1 /* 2 * L2TP netlink layer, for management 3 * 4 * Copyright (c) 2008,2009,2010 Katalix Systems Ltd 5 * 6 * Partly based on the IrDA nelink implementation 7 * (see net/irda/irnetlink.c) which is: 8 * Copyright (c) 2007 Samuel Ortiz <samuel@sortiz.org> 9 * which is in turn partly based on the wireless netlink code: 10 * Copyright 2006 Johannes Berg <johannes@sipsolutions.net> 11 * 12 * This program is free software; you can redistribute it and/or modify 13 * it under the terms of the GNU General Public License version 2 as 14 * published by the Free Software Foundation. 15 */ 16 17 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 18 19 #include <net/sock.h> 20 #include <net/genetlink.h> 21 #include <net/udp.h> 22 #include <linux/in.h> 23 #include <linux/udp.h> 24 #include <linux/socket.h> 25 #include <linux/module.h> 26 #include <linux/list.h> 27 #include <net/net_namespace.h> 28 29 #include <linux/l2tp.h> 30 31 #include "l2tp_core.h" 32 33 34 static struct genl_family l2tp_nl_family; 35 36 static const struct genl_multicast_group l2tp_multicast_group[] = { 37 { 38 .name = L2TP_GENL_MCGROUP, 39 }, 40 }; 41 42 static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, 43 int flags, struct l2tp_tunnel *tunnel, u8 cmd); 44 static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, 45 int flags, struct l2tp_session *session, 46 u8 cmd); 47 48 /* Accessed under genl lock */ 49 static const struct l2tp_nl_cmd_ops *l2tp_nl_cmd_ops[__L2TP_PWTYPE_MAX]; 50 51 static struct l2tp_session *l2tp_nl_session_get(struct genl_info *info, 52 bool do_ref) 53 { 54 u32 tunnel_id; 55 u32 session_id; 56 char *ifname; 57 struct l2tp_tunnel *tunnel; 58 struct l2tp_session *session = NULL; 59 struct net *net = genl_info_net(info); 60 61 if (info->attrs[L2TP_ATTR_IFNAME]) { 62 ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]); 63 session = l2tp_session_get_by_ifname(net, ifname, do_ref); 64 } else if ((info->attrs[L2TP_ATTR_SESSION_ID]) && 65 (info->attrs[L2TP_ATTR_CONN_ID])) { 66 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 67 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]); 68 tunnel = l2tp_tunnel_get(net, tunnel_id); 69 if (tunnel) { 70 session = l2tp_session_get(net, tunnel, session_id, 71 do_ref); 72 l2tp_tunnel_dec_refcount(tunnel); 73 } 74 } 75 76 return session; 77 } 78 79 static int l2tp_nl_cmd_noop(struct sk_buff *skb, struct genl_info *info) 80 { 81 struct sk_buff *msg; 82 void *hdr; 83 int ret = -ENOBUFS; 84 85 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 86 if (!msg) { 87 ret = -ENOMEM; 88 goto out; 89 } 90 91 hdr = genlmsg_put(msg, info->snd_portid, info->snd_seq, 92 &l2tp_nl_family, 0, L2TP_CMD_NOOP); 93 if (!hdr) { 94 ret = -EMSGSIZE; 95 goto err_out; 96 } 97 98 genlmsg_end(msg, hdr); 99 100 return genlmsg_unicast(genl_info_net(info), msg, info->snd_portid); 101 102 err_out: 103 nlmsg_free(msg); 104 105 out: 106 return ret; 107 } 108 109 static int l2tp_tunnel_notify(struct genl_family *family, 110 struct genl_info *info, 111 struct l2tp_tunnel *tunnel, 112 u8 cmd) 113 { 114 struct sk_buff *msg; 115 int ret; 116 117 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 118 if (!msg) 119 return -ENOMEM; 120 121 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq, 122 NLM_F_ACK, tunnel, cmd); 123 124 if (ret >= 0) { 125 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC); 126 /* We don't care if no one is listening */ 127 if (ret == -ESRCH) 128 ret = 0; 129 return ret; 130 } 131 132 nlmsg_free(msg); 133 134 return ret; 135 } 136 137 static int l2tp_session_notify(struct genl_family *family, 138 struct genl_info *info, 139 struct l2tp_session *session, 140 u8 cmd) 141 { 142 struct sk_buff *msg; 143 int ret; 144 145 