]>
Commit | Line | Data |
---|---|---|
b2441318 | 1 | // SPDX-License-Identifier: GPL-2.0 |
bfa83a9e TG |
2 | /* |
3 | * NETLINK Netlink attributes | |
4 | * | |
5 | * Authors: Thomas Graf <tgraf@suug.ch> | |
6 | * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> | |
7 | */ | |
8 | ||
8bc3bcc9 | 9 | #include <linux/export.h> |
bfa83a9e TG |
10 | #include <linux/kernel.h> |
11 | #include <linux/errno.h> | |
12 | #include <linux/jiffies.h> | |
bfa83a9e TG |
13 | #include <linux/skbuff.h> |
14 | #include <linux/string.h> | |
15 | #include <linux/types.h> | |
16 | #include <net/netlink.h> | |
17 | ||
6e237d09 DA |
18 | /* For these data types, attribute length should be exactly the given |
19 | * size. However, to maintain compatibility with broken commands, if the | |
20 | * attribute length does not match the expected size a warning is emitted | |
21 | * to the user that the command is sending invalid data and needs to be fixed. | |
22 | */ | |
28033ae4 | 23 | static const u8 nla_attr_len[NLA_TYPE_MAX+1] = { |
bfa83a9e TG |
24 | [NLA_U8] = sizeof(u8), |
25 | [NLA_U16] = sizeof(u16), | |
26 | [NLA_U32] = sizeof(u32), | |
27 | [NLA_U64] = sizeof(u64), | |
9eca2eb9 JA |
28 | [NLA_S8] = sizeof(s8), |
29 | [NLA_S16] = sizeof(s16), | |
30 | [NLA_S32] = sizeof(s32), | |
31 | [NLA_S64] = sizeof(s64), | |
bfa83a9e TG |
32 | }; |
33 | ||
28033ae4 | 34 | static const u8 nla_attr_minlen[NLA_TYPE_MAX+1] = { |
6e237d09 DA |
35 | [NLA_U8] = sizeof(u8), |
36 | [NLA_U16] = sizeof(u16), | |
37 | [NLA_U32] = sizeof(u32), | |
38 | [NLA_U64] = sizeof(u64), | |
28033ae4 DA |
39 | [NLA_MSECS] = sizeof(u64), |
40 | [NLA_NESTED] = NLA_HDRLEN, | |
6e237d09 DA |
41 | [NLA_S8] = sizeof(s8), |
42 | [NLA_S16] = sizeof(s16), | |
43 | [NLA_S32] = sizeof(s32), | |
44 | [NLA_S64] = sizeof(s64), | |
28033ae4 DA |
45 | }; |
46 | ||
7690aa1c JB |
47 | /* |
48 | * Nested policies might refer back to the original | |
49 | * policy in some cases, and userspace could try to | |
50 | * abuse that and recurse by nesting in the right | |
51 | * ways. Limit recursion to avoid this problem. | |
52 | */ | |
53 | #define MAX_POLICY_RECURSION_DEPTH 10 | |
54 | ||
55 | static int __nla_validate_parse(const struct nlattr *head, int len, int maxtype, | |
56 | const struct nla_policy *policy, | |
57 | unsigned int validate, | |
58 | struct netlink_ext_ack *extack, | |
59 | struct nlattr **tb, unsigned int depth); | |
60 | ||
64c83d83 | 61 | static int validate_nla_bitfield32(const struct nlattr *nla, |
47a1494b | 62 | const u32 valid_flags_mask) |
64c83d83 JHS |
63 | { |
64 | const struct nla_bitfield32 *bf = nla_data(nla); | |
64c83d83 | 65 | |
48fde90a | 66 | if (!valid_flags_mask) |
64c83d83 JHS |
67 | return -EINVAL; |
68 | ||
69 | /*disallow invalid bit selector */ | |
47a1494b | 70 | if (bf->selector & ~valid_flags_mask) |
64c83d83 JHS |
71 | return -EINVAL; |
72 | ||
73 | /*disallow invalid bit values */ | |
47a1494b | 74 | if (bf->value & ~valid_flags_mask) |
64c83d83 JHS |
75 | return -EINVAL; |
76 | ||
77 | /*disallow valid bit values that are not selected*/ | |
78 | if (bf->value & ~bf->selector) | |
79 | return -EINVAL; | |
80 | ||
81 | return 0; | |
82 | } | |
83 | ||
1501d135 JB |
84 | static int nla_validate_array(const struct nlattr *head, int len, int maxtype, |
85 | const struct nla_policy *policy, | |
8cb08174 | 86 | struct netlink_ext_ack *extack, |
7690aa1c | 87 | unsigned int validate, unsigned int depth) |
1501d135 JB |
88 | { |
89 | const struct nlattr *entry; | |
90 | int rem; | |
91 | ||
92 | nla_for_each_attr(entry, head, len, rem) { | |
93 | int ret; | |
94 | ||
95 | if (nla_len(entry) == 0) | |
96 | continue; | |
97 | ||
98 | if (nla_len(entry) < NLA_HDRLEN) { | |
99 | NL_SET_ERR_MSG_ATTR(extack, entry, | |
100 | "Array element too short"); | |
101 | return -ERANGE; | |
102 | } | |
103 | ||
7690aa1c JB |
104 | ret = __nla_validate_parse(nla_data(entry), nla_len(entry), |
105 | maxtype, policy, validate, extack, | |
106 | NULL, depth + 1); | |
1501d135 JB |
107 | if (ret < 0) |
108 | return ret; | |
109 | } | |
110 | ||
111 | return 0; | |
112 | } | |
113 | ||
d06a09b9 JB |
114 | static int nla_validate_int_range_unsigned(const struct nla_policy *pt, |
115 | const struct nlattr *nla, | |
116 | struct netlink_ext_ack *extack) | |
3e48be05 | 117 | { |
d06a09b9 JB |
118 | struct netlink_range_validation _range = { |
119 | .min = 0, | |
120 | .max = U64_MAX, | |
121 | }, *range = &_range; | |
122 | u64 value; | |
3e48be05 | 123 | |
d06a09b9 JB |
124 | WARN_ON_ONCE(pt->validation_type != NLA_VALIDATE_RANGE_PTR && |
