1 // SPDX-License-Identifier: GPL-2.0-only
2 /* Copyright (c) 2023 Isovalent */
4 #include <linux/netdevice.h>
5 #include <linux/ethtool.h>
6 #include <linux/etherdevice.h>
7 #include <linux/filter.h>
8 #include <linux/netfilter_netdev.h>
9 #include <linux/bpf_mprog.h>
10 #include <linux/indirect_call_wrapper.h>
12 #include <net/netkit.h>
16 #define DRV_NAME "netkit"
19 /* Needed in fast-path */
20 struct net_device __rcu
*peer
;
21 struct bpf_mprog_entry __rcu
*active
;
22 enum netkit_action policy
;
23 struct bpf_mprog_bundle bundle
;
25 /* Needed in slow-path */
26 enum netkit_mode mode
;
33 struct net_device
*dev
;
37 static __always_inline
int
38 netkit_run(const struct bpf_mprog_entry
*entry
, struct sk_buff
*skb
,
39 enum netkit_action ret
)
41 const struct bpf_mprog_fp
*fp
;
42 const struct bpf_prog
*prog
;
44 bpf_mprog_foreach_prog(entry
, fp
, prog
) {
45 bpf_compute_data_pointers(skb
);
46 ret
= bpf_prog_run(prog
, skb
);
47 if (ret
!= NETKIT_NEXT
)
53 static void netkit_prep_forward(struct sk_buff
*skb
, bool xnet
)
55 skb_scrub_packet(skb
, xnet
);
57 nf_skip_egress(skb
, true);
60 static struct netkit
*netkit_priv(const struct net_device
*dev
)
62 return netdev_priv(dev
);
65 static netdev_tx_t
netkit_xmit(struct sk_buff
*skb
, struct net_device
*dev
)
67 struct netkit
*nk
= netkit_priv(dev
);
68 enum netkit_action ret
= READ_ONCE(nk
->policy
);
69 netdev_tx_t ret_dev
= NET_XMIT_SUCCESS
;
70 const struct bpf_mprog_entry
*entry
;
71 struct net_device
*peer
;
75 peer
= rcu_dereference(nk
->peer
);
76 if (unlikely(!peer
|| !(peer
->flags
& IFF_UP
) ||
77 !pskb_may_pull(skb
, ETH_HLEN
) ||
78 skb_orphan_frags(skb
, GFP_ATOMIC
)))
80 netkit_prep_forward(skb
, !net_eq(dev_net(dev
), dev_net(peer
)));
82 entry
= rcu_dereference(nk
->active
);
84 ret
= netkit_run(entry
, skb
, ret
);
88 skb
->protocol
= eth_type_trans(skb
, skb
->dev
);
89 skb_postpull_rcsum(skb
, eth_hdr(skb
), ETH_HLEN
);
90 if (likely(__netif_rx(skb
) == NET_RX_SUCCESS
)) {
91 dev_sw_netstats_tx_add(dev
, 1, len
);
92 dev_sw_netstats_rx_add(peer
, len
);
98 dev_sw_netstats_tx_add(dev
, 1, len
);
106 dev_core_stats_tx_dropped_inc(dev
);
107 ret_dev
= NET_XMIT_DROP
;
114 static int netkit_open(struct net_device
*dev
)
116 struct netkit
*nk
= netkit_priv(dev
);
117 struct net_device
*peer
= rtnl_dereference(nk
->peer
);
121 if (peer
->flags
& IFF_UP
) {
122 netif_carrier_on(dev
);
123 netif_carrier_on(peer
);
128 static int netkit_close(struct net_device
*dev
)
130 struct netkit
*nk
= netkit_priv(dev
);
131 struct net_device
*peer
= rtnl_dereference(nk
->peer
);
133 netif_carrier_off(dev
);
135 netif_carrier_off(peer
);
139 static int netkit_get_iflink(const struct net_device
*dev
)
141 struct netkit
*nk
= netkit_priv(dev
);
142 struct net_device
*peer
;
146 peer
= rcu_dereference(nk
->peer
);
148 iflink
= peer
->ifindex
;
153 static void netkit_set_multicast(struct net_device
