Line data Source code
1 : // SPDX-License-Identifier: GPL-2.0
2 : /*
3 : * NETLINK Netlink attributes
4 : *
5 : * Authors: Thomas Graf <tgraf@suug.ch>
6 : * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
7 : */
8 :
9 : #include <linux/export.h>
10 : #include <linux/kernel.h>
11 : #include <linux/errno.h>
12 : #include <linux/jiffies.h>
13 : #include <linux/skbuff.h>
14 : #include <linux/string.h>
15 : #include <linux/types.h>
16 : #include <net/netlink.h>
17 :
18 : /* For these data types, attribute length should be exactly the given
19 : * size. However, to maintain compatibility with broken commands, if the
20 : * attribute length does not match the expected size a warning is emitted
21 : * to the user that the command is sending invalid data and needs to be fixed.
22 : */
23 : static const u8 nla_attr_len[NLA_TYPE_MAX+1] = {
24 : [NLA_U8] = sizeof(u8),
25 : [NLA_U16] = sizeof(u16),
26 : [NLA_U32] = sizeof(u32),
27 : [NLA_U64] = sizeof(u64),
28 : [NLA_S8] = sizeof(s8),
29 : [NLA_S16] = sizeof(s16),
30 : [NLA_S32] = sizeof(s32),
31 : [NLA_S64] = sizeof(s64),
32 : };
33 :
34 : static const u8 nla_attr_minlen[NLA_TYPE_MAX+1] = {
35 : [NLA_U8] = sizeof(u8),
36 : [NLA_U16] = sizeof(u16),
37 : [NLA_U32] = sizeof(u32),
38 : [NLA_U64] = sizeof(u64),
39 : [NLA_MSECS] = sizeof(u64),
40 : [NLA_NESTED] = NLA_HDRLEN,
41 : [NLA_S8] = sizeof(s8),
42 : [NLA_S16] = sizeof(s16),
43 : [NLA_S32] = sizeof(s32),
44 : [NLA_S64] = sizeof(s64),
45 : };
46 :
47 : /*
48 : * Nested policies might refer back to the original
49 : * policy in some cases, and userspace could try to
50 : * abuse that and recurse by nesting in the right
51 : * ways. Limit recursion to avoid this problem.
52 : */
53 : #define MAX_POLICY_RECURSION_DEPTH 10
54 :
55 : static int __nla_validate_parse(const struct nlattr *head, int len, int maxtype,
56 : const struct nla_policy *policy,
57 : unsigned int validate,
58 : struct netlink_ext_ack *extack,
59 : struct nlattr **tb, unsigned int depth);
60 :
61 0 : static int validate_nla_bitfield32(const struct nlattr *nla,
62 : const u32 valid_flags_mask)
63 : {
64 0 : const struct nla_bitfield32 *bf = nla_data(nla);
65 :
66 0 : if (!valid_flags_mask)
67 : return -EINVAL;
68 :
69 : /*disallow invalid bit selector */
70 0 : if (bf->selector & ~valid_flags_mask)
71 : return -EINVAL;
72 :
73 : /*disallow invalid bit values */
74 0 : if (bf->value & ~valid_flags_mask)
75 : return -EINVAL;
76 :
77 : /*disallow valid bit values that are not selected*/
78 0 : if (bf->value & ~bf->selector)
79 0 : return -EINVAL;
80 :
81 : return 0;
82 : }
83 :
84 0 : static int nla_validate_array(const struct nlattr *head, int len, int maxtype,
85 : const struct nla_policy *policy,
86 : struct netlink_ext_ack *extack,
87 : unsigned int validate, unsigned int depth)
88 : {
89 0 : const struct nlattr *entry;
90 0 : int rem;
91 :
92 0 : nla_for_each_attr(entry, head, len, rem) {
93 0 : int ret;
94 :
95 0 : if (nla_len(entry) == 0)
96 0 : continue;
97 :
98 0 : if (nla_len(entry) < NLA_HDRLEN) {
99 0 : NL_SET_ERR_MSG_ATTR_POL(extack, entry, policy,
100 : "Array element too short");
101 0 : return -ERANGE;
102 : }
103 :
104 0 : ret = __nla_validate_parse(nla_data(entry), nla_len(entry),
105 : maxtype, policy, validate, extack,
106 : NULL, depth + 1);
107 0 : if (ret < 0)
108 0 : return ret;
109 : }
110 :
111 : return 0;
112 : }
113 :
114 0 : void nla_get_range_unsigned(const struct nla_policy *pt,
115 : struct netlink_range_validation *range)
116 : {
117 0 : WARN_ON_ONCE(pt->validation_type != NLA_VALIDATE_RANGE_PTR &&
118 : (pt->min < 0 || pt->max < 0));
119 :
120 0 : range->min = 0;
121 :
122 0 : switch (pt->type) {
123 0 : case NLA_U8:
124 0 : range->max = U8_MAX;
125 0 : break;
126 0 : case NLA_U16:
127 : case NLA_BINARY:
128 0 : range->max = U16_MAX;
129 0 : break;
130 0 : case NLA_U32:
131 0 : range->max = U32_MAX;
132 0 : break;
133 0 : case NLA_U64:
134 : case NLA_MSECS:
135 0 : range->max = U64_MAX;
136 0 : break;
137 : default:
138 0 : WARN_ON_ONCE(1);
139 0 : return;
140 : }
141 :
142 0 : switch (pt->validation_type) {
143 0 : case NLA_VALIDATE_RANGE:
144 : case NLA_VALIDATE_RANGE_WARN_TOO_LONG:
