1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * NETLINK Netlink attributes 4 * 5 * Authors: Thomas Graf <tgraf@suug.ch> 6 * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> 7 */ 8 9 #include <linux/export.h> 10 #include <linux/kernel.h> 11 #include <linux/errno.h> 12 #include <linux/jiffies.h> 13 #include <linux/skbuff.h> 14 #include <linux/string.h> 15 #include <linux/types.h> 16 #include <net/netlink.h> 17 18 /* for these data types attribute length must be exactly given size */ 19 static const u8 nla_attr_len[NLA_TYPE_MAX+1] = { 20 [NLA_U8] = sizeof(u8), 21 [NLA_U16] = sizeof(u16), 22 [NLA_U32] = sizeof(u32), 23 [NLA_U64] = sizeof(u64), 24 [NLA_S8] = sizeof(s8), 25 [NLA_S16] = sizeof(s16), 26 [NLA_S32] = sizeof(s32), 27 [NLA_S64] = sizeof(s64), 28 }; 29 30 static const u8 nla_attr_minlen[NLA_TYPE_MAX+1] = { 31 [NLA_MSECS] = sizeof(u64), 32 [NLA_NESTED] = NLA_HDRLEN, 33 }; 34 35 static int validate_nla_bitfield32(const struct nlattr *nla, 36 u32 *valid_flags_allowed) 37 { 38 const struct nla_bitfield32 *bf = nla_data(nla); 39 u32 *valid_flags_mask = valid_flags_allowed; 40 41 if (!valid_flags_allowed) 42 return -EINVAL; 43 44 /*disallow invalid bit selector */ 45 if (bf->selector & ~*valid_flags_mask) 46 return -EINVAL; 47 48 /*disallow invalid bit values */ 49 if (bf->value & ~*valid_flags_mask) 50 return -EINVAL; 51 52 /*disallow valid bit values that are not selected*/ 53 if (bf->value & ~bf->selector) 54 return -EINVAL; 55 56 return 0; 57 } 58 59 static int validate_nla(const struct nlattr *nla, int maxtype, 60 const struct nla_policy *policy) 61 { 62 const struct nla_policy *pt; 63 int minlen = 0, attrlen = nla_len(nla), type = nla_type(nla); 64 65 if (type <= 0 || type > maxtype) 66 return 0; 67 68 pt = &policy[type]; 69 70 BUG_ON(pt->type > NLA_TYPE_MAX); 71 72 /* for data types NLA_U* and NLA_S* require exact length */ 73 if (nla_attr_len[pt->type]) { 74 if (attrlen != nla_attr_len[pt->type]) 75 return -ERANGE; 76 return 0; 77 } 78 79 switch (pt->type) { 80 case NLA_FLAG: 81 if (attrlen > 0) 82 return -ERANGE; 83 break; 84 85 case NLA_BITFIELD32: 86 if (attrlen != sizeof(struct nla_bitfield32)) 87 return -ERANGE; 88 89 return validate_nla_bitfield32(nla, pt->validation_data); 90 91 case NLA_NUL_STRING: 92 if (pt->len) 93 minlen = min_t(int, attrlen, pt->len + 1); 94 else 95 minlen = attrlen; 96 97 if (!minlen || memchr(nla_data(nla), '\0', minlen) == NULL) 98 return -EINVAL; 99 /* fall through */ 100 101 case NLA_STRING: 102 if (attrlen < 1) 103 return -ERANGE; 104 105 if (pt->len) { 106 char *buf = nla_data(nla); 107 108 if (buf[attrlen - 1] == '\0') 109 attrlen--; 110 111 if (attrlen > pt->len) 112 return -ERANGE; 113 } 114 break; 115 116 case NLA_BINARY: 117 if (pt->len && attrlen > pt->len) 118 return -ERANGE; 119 break; 120 121 case NLA_NESTED_COMPAT: 122 if (attrlen < pt->len) 123 return -ERANGE; 124 if (attrlen < NLA_ALIGN(pt->len)) 125 break; 126 if (attrlen < NLA_ALIGN(pt->len) + NLA_HDRLEN) 127 return -ERANGE; 128 nla = nla_data(nla) + NLA_ALIGN(pt->len); 129 if (attrlen < NLA_ALIGN(pt->len) + NLA_HDRLEN + nla_len(nla)) 130 return -ERANGE; 131 break; 132 case NLA_NESTED: 133 /* a nested attributes is allowed to be empty; if its not, 134 * it must have a size of at least NLA_HDRLEN. 135 */ 136 if (attrlen == 0) 137 break; 138 default: 139 if (pt->len) 140 minlen = pt->len; 141 else if (pt->type != NLA_UNSPEC) 142 minlen = nla_attr_minlen[pt->type]; 143 144 if (attrlen < minlen) 145 return -ERANGE; 146 } 147 148 return 0; 149 } 150 151 /** 152 * nla_validate - Validate a stream of attributes 153 * @head: head of attribute stream 154 * @len: length of attribute stream 155 * @maxtype: maximum attribute type to be expected 156 * @policy: validation policy 157 * @extack: extended ACK report struct 158 * 159 * Validates all attributes in the specified attribute stream against the 160 * specified policy. Attributes with a type exceeding maxtype will be 161 * ignored. See documenation of struct nla_policy for more details. 