1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * NETLINK Netlink attributes
4 *
5 * Authors: Thomas Graf <tgraf@suug.ch>
6 * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
7 */
8
9 #include <linux/export.h>
10 #include <linux/kernel.h>
11 #include <linux/errno.h>
12 #include <linux/jiffies.h>
13 #include <linux/skbuff.h>
14 #include <linux/string.h>
15 #include <linux/types.h>
16 #include <net/netlink.h>
17
18 /* For these data types, attribute length should be exactly the given
19 * size. However, to maintain compatibility with broken commands, if the
20 * attribute length does not match the expected size a warning is emitted
21 * to the user that the command is sending invalid data and needs to be fixed.
22 */
23 static const u8 nla_attr_len[NLA_TYPE_MAX+1] = {
24 [NLA_U8] = sizeof(u8),
25 [NLA_U16] = sizeof(u16),
26 [NLA_U32] = sizeof(u32),
27 [NLA_U64] = sizeof(u64),
28 [NLA_S8] = sizeof(s8),
29 [NLA_S16] = sizeof(s16),
30 [NLA_S32] = sizeof(s32),
31 [NLA_S64] = sizeof(s64),
32 };
33
34 static const u8 nla_attr_minlen[NLA_TYPE_MAX+1] = {
35 [NLA_U8] = sizeof(u8),
36 [NLA_U16] = sizeof(u16),
37 [NLA_U32] = sizeof(u32),
38 [NLA_U64] = sizeof(u64),
39 [NLA_MSECS] = sizeof(u64),
40 [NLA_NESTED] = NLA_HDRLEN,
41 [NLA_S8] = sizeof(s8),
42 [NLA_S16] = sizeof(s16),
43 [NLA_S32] = sizeof(s32),
44 [NLA_S64] = sizeof(s64),
45 };
46
47 /*
48 * Nested policies might refer back to the original
49 * policy in some cases, and userspace could try to
50 * abuse that and recurse by nesting in the right
51 * ways. Limit recursion to avoid this problem.
52 */
53 #define MAX_POLICY_RECURSION_DEPTH 10
54
55 static int __nla_validate_parse(const struct nlattr *head, int len, int maxtype,
56 const struct nla_policy *policy,
57 unsigned int validate,
58 struct netlink_ext_ack *extack,
59 struct nlattr **tb, unsigned int depth);
60
validate_nla_bitfield32(const struct nlattr * nla,const u32 valid_flags_mask)61 static int validate_nla_bitfield32(const struct nlattr *nla,
62 const u32 valid_flags_mask)
63 {
64 const struct nla_bitfield32 *bf = nla_data(nla);
65
66 if (!valid_flags_mask)
67 return -EINVAL;
68
69 /*disallow invalid bit selector */
70 if (bf->selector & ~valid_flags_mask)
71 return -EINVAL;
72
73 /*disallow invalid bit values */
74 if (bf->value & ~valid_flags_mask)
75 return -EINVAL;
76
77 /*disallow valid bit values that are not selected*/
78 if (bf->value & ~bf->selector)
79 return -EINVAL;
80
81 return 0;
82 }
83
nla_validate_array(const struct nlattr * head,int len,int maxtype,const struct nla_policy * policy,struct netlink_ext_ack * extack,unsigned int validate,unsigned int depth)84 static int nla_validate_array(const struct nlattr *head, int len, int maxtype,
85 const struct nla_policy *policy,
86 struct netlink_ext_ack *extack,
87 unsigned int validate, unsigned int depth)
88 {
89 const struct nlattr *entry;
90 int rem;
91
92 nla_for_each_attr(entry, head, len, rem) {
93 int ret;
94
95 if (nla_len(entry) == 0)
96 continue;
97
98 if (nla_len(entry) < NLA_HDRLEN) {
99 NL_SET_ERR_MSG_ATTR_POL(extack, entry, policy,
100 "Array element too short");
101 return -ERANGE;
102 }
103
104 ret = __nla_validate_parse(nla_data(entry), nla_len(entry),
105 maxtype, policy, validate, extack,
106 NULL, depth + 1);
107 if (ret < 0)
108 return ret;
109 }
110
111 return 0;
112 }
113
nla_get_range_unsigned(const struct nla_policy * pt,struct netlink_range_validation * range)114 void nla_get_range_unsigned(const struct nla_policy *pt,
115 struct netlink_range_validation *range)
116 {
117 WARN_ON_ONCE(pt->validation_type != NLA_VALIDATE_RANGE_PTR &&
118 (pt->min < 0 || pt->max < 0));
119
120 range->min = 0;
121
122 switch (pt->type) {
123 case NLA_U8:
124 range->max = U8_MAX;
125 break;
126 case NLA_U16:
127 case NLA_BE16:
128 case NLA_BINARY:
129 range->max = U16_MAX;
130 break;
131 case NLA_U32:
132 case NLA_BE32:
133 range->max = U32_MAX;
134 break;
135 case NLA_U64:
136 case NLA_MSECS:
137 range->max = U64_MAX;
138 break;
139 default:
140 WARN_ON_ONCE(1);
141 return;
142 }
143
144 switch (pt->validation_type) {
145 case NLA_VALIDATE_RANGE:
146 case NLA_VALIDATE_RANGE_WARN_TOO_LONG:
