1 /* 2 * L2TP netlink layer, for management 3 * 4 * Copyright (c) 2008,2009,2010 Katalix Systems Ltd 5 * 6 * Partly based on the IrDA nelink implementation 7 * (see net/irda/irnetlink.c) which is: 8 * Copyright (c) 2007 Samuel Ortiz <samuel@sortiz.org> 9 * which is in turn partly based on the wireless netlink code: 10 * Copyright 2006 Johannes Berg <johannes@sipsolutions.net> 11 * 12 * This program is free software; you can redistribute it and/or modify 13 * it under the terms of the GNU General Public License version 2 as 14 * published by the Free Software Foundation. 15 */ 16 17 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 18 19 #include <net/sock.h> 20 #include <net/genetlink.h> 21 #include <net/udp.h> 22 #include <linux/in.h> 23 #include <linux/udp.h> 24 #include <linux/socket.h> 25 #include <linux/module.h> 26 #include <linux/list.h> 27 #include <net/net_namespace.h> 28 29 #include <linux/l2tp.h> 30 31 #include "l2tp_core.h" 32 33 34 static struct genl_family l2tp_nl_family; 35 36 static const struct genl_multicast_group l2tp_multicast_group[] = { 37 { 38 .name = L2TP_GENL_MCGROUP, 39 }, 40 }; 41 42 static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, 43 int flags, struct l2tp_tunnel *tunnel, u8 cmd); 44 static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, 45 int flags, struct l2tp_session *session, 46 u8 cmd); 47 48 /* Accessed under genl lock */ 49 static const struct l2tp_nl_cmd_ops *l2tp_nl_cmd_ops[__L2TP_PWTYPE_MAX]; 50 51 static struct l2tp_session *l2tp_nl_session_get(struct genl_info *info) 52 { 53 u32 tunnel_id; 54 u32 session_id; 55 char *ifname; 56 struct l2tp_tunnel *tunnel; 57 struct l2tp_session *session = NULL; 58 struct net *net = genl_info_net(info); 59 60 if (info->attrs[L2TP_ATTR_IFNAME]) { 61 ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]); 62 session = l2tp_session_get_by_ifname(net, ifname); 63 } else if ((info->attrs[L2TP_ATTR_SESSION_ID]) && 64 (info->attrs[L2TP_ATTR_CONN_ID])) { 65 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 66 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]); 67 tunnel = l2tp_tunnel_get(net, tunnel_id); 68 if (tunnel) { 69 session = l2tp_session_get(net, tunnel, session_id); 70 l2tp_tunnel_dec_refcount(tunnel); 71 } 72 } 73 74 return session; 75 } 76 77 static int l2tp_nl_cmd_noop(struct sk_buff *skb, struct genl_info *info) 78 { 79 struct sk_buff *msg; 80 void *hdr; 81 int ret = -ENOBUFS; 82 83 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 84 if (!msg) { 85 ret = -ENOMEM; 86 goto out; 87 } 88 89 hdr = genlmsg_put(msg, info->snd_portid, info->snd_seq, 90 &l2tp_nl_family, 0, L2TP_CMD_NOOP); 91 if (!hdr) { 92 ret = -EMSGSIZE; 93 goto err_out; 94 } 95 96 genlmsg_end(msg, hdr); 97 98 return genlmsg_unicast(genl_info_net(info), msg, info->snd_portid); 99 100 err_out: 101 nlmsg_free(msg); 102 103 out: 104 return ret; 105 } 106 107 static int l2tp_tunnel_notify(struct genl_family *family, 108 struct genl_info *info, 109 struct l2tp_tunnel *tunnel, 110 u8 cmd) 111 { 112 struct sk_buff *msg; 113 int ret; 114 115 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 116 if (!msg) 117 return -ENOMEM; 118 119 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq, 120 NLM_F_ACK, tunnel, cmd); 121 122 if (ret >= 0) { 123 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC); 124 /* We don't care if no one is listening */ 125 if (ret == -ESRCH) 126 ret = 0; 127 return ret; 128 } 129 130 nlmsg_free(msg); 131 132 return ret; 133 } 134 135 static int l2tp_session_notify(struct genl_family *family, 136 struct genl_info *info, 137 struct l2tp_session *session, 138 u8 cmd) 139 { 140 struct sk_buff *msg; 141 int