162 * 163 * Returns 0 on success or a negative error code. 164 */ 165 int nla_validate(const struct nlattr *head, int len, int maxtype, 166 const struct nla_policy *policy, 167 struct netlink_ext_ack *extack) 168 { 169 const struct nlattr *nla; 170 int rem; 171 172 nla_for_each_attr(nla, head, len, rem) { 173 int err = validate_nla(nla, maxtype, policy); 174 175 if (err < 0) { 176 if (extack) 177 extack->bad_attr = nla; 178 return err; 179 } 180 } 181 182 return 0; 183 } 184 EXPORT_SYMBOL(nla_validate); 185 186 /** 187 * nla_policy_len - Determin the max. length of a policy 188 * @policy: policy to use 189 * @n: number of policies 190 * 191 * Determines the max. length of the policy. It is currently used 192 * to allocated Netlink buffers roughly the size of the actual 193 * message. 194 * 195 * Returns 0 on success or a negative error code. 196 */ 197 int 198 nla_policy_len(const struct nla_policy *p, int n) 199 { 200 int i, len = 0; 201 202 for (i = 0; i < n; i++, p++) { 203 if (p->len) 204 len += nla_total_size(p->len); 205 else if (nla_attr_len[p->type]) 206 len += nla_total_size(nla_attr_len[p->type]); 207 else if (nla_attr_minlen[p->type]) 208 len += nla_total_size(nla_attr_minlen[p->type]); 209 } 210 211 return len; 212 } 213 EXPORT_SYMBOL(nla_policy_len); 214 215 /** 216 * nla_parse - Parse a stream of attributes into a tb buffer 217 * @tb: destination array with maxtype+1 elements 218 * @maxtype: maximum attribute type to be expected 219 * @head: head of attribute stream 220 * @len: length of attribute stream 221 * @policy: validation policy 222 * 223 * Parses a stream of attributes and stores a pointer to each attribute in 224 * the tb array accessible via the attribute type. Attributes with a type 225 * exceeding maxtype will be silently ignored for backwards compatibility 226 * reasons. policy may be set to NULL if no validation is required. 227 * 228 * Returns 0 on success or a negative error code. 229 */ 230 int nla_parse(struct nlattr **tb, int maxtype, const struct nlattr *head, 231 int len, const struct nla_policy *policy, 232 struct netlink_ext_ack *extack) 233 { 234 const struct nlattr *nla; 235 int rem, err; 236 237 memset(tb, 0, sizeof(struct nlattr *) * (maxtype + 1)); 238 239 nla_for_each_attr(nla, head, len, rem) { 240 u16 type = nla_type(nla); 241 242 if (type > 0 && type <= maxtype) { 243 if (policy) { 244 err = validate_nla(nla, maxtype, policy); 245 if (err < 0) { 246 if (extack) 247 extack->bad_attr = nla; 248 goto errout; 249 } 250 } 251 252 tb[type] = (struct nlattr *)nla; 253 } 254 } 255 256 if (unlikely(rem > 0)) 257 pr_warn_ratelimited("netlink: %d bytes leftover after parsing attributes in process `%s'.\n", 258 rem, current->comm); 259 260 err = 0; 261 errout: 262 return err; 263 } 264 EXPORT_SYMBOL(nla_parse); 265 266 /** 267 * nla_find - Find a specific attribute in a stream of attributes 268 * @head: head of attribute stream 269 * @len: length of attribute stream 270 * @attrtype: type of attribute to look for 271 * 272 * Returns the first attribute in the stream matching the specified type. 273 */ 274 struct nlattr *nla_find(const struct nlattr *head, int len, int attrtype) 275 { 276 const struct nlattr *nla; 277 int rem; 278 279 nla_for_each_attr(nla, head, len, rem) 280 if (nla_type(nla) == attrtype) 281 return (struct nlattr *)nla; 282 283 return NULL; 284 } 285 EXPORT_SYMBOL(nla_find); 286 287 /** 288 * nla_strlcpy - Copy string attribute payload into a sized buffer 289 * @dst: where to copy the string to 290 * @nla: attribute to copy the string from 291 * @dstsize: size of destination buffer 292 * 293 * Copies at most dstsize - 1 bytes into the destination buffer. 294 * The result is always a valid NUL-terminated string. Unlike 295 * strlcpy the destination buffer is always padded out. 296 * 297 * Returns the length of the source buffer. 