Google Git
Sign in
nest-open-source / manifest_repos / sdk / 298baf23afcd1beb26cd47146293d6ea996a71fc / . / qca-nss-ecm / ecm_db / ecm_db_connection.c
blob: fd68f232d8c44ae0751ea2a3fdc1306e12cbdd48 [file] [log] [blame]
/*
**************************************************************************
* Copyright (c) 2014-2022, The Linux Foundation. All rights reserved.
* Copyright (c) 2022 Qualcomm Innovation Center, Inc. All rights reserved.
*
* Permission to use, copy, modify, and/or distribute this software for
* any purpose with or without fee is hereby granted, provided that the
* above copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
* OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
**************************************************************************
*/
#include <linux/version.h>
#include <linux/types.h>
#include <linux/ip.h>
#include <linux/tcp.h>
#include <linux/module.h>
#include <linux/skbuff.h>
#include <linux/icmp.h>
#include <linux/kthread.h>
#include <linux/debugfs.h>
#include <linux/pkt_sched.h>
#include <linux/string.h>
#include <linux/random.h>
#include <net/route.h>
#include <net/ip.h>
#include <net/tcp.h>
#include <asm/unaligned.h>
#include <asm/uaccess.h> /* for put_user */
#include <net/ipv6.h>
#include <net/ip6_route.h>
#include <linux/inet.h>
#include <linux/in.h>
#include <linux/udp.h>
#include <linux/tcp.h>
#include <linux/netfilter_ipv4.h>
#include <linux/netfilter_bridge.h>
#include <net/netfilter/nf_conntrack.h>
#include <net/netfilter/nf_conntrack_helper.h>
#include <net/netfilter/nf_conntrack_l4proto.h>
#include <net/netfilter/nf_conntrack_core.h>
#include <net/netfilter/ipv4/nf_conntrack_ipv4.h>
#include <net/netfilter/ipv4/nf_defrag_ipv4.h>
/*
* Debug output levels
* 0 = OFF
* 1 = ASSERTS / ERRORS
* 2 = 1 + WARN
* 3 = 2 + INFO
* 4 = 3 + TRACE
*/
#define DEBUG_LEVEL ECM_DB_DEBUG_LEVEL
#include "ecm_types.h"
#include "ecm_db_types.h"
#include "ecm_state.h"
#include "ecm_tracker.h"
#include "ecm_classifier.h"
#include "ecm_front_end_types.h"
#include "ecm_classifier_default.h"
#include "ecm_db.h"
/*
* Magic number
*/
#ifdef ECM_DB_CTA_TRACK_ENABLE
#define ECM_DB_CLASSIFIER_TYPE_ASSIGNMENT_MAGIC 0xAEF4
#endif
/*
* Global list.
* All instances are inserted into global list - this allows easy iteration of all instances of a particular type.
* The list is doubly linked for fast removal. The list is in no particular order.
*/
struct ecm_db_connection_instance *ecm_db_connections = NULL;
/*
* Connection hash table
*/
#define ECM_DB_CONNECTION_HASH_SLOTS 32768
static struct ecm_db_connection_instance **ecm_db_connection_table;
/* Slots of the connection hash table */
static int *ecm_db_connection_table_lengths;
/* Tracks how long each chain is */
static int ecm_db_connection_count = 0; /* Number of connections allocated */
/*
* Connection serial number hash table
*/
#define ECM_DB_CONNECTION_SERIAL_HASH_SLOTS 32768
struct ecm_db_connection_instance **ecm_db_connection_serial_table;
/* Slots of the connection serial hash table */
int *ecm_db_connection_serial_table_lengths;
/* Tracks how long each chain is */
static int ecm_db_connection_serial = 0; /* Serial number - ensures each connection has a unique serial number.
* Serial numbers are used mainly by classifiers that keep their own state
* and can 'link' their state to the right connection using a serial number.
* The serial number is also used as a soft linkage to other subsystems such as NA.
*/
/*
* Simple stats
*/
#define ECM_DB_PROTOCOL_COUNT 256
static int ecm_db_connection_count_by_protocol[ECM_DB_PROTOCOL_COUNT]; /* Each IP protocol has its own count */
/*
* Connection state validity
* This counter is incremented whenever a general change is detected which requires re-generation of state for ALL connections.
*/
uint16_t ecm_db_connection_generation = 0; /* Generation counter to detect when all connection state is considered stale and all must be re-generated */
#ifdef ECM_DB_CTA_TRACK_ENABLE
/*
* Classifier TYPE assignment lists.
*
* For each type of classifier a list is kept of all connections assigned a classifier of that type.
* This permits a classifier type to rapidly retrieve all connections with classifiers assigned to it of that type.
*
* NOTE: This is in addition to the basic functionality whereby a connection keeps a list of classifier instances
* that are assigned to it in descending order of priority.
*/
/*
* struct ecm_db_connection_classifier_type_assignment_list
* A list, one for each classifier type.
*/
struct ecm_db_connection_classifier_type_assignment_list {
struct ecm_db_connection_instance *type_assignments_list;
/* Lists of connections assigned to this type of classifier */
int32_t type_assignment_count; /* Number of connections in the list */
} ecm_db_connection_classifier_type_assignments[ECM_CLASSIFIER_TYPES];
/* Each classifier type has a list of connections that are assigned to classifier instances of that type */
#endif
/*
* _ecm_db_connection_count_get()
* Return the connection count (lockless).
*/
int _ecm_db_connection_count_get(void)
{
return ecm_db_connection_count;
}
/*
* ecm_db_connection_count_get()
* Return the connection count
*/
int ecm_db_connection_count_get(void)
{
int count;
spin_lock_bh(&ecm_db_lock);
count = ecm_db_connection_count;
spin_unlock_bh(&ecm_db_lock);
return count;
}
EXPORT_SYMBOL(ecm_db_connection_count_get);
/*
* ecm_db_connection_count_by_protocol_get()
* Return # connections for the given protocol
*/
int ecm_db_connection_count_by_protocol_get(int protocol)
{
int count;
DEBUG_ASSERT((protocol >= 0) && (protocol < ECM_DB_PROTOCOL_COUNT), "Bad protocol: %d\n", protocol);
spin_lock_bh(&ecm_db_lock);
count = ecm_db_connection_count_by_protocol[protocol];
spin_unlock_bh(&ecm_db_lock);
return count;
}
EXPORT_SYMBOL(ecm_db_connection_count_by_protocol_get);
/*
* ecm_db_connection_l2_encap_proto_set()
* Sets the L2 encap protocol.
*/
void ecm_db_connection_l2_encap_proto_set(struct ecm_db_connection_instance *ci, uint16_t l2_encap_proto)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
spin_lock_bh(&ecm_db_lock);
ci->l2_encap_proto = l2_encap_proto;
spin_unlock_bh(&ecm_db_lock);
}
/*
* ecm_db_connection_l2_encap_proto_get()
* Gets the L2 encap protocol.
*/
uint16_t ecm_db_connection_l2_encap_proto_get(struct ecm_db_connection_instance *ci)
{
uint16_t proto;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
spin_lock_bh(&ecm_db_lock);
proto = ci->l2_encap_proto;
spin_unlock_bh(&ecm_db_lock);
return proto;
}
/*
* ecm_db_connection_mark_set()
* Sets the mark value of the connection.
*/
void ecm_db_connection_mark_set(struct ecm_db_connection_instance *ci, uint32_t mark)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
spin_lock_bh(&ecm_db_lock);
ci->mark = mark;
spin_unlock_bh(&ecm_db_lock);
}
/*
* ecm_db_connection_flag_set()
* Sets the flag in connection instance.
*/
void ecm_db_connection_flag_set(struct ecm_db_connection_instance *ci, uint32_t flag)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
spin_lock_bh(&ecm_db_lock);
ci->flags |= flag;
spin_unlock_bh(&ecm_db_lock);
}
/*
* ecm_db_connection_mark_get()
* Gets the mark value of the connection.
*/
uint32_t ecm_db_connection_mark_get(struct ecm_db_connection_instance *ci)
{
uint16_t mark;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
spin_lock_bh(&ecm_db_lock);
mark = ci->mark;
spin_unlock_bh(&ecm_db_lock);
return mark;
}
/*
* ecm_db_connection_front_end_get_and_ref()
* Return ref to the front end instance of the connection
*/
struct ecm_front_end_connection_instance *ecm_db_connection_front_end_get_and_ref(struct ecm_db_connection_instance *ci)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
ci->feci->ref(ci->feci);
return ci->feci;
}
EXPORT_SYMBOL(ecm_db_connection_front_end_get_and_ref);
/*
* ecm_db_connection_defunct_callback()
* Invoked by the expiration of the defunct_timer contained in a connection instance
*/
static void ecm_db_connection_defunct_callback(void *arg)
{
int accel_mode;
bool ret;
struct ecm_db_connection_instance *ci = (struct ecm_db_connection_instance *)arg;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
DEBUG_INFO("%px: defunct timer expired\n", ci);
ret = ci->defunct(ci->feci, &accel_mode);
/*
* If the returned 'ret' is success, this means this callback succeeded to
* defunct the connection and it can release the last reference.
* If it fails, this means that another defunct process defuncted the connection
* before this callback. In that case, we will check the accel_mode of the connection.
* If the other call defuncted the connection successfully, it will set the accel_mode to
* ECM_FRONT_END_ACCELERATION_MODE_FAIL_DEFUNCT_SHORT for s short amount of time to avoid
* further accel/decel attempts. So, in this accel_mode, this callback shouldn't release the
* last reference. It will be released by the ecm_db_connection_make_defunct() function.
*/
if (ret || (ECM_FRONT_END_ACCELERATION_FAILED(accel_mode) && (accel_mode != ECM_FRONT_END_ACCELERATION_MODE_FAIL_DEFUNCT_SHORT))) {
ecm_db_connection_deref(ci);
}
}
/*
* ecm_db_connection_elapsed_defunct_timer()
* Returns the elapsed time of defunct timer.
* If the timer is already expired and not removed from the database, the
* function returns a negative value. The caller MUST handle this return value.
*/
int ecm_db_connection_elapsed_defunct_timer(struct ecm_db_connection_instance *ci)
{
long int expires_in;
int elapsed;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
/*
* Do some sanity checks.
* If it is not in a timer group, which means already expired, or the
* connection has not been fully created yet. Just return 0.
*/
spin_lock_bh(&ecm_db_lock);
if (ci->defunct_timer.group == ECM_DB_TIMER_GROUPS_MAX) {
spin_unlock_bh(&ecm_db_lock);
return -1;
}
/*
* Already expired, but not removed from the database completely.
*/
expires_in = (long int)(ci->defunct_timer.timeout - ecm_db_time);
if (expires_in < 0) {
spin_unlock_bh(&ecm_db_lock);
return -1;
}
elapsed = ecm_db_timer_groups[ci->defunct_timer.group].time - expires_in;
spin_unlock_bh(&ecm_db_lock);
return elapsed;
}
EXPORT_SYMBOL(ecm_db_connection_elapsed_defunct_timer);
/*
* ecm_db_connection_defunct_timer_reset()
* Set/change the timer group associated with a connection. Returns false if the connection has become defunct and the new group cannot be set for that reason.
*/
bool ecm_db_connection_defunct_timer_reset(struct ecm_db_connection_instance *ci, ecm_db_timer_group_t tg)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
return ecm_db_timer_group_entry_reset(&ci->defunct_timer, tg);
}
EXPORT_SYMBOL(ecm_db_connection_defunct_timer_reset);
/*
* ecm_db_connection_defunct_timer_touch()
* Update the connections defunct timer to stop it timing out. Returns false if the connection defunct timer has expired.
*/
bool ecm_db_connection_defunct_timer_touch(struct ecm_db_connection_instance *ci)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
return ecm_db_timer_group_entry_touch(&ci->defunct_timer);
}
EXPORT_SYMBOL(ecm_db_connection_defunct_timer_touch);
/*
* ecm_db_connection_defunct_timer_no_touch_set()
* Set no touch flag in CI
*/
void ecm_db_connection_defunct_timer_no_touch_set(struct ecm_db_connection_instance *ci)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%p: magic failed", ci);
ci->timer_no_touch = true;
}
/*
* ecm_db_connection_defunct_timer_no_touch_get()
* Get no touch flag in CI
*/
bool ecm_db_connection_defunct_timer_no_touch_get(struct ecm_db_connection_instance *ci)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%p: magic failed", ci);
return ci->timer_no_touch;
}
/*
* ecm_db_connection_timer_group_get()
* Return the timer group id
*/
ecm_db_timer_group_t ecm_db_connection_timer_group_get(struct ecm_db_connection_instance *ci)
{
ecm_db_timer_group_t tg;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
spin_lock_bh(&ecm_db_lock);
tg = ci->defunct_timer.group;
spin_unlock_bh(&ecm_db_lock);
return tg;
}
EXPORT_SYMBOL(ecm_db_connection_timer_group_get);
/*
* ecm_db_connection_make_defunct()
* Make connection defunct.
*/
void ecm_db_connection_make_defunct(struct ecm_db_connection_instance *ci)
{
int accel_mode;
bool ret;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
/*
* If connection's defunct timer is already removed from the groups,
* this means that the connection is timed out and already in defunct process.
* So, let's not continue in this defunct process.
*/
spin_lock_bh(&ecm_db_lock);
if (ci->defunct_timer.group == ECM_DB_TIMER_GROUPS_MAX) {
spin_unlock_bh(&ecm_db_lock);
return;
}
spin_unlock_bh(&ecm_db_lock);
/*
* Call the frontend's defunct callback function and handle the return values.
*/
ret = ci->defunct(ci->feci, &accel_mode);
/*
* If the defunct is success, first we should remove the timer and then release
* the last reference. It is possible that while we are handling the defunct callback,
* the timer was expired and removed from the list. So, we don't need to check the
* return value of the timer removal function. Regardless of who removed the timer, we should
* release the last reference.
*/
if (ret) {
ecm_db_timer_group_entry_remove(&ci->defunct_timer);
ecm_db_connection_deref(ci);
return;
}
/*
* If defunct fails and the connection state is in one of the fail states, we should remove the timer
* and release the last reference. In this case we should check the timer removal function's return value
* to make sure that it is removed by us.
