Merge branch 'drop_monitor-Capture-dropped-packets-and-metadata'

Ido Schimmel says:

====================
drop_monitor: Capture dropped packets and metadata

So far drop monitor supported only one mode of operation in which a
summary of recent packet drops is periodically sent to user space as a
netlink event. The event only includes the drop location (program
counter) and number of drops in the last interval.

While this mode of operation allows one to understand if the system is
dropping packets, it is not sufficient if a more detailed analysis is
required. Both the packet itself and related metadata are missing.

This patchset extends drop monitor with another mode of operation where
the packet - potentially truncated - and metadata (e.g., drop location,
timestamp, netdev) are sent to user space as a netlink event. Thanks to
the extensible nature of netlink, more metadata can be added in the
future.

To avoid performing expensive operations in the context in which
kfree_skb() is called, the dropped skbs are cloned and queued on per-CPU
skb drop list. The list is then processed in process context (using a
workqueue), where the netlink messages are allocated, prepared and
finally sent to user space.

A follow-up patchset will integrate drop monitor with devlink and allow
the latter to call into drop monitor to report hardware drops. In the
future, XDP drops can be added as well, thereby making drop monitor the
go-to netlink channel for diagnosing all packet drops.

Example usage with patched dropwatch [1] can be found here [2]. Example
dissection of drop monitor netlink events with patched wireshark [3] can
be found here [4]. I will submit both changes upstream after the kernel
changes are accepted. Another change worth making is adding a dropmon
pseudo interface to libpcap, similar to the nflog interface [5]. This
will allow users to specifically listen on dropmon traffic instead of
capturing all netlink packets via the nlmon netdev.

Patches #1-#5 prepare the code towards the actual changes in later
patches.

Patch #6 adds another mode of operation to drop monitor in which the
dropped packet itself is notified to user space along with metadata.

Patch #7 allows users to truncate reported packets to a specific length,
in case only the headers are of interest. The original length of the
packet is added as metadata to the netlink notification.

Patch #8 allows user to query the current configuration of drop monitor
(e.g., alert mode, truncation length).

Patches #9-#10 allow users to tune the length of the per-CPU skb drop
list according to their needs.

Changes since v1 [6]:
* Add skb protocol as metadata. This allows user space to correctly
  dissect the packet instead of blindly assuming it is an Ethernet
  packet

Changes since RFC [7]:
* Limit the length of the per-CPU skb drop list and make it configurable
* Do not use the hysteresis timer in packet alert mode
* Introduce alert mode operations in a separate patch and only then
  introduce the new alert mode
* Use 'skb->skb_iif' instead of 'skb->dev' because the latter is inside
  a union with 'dev_scratch' and therefore not guaranteed to point to a
  valid netdev
* Return '-EBUSY' instead of '-EOPNOTSUPP' when trying to configure drop
  monitor while it is monitoring
* Did not change schedule_work() in favor of schedule_work_on() as I did
  not observe a change in number of tail drops

[1] https://github.com/idosch/dropwatch/tree/packet-mode
[2] https://gist.github.com/idosch/3d524b887e16bc11b4b19e25c23dcc23#file-gistfile1-txt
[3] https://github.com/idosch/wireshark/tree/drop-monitor-v2
[4] https://gist.github.com/idosch/3d524b887e16bc11b4b19e25c23dcc23#file-gistfile2-txt
[5] https://github.com/the-tcpdump-group/libpcap/blob/master/pcap-netfilter-linux.c
[6] https://patchwork.ozlabs.org/cover/1143443/
[7] https://patchwork.ozlabs.org/cover/1135226/
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
David S. Miller 2019-08-11 10:53:31 -07:00
commit 6e5ee48339
2 changed files with 613 additions and 37 deletions

