1 /* 2 * L2TP netlink layer, for management 3 * 4 * Copyright (c) 2008,2009,2010 Katalix Systems Ltd 5 * 6 * Partly based on the IrDA nelink implementation 7 * (see net/irda/irnetlink.c) which is: 8 * Copyright (c) 2007 Samuel Ortiz <samuel@sortiz.org> 9 * which is in turn partly based on the wireless netlink code: 10 * Copyright 2006 Johannes Berg <johannes@sipsolutions.net> 11 * 12 * This program is free software; you can redistribute it and/or modify 13 * it under the terms of the GNU General Public License version 2 as 14 * published by the Free Software Foundation. 15 */ 16 17 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 18 19 #include <net/sock.h> 20 #include <net/genetlink.h> 21 #include <net/udp.h> 22 #include <linux/in.h> 23 #include <linux/udp.h> 24 #include <linux/socket.h> 25 #include <linux/module.h> 26 #include <linux/list.h> 27 #include <net/net_namespace.h> 28 29 #include <linux/l2tp.h> 30 31 #include "l2tp_core.h" 32 33 34 static struct genl_family l2tp_nl_family = { 35 .id = GENL_ID_GENERATE, 36 .name = L2TP_GENL_NAME, 37 .version = L2TP_GENL_VERSION, 38 .hdrsize = 0, 39 .maxattr = L2TP_ATTR_MAX, 40 .netnsok = true, 41 }; 42 43 static const struct genl_multicast_group l2tp_multicast_group[] = { 44 { 45 .name = L2TP_GENL_MCGROUP, 46 }, 47 }; 48 49 static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, 50 int flags, struct l2tp_tunnel *tunnel, u8 cmd); 51 static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, 52 int flags, struct l2tp_session *session, 53 u8 cmd); 54 55 /* Accessed under genl lock */ 56 static const struct l2tp_nl_cmd_ops *l2tp_nl_cmd_ops[__L2TP_PWTYPE_MAX]; 57 58 static struct l2tp_session *l2tp_nl_session_find(struct genl_info *info) 59 { 60 u32 tunnel_id; 61 u32 session_id; 62 char *ifname; 63 struct l2tp_tunnel *tunnel; 64 struct l2tp_session *session = NULL; 65 struct net *net = genl_info_net(info); 66 67 if (info->attrs[L2TP_ATTR_IFNAME]) { 68 ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]); 69 session = l2tp_session_find_by_ifname(net, ifname); 70 } else if ((info->attrs[L2TP_ATTR_SESSION_ID]) && 71 (info->attrs[L2TP_ATTR_CONN_ID])) { 72 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 73 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]); 74 tunnel = l2tp_tunnel_find(net, tunnel_id); 75 if (tunnel) 76 session = l2tp_session_find(net, tunnel, session_id); 77 } 78 79 return session; 80 } 81 82 static int l2tp_nl_cmd_noop(struct sk_buff *skb, struct genl_info *info) 83 { 84 struct sk_buff *msg; 85 void *hdr; 86 int ret = -ENOBUFS; 87 88 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 89 if (!msg) { 90 ret = -ENOMEM; 91 goto out; 92 } 93 94 hdr = genlmsg_put(msg, info->snd_portid, info->snd_seq, 95 &l2tp_nl_family, 0, L2TP_CMD_NOOP); 96 if (!hdr) { 97 ret = -EMSGSIZE; 98 goto err_out; 99 } 100 101 genlmsg_end(msg, hdr); 102 103 return genlmsg_unicast(genl_info_net(info), msg, info->snd_portid); 104 105 err_out: 106 nlmsg_free(msg); 107 108 out: 109 return ret; 110 } 111 112 static int l2tp_tunnel_notify(struct genl_family *family, 113 struct genl_info *info, 114 struct l2tp_tunnel *tunnel, 115 u8 cmd) 116 { 117 struct sk_buff *msg; 118 int ret; 119 120 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 121 if (!msg) 122 return -ENOMEM; 123 124 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq, 125 NLM_F_ACK, tunnel, cmd); 126 127 if (ret >= 0) { 128 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC); 129 /* We don't care if no one is listening */ 130 if (ret == -ESRCH) 