xref: /openbmc/linux/lib/nlattr.c (revision 13dd8710)
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * NETLINK      Netlink attributes
4  *
5  * 		Authors:	Thomas Graf <tgraf@suug.ch>
6  * 				Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
7  */
8 
9 #include <linux/export.h>
10 #include <linux/kernel.h>
11 #include <linux/errno.h>
12 #include <linux/jiffies.h>
13 #include <linux/skbuff.h>
14 #include <linux/string.h>
15 #include <linux/types.h>
16 #include <net/netlink.h>
17 
18 /* For these data types, attribute length should be exactly the given
19  * size. However, to maintain compatibility with broken commands, if the
20  * attribute length does not match the expected size a warning is emitted
21  * to the user that the command is sending invalid data and needs to be fixed.
22  */
23 static const u8 nla_attr_len[NLA_TYPE_MAX+1] = {
24 	[NLA_U8]	= sizeof(u8),
25 	[NLA_U16]	= sizeof(u16),
26 	[NLA_U32]	= sizeof(u32),
27 	[NLA_U64]	= sizeof(u64),
28 	[NLA_S8]	= sizeof(s8),
29 	[NLA_S16]	= sizeof(s16),
30 	[NLA_S32]	= sizeof(s32),
31 	[NLA_S64]	= sizeof(s64),
32 };
33 
34 static const u8 nla_attr_minlen[NLA_TYPE_MAX+1] = {
35 	[NLA_U8]	= sizeof(u8),
36 	[NLA_U16]	= sizeof(u16),
37 	[NLA_U32]	= sizeof(u32),
38 	[NLA_U64]	= sizeof(u64),
39 	[NLA_MSECS]	= sizeof(u64),
40 	[NLA_NESTED]	= NLA_HDRLEN,
41 	[NLA_S8]	= sizeof(s8),
42 	[NLA_S16]	= sizeof(s16),
43 	[NLA_S32]	= sizeof(s32),
44 	[NLA_S64]	= sizeof(s64),
45 };
46 
47 /*
48  * Nested policies might refer back to the original
49  * policy in some cases, and userspace could try to
50  * abuse that and recurse by nesting in the right
51  * ways. Limit recursion to avoid this problem.
52  */
53 #define MAX_POLICY_RECURSION_DEPTH	10
54 
55 static int __nla_validate_parse(const struct nlattr *head, int len, int maxtype,
56 				const struct nla_policy *policy,
57 				unsigned int validate,
58 				struct netlink_ext_ack *extack,
59 				struct nlattr **tb, unsigned int depth);
60 
61 static int validate_nla_bitfield32(const struct nlattr *nla,
62 				   const u32 valid_flags_mask)
63 {
64 	const struct nla_bitfield32 *bf = nla_data(nla);
65 
66 	if (!valid_flags_mask)
67 		return -EINVAL;
68 
69 	/*disallow invalid bit selector */
70 	if (bf->selector & ~valid_flags_mask)
71 		return -EINVAL;
72 
73 	/*disallow invalid bit values */
74 	if (bf->value & ~valid_flags_mask)
75 		return -EINVAL;
76 
77 	/*disallow valid bit values that are not selected*/
78 	if (bf->value & ~bf->selector)
79 		return -EINVAL;
80 
81 	return 0;
82 }
83 
84 static int nla_validate_array(const struct nlattr *head, int len, int maxtype,
85 			      const struct nla_policy *policy,
86 			      struct netlink_ext_ack *extack,
87 			      unsigned int validate, unsigned int depth)
88 {
89 	const struct nlattr *entry;
90 	int rem;
91 
92 	nla_for_each_attr(entry, head, len, rem) {
93 		int ret;
94 
95 		if (nla_len(entry) == 0)
96 			continue;
97 
98 		if (nla_len(entry) < NLA_HDRLEN) {
99 			NL_SET_ERR_MSG_ATTR_POL(extack, entry, policy,
100 						"Array element too short");
101 			return -ERANGE;
102 		}
103 
104 		ret = __nla_validate_parse(nla_data(entry), nla_len(entry),
105 					   maxtype, policy, validate, extack,
106 					   NULL, depth + 1);
107 		if (ret < 0)
108 			return ret;
109 	}
110 
111 	return 0;
112 }
113 
114 void nla_get_range_unsigned(const struct nla_policy *pt,
115 			    struct netlink_range_validation *range)
116 {
117 	WARN_ON_ONCE(pt->validation_type != NLA_VALIDATE_RANGE_PTR &&
118 		     (pt->min < 0 || pt->max < 0));
119 
120 	range->min = 0;
121 
122 	switch (pt->type) {
123 	case NLA_U8:
124 		range->max = U8_MAX;
125 		break;
126 	case NLA_U16:
127 	case NLA_BINARY:
128 		range->max = U16_MAX;
129 		break;
130 	case NLA_U32:
131 		range->max = U32_MAX;
132 		break;
133 	case NLA_U64:
134 	case NLA_MSECS:
135 		range->max = U64_MAX;
136 		break;
137 	default:
138 		WARN_ON_ONCE(1);
139 		return;
140 	}
141 
142 	switch (pt->validation_type) {