*/
if (ECM_FRONT_END_ACCELERATION_FAILED(accel_mode)) {
if (ecm_db_timer_group_entry_remove(&ci->defunct_timer)) {
ecm_db_connection_deref(ci);
}
}
}
EXPORT_SYMBOL(ecm_db_connection_make_defunct);
/*
* ecm_db_connection_data_totals_update()
* Update the total data (and packets) sent/received by the given host
*/
void ecm_db_connection_data_totals_update(struct ecm_db_connection_instance *ci, bool is_from, uint64_t size, uint64_t packets)
{
int32_t i;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
spin_lock_bh(&ecm_db_lock);
if (is_from) {
/*
* Update totals sent by the FROM side of connection
*/
ci->from_data_total += size;
ci->from_packet_total += packets;
#ifdef ECM_DB_ADVANCED_STATS_ENABLE
ci->mapping[ECM_DB_OBJ_DIR_FROM]->from_data_total += size;
ci->mapping[ECM_DB_OBJ_DIR_FROM]->host->from_data_total += size;
ci->node[ECM_DB_OBJ_DIR_FROM]->from_data_total += size;
ci->mapping[ECM_DB_OBJ_DIR_FROM]->from_packet_total += packets;
ci->mapping[ECM_DB_OBJ_DIR_FROM]->host->from_packet_total += packets;
ci->node[ECM_DB_OBJ_DIR_FROM]->from_packet_total += packets;
/*
* Data from the host is essentially TO the interface on which the host is reachable
*/
for (i = ci->interface_first[ECM_DB_OBJ_DIR_FROM]; i < ECM_DB_IFACE_HEIRARCHY_MAX; ++i) {
ci->interfaces[ECM_DB_OBJ_DIR_FROM][i]->to_data_total += size;
ci->interfaces[ECM_DB_OBJ_DIR_FROM][i]->to_packet_total += packets;
}
/*
* Update totals sent TO the other side of the connection
*/
ci->mapping[ECM_DB_OBJ_DIR_TO]->to_data_total += size;
ci->mapping[ECM_DB_OBJ_DIR_TO]->host->to_data_total += size;
ci->node[ECM_DB_OBJ_DIR_TO]->to_data_total += size;
ci->mapping[ECM_DB_OBJ_DIR_TO]->to_packet_total += packets;
ci->mapping[ECM_DB_OBJ_DIR_TO]->host->to_packet_total += packets;
ci->node[ECM_DB_OBJ_DIR_TO]->to_packet_total += packets;
/*
* Sending to the other side means FROM the interface we reach that host
*/
for (i = ci->interface_first[ECM_DB_OBJ_DIR_TO]; i < ECM_DB_IFACE_HEIRARCHY_MAX; ++i) {
ci->interfaces[ECM_DB_OBJ_DIR_TO][i]->from_data_total += size;
ci->interfaces[ECM_DB_OBJ_DIR_TO][i]->from_packet_total += packets;
}
#endif
spin_unlock_bh(&ecm_db_lock);
return;
}
/*
* Update totals sent by the TO side of this connection
*/
ci->to_data_total += size;
ci->to_packet_total += packets;
#ifdef ECM_DB_ADVANCED_STATS_ENABLE
ci->mapping[ECM_DB_OBJ_DIR_TO]->from_data_total += size;
ci->mapping[ECM_DB_OBJ_DIR_TO]->host->from_data_total += size;
ci->node[ECM_DB_OBJ_DIR_TO]->from_data_total += size;
ci->mapping[ECM_DB_OBJ_DIR_TO]->from_packet_total += packets;
ci->mapping[ECM_DB_OBJ_DIR_TO]->host->from_packet_total += packets;
ci->node[ECM_DB_OBJ_DIR_TO]->from_packet_total += packets;
/*
* Data from the host is essentially TO the interface on which the host is reachable
*/
for (i = ci->interface_first[ECM_DB_OBJ_DIR_TO]; i < ECM_DB_IFACE_HEIRARCHY_MAX; ++i) {
ci->interfaces[ECM_DB_OBJ_DIR_TO][i]->to_data_total += size;
ci->interfaces[ECM_DB_OBJ_DIR_TO][i]->to_packet_total += packets;
}
/*
* Update totals sent TO the other side of the connection
*/
ci->mapping[ECM_DB_OBJ_DIR_FROM]->to_data_total += size;
ci->mapping[ECM_DB_OBJ_DIR_FROM]->host->to_data_total += size;
ci->node[ECM_DB_OBJ_DIR_FROM]->to_data_total += size;
ci->mapping[ECM_DB_OBJ_DIR_FROM]->to_packet_total += packets;
ci->mapping[ECM_DB_OBJ_DIR_FROM]->host->to_packet_total += packets;
ci->node[ECM_DB_OBJ_DIR_FROM]->to_packet_total += packets;
/*
* Sending to the other side means FROM the interface we reach that host
*/
for (i = ci->interface_first[ECM_DB_OBJ_DIR_FROM]; i < ECM_DB_IFACE_HEIRARCHY_MAX; ++i) {
ci->interfaces[ECM_DB_OBJ_DIR_FROM][i]->from_data_total += size;
ci->interfaces[ECM_DB_OBJ_DIR_FROM][i]->from_packet_total += packets;
}
#endif
spin_unlock_bh(&ecm_db_lock);
}
EXPORT_SYMBOL(ecm_db_connection_data_totals_update);
/*
* ecm_db_connection_data_totals_update_dropped()
* Update the total data (and packets) sent by the given host but which we dropped
*/
void ecm_db_connection_data_totals_update_dropped(struct ecm_db_connection_instance *ci, bool is_from, uint64_t size, uint64_t packets)
{
int32_t i;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
if (is_from) {
/*
* Update dropped totals sent by the FROM side
*/
spin_lock_bh(&ecm_db_lock);
ci->from_data_total_dropped += size;
ci->from_packet_total_dropped += packets;
#ifdef ECM_DB_ADVANCED_STATS_ENABLE
ci->mapping[ECM_DB_OBJ_DIR_FROM]->from_data_total_dropped += size;
ci->mapping[ECM_DB_OBJ_DIR_FROM]->host->from_data_total_dropped += size;
ci->node[ECM_DB_OBJ_DIR_FROM]->from_data_total_dropped += size;
ci->mapping[ECM_DB_OBJ_DIR_FROM]->from_packet_total_dropped += packets;
ci->mapping[ECM_DB_OBJ_DIR_FROM]->host->from_packet_total_dropped += packets;
ci->node[ECM_DB_OBJ_DIR_FROM]->from_packet_total_dropped += packets;
/*
* Data from the host is essentially TO the interface on which the host is reachable
*/
for (i = ci->interface_first[ECM_DB_OBJ_DIR_FROM]; i < ECM_DB_IFACE_HEIRARCHY_MAX; ++i) {
ci->interfaces[ECM_DB_OBJ_DIR_FROM][i]->to_data_total_dropped += size;
ci->interfaces[ECM_DB_OBJ_DIR_FROM][i]->to_packet_total_dropped += packets;
}
#endif
spin_unlock_bh(&ecm_db_lock);
return;
}
/*
* Update dropped totals sent by the TO side of this connection
*/
spin_lock_bh(&ecm_db_lock);
ci->to_data_total_dropped += size;
ci->to_packet_total_dropped += packets;
#ifdef ECM_DB_ADVANCED_STATS_ENABLE
ci->mapping[ECM_DB_OBJ_DIR_TO]->from_data_total_dropped += size;
ci->mapping[ECM_DB_OBJ_DIR_TO]->host->from_data_total_dropped += size;
ci->node[ECM_DB_OBJ_DIR_TO]->from_data_total_dropped += size;
ci->mapping[ECM_DB_OBJ_DIR_TO]->from_packet_total_dropped += packets;
ci->mapping[ECM_DB_OBJ_DIR_TO]->host->from_packet_total_dropped += packets;
ci->node[ECM_DB_OBJ_DIR_TO]->from_packet_total_dropped += packets;
/*
* Data from the host is essentially TO the interface on which the host is reachable
*/
for (i = ci->interface_first[ECM_DB_OBJ_DIR_TO]; i < ECM_DB_IFACE_HEIRARCHY_MAX; ++i) {
ci->interfaces[ECM_DB_OBJ_DIR_TO][i]->to_data_total_dropped += size;
ci->interfaces[ECM_DB_OBJ_DIR_TO][i]->to_packet_total_dropped += packets;
}
#endif
spin_unlock_bh(&ecm_db_lock);
}
EXPORT_SYMBOL(ecm_db_connection_data_totals_update_dropped);
/*
* ecm_db_connection_data_stats_get()
* Return data stats for the instance
*/
void ecm_db_connection_data_stats_get(struct ecm_db_connection_instance *ci, uint64_t *from_data_total, uint64_t *to_data_total,
uint64_t *from_packet_total, uint64_t *to_packet_total,
uint64_t *from_data_total_dropped, uint64_t *to_data_total_dropped,
uint64_t *from_packet_total_dropped, uint64_t *to_packet_total_dropped)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
spin_lock_bh(&ecm_db_lock);
if (from_data_total) {
*from_data_total = ci->from_data_total;
}
if (to_data_total) {
*to_data_total = ci->to_data_total;
}
if (from_packet_total) {
*from_packet_total = ci->from_packet_total;
}
if (to_packet_total) {
*to_packet_total = ci->to_packet_total;
}
if (from_data_total_dropped) {
*from_data_total_dropped = ci->from_data_total_dropped;
}
if (to_data_total_dropped) {
*to_data_total_dropped = ci->to_data_total_dropped;
}
if (from_packet_total_dropped) {
*from_packet_total_dropped = ci->from_packet_total_dropped;
}
if (to_packet_total_dropped) {
*to_packet_total_dropped = ci->to_packet_total_dropped;
}
spin_unlock_bh(&ecm_db_lock);
}
EXPORT_SYMBOL(ecm_db_connection_data_stats_get);
/*
* ecm_db_connection_serial_get()
* Return serial
*/
uint32_t ecm_db_connection_serial_get(struct ecm_db_connection_instance *ci)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
return ci->serial;
}
EXPORT_SYMBOL(ecm_db_connection_serial_get);
/*
* ecm_db_connection_address_get()
* Return ip address address
*/
void ecm_db_connection_address_get(struct ecm_db_connection_instance *ci, ecm_db_obj_dir_t dir, ip_addr_t addr)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
DEBUG_CHECK_MAGIC(ci->mapping[dir], ECM_DB_MAPPING_INSTANCE_MAGIC, "%px: magic failed", ci->mapping[dir]);
DEBUG_CHECK_MAGIC(ci->mapping[dir]->host, ECM_DB_HOST_INSTANCE_MAGIC, "%px: magic failed", ci->mapping[dir]->host);
ECM_IP_ADDR_COPY(addr, ci->mapping[dir]->host->address);
}
EXPORT_SYMBOL(ecm_db_connection_address_get);
/*
* ecm_db_connection_port_get()
* Return port
*/
int ecm_db_connection_port_get(struct ecm_db_connection_instance *ci, ecm_db_obj_dir_t dir)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
DEBUG_CHECK_MAGIC(ci->mapping[dir], ECM_DB_MAPPING_INSTANCE_MAGIC, "%px: magic failed", ci->mapping[dir]);
return ci->mapping[dir]->port;
}
EXPORT_SYMBOL(ecm_db_connection_port_get);
/*
* ecm_db_connection_node_address_get()
* Return address of the node used when sending packets to the specified side.
*/
void ecm_db_connection_node_address_get(struct ecm_db_connection_instance *ci, ecm_db_obj_dir_t dir, uint8_t *address_buffer)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
memcpy(address_buffer, ci->node[dir]->address, ETH_ALEN);
}
EXPORT_SYMBOL(ecm_db_connection_node_address_get);
/*
* ecm_db_connection_iface_name_get()
* Return name of interface on which the specified side may be reached
*/
void ecm_db_connection_iface_name_get(struct ecm_db_connection_instance *ci, ecm_db_obj_dir_t dir, char *name_buffer)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
strlcpy(name_buffer, ci->node[dir]->iface->name, IFNAMSIZ);
}
EXPORT_SYMBOL(ecm_db_connection_iface_name_get);
/*
* ecm_db_connection_iface_mtu_get()
* Return MTU of interface on which the specified side may be reached
*/
int ecm_db_connection_iface_mtu_get(struct ecm_db_connection_instance *ci, ecm_db_obj_dir_t dir)
{
int mtu;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
spin_lock_bh(&ecm_db_lock);
mtu = ci->node[dir]->iface->mtu;
spin_unlock_bh(&ecm_db_lock);
return mtu;
}
EXPORT_SYMBOL(ecm_db_connection_iface_mtu_get);
/*
* ecm_db_connection_iface_type_get()
* Return type of interface on which the specified side may be reached
*/
ecm_db_iface_type_t ecm_db_connection_iface_type_get(struct ecm_db_connection_instance *ci, ecm_db_obj_dir_t dir)
{
ecm_db_iface_type_t type;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
spin_lock_bh(&ecm_db_lock);
type = ci->node[dir]->iface->type;
spin_unlock_bh(&ecm_db_lock);
return type;
}
EXPORT_SYMBOL(ecm_db_connection_iface_type_get);
/*
* ecm_db_connection_regeneration_occurrances_get()
* Get the number of regeneration occurrances that have occurred since the connection was created.
*/
uint16_t ecm_db_connection_regeneration_occurrances_get(struct ecm_db_connection_instance *ci)
{
uint16_t occurances;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
spin_lock_bh(&ecm_db_lock);
occurances = ci->regen_occurances;
spin_unlock_bh(&ecm_db_lock);
return occurances;
}
EXPORT_SYMBOL(ecm_db_connection_regeneration_occurrances_get);
/*
* ecm_db_connection_regeneration_completed()
* Re-generation was completed successfully
*/
void ecm_db_connection_regeneration_completed(struct ecm_db_connection_instance *ci)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
spin_lock_bh(&ecm_db_lock);
DEBUG_ASSERT(ci->regen_in_progress, "%px: Bad call", ci);
DEBUG_ASSERT(ci->regen_required > 0, "%px: Bad call", ci);
/*
* Decrement the required counter by 1.
* This may mean that regeneration is still required due to another change occuring _during_ re-generation.
*/
ci->regen_required--;
ci->regen_in_progress = false;
ci->regen_success++;
spin_unlock_bh(&ecm_db_lock);
}
EXPORT_SYMBOL(ecm_db_connection_regeneration_completed);
/*
* ecm_db_connection_regeneration_failed()
* Re-generation failed
*/
void ecm_db_connection_regeneration_failed(struct ecm_db_connection_instance *ci)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
spin_lock_bh(&ecm_db_lock);
DEBUG_ASSERT(ci->regen_in_progress, "%px: Bad call", ci);
DEBUG_ASSERT(ci->regen_required > 0, "%px: Bad call", ci);
/*
* Re-generation is no longer in progress BUT we leave the regen
* counter as it is so as to indicate re-generation is still needed
*/
ci->regen_in_progress = false;
ci->regen_fail++;
spin_unlock_bh(&ecm_db_lock);
}
EXPORT_SYMBOL(ecm_db_connection_regeneration_failed);
/*
* ecm_db_connection_regeneration_required_check()
* Returns true if the connection needs to be re-generated.
*
* If re-generation is needed this will mark the connection to indicate that re-generation is needed AND in progress.
* If the return code is TRUE the caller MUST handle the re-generation.
* Upon re-generation completion you must call ecm_db_connection_regeneration_completed() or ecm_db_connection_regeneration_failed().
*/
bool ecm_db_connection_regeneration_required_check(struct ecm_db_connection_instance *ci)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
/*
* Check the global generation counter for changes
*/
spin_lock_bh(&ecm_db_lock);
if (ci->generation != ecm_db_connection_generation) {
/*
* Re-generation is needed
*/
ci->regen_occurances++;
ci->regen_required++;
/*
* Record that we have seen this change
*/
ci->generation = ecm_db_connection_generation;
}
/*
* If re-generation is in progress then something is handling re-generation already
* so we tell the caller that it cannot handle re-generation.
*/
if (ci->regen_in_progress) {
spin_unlock_bh(&ecm_db_lock);
return false;
}
/*
* Is re-generation required?
*/
if (ci->regen_required == 0) {
spin_unlock_bh(&ecm_db_lock);
return false;
}
/*
* Flag that re-generation is in progress and tell the caller to handle re-generation
*/
ci->regen_in_progress = true;
spin_unlock_bh(&ecm_db_lock);
return true;
}
EXPORT_SYMBOL(ecm_db_connection_regeneration_required_check);
/*
* ecm_db_connection_regeneration_required_peek()
* Returns true if the connection needs to be regenerated.
*
* NOTE: The caller MUST NOT handle re-generation, the caller may use this indication
* to determine the sanity of the connection state and whether acceleration is permitted.
*/
bool ecm_db_connection_regeneration_required_peek(struct ecm_db_connection_instance *ci)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
spin_lock_bh(&ecm_db_lock);
/*
* Check the global generation counter for changes (record any change now)
*/
if (ci->generation != ecm_db_connection_generation) {
/*
* Re-generation is needed, flag the connection as needing re-generation now.
*/
ci->regen_occurances++;
ci->regen_required++;
/*
* Record that we have seen this change
*/
ci->generation = ecm_db_connection_generation;
}
if (ci->regen_required == 0) {
spin_unlock_bh(&ecm_db_lock);
return false;
}
spin_unlock_bh(&ecm_db_lock);
return true;
}
EXPORT_SYMBOL(ecm_db_connection_regeneration_required_peek);
/*
* ecm_db_connection_regeneration_needed()
* Cause a specific connection to require re-generation
*
* NOTE: This only flags that re-generation is needed.
* The connection will typically be re-generated when ecm_db_connection_regeneration_required_check() is invoked.
*/
void ecm_db_connection_regeneration_needed(struct ecm_db_connection_instance *ci)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
spin_lock_bh(&ecm_db_lock);
ci->regen_occurances++;
ci->regen_required++;
spin_unlock_bh(&ecm_db_lock);
}
EXPORT_SYMBOL(ecm_db_connection_regeneration_needed);
/*
* ecm_db_regeneration_needed()
* Bump the global generation index to cause a re-generation of all connections state.
*/
void ecm_db_regeneration_needed(void)
{
spin_lock_bh(&ecm_db_lock);
ecm_db_connection_generation++;
spin_unlock_bh(&ecm_db_lock);
}
EXPORT_SYMBOL(ecm_db_regeneration_needed);
/*
* ecm_db_connection_regenerate()
* Re-generate a specific connection
*/
void ecm_db_connection_regenerate(struct ecm_db_connection_instance *ci)
{
struct ecm_front_end_connection_instance *feci;
DEBUG_TRACE("Regenerate connection: %px\n", ci);
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
/*
* Notify front end to regenerate a connection.
*/
feci = ecm_db_connection_front_end_get_and_ref(ci);
feci->regenerate(feci, ci);
feci->deref(feci);
}
EXPORT_SYMBOL(ecm_db_connection_regenerate);
/*
* ecm_db_connection_direction_get()
* Return direction of the connection.
*
* NOTE: an EGRESS connection means that packets being sent to mapping_to should have qos applied.
* INGRESS means that packets being sent to mapping[ECM_DB_OBJ_DIR_FROM] should have qos applied.
*/
ecm_db_direction_t ecm_db_connection_direction_get(struct ecm_db_connection_instance *ci)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
return ci->direction;
}
EXPORT_SYMBOL(ecm_db_connection_direction_get);
/*
* ecm_db_connection_is_routed_get()
* Return whether connection is a routed path or not
*/
bool ecm_db_connection_is_routed_get(struct ecm_db_connection_instance *ci)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
return ci->is_routed;
}
EXPORT_SYMBOL(ecm_db_connection_is_routed_get);
/*
* ecm_db_connection_protocol_get()
* Return protocol of connection
*/
int ecm_db_connection_protocol_get(struct ecm_db_connection_instance *ci)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
return ci->protocol;
}
EXPORT_SYMBOL(ecm_db_connection_protocol_get);
/*
* ecm_db_connection_ip_version_get()
* Return IP version of connection
*/
int ecm_db_connection_ip_version_get(struct ecm_db_connection_instance *ci)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
return ci->ip_version;
}
EXPORT_SYMBOL(ecm_db_connection_ip_version_get);
/*
* ecm_db_connection_is_pppoe_bridged_get()
* Return whether connection is pppoe bridged or not
*/
bool ecm_db_connection_is_pppoe_bridged_get(struct ecm_db_connection_instance *ci)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
return ci->flags & ECM_DB_CONNECTION_FLAGS_PPPOE_BRIDGE;
}
/*
* ecm_db_connection_defunct_timer_remove_and_set()
* Move the connection to a new timer group.