131 ret = 0; 132 return ret; 133 } 134 135 nlmsg_free(msg); 136 137 return ret; 138 } 139 140 static int l2tp_session_notify(struct genl_family *family, 141 struct genl_info *info, 142 struct l2tp_session *session, 143 u8 cmd) 144 { 145 struct sk_buff *msg; 146 int ret; 147 148 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 149 if (!msg) 150 return -ENOMEM; 151 152 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq, 153 NLM_F_ACK, session, cmd); 154 155 if (ret >= 0) { 156 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC); 157 /* We don't care if no one is listening */ 158 if (ret == -ESRCH) 159 ret = 0; 160 return ret; 161 } 162 163 nlmsg_free(msg); 164 165 return ret; 166 } 167 168 static int l2tp_nl_cmd_tunnel_create(struct sk_buff *skb, struct genl_info *info) 169 { 170 u32 tunnel_id; 171 u32 peer_tunnel_id; 172 int proto_version; 173 int fd; 174 int ret = 0; 175 struct l2tp_tunnel_cfg cfg = { 0, }; 176 struct l2tp_tunnel *tunnel; 177 struct net *net = genl_info_net(info); 178 179 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 180 ret = -EINVAL; 181 goto out; 182 } 183 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 184 185 if (!info->attrs[L2TP_ATTR_PEER_CONN_ID]) { 186 ret = -EINVAL; 187 goto out; 188 } 189 peer_tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_CONN_ID]); 190 191 if (!info->attrs[L2TP_ATTR_PROTO_VERSION]) { 192 ret = -EINVAL; 193 goto out; 194 } 195 proto_version = nla_get_u8(info->attrs[L2TP_ATTR_PROTO_VERSION]); 196 197 if (!info->attrs[L2TP_ATTR_ENCAP_TYPE]) { 198 ret = -EINVAL; 199 goto out; 200 } 201 cfg.encap = nla_get_u16(info->attrs[L2TP_ATTR_ENCAP_TYPE]); 202 203 fd = -1; 204 if (info->attrs[L2TP_ATTR_FD]) { 205 fd = nla_get_u32(info->attrs[L2TP_ATTR_FD]); 206 } else { 207 #if IS_ENABLED(CONFIG_IPV6) 208 if (info->attrs[L2TP_ATTR_IP6_SADDR] && 209 info->attrs[L2TP_ATTR_IP6_DADDR]) { 210 cfg.local_ip6 = nla_data( 211 info->attrs[L2TP_ATTR_IP6_SADDR]); 212 cfg.peer_ip6 = nla_data( 213 info->attrs[L2TP_ATTR_IP6_DADDR]); 214 } else 215 #endif 216 if (info->attrs[L2TP_ATTR_IP_SADDR] && 217 info->attrs[L2TP_ATTR_IP_DADDR]) { 218 cfg.local_ip.s_addr = nla_get_in_addr( 219 info->attrs[L2TP_ATTR_IP_SADDR]); 220 cfg.peer_ip.s_addr = nla_get_in_addr( 221 info->attrs[L2TP_ATTR_IP_DADDR]); 222 } else { 223 ret = -EINVAL; 224 goto out; 225 } 226 if (info->attrs[L2TP_ATTR_UDP_SPORT]) 227 cfg.local_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_SPORT]); 228 if (info->attrs[L2TP_ATTR_UDP_DPORT]) 229 cfg.peer_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_DPORT]); 230 if (info->attrs[L2TP_ATTR_UDP_CSUM]) 231 cfg.use_udp_checksums = nla_get_flag(info->attrs[L2TP_ATTR_UDP_CSUM]); 232 233 #if IS_ENABLED(CONFIG_IPV6) 234 if (info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_TX]) 235 cfg.udp6_zero_tx_checksums = nla_get_flag(info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_TX]); 236 if (info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_RX]) 237 cfg.udp6_zero_rx_checksums = nla_get_flag(info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_RX]); 238 #endif 239 } 240 241 if (info->attrs[L2TP_ATTR_DEBUG]) 242 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 243 244 tunnel = l2tp_tunnel_find(net, tunnel_id); 245 if (tunnel != NULL) { 246 ret = -EEXIST; 247 goto out; 248 } 249 250 ret = -EINVAL; 251 switch (cfg.encap) { 252 case L2TP_ENCAPTYPE_UDP: 253 case L2TP_ENCAPTYPE_IP: 254 ret = l2tp_tunnel_create(net, fd, proto_version, tunnel_id, 255 peer_tunnel_id, &cfg, &tunnel); 