145 0 : range->min = pt->min;
146 0 : range->max = pt->max;
147 0 : break;
148 0 : case NLA_VALIDATE_RANGE_PTR:
149 0 : *range = *pt->range;
150 0 : break;
151 0 : case NLA_VALIDATE_MIN:
152 0 : range->min = pt->min;
153 0 : break;
154 0 : case NLA_VALIDATE_MAX:
155 0 : range->max = pt->max;
156 0 : break;
157 : default:
158 : break;
159 : }
160 : }
161 :
162 0 : static int nla_validate_range_unsigned(const struct nla_policy *pt,
163 : const struct nlattr *nla,
164 : struct netlink_ext_ack *extack,
165 : unsigned int validate)
166 : {
167 0 : struct netlink_range_validation range;
168 0 : u64 value;
169 :
170 0 : switch (pt->type) {
171 : case NLA_U8:
172 0 : value = nla_get_u8(nla);
173 0 : break;
174 : case NLA_U16:
175 0 : value = nla_get_u16(nla);
176 0 : break;
177 : case NLA_U32:
178 0 : value = nla_get_u32(nla);
179 0 : break;
180 : case NLA_U64:
181 : case NLA_MSECS:
182 0 : value = nla_get_u64(nla);
183 0 : break;
184 : case NLA_BINARY:
185 0 : value = nla_len(nla);
186 0 : break;
187 : default:
188 : return -EINVAL;
189 : }
190 :
191 0 : nla_get_range_unsigned(pt, &range);
192 :
193 0 : if (pt->validation_type == NLA_VALIDATE_RANGE_WARN_TOO_LONG &&
194 0 : pt->type == NLA_BINARY && value > range.max) {
195 0 : pr_warn_ratelimited("netlink: '%s': attribute type %d has an invalid length.\n",
196 : current->comm, pt->type);
197 0 : if (validate & NL_VALIDATE_STRICT_ATTRS) {
198 0 : NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
199 : "invalid attribute length");
200 0 : return -EINVAL;
201 : }
202 :
203 : /* this assumes min <= max (don't validate against min) */
204 : return 0;
205 : }
206 :
207 0 : if (value < range.min || value > range.max) {
208 0 : bool binary = pt->type == NLA_BINARY;
209 :
210 0 : if (binary)
211 0 : NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
212 : "binary attribute size out of range");
213 : else
214 0 : NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
215 : "integer out of range");
216 :
217 0 : return -ERANGE;
218 : }
219 :
220 : return 0;
221 : }
222 :
223 0 : void nla_get_range_signed(const struct nla_policy *pt,
224 : struct netlink_range_validation_signed *range)
225 : {
226 0 : switch (pt->type) {
227 0 : case NLA_S8:
228 0 : range->min = S8_MIN;
229 0 : range->max = S8_MAX;
230 0 : break;
231 0 : case NLA_S16:
232 0 : range->min = S16_MIN;
233 0 : range->max = S16_MAX;
234 0 : break;
235 0 : case NLA_S32:
236 0 : range->min = S32_MIN;
237 0 : range->max = S32_MAX;
238 0 : break;
239 0 : case NLA_S64:
240 0 : range->min = S64_MIN;
241 0 : range->max = S64_MAX;
242 0 : break;
243 : default:
244 0 : WARN_ON_ONCE(1);
245 0 : return;
246 : }
247 :
248 0 : switch (pt->validation_type) {
249 0 : case NLA_VALIDATE_RANGE:
250 0 : range->min = pt->min;
251 0 : range->max = pt->max;
252 0 : break;
253 0 : case NLA_VALIDATE_RANGE_PTR:
254 0 : *range = *pt->range_signed;
255 0 : break;
256 0 : case NLA_VALIDATE_MIN:
257 0 : range->min = pt->min;
258 0 : break;
259 0 : case NLA_VALIDATE_MAX:
260 0 : range->max = pt->max;
261 0 : break;
262 : default:
263 : break;
264 : }
265 : }
266 :
267 0 : static int nla_validate_int_range_signed(const struct nla_policy *pt,
268 : const struct nlattr *nla,
269 : struct netlink_ext_ack *extack)
270 : {
271 0 : struct netlink_range_validation_signed range;
272 0 : s64 value;
273 :
274 0 : switch (pt->type) {
275 : case NLA_S8:
276 0 : value = nla_get_s8(nla);
277 0 : break;
278 : case NLA_S16:
279 0 : value = nla_get_s16(nla);
280 0 : break;
281 : case NLA_S32:
282 0 : value = nla_get_s32(nla);
283 0 : break;
284 : case NLA_S64:
285 0 : value = nla_get_s64(nla);
286 0 : break;
287 : default:
288 : return -EINVAL;
289 : }
290 :
291 0 : nla_get_range_signed(pt, &range);
292 :
293 0 : if (value < range.min || value > range.max) {
294 0 : NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
295 : "integer out of range");
296 0 : return -ERANGE;
297 : }
298 :
299 : return 0;
300 : }
301 :
302 0 : static int nla_validate_int_range(const struct nla_policy *pt,
303 : const struct nlattr *nla,
304 : struct netlink_ext_ack *extack,
305 : unsigned int validate)
306 : {
307 0 : switch (pt->type) {
