1 /* 2 * L2TP netlink layer, for management 3 * 4 * Copyright (c) 2008,2009,2010 Katalix Systems Ltd 5 * 6 * Partly based on the IrDA nelink implementation 7 * (see net/irda/irnetlink.c) which is: 8 * Copyright (c) 2007 Samuel Ortiz <samuel@sortiz.org> 9 * which is in turn partly based on the wireless netlink code: 10 * Copyright 2006 Johannes Berg <johannes@sipsolutions.net> 11 * 12 * This program is free software; you can redistribute it and/or modify 13 * it under the terms of the GNU General Public License version 2 as 14 * published by the Free Software Foundation. 15 */ 16 17 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 18 19 #include <net/sock.h> 20 #include <net/genetlink.h> 21 #include <net/udp.h> 22 #include <linux/in.h> 23 #include <linux/udp.h> 24 #include <linux/socket.h> 25 #include <linux/module.h> 26 #include <linux/list.h> 27 #include <net/net_namespace.h> 28 29 #include <linux/l2tp.h> 30 31 #include "l2tp_core.h" 32 33 34 static struct genl_family l2tp_nl_family; 35 36 static const struct genl_multicast_group l2tp_multicast_group[] = { 37 { 38 .name = L2TP_GENL_MCGROUP, 39 }, 40 }; 41 42 static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, 43 int flags, struct l2tp_tunnel *tunnel, u8 cmd); 44 static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, 45 int flags, struct l2tp_session *session, 46 u8 cmd); 47 48 /* Accessed under genl lock */ 49 static const struct l2tp_nl_cmd_ops *l2tp_nl_cmd_ops[__L2TP_PWTYPE_MAX]; 50 51 static struct l2tp_session *l2tp_nl_session_get(struct genl_info *info, 52 bool do_ref) 53 { 54 u32 tunnel_id; 55 u32 session_id; 56 char *ifname; 57 struct l2tp_tunnel *tunnel; 58 struct l2tp_session *session = NULL; 59 struct net *net = genl_info_net(info); 60 61 if (info->attrs[L2TP_ATTR_IFNAME]) { 62 ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]); 63 session = l2tp_session_get_by_ifname(net, ifname, do_ref); 64 } else if ((info->attrs[L2TP_ATTR_SESSION_ID]) && 65 (info->attrs[L2TP_ATTR_CONN_ID])) { 66 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 67 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]); 68 tunnel = l2tp_tunnel_find(net, tunnel_id); 69 if (tunnel) 70 session = l2tp_session_get(net, tunnel, session_id, 71 do_ref); 72 } 73 74 return session; 75 } 76 77 static int l2tp_nl_cmd_noop(struct sk_buff *skb, struct genl_info *info) 78 { 79 struct sk_buff *msg; 80 void *hdr; 81 int ret = -ENOBUFS; 82 83 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 84 if (!msg) { 85 ret = -ENOMEM; 86 goto out; 87 } 88 89 hdr = genlmsg_put(msg, info->snd_portid, info->snd_seq, 90 &l2tp_nl_family, 0, L2TP_CMD_NOOP); 91 if (!hdr) { 92 ret = -EMSGSIZE; 93 goto err_out; 94 } 95 96 genlmsg_end(msg, hdr); 97 98 return genlmsg_unicast(genl_info_net(info), msg, info->snd_portid); 99 100 err_out: 101 nlmsg_free(msg); 102 103 out: 104 return ret; 105 } 106 107 static int l2tp_tunnel_notify(struct genl_family *family, 108 struct genl_info *info, 109 struct l2tp_tunnel *tunnel, 110 u8 cmd) 111 { 112 struct sk_buff *msg; 113 int ret; 114 115 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 116 if (!msg) 117 return -ENOMEM; 118 119 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq, 120 NLM_F_ACK, tunnel, cmd); 121 122 if (ret >= 0) { 123 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC); 124 /* We don't care if no one is listening */ 125 if (ret == -ESRCH) 126 ret = 0; 127 return ret; 128 } 129 130 nlmsg_free(msg); 131 132 return ret; 133 } 134 135 static int l2tp_session_notify(struct genl_family *family, 136 struct genl_info *info, 137 struct l2tp_session *session, 138 u8 cmd) 139 { 140 struct sk_buff *msg; 141 int ret; 142 143 