1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * NETLINK Generic Netlink Family 4 * 5 * Authors: Jamal Hadi Salim 6 * Thomas Graf <tgraf@suug.ch> 7 * Johannes Berg <johannes@sipsolutions.net> 8 */ 9 10 #include <linux/module.h> 11 #include <linux/kernel.h> 12 #include <linux/slab.h> 13 #include <linux/errno.h> 14 #include <linux/types.h> 15 #include <linux/socket.h> 16 #include <linux/string_helpers.h> 17 #include <linux/skbuff.h> 18 #include <linux/mutex.h> 19 #include <linux/bitmap.h> 20 #include <linux/rwsem.h> 21 #include <linux/idr.h> 22 #include <net/sock.h> 23 #include <net/genetlink.h> 24 25 static DEFINE_MUTEX(genl_mutex); /* serialization of message processing */ 26 static DECLARE_RWSEM(cb_lock); 27 28 atomic_t genl_sk_destructing_cnt = ATOMIC_INIT(0); 29 DECLARE_WAIT_QUEUE_HEAD(genl_sk_destructing_waitq); 30 31 void genl_lock(void) 32 { 33 mutex_lock(&genl_mutex); 34 } 35 EXPORT_SYMBOL(genl_lock); 36 37 void genl_unlock(void) 38 { 39 mutex_unlock(&genl_mutex); 40 } 41 EXPORT_SYMBOL(genl_unlock); 42 43 static void genl_lock_all(void) 44 { 45 down_write(&cb_lock); 46 genl_lock(); 47 } 48 49 static void genl_unlock_all(void) 50 { 51 genl_unlock(); 52 up_write(&cb_lock); 53 } 54 55 static DEFINE_IDR(genl_fam_idr); 56 57 /* 58 * Bitmap of multicast groups that are currently in use. 59 * 60 * To avoid an allocation at boot of just one unsigned long, 61 * declare it global instead. 62 * Bit 0 is marked as already used since group 0 is invalid. 63 * Bit 1 is marked as already used since the drop-monitor code 64 * abuses the API and thinks it can statically use group 1. 65 * That group will typically conflict with other groups that 66 * any proper users use. 67 * Bit 16 is marked as used since it's used for generic netlink 68 * and the code no longer marks pre-reserved IDs as used. 69 * Bit 17 is marked as already used since the VFS quota code 70 * also abused this API and relied on family == group ID, we 71 * cater to that by giving it a static family and group ID. 72 * Bit 18 is marked as already used since the PMCRAID driver 73 * did the same thing as the VFS quota code (maybe copied?) 74 */ 75 static unsigned long mc_group_start = 0x3 | BIT(GENL_ID_CTRL) | 76 BIT(GENL_ID_VFS_DQUOT) | 77 BIT(GENL_ID_PMCRAID); 78 static unsigned long *mc_groups = &mc_group_start; 79 static unsigned long mc_groups_longs = 1; 80 81 /* We need the last attribute with non-zero ID therefore a 2-entry array */ 82 static struct nla_policy genl_policy_reject_all[] = { 83 { .type = NLA_REJECT }, 84 { .type = NLA_REJECT }, 85 }; 86 87 static int genl_ctrl_event(int event, const struct genl_family *family, 88 const struct genl_multicast_group *grp, 89 int grp_id); 90 91 static void 92 genl_op_fill_in_reject_policy(const struct genl_family *family, 93 struct genl_ops *op) 94 { 95 BUILD_BUG_ON(ARRAY_SIZE(genl_policy_reject_all) - 1 != 1); 96 97 if (op->policy || op->cmd < family->resv_start_op) 98 return; 99 100 op->policy = genl_policy_reject_all; 101 op->maxattr = 1; 102 } 103 104 static void 105 genl_op_fill_in_reject_policy_split(const struct genl_family *family, 106 struct genl_split_ops *op) 107 { 108 if (op->policy) 109 return; 110 111 op->policy = genl_policy_reject_all; 112 op->maxattr = 1; 113 } 114 115 static const struct genl_family *genl_family_find_byid(unsigned int id) 116 { 117 return idr_find(&genl_fam_idr, id); 118 } 119 120 static const struct genl_family *genl_family_find_byname(char *name) 121 { 122 const struct genl_family *family; 123 unsigned int id; 124 125 idr_for_each_entry(&genl_fam_idr, family, id) 126 if (strcmp(family->name, name) == 0) 127 return family; 128 129 return NULL; 130 } 131 132 struct genl_op_iter { 133 const struct genl_family *family; 134 struct genl_split_ops doit; 135 struct genl_split_ops dumpit; 136 int cmd_idx; 137 int entry_idx; 138 u32 cmd; 139 u8 flags; 140 }; 141 142 static void genl_op_from_full(const struct genl_family *family, 143 unsigned int i, struct genl_ops *op) 144 { 145 *op = family->ops[i]; 146 147 if (!op->maxattr) 148 op->maxattr = family->maxattr; 149 if (!op->policy) 150 op->policy = family->policy; 151 152 genl_op_fill_in_reject_policy(family, op); 153 } 154 155 static int genl_get_cmd_full(u32 cmd, const struct genl_family *family, 156 struct genl_ops *op) 157 { 158 int i; 159 160 for (i = 0; i < family->n_ops; i++) 161 if (family->ops[i].cmd == cmd) { 162 genl_op_from_full(family, i, op); 163 return 0; 164 } 165 166 return -ENOENT; 167 } 168 169 static void genl_op_from_small(const struct genl_family *family, 170 unsigned int i, struct genl_ops *op) 171 { 172 memset(op, 0, sizeof(*op)); 173 op->doit = family->small_ops[i].doit; 174 op->dumpit = family->small_ops[i].dumpit; 175 op->cmd = family->small_ops[i].cmd; 176 op->internal_flags = family->small_ops[i].internal_flags; 177 op->flags = family->small_ops[i].flags; 178 op->validate = family->small_ops[i].validate; 179 180 op->maxattr = family->maxattr; 181 op->policy = family->policy; 182 183 genl_op_fill_in_reject_policy(family, op); 184 } 185 186 static int genl_get_cmd_small(u32 cmd, const struct genl_family *family, 187 struct genl_ops *op) 188 { 189 int i; 190 191 for (i = 0; i < family->n_small_ops; i++) 192 if (family->small_ops[i].cmd == cmd) { 193 genl_op_from_small(family, i, op); 194 return 0; 195 } 196 197 return -ENOENT; 198 } 199 200 static void genl_op_from_split(struct genl_op_iter *iter) 201 { 202 const struct genl_family *family = iter->family; 203 int i, cnt = 0; 204 205 i = iter->entry_idx - family->n_ops - family->n_small_ops; 206 207 if (family->split_ops[i + cnt].flags & GENL_CMD_CAP_DO) { 208 iter->doit = family->split_ops[i + cnt]; 209 genl_op_fill_in_reject_policy_split(family, &iter->doit); 210 cnt++; 211 } else { 212 memset(&iter->doit, 0, sizeof(iter->doit)); 213 } 214 215 if (i + cnt < family->n_split_ops && 216 family->split_ops[i + cnt].flags & GENL_CMD_CAP_DUMP) { 217 iter->dumpit = family->split_ops[i + cnt]; 218 genl_op_fill_in_reject_policy_split(family, &iter->dumpit); 219 cnt++; 220 } else { 221 memset(&iter->dumpit, 0, sizeof(iter->dumpit)); 222 } 223 224 WARN_ON(!cnt); 225 iter->entry_idx += cnt; 226 } 227 228 static int 229 genl_get_cmd_split(u32 cmd, u8 flag, const struct genl_family *family, 230 struct genl_split_ops *op) 231 { 232 int i; 233 234 for (i = 0; i < family->n_split_ops; i++) 235 if (family->split_ops[i].cmd == cmd && 236 family->split_ops[i].flags & flag) { 237 *op = family->split_ops[i]; 238 return 0; 239 } 240 241 return -ENOENT; 242 } 243 244 static int 245 genl_cmd_full_to_split(struct genl_split_ops *op, 246 const struct genl_family *family, 247 const struct genl_ops *full, u8 flags) 248 { 249 if ((flags & GENL_CMD_CAP_DO && !full->doit) || 250 (flags & GENL_CMD_CAP_DUMP && !full->dumpit)) { 251 memset(op, 0, sizeof(*op)); 252 return -ENOENT; 253 } 254 255 if (flags & GENL_CMD_CAP_DUMP) { 256 op->start = full->start; 257 op->dumpit = full->dumpit; 258 op->done = full->done; 259 } else { 260 op->pre_doit = family->pre_doit; 261 op->doit = full->doit; 262 op->post_doit = family->post_doit; 263 } 264 265 if (flags & GENL_CMD_CAP_DUMP && 266 full->validate & GENL_DONT_VALIDATE_DUMP) { 267 op->policy = NULL; 268 op->maxattr = 0; 269 } else { 270 op->policy = full->policy; 271 op->maxattr = full->maxattr; 272 } 273 274 op->cmd = full->cmd; 275 op->internal_flags = full->internal_flags; 276 op->flags = full->flags; 277 op->validate = full->validate; 278 279 /* Make sure flags include the GENL_CMD_CAP_DO / GENL_CMD_CAP_DUMP */ 280 op->flags |= flags; 281 282 return 0; 283 } 284 285 /* Must make sure that op is initialized to 0 on failure */ 286 static int 287 genl_get_cmd(u32 cmd, u8 flags, const struct genl_family *family, 288 struct genl_split_ops *op) 289 { 290 struct genl_ops full; 291 int err; 292 293 err = genl_get_cmd_full(cmd, family, &full); 294 if (err == -ENOENT) 295 err = genl_get_cmd_small(cmd, family, &full); 296 /* Found one of legacy forms */ 297 if (err == 0) 298 return genl_cmd_full_to_split(op, family, &full, flags); 299 300 err = genl_get_cmd_split(cmd, flags, family, op); 301 if (err) 302 memset(op, 0, sizeof(*op)); 303 return err; 304 } 305 306 /* For policy dumping only, get ops of both do and dump. 307 * Fail if both are missing, genl_get_cmd() will zero-init in case of failure. 308 */ 309 static int 310 genl_get_cmd_both(u32 cmd, const struct genl_family *family, 311 struct genl_split_ops *doit, struct genl_split_ops *dumpit) 312 { 313 int err1, err2; 314 315 err1 = genl_get_cmd(cmd, GENL_CMD_CAP_DO, family, doit); 316 err2 = genl_get_cmd(cmd, GENL_CMD_CAP_DUMP, family, dumpit); 317 318 return err1 && err2 ? -ENOENT : 0; 319 } 320 321 static bool 322 genl_op_iter_init(const struct genl_family *family, struct genl_op_iter *iter) 323 { 324 iter->family = family; 325 iter->cmd_idx = 0; 326 iter->entry_idx = 0; 327 328 iter->flags = 0; 329 330 return iter->family->n_ops + 331 iter->family->n_small_ops + 332 iter->family->n_split_ops; 333 } 334 335 static bool genl_op_iter_next(struct genl_op_iter *iter) 336 { 337 const struct genl_family *family = iter->family; 338 bool legacy_op = true; 339 struct genl_ops op; 340 341 if (iter->entry_idx < family->n_ops) { 342 genl_op_from_full(family, iter->entry_idx, &op); 343 } else if (iter->entry_idx < family->n_ops + family->n_small_ops) { 344 genl_op_from_small(family, iter->entry_idx - family->n_ops, 345 &op); 346 } else if (iter->entry_idx < 347 family->n_ops + family->n_small_ops + family->n_split_ops) { 348 legacy_op = false; 349 /* updates entry_idx */ 350 genl_op_from_split(iter); 351 } else { 352 return false; 353 } 354 355 iter->cmd_idx++; 356 357 if (legacy_op) { 358 iter->entry_idx++; 359 360 genl_cmd_full_to_split(&iter->doit, family, 361 &op, GENL_CMD_CAP_DO); 362 genl_cmd_full_to_split(&iter->dumpit, family, 363 &op, GENL_CMD_CAP_DUMP); 364 } 365 366 iter->cmd = iter->doit.cmd | iter->dumpit.cmd; 367 iter->flags = iter->doit.flags | iter->dumpit.flags; 368 369 return true; 370 } 371 372 static void 373 genl_op_iter_copy(struct genl_op_iter *dst, struct genl_op_iter *src) 374 { 375 *dst = *src; 376 } 377 378 static unsigned int genl_op_iter_idx(struct genl_op_iter *iter) 379 { 380 return iter->cmd_idx; 381 } 382 383 static int genl_allocate_reserve_groups(int n_groups, int *first_id) 384 { 385 unsigned long *new_groups; 386 int start = 0; 387 int i; 388 int id; 389 bool fits; 390 391 do { 392 if (start == 0) 393 id = find_first_zero_bit(mc_groups, 394 mc_groups_longs * 395 BITS_PER_LONG); 396 else 397 id = find_next_zero_bit(mc_groups, 398 mc_groups_longs * BITS_PER_LONG, 399 start); 400 401 fits = true; 402 for (i = id; 403 i < min_t(int, id + n_groups, 404 mc_groups_longs * BITS_PER_LONG); 405 i++) { 406 if (test_bit(i, mc_groups)) { 407 start = i; 408 fits = false; 409 break; 410 } 411 } 412 413 if (id + n_groups > mc_groups_longs * BITS_PER_LONG) { 414 unsigned long new_longs = mc_groups_longs + 415 BITS_TO_LONGS(n_groups); 416 size_t nlen = new_longs * sizeof(unsigned long); 417 418 if (mc_groups == &mc_group_start) { 419 new_groups = kzalloc(nlen, GFP_KERNEL); 420 if (!new_groups) 421 return -ENOMEM; 422 mc_groups = new_groups; 423 *mc_groups = mc_group_start; 424 } else { 425 new_groups = krealloc(mc_groups, nlen, 426 GFP_KERNEL); 427 if (!new_groups) 428 return -ENOMEM; 429 mc_groups = new_groups; 430 for (i = 0; i < BITS_TO_LONGS(n_groups); i++) 431 mc_groups[mc_groups_longs + i] = 0; 432 } 433 mc_groups_longs = new_longs; 434 } 435 } while (!fits); 436 437 for (i = id; i < id + n_groups; i++) 438 set_bit(i, mc_groups); 439 *first_id = id; 440 return 0; 441 } 442 443 static struct genl_family genl_ctrl; 444 445 static int genl_validate_assign_mc_groups(struct genl_family *family) 446 { 447 int first_id; 448 int