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 146 if (!msg) 147 return -ENOMEM; 148 149 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq, 150 NLM_F_ACK, session, cmd); 151 152 if (ret >= 0) { 153 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC); 154 /* We don't care if no one is listening */ 155 if (ret == -ESRCH) 156 ret = 0; 157 return ret; 158 } 159 160 nlmsg_free(msg); 161 162 return ret; 163 } 164 165 static int l2tp_nl_cmd_tunnel_create(struct sk_buff *skb, struct genl_info *info) 166 { 167 u32 tunnel_id; 168 u32 peer_tunnel_id; 169 int proto_version; 170 int fd; 171 int ret = 0; 172 struct l2tp_tunnel_cfg cfg = { 0, }; 173 struct l2tp_tunnel *tunnel; 174 struct net *net = genl_info_net(info); 175 176 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 177 ret = -EINVAL; 178 goto out; 179 } 180 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 181 182 if (!info->attrs[L2TP_ATTR_PEER_CONN_ID]) { 183 ret = -EINVAL; 184 goto out; 185 } 186 peer_tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_CONN_ID]); 187 188 if (!info->attrs[L2TP_ATTR_PROTO_VERSION]) { 189 ret = -EINVAL; 190 goto out; 191 } 192 proto_version = nla_get_u8(info->attrs[L2TP_ATTR_PROTO_VERSION]); 193 194 if (!info->attrs[L2TP_ATTR_ENCAP_TYPE]) { 195 ret = -EINVAL; 196 goto out; 197 } 198 cfg.encap = nla_get_u16(info->attrs[L2TP_ATTR_ENCAP_TYPE]); 199 200 fd = -1; 201 if (info->attrs[L2TP_ATTR_FD]) { 202 fd = nla_get_u32(info->attrs[L2TP_ATTR_FD]); 203 } else { 204 #if IS_ENABLED(CONFIG_IPV6) 205 if (info->attrs[L2TP_ATTR_IP6_SADDR] && 206 info->attrs[L2TP_ATTR_IP6_DADDR]) { 207 cfg.local_ip6 = nla_data( 208 info->attrs[L2TP_ATTR_IP6_SADDR]); 209 cfg.peer_ip6 = nla_data( 210 info->attrs[L2TP_ATTR_IP6_DADDR]); 211 } else 212 #endif 213 if (info->attrs[L2TP_ATTR_IP_SADDR] && 214 info->attrs[L2TP_ATTR_IP_DADDR]) { 215 cfg.local_ip.s_addr = nla_get_in_addr( 216 info->attrs[L2TP_ATTR_IP_SADDR]); 217 cfg.peer_ip.s_addr = nla_get_in_addr( 218 info->attrs[L2TP_ATTR_IP_DADDR]); 219 } else { 220 ret = -EINVAL; 221 goto out; 222 } 223 if (info->attrs[L2TP_ATTR_UDP_SPORT]) 224 cfg.local_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_SPORT]); 225 if (info->attrs[L2TP_ATTR_UDP_DPORT]) 226 cfg.peer_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_DPORT]); 227 cfg.use_udp_checksums = nla_get_flag( 228 info->attrs[L2TP_ATTR_UDP_CSUM]); 229 230 #if IS_ENABLED(CONFIG_IPV6) 231 cfg.udp6_zero_tx_checksums = nla_get_flag( 232 info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_TX]); 233 cfg.udp6_zero_rx_checksums = nla_get_flag( 234 info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_RX]); 235 #endif 236 } 237 238 if (info->attrs[L2TP_ATTR_DEBUG]) 239 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 240 241 tunnel = l2tp_tunnel_find(net, tunnel_id); 242 if (tunnel != NULL) { 243 ret = -EEXIST; 244 goto out; 245 } 246 247 ret = -EINVAL; 248 switch (cfg.encap) { 249 case L2TP_ENCAPTYPE_UDP: 250 case L2TP_ENCAPTYPE_IP: 251 ret = l2tp_tunnel_create(net, fd, proto_version, tunnel_id, 252 peer_tunnel_id, &cfg, &tunnel); 253 break; 254 } 255 256 if (ret >= 0) 257 ret = l2tp_tunnel_notify(&l2tp_nl_family, info, 258 tunnel, L2TP_CMD_TUNNEL_CREATE); 259 out: 260 return ret; 261 } 262 263 static int l2tp_nl_cmd_tunnel_delete(struct sk_buff *skb, struct genl_info *info) 264 { 265 struct l2tp_tunnel *tunnel; 266 u32 tunnel_id; 267 int ret = 0; 268 struct net *net = genl_info_net(info); 269 270 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 271 ret = -EINVAL; 272 goto out; 273 } 274 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 275 276 tunnel = l2tp_tunnel_get(net, tunnel_id); 277 if (!tunnel) { 278 ret = -ENODEV; 279 goto out; 280 } 281 282 