1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * NETLINK Netlink attributes
4 *
5 * Authors: Thomas Graf <tgraf@suug.ch>
6 * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
7 */
8
9 #include <linux/export.h>
10 #include <linux/kernel.h>
11 #include <linux/errno.h>
12 #include <linux/jiffies.h>
13 #include <linux/nospec.h>
14 #include <linux/skbuff.h>
15 #include <linux/string.h>
16 #include <linux/types.h>
17 #include <net/netlink.h>
18
19 /* For these data types, attribute length should be exactly the given
20 * size. However, to maintain compatibility with broken commands, if the
21 * attribute length does not match the expected size a warning is emitted
22 * to the user that the command is sending invalid data and needs to be fixed.
23 */
24 static const u8 nla_attr_len[NLA_TYPE_MAX+1] = {
25 [NLA_U8] = sizeof(u8),
26 [NLA_U16] = sizeof(u16),
27 [NLA_U32] = sizeof(u32),
28 [NLA_U64] = sizeof(u64),
29 [NLA_S8] = sizeof(s8),
30 [NLA_S16] = sizeof(s16),
31 [NLA_S32] = sizeof(s32),
32 [NLA_S64] = sizeof(s64),
33 [NLA_BE16] = sizeof(__be16),
34 [NLA_BE32] = sizeof(__be32),
35 };
36
37 static const u8 nla_attr_minlen[NLA_TYPE_MAX+1] = {
38 [NLA_U8] = sizeof(u8),
39 [NLA_U16] = sizeof(u16),
40 [NLA_U32] = sizeof(u32),
41 [NLA_U64] = sizeof(u64),
42 [NLA_MSECS] = sizeof(u64),
43 [NLA_NESTED] = NLA_HDRLEN,
44 [NLA_S8] = sizeof(s8),
45 [NLA_S16] = sizeof(s16),
46 [NLA_S32] = sizeof(s32),
47 [NLA_S64] = sizeof(s64),
48 [NLA_BE16] = sizeof(__be16),
49 [NLA_BE32] = sizeof(__be32),
50 };
51
52 /*
53 * Nested policies might refer back to the original
54 * policy in some cases, and userspace could try to
55 * abuse that and recurse by nesting in the right
56 * ways. Limit recursion to avoid this problem.
57 */
58 #define MAX_POLICY_RECURSION_DEPTH 10
59
60 static int __nla_validate_parse(const struct nlattr *head, int len, int maxtype,
61 const struct nla_policy *policy,
62 unsigned int validate,
63 struct netlink_ext_ack *extack,
64 struct nlattr **tb, unsigned int depth);
65
validate_nla_bitfield32(const struct nlattr * nla,const u32 valid_flags_mask)66 static int validate_nla_bitfield32(const struct nlattr *nla,
67 const u32 valid_flags_mask)
68 {
69 const struct nla_bitfield32 *bf = nla_data(nla);
70
71 if (!valid_flags_mask)
72 return -EINVAL;
73
74 /*disallow invalid bit selector */
75 if (bf->selector & ~valid_flags_mask)
76 return -EINVAL;
77
78 /*disallow invalid bit values */
79 if (bf->value & ~valid_flags_mask)
80 return -EINVAL;
81
82 /*disallow valid bit values that are not selected*/
83 if (bf->value & ~bf->selector)
84 return -EINVAL;
85
86 return 0;
87 }
88
nla_validate_array(const struct nlattr * head,int len,int maxtype,const struct nla_policy * policy,struct netlink_ext_ack * extack,unsigned int validate,unsigned int depth)89 static int nla_validate_array(const struct nlattr *head, int len, int maxtype,
90 const struct nla_policy *policy,
91 struct netlink_ext_ack *extack,
92 unsigned int validate, unsigned int depth)
93 {
94 const struct nlattr *entry;
95 int rem;
96
97 nla_for_each_attr(entry, head, len, rem) {
98 int ret;
99
100 if (nla_len(entry) == 0)
101 continue;
102
103 if (nla_len(entry) < NLA_HDRLEN) {
104 NL_SET_ERR_MSG_ATTR_POL(extack, entry, policy,
105 "Array element too short");
106 return -ERANGE;
107 }
108
109 ret = __nla_validate_parse(nla_data(entry), nla_len(entry),
110 maxtype, policy, validate, extack,
111 NULL, depth + 1);
112 if (ret < 0)
113 return ret;
114 }
115
116 return 0;
117 }
118
nla_get_range_unsigned(const struct nla_policy * pt,struct netlink_range_validation * range)119 void nla_get_range_unsigned(const struct nla_policy *pt,
120 struct netlink_range_validation *range)
121 {
122 WARN_ON_ONCE(pt->validation_type != NLA_VALIDATE_RANGE_PTR &&
123 (pt->min < 0 || pt->max < 0));
124
125 range->min = 0;
126
127 switch (pt->type) {
128 case NLA_U8:
129 range->max = U8_MAX;
130 break;
131 case NLA_U16:
132 case NLA_BE16:
133 case NLA_BINARY:
134 range->max = U16_MAX;
135 break;
136 case NLA_U32:
137 case NLA_BE32:
138 range->max = U32_MAX;
139 break;
140 case NLA_U64:
141 case NLA_MSECS:
142 range->max = U64_MAX;
143 break;
144 default:
145 WARN_ON_ONCE(1);
146 return;
147 }
148
149 switch (pt->validation_type) {
150 case NLA_VALIDATE_RANGE:
