1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * NETLINK      Netlink attributes
4  *
5  * 		Authors:	Thomas Graf <tgraf@suug.ch>
6  * 				Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
7  */
8 
9 #include <linux/export.h>
10 #include <linux/kernel.h>
11 #include <linux/errno.h>
12 #include <linux/jiffies.h>
13 #include <linux/skbuff.h>
14 #include <linux/string.h>
15 #include <linux/types.h>
16 #include <net/netlink.h>
17 
18 /* For these data types, attribute length should be exactly the given
19  * size. However, to maintain compatibility with broken commands, if the
20  * attribute length does not match the expected size a warning is emitted
21  * to the user that the command is sending invalid data and needs to be fixed.
22  */
23 static const u8 nla_attr_len[NLA_TYPE_MAX+1] = {
24 	[NLA_U8]	= sizeof(u8),
25 	[NLA_U16]	= sizeof(u16),
26 	[NLA_U32]	= sizeof(u32),
27 	[NLA_U64]	= sizeof(u64),
28 	[NLA_S8]	= sizeof(s8),
29 	[NLA_S16]	= sizeof(s16),
30 	[NLA_S32]	= sizeof(s32),
31 	[NLA_S64]	= sizeof(s64),
32 };
33 
34 static const u8 nla_attr_minlen[NLA_TYPE_MAX+1] = {
35 	[NLA_U8]	= sizeof(u8),
36 	[NLA_U16]	= sizeof(u16),
37 	[NLA_U32]	= sizeof(u32),
38 	[NLA_U64]	= sizeof(u64),
39 	[NLA_MSECS]	= sizeof(u64),
40 	[NLA_NESTED]	= NLA_HDRLEN,
41 	[NLA_S8]	= sizeof(s8),
42 	[NLA_S16]	= sizeof(s16),
43 	[NLA_S32]	= sizeof(s32),
44 	[NLA_S64]	= sizeof(s64),
45 };
46 
47 /*
48  * Nested policies might refer back to the original
49  * policy in some cases, and userspace could try to
50  * abuse that and recurse by nesting in the right
51  * ways. Limit recursion to avoid this problem.
52  */
53 #define MAX_POLICY_RECURSION_DEPTH	10
54 
55 static int __nla_validate_parse(const struct nlattr *head, int len, int maxtype,
56 				const struct nla_policy *policy,
57 				unsigned int validate,
58 				struct netlink_ext_ack *extack,
59 				struct nlattr **tb, unsigned int depth);
60 
validate_nla_bitfield32(const struct nlattr * nla,const u32 valid_flags_mask)61 static int validate_nla_bitfield32(const struct nlattr *nla,
62 				   const u32 valid_flags_mask)
63 {
64 	const struct nla_bitfield32 *bf = nla_data(nla);
65 
66 	if (!valid_flags_mask)
67 		return -EINVAL;
68 
69 	/*disallow invalid bit selector */
70 	if (bf->selector & ~valid_flags_mask)
71 		return -EINVAL;
72 
73 	/*disallow invalid bit values */
74 	if (bf->value & ~valid_flags_mask)
75 		return -EINVAL;
76 
77 	/*disallow valid bit values that are not selected*/
78 	if (bf->value & ~bf->selector)
79 		return -EINVAL;
80 
81 	return 0;
82 }
83 
nla_validate_array(const struct nlattr * head,int len,int maxtype,const struct nla_policy * policy,struct netlink_ext_ack * extack,unsigned int validate,unsigned int depth)84 static int nla_validate_array(const struct nlattr *head, int len, int maxtype,
85 			      const struct nla_policy *policy,
86 			      struct netlink_ext_ack *extack,
87 			      unsigned int validate, unsigned int depth)
88 {
89 	const struct nlattr *entry;
90 	int rem;
91 
92 	nla_for_each_attr(entry, head, len, rem) {
93 		int ret;
94 
95 		if (nla_len(entry) == 0)
96 			continue;
97 
98 		if (nla_len(entry) < NLA_HDRLEN) {
99 			NL_SET_ERR_MSG_ATTR_POL(extack, entry, policy,
100 						"Array element too short");
101 			return -ERANGE;
102 		}
103 
104 		ret = __nla_validate_parse(nla_data(entry), nla_len(entry),
105 					   maxtype, policy, validate, extack,
106 					   NULL, depth + 1);
107 		if (ret < 0)
108 			return ret;
109 	}
110 
111 	return 0;
112 }
113 
nla_get_range_unsigned(const struct nla_policy * pt,struct netlink_range_validation * range)114 void nla_get_range_unsigned(const struct nla_policy *pt,
115 			    struct netlink_range_validation *range)
116 {
117 	WARN_ON_ONCE(pt->validation_type != NLA_VALIDATE_RANGE_PTR &&
118 		     (pt->min < 0 || pt->max < 0));
119 
120 	range->min = 0;
121 
122 	switch (pt->type) {
123 	case NLA_U8:
124 		range->max = U8_MAX;
125 		break;
126 	case NLA_U16:
127 	case NLA_BE16:
128 	case NLA_BINARY:
129 		range->max = U16_MAX;
130 		break;
131 	case NLA_U32:
132 	case NLA_BE32:
133 		range->max = U32_MAX;
134 		break;
135 	case NLA_U64:
136 	case NLA_MSECS:
137 		range->max = U64_MAX;
138 		break;
139 	default:
140 		WARN_ON_ONCE(1);
141 		return;
142 	}
143 
144 	switch (pt->validation_type) {
145 	case NLA_VALIDATE_RANGE:
146 	case NLA_VALIDATE_RANGE_WARN_TOO_LONG:
147 		range->min = pt->min;
148 		range->max = pt->max;