l2tp_tunnel_notify(&l2tp_nl_family, info, 283 tunnel, L2TP_CMD_TUNNEL_DELETE); 284 285 (void) l2tp_tunnel_delete(tunnel); 286 287 l2tp_tunnel_dec_refcount(tunnel); 288 289 out: 290 return ret; 291 } 292 293 static int l2tp_nl_cmd_tunnel_modify(struct sk_buff *skb, struct genl_info *info) 294 { 295 struct l2tp_tunnel *tunnel; 296 u32 tunnel_id; 297 int ret = 0; 298 struct net *net = genl_info_net(info); 299 300 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 301 ret = -EINVAL; 302 goto out; 303 } 304 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 305 306 tunnel = l2tp_tunnel_get(net, tunnel_id); 307 if (!tunnel) { 308 ret = -ENODEV; 309 goto out; 310 } 311 312 if (info->attrs[L2TP_ATTR_DEBUG]) 313 tunnel->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 314 315 ret = l2tp_tunnel_notify(&l2tp_nl_family, info, 316 tunnel, L2TP_CMD_TUNNEL_MODIFY); 317 318 l2tp_tunnel_dec_refcount(tunnel); 319 320 out: 321 return ret; 322 } 323 324 static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, int flags, 325 struct l2tp_tunnel *tunnel, u8 cmd) 326 { 327 void *hdr; 328 struct nlattr *nest; 329 struct sock *sk = NULL; 330 struct inet_sock *inet; 331 #if IS_ENABLED(CONFIG_IPV6) 332 struct ipv6_pinfo *np = NULL; 333 #endif 334 335 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd); 336 if (!hdr) 337 return -EMSGSIZE; 338 339 if (nla_put_u8(skb, L2TP_ATTR_PROTO_VERSION, tunnel->version) || 340 nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) || 341 nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) || 342 nla_put_u32(skb, L2TP_ATTR_DEBUG, tunnel->debug) || 343 nla_put_u16(skb, L2TP_ATTR_ENCAP_TYPE, tunnel->encap)) 344 goto nla_put_failure; 345 346 nest = nla_nest_start(skb, L2TP_ATTR_STATS); 347 if (nest == NULL) 348 goto nla_put_failure; 349 350 if (nla_put_u64_64bit(skb, L2TP_ATTR_TX_PACKETS, 351 atomic_long_read(&tunnel->stats.tx_packets), 352 L2TP_ATTR_STATS_PAD) || 353 nla_put_u64_64bit(skb, L2TP_ATTR_TX_BYTES, 354 atomic_long_read(&tunnel->stats.tx_bytes), 355 L2TP_ATTR_STATS_PAD) || 356 nla_put_u64_64bit(skb, L2TP_ATTR_TX_ERRORS, 357 atomic_long_read(&tunnel->stats.tx_errors), 358 L2TP_ATTR_STATS_PAD) || 359 nla_put_u64_64bit(skb, L2TP_ATTR_RX_PACKETS, 360 atomic_long_read(&tunnel->stats.rx_packets), 361 L2TP_ATTR_STATS_PAD) || 362 nla_put_u64_64bit(skb, L2TP_ATTR_RX_BYTES, 363 atomic_long_read(&tunnel->stats.rx_bytes), 364 L2TP_ATTR_STATS_PAD) || 365 nla_put_u64_64bit(skb, L2TP_ATTR_RX_SEQ_DISCARDS, 366 atomic_long_read(&tunnel->stats.rx_seq_discards), 367 L2TP_ATTR_STATS_PAD) || 368 nla_put_u64_64bit(skb, L2TP_ATTR_RX_OOS_PACKETS, 369 atomic_long_read(&tunnel->stats.rx_oos_packets), 370 L2TP_ATTR_STATS_PAD) || 371 nla_put_u64_64bit(skb, L2TP_ATTR_RX_ERRORS, 372 atomic_long_read(&tunnel->stats.rx_errors), 373 L2TP_ATTR_STATS_PAD)) 374 goto nla_put_failure; 375 nla_nest_end(skb, nest); 376 377 sk = tunnel->sock; 378 if (!sk) 379 goto out; 380 381 #if IS_ENABLED(CONFIG_IPV6) 382 if (sk->sk_family == AF_INET6) 383 np = inet6_sk(sk); 384 #endif 385 386 inet = inet_sk(sk); 387 388 switch (tunnel->encap) { 389 case L2TP_ENCAPTYPE_UDP: 390 switch (sk->sk_family) { 391 case AF_INET: 392 if (nla_put_u8(skb, L2TP_ATTR_UDP_CSUM, !sk->sk_no_check_tx)) 393 goto nla_put_failure; 394 break; 395 #if IS_ENABLED(CONFIG_IPV6) 396 case AF_INET6: 397 if (udp_get_no_check6_tx(sk) && 398 nla_put_flag(skb, L2TP_ATTR_UDP_ZERO_CSUM6_TX)) 399 goto nla_put_failure; 400 if (udp_get_no_check6_rx(sk) && 401 nla_put_flag(skb, L2TP_ATTR_UDP_ZERO_CSUM6_RX)) 402 goto nla_put_failure; 403 break; 404 #endif 405 } 406 if (nla_put_u16(skb, L2TP_ATTR_UDP_SPORT, ntohs(inet->inet_sport)) || 407 nla_put_u16(skb, L2TP_ATTR_UDP_DPORT, ntohs(inet->inet_dport))) 408 goto