View File

@ -53,6 +53,11 @@ enum {
NET_DM_CMD_CONFIG,
NET_DM_CMD_START,
NET_DM_CMD_STOP,
NET_DM_CMD_PACKET_ALERT,
NET_DM_CMD_CONFIG_GET,
NET_DM_CMD_CONFIG_NEW,
NET_DM_CMD_STATS_GET,
NET_DM_CMD_STATS_NEW,
_NET_DM_CMD_MAX,
};
@ -62,4 +67,50 @@ enum {
* Our group identifiers
*/
#define NET_DM_GRP_ALERT 1
enum net_dm_attr {
NET_DM_ATTR_UNSPEC,
NET_DM_ATTR_ALERT_MODE, /* u8 */
NET_DM_ATTR_PC, /* u64 */
NET_DM_ATTR_SYMBOL, /* string */
NET_DM_ATTR_IN_PORT, /* nested */
NET_DM_ATTR_TIMESTAMP, /* struct timespec */
NET_DM_ATTR_PROTO, /* u16 */
NET_DM_ATTR_PAYLOAD, /* binary */
NET_DM_ATTR_PAD,
NET_DM_ATTR_TRUNC_LEN, /* u32 */
NET_DM_ATTR_ORIG_LEN, /* u32 */
NET_DM_ATTR_QUEUE_LEN, /* u32 */
NET_DM_ATTR_STATS, /* nested */
__NET_DM_ATTR_MAX,
NET_DM_ATTR_MAX = __NET_DM_ATTR_MAX - 1
};
/**
* enum net_dm_alert_mode - Alert mode.
* @NET_DM_ALERT_MODE_SUMMARY: A summary of recent drops is sent to user space.
* @NET_DM_ALERT_MODE_PACKET: Each dropped packet is sent to user space along
* with metadata.
*/
enum net_dm_alert_mode {
NET_DM_ALERT_MODE_SUMMARY,
NET_DM_ALERT_MODE_PACKET,
};
enum {
NET_DM_ATTR_PORT_NETDEV_IFINDEX, /* u32 */
__NET_DM_ATTR_PORT_MAX,
NET_DM_ATTR_PORT_MAX = __NET_DM_ATTR_PORT_MAX - 1
};
enum {
NET_DM_ATTR_STATS_DROPPED, /* u64 */
__NET_DM_ATTR_STATS_MAX,
NET_DM_ATTR_STATS_MAX = __NET_DM_ATTR_STATS_MAX - 1
};
#endif

