1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * L2TP netlink layer, for management 4 * 5 * Copyright (c) 2008,2009,2010 Katalix Systems Ltd 6 * 7 * Partly based on the IrDA nelink implementation 8 * (see net/irda/irnetlink.c) which is: 9 * Copyright (c) 2007 Samuel Ortiz <samuel@sortiz.org> 10 * which is in turn partly based on the wireless netlink code: 11 * Copyright 2006 Johannes Berg <johannes@sipsolutions.net> 12 */ 13 14 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 15 16 #include <net/sock.h> 17 #include <net/genetlink.h> 18 #include <net/udp.h> 19 #include <linux/in.h> 20 #include <linux/udp.h> 21 #include <linux/socket.h> 22 #include <linux/module.h> 23 #include <linux/list.h> 24 #include <net/net_namespace.h> 25 26 #include <linux/l2tp.h> 27 28 #include "l2tp_core.h" 29 30 31 static struct genl_family l2tp_nl_family; 32 33 static const struct genl_multicast_group l2tp_multicast_group[] = { 34 { 35 .name = L2TP_GENL_MCGROUP, 36 }, 37 }; 38 39 static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, 40 int flags, struct l2tp_tunnel *tunnel, u8 cmd); 41 static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, 42 int flags, struct l2tp_session *session, 43 u8 cmd); 44 45 /* Accessed under genl lock */ 46 static const struct l2tp_nl_cmd_ops *l2tp_nl_cmd_ops[__L2TP_PWTYPE_MAX]; 47 48 static struct l2tp_session *l2tp_nl_session_get(struct genl_info *info) 49 { 50 u32 tunnel_id; 51 u32 session_id; 52 char *ifname; 53 struct l2tp_tunnel *tunnel; 54 struct l2tp_session *session = NULL; 55 struct net *net = genl_info_net(info); 56 57 if (info->attrs[L2TP_ATTR_IFNAME]) { 58 ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]); 59 session = l2tp_session_get_by_ifname(net, ifname); 60 } else if ((info->attrs[L2TP_ATTR_SESSION_ID]) && 61 (info->attrs[L2TP_ATTR_CONN_ID])) { 62 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 63 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]); 64 tunnel = l2tp_tunnel_get(net, tunnel_id); 65 if (tunnel) { 66 session = l2tp_tunnel_get_session(tunnel, session_id); 67 l2tp_tunnel_dec_refcount(tunnel); 68 } 69 } 70 71 return session; 72 } 73 74 static int l2tp_nl_cmd_noop(struct sk_buff *skb, struct genl_info *info) 75 { 76 struct sk_buff *msg; 77 void *hdr; 78 int ret = -ENOBUFS; 79 80 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 81 if (!msg) { 82 ret = -ENOMEM; 83 goto out; 84 } 85 86 hdr = genlmsg_put(msg, info->snd_portid, info->snd_seq, 87 &l2tp_nl_family, 0, L2TP_CMD_NOOP); 88 if (!hdr) { 89 ret = -EMSGSIZE; 90 goto err_out; 91 } 92 93 genlmsg_end(msg, hdr); 94 95 return genlmsg_unicast(genl_info_net(info), msg, info->snd_portid); 96 97 err_out: 98 nlmsg_free(msg); 99 100 out: 101 return ret; 102 } 103 104 static int l2tp_tunnel_notify(struct genl_family *family, 105 struct genl_info *info, 106 struct l2tp_tunnel *tunnel, 107 u8 cmd) 108 { 109 struct sk_buff *msg; 110 int ret; 111 112 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 113 if (!msg) 114 return -ENOMEM; 115 116 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq, 117 NLM_F_ACK, tunnel, cmd); 118 119 if (ret >= 0) { 120 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC); 121 /* We don't care if no one is listening */ 122 if (ret == -ESRCH) 123 ret = 0; 124 return ret; 125 } 126 127 nlmsg_free(msg); 128 129 return ret; 130 } 131 132 static int l2tp_session_notify(struct genl_family *family, 133 struct genl_info *info, 134 struct l2tp_session *session, 135 u8 cmd) 136 { 137 struct sk_buff *msg; 138 int ret; 139 140 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 141 