149 		break;
150 	case NLA_VALIDATE_RANGE_PTR:
151 		*range = *pt->range;
152 		break;
153 	case NLA_VALIDATE_MIN:
154 		range->min = pt->min;
155 		break;
156 	case NLA_VALIDATE_MAX:
157 		range->max = pt->max;
158 		break;
159 	default:
160 		break;
161 	}
162 }
163 
nla_validate_range_unsigned(const struct nla_policy * pt,const struct nlattr * nla,struct netlink_ext_ack * extack,unsigned int validate)164 static int nla_validate_range_unsigned(const struct nla_policy *pt,
165 				       const struct nlattr *nla,
166 				       struct netlink_ext_ack *extack,
167 				       unsigned int validate)
168 {
169 	struct netlink_range_validation range;
170 	u64 value;
171 
172 	switch (pt->type) {
173 	case NLA_U8:
174 		value = nla_get_u8(nla);
175 		break;
176 	case NLA_U16:
177 		value = nla_get_u16(nla);
178 		break;
179 	case NLA_U32:
180 		value = nla_get_u32(nla);
181 		break;
182 	case NLA_U64:
183 		value = nla_get_u64(nla);
184 		break;
185 	case NLA_MSECS:
186 		value = nla_get_u64(nla);
187 		break;
188 	case NLA_BINARY:
189 		value = nla_len(nla);
190 		break;
191 	case NLA_BE16:
192 		value = ntohs(nla_get_be16(nla));
193 		break;
194 	case NLA_BE32:
195 		value = ntohl(nla_get_be32(nla));
196 		break;
197 	default:
198 		return -EINVAL;
199 	}
200 
201 	nla_get_range_unsigned(pt, &range);
202 
203 	if (pt->validation_type == NLA_VALIDATE_RANGE_WARN_TOO_LONG &&
204 	    pt->type == NLA_BINARY && value > range.max) {
205 		pr_warn_ratelimited("netlink: '%s': attribute type %d has an invalid length.\n",
206 				    current->comm, pt->type);
207 		if (validate & NL_VALIDATE_STRICT_ATTRS) {
208 			NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
209 						"invalid attribute length");
210 			return -EINVAL;
211 		}
212 
213 		/* this assumes min <= max (don't validate against min) */
214 		return 0;
215 	}
216 
217 	if (value < range.min || value > range.max) {
218 		bool binary = pt->type == NLA_BINARY;
219 
220 		if (binary)
221 			NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
222 						"binary attribute size out of range");
223 		else
224 			NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
225 						"integer out of range");
226 
227 		return -ERANGE;
228 	}
229 
230 	return 0;
231 }
232 
nla_get_range_signed(const struct nla_policy * pt,struct netlink_range_validation_signed * range)233 void nla_get_range_signed(const struct nla_policy *pt,
234 			  struct netlink_range_validation_signed *range)
235 {
236 	switch (pt->type) {
237 	case NLA_S8:
238 		range->min = S8_MIN;
239 		range->max = S8_MAX;
240 		break;
241 	case NLA_S16:
242 		range->min = S16_MIN;
243 		range->max = S16_MAX;
244 		break;
245 	case NLA_S32:
246 		range->min = S32_MIN;
247 		range->max = S32_MAX;
248 		break;
249 	case NLA_S64:
250 		range->min = S64_MIN;
251 		range->max = S64_MAX;
252 		break;
253 	default:
254 		WARN_ON_ONCE(1);
255 		return;
256 	}
257 
258 	switch (pt->validation_type) {
259 	case NLA_VALIDATE_RANGE:
260 		range->min = pt->min;
261 		range->max = pt->max;
262 		break;
263 	case NLA_VALIDATE_RANGE_PTR:
264 		*range = *pt->range_signed;
265 		break;
266 	case NLA_VALIDATE_MIN:
267 		range->min = pt->min;
268 		break;
269 	case NLA_VALIDATE_MAX:
270 		range->max = pt->max;
271 		break;
272 	default:
273 		break;
274 	}
275 }
276 
nla_validate_int_range_signed(const struct nla_policy * pt,const struct nlattr * nla,struct netlink_ext_ack * extack)277 static int nla_validate_int_range_signed(const struct nla_policy *pt,
278 					 const struct nlattr *nla,
279 					 struct netlink_ext_ack *extack)
280 {
281 	struct netlink_range_validation_signed range;
282 	s64 value;
283 
284 	switch (pt->type) {
285 	case NLA_S8:
286 		value = nla_get_s8(nla);
287 		break;
288 	case NLA_S16:
289 		value = nla_get_s16(nla);
290 		break;
291 	case NLA_S32:
292 		value = nla_get_s32(nla);
293 		break;
294 	case NLA_S64:
295 		value = nla_get_s64(nla);
296 		break;
297 	default:
298 		return -EINVAL;
299 	}
300 
301 	nla_get_range_signed(pt, &range);
302 
303 	if (value < range.min || value > range.max) {
304 		NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
305 					"integer out of range");
306 		return -ERANGE;
307 	}
308 
309 	return 0;
310 }
311 
nla_validate_int_range(const struct nla_policy * pt,const struct nlattr * nla,struct netlink_ext_ack * extack,unsigned int validate)312 static int nla_validate_int_range(const struct nla_policy *pt,