143 	case NLA_VALIDATE_RANGE:
144 	case NLA_VALIDATE_RANGE_WARN_TOO_LONG:
145 		range->min = pt->min;
146 		range->max = pt->max;
147 		break;
148 	case NLA_VALIDATE_RANGE_PTR:
149 		*range = *pt->range;
150 		break;
151 	case NLA_VALIDATE_MIN:
152 		range->min = pt->min;
153 		break;
154 	case NLA_VALIDATE_MAX:
155 		range->max = pt->max;
156 		break;
157 	default:
158 		break;
159 	}
160 }
161 
162 static int nla_validate_range_unsigned(const struct nla_policy *pt,
163 				       const struct nlattr *nla,
164 				       struct netlink_ext_ack *extack,
165 				       unsigned int validate)
166 {
167 	struct netlink_range_validation range;
168 	u64 value;
169 
170 	switch (pt->type) {
171 	case NLA_U8:
172 		value = nla_get_u8(nla);
173 		break;
174 	case NLA_U16:
175 		value = nla_get_u16(nla);
176 		break;
177 	case NLA_U32:
178 		value = nla_get_u32(nla);
179 		break;
180 	case NLA_U64:
181 	case NLA_MSECS:
182 		value = nla_get_u64(nla);
183 		break;
184 	case NLA_BINARY:
185 		value = nla_len(nla);
186 		break;
187 	default:
188 		return -EINVAL;
189 	}
190 
191 	nla_get_range_unsigned(pt, &range);
192 
193 	if (pt->validation_type == NLA_VALIDATE_RANGE_WARN_TOO_LONG &&
194 	    pt->type == NLA_BINARY && value > range.max) {
195 		pr_warn_ratelimited("netlink: '%s': attribute type %d has an invalid length.\n",
196 				    current->comm, pt->type);
197 		if (validate & NL_VALIDATE_STRICT_ATTRS) {
198 			NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
199 						"invalid attribute length");
200 			return -EINVAL;
201 		}
202 
203 		/* this assumes min <= max (don't validate against min) */
204 		return 0;
205 	}
206 
207 	if (value < range.min || value > range.max) {
208 		bool binary = pt->type == NLA_BINARY;
209 
210 		if (binary)
211 			NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
212 						"binary attribute size out of range");
213 		else
214 			NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
215 						"integer out of range");
216 
217 		return -ERANGE;
218 	}
219 
220 	return 0;
221 }
222 
223 void nla_get_range_signed(const struct nla_policy *pt,
224 			  struct netlink_range_validation_signed *range)
225 {
226 	switch (pt->type) {
227 	case NLA_S8:
228 		range->min = S8_MIN;
229 		range->max = S8_MAX;
230 		break;
231 	case NLA_S16:
232 		range->min = S16_MIN;
233 		range->max = S16_MAX;
234 		break;
235 	case NLA_S32:
236 		range->min = S32_MIN;
237 		range->max = S32_MAX;
238 		break;
239 	case NLA_S64:
240 		range->min = S64_MIN;
241 		range->max = S64_MAX;
242 		break;
243 	default:
244 		WARN_ON_ONCE(1);
245 		return;
246 	}
247 
248 	switch (pt->validation_type) {
249 	case NLA_VALIDATE_RANGE:
250 		range->min = pt->min;
251 		range->max = pt->max;
252 		break;
253 	case NLA_VALIDATE_RANGE_PTR:
254 		*range = *pt->range_signed;
255 		break;
256 	case NLA_VALIDATE_MIN:
257 		range->min = pt->min;
258 		break;
259 	case NLA_VALIDATE_MAX:
260 		range->max = pt->max;
261 		break;
262 	default:
263 		break;
264 	}
265 }
266 
267 static int nla_validate_int_range_signed(const struct nla_policy *pt,
268 					 const struct nlattr *nla,
269 					 struct netlink_ext_ack *extack)
270 {
271 	struct netlink_range_validation_signed range;
272 	s64 value;
273 
274 	switch (pt->type) {
275 	case NLA_S8:
276 		value = nla_get_s8(nla);
277 		break;
278 	case NLA_S16:
279 		value = nla_get_s16(nla);
280 		break;
281 	case NLA_S32:
282 		value = nla_get_s32(nla);
283 		break;
284 	case NLA_S64:
285 		value = nla_get_s64(nla);
286 		break;
287 	default:
288 		return -EINVAL;
289 	}
290 
291 	nla_get_range_signed(pt, &range);
292 
293 	if (value < range.min || value > range.max) {
294 		NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
295 					"integer out of range");
296 		return -ERANGE;
297 	}
298 
299 	return 0;
300 }
301 
302 static int nla_validate_int_range(const struct nla_policy *pt,
303 				  const struct nlattr *nla,
304 				  struct netlink_ext_ack *extack,
305 				  unsigned int validate)
306 {