125 | (pt->min < 0 || pt->max < 0)); | |
126 | ||
127 | switch (pt->validation_type) { | |
128 | case NLA_VALIDATE_RANGE: | |
129 | range->min = pt->min; | |
130 | range->max = pt->max; | |
131 | break; | |
132 | case NLA_VALIDATE_RANGE_PTR: | |
133 | range = pt->range; | |
134 | break; | |
135 | case NLA_VALIDATE_MIN: | |
136 | range->min = pt->min; | |
137 | break; | |
138 | case NLA_VALIDATE_MAX: | |
139 | range->max = pt->max; | |
140 | break; | |
141 | } | |
3e48be05 JB |
142 | |
143 | switch (pt->type) { | |
144 | case NLA_U8: | |
145 | value = nla_get_u8(nla); | |
146 | break; | |
147 | case NLA_U16: | |
148 | value = nla_get_u16(nla); | |
149 | break; | |
150 | case NLA_U32: | |
151 | value = nla_get_u32(nla); | |
152 | break; | |
d06a09b9 | 153 | case NLA_U64: |
da4063bd | 154 | case NLA_MSECS: |
d06a09b9 JB |
155 | value = nla_get_u64(nla); |
156 | break; | |
157 | default: | |
158 | return -EINVAL; | |
159 | } | |
160 | ||
161 | if (value < range->min || value > range->max) { | |
162 | NL_SET_ERR_MSG_ATTR(extack, nla, | |
163 | "integer out of range"); | |
164 | return -ERANGE; | |
165 | } | |
166 | ||
167 | return 0; | |
168 | } | |
169 | ||
170 | static int nla_validate_int_range_signed(const struct nla_policy *pt, | |
171 | const struct nlattr *nla, | |
172 | struct netlink_ext_ack *extack) | |
173 | { | |
174 | struct netlink_range_validation_signed _range = { | |
175 | .min = S64_MIN, | |
176 | .max = S64_MAX, | |
177 | }, *range = &_range; | |
178 | s64 value; | |
179 | ||
180 | switch (pt->validation_type) { | |
181 | case NLA_VALIDATE_RANGE: | |
182 | range->min = pt->min; | |
183 | range->max = pt->max; | |
184 | break; | |
185 | case NLA_VALIDATE_RANGE_PTR: | |
186 | range = pt->range_signed; | |
187 | break; | |
188 | case NLA_VALIDATE_MIN: | |
189 | range->min = pt->min; | |
190 | break; | |
191 | case NLA_VALIDATE_MAX: | |
192 | range->max = pt->max; | |
193 | break; | |
194 | } | |
195 | ||
196 | switch (pt->type) { | |
3e48be05 JB |
197 | case NLA_S8: |
198 | value = nla_get_s8(nla); | |
199 | break; | |
200 | case NLA_S16: | |
201 | value = nla_get_s16(nla); | |
202 | break; | |
203 | case NLA_S32: | |
204 | value = nla_get_s32(nla); | |
205 | break; | |
206 | case NLA_S64: | |
207 | value = nla_get_s64(nla); | |
208 | break; | |
3e48be05 | 209 | default: |
3e48be05 JB |
210 | return -EINVAL; |
211 | } | |
212 | ||
d06a09b9 | 213 | if (value < range->min || value > range->max) { |
3e48be05 JB |
214 | NL_SET_ERR_MSG_ATTR(extack, nla, |
215 | "integer out of range"); | |
216 | return -ERANGE; | |
217 | } | |
218 | ||
219 | return 0; | |
220 | } | |
221 | ||
d06a09b9 JB |
222 | static int nla_validate_int_range(const struct nla_policy *pt, |
223 | const struct nlattr *nla, | |
224 | struct netlink_ext_ack *extack) | |
225 | { | |
226 | switch (pt->type) { | |
227 | case NLA_U8: | |
228 | case NLA_U16: | |
229 | case NLA_U32: | |
230 | case NLA_U64: | |
da4063bd | 231 | case NLA_MSECS: |
d06a09b9 JB |
232 | return nla_validate_int_range_unsigned(pt, nla, extack); |
233 | case NLA_S8: | |
234 | case NLA_S16: | |
235 | case NLA_S32: | |
236 | case NLA_S64: | |
237 | return nla_validate_int_range_signed(pt, nla, extack); | |
238 | default: | |
239 | WARN_ON(1); | |
240 | return -EINVAL; | |
241 | } | |
242 | } | |
243 | ||
3654654f | 244 | static int validate_nla(const struct nlattr *nla, int maxtype, |
8cb08174 | 245 | const struct nla_policy *policy, unsigned int validate, |
7690aa1c | 246 | struct netlink_ext_ack *extack, unsigned int depth) |
bfa83a9e | 247 | { |
56738f46 | 248 | u16 strict_start_type = policy[0].strict_start_type; |
ef7c79ed | 249 | const struct nla_policy *pt; |
8f4c1f9b | 250 | int minlen = 0, attrlen = nla_len(nla), type = nla_type(nla); |
c29f1845 | 251 | int err = -ERANGE; |
bfa83a9e | 252 | |
56738f46 JB |
253 | if (strict_start_type && type >= strict_start_type) |
254 | validate |= NL_VALIDATE_STRICT; | |
255 | ||
8f4c1f9b | 256 | if (type <= 0 || type > maxtype) |
bfa83a9e TG |
257 | return 0; |
258 | ||
8f4c1f9b | 259 | pt = &policy[type]; |
bfa83a9e TG |
260 | |
261 | BUG_ON(pt->type > NLA_TYPE_MAX); | |
262 | ||
b60b87fc | 263 | if ((nla_attr_len[pt->type] && attrlen != nla_attr_len[pt->type]) || |
c7721c05 JB |
264 | (pt->type == NLA_EXACT_LEN && |
265 | pt->validation_type == NLA_VALIDATE_WARN_TOO_LONG && | |
266 | attrlen != pt->len)) { | |
6e237d09 DA |
267 | pr_warn_ratelimited("netlink: '%s': attribute type %d has an invalid length.\n", |
268 | current->comm, type); | |
8cb08174 JB |