313 				  const struct nlattr *nla,
314 				  struct netlink_ext_ack *extack,
315 				  unsigned int validate)
316 {
317 	switch (pt->type) {
318 	case NLA_U8:
319 	case NLA_U16:
320 	case NLA_U32:
321 	case NLA_U64:
322 	case NLA_MSECS:
323 	case NLA_BINARY:
324 	case NLA_BE16:
325 	case NLA_BE32:
326 		return nla_validate_range_unsigned(pt, nla, extack, validate);
327 	case NLA_S8:
328 	case NLA_S16:
329 	case NLA_S32:
330 	case NLA_S64:
331 		return nla_validate_int_range_signed(pt, nla, extack);
332 	default:
333 		WARN_ON(1);
334 		return -EINVAL;
335 	}
336 }
337 
nla_validate_mask(const struct nla_policy * pt,const struct nlattr * nla,struct netlink_ext_ack * extack)338 static int nla_validate_mask(const struct nla_policy *pt,
339 			     const struct nlattr *nla,
340 			     struct netlink_ext_ack *extack)
341 {
342 	u64 value;
343 
344 	switch (pt->type) {
345 	case NLA_U8:
346 		value = nla_get_u8(nla);
347 		break;
348 	case NLA_U16:
349 		value = nla_get_u16(nla);
350 		break;
351 	case NLA_U32:
352 		value = nla_get_u32(nla);
353 		break;
354 	case NLA_U64:
355 		value = nla_get_u64(nla);
356 		break;
357 	default:
358 		return -EINVAL;
359 	}
360 
361 	if (value & ~(u64)pt->mask) {
362 		NL_SET_ERR_MSG_ATTR(extack, nla, "reserved bit set");
363 		return -EINVAL;
364 	}
365 
366 	return 0;
367 }
368 
validate_nla(const struct nlattr * nla,int maxtype,const struct nla_policy * policy,unsigned int validate,struct netlink_ext_ack * extack,unsigned int depth)369 static int validate_nla(const struct nlattr *nla, int maxtype,
370 			const struct nla_policy *policy, unsigned int validate,
371 			struct netlink_ext_ack *extack, unsigned int depth)
372 {
373 	u16 strict_start_type = policy[0].strict_start_type;
374 	const struct nla_policy *pt;
375 	int minlen = 0, attrlen = nla_len(nla), type = nla_type(nla);
376 	int err = -ERANGE;
377 
378 	if (strict_start_type && type >= strict_start_type)
379 		validate |= NL_VALIDATE_STRICT;
380 
381 	if (type <= 0 || type > maxtype)
382 		return 0;
383 
384 	pt = &policy[type];
385 
386 	BUG_ON(pt->type > NLA_TYPE_MAX);
387 
388 	if (nla_attr_len[pt->type] && attrlen != nla_attr_len[pt->type]) {
389 		pr_warn_ratelimited("netlink: '%s': attribute type %d has an invalid length.\n",
390 				    current->comm, type);
391 		if (validate & NL_VALIDATE_STRICT_ATTRS) {
392 			NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
393 						"invalid attribute length");
394 			return -EINVAL;
395 		}
396 	}
397 
398 	if (validate & NL_VALIDATE_NESTED) {
399 		if ((pt->type == NLA_NESTED || pt->type == NLA_NESTED_ARRAY) &&
400 		    !(nla->nla_type & NLA_F_NESTED)) {
401 			NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
402 						"NLA_F_NESTED is missing");
403 			return -EINVAL;
404 		}
405 		if (pt->type != NLA_NESTED && pt->type != NLA_NESTED_ARRAY &&
406 		    pt->type != NLA_UNSPEC && (nla->nla_type & NLA_F_NESTED)) {
407 			NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
408 						"NLA_F_NESTED not expected");
409 			return -EINVAL;
410 		}
411 	}
412 
413 	switch (pt->type) {
414 	case NLA_REJECT:
415 		if (extack && pt->reject_message) {
416 			NL_SET_BAD_ATTR(extack, nla);
417 			extack->_msg = pt->reject_message;
418 			return -EINVAL;
419 		}
420 		err = -EINVAL;
421 		goto out_err;
422 
423 	case NLA_FLAG:
424 		if (attrlen > 0)
425 			goto out_err;
426 		break;
427 
428 	case NLA_BITFIELD32:
429 		if (attrlen != sizeof(struct nla_bitfield32))
430 			goto out_err;
431 
432 		err = validate_nla_bitfield32(nla, pt->bitfield32_valid);
433 		if (err)
434 			goto out_err;
435 		break;
436 
437 	case NLA_NUL_STRING:
438 		if (pt->len)
439 			minlen = min_t(int, attrlen, pt->len + 1);
440 		else
441 			minlen = attrlen;
442 
443 		if (!minlen || memchr(nla_data(nla), '\0', minlen) == NULL) {
444 			err = -EINVAL;
445 			goto out_err;
446 		}
447 		fallthrough;
448 
449 	case NLA_STRING:
450 		if (attrlen < 1)
451 			goto out_err;
452 
453 		if (pt->len) {
454 			char *buf = nla_data(nla);
455 
456 			if (buf[attrlen - 1] == '\0')
457 				attrlen--;
458 
459 			if (attrlen > pt->len)
460 				goto out_err;
461 		}
462 		break;
463 
464 	case NLA_BINARY:
465 		if (pt->len && attrlen > pt->len)
466 			goto out_err;
467 		break;
468 
469 	case NLA_NESTED:
470 		/* a nested attributes is allowed to be empty; if its not,
471 		 * it must have a size of at least NLA_HDRLEN.
