nlattr.c 28 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169
  1. // SPDX-License-Identifier: GPL-2.0
  2. /*
  3. * NETLINK Netlink attributes
  4. *
  5. * Authors: Thomas Graf <tgraf@suug.ch>
  6. * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
  7. */
  8. #include <linux/export.h>
  9. #include <linux/kernel.h>
  10. #include <linux/errno.h>
  11. #include <linux/jiffies.h>
  12. #include <linux/nospec.h>
  13. #include <linux/skbuff.h>
  14. #include <linux/string.h>
  15. #include <linux/types.h>
  16. #include <net/netlink.h>
  17. /* For these data types, attribute length should be exactly the given
  18. * size. However, to maintain compatibility with broken commands, if the
  19. * attribute length does not match the expected size a warning is emitted
  20. * to the user that the command is sending invalid data and needs to be fixed.
  21. */
  22. static const u8 nla_attr_len[NLA_TYPE_MAX+1] = {
  23. [NLA_U8] = sizeof(u8),
  24. [NLA_U16] = sizeof(u16),
  25. [NLA_U32] = sizeof(u32),
  26. [NLA_U64] = sizeof(u64),
  27. [NLA_S8] = sizeof(s8),
  28. [NLA_S16] = sizeof(s16),
  29. [NLA_S32] = sizeof(s32),
  30. [NLA_S64] = sizeof(s64),
  31. [NLA_BE16] = sizeof(__be16),
  32. [NLA_BE32] = sizeof(__be32),
  33. };
  34. static const u8 nla_attr_minlen[NLA_TYPE_MAX+1] = {
  35. [NLA_U8] = sizeof(u8),
  36. [NLA_U16] = sizeof(u16),
  37. [NLA_U32] = sizeof(u32),
  38. [NLA_U64] = sizeof(u64),
  39. [NLA_MSECS] = sizeof(u64),
  40. [NLA_NESTED] = NLA_HDRLEN,
  41. [NLA_S8] = sizeof(s8),
  42. [NLA_S16] = sizeof(s16),
  43. [NLA_S32] = sizeof(s32),
  44. [NLA_S64] = sizeof(s64),
  45. [NLA_BE16] = sizeof(__be16),
  46. [NLA_BE32] = sizeof(__be32),
  47. };
  48. /*
  49. * Nested policies might refer back to the original
  50. * policy in some cases, and userspace could try to
  51. * abuse that and recurse by nesting in the right
  52. * ways. Limit recursion to avoid this problem.
  53. */
  54. #define MAX_POLICY_RECURSION_DEPTH 10
  55. static int __nla_validate_parse(const struct nlattr *head, int len, int maxtype,
  56. const struct nla_policy *policy,
  57. unsigned int validate,
  58. struct netlink_ext_ack *extack,
  59. struct nlattr **tb, unsigned int depth);
  60. static int validate_nla_bitfield32(const struct nlattr *nla,
  61. const u32 valid_flags_mask)
  62. {
  63. const struct nla_bitfield32 *bf = nla_data(nla);
  64. if (!valid_flags_mask)
  65. return -EINVAL;
  66. /*disallow invalid bit selector */
  67. if (bf->selector & ~valid_flags_mask)
  68. return -EINVAL;
  69. /*disallow invalid bit values */
  70. if (bf->value & ~valid_flags_mask)
  71. return -EINVAL;
  72. /*disallow valid bit values that are not selected*/
  73. if (bf->value & ~bf->selector)
  74. return -EINVAL;
  75. return 0;
  76. }
  77. static int nla_validate_array(const struct nlattr *head, int len, int maxtype,
  78. const struct nla_policy *policy,
  79. struct netlink_ext_ack *extack,
  80. unsigned int validate, unsigned int depth)
  81. {
  82. const struct nlattr *entry;
  83. int rem;
  84. nla_for_each_attr(entry, head, len, rem) {
  85. int ret;
  86. if (nla_len(entry) == 0)
  87. continue;
  88. if (nla_len(entry) < NLA_HDRLEN) {
  89. NL_SET_ERR_MSG_ATTR_POL(extack, entry, policy,
  90. "Array element too short");
  91. return -ERANGE;
  92. }
  93. ret = __nla_validate_parse(nla_data(entry), nla_len(entry),
  94. maxtype, policy, validate, extack,
  95. NULL, depth + 1);
  96. if (ret < 0)
  97. return ret;
  98. }
  99. return 0;
  100. }
  101. void nla_get_range_unsigned(const struct nla_policy *pt,
  102. struct netlink_range_validation *range)
  103. {
  104. WARN_ON_ONCE(pt->validation_type != NLA_VALIDATE_RANGE_PTR &&
  105. (pt->min < 0 || pt->max < 0));
  106. range->min = 0;
  107. switch (pt->type) {
  108. case NLA_U8:
  109. range->max = U8_MAX;
  110. break;
  111. case NLA_U16:
  112. case NLA_BE16:
  113. case NLA_BINARY:
  114. range->max = U16_MAX;
  115. break;
  116. case NLA_U32:
  117. case NLA_BE32:
  118. range->max = U32_MAX;
  119. break;
