Back to home page

LXR

 
 

    


0001 /*
0002  * NETLINK      Netlink attributes
0003  *
0004  *      Authors:    Thomas Graf <tgraf@suug.ch>
0005  *              Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
0006  */
0007 
0008 #include <linux/export.h>
0009 #include <linux/kernel.h>
0010 #include <linux/errno.h>
0011 #include <linux/jiffies.h>
0012 #include <linux/skbuff.h>
0013 #include <linux/string.h>
0014 #include <linux/types.h>
0015 #include <net/netlink.h>
0016 
0017 static const u8 nla_attr_minlen[NLA_TYPE_MAX+1] = {
0018     [NLA_U8]    = sizeof(u8),
0019     [NLA_U16]   = sizeof(u16),
0020     [NLA_U32]   = sizeof(u32),
0021     [NLA_U64]   = sizeof(u64),
0022     [NLA_MSECS] = sizeof(u64),
0023     [NLA_NESTED]    = NLA_HDRLEN,
0024     [NLA_S8]    = sizeof(s8),
0025     [NLA_S16]   = sizeof(s16),
0026     [NLA_S32]   = sizeof(s32),
0027     [NLA_S64]   = sizeof(s64),
0028 };
0029 
0030 static int validate_nla(const struct nlattr *nla, int maxtype,
0031             const struct nla_policy *policy)
0032 {
0033     const struct nla_policy *pt;
0034     int minlen = 0, attrlen = nla_len(nla), type = nla_type(nla);
0035 
0036     if (type <= 0 || type > maxtype)
0037         return 0;
0038 
0039     pt = &policy[type];
0040 
0041     BUG_ON(pt->type > NLA_TYPE_MAX);
0042 
0043     switch (pt->type) {
0044     case NLA_FLAG:
0045         if (attrlen > 0)
0046             return -ERANGE;
0047         break;
0048 
0049     case NLA_NUL_STRING:
0050         if (pt->len)
0051             minlen = min_t(int, attrlen, pt->len + 1);
0052         else
0053             minlen = attrlen;
0054 
0055         if (!minlen || memchr(nla_data(nla), '\0', minlen) == NULL)
0056             return -EINVAL;
0057         /* fall through */
0058 
0059     case NLA_STRING:
0060         if (attrlen < 1)
0061             return -ERANGE;
0062 
0063         if (pt->len) {
0064             char *buf = nla_data(nla);
0065 
0066             if (buf[attrlen - 1] == '\0')
0067                 attrlen--;
0068 
0069             if (attrlen > pt->len)
0070                 return -ERANGE;
0071         }
0072         break;
0073 
0074     case NLA_BINARY:
0075         if (pt->len && attrlen > pt->len)
0076             return -ERANGE;
0077         break;
0078 
0079     case NLA_NESTED_COMPAT:
0080         if (attrlen < pt->len)
0081             return -ERANGE;
0082         if (attrlen < NLA_ALIGN(pt->len))
0083             break;
0084         if (attrlen < NLA_ALIGN(pt->len) + NLA_HDRLEN)
0085             return -ERANGE;
0086         nla = nla_data(nla) + NLA_ALIGN(pt->len);
0087         if (attrlen < NLA_ALIGN(pt->len) + NLA_HDRLEN + nla_len(nla))
0088             return -ERANGE;
0089         break;
0090     case NLA_NESTED:
0091         /* a nested attributes is allowed to be empty; if its not,
0092          * it must have a size of at least NLA_HDRLEN.
0093          */
0094         if (attrlen == 0)
0095             break;
0096     default:
0097         if (pt->len)
0098             minlen = pt->len;
0099         else if (pt->type != NLA_UNSPEC)
0100             minlen = nla_attr_minlen[pt->type];
0101 
0102         if (attrlen < minlen)
0103             return -ERANGE;
0104     }
0105 
0106     return 0;
0107 }
0108 
0109 /**
0110  * nla_validate - Validate a stream of attributes
0111  * @head: head of attribute stream
0112  * @len: length of attribute stream
0113  * @maxtype: maximum attribute type to be expected
0114  * @policy: validation policy
0115  *
0116  * Validates all attributes in the specified attribute stream against the
0117  * specified policy. Attributes with a type exceeding maxtype will be
0118  * ignored. See documenation of struct nla_policy for more details.
0119  *
0120  * Returns 0 on success or a negative error code.