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 144 if (!msg) 145 return -ENOMEM; 146 147 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq, 148 NLM_F_ACK, session, cmd); 149 150 if (ret >= 0) { 151 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC); 152 /* We don't care if no one is listening */ 153 if (ret == -ESRCH) 154 ret = 0; 155 return ret; 156 } 157 158 nlmsg_free(msg); 159 160 return ret; 161 } 162 163 static int l2tp_nl_cmd_tunnel_create(struct sk_buff *skb, struct genl_info *info) 164 { 165 u32 tunnel_id; 166 u32 peer_tunnel_id; 167 int proto_version; 168 int fd; 169 int ret = 0; 170 struct l2tp_tunnel_cfg cfg = { 0, }; 171 struct l2tp_tunnel *tunnel; 172 struct net *net = genl_info_net(info); 173 174 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 175 ret = -EINVAL; 176 goto out; 177 } 178 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 179 180 if (!info->attrs[L2TP_ATTR_PEER_CONN_ID]) { 181 ret = -EINVAL; 182 goto out; 183 } 184 peer_tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_CONN_ID]); 185 186 if (!info->attrs[L2TP_ATTR_PROTO_VERSION]) { 187 ret = -EINVAL; 188 goto out; 189 } 190 proto_version = nla_get_u8(info->attrs[L2TP_ATTR_PROTO_VERSION]); 191 192 if (!info->attrs[L2TP_ATTR_ENCAP_TYPE]) { 193 ret = -EINVAL; 194 goto out; 195 } 196 cfg.encap = nla_get_u16(info->attrs[L2TP_ATTR_ENCAP_TYPE]); 197 198 fd = -1; 199 if (info->attrs[L2TP_ATTR_FD]) { 200 fd = nla_get_u32(info->attrs[L2TP_ATTR_FD]); 201 } else { 202 #if IS_ENABLED(CONFIG_IPV6) 203 if (info->attrs[L2TP_ATTR_IP6_SADDR] && 204 info->attrs[L2TP_ATTR_IP6_DADDR]) { 205 cfg.local_ip6 = nla_data( 206 info->attrs[L2TP_ATTR_IP6_SADDR]); 207 cfg.peer_ip6 = nla_data( 208 info->attrs[L2TP_ATTR_IP6_DADDR]); 209 } else 210 #endif 211 if (info->attrs[L2TP_ATTR_IP_SADDR] && 212 info->attrs[L2TP_ATTR_IP_DADDR]) { 213 cfg.local_ip.s_addr = nla_get_in_addr( 214 info->attrs[L2TP_ATTR_IP_SADDR]); 215 cfg.peer_ip.s_addr = nla_get_in_addr( 216 info->attrs[L2TP_ATTR_IP_DADDR]); 217 } else { 218 ret = -EINVAL; 219 goto out; 220 } 221 if (info->attrs[L2TP_ATTR_UDP_SPORT]) 222 cfg.local_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_SPORT]); 223 if (info->attrs[L2TP_ATTR_UDP_DPORT]) 224 cfg.peer_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_DPORT]); 225 cfg.use_udp_checksums = nla_get_flag( 226 info->attrs[L2TP_ATTR_UDP_CSUM]); 227 228 #if IS_ENABLED(CONFIG_IPV6) 229 cfg.udp6_zero_tx_checksums = nla_get_flag( 230 info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_TX]); 231 cfg.udp6_zero_rx_checksums = nla_get_flag( 232 info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_RX]); 233 #endif 234 } 235 236 if (info->attrs[L2TP_ATTR_DEBUG]) 237 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 238 239 tunnel = l2tp_tunnel_find(net, tunnel_id); 240 if (tunnel != NULL) { 241 ret = -EEXIST; 242 goto out; 243 } 244 245 ret = -EINVAL; 246 switch (cfg.encap) { 247 case L2TP_ENCAPTYPE_UDP: 248 case L2TP_ENCAPTYPE_IP: 249 ret = l2tp_tunnel_create(net, fd, proto_version, tunnel_id, 250 peer_tunnel_id, &cfg, &tunnel); 251 break; 252 } 253 254 if (ret >= 0) 255 ret = l2tp_tunnel_notify(&l2tp_nl_family, info, 256 tunnel, L2TP_CMD_TUNNEL_CREATE); 257 out: 258 return ret; 259 } 260 261 static int l2tp_nl_cmd_tunnel_delete(struct sk_buff *skb, struct genl_info *info) 262 { 263 struct l2tp_tunnel *tunnel; 264 u32 tunnel_id; 265 int ret = 0; 266 struct net *net = genl_info_net(info); 267 268 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 269 ret = -EINVAL; 270 goto out; 271 } 272 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 273 274 tunnel = l2tp_tunnel_find(net, tunnel_id); 275 if (tunnel == NULL) { 276 ret = -ENODEV; 277 goto