308 0 : case NLA_U8:
309 : case NLA_U16:
310 : case NLA_U32:
311 : case NLA_U64:
312 : case NLA_MSECS:
313 : case NLA_BINARY:
314 0 : return nla_validate_range_unsigned(pt, nla, extack, validate);
315 0 : case NLA_S8:
316 : case NLA_S16:
317 : case NLA_S32:
318 : case NLA_S64:
319 0 : return nla_validate_int_range_signed(pt, nla, extack);
320 : default:
321 0 : WARN_ON(1);
322 0 : return -EINVAL;
323 : }
324 : }
325 :
326 0 : static int nla_validate_mask(const struct nla_policy *pt,
327 : const struct nlattr *nla,
328 : struct netlink_ext_ack *extack)
329 : {
330 0 : u64 value;
331 :
332 0 : switch (pt->type) {
333 : case NLA_U8:
334 0 : value = nla_get_u8(nla);
335 0 : break;
336 : case NLA_U16:
337 0 : value = nla_get_u16(nla);
338 0 : break;
339 : case NLA_U32:
340 0 : value = nla_get_u32(nla);
341 0 : break;
342 : case NLA_U64:
343 0 : value = nla_get_u64(nla);
344 0 : break;
345 : default:
346 : return -EINVAL;
347 : }
348 :
349 0 : if (value & ~(u64)pt->mask) {
350 0 : NL_SET_ERR_MSG_ATTR(extack, nla, "reserved bit set");
351 0 : return -EINVAL;
352 : }
353 :
354 : return 0;
355 : }
356 :
357 12 : static int validate_nla(const struct nlattr *nla, int maxtype,
358 : const struct nla_policy *policy, unsigned int validate,
359 : struct netlink_ext_ack *extack, unsigned int depth)
360 : {
361 12 : u16 strict_start_type = policy[0].strict_start_type;
362 12 : const struct nla_policy *pt;
363 12 : int minlen = 0, attrlen = nla_len(nla), type = nla_type(nla);
364 12 : int err = -ERANGE;
365 :
366 12 : if (strict_start_type && type >= strict_start_type)
367 0 : validate |= NL_VALIDATE_STRICT;
368 :
369 12 : if (type <= 0 || type > maxtype)
370 : return 0;
371 :
372 12 : pt = &policy[type];
373 :
374 12 : BUG_ON(pt->type > NLA_TYPE_MAX);
375 :
376 12 : if (nla_attr_len[pt->type] && attrlen != nla_attr_len[pt->type]) {
377 0 : pr_warn_ratelimited("netlink: '%s': attribute type %d has an invalid length.\n",
378 : current->comm, type);
379 0 : if (validate & NL_VALIDATE_STRICT_ATTRS) {
380 0 : NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
381 : "invalid attribute length");
382 0 : return -EINVAL;
383 : }
384 : }
385 :
386 12 : if (validate & NL_VALIDATE_NESTED) {
387 0 : if ((pt->type == NLA_NESTED || pt->type == NLA_NESTED_ARRAY) &&
388 0 : !(nla->nla_type & NLA_F_NESTED)) {
389 0 : NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
390 : "NLA_F_NESTED is missing");
391 0 : return -EINVAL;
392 : }
393 0 : if (pt->type != NLA_NESTED && pt->type != NLA_NESTED_ARRAY &&
394 0 : pt->type != NLA_UNSPEC && (nla->nla_type & NLA_F_NESTED)) {
395 0 : NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
396 : "NLA_F_NESTED not expected");
397 0 : return -EINVAL;
398 : }
399 : }
400 :
401 12 : switch (pt->type) {
402 0 : case NLA_REJECT:
403 0 : if (extack && pt->reject_message) {
404 0 : NL_SET_BAD_ATTR(extack, nla);
405 0 : extack->_msg = pt->reject_message;
406 0 : return -EINVAL;
407 : }
408 0 : err = -EINVAL;
409 0 : goto out_err;
410 :
411 0 : case NLA_FLAG:
412 0 : if (attrlen > 0)
413 0 : goto out_err;
414 : break;
415 :
416 0 : case NLA_BITFIELD32:
417 0 : if (attrlen != sizeof(struct nla_bitfield32))
418 0 : goto out_err;
419 :
420 0 : err = validate_nla_bitfield32(nla, pt->bitfield32_valid);
421 0 : if (err)
422 0 : goto out_err;
423 : break;
424 :
425 0 : case NLA_NUL_STRING:
426 0 : if (pt->len)
427 0 : minlen = min_t(int, attrlen, pt->len + 1);
428 : else
429 : minlen = attrlen;
430 :
431 0 : if (!minlen || memchr(nla_data(nla), '\0', minlen) == NULL) {
432 0 : err = -EINVAL;
433 0 : goto out_err;
434 : }
435 1 : fallthrough;
436 :
437 : case NLA_STRING:
438 1 : if (attrlen < 1)
439 0 : goto out_err;
440 :
441 1 : if (pt->len) {
442 1 : char *buf = nla_data(nla);
443 :
444 1 : if (buf[attrlen - 1] == '\0')
445 1 : attrlen--;
446 :
447 1 : if (attrlen > pt->len)
448 0 : goto out_err;
449 : }
450 : break;
451 :
452 0 : case NLA_BINARY:
453 0 : if (pt->len && attrlen > pt->len)
454 0 : goto out_err;
455 : break;
456 :
457 0 : case NLA_NESTED:
458 : /* a nested attributes is allowed to be empty; if its not,
459 : * it must have a size of at least NLA_HDRLEN.
