policy.c 12 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492
  1. // SPDX-License-Identifier: GPL-2.0
  2. /*
  3. * NETLINK Policy advertisement to userspace
  4. *
  5. * Authors: Johannes Berg <johannes@sipsolutions.net>
  6. *
  7. * Copyright 2019 Intel Corporation
  8. */
  9. #include <linux/kernel.h>
  10. #include <linux/errno.h>
  11. #include <linux/types.h>
  12. #include <net/netlink.h>
  13. #define INITIAL_POLICIES_ALLOC 10
  14. struct netlink_policy_dump_state {
  15. unsigned int policy_idx;
  16. unsigned int attr_idx;
  17. unsigned int n_alloc;
  18. struct {
  19. const struct nla_policy *policy;
  20. unsigned int maxtype;
  21. } policies[] __counted_by(n_alloc);
  22. };
  23. static int add_policy(struct netlink_policy_dump_state **statep,
  24. const struct nla_policy *policy,
  25. unsigned int maxtype)
  26. {
  27. struct netlink_policy_dump_state *state = *statep;
  28. unsigned int old_n_alloc, n_alloc, i;
  29. if (!policy || !maxtype)
  30. return 0;
  31. for (i = 0; i < state->n_alloc; i++) {
  32. if (state->policies[i].policy == policy &&
  33. state->policies[i].maxtype == maxtype)
  34. return 0;
  35. if (!state->policies[i].policy) {
  36. state->policies[i].policy = policy;
  37. state->policies[i].maxtype = maxtype;
  38. return 0;
  39. }
  40. }
  41. n_alloc = state->n_alloc + INITIAL_POLICIES_ALLOC;
  42. state = krealloc(state, struct_size(state, policies, n_alloc),
  43. GFP_KERNEL);
  44. if (!state)
  45. return -ENOMEM;
  46. old_n_alloc = state->n_alloc;
  47. state->n_alloc = n_alloc;
  48. memset(&state->policies[old_n_alloc], 0,
  49. flex_array_size(state, policies, n_alloc - old_n_alloc));
  50. state->policies[old_n_alloc].policy = policy;
  51. state->policies[old_n_alloc].maxtype = maxtype;
  52. *statep = state;
  53. return 0;
  54. }
  55. /**
  56. * netlink_policy_dump_get_policy_idx - retrieve policy index
  57. * @state: the policy dump state
  58. * @policy: the policy to find
  59. * @maxtype: the policy's maxattr
  60. *
  61. * Returns: the index of the given policy in the dump state
  62. *
  63. * Call this to find a policy index when you've added multiple and e.g.
  64. * need to tell userspace which command has which policy (by index).
  65. *
  66. * Note: this will WARN and return 0 if the policy isn't found, which
  67. * means it wasn't added in the first place, which would be an
  68. * internal consistency bug.
  69. */
  70. int netlink_policy_dump_get_policy_idx(struct netlink_policy_dump_state *state,
  71. const struct nla_policy *policy,
  72. unsigned int maxtype)
  73. {
  74. unsigned int i;
  75. if (WARN_ON(!policy || !maxtype))
  76. return 0;
  77. for (i = 0; i < state->n_alloc; i++) {
  78. if (state->policies[i].policy == policy &&
  79. state->policies[i].maxtype == maxtype)
  80. return i;
  81. }
  82. WARN_ON(1);
  83. return 0;
  84. }
  85. static struct netlink_policy_dump_state *alloc_state(void)
  86. {
  87. struct netlink_policy_dump_state *state;
  88. state = kzalloc_flex(*state, policies, INITIAL_POLICIES_ALLOC);
  89. if (!state)
  90. return ERR_PTR(-ENOMEM);
  91. state->n_alloc = INITIAL_POLICIES_ALLOC;
  92. return state;
  93. }
  94. /**
  95. * netlink_policy_dump_add_policy - add a policy to the dump
  96. * @pstate: state to add to, may be reallocated, must be %NULL the first time
  97. * @policy: the new policy to add to the dump
  98. * @maxtype: the new policy's max attr type
  99. *
  100. * Returns: 0 on success, a negative error code otherwise.
  101. *
  102. * Call this to allocate a policy dump state, and to add policies to it. This
  103. * should be called from the dump start() callback.
  104. *
  105. * Note: on failures, any previously allocated state is freed.
