tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
1// SPDX-License-Identifier: GPL-2.0
2/*
3 * NETLINK Netlink attributes
4 *
5 * Authors: Thomas Graf <tgraf@suug.ch>
6 * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
7 */
8
9#include <linux/export.h>
10#include <linux/kernel.h>
11#include <linux/errno.h>
12#include <linux/jiffies.h>
13#include <linux/skbuff.h>
14#include <linux/string.h>
15#include <linux/types.h>
16#include <net/netlink.h>
17
18/* For these data types, attribute length should be exactly the given
19 * size. However, to maintain compatibility with broken commands, if the
20 * attribute length does not match the expected size a warning is emitted
21 * to the user that the command is sending invalid data and needs to be fixed.
22 */
23static const u8 nla_attr_len[NLA_TYPE_MAX+1] = {
24 [NLA_U8] = sizeof(u8),
25 [NLA_U16] = sizeof(u16),
26 [NLA_U32] = sizeof(u32),
27 [NLA_U64] = sizeof(u64),
28 [NLA_S8] = sizeof(s8),
29 [NLA_S16] = sizeof(s16),
30 [NLA_S32] = sizeof(s32),
31 [NLA_S64] = sizeof(s64),
32};
33
34static const u8 nla_attr_minlen[NLA_TYPE_MAX+1] = {
35 [NLA_U8] = sizeof(u8),
36 [NLA_U16] = sizeof(u16),
37 [NLA_U32] = sizeof(u32),
38 [NLA_U64] = sizeof(u64),
39 [NLA_MSECS] = sizeof(u64),
40 [NLA_NESTED] = NLA_HDRLEN,
41 [NLA_S8] = sizeof(s8),
42 [NLA_S16] = sizeof(s16),
43 [NLA_S32] = sizeof(s32),
44 [NLA_S64] = sizeof(s64),
45};
46
47static int validate_nla_bitfield32(const struct nlattr *nla,
48 u32 *valid_flags_allowed)
49{
50 const struct nla_bitfield32 *bf = nla_data(nla);
51 u32 *valid_flags_mask = valid_flags_allowed;
52
53 if (!valid_flags_allowed)
54 return -EINVAL;
55
56 /*disallow invalid bit selector */
57 if (bf->selector & ~*valid_flags_mask)
58 return -EINVAL;
59
60 /*disallow invalid bit values */
61 if (bf->value & ~*valid_flags_mask)
62 return -EINVAL;
63
64 /*disallow valid bit values that are not selected*/
65 if (bf->value & ~bf->selector)
66 return -EINVAL;
67
68 return 0;
69}
70
71static int validate_nla(const struct nlattr *nla, int maxtype,
72 const struct nla_policy *policy)
73{
74 const struct nla_policy *pt;
75 int minlen = 0, attrlen = nla_len(nla), type = nla_type(nla);
76
77 if (type <= 0 || type > maxtype)
78 return 0;
79
80 pt = &policy[type];
81
82 BUG_ON(pt->type > NLA_TYPE_MAX);
83
84 if (nla_attr_len[pt->type] && attrlen != nla_attr_len[pt->type]) {
85 pr_warn_ratelimited("netlink: '%s': attribute type %d has an invalid length.\n",
86 current->comm, type);
87 }
88
89 switch (pt->type) {
90 case NLA_FLAG:
91 if (attrlen > 0)
92 return -ERANGE;
93 break;
94
95 case NLA_BITFIELD32:
96 if (attrlen != sizeof(struct nla_bitfield32))
97 return -ERANGE;
98
99 return validate_nla_bitfield32(nla, pt->validation_data);
100
101 case NLA_NUL_STRING:
102 if (pt->len)
103 minlen = min_t(int, attrlen, pt->len + 1);
104 else
105 minlen = attrlen;
106
107 if (!minlen || memchr(nla_data(nla), '\0', minlen) == NULL)
108 return -EINVAL;
109 /* fall through */
110
111 case NLA_STRING:
112 if (attrlen < 1)
113 return -ERANGE;
114
115 if (pt->len) {
116 char *buf = nla_data(nla);
117
118 if (buf[attrlen - 1] == '\0')
119 attrlen--;
120
121 if (attrlen > pt->len)
122 return -ERANGE;
123 }
124 break;
125
126 case NLA_BINARY:
127 if (pt->len && attrlen > pt->len)
128 return -ERANGE;
129 break;
130
131 case NLA_NESTED_COMPAT:
132 if (attrlen < pt->len)
133 return -ERANGE;
134 if (attrlen < NLA_ALIGN(pt->len))
135 break;
136 if (attrlen < NLA_ALIGN(pt->len) + NLA_HDRLEN)
137 return -ERANGE;
138 nla = nla_data(nla) + NLA_ALIGN(pt->len);
139 if (attrlen < NLA_ALIGN(pt->len) + NLA_HDRLEN + nla_len(nla))
140 return -ERANGE;
141 break;
142 case NLA_NESTED:
143 /* a nested attributes is allowed to be empty; if its not,
144 * it must have a size of at least NLA_HDRLEN.