147 range->min = pt->min;
148 range->max = pt->max;
149 break;
150 case NLA_VALIDATE_RANGE_PTR:
151 *range = *pt->range;
152 break;
153 case NLA_VALIDATE_MIN:
154 range->min = pt->min;
155 break;
156 case NLA_VALIDATE_MAX:
157 range->max = pt->max;
158 break;
159 default:
160 break;
161 }
162 }
163
nla_validate_range_unsigned(const struct nla_policy * pt,const struct nlattr * nla,struct netlink_ext_ack * extack,unsigned int validate)164 static int nla_validate_range_unsigned(const struct nla_policy *pt,
165 const struct nlattr *nla,
166 struct netlink_ext_ack *extack,
167 unsigned int validate)
168 {
169 struct netlink_range_validation range;
170 u64 value;
171
172 switch (pt->type) {
173 case NLA_U8:
174 value = nla_get_u8(nla);
175 break;
176 case NLA_U16:
177 value = nla_get_u16(nla);
178 break;
179 case NLA_U32:
180 value = nla_get_u32(nla);
181 break;
182 case NLA_U64:
183 value = nla_get_u64(nla);
184 break;
185 case NLA_MSECS:
186 value = nla_get_u64(nla);
187 break;
188 case NLA_BINARY:
189 value = nla_len(nla);
190 break;
191 case NLA_BE16:
192 value = ntohs(nla_get_be16(nla));
193 break;
194 case NLA_BE32:
195 value = ntohl(nla_get_be32(nla));
196 break;
197 default:
198 return -EINVAL;
199 }
200
201 nla_get_range_unsigned(pt, &range);
202
203 if (pt->validation_type == NLA_VALIDATE_RANGE_WARN_TOO_LONG &&
204 pt->type == NLA_BINARY && value > range.max) {
205 pr_warn_ratelimited("netlink: '%s': attribute type %d has an invalid length.\n",
206 current->comm, pt->type);
207 if (validate & NL_VALIDATE_STRICT_ATTRS) {
208 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
209 "invalid attribute length");
210 return -EINVAL;
211 }
212
213 /* this assumes min <= max (don't validate against min) */
214 return 0;
215 }
216
217 if (value < range.min || value > range.max) {
218 bool binary = pt->type == NLA_BINARY;
219
220 if (binary)
221 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
222 "binary attribute size out of range");
223 else
224 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
225 "integer out of range");
226
227 return -ERANGE;
228 }
229
230 return 0;
231 }
232
nla_get_range_signed(const struct nla_policy * pt,struct netlink_range_validation_signed * range)233 void nla_get_range_signed(const struct nla_policy *pt,
234 struct netlink_range_validation_signed *range)
235 {
236 switch (pt->type) {
237 case NLA_S8:
238 range->min = S8_MIN;
239 range->max = S8_MAX;
240 break;
241 case NLA_S16:
242 range->min = S16_MIN;
243 range->max = S16_MAX;
244 break;
245 case NLA_S32:
246 range->min = S32_MIN;
247 range->max = S32_MAX;
248 break;
249 case NLA_S64:
250 range->min = S64_MIN;
251 range->max = S64_MAX;
252 break;
253 default:
254 WARN_ON_ONCE(1);
255 return;
256 }
257
258 switch (pt->validation_type) {
259 case NLA_VALIDATE_RANGE:
260 range->min = pt->min;
261 range->max = pt->max;
262 break;
263 case NLA_VALIDATE_RANGE_PTR:
264 *range = *pt->range_signed;
265 break;
266 case NLA_VALIDATE_MIN:
267 range->min = pt->min;
268 break;
269 case NLA_VALIDATE_MAX:
270 range->max = pt->max;
271 break;
272 default:
273 break;
274 }
275 }
276
nla_validate_int_range_signed(const struct nla_policy * pt,const struct nlattr * nla,struct netlink_ext_ack * extack)277 static int nla_validate_int_range_signed(const struct nla_policy *pt,
278 const struct nlattr *nla,
279 struct netlink_ext_ack *extack)
280 {
281 struct netlink_range_validation_signed range;
282 s64 value;
283
284 switch (pt->type) {
285 case NLA_S8:
286 value = nla_get_s8(nla);
287 break;
288 case NLA_S16:
289 value = nla_get_s16(nla);
290 break;
291 case NLA_S32:
292 value = nla_get_s32(nla);
293 break;
294 case NLA_S64:
295 value = nla_get_s64(nla);
296 break;
297 default:
298 return -EINVAL;
299 }
300
301 nla_get_range_signed(pt, &range);
302
303 if (value < range.min || value > range.max) {
304 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
305 "integer out of range");
306 return -ERANGE;
307 }
308
309 return 0;
310 }
311
nla_validate_int_range(const struct nla_policy * pt,const struct nlattr * nla,struct netlink_ext_ack * extack,unsigned int validate)312 static int nla_validate_int_range(const struct nla_policy *pt,