0121  */
0122 int nla_validate(const struct nlattr *head, int len, int maxtype,
0123          const struct nla_policy *policy)
0124 {
0125     const struct nlattr *nla;
0126     int rem, err;
0127 
0128     nla_for_each_attr(nla, head, len, rem) {
0129         err = validate_nla(nla, maxtype, policy);
0130         if (err < 0)
0131             goto errout;
0132     }
0133 
0134     err = 0;
0135 errout:
0136     return err;
0137 }
0138 EXPORT_SYMBOL(nla_validate);
0139 
0140 /**
0141  * nla_policy_len - Determin the max. length of a policy
0142  * @policy: policy to use
0143  * @n: number of policies
0144  *
0145  * Determines the max. length of the policy.  It is currently used
0146  * to allocated Netlink buffers roughly the size of the actual
0147  * message.
0148  *
0149  * Returns 0 on success or a negative error code.
0150  */
0151 int
0152 nla_policy_len(const struct nla_policy *p, int n)
0153 {
0154     int i, len = 0;
0155 
0156     for (i = 0; i < n; i++, p++) {
0157         if (p->len)
0158             len += nla_total_size(p->len);
0159         else if (nla_attr_minlen[p->type])
0160             len += nla_total_size(nla_attr_minlen[p->type]);
0161     }
0162 
0163     return len;
0164 }
0165 EXPORT_SYMBOL(nla_policy_len);
0166 
0167 /**
0168  * nla_parse - Parse a stream of attributes into a tb buffer
0169  * @tb: destination array with maxtype+1 elements
0170  * @maxtype: maximum attribute type to be expected
0171  * @head: head of attribute stream
0172  * @len: length of attribute stream
0173  * @policy: validation policy
0174  *
0175  * Parses a stream of attributes and stores a pointer to each attribute in
0176  * the tb array accessible via the attribute type. Attributes with a type
0177  * exceeding maxtype will be silently ignored for backwards compatibility
0178  * reasons. policy may be set to NULL if no validation is required.
0179  *
0180  * Returns 0 on success or a negative error code.
0181  */
0182 int nla_parse(struct nlattr **tb, int maxtype, const struct nlattr *head,
0183           int len, const struct nla_policy *policy)
0184 {
0185     const struct nlattr *nla;
0186     int rem, err;
0187 
0188     memset(tb, 0, sizeof(struct nlattr *) * (maxtype + 1));
0189 
0190     nla_for_each_attr(nla, head, len, rem) {
0191         u16 type = nla_type(nla);
0192 
0193         if (type > 0 && type <= maxtype) {
0194             if (policy) {
0195                 err = validate_nla(nla, maxtype, policy);
0196                 if (err < 0)
0197                     goto errout;
0198             }
0199 
0200             tb[type] = (struct nlattr *)nla;
0201         }
0202     }
0203 
0204     if (unlikely(rem > 0))
0205         pr_warn_ratelimited("netlink: %d bytes leftover after parsing attributes in process `%s'.\n",
0206                     rem, current->comm);
0207 
0208     err = 0;
0209 errout:
0210     return err;
0211 }
0212 EXPORT_SYMBOL(nla_parse);
0213 
0214 /**
0215  * nla_find - Find a specific attribute in a stream of attributes
0216  * @head: head of attribute stream
0217  * @len: length of attribute stream
0218  * @attrtype: type of attribute to look for
0219  *
0220  * Returns the first attribute in the stream matching the specified type.
0221  */
0222 struct nlattr *nla_find(const struct nlattr *head, int len, int attrtype)
0223 {
0224     const struct nlattr *nla;
0225     int rem;
0226 
0227     nla_for_each_attr(nla, head, len, rem)
0228         if (nla_type(nla) == attrtype)
0229             return (struct nlattr *)nla;
0230 
0231     return NULL;
0232 }
0233 EXPORT_SYMBOL(nla_find);
0234 
0235 /**
0236  * nla_strlcpy - Copy string attribute payload into a sized buffer
0237  * @dst: where to copy the string to
0238  * @nla: attribute to copy the string from
0239  * @dstsize: size of destination buffer
0240  *
0241  * Copies at most dstsize - 1 bytes into the destination buffer.
0242  * The result is always a valid NUL-terminated string. Unlike
0243  * strlcpy the destination buffer is always padded out.
0244  *
0245  * Returns the length of the source buffer.