307 	switch (pt->type) {
308 	case NLA_U8:
309 	case NLA_U16:
310 	case NLA_U32:
311 	case NLA_U64:
312 	case NLA_MSECS:
313 	case NLA_BINARY:
314 		return nla_validate_range_unsigned(pt, nla, extack, validate);
315 	case NLA_S8:
316 	case NLA_S16:
317 	case NLA_S32:
318 	case NLA_S64:
319 		return nla_validate_int_range_signed(pt, nla, extack);
320 	default:
321 		WARN_ON(1);
322 		return -EINVAL;
323 	}
324 }
325 
326 static int nla_validate_mask(const struct nla_policy *pt,
327 			     const struct nlattr *nla,
328 			     struct netlink_ext_ack *extack)
329 {
330 	u64 value;
331 
332 	switch (pt->type) {
333 	case NLA_U8:
334 		value = nla_get_u8(nla);
335 		break;
336 	case NLA_U16:
337 		value = nla_get_u16(nla);
338 		break;
339 	case NLA_U32:
340 		value = nla_get_u32(nla);
341 		break;
342 	case NLA_U64:
343 		value = nla_get_u64(nla);
344 		break;
345 	default:
346 		return -EINVAL;
347 	}
348 
349 	if (value & ~(u64)pt->mask) {
350 		NL_SET_ERR_MSG_ATTR(extack, nla, "reserved bit set");
351 		return -EINVAL;
352 	}
353 
354 	return 0;
355 }
356 
357 static int validate_nla(const struct nlattr *nla, int maxtype,
358 			const struct nla_policy *policy, unsigned int validate,
359 			struct netlink_ext_ack *extack, unsigned int depth)
360 {
361 	u16 strict_start_type = policy[0].strict_start_type;
362 	const struct nla_policy *pt;
363 	int minlen = 0, attrlen = nla_len(nla), type = nla_type(nla);
364 	int err = -ERANGE;
365 
366 	if (strict_start_type && type >= strict_start_type)
367 		validate |= NL_VALIDATE_STRICT;
368 
369 	if (type <= 0 || type > maxtype)
370 		return 0;
371 
372 	pt = &policy[type];
373 
374 	BUG_ON(pt->type > NLA_TYPE_MAX);
375 
376 	if (nla_attr_len[pt->type] && attrlen != nla_attr_len[pt->type]) {
377 		pr_warn_ratelimited("netlink: '%s': attribute type %d has an invalid length.\n",
378 				    current->comm, type);
379 		if (validate & NL_VALIDATE_STRICT_ATTRS) {
380 			NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
381 						"invalid attribute length");
382 			return -EINVAL;
383 		}
384 	}
385 
386 	if (validate & NL_VALIDATE_NESTED) {
387 		if ((pt->type == NLA_NESTED || pt->type == NLA_NESTED_ARRAY) &&
388 		    !(nla->nla_type & NLA_F_NESTED)) {
389 			NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
390 						"NLA_F_NESTED is missing");
391 			return -EINVAL;
392 		}
393 		if (pt->type != NLA_NESTED && pt->type != NLA_NESTED_ARRAY &&
394 		    pt->type != NLA_UNSPEC && (nla->nla_type & NLA_F_NESTED)) {
395 			NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
396 						"NLA_F_NESTED not expected");
397 			return -EINVAL;
398 		}
399 	}
400 
401 	switch (pt->type) {
402 	case NLA_REJECT:
403 		if (extack && pt->reject_message) {
404 			NL_SET_BAD_ATTR(extack, nla);
405 			extack->_msg = pt->reject_message;
406 			return -EINVAL;
407 		}
408 		err = -EINVAL;
409 		goto out_err;
410 
411 	case NLA_FLAG:
412 		if (attrlen > 0)
413 			goto out_err;
414 		break;
415 
416 	case NLA_BITFIELD32:
417 		if (attrlen != sizeof(struct nla_bitfield32))
418 			goto out_err;
419 
420 		err = validate_nla_bitfield32(nla, pt->bitfield32_valid);
421 		if (err)
422 			goto out_err;
423 		break;
424 
425 	case NLA_NUL_STRING:
426 		if (pt->len)
427 			minlen = min_t(int, attrlen, pt->len + 1);
428 		else
429 			minlen = attrlen;
430 
431 		if (!minlen || memchr(nla_data(nla), '\0', minlen) == NULL) {
432 			err = -EINVAL;
433 			goto out_err;
434 		}
435 		/* fall through */
436 
437 	case NLA_STRING:
438 		if (attrlen < 1)
439 			goto out_err;
440 
441 		if (pt->len) {
442 			char *buf = nla_data(nla);
443 
444 			if (buf[attrlen - 1] == '\0')
445 				attrlen--;
446 
447 			if (attrlen > pt->len)
448 				goto out_err;
449 		}
450 		break;
451 
452 	case NLA_BINARY:
453 		if (pt->len && attrlen > pt->len)
454 			goto out_err;
455 		break;
456 
457 	case NLA_NESTED:
458 		/* a nested attributes is allowed to be empty; if its not,
459 		 * it must have a size of at least NLA_HDRLEN.