if (!msg) 142 return -ENOMEM; 143 144 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq, 145 NLM_F_ACK, session, cmd); 146 147 if (ret >= 0) { 148 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC); 149 /* We don't care if no one is listening */ 150 if (ret == -ESRCH) 151 ret = 0; 152 return ret; 153 } 154 155 nlmsg_free(msg); 156 157 return ret; 158 } 159 160 static int l2tp_nl_cmd_tunnel_create(struct sk_buff *skb, struct genl_info *info) 161 { 162 u32 tunnel_id; 163 u32 peer_tunnel_id; 164 int proto_version; 165 int fd; 166 int ret = 0; 167 struct l2tp_tunnel_cfg cfg = { 0, }; 168 struct l2tp_tunnel *tunnel; 169 struct net *net = genl_info_net(info); 170 171 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 172 ret = -EINVAL; 173 goto out; 174 } 175 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 176 177 if (!info->attrs[L2TP_ATTR_PEER_CONN_ID]) { 178 ret = -EINVAL; 179 goto out; 180 } 181 peer_tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_CONN_ID]); 182 183 if (!info->attrs[L2TP_ATTR_PROTO_VERSION]) { 184 ret = -EINVAL; 185 goto out; 186 } 187 proto_version = nla_get_u8(info->attrs[L2TP_ATTR_PROTO_VERSION]); 188 189 if (!info->attrs[L2TP_ATTR_ENCAP_TYPE]) { 190 ret = -EINVAL; 191 goto out; 192 } 193 cfg.encap = nla_get_u16(info->attrs[L2TP_ATTR_ENCAP_TYPE]); 194 195 fd = -1; 196 if (info->attrs[L2TP_ATTR_FD]) { 197 fd = nla_get_u32(info->attrs[L2TP_ATTR_FD]); 198 } else { 199 #if IS_ENABLED(CONFIG_IPV6) 200 if (info->attrs[L2TP_ATTR_IP6_SADDR] && 201 info->attrs[L2TP_ATTR_IP6_DADDR]) { 202 cfg.local_ip6 = nla_data( 203 info->attrs[L2TP_ATTR_IP6_SADDR]); 204 cfg.peer_ip6 = nla_data( 205 info->attrs[L2TP_ATTR_IP6_DADDR]); 206 } else 207 #endif 208 if (info->attrs[L2TP_ATTR_IP_SADDR] && 209 info->attrs[L2TP_ATTR_IP_DADDR]) { 210 cfg.local_ip.s_addr = nla_get_in_addr( 211 info->attrs[L2TP_ATTR_IP_SADDR]); 212 cfg.peer_ip.s_addr = nla_get_in_addr( 213 info->attrs[L2TP_ATTR_IP_DADDR]); 214 } else { 215 ret = -EINVAL; 216 goto out; 217 } 218 if (info->attrs[L2TP_ATTR_UDP_SPORT]) 219 cfg.local_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_SPORT]); 220 if (info->attrs[L2TP_ATTR_UDP_DPORT]) 221 cfg.peer_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_DPORT]); 222 cfg.use_udp_checksums = nla_get_flag( 223 info->attrs[L2TP_ATTR_UDP_CSUM]); 224 225 #if IS_ENABLED(CONFIG_IPV6) 226 cfg.udp6_zero_tx_checksums = nla_get_flag( 227 info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_TX]); 228 cfg.udp6_zero_rx_checksums = nla_get_flag( 229 info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_RX]); 230 #endif 231 } 232 233 if (info->attrs[L2TP_ATTR_DEBUG]) 234 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 235 236 ret = -EINVAL; 237 switch (cfg.encap) { 238 case L2TP_ENCAPTYPE_UDP: 239 case L2TP_ENCAPTYPE_IP: 240 ret = l2tp_tunnel_create(net, fd, proto_version, tunnel_id, 241 peer_tunnel_id, &cfg, &tunnel); 242 break; 243 } 244 245 if (ret < 0) 246 goto out; 247 248 l2tp_tunnel_inc_refcount(tunnel); 249 ret = l2tp_tunnel_register(tunnel, net, &cfg); 250 if (ret < 0) { 251 kfree(tunnel); 252 goto out; 253 } 254 ret = l2tp_tunnel_notify(&l2tp_nl_family, info, tunnel, 255 L2TP_CMD_TUNNEL_CREATE); 256 l2tp_tunnel_dec_refcount(tunnel); 257 258 out: 259 return ret; 260 } 261 262 static int l2tp_nl_cmd_tunnel_delete(struct sk_buff *skb, struct genl_info *info) 263 { 264 struct l2tp_tunnel *tunnel; 265 u32 tunnel_id; 266 int ret = 0; 267 struct net *net = genl_info_net(info); 268 269 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 270 ret = -EINVAL; 271 goto out; 272 } 273 