*dev
)
155 /* Nothing to do, we receive whatever gets pushed to us! */
158 static void netkit_set_headroom(struct net_device
*dev
, int headroom
)
160 struct netkit
*nk
= netkit_priv(dev
), *nk2
;
161 struct net_device
*peer
;
164 headroom
= NET_SKB_PAD
;
167 peer
= rcu_dereference(nk
->peer
);
171 nk2
= netkit_priv(peer
);
172 nk
->headroom
= headroom
;
173 headroom
= max(nk
->headroom
, nk2
->headroom
);
175 peer
->needed_headroom
= headroom
;
176 dev
->needed_headroom
= headroom
;
181 INDIRECT_CALLABLE_SCOPE
struct net_device
*netkit_peer_dev(struct net_device
*dev
)
183 return rcu_dereference(netkit_priv(dev
)->peer
);
186 static void netkit_get_stats(struct net_device
*dev
,
187 struct rtnl_link_stats64
*stats
)
189 dev_fetch_sw_netstats(stats
, dev
->tstats
);
190 stats
->tx_dropped
= DEV_STATS_READ(dev
, tx_dropped
);
193 static void netkit_uninit(struct net_device
*dev
);
195 static const struct net_device_ops netkit_netdev_ops
= {
196 .ndo_open
= netkit_open
,
197 .ndo_stop
= netkit_close
,
198 .ndo_start_xmit
= netkit_xmit
,
199 .ndo_set_rx_mode
= netkit_set_multicast
,
200 .ndo_set_rx_headroom
= netkit_set_headroom
,
201 .ndo_get_iflink
= netkit_get_iflink
,
202 .ndo_get_peer_dev
= netkit_peer_dev
,
203 .ndo_get_stats64
= netkit_get_stats
,
204 .ndo_uninit
= netkit_uninit
,
205 .ndo_features_check
= passthru_features_check
,
208 static void netkit_get_drvinfo(struct net_device
*dev
,
209 struct ethtool_drvinfo
*info
)
211 strscpy(info
->driver
, DRV_NAME
, sizeof(info
->driver
));
214 static const struct ethtool_ops netkit_ethtool_ops
= {
215 .get_drvinfo
= netkit_get_drvinfo
,
218 static void netkit_setup(struct net_device
*dev
)
220 static const netdev_features_t netkit_features_hw_vlan
=
221 NETIF_F_HW_VLAN_CTAG_TX
|
222 NETIF_F_HW_VLAN_CTAG_RX
|
223 NETIF_F_HW_VLAN_STAG_TX
|
224 NETIF_F_HW_VLAN_STAG_RX
;
225 static const netdev_features_t netkit_features
=
226 netkit_features_hw_vlan
|
233 NETIF_F_GSO_SOFTWARE
|
234 NETIF_F_GSO_ENCAP_ALL
;
237 dev
->max_mtu
= ETH_MAX_MTU
;
238 dev
->pcpu_stat_type
= NETDEV_PCPU_STAT_TSTATS
;
240 dev
->flags
|= IFF_NOARP
;
241 dev
->priv_flags
&= ~IFF_TX_SKB_SHARING
;
242 dev
->priv_flags
|= IFF_LIVE_ADDR_CHANGE
;
243 dev
->priv_flags
|= IFF_PHONY_HEADROOM
;
244 dev
->priv_flags
|= IFF_NO_QUEUE
;
246 dev
->ethtool_ops
= &netkit_ethtool_ops
;
247 dev
->netdev_ops
= &netkit_netdev_ops
;
249 dev
->features
|= netkit_features
| NETIF_F_LLTX
;
250 dev
->hw_features
= netkit_features
;
251 dev
->hw_enc_features
= netkit_features
;
252 dev
->mpls_features
= NETIF_F_HW_CSUM
| NETIF_F_GSO_SOFTWARE
;
253 dev
->vlan_features
= dev
->features
& ~netkit_features_hw_vlan
;
255 dev
->needs_free_netdev
= true;
257 netif_set_tso_max_size(dev
, GSO_MAX_SIZE
);
260 static struct net
*netkit_get_link_net(const struct net_device
*dev
)
262 struct netkit
*nk
= netkit_priv(dev
);