n_groups = family->n_mcgrps; 449 int err = 0, i; 450 bool groups_allocated = false; 451 452 if (!n_groups) 453 return 0; 454 455 for (i = 0; i < n_groups; i++) { 456 const struct genl_multicast_group *grp = &family->mcgrps[i]; 457 458 if (WARN_ON(grp->name[0] == '\0')) 459 return -EINVAL; 460 if (WARN_ON(!string_is_terminated(grp->name, GENL_NAMSIZ))) 461 return -EINVAL; 462 } 463 464 /* special-case our own group and hacks */ 465 if (family == &genl_ctrl) { 466 first_id = GENL_ID_CTRL; 467 BUG_ON(n_groups != 1); 468 } else if (strcmp(family->name, "NET_DM") == 0) { 469 first_id = 1; 470 BUG_ON(n_groups != 1); 471 } else if (family->id == GENL_ID_VFS_DQUOT) { 472 first_id = GENL_ID_VFS_DQUOT; 473 BUG_ON(n_groups != 1); 474 } else if (family->id == GENL_ID_PMCRAID) { 475 first_id = GENL_ID_PMCRAID; 476 BUG_ON(n_groups != 1); 477 } else { 478 groups_allocated = true; 479 err = genl_allocate_reserve_groups(n_groups, &first_id); 480 if (err) 481 return err; 482 } 483 484 family->mcgrp_offset = first_id; 485 486 /* if still initializing, can't and don't need to realloc bitmaps */ 487 if (!init_net.genl_sock) 488 return 0; 489 490 if (family->netnsok) { 491 struct net *net; 492 493 netlink_table_grab(); 494 rcu_read_lock(); 495 for_each_net_rcu(net) { 496 err = __netlink_change_ngroups(net->genl_sock, 497 mc_groups_longs * BITS_PER_LONG); 498 if (err) { 499 /* 500 * No need to roll back, can only fail if 501 * memory allocation fails and then the 502 * number of _possible_ groups has been 503 * increased on some sockets which is ok. 504 */ 505 break; 506 } 507 } 508 rcu_read_unlock(); 509 netlink_table_ungrab(); 510 } else { 511 err = netlink_change_ngroups(init_net.genl_sock, 512 mc_groups_longs * BITS_PER_LONG); 513 } 514 515 if (groups_allocated && err) { 516 for (i = 0; i < family->n_mcgrps; i++) 517 clear_bit(family->mcgrp_offset + i, mc_groups); 518 } 519 520 return err; 521 } 522 523 static void genl_unregister_mc_groups(const struct genl_family *family) 524 { 525 struct net *net; 526 int i; 527 528 netlink_table_grab(); 529 rcu_read_lock(); 530 for_each_net_rcu(net) { 531 for (i = 0; i < family->n_mcgrps; i++) 532 __netlink_clear_multicast_users( 533 net->genl_sock, family->mcgrp_offset + i); 534 } 535 rcu_read_unlock(); 536 netlink_table_ungrab(); 537 538 for (i = 0; i < family->n_mcgrps; i++) { 539 int grp_id = family->mcgrp_offset + i; 540 541 if (grp_id != 1) 542 clear_bit(grp_id, mc_groups); 543 genl_ctrl_event(CTRL_CMD_DELMCAST_GRP, family, 544 &family->mcgrps[i], grp_id); 545 } 546 } 547 548 static bool genl_split_op_check(const struct genl_split_ops *op) 549 { 550 if (WARN_ON(hweight8(op->flags & (GENL_CMD_CAP_DO | 551 GENL_CMD_CAP_DUMP)) != 1)) 552 return true; 553 return false; 554 } 555 556 static int genl_validate_ops(const struct genl_family *family) 557 { 558 struct genl_op_iter i, j; 559 unsigned int s; 560 561 if (WARN_ON(family->n_ops && !family->ops) || 562 WARN_ON(family->n_small_ops && !family->small_ops) || 563 WARN_ON(family->n_split_ops && !family->split_ops)) 564 return -EINVAL; 565 566 for (genl_op_iter_init(family, &i); genl_op_iter_next(&i); ) { 567 if (!(i.flags & (GENL_CMD_CAP_DO | GENL_CMD_CAP_DUMP))) 568 return -EINVAL; 569 570 if (WARN_ON(i.cmd >= family->resv_start_op && 571 (i.doit.validate || i.dumpit.validate))) 572 return -EINVAL; 573 574 genl_op_iter_copy(&j, &i); 575 while (genl_op_iter_next(&j)) { 576 if (i.cmd == j.cmd) 577 return -EINVAL; 578 } 579 } 580 581 if (family->n_split_ops) { 582 if (genl_split_op_check(&family->split_ops[0])) 583 return -EINVAL; 584 } 585 586 for (s = 1; s < family->n_split_ops; s++) { 587 const struct genl_split_ops *a, *b; 588 589 a = &family->split_ops[s - 1]; 590 b = &family->split_ops[s]; 591 592 if (genl_split_op_check(b)) 593 return -EINVAL; 594 595 /* Check sort order */ 596 if (a->cmd < b->cmd) { 597 continue; 598 } else if (a->cmd > b->cmd) { 599 WARN_ON(1); 600 return -EINVAL; 601 } 602 603 if (a->internal_flags != b->internal_flags || 604 ((a->flags ^ b->flags) & ~(GENL_CMD_CAP_DO | 605 GENL_CMD_CAP_DUMP))) { 606 WARN_ON(1); 607 return -EINVAL; 608 } 609 610 if ((a->flags & GENL_CMD_CAP_DO) && 611 (b->flags & GENL_CMD_CAP_DUMP)) 612 continue; 613 614 WARN_ON(1); 615 return -EINVAL; 616 } 617 618 return 0; 619 } 620 621 /** 622 * genl_register_family - register a generic netlink family 623 * @family: generic netlink family 624 * 625 * Registers the specified family after validating it first. Only one 626 * family may be registered with the same family name or identifier. 627 * 628 * The family's ops, multicast groups and module pointer must already 629 * be assigned. 630 * 631 * Return 0 on success or a negative error code. 632 */ 633 int genl_register_family(struct genl_family *family) 634 { 635 int err, i; 636 int start = GENL_START_ALLOC, end = GENL_MAX_ID; 637 638 err = genl_validate_ops(family); 639 if (err) 640 return err; 641 642 genl_lock_all(); 643 644 if (genl_family_find_byname(family->name)) { 645 err = -EEXIST; 646 goto errout_locked; 647 } 648 649 /* 650 * Sadly, a few cases need to be special-cased 651 * due to them having previously abused the API 652 * and having used their family ID also as their 653 * multicast group ID, so we use reserved IDs 654 * for both to be sure we can do that mapping. 655 */ 656 if (family == &genl_ctrl) { 657 /* and this needs to be special for initial family lookups */ 658 start = end = GENL_ID_CTRL; 659 } else if (strcmp(family->name, "pmcraid") == 0) { 660 start = end = GENL_ID_PMCRAID; 661 } else if (strcmp(family->name, "VFS_DQUOT") == 0) { 662 start = end = GENL_ID_VFS_DQUOT; 663 } 664 665 family->id = idr_alloc_cyclic(&genl_fam_idr, family, 666 start, end + 1, GFP_KERNEL); 667 if (family->id < 0) { 668 err = family->id; 669 goto errout_locked; 670 } 671 672 err = genl_validate_assign_mc_groups(family); 673 if (err) 674 goto errout_remove; 675 676 genl_unlock_all(); 677 678 /* send all events */ 679 genl_ctrl_event(CTRL_CMD_NEWFAMILY, family, NULL, 0); 680 for (i = 0; i < family->n_mcgrps; i++) 681 genl_ctrl_event(CTRL_CMD_NEWMCAST_GRP, family, 682 &family->mcgrps[i], family->mcgrp_offset + i); 683 684 return 0; 685 686 errout_remove: 687 idr_remove(&genl_fam_idr, family->id); 688 errout_locked: 689 genl_unlock_all(); 690 return err; 691 } 692 EXPORT_SYMBOL(genl_register_family); 693 694 /** 695 * genl_unregister_family - unregister generic netlink family 696 * @family: generic netlink family 697 * 698 * Unregisters the specified family. 