269 | if (validate & NL_VALIDATE_STRICT_ATTRS) { |
270 | NL_SET_ERR_MSG_ATTR(extack, nla, | |
271 | "invalid attribute length"); | |
272 | return -EINVAL; | |
273 | } | |
28033ae4 DA |
274 | } |
275 | ||
b424e432 MK |
276 | if (validate & NL_VALIDATE_NESTED) { |
277 | if ((pt->type == NLA_NESTED || pt->type == NLA_NESTED_ARRAY) && | |
278 | !(nla->nla_type & NLA_F_NESTED)) { | |
279 | NL_SET_ERR_MSG_ATTR(extack, nla, | |
280 | "NLA_F_NESTED is missing"); | |
281 | return -EINVAL; | |
282 | } | |
283 | if (pt->type != NLA_NESTED && pt->type != NLA_NESTED_ARRAY && | |
284 | pt->type != NLA_UNSPEC && (nla->nla_type & NLA_F_NESTED)) { | |
285 | NL_SET_ERR_MSG_ATTR(extack, nla, | |
286 | "NLA_F_NESTED not expected"); | |
287 | return -EINVAL; | |
288 | } | |
289 | } | |
290 | ||
a5531a5d | 291 | switch (pt->type) { |
568b742a | 292 | case NLA_REJECT: |
47a1494b | 293 | if (extack && pt->reject_message) { |
c29f1845 | 294 | NL_SET_BAD_ATTR(extack, nla); |
47a1494b | 295 | extack->_msg = pt->reject_message; |
c29f1845 JB |
296 | return -EINVAL; |
297 | } | |
298 | err = -EINVAL; | |
299 | goto out_err; | |
568b742a | 300 | |
a5531a5d TG |
301 | case NLA_FLAG: |
302 | if (attrlen > 0) | |
c29f1845 | 303 | goto out_err; |
a5531a5d | 304 | break; |
bfa83a9e | 305 | |
64c83d83 JHS |
306 | case NLA_BITFIELD32: |
307 | if (attrlen != sizeof(struct nla_bitfield32)) | |
c29f1845 | 308 | goto out_err; |
64c83d83 | 309 | |
47a1494b | 310 | err = validate_nla_bitfield32(nla, pt->bitfield32_valid); |
c29f1845 JB |
311 | if (err) |
312 | goto out_err; | |
313 | break; | |
64c83d83 | 314 | |
a5531a5d TG |
315 | case NLA_NUL_STRING: |
316 | if (pt->len) | |
317 | minlen = min_t(int, attrlen, pt->len + 1); | |
318 | else | |
319 | minlen = attrlen; | |
bfa83a9e | 320 | |
c29f1845 JB |
321 | if (!minlen || memchr(nla_data(nla), '\0', minlen) == NULL) { |
322 | err = -EINVAL; | |
323 | goto out_err; | |
324 | } | |
a5531a5d TG |
325 | /* fall through */ |
326 | ||
327 | case NLA_STRING: | |
328 | if (attrlen < 1) | |
c29f1845 | 329 | goto out_err; |
a5531a5d TG |
330 | |
331 | if (pt->len) { | |
332 | char *buf = nla_data(nla); | |
333 | ||
334 | if (buf[attrlen - 1] == '\0') | |
335 | attrlen--; | |
336 | ||
337 | if (attrlen > pt->len) | |
c29f1845 | 338 | goto out_err; |
a5531a5d TG |
339 | } |
340 | break; | |
341 | ||
d30045a0 JB |
342 | case NLA_BINARY: |
343 | if (pt->len && attrlen > pt->len) | |
c29f1845 | 344 | goto out_err; |
d30045a0 JB |
345 | break; |
346 | ||
ea5693cc PM |
347 | case NLA_NESTED: |
348 | /* a nested attributes is allowed to be empty; if its not, | |
349 | * it must have a size of at least NLA_HDRLEN. | |
350 | */ | |
351 | if (attrlen == 0) | |
352 | break; | |
9a659a35 JB |
353 | if (attrlen < NLA_HDRLEN) |
354 | goto out_err; | |
47a1494b | 355 | if (pt->nested_policy) { |
7690aa1c JB |
356 | err = __nla_validate_parse(nla_data(nla), nla_len(nla), |
357 | pt->len, pt->nested_policy, | |
358 | validate, extack, NULL, | |
359 | depth + 1); | |
9a659a35 JB |
360 | if (err < 0) { |
361 | /* | |
362 | * return directly to preserve the inner | |
363 | * error message/attribute pointer | |
364 | */ | |
365 | return err; | |
366 | } | |
367 | } | |
368 | break; | |
1501d135 JB |
369 | case NLA_NESTED_ARRAY: |
370 | /* a nested array attribute is allowed to be empty; if its not, | |
371 | * it must have a size of at least NLA_HDRLEN. | |
372 | */ | |
373 | if (attrlen == 0) | |
374 | break; | |
375 | if (attrlen < NLA_HDRLEN) | |
376 | goto out_err; | |
47a1494b | 377 | if (pt->nested_policy) { |
1501d135 JB |
378 | int err; |
379 | ||
380 | err = nla_validate_array(nla_data(nla), nla_len(nla), | |
47a1494b | 381 | pt->len, pt->nested_policy, |
7690aa1c | 382 | extack, validate, depth); |
1501d135 JB |
383 | if (err < 0) { |
384 | /* | |
385 | * return directly to preserve the inner | |
386 | * error message/attribute pointer | |
387 | */ | |
388 | return err; | |
389 | } | |
390 | } | |
391 | break; | |
6f455f5f JB |
392 | |
393 | case NLA_UNSPEC: | |
8cb08174 JB |
394 | if (validate & NL_VALIDATE_UNSPEC) { |
395 | NL_SET_ERR_MSG_ATTR(extack, nla, | |
396 | "Unsupported attribute"); | |
397 | return -EINVAL; | |
398 | } | |
399 | /* fall through */ | |
6f455f5f JB |
400 | case NLA_MIN_LEN: |
401 | if (attrlen < pt->len) | |
402 | goto out_err; | |
403 | break; | |
404 | ||
c7721c05 JB |
405 | case NLA_EXACT_LEN: |
406 | if (pt->validation_type != NLA_VALIDATE_WARN_TOO_LONG) { | |
407 | if (attrlen != pt->len) | |
408 | goto out_err; | |
409 | break; | |
410 | } | |