263 struct net_device
*peer
= rtnl_dereference(nk
->peer
);
265 return peer
? dev_net(peer
) : dev_net(dev
);
268 static int netkit_check_policy(int policy
, struct nlattr
*tb
,
269 struct netlink_ext_ack
*extack
)
276 NL_SET_ERR_MSG_ATTR(extack
, tb
,
277 "Provided default xmit policy not supported");
282 static int netkit_check_mode(int mode
, struct nlattr
*tb
,
283 struct netlink_ext_ack
*extack
)
290 NL_SET_ERR_MSG_ATTR(extack
, tb
,
291 "Provided device mode can only be L2 or L3");
296 static int netkit_validate(struct nlattr
*tb
[], struct nlattr
*data
[],
297 struct netlink_ext_ack
*extack
)
299 struct nlattr
*attr
= tb
[IFLA_ADDRESS
];
303 NL_SET_ERR_MSG_ATTR(extack
, attr
,
304 "Setting Ethernet address is not supported");
308 static struct rtnl_link_ops netkit_link_ops
;
310 static int netkit_new_link(struct net
*src_net
, struct net_device
*dev
,
311 struct nlattr
*tb
[], struct nlattr
*data
[],
312 struct netlink_ext_ack
*extack
)
314 struct nlattr
*peer_tb
[IFLA_MAX
+ 1], **tbp
= tb
, *attr
;
315 enum netkit_action default_prim
= NETKIT_PASS
;
316 enum netkit_action default_peer
= NETKIT_PASS
;
317 enum netkit_mode mode
= NETKIT_L3
;
318 unsigned char ifname_assign_type
;
319 struct ifinfomsg
*ifmp
= NULL
;
320 struct net_device
*peer
;
321 char ifname
[IFNAMSIZ
];
327 if (data
[IFLA_NETKIT_MODE
]) {
328 attr
= data
[IFLA_NETKIT_MODE
];
329 mode
= nla_get_u32(attr
);
330 err
= netkit_check_mode(mode
, attr
, extack
);
334 if (data
[IFLA_NETKIT_PEER_INFO
]) {
335 attr
= data
[IFLA_NETKIT_PEER_INFO
];
336 ifmp
= nla_data(attr
);
337 err
= rtnl_nla_parse_ifinfomsg(peer_tb
, attr
, extack
);
340 err
= netkit_validate(peer_tb
, NULL
, extack
);
345 if (data
[IFLA_NETKIT_POLICY
]) {
346 attr
= data
[IFLA_NETKIT_POLICY
];
347 default_prim
= nla_get_u32(attr
);
348 err
= netkit_check_policy(default_prim
, attr
, extack
);
352 if (data
[IFLA_NETKIT_PEER_POLICY
]) {
353 attr
= data
[IFLA_NETKIT_PEER_POLICY
];
354 default_peer
= nla_get_u32(attr
);
355 err
= netkit_check_policy(default_peer
, attr
, extack
);
361 if (ifmp
&& tbp
[IFLA_IFNAME
]) {
362 nla_strscpy(ifname
, tbp
[IFLA_IFNAME
], IFNAMSIZ
);
363 ifname_assign_type
= NET_NAME_USER
;
365 strscpy(ifname
, "nk%d", IFNAMSIZ
);
366 ifname_assign_type
= NET_NAME_ENUM
;
369 net
= rtnl_link_get_net(src_net
, tbp
);
373 peer
= rtnl_create_link(net
, ifname
, ifname_assign_type
,
374 &netkit_link_ops
, tbp
, extack
);
377 return PTR_ERR(peer
);
380 netif_inherit_tso_max(peer
, dev
);
382 if (mode
== NETKIT_L2
)
383 eth_hw_addr_random(peer
);
384 if (ifmp
&& dev
->ifindex
)
385 peer
->ifindex
= ifmp
->ifi_index
;
387 nk
= netkit_priv(peer
);
389 nk
->policy
= default_peer
;
391 bpf_mprog_bundle_init(&nk
->bundle
);
393 err
= register_netdevice(peer
);
396 goto err_register_peer
;
397 netif_carrier_off(peer
);
398 if (mode
== NETKIT_L2
)
399 dev_change_flags(peer
, peer
->flags