out; 278 } 279 280 l2tp_tunnel_notify(&l2tp_nl_family, info, 281 tunnel, L2TP_CMD_TUNNEL_DELETE); 282 283 (void) l2tp_tunnel_delete(tunnel); 284 285 out: 286 return ret; 287 } 288 289 static int l2tp_nl_cmd_tunnel_modify(struct sk_buff *skb, struct genl_info *info) 290 { 291 struct l2tp_tunnel *tunnel; 292 u32 tunnel_id; 293 int ret = 0; 294 struct net *net = genl_info_net(info); 295 296 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 297 ret = -EINVAL; 298 goto out; 299 } 300 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 301 302 tunnel = l2tp_tunnel_find(net, tunnel_id); 303 if (tunnel == NULL) { 304 ret = -ENODEV; 305 goto out; 306 } 307 308 if (info->attrs[L2TP_ATTR_DEBUG]) 309 tunnel->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 310 311 ret = l2tp_tunnel_notify(&l2tp_nl_family, info, 312 tunnel, L2TP_CMD_TUNNEL_MODIFY); 313 314 out: 315 return ret; 316 } 317 318 static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, int flags, 319 struct l2tp_tunnel *tunnel, u8 cmd) 320 { 321 void *hdr; 322 struct nlattr *nest; 323 struct sock *sk = NULL; 324 struct inet_sock *inet; 325 #if IS_ENABLED(CONFIG_IPV6) 326 struct ipv6_pinfo *np = NULL; 327 #endif 328 329 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd); 330 if (!hdr) 331 return -EMSGSIZE; 332 333 if (nla_put_u8(skb, L2TP_ATTR_PROTO_VERSION, tunnel->version) || 334 nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) || 335 nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) || 336 nla_put_u32(skb, L2TP_ATTR_DEBUG, tunnel->debug) || 337 nla_put_u16(skb, L2TP_ATTR_ENCAP_TYPE, tunnel->encap)) 338 goto nla_put_failure; 339 340 nest = nla_nest_start(skb, L2TP_ATTR_STATS); 341 if (nest == NULL) 342 goto nla_put_failure; 343 344 if (nla_put_u64_64bit(skb, L2TP_ATTR_TX_PACKETS, 345 atomic_long_read(&tunnel->stats.tx_packets), 346 L2TP_ATTR_STATS_PAD) || 347 nla_put_u64_64bit(skb, L2TP_ATTR_TX_BYTES, 348 atomic_long_read(&tunnel->stats.tx_bytes), 349 L2TP_ATTR_STATS_PAD) || 350 nla_put_u64_64bit(skb, L2TP_ATTR_TX_ERRORS, 351 atomic_long_read(&tunnel->stats.tx_errors), 352 L2TP_ATTR_STATS_PAD) || 353 nla_put_u64_64bit(skb, L2TP_ATTR_RX_PACKETS, 354 atomic_long_read(&tunnel->stats.rx_packets), 355 L2TP_ATTR_STATS_PAD) || 356 nla_put_u64_64bit(skb, L2TP_ATTR_RX_BYTES, 357 atomic_long_read(&tunnel->stats.rx_bytes), 358 L2TP_ATTR_STATS_PAD) || 359 nla_put_u64_64bit(skb, L2TP_ATTR_RX_SEQ_DISCARDS, 360 atomic_long_read(&tunnel->stats.rx_seq_discards), 361 L2TP_ATTR_STATS_PAD) || 362 nla_put_u64_64bit(skb, L2TP_ATTR_RX_OOS_PACKETS, 363 atomic_long_read(&tunnel->stats.rx_oos_packets), 364 L2TP_ATTR_STATS_PAD) || 365 nla_put_u64_64bit(skb, L2TP_ATTR_RX_ERRORS, 366 atomic_long_read(&tunnel->stats.rx_errors), 367 L2TP_ATTR_STATS_PAD)) 368 goto nla_put_failure; 369 nla_nest_end(skb, nest); 370 371 sk = tunnel->sock; 372 if (!sk) 373 goto out; 374 375 #if IS_ENABLED(CONFIG_IPV6) 376 if (sk->sk_family == AF_INET6) 377 np = inet6_sk(sk); 378 #endif 379 380 inet = inet_sk(sk); 381 382 switch (tunnel->encap) { 383 case L2TP_ENCAPTYPE_UDP: 384 switch (sk->sk_family) { 385 case AF_INET: 386 if (nla_put_u8(skb, L2TP_ATTR_UDP_CSUM, !sk->sk_no_check_tx)) 387 goto nla_put_failure; 388 break; 389 #if IS_ENABLED(CONFIG_IPV6) 390 case AF_INET6: 391 if (udp_get_no_check6_tx(sk) && 392 nla_put_flag(skb, L2TP_ATTR_UDP_ZERO_CSUM6_TX)) 393 goto nla_put_failure; 394 if (udp_get_no_check6_rx(sk) && 395 nla_put_flag(skb, L2TP_ATTR_UDP_ZERO_CSUM6_RX)) 396 goto nla_put_failure; 397 break; 398 #endif 399 } 400 if (nla_put_u16(skb, L2TP_ATTR_UDP_SPORT, ntohs(inet->inet_sport)) || 401 nla_put_u16(skb, L2TP_ATTR_UDP_DPORT, ntohs(inet->inet_dport))) 402 goto nla_put_failure; 