  106. */
  107. int netlink_policy_dump_add_policy(struct netlink_policy_dump_state **pstate,
  108. const struct nla_policy *policy,
  109. unsigned int maxtype)
  110. {
  111. struct netlink_policy_dump_state *state = *pstate;
  112. unsigned int policy_idx;
  113. int err;
  114. if (!state) {
  115. state = alloc_state();
  116. if (IS_ERR(state))
  117. return PTR_ERR(state);
  118. }
  119. /*
  120. * walk the policies and nested ones first, and build
  121. * a linear list of them.
  122. */
  123. err = add_policy(&state, policy, maxtype);
  124. if (err)
  125. goto err_try_undo;
  126. for (policy_idx = 0;
  127. policy_idx < state->n_alloc && state->policies[policy_idx].policy;
  128. policy_idx++) {
  129. const struct nla_policy *policy;
  130. unsigned int type;
  131. policy = state->policies[policy_idx].policy;
  132. for (type = 0;
  133. type <= state->policies[policy_idx].maxtype;
  134. type++) {
  135. switch (policy[type].type) {
  136. case NLA_NESTED:
  137. case NLA_NESTED_ARRAY:
  138. err = add_policy(&state,
  139. policy[type].nested_policy,
  140. policy[type].len);
  141. if (err)
  142. goto err_try_undo;
  143. break;
  144. default:
  145. break;
  146. }
  147. }
  148. }
  149. *pstate = state;
  150. return 0;
  151. err_try_undo:
  152. /* Try to preserve reasonable unwind semantics - if we're starting from
  153. * scratch clean up fully, otherwise record what we got and caller will.
  154. */
  155. if (!*pstate)
  156. netlink_policy_dump_free(state);
  157. else
  158. *pstate = state;
  159. return err;
  160. }
  161. static bool
  162. netlink_policy_dump_finished(struct netlink_policy_dump_state *state)
  163. {
  164. return state->policy_idx >= state->n_alloc ||
  165. !state->policies[state->policy_idx].policy;
  166. }
  167. /**
  168. * netlink_policy_dump_loop - dumping loop indicator
  169. * @state: the policy dump state
  170. *
  171. * Returns: %true if the dump continues, %false otherwise
  172. *
  173. * Note: this frees the dump state when finishing
  174. */
  175. bool netlink_policy_dump_loop(struct netlink_policy_dump_state *state)
  176. {
  177. return !netlink_policy_dump_finished(state);
  178. }
  179. int netlink_policy_dump_attr_size_estimate(const struct nla_policy *pt)
  180. {
  181. /* nested + type */
  182. int common = 2 * nla_attr_size(sizeof(u32));
  183. switch (pt->type) {
  184. case NLA_UNSPEC:
  185. case NLA_REJECT:
  186. /* these actually don't need any space */
  187. return 0;
  188. case NLA_NESTED:
  189. case NLA_NESTED_ARRAY:
  190. /* common, policy idx, policy maxattr */
  191. return common + 2 * nla_attr_size(sizeof(u32));
  192. case NLA_U8:
  193. case NLA_U16:
  194. case NLA_U32:
  195. case NLA_U64:
  196. case NLA_MSECS:
  197. case NLA_S8:
  198. case NLA_S16:
  199. case NLA_S32:
  200. case NLA_S64:
  201. case NLA_SINT:
  202. case NLA_UINT:
  203. /* maximum is common, u64 min/max with padding */
  204. return common +
  205. 2 * (nla_attr_size(0) + nla_attr_size(sizeof(u64)));
  206. case NLA_BITFIELD32:
  207. return common + nla_attr_size(sizeof(u32));
  208. case NLA_STRING:
  209. case NLA_NUL_STRING:
  210. case NLA_BINARY:
  211. /* maximum is common, u32 min-length/max-length */
  212. return common + 2 * nla_attr_size(sizeof(u32));
  213. case NLA_FLAG:
  214. return common;
  215. }
  216. /* this should then cause a warning later */
  217. return 0;
  218. }
  219. static int