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 274 275 tunnel = l2tp_tunnel_get(net, tunnel_id); 276 if (!tunnel) { 277 ret = -ENODEV; 278 goto out; 279 } 280 281 l2tp_tunnel_notify(&l2tp_nl_family, info, 282 tunnel, L2TP_CMD_TUNNEL_DELETE); 283 284 l2tp_tunnel_delete(tunnel); 285 286 l2tp_tunnel_dec_refcount(tunnel); 287 288 out: 289 return ret; 290 } 291 292 static int l2tp_nl_cmd_tunnel_modify(struct sk_buff *skb, struct genl_info *info) 293 { 294 struct l2tp_tunnel *tunnel; 295 u32 tunnel_id; 296 int ret = 0; 297 struct net *net = genl_info_net(info); 298 299 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 300 ret = -EINVAL; 301 goto out; 302 } 303 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 304 305 tunnel = l2tp_tunnel_get(net, tunnel_id); 306 if (!tunnel) { 307 ret = -ENODEV; 308 goto out; 309 } 310 311 if (info->attrs[L2TP_ATTR_DEBUG]) 312 tunnel->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 313 314 ret = l2tp_tunnel_notify(&l2tp_nl_family, info, 315 tunnel, L2TP_CMD_TUNNEL_MODIFY); 316 317 l2tp_tunnel_dec_refcount(tunnel); 318 319 out: 320 return ret; 321 } 322 323 static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, int flags, 324 struct l2tp_tunnel *tunnel, u8 cmd) 325 { 326 void *hdr; 327 struct nlattr *nest; 328 struct sock *sk = NULL; 329 struct inet_sock *inet; 330 #if IS_ENABLED(CONFIG_IPV6) 331 struct ipv6_pinfo *np = NULL; 332 #endif 333 334 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd); 335 if (!hdr) 336 return -EMSGSIZE; 337 338 if (nla_put_u8(skb, L2TP_ATTR_PROTO_VERSION, tunnel->version) || 339 nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) || 340 nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) || 341 nla_put_u32(skb, L2TP_ATTR_DEBUG, tunnel->debug) || 342 nla_put_u16(skb, L2TP_ATTR_ENCAP_TYPE, tunnel->encap)) 343 goto nla_put_failure; 344 345 nest = nla_nest_start_noflag(skb, L2TP_ATTR_STATS); 346 if (nest == NULL) 347 goto nla_put_failure; 348 349 if (nla_put_u64_64bit(skb, L2TP_ATTR_TX_PACKETS, 350 atomic_long_read(&tunnel->stats.tx_packets), 351 L2TP_ATTR_STATS_PAD) || 352 nla_put_u64_64bit(skb, L2TP_ATTR_TX_BYTES, 353 atomic_long_read(&tunnel->stats.tx_bytes), 354 L2TP_ATTR_STATS_PAD) || 355 nla_put_u64_64bit(skb, L2TP_ATTR_TX_ERRORS, 356 atomic_long_read(&tunnel->stats.tx_errors), 357 L2TP_ATTR_STATS_PAD) || 358 nla_put_u64_64bit(skb, L2TP_ATTR_RX_PACKETS, 359 atomic_long_read(&tunnel->stats.rx_packets), 360 L2TP_ATTR_STATS_PAD) || 361 nla_put_u64_64bit(skb, L2TP_ATTR_RX_BYTES, 362 atomic_long_read(&tunnel->stats.rx_bytes), 363 L2TP_ATTR_STATS_PAD) || 364 nla_put_u64_64bit(skb, L2TP_ATTR_RX_SEQ_DISCARDS, 365 atomic_long_read(&tunnel->stats.rx_seq_discards), 366 L2TP_ATTR_STATS_PAD) || 367 nla_put_u64_64bit(skb, L2TP_ATTR_RX_OOS_PACKETS, 368 atomic_long_read(&tunnel->stats.rx_oos_packets), 369 L2TP_ATTR_STATS_PAD) || 370 nla_put_u64_64bit(skb, L2TP_ATTR_RX_ERRORS, 371 atomic_long_read(&tunnel->stats.rx_errors), 372 L2TP_ATTR_STATS_PAD)) 373 goto nla_put_failure; 374 nla_nest_end(skb, nest); 375 376 sk = tunnel->sock; 377 if (!sk) 378 goto out; 379 380 #if IS_ENABLED(CONFIG_IPV6) 381 if (sk->sk_family == AF_INET6) 382 np = inet6_sk(sk); 383 #endif 384 385 inet = inet_sk(sk); 386 387 switch (tunnel->encap) { 388 case L2TP_ENCAPTYPE_UDP: 389 switch (sk->sk_family) { 390 case AF_INET: 391 if (nla_put_u8(skb, L2TP_ATTR_UDP_CSUM, !sk->sk_no_check_tx)) 392 goto nla_put_failure; 393 break; 394 #if IS_ENABLED(CONFIG_IPV6) 395 case AF_INET6: 396 if (udp_get_no_check6_tx(sk) && 397 nla_put_flag(skb, L2TP_ATTR_UDP_ZERO_CSUM6_TX)) 398 goto