ret; 142 143 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 144 if (!msg) 145 return -ENOMEM; 146 147 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq, 148 NLM_F_ACK, session, cmd); 149 150 if (ret >= 0) { 151 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC); 152 /* We don't care if no one is listening */ 153 if (ret == -ESRCH) 154 ret = 0; 155 return ret; 156 } 157 158 nlmsg_free(msg); 159 160 return ret; 161 } 162 163 static int l2tp_nl_cmd_tunnel_create(struct sk_buff *skb, struct genl_info *info) 164 { 165 u32 tunnel_id; 166 u32 peer_tunnel_id; 167 int proto_version; 168 int fd; 169 int ret = 0; 170 struct l2tp_tunnel_cfg cfg = { 0, }; 171 struct l2tp_tunnel *tunnel; 172 struct net *net = genl_info_net(info); 173 174 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 175 ret = -EINVAL; 176 goto out; 177 } 178 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 179 180 if (!info->attrs[L2TP_ATTR_PEER_CONN_ID]) { 181 ret = -EINVAL; 182 goto out; 183 } 184 peer_tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_CONN_ID]); 185 186 if (!info->attrs[L2TP_ATTR_PROTO_VERSION]) { 187 ret = -EINVAL; 188 goto out; 189 } 190 proto_version = nla_get_u8(info->attrs[L2TP_ATTR_PROTO_VERSION]); 191 192 if (!info->attrs[L2TP_ATTR_ENCAP_TYPE]) { 193 ret = -EINVAL; 194 goto out; 195 } 196 cfg.encap = nla_get_u16(info->attrs[L2TP_ATTR_ENCAP_TYPE]); 197 198 fd = -1; 199 if (info->attrs[L2TP_ATTR_FD]) { 200 fd = nla_get_u32(info->attrs[L2TP_ATTR_FD]); 201 } else { 202 #if IS_ENABLED(CONFIG_IPV6) 203 if (info->attrs[L2TP_ATTR_IP6_SADDR] && 204 info->attrs[L2TP_ATTR_IP6_DADDR]) { 205 cfg.local_ip6 = nla_data( 206 info->attrs[L2TP_ATTR_IP6_SADDR]); 207 cfg.peer_ip6 = nla_data( 208 info->attrs[L2TP_ATTR_IP6_DADDR]); 209 } else 210 #endif 211 if (info->attrs[L2TP_ATTR_IP_SADDR] && 212 info->attrs[L2TP_ATTR_IP_DADDR]) { 213 cfg.local_ip.s_addr = nla_get_in_addr( 214 info->attrs[L2TP_ATTR_IP_SADDR]); 215 cfg.peer_ip.s_addr = nla_get_in_addr( 216 info->attrs[L2TP_ATTR_IP_DADDR]); 217 } else { 218 ret = -EINVAL; 219 goto out; 220 } 221 if (info->attrs[L2TP_ATTR_UDP_SPORT]) 222 cfg.local_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_SPORT]); 223 if (info->attrs[L2TP_ATTR_UDP_DPORT]) 224 cfg.peer_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_DPORT]); 225 cfg.use_udp_checksums = nla_get_flag( 226 info->attrs[L2TP_ATTR_UDP_CSUM]); 227 228 #if IS_ENABLED(CONFIG_IPV6) 229 cfg.udp6_zero_tx_checksums = nla_get_flag( 230 info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_TX]); 231 cfg.udp6_zero_rx_checksums = nla_get_flag( 232 info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_RX]); 233 #endif 234 } 235 236 if (info->attrs[L2TP_ATTR_DEBUG]) 237 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 238 239 ret = -EINVAL; 240 switch (cfg.encap) { 241 case L2TP_ENCAPTYPE_UDP: 242 case L2TP_ENCAPTYPE_IP: 243 ret = l2tp_tunnel_create(net, fd, proto_version, tunnel_id, 244 peer_tunnel_id, &cfg, &tunnel); 245 break; 246 } 247 248 if (ret < 0) 249 goto out; 250 251 l2tp_tunnel_inc_refcount(tunnel); 252 ret = l2tp_tunnel_register(tunnel, net, &cfg); 253 if (ret < 0) { 254 kfree(tunnel); 255 goto out; 256 } 257 ret = l2tp_tunnel_notify(&l2tp_nl_family, info, tunnel, 258 L2TP_CMD_TUNNEL_CREATE); 259 l2tp_tunnel_dec_refcount(tunnel); 260 261 out: 262 return ret; 263 } 264 265 static int l2tp_nl_cmd_tunnel_delete(struct sk_buff *skb, struct genl_info *info) 266 { 267 struct l2tp_tunnel *tunnel; 268 u32 tunnel_id; 269 int ret = 0; 270 struct net *net = genl_info_net(info); 271 272 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 273 ret = -EINVAL; 274 goto out; 275 } 276 