472 		 */
473 		if (attrlen == 0)
474 			break;
475 		if (attrlen < NLA_HDRLEN)
476 			goto out_err;
477 		if (pt->nested_policy) {
478 			err = __nla_validate_parse(nla_data(nla), nla_len(nla),
479 						   pt->len, pt->nested_policy,
480 						   validate, extack, NULL,
481 						   depth + 1);
482 			if (err < 0) {
483 				/*
484 				 * return directly to preserve the inner
485 				 * error message/attribute pointer
486 				 */
487 				return err;
488 			}
489 		}
490 		break;
491 	case NLA_NESTED_ARRAY:
492 		/* a nested array attribute is allowed to be empty; if its not,
493 		 * it must have a size of at least NLA_HDRLEN.
494 		 */
495 		if (attrlen == 0)
496 			break;
497 		if (attrlen < NLA_HDRLEN)
498 			goto out_err;
499 		if (pt->nested_policy) {
500 			int err;
501 
502 			err = nla_validate_array(nla_data(nla), nla_len(nla),
503 						 pt->len, pt->nested_policy,
504 						 extack, validate, depth);
505 			if (err < 0) {
506 				/*
507 				 * return directly to preserve the inner
508 				 * error message/attribute pointer
509 				 */
510 				return err;
511 			}
512 		}
513 		break;
514 
515 	case NLA_UNSPEC:
516 		if (validate & NL_VALIDATE_UNSPEC) {
517 			NL_SET_ERR_MSG_ATTR(extack, nla,
518 					    "Unsupported attribute");
519 			return -EINVAL;
520 		}
521 		if (attrlen < pt->len)
522 			goto out_err;
523 		break;
524 
525 	default:
526 		if (pt->len)
527 			minlen = pt->len;
528 		else
529 			minlen = nla_attr_minlen[pt->type];
530 
531 		if (attrlen < minlen)
532 			goto out_err;
533 	}
534 
535 	/* further validation */
536 	switch (pt->validation_type) {
537 	case NLA_VALIDATE_NONE:
538 		/* nothing to do */
539 		break;
540 	case NLA_VALIDATE_RANGE_PTR:
541 	case NLA_VALIDATE_RANGE:
542 	case NLA_VALIDATE_RANGE_WARN_TOO_LONG:
543 	case NLA_VALIDATE_MIN:
544 	case NLA_VALIDATE_MAX:
545 		err = nla_validate_int_range(pt, nla, extack, validate);
546 		if (err)
547 			return err;
548 		break;
549 	case NLA_VALIDATE_MASK:
550 		err = nla_validate_mask(pt, nla, extack);
551 		if (err)
552 			return err;
553 		break;
554 	case NLA_VALIDATE_FUNCTION:
555 		if (pt->validate) {
556 			err = pt->validate(nla, extack);
557 			if (err)
558 				return err;
559 		}
560 		break;
561 	}
562 
563 	return 0;
564 out_err:
565 	NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
566 				"Attribute failed policy validation");
567 	return err;
568 }
569 
__nla_validate_parse(const struct nlattr * head,int len,int maxtype,const struct nla_policy * policy,unsigned int validate,struct netlink_ext_ack * extack,struct nlattr ** tb,unsigned int depth)570 static int __nla_validate_parse(const struct nlattr *head, int len, int maxtype,
571 				const struct nla_policy *policy,
572 				unsigned int validate,
573 				struct netlink_ext_ack *extack,
574 				struct nlattr **tb, unsigned int depth)
575 {
576 	const struct nlattr *nla;
577 	int rem;
578 
579 	if (depth >= MAX_POLICY_RECURSION_DEPTH) {
580 		NL_SET_ERR_MSG(extack,
581 			       "allowed policy recursion depth exceeded");
582 		return -EINVAL;
583 	}
584 
585 	if (tb)
586 		memset(tb, 0, sizeof(struct nlattr *) * (maxtype + 1));
587 
588 	nla_for_each_attr(nla, head, len, rem) {
589 		u16 type = nla_type(nla);
590 
591 		if (type == 0 || type > maxtype) {
592 			if (validate & NL_VALIDATE_MAXTYPE) {
593 				NL_SET_ERR_MSG_ATTR(extack, nla,
594 						    "Unknown attribute type");
595 				return -EINVAL;
596 			}
597 			continue;
598 		}
599 		if (policy) {
600 			int err = validate_nla(nla, maxtype, policy,
601 					       validate, extack, depth);
602 
603 			if (err < 0)
604 				return err;
605 		}
606 
607 		if (tb)
608 			tb[type] = (struct nlattr *)nla;
609 	}
610 
611 	if (unlikely(rem > 0)) {
612 		pr_warn_ratelimited("netlink: %d bytes leftover after parsing attributes in process `%s'.\n",
613 				    rem, current->comm);
614 		NL_SET_ERR_MSG(extack, "bytes leftover after parsing attributes");
615 		if (validate & NL_VALIDATE_TRAILING)
616 			return -EINVAL;
617 	}
618 
619 	return 0;
620 }
621 
622 /**
623  * __nla_validate - Validate a stream of attributes
624  * @head: head of attribute stream
625  * @len: length of attribute stream
626  * @maxtype: maximum attribute type to be expected
627  * @policy: validation policy
628  * @validate: validation strictness
629  * @extack: extended ACK report struct
630  *
631  * Validates all attributes in the specified attribute stream against the
632  * specified policy. Validation depends on the validate flags passed, see
633  * &enum netlink_validation for more details on that.
