1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * L2TP netlink layer, for management 4 * 5 * Copyright (c) 2008,2009,2010 Katalix Systems Ltd 6 * 7 * Partly based on the IrDA nelink implementation 8 * (see net/irda/irnetlink.c) which is: 9 * Copyright (c) 2007 Samuel Ortiz <samuel@sortiz.org> 10 * which is in turn partly based on the wireless netlink code: 11 * Copyright 2006 Johannes Berg <johannes@sipsolutions.net> 12 */ 13 14 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 15 16 #include <net/sock.h> 17 #include <net/genetlink.h> 18 #include <net/udp.h> 19 #include <linux/in.h> 20 #include <linux/udp.h> 21 #include <linux/socket.h> 22 #include <linux/module.h> 23 #include <linux/list.h> 24 #include <net/net_namespace.h> 25 26 #include <linux/l2tp.h> 27 28 #include "l2tp_core.h" 29 30 static struct genl_family l2tp_nl_family; 31 32 static const struct genl_multicast_group l2tp_multicast_group[] = { 33 { 34 .name = L2TP_GENL_MCGROUP, 35 }, 36 }; 37 38 static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, 39 int flags, struct l2tp_tunnel *tunnel, u8 cmd); 40 static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, 41 int flags, struct l2tp_session *session, 42 u8 cmd); 43 44 /* Accessed under genl lock */ 45 static const struct l2tp_nl_cmd_ops *l2tp_nl_cmd_ops[__L2TP_PWTYPE_MAX]; 46 47 static struct l2tp_session *l2tp_nl_session_get(struct genl_info *info) 48 { 49 u32 tunnel_id; 50 u32 session_id; 51 char *ifname; 52 struct l2tp_tunnel *tunnel; 53 struct l2tp_session *session = NULL; 54 struct net *net = genl_info_net(info); 55 56 if (info->attrs[L2TP_ATTR_IFNAME]) { 57 ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]); 58 session = l2tp_session_get_by_ifname(net, ifname); 59 } else if ((info->attrs[L2TP_ATTR_SESSION_ID]) && 60 (info->attrs[L2TP_ATTR_CONN_ID])) { 61 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 62 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]); 63 tunnel = l2tp_tunnel_get(net, tunnel_id); 64 if (tunnel) { 65 session = l2tp_tunnel_get_session(tunnel, session_id); 66 l2tp_tunnel_dec_refcount(tunnel); 67 } 68 } 69 70 return session; 71 } 72 73 static int l2tp_nl_cmd_noop(struct sk_buff *skb, struct genl_info *info) 74 { 75 struct sk_buff *msg; 76 void *hdr; 77 int ret = -ENOBUFS; 78 79 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 80 if (!msg) { 81 ret = -ENOMEM; 82 goto out; 83 } 84 85 hdr = genlmsg_put(msg, info->snd_portid, info->snd_seq, 86 &l2tp_nl_family, 0, L2TP_CMD_NOOP); 87 if (!hdr) { 88 ret = -EMSGSIZE; 89 goto err_out; 90 } 91 92 genlmsg_end(msg, hdr); 93 94 return genlmsg_unicast(genl_info_net(info), msg, info->snd_portid); 95 96 err_out: 97 nlmsg_free(msg); 98 99 out: 100 return ret; 101 } 102 103 static int l2tp_tunnel_notify(struct genl_family *family, 104 struct genl_info *info, 105 struct l2tp_tunnel *tunnel, 106 u8 cmd) 107 { 108 struct sk_buff *msg; 109 int ret; 110 111 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 112 if (!msg) 113 return -ENOMEM; 114 115 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq, 116 NLM_F_ACK, tunnel, cmd); 117 118 if (ret >= 0) { 119 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC); 120 /* We don't care if no one is listening */ 121 if (ret == -ESRCH) 122 ret = 0; 123 return ret; 124 } 125 126 nlmsg_free(msg); 127 128 return ret; 129 } 130 131 static int l2tp_session_notify(struct genl_family *family, 132 struct genl_info *info, 133 struct l2tp_session *session, 134 u8 cmd) 135 { 136 struct sk_buff *msg; 137 int ret; 138 139 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 140 if (!msg) 