net/sched/act_sample.c

   1 // SPDX-License-Identifier: GPL-2.0-only
   2 /*
   3  * net/sched/act_sample.c - Packet sampling tc action
   4  * Copyright (c) 2017 Yotam Gigi <yotamg@mellanox.com>
   5  */
   6
   7 #include <linux/types.h>
   8 #include <linux/kernel.h>
   9 #include <linux/string.h>
  10 #include <linux/errno.h>
  11 #include <linux/skbuff.h>
  12 #include <linux/rtnetlink.h>
  13 #include <linux/module.h>
  14 #include <linux/init.h>
  15 #include <linux/gfp.h>
  16 #include <net/net_namespace.h>
  17 #include <net/netlink.h>
  18 #include <net/pkt_sched.h>
  19 #include <linux/tc_act/tc_sample.h>
  20 #include <net/tc_act/tc_sample.h>
  21 #include <net/psample.h>
  22 #include <net/pkt_cls.h>
  23
  24 #include <linux/if_arp.h>
  25
  26 static struct tc_action_ops act_sample_ops;
  27
  28 static const struct nla_policy sample_policy[TCA_SAMPLE_MAX + 1] = {
  29         [TCA_SAMPLE_PARMS]              = { .len = sizeof(struct tc_sample) },
  30         [TCA_SAMPLE_RATE]               = { .type = NLA_U32 },
  31         [TCA_SAMPLE_TRUNC_SIZE]         = { .type = NLA_U32 },
  32         [TCA_SAMPLE_PSAMPLE_GROUP]      = { .type = NLA_U32 },
  33 };
  34
  35 static int tcf_sample_init(struct net *net, struct nlattr *nla,
  36                            struct nlattr *est, struct tc_action **a,
  37                            struct tcf_proto *tp,
  38                            u32 flags, struct netlink_ext_ack *extack)
  39 {
  40         struct tc_action_net *tn = net_generic(net, act_sample_ops.net_id);
  41         bool bind = flags & TCA_ACT_FLAGS_BIND;
  42         struct nlattr *tb[TCA_SAMPLE_MAX + 1];
  43         struct psample_group *psample_group;
  44         u32 psample_group_num, rate, index;
  45         struct tcf_chain *goto_ch = NULL;
  46         struct tc_sample *parm;
  47         struct tcf_sample *s;
  48         bool exists = false;
  49         int ret, err;
  50
  51         if (!nla)
  52                 return -EINVAL;
  53         ret = nla_parse_nested_deprecated(tb, TCA_SAMPLE_MAX, nla,
  54                                           sample_policy, NULL);
  55         if (ret < 0)
  56                 return ret;
  57
  58         if (!tb[TCA_SAMPLE_PARMS])
  59                 return -EINVAL;
  60
  61         parm = nla_data(tb[TCA_SAMPLE_PARMS]);
  62         index = parm->index;
  63         err = tcf_idr_check_alloc(tn, &index, a, bind);
  64         if (err < 0)
  65                 return err;
  66         exists = err;
  67         if (exists && bind)
  68                 return 0;
  69
  70         if (!exists) {
  71                 ret = tcf_idr_create(tn, index, est, a,
  72                                      &act_sample_ops, bind, true, flags);
  73                 if (ret) {
  74                         tcf_idr_cleanup(tn, index);
  75                         return ret;
  76                 }
  77                 ret = ACT_P_CREATED;
  78         } else if (!(flags & TCA_ACT_FLAGS_REPLACE)) {
  79                 tcf_idr_release(*a, bind);
  80                 return -EEXIST;
  81         }
  82
  83         if (!tb[TCA_SAMPLE_RATE] || !tb[TCA_SAMPLE_PSAMPLE_GROUP]) {
  84                 NL_SET_ERR_MSG(extack, "sample rate and group are required");
  85                 err = -EINVAL;
  86                 goto release_idr;
  87         }
  88
  89         err = tcf_action_check_ctrlact(parm->action, tp, &goto_ch, extack);
  90         if (err < 0)
  91                 goto release_idr;
  92
  93         rate = nla_get_u32(tb[TCA_SAMPLE_RATE]);
  94         if (!rate) {
  95                 NL_SET_ERR_MSG(extack, "invalid sample rate");
  96                 err = -EINVAL;
  97                 goto put_chain;
  98         }
  99         psample_group_num = nla_get_u32(tb[TCA_SAMPLE_PSAMPLE_GROUP]);
 100         psample_group = psample_group_get(net, psample_group_num);
 101         if (!psample_group) {
 102                 err = -ENOMEM;
 103                 goto put_chain;
 104         }
 105
 106         s = to_sample(*a);
 107
 108         spin_lock_bh(&s->tcf_lock);
 109         goto_ch = tcf_action_set_ctrlact(*a, parm->action, goto_ch);
 110         s->rate = rate;
 111         s->psample_group_num = psample_group_num;
 112         psample_group = rcu_replace_pointer(s->psample_group, psample_group,
 113                                             lockdep_is_held(&s->tcf_lock));