313 const struct nlattr *nla,
314 struct netlink_ext_ack *extack,
315 unsigned int validate)
316 {
317 switch (pt->type) {
318 case NLA_U8:
319 case NLA_U16:
320 case NLA_U32:
321 case NLA_U64:
322 case NLA_MSECS:
323 case NLA_BINARY:
324 case NLA_BE16:
325 case NLA_BE32:
326 return nla_validate_range_unsigned(pt, nla, extack, validate);
327 case NLA_S8:
328 case NLA_S16:
329 case NLA_S32:
330 case NLA_S64:
331 return nla_validate_int_range_signed(pt, nla, extack);
332 default:
333 WARN_ON(1);
334 return -EINVAL;
335 }
336 }
337
nla_validate_mask(const struct nla_policy * pt,const struct nlattr * nla,struct netlink_ext_ack * extack)338 static int nla_validate_mask(const struct nla_policy *pt,
339 const struct nlattr *nla,
340 struct netlink_ext_ack *extack)
341 {
342 u64 value;
343
344 switch (pt->type) {
345 case NLA_U8:
346 value = nla_get_u8(nla);
347 break;
348 case NLA_U16:
349 value = nla_get_u16(nla);
350 break;
351 case NLA_U32:
352 value = nla_get_u32(nla);
353 break;
354 case NLA_U64:
355 value = nla_get_u64(nla);
356 break;
357 default:
358 return -EINVAL;
359 }
360
361 if (value & ~(u64)pt->mask) {
362 NL_SET_ERR_MSG_ATTR(extack, nla, "reserved bit set");
363 return -EINVAL;
364 }
365
366 return 0;
367 }
368
validate_nla(const struct nlattr * nla,int maxtype,const struct nla_policy * policy,unsigned int validate,struct netlink_ext_ack * extack,unsigned int depth)369 static int validate_nla(const struct nlattr *nla, int maxtype,
370 const struct nla_policy *policy, unsigned int validate,
371 struct netlink_ext_ack *extack, unsigned int depth)
372 {
373 u16 strict_start_type = policy[0].strict_start_type;
374 const struct nla_policy *pt;
375 int minlen = 0, attrlen = nla_len(nla), type = nla_type(nla);
376 int err = -ERANGE;
377
378 if (strict_start_type && type >= strict_start_type)
379 validate |= NL_VALIDATE_STRICT;
380
381 if (type <= 0 || type > maxtype)
382 return 0;
383
384 pt = &policy[type];
385
386 BUG_ON(pt->type > NLA_TYPE_MAX);
387
388 if (nla_attr_len[pt->type] && attrlen != nla_attr_len[pt->type]) {
389 pr_warn_ratelimited("netlink: '%s': attribute type %d has an invalid length.\n",
390 current->comm, type);
391 if (validate & NL_VALIDATE_STRICT_ATTRS) {
392 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
393 "invalid attribute length");
394 return -EINVAL;
395 }
396 }
397
398 if (validate & NL_VALIDATE_NESTED) {
399 if ((pt->type == NLA_NESTED || pt->type == NLA_NESTED_ARRAY) &&
400 !(nla->nla_type & NLA_F_NESTED)) {
401 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
402 "NLA_F_NESTED is missing");
403 return -EINVAL;
404 }
405 if (pt->type != NLA_NESTED && pt->type != NLA_NESTED_ARRAY &&
406 pt->type != NLA_UNSPEC && (nla->nla_type & NLA_F_NESTED)) {
407 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
408 "NLA_F_NESTED not expected");
409 return -EINVAL;
410 }
411 }
412
413 switch (pt->type) {
414 case NLA_REJECT:
415 if (extack && pt->reject_message) {
416 NL_SET_BAD_ATTR(extack, nla);
417 extack->_msg = pt->reject_message;
418 return -EINVAL;
419 }
420 err = -EINVAL;
421 goto out_err;
422
423 case NLA_FLAG:
424 if (attrlen > 0)
425 goto out_err;
426 break;
427
428 case NLA_BITFIELD32:
429 if (attrlen != sizeof(struct nla_bitfield32))
430 goto out_err;
431
432 err = validate_nla_bitfield32(nla, pt->bitfield32_valid);
433 if (err)
434 goto out_err;
435 break;
436
437 case NLA_NUL_STRING:
438 if (pt->len)
439 minlen = min_t(int, attrlen, pt->len + 1);
440 else
441 minlen = attrlen;
442
443 if (!minlen || memchr(nla_data(nla), '\0', minlen) == NULL) {
444 err = -EINVAL;
445 goto out_err;
446 }
447 fallthrough;
448
449 case NLA_STRING:
450 if (attrlen < 1)
451 goto out_err;
452
453 if (pt->len) {
454 char *buf = nla_data(nla);
455
456 if (buf[attrlen - 1] == '\0')
457 attrlen--;
458
459 if (attrlen > pt->len)
460 goto out_err;
461 }
462 break;
463
464 case NLA_BINARY:
465 if (pt->len && attrlen > pt->len)
466 goto out_err;
467 break;
468
469 case NLA_NESTED:
470 /* a nested attributes is allowed to be empty; if its not,
471 * it must have a size of at least NLA_HDRLEN.