*
* Before setting the new group, check if the timer group is set. If it is set,
* remove it first from the current group.
*
*/
void ecm_db_connection_defunct_timer_remove_and_set(struct ecm_db_connection_instance *ci, ecm_db_timer_group_t tg)
{
struct ecm_db_timer_group_entry *tge;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
DEBUG_TRACE("%px: ecm_db_connection_defunct_timer_remove_and_set\n", ci);
spin_lock_bh(&ecm_db_lock);
tge = &ci->defunct_timer;
if (tge->group == tg) {
spin_unlock_bh(&ecm_db_lock);
DEBUG_TRACE("%px: timer group is aslready equal to %d\n", ci, tg);
return;
}
if (tge->group != ECM_DB_TIMER_GROUPS_MAX) {
_ecm_db_timer_group_entry_remove(tge);
}
/*
* Set new group
*/
_ecm_db_timer_group_entry_set(tge, tg);
spin_unlock_bh(&ecm_db_lock);
DEBUG_TRACE("%px: New timer group is: %d\n", ci, tge->group);
}
EXPORT_SYMBOL(ecm_db_connection_defunct_timer_remove_and_set);
/*
* _ecm_db_connection_ref()
*/
void _ecm_db_connection_ref(struct ecm_db_connection_instance *ci)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
ci->refs++;
DEBUG_TRACE("%px: connection ref %d\n", ci, ci->refs);
DEBUG_ASSERT(ci->refs > 0, "%px: ref wrap\n", ci);
}
/*
* ecm_db_connection_ref()
*/
void ecm_db_connection_ref(struct ecm_db_connection_instance *ci)
{
spin_lock_bh(&ecm_db_lock);
_ecm_db_connection_ref(ci);
spin_unlock_bh(&ecm_db_lock);
}
EXPORT_SYMBOL(ecm_db_connection_ref);
/*
* ecm_db_connections_get_and_ref_first()
* Obtain a ref to the first connection instance, if any
*/
struct ecm_db_connection_instance *ecm_db_connections_get_and_ref_first(void)
{
struct ecm_db_connection_instance *ci;
spin_lock_bh(&ecm_db_lock);
ci = ecm_db_connections;
if (ci) {
_ecm_db_connection_ref(ci);
}
spin_unlock_bh(&ecm_db_lock);
return ci;
}
EXPORT_SYMBOL(ecm_db_connections_get_and_ref_first);
/*
* ecm_db_connection_get_and_ref_next()
* Return the next connection in the list given a connection
*/
struct ecm_db_connection_instance *ecm_db_connection_get_and_ref_next(struct ecm_db_connection_instance *ci)
{
struct ecm_db_connection_instance *cin;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
spin_lock_bh(&ecm_db_lock);
cin = ci->next;
if (cin) {
_ecm_db_connection_ref(cin);
}
spin_unlock_bh(&ecm_db_lock);
return cin;
}
EXPORT_SYMBOL(ecm_db_connection_get_and_ref_next);
#ifdef ECM_DB_CTA_TRACK_ENABLE
/*
* _ecm_db_classifier_type_assignment_remove()
* Remove the connection from the classifier type assignment list (of the given type)
*/
static void _ecm_db_classifier_type_assignment_remove(struct ecm_db_connection_instance *ci, ecm_classifier_type_t ca_type)
{
struct ecm_db_connection_classifier_type_assignment *ta;
struct ecm_db_connection_classifier_type_assignment_list *tal;
DEBUG_ASSERT(spin_is_locked(&ecm_db_lock), "%px: lock is not held\n", ci);
DEBUG_TRACE("%px: Classifier type assignment remove: %d\n", ci, ca_type);
ta = &ci->type_assignment[ca_type];
DEBUG_CHECK_MAGIC(ta, ECM_DB_CLASSIFIER_TYPE_ASSIGNMENT_MAGIC, "%px: magic failed, ci: %px\n", ta, ci);
DEBUG_ASSERT(ta->iteration_count == 0, "%px: iteration count: %d, type: %d\n", ci, ta->iteration_count, ca_type);
if (ta->next) {
struct ecm_db_connection_classifier_type_assignment *tan = &ta->next->type_assignment[ca_type];
DEBUG_ASSERT(tan->prev == ci, "Bad list, expecting: %px, got: %px\n", ci, tan->prev);
tan->prev = ta->prev;
}
tal = &ecm_db_connection_classifier_type_assignments[ca_type];
if (ta->prev) {
struct ecm_db_connection_classifier_type_assignment *tap = &ta->prev->type_assignment[ca_type];
DEBUG_ASSERT(tap->next == ci, "Bad list, expecting: %px, got: %px\n", ci, tap->next);
tap->next = ta->next;
} else {
/*
* Set new head of list
*/
DEBUG_ASSERT(tal->type_assignments_list == ci, "Bad head, expecting %px, got %px, type: %d\n", ci, tal->type_assignments_list, ca_type);
tal->type_assignments_list = ta->next;
}
ta->next = NULL;
ta->prev = NULL;
ta->pending_unassign = false;
/*
* Decrement assignment count
*/
tal->type_assignment_count--;
DEBUG_ASSERT(tal->type_assignment_count >= 0, "Bad type assignment count: %d, type: %d\n", tal->type_assignment_count, ca_type);
DEBUG_CLEAR_MAGIC(ta);
}
#endif
/*
* _ecm_db_connection_classifier_unassign()
* Unassign a classifier and remove the classifier type
*
* The default classifier cannot be unassigned.
*/
static inline void _ecm_db_connection_classifier_unassign(struct ecm_db_connection_instance *ci, struct ecm_classifier_instance *cci, ecm_classifier_type_t ca_type)
{
#ifdef ECM_DB_CTA_TRACK_ENABLE
struct ecm_db_connection_classifier_type_assignment *ta;
#endif
DEBUG_ASSERT(spin_is_locked(&ecm_db_lock), "%px: lock is not held\n", ci);
/*
* Clear the assignment.
*/
ci->assignments_by_type[ca_type] = NULL;
/*
* Link out of assignments list
*/
if (cci->ca_prev) {
cci->ca_prev->ca_next = cci->ca_next;
} else {
DEBUG_ASSERT(ci->assignments == cci, "%px: Bad assigmnment list, expecting: %px, got: %px", ci, cci, ci->assignments);
ci->assignments = cci->ca_next;
}
if (cci->ca_next) {
cci->ca_next->ca_prev = cci->ca_prev;
}
cci->ca_next = NULL;
cci->ca_prev = NULL;
#ifdef ECM_DB_CTA_TRACK_ENABLE
/*
* Remove from the classifier type assignment list
*/
ta = &ci->type_assignment[ca_type];
DEBUG_CHECK_MAGIC(ta, ECM_DB_CLASSIFIER_TYPE_ASSIGNMENT_MAGIC, "%px: magic failed, ci: %px", ta, ci);
if (ta->iteration_count > 0) {
/*
* The list entry is being iterated outside of db lock being held.
* We cannot remove this entry since it would mess up iteration.
* Set the pending flag to be actioned another time
*/
ta->pending_unassign = true;
return;
}
/*
* Remove the list entry
*/
DEBUG_INFO("%px: Remove type assignment: %d\n", ci, ca_type);
_ecm_db_classifier_type_assignment_remove(ci, ca_type);
#endif
cci->deref(cci);
}
/*
* ecm_db_connection_deref()
* Release reference to connection. Connection is removed from database on final deref and destroyed.
*/
int ecm_db_connection_deref(struct ecm_db_connection_instance *ci)
{
#ifdef ECM_DB_CTA_TRACK_ENABLE
ecm_classifier_type_t ca_type;
#endif
int32_t i;
int32_t dir;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
spin_lock_bh(&ecm_db_lock);
ci->refs--;
DEBUG_TRACE("%px: connection deref %d\n", ci, ci->refs);
DEBUG_ASSERT(ci->refs >= 0, "%px: ref wrap\n", ci);
if (ci->refs > 0) {
int refs = ci->refs;
spin_unlock_bh(&ecm_db_lock);
return refs;
}
#ifdef ECM_MULTICAST_ENABLE
/*
* For multicast connections, we need to deref the
* associated tuple instance as well
*/
if (ci->ti) {
_ecm_db_multicast_tuple_instance_deref(ci->ti);
}
#endif
/*
* Remove from database if inserted
*/
if (!ci->flags & ECM_DB_CONNECTION_FLAGS_INSERTED) {
spin_unlock_bh(&ecm_db_lock);
} else {
struct ecm_db_listener_instance *li;
#ifdef ECM_DB_XREF_ENABLE
struct ecm_db_iface_instance *iface[ECM_DB_OBJ_DIR_MAX];
#endif
/*
* Remove it from the connection hash table
*/
if (!ci->hash_prev) {
DEBUG_ASSERT(ecm_db_connection_table[ci->hash_index] == ci, "%px: hash table bad\n", ci);
ecm_db_connection_table[ci->hash_index] = ci->hash_next;
} else {
ci->hash_prev->hash_next = ci->hash_next;
}
if (ci->hash_next) {
ci->hash_next->hash_prev = ci->hash_prev;
}
ci->hash_prev = NULL;
ci->hash_next = NULL;
ecm_db_connection_table_lengths[ci->hash_index]--;
DEBUG_ASSERT(ecm_db_connection_table_lengths[ci->hash_index] >= 0, "%px: invalid table len %d\n", ci, ecm_db_connection_table_lengths[ci->hash_index]);
/*
* Remove it from the connection serial hash table
*/
if (!ci->serial_hash_prev) {
DEBUG_ASSERT(ecm_db_connection_serial_table[ci->serial_hash_index] == ci, "%px: hash table bad\n", ci);
ecm_db_connection_serial_table[ci->serial_hash_index] = ci->serial_hash_next;
} else {
ci->serial_hash_prev->serial_hash_next = ci->serial_hash_next;
}
if (ci->serial_hash_next) {
ci->serial_hash_next->serial_hash_prev = ci->serial_hash_prev;
}
ci->serial_hash_prev = NULL;
ci->serial_hash_next = NULL;
ecm_db_connection_serial_table_lengths[ci->serial_hash_index]--;
DEBUG_ASSERT(ecm_db_connection_serial_table_lengths[ci->serial_hash_index] >= 0, "%px: invalid table len %d\n", ci, ecm_db_connection_serial_table_lengths[ci->serial_hash_index]);
/*
* Remove from the global list
*/
if (!ci->prev) {
DEBUG_ASSERT(ecm_db_connections == ci, "%px: conn table bad\n", ci);
ecm_db_connections = ci->next;
} else {
ci->prev->next = ci->next;
}
if (ci->next) {
ci->next->prev = ci->prev;
}
ci->prev = NULL;
ci->next = NULL;
#ifdef ECM_DB_XREF_ENABLE
/*
* Remove connection from the mappings' connection list
*/
for (dir = 0; dir < ECM_DB_OBJ_DIR_MAX; dir++) {
if (!ci->mapping_prev[dir]) {
DEBUG_ASSERT(ci->mapping[dir]->connections[dir] == ci, "%px: %s conn table bad\n", ci, ecm_db_obj_dir_strings[dir]);
ci->mapping[dir]->connections[dir] = ci->mapping_next[dir];
} else {
ci->mapping_prev[dir]->mapping_next[dir] = ci->mapping_next[dir];
}
if (ci->mapping_next[dir]) {
ci->mapping_next[dir]->mapping_prev[dir] = ci->mapping_prev[dir];
}
ci->mapping_prev[dir] = NULL;
ci->mapping_next[dir] = NULL;
}
/*
* Remove connection from the ifaces' connection list
* GGG TODO Deprecated. Interface lists will be used instead. To be deleted.
*/
for (dir = 0; dir < ECM_DB_OBJ_DIR_MAX; dir++) {
iface[dir] = ci->node[dir]->iface;
if (!ci->iface_prev[dir]) {
DEBUG_ASSERT(iface[dir]->connections[dir] == ci,
"%px: iface %s conn table bad\n",
ci, ecm_db_obj_dir_strings[dir]);
iface[dir]->connections[dir] = ci->iface_next[dir];
} else {
ci->iface_prev[dir]->iface_next[dir] = ci->iface_next[dir];
}
if (ci->iface_next[dir]) {
ci->iface_next[dir]->iface_prev[dir] = ci->iface_prev[dir];
}
ci->iface_prev[dir] = NULL;
ci->iface_next[dir] = NULL;
}
/*
* Remove connection from its nodes' connection list
*/
for (dir = 0; dir < ECM_DB_OBJ_DIR_MAX; dir++) {
if (!ci->node_prev[dir]) {
DEBUG_ASSERT(ci->node[dir]->connections[dir] == ci,
"%px: %s node conn table bad, got: %px\n",
ci, ecm_db_obj_dir_strings[dir], ci->node[dir]->connections[dir]);
ci->node[dir]->connections[dir] = ci->node_next[dir];
} else {
ci->node_prev[dir]->node_next[dir] = ci->node_next[dir];
}
if (ci->node_next[dir]) {
ci->node_next[dir]->node_prev[dir] = ci->node_prev[dir];
}
ci->node_prev[dir] = NULL;
ci->node_next[dir] = NULL;
ci->node[dir]->connections_count[dir]--;
DEBUG_ASSERT(ci->node[dir]->connections_count[dir] >= 0, "%px: %s node bad count\n", ci, ecm_db_obj_dir_strings[dir]);
}
#endif
/*
* Update the counters in the mappings
*/
if (ci->protocol == IPPROTO_UDP) {
for (dir = 0; dir < ECM_DB_OBJ_DIR_MAX; dir++) {
ci->mapping[dir]->udp_count[dir]--;
}
} else if (ci->protocol == IPPROTO_TCP) {
for (dir = 0; dir < ECM_DB_OBJ_DIR_MAX; dir++) {
ci->mapping[dir]->tcp_count[dir]--;
}
}
for (dir = 0; dir < ECM_DB_OBJ_DIR_MAX; dir++) {
ci->mapping[dir]->conn_count[dir]--;
}
/*
* Assert that the defunt timer has been detached
*/
DEBUG_ASSERT(ci->defunct_timer.group == ECM_DB_TIMER_GROUPS_MAX, "%px: unexpected timer group %d\n", ci, ci->defunct_timer.group);
/*
* Decrement protocol counter stats
*/
ecm_db_connection_count_by_protocol[ci->protocol]--;
DEBUG_ASSERT(ecm_db_connection_count_by_protocol[ci->protocol] >= 0, "%px: Invalid protocol count %d\n", ci, ecm_db_connection_count_by_protocol[ci->protocol]);
spin_unlock_bh(&ecm_db_lock);
/*
* Throw removed event to listeners
*/
DEBUG_TRACE("%px: Throw connection removed event\n", ci);
li = ecm_db_listeners_get_and_ref_first();
while (li) {
struct ecm_db_listener_instance *lin;
if (li->connection_removed) {
li->connection_removed(li->arg, ci);
}
/*
* Get next listener
*/
lin = ecm_db_listener_get_and_ref_next(li);
ecm_db_listener_deref(li);
li = lin;
}
}
#ifdef ECM_DB_CTA_TRACK_ENABLE
/*
* Unlink from the "assignments by classifier type" lists.
*
* This is done whether the connection is inserted into the database or not - this is because
* classifier assignments take place before adding into the db.
*
* NOTE: We know that the ci is not being iterated in any of these lists because otherwise
* ci would be being held as part of iteration and so we would not be here!
* Equally we know that if the assignments_by_type[] element is non-null then it must also be in the relevant list too.
*
* Default classifier is not in the classifier type assignement list, so we should start the loop index
* with the first assigned classifier type.
*/
spin_lock_bh(&ecm_db_lock);
for (ca_type = ECM_CLASSIFIER_TYPE_DEFAULT + 1; ca_type < ECM_CLASSIFIER_TYPES; ++ca_type) {
struct ecm_classifier_instance *cci = ci->assignments_by_type[ca_type];
if (!cci) {
/*
* No assignment of this type, so would not be in the classifier type assignments list
*/
continue;
}
_ecm_db_connection_classifier_unassign(ci, cci, ca_type);
}
spin_unlock_bh(&ecm_db_lock);
#endif
/*
* Throw final event
*/
if (ci->final) {
ci->final(ci->arg);
}
/*
* Release instances to the objects referenced by the connection
*/
while (ci->assignments) {
struct ecm_classifier_instance *classi = ci->assignments;
ci->assignments = classi->ca_next;
classi->deref(classi);
}
for (dir = 0; dir < ECM_DB_OBJ_DIR_MAX; dir++) {
if (ci->mapping[dir]) {
ecm_db_mapping_deref(ci->mapping[dir]);
}
}
if (ci->feci) {
ci->feci->deref(ci->feci);
}
for (dir = 0; dir < ECM_DB_OBJ_DIR_MAX; dir++) {
if (ci->node[dir]) {
ecm_db_node_deref(ci->node[dir]);
}
}
/*
* Remove references to the interfaces in our heirarchy lists
*/
for (dir = 0; dir < ECM_DB_OBJ_DIR_MAX; dir++) {
for (i = ci->interface_first[dir]; i < ECM_DB_IFACE_HEIRARCHY_MAX; ++i) {
DEBUG_TRACE("%px: %s interface %d remove: %px\n", ci, ecm_db_obj_dir_strings[dir], i, ci->interfaces[dir][i]);
ecm_db_iface_deref(ci->interfaces[dir][i]);
}
}
#ifdef ECM_MULTICAST_ENABLE
/*
* Remove references to the multicast interfaces of this connection.