256 break; 257 } 258 259 if (ret >= 0) 260 ret = l2tp_tunnel_notify(&l2tp_nl_family, info, 261 tunnel, L2TP_CMD_TUNNEL_CREATE); 262 out: 263 return ret; 264 } 265 266 static int l2tp_nl_cmd_tunnel_delete(struct sk_buff *skb, struct genl_info *info) 267 { 268 struct l2tp_tunnel *tunnel; 269 u32 tunnel_id; 270 int ret = 0; 271 struct net *net = genl_info_net(info); 272 273 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 274 ret = -EINVAL; 275 goto out; 276 } 277 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 278 279 tunnel = l2tp_tunnel_find(net, tunnel_id); 280 if (tunnel == NULL) { 281 ret = -ENODEV; 282 goto out; 283 } 284 285 l2tp_tunnel_notify(&l2tp_nl_family, info, 286 tunnel, L2TP_CMD_TUNNEL_DELETE); 287 288 (void) l2tp_tunnel_delete(tunnel); 289 290 out: 291 return ret; 292 } 293 294 static int l2tp_nl_cmd_tunnel_modify(struct sk_buff *skb, struct genl_info *info) 295 { 296 struct l2tp_tunnel *tunnel; 297 u32 tunnel_id; 298 int ret = 0; 299 struct net *net = genl_info_net(info); 300 301 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 302 ret = -EINVAL; 303 goto out; 304 } 305 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 306 307 tunnel = l2tp_tunnel_find(net, tunnel_id); 308 if (tunnel == NULL) { 309 ret = -ENODEV; 310 goto out; 311 } 312 313 if (info->attrs[L2TP_ATTR_DEBUG]) 314 tunnel->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 315 316 ret = l2tp_tunnel_notify(&l2tp_nl_family, info, 317 tunnel, L2TP_CMD_TUNNEL_MODIFY); 318 319 out: 320 return ret; 321 } 322 323 static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, int flags, 324 struct l2tp_tunnel *tunnel, u8 cmd) 325 { 326 void *hdr; 327 struct nlattr *nest; 328 struct sock *sk = NULL; 329 struct inet_sock *inet; 330 #if IS_ENABLED(CONFIG_IPV6) 331 struct ipv6_pinfo *np = NULL; 332 #endif 333 334 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd); 335 if (!hdr) 336 return -EMSGSIZE; 337 338 if (nla_put_u8(skb, L2TP_ATTR_PROTO_VERSION, tunnel->version) || 339 nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) || 340 nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) || 341 nla_put_u32(skb, L2TP_ATTR_DEBUG, tunnel->debug) || 342 nla_put_u16(skb, L2TP_ATTR_ENCAP_TYPE, tunnel->encap)) 343 goto nla_put_failure; 344 345 nest = nla_nest_start(skb, L2TP_ATTR_STATS); 346 if (nest == NULL) 347 goto nla_put_failure; 348 349 if (nla_put_u64(skb, L2TP_ATTR_TX_PACKETS, 350 atomic_long_read(&tunnel->stats.tx_packets)) || 351 nla_put_u64(skb, L2TP_ATTR_TX_BYTES, 352 atomic_long_read(&tunnel->stats.tx_bytes)) || 353 nla_put_u64(skb, L2TP_ATTR_TX_ERRORS, 354 atomic_long_read(&tunnel->stats.tx_errors)) || 355 nla_put_u64(skb, L2TP_ATTR_RX_PACKETS, 356 atomic_long_read(&tunnel->stats.rx_packets)) || 357 nla_put_u64(skb, L2TP_ATTR_RX_BYTES, 358 atomic_long_read(&tunnel->stats.rx_bytes)) || 359 nla_put_u64(skb, L2TP_ATTR_RX_SEQ_DISCARDS, 360 atomic_long_read(&tunnel->stats.rx_seq_discards)) || 361 nla_put_u64(skb, L2TP_ATTR_RX_OOS_PACKETS, 362 atomic_long_read(&tunnel->stats.rx_oos_packets)) || 363 nla_put_u64(skb, L2TP_ATTR_RX_ERRORS, 364 atomic_long_read(&tunnel->stats.rx_errors))) 365 goto nla_put_failure; 366 nla_nest_end(skb, nest); 367 368 sk = tunnel->sock; 369 if (!sk) 370 goto out; 371 372 #if IS_ENABLED(CONFIG_IPV6) 373 if (sk->sk_family == AF_INET6) 374 np = inet6_sk(sk); 375 #endif 376 377 inet = inet_sk(sk); 378 379 switch (tunnel->encap) { 380 case L2TP_ENCAPTYPE_UDP: 381 if (nla_put_u16(skb, L2TP_ATTR_UDP_SPORT, ntohs(inet->inet_sport)) || 382 