472 */
473 if (attrlen == 0)
474 break;
475 if (attrlen < NLA_HDRLEN)
476 goto out_err;
477 if (pt->nested_policy) {
478 err = __nla_validate_parse(nla_data(nla), nla_len(nla),
479 pt->len, pt->nested_policy,
480 validate, extack, NULL,
481 depth + 1);
482 if (err < 0) {
483 /*
484 * return directly to preserve the inner
485 * error message/attribute pointer
486 */
487 return err;
488 }
489 }
490 break;
491 case NLA_NESTED_ARRAY:
492 /* a nested array attribute is allowed to be empty; if its not,
493 * it must have a size of at least NLA_HDRLEN.
494 */
495 if (attrlen == 0)
496 break;
497 if (attrlen < NLA_HDRLEN)
498 goto out_err;
499 if (pt->nested_policy) {
500 int err;
501
502 err = nla_validate_array(nla_data(nla), nla_len(nla),
503 pt->len, pt->nested_policy,
504 extack, validate, depth);
505 if (err < 0) {
506 /*
507 * return directly to preserve the inner
508 * error message/attribute pointer
509 */
510 return err;
511 }
512 }
513 break;
514
515 case NLA_UNSPEC:
516 if (validate & NL_VALIDATE_UNSPEC) {
517 NL_SET_ERR_MSG_ATTR(extack, nla,
518 "Unsupported attribute");
519 return -EINVAL;
520 }
521 if (attrlen < pt->len)
522 goto out_err;
523 break;
524
525 default:
526 if (pt->len)
527 minlen = pt->len;
528 else
529 minlen = nla_attr_minlen[pt->type];
530
531 if (attrlen < minlen)
532 goto out_err;
533 }
534
535 /* further validation */
536 switch (pt->validation_type) {
537 case NLA_VALIDATE_NONE:
538 /* nothing to do */
539 break;
540 case NLA_VALIDATE_RANGE_PTR:
541 case NLA_VALIDATE_RANGE:
542 case NLA_VALIDATE_RANGE_WARN_TOO_LONG:
543 case NLA_VALIDATE_MIN:
544 case NLA_VALIDATE_MAX:
545 err = nla_validate_int_range(pt, nla, extack, validate);
546 if (err)
547 return err;
548 break;
549 case NLA_VALIDATE_MASK:
550 err = nla_validate_mask(pt, nla, extack);
551 if (err)
552 return err;
553 break;
554 case NLA_VALIDATE_FUNCTION:
555 if (pt->validate) {
556 err = pt->validate(nla, extack);
557 if (err)
558 return err;
559 }
560 break;
561 }
562
563 return 0;
564 out_err:
565 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
566 "Attribute failed policy validation");
567 return err;
568 }
569
__nla_validate_parse(const struct nlattr * head,int len,int maxtype,const struct nla_policy * policy,unsigned int validate,struct netlink_ext_ack * extack,struct nlattr ** tb,unsigned int depth)570 static int __nla_validate_parse(const struct nlattr *head, int len, int maxtype,
571 const struct nla_policy *policy,
572 unsigned int validate,
573 struct netlink_ext_ack *extack,
574 struct nlattr **tb, unsigned int depth)
575 {
576 const struct nlattr *nla;
577 int rem;
578
579 if (depth >= MAX_POLICY_RECURSION_DEPTH) {
580 NL_SET_ERR_MSG(extack,
581 "allowed policy recursion depth exceeded");
582 return -EINVAL;
583 }
584
585 if (tb)
586 memset(tb, 0, sizeof(struct nlattr *) * (maxtype + 1));
587
588 nla_for_each_attr(nla, head, len, rem) {
589 u16 type = nla_type(nla);
590
591 if (type == 0 || type > maxtype) {
592 if (validate & NL_VALIDATE_MAXTYPE) {
593 NL_SET_ERR_MSG_ATTR(extack, nla,
594 "Unknown attribute type");
595 return -EINVAL;
596 }
597 continue;
598 }
599 if (policy) {
600 int err = validate_nla(nla, maxtype, policy,
601 validate, extack, depth);
602
603 if (err < 0)
604 return err;
605 }
606
607 if (tb)
608 tb[type] = (struct nlattr *)nla;
609 }
610
611 if (unlikely(rem > 0)) {
612 pr_warn_ratelimited("netlink: %d bytes leftover after parsing attributes in process `%s'.\n",
613 rem, current->comm);
614 NL_SET_ERR_MSG(extack, "bytes leftover after parsing attributes");
615 if (validate & NL_VALIDATE_TRAILING)
616 return -EINVAL;
617 }
618
619 return 0;
620 }
621
622 /**
623 * __nla_validate - Validate a stream of attributes
624 * @head: head of attribute stream
625 * @len: length of attribute stream
626 * @maxtype: maximum attribute type to be expected
627 * @policy: validation policy
628 * @validate: validation strictness
629 * @extack: extended ACK report struct
630 *
631 * Validates all attributes in the specified attribute stream against the
632 * specified policy. Validation depends on the validate flags passed, see
633 * &enum netlink_validation for more details on that.