298 */ 299 size_t nla_strlcpy(char *dst, const struct nlattr *nla, size_t dstsize) 300 { 301 size_t srclen = nla_len(nla); 302 char *src = nla_data(nla); 303 304 if (srclen > 0 && src[srclen - 1] == '\0') 305 srclen--; 306 307 if (dstsize > 0) { 308 size_t len = (srclen >= dstsize) ? dstsize - 1 : srclen; 309 310 memset(dst, 0, dstsize); 311 memcpy(dst, src, len); 312 } 313 314 return srclen; 315 } 316 EXPORT_SYMBOL(nla_strlcpy); 317 318 /** 319 * nla_strdup - Copy string attribute payload into a newly allocated buffer 320 * @nla: attribute to copy the string from 321 * @flags: the type of memory to allocate (see kmalloc). 322 * 323 * Returns a pointer to the allocated buffer or NULL on error. 324 */ 325 char *nla_strdup(const struct nlattr *nla, gfp_t flags) 326 { 327 size_t srclen = nla_len(nla); 328 char *src = nla_data(nla), *dst; 329 330 if (srclen > 0 && src[srclen - 1] == '\0') 331 srclen--; 332 333 dst = kmalloc(srclen + 1, flags); 334 if (dst != NULL) { 335 memcpy(dst, src, srclen); 336 dst[srclen] = '\0'; 337 } 338 return dst; 339 } 340 EXPORT_SYMBOL(nla_strdup); 341 342 /** 343 * nla_memcpy - Copy a netlink attribute into another memory area 344 * @dest: where to copy to memcpy 345 * @src: netlink attribute to copy from 346 * @count: size of the destination area 347 * 348 * Note: The number of bytes copied is limited by the length of 349 * attribute's payload. memcpy 350 * 351 * Returns the number of bytes copied. 352 */ 353 int nla_memcpy(void *dest, const struct nlattr *src, int count) 354 { 355 int minlen = min_t(int, count, nla_len(src)); 356 357 memcpy(dest, nla_data(src), minlen); 358 if (count > minlen) 359 memset(dest + minlen, 0, count - minlen); 360 361 return minlen; 362 } 363 EXPORT_SYMBOL(nla_memcpy); 364 365 /** 366 * nla_memcmp - Compare an attribute with sized memory area 367 * @nla: netlink attribute 368 * @data: memory area 369 * @size: size of memory area 370 */ 371 int nla_memcmp(const struct nlattr *nla, const void *data, 372 size_t size) 373 { 374 int d = nla_len(nla) - size; 375 376 if (d == 0) 377 d = memcmp(nla_data(nla), data, size); 378 379 return d; 380 } 381 EXPORT_SYMBOL(nla_memcmp); 382 383 /** 384 * nla_strcmp - Compare a string attribute against a string 385 * @nla: netlink string attribute 386 * @str: another string 387 */ 388 int nla_strcmp(const struct nlattr *nla, const char *str) 389 { 390 int len = strlen(str); 391 char *buf = nla_data(nla); 392 int attrlen = nla_len(nla); 393 int d; 394 395 if (attrlen > 0 && buf[attrlen - 1] == '\0') 396 attrlen--; 397 398 d = attrlen - len; 399 if (d == 0) 400 d = memcmp(nla_data(nla), str, len); 401 402 return d; 403 } 404 EXPORT_SYMBOL(nla_strcmp); 405 406 #ifdef CONFIG_NET 407 /** 408 * __nla_reserve - reserve room for attribute on the skb 409 * @skb: socket buffer to reserve room on 410 * @attrtype: attribute type 411 * @attrlen: length of attribute payload 412 * 413 * Adds a netlink attribute header to a socket buffer and reserves 414 * room for the payload but does not copy it. 415 * 416 * The caller is responsible to ensure that the skb provides enough 417 * tailroom for the attribute header and payload. 418 */ 419 struct nlattr *__nla_reserve(struct sk_buff *skb, int attrtype, int attrlen) 420 { 421 struct nlattr *nla; 422 423 nla = skb_put(skb, nla_total_size(attrlen)); 424 nla->nla_type = attrtype; 425 nla->nla_len = nla_attr_size(attrlen); 426 427 memset((unsigned char *) nla + nla->nla_len, 0, nla_padlen(attrlen)); 428 429 return nla; 430 } 431 EXPORT_SYMBOL(__nla_reserve); 432 433 /** 434 * __nla_reserve_64bit - reserve room for attribute on the skb and align it 435 * @skb: socket buffer to reserve room on 436 * @attrtype: attribute type 437 * @attrlen: length of attribute payload 438 * @padattr: attribute type for the padding 439 * 440 * Adds a netlink attribute header to a socket buffer and reserves 441 * room for the payload but does not copy it. It also ensure that this 442 * attribute will have a 64-bit aligned nla_data() area. 443 * 444 * The caller is responsible to ensure that the skb provides enough 445 * tailroom for the attribute header and payload. 