460 : */
461 0 : if (attrlen == 0)
462 : break;
463 0 : if (attrlen < NLA_HDRLEN)
464 0 : goto out_err;
465 0 : if (pt->nested_policy) {
466 0 : err = __nla_validate_parse(nla_data(nla), nla_len(nla),
467 0 : pt->len, pt->nested_policy,
468 : validate, extack, NULL,
469 : depth + 1);
470 0 : if (err < 0) {
471 : /*
472 : * return directly to preserve the inner
473 : * error message/attribute pointer
474 : */
475 : return err;
476 : }
477 : }
478 : break;
479 0 : case NLA_NESTED_ARRAY:
480 : /* a nested array attribute is allowed to be empty; if its not,
481 : * it must have a size of at least NLA_HDRLEN.
482 : */
483 0 : if (attrlen == 0)
484 : break;
485 0 : if (attrlen < NLA_HDRLEN)
486 0 : goto out_err;
487 0 : if (pt->nested_policy) {
488 0 : int err;
489 :
490 0 : err = nla_validate_array(nla_data(nla), nla_len(nla),
491 0 : pt->len, pt->nested_policy,
492 : extack, validate, depth);
493 0 : if (err < 0) {
494 : /*
495 : * return directly to preserve the inner
496 : * error message/attribute pointer
497 : */
498 : return err;
499 : }
500 : }
501 : break;
502 :
503 1 : case NLA_UNSPEC:
504 1 : if (validate & NL_VALIDATE_UNSPEC) {
505 0 : NL_SET_ERR_MSG_ATTR(extack, nla,
506 : "Unsupported attribute");
507 0 : return -EINVAL;
508 : }
509 1 : if (attrlen < pt->len)
510 0 : goto out_err;
511 : break;
512 :
513 10 : default:
514 10 : if (pt->len)
515 0 : minlen = pt->len;
516 : else
517 10 : minlen = nla_attr_minlen[pt->type];
518 :
519 10 : if (attrlen < minlen)
520 0 : goto out_err;
521 : }
522 :
523 : /* further validation */
524 12 : switch (pt->validation_type) {
525 : case NLA_VALIDATE_NONE:
526 : /* nothing to do */
527 : break;
528 0 : case NLA_VALIDATE_RANGE_PTR:
529 : case NLA_VALIDATE_RANGE:
530 : case NLA_VALIDATE_RANGE_WARN_TOO_LONG:
531 : case NLA_VALIDATE_MIN:
532 : case NLA_VALIDATE_MAX:
533 0 : err = nla_validate_int_range(pt, nla, extack, validate);
534 0 : if (err)
535 0 : return err;
536 : break;
537 0 : case NLA_VALIDATE_MASK:
538 0 : err = nla_validate_mask(pt, nla, extack);
539 0 : if (err)
540 0 : return err;
541 : break;
542 0 : case NLA_VALIDATE_FUNCTION:
543 0 : if (pt->validate) {
544 0 : err = pt->validate(nla, extack);
545 0 : if (err)
546 0 : return err;
547 : }
548 : break;
549 : }
550 :
551 : return 0;
552 0 : out_err:
553 0 : NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
554 : "Attribute failed policy validation");
555 : return err;
556 : }
557 :
558 27 : static int __nla_validate_parse(const struct nlattr *head, int len, int maxtype,
559 : const struct nla_policy *policy,
560 : unsigned int validate,
561 : struct netlink_ext_ack *extack,
562 : struct nlattr **tb, unsigned int depth)
563 : {
564 27 : const struct nlattr *nla;
565 27 : int rem;
566 :
567 27 : if (depth >= MAX_POLICY_RECURSION_DEPTH) {
568 0 : NL_SET_ERR_MSG(extack,
569 : "allowed policy recursion depth exceeded");
570 0 : return -EINVAL;
571 : }
572 :
573 27 : if (tb)
574 25 : memset(tb, 0, sizeof(struct nlattr *) * (maxtype + 1));
575 :
576 39 : nla_for_each_attr(nla, head, len, rem) {
577 12 : u16 type = nla_type(nla);
578 :
579 12 : if (type == 0 || type > maxtype) {
580 0 : if (validate & NL_VALIDATE_MAXTYPE) {
581 0 : NL_SET_ERR_MSG_ATTR(extack, nla,
582 : "Unknown attribute type");
583 0 : return -EINVAL;
584 : }
585 0 : continue;
586 : }
587 12 : if (policy) {
588 12 : int err = validate_nla(nla, maxtype, policy,
589 : validate, extack, depth);
590 :
591 12 : if (err < 0)
592 0 : return err;
593 : }
594 :
595 12 : if (tb)
596 6 : tb[type] = (struct nlattr *)nla;
597 : }
598 :
599 27 : if (unlikely(rem > 0)) {
600 0 : pr_warn_ratelimited("netlink: %d bytes leftover after parsing attributes in process `%s'.\n",
601 : rem, current->comm);
602 0 : NL_SET_ERR_MSG(extack, "bytes leftover after parsing attributes");