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 277 278 tunnel = l2tp_tunnel_get(net, tunnel_id); 279 if (!tunnel) { 280 ret = -ENODEV; 281 goto out; 282 } 283 284 l2tp_tunnel_notify(&l2tp_nl_family, info, 285 tunnel, L2TP_CMD_TUNNEL_DELETE); 286 287 l2tp_tunnel_delete(tunnel); 288 289 l2tp_tunnel_dec_refcount(tunnel); 290 291 out: 292 return ret; 293 } 294 295 static int l2tp_nl_cmd_tunnel_modify(struct sk_buff *skb, struct genl_info *info) 296 { 297 struct l2tp_tunnel *tunnel; 298 u32 tunnel_id; 299 int ret = 0; 300 struct net *net = genl_info_net(info); 301 302 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 303 ret = -EINVAL; 304 goto out; 305 } 306 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 307 308 tunnel = l2tp_tunnel_get(net, tunnel_id); 309 if (!tunnel) { 310 ret = -ENODEV; 311 goto out; 312 } 313 314 if (info->attrs[L2TP_ATTR_DEBUG]) 315 tunnel->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 316 317 ret = l2tp_tunnel_notify(&l2tp_nl_family, info, 318 tunnel, L2TP_CMD_TUNNEL_MODIFY); 319 320 l2tp_tunnel_dec_refcount(tunnel); 321 322 out: 323 return ret; 324 } 325 326 static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, int flags, 327 struct l2tp_tunnel *tunnel, u8 cmd) 328 { 329 void *hdr; 330 struct nlattr *nest; 331 struct sock *sk = NULL; 332 struct inet_sock *inet; 333 #if IS_ENABLED(CONFIG_IPV6) 334 struct ipv6_pinfo *np = NULL; 335 #endif 336 337 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd); 338 if (!hdr) 339 return -EMSGSIZE; 340 341 if (nla_put_u8(skb, L2TP_ATTR_PROTO_VERSION, tunnel->version) || 342 nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) || 343 nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) || 344 nla_put_u32(skb, L2TP_ATTR_DEBUG, tunnel->debug) || 345 nla_put_u16(skb, L2TP_ATTR_ENCAP_TYPE, tunnel->encap)) 346 goto nla_put_failure; 347 348 nest = nla_nest_start(skb, L2TP_ATTR_STATS); 349 if (nest == NULL) 350 goto nla_put_failure; 351 352 if (nla_put_u64_64bit(skb, L2TP_ATTR_TX_PACKETS, 353 atomic_long_read(&tunnel->stats.tx_packets), 354 L2TP_ATTR_STATS_PAD) || 355 nla_put_u64_64bit(skb, L2TP_ATTR_TX_BYTES, 356 atomic_long_read(&tunnel->stats.tx_bytes), 357 L2TP_ATTR_STATS_PAD) || 358 nla_put_u64_64bit(skb, L2TP_ATTR_TX_ERRORS, 359 atomic_long_read(&tunnel->stats.tx_errors), 360 L2TP_ATTR_STATS_PAD) || 361 nla_put_u64_64bit(skb, L2TP_ATTR_RX_PACKETS, 362 atomic_long_read(&tunnel->stats.rx_packets), 363 L2TP_ATTR_STATS_PAD) || 364 nla_put_u64_64bit(skb, L2TP_ATTR_RX_BYTES, 365 atomic_long_read(&tunnel->stats.rx_bytes), 366 L2TP_ATTR_STATS_PAD) || 367 nla_put_u64_64bit(skb, L2TP_ATTR_RX_SEQ_DISCARDS, 368 atomic_long_read(&tunnel->stats.rx_seq_discards), 369 L2TP_ATTR_STATS_PAD) || 370 nla_put_u64_64bit(skb, L2TP_ATTR_RX_OOS_PACKETS, 371 atomic_long_read(&tunnel->stats.rx_oos_packets), 372 L2TP_ATTR_STATS_PAD) || 373 nla_put_u64_64bit(skb, L2TP_ATTR_RX_ERRORS, 374 atomic_long_read(&tunnel->stats.rx_errors), 375 L2TP_ATTR_STATS_PAD)) 376 goto nla_put_failure; 377 nla_nest_end(skb, nest); 378 379 sk = tunnel->sock; 380 if (!sk) 381 goto out; 382 383 #if IS_ENABLED(CONFIG_IPV6) 384 if (sk->sk_family == AF_INET6) 385 np = inet6_sk(sk); 386 #endif 387 388 inet = inet_sk(sk); 389 390 switch (tunnel->encap) { 391 case L2TP_ENCAPTYPE_UDP: 392 switch (sk->sk_family) { 393 case AF_INET: 394 if (nla_put_u8(skb, L2TP_ATTR_UDP_CSUM, !sk->sk_no_check_tx)) 395 goto nla_put_failure; 396 break; 397 #if IS_ENABLED(CONFIG_IPV6) 398 case AF_INET6: 399 if (udp_get_no_check6_tx(sk) && 400 nla_put_flag(skb, L2TP_ATTR_UDP_ZERO_CSUM6_TX)) 401 goto nla_put_failure; 402 if (udp_get_no_check6_rx(sk) && 403 nla_put_flag(skb, L2TP_ATTR_UDP_ZERO_CSUM6_RX)) 404 