403 /* NOBREAK */ 404 case L2TP_ENCAPTYPE_IP: 405 #if IS_ENABLED(CONFIG_IPV6) 406 if (np) { 407 if (nla_put_in6_addr(skb, L2TP_ATTR_IP6_SADDR, 408 &np->saddr) || 409 nla_put_in6_addr(skb, L2TP_ATTR_IP6_DADDR, 410 &sk->sk_v6_daddr)) 411 goto nla_put_failure; 412 } else 413 #endif 414 if (nla_put_in_addr(skb, L2TP_ATTR_IP_SADDR, 415 inet->inet_saddr) || 416 nla_put_in_addr(skb, L2TP_ATTR_IP_DADDR, 417 inet->inet_daddr)) 418 goto nla_put_failure; 419 break; 420 } 421 422 out: 423 genlmsg_end(skb, hdr); 424 return 0; 425 426 nla_put_failure: 427 genlmsg_cancel(skb, hdr); 428 return -1; 429 } 430 431 static int l2tp_nl_cmd_tunnel_get(struct sk_buff *skb, struct genl_info *info) 432 { 433 struct l2tp_tunnel *tunnel; 434 struct sk_buff *msg; 435 u32 tunnel_id; 436 int ret = -ENOBUFS; 437 struct net *net = genl_info_net(info); 438 439 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 440 ret = -EINVAL; 441 goto out; 442 } 443 444 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 445 446 tunnel = l2tp_tunnel_find(net, tunnel_id); 447 if (tunnel == NULL) { 448 ret = -ENODEV; 449 goto out; 450 } 451 452 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 453 if (!msg) { 454 ret = -ENOMEM; 455 goto out; 456 } 457 458 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq, 459 NLM_F_ACK, tunnel, L2TP_CMD_TUNNEL_GET); 460 if (ret < 0) 461 goto err_out; 462 463 return genlmsg_unicast(net, msg, info->snd_portid); 464 465 err_out: 466 nlmsg_free(msg); 467 468 out: 469 return ret; 470 } 471 472 static int l2tp_nl_cmd_tunnel_dump(struct sk_buff *skb, struct netlink_callback *cb) 473 { 474 int ti = cb->args[0]; 475 struct l2tp_tunnel *tunnel; 476 struct net *net = sock_net(skb->sk); 477 478 for (;;) { 479 tunnel = l2tp_tunnel_find_nth(net, ti); 480 if (tunnel == NULL) 481 goto out; 482 483 if (l2tp_nl_tunnel_send(skb, NETLINK_CB(cb->skb).portid, 484 cb->nlh->nlmsg_seq, NLM_F_MULTI, 485 tunnel, L2TP_CMD_TUNNEL_GET) < 0) 486 goto out; 487 488 ti++; 489 } 490 491 out: 492 cb->args[0] = ti; 493 494 return skb->len; 495 } 496 497 static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *info) 498 { 499 u32 tunnel_id = 0; 500 u32 session_id; 501 u32 peer_session_id; 502 int ret = 0; 503 struct l2tp_tunnel *tunnel; 504 struct l2tp_session *session; 505 struct l2tp_session_cfg cfg = { 0, }; 506 struct net *net = genl_info_net(info); 507 508 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 509 ret = -EINVAL; 510 goto out; 511 } 512 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 513 tunnel = l2tp_tunnel_find(net, tunnel_id); 514 if (!tunnel) { 515 ret = -ENODEV; 516 goto out; 517 } 518 519 if (!info->attrs[L2TP_ATTR_SESSION_ID]) { 520 ret = -EINVAL; 521 goto out; 522 } 523 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]); 524 525 if (!info->attrs[L2TP_ATTR_PEER_SESSION_ID]) { 526 ret = -EINVAL; 527 goto out; 528 } 529 peer_session_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_SESSION_ID]); 530 531 if (!info->attrs[L2TP_ATTR_PW_TYPE]) { 532 ret = -EINVAL; 533 goto out; 534 } 535 cfg.pw_type = nla_get_u16(info->attrs[L2TP_ATTR_PW_TYPE]); 536 if (cfg.pw_type >= __L2TP_PWTYPE_MAX) { 537 ret = -EINVAL; 538 goto out; 539 } 540 541 if (tunnel->version > 2) { 542 if (info->attrs[L2TP_ATTR_OFFSET]) 543 cfg.offset = nla_get_u16(info->attrs[L2TP_ATTR_OFFSET]); 544 545 if (info->attrs[L2TP_ATTR_DATA_SEQ]) 546 cfg.data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]); 547 548 cfg.l2specific_type = L2TP_L2SPECTYPE_DEFAULT; 549 if (info->attrs[L2TP_ATTR_L2SPEC_TYPE]) 550 cfg.l2specific_type = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_TYPE]); 551 552 cfg.l2specific_len = 4; 553 if (info->attrs[L2TP_ATTR_L2SPEC_LEN]) 