nla_put_failure; 399 if (udp_get_no_check6_rx(sk) && 400 nla_put_flag(skb, L2TP_ATTR_UDP_ZERO_CSUM6_RX)) 401 goto nla_put_failure; 402 break; 403 #endif 404 } 405 if (nla_put_u16(skb, L2TP_ATTR_UDP_SPORT, ntohs(inet->inet_sport)) || 406 nla_put_u16(skb, L2TP_ATTR_UDP_DPORT, ntohs(inet->inet_dport))) 407 goto nla_put_failure; 408 /* fall through */ 409 case L2TP_ENCAPTYPE_IP: 410 #if IS_ENABLED(CONFIG_IPV6) 411 if (np) { 412 if (nla_put_in6_addr(skb, L2TP_ATTR_IP6_SADDR, 413 &np->saddr) || 414 nla_put_in6_addr(skb, L2TP_ATTR_IP6_DADDR, 415 &sk->sk_v6_daddr)) 416 goto nla_put_failure; 417 } else 418 #endif 419 if (nla_put_in_addr(skb, L2TP_ATTR_IP_SADDR, 420 inet->inet_saddr) || 421 nla_put_in_addr(skb, L2TP_ATTR_IP_DADDR, 422 inet->inet_daddr)) 423 goto nla_put_failure; 424 break; 425 } 426 427 out: 428 genlmsg_end(skb, hdr); 429 return 0; 430 431 nla_put_failure: 432 genlmsg_cancel(skb, hdr); 433 return -1; 434 } 435 436 static int l2tp_nl_cmd_tunnel_get(struct sk_buff *skb, struct genl_info *info) 437 { 438 struct l2tp_tunnel *tunnel; 439 struct sk_buff *msg; 440 u32 tunnel_id; 441 int ret = -ENOBUFS; 442 struct net *net = genl_info_net(info); 443 444 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 445 ret = -EINVAL; 446 goto err; 447 } 448 449 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 450 451 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 452 if (!msg) { 453 ret = -ENOMEM; 454 goto err; 455 } 456 457 tunnel = l2tp_tunnel_get(net, tunnel_id); 458 if (!tunnel) { 459 ret = -ENODEV; 460 goto err_nlmsg; 461 } 462 463 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq, 464 NLM_F_ACK, tunnel, L2TP_CMD_TUNNEL_GET); 465 if (ret < 0) 466 goto err_nlmsg_tunnel; 467 468 l2tp_tunnel_dec_refcount(tunnel); 469 470 return genlmsg_unicast(net, msg, info->snd_portid); 471 472 err_nlmsg_tunnel: 473 l2tp_tunnel_dec_refcount(tunnel); 474 err_nlmsg: 475 nlmsg_free(msg); 476 err: 477 return ret; 478 } 479 480 static int l2tp_nl_cmd_tunnel_dump(struct sk_buff *skb, struct netlink_callback *cb) 481 { 482 int ti = cb->args[0]; 483 struct l2tp_tunnel *tunnel; 484 struct net *net = sock_net(skb->sk); 485 486 for (;;) { 487 tunnel = l2tp_tunnel_get_nth(net, ti); 488 if (tunnel == NULL) 489 goto out; 490 491 if (l2tp_nl_tunnel_send(skb, NETLINK_CB(cb->skb).portid, 492 cb->nlh->nlmsg_seq, NLM_F_MULTI, 493 tunnel, L2TP_CMD_TUNNEL_GET) < 0) { 494 l2tp_tunnel_dec_refcount(tunnel); 495 goto out; 496 } 497 l2tp_tunnel_dec_refcount(tunnel); 498 499 ti++; 500 } 501 502 out: 503 cb->args[0] = ti; 504 505 return skb->len; 506 } 507 508 static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *info) 509 { 510 u32 tunnel_id = 0; 511 u32 session_id; 512 u32 peer_session_id; 513 int ret = 0; 514 struct l2tp_tunnel *tunnel; 515 struct l2tp_session *session; 516 struct l2tp_session_cfg cfg = { 0, }; 517 struct net *net = genl_info_net(info); 518 519 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 520 ret = -EINVAL; 521 goto out; 522 } 523 524 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 525 tunnel = l2tp_tunnel_get(net, tunnel_id); 526 if (!tunnel) { 527 ret = -ENODEV; 528 goto out; 529 } 530 531 if (!info->attrs[L2TP_ATTR_SESSION_ID]) { 532 ret = -EINVAL; 533 goto out_tunnel; 534 } 535 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]); 536 537 if (!info->attrs[L2TP_ATTR_PEER_SESSION_ID]) { 538 ret = -EINVAL; 539 goto out_tunnel; 540 } 541 peer_session_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_SESSION_ID]); 542 543 if (!info->attrs[L2TP_ATTR_PW_TYPE]) { 544 ret = -EINVAL; 545 goto out_tunnel; 546 } 547 