603 0 : if (validate & NL_VALIDATE_TRAILING)
604 0 : return -EINVAL;
605 : }
606 :
607 : return 0;
608 : }
609 :
610 : /**
611 : * __nla_validate - Validate a stream of attributes
612 : * @head: head of attribute stream
613 : * @len: length of attribute stream
614 : * @maxtype: maximum attribute type to be expected
615 : * @policy: validation policy
616 : * @validate: validation strictness
617 : * @extack: extended ACK report struct
618 : *
619 : * Validates all attributes in the specified attribute stream against the
620 : * specified policy. Validation depends on the validate flags passed, see
621 : * &enum netlink_validation for more details on that.
622 : * See documenation of struct nla_policy for more details.
623 : *
624 : * Returns 0 on success or a negative error code.
625 : */
626 2 : int __nla_validate(const struct nlattr *head, int len, int maxtype,
627 : const struct nla_policy *policy, unsigned int validate,
628 : struct netlink_ext_ack *extack)
629 : {
630 2 : return __nla_validate_parse(head, len, maxtype, policy, validate,
631 : extack, NULL, 0);
632 : }
633 : EXPORT_SYMBOL(__nla_validate);
634 :
635 : /**
636 : * nla_policy_len - Determin the max. length of a policy
637 : * @policy: policy to use
638 : * @n: number of policies
639 : *
640 : * Determines the max. length of the policy. It is currently used
641 : * to allocated Netlink buffers roughly the size of the actual
642 : * message.
643 : *
644 : * Returns 0 on success or a negative error code.
645 : */
646 : int
647 0 : nla_policy_len(const struct nla_policy *p, int n)
648 : {
649 0 : int i, len = 0;
650 :
651 0 : for (i = 0; i < n; i++, p++) {
652 0 : if (p->len)
653 0 : len += nla_total_size(p->len);
654 0 : else if (nla_attr_len[p->type])
655 0 : len += nla_total_size(nla_attr_len[p->type]);
656 0 : else if (nla_attr_minlen[p->type])
657 0 : len += nla_total_size(nla_attr_minlen[p->type]);
658 : }
659 :
660 0 : return len;
661 : }
662 : EXPORT_SYMBOL(nla_policy_len);
663 :
664 : /**
665 : * __nla_parse - Parse a stream of attributes into a tb buffer
666 : * @tb: destination array with maxtype+1 elements
667 : * @maxtype: maximum attribute type to be expected
668 : * @head: head of attribute stream
669 : * @len: length of attribute stream
670 : * @policy: validation policy
671 : * @validate: validation strictness
672 : * @extack: extended ACK pointer
673 : *
674 : * Parses a stream of attributes and stores a pointer to each attribute in
675 : * the tb array accessible via the attribute type.
676 : * Validation is controlled by the @validate parameter.
677 : *
678 : * Returns 0 on success or a negative error code.
679 : */
680 25 : int __nla_parse(struct nlattr **tb, int maxtype,
681 : const struct nlattr *head, int len,
682 : const struct nla_policy *policy, unsigned int validate,
683 : struct netlink_ext_ack *extack)
684 : {
685 25 : return __nla_validate_parse(head, len, maxtype, policy, validate,
686 : extack, tb, 0);
687 : }
688 : EXPORT_SYMBOL(__nla_parse);
689 :
690 : /**
691 : * nla_find - Find a specific attribute in a stream of attributes
692 : * @head: head of attribute stream
693 : * @len: length of attribute stream
694 : * @attrtype: type of attribute to look for
695 : *
696 : * Returns the first attribute in the stream matching the specified type.
697 : */
698 0 : struct nlattr *nla_find(const struct nlattr *head, int len, int attrtype)
699 : {
700 0 : const struct nlattr *nla;
701 0 : int rem;
702 :
703 0 : nla_for_each_attr(nla, head, len, rem)
704 0 : if (nla_type(nla) == attrtype)
705 0 : return (struct nlattr *)nla;
706 :
707 : return NULL;
708 : }
709 : EXPORT_SYMBOL(nla_find);
710 :
711 : /**
712 : * nla_strscpy - Copy string attribute payload into a sized buffer
713 : * @dst: Where to copy the string to.