141 return -ENOMEM; 142 143 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq, 144 NLM_F_ACK, session, cmd); 145 146 if (ret >= 0) { 147 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC); 148 /* We don't care if no one is listening */ 149 if (ret == -ESRCH) 150 ret = 0; 151 return ret; 152 } 153 154 nlmsg_free(msg); 155 156 return ret; 157 } 158 159 static int l2tp_nl_cmd_tunnel_create(struct sk_buff *skb, struct genl_info *info) 160 { 161 u32 tunnel_id; 162 u32 peer_tunnel_id; 163 int proto_version; 164 int fd; 165 int ret = 0; 166 struct l2tp_tunnel_cfg cfg = { 0, }; 167 struct l2tp_tunnel *tunnel; 168 struct net *net = genl_info_net(info); 169 170 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 171 ret = -EINVAL; 172 goto out; 173 } 174 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 175 176 if (!info->attrs[L2TP_ATTR_PEER_CONN_ID]) { 177 ret = -EINVAL; 178 goto out; 179 } 180 peer_tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_CONN_ID]); 181 182 if (!info->attrs[L2TP_ATTR_PROTO_VERSION]) { 183 ret = -EINVAL; 184 goto out; 185 } 186 proto_version = nla_get_u8(info->attrs[L2TP_ATTR_PROTO_VERSION]); 187 188 if (!info->attrs[L2TP_ATTR_ENCAP_TYPE]) { 189 ret = -EINVAL; 190 goto out; 191 } 192 cfg.encap = nla_get_u16(info->attrs[L2TP_ATTR_ENCAP_TYPE]); 193 194 fd = -1; 195 if (info->attrs[L2TP_ATTR_FD]) { 196 fd = nla_get_u32(info->attrs[L2TP_ATTR_FD]); 197 } else { 198 #if IS_ENABLED(CONFIG_IPV6) 199 if (info->attrs[L2TP_ATTR_IP6_SADDR] && 200 info->attrs[L2TP_ATTR_IP6_DADDR]) { 201 cfg.local_ip6 = nla_data( 202 info->attrs[L2TP_ATTR_IP6_SADDR]); 203 cfg.peer_ip6 = nla_data( 204 info->attrs[L2TP_ATTR_IP6_DADDR]); 205 } else 206 #endif 207 if (info->attrs[L2TP_ATTR_IP_SADDR] && 208 info->attrs[L2TP_ATTR_IP_DADDR]) { 209 cfg.local_ip.s_addr = nla_get_in_addr( 210 info->attrs[L2TP_ATTR_IP_SADDR]); 211 cfg.peer_ip.s_addr = nla_get_in_addr( 212 info->attrs[L2TP_ATTR_IP_DADDR]); 213 } else { 214 ret = -EINVAL; 215 goto out; 216 } 217 if (info->attrs[L2TP_ATTR_UDP_SPORT]) 218 cfg.local_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_SPORT]); 219 if (info->attrs[L2TP_ATTR_UDP_DPORT]) 220 cfg.peer_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_DPORT]); 221 cfg.use_udp_checksums = nla_get_flag( 222 info->attrs[L2TP_ATTR_UDP_CSUM]); 223 224 #if IS_ENABLED(CONFIG_IPV6) 225 cfg.udp6_zero_tx_checksums = nla_get_flag( 226 info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_TX]); 227 cfg.udp6_zero_rx_checksums = nla_get_flag( 228 info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_RX]); 229 #endif 230 } 231 232 if (info->attrs[L2TP_ATTR_DEBUG]) 233 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 234 235 ret = -EINVAL; 236 switch (cfg.encap) { 237 case L2TP_ENCAPTYPE_UDP: 238 case L2TP_ENCAPTYPE_IP: 239 ret = l2tp_tunnel_create(net, fd, proto_version, tunnel_id, 240 peer_tunnel_id, &cfg, &tunnel); 241 break; 242 } 243 244 if (ret < 0) 245 goto out; 246 247 l2tp_tunnel_inc_refcount(tunnel); 248 ret = l2tp_tunnel_register(tunnel, net, &cfg); 249 if (ret < 0) { 250 kfree(tunnel); 251 goto out; 252 } 253 ret = l2tp_tunnel_notify(&l2tp_nl_family, info, tunnel, 254 L2TP_CMD_TUNNEL_CREATE); 255 l2tp_tunnel_dec_refcount(tunnel); 256 257 out: 258 return ret; 259 } 260 261 static int l2tp_nl_cmd_tunnel_delete(struct sk_buff *skb, struct genl_info *info) 262 { 263 struct l2tp_tunnel *tunnel; 264 u32 tunnel_id; 265 int ret = 0; 266 struct net *net = genl_info_net(info); 267 268 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 269 ret = -EINVAL; 270 goto out; 271 } 272 