411 | /* fall through */ | |
a5531a5d TG |
412 | default: |
413 | if (pt->len) | |
414 | minlen = pt->len; | |
6f455f5f | 415 | else |
a5531a5d TG |
416 | minlen = nla_attr_minlen[pt->type]; |
417 | ||
418 | if (attrlen < minlen) | |
c29f1845 | 419 | goto out_err; |
a5531a5d | 420 | } |
bfa83a9e | 421 | |
3e48be05 JB |
422 | /* further validation */ |
423 | switch (pt->validation_type) { | |
424 | case NLA_VALIDATE_NONE: | |
425 | /* nothing to do */ | |
426 | break; | |
d06a09b9 | 427 | case NLA_VALIDATE_RANGE_PTR: |
3e48be05 JB |
428 | case NLA_VALIDATE_RANGE: |
429 | case NLA_VALIDATE_MIN: | |
430 | case NLA_VALIDATE_MAX: | |
431 | err = nla_validate_int_range(pt, nla, extack); | |
432 | if (err) | |
433 | return err; | |
434 | break; | |
33188bd6 JB |
435 | case NLA_VALIDATE_FUNCTION: |
436 | if (pt->validate) { | |
437 | err = pt->validate(nla, extack); | |
438 | if (err) | |
439 | return err; | |
440 | } | |
441 | break; | |
3e48be05 JB |
442 | } |
443 | ||
bfa83a9e | 444 | return 0; |
c29f1845 JB |
445 | out_err: |
446 | NL_SET_ERR_MSG_ATTR(extack, nla, "Attribute failed policy validation"); | |
447 | return err; | |
bfa83a9e TG |
448 | } |
449 | ||
8cb08174 JB |
450 | static int __nla_validate_parse(const struct nlattr *head, int len, int maxtype, |
451 | const struct nla_policy *policy, | |
452 | unsigned int validate, | |
453 | struct netlink_ext_ack *extack, | |
7690aa1c | 454 | struct nlattr **tb, unsigned int depth) |
8cb08174 JB |
455 | { |
456 | const struct nlattr *nla; | |
457 | int rem; | |
458 | ||
7690aa1c JB |
459 | if (depth >= MAX_POLICY_RECURSION_DEPTH) { |
460 | NL_SET_ERR_MSG(extack, | |
461 | "allowed policy recursion depth exceeded"); | |
462 | return -EINVAL; | |
463 | } | |
464 | ||
8cb08174 JB |
465 | if (tb) |
466 | memset(tb, 0, sizeof(struct nlattr *) * (maxtype + 1)); | |
467 | ||
468 | nla_for_each_attr(nla, head, len, rem) { | |
469 | u16 type = nla_type(nla); | |
470 | ||
471 | if (type == 0 || type > maxtype) { | |
472 | if (validate & NL_VALIDATE_MAXTYPE) { | |
d54a16b2 MK |
473 | NL_SET_ERR_MSG_ATTR(extack, nla, |
474 | "Unknown attribute type"); | |
8cb08174 JB |
475 | return -EINVAL; |
476 | } | |
477 | continue; | |
478 | } | |
479 | if (policy) { | |
480 | int err = validate_nla(nla, maxtype, policy, | |
7690aa1c | 481 | validate, extack, depth); |
8cb08174 JB |
482 | |
483 | if (err < 0) | |
484 | return err; | |
485 | } | |
486 | ||
487 | if (tb) | |
488 | tb[type] = (struct nlattr *)nla; | |
489 | } | |
490 | ||
491 | if (unlikely(rem > 0)) { | |
492 | pr_warn_ratelimited("netlink: %d bytes leftover after parsing attributes in process `%s'.\n", | |
493 | rem, current->comm); | |
494 | NL_SET_ERR_MSG(extack, "bytes leftover after parsing attributes"); | |
495 | if (validate & NL_VALIDATE_TRAILING) | |
496 | return -EINVAL; | |
497 | } | |
498 | ||
499 | return 0; | |
500 | } | |
501 | ||
bfa83a9e | 502 | /** |
8cb08174 | 503 | * __nla_validate - Validate a stream of attributes |
bfa83a9e TG |
504 | * @head: head of attribute stream |
505 | * @len: length of attribute stream | |
506 | * @maxtype: maximum attribute type to be expected | |
507 | * @policy: validation policy | |
8cb08174 | 508 | * @validate: validation strictness |
fceb6435 | 509 | * @extack: extended ACK report struct |
bfa83a9e TG |
510 | * |
511 | * Validates all attributes in the specified attribute stream against the | |
8cb08174 JB |
512 | * specified policy. Validation depends on the validate flags passed, see |
513 | * &enum netlink_validation for more details on that. | |
514 | * See documenation of struct nla_policy for more details. | |
bfa83a9e TG |
515 | * |
516 | * Returns 0 on success or a negative error code. | |
517 | */ | |
8cb08174 JB |
518 | int __nla_validate(const struct nlattr *head, int len, int maxtype, |
519 | const struct nla_policy *policy, unsigned int validate, | |
520 | struct netlink_ext_ack *extack) | |
bfa83a9e | 521 | { |
8cb08174 | 522 | return __nla_validate_parse(head, len, maxtype, policy, validate, |
7690aa1c | 523 | extack, NULL, 0); |
bfa83a9e | 524 | } |
8cb08174 | 525 | EXPORT_SYMBOL(__nla_validate); |
bfa83a9e | 526 | |
e487eb99 HE |
527 | /** |
528 | * nla_policy_len - Determin the max. length of a policy | |
529 | * @policy: policy to use | |
530 | * @n: number of policies | |
531 | * | |
532 | * Determines the max. length of the policy. It is currently used | |
533 | * to allocated Netlink buffers roughly the size of the actual | |
534 | * message. | |
535 | * | |
536 | * Returns 0 on success or a negative error code. | |