View File

@ -51,11 +51,18 @@ static int trace_state = TRACE_OFF;
*/
static DEFINE_MUTEX(net_dm_mutex);
struct net_dm_stats {
u64 dropped;
struct u64_stats_sync syncp;
};
struct per_cpu_dm_data {
spinlock_t lock; /* Protects 'skb' and 'send_timer' */
struct sk_buff *skb;
struct sk_buff_head drop_queue;
struct work_struct dm_alert_work;
struct timer_list send_timer;
struct net_dm_stats stats;
};
struct dm_hw_stat_delta {
@ -75,6 +82,24 @@ static int dm_delay = 1;
static unsigned long dm_hw_check_delta = 2*HZ;
static LIST_HEAD(hw_stats_list);
static enum net_dm_alert_mode net_dm_alert_mode = NET_DM_ALERT_MODE_SUMMARY;
static u32 net_dm_trunc_len;
static u32 net_dm_queue_len = 1000;
struct net_dm_alert_ops {
void (*kfree_skb_probe)(void *ignore, struct sk_buff *skb,
void *location);
void (*napi_poll_probe)(void *ignore, struct napi_struct *napi,
int work, int budget);
void (*work_item_func)(struct work_struct *work);
};
struct net_dm_skb_cb {
void *pc;
};
#define NET_DM_SKB_CB(__skb) ((struct net_dm_skb_cb *)&((__skb)->cb[0]))
static struct sk_buff *reset_per_cpu_data(struct per_cpu_dm_data *data)
{
size_t al;
@ -241,11 +266,318 @@ static void trace_napi_poll_hit(void *ignore, struct napi_struct *napi,
rcu_read_unlock();
}
static const struct net_dm_alert_ops net_dm_alert_summary_ops = {
.kfree_skb_probe = trace_kfree_skb_hit,
.napi_poll_probe = trace_napi_poll_hit,
.work_item_func = send_dm_alert,
};
static void net_dm_packet_trace_kfree_skb_hit(void *ignore,
struct sk_buff *skb,
void *location)
{
ktime_t tstamp = ktime_get_real();
struct per_cpu_dm_data *data;
struct sk_buff *nskb;
unsigned long flags;
nskb = skb_clone(skb, GFP_ATOMIC);
if (!nskb)
return;
NET_DM_SKB_CB(nskb)->pc = location;
/* Override the timestamp because we care about the time when the
* packet was dropped.
*/
nskb->tstamp = tstamp;
data = this_cpu_ptr(&dm_cpu_data);
spin_lock_irqsave(&data->drop_queue.lock, flags);
if (skb_queue_len(&data->drop_queue) < net_dm_queue_len)
__skb_queue_tail(&data->drop_queue, nskb);
else
goto unlock_free;
spin_unlock_irqrestore(&data->drop_queue.lock, flags);
schedule_work(&data->dm_alert_work);
return;
unlock_free:
spin_unlock_irqrestore(&data->drop_queue.lock, flags);
u64_stats_update_begin(&data->stats.syncp);
data->stats.dropped++;
u64_stats_update_end(&data->stats.syncp);
consume_skb(nskb);
}
static void net_dm_packet_trace_napi_poll_hit(void *ignore,
struct napi_struct *napi,
int work, int budget)
{
}
static size_t net_dm_in_port_size(void)
{
/* NET_DM_ATTR_IN_PORT nest */
return nla_total_size(0) +
/* NET_DM_ATTR_PORT_NETDEV_IFINDEX */
nla_total_size(sizeof(u32));
}
#define NET_DM_MAX_SYMBOL_LEN 40
static size_t net_dm_packet_report_size(size_t payload_len)
{
size_t size;
size = nlmsg_msg_size(GENL_HDRLEN + net_drop_monitor_family.hdrsize);
return NLMSG_ALIGN(size) +
/* NET_DM_ATTR_PC */
nla_total_size(sizeof(u64)) +
/* NET_DM_ATTR_SYMBOL */
nla_total_size(NET_DM_MAX_SYMBOL_LEN + 1) +
/* NET_DM_ATTR_IN_PORT */
net_dm_in_port_size() +
/* NET_DM_ATTR_TIMESTAMP */
nla_total_size(sizeof(struct timespec)) +
/* NET_DM_ATTR_ORIG_LEN */
nla_total_size(sizeof(u32)) +
/* NET_DM_ATTR_PROTO */
nla_total_size(sizeof(u16)) +
/* NET_DM_ATTR_PAYLOAD */
nla_total_size(payload_len);
}