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 273 274 tunnel = l2tp_tunnel_get(net, tunnel_id); 275 if (!tunnel) { 276 ret = -ENODEV; 277 goto out; 278 } 279 280 l2tp_tunnel_notify(&l2tp_nl_family, info, 281 tunnel, L2TP_CMD_TUNNEL_DELETE); 282 283 l2tp_tunnel_delete(tunnel); 284 285 l2tp_tunnel_dec_refcount(tunnel); 286 287 out: 288 return ret; 289 } 290 291 static int l2tp_nl_cmd_tunnel_modify(struct sk_buff *skb, struct genl_info *info) 292 { 293 struct l2tp_tunnel *tunnel; 294 u32 tunnel_id; 295 int ret = 0; 296 struct net *net = genl_info_net(info); 297 298 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 299 ret = -EINVAL; 300 goto out; 301 } 302 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 303 304 tunnel = l2tp_tunnel_get(net, tunnel_id); 305 if (!tunnel) { 306 ret = -ENODEV; 307 goto out; 308 } 309 310 if (info->attrs[L2TP_ATTR_DEBUG]) 311 tunnel->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 312 313 ret = l2tp_tunnel_notify(&l2tp_nl_family, info, 314 tunnel, L2TP_CMD_TUNNEL_MODIFY); 315 316 l2tp_tunnel_dec_refcount(tunnel); 317 318 out: 319 return ret; 320 } 321 322 static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, int flags, 323 struct l2tp_tunnel *tunnel, u8 cmd) 324 { 325 void *hdr; 326 struct nlattr *nest; 327 struct sock *sk = NULL; 328 struct inet_sock *inet; 329 #if IS_ENABLED(CONFIG_IPV6) 330 struct ipv6_pinfo *np = NULL; 331 #endif 332 333 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd); 334 if (!hdr) 335 return -EMSGSIZE; 336 337 if (nla_put_u8(skb, L2TP_ATTR_PROTO_VERSION, tunnel->version) || 338 nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) || 339 nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) || 340 nla_put_u32(skb, L2TP_ATTR_DEBUG, tunnel->debug) || 341 nla_put_u16(skb, L2TP_ATTR_ENCAP_TYPE, tunnel->encap)) 342 goto nla_put_failure; 343 344 nest = nla_nest_start_noflag(skb, L2TP_ATTR_STATS); 345 if (nest == NULL) 346 goto nla_put_failure; 347 348 if (nla_put_u64_64bit(skb, L2TP_ATTR_TX_PACKETS, 349 atomic_long_read(&tunnel->stats.tx_packets), 350 L2TP_ATTR_STATS_PAD) || 351 nla_put_u64_64bit(skb, L2TP_ATTR_TX_BYTES, 352 atomic_long_read(&tunnel->stats.tx_bytes), 353 L2TP_ATTR_STATS_PAD) || 354 nla_put_u64_64bit(skb, L2TP_ATTR_TX_ERRORS, 355 atomic_long_read(&tunnel->stats.tx_errors), 356 L2TP_ATTR_STATS_PAD) || 357 nla_put_u64_64bit(skb, L2TP_ATTR_RX_PACKETS, 358 atomic_long_read(&tunnel->stats.rx_packets), 359 L2TP_ATTR_STATS_PAD) || 360 nla_put_u64_64bit(skb, L2TP_ATTR_RX_BYTES, 361 atomic_long_read(&tunnel->stats.rx_bytes), 362 L2TP_ATTR_STATS_PAD) || 363 nla_put_u64_64bit(skb, L2TP_ATTR_RX_SEQ_DISCARDS, 364 atomic_long_read(&tunnel->stats.rx_seq_discards), 365 L2TP_ATTR_STATS_PAD) || 366 nla_put_u64_64bit(skb, L2TP_ATTR_RX_OOS_PACKETS, 367 atomic_long_read(&tunnel->stats.rx_oos_packets), 368 L2TP_ATTR_STATS_PAD) || 369 nla_put_u64_64bit(skb, L2TP_ATTR_RX_ERRORS, 370 atomic_long_read(&tunnel->stats.rx_errors), 371 L2TP_ATTR_STATS_PAD)) 372 goto nla_put_failure; 373 nla_nest_end(skb, nest); 374 375 sk = tunnel->sock; 376 if (!sk) 377 goto out; 378 379 #if IS_ENABLED(CONFIG_IPV6) 380 if (sk->sk_family == AF_INET6) 381 np = inet6_sk(sk); 382 #endif 383 384 inet = inet_sk(sk); 385 386 switch (tunnel->encap) { 387 case L2TP_ENCAPTYPE_UDP: 388 switch (sk->sk_family) { 389 case AF_INET: 390 if (nla_put_u8(skb, L2TP_ATTR_UDP_CSUM, !sk->sk_no_check_tx)) 391 goto nla_put_failure; 392 break; 393 #if IS_ENABLED(CONFIG_IPV6) 394 case AF_INET6: 395 if (udp_get_no_check6_tx(sk) && 396 nla_put_flag(skb, L2TP_ATTR_UDP_ZERO_CSUM6_TX)) 397 goto nla_put_failure; 398 