460 		 */
461 		if (attrlen == 0)
462 			break;
463 		if (attrlen < NLA_HDRLEN)
464 			goto out_err;
465 		if (pt->nested_policy) {
466 			err = __nla_validate_parse(nla_data(nla), nla_len(nla),
467 						   pt->len, pt->nested_policy,
468 						   validate, extack, NULL,
469 						   depth + 1);
470 			if (err < 0) {
471 				/*
472 				 * return directly to preserve the inner
473 				 * error message/attribute pointer
474 				 */
475 				return err;
476 			}
477 		}
478 		break;
479 	case NLA_NESTED_ARRAY:
480 		/* a nested array attribute is allowed to be empty; if its not,
481 		 * it must have a size of at least NLA_HDRLEN.
482 		 */
483 		if (attrlen == 0)
484 			break;
485 		if (attrlen < NLA_HDRLEN)
486 			goto out_err;
487 		if (pt->nested_policy) {
488 			int err;
489 
490 			err = nla_validate_array(nla_data(nla), nla_len(nla),
491 						 pt->len, pt->nested_policy,
492 						 extack, validate, depth);
493 			if (err < 0) {
494 				/*
495 				 * return directly to preserve the inner
496 				 * error message/attribute pointer
497 				 */
498 				return err;
499 			}
500 		}
501 		break;
502 
503 	case NLA_UNSPEC:
504 		if (validate & NL_VALIDATE_UNSPEC) {
505 			NL_SET_ERR_MSG_ATTR(extack, nla,
506 					    "Unsupported attribute");
507 			return -EINVAL;
508 		}
509 		if (attrlen < pt->len)
510 			goto out_err;
511 		break;
512 
513 	default:
514 		if (pt->len)
515 			minlen = pt->len;
516 		else
517 			minlen = nla_attr_minlen[pt->type];
518 
519 		if (attrlen < minlen)
520 			goto out_err;
521 	}
522 
523 	/* further validation */
524 	switch (pt->validation_type) {
525 	case NLA_VALIDATE_NONE:
526 		/* nothing to do */
527 		break;
528 	case NLA_VALIDATE_RANGE_PTR:
529 	case NLA_VALIDATE_RANGE:
530 	case NLA_VALIDATE_RANGE_WARN_TOO_LONG:
531 	case NLA_VALIDATE_MIN:
532 	case NLA_VALIDATE_MAX:
533 		err = nla_validate_int_range(pt, nla, extack, validate);
534 		if (err)
535 			return err;
536 		break;
537 	case NLA_VALIDATE_MASK:
538 		err = nla_validate_mask(pt, nla, extack);
539 		if (err)
540 			return err;
541 		break;
542 	case NLA_VALIDATE_FUNCTION:
543 		if (pt->validate) {
544 			err = pt->validate(nla, extack);
545 			if (err)
546 				return err;
547 		}
548 		break;
549 	}
550 
551 	return 0;
552 out_err:
553 	NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
554 				"Attribute failed policy validation");
555 	return err;
556 }
557 
558 static int __nla_validate_parse(const struct nlattr *head, int len, int maxtype,
559 				const struct nla_policy *policy,
560 				unsigned int validate,
561 				struct netlink_ext_ack *extack,
562 				struct nlattr **tb, unsigned int depth)
563 {
564 	const struct nlattr *nla;
565 	int rem;
566 
567 	if (depth >= MAX_POLICY_RECURSION_DEPTH) {
568 		NL_SET_ERR_MSG(extack,
569 			       "allowed policy recursion depth exceeded");
570 		return -EINVAL;
571 	}
572 
573 	if (tb)
574 		memset(tb, 0, sizeof(struct nlattr *) * (maxtype + 1));
575 
576 	nla_for_each_attr(nla, head, len, rem) {
577 		u16 type = nla_type(nla);
578 
579 		if (type == 0 || type > maxtype) {
580 			if (validate & NL_VALIDATE_MAXTYPE) {
581 				NL_SET_ERR_MSG_ATTR(extack, nla,
582 						    "Unknown attribute type");
583 				return -EINVAL;
584 			}
585 			continue;
586 		}
587 		if (policy) {
588 			int err = validate_nla(nla, maxtype, policy,
589 					       validate, extack, depth);
590 
591 			if (err < 0)
592 				return err;
593 		}
594 
595 		if (tb)