& ~IFF_NOARP
, NULL
);
401 err
= rtnl_configure_link(peer
, NULL
, 0, NULL
);
403 goto err_configure_peer
;
405 if (mode
== NETKIT_L2
)
406 eth_hw_addr_random(dev
);
408 nla_strscpy(dev
->name
, tb
[IFLA_IFNAME
], IFNAMSIZ
);
410 strscpy(dev
->name
, "nk%d", IFNAMSIZ
);
412 nk
= netkit_priv(dev
);
414 nk
->policy
= default_prim
;
416 bpf_mprog_bundle_init(&nk
->bundle
);
418 err
= register_netdevice(dev
);
420 goto err_configure_peer
;
421 netif_carrier_off(dev
);
422 if (mode
== NETKIT_L2
)
423 dev_change_flags(dev
, dev
->flags
& ~IFF_NOARP
, NULL
);
425 rcu_assign_pointer(netkit_priv(dev
)->peer
, peer
);
426 rcu_assign_pointer(netkit_priv(peer
)->peer
, dev
);
429 unregister_netdevice(peer
);
436 static struct bpf_mprog_entry
*netkit_entry_fetch(struct net_device
*dev
,
437 bool bundle_fallback
)
439 struct netkit
*nk
= netkit_priv(dev
);
440 struct bpf_mprog_entry
*entry
;
443 entry
= rcu_dereference_rtnl(nk
->active
);
447 return &nk
->bundle
.a
;
451 static void netkit_entry_update(struct net_device
*dev
,
452 struct bpf_mprog_entry
*entry
)
454 struct netkit
*nk
= netkit_priv(dev
);
457 rcu_assign_pointer(nk
->active
, entry
);
460 static void netkit_entry_sync(void)
465 static struct net_device
*netkit_dev_fetch(struct net
*net
, u32 ifindex
, u32 which
)
467 struct net_device
*dev
;
473 case BPF_NETKIT_PRIMARY
:
474 case BPF_NETKIT_PEER
:
477 return ERR_PTR(-EINVAL
);
480 dev
= __dev_get_by_index(net
, ifindex
);
482 return ERR_PTR(-ENODEV
);
483 if (dev
->netdev_ops
!= &netkit_netdev_ops
)
484 return ERR_PTR(-ENXIO
);
486 nk
= netkit_priv(dev
);
488 return ERR_PTR(-EACCES
);
489 if (which
== BPF_NETKIT_PEER
) {
490 dev
= rcu_dereference_rtnl(nk
->peer
);
492 return ERR_PTR(-ENODEV
);
497 int netkit_prog_attach(const union bpf_attr
*attr
, struct bpf_prog
*prog
)
499 struct bpf_mprog_entry
*entry
, *entry_new
;
500 struct bpf_prog
*replace_prog
= NULL
;
501 struct net_device
*dev
;
505 dev
= netkit_dev_fetch(current
->nsproxy
->net_ns
, attr
->target_ifindex
,
511 entry
= netkit_entry_fetch(dev
, true);
512 if (attr
->attach_flags
& BPF_F_REPLACE
) {
513 replace_prog
= bpf_prog_get_type(attr
->replace_bpf_fd
,
515 if (IS_ERR(replace_prog
)) {
516 ret
= PTR_ERR(replace_prog
);
521 ret
= bpf_mprog_attach(entry
, &entry_new
, prog
, NULL
, replace_prog
,
522 attr
->attach_flags
, attr
->relative_fd
,
523 attr
->expected_revision
);
525 if (entry
!= entry_new
) {
526 netkit_entry_update(dev
, entry_new
);
529 bpf_mprog_commit(entry
);
533 bpf_prog_put(replace_prog
);
538 int netkit_prog_detach(const union bpf_attr
*attr
, struct bpf_prog
*prog
)
540 struct bpf_mprog_entry
*entry
, *entry_new
;
541 struct net_device
*dev
;
545 dev
= netkit_dev_fetch(current
->nsproxy
->net_ns
, attr
->target_ifindex
,
551 entry
= netkit_entry_fetch(dev
, false);
556 ret
= bpf_mprog_detach(entry
, &entry_new
, prog
, NULL
, attr
->attach_flags