goto nla_put_failure; 405 break; 406 #endif 407 } 408 if (nla_put_u16(skb, L2TP_ATTR_UDP_SPORT, ntohs(inet->inet_sport)) || 409 nla_put_u16(skb, L2TP_ATTR_UDP_DPORT, ntohs(inet->inet_dport))) 410 goto nla_put_failure; 411 /* fall through */ 412 case L2TP_ENCAPTYPE_IP: 413 #if IS_ENABLED(CONFIG_IPV6) 414 if (np) { 415 if (nla_put_in6_addr(skb, L2TP_ATTR_IP6_SADDR, 416 &np->saddr) || 417 nla_put_in6_addr(skb, L2TP_ATTR_IP6_DADDR, 418 &sk->sk_v6_daddr)) 419 goto nla_put_failure; 420 } else 421 #endif 422 if (nla_put_in_addr(skb, L2TP_ATTR_IP_SADDR, 423 inet->inet_saddr) || 424 nla_put_in_addr(skb, L2TP_ATTR_IP_DADDR, 425 inet->inet_daddr)) 426 goto nla_put_failure; 427 break; 428 } 429 430 out: 431 genlmsg_end(skb, hdr); 432 return 0; 433 434 nla_put_failure: 435 genlmsg_cancel(skb, hdr); 436 return -1; 437 } 438 439 static int l2tp_nl_cmd_tunnel_get(struct sk_buff *skb, struct genl_info *info) 440 { 441 struct l2tp_tunnel *tunnel; 442 struct sk_buff *msg; 443 u32 tunnel_id; 444 int ret = -ENOBUFS; 445 struct net *net = genl_info_net(info); 446 447 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 448 ret = -EINVAL; 449 goto err; 450 } 451 452 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 453 454 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 455 if (!msg) { 456 ret = -ENOMEM; 457 goto err; 458 } 459 460 tunnel = l2tp_tunnel_get(net, tunnel_id); 461 if (!tunnel) { 462 ret = -ENODEV; 463 goto err_nlmsg; 464 } 465 466 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq, 467 NLM_F_ACK, tunnel, L2TP_CMD_TUNNEL_GET); 468 if (ret < 0) 469 goto err_nlmsg_tunnel; 470 471 l2tp_tunnel_dec_refcount(tunnel); 472 473 return genlmsg_unicast(net, msg, info->snd_portid); 474 475 err_nlmsg_tunnel: 476 l2tp_tunnel_dec_refcount(tunnel); 477 err_nlmsg: 478 nlmsg_free(msg); 479 err: 480 return ret; 481 } 482 483 static int l2tp_nl_cmd_tunnel_dump(struct sk_buff *skb, struct netlink_callback *cb) 484 { 485 int ti = cb->args[0]; 486 struct l2tp_tunnel *tunnel; 487 struct net *net = sock_net(skb->sk); 488 489 for (;;) { 490 tunnel = l2tp_tunnel_get_nth(net, ti); 491 if (tunnel == NULL) 492 goto out; 493 494 if (l2tp_nl_tunnel_send(skb, NETLINK_CB(cb->skb).portid, 495 cb->nlh->nlmsg_seq, NLM_F_MULTI, 496 tunnel, L2TP_CMD_TUNNEL_GET) < 0) { 497 l2tp_tunnel_dec_refcount(tunnel); 498 goto out; 499 } 500 l2tp_tunnel_dec_refcount(tunnel); 501 502 ti++; 503 } 504 505 out: 506 cb->args[0] = ti; 507 508 return skb->len; 509 } 510 511 static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *info) 512 { 513 u32 tunnel_id = 0; 514 u32 session_id; 515 u32 peer_session_id; 516 int ret = 0; 517 struct l2tp_tunnel *tunnel; 518 struct l2tp_session *session; 519 struct l2tp_session_cfg cfg = { 0, }; 520 struct net *net = genl_info_net(info); 521 522 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 523 ret = -EINVAL; 524 goto out; 525 } 526 527 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 528 tunnel = l2tp_tunnel_get(net, tunnel_id); 529 if (!tunnel) { 530 ret = -ENODEV; 531 goto out; 532 } 533 534 if (!info->attrs[L2TP_ATTR_SESSION_ID]) { 535 ret = -EINVAL; 536 goto out_tunnel; 537 } 538 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]); 539 540 if (!info->attrs[L2TP_ATTR_PEER_SESSION_ID]) { 541 ret = -EINVAL; 542 goto out_tunnel; 543 } 544 peer_session_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_SESSION_ID]); 545 546 if (!info->attrs[L2TP_ATTR_PW_TYPE]) { 547 ret = -EINVAL; 548 goto out_tunnel; 549 } 550 cfg.pw_type = nla_get_u16(info->attrs[L2TP_ATTR_PW_TYPE]); 551 if (cfg.pw_type >= __L2TP_PWTYPE_MAX) { 552 ret = -EINVAL; 553 goto out_tunnel; 554 } 555 556 if (tunnel->version > 2) { 557 