596 			tb[type] = (struct nlattr *)nla;
597 	}
598 
599 	if (unlikely(rem > 0)) {
600 		pr_warn_ratelimited("netlink: %d bytes leftover after parsing attributes in process `%s'.\n",
601 				    rem, current->comm);
602 		NL_SET_ERR_MSG(extack, "bytes leftover after parsing attributes");
603 		if (validate & NL_VALIDATE_TRAILING)
604 			return -EINVAL;
605 	}
606 
607 	return 0;
608 }
609 
610 /**
611  * __nla_validate - Validate a stream of attributes
612  * @head: head of attribute stream
613  * @len: length of attribute stream
614  * @maxtype: maximum attribute type to be expected
615  * @policy: validation policy
616  * @validate: validation strictness
617  * @extack: extended ACK report struct
618  *
619  * Validates all attributes in the specified attribute stream against the
620  * specified policy. Validation depends on the validate flags passed, see
621  * &enum netlink_validation for more details on that.
622  * See documenation of struct nla_policy for more details.
623  *
624  * Returns 0 on success or a negative error code.
625  */
626 int __nla_validate(const struct nlattr *head, int len, int maxtype,
627 		   const struct nla_policy *policy, unsigned int validate,
628 		   struct netlink_ext_ack *extack)
629 {
630 	return __nla_validate_parse(head, len, maxtype, policy, validate,
631 				    extack, NULL, 0);
632 }
633 EXPORT_SYMBOL(__nla_validate);
634 
635 /**
636  * nla_policy_len - Determin the max. length of a policy
637  * @policy: policy to use
638  * @n: number of policies
639  *
640  * Determines the max. length of the policy.  It is currently used
641  * to allocated Netlink buffers roughly the size of the actual
642  * message.
643  *
644  * Returns 0 on success or a negative error code.
645  */
646 int
647 nla_policy_len(const struct nla_policy *p, int n)
648 {
649 	int i, len = 0;
650 
651 	for (i = 0; i < n; i++, p++) {
652 		if (p->len)
653 			len += nla_total_size(p->len);
654 		else if (nla_attr_len[p->type])
655 			len += nla_total_size(nla_attr_len[p->type]);
656 		else if (nla_attr_minlen[p->type])
657 			len += nla_total_size(nla_attr_minlen[p->type]);
658 	}
659 
660 	return len;
661 }
662 EXPORT_SYMBOL(nla_policy_len);
663 
664 /**
665  * __nla_parse - Parse a stream of attributes into a tb buffer
666  * @tb: destination array with maxtype+1 elements
667  * @maxtype: maximum attribute type to be expected
668  * @head: head of attribute stream
669  * @len: length of attribute stream
670  * @policy: validation policy
671  * @validate: validation strictness
672  * @extack: extended ACK pointer
673  *
674  * Parses a stream of attributes and stores a pointer to each attribute in
675  * the tb array accessible via the attribute type.
676  * Validation is controlled by the @validate parameter.
677  *
678  * Returns 0 on success or a negative error code.
679  */
680 int __nla_parse(struct nlattr **tb, int maxtype,
681 		const struct nlattr *head, int len,
682 		const struct nla_policy *policy, unsigned int validate,
683 		struct netlink_ext_ack *extack)
684 {
685 	return __nla_validate_parse(head, len, maxtype, policy, validate,
686 				    extack, tb, 0);
687 }
688 EXPORT_SYMBOL(__nla_parse);
689 
690 /**
691  * nla_find - Find a specific attribute in a stream of attributes
692  * @head: head of attribute stream
693  * @len: length of attribute stream
694  * @attrtype: type of attribute to look for
695  *
696  * Returns the first attribute in the stream matching the specified type.