537 | */ | |
538 | int | |
539 | nla_policy_len(const struct nla_policy *p, int n) | |
540 | { | |
541 | int i, len = 0; | |
542 | ||
e3fa3aff | 543 | for (i = 0; i < n; i++, p++) { |
e487eb99 HE |
544 | if (p->len) |
545 | len += nla_total_size(p->len); | |
28033ae4 DA |
546 | else if (nla_attr_len[p->type]) |
547 | len += nla_total_size(nla_attr_len[p->type]); | |
e487eb99 HE |
548 | else if (nla_attr_minlen[p->type]) |
549 | len += nla_total_size(nla_attr_minlen[p->type]); | |
550 | } | |
551 | ||
552 | return len; | |
553 | } | |
6d6a138f | 554 | EXPORT_SYMBOL(nla_policy_len); |
e487eb99 | 555 | |
bfa83a9e | 556 | /** |
8cb08174 | 557 | * __nla_parse - Parse a stream of attributes into a tb buffer |
bfa83a9e TG |
558 | * @tb: destination array with maxtype+1 elements |
559 | * @maxtype: maximum attribute type to be expected | |
560 | * @head: head of attribute stream | |
561 | * @len: length of attribute stream | |
10b595af | 562 | * @policy: validation policy |
8cb08174 JB |
563 | * @validate: validation strictness |
564 | * @extack: extended ACK pointer | |
bfa83a9e TG |
565 | * |
566 | * Parses a stream of attributes and stores a pointer to each attribute in | |
8cb08174 JB |
567 | * the tb array accessible via the attribute type. |
568 | * Validation is controlled by the @validate parameter. | |
bfa83a9e TG |
569 | * |
570 | * Returns 0 on success or a negative error code. | |
571 | */ | |
8cb08174 JB |
572 | int __nla_parse(struct nlattr **tb, int maxtype, |
573 | const struct nlattr *head, int len, | |
574 | const struct nla_policy *policy, unsigned int validate, | |
575 | struct netlink_ext_ack *extack) | |
a5f6cba2 | 576 | { |
8cb08174 | 577 | return __nla_validate_parse(head, len, maxtype, policy, validate, |
7690aa1c | 578 | extack, tb, 0); |
a5f6cba2 | 579 | } |
8cb08174 | 580 | EXPORT_SYMBOL(__nla_parse); |
a5f6cba2 | 581 | |
bfa83a9e TG |
582 | /** |
583 | * nla_find - Find a specific attribute in a stream of attributes | |
584 | * @head: head of attribute stream | |
585 | * @len: length of attribute stream | |
586 | * @attrtype: type of attribute to look for | |
587 | * | |
588 | * Returns the first attribute in the stream matching the specified type. | |
589 | */ | |
3654654f | 590 | struct nlattr *nla_find(const struct nlattr *head, int len, int attrtype) |
bfa83a9e | 591 | { |
3654654f | 592 | const struct nlattr *nla; |
bfa83a9e TG |
593 | int rem; |
594 | ||
595 | nla_for_each_attr(nla, head, len, rem) | |
8f4c1f9b | 596 | if (nla_type(nla) == attrtype) |
3654654f | 597 | return (struct nlattr *)nla; |
bfa83a9e TG |
598 | |
599 | return NULL; | |
600 | } | |
6d6a138f | 601 | EXPORT_SYMBOL(nla_find); |
bfa83a9e TG |
602 | |
603 | /** | |
604 | * nla_strlcpy - Copy string attribute payload into a sized buffer | |
605 | * @dst: where to copy the string to | |
10b595af | 606 | * @nla: attribute to copy the string from |
bfa83a9e TG |
607 | * @dstsize: size of destination buffer |
608 | * | |
609 | * Copies at most dstsize - 1 bytes into the destination buffer. | |
610 | * The result is always a valid NUL-terminated string. Unlike | |
611 | * strlcpy the destination buffer is always padded out. | |
612 | * | |
613 | * Returns the length of the source buffer. | |
614 | */ | |
615 | size_t nla_strlcpy(char *dst, const struct nlattr *nla, size_t dstsize) | |
616 | { | |
617 | size_t srclen = nla_len(nla); | |
618 | char *src = nla_data(nla); | |
619 | ||
620 | if (srclen > 0 && src[srclen - 1] == '\0') | |
621 | srclen--; | |
622 | ||
623 | if (dstsize > 0) { | |
624 | size_t len = (srclen >= dstsize) ? dstsize - 1 : srclen; | |
625 | ||
626 | memset(dst, 0, dstsize); | |
627 | memcpy(dst, src, len); | |
628 | } | |
629 | ||
630 | return srclen; | |
631 | } | |
6d6a138f | 632 | EXPORT_SYMBOL(nla_strlcpy); |
bfa83a9e | 633 | |
2cf0c8b3 PS |
634 | /** |
635 | * nla_strdup - Copy string attribute payload into a newly allocated buffer | |
636 | * @nla: attribute to copy the string from | |
637 | * @flags: the type of memory to allocate (see kmalloc). | |
638 | * | |
639 | * Returns a pointer to the allocated buffer or NULL on error. | |
640 | */ | |
641 | char *nla_strdup(const struct nlattr *nla, gfp_t flags) | |
642 | { | |
643 | size_t srclen = nla_len(nla); | |
644 | char *src = nla_data(nla), *dst; | |
645 | ||
646 | if (srclen > 0 && src[srclen - 1] == '\0') | |
647 | srclen--; | |
648 | ||
649 | dst = kmalloc(srclen + 1, flags); | |
650 | if (dst != NULL) { | |
651 | memcpy(dst, src, srclen); | |
652 | dst[srclen] = '\0'; | |