nla_put_failure; 409 /* NOBREAK */ 410 case L2TP_ENCAPTYPE_IP: 411 #if IS_ENABLED(CONFIG_IPV6) 412 if (np) { 413 if (nla_put_in6_addr(skb, L2TP_ATTR_IP6_SADDR, 414 &np->saddr) || 415 nla_put_in6_addr(skb, L2TP_ATTR_IP6_DADDR, 416 &sk->sk_v6_daddr)) 417 goto nla_put_failure; 418 } else 419 #endif 420 if (nla_put_in_addr(skb, L2TP_ATTR_IP_SADDR, 421 inet->inet_saddr) || 422 nla_put_in_addr(skb, L2TP_ATTR_IP_DADDR, 423 inet->inet_daddr)) 424 goto nla_put_failure; 425 break; 426 } 427 428 out: 429 genlmsg_end(skb, hdr); 430 return 0; 431 432 nla_put_failure: 433 genlmsg_cancel(skb, hdr); 434 return -1; 435 } 436 437 static int l2tp_nl_cmd_tunnel_get(struct sk_buff *skb, struct genl_info *info) 438 { 439 struct l2tp_tunnel *tunnel; 440 struct sk_buff *msg; 441 u32 tunnel_id; 442 int ret = -ENOBUFS; 443 struct net *net = genl_info_net(info); 444 445 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 446 ret = -EINVAL; 447 goto err; 448 } 449 450 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 451 452 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 453 if (!msg) { 454 ret = -ENOMEM; 455 goto err; 456 } 457 458 tunnel = l2tp_tunnel_get(net, tunnel_id); 459 if (!tunnel) { 460 ret = -ENODEV; 461 goto err_nlmsg; 462 } 463 464 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq, 465 NLM_F_ACK, tunnel, L2TP_CMD_TUNNEL_GET); 466 if (ret < 0) 467 goto err_nlmsg_tunnel; 468 469 l2tp_tunnel_dec_refcount(tunnel); 470 471 return genlmsg_unicast(net, msg, info->snd_portid); 472 473 err_nlmsg_tunnel: 474 l2tp_tunnel_dec_refcount(tunnel); 475 err_nlmsg: 476 nlmsg_free(msg); 477 err: 478 return ret; 479 } 480 481 static int l2tp_nl_cmd_tunnel_dump(struct sk_buff *skb, struct netlink_callback *cb) 482 { 483 int ti = cb->args[0]; 484 struct l2tp_tunnel *tunnel; 485 struct net *net = sock_net(skb->sk); 486 487 for (;;) { 488 tunnel = l2tp_tunnel_find_nth(net, ti); 489 if (tunnel == NULL) 490 goto out; 491 492 if (l2tp_nl_tunnel_send(skb, NETLINK_CB(cb->skb).portid, 493 cb->nlh->nlmsg_seq, NLM_F_MULTI, 494 tunnel, L2TP_CMD_TUNNEL_GET) < 0) 495 goto out; 496 497 ti++; 498 } 499 500 out: 501 cb->args[0] = ti; 502 503 return skb->len; 504 } 505 506 static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *info) 507 { 508 u32 tunnel_id = 0; 509 u32 session_id; 510 u32 peer_session_id; 511 int ret = 0; 512 struct l2tp_tunnel *tunnel; 513 struct l2tp_session *session; 514 struct l2tp_session_cfg cfg = { 0, }; 515 struct net *net = genl_info_net(info); 516 517 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 518 ret = -EINVAL; 519 goto out; 520 } 521 522 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 523 tunnel = l2tp_tunnel_get(net, tunnel_id); 524 if (!tunnel) { 525 ret = -ENODEV; 526 goto out; 527 } 528 529 if (!info->attrs[L2TP_ATTR_SESSION_ID]) { 530 ret = -EINVAL; 531 goto out_tunnel; 532 } 533 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]); 534 535 if (!info->attrs[L2TP_ATTR_PEER_SESSION_ID]) { 536 ret = -EINVAL; 537 goto out_tunnel; 538 } 539 peer_session_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_SESSION_ID]); 540 541 if (!info->attrs[L2TP_ATTR_PW_TYPE]) { 542 ret = -EINVAL; 543 goto out_tunnel; 544 } 545 cfg.pw_type = nla_get_u16(info->attrs[L2TP_ATTR_PW_TYPE]); 546 if (cfg.pw_type >= __L2TP_PWTYPE_MAX) { 547 ret = -EINVAL; 548 goto out_tunnel; 549 } 550 551 if (tunnel->version > 2) { 552 if (info->attrs[L2TP_ATTR_OFFSET]) 553 cfg.offset = nla_get_u16(info->attrs[L2TP_ATTR_OFFSET]); 554 555 if (info->attrs[L2TP_ATTR_DATA_SEQ]) 556 cfg.data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]); 557 558 cfg.l2specific_type = L2TP_L2SPECTYPE_DEFAULT; 559 if (info->attrs[L2TP_ATTR_L2SPEC_TYPE]) 560 cfg.l2specific_type = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_TYPE]); 561 562 cfg.l2specific_len = 4; 563 if (info->attrs[L2TP_ATTR_L2SPEC_LEN]) 564 cfg.l2specific_len = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_LEN]); 565 566 if (info->attrs[L2TP_ATTR_COOKIE]) { 567 u16 len = nla_len(info->attrs[L2TP_ATTR_COOKIE]); 568 if (len > 8) { 569 ret = -EINVAL; 570 goto out_tunnel; 571 } 572 cfg.cookie_len = len; 573 memcpy(&cfg.cookie[0], nla_data(info->attrs[L2TP_ATTR_COOKIE]), len); 574 } 575 if (info->attrs[L2TP_ATTR_PEER_COOKIE]) { 576 u16 len = nla_len(info->attrs[L2TP_ATTR_PEER_COOKIE]); 577 if (len > 8) { 578 ret = -EINVAL; 579 goto out_tunnel; 580 } 581 cfg.peer_cookie_len = len; 582 memcpy(&cfg.peer_cookie[0], nla_data(info->attrs[L2TP_ATTR_PEER_COOKIE]), len); 583 } 584 if (info->attrs[L2TP_ATTR_IFNAME]) 585 cfg.ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]); 586 587 if (info->attrs[L2TP_ATTR_VLAN_ID]) 588 cfg.vlan_id = nla_get_u16(info->attrs[L2TP_ATTR_VLAN_ID]); 589 } 590 591 if (info->attrs[L2TP_ATTR_DEBUG]) 592 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 593 594 if (info->attrs[L2TP_ATTR_RECV_SEQ]) 595 cfg.recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]); 596 597 if (info->attrs[L2TP_ATTR_SEND_SEQ]) 598 cfg.send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]); 599 600 if (info->attrs[L2TP_ATTR_LNS_MODE]) 601 cfg.lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]); 602 603 if (info->attrs[L2TP_ATTR_RECV_TIMEOUT]) 604 cfg.reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]); 605 606 if (info->attrs[L2TP_ATTR_MTU]) 607 cfg.mtu = nla_get_u16(info->attrs[L2TP_ATTR_MTU]); 608 609 if (info->attrs[L2TP_ATTR_MRU]) 610 cfg.mru = nla_get_u16(info->attrs[L2TP_ATTR_MRU]); 611 612 #ifdef CONFIG_MODULES 613 if (l2tp_nl_cmd_ops[cfg.pw_type] == NULL) { 614 genl_unlock(); 615 request_module("net-l2tp-type-%u", cfg.pw_type); 616 genl_lock(); 617 } 618 #endif 619 if ((l2tp_nl_cmd_ops[cfg.pw_type] == NULL) || 620 (l2tp_nl_cmd_ops[cfg.pw_type]->session_create == NULL)) { 621 ret = -EPROTONOSUPPORT; 622 goto out_tunnel; 623 } 624 625 /* Check that pseudowire-specific params are present */ 626 switch (cfg.pw_type) { 627 case L2TP_PWTYPE_NONE: 628 break; 629 case L2TP_PWTYPE_ETH_VLAN: 630 if (!info->attrs[L2TP_ATTR_VLAN_ID]) { 631 ret = -EINVAL; 632 goto out_tunnel; 633 } 634 break; 635 case L2TP_PWTYPE_ETH: 636 break; 637 case L2TP_PWTYPE_PPP: 638 case L2TP_PWTYPE_PPP_AC: 639 break; 640 case L2TP_PWTYPE_IP: 641 default: 642 ret = -EPROTONOSUPPORT; 643 break; 644 } 645 646 ret = l2tp_nl_cmd_ops[cfg.pw_type]->session_create(net, tunnel, 647 session_id, 648 peer_session_id, 649 &cfg); 650 651 if (ret >= 0) { 652 session = l2tp_session_get(net, tunnel, session_id, false); 653 if (session) { 654 ret = l2tp_session_notify(&l2tp_nl_family, info, session, 655 L2TP_CMD_SESSION_CREATE); 656 l2tp_session_dec_refcount(session); 657 } 658 } 659 660 out_tunnel: 661 l2tp_tunnel_dec_refcount(tunnel); 662 out: 663 return ret; 664 } 665 666 static int l2tp_nl_cmd_session_delete(struct sk_buff *skb, struct genl_info *info) 667 { 668 int ret = 0; 669 struct l2tp_session *session; 670 u16 pw_type; 671 672 session = l2tp_nl_session_get(info, true); 673 if (session == NULL) { 674 ret = -ENODEV; 675 goto out; 676 } 677 678 l2tp_session_notify(&l2tp_nl_family, info, 679 session, L2TP_CMD_SESSION_DELETE); 680 681 pw_type = session->pwtype; 682 if (pw_type < __L2TP_PWTYPE_MAX) 683 if (l2tp_nl_cmd_ops[pw_type] && l2tp_nl_cmd_ops[pw_type]->session_delete) 684 ret = (*l2tp_nl_cmd_ops[pw_type]->session_delete)(session); 685 686 if (session->deref) 687 session->deref(session); 688 l2tp_session_dec_refcount(session); 689 690 out: 691 return ret; 692 } 693 694 static