cfg.pw_type = nla_get_u16(info->attrs[L2TP_ATTR_PW_TYPE]); 548 if (cfg.pw_type >= __L2TP_PWTYPE_MAX) { 549 ret = -EINVAL; 550 goto out_tunnel; 551 } 552 553 /* L2TPv2 only accepts PPP pseudo-wires */ 554 if (tunnel->version == 2 && cfg.pw_type != L2TP_PWTYPE_PPP) { 555 ret = -EPROTONOSUPPORT; 556 goto out_tunnel; 557 } 558 559 if (tunnel->version > 2) { 560 if (info->attrs[L2TP_ATTR_L2SPEC_TYPE]) { 561 cfg.l2specific_type = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_TYPE]); 562 if (cfg.l2specific_type != L2TP_L2SPECTYPE_DEFAULT && 563 cfg.l2specific_type != L2TP_L2SPECTYPE_NONE) { 564 ret = -EINVAL; 565 goto out_tunnel; 566 } 567 } else { 568 cfg.l2specific_type = L2TP_L2SPECTYPE_DEFAULT; 569 } 570 571 if (info->attrs[L2TP_ATTR_COOKIE]) { 572 u16 len = nla_len(info->attrs[L2TP_ATTR_COOKIE]); 573 if (len > 8) { 574 ret = -EINVAL; 575 goto out_tunnel; 576 } 577 cfg.cookie_len = len; 578 memcpy(&cfg.cookie[0], nla_data(info->attrs[L2TP_ATTR_COOKIE]), len); 579 } 580 if (info->attrs[L2TP_ATTR_PEER_COOKIE]) { 581 u16 len = nla_len(info->attrs[L2TP_ATTR_PEER_COOKIE]); 582 if (len > 8) { 583 ret = -EINVAL; 584 goto out_tunnel; 585 } 586 cfg.peer_cookie_len = len; 587 memcpy(&cfg.peer_cookie[0], nla_data(info->attrs[L2TP_ATTR_PEER_COOKIE]), len); 588 } 589 if (info->attrs[L2TP_ATTR_IFNAME]) 590 cfg.ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]); 591 } 592 593 if (info->attrs[L2TP_ATTR_DEBUG]) 594 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 595 596 if (info->attrs[L2TP_ATTR_RECV_SEQ]) 597 cfg.recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]); 598 599 if (info->attrs[L2TP_ATTR_SEND_SEQ]) 600 cfg.send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]); 601 602 if (info->attrs[L2TP_ATTR_LNS_MODE]) 603 cfg.lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]); 604 605 if (info->attrs[L2TP_ATTR_RECV_TIMEOUT]) 606 cfg.reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]); 607 608 #ifdef CONFIG_MODULES 609 if (l2tp_nl_cmd_ops[cfg.pw_type] == NULL) { 610 genl_unlock(); 611 request_module("net-l2tp-type-%u", cfg.pw_type); 612 genl_lock(); 613 } 614 #endif 615 if ((l2tp_nl_cmd_ops[cfg.pw_type] == NULL) || 616 (l2tp_nl_cmd_ops[cfg.pw_type]->session_create == NULL)) { 617 ret = -EPROTONOSUPPORT; 618 goto out_tunnel; 619 } 620 621 ret = l2tp_nl_cmd_ops[cfg.pw_type]->session_create(net, tunnel, 622 session_id, 623 peer_session_id, 624 &cfg); 625 626 if (ret >= 0) { 627 session = l2tp_tunnel_get_session(tunnel, session_id); 628 if (session) { 629 ret = l2tp_session_notify(&l2tp_nl_family, info, session, 630 L2TP_CMD_SESSION_CREATE); 631 l2tp_session_dec_refcount(session); 632 } 633 } 634 635 out_tunnel: 636 l2tp_tunnel_dec_refcount(tunnel); 637 out: 638 return ret; 639 } 640 641 static int l2tp_nl_cmd_session_delete(struct sk_buff *skb, struct genl_info *info) 642 { 643 int ret = 0; 644 struct l2tp_session *session; 645 u16 pw_type; 646 647 session = l2tp_nl_session_get(info); 648 if (session == NULL) { 649 ret = -ENODEV; 650 goto out; 651 } 652 653 l2tp_session_notify(&l2tp_nl_family, info, 654 session, L2TP_CMD_SESSION_DELETE); 655 656 pw_type = session->pwtype; 657 if (pw_type < __L2TP_PWTYPE_MAX) 658 if (l2tp_nl_cmd_ops[pw_type] && l2tp_nl_cmd_ops[pw_type]->session_delete) 659 ret = (*l2tp_nl_cmd_ops[pw_type]->session_delete)(session); 660 661 l2tp_session_dec_refcount(session); 662 663 out: 664 return ret; 665 } 666 667 static int l2tp_nl_cmd_session_modify(struct sk_buff *skb, struct genl_info *info) 668 { 669 int ret = 0; 670 struct l2tp_session *session; 671 672 session = l2tp_nl_session_get(info); 