 114
 115         if (tb[TCA_SAMPLE_TRUNC_SIZE]) {
 116                 s->truncate = true;
 117                 s->trunc_size = nla_get_u32(tb[TCA_SAMPLE_TRUNC_SIZE]);
 118         }
 119         spin_unlock_bh(&s->tcf_lock);
 120
 121         if (psample_group)
 122                 psample_group_put(psample_group);
 123         if (goto_ch)
 124                 tcf_chain_put_by_act(goto_ch);
 125
 126         return ret;
 127 put_chain:
 128         if (goto_ch)
 129                 tcf_chain_put_by_act(goto_ch);
 130 release_idr:
 131         tcf_idr_release(*a, bind);
 132         return err;
 133 }
 134
 135 static void tcf_sample_cleanup(struct tc_action *a)
 136 {
 137         struct tcf_sample *s = to_sample(a);
 138         struct psample_group *psample_group;
 139
 140         /* last reference to action, no need to lock */
 141         psample_group = rcu_dereference_protected(s->psample_group, 1);
 142         RCU_INIT_POINTER(s->psample_group, NULL);
 143         if (psample_group)
 144                 psample_group_put(psample_group);
 145 }
 146
 147 static bool tcf_sample_dev_ok_push(struct net_device *dev)
 148 {
 149         switch (dev->type) {
 150         case ARPHRD_TUNNEL:
 151         case ARPHRD_TUNNEL6:
 152         case ARPHRD_SIT:
 153         case ARPHRD_IPGRE:
 154         case ARPHRD_IP6GRE:
 155         case ARPHRD_VOID:
 156         case ARPHRD_NONE:
 157                 return false;
 158         default:
 159                 return true;
 160         }
 161 }
 162
 163 static int tcf_sample_act(struct sk_buff *skb, const struct tc_action *a,
 164                           struct tcf_result *res)
 165 {
 166         struct tcf_sample *s = to_sample(a);
 167         struct psample_group *psample_group;
 168         struct psample_metadata md = {};
 169         int retval;
 170
 171         tcf_lastuse_update(&s->tcf_tm);
 172         bstats_update(this_cpu_ptr(s->common.cpu_bstats), skb);
 173         retval = READ_ONCE(s->tcf_action);
 174
 175         psample_group = rcu_dereference_bh(s->psample_group);
 176
 177         /* randomly sample packets according to rate */
 178         if (psample_group && (prandom_u32_max(s->rate) == 0)) {
 179                 if (!skb_at_tc_ingress(skb)) {
 180                         md.in_ifindex = skb->skb_iif;
 181                         md.out_ifindex = skb->dev->ifindex;
 182                 } else {
 183                         md.in_ifindex = skb->dev->ifindex;
 184                 }
 185
 186                 /* on ingress, the mac header gets popped, so push it back */
 187                 if (skb_at_tc_ingress(skb) && tcf_sample_dev_ok_push(skb->dev))
 188                         skb_push(skb, skb->mac_len);
 189
 190                 md.trunc_size = s->truncate ? s->trunc_size : skb->len;
 191                 psample_sample_packet(psample_group, skb, s->rate, &md);
 192
 193                 if (skb_at_tc_ingress(skb) && tcf_sample_dev_ok_push(skb->dev))
 194                         skb_pull(skb, skb->mac_len);
 195         }
 196
 197         return retval;
 198 }
 199
 200 static void tcf_sample_stats_update(struct tc_action *a, u64 bytes, u64 packets,
 201                                     u64 drops, u64 lastuse, bool hw)
 202 {
 203         struct tcf_sample *s = to_sample(a);
 204         struct tcf_t *tm = &s->tcf_tm;
 205
 206         tcf_action_update_stats(a, bytes, packets, drops, hw);
 207         tm->lastuse = max_t(u64, tm->lastuse, lastuse);
 208 }
 209
 210 static int tcf_sample_dump(struct sk_buff *skb, struct tc_action *a,
 211                            int bind, int ref)
 212 {
 213         unsigned char *b = skb_tail_pointer(skb);
 214         struct tcf_sample *s = to_sample(a);
 215         struct tc_sample opt = {
 216                 .index      = s->tcf_index,
 217                 .refcnt     = refcount_read(&s->tcf_refcnt) - ref,
 218                 .bindcnt    = atomic_read(&s->tcf_bindcnt) - bind,
 219         };
 220         struct tcf_t t;
 221
 222         spin_lock_bh(&s->tcf_lock);
 223         opt.action = s->tcf_action;
 224         if (nla_put(skb, TCA_SAMPLE_PARMS, sizeof(opt), &opt))
 225                 goto nla_put_failure;
 226
 227         tcf_tm_dump(&t, &s->tcf_tm);
 228         if (nla_put_64bit(skb, TCA_SAMPLE_TM, sizeof(t), &t, TCA_SAMPLE_PAD))