  120. case NLA_U64:
  121. case NLA_UINT:
  122. case NLA_MSECS:
  123. range->max = U64_MAX;
  124. break;
  125. default:
  126. WARN_ON_ONCE(1);
  127. return;
  128. }
  129. switch (pt->validation_type) {
  130. case NLA_VALIDATE_RANGE:
  131. case NLA_VALIDATE_RANGE_WARN_TOO_LONG:
  132. range->min = pt->min;
  133. range->max = pt->max;
  134. break;
  135. case NLA_VALIDATE_RANGE_PTR:
  136. *range = *pt->range;
  137. break;
  138. case NLA_VALIDATE_MIN:
  139. range->min = pt->min;
  140. break;
  141. case NLA_VALIDATE_MAX:
  142. range->max = pt->max;
  143. break;
  144. default:
  145. break;
  146. }
  147. }
  148. static int nla_validate_range_unsigned(const struct nla_policy *pt,
  149. const struct nlattr *nla,
  150. struct netlink_ext_ack *extack,
  151. unsigned int validate)
  152. {
  153. struct netlink_range_validation range;
  154. u64 value;
  155. switch (pt->type) {
  156. case NLA_U8:
  157. value = nla_get_u8(nla);
  158. break;
  159. case NLA_U16:
  160. value = nla_get_u16(nla);
  161. break;
  162. case NLA_U32:
  163. value = nla_get_u32(nla);
  164. break;
  165. case NLA_U64:
  166. value = nla_get_u64(nla);
  167. break;
  168. case NLA_UINT:
  169. value = nla_get_uint(nla);
  170. break;
  171. case NLA_MSECS:
  172. value = nla_get_u64(nla);
  173. break;
  174. case NLA_BINARY:
  175. value = nla_len(nla);
  176. break;
  177. case NLA_BE16:
  178. value = ntohs(nla_get_be16(nla));
  179. break;
  180. case NLA_BE32:
  181. value = ntohl(nla_get_be32(nla));
  182. break;
  183. default:
  184. return -EINVAL;
  185. }
  186. nla_get_range_unsigned(pt, &range);
  187. if (pt->validation_type == NLA_VALIDATE_RANGE_WARN_TOO_LONG &&
  188. pt->type == NLA_BINARY && value > range.max) {
  189. pr_warn_ratelimited("netlink: '%s': attribute type %d has an invalid length.\n",
  190. current->comm, pt->type);
  191. if (validate & NL_VALIDATE_STRICT_ATTRS) {
  192. NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
  193. "invalid attribute length");
  194. return -EINVAL;
  195. }
  196. /* this assumes min <= max (don't validate against min) */
  197. return 0;
  198. }
  199. if (value < range.min || value > range.max) {
  200. bool binary = pt->type == NLA_BINARY;
  201. if (binary)
  202. NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
  203. "binary attribute size out of range");
  204. else
  205. NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
  206. "integer out of range");
  207. return -ERANGE;
  208. }
  209. return 0;
  210. }
  211. void nla_get_range_signed(const struct nla_policy *pt,
  212. struct netlink_range_validation_signed *range)
  213. {
  214. switch (pt->type) {
  215. case NLA_S8:
  216. range->min = S8_MIN;
  217. range->max = S8_MAX;
  218. break;
  219. case NLA_S16:
  220. range->min = S16_MIN;
  221. range->max = S16_MAX;
  222. break;
  223. case NLA_S32:
  224. range->min = S32_MIN;
  225. range->max = S32_MAX;
  226. break;
  227. case NLA_S64:
  228. case NLA_SINT:
  229. range->min = S64_MIN;
  230. range->max = S64_MAX;
  231. break;
  232. default:
  233. WARN_ON_ONCE(1);
  234. return;
  235. }
  236. switch (pt->validation_type) {
  237. case NLA_VALIDATE_RANGE:
  238. range->min = pt->min;
  239. range->max = pt->max;
  240. break;
  241. case NLA_VALIDATE_RANGE_PTR:
  242. *range = *pt->range_signed;
  243. break;
  244. case NLA_VALIDATE_MIN:
  245. range->min = pt->min;
  246. break;
  247. case NLA_VALIDATE_MAX:
  248. range->max = pt->max;
  249. break;
  250. default:
  251. break;
  252. }
  253. }
  254. static int nla_validate_int_range_signed(const struct nla_policy *pt,
  255. const struct nlattr *nla,
  256. struct netlink_ext_ack *extack)
  257. {
  258. struct netlink_range_validation_signed range;
  259. s64 value;
  260. switch (pt->type) {
  261. case NLA_S8:
  262. value = nla_get_s8(nla);
  263. break;
  264. case NLA_S16:
  265. value = nla_get_s16(nla);
  266. break;
  267. case NLA_S32:
  268. value = nla_get_s32(nla);
  269. break;
  270. case NLA_S64:
  271. value = nla_get_s64(nla);