*/
ecm_db_multicast_connection_to_interfaces_clear(ci);
#endif
/*
* We can now destroy the instance
*/
DEBUG_CLEAR_MAGIC(ci);
kfree(ci);
/*
* Decrease global connection count
*/
spin_lock_bh(&ecm_db_lock);
ecm_db_connection_count--;
DEBUG_ASSERT(ecm_db_connection_count >= 0, "%px: connection count wrap\n", ci);
spin_unlock_bh(&ecm_db_lock);
return 0;
}
EXPORT_SYMBOL(ecm_db_connection_deref);
/*
* ecm_db_connection_defunct_all()
* Make defunct ALL connections.
*
* This API is typically used in shutdown situations commanded by the user.
* NOTE: Ensure all front ends are stopped to avoid further connections being created while this is running.
*/
void ecm_db_connection_defunct_all(void)
{
struct ecm_db_connection_instance *ci;
DEBUG_INFO("Defuncting all\n");
/*
* Iterate all connections
*/
ci = ecm_db_connections_get_and_ref_first();
while (ci) {
struct ecm_db_connection_instance *cin;
DEBUG_TRACE("%px: defunct\n", ci);
ecm_db_connection_make_defunct(ci);
cin = ecm_db_connection_get_and_ref_next(ci);
ecm_db_connection_deref(ci);
ci = cin;
}
DEBUG_INFO("Defuncting complete\n");
}
EXPORT_SYMBOL(ecm_db_connection_defunct_all);
/*
* ecm_db_connection_defunct_by_classifier()
* Make defunct based on masked fields
*/
void ecm_db_connection_defunct_by_classifier(int ip_ver, ip_addr_t src_addr_mask, uint16_t src_port_mask,
ip_addr_t dest_addr_mask, uint16_t dest_port_mask,
int proto_mask, bool is_routed, ecm_classifier_type_t ca_type)
{
struct ecm_db_connection_instance *ci;
int cnt = 0;
char *direction = NULL;
/*
* Iterate all connections
*/
ci = ecm_db_connections_get_and_ref_first();
while (ci) {
struct ecm_db_connection_instance *cin;
struct ecm_classifier_instance *eci;
ip_addr_t sip;
ip_addr_t dip;
uint16_t sport, dport;
int proto;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", ci);
eci = ecm_db_connection_assigned_classifier_find_and_ref(ci, ca_type);
if (!eci) {
goto next_ci;
}
eci->deref(eci);
/*
* Ignore connection with wrong version
*/
if (ip_ver != ECM_DB_IP_VERSION_IGNORE && (ecm_db_connection_ip_version_get(ci) != ip_ver)) {
goto next_ci;
}
/*
* Skip routed connection for bridge flow
* Skip bridge connection for routed flow
*/
if (is_routed != ecm_db_connection_is_routed_get(ci)) {
goto next_ci;
}
/*
* Check protocol if specified
*/
proto = ecm_db_connection_protocol_get(ci);
if (!ECM_PROTO_MASK_MATCH(proto, proto_mask)) {
goto next_ci;
}
/*
* A : PCI < ------- br-home ----------bridging----------------br-wan ---->PC2
*
* B : PCI < ------- br-home ----------Routing----------------br-wan ---->PC2
*
* DNAT
* C : PCI < ------- br-home ----------Routing----------------br-wan ----> PC2
* SNAT
* D : PCI < ------- br-home ----------Routing----------------br-wan ----> PC2
*/
ecm_db_connection_address_get(ci, ECM_DB_OBJ_DIR_FROM, sip);
ecm_db_connection_address_get(ci, ECM_DB_OBJ_DIR_TO, dip);
sport = ecm_db_connection_port_get(ci, ECM_DB_OBJ_DIR_FROM);
dport = ecm_db_connection_port_get(ci, ECM_DB_OBJ_DIR_TO);
/*
* 1. For topology A, B, C, D if drop rule is added in br-home or br-wan
* 2. For topoloy A, B if drop rule is added in br-wan
* Match in flow direction
*/
if (ECM_IP_ADDR_MASK_MATCH(sip, src_addr_mask) &&
ECM_IP_ADDR_MASK_MATCH(dip, dest_addr_mask) &&
ECM_PORT_MASK_MATCH(sport, src_port_mask) &&
ECM_PORT_MASK_MATCH(dport, dest_port_mask)) {
direction = "flow";
goto defunct_conn;
}
/*
* 1. For topology A, B, C, D if drop rule is added in br-home or br-wan
* 2. For topoloy A, B if drop rule is added in br-wan
* Match in reverse direction
*/
if (ECM_IP_ADDR_MASK_MATCH(dip, src_addr_mask) &&
ECM_IP_ADDR_MASK_MATCH(sip, dest_addr_mask) &&
ECM_PORT_MASK_MATCH(dport, src_port_mask) &&
ECM_PORT_MASK_MATCH(sport, dest_port_mask)) {
direction = "reverse";
goto defunct_conn;
}
/*
* There is no NATing in case of bridging
*/
if (!is_routed) {
goto next_ci;
}
ecm_db_connection_address_get(ci, ECM_DB_OBJ_DIR_FROM_NAT, sip);
ecm_db_connection_address_get(ci, ECM_DB_OBJ_DIR_TO_NAT, dip);
sport = ecm_db_connection_port_get(ci, ECM_DB_OBJ_DIR_FROM_NAT);
dport = ecm_db_connection_port_get(ci, ECM_DB_OBJ_DIR_TO_NAT);
/*
* 1. For topoloy C, D if drop rule is added in br-wan
* Match in flow direction
*/
if (ECM_IP_ADDR_MASK_MATCH(sip, src_addr_mask) &&
ECM_IP_ADDR_MASK_MATCH(dip, dest_addr_mask) &&
ECM_PORT_MASK_MATCH(sport, src_port_mask) &&
ECM_PORT_MASK_MATCH(dport, dest_port_mask)) {
direction = "flow (nat)";
goto defunct_conn;
}
/*
* 1. For topoloy C, D if drop rule is added in br-wan
* Match in reverse direction
*/
if (ECM_IP_ADDR_MASK_MATCH(dip, src_addr_mask) &&
ECM_IP_ADDR_MASK_MATCH(sip, dest_addr_mask) &&
ECM_PORT_MASK_MATCH(dport, src_port_mask) &&
ECM_PORT_MASK_MATCH(sport, dest_port_mask)) {
direction = "reverse (nat)";
goto defunct_conn;
}
goto next_ci;
defunct_conn:
cnt++;
if (ECM_IP_ADDR_IS_V4(src_addr_mask)) {
DEBUG_TRACE("%px: Defunct CI masked 5 tuple match(%s) src=" ECM_IP_ADDR_DOT_FMT " sport=%d dest="
ECM_IP_ADDR_DOT_FMT ", dport=%d, proto=%d cnt=%d\n", ci, direction,
ECM_IP_ADDR_TO_DOT(sip), sport, ECM_IP_ADDR_TO_DOT(dip), dport, proto, cnt);
} else {
DEBUG_TRACE("%px: Defunct CI masked 5 tuple match(%s) src=" ECM_IP_ADDR_OCTAL_FMT " sport=%d dest="
ECM_IP_ADDR_OCTAL_FMT ", dport=%d, proto=%d, cnt=%d\n", ci, direction,
ECM_IP_ADDR_TO_OCTAL(sip), sport, ECM_IP_ADDR_TO_OCTAL(dip), dport, proto, cnt);
}
ecm_db_connection_make_defunct(ci);
next_ci:
cin = ecm_db_connection_get_and_ref_next(ci);
ecm_db_connection_deref(ci);
ci = cin;
}
if (ECM_IP_ADDR_IS_V4(src_addr_mask)) {
DEBUG_TRACE("%px: Defunct request by masked 5 tuple src_mask=" ECM_IP_ADDR_DOT_FMT " sport_mask=%d, dest_mask="
ECM_IP_ADDR_DOT_FMT " dport_mask=%d, proto_mask=%d, cnt=%d\n", ci,
ECM_IP_ADDR_TO_DOT(src_addr_mask), src_port_mask, ECM_IP_ADDR_TO_DOT(dest_addr_mask),
dest_port_mask, proto_mask, cnt);
} else {
DEBUG_TRACE("%px: Defunct request by masked 5 tuple src_mask=" ECM_IP_ADDR_OCTAL_FMT " sport_mask=%d dest_mask="
ECM_IP_ADDR_OCTAL_FMT " dport_mask=%d, proto_mask=%d cnt=%d\n", ci,
ECM_IP_ADDR_TO_OCTAL(src_addr_mask), src_port_mask,
ECM_IP_ADDR_TO_OCTAL(dest_addr_mask), dest_port_mask, proto_mask, cnt);
}
}
/*
* ecm_db_connection_defunct_by_port()
* Make defunct based on source or destination port.
*/
void ecm_db_connection_defunct_by_port(int port, ecm_db_obj_dir_t dir)
{
struct ecm_db_connection_instance *ci;
DEBUG_INFO("Defuncting all matching connections by port %d\n", port);
/*
* Iterate all connections
*/
ci = ecm_db_connections_get_and_ref_first();
while (ci) {
struct ecm_db_connection_instance *cin;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
/*
* Flush the connection matching with given port address and flow direction
*/
if (port == htons(ecm_db_connection_port_get(ci, dir))) {
DEBUG_TRACE("%px: defunct\n", ci);
ecm_db_connection_make_defunct(ci);
}
cin = ecm_db_connection_get_and_ref_next(ci);
ecm_db_connection_deref(ci);
ci = cin;
}
DEBUG_INFO("Port based Defuncting complete\n");
}
EXPORT_SYMBOL(ecm_db_connection_defunct_by_port);
/*
* ecm_db_connection_defunct_by_protocol()
* Make defunct based on protocol.
*/
void ecm_db_connection_defunct_by_protocol(int protocol)
{
struct ecm_db_connection_instance *ci;
DEBUG_INFO("Defuncting all matching connections by protocol %d\n", protocol);
/*
* Iterate all connections
*/
ci = ecm_db_connections_get_and_ref_first();
while (ci) {
struct ecm_db_connection_instance *cin;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
/*
* Flush the connection matching with given protocol
*/
if (protocol == ecm_db_connection_protocol_get(ci)) {
DEBUG_TRACE("%px: defunct\n", ci);
ecm_db_connection_make_defunct(ci);
}
cin = ecm_db_connection_get_and_ref_next(ci);
ecm_db_connection_deref(ci);
ci = cin;
}
DEBUG_INFO("Protocol based defuncting complete\n");
}
EXPORT_SYMBOL(ecm_db_connection_defunct_by_protocol);
/*
* ecm_db_connection_defunct_ip_version()
* Make defunct based on the IP version (IPv4 or IPv6).
*/
void ecm_db_connection_defunct_ip_version(int ip_version)
{
struct ecm_db_connection_instance *ci;
DEBUG_ASSERT(ip_version == 4 || ip_version == 6, "Wrong ip_version: %d\n", ip_version);
DEBUG_INFO("Defuncting IPv%d connections\n", ip_version);
/*
* Iterate all connections
*/
ci = ecm_db_connections_get_and_ref_first();
while (ci) {
struct ecm_db_connection_instance *cin;
if (ci->ip_version == ip_version) {
DEBUG_TRACE("%px: defunct\n", ci);
ecm_db_connection_make_defunct(ci);
}
cin = ecm_db_connection_get_and_ref_next(ci);
ecm_db_connection_deref(ci);
ci = cin;
}
DEBUG_INFO("Defuncting complete for IPv%d connections\n", ip_version);
}
/*
* ecm_db_connection_generate_hash_index()
* Calculate the hash index.
*
* Note: The hash we produce is symmetric - i.e. we can swap the "from" and "to"
* details without generating a different hash index!
*/
static inline ecm_db_connection_hash_t ecm_db_connection_generate_hash_index(ip_addr_t host1_addr, uint32_t host1_port, ip_addr_t host2_addr, uint32_t host2_port, int protocol)
{
uint32_t hah1;
uint32_t hah2;
uint32_t ht1;
uint32_t hash_val;
/*
* The hash function only uses both host 1 address/port, host 2 address/port
* and protocol fields.
*/
ECM_IP_ADDR_HASH(hah1, host1_addr);
ECM_IP_ADDR_HASH(hah2, host2_addr);
ht1 = (u32)hah1 + host1_port + hah2 + host2_port + (uint32_t)protocol;
hash_val = (uint32_t)jhash_1word(ht1, ecm_db_jhash_rnd);
return (ecm_db_connection_hash_t)(hash_val & (ECM_DB_CONNECTION_HASH_SLOTS - 1));
}
/*
* ecm_db_connection_generate_serial_hash_index()
* Calculate the serial hash index.
*/
static inline ecm_db_connection_serial_hash_t ecm_db_connection_generate_serial_hash_index(uint32_t serial)
{
uint32_t hash_val;
hash_val = (uint32_t)jhash_1word(serial, ecm_db_jhash_rnd);
return (ecm_db_connection_serial_hash_t)(hash_val & (ECM_DB_CONNECTION_SERIAL_HASH_SLOTS - 1));
}
/*
* ecm_db_connection_find_and_ref_chain()
* Given a hash chain index locate the connection
*/
static struct ecm_db_connection_instance *ecm_db_connection_find_and_ref_chain(ecm_db_connection_hash_t hash_index,
ip_addr_t host1_addr, ip_addr_t host2_addr,
int protocol, int host1_port, int host2_port)
{
struct ecm_db_connection_instance *ci;
/*
* Iterate the chain looking for a connection with matching details
*/
spin_lock_bh(&ecm_db_lock);
ci = ecm_db_connection_table[hash_index];
while (ci) {
/*
* The use of unlikely() is liberally used because under fast-hit scenarios the connection would always be at the start of a chain
*/
if (unlikely(ci->protocol != protocol)) {
goto try_next;
}
if (unlikely(!ECM_IP_ADDR_MATCH(host1_addr, ci->mapping[ECM_DB_OBJ_DIR_FROM]->host->address))) {
goto try_reverse;
}
if (unlikely(host1_port != ci->mapping[ECM_DB_OBJ_DIR_FROM]->port)) {
goto try_reverse;
}
if (unlikely(!ECM_IP_ADDR_MATCH(host2_addr, ci->mapping[ECM_DB_OBJ_DIR_TO]->host->address))) {
goto try_reverse;
}
if (unlikely(host2_port != ci->mapping[ECM_DB_OBJ_DIR_TO]->port)) {
goto try_reverse;
}
goto connection_found;
try_reverse:
if (unlikely(!ECM_IP_ADDR_MATCH(host1_addr, ci->mapping[ECM_DB_OBJ_DIR_TO]->host->address))) {
goto try_next;
}
if (unlikely(host1_port != ci->mapping[ECM_DB_OBJ_DIR_TO]->port)) {
goto try_next;
}
if (unlikely(!ECM_IP_ADDR_MATCH(host2_addr, ci->mapping[ECM_DB_OBJ_DIR_FROM]->host->address))) {
goto try_next;
}
if (unlikely(host2_port != ci->mapping[ECM_DB_OBJ_DIR_FROM]->port)) {
goto try_next;
}
goto connection_found;
try_next:
ci = ci->hash_next;
}
spin_unlock_bh(&ecm_db_lock);
DEBUG_TRACE("Connection not found in hash chain\n");
return NULL;
connection_found:
_ecm_db_connection_ref(ci);
spin_unlock_bh(&ecm_db_lock);
DEBUG_TRACE("Connection found %px\n", ci);
return ci;
}
/*
* ecm_db_connection_find_and_ref()
* Locate a connection instance based on addressing, protocol and optional port information.
*
* NOTE: For non-port based protocols then ports are expected to be -(protocol).