446 */ 447 struct nlattr *__nla_reserve_64bit(struct sk_buff *skb, int attrtype, 448 int attrlen, int padattr) 449 { 450 if (nla_need_padding_for_64bit(skb)) 451 nla_align_64bit(skb, padattr); 452 453 return __nla_reserve(skb, attrtype, attrlen); 454 } 455 EXPORT_SYMBOL(__nla_reserve_64bit); 456 457 /** 458 * __nla_reserve_nohdr - reserve room for attribute without header 459 * @skb: socket buffer to reserve room on 460 * @attrlen: length of attribute payload 461 * 462 * Reserves room for attribute payload without a header. 463 * 464 * The caller is responsible to ensure that the skb provides enough 465 * tailroom for the payload. 466 */ 467 void *__nla_reserve_nohdr(struct sk_buff *skb, int attrlen) 468 { 469 return skb_put_zero(skb, NLA_ALIGN(attrlen)); 470 } 471 EXPORT_SYMBOL(__nla_reserve_nohdr); 472 473 /** 474 * nla_reserve - reserve room for attribute on the skb 475 * @skb: socket buffer to reserve room on 476 * @attrtype: attribute type 477 * @attrlen: length of attribute payload 478 * 479 * Adds a netlink attribute header to a socket buffer and reserves 480 * room for the payload but does not copy it. 481 * 482 * Returns NULL if the tailroom of the skb is insufficient to store 483 * the attribute header and payload. 484 */ 485 struct nlattr *nla_reserve(struct sk_buff *skb, int attrtype, int attrlen) 486 { 487 if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen))) 488 return NULL; 489 490 return __nla_reserve(skb, attrtype, attrlen); 491 } 492 EXPORT_SYMBOL(nla_reserve); 493 494 /** 495 * nla_reserve_64bit - reserve room for attribute on the skb and align it 496 * @skb: socket buffer to reserve room on 497 * @attrtype: attribute type 498 * @attrlen: length of attribute payload 499 * @padattr: attribute type for the padding 500 * 501 * Adds a netlink attribute header to a socket buffer and reserves 502 * room for the payload but does not copy it. It also ensure that this 503 * attribute will have a 64-bit aligned nla_data() area. 504 * 505 * Returns NULL if the tailroom of the skb is insufficient to store 506 * the attribute header and payload. 507 */ 508 struct nlattr *nla_reserve_64bit(struct sk_buff *skb, int attrtype, int attrlen, 509 int padattr) 510 { 511 size_t len; 512 513 if (nla_need_padding_for_64bit(skb)) 514 len = nla_total_size_64bit(attrlen); 515 else 516 len = nla_total_size(attrlen); 517 if (unlikely(skb_tailroom(skb) < len)) 518 return NULL; 519 520 return __nla_reserve_64bit(skb, attrtype, attrlen, padattr); 521 } 522 EXPORT_SYMBOL(nla_reserve_64bit); 523 524 /** 525 * nla_reserve_nohdr - reserve room for attribute without header 526 * @skb: socket buffer to reserve room on 527 * @attrlen: length of attribute payload 528 * 529 * Reserves room for attribute payload without a header. 530 * 531 * Returns NULL if the tailroom of the skb is insufficient to store 532 * the attribute payload. 533 */ 534 void *nla_reserve_nohdr(struct sk_buff *skb, int attrlen) 535 { 536 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen))) 537 return NULL; 538 539 return __nla_reserve_nohdr(skb, attrlen); 540 } 541 EXPORT_SYMBOL(nla_reserve_nohdr); 542 543 /** 544 * __nla_put - Add a netlink attribute to a socket buffer 545 * @skb: socket buffer to add attribute to 546 * @attrtype: attribute type 547 * @attrlen: length of attribute payload 548 * @data: head of attribute payload 549 * 550 * The caller is responsible to ensure that the skb provides enough 551 * tailroom for the attribute header and payload. 