static int net_dm_packet_report_in_port_put(struct sk_buff *msg, int ifindex)
{
struct nlattr *attr;
attr = nla_nest_start(msg, NET_DM_ATTR_IN_PORT);
if (!attr)
return -EMSGSIZE;
if (ifindex &&
nla_put_u32(msg, NET_DM_ATTR_PORT_NETDEV_IFINDEX, ifindex))
goto nla_put_failure;
nla_nest_end(msg, attr);
return 0;
nla_put_failure:
nla_nest_cancel(msg, attr);
return -EMSGSIZE;
}
static int net_dm_packet_report_fill(struct sk_buff *msg, struct sk_buff *skb,
size_t payload_len)
{
u64 pc = (u64)(uintptr_t) NET_DM_SKB_CB(skb)->pc;
char buf[NET_DM_MAX_SYMBOL_LEN];
struct nlattr *attr;
struct timespec ts;
void *hdr;
int rc;
hdr = genlmsg_put(msg, 0, 0, &net_drop_monitor_family, 0,
NET_DM_CMD_PACKET_ALERT);
if (!hdr)
return -EMSGSIZE;
if (nla_put_u64_64bit(msg, NET_DM_ATTR_PC, pc, NET_DM_ATTR_PAD))
goto nla_put_failure;
snprintf(buf, sizeof(buf), "%pS", NET_DM_SKB_CB(skb)->pc);
if (nla_put_string(msg, NET_DM_ATTR_SYMBOL, buf))
goto nla_put_failure;
rc = net_dm_packet_report_in_port_put(msg, skb->skb_iif);
if (rc)
goto nla_put_failure;
if (ktime_to_timespec_cond(skb->tstamp, &ts) &&
nla_put(msg, NET_DM_ATTR_TIMESTAMP, sizeof(ts), &ts))
goto nla_put_failure;
if (nla_put_u32(msg, NET_DM_ATTR_ORIG_LEN, skb->len))
goto nla_put_failure;
if (!payload_len)
goto out;
if (nla_put_u16(msg, NET_DM_ATTR_PROTO, be16_to_cpu(skb->protocol)))
goto nla_put_failure;
attr = skb_put(msg, nla_total_size(payload_len));
attr->nla_type = NET_DM_ATTR_PAYLOAD;
attr->nla_len = nla_attr_size(payload_len);
if (skb_copy_bits(skb, 0, nla_data(attr), payload_len))
goto nla_put_failure;
out:
genlmsg_end(msg, hdr);
return 0;
nla_put_failure:
genlmsg_cancel(msg, hdr);
return -EMSGSIZE;
}
#define NET_DM_MAX_PACKET_SIZE (0xffff - NLA_HDRLEN - NLA_ALIGNTO)
static void net_dm_packet_report(struct sk_buff *skb)
{
struct sk_buff *msg;
size_t payload_len;
int rc;
/* Make sure we start copying the packet from the MAC header */
if (skb->data > skb_mac_header(skb))
skb_push(skb, skb->data - skb_mac_header(skb));
else
skb_pull(skb, skb_mac_header(skb) - skb->data);
/* Ensure packet fits inside a single netlink attribute */
payload_len = min_t(size_t, skb->len, NET_DM_MAX_PACKET_SIZE);
if (net_dm_trunc_len)
payload_len = min_t(size_t, net_dm_trunc_len, payload_len);
msg = nlmsg_new(net_dm_packet_report_size(payload_len), GFP_KERNEL);
if (!msg)
goto out;
rc = net_dm_packet_report_fill(msg, skb, payload_len);
if (rc) {
nlmsg_free(msg);
goto out;
}
genlmsg_multicast(&net_drop_monitor_family, msg, 0, 0, GFP_KERNEL);
out:
consume_skb(skb);
}
static void net_dm_packet_work(struct work_struct *work)
{
struct per_cpu_dm_data *data;
struct sk_buff_head list;
struct sk_buff *skb;
unsigned long flags;
data = container_of(work, struct per_cpu_dm_data, dm_alert_work);
__skb_queue_head_init(&list);
spin_lock_irqsave(&data->drop_queue.lock, flags);
skb_queue_splice_tail_init(&data->drop_queue, &list);
spin_unlock_irqrestore(&data->drop_queue.lock, flags);
while ((skb = __skb_dequeue(&list)))
net_dm_packet_report(skb);
}
static const struct net_dm_alert_ops net_dm_alert_packet_ops = {
.kfree_skb_probe = net_dm_packet_trace_kfree_skb_hit,
.napi_poll_probe = net_dm_packet_trace_napi_poll_hit,
.work_item_func = net_dm_packet_work,
};
static const struct net_dm_alert_ops *net_dm_alert_ops_arr[] = {