*/
struct ecm_db_connection_instance *ecm_db_connection_find_and_ref(ip_addr_t host1_addr, ip_addr_t host2_addr, int protocol, int host1_port, int host2_port)
{
ecm_db_connection_hash_t hash_index;
DEBUG_TRACE("Lookup connection " ECM_IP_ADDR_OCTAL_FMT ":%d <> " ECM_IP_ADDR_OCTAL_FMT ":%d protocol %d\n", ECM_IP_ADDR_TO_OCTAL(host1_addr), host1_port, ECM_IP_ADDR_TO_OCTAL(host2_addr), host2_port, protocol);
/*
* Compute the hash chain index and prepare to walk the chain
*/
hash_index = ecm_db_connection_generate_hash_index(host1_addr, host1_port, host2_addr, host2_port, protocol);
return ecm_db_connection_find_and_ref_chain(hash_index, host1_addr, host2_addr, protocol, host1_port, host2_port);
}
EXPORT_SYMBOL(ecm_db_connection_find_and_ref);
/*
* ecm_db_connection_serial_find_and_ref()
* Locate a connection instance based on serial if it still exists
*/
struct ecm_db_connection_instance *ecm_db_connection_serial_find_and_ref(uint32_t serial)
{
ecm_db_connection_serial_hash_t serial_hash_index;
struct ecm_db_connection_instance *ci;
DEBUG_TRACE("Lookup connection serial: %u\n", serial);
/*
* Compute the hash chain index and prepare to walk the chain
*/
serial_hash_index = ecm_db_connection_generate_serial_hash_index(serial);
/*
* Iterate the chain looking for a connection with matching serial
*/
spin_lock_bh(&ecm_db_lock);
ci = ecm_db_connection_serial_table[serial_hash_index];
while (ci) {
/*
* The use of likely() is used because under fast-hit scenarios the connection would always be at the start of a chain
*/
if (likely(ci->serial == serial)) {
_ecm_db_connection_ref(ci);
spin_unlock_bh(&ecm_db_lock);
DEBUG_TRACE("Connection found %px\n", ci);
return ci;
}
ci = ci->serial_hash_next;
}
spin_unlock_bh(&ecm_db_lock);
DEBUG_TRACE("Connection not found\n");
return NULL;
}
EXPORT_SYMBOL(ecm_db_connection_serial_find_and_ref);
/*
* ecm_db_connection_node_get_and_ref()
* Return node reference
*/
struct ecm_db_node_instance *ecm_db_connection_node_get_and_ref(struct ecm_db_connection_instance *ci, ecm_db_obj_dir_t dir)
{
struct ecm_db_node_instance *ni;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
spin_lock_bh(&ecm_db_lock);
ni = ci->node[dir];
_ecm_db_node_ref(ni);
spin_unlock_bh(&ecm_db_lock);
return ni;
}
EXPORT_SYMBOL(ecm_db_connection_node_get_and_ref);
/*
* ecm_db_connection_mapping_get_and_ref_next()
* Return reference to next connection in the mapping chain in the specified direction.
*/
struct ecm_db_connection_instance *ecm_db_connection_mapping_get_and_ref_next(struct ecm_db_connection_instance *ci, ecm_db_obj_dir_t dir)
{
struct ecm_db_connection_instance *nci;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
spin_lock_bh(&ecm_db_lock);
nci = ci->mapping_next[dir];
if (nci) {
_ecm_db_connection_ref(nci);
}
spin_unlock_bh(&ecm_db_lock);
return nci;
}
EXPORT_SYMBOL(ecm_db_connection_mapping_get_and_ref_next);
/*
* ecm_db_connection_iface_get_and_ref_next()
* Return reference to next connection in iface chain in the specified direction.
*/
struct ecm_db_connection_instance *ecm_db_connection_iface_get_and_ref_next(struct ecm_db_connection_instance *ci, ecm_db_obj_dir_t dir)
{
struct ecm_db_connection_instance *nci;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
spin_lock_bh(&ecm_db_lock);
nci = ci->iface_next[dir];
if (nci) {
_ecm_db_connection_ref(nci);
}
spin_unlock_bh(&ecm_db_lock);
return nci;
}
EXPORT_SYMBOL(ecm_db_connection_iface_get_and_ref_next);
/*
* ecm_db_connection_mapping_get_and_ref()
* Return a reference to the mapping of the connection in the specified direction.
*/
struct ecm_db_mapping_instance *ecm_db_connection_mapping_get_and_ref(struct ecm_db_connection_instance *ci, ecm_db_obj_dir_t dir)
{
struct ecm_db_mapping_instance *mi;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
spin_lock_bh(&ecm_db_lock);
mi = ci->mapping[dir];
_ecm_db_mapping_ref(mi);
spin_unlock_bh(&ecm_db_lock);
return mi;
}
EXPORT_SYMBOL(ecm_db_connection_mapping_get_and_ref);
/*
* ecm_db_connection_classifier_assign()
* Assign a classifier to the connection assigned classifier list.
*
* This adds the classifier in the ci->assignments list in ascending priority order according to the classifier type.
* Only assigned classifiers are in this list, allowing fast retrival of current assignments, avoiding the need to skip over unassigned classifiers.
* Because there is only one of each type of classifier the classifier is also recorded in an array, the position in which is its type value.
* This allows fast lookup based on type too.
* Further, the connection is recorded in the classifier type assignment array too, this permits iterating of all connections that are assigned to a TYPE of classifier.
*/
void ecm_db_connection_classifier_assign(struct ecm_db_connection_instance *ci, struct ecm_classifier_instance *new_ca)
{
struct ecm_classifier_instance *ca;
struct ecm_classifier_instance *ca_prev;
ecm_classifier_type_t new_ca_type;
#ifdef ECM_DB_CTA_TRACK_ENABLE
struct ecm_db_connection_classifier_type_assignment *ta;
struct ecm_db_connection_classifier_type_assignment_list *tal;
#endif
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
/*
* Get the type (which is also used as the priority)
*/
new_ca_type = new_ca->type_get(new_ca);
/*
* Connection holds ref to the classifier
*/
new_ca->ref(new_ca);
/*
* Find place to insert the classifier
*/
spin_lock_bh(&ecm_db_lock);
ca = ci->assignments;
ca_prev = NULL;
while (ca) {
ecm_classifier_type_t ca_type;
ca_type = ca->type_get(ca);
/*
* If new ca is less important that the current assigned classifier insert here
*/
if (new_ca_type < ca_type) {
break;
}
ca_prev = ca;
ca = ca->ca_next;
}
/*
* Insert new_ca before ca and after ca_prev.
*/
new_ca->ca_prev = ca_prev;
if (ca_prev) {
ca_prev->ca_next = new_ca;
} else {
DEBUG_ASSERT(ci->assignments == ca, "%px: Bad assigmnment list, expecting: %px, got: %px\n", ci, ca, ci->assignments);
ci->assignments = new_ca;
}
new_ca->ca_next = ca;
if (ca) {
ca->ca_prev = new_ca;
}
/*
* Insert based on type too
*/
DEBUG_ASSERT(ci->assignments_by_type[new_ca_type] == NULL, "%px: Only one of each type: %d may be registered, new: %px, existing, %px\n",
ci, new_ca_type, new_ca, ci->assignments_by_type[new_ca_type]);
ci->assignments_by_type[new_ca_type] = new_ca;
#ifdef ECM_DB_CTA_TRACK_ENABLE
/*
* Default classifier will not be added to the classifier type assignment list.
* Only assigned classifiers can be added.
*/
if (new_ca_type == ECM_CLASSIFIER_TYPE_DEFAULT) {
spin_unlock_bh(&ecm_db_lock);
return;
}
/*
* Add the connection into the type assignment list too.
*/
ta = &ci->type_assignment[new_ca_type];
if (ta->pending_unassign) {
/*
* The connection is pending unassignment / removal from list, but since it has been
* re-assigned to the same type of classifier we can just clear the flag and avoid the removal.
* NOTE: pending_unassign is only ever true if the iteration count is non-zero i.e. iteration is in progress.
*/
DEBUG_CHECK_MAGIC(ta, ECM_DB_CLASSIFIER_TYPE_ASSIGNMENT_MAGIC, "%px: magic failed, ci: %px", ta, ci);
DEBUG_ASSERT(ta->iteration_count != 0, "%px: Bad pending_unassign: type: %d, Iteration count zero\n", ci, new_ca_type);
ta->pending_unassign = false;
spin_unlock_bh(&ecm_db_lock);
return;
}
/*
* iteration_count should be zero as there should not be a duplicate assignment of the same type.
* This is because if iteration_count was non-zero then pending_unassign should have been true.
*/
DEBUG_ASSERT(ta->iteration_count == 0, "%px: Type: %d, Iteration count not zero: %d\n", ci, new_ca_type, ta->iteration_count);
/*
* Insert the connection into the classifier type assignment list, at the head
*/
tal = &ecm_db_connection_classifier_type_assignments[new_ca_type];
ta->next = tal->type_assignments_list;
ta->prev = NULL;
/*
* If there is an existing head, it is no longer the head
*/
if (tal->type_assignments_list) {
struct ecm_db_connection_classifier_type_assignment *talh;
talh = &tal->type_assignments_list->type_assignment[new_ca_type];
talh->prev = ci;
}
/*
* Set new head
*/
tal->type_assignments_list = ci;
/*
* Set magic
*/
DEBUG_SET_MAGIC(ta, ECM_DB_CLASSIFIER_TYPE_ASSIGNMENT_MAGIC);
/*
* Increment assignment count
*/
tal->type_assignment_count++;
DEBUG_ASSERT(tal->type_assignment_count > 0, "Bad iteration count: %d\n", tal->type_assignment_count);
#endif
spin_unlock_bh(&ecm_db_lock);
}
EXPORT_SYMBOL(ecm_db_connection_classifier_assign);
/*
* ecm_db_connection_classifier_assignments_get_and_ref()
* Populate the given array with references to the currently assigned classifiers.
*
* This function returns the number of assignments starting from [0].
* [0] is the lowest priority classifier, [return_val - 1] is the highest priority.
* Release each classifier when you are done, for convenience use ecm_db_connection_assignments_release().
*
* NOTE: The array also contains the default classifier too which of course will always be at [0]
*
* WARNING: The array MUST be of size ECM_CLASSIFIER_TYPES.
*/
int ecm_db_connection_classifier_assignments_get_and_ref(struct ecm_db_connection_instance *ci, struct ecm_classifier_instance *assignments[])
{
int aci_count;
struct ecm_classifier_instance *aci;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
aci_count = 0;
spin_lock_bh(&ecm_db_lock);
aci = ci->assignments;
while (aci) {
aci->ref(aci);
assignments[aci_count++] = aci;
aci = aci->ca_next;
}
spin_unlock_bh(&ecm_db_lock);
DEBUG_ASSERT(aci_count >= 1, "%px: Must have at least default classifier!\n", ci);
return aci_count;
}
EXPORT_SYMBOL(ecm_db_connection_classifier_assignments_get_and_ref);
/*
* ecm_db_connection_assignments_release()
* Release references to classifiers in the assignments array
*/
void ecm_db_connection_assignments_release(int assignment_count, struct ecm_classifier_instance *assignments[])
{
int i;
for (i = 0; i < assignment_count; ++i) {
struct ecm_classifier_instance *aci = assignments[i];
if (aci) {
aci->deref(aci);
}
}
}
EXPORT_SYMBOL(ecm_db_connection_assignments_release);
/*
* ecm_db_connection_assigned_classifier_find_and_ref()
* Return a ref to classifier of the requested type, if found
*/
struct ecm_classifier_instance *ecm_db_connection_assigned_classifier_find_and_ref(struct ecm_db_connection_instance *ci, ecm_classifier_type_t type)
{
struct ecm_classifier_instance *ca;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
spin_lock_bh(&ecm_db_lock);
ca = ci->assignments_by_type[type];
if (ca) {
ca->ref(ca);
}
spin_unlock_bh(&ecm_db_lock);
return ca;
}
EXPORT_SYMBOL(ecm_db_connection_assigned_classifier_find_and_ref);
/*
* ecm_db_connection_classifier_unassign()
* Unassign a classifier
*
* The default classifier cannot be unassigned.
*/
void ecm_db_connection_classifier_unassign(struct ecm_db_connection_instance *ci, struct ecm_classifier_instance *cci)
{
ecm_classifier_type_t ca_type;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
/*
* Get the type
*/
ca_type = cci->type_get(cci);
DEBUG_ASSERT(ca_type != ECM_CLASSIFIER_TYPE_DEFAULT, "%px: Cannot unassign default", ci);
if (ca_type >= ECM_CLASSIFIER_TYPES) {
DEBUG_WARN("%px: ca_type: %d is higher than the max classifier type number: %d\n", ci, ca_type, (ECM_CLASSIFIER_TYPES - 1));
return;
}
DEBUG_TRACE("%px: Unassign type: %d, classifier: %px\n", ci, ca_type, cci);
/*
* NOTE: It is possible that in SMP this classifier has already been unassigned.
*/
spin_lock_bh(&ecm_db_lock);
if (ci->assignments_by_type[ca_type] == NULL) {
spin_unlock_bh(&ecm_db_lock);
DEBUG_TRACE("%px: Classifier type: %d already unassigned\n", ci, ca_type);
return;
}
_ecm_db_connection_classifier_unassign(ci, cci, ca_type);
spin_unlock_bh(&ecm_db_lock);
}
EXPORT_SYMBOL(ecm_db_connection_classifier_unassign);
#ifdef ECM_DB_CTA_TRACK_ENABLE
/*
* ecm_db_connection_by_classifier_type_assignment_get_and_ref_first()
* Return a reference to the first connection for which a classifier of the given type is associated with
*
* WARNING: YOU MUST NOT USE ecm_db_connection_deref() to release the references taken using this API.
* YOU MUST use ecm_db_connection_by_classifier_type_assignment_deref(), this ensures type assignment list integrity.
*/
struct ecm_db_connection_instance *ecm_db_connection_by_classifier_type_assignment_get_and_ref_first(ecm_classifier_type_t ca_type)
{
struct ecm_db_connection_classifier_type_assignment_list *tal;
struct ecm_db_connection_instance *ci;
DEBUG_ASSERT(ca_type < ECM_CLASSIFIER_TYPES, "Bad type: %d\n", ca_type);
DEBUG_TRACE("Get and ref first connection assigned with classifier type: %d\n", ca_type);
tal = &ecm_db_connection_classifier_type_assignments[ca_type];
spin_lock_bh(&ecm_db_lock);
ci = tal->type_assignments_list;
while (ci) {
struct ecm_db_connection_classifier_type_assignment *ta;
ta = &ci->type_assignment[ca_type];
DEBUG_CHECK_MAGIC(ta, ECM_DB_CLASSIFIER_TYPE_ASSIGNMENT_MAGIC, "%px: magic failed, ci: %px", ta, ci);
if (ta->pending_unassign) {
DEBUG_TRACE("Skip %px, pending unassign for type: %d\n", ci, ca_type);
ci = ta->next;
continue;
}
/*
* Take reference to this connection.
* NOTE: Hold both the connection and the assignment entry so that when we unlock both the connection
* and the type assignment list entry maintains integrity.
*/
_ecm_db_connection_ref(ci);
ta->iteration_count++;
DEBUG_ASSERT(ta->iteration_count > 0, "Bad Iteration count: %d for type: %d, connection: %px\n", ta->iteration_count, ca_type, ci);
spin_unlock_bh(&ecm_db_lock);
return ci;
}
spin_unlock_bh(&ecm_db_lock);
return NULL;
}
EXPORT_SYMBOL(ecm_db_connection_by_classifier_type_assignment_get_and_ref_first);
/*
* ecm_db_connection_by_classifier_type_assignment_get_and_ref_next()
* Return a reference to the next connection for which a classifier of the given type is associated with.
*
* WARNING: YOU MUST NOT USE ecm_db_connection_deref() to release the references taken using this API.
* YOU MUST use ecm_db_connection_by_classifier_type_assignment_deref(), this ensures type assignment list integrity.
*/
struct ecm_db_connection_instance *ecm_db_connection_by_classifier_type_assignment_get_and_ref_next(struct ecm_db_connection_instance *ci, ecm_classifier_type_t ca_type)
{
struct ecm_db_connection_classifier_type_assignment *ta;
struct ecm_db_connection_instance *cin;
DEBUG_ASSERT(ca_type < ECM_CLASSIFIER_TYPES, "Bad type: %d\n", ca_type);
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
DEBUG_TRACE("Get and ref next connection assigned with classifier type: %d and ci: %px\n", ca_type, ci);
spin_lock_bh(&ecm_db_lock);
ta = &ci->type_assignment[ca_type];
cin = ta->next;
while (cin) {
struct ecm_db_connection_classifier_type_assignment *tan;
tan = &cin->type_assignment[ca_type];
DEBUG_CHECK_MAGIC(tan, ECM_DB_CLASSIFIER_TYPE_ASSIGNMENT_MAGIC, "%px: magic failed, ci: %px", tan, cin);
if (tan->pending_unassign) {
DEBUG_TRACE("Skip %px, pending unassign for type: %d\n", cin, ca_type);
cin = tan->next;
continue;
}
/*
* Take reference to this connection.
* NOTE: Hold both the connection and the assignment entry so that when we unlock both the connection
* and the type assignment list entry maintains integrity.