673 if (session == NULL) { 674 ret = -ENODEV; 675 goto out; 676 } 677 678 if (info->attrs[L2TP_ATTR_DEBUG]) 679 session->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 680 681 if (info->attrs[L2TP_ATTR_RECV_SEQ]) 682 session->recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]); 683 684 if (info->attrs[L2TP_ATTR_SEND_SEQ]) { 685 session->send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]); 686 l2tp_session_set_header_len(session, session->tunnel->version); 687 } 688 689 if (info->attrs[L2TP_ATTR_LNS_MODE]) 690 session->lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]); 691 692 if (info->attrs[L2TP_ATTR_RECV_TIMEOUT]) 693 session->reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]); 694 695 ret = l2tp_session_notify(&l2tp_nl_family, info, 696 session, L2TP_CMD_SESSION_MODIFY); 697 698 l2tp_session_dec_refcount(session); 699 700 out: 701 return ret; 702 } 703 704 static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, int flags, 705 struct l2tp_session *session, u8 cmd) 706 { 707 void *hdr; 708 struct nlattr *nest; 709 struct l2tp_tunnel *tunnel = session->tunnel; 710 711 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd); 712 if (!hdr) 713 return -EMSGSIZE; 714 715 if (nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) || 716 nla_put_u32(skb, L2TP_ATTR_SESSION_ID, session->session_id) || 717 nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) || 718 nla_put_u32(skb, L2TP_ATTR_PEER_SESSION_ID, 719 session->peer_session_id) || 720 nla_put_u32(skb, L2TP_ATTR_DEBUG, session->debug) || 721 nla_put_u16(skb, L2TP_ATTR_PW_TYPE, session->pwtype)) 722 goto nla_put_failure; 723 724 if ((session->ifname[0] && 725 nla_put_string(skb, L2TP_ATTR_IFNAME, session->ifname)) || 726 (session->cookie_len && 727 nla_put(skb, L2TP_ATTR_COOKIE, session->cookie_len, 728 &session->cookie[0])) || 729 (session->peer_cookie_len && 730 nla_put(skb, L2TP_ATTR_PEER_COOKIE, session->peer_cookie_len, 731 &session->peer_cookie[0])) || 732 nla_put_u8(skb, L2TP_ATTR_RECV_SEQ, session->recv_seq) || 733 nla_put_u8(skb, L2TP_ATTR_SEND_SEQ, session->send_seq) || 734 nla_put_u8(skb, L2TP_ATTR_LNS_MODE, session->lns_mode) || 735 (l2tp_tunnel_uses_xfrm(tunnel) && 736 nla_put_u8(skb, L2TP_ATTR_USING_IPSEC, 1)) || 737 (session->reorder_timeout && 738 nla_put_msecs(skb, L2TP_ATTR_RECV_TIMEOUT, 739 session->reorder_timeout, L2TP_ATTR_PAD))) 740 goto nla_put_failure; 741 742 nest = nla_nest_start_noflag(skb, L2TP_ATTR_STATS); 743 if (nest == NULL) 744 goto nla_put_failure; 745 746 if (nla_put_u64_64bit(skb, L2TP_ATTR_TX_PACKETS, 747 atomic_long_read(&session->stats.tx_packets), 748 L2TP_ATTR_STATS_PAD) || 749 nla_put_u64_64bit(skb, L2TP_ATTR_TX_BYTES, 750 atomic_long_read(&session->stats.tx_bytes), 751 L2TP_ATTR_STATS_PAD) || 752 nla_put_u64_64bit(skb, L2TP_ATTR_TX_ERRORS, 753 atomic_long_read(&session->stats.tx_errors), 754 L2TP_ATTR_STATS_PAD) || 755 nla_put_u64_64bit(skb, L2TP_ATTR_RX_PACKETS, 756 atomic_long_read(&session->stats.rx_packets), 757 L2TP_ATTR_STATS_PAD) || 758 nla_put_u64_64bit(skb, L2TP_ATTR_RX_BYTES, 759 atomic_long_read(&session->stats.rx_bytes), 760 L2TP_ATTR_STATS_PAD) || 761 nla_put_u64_64bit(skb, L2TP_ATTR_RX_SEQ_DISCARDS, 762 atomic_long_read(&session->stats.rx_seq_discards), 763 L2TP_ATTR_STATS_PAD) || 764 nla_put_u64_64bit(skb, L2TP_ATTR_RX_OOS_PACKETS, 765 atomic_long_read(&session->stats.rx_oos_packets), 766 L2TP_ATTR_STATS_PAD) || 767 nla_put_u64_64bit(skb, L2TP_ATTR_RX_ERRORS, 768 atomic_long_read(&session->stats.rx_errors), 769 L2TP_ATTR_STATS_PAD)) 770 goto nla_put_failure; 