if (info->attrs[L2TP_ATTR_DATA_SEQ]) 558 cfg.data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]); 559 560 if (info->attrs[L2TP_ATTR_L2SPEC_TYPE]) { 561 cfg.l2specific_type = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_TYPE]); 562 if (cfg.l2specific_type != L2TP_L2SPECTYPE_DEFAULT && 563 cfg.l2specific_type != L2TP_L2SPECTYPE_NONE) { 564 ret = -EINVAL; 565 goto out_tunnel; 566 } 567 } else { 568 cfg.l2specific_type = L2TP_L2SPECTYPE_DEFAULT; 569 } 570 571 if (info->attrs[L2TP_ATTR_COOKIE]) { 572 u16 len = nla_len(info->attrs[L2TP_ATTR_COOKIE]); 573 if (len > 8) { 574 ret = -EINVAL; 575 goto out_tunnel; 576 } 577 cfg.cookie_len = len; 578 memcpy(&cfg.cookie[0], nla_data(info->attrs[L2TP_ATTR_COOKIE]), len); 579 } 580 if (info->attrs[L2TP_ATTR_PEER_COOKIE]) { 581 u16 len = nla_len(info->attrs[L2TP_ATTR_PEER_COOKIE]); 582 if (len > 8) { 583 ret = -EINVAL; 584 goto out_tunnel; 585 } 586 cfg.peer_cookie_len = len; 587 memcpy(&cfg.peer_cookie[0], nla_data(info->attrs[L2TP_ATTR_PEER_COOKIE]), len); 588 } 589 if (info->attrs[L2TP_ATTR_IFNAME]) 590 cfg.ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]); 591 592 if (info->attrs[L2TP_ATTR_VLAN_ID]) 593 cfg.vlan_id = nla_get_u16(info->attrs[L2TP_ATTR_VLAN_ID]); 594 } 595 596 if (info->attrs[L2TP_ATTR_DEBUG]) 597 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 598 599 if (info->attrs[L2TP_ATTR_RECV_SEQ]) 600 cfg.recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]); 601 602 if (info->attrs[L2TP_ATTR_SEND_SEQ]) 603 cfg.send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]); 604 605 if (info->attrs[L2TP_ATTR_LNS_MODE]) 606 cfg.lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]); 607 608 if (info->attrs[L2TP_ATTR_RECV_TIMEOUT]) 609 cfg.reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]); 610 611 if (info->attrs[L2TP_ATTR_MTU]) 612 cfg.mtu = nla_get_u16(info->attrs[L2TP_ATTR_MTU]); 613 614 if (info->attrs[L2TP_ATTR_MRU]) 615 cfg.mru = nla_get_u16(info->attrs[L2TP_ATTR_MRU]); 616 617 #ifdef CONFIG_MODULES 618 if (l2tp_nl_cmd_ops[cfg.pw_type] == NULL) { 619 genl_unlock(); 620 request_module("net-l2tp-type-%u", cfg.pw_type); 621 genl_lock(); 622 } 623 #endif 624 if ((l2tp_nl_cmd_ops[cfg.pw_type] == NULL) || 625 (l2tp_nl_cmd_ops[cfg.pw_type]->session_create == NULL)) { 626 ret = -EPROTONOSUPPORT; 627 goto out_tunnel; 628 } 629 630 ret = l2tp_nl_cmd_ops[cfg.pw_type]->session_create(net, tunnel, 631 session_id, 632 peer_session_id, 633 &cfg); 634 635 if (ret >= 0) { 636 session = l2tp_session_get(net, tunnel, session_id); 637 if (session) { 638 ret = l2tp_session_notify(&l2tp_nl_family, info, session, 639 L2TP_CMD_SESSION_CREATE); 640 l2tp_session_dec_refcount(session); 641 } 642 } 643 644 out_tunnel: 645 l2tp_tunnel_dec_refcount(tunnel); 646 out: 647 return ret; 648 } 649 650 static int l2tp_nl_cmd_session_delete(struct sk_buff *skb, struct genl_info *info) 651 { 652 int ret = 0; 653 struct l2tp_session *session; 654 u16 pw_type; 655 656 session = l2tp_nl_session_get(info); 657 if (session == NULL) { 658 ret = -ENODEV; 659 goto out; 660 } 661 662 l2tp_session_notify(&l2tp_nl_family, info, 663 session, L2TP_CMD_SESSION_DELETE); 664 665 pw_type = session->pwtype; 666 if (pw_type < __L2TP_PWTYPE_MAX) 667 if (l2tp_nl_cmd_ops[pw_type] && l2tp_nl_cmd_ops[pw_type]->session_delete) 668 ret = (*l2tp_nl_cmd_ops[pw_type]->session_delete)(session); 669 670 l2tp_session_dec_refcount(session); 671 672 out: 673 return ret; 674 } 675 676 static int l2tp_nl_cmd_session_modify(struct sk_buff *skb, struct genl_info *info) 677 { 678 int ret = 0; 679 struct l2tp_session *session; 680 681 session = l2tp_nl_session_get(info); 682 if (session == NULL) { 