Lines Matching refs:rule
26 bool fib_rule_matchall(const struct fib_rule *rule) in fib_rule_matchall() argument
28 if (rule->iifindex || rule->oifindex || rule->mark || rule->tun_id || in fib_rule_matchall()
29 rule->flags) in fib_rule_matchall()
31 if (rule->suppress_ifgroup != -1 || rule->suppress_prefixlen != -1) in fib_rule_matchall()
33 if (!uid_eq(rule->uid_range.start, fib_kuid_range_unset.start) || in fib_rule_matchall()
34 !uid_eq(rule->uid_range.end, fib_kuid_range_unset.end)) in fib_rule_matchall()
36 if (fib_rule_port_range_set(&rule->sport_range)) in fib_rule_matchall()
38 if (fib_rule_port_range_set(&rule->dport_range)) in fib_rule_matchall()
75 struct fib_rule *rule; in fib_default_rule_pref() local
80 rule = list_entry(pos->next, struct fib_rule, list); in fib_default_rule_pref()
81 if (rule->pref) in fib_default_rule_pref()
82 return rule->pref - 1; in fib_default_rule_pref()
89 static void notify_rule_change(int event, struct fib_rule *rule,
177 struct fib_rule *rule, *tmp; in fib_rules_cleanup_ops() local
179 list_for_each_entry_safe(rule, tmp, &ops->rules_list, list) { in fib_rules_cleanup_ops()
180 list_del_rcu(&rule->list); in fib_rules_cleanup_ops()
182 ops->delete(rule); in fib_rules_cleanup_ops()
183 fib_rule_put(rule); in fib_rules_cleanup_ops()
248 static int fib_rule_match(struct fib_rule *rule, struct fib_rules_ops *ops, in fib_rule_match() argument
254 if (rule->iifindex && (rule->iifindex != fl->flowi_iif)) in fib_rule_match()
257 if (rule->oifindex && (rule->oifindex != fl->flowi_oif)) in fib_rule_match()
260 if ((rule->mark ^ fl->flowi_mark) & rule->mark_mask) in fib_rule_match()
263 if (rule->tun_id && (rule->tun_id != fl->flowi_tun_key.tun_id)) in fib_rule_match()
266 if (rule->l3mdev && !l3mdev_fib_rule_match(rule->fr_net, fl, arg)) in fib_rule_match()
269 if (uid_lt(fl->flowi_uid, rule->uid_range.start) || in fib_rule_match()
270 uid_gt(fl->flowi_uid, rule->uid_range.end)) in fib_rule_match()
273 ret = ops->match(rule, fl, flags); in fib_rule_match()
275 return (rule->flags & FIB_RULE_INVERT) ? !ret : ret; in fib_rule_match()
281 struct fib_rule *rule; in fib_rules_lookup() local
286 list_for_each_entry_rcu(rule, &ops->rules_list, list) { in fib_rules_lookup()
288 if (!fib_rule_match(rule, ops, fl, flags, arg)) in fib_rules_lookup()
291 if (rule->action == FR_ACT_GOTO) { in fib_rules_lookup()
294 target = rcu_dereference(rule->ctarget); in fib_rules_lookup()
298 rule = target; in fib_rules_lookup()
301 } else if (rule->action == FR_ACT_NOP) in fib_rules_lookup()
304 err = ops->action(rule, fl, flags, arg); in fib_rules_lookup()
306 if (!err && ops->suppress && ops->suppress(rule, arg)) in fib_rules_lookup()
311 likely(refcount_inc_not_zero(&rule->refcnt))) { in fib_rules_lookup()
312 arg->rule = rule; in fib_rules_lookup()
329 struct fib_rule *rule, int family) in call_fib_rule_notifier() argument
333 .rule = rule, in call_fib_rule_notifier()
341 struct fib_rule *rule, in call_fib_rule_notifiers() argument