if (udp_get_no_check6_rx(sk) && 399 nla_put_flag(skb, L2TP_ATTR_UDP_ZERO_CSUM6_RX)) 400 goto nla_put_failure; 401 break; 402 #endif 403 } 404 if (nla_put_u16(skb, L2TP_ATTR_UDP_SPORT, ntohs(inet->inet_sport)) || 405 nla_put_u16(skb, L2TP_ATTR_UDP_DPORT, ntohs(inet->inet_dport))) 406 goto nla_put_failure; 407 /* fall through */ 408 case L2TP_ENCAPTYPE_IP: 409 #if IS_ENABLED(CONFIG_IPV6) 410 if (np) { 411 if (nla_put_in6_addr(skb, L2TP_ATTR_IP6_SADDR, 412 &np->saddr) || 413 nla_put_in6_addr(skb, L2TP_ATTR_IP6_DADDR, 414 &sk->sk_v6_daddr)) 415 goto nla_put_failure; 416 } else 417 #endif 418 if (nla_put_in_addr(skb, L2TP_ATTR_IP_SADDR, 419 inet->inet_saddr) || 420 nla_put_in_addr(skb, L2TP_ATTR_IP_DADDR, 421 inet->inet_daddr)) 422 goto nla_put_failure; 423 break; 424 } 425 426 out: 427 genlmsg_end(skb, hdr); 428 return 0; 429 430 nla_put_failure: 431 genlmsg_cancel(skb, hdr); 432 return -1; 433 } 434 435 static int l2tp_nl_cmd_tunnel_get(struct sk_buff *skb, struct genl_info *info) 436 { 437 struct l2tp_tunnel *tunnel; 438 struct sk_buff *msg; 439 u32 tunnel_id; 440 int ret = -ENOBUFS; 441 struct net *net = genl_info_net(info); 442 443 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 444 ret = -EINVAL; 445 goto err; 446 } 447 448 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 449 450 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 451 if (!msg) { 452 ret = -ENOMEM; 453 goto err; 454 } 455 456 tunnel = l2tp_tunnel_get(net, tunnel_id); 457 if (!tunnel) { 458 ret = -ENODEV; 459 goto err_nlmsg; 460 } 461 462 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq, 463 NLM_F_ACK, tunnel, L2TP_CMD_TUNNEL_GET); 464 if (ret < 0) 465 goto err_nlmsg_tunnel; 466 467 l2tp_tunnel_dec_refcount(tunnel); 468 469 return genlmsg_unicast(net, msg, info->snd_portid); 470 471 err_nlmsg_tunnel: 472 l2tp_tunnel_dec_refcount(tunnel); 473 err_nlmsg: 474 nlmsg_free(msg); 475 err: 476 return ret; 477 } 478 479 static int l2tp_nl_cmd_tunnel_dump(struct sk_buff *skb, struct netlink_callback *cb) 480 { 481 int ti = cb->args[0]; 482 struct l2tp_tunnel *tunnel; 483 struct net *net = sock_net(skb->sk); 484 485 for (;;) { 486 tunnel = l2tp_tunnel_get_nth(net, ti); 487 if (tunnel == NULL) 488 goto out; 489 490 if (l2tp_nl_tunnel_send(skb, NETLINK_CB(cb->skb).portid, 491 cb->nlh->nlmsg_seq, NLM_F_MULTI, 492 tunnel, L2TP_CMD_TUNNEL_GET) < 0) { 493 l2tp_tunnel_dec_refcount(tunnel); 494 goto out; 495 } 496 l2tp_tunnel_dec_refcount(tunnel); 497 498 ti++; 499 } 500 501 out: 502 cb->args[0] = ti; 503 504 return skb->len; 505 } 506 507 static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *info) 508 { 509 u32 tunnel_id = 0; 510 u32 session_id; 511 u32 peer_session_id; 512 int ret = 0; 513 struct l2tp_tunnel *tunnel; 514 struct l2tp_session *session; 515 struct l2tp_session_cfg cfg = { 0, }; 516 struct net *net = genl_info_net(info); 517 518 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 519 ret = -EINVAL; 520 goto out; 521 } 522 523 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 524 tunnel = l2tp_tunnel_get(net, tunnel_id); 525 if (!tunnel) { 526 ret = -ENODEV; 527 goto out; 528 } 529 530 if (!info->attrs[L2TP_ATTR_SESSION_ID]) { 531 ret = -EINVAL; 532 goto out_tunnel; 533 } 534 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]); 535 536 if (!info->attrs[L2TP_ATTR_PEER_SESSION_ID]) { 537 ret = -EINVAL; 538 goto out_tunnel; 539 } 540 peer_session_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_SESSION_ID]); 541 542 if (!info->attrs[L2TP_ATTR_PW_TYPE]) { 543 ret = -EINVAL; 544 goto out_tunnel; 545 } 546 cfg.pw_type = nla_get_u16(info->attrs[L2TP_ATTR_PW_TYPE]); 547 if (cfg.pw_type >= __L2TP_PWTYPE_MAX) { 548 ret = -EINVAL; 549 goto out_tunnel; 550 } 551 552 /* L2TPv2 only accepts PPP pseudo-wires */ 553 if (tunnel->version == 2 && cfg.pw_type != L2TP_PWTYPE_PPP) { 554 ret = -EPROTONOSUPPORT; 555 goto out_tunnel; 556 } 557 558 if (tunnel->version > 2) { 559 if (info->attrs[L2TP_ATTR_L2SPEC_TYPE]) { 560 cfg.l2specific_type = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_TYPE]); 561 if (cfg.l2specific_type != L2TP_L2SPECTYPE_DEFAULT && 562 cfg.l2specific_type != L2TP_L2SPECTYPE_NONE) { 563 ret = -EINVAL; 564 goto out_tunnel; 565 } 566 } else { 567 cfg.l2specific_type = L2TP_L2SPECTYPE_DEFAULT; 568 } 569 570 if (info->attrs[L2TP_ATTR_COOKIE]) { 571 u16 len = nla_len(info->attrs[L2TP_ATTR_COOKIE]); 572 573 if (len > 8) { 574 ret = -EINVAL; 575 goto out_tunnel; 576 } 577 cfg.cookie_len = len; 578 memcpy(&cfg.cookie[0], nla_data(info->attrs[L2TP_ATTR_COOKIE]), len); 579 } 580 if (info->attrs[L2TP_ATTR_PEER_COOKIE]) { 581 u16 len = nla_len(info->attrs[L2TP_ATTR_PEER_COOKIE]); 582 583 if (len > 8) { 584 ret = -EINVAL; 585 goto out_tunnel; 586 } 587 cfg.peer_cookie_len = len; 588 memcpy(&cfg.peer_cookie[0], nla_data(info->attrs[L2TP_ATTR_PEER_COOKIE]), len); 589 } 590 if (info->attrs[L2TP_ATTR_IFNAME]) 591 cfg.ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]); 592 } 593 594 if (info->attrs[L2TP_ATTR_DEBUG]) 595 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 596 597 if (info->attrs[L2TP_ATTR_RECV_SEQ]) 598 cfg.recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]); 599 600 if (info->attrs[L2TP_ATTR_SEND_SEQ]) 601 cfg.send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]); 602 603 if (info->attrs[L2TP_ATTR_LNS_MODE]) 604 cfg.lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]); 605 606 if (info->attrs[L2TP_ATTR_RECV_TIMEOUT]) 607 cfg.reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]); 608 609 #ifdef CONFIG_MODULES 610 if (l2tp_nl_cmd_ops[cfg.pw_type] == NULL) { 611 genl_unlock(); 612 request_module("net-l2tp-type-%u", cfg.pw_type); 613 genl_lock(); 614 } 615 #endif 616 if ((l2tp_nl_cmd_ops[cfg.pw_type] == NULL) || 617 (l2tp_nl_cmd_ops[cfg.pw_type]->session_create == NULL)) { 618 ret = -EPROTONOSUPPORT; 619 goto out_tunnel; 620 } 621 622 ret = l2tp_nl_cmd_ops[cfg.pw_type]->session_create(net, tunnel, 623 session_id, 624 peer_session_id, 625 &cfg); 626 627 if (ret >= 0) { 628 session = l2tp_tunnel_get_session(tunnel, session_id); 629 if (session) { 630 ret = l2tp_session_notify(&l2tp_nl_family, info, session, 631 L2TP_CMD_SESSION_CREATE); 632 l2tp_session_dec_refcount(session); 633 } 634 } 635 636 out_tunnel: 637 l2tp_tunnel_dec_refcount(tunnel); 638 out: 639 return ret; 640 } 641 642 static int l2tp_nl_cmd_session_delete(struct sk_buff *skb, struct genl_info *info) 643 { 644 int ret = 0; 645 struct l2tp_session *session; 646 u16 pw_type; 647 648 session = l2tp_nl_session_get(info); 649 if (session == NULL) { 650 ret = -ENODEV; 651 goto out; 652 } 653 654 l2tp_session_notify(&l2tp_nl_family, info, 655 session, L2TP_CMD_SESSION_DELETE); 656 657 pw_type = session->pwtype; 658 if (pw_type < __L2TP_PWTYPE_MAX) 659 if (l2tp_nl_cmd_ops[pw_type] && l2tp_nl_cmd_ops[pw_type]->session_delete) 660 ret = (*l2tp_nl_cmd_ops[pw_type]->session_delete)(session); 661 662 l2tp_session_dec_refcount(session); 663 664 out: 665 return ret; 666 } 667 668 static int l2tp_nl_cmd_session_modify(struct sk_buff *skb, struct genl_info *info) 669 { 670 int ret = 0; 671 struct l2tp_session *session; 672 673 session = l2tp_nl_session_get(info); 674 if (session == NULL) { 675 ret = -ENODEV; 676 goto out; 677 } 678 679 if (info->attrs[L2TP_ATTR_DEBUG]) 680 session->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 681 682 if (info->attrs[L2TP_ATTR_RECV_SEQ]) 683 session->recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]); 684 685 if (info->attrs[L2TP_ATTR_SEND_SEQ]) { 686 session->send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]); 687 l2tp_session_set_header_len(session, session->tunnel->version); 688 } 689 690 if (info->attrs[L2TP_ATTR_LNS_MODE]) 691 session->lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]); 692 693 if (info->attrs[L2TP_ATTR_RECV_TIMEOUT]) 694 session->reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]); 695 696 ret = l2tp_session_notify(&l2tp_nl_family, info, 697 session, L2TP_CMD_SESSION_MODIFY); 698 699 l2tp_session_dec_refcount(session); 700 701 out: 702 return ret; 703 } 704 705 static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, int flags, 706 struct l2tp_session *session, u8 cmd) 707 { 708 void *hdr; 709 struct nlattr *nest; 710 struct l2tp_tunnel *tunnel = session->tunnel; 711 712 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd); 713 if (!hdr) 714 return -EMSGSIZE; 715 716 if (nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) || 717 nla_put_u32(skb, L2TP_ATTR_SESSION_ID, session->session_id) || 718 nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) || 719 nla_put_u32(skb, L2TP_ATTR_PEER_SESSION_ID, 720 session->peer_session_id) || 721 nla_put_u32(skb, L2TP_ATTR_DEBUG, session->debug) || 722 nla_put_u16(skb, L2TP_ATTR_PW_TYPE, session->pwtype)) 723 goto nla_put_failure; 724 725 if ((session->ifname[0] && 726 nla_put_string(skb, L2TP_ATTR_IFNAME, session->ifname)) || 727 (session->cookie_len && 728 nla_put(skb, L2TP_ATTR_COOKIE, session->cookie_len, 729 &session->cookie[0])) || 730 (session->peer_cookie_len && 731 nla_put(skb, L2TP_ATTR_PEER_COOKIE, session->peer_cookie_len, 732 &session->peer_cookie[0])) || 733 nla_put_u8(skb, L2TP_ATTR_RECV_SEQ, session->recv_seq) || 734 nla_put_u8(skb, L2TP_ATTR_SEND_SEQ, session->send_seq) || 735 nla_put_u8(skb, L2TP_ATTR_LNS_MODE, session->lns_mode) || 736 (l2tp_tunnel_uses_xfrm(tunnel) && 737 nla_put_u8(skb, L2TP_ATTR_USING_IPSEC, 1)) || 738 (session->reorder_timeout && 739 nla_put_msecs(skb, L2TP_ATTR_RECV_TIMEOUT, 740 session->reorder_timeout, L2TP_ATTR_PAD))) 741 goto nla_put_failure; 742 743 nest = nla_nest_start_noflag(skb, L2TP_ATTR_STATS); 744 if (nest == NULL) 745 goto nla_put_failure; 746 747 if (nla_put_u64_64bit(skb, L2TP_ATTR_TX_PACKETS, 748 atomic_long_read(&session->stats.tx_packets), 749 L2TP_ATTR_STATS_PAD) || 750 nla_put_u64_64bit(skb, L2TP_ATTR_TX_BYTES, 751 atomic_long_read(&session->stats.tx_bytes), 752 L2TP_ATTR_STATS_PAD) || 753 nla_put_u64_64bit(skb, L2TP_ATTR_TX_ERRORS, 754 atomic_long_read(&session->stats.tx_errors), 755 L2TP_ATTR_STATS_PAD) || 756 nla_put_u64_64bit(skb, L2TP_ATTR_RX_PACKETS, 757 atomic_long_read(&session->stats.rx_packets), 758 L2TP_ATTR_STATS_PAD) || 759 nla_put_u64_64bit(skb, L2TP_ATTR_RX_BYTES, 760 atomic_long_read(&session->stats.rx_bytes), 761 L2TP_ATTR_STATS_PAD) || 762 nla_put_u64_64bit(skb, L2TP_ATTR_RX_SEQ_DISCARDS, 763 atomic_long_read(&session->stats.rx_seq_discards), 764 L2TP_ATTR_STATS_PAD) || 765 nla_put_u64_64bit(skb, L2TP_ATTR_RX_OOS_PACKETS, 766 atomic_long_read(&session->stats.rx_oos_packets), 767 L2TP_ATTR_STATS_PAD) || 768 nla_put_u64_64bit(skb, L2TP_ATTR_RX_ERRORS, 769 atomic_long_read(&session->stats.rx_errors), 770 L2TP_ATTR_STATS_PAD)) 771 goto nla_put_failure; 772 nla_nest_end(skb, nest); 