151 case NLA_VALIDATE_RANGE_WARN_TOO_LONG:
152 range->min = pt->min;
153 range->max = pt->max;
154 break;
155 case NLA_VALIDATE_RANGE_PTR:
156 *range = *pt->range;
157 break;
158 case NLA_VALIDATE_MIN:
159 range->min = pt->min;
160 break;
161 case NLA_VALIDATE_MAX:
162 range->max = pt->max;
163 break;
164 default:
165 break;
166 }
167 }
168
nla_validate_range_unsigned(const struct nla_policy * pt,const struct nlattr * nla,struct netlink_ext_ack * extack,unsigned int validate)169 static int nla_validate_range_unsigned(const struct nla_policy *pt,
170 const struct nlattr *nla,
171 struct netlink_ext_ack *extack,
172 unsigned int validate)
173 {
174 struct netlink_range_validation range;
175 u64 value;
176
177 switch (pt->type) {
178 case NLA_U8:
179 value = nla_get_u8(nla);
180 break;
181 case NLA_U16:
182 value = nla_get_u16(nla);
183 break;
184 case NLA_U32:
185 value = nla_get_u32(nla);
186 break;
187 case NLA_U64:
188 value = nla_get_u64(nla);
189 break;
190 case NLA_MSECS:
191 value = nla_get_u64(nla);
192 break;
193 case NLA_BINARY:
194 value = nla_len(nla);
195 break;
196 case NLA_BE16:
197 value = ntohs(nla_get_be16(nla));
198 break;
199 case NLA_BE32:
200 value = ntohl(nla_get_be32(nla));
201 break;
202 default:
203 return -EINVAL;
204 }
205
206 nla_get_range_unsigned(pt, &range);
207
208 if (pt->validation_type == NLA_VALIDATE_RANGE_WARN_TOO_LONG &&
209 pt->type == NLA_BINARY && value > range.max) {
210 pr_warn_ratelimited("netlink: '%s': attribute type %d has an invalid length.\n",
211 current->comm, pt->type);
212 if (validate & NL_VALIDATE_STRICT_ATTRS) {
213 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
214 "invalid attribute length");
215 return -EINVAL;
216 }
217
218 /* this assumes min <= max (don't validate against min) */
219 return 0;
220 }
221
222 if (value < range.min || value > range.max) {
223 bool binary = pt->type == NLA_BINARY;
224
225 if (binary)
226 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
227 "binary attribute size out of range");
228 else
229 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
230 "integer out of range");
231
232 return -ERANGE;
233 }
234
235 return 0;
236 }
237
nla_get_range_signed(const struct nla_policy * pt,struct netlink_range_validation_signed * range)238 void nla_get_range_signed(const struct nla_policy *pt,
239 struct netlink_range_validation_signed *range)
240 {
241 switch (pt->type) {
242 case NLA_S8:
243 range->min = S8_MIN;
244 range->max = S8_MAX;
245 break;
246 case NLA_S16:
247 range->min = S16_MIN;
248 range->max = S16_MAX;
249 break;
250 case NLA_S32:
251 range->min = S32_MIN;
252 range->max = S32_MAX;
253 break;
254 case NLA_S64:
255 range->min = S64_MIN;
256 range->max = S64_MAX;
257 break;
258 default:
259 WARN_ON_ONCE(1);
260 return;
261 }
262
263 switch (pt->validation_type) {
264 case NLA_VALIDATE_RANGE:
265 range->min = pt->min;
266 range->max = pt->max;
267 break;
268 case NLA_VALIDATE_RANGE_PTR:
269 *range = *pt->range_signed;
270 break;
271 case NLA_VALIDATE_MIN:
272 range->min = pt->min;
273 break;
274 case NLA_VALIDATE_MAX:
275 range->max = pt->max;
276 break;
277 default:
278 break;
279 }
280 }
281
nla_validate_int_range_signed(const struct nla_policy * pt,const struct nlattr * nla,struct netlink_ext_ack * extack)282 static int nla_validate_int_range_signed(const struct nla_policy *pt,
283 const struct nlattr *nla,
284 struct netlink_ext_ack *extack)
285 {
286 struct netlink_range_validation_signed range;
287 s64 value;
288
289 switch (pt->type) {
290 case NLA_S8:
291 value = nla_get_s8(nla);
292 break;
293 case NLA_S16:
294 value = nla_get_s16(nla);
295 break;
296 case NLA_S32:
297 value = nla_get_s32(nla);
298 break;
299 case NLA_S64:
300 value = nla_get_s64(nla);
301 break;
302 default:
303 return -EINVAL;
304 }
305
306 nla_get_range_signed(pt, &range);
307
308 if (value < range.min || value > range.max) {
309 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
310 "integer out of range");
311 return -ERANGE;
312 }
313
314 return 0;
315 }
316
nla_validate_int_range(const struct nla_policy * pt,const struct nlattr * nla,struct netlink_ext_ack * extack,unsigned int validate)317 static int nla_validate_int_range(const struct nla_policy *pt,
318 const struct nlattr *nla,