771 nla_nest_end(skb, nest); 772 773 genlmsg_end(skb, hdr); 774 return 0; 775 776 nla_put_failure: 777 genlmsg_cancel(skb, hdr); 778 return -1; 779 } 780 781 static int l2tp_nl_cmd_session_get(struct sk_buff *skb, struct genl_info *info) 782 { 783 struct l2tp_session *session; 784 struct sk_buff *msg; 785 int ret; 786 787 session = l2tp_nl_session_get(info); 788 if (session == NULL) { 789 ret = -ENODEV; 790 goto err; 791 } 792 793 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 794 if (!msg) { 795 ret = -ENOMEM; 796 goto err_ref; 797 } 798 799 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq, 800 0, session, L2TP_CMD_SESSION_GET); 801 if (ret < 0) 802 goto err_ref_msg; 803 804 ret = genlmsg_unicast(genl_info_net(info), msg, info->snd_portid); 805 806 l2tp_session_dec_refcount(session); 807 808 return ret; 809 810 err_ref_msg: 811 nlmsg_free(msg); 812 err_ref: 813 l2tp_session_dec_refcount(session); 814 err: 815 return ret; 816 } 817 818 static int l2tp_nl_cmd_session_dump(struct sk_buff *skb, struct netlink_callback *cb) 819 { 820 struct net *net = sock_net(skb->sk); 821 struct l2tp_session *session; 822 struct l2tp_tunnel *tunnel = NULL; 823 int ti = cb->args[0]; 824 int si = cb->args[1]; 825 826 for (;;) { 827 if (tunnel == NULL) { 828 tunnel = l2tp_tunnel_get_nth(net, ti); 829 if (tunnel == NULL) 830 goto out; 831 } 832 833 session = l2tp_session_get_nth(tunnel, si); 834 if (session == NULL) { 835 ti++; 836 l2tp_tunnel_dec_refcount(tunnel); 837 tunnel = NULL; 838 si = 0; 839 continue; 840 } 841 842 if (l2tp_nl_session_send(skb, NETLINK_CB(cb->skb).portid, 843 cb->nlh->nlmsg_seq, NLM_F_MULTI, 844 session, L2TP_CMD_SESSION_GET) < 0) { 845 l2tp_session_dec_refcount(session); 846 l2tp_tunnel_dec_refcount(tunnel); 847 break; 848 } 849 l2tp_session_dec_refcount(session); 850 851 si++; 852 } 853 854 out: 855 cb->args[0] = ti; 856 cb->args[1] = si; 857 858 return skb->len; 859 } 860 861 static const struct nla_policy l2tp_nl_policy[L2TP_ATTR_MAX + 1] = { 862 [L2TP_ATTR_NONE] = { .type = NLA_UNSPEC, }, 863 [L2TP_ATTR_PW_TYPE] = { .type = NLA_U16, }, 864 [L2TP_ATTR_ENCAP_TYPE] = { .type = NLA_U16, }, 865 [L2TP_ATTR_OFFSET] = { .type = NLA_U16, }, 866 [L2TP_ATTR_DATA_SEQ] = { .type = NLA_U8, }, 867 [L2TP_ATTR_L2SPEC_TYPE] = { .type = NLA_U8, }, 868 [L2TP_ATTR_L2SPEC_LEN] = { .type = NLA_U8, }, 869 [L2TP_ATTR_PROTO_VERSION] = { .type = NLA_U8, }, 870 [L2TP_ATTR_CONN_ID] = { .type = NLA_U32, }, 871 [L2TP_ATTR_PEER_CONN_ID] = { .type = NLA_U32, }, 872 [L2TP_ATTR_SESSION_ID] = { .type = NLA_U32, }, 873 [L2TP_ATTR_PEER_SESSION_ID] = { .type = NLA_U32, }, 874 [L2TP_ATTR_UDP_CSUM] = { .type = NLA_U8, }, 875 [L2TP_ATTR_VLAN_ID] = { .type = NLA_U16, }, 876 [L2TP_ATTR_DEBUG] = { .type = NLA_U32, }, 877 [L2TP_ATTR_RECV_SEQ] = { .type = NLA_U8, }, 878 [L2TP_ATTR_SEND_SEQ] = { .type = NLA_U8, }, 879 [L2TP_ATTR_LNS_MODE] = { .type = NLA_U8, }, 880 [L2TP_ATTR_USING_IPSEC] = { .type = NLA_U8, }, 881 [L2TP_ATTR_RECV_TIMEOUT] = { .type = NLA_MSECS, }, 882 [L2TP_ATTR_FD] = { .type = NLA_U32, }, 883 [L2TP_ATTR_IP_SADDR] = { .type = NLA_U32, }, 884 [L2TP_ATTR_IP_DADDR] = { .type = NLA_U32, }, 885 [L2TP_ATTR_UDP_SPORT] = { .type = NLA_U16, }, 886 [L2TP_ATTR_UDP_DPORT] = { .type = NLA_U16, }, 887 [L2TP_ATTR_MTU] = { .type = NLA_U16, }, 888 [L2TP_ATTR_MRU] = { .type = NLA_U16, }, 889 [L2TP_ATTR_STATS] = { .type = NLA_NESTED, }, 890 [L2TP_ATTR_IP6_SADDR] = { 891 .type = NLA_BINARY, 892 .len = sizeof(struct in6_addr), 893 }, 894 [L2TP_ATTR_IP6_DADDR] = { 895 .type = NLA_BINARY, 896 .len = sizeof(struct in6_addr), 897 }, 898 [L2TP_ATTR_IFNAME] = { 