714 : * @nla: Attribute to copy the string from.
715 : * @dstsize: Size of destination buffer.
716 : *
717 : * Copies at most dstsize - 1 bytes into the destination buffer.
718 : * Unlike strlcpy the destination buffer is always padded out.
719 : *
720 : * Return:
721 : * * srclen - Returns @nla length (not including the trailing %NUL).
722 : * * -E2BIG - If @dstsize is 0 or greater than U16_MAX or @nla length greater
723 : * than @dstsize.
724 : */
725 1 : ssize_t nla_strscpy(char *dst, const struct nlattr *nla, size_t dstsize)
726 : {
727 1 : size_t srclen = nla_len(nla);
728 1 : char *src = nla_data(nla);
729 1 : ssize_t ret;
730 1 : size_t len;
731 :
732 1 : if (dstsize == 0 || WARN_ON_ONCE(dstsize > U16_MAX))
733 : return -E2BIG;
734 :
735 1 : if (srclen > 0 && src[srclen - 1] == '\0')
736 1 : srclen--;
737 :
738 1 : if (srclen >= dstsize) {
739 0 : len = dstsize - 1;
740 0 : ret = -E2BIG;
741 : } else {
742 1 : len = srclen;
743 1 : ret = len;
744 : }
745 :
746 1 : memcpy(dst, src, len);
747 : /* Zero pad end of dst. */
748 1 : memset(dst + len, 0, dstsize - len);
749 :
750 1 : return ret;
751 : }
752 : EXPORT_SYMBOL(nla_strscpy);
753 :
754 : /**
755 : * nla_strdup - Copy string attribute payload into a newly allocated buffer
756 : * @nla: attribute to copy the string from
757 : * @flags: the type of memory to allocate (see kmalloc).
758 : *
759 : * Returns a pointer to the allocated buffer or NULL on error.
760 : */
761 0 : char *nla_strdup(const struct nlattr *nla, gfp_t flags)
762 : {
763 0 : size_t srclen = nla_len(nla);
764 0 : char *src = nla_data(nla), *dst;
765 :
766 0 : if (srclen > 0 && src[srclen - 1] == '\0')
767 0 : srclen--;
768 :
769 0 : dst = kmalloc(srclen + 1, flags);
770 0 : if (dst != NULL) {
771 0 : memcpy(dst, src, srclen);
772 0 : dst[srclen] = '\0';
773 : }
774 0 : return dst;
775 : }
776 : EXPORT_SYMBOL(nla_strdup);
777 :
778 : /**
779 : * nla_memcpy - Copy a netlink attribute into another memory area
780 : * @dest: where to copy to memcpy
781 : * @src: netlink attribute to copy from
782 : * @count: size of the destination area
783 : *
784 : * Note: The number of bytes copied is limited by the length of
785 : * attribute's payload. memcpy
786 : *
787 : * Returns the number of bytes copied.
788 : */
789 0 : int nla_memcpy(void *dest, const struct nlattr *src, int count)
790 : {
791 0 : int minlen = min_t(int, count, nla_len(src));
792 :
793 0 : memcpy(dest, nla_data(src), minlen);
794 0 : if (count > minlen)
795 0 : memset(dest + minlen, 0, count - minlen);
796 :
797 0 : return minlen;
798 : }
799 : EXPORT_SYMBOL(nla_memcpy);
800 :
801 : /**
802 : * nla_memcmp - Compare an attribute with sized memory area
803 : * @nla: netlink attribute
804 : * @data: memory area
805 : * @size: size of memory area
806 : */
807 0 : int nla_memcmp(const struct nlattr *nla, const void *data,
808 : size_t size)
809 : {
810 0 : int d = nla_len(nla) - size;
811 :
812 0 : if (d == 0)
813 0 : d = memcmp(nla_data(nla), data, size);
814 :
815 0 : return d;
816 : }
817 : EXPORT_SYMBOL(nla_memcmp);
818 :
819 : /**
820 : * nla_strcmp - Compare a string attribute against a string
821 : * @nla: netlink string attribute
822 : * @str: another string
823 : */
824 0 : int nla_strcmp(const struct nlattr *nla, const char *str)
825 : {
826 0 : int len = strlen(str);
827 0 : char *buf = nla_data(nla);
828 0 : int attrlen = nla_len(nla);
829 0 : int d;
830 :
831 0 : if (attrlen > 0 && buf[attrlen - 1] == '\0')
832 0 : attrlen--;
833 :
834 0 : d = attrlen - len;
835 0 : if (d == 0)
836 0 : d = memcmp(nla_data(nla), str, len);
837 :
838 0 : return d;
839 : }
840 : EXPORT_SYMBOL(nla_strcmp);
841 :
842 : #ifdef CONFIG_NET
843 : /**
844 : * __nla_reserve - reserve room for attribute on the skb
845 : * @skb: socket buffer to reserve room on
846 : * @attrtype: attribute type
847 : * @attrlen: length of attribute payload
848 : *
849 : * Adds a netlink attribute header to a socket buffer and reserves
850 : * room for the payload but does not copy it.