  272. break;
  273. case NLA_SINT:
  274. value = nla_get_sint(nla);
  275. break;
  276. default:
  277. return -EINVAL;
  278. }
  279. nla_get_range_signed(pt, &range);
  280. if (value < range.min || value > range.max) {
  281. NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
  282. "integer out of range");
  283. return -ERANGE;
  284. }
  285. return 0;
  286. }
  287. static int nla_validate_int_range(const struct nla_policy *pt,
  288. const struct nlattr *nla,
  289. struct netlink_ext_ack *extack,
  290. unsigned int validate)
  291. {
  292. switch (pt->type) {
  293. case NLA_U8:
  294. case NLA_U16:
  295. case NLA_U32:
  296. case NLA_U64:
  297. case NLA_UINT:
  298. case NLA_MSECS:
  299. case NLA_BINARY:
  300. case NLA_BE16:
  301. case NLA_BE32:
  302. return nla_validate_range_unsigned(pt, nla, extack, validate);
  303. case NLA_S8:
  304. case NLA_S16:
  305. case NLA_S32:
  306. case NLA_S64:
  307. case NLA_SINT:
  308. return nla_validate_int_range_signed(pt, nla, extack);
  309. default:
  310. WARN_ON(1);
  311. return -EINVAL;
  312. }
  313. }
  314. static int nla_validate_mask(const struct nla_policy *pt,
  315. const struct nlattr *nla,
  316. struct netlink_ext_ack *extack)
  317. {
  318. u64 value;
  319. switch (pt->type) {
  320. case NLA_U8:
  321. value = nla_get_u8(nla);
  322. break;
  323. case NLA_U16:
  324. value = nla_get_u16(nla);
  325. break;
  326. case NLA_U32:
  327. value = nla_get_u32(nla);
  328. break;
  329. case NLA_U64:
  330. value = nla_get_u64(nla);
  331. break;
  332. case NLA_UINT:
  333. value = nla_get_uint(nla);
  334. break;
  335. case NLA_BE16:
  336. value = ntohs(nla_get_be16(nla));
  337. break;
  338. case NLA_BE32:
  339. value = ntohl(nla_get_be32(nla));
  340. break;
  341. default:
  342. return -EINVAL;
  343. }
  344. if (value & ~(u64)pt->mask) {
  345. NL_SET_ERR_MSG_ATTR(extack, nla, "reserved bit set");
  346. return -EINVAL;
  347. }
  348. return 0;
  349. }
  350. static int validate_nla(const struct nlattr *nla, int maxtype,
  351. const struct nla_policy *policy, unsigned int validate,
  352. struct netlink_ext_ack *extack, unsigned int depth)
  353. {
  354. u16 strict_start_type = policy[0].strict_start_type;
  355. const struct nla_policy *pt;
  356. int minlen = 0, attrlen = nla_len(nla), type = nla_type(nla);
  357. int err = -ERANGE;
  358. if (strict_start_type && type >= strict_start_type)
  359. validate |= NL_VALIDATE_STRICT;
  360. if (type <= 0 || type > maxtype)
  361. return 0;
  362. type = array_index_nospec(type, maxtype + 1);
  363. pt = &policy[type];
  364. BUG_ON(pt->type > NLA_TYPE_MAX);
  365. if (nla_attr_len[pt->type] && attrlen != nla_attr_len[pt->type]) {
  366. pr_warn_ratelimited("netlink: '%s': attribute type %d has an invalid length.\n",
  367. current->comm, type);
  368. if (validate & NL_VALIDATE_STRICT_ATTRS) {
  369. NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
  370. "invalid attribute length");
  371. return -EINVAL;
  372. }
  373. }
  374. if (validate & NL_VALIDATE_NESTED) {
  375. if ((pt->type == NLA_NESTED || pt->type == NLA_NESTED_ARRAY) &&
  376. !(nla->nla_type & NLA_F_NESTED)) {
  377. NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
  378. "NLA_F_NESTED is missing");
  379. return -EINVAL;
  380. }
  381. if (pt->type != NLA_NESTED && pt->type != NLA_NESTED_ARRAY &&
  382. pt->type != NLA_UNSPEC && (nla->nla_type & NLA_F_NESTED)) {
  383. NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
  384. "NLA_F_NESTED not expected");
  385. return -EINVAL;
  386. }
  387. }
  388. switch (pt->type) {
  389. case NLA_REJECT:
  390. if (extack && pt->reject_message) {
  391. NL_SET_BAD_ATTR(extack, nla);
  392. extack->_msg = pt->reject_message;
  393. return -EINVAL;
  394. }
  395. err = -EINVAL;
  396. goto out_err;
  397. case NLA_FLAG:
  398. if (attrlen > 0)
  399. goto out_err;
  400. break;
  401. case NLA_SINT:
  402. case NLA_UINT:
  403. if (attrlen != sizeof(u32) && attrlen != sizeof(u64)) {
  404. NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