319 struct netlink_ext_ack *extack,
320 unsigned int validate)
321 {
322 switch (pt->type) {
323 case NLA_U8:
324 case NLA_U16:
325 case NLA_U32:
326 case NLA_U64:
327 case NLA_MSECS:
328 case NLA_BINARY:
329 case NLA_BE16:
330 case NLA_BE32:
331 return nla_validate_range_unsigned(pt, nla, extack, validate);
332 case NLA_S8:
333 case NLA_S16:
334 case NLA_S32:
335 case NLA_S64:
336 return nla_validate_int_range_signed(pt, nla, extack);
337 default:
338 WARN_ON(1);
339 return -EINVAL;
340 }
341 }
342
nla_validate_mask(const struct nla_policy * pt,const struct nlattr * nla,struct netlink_ext_ack * extack)343 static int nla_validate_mask(const struct nla_policy *pt,
344 const struct nlattr *nla,
345 struct netlink_ext_ack *extack)
346 {
347 u64 value;
348
349 switch (pt->type) {
350 case NLA_U8:
351 value = nla_get_u8(nla);
352 break;
353 case NLA_U16:
354 value = nla_get_u16(nla);
355 break;
356 case NLA_U32:
357 value = nla_get_u32(nla);
358 break;
359 case NLA_U64:
360 value = nla_get_u64(nla);
361 break;
362 case NLA_BE16:
363 value = ntohs(nla_get_be16(nla));
364 break;
365 case NLA_BE32:
366 value = ntohl(nla_get_be32(nla));
367 break;
368 default:
369 return -EINVAL;
370 }
371
372 if (value & ~(u64)pt->mask) {
373 NL_SET_ERR_MSG_ATTR(extack, nla, "reserved bit set");
374 return -EINVAL;
375 }
376
377 return 0;
378 }
379
validate_nla(const struct nlattr * nla,int maxtype,const struct nla_policy * policy,unsigned int validate,struct netlink_ext_ack * extack,unsigned int depth)380 static int validate_nla(const struct nlattr *nla, int maxtype,
381 const struct nla_policy *policy, unsigned int validate,
382 struct netlink_ext_ack *extack, unsigned int depth)
383 {
384 u16 strict_start_type = policy[0].strict_start_type;
385 const struct nla_policy *pt;
386 int minlen = 0, attrlen = nla_len(nla), type = nla_type(nla);
387 int err = -ERANGE;
388
389 if (strict_start_type && type >= strict_start_type)
390 validate |= NL_VALIDATE_STRICT;
391
392 if (type <= 0 || type > maxtype)
393 return 0;
394
395 type = array_index_nospec(type, maxtype + 1);
396 pt = &policy[type];
397
398 BUG_ON(pt->type > NLA_TYPE_MAX);
399
400 if (nla_attr_len[pt->type] && attrlen != nla_attr_len[pt->type]) {
401 pr_warn_ratelimited("netlink: '%s': attribute type %d has an invalid length.\n",
402 current->comm, type);
403 if (validate & NL_VALIDATE_STRICT_ATTRS) {
404 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
405 "invalid attribute length");
406 return -EINVAL;
407 }
408 }
409
410 if (validate & NL_VALIDATE_NESTED) {
411 if ((pt->type == NLA_NESTED || pt->type == NLA_NESTED_ARRAY) &&
412 !(nla->nla_type & NLA_F_NESTED)) {
413 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
414 "NLA_F_NESTED is missing");
415 return -EINVAL;
416 }
417 if (pt->type != NLA_NESTED && pt->type != NLA_NESTED_ARRAY &&
418 pt->type != NLA_UNSPEC && (nla->nla_type & NLA_F_NESTED)) {
419 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
420 "NLA_F_NESTED not expected");
421 return -EINVAL;
422 }
423 }
424
425 switch (pt->type) {
426 case NLA_REJECT:
427 if (extack && pt->reject_message) {
428 NL_SET_BAD_ATTR(extack, nla);
429 extack->_msg = pt->reject_message;
430 return -EINVAL;
431 }
432 err = -EINVAL;
433 goto out_err;
434
435 case NLA_FLAG:
436 if (attrlen > 0)
437 goto out_err;
438 break;
439
440 case NLA_BITFIELD32:
441 if (attrlen != sizeof(struct nla_bitfield32))
442 goto out_err;
443
444 err = validate_nla_bitfield32(nla, pt->bitfield32_valid);
445 if (err)
446 goto out_err;
447 break;
448
449 case NLA_NUL_STRING:
450 if (pt->len)
451 minlen = min_t(int, attrlen, pt->len + 1);
452 else
453 minlen = attrlen;
454
455 if (!minlen || memchr(nla_data(nla), '\0', minlen) == NULL) {
456 err = -EINVAL;
457 goto out_err;
458 }
459 fallthrough;
460
461 case NLA_STRING:
462 if (attrlen < 1)
463 goto out_err;
464
465 if (pt->len) {
466 char *buf = nla_data(nla);
467
468 if (buf[attrlen - 1] == '\0')
469 attrlen--;
470
471 if (attrlen > pt->len)
472 goto out_err;
473 }
474 break;
475
476 case NLA_BINARY:
477 if (pt->len && attrlen > pt->len)
478 goto out_err;
479 break;
480
481 case NLA_NESTED:
482 /* a nested attributes is allowed to be empty; if its not,
483 * it must have a size of at least NLA_HDRLEN.
