odp_execute *executep) else skb->protocol = htons(ETH_P_802_2); - flow_extract(skb, execute.in_port, &key); + flow_extract(skb, execute->in_port, &key); + + rcu_read_lock(); err = execute_actions(dp, skb, &key, actions->actions, actions->n_actions, GFP_KERNEL); + rcu_read_unlock(); + kfree(actions); return err; @@ -1293,21 +1322,32 @@ error: return err; } +static int execute_packet(struct datapath *dp, const struct odp_execute __user *executep) +{ + struct odp_execute execute; + + if (copy_from_user(&execute, executep, sizeof execute)) + return -EFAULT; + + return do_execute(dp, &execute); +} + static int get_dp_stats(struct datapath *dp, struct odp_stats __user *statsp) { + struct tbl *table = rcu_dereference(dp->table); struct odp_stats stats; int i; - stats.n_flows = dp->n_flows; - stats.cur_capacity = rcu_dereference(dp->table)->n_buckets; - stats.max_capacity = DP_MAX_BUCKETS; + stats.n_flows = tbl_count(table); + stats.cur_capacity = tbl_n_buckets(table); + stats.max_capacity = TBL_MAX_BUCKETS; stats.n_ports = dp->n_ports; stats.max_ports = DP_MAX_PORTS; stats.max_groups = DP_MAX_GROUPS; stats.n_frags = stats.n_hit = stats.n_missed = stats.n_lost = 0; for_each_possible_cpu(i) { const struct dp_stats_percpu *s; - s = percpu_ptr(dp->stats_percpu, i); + s = per_cpu_ptr(dp->stats_percpu, i); stats.n_frags += s->n_frags; stats.n_hit += s->n_hit; stats.n_missed += s->n_missed; @@ -1343,7 +1383,7 @@ int dp_min_mtu(const struct datapath *dp) } /* Sets the MTU of all datapath devices to the minimum of the ports. Must - * be called with RTNL lock and dp_mutex. */ + * be called with RTNL lock. */ void set_internal_devs_mtu(const struct datapath *dp) { struct dp_port *p; @@ -1425,25 +1465,36 @@ error_unlock: } static int -list_ports(struct datapath *dp, struct odp_portvec __user *pvp) +do_list_ports(struct datapath *dp, struct odp_port __user *uports, int n_ports) { - struct odp_portvec pv; - struct dp_port *p; - int idx; + int idx = 0; + if (n_ports) { + struct dp_port *p; - if (copy_from_user(&pv, pvp, sizeof pv)) - return -EFAULT; - - idx = 0; - if (pv.n_ports) { list_for_each_entry_rcu (p, &dp->port_list, node) { - if (put_port(p, &pv.ports[idx])) + if (put_port(p, &uports[idx])) return -EFAULT; - if (idx++ >= pv.n_ports) + if (idx++ >= n_ports) break; } } - return put_user(dp->n_ports, &pvp->n_ports); + return idx; +} + +static int +list_ports(struct datapath *dp, struct odp_portvec __user *upv) +{ + struct odp_portvec pv; + int retval; + + if (copy_from_user(&pv, upv, sizeof pv)) + return -EFAULT; + + retval = do_list_ports(dp, pv.ports, pv.n_ports); + if (retval < 0) + return retval; + + return put_user(retval, &upv->n_ports); } /* RCU callback for freeing a dp_port_group */ @@ -1454,34 +1505,27 @@ static void free_port_group(struct rcu_head *rcu) } static int -set_port_group(struct datapath *dp, const struct odp_port_group __user *upg) +do_set_port_group(struct datapath *dp, u16 __user *ports, int n_ports, int group) { - struct odp_port_group pg; struct dp_port_group *new_group, *old_group; int error; - error = -EFAULT; - if (copy_from_user(&pg, upg, sizeof pg)) - goto error; - error = -EINVAL; - if (pg.n_ports > DP_MAX_PORTS || pg.group >= DP_MAX_GROUPS) + if (n_ports > DP_MAX_PORTS || group >= DP_MAX_GROUPS) goto error; error = -ENOMEM; - new_group = kmalloc(sizeof *new_group + sizeof(u16) * pg.n_ports, - GFP_KERNEL); + new_group = kmalloc(sizeof *new_group + sizeof(u16) * n_ports, GFP_KERNEL); if (!new_group) goto error; - new_group->n_ports = pg.n_ports; + new_group->n_ports = n_ports; error = -EFAULT; - if (copy_from_user(new_group->ports, pg.ports, - sizeof(u16) * pg.n_ports)) + if (copy_from_user(new_group->ports, ports, sizeof(u16) * n_ports)) goto error_free; - old_group = rcu_dereference(dp->groups[pg.group]); - rcu_assign_pointer(dp->groups[pg.group], new_group); + old_group = rcu_dereference(dp->groups[group]); + rcu_assign_pointer(dp->groups[group], new_group); if (old_group) call_rcu(&old_group->rcu, free_port_group); return 0; @@ -1493,29 +1537,48 @@ error: } static int -get_port_group(struct datapath *dp, struct odp_port_group *upg) +set_port_group(struct datapath *dp, const struct odp_port_group __user *upg) { struct odp_port_group pg; - struct dp_port_group *g; - u16 n_copy; if (copy_from_user(&pg, upg, sizeof pg)) return -EFAULT; - if (pg.group >= DP_MAX_GROUPS) + return do_set_port_group(dp, pg.ports, pg.n_ports, pg.group); +} + +static int +do_get_port_group(struct datapath *dp, + u16 __user *ports, int n_ports, int group, + u16 __user *n_portsp) +{ + struct dp_port_group *g; + u16 n_copy; + + if (group >= DP_MAX_GROUPS) return -EINVAL; - g = dp->groups[pg.group]; - n_copy = g ? min_t(int, g->n_ports, pg.n_ports) : 0; - if (n_copy && copy_to_user(pg.ports, g->ports, n_copy * sizeof(u16))) + g = dp->groups[group]; + n_copy = g ? min_t(int, g->n_ports, n_ports) : 0; + if (n_copy && copy_to_user(ports, g->ports, n_copy * sizeof(u16))) return -EFAULT; - if (put_user(g ? g->n_ports : 0, &upg->n_ports)) + if (put_user(g ? g->n_ports : 0, n_portsp)) return -EFAULT; return 0; } +static int get_port_group(struct datapath *dp, struct odp_port_group __user *upg) +{ + struct odp_port_group pg; + + if (copy_from_user(&pg, upg, sizeof pg)) + return -EFAULT; + + return do_get_port_group(dp, pg.ports, pg.n_ports, pg.group, &pg.n_ports); +} + static int get_listen_mask(const struct file *f) { return (long)f->private_data; @@ -1667,15 +1730,15 @@ static long openvswitch_ioctl(struct file *f, unsigned int cmd, break; case ODP_FLOW_GET: - err = do_flowvec_ioctl(dp, argp, query_flows); + err = do_flowvec_ioctl(dp, argp, do_query_flows); break; case ODP_FLOW_LIST: - err = do_flowvec_ioctl(dp, argp, list_flows); + err = do_flowvec_ioctl(dp, argp, do_list_flows); break; case ODP_EXECUTE: - err = do_execute(dp, (struct odp_execute __user *)argp); + err = execute_packet(dp, (struct odp_execute __user *)argp); break; default: @@ -1697,6 +1760,311 @@ static int dp_has_packet_of_interest(struct datapath *dp, int listeners) return 0; } +#ifdef CONFIG_COMPAT +static int compat_list_ports(struct datapath *dp, struct compat_odp_portvec __user *upv) +{ + struct compat_odp_portvec pv; + int retval; + + if (copy_from_user(&pv, upv, sizeof pv)) + return -EFAULT; + + retval = do_list_ports(dp, compat_ptr(pv.ports), pv.n_ports); + if (retval < 0) + return retval; + + return put_user(retval, &upv->n_ports); +} + +static int compat_set_port_group(struct datapath *dp, const struct compat_odp_port_group __user *upg) +{ + struct compat_odp_port_group pg; + + if (copy_from_user(&pg, upg, sizeof pg)) + return -EFAULT; + + return do_set_port_group(dp, compat_ptr(pg.ports), pg.n_ports, pg.group); +} + +static int compat_get_port_group(struct datapath *dp, struct compat_odp_port_group __user *upg) +{ + struct compat_odp_port_group pg; + + if (copy_from_user(&pg, upg, sizeof pg)) + return -EFAULT; + + return do_get_port_group(dp, compat_ptr(pg.ports), pg.n_ports, + pg.group, &pg.n_ports); +} + +static int compat_get_flow(struct odp_flow *flow, const struct compat_odp_flow __user *compat) +{ + compat_uptr_t