653 | } | |
654 | return dst; | |
655 | } | |
656 | EXPORT_SYMBOL(nla_strdup); | |
657 | ||
bfa83a9e TG |
658 | /** |
659 | * nla_memcpy - Copy a netlink attribute into another memory area | |
660 | * @dest: where to copy to memcpy | |
661 | * @src: netlink attribute to copy from | |
662 | * @count: size of the destination area | |
663 | * | |
664 | * Note: The number of bytes copied is limited by the length of | |
665 | * attribute's payload. memcpy | |
666 | * | |
667 | * Returns the number of bytes copied. | |
668 | */ | |
b057efd4 | 669 | int nla_memcpy(void *dest, const struct nlattr *src, int count) |
bfa83a9e TG |
670 | { |
671 | int minlen = min_t(int, count, nla_len(src)); | |
672 | ||
673 | memcpy(dest, nla_data(src), minlen); | |
5899f047 JB |
674 | if (count > minlen) |
675 | memset(dest + minlen, 0, count - minlen); | |
bfa83a9e TG |
676 | |
677 | return minlen; | |
678 | } | |
6d6a138f | 679 | EXPORT_SYMBOL(nla_memcpy); |
bfa83a9e TG |
680 | |
681 | /** | |
682 | * nla_memcmp - Compare an attribute with sized memory area | |
683 | * @nla: netlink attribute | |
684 | * @data: memory area | |
685 | * @size: size of memory area | |
686 | */ | |
687 | int nla_memcmp(const struct nlattr *nla, const void *data, | |
688 | size_t size) | |
689 | { | |
690 | int d = nla_len(nla) - size; | |
691 | ||
692 | if (d == 0) | |
693 | d = memcmp(nla_data(nla), data, size); | |
694 | ||
695 | return d; | |
696 | } | |
6d6a138f | 697 | EXPORT_SYMBOL(nla_memcmp); |
bfa83a9e TG |
698 | |
699 | /** | |
700 | * nla_strcmp - Compare a string attribute against a string | |
701 | * @nla: netlink string attribute | |
702 | * @str: another string | |
703 | */ | |
704 | int nla_strcmp(const struct nlattr *nla, const char *str) | |
705 | { | |
8b7b9324 PN |
706 | int len = strlen(str); |
707 | char *buf = nla_data(nla); | |
708 | int attrlen = nla_len(nla); | |
709 | int d; | |
bfa83a9e | 710 | |
8b7b9324 PN |
711 | if (attrlen > 0 && buf[attrlen - 1] == '\0') |
712 | attrlen--; | |
713 | ||
714 | d = attrlen - len; | |
bfa83a9e TG |
715 | if (d == 0) |
716 | d = memcmp(nla_data(nla), str, len); | |
717 | ||
718 | return d; | |
719 | } | |
6d6a138f | 720 | EXPORT_SYMBOL(nla_strcmp); |
bfa83a9e | 721 | |
90800216 | 722 | #ifdef CONFIG_NET |
bfa83a9e TG |
723 | /** |
724 | * __nla_reserve - reserve room for attribute on the skb | |
725 | * @skb: socket buffer to reserve room on | |
726 | * @attrtype: attribute type | |
727 | * @attrlen: length of attribute payload | |
728 | * | |
729 | * Adds a netlink attribute header to a socket buffer and reserves | |
730 | * room for the payload but does not copy it. | |
731 | * | |
732 | * The caller is responsible to ensure that the skb provides enough | |
733 | * tailroom for the attribute header and payload. | |
734 | */ | |
735 | struct nlattr *__nla_reserve(struct sk_buff *skb, int attrtype, int attrlen) | |
736 | { | |
737 | struct nlattr *nla; | |
738 | ||
4df864c1 | 739 | nla = skb_put(skb, nla_total_size(attrlen)); |
bfa83a9e TG |
740 | nla->nla_type = attrtype; |
741 | nla->nla_len = nla_attr_size(attrlen); | |
742 | ||
743 | memset((unsigned char *) nla + nla->nla_len, 0, nla_padlen(attrlen)); | |
744 | ||
745 | return nla; | |
746 | } | |
90800216 | 747 | EXPORT_SYMBOL(__nla_reserve); |
bfa83a9e | 748 | |
089bf1a6 ND |
749 | /** |
750 | * __nla_reserve_64bit - reserve room for attribute on the skb and align it | |
751 | * @skb: socket buffer to reserve room on | |
752 | * @attrtype: attribute type | |
753 | * @attrlen: length of attribute payload | |
11a99573 | 754 | * @padattr: attribute type for the padding |
089bf1a6 ND |
755 | * |
756 | * Adds a netlink attribute header to a socket buffer and reserves | |
757 | * room for the payload but does not copy it. It also ensure that this | |
11a99573 | 758 | * attribute will have a 64-bit aligned nla_data() area. |
089bf1a6 ND |
759 | * |
760 | * The caller is responsible to ensure that the skb provides enough | |
761 | * tailroom for the attribute header and payload. | |
762 | */ | |
763 | struct nlattr *__nla_reserve_64bit(struct sk_buff *skb, int attrtype, | |
764 | int attrlen, int padattr) | |
765 | { | |
766 | if (nla_need_padding_for_64bit(skb)) | |
767 | nla_align_64bit(skb, padattr); | |
768 | ||
769 | return __nla_reserve(skb, attrtype, attrlen); | |
770 | } | |
771 | EXPORT_SYMBOL(__nla_reserve_64bit); | |
772 | ||
fe4944e5 TG |
773 | /** |
774 | * __nla_reserve_nohdr - reserve room for attribute without header | |
775 | * @skb: socket buffer to reserve room on | |