  220. __netlink_policy_dump_write_attr(struct netlink_policy_dump_state *state,
  221. struct sk_buff *skb,
  222. const struct nla_policy *pt,
  223. int nestattr)
  224. {
  225. int estimate = netlink_policy_dump_attr_size_estimate(pt);
  226. enum netlink_attribute_type type;
  227. struct nlattr *attr;
  228. attr = nla_nest_start(skb, nestattr);
  229. if (!attr)
  230. return -ENOBUFS;
  231. switch (pt->type) {
  232. default:
  233. case NLA_UNSPEC:
  234. case NLA_REJECT:
  235. /* skip - use NLA_MIN_LEN to advertise such */
  236. nla_nest_cancel(skb, attr);
  237. return -ENODATA;
  238. case NLA_NESTED:
  239. type = NL_ATTR_TYPE_NESTED;
  240. fallthrough;
  241. case NLA_NESTED_ARRAY:
  242. if (pt->type == NLA_NESTED_ARRAY)
  243. type = NL_ATTR_TYPE_NESTED_ARRAY;
  244. if (state && pt->nested_policy && pt->len &&
  245. (nla_put_u32(skb, NL_POLICY_TYPE_ATTR_POLICY_IDX,
  246. netlink_policy_dump_get_policy_idx(state,
  247. pt->nested_policy,
  248. pt->len)) ||
  249. nla_put_u32(skb, NL_POLICY_TYPE_ATTR_POLICY_MAXTYPE,
  250. pt->len)))
  251. goto nla_put_failure;
  252. break;
  253. case NLA_U8:
  254. case NLA_U16:
  255. case NLA_U32:
  256. case NLA_U64:
  257. case NLA_UINT:
  258. case NLA_MSECS: {
  259. struct netlink_range_validation range;
  260. if (pt->type == NLA_U8)
  261. type = NL_ATTR_TYPE_U8;
  262. else if (pt->type == NLA_U16)
  263. type = NL_ATTR_TYPE_U16;
  264. else if (pt->type == NLA_U32)
  265. type = NL_ATTR_TYPE_U32;
  266. else if (pt->type == NLA_U64)
  267. type = NL_ATTR_TYPE_U64;
  268. else
  269. type = NL_ATTR_TYPE_UINT;
  270. if (pt->validation_type == NLA_VALIDATE_MASK) {
  271. if (nla_put_u64_64bit(skb, NL_POLICY_TYPE_ATTR_MASK,
  272. pt->mask,
  273. NL_POLICY_TYPE_ATTR_PAD))
  274. goto nla_put_failure;
  275. break;
  276. } else if (pt->validation_type == NLA_VALIDATE_FUNCTION) {
  277. break;
  278. }
  279. nla_get_range_unsigned(pt, &range);
  280. if (nla_put_u64_64bit(skb, NL_POLICY_TYPE_ATTR_MIN_VALUE_U,
  281. range.min, NL_POLICY_TYPE_ATTR_PAD) ||
  282. nla_put_u64_64bit(skb, NL_POLICY_TYPE_ATTR_MAX_VALUE_U,
  283. range.max, NL_POLICY_TYPE_ATTR_PAD))
  284. goto nla_put_failure;
  285. break;
  286. }
  287. case NLA_S8:
  288. case NLA_S16:
  289. case NLA_S32:
  290. case NLA_S64:
  291. case NLA_SINT: {
  292. struct netlink_range_validation_signed range;
  293. if (pt->type == NLA_S8)
  294. type = NL_ATTR_TYPE_S8;
  295. else if (pt->type == NLA_S16)
  296. type = NL_ATTR_TYPE_S16;
  297. else if (pt->type == NLA_S32)
  298. type = NL_ATTR_TYPE_S32;
  299. else if (pt->type == NLA_S64)
  300. type = NL_ATTR_TYPE_S64;
  301. else
  302. type = NL_ATTR_TYPE_SINT;
  303. if (pt->validation_type == NLA_VALIDATE_FUNCTION)
  304. break;
  305. nla_get_range_signed(pt, &range);
  306. if (nla_put_s64(skb, NL_POLICY_TYPE_ATTR_MIN_VALUE_S,
  307. range.min, NL_POLICY_TYPE_ATTR_PAD) ||
  308. nla_put_s64(skb, NL_POLICY_TYPE_ATTR_MAX_VALUE_S,
  309. range.max, NL_POLICY_TYPE_ATTR_PAD))
  310. goto nla_put_failure;
  311. break;
  312. }
  313. case NLA_BITFIELD32:
  314. type = NL_ATTR_TYPE_BITFIELD32;
  315. if (nla_put_u32(skb, NL_POLICY_TYPE_ATTR_BITFIELD32_MASK,
  316. pt->bitfield32_valid))
  317. goto nla_put_failure;
  318. break;
  319. case NLA_STRING:
  320. case NLA_NUL_STRING:
  321. case NLA_BINARY:
  322. if (pt->type == NLA_STRING)
  323. type = NL_ATTR_TYPE_STRING;
  324. else if (pt->type == NLA_NUL_STRING)