  405. "invalid attribute length");
  406. return -EINVAL;
  407. }
  408. break;
  409. case NLA_BITFIELD32:
  410. if (attrlen != sizeof(struct nla_bitfield32))
  411. goto out_err;
  412. err = validate_nla_bitfield32(nla, pt->bitfield32_valid);
  413. if (err)
  414. goto out_err;
  415. break;
  416. case NLA_NUL_STRING:
  417. if (pt->len)
  418. minlen = min_t(int, attrlen, pt->len + 1);
  419. else
  420. minlen = attrlen;
  421. if (!minlen || memchr(nla_data(nla), '\0', minlen) == NULL) {
  422. err = -EINVAL;
  423. goto out_err;
  424. }
  425. fallthrough;
  426. case NLA_STRING:
  427. if (attrlen < 1)
  428. goto out_err;
  429. if (pt->len) {
  430. char *buf = nla_data(nla);
  431. if (buf[attrlen - 1] == '\0')
  432. attrlen--;
  433. if (attrlen > pt->len)
  434. goto out_err;
  435. }
  436. break;
  437. case NLA_BINARY:
  438. if (pt->len && attrlen > pt->len)
  439. goto out_err;
  440. break;
  441. case NLA_NESTED:
  442. /* a nested attributes is allowed to be empty; if its not,
  443. * it must have a size of at least NLA_HDRLEN.
  444. */
  445. if (attrlen == 0)
  446. break;
  447. if (attrlen < NLA_HDRLEN)
  448. goto out_err;
  449. if (pt->nested_policy) {
  450. err = __nla_validate_parse(nla_data(nla), nla_len(nla),
  451. pt->len, pt->nested_policy,
  452. validate, extack, NULL,
  453. depth + 1);
  454. if (err < 0) {
  455. /*
  456. * return directly to preserve the inner
  457. * error message/attribute pointer
  458. */
  459. return err;
  460. }
  461. }
  462. break;
  463. case NLA_NESTED_ARRAY:
  464. /* a nested array attribute is allowed to be empty; if its not,
  465. * it must have a size of at least NLA_HDRLEN.
  466. */
  467. if (attrlen == 0)
  468. break;
  469. if (attrlen < NLA_HDRLEN)
  470. goto out_err;
  471. if (pt->nested_policy) {
  472. int err;
  473. err = nla_validate_array(nla_data(nla), nla_len(nla),
  474. pt->len, pt->nested_policy,
  475. extack, validate, depth);
  476. if (err < 0) {
  477. /*
  478. * return directly to preserve the inner
  479. * error message/attribute pointer
  480. */
  481. return err;
  482. }
  483. }
  484. break;
  485. case NLA_UNSPEC:
  486. if (validate & NL_VALIDATE_UNSPEC) {
  487. NL_SET_ERR_MSG_ATTR(extack, nla,
  488. "Unsupported attribute");
  489. return -EINVAL;
  490. }
  491. if (attrlen < pt->len)
  492. goto out_err;
  493. break;
  494. default:
  495. if (pt->len)
  496. minlen = pt->len;
  497. else
  498. minlen = nla_attr_minlen[pt->type];
  499. if (attrlen < minlen)
  500. goto out_err;
  501. }
  502. /* further validation */
  503. switch (pt->validation_type) {
  504. case NLA_VALIDATE_NONE:
  505. /* nothing to do */
  506. break;
  507. case NLA_VALIDATE_RANGE_PTR:
  508. case NLA_VALIDATE_RANGE:
  509. case NLA_VALIDATE_RANGE_WARN_TOO_LONG:
  510. case NLA_VALIDATE_MIN:
  511. case NLA_VALIDATE_MAX:
  512. err = nla_validate_int_range(pt, nla, extack, validate);
  513. if (err)
  514. return err;
  515. break;
  516. case NLA_VALIDATE_MASK:
  517. err = nla_validate_mask(pt, nla, extack);
  518. if (err)
  519. return err;
  520. break;
  521. case NLA_VALIDATE_FUNCTION:
  522. if (pt->validate) {
  523. err = pt->validate(nla, extack);
  524. if (err)
  525. return err;
  526. }
  527. break;
  528. }
  529. return 0;
  530. out_err:
  531. NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
  532. "Attribute failed policy validation");
  533. return err;
  534. }
  535. static int __nla_validate_parse(const struct nlattr *head, int len, int maxtype,
  536. const struct nla_policy *policy,
  537. unsigned int validate,
  538. struct netlink_ext_ack *extack,
  539. struct nlattr **tb, unsigned int depth)
  540. {
  541. const struct nlattr *nla;
  542. int rem;
  543. if (depth >= MAX_POLICY_RECURSION_DEPTH) {
  544. NL_SET_ERR_MSG(extack,
  545. "allowed policy recursion depth exceeded");
  546. return -EINVAL;
  547. }
  548. if (tb)
  549. memset(tb, 0, sizeof(struct nlattr *) * (maxtype + 1));
  550. nla_for_each_attr(nla, head, len, rem) {