actions; + + if (!access_ok(VERIFY_READ, compat, sizeof(struct compat_odp_flow)) || + __copy_from_user(&flow->stats, &compat->stats, sizeof(struct odp_flow_stats)) || + __copy_from_user(&flow->key, &compat->key, sizeof(struct odp_flow_key)) || + __get_user(actions, &compat->actions) || + __get_user(flow->n_actions, &compat->n_actions) || + __get_user(flow->flags, &compat->flags)) + return -EFAULT; + + flow->actions = compat_ptr(actions); + return 0; +} + +static int compat_put_flow(struct datapath *dp, struct compat_odp_flow_put __user *ufp) +{ + struct odp_flow_stats stats; + struct odp_flow_put fp; + int error; + + if (compat_get_flow(&fp.flow, &ufp->flow) || + get_user(fp.flags, &ufp->flags)) + return -EFAULT; + + error = do_put_flow(dp, &fp, &stats); + if (error) + return error; + + if (copy_to_user(&ufp->flow.stats, &stats, + sizeof(struct odp_flow_stats))) + return -EFAULT; + + return 0; +} + +static int compat_answer_query(struct sw_flow *flow, u32 query_flags, + struct compat_odp_flow __user *ufp) +{ + compat_uptr_t actions; + + if (get_user(actions, &ufp->actions)) + return -EFAULT; + + return do_answer_query(flow, query_flags, &ufp->stats, + compat_ptr(actions), &ufp->n_actions); +} + +static int compat_del_flow(struct datapath *dp, struct compat_odp_flow __user *ufp) +{ + struct sw_flow *flow; + struct odp_flow uf; + int error; + + if (compat_get_flow(&uf, ufp)) + return -EFAULT; + + flow = do_del_flow(dp, &uf.key); + if (IS_ERR(flow)) + return PTR_ERR(flow); + + error = compat_answer_query(flow, 0, ufp); + flow_deferred_free(flow); + return error; +} + +static int compat_query_flows(struct datapath *dp, struct compat_odp_flow *flows, u32 n_flows) +{ + struct tbl *table = rcu_dereference(dp->table); + u32 i; + + for (i = 0; i < n_flows; i++) { + struct compat_odp_flow __user *ufp = &flows[i]; + struct odp_flow uf; + struct tbl_node *flow_node; + int error; + + if (compat_get_flow(&uf, ufp)) + return -EFAULT; + memset(uf.key.reserved, 0, sizeof uf.key.reserved); + + flow_node = tbl_lookup(table, &uf.key, flow_hash(&uf.key), flow_cmp); + if (!flow_node) + error = put_user(ENOENT, &ufp->stats.error); + else + error = compat_answer_query(flow_cast(flow_node), uf.flags, ufp); + if (error) + return -EFAULT; + } + return n_flows; +} + +struct compat_list_flows_cbdata { + struct compat_odp_flow __user *uflows; + u32 n_flows; + u32 listed_flows; +}; + +static int compat_list_flow(struct tbl_node *node, void *cbdata_) +{ + struct sw_flow *flow = flow_cast(node); + struct compat_list_flows_cbdata *cbdata = cbdata_; + struct compat_odp_flow __user *ufp = &cbdata->uflows[cbdata->listed_flows++]; + int error; + + if (copy_to_user(&ufp->key, &flow->key, sizeof flow->key)) + return -EFAULT; + error = compat_answer_query(flow, 0, ufp); + if (error) + return error; + + if (cbdata->listed_flows >= cbdata->n_flows) + return cbdata->listed_flows; + return 0; +} + +static int compat_list_flows(struct datapath *dp, struct compat_odp_flow *flows, u32 n_flows) +{ + struct compat_list_flows_cbdata cbdata; + int error; + + if (!n_flows) + return 0; + + cbdata.uflows = flows; + cbdata.n_flows = n_flows; + cbdata.listed_flows = 0; + error = tbl_foreach(rcu_dereference(dp->table), compat_list_flow, &cbdata); + return error ? error : cbdata.listed_flows; +} + +static int compat_flowvec_ioctl(struct datapath *dp, unsigned long argp, + int (*function)(struct datapath *, + struct compat_odp_flow *, + u32 n_flows)) +{ + struct compat_odp_flowvec __user *uflowvec; + struct compat_odp_flow __user *flows; + struct compat_odp_flowvec