145 */
146 if (attrlen == 0)
147 break;
148 default:
149 if (pt->len)
150 minlen = pt->len;
151 else if (pt->type != NLA_UNSPEC)
152 minlen = nla_attr_minlen[pt->type];
153
154 if (attrlen < minlen)
155 return -ERANGE;
156 }
157
158 return 0;
159}
160
161/**
162 * nla_validate - Validate a stream of attributes
163 * @head: head of attribute stream
164 * @len: length of attribute stream
165 * @maxtype: maximum attribute type to be expected
166 * @policy: validation policy
167 * @extack: extended ACK report struct
168 *
169 * Validates all attributes in the specified attribute stream against the
170 * specified policy. Attributes with a type exceeding maxtype will be
171 * ignored. See documenation of struct nla_policy for more details.
172 *
173 * Returns 0 on success or a negative error code.
174 */
175int nla_validate(const struct nlattr *head, int len, int maxtype,
176 const struct nla_policy *policy,
177 struct netlink_ext_ack *extack)
178{
179 const struct nlattr *nla;
180 int rem;
181
182 nla_for_each_attr(nla, head, len, rem) {
183 int err = validate_nla(nla, maxtype, policy);
184
185 if (err < 0) {
186 if (extack)
187 extack->bad_attr = nla;
188 return err;
189 }
190 }
191
192 return 0;
193}
194EXPORT_SYMBOL(nla_validate);
195
196/**
197 * nla_policy_len - Determin the max. length of a policy
198 * @policy: policy to use
199 * @n: number of policies
200 *
201 * Determines the max. length of the policy. It is currently used
202 * to allocated Netlink buffers roughly the size of the actual
203 * message.
204 *
205 * Returns 0 on success or a negative error code.
206 */
207int
208nla_policy_len(const struct nla_policy *p, int n)
209{
210 int i, len = 0;
211
212 for (i = 0; i < n; i++, p++) {
213 if (p->len)
214 len += nla_total_size(p->len);
215 else if (nla_attr_len[p->type])
216 len += nla_total_size(nla_attr_len[p->type]);
217 else if (nla_attr_minlen[p->type])
218 len += nla_total_size(nla_attr_minlen[p->type]);
219 }
220
221 return len;
222}
223EXPORT_SYMBOL(nla_policy_len);
224
225/**
226 * nla_parse - Parse a stream of attributes into a tb buffer
227 * @tb: destination array with maxtype+1 elements
228 * @maxtype: maximum attribute type to be expected
229 * @head: head of attribute stream
230 * @len: length of attribute stream
231 * @policy: validation policy
232 *
233 * Parses a stream of attributes and stores a pointer to each attribute in
234 * the tb array accessible via the attribute type. Attributes with a type
235 * exceeding maxtype will be silently ignored for backwards compatibility
236 * reasons. policy may be set to NULL if no validation is required.
237 *
238 * Returns 0 on success or a negative error code.
239 */
240int nla_parse(struct nlattr **tb, int maxtype, const struct nlattr *head,
241 int len, const struct nla_policy *policy,
242 struct netlink_ext_ack *extack)
243{
244 const struct nlattr *nla;
245 int rem, err;
246
247 memset(tb, 0, sizeof(struct nlattr *) * (maxtype + 1));
248
249 nla_for_each_attr(nla, head, len, rem) {
250 u16 type = nla_type(nla);
251
252 if (type > 0 && type <= maxtype) {
253 if (policy) {
254 err = validate_nla(nla, maxtype, policy);
255 if (err < 0) {
256 if (extack)
257 extack->bad_attr = nla;
258 goto errout;
259 }
260 }
261
262 tb[type] = (struct nlattr *)nla;
263 }
264 }
265
266 if (unlikely(rem > 0))
267 pr_warn_ratelimited("netlink: %d bytes leftover after parsing attributes in process `%s'.\n",
268 rem, current->comm);
269
270 err = 0;
271errout:
272 return err;
273}
274EXPORT_SYMBOL(nla_parse);
275
276/**
277 * nla_find - Find a specific attribute in a stream of attributes
278 * @head: head of attribute stream
279 * @len: length of attribute stream
280 * @attrtype: type of attribute to look for
281 *
282 * Returns the first attribute in the stream matching the specified type.