  551. u16 type = nla_type(nla);
  552. if (type == 0 || type > maxtype) {
  553. if (validate & NL_VALIDATE_MAXTYPE) {
  554. NL_SET_ERR_MSG_ATTR(extack, nla,
  555. "Unknown attribute type");
  556. return -EINVAL;
  557. }
  558. continue;
  559. }
  560. type = array_index_nospec(type, maxtype + 1);
  561. if (policy) {
  562. int err = validate_nla(nla, maxtype, policy,
  563. validate, extack, depth);
  564. if (err < 0)
  565. return err;
  566. }
  567. if (tb)
  568. tb[type] = (struct nlattr *)nla;
  569. }
  570. if (unlikely(rem > 0)) {
  571. pr_warn_ratelimited("netlink: %d bytes leftover after parsing attributes in process `%s'.\n",
  572. rem, current->comm);
  573. NL_SET_ERR_MSG(extack, "bytes leftover after parsing attributes");
  574. if (validate & NL_VALIDATE_TRAILING)
  575. return -EINVAL;
  576. }
  577. return 0;
  578. }
  579. /**
  580. * __nla_validate - Validate a stream of attributes
  581. * @head: head of attribute stream
  582. * @len: length of attribute stream
  583. * @maxtype: maximum attribute type to be expected
  584. * @policy: validation policy
  585. * @validate: validation strictness
  586. * @extack: extended ACK report struct
  587. *
  588. * Validates all attributes in the specified attribute stream against the
  589. * specified policy. Validation depends on the validate flags passed, see
  590. * &enum netlink_validation for more details on that.
  591. * See documentation of struct nla_policy for more details.
  592. *
  593. * Returns 0 on success or a negative error code.
  594. */
  595. int __nla_validate(const struct nlattr *head, int len, int maxtype,
  596. const struct nla_policy *policy, unsigned int validate,
  597. struct netlink_ext_ack *extack)
  598. {
  599. return __nla_validate_parse(head, len, maxtype, policy, validate,
  600. extack, NULL, 0);
  601. }
  602. EXPORT_SYMBOL(__nla_validate);
  603. /**
  604. * nla_policy_len - Determine the max. length of a policy
  605. * @p: policy to use
  606. * @n: number of policies
  607. *
  608. * Determines the max. length of the policy. It is currently used
  609. * to allocated Netlink buffers roughly the size of the actual
  610. * message.
  611. *
  612. * Returns 0 on success or a negative error code.
  613. */
  614. int
  615. nla_policy_len(const struct nla_policy *p, int n)
  616. {
  617. int i, len = 0;
  618. for (i = 0; i < n; i++, p++) {
  619. if (p->len)
  620. len += nla_total_size(p->len);
  621. else if (nla_attr_len[p->type])
  622. len += nla_total_size(nla_attr_len[p->type]);
  623. else if (nla_attr_minlen[p->type])
  624. len += nla_total_size(nla_attr_minlen[p->type]);
  625. }
  626. return len;
  627. }
  628. EXPORT_SYMBOL(nla_policy_len);
  629. /**
  630. * __nla_parse - Parse a stream of attributes into a tb buffer
  631. * @tb: destination array with maxtype+1 elements
  632. * @maxtype: maximum attribute type to be expected
  633. * @head: head of attribute stream
  634. * @len: length of attribute stream
  635. * @policy: validation policy
  636. * @validate: validation strictness
  637. * @extack: extended ACK pointer
  638. *
  639. * Parses a stream of attributes and stores a pointer to each attribute in
  640. * the tb array accessible via the attribute type.
  641. * Validation is controlled by the @validate parameter.
  642. *
  643. * Returns 0 on success or a negative error code.
  644. */
  645. int __nla_parse(struct nlattr **tb, int maxtype,
  646. const struct nlattr *head, int len,
  647. const struct nla_policy *policy, unsigned int validate,
  648. struct netlink_ext_ack *extack)
  649. {
  650. return __nla_validate_parse(head, len, maxtype, policy, validate,
  651. extack, tb, 0);
  652. }
  653. EXPORT_SYMBOL(__nla_parse);
  654. /**
  655. * nla_find - Find a specific attribute in a stream of attributes
  656. * @head: head of attribute stream
  657. * @len: length of attribute stream
  658. * @attrtype: type of attribute to look for
  659. *
  660. * Returns the first attribute in the stream matching the specified type.