697  */
698 struct nlattr *nla_find(const struct nlattr *head, int len, int attrtype)
699 {
700 	const struct nlattr *nla;
701 	int rem;
702 
703 	nla_for_each_attr(nla, head, len, rem)
704 		if (nla_type(nla) == attrtype)
705 			return (struct nlattr *)nla;
706 
707 	return NULL;
708 }
709 EXPORT_SYMBOL(nla_find);
710 
711 /**
712  * nla_strlcpy - Copy string attribute payload into a sized buffer
713  * @dst: where to copy the string to
714  * @nla: attribute to copy the string from
715  * @dstsize: size of destination buffer
716  *
717  * Copies at most dstsize - 1 bytes into the destination buffer.
718  * The result is always a valid NUL-terminated string. Unlike
719  * strlcpy the destination buffer is always padded out.
720  *
721  * Returns the length of the source buffer.
722  */
723 size_t nla_strlcpy(char *dst, const struct nlattr *nla, size_t dstsize)
724 {
725 	size_t srclen = nla_len(nla);
726 	char *src = nla_data(nla);
727 
728 	if (srclen > 0 && src[srclen - 1] == '\0')
729 		srclen--;
730 
731 	if (dstsize > 0) {
732 		size_t len = (srclen >= dstsize) ? dstsize - 1 : srclen;
733 
734 		memset(dst, 0, dstsize);
735 		memcpy(dst, src, len);
736 	}
737 
738 	return srclen;
739 }
740 EXPORT_SYMBOL(nla_strlcpy);
741 
742 /**
743  * nla_strdup - Copy string attribute payload into a newly allocated buffer
744  * @nla: attribute to copy the string from
745  * @flags: the type of memory to allocate (see kmalloc).
746  *
747  * Returns a pointer to the allocated buffer or NULL on error.
748  */
749 char *nla_strdup(const struct nlattr *nla, gfp_t flags)
750 {
751 	size_t srclen = nla_len(nla);
752 	char *src = nla_data(nla), *dst;
753 
754 	if (srclen > 0 && src[srclen - 1] == '\0')
755 		srclen--;
756 
757 	dst = kmalloc(srclen + 1, flags);
758 	if (dst != NULL) {
759 		memcpy(dst, src, srclen);
760 		dst[srclen] = '\0';
761 	}
762 	return dst;
763 }
764 EXPORT_SYMBOL(nla_strdup);
765 
766 /**
767  * nla_memcpy - Copy a netlink attribute into another memory area
768  * @dest: where to copy to memcpy
769  * @src: netlink attribute to copy from
770  * @count: size of the destination area
771  *
772  * Note: The number of bytes copied is limited by the length of
773  *       attribute's payload. memcpy
774  *
775  * Returns the number of bytes copied.
776  */
777 int nla_memcpy(void *dest, const struct nlattr *src, int count)
778 {
779 	int minlen = min_t(int, count, nla_len(src));
780 
781 	memcpy(dest, nla_data(src), minlen);
782 	if (count > minlen)
783 		memset(dest + minlen, 0, count - minlen);
784 
785 	return minlen;
786 }
787 EXPORT_SYMBOL(nla_memcpy);
788 
789 /**
790  * nla_memcmp - Compare an attribute with sized memory area
791  * @nla: netlink attribute
792  * @data: memory area
793  * @size: size of memory area
794  */
795 int nla_memcmp(const struct nlattr *nla, const void *data,
796 			     size_t size)
797 {
798 	int d = nla_len(nla) - size;
799 
800 	if (d == 0)
801 		d = memcmp(nla_data(nla), data, size);
802 
803 	return d;
804 }
805 EXPORT_SYMBOL(nla_memcmp);
806 
807 /**
808  * nla_strcmp - Compare a string attribute against a string
809  * @nla: netlink string attribute
810  * @str: another string
811  */
812 int nla_strcmp(const struct nlattr *nla, const char *str)
813 {
814 	int len = strlen(str);
815 	char *buf = nla_data(nla);
816 	int attrlen = nla_len(nla);
817 	int d;
818 
819 	if (attrlen > 0 && buf[attrlen - 1] == '\0')
820 		attrlen--;
821 
822 	d = attrlen - len;
823 	if (d == 0)
824 		d = memcmp(nla_data(nla), str, len);
825 
826 	return d;
827 }
828 EXPORT_SYMBOL(nla_strcmp);
829 
830 #ifdef CONFIG_NET
831 /**
832  * __nla_reserve - reserve room for attribute on the skb
833  * @skb: socket buffer to reserve room on
834  * @attrtype: attribute type
835  * @attrlen: length of attribute payload
836  *
837  * Adds a netlink attribute header to a socket buffer and reserves
838  * room for the payload but does not copy it.
839  *
840  * The caller is responsible to ensure that the skb provides enough
841  * tailroom for the attribute header and payload.