484 */
485 if (attrlen == 0)
486 break;
487 if (attrlen < NLA_HDRLEN)
488 goto out_err;
489 if (pt->nested_policy) {
490 err = __nla_validate_parse(nla_data(nla), nla_len(nla),
491 pt->len, pt->nested_policy,
492 validate, extack, NULL,
493 depth + 1);
494 if (err < 0) {
495 /*
496 * return directly to preserve the inner
497 * error message/attribute pointer
498 */
499 return err;
500 }
501 }
502 break;
503 case NLA_NESTED_ARRAY:
504 /* a nested array attribute is allowed to be empty; if its not,
505 * it must have a size of at least NLA_HDRLEN.
506 */
507 if (attrlen == 0)
508 break;
509 if (attrlen < NLA_HDRLEN)
510 goto out_err;
511 if (pt->nested_policy) {
512 int err;
513
514 err = nla_validate_array(nla_data(nla), nla_len(nla),
515 pt->len, pt->nested_policy,
516 extack, validate, depth);
517 if (err < 0) {
518 /*
519 * return directly to preserve the inner
520 * error message/attribute pointer
521 */
522 return err;
523 }
524 }
525 break;
526
527 case NLA_UNSPEC:
528 if (validate & NL_VALIDATE_UNSPEC) {
529 NL_SET_ERR_MSG_ATTR(extack, nla,
530 "Unsupported attribute");
531 return -EINVAL;
532 }
533 if (attrlen < pt->len)
534 goto out_err;
535 break;
536
537 default:
538 if (pt->len)
539 minlen = pt->len;
540 else
541 minlen = nla_attr_minlen[pt->type];
542
543 if (attrlen < minlen)
544 goto out_err;
545 }
546
547 /* further validation */
548 switch (pt->validation_type) {
549 case NLA_VALIDATE_NONE:
550 /* nothing to do */
551 break;
552 case NLA_VALIDATE_RANGE_PTR:
553 case NLA_VALIDATE_RANGE:
554 case NLA_VALIDATE_RANGE_WARN_TOO_LONG:
555 case NLA_VALIDATE_MIN:
556 case NLA_VALIDATE_MAX:
557 err = nla_validate_int_range(pt, nla, extack, validate);
558 if (err)
559 return err;
560 break;
561 case NLA_VALIDATE_MASK:
562 err = nla_validate_mask(pt, nla, extack);
563 if (err)
564 return err;
565 break;
566 case NLA_VALIDATE_FUNCTION:
567 if (pt->validate) {
568 err = pt->validate(nla, extack);
569 if (err)
570 return err;
571 }
572 break;
573 }
574
575 return 0;
576 out_err:
577 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
578 "Attribute failed policy validation");
579 return err;
580 }
581
__nla_validate_parse(const struct nlattr * head,int len,int maxtype,const struct nla_policy * policy,unsigned int validate,struct netlink_ext_ack * extack,struct nlattr ** tb,unsigned int depth)582 static int __nla_validate_parse(const struct nlattr *head, int len, int maxtype,
583 const struct nla_policy *policy,
584 unsigned int validate,
585 struct netlink_ext_ack *extack,
586 struct nlattr **tb, unsigned int depth)
587 {
588 const struct nlattr *nla;
589 int rem;
590
591 if (depth >= MAX_POLICY_RECURSION_DEPTH) {
592 NL_SET_ERR_MSG(extack,
593 "allowed policy recursion depth exceeded");
594 return -EINVAL;
595 }
596
597 if (tb)
598 memset(tb, 0, sizeof(struct nlattr *) * (maxtype + 1));
599
600 nla_for_each_attr(nla, head, len, rem) {
601 u16 type = nla_type(nla);
602
603 if (type == 0 || type > maxtype) {
604 if (validate & NL_VALIDATE_MAXTYPE) {
605 NL_SET_ERR_MSG_ATTR(extack, nla,
606 "Unknown attribute type");
607 return -EINVAL;
608 }
609 continue;
610 }
611 type = array_index_nospec(type, maxtype + 1);
612 if (policy) {
613 int err = validate_nla(nla, maxtype, policy,
614 validate, extack, depth);
615
616 if (err < 0)
617 return err;
618 }
619
620 if (tb)
621 tb[type] = (struct nlattr *)nla;
622 }
623
624 if (unlikely(rem > 0)) {
625 pr_warn_ratelimited("netlink: %d bytes leftover after parsing attributes in process `%s'.\n",
626 rem, current->comm);
627 NL_SET_ERR_MSG(extack, "bytes leftover after parsing attributes");
628 if (validate & NL_VALIDATE_TRAILING)
629 return -EINVAL;
630 }
631
632 return 0;
633 }
634
635 /**
636 * __nla_validate - Validate a stream of attributes
637 * @head: head of attribute stream
638 * @len: length of attribute stream
639 * @maxtype: maximum attribute type to be expected
640 * @policy: validation policy
641 * @validate: validation strictness
642 * @extack: extended ACK report struct
643 *
644 * Validates all attributes in the specified attribute stream against the
645 * specified policy. Validation depends on the validate flags passed, see
646 * &enum netlink_validation for more details on that.