554 cfg.l2specific_len = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_LEN]); 555 556 if (info->attrs[L2TP_ATTR_COOKIE]) { 557 u16 len = nla_len(info->attrs[L2TP_ATTR_COOKIE]); 558 if (len > 8) { 559 ret = -EINVAL; 560 goto out; 561 } 562 cfg.cookie_len = len; 563 memcpy(&cfg.cookie[0], nla_data(info->attrs[L2TP_ATTR_COOKIE]), len); 564 } 565 if (info->attrs[L2TP_ATTR_PEER_COOKIE]) { 566 u16 len = nla_len(info->attrs[L2TP_ATTR_PEER_COOKIE]); 567 if (len > 8) { 568 ret = -EINVAL; 569 goto out; 570 } 571 cfg.peer_cookie_len = len; 572 memcpy(&cfg.peer_cookie[0], nla_data(info->attrs[L2TP_ATTR_PEER_COOKIE]), len); 573 } 574 if (info->attrs[L2TP_ATTR_IFNAME]) 575 cfg.ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]); 576 577 if (info->attrs[L2TP_ATTR_VLAN_ID]) 578 cfg.vlan_id = nla_get_u16(info->attrs[L2TP_ATTR_VLAN_ID]); 579 } 580 581 if (info->attrs[L2TP_ATTR_DEBUG]) 582 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 583 584 if (info->attrs[L2TP_ATTR_RECV_SEQ]) 585 cfg.recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]); 586 587 if (info->attrs[L2TP_ATTR_SEND_SEQ]) 588 cfg.send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]); 589 590 if (info->attrs[L2TP_ATTR_LNS_MODE]) 591 cfg.lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]); 592 593 if (info->attrs[L2TP_ATTR_RECV_TIMEOUT]) 594 cfg.reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]); 595 596 if (info->attrs[L2TP_ATTR_MTU]) 597 cfg.mtu = nla_get_u16(info->attrs[L2TP_ATTR_MTU]); 598 599 if (info->attrs[L2TP_ATTR_MRU]) 600 cfg.mru = nla_get_u16(info->attrs[L2TP_ATTR_MRU]); 601 602 #ifdef CONFIG_MODULES 603 if (l2tp_nl_cmd_ops[cfg.pw_type] == NULL) { 604 genl_unlock(); 605 request_module("net-l2tp-type-%u", cfg.pw_type); 606 genl_lock(); 607 } 608 #endif 609 if ((l2tp_nl_cmd_ops[cfg.pw_type] == NULL) || 610 (l2tp_nl_cmd_ops[cfg.pw_type]->session_create == NULL)) { 611 ret = -EPROTONOSUPPORT; 612 goto out; 613 } 614 615 /* Check that pseudowire-specific params are present */ 616 switch (cfg.pw_type) { 617 case L2TP_PWTYPE_NONE: 618 break; 619 case L2TP_PWTYPE_ETH_VLAN: 620 if (!info->attrs[L2TP_ATTR_VLAN_ID]) { 621 ret = -EINVAL; 622 goto out; 623 } 624 break; 625 case L2TP_PWTYPE_ETH: 626 break; 627 case L2TP_PWTYPE_PPP: 628 case L2TP_PWTYPE_PPP_AC: 629 break; 630 case L2TP_PWTYPE_IP: 631 default: 632 ret = -EPROTONOSUPPORT; 633 break; 634 } 635 636 ret = -EPROTONOSUPPORT; 637 if (l2tp_nl_cmd_ops[cfg.pw_type]->session_create) 638 ret = (*l2tp_nl_cmd_ops[cfg.pw_type]->session_create)(net, tunnel_id, 639 session_id, peer_session_id, &cfg); 640 641 if (ret >= 0) { 642 session = l2tp_session_get(net, tunnel, session_id, false); 643 if (session) { 644 ret = l2tp_session_notify(&l2tp_nl_family, info, session, 645 L2TP_CMD_SESSION_CREATE); 646 l2tp_session_dec_refcount(session); 647 } 648 } 649 650 out: 651 return ret; 652 } 653 654 static int l2tp_nl_cmd_session_delete(struct sk_buff *skb, struct genl_info *info) 655 { 656 int ret = 0; 657 struct l2tp_session *session; 658 u16 pw_type; 659 660 session = l2tp_nl_session_get(info, true); 661 if (session == NULL) { 662 ret = -ENODEV; 663 goto out; 664 } 665 666 l2tp_session_notify(&l2tp_nl_family, info, 667 session, L2TP_CMD_SESSION_DELETE); 668 669 pw_type = session->pwtype; 670 if (pw_type < __L2TP_PWTYPE_MAX) 671 if (l2tp_nl_cmd_ops[pw_type] && l2tp_nl_cmd_ops[pw_type]->session_delete) 672 ret = (*l2tp_nl_cmd_ops[pw_type]->session_delete)(session); 673 674 if (session->deref) 675 session->deref(session); 676 l2tp_session_dec_refcount(session); 677 678 out: 679 return ret; 680 } 681 682 static int l2tp_nl_cmd_session_modify(struct sk_buff *skb, struct genl_info *info) 683 { 684 int