283 */
284struct nlattr *nla_find(const struct nlattr *head, int len, int attrtype)
285{
286 const struct nlattr *nla;
287 int rem;
288
289 nla_for_each_attr(nla, head, len, rem)
290 if (nla_type(nla) == attrtype)
291 return (struct nlattr *)nla;
292
293 return NULL;
294}
295EXPORT_SYMBOL(nla_find);
296
297/**
298 * nla_strlcpy - Copy string attribute payload into a sized buffer
299 * @dst: where to copy the string to
300 * @nla: attribute to copy the string from
301 * @dstsize: size of destination buffer
302 *
303 * Copies at most dstsize - 1 bytes into the destination buffer.
304 * The result is always a valid NUL-terminated string. Unlike
305 * strlcpy the destination buffer is always padded out.
306 *
307 * Returns the length of the source buffer.
308 */
309size_t nla_strlcpy(char *dst, const struct nlattr *nla, size_t dstsize)
310{
311 size_t srclen = nla_len(nla);
312 char *src = nla_data(nla);
313
314 if (srclen > 0 && src[srclen - 1] == '\0')
315 srclen--;
316
317 if (dstsize > 0) {
318 size_t len = (srclen >= dstsize) ? dstsize - 1 : srclen;
319
320 memset(dst, 0, dstsize);
321 memcpy(dst, src, len);
322 }
323
324 return srclen;
325}
326EXPORT_SYMBOL(nla_strlcpy);
327
328/**
329 * nla_strdup - Copy string attribute payload into a newly allocated buffer
330 * @nla: attribute to copy the string from
331 * @flags: the type of memory to allocate (see kmalloc).
332 *
333 * Returns a pointer to the allocated buffer or NULL on error.
334 */
335char *nla_strdup(const struct nlattr *nla, gfp_t flags)
336{
337 size_t srclen = nla_len(nla);
338 char *src = nla_data(nla), *dst;
339
340 if (srclen > 0 && src[srclen - 1] == '\0')
341 srclen--;
342
343 dst = kmalloc(srclen + 1, flags);
344 if (dst != NULL) {
345 memcpy(dst, src, srclen);
346 dst[srclen] = '\0';
347 }
348 return dst;
349}
350EXPORT_SYMBOL(nla_strdup);
351
352/**
353 * nla_memcpy - Copy a netlink attribute into another memory area
354 * @dest: where to copy to memcpy
355 * @src: netlink attribute to copy from
356 * @count: size of the destination area
357 *
358 * Note: The number of bytes copied is limited by the length of
359 * attribute's payload. memcpy
360 *
361 * Returns the number of bytes copied.
362 */
363int nla_memcpy(void *dest, const struct nlattr *src, int count)
364{
365 int minlen = min_t(int, count, nla_len(src));
366
367 memcpy(dest, nla_data(src), minlen);
368 if (count > minlen)
369 memset(dest + minlen, 0, count - minlen);
370
371 return minlen;
372}
373EXPORT_SYMBOL(nla_memcpy);
374
375/**
376 * nla_memcmp - Compare an attribute with sized memory area
377 * @nla: netlink attribute
378 * @data: memory area
379 * @size: size of memory area
380 */
381int nla_memcmp(const struct nlattr *nla, const void *data,
382 size_t size)
383{
384 int d = nla_len(nla) - size;
385
386 if (d == 0)
387 d = memcmp(nla_data(nla), data, size);
388
389 return d;
390}
391EXPORT_SYMBOL(nla_memcmp);
392
393/**
394 * nla_strcmp - Compare a string attribute against a string
395 * @nla: netlink string attribute
396 * @str: another string
397 */
398int nla_strcmp(const struct nlattr *nla, const char *str)
399{
400 int len = strlen(str);
401 char *buf = nla_data(nla);
402 int attrlen = nla_len(nla);
403 int d;
404
405 if (attrlen > 0 && buf[attrlen - 1] == '\0')
406 attrlen--;
407
408 d = attrlen - len;
409 if (d == 0)
410 d = memcmp(nla_data(nla), str, len);
411
412 return d;
413}
414EXPORT_SYMBOL(nla_strcmp);
415
416#ifdef CONFIG_NET
417/**
418 * __nla_reserve - reserve room for attribute on the skb
419 * @skb: socket buffer to reserve room on
420 * @attrtype: attribute type
421 * @attrlen: length of attribute payload
422 *
423 * Adds a netlink attribute header to a socket buffer and reserves
424 * room for the payload but does not copy it.