0246  */
0247 size_t nla_strlcpy(char *dst, const struct nlattr *nla, size_t dstsize)
0248 {
0249     size_t srclen = nla_len(nla);
0250     char *src = nla_data(nla);
0251 
0252     if (srclen > 0 && src[srclen - 1] == '\0')
0253         srclen--;
0254 
0255     if (dstsize > 0) {
0256         size_t len = (srclen >= dstsize) ? dstsize - 1 : srclen;
0257 
0258         memset(dst, 0, dstsize);
0259         memcpy(dst, src, len);
0260     }
0261 
0262     return srclen;
0263 }
0264 EXPORT_SYMBOL(nla_strlcpy);
0265 
0266 /**
0267  * nla_memcpy - Copy a netlink attribute into another memory area
0268  * @dest: where to copy to memcpy
0269  * @src: netlink attribute to copy from
0270  * @count: size of the destination area
0271  *
0272  * Note: The number of bytes copied is limited by the length of
0273  *       attribute's payload. memcpy
0274  *
0275  * Returns the number of bytes copied.
0276  */
0277 int nla_memcpy(void *dest, const struct nlattr *src, int count)
0278 {
0279     int minlen = min_t(int, count, nla_len(src));
0280 
0281     memcpy(dest, nla_data(src), minlen);
0282     if (count > minlen)
0283         memset(dest + minlen, 0, count - minlen);
0284 
0285     return minlen;
0286 }
0287 EXPORT_SYMBOL(nla_memcpy);
0288 
0289 /**
0290  * nla_memcmp - Compare an attribute with sized memory area
0291  * @nla: netlink attribute
0292  * @data: memory area
0293  * @size: size of memory area
0294  */
0295 int nla_memcmp(const struct nlattr *nla, const void *data,
0296                  size_t size)
0297 {
0298     int d = nla_len(nla) - size;
0299 
0300     if (d == 0)
0301         d = memcmp(nla_data(nla), data, size);
0302 
0303     return d;
0304 }
0305 EXPORT_SYMBOL(nla_memcmp);
0306 
0307 /**
0308  * nla_strcmp - Compare a string attribute against a string
0309  * @nla: netlink string attribute
0310  * @str: another string
0311  */
0312 int nla_strcmp(const struct nlattr *nla, const char *str)
0313 {
0314     int len = strlen(str);
0315     char *buf = nla_data(nla);
0316     int attrlen = nla_len(nla);
0317     int d;
0318 
0319     if (attrlen > 0 && buf[attrlen - 1] == '\0')
0320         attrlen--;
0321 
0322     d = attrlen - len;
0323     if (d == 0)
0324         d = memcmp(nla_data(nla), str, len);
0325 
0326     return d;
0327 }
0328 EXPORT_SYMBOL(nla_strcmp);
0329 
0330 #ifdef CONFIG_NET
0331 /**
0332  * __nla_reserve - reserve room for attribute on the skb
0333  * @skb: socket buffer to reserve room on
0334  * @attrtype: attribute type
0335  * @attrlen: length of attribute payload
0336  *
0337  * Adds a netlink attribute header to a socket buffer and reserves
0338  * room for the payload but does not copy it.
0339  *
0340  * The caller is responsible to ensure that the skb provides enough
0341  * tailroom for the attribute header and payload.
0342  */
0343 struct nlattr *__nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
0344 {
0345     struct nlattr *nla;
0346 
0347     nla = (struct nlattr *) skb_put(skb, nla_total_size(attrlen));
0348     nla->nla_type = attrtype;
0349     nla->nla_len = nla_attr_size(attrlen);
0350 
0351     memset((unsigned char *) nla + nla->nla_len, 0, nla_padlen(attrlen));
0352 
0353     return nla;
0354 }
0355 EXPORT_SYMBOL(__nla_reserve);
0356 
0357 /**
0358  * __nla_reserve_64bit - reserve room for attribute on the skb and align it
0359  * @skb: socket buffer to reserve room on
0360  * @attrtype: attribute type
0361  * @attrlen: length of attribute payload
0362  * @padattr: attribute type for the padding
0363  *
0364  * Adds a netlink attribute header to a socket buffer and reserves
0365  * room for the payload but does not copy it. It also ensure that this
0366  * attribute will have a 64-bit aligned nla_data() area.
0367  *
0368  * The caller is responsible to ensure that the skb provides enough
0369  * tailroom for the attribute header and payload.