  325. type = NL_ATTR_TYPE_NUL_STRING;
  326. else
  327. type = NL_ATTR_TYPE_BINARY;
  328. if (pt->validation_type == NLA_VALIDATE_RANGE ||
  329. pt->validation_type == NLA_VALIDATE_RANGE_WARN_TOO_LONG) {
  330. struct netlink_range_validation range;
  331. nla_get_range_unsigned(pt, &range);
  332. if (range.min &&
  333. nla_put_u32(skb, NL_POLICY_TYPE_ATTR_MIN_LENGTH,
  334. range.min))
  335. goto nla_put_failure;
  336. if (range.max < U16_MAX &&
  337. nla_put_u32(skb, NL_POLICY_TYPE_ATTR_MAX_LENGTH,
  338. range.max))
  339. goto nla_put_failure;
  340. } else if (pt->len &&
  341. nla_put_u32(skb, NL_POLICY_TYPE_ATTR_MAX_LENGTH,
  342. pt->len)) {
  343. goto nla_put_failure;
  344. }
  345. break;
  346. case NLA_FLAG:
  347. type = NL_ATTR_TYPE_FLAG;
  348. break;
  349. }
  350. if (nla_put_u32(skb, NL_POLICY_TYPE_ATTR_TYPE, type))
  351. goto nla_put_failure;
  352. nla_nest_end(skb, attr);
  353. WARN_ON(attr->nla_len > estimate);
  354. return 0;
  355. nla_put_failure:
  356. nla_nest_cancel(skb, attr);
  357. return -ENOBUFS;
  358. }
  359. /**
  360. * netlink_policy_dump_write_attr - write a given attribute policy
  361. * @skb: the message skb to write to
  362. * @pt: the attribute's policy
  363. * @nestattr: the nested attribute ID to use
  364. *
  365. * Returns: 0 on success, an error code otherwise; -%ENODATA is
  366. * special, indicating that there's no policy data and
  367. * the attribute is generally rejected.
  368. */
  369. int netlink_policy_dump_write_attr(struct sk_buff *skb,
  370. const struct nla_policy *pt,
  371. int nestattr)
  372. {
  373. return __netlink_policy_dump_write_attr(NULL, skb, pt, nestattr);
  374. }
  375. /**
  376. * netlink_policy_dump_write - write current policy dump attributes
  377. * @skb: the message skb to write to
  378. * @state: the policy dump state
  379. *
  380. * Returns: 0 on success, an error code otherwise
  381. */
  382. int netlink_policy_dump_write(struct sk_buff *skb,
  383. struct netlink_policy_dump_state *state)
  384. {
  385. const struct nla_policy *pt;
  386. struct nlattr *policy;
  387. bool again;
  388. int err;
  389. send_attribute:
  390. again = false;
  391. pt = &state->policies[state->policy_idx].policy[state->attr_idx];
  392. policy = nla_nest_start(skb, state->policy_idx);
  393. if (!policy)
  394. return -ENOBUFS;
  395. err = __netlink_policy_dump_write_attr(state, skb, pt, state->attr_idx);
  396. if (err == -ENODATA) {
  397. nla_nest_cancel(skb, policy);
  398. again = true;
  399. goto next;
  400. } else if (err) {
  401. goto nla_put_failure;
  402. }
  403. /* finish and move state to next attribute */
  404. nla_nest_end(skb, policy);
  405. next:
  406. state->attr_idx += 1;
  407. if (state->attr_idx > state->policies[state->policy_idx].maxtype) {
  408. state->attr_idx = 0;
  409. state->policy_idx++;
  410. }
  411. if (again) {
  412. if (netlink_policy_dump_finished(state))
  413. return -ENODATA;
  414. goto send_attribute;
  415. }
  416. return 0;
  417. nla_put_failure:
  418. nla_nest_cancel(skb, policy);
  419. return -ENOBUFS;
  420. }
  421. /**
  422. * netlink_policy_dump_free - free policy dump state
  423. * @state: the policy dump state to free
  424. *
  425. * Call this from the done() method to ensure dump state is freed.
  426. */
  427. void netlink_policy_dump_free(struct netlink_policy_dump_state *state)
  428. {
  429. kfree(state);
  430. }