  661. */
  662. struct nlattr *nla_find(const struct nlattr *head, int len, int attrtype)
  663. {
  664. const struct nlattr *nla;
  665. int rem;
  666. nla_for_each_attr(nla, head, len, rem)
  667. if (nla_type(nla) == attrtype)
  668. return (struct nlattr *)nla;
  669. return NULL;
  670. }
  671. EXPORT_SYMBOL(nla_find);
  672. /**
  673. * nla_strscpy - Copy string attribute payload into a sized buffer
  674. * @dst: Where to copy the string to.
  675. * @nla: Attribute to copy the string from.
  676. * @dstsize: Size of destination buffer.
  677. *
  678. * Copies at most dstsize - 1 bytes into the destination buffer.
  679. * Unlike strscpy() the destination buffer is always padded out.
  680. *
  681. * Return:
  682. * * srclen - Returns @nla length (not including the trailing %NUL).
  683. * * -E2BIG - If @dstsize is 0 or greater than U16_MAX or @nla length greater
  684. * than @dstsize.
  685. */
  686. ssize_t nla_strscpy(char *dst, const struct nlattr *nla, size_t dstsize)
  687. {
  688. size_t srclen = nla_len(nla);
  689. char *src = nla_data(nla);
  690. ssize_t ret;
  691. size_t len;
  692. if (dstsize == 0 || WARN_ON_ONCE(dstsize > U16_MAX))
  693. return -E2BIG;
  694. if (srclen > 0 && src[srclen - 1] == '\0')
  695. srclen--;
  696. if (srclen >= dstsize) {
  697. len = dstsize - 1;
  698. ret = -E2BIG;
  699. } else {
  700. len = srclen;
  701. ret = len;
  702. }
  703. memcpy(dst, src, len);
  704. /* Zero pad end of dst. */
  705. memset(dst + len, 0, dstsize - len);
  706. return ret;
  707. }
  708. EXPORT_SYMBOL(nla_strscpy);
  709. /**
  710. * nla_strdup - Copy string attribute payload into a newly allocated buffer
  711. * @nla: attribute to copy the string from
  712. * @flags: the type of memory to allocate (see kmalloc).
  713. *
  714. * Returns a pointer to the allocated buffer or NULL on error.
  715. */
  716. char *nla_strdup(const struct nlattr *nla, gfp_t flags)
  717. {
  718. size_t srclen = nla_len(nla);
  719. char *src = nla_data(nla), *dst;
  720. if (srclen > 0 && src[srclen - 1] == '\0')
  721. srclen--;
  722. dst = kmalloc(srclen + 1, flags);
  723. if (dst != NULL) {
  724. memcpy(dst, src, srclen);
  725. dst[srclen] = '\0';
  726. }
  727. return dst;
  728. }
  729. EXPORT_SYMBOL(nla_strdup);
  730. /**
  731. * nla_memcpy - Copy a netlink attribute into another memory area
  732. * @dest: where to copy to memcpy
  733. * @src: netlink attribute to copy from
  734. * @count: size of the destination area
  735. *
  736. * Note: The number of bytes copied is limited by the length of
  737. * attribute's payload. memcpy
  738. *
  739. * Returns the number of bytes copied.
  740. */
  741. int nla_memcpy(void *dest, const struct nlattr *src, int count)
  742. {
  743. int minlen = min_t(int, count, nla_len(src));
  744. memcpy(dest, nla_data(src), minlen);
  745. if (count > minlen)
  746. memset(dest + minlen, 0, count - minlen);
  747. return minlen;
  748. }
  749. EXPORT_SYMBOL(nla_memcpy);
  750. /**
  751. * nla_memcmp - Compare an attribute with sized memory area
  752. * @nla: netlink attribute
  753. * @data: memory area
  754. * @size: size of memory area
  755. */
  756. int nla_memcmp(const struct nlattr *nla, const void *data,
  757. size_t size)
  758. {
  759. int d = nla_len(nla) - size;
  760. if (d == 0)
  761. d = memcmp(nla_data(nla), data, size);
  762. return d;
  763. }
  764. EXPORT_SYMBOL(nla_memcmp);
  765. /**
  766. * nla_strcmp - Compare a string attribute against a string
  767. * @nla: netlink string attribute
  768. * @str: another string
  769. */
  770. int nla_strcmp(const struct nlattr *nla, const char *str)
  771. {
  772. int len = strlen(str);
  773. char *buf = nla_data(nla);
  774. int attrlen = nla_len(nla);
  775. int d;
  776. while (attrlen > 0 && buf[attrlen - 1] == '\0')
  777. attrlen--;
  778. d = attrlen - len;
  779. if (d == 0)
  780. d = memcmp(nla_data(nla), str, len);
  781. return d;
  782. }
  783. EXPORT_SYMBOL(nla_strcmp);
  784. #ifdef CONFIG_NET
  785. /**
  786. * __nla_reserve - reserve room for attribute on the skb
  787. * @skb: socket buffer to reserve room on
  788. * @attrtype: attribute type
  789. * @attrlen: length of attribute payload
  790. *
  791. * Adds a netlink attribute header to a socket buffer and reserves
  792. * room for the payload but does not copy it.