634 * See documentation of struct nla_policy for more details.
635 *
636 * Returns 0 on success or a negative error code.
637 */
__nla_validate(const struct nlattr * head,int len,int maxtype,const struct nla_policy * policy,unsigned int validate,struct netlink_ext_ack * extack)638 int __nla_validate(const struct nlattr *head, int len, int maxtype,
639 const struct nla_policy *policy, unsigned int validate,
640 struct netlink_ext_ack *extack)
641 {
642 return __nla_validate_parse(head, len, maxtype, policy, validate,
643 extack, NULL, 0);
644 }
645 EXPORT_SYMBOL(__nla_validate);
646
647 /**
648 * nla_policy_len - Determine the max. length of a policy
649 * @policy: policy to use
650 * @n: number of policies
651 *
652 * Determines the max. length of the policy. It is currently used
653 * to allocated Netlink buffers roughly the size of the actual
654 * message.
655 *
656 * Returns 0 on success or a negative error code.
657 */
658 int
nla_policy_len(const struct nla_policy * p,int n)659 nla_policy_len(const struct nla_policy *p, int n)
660 {
661 int i, len = 0;
662
663 for (i = 0; i < n; i++, p++) {
664 if (p->len)
665 len += nla_total_size(p->len);
666 else if (nla_attr_len[p->type])
667 len += nla_total_size(nla_attr_len[p->type]);
668 else if (nla_attr_minlen[p->type])
669 len += nla_total_size(nla_attr_minlen[p->type]);
670 }
671
672 return len;
673 }
674 EXPORT_SYMBOL(nla_policy_len);
675
676 /**
677 * __nla_parse - Parse a stream of attributes into a tb buffer
678 * @tb: destination array with maxtype+1 elements
679 * @maxtype: maximum attribute type to be expected
680 * @head: head of attribute stream
681 * @len: length of attribute stream
682 * @policy: validation policy
683 * @validate: validation strictness
684 * @extack: extended ACK pointer
685 *
686 * Parses a stream of attributes and stores a pointer to each attribute in
687 * the tb array accessible via the attribute type.
688 * Validation is controlled by the @validate parameter.
689 *
690 * Returns 0 on success or a negative error code.
691 */
__nla_parse(struct nlattr ** tb,int maxtype,const struct nlattr * head,int len,const struct nla_policy * policy,unsigned int validate,struct netlink_ext_ack * extack)692 int __nla_parse(struct nlattr **tb, int maxtype,
693 const struct nlattr *head, int len,
694 const struct nla_policy *policy, unsigned int validate,
695 struct netlink_ext_ack *extack)
696 {
697 return __nla_validate_parse(head, len, maxtype, policy, validate,
698 extack, tb, 0);
699 }
700 EXPORT_SYMBOL(__nla_parse);
701
702 /**
703 * nla_find - Find a specific attribute in a stream of attributes
704 * @head: head of attribute stream
705 * @len: length of attribute stream
706 * @attrtype: type of attribute to look for
707 *
708 * Returns the first attribute in the stream matching the specified type.
709 */
nla_find(const struct nlattr * head,int len,int attrtype)710 struct nlattr *nla_find(const struct nlattr *head, int len, int attrtype)
711 {
712 const struct nlattr *nla;
713 int rem;
714
715 nla_for_each_attr(nla, head, len, rem)
716 if (nla_type(nla) == attrtype)
717 return (struct nlattr *)nla;
718
719 return NULL;
720 }
721 EXPORT_SYMBOL(nla_find);
722
723 /**
724 * nla_strscpy - Copy string attribute payload into a sized buffer
725 * @dst: Where to copy the string to.
726 * @nla: Attribute to copy the string from.
727 * @dstsize: Size of destination buffer.
728 *
729 * Copies at most dstsize - 1 bytes into the destination buffer.
730 * Unlike strlcpy the destination buffer is always padded out.
731 *
732 * Return:
733 * * srclen - Returns @nla length (not including the trailing %NUL).
734 * * -E2BIG - If @dstsize is 0 or greater than U16_MAX or @nla length greater
735 * than @dstsize.