*/
_ecm_db_connection_ref(cin);
tan->iteration_count++;
DEBUG_ASSERT(tan->iteration_count > 0, "Bad Iteration count: %d for type: %d, connection: %px\n", tan->iteration_count, ca_type, cin);
spin_unlock_bh(&ecm_db_lock);
return cin;
}
spin_unlock_bh(&ecm_db_lock);
return NULL;
}
EXPORT_SYMBOL(ecm_db_connection_by_classifier_type_assignment_get_and_ref_next);
/*
* ecm_db_connection_by_classifier_type_assignment_deref()
* Release a reference to a connection while iterating a classifier type assignment list
*/
void ecm_db_connection_by_classifier_type_assignment_deref(struct ecm_db_connection_instance *ci, ecm_classifier_type_t ca_type)
{
struct ecm_db_connection_classifier_type_assignment_list *tal;
struct ecm_db_connection_classifier_type_assignment *ta;
DEBUG_ASSERT(ca_type < ECM_CLASSIFIER_TYPES, "Bad type: %d\n", ca_type);
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
tal = &ecm_db_connection_classifier_type_assignments[ca_type];
/*
* Drop the iteration count
*/
spin_lock_bh(&ecm_db_lock);
ta = &ci->type_assignment[ca_type];
DEBUG_CHECK_MAGIC(ta, ECM_DB_CLASSIFIER_TYPE_ASSIGNMENT_MAGIC, "%px: magic failed, ci: %px", ta, ci);
ta->iteration_count--;
DEBUG_ASSERT(ta->iteration_count >= 0, "Bad Iteration count: %d for type: %d, connection: %px\n", ta->iteration_count, ca_type, ci);
/*
* If there are no more iterations on-going and this is pending unassign then we can remove it from the assignments list
*/
if (ta->pending_unassign && (ta->iteration_count == 0)) {
DEBUG_INFO("%px: Remove type assignment: %d\n", ci, ca_type);
_ecm_db_classifier_type_assignment_remove(ci, ca_type);
}
spin_unlock_bh(&ecm_db_lock);
ecm_db_connection_deref(ci);
}
EXPORT_SYMBOL(ecm_db_connection_by_classifier_type_assignment_deref);
/*
* ecm_db_connection_make_defunct_by_assignment_type()
* Make defunct all connections that are currently assigned to a classifier of the given type
*/
void ecm_db_connection_make_defunct_by_assignment_type(ecm_classifier_type_t ca_type)
{
struct ecm_db_connection_instance *ci;
DEBUG_INFO("Make defunct all assigned to type: %d\n", ca_type);
ci = ecm_db_connection_by_classifier_type_assignment_get_and_ref_first(ca_type);
while (ci) {
struct ecm_db_connection_instance *cin;
DEBUG_TRACE("%px: Make defunct: %d\n", ci, ca_type);
ecm_db_connection_make_defunct(ci);
cin = ecm_db_connection_by_classifier_type_assignment_get_and_ref_next(ci, ca_type);
ecm_db_connection_by_classifier_type_assignment_deref(ci, ca_type);
ci = cin;
}
}
EXPORT_SYMBOL(ecm_db_connection_make_defunct_by_assignment_type);
/*
* ecm_db_connection_regenerate_by_assignment_type()
* Cause regeneration all connections that are currently assigned to a classifier of the given type
*/
void ecm_db_connection_regenerate_by_assignment_type(ecm_classifier_type_t ca_type)
{
struct ecm_db_connection_instance *ci;
DEBUG_INFO("Regenerate all assigned to type: %d\n", ca_type);
ci = ecm_db_connection_by_classifier_type_assignment_get_and_ref_first(ca_type);
while (ci) {
struct ecm_db_connection_instance *cin;
DEBUG_TRACE("%px: Re-generate: %d\n", ci, ca_type);
ecm_db_connection_regenerate(ci);
cin = ecm_db_connection_by_classifier_type_assignment_get_and_ref_next(ci, ca_type);
ecm_db_connection_by_classifier_type_assignment_deref(ci, ca_type);
ci = cin;
}
}
EXPORT_SYMBOL(ecm_db_connection_regenerate_by_assignment_type);
#endif
/*
* ecm_db_connection_interfaces_get_and_ref()
* Return the interface heirarchy in the specified direction which this connection is established.
*
* 'interfaces' MUST be an array as large as ECM_DB_IFACE_HEIRARCHY_MAX.
* Returns either ECM_DB_IFACE_HEIRARCHY_MAX if there are no interfaces / error.
* Returns the index into the interfaces[] of the first interface (so "for (i = <ret val>, i < ECM_DB_IFACE_HEIRARCHY_MAX; ++i)" works)
*
* Each interface is referenced on return, be sure to release them individually or use ecm_db_connection_interfaces_deref() instead.
*/
int32_t ecm_db_connection_interfaces_get_and_ref(struct ecm_db_connection_instance *ci,
struct ecm_db_iface_instance *interfaces[],
ecm_db_obj_dir_t dir)
{
int32_t n;
int32_t i;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
spin_lock_bh(&ecm_db_lock);
n = ci->interface_first[dir];
for (i = n; i < ECM_DB_IFACE_HEIRARCHY_MAX; ++i) {
interfaces[i] = ci->interfaces[dir][i];
_ecm_db_iface_ref(interfaces[i]);
}
spin_unlock_bh(&ecm_db_lock);
return n;
}
EXPORT_SYMBOL(ecm_db_connection_interfaces_get_and_ref);
/*
* ecm_db_connection_interfaces_deref()
* Release all interfaces in the given interfaces heirarchy array.
*
* 'first' is the number returned by one of the ecm_db_connection_xx_interfaces_get_and_ref().
* You should NOT have released any references to any of the interfaces in the array youself, this releases them all.
*/
void ecm_db_connection_interfaces_deref(struct ecm_db_iface_instance *interfaces[], int32_t first)
{
int32_t i;
DEBUG_ASSERT((first >= 0) && (first <= ECM_DB_IFACE_HEIRARCHY_MAX), "Bad first: %d\n", first);
for (i = first; i < ECM_DB_IFACE_HEIRARCHY_MAX; ++i) {
ecm_db_iface_deref(interfaces[i]);
}
}
EXPORT_SYMBOL(ecm_db_connection_interfaces_deref);
/*
* ecm_db_connection_interfaces_reset()
* Reset the interfaces heirarchy in the specified direction with a new set of interfaces
*
* NOTE: This will mark the list as set even if you specify no list as a replacement.
* This is deliberate - it's stating that there is no list :-)
*/
void ecm_db_connection_interfaces_reset(struct ecm_db_connection_instance *ci,
struct ecm_db_iface_instance *interfaces[],
int32_t new_first, ecm_db_obj_dir_t dir)
{
struct ecm_db_iface_instance *old[ECM_DB_IFACE_HEIRARCHY_MAX];
int32_t old_first;
int32_t i;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
/*
* Iterate the from interface list, removing the old and adding in the new
*/
spin_lock_bh(&ecm_db_lock);
for (i = 0; i < ECM_DB_IFACE_HEIRARCHY_MAX; ++i) {
/*
* Put any previous interface into the old list
*/
old[i] = ci->interfaces[dir][i];
ci->interfaces[dir][i] = NULL;
if (i < new_first) {
continue;
}
ci->interfaces[dir][i] = interfaces[i];
_ecm_db_iface_ref(ci->interfaces[dir][i]);
}
/*
* Get old first and update to new first
*/
old_first = ci->interface_first[dir];
ci->interface_first[dir] = new_first;
ci->interface_set[dir] = true;
spin_unlock_bh(&ecm_db_lock);
/*
* Release old
*/
ecm_db_connection_interfaces_deref(old, old_first);
}
EXPORT_SYMBOL(ecm_db_connection_interfaces_reset);
/*
* ecm_db_connection_interfaces_get_count()
* Return the number of interfaces in the list
*/
int32_t ecm_db_connection_interfaces_get_count(struct ecm_db_connection_instance *ci, ecm_db_obj_dir_t dir)
{
int32_t first;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
spin_lock_bh(&ecm_db_lock);
first = ci->interface_first[dir];
spin_unlock_bh(&ecm_db_lock);
return ECM_DB_IFACE_HEIRARCHY_MAX - first;
}
EXPORT_SYMBOL(ecm_db_connection_interfaces_get_count);
/*
* ecm_db_connection_interfaces_set_check()
* Returns true if the interface list has been set - even if set to an empty list!
*/
bool ecm_db_connection_interfaces_set_check(struct ecm_db_connection_instance *ci, ecm_db_obj_dir_t dir)
{
bool set;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
spin_lock_bh(&ecm_db_lock);
set = ci->interface_set[dir];
spin_unlock_bh(&ecm_db_lock);
return set;
}
EXPORT_SYMBOL(ecm_db_connection_interfaces_set_check);
/*
* ecm_db_connection_interfaces_clear()
* Clear down the interfaces list, marking the list as not set
*/
void ecm_db_connection_interfaces_clear(struct ecm_db_connection_instance *ci, ecm_db_obj_dir_t dir)
{
struct ecm_db_iface_instance *discard[ECM_DB_IFACE_HEIRARCHY_MAX];
int32_t discard_first;
int32_t i;
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
spin_lock_bh(&ecm_db_lock);
for (i = ci->interface_first[dir]; i < ECM_DB_IFACE_HEIRARCHY_MAX; ++i) {
discard[i] = ci->interfaces[dir][i];
}
discard_first = ci->interface_first[dir];
ci->interface_set[dir] = false;
ci->interface_first[dir] = ECM_DB_IFACE_HEIRARCHY_MAX;
spin_unlock_bh(&ecm_db_lock);
/*
* Release previous
*/
ecm_db_connection_interfaces_deref(discard, discard_first);
}
EXPORT_SYMBOL(ecm_db_connection_interfaces_clear);
/*
* ecm_db_connection_add()
* Add the connection into the database.
*
* NOTE: The parameters are DIRECTIONAL in terms of which mapping established the connection.
* NOTE: Dir confirms if this is an egressing or ingressing connection.
* This applies to firewalling front ends mostly. If INGRESS then mapping[ECM_DB_OBJ_DIR_FROM] is the WAN side.
* If EGRESS then mapping[ECM_DB_OBJ_DIR_TO] is the WAN side.
*/
void ecm_db_connection_add(struct ecm_db_connection_instance *ci,
struct ecm_db_mapping_instance *mapping[],
struct ecm_db_node_instance *node[],
int ip_version,
int protocol, ecm_db_direction_t ecm_dir,
ecm_db_connection_final_callback_t final,
ecm_db_connection_defunct_callback_t defunct,
ecm_db_timer_group_t tg, bool is_routed,
void *arg)
{
ecm_db_connection_hash_t hash_index;
ecm_db_connection_serial_hash_t serial_hash_index;
struct ecm_db_listener_instance *li;
int dir;
#ifdef ECM_DB_XREF_ENABLE
struct ecm_db_iface_instance *iface[ECM_DB_OBJ_DIR_MAX];
#endif
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
for (dir = 0; dir < ECM_DB_OBJ_DIR_MAX; dir++) {
DEBUG_CHECK_MAGIC(mapping[dir], ECM_DB_MAPPING_INSTANCE_MAGIC, "%px: %s mapping magic failed \n", mapping[dir], ecm_db_obj_dir_strings[dir]);
DEBUG_CHECK_MAGIC(node[dir], ECM_DB_NODE_INSTANCE_MAGIC, "%px: %s node magic failed\n", node[dir], ecm_db_obj_dir_strings[dir]);
}
DEBUG_ASSERT((protocol >= 0) && (protocol <= 255), "%px: invalid protocol number %d\n", ci, protocol);
spin_lock_bh(&ecm_db_lock);
DEBUG_ASSERT(!(ci->flags & ECM_DB_CONNECTION_FLAGS_INSERTED), "%px: inserted\n", ci);
spin_unlock_bh(&ecm_db_lock);
/*
* Record owner arg and callbacks
*/
ci->final = final;
ci->defunct = defunct;
ci->arg = arg;
#ifdef ECM_MULTICAST_ENABLE
ci->ti = NULL;
#endif
/*
* Ensure default classifier has been assigned this is a must to ensure minimum level of classification
*/
DEBUG_ASSERT(ci->assignments_by_type[ECM_CLASSIFIER_TYPE_DEFAULT], "%px: No default classifier assigned\n", ci);
/*
* Connection takes references to the mappings and nodes
*/
for (dir = 0; dir < ECM_DB_OBJ_DIR_MAX; dir++) {
ecm_db_mapping_ref(mapping[dir]);
ci->mapping[dir] = mapping[dir];
ecm_db_node_ref(node[dir]);
ci->node[dir] = node[dir];
}
/*
* Set the protocol and routed flag
*/
ci->ip_version = ip_version;
ci->protocol = protocol;
ci->is_routed = is_routed;
/*
* Set direction of connection
*/
ci->direction = ecm_dir;
/*
* Identify which hash chain this connection will go into
*/
hash_index = ecm_db_connection_generate_hash_index(mapping[ECM_DB_OBJ_DIR_FROM]->host->address,
mapping[ECM_DB_OBJ_DIR_FROM]->port,
mapping[ECM_DB_OBJ_DIR_TO]->host->address,
mapping[ECM_DB_OBJ_DIR_TO]->port, protocol);
ci->hash_index = hash_index;
/*
* Identify which serial hash chain this connection will go into
*/
serial_hash_index = ecm_db_connection_generate_serial_hash_index(ci->serial);
ci->serial_hash_index = serial_hash_index;
/*
* Now we need to lock
*/
spin_lock_bh(&ecm_db_lock);
/*
* Increment protocol counter stats
*/
ecm_db_connection_count_by_protocol[protocol]++;
DEBUG_ASSERT(ecm_db_connection_count_by_protocol[protocol] > 0, "%px: Invalid protocol count %d\n", ci, ecm_db_connection_count_by_protocol[protocol]);
/*
* Set time
*/
ci->time_added = ecm_db_time;
/*
* Add connection into the global list
*/
ci->prev = NULL;
ci->next = ecm_db_connections;
if (ecm_db_connections) {
ecm_db_connections->prev = ci;
}
ecm_db_connections = ci;
/*
* Add this connection into the connections hash table
*/
ci->flags |= ECM_DB_CONNECTION_FLAGS_INSERTED;
/*
* Insert connection into the connections hash table
*/
ci->hash_next = ecm_db_connection_table[hash_index];
if (ecm_db_connection_table[hash_index]) {
ecm_db_connection_table[hash_index]->hash_prev = ci;
}
ecm_db_connection_table[hash_index] = ci;
ecm_db_connection_table_lengths[hash_index]++;
DEBUG_ASSERT(ecm_db_connection_table_lengths[hash_index] > 0, "%px: invalid table len %d\n", ci, ecm_db_connection_table_lengths[hash_index]);
/*
* Insert connection into the connections serial hash table
*/
ci->serial_hash_next = ecm_db_connection_serial_table[serial_hash_index];
if (ecm_db_connection_serial_table[serial_hash_index]) {
ecm_db_connection_serial_table[serial_hash_index]->serial_hash_prev = ci;
}
ecm_db_connection_serial_table[serial_hash_index] = ci;
ecm_db_connection_serial_table_lengths[serial_hash_index]++;
DEBUG_ASSERT(ecm_db_connection_serial_table_lengths[serial_hash_index] > 0, "%px: invalid table len %d\n", ci, ecm_db_connection_serial_table_lengths[serial_hash_index]);
#ifdef ECM_DB_XREF_ENABLE
/*
* Add this connection into the nodes.
*/
for (dir = 0; dir < ECM_DB_OBJ_DIR_MAX; dir++) {
ci->node_prev[dir] = NULL;
ci->node_next[dir] = node[dir]->connections[dir];
if (node[dir]->connections[dir]) {
node[dir]->connections[dir]->node_prev[dir] = ci;
}
node[dir]->connections[dir] = ci;
node[dir]->connections_count[dir]++;
DEBUG_ASSERT(node[dir]->connections_count[dir] > 0, "%px: invalid count for %s node connections\n", ci, ecm_db_obj_dir_strings[dir]);
}
/*
* Add this connection into the mappings
*/
for (dir = 0; dir < ECM_DB_OBJ_DIR_MAX; dir++) {
ci->mapping_prev[dir] = NULL;
ci->mapping_next[dir] = mapping[dir]->connections[dir];
if (mapping[dir]->connections[dir]) {
mapping[dir]->connections[dir]->mapping_prev[dir] = ci;
}
mapping[dir]->connections[dir] = ci;
}
/*
* Add this connection into the ifaces list of connections
* NOTE: There is no need to ref the iface because it will exist for as long as this connection exists
* due to the heirarchy of dependencies being kept by the database.
*/
for (dir = 0; dir < ECM_DB_OBJ_DIR_MAX; dir++) {
iface[dir] = node[dir]->iface;
ci->iface_prev[dir] = NULL;
ci->iface_next[dir] = iface[dir]->connections[dir];
if (iface[dir]->connections[dir]) {
iface[dir]->connections[dir]->iface_prev[dir] = ci;
}
iface[dir]->connections[dir] = ci;
}
#endif
/*
* NOTE: The interface heirarchy lists are deliberately left empty - these are completed
* by the front end if it is appropriate to do so.