int l2tp_nl_cmd_session_modify(struct sk_buff *skb, struct genl_info *info) 695 { 696 int ret = 0; 697 struct l2tp_session *session; 698 699 session = l2tp_nl_session_get(info, false); 700 if (session == NULL) { 701 ret = -ENODEV; 702 goto out; 703 } 704 705 if (info->attrs[L2TP_ATTR_DEBUG]) 706 session->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 707 708 if (info->attrs[L2TP_ATTR_DATA_SEQ]) 709 session->data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]); 710 711 if (info->attrs[L2TP_ATTR_RECV_SEQ]) 712 session->recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]); 713 714 if (info->attrs[L2TP_ATTR_SEND_SEQ]) { 715 session->send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]); 716 l2tp_session_set_header_len(session, session->tunnel->version); 717 } 718 719 if (info->attrs[L2TP_ATTR_LNS_MODE]) 720 session->lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]); 721 722 if (info->attrs[L2TP_ATTR_RECV_TIMEOUT]) 723 session->reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]); 724 725 if (info->attrs[L2TP_ATTR_MTU]) 726 session->mtu = nla_get_u16(info->attrs[L2TP_ATTR_MTU]); 727 728 if (info->attrs[L2TP_ATTR_MRU]) 729 session->mru = nla_get_u16(info->attrs[L2TP_ATTR_MRU]); 730 731 ret = l2tp_session_notify(&l2tp_nl_family, info, 732 session, L2TP_CMD_SESSION_MODIFY); 733 734 l2tp_session_dec_refcount(session); 735 736 out: 737 return ret; 738 } 739 740 static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, int flags, 741 struct l2tp_session *session, u8 cmd) 742 { 743 void *hdr; 744 struct nlattr *nest; 745 struct l2tp_tunnel *tunnel = session->tunnel; 746 struct sock *sk = NULL; 747 748 sk = tunnel->sock; 749 750 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd); 751 if (!hdr) 752 return -EMSGSIZE; 753 754 if (nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) || 755 nla_put_u32(skb, L2TP_ATTR_SESSION_ID, session->session_id) || 756 nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) || 757 nla_put_u32(skb, L2TP_ATTR_PEER_SESSION_ID, 758 session->peer_session_id) || 759 nla_put_u32(skb, L2TP_ATTR_DEBUG, session->debug) || 760 nla_put_u16(skb, L2TP_ATTR_PW_TYPE, session->pwtype) || 761 nla_put_u16(skb, L2TP_ATTR_MTU, session->mtu) || 762 (session->mru && 763 nla_put_u16(skb, L2TP_ATTR_MRU, session->mru))) 764 goto nla_put_failure; 765 766 if ((session->ifname[0] && 767 nla_put_string(skb, L2TP_ATTR_IFNAME, session->ifname)) || 768 (session->cookie_len && 769 nla_put(skb, L2TP_ATTR_COOKIE, session->cookie_len, 770 &session->cookie[0])) || 771 (session->peer_cookie_len && 772 nla_put(skb, L2TP_ATTR_PEER_COOKIE, session->peer_cookie_len, 773 &session->peer_cookie[0])) || 774 nla_put_u8(skb, L2TP_ATTR_RECV_SEQ, session->recv_seq) || 775 nla_put_u8(skb, L2TP_ATTR_SEND_SEQ, session->send_seq) || 776 nla_put_u8(skb, L2TP_ATTR_LNS_MODE, session->lns_mode) || 777 #ifdef CONFIG_XFRM 778 (((sk) && (sk->sk_policy[0] || sk->sk_policy[1])) && 779 nla_put_u8(skb, L2TP_ATTR_USING_IPSEC, 1)) || 780 #endif 781 (session->reorder_timeout && 782 nla_put_msecs(skb, L2TP_ATTR_RECV_TIMEOUT, 783 session->reorder_timeout, L2TP_ATTR_PAD))) 784 goto nla_put_failure; 785 786 nest = nla_nest_start(skb, L2TP_ATTR_STATS); 787 if (nest == NULL) 788 goto nla_put_failure; 789 790 if (nla_put_u64_64bit(skb, L2TP_ATTR_TX_PACKETS, 791 atomic_long_read(&session->stats.tx_packets), 792 L2TP_ATTR_STATS_PAD) || 793 nla_put_u64_64bit(skb, L2TP_ATTR_TX_BYTES, 794 atomic_long_read(&session->stats.tx_bytes), 795 L2TP_ATTR_STATS_PAD) || 796 nla_put_u64_64bit(skb, L2TP_ATTR_TX_ERRORS, 797 atomic_long_read(&session->stats.tx_errors), 798 L2TP_ATTR_STATS_PAD) || 799 nla_put_u64_64bit(skb, L2TP_ATTR_RX_PACKETS, 800 atomic_long_read(&session->stats.rx_packets), 