425 *
426 * The caller is responsible to ensure that the skb provides enough
427 * tailroom for the attribute header and payload.
428 */
429struct nlattr *__nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
430{
431 struct nlattr *nla;
432
433 nla = skb_put(skb, nla_total_size(attrlen));
434 nla->nla_type = attrtype;
435 nla->nla_len = nla_attr_size(attrlen);
436
437 memset((unsigned char *) nla + nla->nla_len, 0, nla_padlen(attrlen));
438
439 return nla;
440}
441EXPORT_SYMBOL(__nla_reserve);
442
443/**
444 * __nla_reserve_64bit - reserve room for attribute on the skb and align it
445 * @skb: socket buffer to reserve room on
446 * @attrtype: attribute type
447 * @attrlen: length of attribute payload
448 * @padattr: attribute type for the padding
449 *
450 * Adds a netlink attribute header to a socket buffer and reserves
451 * room for the payload but does not copy it. It also ensure that this
452 * attribute will have a 64-bit aligned nla_data() area.
453 *
454 * The caller is responsible to ensure that the skb provides enough
455 * tailroom for the attribute header and payload.
456 */
457struct nlattr *__nla_reserve_64bit(struct sk_buff *skb, int attrtype,
458 int attrlen, int padattr)
459{
460 if (nla_need_padding_for_64bit(skb))
461 nla_align_64bit(skb, padattr);
462
463 return __nla_reserve(skb, attrtype, attrlen);
464}
465EXPORT_SYMBOL(__nla_reserve_64bit);
466
467/**
468 * __nla_reserve_nohdr - reserve room for attribute without header
469 * @skb: socket buffer to reserve room on
470 * @attrlen: length of attribute payload
471 *
472 * Reserves room for attribute payload without a header.
473 *
474 * The caller is responsible to ensure that the skb provides enough
475 * tailroom for the payload.
476 */
477void *__nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
478{
479 return skb_put_zero(skb, NLA_ALIGN(attrlen));
480}
481EXPORT_SYMBOL(__nla_reserve_nohdr);
482
483/**
484 * nla_reserve - reserve room for attribute on the skb
485 * @skb: socket buffer to reserve room on
486 * @attrtype: attribute type
487 * @attrlen: length of attribute payload
488 *
489 * Adds a netlink attribute header to a socket buffer and reserves
490 * room for the payload but does not copy it.
491 *
492 * Returns NULL if the tailroom of the skb is insufficient to store
493 * the attribute header and payload.
494 */
495struct nlattr *nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
496{
497 if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
498 return NULL;
499
500 return __nla_reserve(skb, attrtype, attrlen);
501}
502EXPORT_SYMBOL(nla_reserve);
503
504/**
505 * nla_reserve_64bit - reserve room for attribute on the skb and align it
506 * @skb: socket buffer to reserve room on
507 * @attrtype: attribute type
508 * @attrlen: length of attribute payload
509 * @padattr: attribute type for the padding
510 *
511 * Adds a netlink attribute header to a socket buffer and reserves
512 * room for the payload but does not copy it. It also ensure that this
513 * attribute will have a 64-bit aligned nla_data() area.
514 *
515 * Returns NULL if the tailroom of the skb is insufficient to store
516 * the attribute header and payload.
517 */
518struct nlattr *nla_reserve_64bit(struct sk_buff *skb, int attrtype, int attrlen,
519 int padattr)
520{
521 size_t len;
522
523 if (nla_need_padding_for_64bit(skb))
524 len = nla_total_size_64bit(attrlen);
525 else
526 len = nla_total_size(attrlen);
527 if (unlikely(skb_tailroom(skb) < len))
528 return NULL;
529
530 return __nla_reserve_64bit(skb, attrtype, attrlen, padattr);
531}
532EXPORT_SYMBOL(nla_reserve_64bit);
533
534/**
535 * nla_reserve_nohdr - reserve room for attribute without header
536 * @skb: socket buffer to reserve room on
537 * @attrlen: length of attribute payload
538 *
539 * Reserves room for attribute payload without a header.
540 *
541 * Returns NULL if the tailroom of the skb is insufficient to store
542 * the attribute payload.