647 * See documentation of struct nla_policy for more details.
648 *
649 * Returns 0 on success or a negative error code.
650 */
__nla_validate(const struct nlattr * head,int len,int maxtype,const struct nla_policy * policy,unsigned int validate,struct netlink_ext_ack * extack)651 int __nla_validate(const struct nlattr *head, int len, int maxtype,
652 const struct nla_policy *policy, unsigned int validate,
653 struct netlink_ext_ack *extack)
654 {
655 return __nla_validate_parse(head, len, maxtype, policy, validate,
656 extack, NULL, 0);
657 }
658 EXPORT_SYMBOL(__nla_validate);
659
660 /**
661 * nla_policy_len - Determine the max. length of a policy
662 * @p: policy to use
663 * @n: number of policies
664 *
665 * Determines the max. length of the policy. It is currently used
666 * to allocated Netlink buffers roughly the size of the actual
667 * message.
668 *
669 * Returns 0 on success or a negative error code.
670 */
671 int
nla_policy_len(const struct nla_policy * p,int n)672 nla_policy_len(const struct nla_policy *p, int n)
673 {
674 int i, len = 0;
675
676 for (i = 0; i < n; i++, p++) {
677 if (p->len)
678 len += nla_total_size(p->len);
679 else if (nla_attr_len[p->type])
680 len += nla_total_size(nla_attr_len[p->type]);
681 else if (nla_attr_minlen[p->type])
682 len += nla_total_size(nla_attr_minlen[p->type]);
683 }
684
685 return len;
686 }
687 EXPORT_SYMBOL(nla_policy_len);
688
689 /**
690 * __nla_parse - Parse a stream of attributes into a tb buffer
691 * @tb: destination array with maxtype+1 elements
692 * @maxtype: maximum attribute type to be expected
693 * @head: head of attribute stream
694 * @len: length of attribute stream
695 * @policy: validation policy
696 * @validate: validation strictness
697 * @extack: extended ACK pointer
698 *
699 * Parses a stream of attributes and stores a pointer to each attribute in
700 * the tb array accessible via the attribute type.
701 * Validation is controlled by the @validate parameter.
702 *
703 * Returns 0 on success or a negative error code.
704 */
__nla_parse(struct nlattr ** tb,int maxtype,const struct nlattr * head,int len,const struct nla_policy * policy,unsigned int validate,struct netlink_ext_ack * extack)705 int __nla_parse(struct nlattr **tb, int maxtype,
706 const struct nlattr *head, int len,
707 const struct nla_policy *policy, unsigned int validate,
708 struct netlink_ext_ack *extack)
709 {
710 return __nla_validate_parse(head, len, maxtype, policy, validate,
711 extack, tb, 0);
712 }
713 EXPORT_SYMBOL(__nla_parse);
714
715 /**
716 * nla_find - Find a specific attribute in a stream of attributes
717 * @head: head of attribute stream
718 * @len: length of attribute stream
719 * @attrtype: type of attribute to look for
720 *
721 * Returns the first attribute in the stream matching the specified type.
722 */
nla_find(const struct nlattr * head,int len,int attrtype)723 struct nlattr *nla_find(const struct nlattr *head, int len, int attrtype)
724 {
725 const struct nlattr *nla;
726 int rem;
727
728 nla_for_each_attr(nla, head, len, rem)
729 if (nla_type(nla) == attrtype)
730 return (struct nlattr *)nla;
731
732 return NULL;
733 }
734 EXPORT_SYMBOL(nla_find);
735
736 /**
737 * nla_strscpy - Copy string attribute payload into a sized buffer
738 * @dst: Where to copy the string to.
739 * @nla: Attribute to copy the string from.
740 * @dstsize: Size of destination buffer.
741 *
742 * Copies at most dstsize - 1 bytes into the destination buffer.
743 * Unlike strlcpy the destination buffer is always padded out.