[NET_DM_ALERT_MODE_SUMMARY] = &net_dm_alert_summary_ops,
[NET_DM_ALERT_MODE_PACKET] = &net_dm_alert_packet_ops,
};
static int net_dm_trace_on_set(struct netlink_ext_ack *extack)
{
const struct net_dm_alert_ops *ops;
int cpu, rc;
ops = net_dm_alert_ops_arr[net_dm_alert_mode];
if (!try_module_get(THIS_MODULE)) {
NL_SET_ERR_MSG_MOD(extack, "Failed to take reference on module");
return -ENODEV;
}
for_each_possible_cpu(cpu) {
struct per_cpu_dm_data *data = &per_cpu(dm_cpu_data, cpu);
struct sk_buff *skb;
INIT_WORK(&data->dm_alert_work, ops->work_item_func);
timer_setup(&data->send_timer, sched_send_work, 0);
/* Allocate a new per-CPU skb for the summary alert message and
* free the old one which might contain stale data from
* previous tracing.
*/
skb = reset_per_cpu_data(data);
consume_skb(skb);
}
rc = register_trace_kfree_skb(ops->kfree_skb_probe, NULL);
if (rc) {
NL_SET_ERR_MSG_MOD(extack, "Failed to connect probe to kfree_skb() tracepoint");
goto err_module_put;
}
rc = register_trace_napi_poll(ops->napi_poll_probe, NULL);
if (rc) {
NL_SET_ERR_MSG_MOD(extack, "Failed to connect probe to napi_poll() tracepoint");
goto err_unregister_trace;
}
return 0;
err_unregister_trace:
unregister_trace_kfree_skb(ops->kfree_skb_probe, NULL);
err_module_put:
module_put(THIS_MODULE);
return rc;
}
static void net_dm_trace_off_set(void)
{
struct dm_hw_stat_delta *new_stat, *temp;
const struct net_dm_alert_ops *ops;
int cpu;
ops = net_dm_alert_ops_arr[net_dm_alert_mode];
unregister_trace_napi_poll(ops->napi_poll_probe, NULL);
unregister_trace_kfree_skb(ops->kfree_skb_probe, NULL);
tracepoint_synchronize_unregister();
/* Make sure we do not send notifications to user space after request
* to stop tracing returns.
*/
for_each_possible_cpu(cpu) {
struct per_cpu_dm_data *data = &per_cpu(dm_cpu_data, cpu);
struct sk_buff *skb;
del_timer_sync(&data->send_timer);
cancel_work_sync(&data->dm_alert_work);
while ((skb = __skb_dequeue(&data->drop_queue)))
consume_skb(skb);
}
list_for_each_entry_safe(new_stat, temp, &hw_stats_list, list) {
if (new_stat->dev == NULL) {
list_del_rcu(&new_stat->list);
kfree_rcu(new_stat, rcu);
}
}
module_put(THIS_MODULE);
}
static int set_all_monitor_traces(int state, struct netlink_ext_ack *extack)
{
int rc = 0;
struct dm_hw_stat_delta *new_stat = NULL;
struct dm_hw_stat_delta *temp;
if (state == trace_state) {
NL_SET_ERR_MSG_MOD(extack, "Trace state already set to requested state");
@ -254,34 +586,10 @@ static int set_all_monitor_traces(int state, struct netlink_ext_ack *extack)
switch (state) {
case TRACE_ON:
if (!try_module_get(THIS_MODULE)) {
NL_SET_ERR_MSG_MOD(extack, "Failed to take reference on module");
rc = -ENODEV;
break;
}
rc |= register_trace_kfree_skb(trace_kfree_skb_hit, NULL);
rc |= register_trace_napi_poll(trace_napi_poll_hit, NULL);
rc = net_dm_trace_on_set(extack);
break;
case TRACE_OFF:
rc |= unregister_trace_kfree_skb(trace_kfree_skb_hit, NULL);
rc |= unregister_trace_napi_poll(trace_napi_poll_hit, NULL);
tracepoint_synchronize_unregister();
/*
* Clean the device list
*/
list_for_each_entry_safe(new_stat, temp, &hw_stats_list, list) {
if (new_stat->dev == NULL) {
list_del_rcu(&new_stat->list);
kfree_rcu(new_stat, rcu);
}
}
module_put(THIS_MODULE);
net_dm_trace_off_set();
break;
default:
rc = 1;