543 */
544void *nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
545{
546 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
547 return NULL;
548
549 return __nla_reserve_nohdr(skb, attrlen);
550}
551EXPORT_SYMBOL(nla_reserve_nohdr);
552
553/**
554 * __nla_put - Add a netlink attribute to a socket buffer
555 * @skb: socket buffer to add attribute to
556 * @attrtype: attribute type
557 * @attrlen: length of attribute payload
558 * @data: head of attribute payload
559 *
560 * The caller is responsible to ensure that the skb provides enough
561 * tailroom for the attribute header and payload.
562 */
563void __nla_put(struct sk_buff *skb, int attrtype, int attrlen,
564 const void *data)
565{
566 struct nlattr *nla;
567
568 nla = __nla_reserve(skb, attrtype, attrlen);
569 memcpy(nla_data(nla), data, attrlen);
570}
571EXPORT_SYMBOL(__nla_put);
572
573/**
574 * __nla_put_64bit - Add a netlink attribute to a socket buffer and align it
575 * @skb: socket buffer to add attribute to
576 * @attrtype: attribute type
577 * @attrlen: length of attribute payload
578 * @data: head of attribute payload
579 * @padattr: attribute type for the padding
580 *
581 * The caller is responsible to ensure that the skb provides enough
582 * tailroom for the attribute header and payload.
583 */
584void __nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen,
585 const void *data, int padattr)
586{
587 struct nlattr *nla;
588
589 nla = __nla_reserve_64bit(skb, attrtype, attrlen, padattr);
590 memcpy(nla_data(nla), data, attrlen);
591}
592EXPORT_SYMBOL(__nla_put_64bit);
593
594/**
595 * __nla_put_nohdr - Add a netlink attribute without header
596 * @skb: socket buffer to add attribute to
597 * @attrlen: length of attribute payload
598 * @data: head of attribute payload
599 *
600 * The caller is responsible to ensure that the skb provides enough
601 * tailroom for the attribute payload.
602 */
603void __nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
604{
605 void *start;
606
607 start = __nla_reserve_nohdr(skb, attrlen);
608 memcpy(start, data, attrlen);
609}
610EXPORT_SYMBOL(__nla_put_nohdr);
611
612/**
613 * nla_put - Add a netlink attribute to a socket buffer
614 * @skb: socket buffer to add attribute to
615 * @attrtype: attribute type
616 * @attrlen: length of attribute payload
617 * @data: head of attribute payload
618 *
619 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
620 * the attribute header and payload.
621 */
622int nla_put(struct sk_buff *skb, int attrtype, int attrlen, const void *data)
623{
624 if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
625 return -EMSGSIZE;
626
627 __nla_put(skb, attrtype, attrlen, data);
628 return 0;
629}
630EXPORT_SYMBOL(nla_put);
631
632/**
633 * nla_put_64bit - Add a netlink attribute to a socket buffer and align it
634 * @skb: socket buffer to add attribute to
635 * @attrtype: attribute type
636 * @attrlen: length of attribute payload
637 * @data: head of attribute payload
638 * @padattr: attribute type for the padding
639 *
640 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
641 * the attribute header and payload.
642 */
643int nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen,
644 const void *data, int padattr)
645{
646 size_t len;
647
648 if (nla_need_padding_for_64bit(skb))
649 len = nla_total_size_64bit(attrlen);
650 else
651 len = nla_total_size(attrlen);
652 if (unlikely(skb_tailroom(skb) < len))
653 return -EMSGSIZE;
654
655 __nla_put_64bit(skb, attrtype, attrlen, data, padattr);
656 return 0;
657}
658EXPORT_SYMBOL(nla_put_64bit);
659
660/**
661 * nla_put_nohdr - Add a netlink attribute without header
662 * @skb: socket buffer to add attribute to
663 * @attrlen: length of attribute payload
664 * @data: head of attribute payload
665 *
666 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
667 * the attribute payload.
668 */
669int nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
670{
671 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
672 return -EMSGSIZE;
673
674 __nla_put_nohdr(skb, attrlen, data);
675 return 0;
676}
677EXPORT_SYMBOL(nla_put_nohdr);
678
679/**
680 * nla_append - Add a netlink attribute without header or padding
681 * @skb: socket buffer to add attribute to
682 * @attrlen: length of attribute payload
683 * @data: head of attribute payload
684 *
685 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
686 * the attribute payload.
687 */
688int nla_append(struct sk_buff *skb, int attrlen, const void *data)
689{
690 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
691 return -EMSGSIZE;
692
693 skb_put_data(skb, data, attrlen);
694 return 0;
695}
696EXPORT_SYMBOL(nla_append);
697#endif