773 774 genlmsg_end(skb, hdr); 775 return 0; 776 777 nla_put_failure: 778 genlmsg_cancel(skb, hdr); 779 return -1; 780 } 781 782 static int l2tp_nl_cmd_session_get(struct sk_buff *skb, struct genl_info *info) 783 { 784 struct l2tp_session *session; 785 struct sk_buff *msg; 786 int ret; 787 788 session = l2tp_nl_session_get(info); 789 if (session == NULL) { 790 ret = -ENODEV; 791 goto err; 792 } 793 794 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 795 if (!msg) { 796 ret = -ENOMEM; 797 goto err_ref; 798 } 799 800 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq, 801 0, session, L2TP_CMD_SESSION_GET); 802 if (ret < 0) 803 goto err_ref_msg; 804 805 ret = genlmsg_unicast(genl_info_net(info), msg, info->snd_portid); 806 807 l2tp_session_dec_refcount(session); 808 809 return ret; 810 811 err_ref_msg: 812 nlmsg_free(msg); 813 err_ref: 814 l2tp_session_dec_refcount(session); 815 err: 816 return ret; 817 } 818 819 static int l2tp_nl_cmd_session_dump(struct sk_buff *skb, struct netlink_callback *cb) 820 { 821 struct net *net = sock_net(skb->sk); 822 struct l2tp_session *session; 823 struct l2tp_tunnel *tunnel = NULL; 824 int ti = cb->args[0]; 825 int si = cb->args[1]; 826 827 for (;;) { 828 if (tunnel == NULL) { 829 tunnel = l2tp_tunnel_get_nth(net, ti); 830 if (tunnel == NULL) 831 goto out; 832 } 833 834 session = l2tp_session_get_nth(tunnel, si); 835 if (session == NULL) { 836 ti++; 837 l2tp_tunnel_dec_refcount(tunnel); 838 tunnel = NULL; 839 si = 0; 840 continue; 841 } 842 843 if (l2tp_nl_session_send(skb, NETLINK_CB(cb->skb).portid, 844 cb->nlh->nlmsg_seq, NLM_F_MULTI, 845 session, L2TP_CMD_SESSION_GET) < 0) { 846 l2tp_session_dec_refcount(session); 847 l2tp_tunnel_dec_refcount(tunnel); 848 break; 849 } 850 l2tp_session_dec_refcount(session); 851 852 si++; 853 } 854 855 out: 856 cb->args[0] = ti; 857 cb->args[1] = si; 858 859 return skb->len; 860 } 861 862 static const struct nla_policy l2tp_nl_policy[L2TP_ATTR_MAX + 1] = { 863 [L2TP_ATTR_NONE] = { .type = NLA_UNSPEC, }, 864 [L2TP_ATTR_PW_TYPE] = { .type = NLA_U16, }, 865 [L2TP_ATTR_ENCAP_TYPE] = { .type = NLA_U16, }, 866 [L2TP_ATTR_OFFSET] = { .type = NLA_U16, }, 867 [L2TP_ATTR_DATA_SEQ] = { .type = NLA_U8, }, 868 [L2TP_ATTR_L2SPEC_TYPE] = { .type = NLA_U8, }, 869 [L2TP_ATTR_L2SPEC_LEN] = { .type = NLA_U8, }, 870 [L2TP_ATTR_PROTO_VERSION] = { .type = NLA_U8, }, 871 [L2TP_ATTR_CONN_ID] = { .type = NLA_U32, }, 872 [L2TP_ATTR_PEER_CONN_ID] = { .type = NLA_U32, }, 873 [L2TP_ATTR_SESSION_ID] = { .type = NLA_U32, }, 874 [L2TP_ATTR_PEER_SESSION_ID] = { .type = NLA_U32, }, 875 [L2TP_ATTR_UDP_CSUM] = { .type = NLA_U8, }, 876 [L2TP_ATTR_VLAN_ID] = { .type = NLA_U16, }, 877 [L2TP_ATTR_DEBUG] = { .type = NLA_U32, }, 878 [L2TP_ATTR_RECV_SEQ] = { .type = NLA_U8, }, 879 [L2TP_ATTR_SEND_SEQ] = { .type = NLA_U8, }, 880 [L2TP_ATTR_LNS_MODE] = { .type = NLA_U8, }, 881 [L2TP_ATTR_USING_IPSEC] = { .type = NLA_U8, }, 882 [L2TP_ATTR_RECV_TIMEOUT] = { .type = NLA_MSECS, }, 883 [L2TP_ATTR_FD] = { .type = NLA_U32, }, 884 [L2TP_ATTR_IP_SADDR] = { .type = NLA_U32, }, 885 [L2TP_ATTR_IP_DADDR] = { .type = NLA_U32, }, 886 [L2TP_ATTR_UDP_SPORT] = { .type = NLA_U16, }, 887 [L2TP_ATTR_UDP_DPORT] = { .type = NLA_U16, }, 888 [L2TP_ATTR_MTU] = { .type = NLA_U16, }, 889 [L2TP_ATTR_MRU] = { .type = NLA_U16, }, 890 [L2TP_ATTR_STATS] = { .type = NLA_NESTED, }, 891 [L2TP_ATTR_IP6_SADDR] = { 892 .type = NLA_BINARY, 893 .len = sizeof(struct in6_addr), 894 }, 895 [L2TP_ATTR_IP6_DADDR] = { 896 .type = NLA_BINARY, 897 .len = sizeof(struct in6_addr), 898 }, 899 [L2TP_ATTR_IFNAME] = { 900 .type = NLA_NUL_STRING, 