736 */
nla_strscpy(char * dst,const struct nlattr * nla,size_t dstsize)737 ssize_t nla_strscpy(char *dst, const struct nlattr *nla, size_t dstsize)
738 {
739 size_t srclen = nla_len(nla);
740 char *src = nla_data(nla);
741 ssize_t ret;
742 size_t len;
743
744 if (dstsize == 0 || WARN_ON_ONCE(dstsize > U16_MAX))
745 return -E2BIG;
746
747 if (srclen > 0 && src[srclen - 1] == '\0')
748 srclen--;
749
750 if (srclen >= dstsize) {
751 len = dstsize - 1;
752 ret = -E2BIG;
753 } else {
754 len = srclen;
755 ret = len;
756 }
757
758 memcpy(dst, src, len);
759 /* Zero pad end of dst. */
760 memset(dst + len, 0, dstsize - len);
761
762 return ret;
763 }
764 EXPORT_SYMBOL(nla_strscpy);
765
766 /**
767 * nla_strdup - Copy string attribute payload into a newly allocated buffer
768 * @nla: attribute to copy the string from
769 * @flags: the type of memory to allocate (see kmalloc).
770 *
771 * Returns a pointer to the allocated buffer or NULL on error.
772 */
nla_strdup(const struct nlattr * nla,gfp_t flags)773 char *nla_strdup(const struct nlattr *nla, gfp_t flags)
774 {
775 size_t srclen = nla_len(nla);
776 char *src = nla_data(nla), *dst;
777
778 if (srclen > 0 && src[srclen - 1] == '\0')
779 srclen--;
780
781 dst = kmalloc(srclen + 1, flags);
782 if (dst != NULL) {
783 memcpy(dst, src, srclen);
784 dst[srclen] = '\0';
785 }
786 return dst;
787 }
788 EXPORT_SYMBOL(nla_strdup);
789
790 /**
791 * nla_memcpy - Copy a netlink attribute into another memory area
792 * @dest: where to copy to memcpy
793 * @src: netlink attribute to copy from
794 * @count: size of the destination area
795 *
796 * Note: The number of bytes copied is limited by the length of
797 * attribute's payload. memcpy
798 *
799 * Returns the number of bytes copied.
800 */
nla_memcpy(void * dest,const struct nlattr * src,int count)801 int nla_memcpy(void *dest, const struct nlattr *src, int count)
802 {
803 int minlen = min_t(int, count, nla_len(src));
804
805 memcpy(dest, nla_data(src), minlen);
806 if (count > minlen)
807 memset(dest + minlen, 0, count - minlen);
808
809 return minlen;
810 }
811 EXPORT_SYMBOL(nla_memcpy);
812
813 /**
814 * nla_memcmp - Compare an attribute with sized memory area
815 * @nla: netlink attribute
816 * @data: memory area
817 * @size: size of memory area
818 */
nla_memcmp(const struct nlattr * nla,const void * data,size_t size)819 int nla_memcmp(const struct nlattr *nla, const void *data,
820 size_t size)
821 {
822 int d = nla_len(nla) - size;
823
824 if (d == 0)
825 d = memcmp(nla_data(nla), data, size);
826
827 return d;
828 }
829 EXPORT_SYMBOL(nla_memcmp);
830
831 /**
832 * nla_strcmp - Compare a string attribute against a string
833 * @nla: netlink string attribute
834 * @str: another string
835 */
nla_strcmp(const struct nlattr * nla,const char * str)836 int nla_strcmp(const struct nlattr *nla, const char *str)
837 {
838 int len = strlen(str);
839 char *buf = nla_data(nla);
840 int attrlen = nla_len(nla);
841 int d;
842
843 while (attrlen > 0 && buf[attrlen - 1] == '\0')
844 attrlen--;
845
846 d = attrlen - len;
847 if (d == 0)
848 d = memcmp(nla_data(nla), str, len);
849
850 return d;
851 }
852 EXPORT_SYMBOL(nla_strcmp);
853
854 #ifdef CONFIG_NET
855 /**
856 * __nla_reserve - reserve room for attribute on the skb
857 * @skb: socket buffer to reserve room on
858 * @attrtype: attribute type
859 * @attrlen: length of attribute payload
860 *
861 * Adds a netlink attribute header to a socket buffer and reserves
862 * room for the payload but does not copy it.
863 *
864 * The caller is responsible to ensure that the skb provides enough
865 * tailroom for the attribute header and payload.