ret = 0; 685 struct l2tp_session *session; 686 687 session = l2tp_nl_session_get(info, false); 688 if (session == NULL) { 689 ret = -ENODEV; 690 goto out; 691 } 692 693 if (info->attrs[L2TP_ATTR_DEBUG]) 694 session->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 695 696 if (info->attrs[L2TP_ATTR_DATA_SEQ]) 697 session->data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]); 698 699 if (info->attrs[L2TP_ATTR_RECV_SEQ]) 700 session->recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]); 701 702 if (info->attrs[L2TP_ATTR_SEND_SEQ]) { 703 session->send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]); 704 l2tp_session_set_header_len(session, session->tunnel->version); 705 } 706 707 if (info->attrs[L2TP_ATTR_LNS_MODE]) 708 session->lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]); 709 710 if (info->attrs[L2TP_ATTR_RECV_TIMEOUT]) 711 session->reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]); 712 713 if (info->attrs[L2TP_ATTR_MTU]) 714 session->mtu = nla_get_u16(info->attrs[L2TP_ATTR_MTU]); 715 716 if (info->attrs[L2TP_ATTR_MRU]) 717 session->mru = nla_get_u16(info->attrs[L2TP_ATTR_MRU]); 718 719 ret = l2tp_session_notify(&l2tp_nl_family, info, 720 session, L2TP_CMD_SESSION_MODIFY); 721 722 l2tp_session_dec_refcount(session); 723 724 out: 725 return ret; 726 } 727 728 static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, int flags, 729 struct l2tp_session *session, u8 cmd) 730 { 731 void *hdr; 732 struct nlattr *nest; 733 struct l2tp_tunnel *tunnel = session->tunnel; 734 struct sock *sk = NULL; 735 736 sk = tunnel->sock; 737 738 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd); 739 if (!hdr) 740 return -EMSGSIZE; 741 742 if (nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) || 743 nla_put_u32(skb, L2TP_ATTR_SESSION_ID, session->session_id) || 744 nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) || 745 nla_put_u32(skb, L2TP_ATTR_PEER_SESSION_ID, 746 session->peer_session_id) || 747 nla_put_u32(skb, L2TP_ATTR_DEBUG, session->debug) || 748 nla_put_u16(skb, L2TP_ATTR_PW_TYPE, session->pwtype) || 749 nla_put_u16(skb, L2TP_ATTR_MTU, session->mtu) || 750 (session->mru && 751 nla_put_u16(skb, L2TP_ATTR_MRU, session->mru))) 752 goto nla_put_failure; 753 754 if ((session->ifname[0] && 755 nla_put_string(skb, L2TP_ATTR_IFNAME, session->ifname)) || 756 (session->cookie_len && 757 nla_put(skb, L2TP_ATTR_COOKIE, session->cookie_len, 758 &session->cookie[0])) || 759 (session->peer_cookie_len && 760 nla_put(skb, L2TP_ATTR_PEER_COOKIE, session->peer_cookie_len, 761 &session->peer_cookie[0])) || 762 nla_put_u8(skb, L2TP_ATTR_RECV_SEQ, session->recv_seq) || 763 nla_put_u8(skb, L2TP_ATTR_SEND_SEQ, session->send_seq) || 764 nla_put_u8(skb, L2TP_ATTR_LNS_MODE, session->lns_mode) || 765 #ifdef CONFIG_XFRM 766 (((sk) && (sk->sk_policy[0] || sk->sk_policy[1])) && 767 nla_put_u8(skb, L2TP_ATTR_USING_IPSEC, 1)) || 768 #endif 769 (session->reorder_timeout && 770 nla_put_msecs(skb, L2TP_ATTR_RECV_TIMEOUT, 771 session->reorder_timeout, L2TP_ATTR_PAD))) 772 goto nla_put_failure; 773 774 nest = nla_nest_start(skb, L2TP_ATTR_STATS); 775 if (nest == NULL) 776 goto nla_put_failure; 777 778 if (nla_put_u64_64bit(skb, L2TP_ATTR_TX_PACKETS, 779 atomic_long_read(&session->stats.tx_packets), 780 L2TP_ATTR_STATS_PAD) || 781 nla_put_u64_64bit(skb, L2TP_ATTR_TX_BYTES, 782 atomic_long_read(&session->stats.tx_bytes), 783 L2TP_ATTR_STATS_PAD) || 784 nla_put_u64_64bit(skb, L2TP_ATTR_TX_ERRORS, 785 atomic_long_read(&session->stats.tx_errors), 786 L2TP_ATTR_STATS_PAD) || 787 nla_put_u64_64bit(skb, L2TP_ATTR_RX_PACKETS, 788 atomic_long_read(&session->stats.rx_packets), 789 L2TP_ATTR_STATS_PAD) || 790 