nla_put_u16(skb, L2TP_ATTR_UDP_DPORT, ntohs(inet->inet_dport)) || 383 nla_put_u8(skb, L2TP_ATTR_UDP_CSUM, !sk->sk_no_check_tx)) 384 goto nla_put_failure; 385 /* NOBREAK */ 386 case L2TP_ENCAPTYPE_IP: 387 #if IS_ENABLED(CONFIG_IPV6) 388 if (np) { 389 if (nla_put_in6_addr(skb, L2TP_ATTR_IP6_SADDR, 390 &np->saddr) || 391 nla_put_in6_addr(skb, L2TP_ATTR_IP6_DADDR, 392 &sk->sk_v6_daddr)) 393 goto nla_put_failure; 394 } else 395 #endif 396 if (nla_put_in_addr(skb, L2TP_ATTR_IP_SADDR, 397 inet->inet_saddr) || 398 nla_put_in_addr(skb, L2TP_ATTR_IP_DADDR, 399 inet->inet_daddr)) 400 goto nla_put_failure; 401 break; 402 } 403 404 out: 405 genlmsg_end(skb, hdr); 406 return 0; 407 408 nla_put_failure: 409 genlmsg_cancel(skb, hdr); 410 return -1; 411 } 412 413 static int l2tp_nl_cmd_tunnel_get(struct sk_buff *skb, struct genl_info *info) 414 { 415 struct l2tp_tunnel *tunnel; 416 struct sk_buff *msg; 417 u32 tunnel_id; 418 int ret = -ENOBUFS; 419 struct net *net = genl_info_net(info); 420 421 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 422 ret = -EINVAL; 423 goto out; 424 } 425 426 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 427 428 tunnel = l2tp_tunnel_find(net, tunnel_id); 429 if (tunnel == NULL) { 430 ret = -ENODEV; 431 goto out; 432 } 433 434 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 435 if (!msg) { 436 ret = -ENOMEM; 437 goto out; 438 } 439 440 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq, 441 NLM_F_ACK, tunnel, L2TP_CMD_TUNNEL_GET); 442 if (ret < 0) 443 goto err_out; 444 445 return genlmsg_unicast(net, msg, info->snd_portid); 446 447 err_out: 448 nlmsg_free(msg); 449 450 out: 451 return ret; 452 } 453 454 static int l2tp_nl_cmd_tunnel_dump(struct sk_buff *skb, struct netlink_callback *cb) 455 { 456 int ti = cb->args[0]; 457 struct l2tp_tunnel *tunnel; 458 struct net *net = sock_net(skb->sk); 459 460 for (;;) { 461 tunnel = l2tp_tunnel_find_nth(net, ti); 462 if (tunnel == NULL) 463 goto out; 464 465 if (l2tp_nl_tunnel_send(skb, NETLINK_CB(cb->skb).portid, 466 cb->nlh->nlmsg_seq, NLM_F_MULTI, 467 tunnel, L2TP_CMD_TUNNEL_GET) < 0) 468 goto out; 469 470 ti++; 471 } 472 473 out: 474 cb->args[0] = ti; 475 476 return skb->len; 477 } 478 479 static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *info) 480 { 481 u32 tunnel_id = 0; 482 u32 session_id; 483 u32 peer_session_id; 484 int ret = 0; 485 struct l2tp_tunnel *tunnel; 486 struct l2tp_session *session; 487 struct l2tp_session_cfg cfg = { 0, }; 488 struct net *net = genl_info_net(info); 489 490 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 491 ret = -EINVAL; 492 goto out; 493 } 494 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 495 tunnel = l2tp_tunnel_find(net, tunnel_id); 496 if (!tunnel) { 497 ret = -ENODEV; 498 goto out; 499 } 500 501 if (!info->attrs[L2TP_ATTR_SESSION_ID]) { 502 ret = -EINVAL; 503 goto out; 504 } 505 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]); 506 session = l2tp_session_find(net, tunnel, session_id); 507 if (session) { 508 ret = -EEXIST; 509 goto out; 510 } 511 512 if (!info->attrs[L2TP_ATTR_PEER_SESSION_ID]) { 513 ret = -EINVAL; 514 goto out; 515 } 516 peer_session_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_SESSION_ID]); 517 518 if (!info->attrs[L2TP_ATTR_PW_TYPE]) { 519 ret = -EINVAL; 520 goto out; 521 } 522 cfg.pw_type = nla_get_u16(info->attrs[L2TP_ATTR_PW_TYPE]); 523 if (cfg.pw_type >= __L2TP_PWTYPE_MAX) { 524 ret = -EINVAL; 525 goto out; 526 } 527 528 if (tunnel->version > 2) { 529 if (info->attrs[L2TP_ATTR_OFFSET]) 