776 | * @attrlen: length of attribute payload | |
777 | * | |
778 | * Reserves room for attribute payload without a header. | |
779 | * | |
780 | * The caller is responsible to ensure that the skb provides enough | |
781 | * tailroom for the payload. | |
782 | */ | |
783 | void *__nla_reserve_nohdr(struct sk_buff *skb, int attrlen) | |
784 | { | |
b952f4df | 785 | return skb_put_zero(skb, NLA_ALIGN(attrlen)); |
fe4944e5 | 786 | } |
90800216 | 787 | EXPORT_SYMBOL(__nla_reserve_nohdr); |
fe4944e5 | 788 | |
bfa83a9e TG |
789 | /** |
790 | * nla_reserve - reserve room for attribute on the skb | |
791 | * @skb: socket buffer to reserve room on | |
792 | * @attrtype: attribute type | |
793 | * @attrlen: length of attribute payload | |
794 | * | |
795 | * Adds a netlink attribute header to a socket buffer and reserves | |
796 | * room for the payload but does not copy it. | |
797 | * | |
798 | * Returns NULL if the tailroom of the skb is insufficient to store | |
799 | * the attribute header and payload. | |
800 | */ | |
801 | struct nlattr *nla_reserve(struct sk_buff *skb, int attrtype, int attrlen) | |
802 | { | |
803 | if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen))) | |
804 | return NULL; | |
805 | ||
806 | return __nla_reserve(skb, attrtype, attrlen); | |
807 | } | |
90800216 | 808 | EXPORT_SYMBOL(nla_reserve); |
bfa83a9e | 809 | |
089bf1a6 ND |
810 | /** |
811 | * nla_reserve_64bit - reserve room for attribute on the skb and align it | |
812 | * @skb: socket buffer to reserve room on | |
813 | * @attrtype: attribute type | |
814 | * @attrlen: length of attribute payload | |
11a99573 | 815 | * @padattr: attribute type for the padding |
089bf1a6 ND |
816 | * |
817 | * Adds a netlink attribute header to a socket buffer and reserves | |
818 | * room for the payload but does not copy it. It also ensure that this | |
11a99573 | 819 | * attribute will have a 64-bit aligned nla_data() area. |
089bf1a6 ND |
820 | * |
821 | * Returns NULL if the tailroom of the skb is insufficient to store | |
822 | * the attribute header and payload. | |
823 | */ | |
824 | struct nlattr *nla_reserve_64bit(struct sk_buff *skb, int attrtype, int attrlen, | |
825 | int padattr) | |
826 | { | |
827 | size_t len; | |
828 | ||
829 | if (nla_need_padding_for_64bit(skb)) | |
830 | len = nla_total_size_64bit(attrlen); | |
831 | else | |
832 | len = nla_total_size(attrlen); | |
833 | if (unlikely(skb_tailroom(skb) < len)) | |
834 | return NULL; | |
835 | ||
836 | return __nla_reserve_64bit(skb, attrtype, attrlen, padattr); | |
837 | } | |
838 | EXPORT_SYMBOL(nla_reserve_64bit); | |
839 | ||
fe4944e5 | 840 | /** |
10b595af | 841 | * nla_reserve_nohdr - reserve room for attribute without header |
fe4944e5 | 842 | * @skb: socket buffer to reserve room on |
10b595af | 843 | * @attrlen: length of attribute payload |
fe4944e5 TG |
844 | * |
845 | * Reserves room for attribute payload without a header. | |
846 | * | |
847 | * Returns NULL if the tailroom of the skb is insufficient to store | |
848 | * the attribute payload. | |
849 | */ | |
850 | void *nla_reserve_nohdr(struct sk_buff *skb, int attrlen) | |
851 | { | |
852 | if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen))) | |
853 | return NULL; | |
854 | ||
855 | return __nla_reserve_nohdr(skb, attrlen); | |
856 | } | |
90800216 | 857 | EXPORT_SYMBOL(nla_reserve_nohdr); |
fe4944e5 | 858 | |
bfa83a9e TG |
859 | /** |
860 | * __nla_put - Add a netlink attribute to a socket buffer | |
861 | * @skb: socket buffer to add attribute to | |
862 | * @attrtype: attribute type | |
863 | * @attrlen: length of attribute payload | |
864 | * @data: head of attribute payload | |
865 | * | |
866 | * The caller is responsible to ensure that the skb provides enough | |
867 | * tailroom for the attribute header and payload. | |
868 | */ | |
869 | void __nla_put(struct sk_buff *skb, int attrtype, int attrlen, | |
870 | const void *data) | |
871 | { | |
872 | struct nlattr *nla; | |
873 | ||
874 | nla = __nla_reserve(skb, attrtype, attrlen); | |
875 | memcpy(nla_data(nla), data, attrlen); | |
876 | } | |
90800216 | 877 | EXPORT_SYMBOL(__nla_put); |
bfa83a9e | 878 | |
089bf1a6 ND |
879 | /** |
880 | * __nla_put_64bit - Add a netlink attribute to a socket buffer and align it | |
881 | * @skb: socket buffer to add attribute to | |
882 | * @attrtype: attribute type | |
883 | * @attrlen: length of attribute payload | |
884 | * @data: head of attribute payload | |
11a99573 | 885 | * @padattr: attribute type for the padding |
089bf1a6 ND |
886 | * |