842  */
843 struct nlattr *__nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
844 {
845 	struct nlattr *nla;
846 
847 	nla = skb_put(skb, nla_total_size(attrlen));
848 	nla->nla_type = attrtype;
849 	nla->nla_len = nla_attr_size(attrlen);
850 
851 	memset((unsigned char *) nla + nla->nla_len, 0, nla_padlen(attrlen));
852 
853 	return nla;
854 }
855 EXPORT_SYMBOL(__nla_reserve);
856 
857 /**
858  * __nla_reserve_64bit - reserve room for attribute on the skb and align it
859  * @skb: socket buffer to reserve room on
860  * @attrtype: attribute type
861  * @attrlen: length of attribute payload
862  * @padattr: attribute type for the padding
863  *
864  * Adds a netlink attribute header to a socket buffer and reserves
865  * room for the payload but does not copy it. It also ensure that this
866  * attribute will have a 64-bit aligned nla_data() area.
867  *
868  * The caller is responsible to ensure that the skb provides enough
869  * tailroom for the attribute header and payload.
870  */
871 struct nlattr *__nla_reserve_64bit(struct sk_buff *skb, int attrtype,
872 				   int attrlen, int padattr)
873 {
874 	nla_align_64bit(skb, padattr);
875 
876 	return __nla_reserve(skb, attrtype, attrlen);
877 }
878 EXPORT_SYMBOL(__nla_reserve_64bit);
879 
880 /**
881  * __nla_reserve_nohdr - reserve room for attribute without header
882  * @skb: socket buffer to reserve room on
883  * @attrlen: length of attribute payload
884  *
885  * Reserves room for attribute payload without a header.
886  *
887  * The caller is responsible to ensure that the skb provides enough
888  * tailroom for the payload.
889  */
890 void *__nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
891 {
892 	return skb_put_zero(skb, NLA_ALIGN(attrlen));
893 }
894 EXPORT_SYMBOL(__nla_reserve_nohdr);
895 
896 /**
897  * nla_reserve - reserve room for attribute on the skb
898  * @skb: socket buffer to reserve room on
899  * @attrtype: attribute type
900  * @attrlen: length of attribute payload
901  *
902  * Adds a netlink attribute header to a socket buffer and reserves
903  * room for the payload but does not copy it.
904  *
905  * Returns NULL if the tailroom of the skb is insufficient to store
906  * the attribute header and payload.
907  */
908 struct nlattr *nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
909 {
910 	if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
911 		return NULL;
912 
913 	return __nla_reserve(skb, attrtype, attrlen);
914 }
915 EXPORT_SYMBOL(nla_reserve);
916 
917 /**
918  * nla_reserve_64bit - reserve room for attribute on the skb and align it
919  * @skb: socket buffer to reserve room on
920  * @attrtype: attribute type
921  * @attrlen: length of attribute payload
922  * @padattr: attribute type for the padding
923  *
924  * Adds a netlink attribute header to a socket buffer and reserves
925  * room for the payload but does not copy it. It also ensure that this
926  * attribute will have a 64-bit aligned nla_data() area.
927  *
928  * Returns NULL if the tailroom of the skb is insufficient to store
929  * the attribute header and payload.
930  */
931 struct nlattr *nla_reserve_64bit(struct sk_buff *skb, int attrtype, int attrlen,
932 				 int padattr)
933 {
934 	size_t len;
935 
936 	if (nla_need_padding_for_64bit(skb))
937 		len = nla_total_size_64bit(attrlen);
938 	else
939 		len = nla_total_size(attrlen);
940 	if (unlikely(skb_tailroom(skb) < len))
941 		return NULL;
942 
943 	return __nla_reserve_64bit(skb, attrtype, attrlen, padattr);
944 }
945 EXPORT_SYMBOL(nla_reserve_64bit);
946 
947 /**
948  * nla_reserve_nohdr - reserve room for attribute without header
949  * @skb: socket buffer to reserve room on
950  * @attrlen: length of attribute payload
951  *
952  * Reserves room for attribute payload without a header.
953  *
954  * Returns NULL if the tailroom of the skb is insufficient to store
955  * the attribute payload.
956  */
957 void *nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
958 {
959 	if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
960 		return NULL;
961 
962 	return __nla_reserve_nohdr(skb, attrlen);
963 }
964 EXPORT_SYMBOL(nla_reserve_nohdr);
965 
966 /**
967  * __nla_put - Add a netlink attribute to a socket buffer
968  * @skb: socket buffer to add attribute to
969  * @attrtype: attribute type
970  * @attrlen: length of attribute payload
971  * @data: head of attribute payload
972  *
973  * The caller is responsible to ensure that the skb provides enough
974  * tailroom for the attribute header and payload.