,
557 attr
->relative_fd
, attr
->expected_revision
);
559 if (!bpf_mprog_total(entry_new
))
561 netkit_entry_update(dev
, entry_new
);
563 bpf_mprog_commit(entry
);
570 int netkit_prog_query(const union bpf_attr
*attr
, union bpf_attr __user
*uattr
)
572 struct net_device
*dev
;
576 dev
= netkit_dev_fetch(current
->nsproxy
->net_ns
,
577 attr
->query
.target_ifindex
,
578 attr
->query
.attach_type
);
583 ret
= bpf_mprog_query(attr
, uattr
, netkit_entry_fetch(dev
, false));
589 static struct netkit_link
*netkit_link(const struct bpf_link
*link
)
591 return container_of(link
, struct netkit_link
, link
);
594 static int netkit_link_prog_attach(struct bpf_link
*link
, u32 flags
,
595 u32 id_or_fd
, u64 revision
)
597 struct netkit_link
*nkl
= netkit_link(link
);
598 struct bpf_mprog_entry
*entry
, *entry_new
;
599 struct net_device
*dev
= nkl
->dev
;
603 entry
= netkit_entry_fetch(dev
, true);
604 ret
= bpf_mprog_attach(entry
, &entry_new
, link
->prog
, link
, NULL
, flags
,
607 if (entry
!= entry_new
) {
608 netkit_entry_update(dev
, entry_new
);
611 bpf_mprog_commit(entry
);
616 static void netkit_link_release(struct bpf_link
*link
)
618 struct netkit_link
*nkl
= netkit_link(link
);
619 struct bpf_mprog_entry
*entry
, *entry_new
;
620 struct net_device
*dev
;
627 entry
= netkit_entry_fetch(dev
, false);
632 ret
= bpf_mprog_detach(entry
, &entry_new
, link
->prog
, link
, 0, 0, 0);
634 if (!bpf_mprog_total(entry_new
))
636 netkit_entry_update(dev
, entry_new
);
638 bpf_mprog_commit(entry
);
646 static int netkit_link_update(struct bpf_link
*link
, struct bpf_prog
*nprog
,
647 struct bpf_prog
*oprog
)
649 struct netkit_link
*nkl
= netkit_link(link
);
650 struct bpf_mprog_entry
*entry
, *entry_new
;
651 struct net_device
*dev
;
660 if (oprog
&& link
->prog
!= oprog
) {
665 if (oprog
== nprog
) {
669 entry
= netkit_entry_fetch(dev
, false);
674 ret
= bpf_mprog_attach(entry
, &entry_new
, nprog
, link
, oprog
,
675 BPF_F_REPLACE
| BPF_F_ID
,
676 link
->prog
->aux
->id
, 0);
678 WARN_ON_ONCE(entry
!= entry_new
);
679 oprog
= xchg(&link
->prog
, nprog
);
681 bpf_mprog_commit(entry
);
688 static void netkit_link_dealloc(struct bpf_link
*link
)
690 kfree(netkit_link(link
));
693 static void netkit_link_fdinfo(const struct bpf_link
*link
, struct seq_file
*seq
)
695 const struct netkit_link
*nkl
= netkit_link(link
);
700 ifindex
= nkl
->dev
->ifindex
;
703 seq_printf(seq
, "ifindex:\t%u\n", ifindex
);
704 seq_printf(seq
, "attach_type:\t%u (%s)\n",
706 nkl
->location
== BPF_NETKIT_PRIMARY
? "primary" : "peer");
709 static int netkit_link_fill_info(const struct bpf_link
*link
,
710 struct bpf_link_info
*info
)
712 const struct netkit_link
*nkl
= netkit_link(link
);
717 ifindex
= nkl
->dev
->ifindex
;
720 info
->netkit
.ifindex
= ifindex
;
721 info
->netkit
.attach_type
= nkl
->location
;
725 static int netkit_link_detach(struct bpf_link