552 */ 553 void __nla_put(struct sk_buff *skb, int attrtype, int attrlen, 554 const void *data) 555 { 556 struct nlattr *nla; 557 558 nla = __nla_reserve(skb, attrtype, attrlen); 559 memcpy(nla_data(nla), data, attrlen); 560 } 561 EXPORT_SYMBOL(__nla_put); 562 563 /** 564 * __nla_put_64bit - Add a netlink attribute to a socket buffer and align it 565 * @skb: socket buffer to add attribute to 566 * @attrtype: attribute type 567 * @attrlen: length of attribute payload 568 * @data: head of attribute payload 569 * @padattr: attribute type for the padding 570 * 571 * The caller is responsible to ensure that the skb provides enough 572 * tailroom for the attribute header and payload. 573 */ 574 void __nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen, 575 const void *data, int padattr) 576 { 577 struct nlattr *nla; 578 579 nla = __nla_reserve_64bit(skb, attrtype, attrlen, padattr); 580 memcpy(nla_data(nla), data, attrlen); 581 } 582 EXPORT_SYMBOL(__nla_put_64bit); 583 584 /** 585 * __nla_put_nohdr - Add a netlink attribute without header 586 * @skb: socket buffer to add attribute to 587 * @attrlen: length of attribute payload 588 * @data: head of attribute payload 589 * 590 * The caller is responsible to ensure that the skb provides enough 591 * tailroom for the attribute payload. 592 */ 593 void __nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data) 594 { 595 void *start; 596 597 start = __nla_reserve_nohdr(skb, attrlen); 598 memcpy(start, data, attrlen); 599 } 600 EXPORT_SYMBOL(__nla_put_nohdr); 601 602 /** 603 * nla_put - Add a netlink attribute to a socket buffer 604 * @skb: socket buffer to add attribute to 605 * @attrtype: attribute type 606 * @attrlen: length of attribute payload 607 * @data: head of attribute payload 608 * 609 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store 610 * the attribute header and payload. 611 */ 612 int nla_put(struct sk_buff *skb, int attrtype, int attrlen, const void *data) 613 { 614 if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen))) 615 return -EMSGSIZE; 616 617 __nla_put(skb, attrtype, attrlen, data); 618 return 0; 619 } 620 EXPORT_SYMBOL(nla_put); 621 622 /** 623 * nla_put_64bit - Add a netlink attribute to a socket buffer and align it 624 * @skb: socket buffer to add attribute to 625 * @attrtype: attribute type 626 * @attrlen: length of attribute payload 627 * @data: head of attribute payload 628 * @padattr: attribute type for the padding 629 * 630 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store 631 * the attribute header and payload. 632 */ 633 int nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen, 634 const void *data, int padattr) 635 { 636 size_t len; 637 638 if (nla_need_padding_for_64bit(skb)) 639 len = nla_total_size_64bit(attrlen); 640 else 641 len = nla_total_size(attrlen); 642 if (unlikely(skb_tailroom(skb) < len)) 643 return -EMSGSIZE; 644 645 __nla_put_64bit(skb, attrtype, attrlen, data, padattr); 646 return 0; 647 } 648 EXPORT_SYMBOL(nla_put_64bit); 649 650 /** 651 * nla_put_nohdr - Add a netlink attribute without header 652 * @skb: socket buffer to add attribute to 653 * @attrlen: length of attribute payload 654 * @data: head of attribute payload 655 * 656 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store 657 * the attribute payload. 658 */ 659 int nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data) 660 { 661 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen))) 662 return -EMSGSIZE; 663 664 __nla_put_nohdr(skb, attrlen, data); 665 return 0; 666 } 667 EXPORT_SYMBOL(nla_put_nohdr); 668 669 /** 670 * nla_append - Add a netlink attribute without header or padding 671 * @skb: socket buffer to add attribute to 672 * @attrlen: length of attribute payload 673 * @data: head of attribute payload 674 * 675 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store 676 * the attribute payload. 677 */ 678 int nla_append(struct sk_buff *skb, int attrlen, const void *data) 679 { 680 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen))) 681 return -EMSGSIZE; 682 683 skb_put_data(skb, data, attrlen); 684 return 0; 685 } 686 EXPORT_SYMBOL(nla_append); 687 #endif 688