634  * See documentation of struct nla_policy for more details.
635  *
636  * Returns 0 on success or a negative error code.
637  */
__nla_validate(const struct nlattr * head,int len,int maxtype,const struct nla_policy * policy,unsigned int validate,struct netlink_ext_ack * extack)638 int __nla_validate(const struct nlattr *head, int len, int maxtype,
639 		   const struct nla_policy *policy, unsigned int validate,
640 		   struct netlink_ext_ack *extack)
641 {
642 	return __nla_validate_parse(head, len, maxtype, policy, validate,
643 				    extack, NULL, 0);
644 }
645 EXPORT_SYMBOL(__nla_validate);
646 
647 /**
648  * nla_policy_len - Determine the max. length of a policy
649  * @policy: policy to use
650  * @n: number of policies
651  *
652  * Determines the max. length of the policy.  It is currently used
653  * to allocated Netlink buffers roughly the size of the actual
654  * message.
655  *
656  * Returns 0 on success or a negative error code.
657  */
658 int
nla_policy_len(const struct nla_policy * p,int n)659 nla_policy_len(const struct nla_policy *p, int n)
660 {
661 	int i, len = 0;
662 
663 	for (i = 0; i < n; i++, p++) {
664 		if (p->len)
665 			len += nla_total_size(p->len);
666 		else if (nla_attr_len[p->type])
667 			len += nla_total_size(nla_attr_len[p->type]);
668 		else if (nla_attr_minlen[p->type])
669 			len += nla_total_size(nla_attr_minlen[p->type]);
670 	}
671 
672 	return len;
673 }
674 EXPORT_SYMBOL(nla_policy_len);
675 
676 /**
677  * __nla_parse - Parse a stream of attributes into a tb buffer
678  * @tb: destination array with maxtype+1 elements
679  * @maxtype: maximum attribute type to be expected
680  * @head: head of attribute stream
681  * @len: length of attribute stream
682  * @policy: validation policy
683  * @validate: validation strictness
684  * @extack: extended ACK pointer
685  *
686  * Parses a stream of attributes and stores a pointer to each attribute in
687  * the tb array accessible via the attribute type.
688  * Validation is controlled by the @validate parameter.
689  *
690  * Returns 0 on success or a negative error code.
691  */
__nla_parse(struct nlattr ** tb,int maxtype,const struct nlattr * head,int len,const struct nla_policy * policy,unsigned int validate,struct netlink_ext_ack * extack)692 int __nla_parse(struct nlattr **tb, int maxtype,
693 		const struct nlattr *head, int len,
694 		const struct nla_policy *policy, unsigned int validate,
695 		struct netlink_ext_ack *extack)
696 {
697 	return __nla_validate_parse(head, len, maxtype, policy, validate,
698 				    extack, tb, 0);
699 }
700 EXPORT_SYMBOL(__nla_parse);
701 
702 /**
703  * nla_find - Find a specific attribute in a stream of attributes
704  * @head: head of attribute stream
705  * @len: length of attribute stream
706  * @attrtype: type of attribute to look for
707  *
708  * Returns the first attribute in the stream matching the specified type.
709  */
nla_find(const struct nlattr * head,int len,int attrtype)710 struct nlattr *nla_find(const struct nlattr *head, int len, int attrtype)
711 {
712 	const struct nlattr *nla;
713 	int rem;
714 
715 	nla_for_each_attr(nla, head, len, rem)
716 		if (nla_type(nla) == attrtype)
717 			return (struct nlattr *)nla;
718 
719 	return NULL;
720 }
721 EXPORT_SYMBOL(nla_find);
722 
723 /**
724  * nla_strscpy - Copy string attribute payload into a sized buffer
725  * @dst: Where to copy the string to.
726  * @nla: Attribute to copy the string from.