744 *
745 * Return:
746 * * srclen - Returns @nla length (not including the trailing %NUL).
747 * * -E2BIG - If @dstsize is 0 or greater than U16_MAX or @nla length greater
748 * than @dstsize.
749 */
nla_strscpy(char * dst,const struct nlattr * nla,size_t dstsize)750 ssize_t nla_strscpy(char *dst, const struct nlattr *nla, size_t dstsize)
751 {
752 size_t srclen = nla_len(nla);
753 char *src = nla_data(nla);
754 ssize_t ret;
755 size_t len;
756
757 if (dstsize == 0 || WARN_ON_ONCE(dstsize > U16_MAX))
758 return -E2BIG;
759
760 if (srclen > 0 && src[srclen - 1] == '\0')
761 srclen--;
762
763 if (srclen >= dstsize) {
764 len = dstsize - 1;
765 ret = -E2BIG;
766 } else {
767 len = srclen;
768 ret = len;
769 }
770
771 memcpy(dst, src, len);
772 /* Zero pad end of dst. */
773 memset(dst + len, 0, dstsize - len);
774
775 return ret;
776 }
777 EXPORT_SYMBOL(nla_strscpy);
778
779 /**
780 * nla_strdup - Copy string attribute payload into a newly allocated buffer
781 * @nla: attribute to copy the string from
782 * @flags: the type of memory to allocate (see kmalloc).
783 *
784 * Returns a pointer to the allocated buffer or NULL on error.
785 */
nla_strdup(const struct nlattr * nla,gfp_t flags)786 char *nla_strdup(const struct nlattr *nla, gfp_t flags)
787 {
788 size_t srclen = nla_len(nla);
789 char *src = nla_data(nla), *dst;
790
791 if (srclen > 0 && src[srclen - 1] == '\0')
792 srclen--;
793
794 dst = kmalloc(srclen + 1, flags);
795 if (dst != NULL) {
796 memcpy(dst, src, srclen);
797 dst[srclen] = '\0';
798 }
799 return dst;
800 }
801 EXPORT_SYMBOL(nla_strdup);
802
803 /**
804 * nla_memcpy - Copy a netlink attribute into another memory area
805 * @dest: where to copy to memcpy
806 * @src: netlink attribute to copy from
807 * @count: size of the destination area
808 *
809 * Note: The number of bytes copied is limited by the length of
810 * attribute's payload. memcpy
811 *
812 * Returns the number of bytes copied.
813 */
nla_memcpy(void * dest,const struct nlattr * src,int count)814 int nla_memcpy(void *dest, const struct nlattr *src, int count)
815 {
816 int minlen = min_t(int, count, nla_len(src));
817
818 memcpy(dest, nla_data(src), minlen);
819 if (count > minlen)
820 memset(dest + minlen, 0, count - minlen);
821
822 return minlen;
823 }
824 EXPORT_SYMBOL(nla_memcpy);
825
826 /**
827 * nla_memcmp - Compare an attribute with sized memory area
828 * @nla: netlink attribute
829 * @data: memory area
830 * @size: size of memory area
831 */
nla_memcmp(const struct nlattr * nla,const void * data,size_t size)832 int nla_memcmp(const struct nlattr *nla, const void *data,
833 size_t size)
834 {
835 int d = nla_len(nla) - size;
836
837 if (d == 0)
838 d = memcmp(nla_data(nla), data, size);
839
840 return d;
841 }
842 EXPORT_SYMBOL(nla_memcmp);
843
844 /**
845 * nla_strcmp - Compare a string attribute against a string
846 * @nla: netlink string attribute
847 * @str: another string
848 */
nla_strcmp(const struct nlattr * nla,const char * str)849 int nla_strcmp(const struct nlattr *nla, const char *str)
850 {
851 int len = strlen(str);
852 char *buf = nla_data(nla);
853 int attrlen = nla_len(nla);
854 int d;
855
856 while (attrlen > 0 && buf[attrlen - 1] == '\0')
857 attrlen--;
858
859 d = attrlen - len;
860 if (d == 0)
861 d = memcmp(nla_data(nla), str, len);
862
863 return d;
864 }
865 EXPORT_SYMBOL(nla_strcmp);
866
867 #ifdef CONFIG_NET
868 /**
869 * __nla_reserve - reserve room for attribute on the skb
870 * @skb: socket buffer to reserve room on
871 * @attrtype: attribute type
872 * @attrlen: length of attribute payload
873 *
874 * Adds a netlink attribute header to a socket buffer and reserves
875 * room for the payload but does not copy it.
876 *
877 * The caller is responsible to ensure that the skb provides enough
878 * tailroom for the attribute header and payload.