@ -296,12 +604,81 @@ static int set_all_monitor_traces(int state, struct netlink_ext_ack *extack)
return rc;
}
static int net_dm_alert_mode_get_from_info(struct genl_info *info,
enum net_dm_alert_mode *p_alert_mode)
{
u8 val;
val = nla_get_u8(info->attrs[NET_DM_ATTR_ALERT_MODE]);
switch (val) {
case NET_DM_ALERT_MODE_SUMMARY: /* fall-through */
case NET_DM_ALERT_MODE_PACKET:
*p_alert_mode = val;
break;
default:
return -EINVAL;
}
return 0;
}
static int net_dm_alert_mode_set(struct genl_info *info)
{
struct netlink_ext_ack *extack = info->extack;
enum net_dm_alert_mode alert_mode;
int rc;
if (!info->attrs[NET_DM_ATTR_ALERT_MODE])
return 0;
rc = net_dm_alert_mode_get_from_info(info, &alert_mode);
if (rc) {
NL_SET_ERR_MSG_MOD(extack, "Invalid alert mode");
return -EINVAL;
}
net_dm_alert_mode = alert_mode;
return 0;
}
static void net_dm_trunc_len_set(struct genl_info *info)
{
if (!info->attrs[NET_DM_ATTR_TRUNC_LEN])
return;
net_dm_trunc_len = nla_get_u32(info->attrs[NET_DM_ATTR_TRUNC_LEN]);
}
static void net_dm_queue_len_set(struct genl_info *info)
{
if (!info->attrs[NET_DM_ATTR_QUEUE_LEN])
return;
net_dm_queue_len = nla_get_u32(info->attrs[NET_DM_ATTR_QUEUE_LEN]);
}
static int net_dm_cmd_config(struct sk_buff *skb,
struct genl_info *info)
{
NL_SET_ERR_MSG_MOD(info->extack, "Command not supported");
struct netlink_ext_ack *extack = info->extack;
int rc;
return -EOPNOTSUPP;
if (trace_state == TRACE_ON) {
NL_SET_ERR_MSG_MOD(extack, "Cannot configure drop monitor while tracing is on");
return -EBUSY;
}
rc = net_dm_alert_mode_set(info);
if (rc)
return rc;
net_dm_trunc_len_set(info);
net_dm_queue_len_set(info);
return 0;
}
static int net_dm_cmd_trace(struct sk_buff *skb,
@ -317,6 +694,140 @@ static int net_dm_cmd_trace(struct sk_buff *skb,
return -EOPNOTSUPP;
}
static int net_dm_config_fill(struct sk_buff *msg, struct genl_info *info)
{
void *hdr;
hdr = genlmsg_put(msg, info->snd_portid, info->snd_seq,
&net_drop_monitor_family, 0, NET_DM_CMD_CONFIG_NEW);
if (!hdr)
return -EMSGSIZE;
if (nla_put_u8(msg, NET_DM_ATTR_ALERT_MODE, net_dm_alert_mode))
goto nla_put_failure;
if (nla_put_u32(msg, NET_DM_ATTR_TRUNC_LEN, net_dm_trunc_len))
goto nla_put_failure;
if (nla_put_u32(msg, NET_DM_ATTR_QUEUE_LEN, net_dm_queue_len))
goto nla_put_failure;
genlmsg_end(msg, hdr);
return 0;
nla_put_failure:
genlmsg_cancel(msg, hdr);
return -EMSGSIZE;
}
static int net_dm_cmd_config_get(struct sk_buff *skb, struct genl_info *info)
{
struct sk_buff *msg;
int rc;
msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
if (!msg)
return -ENOMEM;
rc = net_dm_config_fill(msg, info);
if (rc)
goto free_msg;
return genlmsg_reply(msg, info);
free_msg:
nlmsg_free(msg);
return rc;
}
static void net_dm_stats_read(struct net_dm_stats *stats)
{
int cpu;
memset(stats, 0, sizeof(*stats));
for_each_possible_cpu(cpu) {
struct per_cpu_dm_data *data = &per_cpu(dm_cpu_data, cpu);
struct net_dm_stats *cpu_stats = &data->stats;
unsigned int start;
u64 dropped;
do {
start = u64_stats_fetch_begin_irq(&cpu_stats->syncp);
dropped = cpu_stats->dropped;
} while (u64_stats_fetch_retry_irq(&cpu_stats->syncp, start));
stats->dropped += dropped;
}
}
static int net_dm_stats_put(struct sk_buff *msg)
{
struct net_dm_stats stats;
struct nlattr *attr;
net_dm_stats_read(&stats);
attr = nla_nest_start(msg, NET_DM_ATTR_STATS);