flowvec; + int retval; + + uflowvec = compat_ptr(argp); + if (!access_ok(VERIFY_WRITE, uflowvec, sizeof *uflowvec) || + copy_from_user(&flowvec, uflowvec, sizeof flowvec)) + return -EFAULT; + + if (flowvec.n_flows > INT_MAX / sizeof(struct compat_odp_flow)) + return -EINVAL; + + flows = compat_ptr(flowvec.flows); + if (!access_ok(VERIFY_WRITE, flows, + flowvec.n_flows * sizeof(struct compat_odp_flow))) + return -EFAULT; + + retval = function(dp, flows, flowvec.n_flows); + return (retval < 0 ? retval + : retval == flowvec.n_flows ? 0 + : put_user(retval, &uflowvec->n_flows)); +} + +static int compat_execute(struct datapath *dp, const struct compat_odp_execute __user *uexecute) +{ + struct odp_execute execute; + compat_uptr_t actions; + compat_uptr_t data; + + if (!access_ok(VERIFY_READ, uexecute, sizeof(struct compat_odp_execute)) || + __get_user(execute.in_port, &uexecute->in_port) || + __get_user(actions, &uexecute->actions) || + __get_user(execute.n_actions, &uexecute->n_actions) || + __get_user(data, &uexecute->data) || + __get_user(execute.length, &uexecute->length)) + return -EFAULT; + + execute.actions = compat_ptr(actions); + execute.data = compat_ptr(data); + + return do_execute(dp, &execute); +} + +static long openvswitch_compat_ioctl(struct file *f, unsigned int cmd, unsigned long argp) +{ + int dp_idx = iminor(f->f_dentry->d_inode); + struct datapath *dp; + int err; + + switch (cmd) { + case ODP_DP_DESTROY: + case ODP_FLOW_FLUSH: + /* Ioctls that don't need any translation at all. */ + return openvswitch_ioctl(f, cmd, argp); + + case ODP_DP_CREATE: + case ODP_PORT_ATTACH: + case ODP_PORT_DETACH: + case ODP_VPORT_DEL: + case ODP_VPORT_MTU_SET: + case ODP_VPORT_MTU_GET: + case ODP_VPORT_ETHER_SET: + case ODP_VPORT_ETHER_GET: + case ODP_VPORT_STATS_GET: + case ODP_DP_STATS: + case ODP_GET_DROP_FRAGS: + case ODP_SET_DROP_FRAGS: + case ODP_SET_LISTEN_MASK: + case ODP_GET_LISTEN_MASK: + case ODP_SET_SFLOW_PROBABILITY: + case ODP_GET_SFLOW_PROBABILITY: + case ODP_PORT_QUERY: + /* Ioctls that just need their pointer argument extended. */ + return openvswitch_ioctl(f, cmd, (unsigned long)compat_ptr(argp)); + + case ODP_VPORT_ADD32: + return compat_vport_add(compat_ptr(argp)); + + case ODP_VPORT_MOD32: + return compat_vport_mod(compat_ptr(argp)); + } + + dp = get_dp_locked(dp_idx); + err = -ENODEV; + if (!dp) + goto exit; + + switch (cmd) { + case ODP_PORT_LIST32: + err = compat_list_ports(dp, compat_ptr(argp)); + break; + + case ODP_PORT_GROUP_SET32: + err = compat_set_port_group(dp, compat_ptr(argp)); + break; + + case ODP_PORT_GROUP_GET32: + err = compat_get_port_group(dp, compat_ptr(argp)); + break; + + case ODP_FLOW_PUT32: + err = compat_put_flow(dp, compat_ptr(argp)); + break; + + case ODP_FLOW_DEL32: + err = compat_del_flow(dp, compat_ptr(argp)); + break; + + case ODP_FLOW_GET32: + err = compat_flowvec_ioctl(dp, argp, compat_query_flows); + break; + + case ODP_FLOW_LIST32: + err = compat_flowvec_ioctl(dp, argp, compat_list_flows); + break; + + case ODP_EXECUTE32: + err = compat_execute(dp, compat_ptr(argp)); + break; + + default: + err = -ENOIOCTLCMD; + break; + } + mutex_unlock(&dp->mutex); +exit: + return err; +} +#endif + ssize_t openvswitch_read(struct file *f, char __user *buf, size_t nbytes, loff_t *ppos) { @@ -1776,6 +2144,9 @@ struct file_operations openvswitch_fops = { .read = openvswitch_read, .poll = openvswitch_poll, .unlocked_ioctl = openvswitch_ioctl, +#ifdef CONFIG_COMPAT + .compat_ioctl = openvswitch_compat_ioctl, +#endif /* XXX .fasync = openvswitch_fasync, */ };