*/
/*
* Update the counters in the mapping
*/
if (protocol == IPPROTO_UDP) {
for (dir = 0; dir < ECM_DB_OBJ_DIR_MAX; dir++) {
mapping[dir]->udp_count[dir]++;
}
} else if (protocol == IPPROTO_TCP) {
for (dir = 0; dir < ECM_DB_OBJ_DIR_MAX; dir++) {
mapping[dir]->tcp_count[dir]++;
}
}
for (dir = 0; dir < ECM_DB_OBJ_DIR_MAX; dir++) {
mapping[dir]->conn_count[dir]++;
}
/*
* Set the generation number to match global
*/
ci->generation = ecm_db_connection_generation;
spin_unlock_bh(&ecm_db_lock);
/*
* Throw add event to the listeners
*/
DEBUG_TRACE("%px: Throw connection added event\n", ci);
li = ecm_db_listeners_get_and_ref_first();
while (li) {
struct ecm_db_listener_instance *lin;
if (li->connection_added) {
li->connection_added(li->arg, ci);
}
/*
* Get next listener
*/
lin = ecm_db_listener_get_and_ref_next(li);
ecm_db_listener_deref(li);
li = lin;
}
/*
* Set timer group. 'ref' the connection to ensure it persists for the timer.
*/
ecm_db_connection_ref(ci);
ecm_db_timer_group_entry_set(&ci->defunct_timer, tg);
}
EXPORT_SYMBOL(ecm_db_connection_add);
/*
* ecm_db_connection_heirarchy_state_get()
* Output state for an interface heirarchy list.
*/
int ecm_db_connection_heirarchy_state_get(struct ecm_state_file_instance *sfi, struct ecm_db_iface_instance *interfaces[], int32_t first_interface)
{
int result;
int count;
int i;
int j;
count = ECM_DB_IFACE_HEIRARCHY_MAX - first_interface;
if ((result = ecm_state_write(sfi, "interface_count", "%d", count))) {
return result;
}
/*
* Iterate the interface heirarchy list and output the information
*/
for (i = first_interface, j = 0; i < ECM_DB_IFACE_HEIRARCHY_MAX; ++i, ++j) {
struct ecm_db_iface_instance *ii = interfaces[i];
DEBUG_TRACE("Output interface @ %d: %px\n", i, ii);
if ((result = ecm_state_prefix_index_add(sfi, j))) {
return result;
}
result = ii->state_get(ii, sfi);
if (result) {
return result;
}
if ((result = ecm_state_prefix_remove(sfi))) {
return result;
}
}
return 0;
}
/*
* ecm_db_connection_state_get()
* Prepare a connection message
*/
int ecm_db_connection_state_get(struct ecm_state_file_instance *sfi, struct ecm_db_connection_instance *ci)
{
int result;
long int expires_in;
int sport;
int sport_nat;
char snode_address[ECM_MAC_ADDR_STR_BUFF_SIZE];
char snode_address_nat[ECM_MAC_ADDR_STR_BUFF_SIZE];
char sip_address[ECM_IP_ADDR_STR_BUFF_SIZE];
char sip_address_nat[ECM_IP_ADDR_STR_BUFF_SIZE];
char dnode_address[ECM_MAC_ADDR_STR_BUFF_SIZE];
char dnode_address_nat[ECM_MAC_ADDR_STR_BUFF_SIZE];
int dport;
int dport_nat;
char dip_address[ECM_IP_ADDR_STR_BUFF_SIZE];
char dip_address_nat[ECM_IP_ADDR_STR_BUFF_SIZE];
ecm_db_direction_t direction;
int ip_version;
int protocol;
bool is_routed;
uint32_t regen_success;
uint32_t regen_fail;
uint16_t regen_required;
uint16_t regen_occurances;
bool regen_in_progress;
uint16_t generation;
uint16_t global_generation;
uint32_t time_added;
uint32_t serial;
uint64_t from_data_total;
uint64_t to_data_total;
uint64_t from_packet_total;
uint64_t to_packet_total;
uint64_t from_data_total_dropped;
uint64_t to_data_total_dropped;
uint64_t from_packet_total_dropped;
uint64_t to_packet_total_dropped;
struct ecm_db_host_instance *hi;
struct ecm_db_node_instance *ni;
int aci_index;
int aci_count;
ip_addr_t __attribute__((unused)) group_ip;
struct ecm_front_end_connection_instance *feci;
struct ecm_classifier_instance *assignments[ECM_CLASSIFIER_TYPES];
int32_t first_interface;
struct ecm_db_iface_instance *interfaces[ECM_DB_IFACE_HEIRARCHY_MAX];
DEBUG_TRACE("Prep conn msg for %px\n", ci);
/*
* Identify expiration
*/
spin_lock_bh(&ecm_db_lock);
if (ci->defunct_timer.group == ECM_DB_TIMER_GROUPS_MAX) {
expires_in = -1;
} else {
expires_in = (long int)(ci->defunct_timer.timeout - ecm_db_time);
if (expires_in <= 0) {
expires_in = 0;
}
}
regen_success = ci->regen_success;
regen_fail = ci->regen_fail;
regen_required = ci->regen_required;
regen_occurances = ci->regen_occurances;
regen_in_progress = ci->regen_in_progress;
generation = ci->generation;
global_generation = ecm_db_connection_generation;
spin_unlock_bh(&ecm_db_lock);
/*
* Extract information from the connection for inclusion into the message
*/
sport = ci->mapping[ECM_DB_OBJ_DIR_FROM]->port;
sport_nat = ci->mapping[ECM_DB_OBJ_DIR_FROM_NAT]->port;
dport = ci->mapping[ECM_DB_OBJ_DIR_TO]->port;
dport_nat = ci->mapping[ECM_DB_OBJ_DIR_TO_NAT]->port;
hi = ci->mapping[ECM_DB_OBJ_DIR_TO]->host;
ecm_ip_addr_to_string(dip_address, hi->address);
ni = ci->node[ECM_DB_OBJ_DIR_TO];
snprintf(dnode_address, sizeof(dnode_address), "%pM", ni->address);
hi = ci->mapping[ECM_DB_OBJ_DIR_TO_NAT]->host;
ecm_ip_addr_to_string(dip_address_nat, hi->address);
hi = ci->mapping[ECM_DB_OBJ_DIR_FROM]->host;
ecm_ip_addr_to_string(sip_address, hi->address);
ni = ci->node[ECM_DB_OBJ_DIR_FROM];
snprintf(snode_address, sizeof(snode_address), "%pM", ni->address);
hi = ci->mapping[ECM_DB_OBJ_DIR_FROM_NAT]->host;
ecm_ip_addr_to_string(sip_address_nat, hi->address);
ni = ci->node[ECM_DB_OBJ_DIR_TO_NAT];
snprintf(dnode_address_nat, sizeof(dnode_address_nat), "%pM", ni->address);
ni = ci->node[ECM_DB_OBJ_DIR_FROM_NAT];
snprintf(snode_address_nat, sizeof(snode_address_nat), "%pM", ni->address);
direction = ci->direction;
ip_version = ci->ip_version;
protocol = ci->protocol;
is_routed = ci->is_routed;
time_added = ci->time_added;
serial = ci->serial;
ecm_db_connection_data_stats_get(ci, &from_data_total, &to_data_total,
&from_packet_total, &to_packet_total,
&from_data_total_dropped, &to_data_total_dropped,
&from_packet_total_dropped, &to_packet_total_dropped);
if ((result = ecm_state_prefix_add(sfi, "conn"))) {
return result;
}
if ((result = ecm_state_prefix_index_add(sfi, serial))) {
return result;
}
if ((result = ecm_state_write(sfi, "serial", "%u", serial))) {
return result;
}
if ((result = ecm_state_write(sfi, "sip_address", "%s", sip_address))) {
return result;
}
if ((result = ecm_state_write(sfi, "sip_address_nat", "%s", sip_address_nat))) {
return result;
}
if ((result = ecm_state_write(sfi, "sport", "%d", sport))) {
return result;
}
if ((result = ecm_state_write(sfi, "sport_nat", "%d", sport_nat))) {
return result;
}
if ((result = ecm_state_write(sfi, "snode_address", "%s", snode_address))) {
return result;
}
if ((result = ecm_state_write(sfi, "snode_address_nat", "%s", snode_address_nat))) {
return result;
}
if ((result = ecm_state_write(sfi, "dip_address", "%s", dip_address))) {
return result;
}
if ((result = ecm_state_write(sfi, "dip_address_nat", "%s", dip_address_nat))) {
return result;
}
if ((result = ecm_state_write(sfi, "dport", "%d", dport))) {
return result;
}
if ((result = ecm_state_write(sfi, "dport_nat", "%d", dport_nat))) {
return result;
}
if ((result = ecm_state_write(sfi, "dnode_address", "%s", dnode_address))) {
return result;
}
if ((result = ecm_state_write(sfi, "dnode_address_nat", "%s", dnode_address_nat))) {
return result;
}
if ((result = ecm_state_write(sfi, "ip_version", "%d", ip_version))) {
return result;
}
if ((result = ecm_state_write(sfi, "protocol", "%d", protocol))) {
return result;
}
if (ecm_db_connection_is_pppoe_bridged_get(ci)) {
/*
* PPPoE session ID is set in sport and dport.
*/
if ((result = ecm_state_write(sfi, "pppoe_session_id", "%u", sport))) {
return result;
}
}
if ((result = ecm_state_write(sfi, "is_routed", "%d", is_routed))) {
return result;
}
if ((result = ecm_state_write(sfi, "expires", "%ld", expires_in))) {
return result;
}
if ((result = ecm_state_write(sfi, "direction", "%d", direction))) {
return result;
}
if ((result = ecm_state_write(sfi, "time_added", "%u", time_added))) {
return result;
}
if ((result = ecm_state_write(sfi, "regen_success", "%u", regen_success))) {
return result;
}
if ((result = ecm_state_write(sfi, "regen_fail", "%u", regen_fail))) {
return result;
}
if ((result = ecm_state_write(sfi, "regen_required", "%u", regen_required))) {
return result;
}
if ((result = ecm_state_write(sfi, "regen_occurances", "%u", regen_occurances))) {
return result;
}
if ((result = ecm_state_write(sfi, "regen_in_progress", "%u", regen_in_progress))) {
return result;
}
if ((result = ecm_state_write(sfi, "generation", "%u/%u", generation, global_generation))) {
return result;
}
/*
* NOTE: These advanced stats are not conditional compiled.
* Connections always contain these stats
*/
if ((result = ecm_db_adv_stats_state_write(sfi, from_data_total, to_data_total,
from_packet_total, to_packet_total, from_data_total_dropped,
to_data_total_dropped, from_packet_total_dropped,
to_packet_total_dropped))) {
return result;
}
if ((result = ecm_state_prefix_add(sfi, "from_interfaces"))) {
return result;
}
first_interface = ecm_db_connection_interfaces_get_and_ref(ci, interfaces, ECM_DB_OBJ_DIR_FROM);
result = ecm_db_connection_heirarchy_state_get(sfi, interfaces, first_interface);
ecm_db_connection_interfaces_deref(interfaces, first_interface);
if (result) {
return result;
}
if ((result = ecm_state_prefix_remove(sfi))) {
return result;
}
#ifdef ECM_MULTICAST_ENABLE
ecm_db_connection_address_get(ci, ECM_DB_OBJ_DIR_TO, group_ip);
if (ecm_ip_addr_is_multicast(group_ip)) {
if ((result = ecm_state_prefix_add(sfi, "to_mc_interfaces"))) {
return result;
}
if ((result = ecm_db_multicast_to_interfaces_xml_state_get(ci, sfi))) {
return result;
}
if ((result = ecm_state_prefix_remove(sfi))) {
return result;
}
}
else {
if ((result = ecm_state_prefix_add(sfi, "to_interfaces"))) {
return result;
}
first_interface = ecm_db_connection_interfaces_get_and_ref(ci, interfaces, ECM_DB_OBJ_DIR_TO);
result = ecm_db_connection_heirarchy_state_get(sfi, interfaces, first_interface);
ecm_db_connection_interfaces_deref(interfaces, first_interface);
if (result) {
return result;
}
if ((result = ecm_state_prefix_remove(sfi))) {
return result;
}
}
#else
if ((result = ecm_state_prefix_add(sfi, "to_interfaces"))) {
return result;
}
first_interface = ecm_db_connection_interfaces_get_and_ref(ci, interfaces, ECM_DB_OBJ_DIR_TO);
result = ecm_db_connection_heirarchy_state_get(sfi, interfaces, first_interface);
ecm_db_connection_interfaces_deref(interfaces, first_interface);
if (result) {
return result;
}
if ((result = ecm_state_prefix_remove(sfi))) {
return result;
}
#endif
if ((result = ecm_state_prefix_add(sfi, "from_nat_interfaces"))) {
return result;
}
first_interface = ecm_db_connection_interfaces_get_and_ref(ci, interfaces, ECM_DB_OBJ_DIR_FROM_NAT);
result = ecm_db_connection_heirarchy_state_get(sfi, interfaces, first_interface);
ecm_db_connection_interfaces_deref(interfaces, first_interface);
if (result) {
return result;
}
if ((result = ecm_state_prefix_remove(sfi))) {
return result;
}
if ((result = ecm_state_prefix_add(sfi, "to_nat_interfaces"))) {
return result;
}
first_interface = ecm_db_connection_interfaces_get_and_ref(ci, interfaces, ECM_DB_OBJ_DIR_TO_NAT);
result = ecm_db_connection_heirarchy_state_get(sfi, interfaces, first_interface);
ecm_db_connection_interfaces_deref(interfaces, first_interface);
if (result) {
return result;
}
if ((result = ecm_state_prefix_remove(sfi))) {
return result;
}
/*
* Output front end state
*/
feci = ecm_db_connection_front_end_get_and_ref(ci);
result = feci->state_get(feci, sfi);
feci->deref(feci);
if (result) {
return result;
}
if ((result = ecm_state_prefix_add(sfi, "classifiers"))) {
return result;
}
/*
* Grab references to the assigned classifiers so we can produce state for them
*/
aci_count = ecm_db_connection_classifier_assignments_get_and_ref(ci, assignments);
/*
* Iterate the assigned classifiers and provide a state record for each
*/
for (aci_index = 0; aci_index < aci_count; ++aci_index) {
struct ecm_classifier_instance *aci;
aci = assignments[aci_index];
result = aci->state_get(aci, sfi);
if (result) {
ecm_db_connection_assignments_release(aci_count, assignments);
return result;
}
}
ecm_db_connection_assignments_release(aci_count, assignments);
if ((result = ecm_state_prefix_remove(sfi))) {
return result;
}
if ((result = ecm_state_prefix_remove(sfi))) {
return result;
}
return ecm_state_prefix_remove(sfi);
}
EXPORT_SYMBOL(ecm_db_connection_state_get);
/*
* ecmECM_DB_CONNECTION_HASH_SLOTS_lengths_get()
* Return hash table length
*/
int ecm_db_connection_hash_table_lengths_get(int index)
{
int length;
DEBUG_ASSERT((index >= 0) && (index < ECM_DB_CONNECTION_HASH_SLOTS), "Bad protocol: %d\n", index);
spin_lock_bh(&ecm_db_lock);
length = ecm_db_connection_table_lengths[index];
spin_unlock_bh(&ecm_db_lock);
return length;
}
EXPORT_SYMBOL(ecm_db_connection_hash_table_lengths_get);
/*
* ecm_db_connection_hash_index_get_next()
* Given a hash index, return the next one OR return -1 for no more hash indicies to return.
*/
int ecm_db_connection_hash_index_get_next(int index)
{
index++;
if (index >= ECM_DB_CONNECTION_SERIAL_HASH_SLOTS) {
return -1;
}
return index;
}
EXPORT_SYMBOL(ecm_db_connection_hash_index_get_next);
/*
* ecm_db_connection_hash_index_get_first()
* Return first hash index
*/
int ecm_db_connection_hash_index_get_first(void)
{
return 0;
}
EXPORT_SYMBOL(ecm_db_connection_hash_index_get_first);
#ifdef ECM_STATE_OUTPUT_ENABLE
/*
* ecm_db_protocol_get_next()
* Given a number, return the next one OR return -1 for no more protocol numbers to return.
*/
int ecm_db_protocol_get_next(int protocol)
{
protocol++;
if (protocol >= ECM_DB_PROTOCOL_COUNT) {
return -1;
}
return protocol;
}
EXPORT_SYMBOL(ecm_db_protocol_get_next);
/*
* ecm_db_protocol_get_first()
* Return first protocol number
*/
int ecm_db_protocol_get_first(void)
{
return 0;
}
EXPORT_SYMBOL(ecm_db_protocol_get_first);
#endif
/*
* ecm_db_connection_alloc()
* Allocate a connection instance
*/
struct ecm_db_connection_instance *ecm_db_connection_alloc(void)
{
struct ecm_db_connection_instance *ci;
int __attribute__((unused)) i;
unsigned int conn_count;
/*
* If we have exceeded the conntrack connection limit then do not allocate new instance.
*/
conn_count = (unsigned int)ecm_db_connection_count_get();
if (conn_count >= nf_conntrack_max) {
DEBUG_WARN("ECM Connection count limit reached: db: %u, ct: %u\n", conn_count, nf_conntrack_max);
return NULL;
}
/*
* Allocate the connection
*/
ci = (struct ecm_db_connection_instance *)kzalloc(sizeof(struct ecm_db_connection_instance), GFP_ATOMIC | __GFP_NOWARN);
if (!ci) {
DEBUG_WARN("Connection alloc failed\n");
return NULL;
}
/*
* Initialise the defunct timer entry
*/
ecm_db_timer_group_entry_init(&ci->defunct_timer, ecm_db_connection_defunct_callback, ci);
/*
* Refs is 1 for the creator of the connection
*/
ci->refs = 1;
DEBUG_SET_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC);
/*
* Initialise the interfaces from/to lists.
