Пример #1
0
static void cgroup_free_data(struct rtnl_tc *tc, void *data)
{
	struct rtnl_cgroup *c = data;

	if (!c)
		return;

	rtnl_ematch_tree_free(c->cg_ematch);
}
Пример #2
0
void rtnl_cgroup_set_ematch(struct rtnl_cls *cls, struct rtnl_ematch_tree *tree)
{
	struct rtnl_cgroup *c = rtnl_cls_data(cls);

	if (c->cg_ematch) {
		rtnl_ematch_tree_free(c->cg_ematch);
		c->cg_mask &= ~CGROUP_ATTR_EMATCH;
	}

	c->cg_ematch = tree;

	if (tree)
		c->cg_mask |= CGROUP_ATTR_EMATCH;
}
Пример #3
0
static int fill_ematch_sequence(struct nl_msg *msg, struct nl_list_head *list)
{
	struct rtnl_ematch *e;

	nl_list_for_each_entry(e, list, e_list) {
		struct tcf_ematch_hdr match = {
			.matchid = e->e_id,
			.kind = e->e_kind,
			.flags = e->e_flags,
		};
		struct nlattr *attr;
		int err = 0;

		if (!(attr = nla_nest_start(msg, e->e_index + 1)))
			return -NLE_NOMEM;

		if (nlmsg_append(msg, &match, sizeof(match), 0) < 0)
			return -NLE_NOMEM;

		if (e->e_ops->eo_fill)
			err = e->e_ops->eo_fill(e, msg);
		else if (e->e_flags & TCF_EM_SIMPLE)
			err = nlmsg_append(msg, e->e_data, 4, 0);
		else if (e->e_datalen > 0)
			err = nlmsg_append(msg, e->e_data, e->e_datalen, 0);

		NL_DBG(3, "msg %p: added ematch [%d] id=%d kind=%d flags=%d\n",
			  msg, e->e_index, match.matchid, match.kind, match.flags);

		if (err < 0)
			return -NLE_NOMEM;

		nla_nest_end(msg, attr);
	}

	nl_list_for_each_entry(e, list, e_list) {
		if (e->e_kind == TCF_EM_CONTAINER &&
		    fill_ematch_sequence(msg, &e->e_childs) < 0)
			return -NLE_NOMEM;
	}

	return 0;
}

int rtnl_ematch_fill_attr(struct nl_msg *msg, int attrid,
			  struct rtnl_ematch_tree *tree)
{
	struct tcf_ematch_tree_hdr thdr = {
		.progid = tree->et_progid,
	};
	struct nlattr *list, *topattr;
	int err, index = 0;

	/* Assign index number to each ematch to allow for references
	 * to be made while constructing the sequence of matches. */
	err = update_container_index(&tree->et_list, &index);
	if (err < 0)
		return err;

	if (!(topattr = nla_nest_start(msg, attrid)))
		goto nla_put_failure;

	thdr.nmatches = index;
	NLA_PUT(msg, TCA_EMATCH_TREE_HDR, sizeof(thdr), &thdr);

	if (!(list = nla_nest_start(msg, TCA_EMATCH_TREE_LIST)))
		goto nla_put_failure;

	if (fill_ematch_sequence(msg, &tree->et_list) < 0)
		goto nla_put_failure;

	nla_nest_end(msg, list);

	nla_nest_end(msg, topattr);

	return 0;

nla_put_failure:
	return -NLE_NOMEM;
}

/** @} */

extern int ematch_parse(void *, char **, struct nl_list_head *);

int rtnl_ematch_parse_expr(const char *expr, char **errp,
			   struct rtnl_ematch_tree **result)
{
	struct rtnl_ematch_tree *tree;
	YY_BUFFER_STATE buf = NULL;
	yyscan_t scanner = NULL;
	int err;

	NL_DBG(2, "Parsing ematch expression \"%s\"\n", expr);

	if (!(tree = rtnl_ematch_tree_alloc(RTNL_EMATCH_PROGID)))
		return -NLE_FAILURE;

	if ((err = ematch_lex_init(&scanner)) < 0) {
		err = -NLE_FAILURE;
		goto errout;
	}

	buf = ematch__scan_string(expr, scanner);

	if ((err = ematch_parse(scanner, errp, &tree->et_list)) != 0) {
		ematch__delete_buffer(buf, scanner);
		err = -NLE_PARSE_ERR;
		goto errout;
	}

	ematch_lex_destroy(scanner);
	*result = tree;

	return 0;

errout:
	if (scanner)
		ematch_lex_destroy(scanner);

	rtnl_ematch_tree_free(tree);

	return err;
}

static const char *layer_txt[] = {
	[TCF_LAYER_LINK]	= "eth",
	[TCF_LAYER_NETWORK]	= "ip",
	[TCF_LAYER_TRANSPORT]	= "tcp",
};

char *rtnl_ematch_offset2txt(uint8_t layer, uint16_t offset, char *buf, size_t len)
{
	snprintf(buf, len, "%s+%u",
		 (layer <= TCF_LAYER_MAX) ? layer_txt[layer] : "?",
		 offset);

	return buf;
}

static const char *operand_txt[] = {
	[TCF_EM_OPND_EQ] = "=",
	[TCF_EM_OPND_LT] = "<",
	[TCF_EM_OPND_GT] = ">",
};