727  * @dstsize: Size of destination buffer.
728  *
729  * Copies at most dstsize - 1 bytes into the destination buffer.
730  * Unlike strlcpy the destination buffer is always padded out.
731  *
732  * Return:
733  * * srclen - Returns @nla length (not including the trailing %NUL).
734  * * -E2BIG - If @dstsize is 0 or greater than U16_MAX or @nla length greater
735  *            than @dstsize.
736  */
nla_strscpy(char * dst,const struct nlattr * nla,size_t dstsize)737 ssize_t nla_strscpy(char *dst, const struct nlattr *nla, size_t dstsize)
738 {
739 	size_t srclen = nla_len(nla);
740 	char *src = nla_data(nla);
741 	ssize_t ret;
742 	size_t len;
743 
744 	if (dstsize == 0 || WARN_ON_ONCE(dstsize > U16_MAX))
745 		return -E2BIG;
746 
747 	if (srclen > 0 && src[srclen - 1] == '\0')
748 		srclen--;
749 
750 	if (srclen >= dstsize) {
751 		len = dstsize - 1;
752 		ret = -E2BIG;
753 	} else {
754 		len = srclen;
755 		ret = len;
756 	}
757 
758 	memcpy(dst, src, len);
759 	/* Zero pad end of dst. */
760 	memset(dst + len, 0, dstsize - len);
761 
762 	return ret;
763 }
764 EXPORT_SYMBOL(nla_strscpy);
765 
766 /**
767  * nla_strdup - Copy string attribute payload into a newly allocated buffer
768  * @nla: attribute to copy the string from
769  * @flags: the type of memory to allocate (see kmalloc).
770  *
771  * Returns a pointer to the allocated buffer or NULL on error.
772  */
nla_strdup(const struct nlattr * nla,gfp_t flags)773 char *nla_strdup(const struct nlattr *nla, gfp_t flags)
774 {
775 	size_t srclen = nla_len(nla);
776 	char *src = nla_data(nla), *dst;
777 
778 	if (srclen > 0 && src[srclen - 1] == '\0')
779 		srclen--;
780 
781 	dst = kmalloc(srclen + 1, flags);
782 	if (dst != NULL) {
783 		memcpy(dst, src, srclen);
784 		dst[srclen] = '\0';
785 	}
786 	return dst;
787 }
788 EXPORT_SYMBOL(nla_strdup);
789 
790 /**
791  * nla_memcpy - Copy a netlink attribute into another memory area
792  * @dest: where to copy to memcpy
793  * @src: netlink attribute to copy from
794  * @count: size of the destination area
795  *
796  * Note: The number of bytes copied is limited by the length of
797  *       attribute's payload. memcpy
798  *
799  * Returns the number of bytes copied.
800  */
nla_memcpy(void * dest,const struct nlattr * src,int count)801 int nla_memcpy(void *dest, const struct nlattr *src, int count)
802 {
803 	int minlen = min_t(int, count, nla_len(src));
804 
805 	memcpy(dest, nla_data(src), minlen);
806 	if (count > minlen)
807 		memset(dest + minlen, 0, count - minlen);
808 
809 	return minlen;
810 }
811 EXPORT_SYMBOL(nla_memcpy);
812 
813 /**
814  * nla_memcmp - Compare an attribute with sized memory area
815  * @nla: netlink attribute
816  * @data: memory area
817  * @size: size of memory area
818  */
nla_memcmp(const struct nlattr * nla,const void * data,size_t size)819 int nla_memcmp(const struct nlattr *nla, const void *data,
820 			     size_t size)
821 {
822 	int d = nla_len(nla) - size;
823 
824 	if (d == 0)
825 		d = memcmp(nla_data(nla), data, size);
826 
827 	return d;
828 }
829 EXPORT_SYMBOL(nla_memcmp);
830 
831 /**
832  * nla_strcmp - Compare a string attribute against a string
833  * @nla: netlink string attribute
834  * @str: another string
835  */
nla_strcmp(const struct nlattr * nla,const char * str)836 int nla_strcmp(const struct nlattr *nla, const char *str)
837 {
838 	int len = strlen(str);
839 	char *buf = nla_data(nla);
840 	int attrlen = nla_len(nla);
841 	int d;
842 
843 	while (attrlen > 0 && buf[attrlen - 1] == '\0')
844 		attrlen--;
845 
846 	d = attrlen - len;
847 	if (d == 0)
848 		d = memcmp(nla_data(nla), str, len);
849 
850 	return d;
851 }
852 EXPORT_SYMBOL(nla_strcmp);
853 
854 #ifdef CONFIG_NET
855 /**
856  * __nla_reserve - reserve room for attribute on the skb
857  * @skb: socket buffer to reserve room on
858  * @attrtype: attribute type
859  * @attrlen: length of attribute payload
860  *
861  * Adds a netlink attribute header to a socket buffer and reserves
862  * room for the payload but does not copy it.
863  *
864  * The caller is responsible to ensure that the skb provides enough
865  * tailroom for the attribute header and payload.
