1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * NETLINK Generic Netlink Family 4 * 5 * Authors: Jamal Hadi Salim 6 * Thomas Graf <tgraf@suug.ch> 7 * Johannes Berg <johannes@sipsolutions.net> 8 */ 9 10 #include <linux/module.h> 11 #include <linux/kernel.h> 12 #include <linux/slab.h> 13 #include <linux/errno.h> 14 #include <linux/types.h> 15 #include <linux/socket.h> 16 #include <linux/string_helpers.h> 17 #include <linux/skbuff.h> 18 #include <linux/mutex.h> 19 #include <linux/bitmap.h> 20 #include <linux/rwsem.h> 21 #include <linux/idr.h> 22 #include <net/sock.h> 23 #include <net/genetlink.h> 24 25 static DEFINE_MUTEX(genl_mutex); /* serialization of message processing */ 26 static DECLARE_RWSEM(cb_lock); 27 28 atomic_t genl_sk_destructing_cnt = ATOMIC_INIT(0); 29 DECLARE_WAIT_QUEUE_HEAD(genl_sk_destructing_waitq); 30 31 void genl_lock(void) 32 { 33 mutex_lock(&genl_mutex); 34 } 35 EXPORT_SYMBOL(genl_lock); 36 37 void genl_unlock(void) 38 { 39 mutex_unlock(&genl_mutex); 40 } 41 EXPORT_SYMBOL(genl_unlock); 42 43 static void genl_lock_all(void) 44 { 45 down_write(&cb_lock); 46 genl_lock(); 47 } 48 49 static void genl_unlock_all(void) 50 { 51 genl_unlock(); 52 up_write(&cb_lock); 53 } 54 55 static DEFINE_IDR(genl_fam_idr); 56 57 /* 58 * Bitmap of multicast groups that are currently in use. 59 * 60 * To avoid an allocation at boot of just one unsigned long, 61 * declare it global instead. 62 * Bit 0 is marked as already used since group 0 is invalid. 63 * Bit 1 is marked as already used since the drop-monitor code 64 * abuses the API and thinks it can statically use group 1. 65 * That group will typically conflict with other groups that 66 * any proper users use. 67 * Bit 16 is marked as used since it's used for generic netlink 68 * and the code no longer marks pre-reserved IDs as used. 69 * Bit 17 is marked as already used since the VFS quota code 70 * also abused this API and relied on family == group ID, we 71 * cater to that by giving it a static family and group ID. 72 * Bit 18 is marked as already used since the PMCRAID driver 73 * did the same thing as the VFS quota code (maybe copied?) 74 */ 75 static unsigned long mc_group_start = 0x3 | BIT(GENL_ID_CTRL) | 76 BIT(GENL_ID_VFS_DQUOT) | 77 BIT(GENL_ID_PMCRAID); 78 static unsigned long *mc_groups = &mc_group_start; 79 static unsigned long mc_groups_longs = 1; 80 81 /* We need the last attribute with non-zero ID therefore a 2-entry array */ 82 static struct nla_policy genl_policy_reject_all[] = { 83 { .type = NLA_REJECT }, 84 { .type = NLA_REJECT }, 85 }; 86 87 static int genl_ctrl_event(int event, const struct genl_family *family, 88 const struct genl_multicast_group *grp, 89 int grp_id); 90 91 static void 92 genl_op_fill_in_reject_policy(const struct genl_family *family, 93 struct genl_ops *op) 94 { 95 BUILD_BUG_ON(ARRAY_SIZE(genl_policy_reject_all) - 1 != 1); 96 97 if (op->policy || op->cmd < family->resv_start_op) 98 return; 99 100 op->policy = genl_policy_reject_all; 101 op->maxattr = 1; 102 } 103 104 static void 105 genl_op_fill_in_reject_policy_split(const struct genl_family *family, 106 struct genl_split_ops *op) 107 { 108 if (op->policy) 109 return; 110 111 op->policy = genl_policy_reject_all; 112 op->maxattr = 1; 113 } 114 115 static const struct genl_family *genl_family_find_byid(unsigned int id) 116 { 117 return idr_find(&genl_fam_idr, id); 118 } 119 120 static const struct genl_family *genl_family_find_byname(char *name) 121 { 122 const struct