879 */
__nla_reserve(struct sk_buff * skb,int attrtype,int attrlen)880 struct nlattr *__nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
881 {
882 struct nlattr *nla;
883
884 nla = skb_put(skb, nla_total_size(attrlen));
885 nla->nla_type = attrtype;
886 nla->nla_len = nla_attr_size(attrlen);
887
888 memset((unsigned char *) nla + nla->nla_len, 0, nla_padlen(attrlen));
889
890 return nla;
891 }
892 EXPORT_SYMBOL(__nla_reserve);
893
894 /**
895 * __nla_reserve_64bit - reserve room for attribute on the skb and align it
896 * @skb: socket buffer to reserve room on
897 * @attrtype: attribute type
898 * @attrlen: length of attribute payload
899 * @padattr: attribute type for the padding
900 *
901 * Adds a netlink attribute header to a socket buffer and reserves
902 * room for the payload but does not copy it. It also ensure that this
903 * attribute will have a 64-bit aligned nla_data() area.
904 *
905 * The caller is responsible to ensure that the skb provides enough
906 * tailroom for the attribute header and payload.
907 */
__nla_reserve_64bit(struct sk_buff * skb,int attrtype,int attrlen,int padattr)908 struct nlattr *__nla_reserve_64bit(struct sk_buff *skb, int attrtype,
909 int attrlen, int padattr)
910 {
911 nla_align_64bit(skb, padattr);
912
913 return __nla_reserve(skb, attrtype, attrlen);
914 }
915 EXPORT_SYMBOL(__nla_reserve_64bit);
916
917 /**
918 * __nla_reserve_nohdr - reserve room for attribute without header
919 * @skb: socket buffer to reserve room on
920 * @attrlen: length of attribute payload
921 *
922 * Reserves room for attribute payload without a header.
923 *
924 * The caller is responsible to ensure that the skb provides enough
925 * tailroom for the payload.
926 */
__nla_reserve_nohdr(struct sk_buff * skb,int attrlen)927 void *__nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
928 {
929 return skb_put_zero(skb, NLA_ALIGN(attrlen));
930 }
931 EXPORT_SYMBOL(__nla_reserve_nohdr);
932
933 /**
934 * nla_reserve - reserve room for attribute on the skb
935 * @skb: socket buffer to reserve room on
936 * @attrtype: attribute type
937 * @attrlen: length of attribute payload
938 *
939 * Adds a netlink attribute header to a socket buffer and reserves
940 * room for the payload but does not copy it.
941 *
942 * Returns NULL if the tailroom of the skb is insufficient to store
943 * the attribute header and payload.
944 */
nla_reserve(struct sk_buff * skb,int attrtype,int attrlen)945 struct nlattr *nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
946 {
947 if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
948 return NULL;
949
950 return __nla_reserve(skb, attrtype, attrlen);
951 }
952 EXPORT_SYMBOL(nla_reserve);
953
954 /**
955 * nla_reserve_64bit - reserve room for attribute on the skb and align it
956 * @skb: socket buffer to reserve room on
957 * @attrtype: attribute type
958 * @attrlen: length of attribute payload
959 * @padattr: attribute type for the padding
960 *
961 * Adds a netlink attribute header to a socket buffer and reserves
962 * room for the payload but does not copy it. It also ensure that this
963 * attribute will have a 64-bit aligned nla_data() area.
964 *
965 * Returns NULL if the tailroom of the skb is insufficient to store
966 * the attribute header and payload.
967 */
nla_reserve_64bit(struct sk_buff * skb,int attrtype,int attrlen,int padattr)968 struct nlattr *nla_reserve_64bit(struct sk_buff *skb, int attrtype, int attrlen,
969 int padattr)
970 {
971 size_t len;
972
973 if (nla_need_padding_for_64bit(skb))
974 len = nla_total_size_64bit(attrlen);
975 else
976 len = nla_total_size(attrlen);
977 if (unlikely(skb_tailroom(skb) < len))
978 return NULL;
979
980 return __nla_reserve_64bit(skb, attrtype, attrlen, padattr);
981 }
982 EXPORT_SYMBOL(nla_reserve_64bit);
983
984 /**
985 * nla_reserve_nohdr - reserve room for attribute without header
986 * @skb: socket buffer to reserve room on
987 * @attrlen: length of attribute payload
988 *
989 * Reserves room for attribute payload without a header.
990 *
991 * Returns NULL if the tailroom of the skb is insufficient to store
992 * the attribute payload.
993 */
nla_reserve_nohdr(struct sk_buff * skb,int attrlen)994 void *nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
995 {
996 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
997 return NULL;
998
999 return __nla_reserve_nohdr(skb, attrlen);
1000 }
1001 EXPORT_SYMBOL(nla_reserve_nohdr);
1002
1003 /**
1004 * __nla_put - Add a netlink attribute to a socket buffer
1005 * @skb: socket buffer to add attribute to
1006 * @attrtype: attribute type
1007 * @attrlen: length of attribute payload
1008 * @data: head of attribute payload
1009 *
1010 * The caller is responsible to ensure that the skb provides enough
1011 * tailroom for the attribute header and payload.