866  */
__nla_reserve(struct sk_buff * skb,int attrtype,int attrlen)867 struct nlattr *__nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
868 {
869 	struct nlattr *nla;
870 
871 	nla = skb_put(skb, nla_total_size(attrlen));
872 	nla->nla_type = attrtype;
873 	nla->nla_len = nla_attr_size(attrlen);
874 
875 	memset((unsigned char *) nla + nla->nla_len, 0, nla_padlen(attrlen));
876 
877 	return nla;
878 }
879 EXPORT_SYMBOL(__nla_reserve);
880 
881 /**
882  * __nla_reserve_64bit - reserve room for attribute on the skb and align it
883  * @skb: socket buffer to reserve room on
884  * @attrtype: attribute type
885  * @attrlen: length of attribute payload
886  * @padattr: attribute type for the padding
887  *
888  * Adds a netlink attribute header to a socket buffer and reserves
889  * room for the payload but does not copy it. It also ensure that this
890  * attribute will have a 64-bit aligned nla_data() area.
891  *
892  * The caller is responsible to ensure that the skb provides enough
893  * tailroom for the attribute header and payload.
894  */
__nla_reserve_64bit(struct sk_buff * skb,int attrtype,int attrlen,int padattr)895 struct nlattr *__nla_reserve_64bit(struct sk_buff *skb, int attrtype,
896 				   int attrlen, int padattr)
897 {
898 	nla_align_64bit(skb, padattr);
899 
900 	return __nla_reserve(skb, attrtype, attrlen);
901 }
902 EXPORT_SYMBOL(__nla_reserve_64bit);
903 
904 /**
905  * __nla_reserve_nohdr - reserve room for attribute without header
906  * @skb: socket buffer to reserve room on
907  * @attrlen: length of attribute payload
908  *
909  * Reserves room for attribute payload without a header.
910  *
911  * The caller is responsible to ensure that the skb provides enough
912  * tailroom for the payload.
913  */
__nla_reserve_nohdr(struct sk_buff * skb,int attrlen)914 void *__nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
915 {
916 	return skb_put_zero(skb, NLA_ALIGN(attrlen));
917 }
918 EXPORT_SYMBOL(__nla_reserve_nohdr);
919 
920 /**
921  * nla_reserve - reserve room for attribute on the skb
922  * @skb: socket buffer to reserve room on
923  * @attrtype: attribute type
924  * @attrlen: length of attribute payload
925  *
926  * Adds a netlink attribute header to a socket buffer and reserves
927  * room for the payload but does not copy it.
928  *
929  * Returns NULL if the tailroom of the skb is insufficient to store
930  * the attribute header and payload.
931  */
nla_reserve(struct sk_buff * skb,int attrtype,int attrlen)932 struct nlattr *nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
933 {
934 	if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
935 		return NULL;
936 
937 	return __nla_reserve(skb, attrtype, attrlen);
938 }
939 EXPORT_SYMBOL(nla_reserve);
940 
941 /**
942  * nla_reserve_64bit - reserve room for attribute on the skb and align it
943  * @skb: socket buffer to reserve room on
944  * @attrtype: attribute type
945  * @attrlen: length of attribute payload
946  * @padattr: attribute type for the padding
947  *
948  * Adds a netlink attribute header to a socket buffer and reserves
949  * room for the payload but does not copy it. It also ensure that this
950  * attribute will have a 64-bit aligned nla_data() area.
951  *
952  * Returns NULL if the tailroom of the skb is insufficient to store
953  * the attribute header and payload.
954  */
nla_reserve_64bit(struct sk_buff * skb,int attrtype,int attrlen,int padattr)955 struct nlattr *nla_reserve_64bit(struct sk_buff *skb, int attrtype, int attrlen,
956 				 int padattr)
957 {
958 	size_t len;
959 
960 	if (nla_need_padding_for_64bit(skb))
961 		len = nla_total_size_64bit(attrlen);
962 	else
963 		len = nla_total_size(attrlen);
964 	if (unlikely(skb_tailroom(skb) < len))
965 		return NULL;
966 
967 	return __nla_reserve_64bit(skb, attrtype, attrlen, padattr);
968 }
969 EXPORT_SYMBOL(nla_reserve_64bit);
970 
971 /**
972  * nla_reserve_nohdr - reserve room for attribute without header
973  * @skb: socket buffer to reserve room on
974  * @attrlen: length of attribute payload
975  *
976  * Reserves room for attribute payload without a header.
977  *
978  * Returns NULL if the tailroom of the skb is insufficient to store
979  * the attribute payload.
980  */
nla_reserve_nohdr(struct sk_buff * skb,int attrlen)981 void *nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
982 {
983 	if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
984 		return NULL;
985 
986 	return __nla_reserve_nohdr(skb, attrlen);
987 }
988 EXPORT_SYMBOL(nla_reserve_nohdr);
989 
990 /**
991  * __nla_put - Add a netlink attribute to a socket buffer
992  * @skb: socket buffer to add attribute to
993  * @attrtype: attribute type
994  * @attrlen: length of attribute payload
995  * @data: head of attribute payload
996  *
997  * The caller is responsible to ensure that the skb provides enough
998  * tailroom for the attribute header and payload.