if (!attr)
return -EMSGSIZE;
if (nla_put_u64_64bit(msg, NET_DM_ATTR_STATS_DROPPED,
stats.dropped, NET_DM_ATTR_PAD))
goto nla_put_failure;
nla_nest_end(msg, attr);
return 0;
nla_put_failure:
nla_nest_cancel(msg, attr);
return -EMSGSIZE;
}
static int net_dm_stats_fill(struct sk_buff *msg, struct genl_info *info)
{
void *hdr;
int rc;
hdr = genlmsg_put(msg, info->snd_portid, info->snd_seq,
&net_drop_monitor_family, 0, NET_DM_CMD_STATS_NEW);
if (!hdr)
return -EMSGSIZE;
rc = net_dm_stats_put(msg);
if (rc)
goto nla_put_failure;
genlmsg_end(msg, hdr);
return 0;
nla_put_failure:
genlmsg_cancel(msg, hdr);
return -EMSGSIZE;
}
static int net_dm_cmd_stats_get(struct sk_buff *skb, struct genl_info *info)
{
struct sk_buff *msg;
int rc;
msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
if (!msg)
return -ENOMEM;
rc = net_dm_stats_fill(msg, info);
if (rc)
goto free_msg;
return genlmsg_reply(msg, info);
free_msg:
nlmsg_free(msg);
return rc;
}
static int dropmon_net_event(struct notifier_block *ev_block,
unsigned long event, void *ptr)
{
@ -356,11 +867,19 @@ out:
return NOTIFY_DONE;
}
static const struct nla_policy net_dm_nl_policy[NET_DM_ATTR_MAX + 1] = {
[NET_DM_ATTR_UNSPEC] = { .strict_start_type = NET_DM_ATTR_UNSPEC + 1 },
[NET_DM_ATTR_ALERT_MODE] = { .type = NLA_U8 },
[NET_DM_ATTR_TRUNC_LEN] = { .type = NLA_U32 },
[NET_DM_ATTR_QUEUE_LEN] = { .type = NLA_U32 },
};
static const struct genl_ops dropmon_ops[] = {
{
.cmd = NET_DM_CMD_CONFIG,
.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
.doit = net_dm_cmd_config,
.flags = GENL_ADMIN_PERM,
},
{
.cmd = NET_DM_CMD_START,
@ -372,6 +891,14 @@ static const struct genl_ops dropmon_ops[] = {
.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
.doit = net_dm_cmd_trace,
},
{
.cmd = NET_DM_CMD_CONFIG_GET,
.doit = net_dm_cmd_config_get,
},
{
.cmd = NET_DM_CMD_STATS_GET,
.doit = net_dm_cmd_stats_get,
},
};
static int net_dm_nl_pre_doit(const struct genl_ops *ops,
@ -392,6 +919,8 @@ static struct genl_family net_drop_monitor_family __ro_after_init = {
.hdrsize = 0,
.name = "NET_DM",
.version = 2,
.maxattr = NET_DM_ATTR_MAX,
.policy = net_dm_nl_policy,
.pre_doit = net_dm_nl_pre_doit,
.post_doit = net_dm_nl_post_doit,
.module = THIS_MODULE,
@ -434,10 +963,9 @@ static int __init init_net_drop_monitor(void)
for_each_possible_cpu(cpu) {
data = &per_cpu(dm_cpu_data, cpu);
INIT_WORK(&data->dm_alert_work, send_dm_alert);
timer_setup(&data->send_timer, sched_send_work, 0);
spin_lock_init(&data->lock);
reset_per_cpu_data(data);
skb_queue_head_init(&data->drop_queue);
u64_stats_init(&data->stats.syncp);
}
goto out;
@ -458,19 +986,16 @@ static void exit_net_drop_monitor(void)
/*
* Because of the module_get/put we do in the trace state change path
* we are guarnateed not to have any current users when we get here
* all we need to do is make sure that we don't have any running timers
* or pending schedule calls
*/
for_each_possible_cpu(cpu) {
data = &per_cpu(dm_cpu_data, cpu);
del_timer_sync(&data->send_timer);
cancel_work_sync(&data->dm_alert_work);
/*
* At this point, we should have exclusive access
* to this struct and can free the skb inside it
*/
kfree_skb(data->skb);
WARN_ON(!skb_queue_empty(&data->drop_queue));
}
BUG_ON(genl_unregister_family(&net_drop_monitor_family));