 229                 goto nla_put_failure;
 230
 231         if (nla_put_u32(skb, TCA_SAMPLE_RATE, s->rate))
 232                 goto nla_put_failure;
 233
 234         if (s->truncate)
 235                 if (nla_put_u32(skb, TCA_SAMPLE_TRUNC_SIZE, s->trunc_size))
 236                         goto nla_put_failure;
 237
 238         if (nla_put_u32(skb, TCA_SAMPLE_PSAMPLE_GROUP, s->psample_group_num))
 239                 goto nla_put_failure;
 240         spin_unlock_bh(&s->tcf_lock);
 241
 242         return skb->len;
 243
 244 nla_put_failure:
 245         spin_unlock_bh(&s->tcf_lock);
 246         nlmsg_trim(skb, b);
 247         return -1;
 248 }
 249
 250 static void tcf_psample_group_put(void *priv)
 251 {
 252         struct psample_group *group = priv;
 253
 254         psample_group_put(group);
 255 }
 256
 257 static struct psample_group *
 258 tcf_sample_get_group(const struct tc_action *a,
 259                      tc_action_priv_destructor *destructor)
 260 {
 261         struct tcf_sample *s = to_sample(a);
 262         struct psample_group *group;
 263
 264         group = rcu_dereference_protected(s->psample_group,
 265                                           lockdep_is_held(&s->tcf_lock));
 266         if (group) {
 267                 psample_group_take(group);
 268                 *destructor = tcf_psample_group_put;
 269         }
 270
 271         return group;
 272 }
 273
 274 static void tcf_offload_sample_get_group(struct flow_action_entry *entry,
 275                                          const struct tc_action *act)
 276 {
 277         entry->sample.psample_group =
 278                 act->ops->get_psample_group(act, &entry->destructor);
 279         entry->destructor_priv = entry->sample.psample_group;
 280 }
 281
 282 static int tcf_sample_offload_act_setup(struct tc_action *act, void *entry_data,
 283                                         u32 *index_inc, bool bind,
 284                                         struct netlink_ext_ack *extack)
 285 {
 286         if (bind) {
 287                 struct flow_action_entry *entry = entry_data;
 288
 289                 entry->id = FLOW_ACTION_SAMPLE;
 290                 entry->sample.trunc_size = tcf_sample_trunc_size(act);
 291                 entry->sample.truncate = tcf_sample_truncate(act);
 292                 entry->sample.rate = tcf_sample_rate(act);
 293                 tcf_offload_sample_get_group(entry, act);
 294                 *index_inc = 1;
 295         } else {
 296                 struct flow_offload_action *fl_action = entry_data;
 297
 298                 fl_action->id = FLOW_ACTION_SAMPLE;
 299         }
 300
 301         return 0;
 302 }
 303
 304 static struct tc_action_ops act_sample_ops = {
 305         .kind     = "sample",
 306         .id       = TCA_ID_SAMPLE,
 307         .owner    = THIS_MODULE,
 308         .act      = tcf_sample_act,
 309         .stats_update = tcf_sample_stats_update,
 310         .dump     = tcf_sample_dump,
 311         .init     = tcf_sample_init,
 312         .cleanup  = tcf_sample_cleanup,
 313         .get_psample_group = tcf_sample_get_group,
 314         .offload_act_setup    = tcf_sample_offload_act_setup,
 315         .size     = sizeof(struct tcf_sample),
 316 };
 317
 318 static __net_init int sample_init_net(struct net *net)
 319 {
 320         struct tc_action_net *tn = net_generic(net, act_sample_ops.net_id);
 321
 322         return tc_action_net_init(net, tn, &act_sample_ops);
 323 }
 324
 325 static void __net_exit sample_exit_net(struct list_head *net_list)
 326 {
 327         tc_action_net_exit(net_list, act_sample_ops.net_id);
 328 }
 329
 330 static struct pernet_operations sample_net_ops = {
 331         .init = sample_init_net,
 332         .exit_batch = sample_exit_net,
 333         .id   = &act_sample_ops.net_id,
 334         .size = sizeof(struct tc_action_net),
 335 };
 336
 337 static int __init sample_init_module(void)
 338 {
 339         return tcf_register_action(&act_sample_ops, &sample_net_ops);
 340 }
 341
 342 static void __exit sample_cleanup_module(void)
 343 {
 344         tcf_unregister_action(&act_sample_ops, &sample_net_ops);
 345 }
 346
 347 module_init(sample_init_module);
 348 module_exit(sample_cleanup_module);
 349
 350 MODULE_AUTHOR("Yotam Gigi <yotam.gi@gmail.com>");
 351 MODULE_DESCRIPTION("Packet sampling action");
 352 MODULE_LICENSE("GPL v2");