999  */
__nla_put(struct sk_buff * skb,int attrtype,int attrlen,const void * data)1000 void __nla_put(struct sk_buff *skb, int attrtype, int attrlen,
1001 			     const void *data)
1002 {
1003 	struct nlattr *nla;
1004 
1005 	nla = __nla_reserve(skb, attrtype, attrlen);
1006 	memcpy(nla_data(nla), data, attrlen);
1007 }
1008 EXPORT_SYMBOL(__nla_put);
1009 
1010 /**
1011  * __nla_put_64bit - Add a netlink attribute to a socket buffer and align it
1012  * @skb: socket buffer to add attribute to
1013  * @attrtype: attribute type
1014  * @attrlen: length of attribute payload
1015  * @data: head of attribute payload
1016  * @padattr: attribute type for the padding
1017  *
1018  * The caller is responsible to ensure that the skb provides enough
1019  * tailroom for the attribute header and payload.
1020  */
__nla_put_64bit(struct sk_buff * skb,int attrtype,int attrlen,const void * data,int padattr)1021 void __nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen,
1022 		     const void *data, int padattr)
1023 {
1024 	struct nlattr *nla;
1025 
1026 	nla = __nla_reserve_64bit(skb, attrtype, attrlen, padattr);
1027 	memcpy(nla_data(nla), data, attrlen);
1028 }
1029 EXPORT_SYMBOL(__nla_put_64bit);
1030 
1031 /**
1032  * __nla_put_nohdr - Add a netlink attribute without header
1033  * @skb: socket buffer to add attribute to
1034  * @attrlen: length of attribute payload
1035  * @data: head of attribute payload
1036  *
1037  * The caller is responsible to ensure that the skb provides enough
1038  * tailroom for the attribute payload.
1039  */
__nla_put_nohdr(struct sk_buff * skb,int attrlen,const void * data)1040 void __nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
1041 {
1042 	void *start;
1043 
1044 	start = __nla_reserve_nohdr(skb, attrlen);
1045 	memcpy(start, data, attrlen);
1046 }
1047 EXPORT_SYMBOL(__nla_put_nohdr);
1048 
1049 /**
1050  * nla_put - Add a netlink attribute to a socket buffer
1051  * @skb: socket buffer to add attribute to
1052  * @attrtype: attribute type
1053  * @attrlen: length of attribute payload
1054  * @data: head of attribute payload
1055  *
1056  * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1057  * the attribute header and payload.
1058  */
nla_put(struct sk_buff * skb,int attrtype,int attrlen,const void * data)1059 int nla_put(struct sk_buff *skb, int attrtype, int attrlen, const void *data)
1060 {
1061 	if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
1062 		return -EMSGSIZE;
1063 
1064 	__nla_put(skb, attrtype, attrlen, data);
1065 	return 0;
1066 }
1067 EXPORT_SYMBOL(nla_put);
1068 
1069 /**
1070  * nla_put_64bit - Add a netlink attribute to a socket buffer and align it
1071  * @skb: socket buffer to add attribute to
1072  * @attrtype: attribute type
1073  * @attrlen: length of attribute payload
1074  * @data: head of attribute payload
1075  * @padattr: attribute type for the padding
1076  *
1077  * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1078  * the attribute header and payload.
1079  */
nla_put_64bit(struct sk_buff * skb,int attrtype,int attrlen,const void * data,int padattr)1080 int nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen,
1081 		  const void *data, int padattr)
1082 {
1083 	size_t len;
1084 
1085 	if (nla_need_padding_for_64bit(skb))
1086 		len = nla_total_size_64bit(attrlen);
1087 	else
1088 		len = nla_total_size(attrlen);
1089 	if (unlikely(skb_tailroom(skb) < len))
1090 		return -EMSGSIZE;
1091 
1092 	__nla_put_64bit(skb, attrtype, attrlen, data, padattr);
1093 	return 0;
1094 }
1095 EXPORT_SYMBOL(nla_put_64bit);
1096 
1097 /**
1098  * nla_put_nohdr - Add a netlink attribute without header
1099  * @skb: socket buffer to add attribute to
1100  * @attrlen: length of attribute payload
1101  * @data: head of attribute payload
1102  *
1103  * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1104  * the attribute payload.
1105  */
nla_put_nohdr(struct sk_buff * skb,int attrlen,const void * data)1106 int nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
1107 {
1108 	if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
1109 		return -EMSGSIZE;
1110 
1111 	__nla_put_nohdr(skb, attrlen, data);
1112 	return 0;
1113 }
1114 EXPORT_SYMBOL(nla_put_nohdr);
1115 
1116 /**
1117  * nla_append - Add a netlink attribute without header or padding
1118  * @skb: socket buffer to add attribute to
1119  * @attrlen: length of attribute payload
1120  * @data: head of attribute payload
1121  *
1122  * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1123  * the attribute payload.
1124  */
nla_append(struct sk_buff * skb,int attrlen,const void * data)1125 int nla_append(struct sk_buff *skb, int attrlen, const void *data)
1126 {
1127 	if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
1128 		return -EMSGSIZE;
1129 
1130 	skb_put_data(skb, data, attrlen);
1131 	return 0;
1132 }
1133 EXPORT_SYMBOL(nla_append);
1134 #endif
1135