683 ret = -ENODEV; 684 goto out; 685 } 686 687 if (info->attrs[L2TP_ATTR_DEBUG]) 688 session->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 689 690 if (info->attrs[L2TP_ATTR_DATA_SEQ]) 691 session->data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]); 692 693 if (info->attrs[L2TP_ATTR_RECV_SEQ]) 694 session->recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]); 695 696 if (info->attrs[L2TP_ATTR_SEND_SEQ]) { 697 session->send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]); 698 l2tp_session_set_header_len(session, session->tunnel->version); 699 } 700 701 if (info->attrs[L2TP_ATTR_LNS_MODE]) 702 session->lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]); 703 704 if (info->attrs[L2TP_ATTR_RECV_TIMEOUT]) 705 session->reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]); 706 707 if (info->attrs[L2TP_ATTR_MTU]) 708 session->mtu = nla_get_u16(info->attrs[L2TP_ATTR_MTU]); 709 710 if (info->attrs[L2TP_ATTR_MRU]) 711 session->mru = nla_get_u16(info->attrs[L2TP_ATTR_MRU]); 712 713 ret = l2tp_session_notify(&l2tp_nl_family, info, 714 session, L2TP_CMD_SESSION_MODIFY); 715 716 l2tp_session_dec_refcount(session); 717 718 out: 719 return ret; 720 } 721 722 static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, int flags, 723 struct l2tp_session *session, u8 cmd) 724 { 725 void *hdr; 726 struct nlattr *nest; 727 struct l2tp_tunnel *tunnel = session->tunnel; 728 struct sock *sk = NULL; 729 730 sk = tunnel->sock; 731 732 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd); 733 if (!hdr) 734 return -EMSGSIZE; 735 736 if (nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) || 737 nla_put_u32(skb, L2TP_ATTR_SESSION_ID, session->session_id) || 738 nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) || 739 nla_put_u32(skb, L2TP_ATTR_PEER_SESSION_ID, 740 session->peer_session_id) || 741 nla_put_u32(skb, L2TP_ATTR_DEBUG, session->debug) || 742 nla_put_u16(skb, L2TP_ATTR_PW_TYPE, session->pwtype) || 743 nla_put_u16(skb, L2TP_ATTR_MTU, session->mtu) || 744 (session->mru && 745 nla_put_u16(skb, L2TP_ATTR_MRU, session->mru))) 746 goto nla_put_failure; 747 748 if ((session->ifname[0] && 749 nla_put_string(skb, L2TP_ATTR_IFNAME, session->ifname)) || 750 (session->cookie_len && 751 nla_put(skb, L2TP_ATTR_COOKIE, session->cookie_len, 752 &session->cookie[0])) || 753 (session->peer_cookie_len && 754 nla_put(skb, L2TP_ATTR_PEER_COOKIE, session->peer_cookie_len, 755 &session->peer_cookie[0])) || 756 nla_put_u8(skb, L2TP_ATTR_RECV_SEQ, session->recv_seq) || 757 nla_put_u8(skb, L2TP_ATTR_SEND_SEQ, session->send_seq) || 758 nla_put_u8(skb, L2TP_ATTR_LNS_MODE, session->lns_mode) || 759 #ifdef CONFIG_XFRM 760 (((sk) && (sk->sk_policy[0] || sk->sk_policy[1])) && 761 nla_put_u8(skb, L2TP_ATTR_USING_IPSEC, 1)) || 762 #endif 763 (session->reorder_timeout && 764 nla_put_msecs(skb, L2TP_ATTR_RECV_TIMEOUT, 765 session->reorder_timeout, L2TP_ATTR_PAD))) 766 goto nla_put_failure; 767 768 nest = nla_nest_start(skb, L2TP_ATTR_STATS); 769 if (nest == NULL) 770 goto nla_put_failure; 771 772 if (nla_put_u64_64bit(skb, L2TP_ATTR_TX_PACKETS, 773 atomic_long_read(&session->stats.tx_packets), 774 L2TP_ATTR_STATS_PAD) || 775 nla_put_u64_64bit(skb, L2TP_ATTR_TX_BYTES, 776 atomic_long_read(&session->stats.tx_bytes), 777 L2TP_ATTR_STATS_PAD) || 778 nla_put_u64_64bit(skb, L2TP_ATTR_TX_ERRORS, 779 atomic_long_read(&session->stats.tx_errors), 780 L2TP_ATTR_STATS_PAD) || 781 nla_put_u64_64bit(skb, L2TP_ATTR_RX_PACKETS, 782 atomic_long_read(&session->stats.rx_packets), 783 L2TP_ATTR_STATS_PAD) || 784 nla_put_u64_64bit(skb, L2TP_ATTR_RX_BYTES, 785 atomic_long_read(&session->stats.rx_bytes), 786 