851 : *
852 : * The caller is responsible to ensure that the skb provides enough
853 : * tailroom for the attribute header and payload.
854 : */
855 860 : struct nlattr *__nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
856 : {
857 860 : struct nlattr *nla;
858 :
859 860 : nla = skb_put(skb, nla_total_size(attrlen));
860 860 : nla->nla_type = attrtype;
861 860 : nla->nla_len = nla_attr_size(attrlen);
862 :
863 860 : memset((unsigned char *) nla + nla->nla_len, 0, nla_padlen(attrlen));
864 :
865 860 : return nla;
866 : }
867 : EXPORT_SYMBOL(__nla_reserve);
868 :
869 : /**
870 : * __nla_reserve_64bit - reserve room for attribute on the skb and align it
871 : * @skb: socket buffer to reserve room on
872 : * @attrtype: attribute type
873 : * @attrlen: length of attribute payload
874 : * @padattr: attribute type for the padding
875 : *
876 : * Adds a netlink attribute header to a socket buffer and reserves
877 : * room for the payload but does not copy it. It also ensure that this
878 : * attribute will have a 64-bit aligned nla_data() area.
879 : *
880 : * The caller is responsible to ensure that the skb provides enough
881 : * tailroom for the attribute header and payload.
882 : */
883 32 : struct nlattr *__nla_reserve_64bit(struct sk_buff *skb, int attrtype,
884 : int attrlen, int padattr)
885 : {
886 0 : nla_align_64bit(skb, padattr);
887 :
888 32 : return __nla_reserve(skb, attrtype, attrlen);
889 : }
890 : EXPORT_SYMBOL(__nla_reserve_64bit);
891 :
892 : /**
893 : * __nla_reserve_nohdr - reserve room for attribute without header
894 : * @skb: socket buffer to reserve room on
895 : * @attrlen: length of attribute payload
896 : *
897 : * Reserves room for attribute payload without a header.
898 : *
899 : * The caller is responsible to ensure that the skb provides enough
900 : * tailroom for the payload.
901 : */
902 0 : void *__nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
903 : {
904 0 : return skb_put_zero(skb, NLA_ALIGN(attrlen));
905 : }
906 : EXPORT_SYMBOL(__nla_reserve_nohdr);
907 :
908 : /**
909 : * nla_reserve - reserve room for attribute on the skb
910 : * @skb: socket buffer to reserve room on
911 : * @attrtype: attribute type
912 : * @attrlen: length of attribute payload
913 : *
914 : * Adds a netlink attribute header to a socket buffer and reserves
915 : * room for the payload but does not copy it.
916 : *
917 : * Returns NULL if the tailroom of the skb is insufficient to store
918 : * the attribute header and payload.
919 : */
920 31 : struct nlattr *nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
921 : {
922 62 : if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
923 : return NULL;
924 :
925 31 : return __nla_reserve(skb, attrtype, attrlen);
926 : }
927 : EXPORT_SYMBOL(nla_reserve);
928 :
929 : /**
930 : * nla_reserve_64bit - reserve room for attribute on the skb and align it
931 : * @skb: socket buffer to reserve room on
932 : * @attrtype: attribute type
933 : * @attrlen: length of attribute payload
934 : * @padattr: attribute type for the padding
935 : *
936 : * Adds a netlink attribute header to a socket buffer and reserves
937 : * room for the payload but does not copy it. It also ensure that this
938 : * attribute will have a 64-bit aligned nla_data() area.
939 : *
940 : * Returns NULL if the tailroom of the skb is insufficient to store
941 : * the attribute header and payload.
942 : */
943 16 : struct nlattr *nla_reserve_64bit(struct sk_buff *skb, int attrtype, int attrlen,
944 : int padattr)
945 : {
946 16 : size_t len;
947 :
948 16 : if (nla_need_padding_for_64bit(skb))
949 : len = nla_total_size_64bit(attrlen);
950 : else
951 16 : len = nla_total_size(attrlen);
952 32 : if (unlikely(skb_tailroom(skb) < len))
953 : return NULL;
954 :
955 16 : return __nla_reserve_64bit(skb, attrtype, attrlen, padattr);
956 : }
957 : EXPORT_SYMBOL(nla_reserve_64bit);
958 :
959 : /**
960 : * nla_reserve_nohdr - reserve room for attribute without header
961 : * @skb: socket buffer to reserve room on
962 : * @attrlen: length of attribute payload
963 : *
964 : * Reserves room for attribute payload without a header.
965 : *
966 : * Returns NULL if the tailroom of the skb is insufficient to store
967 : * the attribute payload.
968 : */
969 0 : void *nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
970 : {
971 0 : if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
972 : return NULL;
973 :
974 0 : return __nla_reserve_nohdr(skb, attrlen);
975 : }
976 : EXPORT_SYMBOL(nla_reserve_nohdr);
977 :
978 : /**
979 : * __nla_put - Add a netlink attribute to a socket buffer
980 : * @skb: socket buffer to add attribute to
981 : * @attrtype: attribute type
982 : * @attrlen: length of attribute payload
983 : * @data: head of attribute payload
984 : *
985 : * The caller is responsible to ensure that the skb provides enough
986 : * tailroom for the attribute header and payload.