*link
)
727 netkit_link_release(link
);
731 static const struct bpf_link_ops netkit_link_lops
= {
732 .release
= netkit_link_release
,
733 .detach
= netkit_link_detach
,
734 .dealloc
= netkit_link_dealloc
,
735 .update_prog
= netkit_link_update
,
736 .show_fdinfo
= netkit_link_fdinfo
,
737 .fill_link_info
= netkit_link_fill_info
,
740 static int netkit_link_init(struct netkit_link
*nkl
,
741 struct bpf_link_primer
*link_primer
,
742 const union bpf_attr
*attr
,
743 struct net_device
*dev
,
744 struct bpf_prog
*prog
)
746 bpf_link_init(&nkl
->link
, BPF_LINK_TYPE_NETKIT
,
747 &netkit_link_lops
, prog
);
748 nkl
->location
= attr
->link_create
.attach_type
;
750 return bpf_link_prime(&nkl
->link
, link_primer
);
753 int netkit_link_attach(const union bpf_attr
*attr
, struct bpf_prog
*prog
)
755 struct bpf_link_primer link_primer
;
756 struct netkit_link
*nkl
;
757 struct net_device
*dev
;
761 dev
= netkit_dev_fetch(current
->nsproxy
->net_ns
,
762 attr
->link_create
.target_ifindex
,
763 attr
->link_create
.attach_type
);
768 nkl
= kzalloc(sizeof(*nkl
), GFP_KERNEL_ACCOUNT
);
773 ret
= netkit_link_init(nkl
, &link_primer
, attr
, dev
, prog
);
778 ret
= netkit_link_prog_attach(&nkl
->link
,
779 attr
->link_create
.flags
,
780 attr
->link_create
.netkit
.relative_fd
,
781 attr
->link_create
.netkit
.expected_revision
);
784 bpf_link_cleanup(&link_primer
);
787 ret
= bpf_link_settle(&link_primer
);
793 static void netkit_release_all(struct net_device
*dev
)
795 struct bpf_mprog_entry
*entry
;
796 struct bpf_tuple tuple
= {};
797 struct bpf_mprog_fp
*fp
;
798 struct bpf_mprog_cp
*cp
;
800 entry
= netkit_entry_fetch(dev
, false);
803 netkit_entry_update(dev
, NULL
);
805 bpf_mprog_foreach_tuple(entry
, fp
, cp
, tuple
) {
807 netkit_link(tuple
.link
)->dev
= NULL
;
809 bpf_prog_put(tuple
.prog
);
813 static void netkit_uninit(struct net_device
*dev
)
815 netkit_release_all(dev
);
818 static void netkit_del_link(struct net_device
*dev
, struct list_head
*head
)
820 struct netkit
*nk
= netkit_priv(dev
);
821 struct net_device
*peer
= rtnl_dereference(nk
->peer
);
823 RCU_INIT_POINTER(nk
->peer
, NULL
);
824 unregister_netdevice_queue(dev
, head
);
826 nk
= netkit_priv(peer
);
827 RCU_INIT_POINTER(nk
->peer
, NULL
);
828 unregister_netdevice_queue(peer
, head
);
832 static int netkit_change_link(struct net_device
*dev
, struct nlattr
*tb
[],
833 struct nlattr
*data
[],
834 struct netlink_ext_ack
*extack
)
836 struct netkit
*nk
= netkit_priv(dev
);
837 struct net_device
*peer
= rtnl_dereference(nk
->peer
);
838 enum netkit_action policy
;
843 NL_SET_ERR_MSG(extack
,
844 "netkit link settings can be changed only through the primary device");
848 if (data
[IFLA_NETKIT_MODE
]) {
849 NL_SET_ERR_MSG_ATTR(extack
, data
[IFLA_NETKIT_MODE
],
850 "netkit link operating mode cannot be changed after device creation");
854 if (data
[IFLA_NETKIT_PEER_INFO