866 */
__nla_reserve(struct sk_buff * skb,int attrtype,int attrlen)867 struct nlattr *__nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
868 {
869 struct nlattr *nla;
870
871 nla = skb_put(skb, nla_total_size(attrlen));
872 nla->nla_type = attrtype;
873 nla->nla_len = nla_attr_size(attrlen);
874
875 memset((unsigned char *) nla + nla->nla_len, 0, nla_padlen(attrlen));
876
877 return nla;
878 }
879 EXPORT_SYMBOL(__nla_reserve);
880
881 /**
882 * __nla_reserve_64bit - reserve room for attribute on the skb and align it
883 * @skb: socket buffer to reserve room on
884 * @attrtype: attribute type
885 * @attrlen: length of attribute payload
886 * @padattr: attribute type for the padding
887 *
888 * Adds a netlink attribute header to a socket buffer and reserves
889 * room for the payload but does not copy it. It also ensure that this
890 * attribute will have a 64-bit aligned nla_data() area.
891 *
892 * The caller is responsible to ensure that the skb provides enough
893 * tailroom for the attribute header and payload.
894 */
__nla_reserve_64bit(struct sk_buff * skb,int attrtype,int attrlen,int padattr)895 struct nlattr *__nla_reserve_64bit(struct sk_buff *skb, int attrtype,
896 int attrlen, int padattr)
897 {
898 nla_align_64bit(skb, padattr);
899
900 return __nla_reserve(skb, attrtype, attrlen);
901 }
902 EXPORT_SYMBOL(__nla_reserve_64bit);
903
904 /**
905 * __nla_reserve_nohdr - reserve room for attribute without header
906 * @skb: socket buffer to reserve room on
907 * @attrlen: length of attribute payload
908 *
909 * Reserves room for attribute payload without a header.
910 *
911 * The caller is responsible to ensure that the skb provides enough
912 * tailroom for the payload.
913 */
__nla_reserve_nohdr(struct sk_buff * skb,int attrlen)914 void *__nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
915 {
916 return skb_put_zero(skb, NLA_ALIGN(attrlen));
917 }
918 EXPORT_SYMBOL(__nla_reserve_nohdr);
919
920 /**
921 * nla_reserve - reserve room for attribute on the skb
922 * @skb: socket buffer to reserve room on
923 * @attrtype: attribute type
924 * @attrlen: length of attribute payload
925 *
926 * Adds a netlink attribute header to a socket buffer and reserves
927 * room for the payload but does not copy it.
928 *
929 * Returns NULL if the tailroom of the skb is insufficient to store
930 * the attribute header and payload.
931 */
nla_reserve(struct sk_buff * skb,int attrtype,int attrlen)932 struct nlattr *nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
933 {
934 if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
935 return NULL;
936
937 return __nla_reserve(skb, attrtype, attrlen);
938 }
939 EXPORT_SYMBOL(nla_reserve);
940
941 /**
942 * nla_reserve_64bit - reserve room for attribute on the skb and align it
943 * @skb: socket buffer to reserve room on
944 * @attrtype: attribute type
945 * @attrlen: length of attribute payload
946 * @padattr: attribute type for the padding
947 *
948 * Adds a netlink attribute header to a socket buffer and reserves
949 * room for the payload but does not copy it. It also ensure that this
950 * attribute will have a 64-bit aligned nla_data() area.
951 *
952 * Returns NULL if the tailroom of the skb is insufficient to store
953 * the attribute header and payload.
954 */
nla_reserve_64bit(struct sk_buff * skb,int attrtype,int attrlen,int padattr)955 struct nlattr *nla_reserve_64bit(struct sk_buff *skb, int attrtype, int attrlen,
956 int padattr)
957 {
958 size_t len;
959
960 if (nla_need_padding_for_64bit(skb))
961 len = nla_total_size_64bit(attrlen);
962 else
963 len = nla_total_size(attrlen);
964 if (unlikely(skb_tailroom(skb) < len))
965 return NULL;
966
967 return __nla_reserve_64bit(skb, attrtype, attrlen, padattr);
968 }
969 EXPORT_SYMBOL(nla_reserve_64bit);
970
971 /**
972 * nla_reserve_nohdr - reserve room for attribute without header
973 * @skb: socket buffer to reserve room on
974 * @attrlen: length of attribute payload
975 *
976 * Reserves room for attribute payload without a header.
977 *
978 * Returns NULL if the tailroom of the skb is insufficient to store
979 * the attribute payload.
980 */
nla_reserve_nohdr(struct sk_buff * skb,int attrlen)981 void *nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
982 {
983 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
984 return NULL;
985
986 return __nla_reserve_nohdr(skb, attrlen);
987 }
988 EXPORT_SYMBOL(nla_reserve_nohdr);
989
990 /**
991 * __nla_put - Add a netlink attribute to a socket buffer
992 * @skb: socket buffer to add attribute to
993 * @attrtype: attribute type
994 * @attrlen: length of attribute payload
995 * @data: head of attribute payload
996 *
997 * The caller is responsible to ensure that the skb provides enough
998 * tailroom for the attribute header and payload.