530 cfg.offset = nla_get_u16(info->attrs[L2TP_ATTR_OFFSET]); 531 532 if (info->attrs[L2TP_ATTR_DATA_SEQ]) 533 cfg.data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]); 534 535 cfg.l2specific_type = L2TP_L2SPECTYPE_DEFAULT; 536 if (info->attrs[L2TP_ATTR_L2SPEC_TYPE]) 537 cfg.l2specific_type = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_TYPE]); 538 539 cfg.l2specific_len = 4; 540 if (info->attrs[L2TP_ATTR_L2SPEC_LEN]) 541 cfg.l2specific_len = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_LEN]); 542 543 if (info->attrs[L2TP_ATTR_COOKIE]) { 544 u16 len = nla_len(info->attrs[L2TP_ATTR_COOKIE]); 545 if (len > 8) { 546 ret = -EINVAL; 547 goto out; 548 } 549 cfg.cookie_len = len; 550 memcpy(&cfg.cookie[0], nla_data(info->attrs[L2TP_ATTR_COOKIE]), len); 551 } 552 if (info->attrs[L2TP_ATTR_PEER_COOKIE]) { 553 u16 len = nla_len(info->attrs[L2TP_ATTR_PEER_COOKIE]); 554 if (len > 8) { 555 ret = -EINVAL; 556 goto out; 557 } 558 cfg.peer_cookie_len = len; 559 memcpy(&cfg.peer_cookie[0], nla_data(info->attrs[L2TP_ATTR_PEER_COOKIE]), len); 560 } 561 if (info->attrs[L2TP_ATTR_IFNAME]) 562 cfg.ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]); 563 564 if (info->attrs[L2TP_ATTR_VLAN_ID]) 565 cfg.vlan_id = nla_get_u16(info->attrs[L2TP_ATTR_VLAN_ID]); 566 } 567 568 if (info->attrs[L2TP_ATTR_DEBUG]) 569 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 570 571 if (info->attrs[L2TP_ATTR_RECV_SEQ]) 572 cfg.recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]); 573 574 if (info->attrs[L2TP_ATTR_SEND_SEQ]) 575 cfg.send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]); 576 577 if (info->attrs[L2TP_ATTR_LNS_MODE]) 578 cfg.lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]); 579 580 if (info->attrs[L2TP_ATTR_RECV_TIMEOUT]) 581 cfg.reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]); 582 583 if (info->attrs[L2TP_ATTR_MTU]) 584 cfg.mtu = nla_get_u16(info->attrs[L2TP_ATTR_MTU]); 585 586 if (info->attrs[L2TP_ATTR_MRU]) 587 cfg.mru = nla_get_u16(info->attrs[L2TP_ATTR_MRU]); 588 589 #ifdef CONFIG_MODULES 590 if (l2tp_nl_cmd_ops[cfg.pw_type] == NULL) { 591 genl_unlock(); 592 request_module("net-l2tp-type-%u", cfg.pw_type); 593 genl_lock(); 594 } 595 #endif 596 if ((l2tp_nl_cmd_ops[cfg.pw_type] == NULL) || 597 (l2tp_nl_cmd_ops[cfg.pw_type]->session_create == NULL)) { 598 ret = -EPROTONOSUPPORT; 599 goto out; 600 } 601 602 /* Check that pseudowire-specific params are present */ 603 switch (cfg.pw_type) { 604 case L2TP_PWTYPE_NONE: 605 break; 606 case L2TP_PWTYPE_ETH_VLAN: 607 if (!info->attrs[L2TP_ATTR_VLAN_ID]) { 608 ret = -EINVAL; 609 goto out; 610 } 611 break; 612 case L2TP_PWTYPE_ETH: 613 break; 614 case L2TP_PWTYPE_PPP: 615 case L2TP_PWTYPE_PPP_AC: 616 break; 617 case L2TP_PWTYPE_IP: 618 default: 619 ret = -EPROTONOSUPPORT; 620 break; 621 } 622 623 ret = -EPROTONOSUPPORT; 624 if (l2tp_nl_cmd_ops[cfg.pw_type]->session_create) 625 ret = (*l2tp_nl_cmd_ops[cfg.pw_type]->session_create)(net, tunnel_id, 626 session_id, peer_session_id, &cfg); 627 628 if (ret >= 0) { 629 session = l2tp_session_find(net, tunnel, session_id); 630 if (session) 631 ret = l2tp_session_notify(&l2tp_nl_family, info, session, 632 L2TP_CMD_SESSION_CREATE); 633 } 634 635 out: 636 return ret; 637 } 638 639 static int l2tp_nl_cmd_session_delete(struct sk_buff *skb, struct genl_info *info) 640 { 641 int ret = 0; 642 struct l2tp_session *session; 643 u16 pw_type; 644 645 session = l2tp_nl_session_find(info); 646 if (session == NULL) { 647 ret = -ENODEV; 648 goto out; 649 } 650 