987 : */
988 797 : void __nla_put(struct sk_buff *skb, int attrtype, int attrlen,
989 : const void *data)
990 : {
991 797 : struct nlattr *nla;
992 :
993 797 : nla = __nla_reserve(skb, attrtype, attrlen);
994 797 : memcpy(nla_data(nla), data, attrlen);
995 797 : }
996 : EXPORT_SYMBOL(__nla_put);
997 :
998 : /**
999 : * __nla_put_64bit - Add a netlink attribute to a socket buffer and align it
1000 : * @skb: socket buffer to add attribute to
1001 : * @attrtype: attribute type
1002 : * @attrlen: length of attribute payload
1003 : * @data: head of attribute payload
1004 : * @padattr: attribute type for the padding
1005 : *
1006 : * The caller is responsible to ensure that the skb provides enough
1007 : * tailroom for the attribute header and payload.
1008 : */
1009 16 : void __nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen,
1010 : const void *data, int padattr)
1011 : {
1012 16 : struct nlattr *nla;
1013 :
1014 16 : nla = __nla_reserve_64bit(skb, attrtype, attrlen, padattr);
1015 16 : memcpy(nla_data(nla), data, attrlen);
1016 16 : }
1017 : EXPORT_SYMBOL(__nla_put_64bit);
1018 :
1019 : /**
1020 : * __nla_put_nohdr - Add a netlink attribute without header
1021 : * @skb: socket buffer to add attribute to
1022 : * @attrlen: length of attribute payload
1023 : * @data: head of attribute payload
1024 : *
1025 : * The caller is responsible to ensure that the skb provides enough
1026 : * tailroom for the attribute payload.
1027 : */
1028 0 : void __nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
1029 : {
1030 0 : void *start;
1031 :
1032 0 : start = __nla_reserve_nohdr(skb, attrlen);
1033 0 : memcpy(start, data, attrlen);
1034 0 : }
1035 : EXPORT_SYMBOL(__nla_put_nohdr);
1036 :
1037 : /**
1038 : * nla_put - Add a netlink attribute to a socket buffer
1039 : * @skb: socket buffer to add attribute to
1040 : * @attrtype: attribute type
1041 : * @attrlen: length of attribute payload
1042 : * @data: head of attribute payload
1043 : *
1044 : * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1045 : * the attribute header and payload.
1046 : */
1047 797 : int nla_put(struct sk_buff *skb, int attrtype, int attrlen, const void *data)
1048 : {
1049 1594 : if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
1050 : return -EMSGSIZE;
1051 :
1052 797 : __nla_put(skb, attrtype, attrlen, data);
1053 797 : return 0;
1054 : }
1055 : EXPORT_SYMBOL(nla_put);
1056 :
1057 : /**
1058 : * nla_put_64bit - Add a netlink attribute to a socket buffer and align it
1059 : * @skb: socket buffer to add attribute to
1060 : * @attrtype: attribute type
1061 : * @attrlen: length of attribute payload
1062 : * @data: head of attribute payload
1063 : * @padattr: attribute type for the padding
1064 : *
1065 : * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1066 : * the attribute header and payload.
1067 : */
1068 16 : int nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen,
1069 : const void *data, int padattr)
1070 : {
1071 16 : size_t len;
1072 :
1073 16 : if (nla_need_padding_for_64bit(skb))
1074 : len = nla_total_size_64bit(attrlen);
1075 : else
1076 16 : len = nla_total_size(attrlen);
1077 32 : if (unlikely(skb_tailroom(skb) < len))
1078 : return -EMSGSIZE;
1079 :
1080 16 : __nla_put_64bit(skb, attrtype, attrlen, data, padattr);
1081 16 : return 0;
1082 : }
1083 : EXPORT_SYMBOL(nla_put_64bit);
1084 :
1085 : /**
1086 : * nla_put_nohdr - Add a netlink attribute without header
1087 : * @skb: socket buffer to add attribute to
1088 : * @attrlen: length of attribute payload
1089 : * @data: head of attribute payload
1090 : *
1091 : * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1092 : * the attribute payload.
1093 : */
1094 0 : int nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
1095 : {
1096 0 : if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
1097 : return -EMSGSIZE;
1098 :
1099 0 : __nla_put_nohdr(skb, attrlen, data);
1100 0 : return 0;
1101 : }
1102 : EXPORT_SYMBOL(nla_put_nohdr);
1103 :
1104 : /**
1105 : * nla_append - Add a netlink attribute without header or padding
1106 : * @skb: socket buffer to add attribute to
1107 : * @attrlen: length of attribute payload
1108 : * @data: head of attribute payload
1109 : *
1110 : * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1111 : * the attribute payload.
1112 : */
1113 0 : int nla_append(struct sk_buff *skb, int attrlen, const void *data)
1114 : {
1115 0 : if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
1116 : return -EMSGSIZE;
1117 :
1118 0 : skb_put_data(skb, data, attrlen);
1119 0 : return 0;
1120 : }
1121 : EXPORT_SYMBOL(nla_append);
1122 : #endif
|