348 .rule = rule, in call_fib_rule_notifiers()
359 struct fib_rule *rule; in fib_rules_dump() local
364 list_for_each_entry_rcu(rule, &ops->rules_list, list) in fib_rules_dump()
365 call_fib_rule_notifier(nb, net, FIB_EVENT_RULE_ADD, rule, in fib_rules_dump()
393 struct fib_rule *rule, in rule_find()
399 if (rule->action && r->action != rule->action) in rule_find()
402 if (rule->table && r->table != rule->table) in rule_find()
405 if (user_priority && r->pref != rule->pref) in rule_find()
408 if (rule->iifname[0] && in rule_find()
409 memcmp(r->iifname, rule->iifname, IFNAMSIZ)) in rule_find()
412 if (rule->oifname[0] && in rule_find()
413 memcmp(r->oifname, rule->oifname, IFNAMSIZ)) in rule_find()
416 if (rule->mark && r->mark != rule->mark) in rule_find()
419 if (rule->suppress_ifgroup != -1 && in rule_find()
420 r->suppress_ifgroup != rule->suppress_ifgroup) in rule_find()
423 if (rule->suppress_prefixlen != -1 && in rule_find()
424 r->suppress_prefixlen != rule->suppress_prefixlen) in rule_find()
427 if (rule->mark_mask && r->mark_mask != rule->mark_mask) in rule_find()
430 if (rule->tun_id && r->tun_id != rule->tun_id) in rule_find()
433 if (r->fr_net != rule->fr_net) in rule_find()
436 if (rule->l3mdev && r->l3mdev != rule->l3mdev) in rule_find()
439 if (uid_range_set(&rule->uid_range) && in rule_find()
440 (!uid_eq(r->uid_range.start, rule->uid_range.start) || in rule_find()
441 !uid_eq(r->uid_range.end, rule->uid_range.end))) in rule_find()
444 if (rule->ip_proto && r->ip_proto != rule->ip_proto) in rule_find()
447 if (rule->proto && r->proto != rule->proto) in rule_find()
450 if (fib_rule_port_range_set(&rule->sport_range) && in rule_find()
452 &rule->sport_range)) in rule_find()
455 if (fib_rule_port_range_set(&rule->dport_range) && in rule_find()
457 &rule->dport_range)) in rule_find()
493 struct fib_rule **rule, in fib_nl2rule() argument
649 *rule = nlrule; in fib_nl2rule()
660 struct nlattr **tb, struct fib_rule *rule) in rule_exists() argument
665 if (r->action != rule->action) in rule_exists()
668 if (r->table != rule->table) in rule_exists()
671 if (r->pref != rule->pref) in rule_exists()
674 if (memcmp(r->iifname, rule->iifname, IFNAMSIZ)) in rule_exists()
677 if (memcmp(r->oifname, rule->oifname, IFNAMSIZ)) in rule_exists()
680 if (r->mark != rule->mark) in rule_exists()
683 if (r->suppress_ifgroup != rule->suppress_ifgroup) in rule_exists()
686 if (r->suppress_prefixlen != rule->suppress_prefixlen) in rule_exists()
689 if (r->mark_mask != rule->mark_mask) in rule_exists()
692 if (r->tun_id != rule->tun_id) in rule_exists()
695 if (r->fr_net != rule->fr_net) in rule_exists()
698 if (r->l3mdev != rule->l3mdev) in rule_exists()
701 if (!uid_eq(r->uid_range.start, rule->uid_range.start) || in rule_exists()
702 !uid_eq(r->uid_range.end, rule->uid_range.end)) in rule_exists()
705 if (r->ip_proto != rule->ip_proto) in rule_exists()
708 if (r->proto != rule->proto) in rule_exists()
712 &rule->sport_range)) in rule_exists()