899 .type = NLA_NUL_STRING, 900 .len = IFNAMSIZ - 1, 901 }, 902 [L2TP_ATTR_COOKIE] = { 903 .type = NLA_BINARY, 904 .len = 8, 905 }, 906 [L2TP_ATTR_PEER_COOKIE] = { 907 .type = NLA_BINARY, 908 .len = 8, 909 }, 910 }; 911 912 static const struct genl_ops l2tp_nl_ops[] = { 913 { 914 .cmd = L2TP_CMD_NOOP, 915 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, 916 .doit = l2tp_nl_cmd_noop, 917 /* can be retrieved by unprivileged users */ 918 }, 919 { 920 .cmd = L2TP_CMD_TUNNEL_CREATE, 921 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, 922 .doit = l2tp_nl_cmd_tunnel_create, 923 .flags = GENL_ADMIN_PERM, 924 }, 925 { 926 .cmd = L2TP_CMD_TUNNEL_DELETE, 927 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, 928 .doit = l2tp_nl_cmd_tunnel_delete, 929 .flags = GENL_ADMIN_PERM, 930 }, 931 { 932 .cmd = L2TP_CMD_TUNNEL_MODIFY, 933 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, 934 .doit = l2tp_nl_cmd_tunnel_modify, 935 .flags = GENL_ADMIN_PERM, 936 }, 937 { 938 .cmd = L2TP_CMD_TUNNEL_GET, 939 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, 940 .doit = l2tp_nl_cmd_tunnel_get, 941 .dumpit = l2tp_nl_cmd_tunnel_dump, 942 .flags = GENL_ADMIN_PERM, 943 }, 944 { 945 .cmd = L2TP_CMD_SESSION_CREATE, 946 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, 947 .doit = l2tp_nl_cmd_session_create, 948 .flags = GENL_ADMIN_PERM, 949 }, 950 { 951 .cmd = L2TP_CMD_SESSION_DELETE, 952 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, 953 .doit = l2tp_nl_cmd_session_delete, 954 .flags = GENL_ADMIN_PERM, 955 }, 956 { 957 .cmd = L2TP_CMD_SESSION_MODIFY, 958 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, 959 .doit = l2tp_nl_cmd_session_modify, 960 .flags = GENL_ADMIN_PERM, 961 }, 962 { 963 .cmd = L2TP_CMD_SESSION_GET, 964 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, 965 .doit = l2tp_nl_cmd_session_get, 966 .dumpit = l2tp_nl_cmd_session_dump, 967 .flags = GENL_ADMIN_PERM, 968 }, 969 }; 970 971 static struct genl_family l2tp_nl_family __ro_after_init = { 972 .name = L2TP_GENL_NAME, 973 .version = L2TP_GENL_VERSION, 974 .hdrsize = 0, 975 .maxattr = L2TP_ATTR_MAX, 976 .policy = l2tp_nl_policy, 977 .netnsok = true, 978 .module = THIS_MODULE, 979 .ops = l2tp_nl_ops, 980 .n_ops = ARRAY_SIZE(l2tp_nl_ops), 981 .mcgrps = l2tp_multicast_group, 982 .n_mcgrps = ARRAY_SIZE(l2tp_multicast_group), 983 }; 984 985 int l2tp_nl_register_ops(enum l2tp_pwtype pw_type, const struct l2tp_nl_cmd_ops *ops) 986 { 987 int ret; 988 989 ret = -EINVAL; 990 if (pw_type >= __L2TP_PWTYPE_MAX) 991 goto err; 992 993 genl_lock(); 994 ret = -EBUSY; 995 if (l2tp_nl_cmd_ops[pw_type]) 996 goto out; 997 998 l2tp_nl_cmd_ops[pw_type] = ops; 999 ret = 0; 1000 1001 out: 1002 genl_unlock(); 1003 err: 1004 return ret; 1005 } 1006 EXPORT_SYMBOL_GPL(l2tp_nl_register_ops); 1007 1008 void l2tp_nl_unregister_ops(enum l2tp_pwtype pw_type) 1009 { 1010 if (pw_type < __L2TP_PWTYPE_MAX) { 1011 genl_lock(); 1012 l2tp_nl_cmd_ops[pw_type] = NULL; 1013 genl_unlock(); 1014 } 1015 } 1016 EXPORT_SYMBOL_GPL(l2tp_nl_unregister_ops); 1017 1018 static int __init l2tp_nl_init(void) 1019 { 1020 pr_info("L2TP netlink interface\n"); 1021 return genl_register_family(&l2tp_nl_family); 1022 } 1023 1024 static void l2tp_nl_cleanup(void) 1025 { 1026 genl_unregister_family(&l2tp_nl_family); 1027 } 1028 1029 module_init(l2tp_nl_init); 1030 module_exit(l2tp_nl_cleanup); 1031 1032 MODULE_AUTHOR("James Chapman <jchapman@katalix.com>"); 1033 MODULE_DESCRIPTION("L2TP netlink"); 1034 MODULE_LICENSE("GPL"); 1035 MODULE_VERSION("1.0"); 1036 MODULE_ALIAS_GENL_FAMILY("l2tp"); 1037