1012 */
__nla_put(struct sk_buff * skb,int attrtype,int attrlen,const void * data)1013 void __nla_put(struct sk_buff *skb, int attrtype, int attrlen,
1014 const void *data)
1015 {
1016 struct nlattr *nla;
1017
1018 nla = __nla_reserve(skb, attrtype, attrlen);
1019 memcpy(nla_data(nla), data, attrlen);
1020 }
1021 EXPORT_SYMBOL(__nla_put);
1022
1023 /**
1024 * __nla_put_64bit - Add a netlink attribute to a socket buffer and align it
1025 * @skb: socket buffer to add attribute to
1026 * @attrtype: attribute type
1027 * @attrlen: length of attribute payload
1028 * @data: head of attribute payload
1029 * @padattr: attribute type for the padding
1030 *
1031 * The caller is responsible to ensure that the skb provides enough
1032 * tailroom for the attribute header and payload.
1033 */
__nla_put_64bit(struct sk_buff * skb,int attrtype,int attrlen,const void * data,int padattr)1034 void __nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen,
1035 const void *data, int padattr)
1036 {
1037 struct nlattr *nla;
1038
1039 nla = __nla_reserve_64bit(skb, attrtype, attrlen, padattr);
1040 memcpy(nla_data(nla), data, attrlen);
1041 }
1042 EXPORT_SYMBOL(__nla_put_64bit);
1043
1044 /**
1045 * __nla_put_nohdr - Add a netlink attribute without header
1046 * @skb: socket buffer to add attribute to
1047 * @attrlen: length of attribute payload
1048 * @data: head of attribute payload
1049 *
1050 * The caller is responsible to ensure that the skb provides enough
1051 * tailroom for the attribute payload.
1052 */
__nla_put_nohdr(struct sk_buff * skb,int attrlen,const void * data)1053 void __nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
1054 {
1055 void *start;
1056
1057 start = __nla_reserve_nohdr(skb, attrlen);
1058 memcpy(start, data, attrlen);
1059 }
1060 EXPORT_SYMBOL(__nla_put_nohdr);
1061
1062 /**
1063 * nla_put - Add a netlink attribute to a socket buffer
1064 * @skb: socket buffer to add attribute to
1065 * @attrtype: attribute type
1066 * @attrlen: length of attribute payload
1067 * @data: head of attribute payload
1068 *
1069 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1070 * the attribute header and payload.
1071 */
nla_put(struct sk_buff * skb,int attrtype,int attrlen,const void * data)1072 int nla_put(struct sk_buff *skb, int attrtype, int attrlen, const void *data)
1073 {
1074 if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
1075 return -EMSGSIZE;
1076
1077 __nla_put(skb, attrtype, attrlen, data);
1078 return 0;
1079 }
1080 EXPORT_SYMBOL(nla_put);
1081
1082 /**
1083 * nla_put_64bit - Add a netlink attribute to a socket buffer and align it
1084 * @skb: socket buffer to add attribute to
1085 * @attrtype: attribute type
1086 * @attrlen: length of attribute payload
1087 * @data: head of attribute payload
1088 * @padattr: attribute type for the padding
1089 *
1090 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1091 * the attribute header and payload.
1092 */
nla_put_64bit(struct sk_buff * skb,int attrtype,int attrlen,const void * data,int padattr)1093 int nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen,
1094 const void *data, int padattr)
1095 {
1096 size_t len;
1097
1098 if (nla_need_padding_for_64bit(skb))
1099 len = nla_total_size_64bit(attrlen);
1100 else
1101 len = nla_total_size(attrlen);
1102 if (unlikely(skb_tailroom(skb) < len))
1103 return -EMSGSIZE;
1104
1105 __nla_put_64bit(skb, attrtype, attrlen, data, padattr);
1106 return 0;
1107 }
1108 EXPORT_SYMBOL(nla_put_64bit);
1109
1110 /**
1111 * nla_put_nohdr - Add a netlink attribute without header
1112 * @skb: socket buffer to add attribute to
1113 * @attrlen: length of attribute payload
1114 * @data: head of attribute payload
1115 *
1116 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1117 * the attribute payload.
1118 */
nla_put_nohdr(struct sk_buff * skb,int attrlen,const void * data)1119 int nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
1120 {
1121 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
1122 return -EMSGSIZE;
1123
1124 __nla_put_nohdr(skb, attrlen, data);
1125 return 0;
1126 }
1127 EXPORT_SYMBOL(nla_put_nohdr);
1128
1129 /**
1130 * nla_append - Add a netlink attribute without header or padding
1131 * @skb: socket buffer to add attribute to
1132 * @attrlen: length of attribute payload
1133 * @data: head of attribute payload
1134 *
1135 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1136 * the attribute payload.
1137 */
nla_append(struct sk_buff * skb,int attrlen,const void * data)1138 int nla_append(struct sk_buff *skb, int attrlen, const void *data)
1139 {
1140 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
1141 return -EMSGSIZE;
1142
1143 skb_put_data(skb, data, attrlen);
1144 return 0;
1145 }
1146 EXPORT_SYMBOL(nla_append);
1147 #endif
1148