716 &rule->dport_range)) in rule_exists()
732 struct fib_rule *rule = NULL, *r, *last = NULL; in fib_nl_newrule() local
755 err = fib_nl2rule(skb, nlh, extack, ops, tb, &rule, &user_priority); in fib_nl_newrule()
760 rule_exists(ops, frh, tb, rule)) { in fib_nl_newrule()
765 err = ops->configure(rule, skb, frh, tb, extack); in fib_nl_newrule()
769 err = call_fib_rule_notifiers(net, FIB_EVENT_RULE_ADD, rule, ops, in fib_nl_newrule()
775 if (r->pref == rule->target) { in fib_nl_newrule()
776 RCU_INIT_POINTER(rule->ctarget, r); in fib_nl_newrule()
781 if (rcu_dereference_protected(rule->ctarget, 1) == NULL) in fib_nl_newrule()
785 if (r->pref > rule->pref) in fib_nl_newrule()
791 list_add_rcu(&rule->list, &last->list); in fib_nl_newrule()
793 list_add_rcu(&rule->list, &ops->rules_list); in fib_nl_newrule()
802 r->target == rule->pref && in fib_nl_newrule()
804 rcu_assign_pointer(r->ctarget, rule); in fib_nl_newrule()
811 if (rule->action == FR_ACT_GOTO) in fib_nl_newrule()
817 if (rule->tun_id) in fib_nl_newrule()
820 notify_rule_change(RTM_NEWRULE, rule, ops, nlh, NETLINK_CB(skb).portid); in fib_nl_newrule()
826 kfree(rule); in fib_nl_newrule()
839 struct fib_rule *rule = NULL, *r, *nlrule = NULL; in fib_nl_delrule() local
866 rule = rule_find(ops, frh, tb, nlrule, user_priority); in fib_nl_delrule()
867 if (!rule) { in fib_nl_delrule()
872 if (rule->flags & FIB_RULE_PERMANENT) { in fib_nl_delrule()
878 err = ops->delete(rule); in fib_nl_delrule()
883 if (rule->tun_id) in fib_nl_delrule()
886 list_del_rcu(&rule->list); in fib_nl_delrule()
888 if (rule->action == FR_ACT_GOTO) { in fib_nl_delrule()
890 if (rtnl_dereference(rule->ctarget) == NULL) in fib_nl_delrule()
904 n = list_next_entry(rule, list); in fib_nl_delrule()
905 if (&n->list == &ops->rules_list || n->pref != rule->pref) in fib_nl_delrule()
908 if (rtnl_dereference(r->ctarget) != rule) in fib_nl_delrule()
916 call_fib_rule_notifiers(net, FIB_EVENT_RULE_DEL, rule, ops, in fib_nl_delrule()
918 notify_rule_change(RTM_DELRULE, rule, ops, nlh, in fib_nl_delrule()
920 fib_rule_put(rule); in fib_nl_delrule()
934 struct fib_rule *rule) in fib_rule_nlmsg_size() argument
953 payload += ops->nlmsg_payload(rule); in fib_rule_nlmsg_size()
958 static int fib_nl_fill_rule(struct sk_buff *skb, struct fib_rule *rule, in fib_nl_fill_rule() argument
971 frh->table = rule->table; in fib_nl_fill_rule()
972 if (nla_put_u32(skb, FRA_TABLE, rule->table)) in fib_nl_fill_rule()
974 if (nla_put_u32(skb, FRA_SUPPRESS_PREFIXLEN, rule->suppress_prefixlen)) in fib_nl_fill_rule()
978 frh->action = rule->action; in fib_nl_fill_rule()
979 frh->flags = rule->flags; in fib_nl_fill_rule()
981 if (nla_put_u8(skb, FRA_PROTOCOL, rule->proto)) in fib_nl_fill_rule()
984 if (rule->action == FR_ACT_GOTO && in fib_nl_fill_rule()
985 rcu_access_pointer(rule->ctarget) == NULL) in fib_nl_fill_rule()
988 if (rule->iifname[0]) { in fib_nl_fill_rule()
989 if (nla_put_string(skb, FRA_IIFNAME, rule->iifname)) in fib_nl_fill_rule()