887 | * The caller is responsible to ensure that the skb provides enough | |
888 | * tailroom for the attribute header and payload. | |
889 | */ | |
890 | void __nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen, | |
891 | const void *data, int padattr) | |
892 | { | |
893 | struct nlattr *nla; | |
894 | ||
895 | nla = __nla_reserve_64bit(skb, attrtype, attrlen, padattr); | |
896 | memcpy(nla_data(nla), data, attrlen); | |
897 | } | |
898 | EXPORT_SYMBOL(__nla_put_64bit); | |
899 | ||
fe4944e5 TG |
900 | /** |
901 | * __nla_put_nohdr - Add a netlink attribute without header | |
902 | * @skb: socket buffer to add attribute to | |
903 | * @attrlen: length of attribute payload | |
904 | * @data: head of attribute payload | |
905 | * | |
906 | * The caller is responsible to ensure that the skb provides enough | |
907 | * tailroom for the attribute payload. | |
908 | */ | |
909 | void __nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data) | |
910 | { | |
911 | void *start; | |
912 | ||
913 | start = __nla_reserve_nohdr(skb, attrlen); | |
914 | memcpy(start, data, attrlen); | |
915 | } | |
90800216 | 916 | EXPORT_SYMBOL(__nla_put_nohdr); |
bfa83a9e TG |
917 | |
918 | /** | |
919 | * nla_put - Add a netlink attribute to a socket buffer | |
920 | * @skb: socket buffer to add attribute to | |
921 | * @attrtype: attribute type | |
922 | * @attrlen: length of attribute payload | |
923 | * @data: head of attribute payload | |
924 | * | |
bc3ed28c | 925 | * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store |
bfa83a9e TG |
926 | * the attribute header and payload. |
927 | */ | |
928 | int nla_put(struct sk_buff *skb, int attrtype, int attrlen, const void *data) | |
929 | { | |
930 | if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen))) | |
bc3ed28c | 931 | return -EMSGSIZE; |
bfa83a9e TG |
932 | |
933 | __nla_put(skb, attrtype, attrlen, data); | |
934 | return 0; | |
935 | } | |
90800216 | 936 | EXPORT_SYMBOL(nla_put); |
bfa83a9e | 937 | |
089bf1a6 ND |
938 | /** |
939 | * nla_put_64bit - Add a netlink attribute to a socket buffer and align it | |
940 | * @skb: socket buffer to add attribute to | |
941 | * @attrtype: attribute type | |
942 | * @attrlen: length of attribute payload | |
943 | * @data: head of attribute payload | |
11a99573 | 944 | * @padattr: attribute type for the padding |
089bf1a6 ND |
945 | * |
946 | * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store | |
947 | * the attribute header and payload. | |
948 | */ | |
949 | int nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen, | |
950 | const void *data, int padattr) | |
951 | { | |
952 | size_t len; | |
953 | ||
954 | if (nla_need_padding_for_64bit(skb)) | |
955 | len = nla_total_size_64bit(attrlen); | |
956 | else | |
957 | len = nla_total_size(attrlen); | |
958 | if (unlikely(skb_tailroom(skb) < len)) | |
959 | return -EMSGSIZE; | |
960 | ||
961 | __nla_put_64bit(skb, attrtype, attrlen, data, padattr); | |
962 | return 0; | |
963 | } | |
964 | EXPORT_SYMBOL(nla_put_64bit); | |
965 | ||
fe4944e5 TG |
966 | /** |
967 | * nla_put_nohdr - Add a netlink attribute without header | |
968 | * @skb: socket buffer to add attribute to | |
969 | * @attrlen: length of attribute payload | |
970 | * @data: head of attribute payload | |
971 | * | |
bc3ed28c | 972 | * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store |
fe4944e5 TG |
973 | * the attribute payload. |
974 | */ | |
975 | int nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data) | |
976 | { | |
977 | if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen))) | |
bc3ed28c | 978 | return -EMSGSIZE; |
fe4944e5 TG |
979 | |
980 | __nla_put_nohdr(skb, attrlen, data); | |
981 | return 0; | |
982 | } | |
90800216 | 983 | EXPORT_SYMBOL(nla_put_nohdr); |
bfa83a9e | 984 | |
01480e1c PM |
985 | /** |
986 | * nla_append - Add a netlink attribute without header or padding | |
987 | * @skb: socket buffer to add attribute to | |
988 | * @attrlen: length of attribute payload | |
989 | * @data: head of attribute payload | |
990 | * | |
bc3ed28c | 991 | * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store |
01480e1c PM |
992 | * the attribute payload. |
993 | */ | |
994 | int nla_append(struct sk_buff *skb, int attrlen, const void *data) | |
995 | { | |
996 | if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen))) | |
bc3ed28c | 997 | return -EMSGSIZE; |
01480e1c | 998 | |
59ae1d12 | 999 | skb_put_data(skb, data, attrlen); |
01480e1c PM |
1000 | return 0; |
1001 | } | |
90800216 HX |
1002 | EXPORT_SYMBOL(nla_append); |
1003 | #endif |