L2TP_ATTR_STATS_PAD) || 787 nla_put_u64_64bit(skb, L2TP_ATTR_RX_SEQ_DISCARDS, 788 atomic_long_read(&session->stats.rx_seq_discards), 789 L2TP_ATTR_STATS_PAD) || 790 nla_put_u64_64bit(skb, L2TP_ATTR_RX_OOS_PACKETS, 791 atomic_long_read(&session->stats.rx_oos_packets), 792 L2TP_ATTR_STATS_PAD) || 793 nla_put_u64_64bit(skb, L2TP_ATTR_RX_ERRORS, 794 atomic_long_read(&session->stats.rx_errors), 795 L2TP_ATTR_STATS_PAD)) 796 goto nla_put_failure; 797 nla_nest_end(skb, nest); 798 799 genlmsg_end(skb, hdr); 800 return 0; 801 802 nla_put_failure: 803 genlmsg_cancel(skb, hdr); 804 return -1; 805 } 806 807 static int l2tp_nl_cmd_session_get(struct sk_buff *skb, struct genl_info *info) 808 { 809 struct l2tp_session *session; 810 struct sk_buff *msg; 811 int ret; 812 813 session = l2tp_nl_session_get(info); 814 if (session == NULL) { 815 ret = -ENODEV; 816 goto err; 817 } 818 819 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 820 if (!msg) { 821 ret = -ENOMEM; 822 goto err_ref; 823 } 824 825 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq, 826 0, session, L2TP_CMD_SESSION_GET); 827 if (ret < 0) 828 goto err_ref_msg; 829 830 ret = genlmsg_unicast(genl_info_net(info), msg, info->snd_portid); 831 832 l2tp_session_dec_refcount(session); 833 834 return ret; 835 836 err_ref_msg: 837 nlmsg_free(msg); 838 err_ref: 839 l2tp_session_dec_refcount(session); 840 err: 841 return ret; 842 } 843 844 static int l2tp_nl_cmd_session_dump(struct sk_buff *skb, struct netlink_callback *cb) 845 { 846 struct net *net = sock_net(skb->sk); 847 struct l2tp_session *session; 848 struct l2tp_tunnel *tunnel = NULL; 849 int ti = cb->args[0]; 850 int si = cb->args[1]; 851 852 for (;;) { 853 if (tunnel == NULL) { 854 tunnel = l2tp_tunnel_get_nth(net, ti); 855 if (tunnel == NULL) 856 goto out; 857 } 858 859 session = l2tp_session_get_nth(tunnel, si); 860 if (session == NULL) { 861 ti++; 862 l2tp_tunnel_dec_refcount(tunnel); 863 tunnel = NULL; 864 si = 0; 865 continue; 866 } 867 868 if (l2tp_nl_session_send(skb, NETLINK_CB(cb->skb).portid, 869 cb->nlh->nlmsg_seq, NLM_F_MULTI, 870 session, L2TP_CMD_SESSION_GET) < 0) { 871 l2tp_session_dec_refcount(session); 872 l2tp_tunnel_dec_refcount(tunnel); 873 break; 874 } 875 l2tp_session_dec_refcount(session); 876 877 si++; 878 } 879 880 out: 881 cb->args[0] = ti; 882 cb->args[1] = si; 883 884 return skb->len; 885 } 886 887 static const struct nla_policy l2tp_nl_policy[L2TP_ATTR_MAX + 1] = { 888 [L2TP_ATTR_NONE] = { .type = NLA_UNSPEC, }, 889 [L2TP_ATTR_PW_TYPE] = { .type = NLA_U16, }, 890 [L2TP_ATTR_ENCAP_TYPE] = { .type = NLA_U16, }, 891 [L2TP_ATTR_OFFSET] = { .type = NLA_U16, }, 892 [L2TP_ATTR_DATA_SEQ] = { .type = NLA_U8, }, 893 [L2TP_ATTR_L2SPEC_TYPE] = { .type = NLA_U8, }, 894 [L2TP_ATTR_L2SPEC_LEN] = { .type = NLA_U8, }, 895 [L2TP_ATTR_PROTO_VERSION] = { .type = NLA_U8, }, 896 [L2TP_ATTR_CONN_ID] = { .type = NLA_U32, }, 897 [L2TP_ATTR_PEER_CONN_ID] = { .type = NLA_U32, }, 898 [L2TP_ATTR_SESSION_ID] = { .type = NLA_U32, }, 899 [L2TP_ATTR_PEER_SESSION_ID] = { .type = NLA_U32, }, 900 [L2TP_ATTR_UDP_CSUM] = { .type = NLA_U8, }, 901 [L2TP_ATTR_VLAN_ID] = { .type = NLA_U16, }, 902 [L2TP_ATTR_DEBUG] = { .type = NLA_U32, }, 903 [L2TP_ATTR_RECV_SEQ] = { .type = NLA_U8, }, 904 [L2TP_ATTR_SEND_SEQ] = { .type = NLA_U8, }, 905 [L2TP_ATTR_LNS_MODE] = { .type = NLA_U8, }, 906 [L2TP_ATTR_USING_IPSEC] = { .type = NLA_U8, }, 907 [L2TP_ATTR_RECV_TIMEOUT] = { .type = NLA_MSECS, }, 908 [L2TP_ATTR_FD] = { .type = NLA_U32, }, 909 [L2TP_ATTR_IP_SADDR] = { .type = NLA_U32, }, 910 [L2TP_ATTR_IP_DADDR] = { .type = NLA_U32, }, 911 [L2TP_ATTR_UDP_SPORT] = { .type = NLA_U16, }, 912 [L2TP_ATTR_UDP_DPORT] = { .type = NLA_U16, }, 