699 * 700 * Returns 0 on success or a negative error code. 701 */ 702 int genl_unregister_family(const struct genl_family *family) 703 { 704 genl_lock_all(); 705 706 if (!genl_family_find_byid(family->id)) { 707 genl_unlock_all(); 708 return -ENOENT; 709 } 710 711 genl_unregister_mc_groups(family); 712 713 idr_remove(&genl_fam_idr, family->id); 714 715 up_write(&cb_lock); 716 wait_event(genl_sk_destructing_waitq, 717 atomic_read(&genl_sk_destructing_cnt) == 0); 718 genl_unlock(); 719 720 genl_ctrl_event(CTRL_CMD_DELFAMILY, family, NULL, 0); 721 722 return 0; 723 } 724 EXPORT_SYMBOL(genl_unregister_family); 725 726 /** 727 * genlmsg_put - Add generic netlink header to netlink message 728 * @skb: socket buffer holding the message 729 * @portid: netlink portid the message is addressed to 730 * @seq: sequence number (usually the one of the sender) 731 * @family: generic netlink family 732 * @flags: netlink message flags 733 * @cmd: generic netlink command 734 * 735 * Returns pointer to user specific header 736 */ 737 void *genlmsg_put(struct sk_buff *skb, u32 portid, u32 seq, 738 const struct genl_family *family, int flags, u8 cmd) 739 { 740 struct nlmsghdr *nlh; 741 struct genlmsghdr *hdr; 742 743 nlh = nlmsg_put(skb, portid, seq, family->id, GENL_HDRLEN + 744 family->hdrsize, flags); 745 if (nlh == NULL) 746 return NULL; 747 748 hdr = nlmsg_data(nlh); 749 hdr->cmd = cmd; 750 hdr->version = family->version; 751 hdr->reserved = 0; 752 753 return (char *) hdr + GENL_HDRLEN; 754 } 755 EXPORT_SYMBOL(genlmsg_put); 756 757 static struct genl_dumpit_info *genl_dumpit_info_alloc(void) 758 { 759 return kmalloc(sizeof(struct genl_dumpit_info), GFP_KERNEL); 760 } 761 762 static void genl_dumpit_info_free(const struct genl_dumpit_info *info) 763 { 764 kfree(info); 765 } 766 767 static struct nlattr ** 768 genl_family_rcv_msg_attrs_parse(const struct genl_family *family, 769 struct nlmsghdr *nlh, 770 struct netlink_ext_ack *extack, 771 const struct genl_split_ops *ops, 772 int hdrlen, 773 enum genl_validate_flags no_strict_flag) 774 { 775 enum netlink_validation validate = ops->validate & no_strict_flag ? 776 NL_VALIDATE_LIBERAL : 777 NL_VALIDATE_STRICT; 778 struct nlattr **attrbuf; 779 int err; 780 781 if (!ops->maxattr) 782 return NULL; 783 784 attrbuf = kmalloc_array(ops->maxattr + 1, 785 sizeof(struct nlattr *), GFP_KERNEL); 786 if (!attrbuf) 787 return ERR_PTR(-ENOMEM); 788 789 err = __nlmsg_parse(nlh, hdrlen, attrbuf, ops->maxattr, ops->policy, 790 validate, extack); 791 if (err) { 792 kfree(attrbuf); 793 return ERR_PTR(err); 794 } 795 return attrbuf; 796 } 797 798 static void genl_family_rcv_msg_attrs_free(struct nlattr **attrbuf) 799 { 800 kfree(attrbuf); 801 } 802 803 struct genl_start_context { 804 const struct genl_family *family; 805 struct nlmsghdr *nlh; 806 struct netlink_ext_ack *extack; 807 const struct genl_split_ops *ops; 808 int hdrlen; 809 }; 810 811 static int genl_start(struct netlink_callback *cb) 812 { 813 struct genl_start_context *ctx = cb->data; 814 const struct genl_split_ops *ops; 815 struct genl_dumpit_info *info; 816 struct nlattr **attrs = NULL; 817 int rc = 0; 818 819 ops = ctx->ops; 820 if (!(ops->validate & GENL_DONT_VALIDATE_DUMP) && 821 ctx->nlh->nlmsg_len < nlmsg_msg_size(ctx->hdrlen)) 822 return -EINVAL; 823 824 attrs = genl_family_rcv_msg_attrs_parse(ctx->family, ctx->nlh, ctx->extack, 825 ops, ctx->hdrlen, 826 GENL_DONT_VALIDATE_DUMP_STRICT); 827 if (IS_ERR(attrs)) 828 return PTR_ERR(attrs); 829 830 info = genl_dumpit_info_alloc(); 831 if (!info) { 832 genl_family_rcv_msg_attrs_free(attrs); 833 return -ENOMEM; 834 } 835 info->family = ctx->family; 836 info->op = *ops; 837 info->attrs = attrs; 838 839 cb->data = info; 840 if (ops->start) { 841 if (!ctx->family->parallel_ops) 842 genl_lock(); 843 rc = ops->start(cb); 844 if (!ctx->family->parallel_ops) 845 genl_unlock(); 846 } 847 848 if (rc) { 849 genl_family_rcv_msg_attrs_free(info->attrs); 850 genl_dumpit_info_free(info); 851 cb->data = NULL; 852 } 853 return rc; 854 } 855 856 static int genl_lock_dumpit(struct sk_buff *skb, struct netlink_callback *cb) 857 { 858 const struct genl_split_ops *ops = &genl_dumpit_info(cb)->op; 859 int rc; 860 861 genl_lock(); 862 rc = ops->dumpit(skb, cb); 863 genl_unlock(); 864 return rc; 865 } 866 867 static int genl_lock_done(struct netlink_callback *cb) 868 { 869 const struct genl_dumpit_info *info = genl_dumpit_info(cb); 870 const struct genl_split_ops *ops = &info->op; 871 int rc = 0; 872 873 if (ops->done) { 874 genl_lock(); 875 rc = ops->done(cb); 876 genl_unlock(); 877 } 878 genl_family_rcv_msg_attrs_free(info->attrs); 879 genl_dumpit_info_free(info); 880 return rc; 881 } 882 883 static int genl_parallel_done(struct netlink_callback *cb) 884 { 885 const struct genl_dumpit_info *info = genl_dumpit_info(cb); 886 const struct genl_split_ops *ops = &info->op; 887 int rc = 0; 888 889 if (ops->done) 890 rc = ops->done(cb); 891 genl_family_rcv_msg_attrs_free(info->attrs); 892 genl_dumpit_info_free(info); 893 return rc; 894 } 895 896 static int genl_family_rcv_msg_dumpit(const struct genl_family *family, 897 struct sk_buff *skb, 898 struct nlmsghdr *nlh, 899 struct netlink_ext_ack *extack, 900 const struct genl_split_ops *ops, 901 int hdrlen, struct net *net) 902 { 903 struct genl_start_context