901 .len = IFNAMSIZ - 1, 902 }, 903 [L2TP_ATTR_COOKIE] = { 904 .type = NLA_BINARY, 905 .len = 8, 906 }, 907 [L2TP_ATTR_PEER_COOKIE] = { 908 .type = NLA_BINARY, 909 .len = 8, 910 }, 911 }; 912 913 static const struct genl_ops l2tp_nl_ops[] = { 914 { 915 .cmd = L2TP_CMD_NOOP, 916 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, 917 .doit = l2tp_nl_cmd_noop, 918 /* can be retrieved by unprivileged users */ 919 }, 920 { 921 .cmd = L2TP_CMD_TUNNEL_CREATE, 922 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, 923 .doit = l2tp_nl_cmd_tunnel_create, 924 .flags = GENL_UNS_ADMIN_PERM, 925 }, 926 { 927 .cmd = L2TP_CMD_TUNNEL_DELETE, 928 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, 929 .doit = l2tp_nl_cmd_tunnel_delete, 930 .flags = GENL_UNS_ADMIN_PERM, 931 }, 932 { 933 .cmd = L2TP_CMD_TUNNEL_MODIFY, 934 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, 935 .doit = l2tp_nl_cmd_tunnel_modify, 936 .flags = GENL_UNS_ADMIN_PERM, 937 }, 938 { 939 .cmd = L2TP_CMD_TUNNEL_GET, 940 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, 941 .doit = l2tp_nl_cmd_tunnel_get, 942 .dumpit = l2tp_nl_cmd_tunnel_dump, 943 .flags = GENL_UNS_ADMIN_PERM, 944 }, 945 { 946 .cmd = L2TP_CMD_SESSION_CREATE, 947 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, 948 .doit = l2tp_nl_cmd_session_create, 949 .flags = GENL_UNS_ADMIN_PERM, 950 }, 951 { 952 .cmd = L2TP_CMD_SESSION_DELETE, 953 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, 954 .doit = l2tp_nl_cmd_session_delete, 955 .flags = GENL_UNS_ADMIN_PERM, 956 }, 957 { 958 .cmd = L2TP_CMD_SESSION_MODIFY, 959 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, 960 .doit = l2tp_nl_cmd_session_modify, 961 .flags = GENL_UNS_ADMIN_PERM, 962 }, 963 { 964 .cmd = L2TP_CMD_SESSION_GET, 965 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, 966 .doit = l2tp_nl_cmd_session_get, 967 .dumpit = l2tp_nl_cmd_session_dump, 968 .flags = GENL_UNS_ADMIN_PERM, 969 }, 970 }; 971 972 static struct genl_family l2tp_nl_family __ro_after_init = { 973 .name = L2TP_GENL_NAME, 974 .version = L2TP_GENL_VERSION, 975 .hdrsize = 0, 976 .maxattr = L2TP_ATTR_MAX, 977 .policy = l2tp_nl_policy, 978 .netnsok = true, 979 .module = THIS_MODULE, 980 .ops = l2tp_nl_ops, 981 .n_ops = ARRAY_SIZE(l2tp_nl_ops), 982 .mcgrps = l2tp_multicast_group, 983 .n_mcgrps = ARRAY_SIZE(l2tp_multicast_group), 984 }; 985 986 int l2tp_nl_register_ops(enum l2tp_pwtype pw_type, const struct l2tp_nl_cmd_ops *ops) 987 { 988 int ret; 989 990 ret = -EINVAL; 991 if (pw_type >= __L2TP_PWTYPE_MAX) 992 goto err; 993 994 genl_lock(); 995 ret = -EBUSY; 996 if (l2tp_nl_cmd_ops[pw_type]) 997 goto out; 998 999 l2tp_nl_cmd_ops[pw_type] = ops; 1000 ret = 0; 1001 1002 out: 1003 genl_unlock(); 1004 err: 1005 return ret; 1006 } 1007 EXPORT_SYMBOL_GPL(l2tp_nl_register_ops); 1008 1009 void l2tp_nl_unregister_ops(enum l2tp_pwtype pw_type) 1010 { 1011 if (pw_type < __L2TP_PWTYPE_MAX) { 1012 genl_lock(); 1013 l2tp_nl_cmd_ops[pw_type] = NULL; 1014 genl_unlock(); 1015 } 1016 } 1017 EXPORT_SYMBOL_GPL(l2tp_nl_unregister_ops); 1018 1019 static int __init l2tp_nl_init(void) 1020 { 1021 pr_info("L2TP netlink interface\n"); 1022 return genl_register_family(&l2tp_nl_family); 1023 } 1024 1025 static void l2tp_nl_cleanup(void) 1026 { 1027 genl_unregister_family(&l2tp_nl_family); 1028 } 1029 1030 module_init(l2tp_nl_init); 1031 module_exit(l2tp_nl_cleanup); 1032 1033 MODULE_AUTHOR("James Chapman <jchapman@katalix.com>"); 1034 MODULE_DESCRIPTION("L2TP netlink"); 1035 MODULE_LICENSE("GPL"); 1036 MODULE_VERSION("1.0"); 1037 MODULE_ALIAS_GENL_FAMILY("l2tp"); 1038