]) {
855 NL_SET_ERR_MSG_ATTR(extack
, data
[IFLA_NETKIT_PEER_INFO
],
856 "netkit peer info cannot be changed after device creation");
860 if (data
[IFLA_NETKIT_POLICY
]) {
861 attr
= data
[IFLA_NETKIT_POLICY
];
862 policy
= nla_get_u32(attr
);
863 err
= netkit_check_policy(policy
, attr
, extack
);
866 WRITE_ONCE(nk
->policy
, policy
);
869 if (data
[IFLA_NETKIT_PEER_POLICY
]) {
871 attr
= data
[IFLA_NETKIT_PEER_POLICY
];
872 policy
= nla_get_u32(attr
);
874 err
= netkit_check_policy(policy
, attr
, extack
);
877 nk
= netkit_priv(peer
);
878 WRITE_ONCE(nk
->policy
, policy
);
884 static size_t netkit_get_size(const struct net_device
*dev
)
886 return nla_total_size(sizeof(u32
)) + /* IFLA_NETKIT_POLICY */
887 nla_total_size(sizeof(u32
)) + /* IFLA_NETKIT_PEER_POLICY */
888 nla_total_size(sizeof(u8
)) + /* IFLA_NETKIT_PRIMARY */
889 nla_total_size(sizeof(u32
)) + /* IFLA_NETKIT_MODE */
893 static int netkit_fill_info(struct sk_buff
*skb
, const struct net_device
*dev
)
895 struct netkit
*nk
= netkit_priv(dev
);
896 struct net_device
*peer
= rtnl_dereference(nk
->peer
);
898 if (nla_put_u8(skb
, IFLA_NETKIT_PRIMARY
, nk
->primary
))
900 if (nla_put_u32(skb
, IFLA_NETKIT_POLICY
, nk
->policy
))
902 if (nla_put_u32(skb
, IFLA_NETKIT_MODE
, nk
->mode
))
906 nk
= netkit_priv(peer
);
907 if (nla_put_u32(skb
, IFLA_NETKIT_PEER_POLICY
, nk
->policy
))
914 static const struct nla_policy netkit_policy
[IFLA_NETKIT_MAX
+ 1] = {
915 [IFLA_NETKIT_PEER_INFO
] = { .len
= sizeof(struct ifinfomsg
) },
916 [IFLA_NETKIT_POLICY
] = { .type
= NLA_U32
},
917 [IFLA_NETKIT_MODE
] = { .type
= NLA_U32
},
918 [IFLA_NETKIT_PEER_POLICY
] = { .type
= NLA_U32
},
919 [IFLA_NETKIT_PRIMARY
] = { .type
= NLA_REJECT
,
920 .reject_message
= "Primary attribute is read-only" },
923 static struct rtnl_link_ops netkit_link_ops
= {
925 .priv_size
= sizeof(struct netkit
),
926 .setup
= netkit_setup
,
927 .newlink
= netkit_new_link
,
928 .dellink
= netkit_del_link
,
929 .changelink
= netkit_change_link
,
930 .get_link_net
= netkit_get_link_net
,
931 .get_size
= netkit_get_size
,
932 .fill_info
= netkit_fill_info
,
933 .policy
= netkit_policy
,
934 .validate
= netkit_validate
,
935 .maxtype
= IFLA_NETKIT_MAX
,
938 static __init
int netkit_init(void)
940 BUILD_BUG_ON((int)NETKIT_NEXT
!= (int)TCX_NEXT
||
941 (int)NETKIT_PASS
!= (int)TCX_PASS
||
942 (int)NETKIT_DROP
!= (int)TCX_DROP
||
943 (int)NETKIT_REDIRECT
!= (int)TCX_REDIRECT
);
945 return rtnl_link_register(&netkit_link_ops
);
948 static __exit
void netkit_exit(void)
950 rtnl_link_unregister(&netkit_link_ops
);
953 module_init(netkit_init
);
954 module_exit(netkit_exit
);
956 MODULE_DESCRIPTION("BPF-programmable network device");
957 MODULE_AUTHOR("Daniel Borkmann <daniel@iogearbox.net>");
958 MODULE_AUTHOR("Nikolay Aleksandrov <razor@blackwall.org>");
959 MODULE_LICENSE("GPL");
960 MODULE_ALIAS_RTNL_LINK(DRV_NAME
);