* Interfaces are added from end of array.
*/
ci->interface_first[ECM_DB_OBJ_DIR_FROM] = ECM_DB_IFACE_HEIRARCHY_MAX;
ci->interface_first[ECM_DB_OBJ_DIR_TO] = ECM_DB_IFACE_HEIRARCHY_MAX;
ci->interface_first[ECM_DB_OBJ_DIR_FROM_NAT] = ECM_DB_IFACE_HEIRARCHY_MAX;
ci->interface_first[ECM_DB_OBJ_DIR_TO_NAT] = ECM_DB_IFACE_HEIRARCHY_MAX;
#ifdef ECM_MULTICAST_ENABLE
for (i = 0; i < ECM_DB_MULTICAST_IF_MAX; ++i) {
ci->to_mcast_interface_first[i] = ECM_DB_IFACE_HEIRARCHY_MAX;
}
#endif
/*
* If the master thread is terminating then we cannot create new instances
*/
spin_lock_bh(&ecm_db_lock);
if (ecm_db_terminate_pending) {
spin_unlock_bh(&ecm_db_lock);
DEBUG_WARN("Thread terminating\n");
kfree(ci);
return NULL;
}
/*
* Assign runtime unique serial
*/
ci->serial = ecm_db_connection_serial++;
ecm_db_connection_count++;
DEBUG_ASSERT(ecm_db_connection_count > 0, "%px: connection count wrap\n", ci);
spin_unlock_bh(&ecm_db_lock);
DEBUG_TRACE("Connection created %px\n", ci);
return ci;
}
EXPORT_SYMBOL(ecm_db_connection_alloc);
/*
* ecm_db_connection_ipv6_from_ct_get_and_ref()
* Return, if any, a connection given a ct
*/
struct ecm_db_connection_instance *ecm_db_connection_ipv6_from_ct_get_and_ref(struct nf_conn *ct)
{
struct nf_conntrack_tuple orig_tuple;
struct nf_conntrack_tuple reply_tuple;
ip_addr_t host1_addr;
ip_addr_t host2_addr;
int host1_port;
int host2_port;
int protocol;
/*
* Look up the associated connection for this conntrack connection
*/
orig_tuple = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple;
reply_tuple = ct->tuplehash[IP_CT_DIR_REPLY].tuple;
ECM_NIN6_ADDR_TO_IP_ADDR(host1_addr, orig_tuple.src.u3.in6);
ECM_NIN6_ADDR_TO_IP_ADDR(host2_addr, reply_tuple.src.u3.in6);
protocol = orig_tuple.dst.protonum;
switch (protocol) {
case IPPROTO_TCP:
host1_port = ntohs(orig_tuple.src.u.tcp.port);
host2_port = ntohs(reply_tuple.src.u.tcp.port);
break;
case IPPROTO_UDP:
host1_port = ntohs(orig_tuple.src.u.udp.port);
host2_port = ntohs(reply_tuple.src.u.udp.port);
break;
case IPPROTO_IPIP:
case IPPROTO_GRE:
host1_port = 0;
host2_port = 0;
break;
default:
host1_port = -protocol;
host2_port = -protocol;
}
DEBUG_TRACE("%px: lookup src: " ECM_IP_ADDR_OCTAL_FMT ":%d, "
"dest: " ECM_IP_ADDR_OCTAL_FMT ":%d, "
"protocol %d\n",
ct,
ECM_IP_ADDR_TO_OCTAL(host1_addr),
host1_port,
ECM_IP_ADDR_TO_OCTAL(host2_addr),
host2_port,
protocol);
return ecm_db_connection_find_and_ref(host1_addr,
host2_addr,
protocol,
host1_port,
host2_port);
}
/*
* ecm_db_connection_ipv4_from_ct_get_and_ref()
* Return, if any, a connection given a ct
*/
struct ecm_db_connection_instance *ecm_db_connection_ipv4_from_ct_get_and_ref(struct nf_conn *ct)
{
struct nf_conntrack_tuple orig_tuple;
struct nf_conntrack_tuple reply_tuple;
ip_addr_t host1_addr;
ip_addr_t host2_addr;
int host1_port;
int host2_port;
int protocol;
/*
* Look up the associated connection for this conntrack connection
*/
orig_tuple = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple;
reply_tuple = ct->tuplehash[IP_CT_DIR_REPLY].tuple;
ECM_NIN4_ADDR_TO_IP_ADDR(host1_addr, orig_tuple.src.u3.ip);
ECM_NIN4_ADDR_TO_IP_ADDR(host2_addr, reply_tuple.src.u3.ip);
protocol = orig_tuple.dst.protonum;
switch (protocol) {
case IPPROTO_TCP:
host1_port = ntohs(orig_tuple.src.u.tcp.port);
host2_port = ntohs(reply_tuple.src.u.tcp.port);
break;
case IPPROTO_UDP:
host1_port = ntohs(orig_tuple.src.u.udp.port);
host2_port = ntohs(reply_tuple.src.u.udp.port);
break;
case IPPROTO_IPV6:
case IPPROTO_ESP:
case IPPROTO_GRE:
host1_port = 0;
host2_port = 0;
break;
default:
host1_port = -protocol;
host2_port = -protocol;
}
DEBUG_TRACE("%px: lookup src: " ECM_IP_ADDR_DOT_FMT ":%d, "
"dest: " ECM_IP_ADDR_DOT_FMT ":%d, "
"protocol %d\n",
ct,
ECM_IP_ADDR_TO_DOT(host1_addr),
host1_port,
ECM_IP_ADDR_TO_DOT(host2_addr),
host2_port,
protocol);
return ecm_db_connection_find_and_ref(host1_addr,
host2_addr,
protocol,
host1_port,
host2_port);
}
#ifdef ECM_INTERFACE_OVS_BRIDGE_ENABLE
/*
* ecm_db_connection_from_ovs_flow_get_and_ref()
* Look-up a connection based on OVS flow 5-tuple information.
*/
struct ecm_db_connection_instance *ecm_db_connection_from_ovs_flow_get_and_ref(struct ovsmgr_dp_flow *flow)
{
ip_addr_t src_addr;
ip_addr_t dst_addr;
int src_port;
int dst_port;
int protocol;
/*
* Look up the associated connection for this OVS flow
*/
protocol = flow->tuple.protocol;
src_port = ntohs(flow->tuple.src_port);
dst_port = ntohs(flow->tuple.dst_port);
if (flow->tuple.ip_version == 4) {
ECM_NIN4_ADDR_TO_IP_ADDR(src_addr, flow->tuple.ipv4.src);
ECM_NIN4_ADDR_TO_IP_ADDR(dst_addr, flow->tuple.ipv4.dst);
DEBUG_TRACE("%px: OVS IPv4 flow lookup src: " ECM_IP_ADDR_DOT_FMT ":%d, "
"dest: " ECM_IP_ADDR_DOT_FMT ":%d, "
"protocol %d\n",
flow,
ECM_IP_ADDR_TO_DOT(src_addr),
src_port,
ECM_IP_ADDR_TO_DOT(dst_addr),
dst_port,
protocol);
} else if (flow->tuple.ip_version == 6) {
ECM_NIN6_ADDR_TO_IP_ADDR(src_addr, flow->tuple.ipv6.src);
ECM_NIN6_ADDR_TO_IP_ADDR(dst_addr, flow->tuple.ipv6.dst);
DEBUG_TRACE("%px: OVS IPv6 flow lookup src: " ECM_IP_ADDR_OCTAL_FMT ":%d, "
"dest: " ECM_IP_ADDR_OCTAL_FMT ":%d, "
"protocol %d\n",
flow,
ECM_IP_ADDR_TO_OCTAL(src_addr),
src_port,
ECM_IP_ADDR_TO_OCTAL(dst_addr),
dst_port,
protocol);
} else {
DEBUG_WARN("%px: Invalid IP version: %d\n", flow, flow->tuple.ip_version);
return NULL;
}
return ecm_db_connection_find_and_ref(src_addr,
dst_addr,
protocol,
src_port,
dst_port);
}
#endif
/*
* ecm_db_connection_decel_v4()
* Decelerate IPv4 connection.
*
* Big endian parameters apart from protocol
*/
bool ecm_db_connection_decel_v4(__be32 src_ip, int src_port,
__be32 dest_ip, int dest_port, int protocol)
{
ip_addr_t ecm_src_ip;
ip_addr_t ecm_dest_ip;
struct ecm_db_connection_instance *ci;
/*
* Look up ECM connection from the given tuple
*/
src_port = ntohs(src_port);
dest_port = ntohs(dest_port);
ECM_NIN4_ADDR_TO_IP_ADDR(ecm_src_ip, src_ip);
ECM_NIN4_ADDR_TO_IP_ADDR(ecm_dest_ip, dest_ip);
ci = ecm_db_connection_find_and_ref(ecm_src_ip, ecm_dest_ip, protocol, src_port, dest_port);
if (!ci) {
DEBUG_WARN("Decel v4 Connection lookup failed."
" Received connection tuple information: \n"
"Protocol: %d\n"
"src: " ECM_IP_ADDR_DOT_FMT ":%d\n"
"dest: " ECM_IP_ADDR_DOT_FMT ":%d\n",
protocol,
ECM_IP_ADDR_TO_DOT(ecm_src_ip), src_port,
ECM_IP_ADDR_TO_DOT(ecm_dest_ip), dest_port);
return false;
}
DEBUG_TRACE("Decel v4, connection tuple information: \n"
"Protocol: %d\n"
"src: " ECM_IP_ADDR_DOT_FMT ":%d\n"
"dest: " ECM_IP_ADDR_DOT_FMT ":%d\n",
protocol,
ECM_IP_ADDR_TO_DOT(ecm_src_ip), src_port,
ECM_IP_ADDR_TO_DOT(ecm_dest_ip), dest_port);
/*
* Defunct the connection.
*/
ecm_db_connection_make_defunct(ci);
ecm_db_connection_deref(ci);
return true;
}
/*
* ecm_db_connection_decel_v6()
* Decelerate IPv6 connection.
*
* Big endian parameters apart from protocol
*
* NOTE: If IPv6 is not supported in ECM this function must still exist as a stub to avoid compilation problems for registrants.
*/
bool ecm_db_connection_decel_v6(struct in6_addr *src_ip, int src_port,
struct in6_addr *dest_ip, int dest_port, int protocol)
{
#ifdef ECM_IPV6_ENABLE
struct in6_addr in6;
ip_addr_t ecm_src_ip;
ip_addr_t ecm_dest_ip;
struct ecm_db_connection_instance *ci;
/*
* Look up ECM connection from the given tuple
*/
src_port = ntohs(src_port);
dest_port = ntohs(dest_port);
in6 = *src_ip;
ECM_NIN6_ADDR_TO_IP_ADDR(ecm_src_ip, in6);
in6 = *dest_ip;
ECM_NIN6_ADDR_TO_IP_ADDR(ecm_dest_ip, in6);
ci = ecm_db_connection_find_and_ref(ecm_src_ip, ecm_dest_ip, protocol, src_port, dest_port);
if (!ci) {
DEBUG_WARN("Decel v6, Connection lookup failed."
" Received connection tuple information: \n"
"Protocol: %d\n"
"src: " ECM_IP_ADDR_OCTAL_FMT ":%d\n"
"dest: " ECM_IP_ADDR_OCTAL_FMT ":%d\n",
protocol,
ECM_IP_ADDR_TO_OCTAL(ecm_src_ip), src_port,
ECM_IP_ADDR_TO_OCTAL(ecm_dest_ip), dest_port);
return false;
}
DEBUG_TRACE("Decel v6, connection tuple information: \n"
"Protocol: %d\n"
"src: " ECM_IP_ADDR_OCTAL_FMT ":%d\n"
"dest: " ECM_IP_ADDR_OCTAL_FMT ":%d\n",
protocol,
ECM_IP_ADDR_TO_OCTAL(ecm_src_ip), src_port,
ECM_IP_ADDR_TO_OCTAL(ecm_dest_ip), dest_port);
/*
* Defunct the connection.
*/
ecm_db_connection_make_defunct(ci);
ecm_db_connection_deref(ci);
return true;
#endif
return false;
}
/*
* ecm_db_front_end_instance_ref_and_set()
* Refs and sets the front end instance of connection.
*/
void ecm_db_front_end_instance_ref_and_set(struct ecm_db_connection_instance *ci, struct ecm_front_end_connection_instance *feci)
{
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
feci->ref(feci);
ci->feci = feci;
}
EXPORT_SYMBOL(ecm_db_front_end_instance_ref_and_set);
/*
* ecm_db_get_connection_counts_simple()
* Return total of connections for each simple protocol (tcp, udp, other). Primarily for use by the luci-bwc service.
*/
static ssize_t ecm_db_get_connection_counts_simple(struct file *file,
char __user *user_buf,
size_t sz, loff_t *ppos)
{
int tcp_count;
int udp_count;
int other_count;
int total_count;
int ret;
char *buf;
buf = kmalloc(PAGE_SIZE, GFP_KERNEL);
if (!buf) {
return -ENOMEM;
}
/*
* Get snapshot of the protocol counts
*/
spin_lock_bh(&ecm_db_lock);
tcp_count = ecm_db_connection_count_by_protocol[IPPROTO_TCP];
udp_count = ecm_db_connection_count_by_protocol[IPPROTO_UDP];
total_count = ecm_db_connection_count;
other_count = total_count - (tcp_count + udp_count);
spin_unlock_bh(&ecm_db_lock);
ret = snprintf(buf, (ssize_t)PAGE_SIZE, "tcp %d udp %d other %d total %d\n", tcp_count, udp_count, other_count, total_count);
if (ret < 0) {
kfree(buf);
return -EFAULT;
}
ret = simple_read_from_buffer(user_buf, sz, ppos, buf, ret);
kfree(buf);
return ret;
}
/*
* File operations for simple connection counts.
*/
static struct file_operations ecm_db_connection_count_simple_fops = {
.read = ecm_db_get_connection_counts_simple,
};
/*
* ecm_db_connection_init()
*/
bool ecm_db_connection_init(struct dentry *dentry)
{
if (!debugfs_create_u32("connection_count", S_IRUGO, dentry,
(u32 *)&ecm_db_connection_count)) {
DEBUG_ERROR("Failed to create ecm db connection count file in debugfs\n");
return false;
}
if (!debugfs_create_file("connection_count_simple", S_IRUGO, dentry,
NULL, &ecm_db_connection_count_simple_fops)) {
DEBUG_ERROR("Failed to create ecm db connection count simple file in debugfs\n");
return false;
}
ecm_db_connection_table = vzalloc(sizeof(struct ecm_db_connection_instance *) * ECM_DB_CONNECTION_HASH_SLOTS);
if (!ecm_db_connection_table) {
DEBUG_ERROR("Failed to allocate virtual memory for ecm_db_connection_table\n");
return false;
}
ecm_db_connection_table_lengths = vzalloc(sizeof(int) * ECM_DB_CONNECTION_HASH_SLOTS);
if (!ecm_db_connection_table_lengths) {
DEBUG_ERROR("Failed to allocate virtual memory for ecm_db_connection_table_lengths\n");
vfree(ecm_db_connection_table);
return false;
}
ecm_db_connection_serial_table = vzalloc(sizeof(struct ecm_db_connection_instance *) * ECM_DB_CONNECTION_SERIAL_HASH_SLOTS);
if (!ecm_db_connection_serial_table) {
DEBUG_ERROR("Failed to allocate virtual memory for ecm_db_connection_serial_table\n");
vfree(ecm_db_connection_table_lengths);
vfree(ecm_db_connection_table);
return false;
}
ecm_db_connection_serial_table_lengths = vzalloc(sizeof(int) * ECM_DB_CONNECTION_SERIAL_HASH_SLOTS);
if (!ecm_db_connection_serial_table_lengths) {
DEBUG_ERROR("Failed to allocate virtual memory for ecm_db_connection_serial_table_lengths\n");
vfree(ecm_db_connection_serial_table);
vfree(ecm_db_connection_table_lengths);
vfree(ecm_db_connection_table);
return false;
}
/*
* Reset connection by protocol counters
*/
memset(ecm_db_connection_count_by_protocol, 0, sizeof(ecm_db_connection_count_by_protocol));
#ifdef ECM_DB_CTA_TRACK_ENABLE
/*
* Reset classifier type assignment lists
*/
memset(ecm_db_connection_classifier_type_assignments, 0, sizeof(ecm_db_connection_classifier_type_assignments));
#endif
return true;
}
/*
* ecm_db_connection_exit()
*/
void ecm_db_connection_exit(void)
{
vfree(ecm_db_connection_serial_table_lengths);
vfree(ecm_db_connection_serial_table);
vfree(ecm_db_connection_table_lengths);
vfree(ecm_db_connection_table);
}