ctx; 904 int err; 905 906 ctx.family = family; 907 ctx.nlh = nlh; 908 ctx.extack = extack; 909 ctx.ops = ops; 910 ctx.hdrlen = hdrlen; 911 912 if (!family->parallel_ops) { 913 struct netlink_dump_control c = { 914 .module = family->module, 915 .data = &ctx, 916 .start = genl_start, 917 .dump = genl_lock_dumpit, 918 .done = genl_lock_done, 919 .extack = extack, 920 }; 921 922 genl_unlock(); 923 err = __netlink_dump_start(net->genl_sock, skb, nlh, &c); 924 genl_lock(); 925 } else { 926 struct netlink_dump_control c = { 927 .module = family->module, 928 .data = &ctx, 929 .start = genl_start, 930 .dump = ops->dumpit, 931 .done = genl_parallel_done, 932 .extack = extack, 933 }; 934 935 err = __netlink_dump_start(net->genl_sock, skb, nlh, &c); 936 } 937 938 return err; 939 } 940 941 static int genl_family_rcv_msg_doit(const struct genl_family *family, 942 struct sk_buff *skb, 943 struct nlmsghdr *nlh, 944 struct netlink_ext_ack *extack, 945 const struct genl_split_ops *ops, 946 int hdrlen, struct net *net) 947 { 948 struct nlattr **attrbuf; 949 struct genl_info info; 950 int err; 951 952 attrbuf = genl_family_rcv_msg_attrs_parse(family, nlh, extack, 953 ops, hdrlen, 954 GENL_DONT_VALIDATE_STRICT); 955 if (IS_ERR(attrbuf)) 956 return PTR_ERR(attrbuf); 957 958 info.snd_seq = nlh->nlmsg_seq; 959 info.snd_portid = NETLINK_CB(skb).portid; 960 info.nlhdr = nlh; 961 info.genlhdr = nlmsg_data(nlh); 962 info.userhdr = nlmsg_data(nlh) + GENL_HDRLEN; 963 info.attrs = attrbuf; 964 info.extack = extack; 965 genl_info_net_set(&info, net); 966 memset(&info.user_ptr, 0, sizeof(info.user_ptr)); 967 968 if (ops->pre_doit) { 969 err = ops->pre_doit(ops, skb, &info); 970 if (err) 971 goto out; 972 } 973 974 err = ops->doit(skb, &info); 975 976 if (ops->post_doit) 977 ops->post_doit(ops, skb, &info); 978 979 out: 980 genl_family_rcv_msg_attrs_free(attrbuf); 981 982 return err; 983 } 984 985 static int genl_header_check(const struct genl_family *family, 986 struct nlmsghdr *nlh, struct genlmsghdr *hdr, 987 struct netlink_ext_ack *extack) 988 { 989 u16 flags; 990 991 /* Only for commands added after we started validating */ 992 if (hdr->cmd < family->resv_start_op) 993 return 0; 994 995 if (hdr->reserved) { 996 NL_SET_ERR_MSG(extack, "genlmsghdr.reserved field is not 0"); 997 return -EINVAL; 998 } 999 1000 /* Old netlink flags have pretty loose semantics, allow only the flags 1001 * consumed by the core where we can enforce the meaning. 1002 */ 1003 flags = nlh->nlmsg_flags; 1004 if ((flags & NLM_F_DUMP) == NLM_F_DUMP) /* DUMP is 2 bits */ 1005 flags &= ~NLM_F_DUMP; 1006 if (flags & ~(NLM_F_REQUEST | NLM_F_ACK | NLM_F_ECHO)) { 1007 NL_SET_ERR_MSG(extack, 1008 "ambiguous or reserved bits set in nlmsg_flags"); 1009 return -EINVAL; 1010 } 1011 1012 return 0; 1013 } 1014 1015 static int genl_family_rcv_msg(const struct genl_family *family, 1016 struct sk_buff *skb, 1017 struct nlmsghdr *nlh, 1018 struct netlink_ext_ack *extack) 1019 { 1020 struct net *net = sock_net(skb->sk); 1021 struct genlmsghdr *hdr = nlmsg_data(nlh); 1022 struct genl_split_ops op; 1023 int hdrlen; 1024 u8 flags; 1025 1026 /* this family doesn't exist in this netns */ 1027 if (!family->netnsok && !net_eq(net, &init_net)) 1028 return -ENOENT; 1029 1030 hdrlen = GENL_HDRLEN + family->hdrsize; 1031 if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen)) 1032 return -EINVAL; 1033 1034 if (genl_header_check(family, nlh, hdr, extack)) 1035 return -EINVAL; 1036 1037 flags = (nlh->nlmsg_flags & NLM_F_DUMP) == NLM_F_DUMP ? 1038 GENL_CMD_CAP_DUMP : GENL_CMD_CAP_DO; 1039 if (genl_get_cmd(hdr->cmd, flags, family, &op)) 1040 return -EOPNOTSUPP; 1041 1042 if ((op.flags & GENL_ADMIN_PERM) && 1043 !netlink_capable(skb, CAP_NET_ADMIN)) 1044 return -EPERM; 1045 1046 if ((op.flags & GENL_UNS_ADMIN_PERM) && 1047 !netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN)) 1048 return -EPERM; 1049 1050 if (flags & GENL_CMD_CAP_DUMP) 1051 return genl_family_rcv_msg_dumpit(family, skb, nlh, extack, 1052 &op, hdrlen, net); 1053 else 1054 return genl_family_rcv_msg_doit(family, skb, nlh, extack, 1055 &op, hdrlen, net); 1056 } 1057 1058 static int genl_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh, 1059 struct netlink_ext_ack *extack) 1060 { 1061 const struct genl_family *family; 1062 int err; 1063 1064 family = genl_family_find_byid(nlh->nlmsg_type); 1065 if (family == NULL) 1066 return -ENOENT; 1067 1068 if (!family->parallel_ops) 1069 genl_lock(); 1070 1071 err = genl_family_rcv_msg(family, skb, nlh, extack); 1072 1073 if (!family->parallel_ops) 1074 genl_unlock(); 1075 1076 return err; 1077 } 1078 1079 static void genl_rcv(struct sk_buff *skb) 1080 { 1081 down_read(&cb_lock); 1082 netlink_rcv_skb(skb, &genl_rcv_msg); 1083 up_read(&cb_lock); 1084 } 1085 1086 /************************************************************************** 1087 * Controller 1088 **************************************************************************/ 1089 1090 static struct genl_family genl_ctrl; 1091 1092 static int ctrl_fill_info(const struct genl_family *family, u32 portid, u32 seq, 1093 u32 flags, struct sk_buff *skb, u8 cmd) 1094 { 1095 struct genl_op_iter i; 1096 void *hdr; 1097 1098 hdr = genlmsg_put(skb, portid, seq, &genl_ctrl, flags, cmd); 1099 if (hdr == NULL) 1100 return -1; 1101 1102 if (nla_put_string(skb, CTRL_ATTR_FAMILY_NAME, family->name) || 1103 nla_put_u16(skb, CTRL_ATTR_FAMILY_ID, family->id) || 1104 nla_put_u32(skb, CTRL_ATTR_VERSION, family->version) || 1105 nla_put_u32(skb, CTRL_ATTR_HDRSIZE, family->hdrsize) || 1106 nla_put_u32(skb, CTRL_ATTR_MAXATTR, family->maxattr)) 1107 goto nla_put_failure; 1108 1109 if (genl_op_iter_init(family, &i)) { 1110 struct nlattr *nla_ops; 1111 1112 nla_ops = nla_nest_start_noflag(skb, CTRL_ATTR_OPS); 1113 if (nla_ops == NULL) 1114 goto nla_put_failure; 1115 1116 while (genl_op_iter_next(&i)) { 1117 struct