913 [L2TP_ATTR_MTU] = { .type = NLA_U16, }, 914 [L2TP_ATTR_MRU] = { .type = NLA_U16, }, 915 [L2TP_ATTR_STATS] = { .type = NLA_NESTED, }, 916 [L2TP_ATTR_IP6_SADDR] = { 917 .type = NLA_BINARY, 918 .len = sizeof(struct in6_addr), 919 }, 920 [L2TP_ATTR_IP6_DADDR] = { 921 .type = NLA_BINARY, 922 .len = sizeof(struct in6_addr), 923 }, 924 [L2TP_ATTR_IFNAME] = { 925 .type = NLA_NUL_STRING, 926 .len = IFNAMSIZ - 1, 927 }, 928 [L2TP_ATTR_COOKIE] = { 929 .type = NLA_BINARY, 930 .len = 8, 931 }, 932 [L2TP_ATTR_PEER_COOKIE] = { 933 .type = NLA_BINARY, 934 .len = 8, 935 }, 936 }; 937 938 static const struct genl_ops l2tp_nl_ops[] = { 939 { 940 .cmd = L2TP_CMD_NOOP, 941 .doit = l2tp_nl_cmd_noop, 942 .policy = l2tp_nl_policy, 943 /* can be retrieved by unprivileged users */ 944 }, 945 { 946 .cmd = L2TP_CMD_TUNNEL_CREATE, 947 .doit = l2tp_nl_cmd_tunnel_create, 948 .policy = l2tp_nl_policy, 949 .flags = GENL_ADMIN_PERM, 950 }, 951 { 952 .cmd = L2TP_CMD_TUNNEL_DELETE, 953 .doit = l2tp_nl_cmd_tunnel_delete, 954 .policy = l2tp_nl_policy, 955 .flags = GENL_ADMIN_PERM, 956 }, 957 { 958 .cmd = L2TP_CMD_TUNNEL_MODIFY, 959 .doit = l2tp_nl_cmd_tunnel_modify, 960 .policy = l2tp_nl_policy, 961 .flags = GENL_ADMIN_PERM, 962 }, 963 { 964 .cmd = L2TP_CMD_TUNNEL_GET, 965 .doit = l2tp_nl_cmd_tunnel_get, 966 .dumpit = l2tp_nl_cmd_tunnel_dump, 967 .policy = l2tp_nl_policy, 968 .flags = GENL_ADMIN_PERM, 969 }, 970 { 971 .cmd = L2TP_CMD_SESSION_CREATE, 972 .doit = l2tp_nl_cmd_session_create, 973 .policy = l2tp_nl_policy, 974 .flags = GENL_ADMIN_PERM, 975 }, 976 { 977 .cmd = L2TP_CMD_SESSION_DELETE, 978 .doit = l2tp_nl_cmd_session_delete, 979 .policy = l2tp_nl_policy, 980 .flags = GENL_ADMIN_PERM, 981 }, 982 { 983 .cmd = L2TP_CMD_SESSION_MODIFY, 984 .doit = l2tp_nl_cmd_session_modify, 985 .policy = l2tp_nl_policy, 986 .flags = GENL_ADMIN_PERM, 987 }, 988 { 989 .cmd = L2TP_CMD_SESSION_GET, 990 .doit = l2tp_nl_cmd_session_get, 991 .dumpit = l2tp_nl_cmd_session_dump, 992 .policy = l2tp_nl_policy, 993 .flags = GENL_ADMIN_PERM, 994 }, 995 }; 996 997 static struct genl_family l2tp_nl_family __ro_after_init = { 998 .name = L2TP_GENL_NAME, 999 .version = L2TP_GENL_VERSION, 1000 .hdrsize = 0, 1001 .maxattr = L2TP_ATTR_MAX, 1002 .netnsok = true, 1003 .module = THIS_MODULE, 1004 .ops = l2tp_nl_ops, 1005 .n_ops = ARRAY_SIZE(l2tp_nl_ops), 1006 .mcgrps = l2tp_multicast_group, 1007 .n_mcgrps = ARRAY_SIZE(l2tp_multicast_group), 1008 }; 1009 1010 int l2tp_nl_register_ops(enum l2tp_pwtype pw_type, const struct l2tp_nl_cmd_ops *ops) 1011 { 1012 int ret; 1013 1014 ret = -EINVAL; 1015 if (pw_type >= __L2TP_PWTYPE_MAX) 1016 goto err; 1017 1018 genl_lock(); 1019 ret = -EBUSY; 1020 if (l2tp_nl_cmd_ops[pw_type]) 1021 goto out; 1022 1023 l2tp_nl_cmd_ops[pw_type] = ops; 1024 ret = 0; 1025 1026 out: 1027 genl_unlock(); 1028 err: 1029 return ret; 1030 } 1031 EXPORT_SYMBOL_GPL(l2tp_nl_register_ops); 1032 1033 void l2tp_nl_unregister_ops(enum l2tp_pwtype pw_type) 1034 { 1035 if (pw_type < __L2TP_PWTYPE_MAX) { 1036 genl_lock(); 1037 l2tp_nl_cmd_ops[pw_type] = NULL; 1038 genl_unlock(); 1039 } 1040 } 1041 EXPORT_SYMBOL_GPL(l2tp_nl_unregister_ops); 1042 1043 static int __init l2tp_nl_init(void) 1044 { 1045 pr_info("L2TP netlink interface\n"); 1046 return genl_register_family(&l2tp_nl_family); 1047 } 1048 1049 static void l2tp_nl_cleanup(void) 1050 { 1051 genl_unregister_family(&l2tp_nl_family); 1052 } 1053 1054 module_init(l2tp_nl_init); 1055 module_exit(l2tp_nl_cleanup); 1056 1057 MODULE_AUTHOR("James Chapman <jchapman@katalix.com>"); 1058 MODULE_DESCRIPTION("L2TP netlink"); 1059 MODULE_LICENSE("GPL"); 1060 MODULE_VERSION("1.0"); 1061 MODULE_ALIAS_GENL_FAMILY("l2tp"); 1062