651 l2tp_session_notify(&l2tp_nl_family, info, 652 session, L2TP_CMD_SESSION_DELETE); 653 654 pw_type = session->pwtype; 655 if (pw_type < __L2TP_PWTYPE_MAX) 656 if (l2tp_nl_cmd_ops[pw_type] && l2tp_nl_cmd_ops[pw_type]->session_delete) 657 ret = (*l2tp_nl_cmd_ops[pw_type]->session_delete)(session); 658 659 out: 660 return ret; 661 } 662 663 static int l2tp_nl_cmd_session_modify(struct sk_buff *skb, struct genl_info *info) 664 { 665 int ret = 0; 666 struct l2tp_session *session; 667 668 session = l2tp_nl_session_find(info); 669 if (session == NULL) { 670 ret = -ENODEV; 671 goto out; 672 } 673 674 if (info->attrs[L2TP_ATTR_DEBUG]) 675 session->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 676 677 if (info->attrs[L2TP_ATTR_DATA_SEQ]) 678 session->data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]); 679 680 if (info->attrs[L2TP_ATTR_RECV_SEQ]) 681 session->recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]); 682 683 if (info->attrs[L2TP_ATTR_SEND_SEQ]) { 684 session->send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]); 685 l2tp_session_set_header_len(session, session->tunnel->version); 686 } 687 688 if (info->attrs[L2TP_ATTR_LNS_MODE]) 689 session->lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]); 690 691 if (info->attrs[L2TP_ATTR_RECV_TIMEOUT]) 692 session->reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]); 693 694 if (info->attrs[L2TP_ATTR_MTU]) 695 session->mtu = nla_get_u16(info->attrs[L2TP_ATTR_MTU]); 696 697 if (info->attrs[L2TP_ATTR_MRU]) 698 session->mru = nla_get_u16(info->attrs[L2TP_ATTR_MRU]); 699 700 ret = l2tp_session_notify(&l2tp_nl_family, info, 701 session, L2TP_CMD_SESSION_MODIFY); 702 703 out: 704 return ret; 705 } 706 707 static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, int flags, 708 struct l2tp_session *session, u8 cmd) 709 { 710 void *hdr; 711 struct nlattr *nest; 712 struct l2tp_tunnel *tunnel = session->tunnel; 713 struct sock *sk = NULL; 714 715 sk = tunnel->sock; 716 717 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd); 718 if (!hdr) 719 return -EMSGSIZE; 720 721 if (nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) || 722 nla_put_u32(skb, L2TP_ATTR_SESSION_ID, session->session_id) || 723 nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) || 724 nla_put_u32(skb, L2TP_ATTR_PEER_SESSION_ID, 725 session->peer_session_id) || 726 nla_put_u32(skb, L2TP_ATTR_DEBUG, session->debug) || 727 nla_put_u16(skb, L2TP_ATTR_PW_TYPE, session->pwtype) || 728 nla_put_u16(skb, L2TP_ATTR_MTU, session->mtu) || 729 (session->mru && 730 nla_put_u16(skb, L2TP_ATTR_MRU, session->mru))) 731 goto nla_put_failure; 732 733 if ((session->ifname[0] && 734 nla_put_string(skb, L2TP_ATTR_IFNAME, session->ifname)) || 735 (session->cookie_len && 736 nla_put(skb, L2TP_ATTR_COOKIE, session->cookie_len, 737 &session->cookie[0])) || 738 (session->peer_cookie_len && 739 nla_put(skb, L2TP_ATTR_PEER_COOKIE, session->peer_cookie_len, 740 &session->peer_cookie[0])) || 741 nla_put_u8(skb, L2TP_ATTR_RECV_SEQ, session->recv_seq) || 742 nla_put_u8(skb, L2TP_ATTR_SEND_SEQ, session->send_seq) || 743 nla_put_u8(skb, L2TP_ATTR_LNS_MODE, session->lns_mode) || 744 #ifdef CONFIG_XFRM 745 (((sk) && (sk->sk_policy[0] || sk->sk_policy[1])) && 746 nla_put_u8(skb, L2TP_ATTR_USING_IPSEC, 1)) || 747 #endif 748 (session->reorder_timeout && 749 nla_put_msecs(skb, L2TP_ATTR_RECV_TIMEOUT, session->reorder_timeout))) 750 goto nla_put_failure; 751 752 nest = nla_nest_start(skb, L2TP_ATTR_STATS); 753 if (nest == NULL) 754 goto nla_put_failure; 