nlattr *nest; 1118 u32 op_flags; 1119 1120 op_flags = i.flags; 1121 if (i.doit.policy || i.dumpit.policy) 1122 op_flags |= GENL_CMD_CAP_HASPOL; 1123 1124 nest = nla_nest_start_noflag(skb, genl_op_iter_idx(&i)); 1125 if (nest == NULL) 1126 goto nla_put_failure; 1127 1128 if (nla_put_u32(skb, CTRL_ATTR_OP_ID, i.cmd) || 1129 nla_put_u32(skb, CTRL_ATTR_OP_FLAGS, op_flags)) 1130 goto nla_put_failure; 1131 1132 nla_nest_end(skb, nest); 1133 } 1134 1135 nla_nest_end(skb, nla_ops); 1136 } 1137 1138 if (family->n_mcgrps) { 1139 struct nlattr *nla_grps; 1140 int i; 1141 1142 nla_grps = nla_nest_start_noflag(skb, CTRL_ATTR_MCAST_GROUPS); 1143 if (nla_grps == NULL) 1144 goto nla_put_failure; 1145 1146 for (i = 0; i < family->n_mcgrps; i++) { 1147 struct nlattr *nest; 1148 const struct genl_multicast_group *grp; 1149 1150 grp = &family->mcgrps[i]; 1151 1152 nest = nla_nest_start_noflag(skb, i + 1); 1153 if (nest == NULL) 1154 goto nla_put_failure; 1155 1156 if (nla_put_u32(skb, CTRL_ATTR_MCAST_GRP_ID, 1157 family->mcgrp_offset + i) || 1158 nla_put_string(skb, CTRL_ATTR_MCAST_GRP_NAME, 1159 grp->name)) 1160 goto nla_put_failure; 1161 1162 nla_nest_end(skb, nest); 1163 } 1164 nla_nest_end(skb, nla_grps); 1165 } 1166 1167 genlmsg_end(skb, hdr); 1168 return 0; 1169 1170 nla_put_failure: 1171 genlmsg_cancel(skb, hdr); 1172 return -EMSGSIZE; 1173 } 1174 1175 static int ctrl_fill_mcgrp_info(const struct genl_family *family, 1176 const struct genl_multicast_group *grp, 1177 int grp_id, u32 portid, u32 seq, u32 flags, 1178 struct sk_buff *skb, u8 cmd) 1179 { 1180 void *hdr; 1181 struct nlattr *nla_grps; 1182 struct nlattr *nest; 1183 1184 hdr = genlmsg_put(skb, portid, seq, &genl_ctrl, flags, cmd); 1185 if (hdr == NULL) 1186 return -1; 1187 1188 if (nla_put_string(skb, CTRL_ATTR_FAMILY_NAME, family->name) || 1189 nla_put_u16(skb, CTRL_ATTR_FAMILY_ID, family->id)) 1190 goto nla_put_failure; 1191 1192 nla_grps = nla_nest_start_noflag(skb, CTRL_ATTR_MCAST_GROUPS); 1193 if (nla_grps == NULL) 1194 goto nla_put_failure; 1195 1196 nest = nla_nest_start_noflag(skb, 1); 1197 if (nest == NULL) 1198 goto nla_put_failure; 1199 1200 if (nla_put_u32(skb, CTRL_ATTR_MCAST_GRP_ID, grp_id) || 1201 nla_put_string(skb, CTRL_ATTR_MCAST_GRP_NAME, 1202 grp->name)) 1203 goto nla_put_failure; 1204 1205 nla_nest_end(skb, nest); 1206 nla_nest_end(skb, nla_grps); 1207 1208 genlmsg_end(skb, hdr); 1209 return 0; 1210 1211 nla_put_failure: 1212 genlmsg_cancel(skb, hdr); 1213 return -EMSGSIZE; 1214 } 1215 1216 static int ctrl_dumpfamily(struct sk_buff *skb, struct netlink_callback *cb) 1217 { 1218 int n = 0; 1219 struct genl_family *rt; 1220 struct net *net = sock_net(skb->sk); 1221 int fams_to_skip = cb->args[0]; 1222 unsigned int id; 1223 1224 idr_for_each_entry(&genl_fam_idr, rt, id) { 1225 if (!rt->netnsok && !net_eq(net, &init_net)) 1226 continue; 1227 1228 if (n++ < fams_to_skip) 1229 continue; 1230 1231 if (ctrl_fill_info(rt, NETLINK_CB(cb->skb).portid, 1232 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1233 skb, CTRL_CMD_NEWFAMILY) < 0) { 1234 n--; 1235 break; 1236 } 1237 } 1238 1239 cb->args[0] = n; 1240 return skb->len; 1241 } 1242 1243 static struct sk_buff *ctrl_build_family_msg(const struct genl_family *family, 1244 u32 portid, int seq, u8 cmd) 1245 { 1246 struct sk_buff *skb; 1247 int err; 1248 1249 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1250 if (skb == NULL) 1251 return ERR_PTR(-ENOBUFS); 1252 1253 err = ctrl_fill_info(family, portid, seq, 0, skb, cmd); 1254 if (err < 0) { 1255 nlmsg_free(skb); 1256 return ERR_PTR(err); 1257 } 1258 1259 return skb; 1260 } 1261 1262 static struct sk_buff * 1263 ctrl_build_mcgrp_msg(const struct genl_family *family, 1264 const struct genl_multicast_group *grp, 1265 int grp_id, u32 portid, int seq, u8 cmd) 1266 { 1267 struct sk_buff *skb; 1268 int err; 1269 1270 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1271 if (skb == NULL) 1272 return ERR_PTR(-ENOBUFS); 1273 1274 err = ctrl_fill_mcgrp_info(family, grp, grp_id, portid, 1275 seq, 0, skb, cmd); 1276 if (err < 0) { 1277 nlmsg_free(skb); 1278 return ERR_PTR(err); 1279 } 1280 1281 return skb; 1282 } 1283 1284 static const struct nla_policy ctrl_policy_family[] = { 1285 [CTRL_ATTR_FAMILY_ID] = { .type = NLA_U16 }, 1286 [CTRL_ATTR_FAMILY_NAME] = { .type = NLA_NUL_STRING, 1287 .len = GENL_NAMSIZ - 1 }, 1288 }; 1289 1290 static int ctrl_getfamily(struct sk_buff *skb, struct genl_info *info) 1291 { 1292 struct sk_buff *msg; 1293 const struct genl_family *res = NULL; 1294 int err = -EINVAL; 1295 1296 if (info->attrs[CTRL_ATTR_FAMILY_ID]) { 1297 u16 id = nla_get_u16(info->attrs[CTRL_ATTR_FAMILY_ID]); 1298 res = genl_family_find_byid(id); 1299 err = -ENOENT; 1300 } 1301 1302 if (info->attrs[CTRL_ATTR_FAMILY_NAME]) { 1303 char *name; 1304 1305 name = nla_data(info->attrs[CTRL_ATTR_FAMILY_NAME]); 1306 res = genl_family_find_byname(name); 1307 #ifdef CONFIG_MODULES 1308 if (res == NULL) { 1309 genl_unlock(); 1310 up_read(&cb_lock); 1311 request_module("net-pf-%d-proto-%d-family-%s", 1312 PF_NETLINK, NETLINK_GENERIC, name); 1313 down_read(&cb_lock); 1314 genl_lock(); 1315 res = genl_family_find_byname(name); 1316 } 1317 #endif 1318 err = -ENOENT; 1319 } 1320 1321 if (res == NULL) 1322 return err; 1323 1324 if (!res->netnsok && !net_eq(genl_info_net(info), &init_net)) { 1325 /* family doesn't exist here */ 1326 return -ENOENT; 1327 } 1328 1329 msg = ctrl_build_family_msg(res, info->snd_portid, info->snd_seq, 1330 CTRL_CMD_NEWFAMILY); 1331 if (IS_ERR(msg)) 1332 return PTR_ERR(msg); 1333 1334 return genlmsg_reply(msg, info); 1335 } 1336 1337 static int genl_ctrl_event(int event, const struct genl_family *family, 1338 const struct genl_multicast_group *grp, 1339 int grp_id) 1340 { 1341 struct sk_buff *msg; 1342 1343 /* genl is still initialising */ 1344 if (!init_net.genl_sock) 1345 return 0; 1346 1347 switch (event) { 1348 