0370  */
0371 struct nlattr *__nla_reserve_64bit(struct sk_buff *skb, int attrtype,
0372                    int attrlen, int padattr)
0373 {
0374     if (nla_need_padding_for_64bit(skb))
0375         nla_align_64bit(skb, padattr);
0376 
0377     return __nla_reserve(skb, attrtype, attrlen);
0378 }
0379 EXPORT_SYMBOL(__nla_reserve_64bit);
0380 
0381 /**
0382  * __nla_reserve_nohdr - reserve room for attribute without header
0383  * @skb: socket buffer to reserve room on
0384  * @attrlen: length of attribute payload
0385  *
0386  * Reserves room for attribute payload without a header.
0387  *
0388  * The caller is responsible to ensure that the skb provides enough
0389  * tailroom for the payload.
0390  */
0391 void *__nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
0392 {
0393     void *start;
0394 
0395     start = skb_put(skb, NLA_ALIGN(attrlen));
0396     memset(start, 0, NLA_ALIGN(attrlen));
0397 
0398     return start;
0399 }
0400 EXPORT_SYMBOL(__nla_reserve_nohdr);
0401 
0402 /**
0403  * nla_reserve - reserve room for attribute on the skb
0404  * @skb: socket buffer to reserve room on
0405  * @attrtype: attribute type
0406  * @attrlen: length of attribute payload
0407  *
0408  * Adds a netlink attribute header to a socket buffer and reserves
0409  * room for the payload but does not copy it.
0410  *
0411  * Returns NULL if the tailroom of the skb is insufficient to store
0412  * the attribute header and payload.
0413  */
0414 struct nlattr *nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
0415 {
0416     if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
0417         return NULL;
0418 
0419     return __nla_reserve(skb, attrtype, attrlen);
0420 }
0421 EXPORT_SYMBOL(nla_reserve);
0422 
0423 /**
0424  * nla_reserve_64bit - reserve room for attribute on the skb and align it
0425  * @skb: socket buffer to reserve room on
0426  * @attrtype: attribute type
0427  * @attrlen: length of attribute payload
0428  * @padattr: attribute type for the padding
0429  *
0430  * Adds a netlink attribute header to a socket buffer and reserves
0431  * room for the payload but does not copy it. It also ensure that this
0432  * attribute will have a 64-bit aligned nla_data() area.
0433  *
0434  * Returns NULL if the tailroom of the skb is insufficient to store
0435  * the attribute header and payload.
0436  */
0437 struct nlattr *nla_reserve_64bit(struct sk_buff *skb, int attrtype, int attrlen,
0438                  int padattr)
0439 {
0440     size_t len;
0441 
0442     if (nla_need_padding_for_64bit(skb))
0443         len = nla_total_size_64bit(attrlen);
0444     else
0445         len = nla_total_size(attrlen);
0446     if (unlikely(skb_tailroom(skb) < len))
0447         return NULL;
0448 
0449     return __nla_reserve_64bit(skb, attrtype, attrlen, padattr);
0450 }
0451 EXPORT_SYMBOL(nla_reserve_64bit);
0452 
0453 /**
0454  * nla_reserve_nohdr - reserve room for attribute without header
0455  * @skb: socket buffer to reserve room on
0456  * @attrlen: length of attribute payload
0457  *
0458  * Reserves room for attribute payload without a header.
0459  *
0460  * Returns NULL if the tailroom of the skb is insufficient to store
0461  * the attribute payload.
0462  */
0463 void *nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
0464 {
0465     if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
0466         return NULL;
0467 
0468     return __nla_reserve_nohdr(skb, attrlen);
0469 }
0470 EXPORT_SYMBOL(nla_reserve_nohdr);
0471 
0472 /**
0473  * __nla_put - Add a netlink attribute to a socket buffer
0474  * @skb: socket buffer to add attribute to
0475  * @attrtype: attribute type
0476  * @attrlen: length of attribute payload
0477  * @data: head of attribute payload
0478  *
0479  * The caller is responsible to ensure that the skb provides enough
0480  * tailroom for the attribute header and payload.