975  */
976 void __nla_put(struct sk_buff *skb, int attrtype, int attrlen,
977 			     const void *data)
978 {
979 	struct nlattr *nla;
980 
981 	nla = __nla_reserve(skb, attrtype, attrlen);
982 	memcpy(nla_data(nla), data, attrlen);
983 }
984 EXPORT_SYMBOL(__nla_put);
985 
986 /**
987  * __nla_put_64bit - Add a netlink attribute to a socket buffer and align it
988  * @skb: socket buffer to add attribute to
989  * @attrtype: attribute type
990  * @attrlen: length of attribute payload
991  * @data: head of attribute payload
992  * @padattr: attribute type for the padding
993  *
994  * The caller is responsible to ensure that the skb provides enough
995  * tailroom for the attribute header and payload.
996  */
997 void __nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen,
998 		     const void *data, int padattr)
999 {
1000 	struct nlattr *nla;
1001 
1002 	nla = __nla_reserve_64bit(skb, attrtype, attrlen, padattr);
1003 	memcpy(nla_data(nla), data, attrlen);
1004 }
1005 EXPORT_SYMBOL(__nla_put_64bit);
1006 
1007 /**
1008  * __nla_put_nohdr - Add a netlink attribute without header
1009  * @skb: socket buffer to add attribute to
1010  * @attrlen: length of attribute payload
1011  * @data: head of attribute payload
1012  *
1013  * The caller is responsible to ensure that the skb provides enough
1014  * tailroom for the attribute payload.
1015  */
1016 void __nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
1017 {
1018 	void *start;
1019 
1020 	start = __nla_reserve_nohdr(skb, attrlen);
1021 	memcpy(start, data, attrlen);
1022 }
1023 EXPORT_SYMBOL(__nla_put_nohdr);
1024 
1025 /**
1026  * nla_put - Add a netlink attribute to a socket buffer
1027  * @skb: socket buffer to add attribute to
1028  * @attrtype: attribute type
1029  * @attrlen: length of attribute payload
1030  * @data: head of attribute payload
1031  *
1032  * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1033  * the attribute header and payload.
1034  */
1035 int nla_put(struct sk_buff *skb, int attrtype, int attrlen, const void *data)
1036 {
1037 	if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
1038 		return -EMSGSIZE;
1039 
1040 	__nla_put(skb, attrtype, attrlen, data);
1041 	return 0;
1042 }
1043 EXPORT_SYMBOL(nla_put);
1044 
1045 /**
1046  * nla_put_64bit - Add a netlink attribute to a socket buffer and align it
1047  * @skb: socket buffer to add attribute to
1048  * @attrtype: attribute type
1049  * @attrlen: length of attribute payload
1050  * @data: head of attribute payload
1051  * @padattr: attribute type for the padding
1052  *
1053  * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1054  * the attribute header and payload.
1055  */
1056 int nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen,
1057 		  const void *data, int padattr)
1058 {
1059 	size_t len;
1060 
1061 	if (nla_need_padding_for_64bit(skb))
1062 		len = nla_total_size_64bit(attrlen);
1063 	else
1064 		len = nla_total_size(attrlen);
1065 	if (unlikely(skb_tailroom(skb) < len))
1066 		return -EMSGSIZE;
1067 
1068 	__nla_put_64bit(skb, attrtype, attrlen, data, padattr);
1069 	return 0;
1070 }
1071 EXPORT_SYMBOL(nla_put_64bit);
1072 
1073 /**
1074  * nla_put_nohdr - Add a netlink attribute without header
1075  * @skb: socket buffer to add attribute to
1076  * @attrlen: length of attribute payload
1077  * @data: head of attribute payload
1078  *
1079  * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1080  * the attribute payload.
1081  */
1082 int nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
1083 {
1084 	if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
1085 		return -EMSGSIZE;
1086 
1087 	__nla_put_nohdr(skb, attrlen, data);
1088 	return 0;
1089 }
1090 EXPORT_SYMBOL(nla_put_nohdr);
1091 
1092 /**
1093  * nla_append - Add a netlink attribute without header or padding
1094  * @skb: socket buffer to add attribute to
1095  * @attrlen: length of attribute payload
1096  * @data: head of attribute payload
1097  *
1098  * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1099  * the attribute payload.
1100  */
1101 int nla_append(struct sk_buff *skb, int attrlen, const void *data)
1102 {
1103 	if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
1104 		return -EMSGSIZE;
1105 
1106 	skb_put_data(skb, data, attrlen);
1107 	return 0;
1108 }
1109 EXPORT_SYMBOL(nla_append);
1110 #endif
1111