801 L2TP_ATTR_STATS_PAD) || 802 nla_put_u64_64bit(skb, L2TP_ATTR_RX_BYTES, 803 atomic_long_read(&session->stats.rx_bytes), 804 L2TP_ATTR_STATS_PAD) || 805 nla_put_u64_64bit(skb, L2TP_ATTR_RX_SEQ_DISCARDS, 806 atomic_long_read(&session->stats.rx_seq_discards), 807 L2TP_ATTR_STATS_PAD) || 808 nla_put_u64_64bit(skb, L2TP_ATTR_RX_OOS_PACKETS, 809 atomic_long_read(&session->stats.rx_oos_packets), 810 L2TP_ATTR_STATS_PAD) || 811 nla_put_u64_64bit(skb, L2TP_ATTR_RX_ERRORS, 812 atomic_long_read(&session->stats.rx_errors), 813 L2TP_ATTR_STATS_PAD)) 814 goto nla_put_failure; 815 nla_nest_end(skb, nest); 816 817 genlmsg_end(skb, hdr); 818 return 0; 819 820 nla_put_failure: 821 genlmsg_cancel(skb, hdr); 822 return -1; 823 } 824 825 static int l2tp_nl_cmd_session_get(struct sk_buff *skb, struct genl_info *info) 826 { 827 struct l2tp_session *session; 828 struct sk_buff *msg; 829 int ret; 830 831 session = l2tp_nl_session_get(info, false); 832 if (session == NULL) { 833 ret = -ENODEV; 834 goto err; 835 } 836 837 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 838 if (!msg) { 839 ret = -ENOMEM; 840 goto err_ref; 841 } 842 843 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq, 844 0, session, L2TP_CMD_SESSION_GET); 845 if (ret < 0) 846 goto err_ref_msg; 847 848 ret = genlmsg_unicast(genl_info_net(info), msg, info->snd_portid); 849 850 l2tp_session_dec_refcount(session); 851 852 return ret; 853 854 err_ref_msg: 855 nlmsg_free(msg); 856 err_ref: 857 l2tp_session_dec_refcount(session); 858 err: 859 return ret; 860 } 861 862 static int l2tp_nl_cmd_session_dump(struct sk_buff *skb, struct netlink_callback *cb) 863 { 864 struct net *net = sock_net(skb->sk); 865 struct l2tp_session *session; 866 struct l2tp_tunnel *tunnel = NULL; 867 int ti = cb->args[0]; 868 int si = cb->args[1]; 869 870 for (;;) { 871 if (tunnel == NULL) { 872 tunnel = l2tp_tunnel_find_nth(net, ti); 873 if (tunnel == NULL) 874 goto out; 875 } 876 877 session = l2tp_session_get_nth(tunnel, si, false); 878 if (session == NULL) { 879 ti++; 880 tunnel = NULL; 881 si = 0; 882 continue; 883 } 884 885 if (l2tp_nl_session_send(skb, NETLINK_CB(cb->skb).portid, 886 cb->nlh->nlmsg_seq, NLM_F_MULTI, 887 session, L2TP_CMD_SESSION_GET) < 0) { 888 l2tp_session_dec_refcount(session); 889 break; 890 } 891 l2tp_session_dec_refcount(session); 892 893 si++; 894 } 895 896 out: 897 cb->args[0] = ti; 898 cb->args[1] = si; 899 900 return skb->len; 901 } 902 903 static const struct nla_policy l2tp_nl_policy[L2TP_ATTR_MAX + 1] = { 904 [L2TP_ATTR_NONE] = { .type = NLA_UNSPEC, }, 905 [L2TP_ATTR_PW_TYPE] = { .type = NLA_U16, }, 906 [L2TP_ATTR_ENCAP_TYPE] = { .type = NLA_U16, }, 907 [L2TP_ATTR_OFFSET] = { .type = NLA_U16, }, 908 [L2TP_ATTR_DATA_SEQ] = { .type = NLA_U8, }, 909 [L2TP_ATTR_L2SPEC_TYPE] = { .type = NLA_U8, }, 910 [L2TP_ATTR_L2SPEC_LEN] = { .type = NLA_U8, }, 911 [L2TP_ATTR_PROTO_VERSION] = { .type = NLA_U8, }, 912 [L2TP_ATTR_CONN_ID] = { .type = NLA_U32, }, 913 [L2TP_ATTR_PEER_CONN_ID] = { .type = NLA_U32, }, 914 [L2TP_ATTR_SESSION_ID] = { .type = NLA_U32, }, 915 [L2TP_ATTR_PEER_SESSION_ID] = { .type = NLA_U32, }, 916 [L2TP_ATTR_UDP_CSUM] = { .type = NLA_U8, }, 917 [L2TP_ATTR_VLAN_ID] = { .type = NLA_U16, }, 918 [L2TP_ATTR_DEBUG] = { .type = NLA_U32, }, 919 [L2TP_ATTR_RECV_SEQ] = { .type = NLA_U8, }, 920 [L2TP_ATTR_SEND_SEQ] = { .type = NLA_U8, }, 921 [L2TP_ATTR_LNS_MODE] = { .type = NLA_U8, }, 922 [L2TP_ATTR_USING_IPSEC] = { .type = NLA_U8, }, 923 [L2TP_ATTR_RECV_TIMEOUT] = { .type = NLA_MSECS, }, 924 [L2TP_ATTR_FD] = { .type = NLA_U32, }, 925 [L2TP_ATTR_IP_SADDR] = { .type = NLA_U32, }, 926 [L2TP_ATTR_IP_DADDR] = { .type = NLA_U32, }, 927 [L2TP_ATTR_UDP_SPORT] = { .type = NLA_U16, }, 928 [L2TP_ATTR_UDP_DPORT] = { .type = NLA_U16, }, 929 [L2TP_ATTR_MTU] = { .type = NLA_U16, }, 930 [L2TP_ATTR_MRU] = { .type = NLA_U16, }, 931 [L2TP_ATTR_STATS] = { .type = NLA_NESTED, }, 932 [L2TP_ATTR_IP6_SADDR] = { 933 .type = NLA_BINARY, 934 .len = sizeof(struct in6_addr), 935 }, 936 [L2TP_ATTR_IP6_DADDR] = { 937 .type = NLA_BINARY, 938 .len = sizeof(struct in6_addr), 939 }, 940 [L2TP_ATTR_IFNAME] = { 941 .type = NLA_NUL_STRING, 942 .len = IFNAMSIZ - 1, 943 }, 944 [L2TP_ATTR_COOKIE] = { 945 .type = NLA_BINARY, 946 .len = 8, 947 }, 948 [L2TP_ATTR_PEER_COOKIE] = { 949 .type = NLA_BINARY, 950 .len = 8, 951 }, 952 }; 953 954 static const struct genl_ops l2tp_nl_ops[] = { 955 { 956 .cmd = L2TP_CMD_NOOP, 957 .doit = l2tp_nl_cmd_noop, 958 .policy = l2tp_nl_policy, 959 /* can be retrieved by unprivileged users */ 960 }, 961 { 962 .cmd = L2TP_CMD_TUNNEL_CREATE, 963 .doit = l2tp_nl_cmd_tunnel_create, 964 .policy = l2tp_nl_policy, 965 .flags = GENL_ADMIN_PERM, 966 }, 967 { 968 .cmd = L2TP_CMD_TUNNEL_DELETE, 969 .doit = l2tp_nl_cmd_tunnel_delete, 970 .policy = l2tp_nl_policy, 971 .flags = GENL_ADMIN_PERM, 972 }, 973 { 974 .cmd = L2TP_CMD_TUNNEL_MODIFY, 975 .doit = l2tp_nl_cmd_tunnel_modify, 976 .policy = l2tp_nl_policy, 977 .flags = GENL_ADMIN_PERM, 978 }, 979 { 980 .cmd = L2TP_CMD_TUNNEL_GET, 981 .doit = l2tp_nl_cmd_tunnel_get, 982 .dumpit = l2tp_nl_cmd_tunnel_dump, 983 .policy = l2tp_nl_policy, 984 .flags = GENL_ADMIN_PERM, 985 }, 986 { 987 .cmd = L2TP_CMD_SESSION_CREATE, 988 .doit = l2tp_nl_cmd_session_create, 989 .policy = l2tp_nl_policy, 990 .flags = GENL_ADMIN_PERM, 991 }, 992 { 993 .cmd = L2TP_CMD_SESSION_DELETE, 994 .doit = l2tp_nl_cmd_session_delete, 995 .policy = l2tp_nl_policy, 996 .flags = GENL_ADMIN_PERM, 997 }, 998 { 999 .cmd = L2TP_CMD_SESSION_MODIFY, 1000 .doit = l2tp_nl_cmd_session_modify, 1001 .policy = l2tp_nl_policy, 1002 .flags = GENL_ADMIN_PERM, 1003 }, 1004 { 1005 .cmd = L2TP_CMD_SESSION_GET, 1006 .doit = l2tp_nl_cmd_session_get, 1007 .dumpit = l2tp_nl_cmd_session_dump, 1008 .policy = l2tp_nl_policy, 1009 .flags = GENL_ADMIN_PERM, 1010 }, 1011 }; 1012 1013 static struct genl_family l2tp_nl_family __ro_after_init = { 1014 .name = L2TP_GENL_NAME, 1015 .version = L2TP_GENL_VERSION, 1016 .hdrsize = 0, 1017 .maxattr = L2TP_ATTR_MAX, 1018 .netnsok = true, 1019 .module = THIS_MODULE, 1020 .ops = l2tp_nl_ops, 1021 .n_ops = ARRAY_SIZE(l2tp_nl_ops), 1022 .mcgrps = l2tp_multicast_group, 1023 .n_mcgrps = ARRAY_SIZE(l2tp_multicast_group), 1024 }; 1025 1026 int l2tp_nl_register_ops(enum l2tp_pwtype pw_type, const struct l2tp_nl_cmd_ops *ops) 1027 { 1028 int ret; 1029 1030 ret = -EINVAL; 1031 if (pw_type >= __L2TP_PWTYPE_MAX) 1032 goto err; 1033 1034 genl_lock(); 1035 ret = -EBUSY; 1036 if (l2tp_nl_cmd_ops[pw_type]) 1037 goto out; 1038 1039 l2tp_nl_cmd_ops[pw_type] = ops; 1040 ret = 0; 1041 1042 out: 1043 genl_unlock(); 1044 err: 1045 return ret; 1046 } 1047 EXPORT_SYMBOL_GPL(l2tp_nl_register_ops); 1048 1049 void l2tp_nl_unregister_ops(enum l2tp_pwtype pw_type) 1050 { 1051 if (pw_type < __L2TP_PWTYPE_MAX) { 1052 genl_lock(); 1053 l2tp_nl_cmd_ops[pw_type] = NULL; 1054 genl_unlock(); 1055 } 1056 } 1057 EXPORT_SYMBOL_GPL(l2tp_nl_unregister_ops); 1058 1059 static int __init l2tp_nl_init(void) 1060 { 1061 pr_info("L2TP netlink interface\n"); 1062 return genl_register_family(&l2tp_nl_family); 1063 } 1064 1065 static void l2tp_nl_cleanup(void) 1066 { 1067 genl_unregister_family(&l2tp_nl_family); 1068 } 1069 1070 module_init(l2tp_nl_init); 1071 module_exit(l2tp_nl_cleanup); 1072 1073 MODULE_AUTHOR("James Chapman <jchapman@katalix.com>"); 1074 MODULE_DESCRIPTION("L2TP netlink"); 1075 MODULE_LICENSE("GPL"); 1076 MODULE_VERSION("1.0"); 1077 MODULE_ALIAS_GENL_FAMILY("l2tp"); 1078