999 */
__nla_put(struct sk_buff * skb,int attrtype,int attrlen,const void * data)1000 void __nla_put(struct sk_buff *skb, int attrtype, int attrlen,
1001 const void *data)
1002 {
1003 struct nlattr *nla;
1004
1005 nla = __nla_reserve(skb, attrtype, attrlen);
1006 memcpy(nla_data(nla), data, attrlen);
1007 }
1008 EXPORT_SYMBOL(__nla_put);
1009
1010 /**
1011 * __nla_put_64bit - Add a netlink attribute to a socket buffer and align it
1012 * @skb: socket buffer to add attribute to
1013 * @attrtype: attribute type
1014 * @attrlen: length of attribute payload
1015 * @data: head of attribute payload
1016 * @padattr: attribute type for the padding
1017 *
1018 * The caller is responsible to ensure that the skb provides enough
1019 * tailroom for the attribute header and payload.
1020 */
__nla_put_64bit(struct sk_buff * skb,int attrtype,int attrlen,const void * data,int padattr)1021 void __nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen,
1022 const void *data, int padattr)
1023 {
1024 struct nlattr *nla;
1025
1026 nla = __nla_reserve_64bit(skb, attrtype, attrlen, padattr);
1027 memcpy(nla_data(nla), data, attrlen);
1028 }
1029 EXPORT_SYMBOL(__nla_put_64bit);
1030
1031 /**
1032 * __nla_put_nohdr - Add a netlink attribute without header
1033 * @skb: socket buffer to add attribute to
1034 * @attrlen: length of attribute payload
1035 * @data: head of attribute payload
1036 *
1037 * The caller is responsible to ensure that the skb provides enough
1038 * tailroom for the attribute payload.
1039 */
__nla_put_nohdr(struct sk_buff * skb,int attrlen,const void * data)1040 void __nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
1041 {
1042 void *start;
1043
1044 start = __nla_reserve_nohdr(skb, attrlen);
1045 memcpy(start, data, attrlen);
1046 }
1047 EXPORT_SYMBOL(__nla_put_nohdr);
1048
1049 /**
1050 * nla_put - Add a netlink attribute to a socket buffer
1051 * @skb: socket buffer to add attribute to
1052 * @attrtype: attribute type
1053 * @attrlen: length of attribute payload
1054 * @data: head of attribute payload
1055 *
1056 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1057 * the attribute header and payload.
1058 */
nla_put(struct sk_buff * skb,int attrtype,int attrlen,const void * data)1059 int nla_put(struct sk_buff *skb, int attrtype, int attrlen, const void *data)
1060 {
1061 if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
1062 return -EMSGSIZE;
1063
1064 __nla_put(skb, attrtype, attrlen, data);
1065 return 0;
1066 }
1067 EXPORT_SYMBOL(nla_put);
1068
1069 /**
1070 * nla_put_64bit - Add a netlink attribute to a socket buffer and align it
1071 * @skb: socket buffer to add attribute to
1072 * @attrtype: attribute type
1073 * @attrlen: length of attribute payload
1074 * @data: head of attribute payload
1075 * @padattr: attribute type for the padding
1076 *
1077 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1078 * the attribute header and payload.
1079 */
nla_put_64bit(struct sk_buff * skb,int attrtype,int attrlen,const void * data,int padattr)1080 int nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen,
1081 const void *data, int padattr)
1082 {
1083 size_t len;
1084
1085 if (nla_need_padding_for_64bit(skb))
1086 len = nla_total_size_64bit(attrlen);
1087 else
1088 len = nla_total_size(attrlen);
1089 if (unlikely(skb_tailroom(skb) < len))
1090 return -EMSGSIZE;
1091
1092 __nla_put_64bit(skb, attrtype, attrlen, data, padattr);
1093 return 0;
1094 }
1095 EXPORT_SYMBOL(nla_put_64bit);
1096
1097 /**
1098 * nla_put_nohdr - Add a netlink attribute without header
1099 * @skb: socket buffer to add attribute to
1100 * @attrlen: length of attribute payload
1101 * @data: head of attribute payload
1102 *
1103 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1104 * the attribute payload.
1105 */
nla_put_nohdr(struct sk_buff * skb,int attrlen,const void * data)1106 int nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
1107 {
1108 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
1109 return -EMSGSIZE;
1110
1111 __nla_put_nohdr(skb, attrlen, data);
1112 return 0;
1113 }
1114 EXPORT_SYMBOL(nla_put_nohdr);
1115
1116 /**
1117 * nla_append - Add a netlink attribute without header or padding
1118 * @skb: socket buffer to add attribute to
1119 * @attrlen: length of attribute payload
1120 * @data: head of attribute payload
1121 *
1122 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1123 * the attribute payload.
1124 */
nla_append(struct sk_buff * skb,int attrlen,const void * data)1125 int nla_append(struct sk_buff *skb, int attrlen, const void *data)
1126 {
1127 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
1128 return -EMSGSIZE;
1129
1130 skb_put_data(skb, data, attrlen);
1131 return 0;
1132 }
1133 EXPORT_SYMBOL(nla_append);
1134 #endif
1135