case CTRL_CMD_NEWFAMILY: 1349 case CTRL_CMD_DELFAMILY: 1350 WARN_ON(grp); 1351 msg = ctrl_build_family_msg(family, 0, 0, event); 1352 break; 1353 case CTRL_CMD_NEWMCAST_GRP: 1354 case CTRL_CMD_DELMCAST_GRP: 1355 BUG_ON(!grp); 1356 msg = ctrl_build_mcgrp_msg(family, grp, grp_id, 0, 0, event); 1357 break; 1358 default: 1359 return -EINVAL; 1360 } 1361 1362 if (IS_ERR(msg)) 1363 return PTR_ERR(msg); 1364 1365 if (!family->netnsok) { 1366 genlmsg_multicast_netns(&genl_ctrl, &init_net, msg, 0, 1367 0, GFP_KERNEL); 1368 } else { 1369 rcu_read_lock(); 1370 genlmsg_multicast_allns(&genl_ctrl, msg, 0, 1371 0, GFP_ATOMIC); 1372 rcu_read_unlock(); 1373 } 1374 1375 return 0; 1376 } 1377 1378 struct ctrl_dump_policy_ctx { 1379 struct netlink_policy_dump_state *state; 1380 const struct genl_family *rt; 1381 struct genl_op_iter *op_iter; 1382 u32 op; 1383 u16 fam_id; 1384 u8 dump_map:1, 1385 single_op:1; 1386 }; 1387 1388 static const struct nla_policy ctrl_policy_policy[] = { 1389 [CTRL_ATTR_FAMILY_ID] = { .type = NLA_U16 }, 1390 [CTRL_ATTR_FAMILY_NAME] = { .type = NLA_NUL_STRING, 1391 .len = GENL_NAMSIZ - 1 }, 1392 [CTRL_ATTR_OP] = { .type = NLA_U32 }, 1393 }; 1394 1395 static int ctrl_dumppolicy_start(struct netlink_callback *cb) 1396 { 1397 const struct genl_dumpit_info *info = genl_dumpit_info(cb); 1398 struct ctrl_dump_policy_ctx *ctx = (void *)cb->ctx; 1399 struct nlattr **tb = info->attrs; 1400 const struct genl_family *rt; 1401 struct genl_op_iter i; 1402 int err; 1403 1404 BUILD_BUG_ON(sizeof(*ctx) > sizeof(cb->ctx)); 1405 1406 if (!tb[CTRL_ATTR_FAMILY_ID] && !tb[CTRL_ATTR_FAMILY_NAME]) 1407 return -EINVAL; 1408 1409 if (tb[CTRL_ATTR_FAMILY_ID]) { 1410 ctx->fam_id = nla_get_u16(tb[CTRL_ATTR_FAMILY_ID]); 1411 } else { 1412 rt = genl_family_find_byname( 1413 nla_data(tb[CTRL_ATTR_FAMILY_NAME])); 1414 if (!rt) 1415 return -ENOENT; 1416 ctx->fam_id = rt->id; 1417 } 1418 1419 rt = genl_family_find_byid(ctx->fam_id); 1420 if (!rt) 1421 return -ENOENT; 1422 1423 ctx->rt = rt; 1424 1425 if (tb[CTRL_ATTR_OP]) { 1426 struct genl_split_ops doit, dump; 1427 1428 ctx->single_op = true; 1429 ctx->op = nla_get_u32(tb[CTRL_ATTR_OP]); 1430 1431 err = genl_get_cmd_both(ctx->op, rt, &doit, &dump); 1432 if (err) { 1433 NL_SET_BAD_ATTR(cb->extack, tb[CTRL_ATTR_OP]); 1434 return err; 1435 } 1436 1437 if (doit.policy) { 1438 err = netlink_policy_dump_add_policy(&ctx->state, 1439 doit.policy, 1440 doit.maxattr); 1441 if (err) 1442 goto err_free_state; 1443 } 1444 if (dump.policy) { 1445 err = netlink_policy_dump_add_policy(&ctx->state, 1446 dump.policy, 1447 dump.maxattr); 1448 if (err) 1449 goto err_free_state; 1450 } 1451 1452 if (!ctx->state) 1453 return -ENODATA; 1454 1455 ctx->dump_map = 1; 1456 return 0; 1457 } 1458 1459 ctx->op_iter = kmalloc(sizeof(*ctx->op_iter), GFP_KERNEL); 1460 if (!ctx->op_iter) 1461 return -ENOMEM; 1462 1463 genl_op_iter_init(rt, ctx->op_iter); 1464 ctx->dump_map = genl_op_iter_next(ctx->op_iter); 1465 1466 for (genl_op_iter_init(rt, &i); genl_op_iter_next(&i); ) { 1467 if (i.doit.policy) { 1468 err = netlink_policy_dump_add_policy(&ctx->state, 1469 i.doit.policy, 1470 i.doit.maxattr); 1471 if (err) 1472 goto err_free_state; 1473 } 1474 if (i.dumpit.policy) { 1475 err = netlink_policy_dump_add_policy(&ctx->state, 1476 i.dumpit.policy, 1477 i.dumpit.maxattr); 1478 if (err) 1479 goto err_free_state; 1480 } 1481 } 1482 1483 if (!ctx->state) { 1484 err = -ENODATA; 1485 goto err_free_op_iter; 1486 } 1487 return 0; 1488 1489 err_free_state: 1490 netlink_policy_dump_free(ctx->state); 1491 err_free_op_iter: 1492 kfree(ctx->op_iter); 1493 return err; 1494 } 1495 1496 static void *ctrl_dumppolicy_prep(struct sk_buff *skb, 1497 struct netlink_callback *cb) 1498 { 1499 struct ctrl_dump_policy_ctx *ctx = (void *)cb->ctx; 1500 void *hdr; 1501 1502 hdr = genlmsg_put(skb, NETLINK_CB(cb->skb).portid, 1503 cb->nlh->nlmsg_seq, &genl_ctrl, 1504 NLM_F_MULTI, CTRL_CMD_GETPOLICY); 1505 if (!hdr) 1506 return NULL; 1507 1508 if (nla_put_u16(skb, CTRL_ATTR_FAMILY_ID, ctx->fam_id)) 1509 return NULL; 1510 1511 return hdr; 1512 } 1513 1514 static int ctrl_dumppolicy_put_op(struct sk_buff *skb, 1515 struct netlink_callback *cb, 1516 struct genl_split_ops *doit, 1517 struct genl_split_ops *dumpit) 1518 { 1519 struct ctrl_dump_policy_ctx *ctx = (void *)cb->ctx; 1520 struct nlattr *nest_pol, *nest_op; 1521 void *hdr; 1522 int idx; 1523 1524 /* skip if we have nothing to show */ 1525 if (!doit->policy && !dumpit->policy) 1526 return 0; 1527 1528 hdr = ctrl_dumppolicy_prep(skb, cb); 1529 if (!hdr) 1530 return -ENOBUFS; 1531 1532 nest_pol = nla_nest_start(skb, CTRL_ATTR_OP_POLICY); 1533 if (!nest_pol) 1534 goto err; 1535 1536 nest_op = nla_nest_start(skb, doit->cmd); 1537 if (!nest_op) 1538 goto err; 1539 1540 if (doit->policy) { 1541 idx = netlink_policy_dump_get_policy_idx(ctx->state, 1542 doit->policy, 1543 doit->maxattr); 1544 1545 if (nla_put_u32(skb, CTRL_ATTR_POLICY_DO, idx)) 1546 goto err; 1547 } 1548 if (dumpit->policy) { 1549 idx = netlink_policy_dump_get_policy_idx(ctx->state, 1550 dumpit->policy, 1551 dumpit->maxattr); 1552 1553 if (nla_put_u32(skb, CTRL_ATTR_POLICY_DUMP, idx)) 1554 goto err; 1555 } 1556 1557 nla_nest_end(skb, nest_op); 1558 nla_nest_end(skb, nest_pol); 1559 genlmsg_end(skb, hdr); 1560 1561 return 0; 1562 err: 1563 genlmsg_cancel(skb, hdr); 1564 return -ENOBUFS; 1565 } 1566 1567 static int ctrl_dumppolicy(struct sk_buff *skb, struct netlink_callback *cb) 1568 { 1569 struct ctrl_dump_policy_ctx *ctx = (void *)cb->ctx; 1570 void *hdr; 1571 1572 if (ctx->dump_map) { 1573 if (ctx->single_op) { 1574 struct genl_split_ops doit, dumpit; 1575 1576 if (WARN_ON(genl_get_cmd_both(ctx->op, ctx->rt, 1577 &doit, &dumpit))) 1578 return -ENOENT; 1579 1580 if (ctrl_dumppolicy_put_op(skb, cb, &doit, &dumpit)) 1581 return skb->len; 1582 1583 /* done with the per-op policy index list */ 1584 ctx->dump_map = 0; 1585 } 1586 1587 while (ctx->dump_map) { 1588 if (ctrl_dumppolicy_put_op(skb, cb, 1589 &ctx->op_iter->doit, 1590 &ctx->op_iter->dumpit)) 1591 return skb->len; 1592 1593 ctx->dump_map = genl_op_iter_next(ctx->op_iter); 1594 } 1595 } 1596 1597 while (netlink_policy_dump_loop(ctx->state)) { 1598 struct nlattr *nest; 1599 1600 hdr = ctrl_dumppolicy_prep(skb, cb); 1601 if (!hdr) 1602 goto nla_put_failure; 1603 1604 nest = nla_nest_start(skb, CTRL_ATTR_POLICY); 1605 if (!nest) 1606 goto nla_put_failure; 1607 1608 if (netlink_policy_dump_write(skb, ctx->state)) 1609 goto nla_put_failure; 1610 1611 nla_nest_end(skb, nest); 1612 1613 genlmsg_end(skb, hdr); 1614 } 1615 1616 return skb->len; 1617 1618 nla_put_failure: 1619 genlmsg_cancel(skb, hdr); 1620 return skb->len; 1621 } 1622 1623 static int ctrl_dumppolicy_done(struct netlink_callback *cb) 1624 { 1625 struct ctrl_dump_policy_ctx *ctx = (void *)cb->ctx; 1626 1627 kfree(ctx->op_iter); 1628 netlink_policy_dump_free(ctx->state); 1629 return 0; 1630 } 1631 1632 static const struct genl_split_ops genl_ctrl_ops[] = { 1633 { 1634 .cmd = CTRL_CMD_GETFAMILY, 1635 .validate = GENL_DONT_VALIDATE_STRICT, 1636 .policy = ctrl_policy_family, 1637 .maxattr = ARRAY_SIZE(ctrl_policy_family) - 1, 1638 .doit = ctrl_getfamily, 1639 .flags = GENL_CMD_CAP_DO, 1640 }, 1641 { 1642 .cmd = CTRL_CMD_GETFAMILY, 1643 .validate = GENL_DONT_VALIDATE_DUMP, 1644 .policy = ctrl_policy_family, 1645 .maxattr = ARRAY_SIZE(ctrl_policy_family) - 1, 1646 .dumpit = ctrl_dumpfamily, 1647 .flags = GENL_CMD_CAP_DUMP, 1648 }, 1649 { 1650 .cmd = CTRL_CMD_GETPOLICY, 1651 .policy = ctrl_policy_policy, 1652 .maxattr = ARRAY_SIZE(ctrl_policy_policy) - 1, 1653 .start = ctrl_dumppolicy_start, 1654 .dumpit = ctrl_dumppolicy, 1655 .done = ctrl_dumppolicy_done, 1656 .flags = GENL_CMD_CAP_DUMP, 1657 }, 1658 }; 1659 1660 static const struct genl_multicast_group genl_ctrl_groups[] = { 1661 { .name = "notify", }, 1662 }; 1663 1664 static struct genl_family genl_ctrl __ro_after_init = { 1665 .module = THIS_MODULE, 1666 .split_ops = genl_ctrl_ops, 1667 .n_split_ops = ARRAY_SIZE(genl_ctrl_ops), 1668 .resv_start_op = CTRL_CMD_GETPOLICY + 1, 1669 .mcgrps = genl_ctrl_groups, 1670 .n_mcgrps = ARRAY_SIZE(genl_ctrl_groups), 1671 .id = GENL_ID_CTRL, 1672 .name = "nlctrl", 1673 .version = 0x2, 1674 .netnsok = true, 1675 }; 1676 1677 static int genl_bind(struct net *net, int group) 1678 { 1679 const struct genl_family *family; 1680 unsigned int id; 1681 int ret = 0; 1682 1683 down_read(&cb_lock); 1684 1685 idr_for_each_entry(&genl_fam_idr, family, id) { 1686 const struct genl_multicast_group *grp; 1687 int i; 1688 1689 if (family->n_mcgrps == 0) 1690 continue; 1691 1692 i = group - family->mcgrp_offset; 1693 if (i < 0 || i >= family->n_mcgrps) 1694 continue; 1695 1696 grp = &family->mcgrps[i]; 1697 if ((grp->flags & GENL_UNS_ADMIN_PERM) && 1698 !ns_capable(net->user_ns, CAP_NET_ADMIN)) 1699 ret = -EPERM; 1700 1701 break; 1702 } 1703 1704 up_read(&cb_lock); 1705 return ret; 1706 } 1707 1708 static int __net_init genl_pernet_init(struct net *net) 1709 { 1710 struct netlink_kernel_cfg cfg = { 1711 .input = genl_rcv, 1712 .flags = NL_CFG_F_NONROOT_RECV, 1713 .bind = genl_bind, 1714 }; 1715 1716 /* we'll bump the group number right afterwards */ 1717 net->genl_sock = netlink_kernel_create(net, NETLINK_GENERIC, &cfg); 1718 1719 if (!net->genl_sock && net_eq(net, &init_net)) 1720 panic("GENL: Cannot initialize generic netlink\n"); 1721 1722 if (!net->genl_sock) 1723 return -ENOMEM; 1724 1725 return 0; 1726 } 1727 1728 static void __net_exit genl_pernet_exit(struct net *net) 1729 { 1730 netlink_kernel_release(net->genl_sock); 1731 net->genl_sock = NULL; 1732 } 1733 1734 static struct pernet_operations genl_pernet_ops = { 1735 .init = genl_pernet_init, 1736 .exit = genl_pernet_exit, 1737 }; 1738 1739 static int __init genl_init(void) 1740 { 1741 int err; 1742 1743 err = genl_register_family(&genl_ctrl); 1744 if (err < 0) 1745 goto problem; 1746 1747 err = register_pernet_subsys(&genl_pernet_ops); 1748 if (err) 1749 goto problem; 1750 1751 return 0; 1752 1753 problem: 1754 panic("GENL: Cannot register controller: %d\n", err); 1755 } 1756 1757 core_initcall(genl_init); 1758 1759 static int genlmsg_mcast(struct sk_buff *skb, u32 portid, unsigned long group, 1760 gfp_t flags) 1761 { 1762 struct sk_buff *tmp; 1763 struct net *net, *prev = NULL; 1764 bool delivered = false; 1765 int err; 1766 1767 for_each_net_rcu(net) { 1768 if (prev) { 1769 tmp = skb_clone(skb, flags); 1770 if (!tmp) { 1771 err = -ENOMEM; 1772 goto error; 1773 } 1774 err = nlmsg_multicast(prev->genl_sock, tmp, 1775 portid, group, flags); 1776 if (!err) 1777 delivered = true; 1778 else if (err != -ESRCH) 1779 goto error; 1780 } 1781 1782 prev = net; 1783 } 1784 1785 err = nlmsg_multicast(prev->genl_sock, skb, portid, group, flags); 1786 if (!err) 1787 delivered = true; 1788 else if (err != -ESRCH) 1789 return err; 1790 return delivered ? 0 : -ESRCH; 1791 error: 1792 kfree_skb(skb); 1793 return err; 1794 } 1795 1796 int genlmsg_multicast_allns(const struct genl_family *family, 1797 struct sk_buff *skb, u32 portid, 1798 unsigned int group, gfp_t flags) 1799 { 1800 if (WARN_ON_ONCE(group >= family->n_mcgrps)) 1801 return -EINVAL; 1802 1803 group = family->mcgrp_offset + group; 1804 return genlmsg_mcast(skb, portid, group, flags); 1805 } 1806 EXPORT_SYMBOL(genlmsg_multicast_allns); 1807 1808 void genl_notify(const struct genl_family *family, struct sk_buff *skb, 1809 struct genl_info *info, u32 group, gfp_t flags) 1810 { 1811 struct net *net = genl_info_net(info); 1812 struct sock *sk = net->genl_sock; 1813 1814 if (WARN_ON_ONCE(group >= family->n_mcgrps)) 1815 return; 1816 1817 group = family->mcgrp_offset + group; 1818 nlmsg_notify(sk, skb, info->snd_portid, group, 1819 nlmsg_report(info->nlhdr), flags); 1820 } 1821 EXPORT_SYMBOL(genl_notify); 1822