1*4882a593Smuzhiyun /* SPDX-License-Identifier: GPL-2.0 */ 2*4882a593Smuzhiyun #ifndef __NET_TC_CT_H 3*4882a593Smuzhiyun #define __NET_TC_CT_H 4*4882a593Smuzhiyun 5*4882a593Smuzhiyun #include <net/act_api.h> 6*4882a593Smuzhiyun #include <uapi/linux/tc_act/tc_ct.h> 7*4882a593Smuzhiyun 8*4882a593Smuzhiyun #if IS_ENABLED(CONFIG_NF_CONNTRACK) 9*4882a593Smuzhiyun #include <net/netfilter/nf_nat.h> 10*4882a593Smuzhiyun #include <net/netfilter/nf_conntrack_labels.h> 11*4882a593Smuzhiyun 12*4882a593Smuzhiyun struct tcf_ct_params { 13*4882a593Smuzhiyun struct nf_conn *tmpl; 14*4882a593Smuzhiyun u16 zone; 15*4882a593Smuzhiyun 16*4882a593Smuzhiyun u32 mark; 17*4882a593Smuzhiyun u32 mark_mask; 18*4882a593Smuzhiyun 19*4882a593Smuzhiyun u32 labels[NF_CT_LABELS_MAX_SIZE / sizeof(u32)]; 20*4882a593Smuzhiyun u32 labels_mask[NF_CT_LABELS_MAX_SIZE / sizeof(u32)]; 21*4882a593Smuzhiyun 22*4882a593Smuzhiyun struct nf_nat_range2 range; 23*4882a593Smuzhiyun bool ipv4_range; 24*4882a593Smuzhiyun 25*4882a593Smuzhiyun u16 ct_action; 26*4882a593Smuzhiyun 27*4882a593Smuzhiyun struct rcu_head rcu; 28*4882a593Smuzhiyun 29*4882a593Smuzhiyun struct tcf_ct_flow_table *ct_ft; 30*4882a593Smuzhiyun struct nf_flowtable *nf_ft; 31*4882a593Smuzhiyun }; 32*4882a593Smuzhiyun 33*4882a593Smuzhiyun struct tcf_ct { 34*4882a593Smuzhiyun struct tc_action common; 35*4882a593Smuzhiyun struct tcf_ct_params __rcu *params; 36*4882a593Smuzhiyun }; 37*4882a593Smuzhiyun 38*4882a593Smuzhiyun #define to_ct(a) ((struct tcf_ct *)a) 39*4882a593Smuzhiyun #define to_ct_params(a) \ 40*4882a593Smuzhiyun ((struct tcf_ct_params *) \ 41*4882a593Smuzhiyun rcu_dereference_protected(to_ct(a)->params, \ 42*4882a593Smuzhiyun lockdep_is_held(&a->tcfa_lock))) 43*4882a593Smuzhiyun tcf_ct_zone(const struct tc_action * a)44*4882a593Smuzhiyunstatic inline uint16_t tcf_ct_zone(const struct tc_action *a) 45*4882a593Smuzhiyun { 46*4882a593Smuzhiyun return to_ct_params(a)->zone; 47*4882a593Smuzhiyun } 48*4882a593Smuzhiyun tcf_ct_action(const struct tc_action * a)49*4882a593Smuzhiyunstatic inline int tcf_ct_action(const struct tc_action *a) 50*4882a593Smuzhiyun { 51*4882a593Smuzhiyun return to_ct_params(a)->ct_action; 52*4882a593Smuzhiyun } 53*4882a593Smuzhiyun tcf_ct_ft(const struct tc_action * a)54*4882a593Smuzhiyunstatic inline struct nf_flowtable *tcf_ct_ft(const struct tc_action *a) 55*4882a593Smuzhiyun { 56*4882a593Smuzhiyun return to_ct_params(a)->nf_ft; 57*4882a593Smuzhiyun } 58*4882a593Smuzhiyun 59*4882a593Smuzhiyun #else tcf_ct_zone(const struct tc_action * a)60*4882a593Smuzhiyunstatic inline uint16_t tcf_ct_zone(const struct tc_action *a) { return 0; } tcf_ct_action(const struct tc_action * a)61*4882a593Smuzhiyunstatic inline int tcf_ct_action(const struct tc_action *a) { return 0; } tcf_ct_ft(const struct tc_action * a)62*4882a593Smuzhiyunstatic inline struct nf_flowtable *tcf_ct_ft(const struct tc_action *a) 63*4882a593Smuzhiyun { 64*4882a593Smuzhiyun return NULL; 65*4882a593Smuzhiyun } 66*4882a593Smuzhiyun #endif /* CONFIG_NF_CONNTRACK */ 67*4882a593Smuzhiyun 68*4882a593Smuzhiyun #if IS_ENABLED(CONFIG_NET_ACT_CT) 69*4882a593Smuzhiyun static inline void tcf_ct_flow_table_restore_skb(struct sk_buff * skb,unsigned long cookie)70*4882a593Smuzhiyuntcf_ct_flow_table_restore_skb(struct sk_buff *skb, unsigned long cookie) 71*4882a593Smuzhiyun { 72*4882a593Smuzhiyun enum ip_conntrack_info ctinfo = cookie & NFCT_INFOMASK; 73*4882a593Smuzhiyun struct nf_conn *ct; 74*4882a593Smuzhiyun 75*4882a593Smuzhiyun ct = (struct nf_conn *)(cookie & NFCT_PTRMASK); 76*4882a593Smuzhiyun nf_conntrack_get(&ct->ct_general); 77*4882a593Smuzhiyun nf_ct_set(skb, ct, ctinfo); 78*4882a593Smuzhiyun } 79*4882a593Smuzhiyun #else 80*4882a593Smuzhiyun static inline void tcf_ct_flow_table_restore_skb(struct sk_buff * skb,unsigned long cookie)81*4882a593Smuzhiyuntcf_ct_flow_table_restore_skb(struct sk_buff *skb, unsigned long cookie) { } 82*4882a593Smuzhiyun #endif 83*4882a593Smuzhiyun is_tcf_ct(const struct tc_action * a)84*4882a593Smuzhiyunstatic inline bool is_tcf_ct(const struct tc_action *a) 85*4882a593Smuzhiyun { 86*4882a593Smuzhiyun #if defined(CONFIG_NET_CLS_ACT) && IS_ENABLED(CONFIG_NF_CONNTRACK) 87*4882a593Smuzhiyun if (a->ops && a->ops->id == TCA_ID_CT) 88*4882a593Smuzhiyun return true; 89*4882a593Smuzhiyun #endif 90*4882a593Smuzhiyun return false; 91*4882a593Smuzhiyun } 92*4882a593Smuzhiyun 93*4882a593Smuzhiyun #endif /* __NET_TC_CT_H */ 94