char *rtnl_ematch_opnd2txt(uint8_t opnd, char *buf, size_t len)
{
	snprintf(buf, len, "%s",
		opnd < ARRAY_SIZE(operand_txt) ? operand_txt[opnd] : "?");

	return buf;
}
Пример #4
0
/**
 * Parse ematch netlink attributes
 *
 * @return 0 on success or a negative error code.
 */
int rtnl_ematch_parse_attr(struct nlattr *attr, struct rtnl_ematch_tree **result)
{
	struct nlattr *a, *tb[TCA_EMATCH_TREE_MAX+1];
	struct tcf_ematch_tree_hdr *thdr;
	struct rtnl_ematch_tree *tree;
	struct rtnl_ematch **index;
	int nmatches = 0, err, remaining;

	NL_DBG(2, "Parsing attribute %p as ematch tree\n", attr);

	err = nla_parse_nested(tb, TCA_EMATCH_TREE_MAX, attr, tree_policy);
	if (err < 0)
		return err;

	if (!tb[TCA_EMATCH_TREE_HDR])
		return -NLE_MISSING_ATTR;

	thdr = nla_data(tb[TCA_EMATCH_TREE_HDR]);

	/* Ignore empty trees */
	if (thdr->nmatches == 0) {
		NL_DBG(2, "Ignoring empty ematch configuration\n");
		return 0;
	}

	if (!tb[TCA_EMATCH_TREE_LIST])
		return -NLE_MISSING_ATTR;

	NL_DBG(2, "ematch tree found with nmatches=%u, progid=%u\n",
		  thdr->nmatches, thdr->progid);

	/*
	 * Do some basic sanity checking since we will allocate
	 * index[thdr->nmatches]. Calculate how many ematch headers fit into
	 * the provided data and make sure nmatches does not exceed it.
	 */
	if (thdr->nmatches > (nla_len(tb[TCA_EMATCH_TREE_LIST]) /
			      nla_total_size(sizeof(struct tcf_ematch_hdr))))
		return -NLE_INVAL;

	if (!(index = calloc(thdr->nmatches, sizeof(struct rtnl_ematch *))))
		return -NLE_NOMEM;

	if (!(tree = rtnl_ematch_tree_alloc(thdr->progid))) {
		err = -NLE_NOMEM;
		goto errout;
	}

	nla_for_each_nested(a, tb[TCA_EMATCH_TREE_LIST], remaining) {
		struct rtnl_ematch_ops *ops;
		struct tcf_ematch_hdr *hdr;
		struct rtnl_ematch *ematch;
		void *data;
		size_t len;

		NL_DBG(3, "parsing ematch attribute %d, len=%u\n",
			  nmatches+1, nla_len(a));

		if (nla_len(a) < sizeof(*hdr)) {
			err = -NLE_INVAL;
			goto errout;
		}

		/* Quit as soon as we've parsed more matches than expected */
		if (nmatches >= thdr->nmatches) {
			err = -NLE_RANGE;
			goto errout;
		}

		hdr = nla_data(a);
		data = nla_data(a) + NLA_ALIGN(sizeof(*hdr));
		len = nla_len(a) - NLA_ALIGN(sizeof(*hdr));

		NL_DBG(3, "ematch attribute matchid=%u, kind=%u, flags=%u\n",
			  hdr->matchid, hdr->kind, hdr->flags);

		/*
		 * Container matches contain a reference to another sequence
		 * of matches. Ensure that the reference is within boundries.
		 */
		if (hdr->kind == TCF_EM_CONTAINER &&
		    *((uint32_t *) data) >= thdr->nmatches) {
			err = -NLE_INVAL;
			goto errout;
		}

		if (!(ematch = rtnl_ematch_alloc())) {
			err = -NLE_NOMEM;
			goto errout;
		}

		ematch->e_id = hdr->matchid;
		ematch->e_kind = hdr->kind;
		ematch->e_flags = hdr->flags;

		if ((ops = rtnl_ematch_lookup_ops(hdr->kind))) {
			if (ops->eo_minlen && len < ops->eo_minlen) {
				rtnl_ematch_free(ematch);
				err = -NLE_INVAL;
				goto errout;
			}

			rtnl_ematch_set_ops(ematch, ops);

			if (ops->eo_parse &&
			    (err = ops->eo_parse(ematch, data, len)) < 0) {
				rtnl_ematch_free(ematch);
				goto errout;
			}
		}

		NL_DBG(3, "index[%d] = %p\n", nmatches, ematch);
		index[nmatches++] = ematch;
	}

	if (nmatches != thdr->nmatches) {
		err = -NLE_INVAL;
		goto errout;
	}

	err = link_tree(index, nmatches, 0, &tree->et_list);
	if (err < 0)
		goto errout;

	free(index);
	*result = tree;

	return 0;

errout:
	rtnl_ematch_tree_free(tree);
	free(index);
	return err;
}
Пример #5
0
static void cgroup_free_data(struct rtnl_cls *cls)
{
	struct rtnl_cgroup *c = rtnl_cls_data(cls);

	rtnl_ematch_tree_free(c->cg_ematch);
}