0481  */
0482 void __nla_put(struct sk_buff *skb, int attrtype, int attrlen,
0483                  const void *data)
0484 {
0485     struct nlattr *nla;
0486 
0487     nla = __nla_reserve(skb, attrtype, attrlen);
0488     memcpy(nla_data(nla), data, attrlen);
0489 }
0490 EXPORT_SYMBOL(__nla_put);
0491 
0492 /**
0493  * __nla_put_64bit - Add a netlink attribute to a socket buffer and align it
0494  * @skb: socket buffer to add attribute to
0495  * @attrtype: attribute type
0496  * @attrlen: length of attribute payload
0497  * @data: head of attribute payload
0498  * @padattr: attribute type for the padding
0499  *
0500  * The caller is responsible to ensure that the skb provides enough
0501  * tailroom for the attribute header and payload.
0502  */
0503 void __nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen,
0504              const void *data, int padattr)
0505 {
0506     struct nlattr *nla;
0507 
0508     nla = __nla_reserve_64bit(skb, attrtype, attrlen, padattr);
0509     memcpy(nla_data(nla), data, attrlen);
0510 }
0511 EXPORT_SYMBOL(__nla_put_64bit);
0512 
0513 /**
0514  * __nla_put_nohdr - Add a netlink attribute without header
0515  * @skb: socket buffer to add attribute to
0516  * @attrlen: length of attribute payload
0517  * @data: head of attribute payload
0518  *
0519  * The caller is responsible to ensure that the skb provides enough
0520  * tailroom for the attribute payload.
0521  */
0522 void __nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
0523 {
0524     void *start;
0525 
0526     start = __nla_reserve_nohdr(skb, attrlen);
0527     memcpy(start, data, attrlen);
0528 }
0529 EXPORT_SYMBOL(__nla_put_nohdr);
0530 
0531 /**
0532  * nla_put - Add a netlink attribute to a socket buffer
0533  * @skb: socket buffer to add attribute to
0534  * @attrtype: attribute type
0535  * @attrlen: length of attribute payload
0536  * @data: head of attribute payload
0537  *
0538  * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
0539  * the attribute header and payload.
0540  */
0541 int nla_put(struct sk_buff *skb, int attrtype, int attrlen, const void *data)
0542 {
0543     if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
0544         return -EMSGSIZE;
0545 
0546     __nla_put(skb, attrtype, attrlen, data);
0547     return 0;
0548 }
0549 EXPORT_SYMBOL(nla_put);
0550 
0551 /**
0552  * nla_put_64bit - Add a netlink attribute to a socket buffer and align it
0553  * @skb: socket buffer to add attribute to
0554  * @attrtype: attribute type
0555  * @attrlen: length of attribute payload
0556  * @data: head of attribute payload
0557  * @padattr: attribute type for the padding
0558  *
0559  * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
0560  * the attribute header and payload.
0561  */
0562 int nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen,
0563           const void *data, int padattr)
0564 {
0565     size_t len;
0566 
0567     if (nla_need_padding_for_64bit(skb))
0568         len = nla_total_size_64bit(attrlen);
0569     else
0570         len = nla_total_size(attrlen);
0571     if (unlikely(skb_tailroom(skb) < len))
0572         return -EMSGSIZE;
0573 
0574     __nla_put_64bit(skb, attrtype, attrlen, data, padattr);
0575     return 0;
0576 }
0577 EXPORT_SYMBOL(nla_put_64bit);
0578 
0579 /**
0580  * nla_put_nohdr - Add a netlink attribute without header
0581  * @skb: socket buffer to add attribute to
0582  * @attrlen: length of attribute payload
0583  * @data: head of attribute payload
0584  *
0585  * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
0586  * the attribute payload.
0587  */
0588 int nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
0589 {
0590     if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
0591         return -EMSGSIZE;
0592 
0593     __nla_put_nohdr(skb, attrlen, data);
0594     return 0;
0595 }
0596 EXPORT_SYMBOL(nla_put_nohdr);
0597 
0598 /**
0599  * nla_append - Add a netlink attribute without header or padding
0600  * @skb: socket buffer to add attribute to
0601  * @attrlen: length of attribute payload
0602  * @data: head of attribute payload
0603  *
0604  * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
0605  * the attribute payload.
0606  */
0607 int nla_append(struct sk_buff *skb, int attrlen, const void *data)
0608 {
0609     if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
0610         return -EMSGSIZE;
0611 
0612     memcpy(skb_put(skb, attrlen), data, attrlen);
0613     return 0;
0614 }
0615 EXPORT_SYMBOL(nla_append);
0616 #endif