  793. *
  794. * The caller is responsible to ensure that the skb provides enough
  795. * tailroom for the attribute header and payload.
  796. */
  797. struct nlattr *__nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
  798. {
  799. struct nlattr *nla;
  800. nla = skb_put(skb, nla_total_size(attrlen));
  801. nla->nla_type = attrtype;
  802. nla->nla_len = nla_attr_size(attrlen);
  803. memset((unsigned char *) nla + nla->nla_len, 0, nla_padlen(attrlen));
  804. return nla;
  805. }
  806. EXPORT_SYMBOL(__nla_reserve);
  807. /**
  808. * __nla_reserve_64bit - reserve room for attribute on the skb and align it
  809. * @skb: socket buffer to reserve room on
  810. * @attrtype: attribute type
  811. * @attrlen: length of attribute payload
  812. * @padattr: attribute type for the padding
  813. *
  814. * Adds a netlink attribute header to a socket buffer and reserves
  815. * room for the payload but does not copy it. It also ensure that this
  816. * attribute will have a 64-bit aligned nla_data() area.
  817. *
  818. * The caller is responsible to ensure that the skb provides enough
  819. * tailroom for the attribute header and payload.
  820. */
  821. struct nlattr *__nla_reserve_64bit(struct sk_buff *skb, int attrtype,
  822. int attrlen, int padattr)
  823. {
  824. nla_align_64bit(skb, padattr);
  825. return __nla_reserve(skb, attrtype, attrlen);
  826. }
  827. EXPORT_SYMBOL(__nla_reserve_64bit);
  828. /**
  829. * __nla_reserve_nohdr - reserve room for attribute without header
  830. * @skb: socket buffer to reserve room on
  831. * @attrlen: length of attribute payload
  832. *
  833. * Reserves room for attribute payload without a header.
  834. *
  835. * The caller is responsible to ensure that the skb provides enough
  836. * tailroom for the payload.
  837. */
  838. void *__nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
  839. {
  840. return skb_put_zero(skb, NLA_ALIGN(attrlen));
  841. }
  842. EXPORT_SYMBOL(__nla_reserve_nohdr);
  843. /**
  844. * nla_reserve - reserve room for attribute on the skb
  845. * @skb: socket buffer to reserve room on
  846. * @attrtype: attribute type
  847. * @attrlen: length of attribute payload
  848. *
  849. * Adds a netlink attribute header to a socket buffer and reserves
  850. * room for the payload but does not copy it.
  851. *
  852. * Returns NULL if the tailroom of the skb is insufficient to store
  853. * the attribute header and payload.
  854. */
  855. struct nlattr *nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
  856. {
  857. if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
  858. return NULL;
  859. return __nla_reserve(skb, attrtype, attrlen);
  860. }
  861. EXPORT_SYMBOL(nla_reserve);
  862. /**
  863. * nla_reserve_64bit - reserve room for attribute on the skb and align it
  864. * @skb: socket buffer to reserve room on
  865. * @attrtype: attribute type
  866. * @attrlen: length of attribute payload
  867. * @padattr: attribute type for the padding
  868. *
  869. * Adds a netlink attribute header to a socket buffer and reserves
  870. * room for the payload but does not copy it. It also ensure that this
  871. * attribute will have a 64-bit aligned nla_data() area.
  872. *
  873. * Returns NULL if the tailroom of the skb is insufficient to store
  874. * the attribute header and payload.
  875. */
  876. struct nlattr *nla_reserve_64bit(struct sk_buff *skb, int attrtype, int attrlen,
  877. int padattr)
  878. {
  879. size_t len;
  880. if (nla_need_padding_for_64bit(skb))
  881. len = nla_total_size_64bit(attrlen);
  882. else
  883. len = nla_total_size(attrlen);
  884. if (unlikely(skb_tailroom(skb) < len))
  885. return NULL;
  886. return __nla_reserve_64bit(skb, attrtype, attrlen, padattr);
  887. }
  888. EXPORT_SYMBOL(nla_reserve_64bit);
  889. /**
  890. * nla_reserve_nohdr - reserve room for attribute without header
  891. * @skb: socket buffer to reserve room on
  892. * @attrlen: length of attribute payload
  893. *
  894. * Reserves room for attribute payload without a header.
  895. *
  896. * Returns NULL if the tailroom of the skb is insufficient to store
  897. * the attribute payload.