nla_put_u64_64bit(skb, L2TP_ATTR_RX_BYTES, 791 atomic_long_read(&session->stats.rx_bytes), 792 L2TP_ATTR_STATS_PAD) || 793 nla_put_u64_64bit(skb, L2TP_ATTR_RX_SEQ_DISCARDS, 794 atomic_long_read(&session->stats.rx_seq_discards), 795 L2TP_ATTR_STATS_PAD) || 796 nla_put_u64_64bit(skb, L2TP_ATTR_RX_OOS_PACKETS, 797 atomic_long_read(&session->stats.rx_oos_packets), 798 L2TP_ATTR_STATS_PAD) || 799 nla_put_u64_64bit(skb, L2TP_ATTR_RX_ERRORS, 800 atomic_long_read(&session->stats.rx_errors), 801 L2TP_ATTR_STATS_PAD)) 802 goto nla_put_failure; 803 nla_nest_end(skb, nest); 804 805 genlmsg_end(skb, hdr); 806 return 0; 807 808 nla_put_failure: 809 genlmsg_cancel(skb, hdr); 810 return -1; 811 } 812 813 static int l2tp_nl_cmd_session_get(struct sk_buff *skb, struct genl_info *info) 814 { 815 struct l2tp_session *session; 816 struct sk_buff *msg; 817 int ret; 818 819 session = l2tp_nl_session_get(info, false); 820 if (session == NULL) { 821 ret = -ENODEV; 822 goto err; 823 } 824 825 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 826 if (!msg) { 827 ret = -ENOMEM; 828 goto err_ref; 829 } 830 831 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq, 832 0, session, L2TP_CMD_SESSION_GET); 833 if (ret < 0) 834 goto err_ref_msg; 835 836 ret = genlmsg_unicast(genl_info_net(info), msg, info->snd_portid); 837 838 l2tp_session_dec_refcount(session); 839 840 return ret; 841 842 err_ref_msg: 843 nlmsg_free(msg); 844 err_ref: 845 l2tp_session_dec_refcount(session); 846 err: 847 return ret; 848 } 849 850 static int l2tp_nl_cmd_session_dump(struct sk_buff *skb, struct netlink_callback *cb) 851 { 852 struct net *net = sock_net(skb->sk); 853 struct l2tp_session *session; 854 struct l2tp_tunnel *tunnel = NULL; 855 int ti = cb->args[0]; 856 int si = cb->args[1]; 857 858 for (;;) { 859 if (tunnel == NULL) { 860 tunnel = l2tp_tunnel_find_nth(net, ti); 861 if (tunnel == NULL) 862 goto out; 863 } 864 865 session = l2tp_session_get_nth(tunnel, si, false); 866 if (session == NULL) { 867 ti++; 868 tunnel = NULL; 869 si = 0; 870 continue; 871 } 872 873 if (l2tp_nl_session_send(skb, NETLINK_CB(cb->skb).portid, 874 cb->nlh->nlmsg_seq, NLM_F_MULTI, 875 session, L2TP_CMD_SESSION_GET) < 0) { 876 l2tp_session_dec_refcount(session); 877 break; 878 } 879 l2tp_session_dec_refcount(session); 880 881 si++; 882 } 883 884 out: 885 cb->args[0] = ti; 886 cb->args[1] = si; 887 888 return skb->len; 889 } 890 891 static const struct nla_policy l2tp_nl_policy[L2TP_ATTR_MAX + 1] = { 892 [L2TP_ATTR_NONE] = { .type = NLA_UNSPEC, }, 893 [L2TP_ATTR_PW_TYPE] = { .type = NLA_U16, }, 894 [L2TP_ATTR_ENCAP_TYPE] = { .type = NLA_U16, }, 895 [L2TP_ATTR_OFFSET] = { .type = NLA_U16, }, 896 [L2TP_ATTR_DATA_SEQ] = { .type = NLA_U8, }, 897 [L2TP_ATTR_L2SPEC_TYPE] = { .type = NLA_U8, }, 898 [L2TP_ATTR_L2SPEC_LEN] = { .type = NLA_U8, }, 899 [L2TP_ATTR_PROTO_VERSION] = { .type = NLA_U8, }, 900 [L2TP_ATTR_CONN_ID] = { .type = NLA_U32, }, 901 [L2TP_ATTR_PEER_CONN_ID] = { .type = NLA_U32, }, 902 [L2TP_ATTR_SESSION_ID] = { .type = NLA_U32, }, 903 [L2TP_ATTR_PEER_SESSION_ID] = { .type = NLA_U32, }, 904 [L2TP_ATTR_UDP_CSUM] = { .type = NLA_U8, }, 905 [L2TP_ATTR_VLAN_ID] = { .type = NLA_U16, }, 906 [L2TP_ATTR_DEBUG] = { .type = NLA_U32, }, 907 [L2TP_ATTR_RECV_SEQ] = { .type = NLA_U8, }, 908 [L2TP_ATTR_SEND_SEQ] = { .type = NLA_U8, }, 909 [L2TP_ATTR_LNS_MODE] = { .type = NLA_U8, }, 910 [L2TP_ATTR_USING_IPSEC] = { .type = NLA_U8, }, 911 [L2TP_ATTR_RECV_TIMEOUT] = { .type = NLA_MSECS, }, 912 [L2TP_ATTR_FD] = { .type = NLA_U32, }, 913 [L2TP_ATTR_IP_SADDR] = { .type = NLA_U32, }, 914 [L2TP_ATTR_IP_DADDR] = { .type = NLA_U32, }, 915 [L2TP_ATTR_UDP_SPORT] = { .type = NLA_U16, }, 916 [L2TP_ATTR_UDP_DPORT] = { .type = NLA_U16, }, 917 [L2TP_ATTR_MTU] = { .type = NLA_U16, }, 918 [L2TP_ATTR_MRU] = { .type = NLA_U16, }, 919 [L2TP_ATTR_STATS] = { .type = NLA_NESTED, }, 920 [L2TP_ATTR_IP6_SADDR] = { 921 .type = NLA_BINARY, 922 .len = sizeof(struct in6_addr), 923 }, 924 [L2TP_ATTR_IP6_DADDR] = { 925 .type = NLA_BINARY, 926 .len = sizeof(struct in6_addr), 927 }, 928 [L2TP_ATTR_IFNAME] = { 929 .type = NLA_NUL_STRING, 930 .len = IFNAMSIZ - 1, 931 }, 932 [L2TP_ATTR_COOKIE] = { 933 .type = NLA_BINARY, 934 .len = 8, 935 }, 936 [L2TP_ATTR_PEER_COOKIE] = { 937 .type = NLA_BINARY, 938 .len = 8, 939 }, 940 }; 941 942 static const struct genl_ops l2tp_nl_ops[] = { 943 { 944 .cmd = L2TP_CMD_NOOP, 945 .doit = l2tp_nl_cmd_noop, 946 .policy = l2tp_nl_policy, 947 /* can be retrieved by unprivileged users */ 948 }, 949 { 950 .cmd = L2TP_CMD_TUNNEL_CREATE, 951 .doit = l2tp_nl_cmd_tunnel_create, 952 .policy = l2tp_nl_policy, 953 .flags = GENL_ADMIN_PERM, 954 }, 955 { 956 .cmd = L2TP_CMD_TUNNEL_DELETE, 957 .doit = l2tp_nl_cmd_tunnel_delete, 958 .policy = l2tp_nl_policy, 959 .flags = GENL_ADMIN_PERM, 960 }, 961 { 962 .cmd = L2TP_CMD_TUNNEL_MODIFY, 963 .doit = l2tp_nl_cmd_tunnel_modify, 964 .policy = l2tp_nl_policy, 965 .flags = GENL_ADMIN_PERM, 966 }, 967 { 968 .cmd = L2TP_CMD_TUNNEL_GET, 969 .doit = l2tp_nl_cmd_tunnel_get, 970 .dumpit = l2tp_nl_cmd_tunnel_dump, 971 .policy = l2tp_nl_policy, 972 .flags = GENL_ADMIN_PERM, 973 }, 974 { 975 .cmd = L2TP_CMD_SESSION_CREATE, 976 .doit = l2tp_nl_cmd_session_create, 977 .policy = l2tp_nl_policy, 978 .flags = GENL_ADMIN_PERM, 979 }, 980 { 981 .cmd = L2TP_CMD_SESSION_DELETE, 982 .doit = l2tp_nl_cmd_session_delete, 983 .policy = l2tp_nl_policy, 984 .flags = GENL_ADMIN_PERM, 985 }, 986 { 987 .cmd = L2TP_CMD_SESSION_MODIFY, 988 .doit = l2tp_nl_cmd_session_modify, 989 .policy = l2tp_nl_policy, 990 .flags = GENL_ADMIN_PERM, 991 }, 992 { 993 .cmd = L2TP_CMD_SESSION_GET, 994 .doit = l2tp_nl_cmd_session_get, 995 .dumpit = l2tp_nl_cmd_session_dump, 996 .policy = l2tp_nl_policy, 997 .flags = GENL_ADMIN_PERM, 998 }, 999 }; 1000 1001 static struct genl_family l2tp_nl_family __ro_after_init = { 1002 .name = L2TP_GENL_NAME, 1003 .version = L2TP_GENL_VERSION, 1004 .hdrsize = 0, 1005 .maxattr = L2TP_ATTR_MAX, 1006 .netnsok = true, 1007 .module = THIS_MODULE, 1008 .ops = l2tp_nl_ops, 1009 .n_ops = ARRAY_SIZE(l2tp_nl_ops), 1010 .mcgrps = l2tp_multicast_group, 1011 .n_mcgrps = ARRAY_SIZE(l2tp_multicast_group), 1012 }; 1013 1014 int l2tp_nl_register_ops(enum l2tp_pwtype pw_type, const struct l2tp_nl_cmd_ops *ops) 1015 { 1016 int ret; 1017 1018 ret = -EINVAL; 1019 if (pw_type >= __L2TP_PWTYPE_MAX) 1020 goto err; 1021 1022 genl_lock(); 1023 ret = -EBUSY; 1024 if (l2tp_nl_cmd_ops[pw_type]) 1025 goto out; 1026 1027 l2tp_nl_cmd_ops[pw_type] = ops; 1028 ret = 0; 1029 1030 out: 1031 genl_unlock(); 1032 err: 1033 return ret; 1034 } 1035 EXPORT_SYMBOL_GPL(l2tp_nl_register_ops); 1036 1037 void l2tp_nl_unregister_ops(enum l2tp_pwtype pw_type) 1038 { 1039 if (pw_type < __L2TP_PWTYPE_MAX) { 1040 genl_lock(); 1041 l2tp_nl_cmd_ops[pw_type] = NULL; 1042 genl_unlock(); 1043 } 1044 } 1045 EXPORT_SYMBOL_GPL(l2tp_nl_unregister_ops); 1046 1047 static int __init l2tp_nl_init(void) 1048 { 1049 pr_info("L2TP netlink interface\n"); 1050 return genl_register_family(&l2tp_nl_family); 1051 } 1052 1053 static void l2tp_nl_cleanup(void) 1054 { 1055 genl_unregister_family(&l2tp_nl_family); 1056 } 1057 1058 module_init(l2tp_nl_init); 1059 module_exit(l2tp_nl_cleanup); 1060 1061 MODULE_AUTHOR("James Chapman <jchapman@katalix.com>"); 1062 MODULE_DESCRIPTION("L2TP netlink"); 1063 MODULE_LICENSE("GPL"); 1064 MODULE_VERSION("1.0"); 1065 MODULE_ALIAS_GENL_FAMILY("l2tp"); 1066