991 if (rule->iifindex == -1) in fib_nl_fill_rule()
995 if (rule->oifname[0]) { in fib_nl_fill_rule()
996 if (nla_put_string(skb, FRA_OIFNAME, rule->oifname)) in fib_nl_fill_rule()
998 if (rule->oifindex == -1) in fib_nl_fill_rule()
1002 if ((rule->pref && in fib_nl_fill_rule()
1003 nla_put_u32(skb, FRA_PRIORITY, rule->pref)) || in fib_nl_fill_rule()
1004 (rule->mark && in fib_nl_fill_rule()
1005 nla_put_u32(skb, FRA_FWMARK, rule->mark)) || in fib_nl_fill_rule()
1006 ((rule->mark_mask || rule->mark) && in fib_nl_fill_rule()
1007 nla_put_u32(skb, FRA_FWMASK, rule->mark_mask)) || in fib_nl_fill_rule()
1008 (rule->target && in fib_nl_fill_rule()
1009 nla_put_u32(skb, FRA_GOTO, rule->target)) || in fib_nl_fill_rule()
1010 (rule->tun_id && in fib_nl_fill_rule()
1011 nla_put_be64(skb, FRA_TUN_ID, rule->tun_id, FRA_PAD)) || in fib_nl_fill_rule()
1012 (rule->l3mdev && in fib_nl_fill_rule()
1013 nla_put_u8(skb, FRA_L3MDEV, rule->l3mdev)) || in fib_nl_fill_rule()
1014 (uid_range_set(&rule->uid_range) && in fib_nl_fill_rule()
1015 nla_put_uid_range(skb, &rule->uid_range)) || in fib_nl_fill_rule()
1016 (fib_rule_port_range_set(&rule->sport_range) && in fib_nl_fill_rule()
1017 nla_put_port_range(skb, FRA_SPORT_RANGE, &rule->sport_range)) || in fib_nl_fill_rule()
1018 (fib_rule_port_range_set(&rule->dport_range) && in fib_nl_fill_rule()
1019 nla_put_port_range(skb, FRA_DPORT_RANGE, &rule->dport_range)) || in fib_nl_fill_rule()
1020 (rule->ip_proto && nla_put_u8(skb, FRA_IP_PROTO, rule->ip_proto))) in fib_nl_fill_rule()
1023 if (rule->suppress_ifgroup != -1) { in fib_nl_fill_rule()
1024 if (nla_put_u32(skb, FRA_SUPPRESS_IFGROUP, rule->suppress_ifgroup)) in fib_nl_fill_rule()
1028 if (ops->fill(rule, skb, frh) < 0) in fib_nl_fill_rule()
1043 struct fib_rule *rule; in dump_rules() local
1047 list_for_each_entry_rcu(rule, &ops->rules_list, list) { in dump_rules()
1051 err = fib_nl_fill_rule(skb, rule, NETLINK_CB(cb->skb).portid, in dump_rules()
1102 static void notify_rule_change(int event, struct fib_rule *rule, in notify_rule_change() argument
1111 skb = nlmsg_new(fib_rule_nlmsg_size(ops, rule), GFP_KERNEL); in notify_rule_change()
1115 err = fib_nl_fill_rule(skb, rule, pid, nlh->nlmsg_seq, event, 0, ops); in notify_rule_change()
1132 struct fib_rule *rule; in attach_rules() local
1134 list_for_each_entry(rule, rules, list) { in attach_rules()
1135 if (rule->iifindex == -1 && in attach_rules()
1136 strcmp(dev->name, rule->iifname) == 0) in attach_rules()
1137 rule->iifindex = dev->ifindex; in attach_rules()
1138 if (rule->oifindex == -1 && in attach_rules()
1139 strcmp(dev->name, rule->oifname) == 0) in attach_rules()
1140 rule->oifindex = dev->ifindex; in attach_rules()
1146 struct fib_rule *rule; in detach_rules() local
1148 list_for_each_entry(rule, rules, list) { in detach_rules()
1149 if (rule->iifindex == dev->ifindex) in detach_rules()
1150 rule->iifindex = -1; in detach_rules()
1151 if (rule->oifindex == dev->ifindex) in detach_rules()
1152 rule->oifindex = -1; in detach_rules()