  898. */
  899. void *nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
  900. {
  901. if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
  902. return NULL;
  903. return __nla_reserve_nohdr(skb, attrlen);
  904. }
  905. EXPORT_SYMBOL(nla_reserve_nohdr);
  906. /**
  907. * __nla_put - Add a netlink attribute to a socket buffer
  908. * @skb: socket buffer to add attribute to
  909. * @attrtype: attribute type
  910. * @attrlen: length of attribute payload
  911. * @data: head of attribute payload
  912. *
  913. * The caller is responsible to ensure that the skb provides enough
  914. * tailroom for the attribute header and payload.
  915. */
  916. void __nla_put(struct sk_buff *skb, int attrtype, int attrlen,
  917. const void *data)
  918. {
  919. struct nlattr *nla;
  920. nla = __nla_reserve(skb, attrtype, attrlen);
  921. memcpy(nla_data(nla), data, attrlen);
  922. }
  923. EXPORT_SYMBOL(__nla_put);
  924. /**
  925. * __nla_put_64bit - Add a netlink attribute to a socket buffer and align it
  926. * @skb: socket buffer to add attribute to
  927. * @attrtype: attribute type
  928. * @attrlen: length of attribute payload
  929. * @data: head of attribute payload
  930. * @padattr: attribute type for the padding
  931. *
  932. * The caller is responsible to ensure that the skb provides enough
  933. * tailroom for the attribute header and payload.
  934. */
  935. void __nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen,
  936. const void *data, int padattr)
  937. {
  938. struct nlattr *nla;
  939. nla = __nla_reserve_64bit(skb, attrtype, attrlen, padattr);
  940. memcpy(nla_data(nla), data, attrlen);
  941. }
  942. EXPORT_SYMBOL(__nla_put_64bit);
  943. /**
  944. * __nla_put_nohdr - Add a netlink attribute without header
  945. * @skb: socket buffer to add attribute to
  946. * @attrlen: length of attribute payload
  947. * @data: head of attribute payload
  948. *
  949. * The caller is responsible to ensure that the skb provides enough
  950. * tailroom for the attribute payload.
  951. */
  952. void __nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
  953. {
  954. void *start;
  955. start = __nla_reserve_nohdr(skb, attrlen);
  956. memcpy(start, data, attrlen);
  957. }
  958. EXPORT_SYMBOL(__nla_put_nohdr);
  959. /**
  960. * nla_put - Add a netlink attribute to a socket buffer
  961. * @skb: socket buffer to add attribute to
  962. * @attrtype: attribute type
  963. * @attrlen: length of attribute payload
  964. * @data: head of attribute payload
  965. *
  966. * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
  967. * the attribute header and payload.
  968. */
  969. int nla_put(struct sk_buff *skb, int attrtype, int attrlen, const void *data)
  970. {
  971. if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
  972. return -EMSGSIZE;
  973. __nla_put(skb, attrtype, attrlen, data);
  974. return 0;
  975. }
  976. EXPORT_SYMBOL(nla_put);
  977. /**
  978. * nla_put_64bit - Add a netlink attribute to a socket buffer and align it
  979. * @skb: socket buffer to add attribute to
  980. * @attrtype: attribute type
  981. * @attrlen: length of attribute payload
  982. * @data: head of attribute payload
  983. * @padattr: attribute type for the padding
  984. *
  985. * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
  986. * the attribute header and payload.
  987. */
  988. int nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen,
  989. const void *data, int padattr)
  990. {
  991. size_t len;
  992. if (nla_need_padding_for_64bit(skb))
  993. len = nla_total_size_64bit(attrlen);
  994. else
  995. len = nla_total_size(attrlen);
  996. if (unlikely(skb_tailroom(skb) < len))
  997. return -EMSGSIZE;
  998. __nla_put_64bit(skb, attrtype, attrlen, data, padattr);
  999. return 0;
  1000. }
  1001. EXPORT_SYMBOL(nla_put_64bit);
  1002. /**
  1003. * nla_put_nohdr - Add a netlink attribute without header
  1004. * @skb: socket buffer to add attribute to
  1005. * @attrlen: length of attribute payload
  1006. * @data: head of attribute payload
  1007. *
  1008. * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
  1009. * the attribute payload.
  1010. */
  1011. int nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
  1012. {
  1013. if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
  1014. return -EMSGSIZE;
  1015. __nla_put_nohdr(skb, attrlen, data);
  1016. return 0;
  1017. }
  1018. EXPORT_SYMBOL(nla_put_nohdr);
  1019. /**
  1020. * nla_append - Add a netlink attribute without header or padding
  1021. * @skb: socket buffer to add attribute to
  1022. * @attrlen: length of attribute payload
  1023. * @data: head of attribute payload
  1024. *
  1025. * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
  1026. * the attribute payload.
  1027. */
  1028. int nla_append(struct sk_buff *skb, int attrlen, const void *data)
  1029. {
  1030. if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
  1031. return -EMSGSIZE;
  1032. skb_put_data(skb, data, attrlen);
  1033. return 0;
  1034. }
  1035. EXPORT_SYMBOL(nla_append);
  1036. #endif