755 756 if (nla_put_u64(skb, L2TP_ATTR_TX_PACKETS, 757 atomic_long_read(&session->stats.tx_packets)) || 758 nla_put_u64(skb, L2TP_ATTR_TX_BYTES, 759 atomic_long_read(&session->stats.tx_bytes)) || 760 nla_put_u64(skb, L2TP_ATTR_TX_ERRORS, 761 atomic_long_read(&session->stats.tx_errors)) || 762 nla_put_u64(skb, L2TP_ATTR_RX_PACKETS, 763 atomic_long_read(&session->stats.rx_packets)) || 764 nla_put_u64(skb, L2TP_ATTR_RX_BYTES, 765 atomic_long_read(&session->stats.rx_bytes)) || 766 nla_put_u64(skb, L2TP_ATTR_RX_SEQ_DISCARDS, 767 atomic_long_read(&session->stats.rx_seq_discards)) || 768 nla_put_u64(skb, L2TP_ATTR_RX_OOS_PACKETS, 769 atomic_long_read(&session->stats.rx_oos_packets)) || 770 nla_put_u64(skb, L2TP_ATTR_RX_ERRORS, 771 atomic_long_read(&session->stats.rx_errors))) 772 goto nla_put_failure; 773 nla_nest_end(skb, nest); 774 775 genlmsg_end(skb, hdr); 776 return 0; 777 778 nla_put_failure: 779 genlmsg_cancel(skb, hdr); 780 return -1; 781 } 782 783 static int l2tp_nl_cmd_session_get(struct sk_buff *skb, struct genl_info *info) 784 { 785 struct l2tp_session *session; 786 struct sk_buff *msg; 787 int ret; 788 789 session = l2tp_nl_session_find(info); 790 if (session == NULL) { 791 ret = -ENODEV; 792 goto out; 793 } 794 795 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 796 if (!msg) { 797 ret = -ENOMEM; 798 goto out; 799 } 800 801 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq, 802 0, session, L2TP_CMD_SESSION_GET); 803 if (ret < 0) 804 goto err_out; 805 806 return genlmsg_unicast(genl_info_net(info), msg, info->snd_portid); 807 808 err_out: 809 nlmsg_free(msg); 810 811 out: 812 return ret; 813 } 814 815 static int l2tp_nl_cmd_session_dump(struct sk_buff *skb, struct netlink_callback *cb) 816 { 817 struct net *net = sock_net(skb->sk); 818 struct l2tp_session *session; 819 struct l2tp_tunnel *tunnel = NULL; 820 int ti = cb->args[0]; 821 int si = cb->args[1]; 822 823 for (;;) { 824 if (tunnel == NULL) { 825 tunnel = l2tp_tunnel_find_nth(net, ti); 826 if (tunnel == NULL) 827 goto out; 828 } 829 830 session = l2tp_session_find_nth(tunnel, si); 831 if (session == NULL) { 832 ti++; 833 tunnel = NULL; 834 si = 0; 835 continue; 836 } 837 838 if (l2tp_nl_session_send(skb, NETLINK_CB(cb->skb).portid, 839 cb->nlh->nlmsg_seq, NLM_F_MULTI, 840 session, L2TP_CMD_SESSION_GET) < 0) 841 break; 842 843 si++; 844 } 845 846 out: 847 cb->args[0] = ti; 848 cb->args[1] = si; 849 850 return skb->len; 851 } 852 853 static struct nla_policy l2tp_nl_policy[L2TP_ATTR_MAX + 1] = { 854 [L2TP_ATTR_NONE] = { .type = NLA_UNSPEC, }, 855 [L2TP_ATTR_PW_TYPE] = { .type = NLA_U16, }, 856 [L2TP_ATTR_ENCAP_TYPE] = { .type = NLA_U16, }, 857 [L2TP_ATTR_OFFSET] = { .type = NLA_U16, }, 858 [L2TP_ATTR_DATA_SEQ] = { .type = NLA_U8, }, 859 [L2TP_ATTR_L2SPEC_TYPE] = { .type = NLA_U8, }, 860 [L2TP_ATTR_L2SPEC_LEN] = { .type = NLA_U8, }, 861 [L2TP_ATTR_PROTO_VERSION] = { .type = NLA_U8, }, 862 [L2TP_ATTR_CONN_ID] = { .type = NLA_U32, }, 863 [L2TP_ATTR_PEER_CONN_ID] = { .type = NLA_U32, }, 864 [L2TP_ATTR_SESSION_ID] = { .type = NLA_U32, }, 865 [L2TP_ATTR_PEER_SESSION_ID] = { .type = NLA_U32, }, 866 [L2TP_ATTR_UDP_CSUM] = { .type = NLA_U8, }, 867 [L2TP_ATTR_VLAN_ID] = { .type = NLA_U16, }, 868 [L2TP_ATTR_DEBUG] = { .type = NLA_U32, }, 869 [L2TP_ATTR_RECV_SEQ] = { .type = NLA_U8, }, 870 [L2TP_ATTR_SEND_SEQ] = { .type = NLA_U8, }, 871 [L2TP_ATTR_LNS_MODE] = { .type = NLA_U8, }, 872 [L2TP_ATTR_USING_IPSEC] = { .type = NLA_U8, }, 873 [L2TP_ATTR_RECV_TIMEOUT] = { .type = NLA_MSECS, }, 874 [L2TP_ATTR_FD] = { .type = NLA_U32, }, 875 [L2TP_ATTR_IP_SADDR] = { .type = NLA_U32, }, 876 [L2TP_ATTR_IP_DADDR] = { .type = NLA_U32, }, 877 [L2TP_ATTR_UDP_SPORT] = { .type = NLA_U16, }, 878 [L2TP_ATTR_UDP_DPORT] = { .type = NLA_U16, }, 879 [L2TP_ATTR_MTU] = { .type = NLA_U16, }, 880 [L2TP_ATTR_MRU] = { .type = NLA_U16, }, 881 [L2TP_ATTR_STATS] = { .type = NLA_NESTED, }, 882 [L2TP_ATTR_IP6_SADDR] = { 883 .type = NLA_BINARY, 884 .len = sizeof(struct in6_addr), 885 }, 886 [L2TP_ATTR_IP6_DADDR] = { 887 .type = NLA_BINARY, 888 .len = sizeof(struct in6_addr), 889 }, 890 [L2TP_ATTR_IFNAME] = { 891 .type = NLA_NUL_STRING, 892 .len = IFNAMSIZ - 1, 893 }, 894 [L2TP_ATTR_COOKIE] = { 895 .type = NLA_BINARY, 896 .len = 8, 897 }, 898 [L2TP_ATTR_PEER_COOKIE] = { 899 .type = NLA_BINARY, 900 .len = 8, 901 }, 902 }; 903 904 static const struct genl_ops l2tp_nl_ops[] = { 905 { 906 .cmd = L2TP_CMD_NOOP, 907 .doit = l2tp_nl_cmd_noop, 908 .policy = l2tp_nl_policy, 909 /* can be retrieved by unprivileged users */ 910 }, 911 { 912 .cmd = L2TP_CMD_TUNNEL_CREATE, 913 .doit = l2tp_nl_cmd_tunnel_create, 914 .policy = l2tp_nl_policy, 915 .flags = GENL_ADMIN_PERM, 916 }, 917 { 918 .cmd = L2TP_CMD_TUNNEL_DELETE, 919 .doit = l2tp_nl_cmd_tunnel_delete, 920 .policy = l2tp_nl_policy, 921 .flags = GENL_ADMIN_PERM, 922 }, 923 { 924 .cmd = L2TP_CMD_TUNNEL_MODIFY, 925 .doit = l2tp_nl_cmd_tunnel_modify, 926 .policy = l2tp_nl_policy, 927 .flags = GENL_ADMIN_PERM, 928 }, 929 { 930 .cmd = L2TP_CMD_TUNNEL_GET, 931 .doit = l2tp_nl_cmd_tunnel_get, 932 .dumpit = l2tp_nl_cmd_tunnel_dump, 933 .policy = l2tp_nl_policy, 934 .flags = GENL_ADMIN_PERM, 935 }, 936 { 937 .cmd = L2TP_CMD_SESSION_CREATE, 938 .doit = l2tp_nl_cmd_session_create, 939 .policy = l2tp_nl_policy, 940 .flags = GENL_ADMIN_PERM, 941 }, 942 { 943 .cmd = L2TP_CMD_SESSION_DELETE, 944 .doit = l2tp_nl_cmd_session_delete, 945 .policy = l2tp_nl_policy, 946 .flags = GENL_ADMIN_PERM, 947 }, 948 { 949 .cmd = L2TP_CMD_SESSION_MODIFY, 950 .doit = l2tp_nl_cmd_session_modify, 951 .policy = l2tp_nl_policy, 952 .flags = GENL_ADMIN_PERM, 953 }, 954 { 955 .cmd = L2TP_CMD_SESSION_GET, 956 .doit = l2tp_nl_cmd_session_get, 957 .dumpit = l2tp_nl_cmd_session_dump, 958 .policy = l2tp_nl_policy, 959 .flags = GENL_ADMIN_PERM, 960 }, 961 }; 962 963 int l2tp_nl_register_ops(enum l2tp_pwtype pw_type, const struct l2tp_nl_cmd_ops *ops) 964 { 965 int ret; 966 967 ret = -EINVAL; 968 if (pw_type >= __L2TP_PWTYPE_MAX) 969 goto err; 970 971 genl_lock(); 972 ret = -EBUSY; 973 if (l2tp_nl_cmd_ops[pw_type]) 974 goto out; 975 976 l2tp_nl_cmd_ops[pw_type] = ops; 977 ret = 0; 978 979 out: 980 genl_unlock(); 981 err: 982 return ret; 983 } 984 EXPORT_SYMBOL_GPL(l2tp_nl_register_ops); 985 986 void l2tp_nl_unregister_ops(enum l2tp_pwtype pw_type) 987 { 988 if (pw_type < __L2TP_PWTYPE_MAX) { 989 genl_lock(); 990 l2tp_nl_cmd_ops[pw_type] = NULL; 991 genl_unlock(); 992 } 993 } 994 EXPORT_SYMBOL_GPL(l2tp_nl_unregister_ops); 995 996 static int l2tp_nl_init(void) 997 { 998 pr_info("L2TP netlink interface\n"); 999 return genl_register_family_with_ops_groups(&l2tp_nl_family, 1000 l2tp_nl_ops, 1001 l2tp_multicast_group); 1002 } 1003 1004 static void l2tp_nl_cleanup(void) 1005 { 1006 genl_unregister_family(&l2tp_nl_family); 1007 } 1008 1009 module_init(l2tp_nl_init); 1010 module_exit(l2tp_nl_cleanup); 1011 1012 MODULE_AUTHOR("James Chapman <jchapman@katalix.com>"); 1013 MODULE_DESCRIPTION("L2TP netlink"); 1014 MODULE_LICENSE("GPL"); 1015 MODULE_VERSION("1.0"); 1016 MODULE_ALIAS_GENL_FAMILY("l2tp"); 1017