genl_family *family; 123 unsigned int id; 124 125 idr_for_each_entry(&genl_fam_idr, family, id) 126 if (strcmp(family->name, name) == 0) 127 return family; 128 129 return NULL; 130 } 131 132 struct genl_op_iter { 133 const struct genl_family *family; 134 struct genl_split_ops doit; 135 struct genl_split_ops dumpit; 136 int cmd_idx; 137 int entry_idx; 138 u32 cmd; 139 u8 flags; 140 }; 141 142 static void genl_op_from_full(const struct genl_family *family, 143 unsigned int i, struct genl_ops *op) 144 { 145 *op = family->ops[i]; 146 147 if (!op->maxattr) 148 op->maxattr = family->maxattr; 149 if (!op->policy) 150 op->policy = family->policy; 151 152 genl_op_fill_in_reject_policy(family, op); 153 } 154 155 static int genl_get_cmd_full(u32 cmd, const struct genl_family *family, 156 struct genl_ops *op) 157 { 158 int i; 159 160 for (i = 0; i < family->n_ops; i++) 161 if (family->ops[i].cmd == cmd) { 162 genl_op_from_full(family, i, op); 163 return 0; 164 } 165 166 return -ENOENT; 167 } 168 169 static void genl_op_from_small(const struct genl_family *family, 170 unsigned int i, struct genl_ops *op) 171 { 172 memset(op, 0, sizeof(*op)); 173 op->doit = family->small_ops[i].doit; 174 op->dumpit = family->small_ops[i].dumpit; 175 op->cmd = family->small_ops[i].cmd; 176 op->internal_flags = family->small_ops[i].internal_flags; 177 op->flags = family->small_ops[i].flags; 178 op->validate = family->small_ops[i].validate; 179 180 op->maxattr = family->maxattr; 181 op->policy = family->policy; 182 183 genl_op_fill_in_reject_policy(family, op); 184 } 185 186 static int genl_get_cmd_small(u32 cmd, const struct genl_family *family, 187 struct genl_ops *op) 188 { 189 int i; 190 191 for (i = 0; i < family->n_small_ops; i++) 192 if (family->small_ops[i].cmd == cmd) { 193 genl_op_from_small(family, i, op); 194 return 0; 195 } 196 197 return -ENOENT; 198 } 199 200 static void genl_op_from_split(struct genl_op_iter *iter) 201 { 202 const struct genl_family *family = iter->family; 203 int i, cnt = 0; 204 205 i = iter->entry_idx - family->n_ops - family->n_small_ops; 206 207 if (family->split_ops[i + cnt].flags & GENL_CMD_CAP_DO) { 208 iter->doit = family->split_ops[i + cnt]; 209 genl_op_fill_in_reject_policy_split(family, &iter->doit); 210 cnt++; 211 } else { 212 memset(&iter->doit, 0, sizeof(iter->doit)); 213 } 214 215 if (i + cnt < family->n_split_ops && 216 family->split_ops[i + cnt].flags & GENL_CMD_CAP_DUMP) { 217 iter->dumpit = family->split_ops[i + cnt]; 218 genl_op_fill_in_reject_policy_split(family, &iter->dumpit); 219 cnt++; 220 } else { 221 memset(&iter->dumpit, 0, sizeof(iter->dumpit)); 222 } 223 224 WARN_ON(!cnt); 225 iter->entry_idx += cnt; 226 } 227 228 static int 229 genl_get_cmd_split(u32 cmd, u8 flag, const struct genl_family *family, 230 struct genl_split_ops *op) 231 { 232 int i; 233 234 for (i = 0; i < family->n_split_ops; i++) 235 if (family->split_ops[i].cmd == cmd && 236 family->split_ops[i].flags & flag) { 237 *op = family->split_ops[i]; 238 return 0; 239 } 240 241 return -ENOENT; 242 } 243 244 static int 245 genl_cmd_full_to_split(struct genl_split_ops *op, 246 const struct genl_family *family, 247 const struct genl_ops *full, u8 flags) 248 { 249 if ((flags & GENL_CMD_CAP_DO && !full->doit) || 250 (flags & GENL_CMD_CAP_DUMP && !full->dumpit)) { 251 memset(op, 0, sizeof(*op)); 252 return -ENOENT; 253 } 254 255 if (flags & GENL_CMD_CAP_DUMP) { 256 op->start = full->start; 257 op->dumpit = full->dumpit; 258 op->done = full->done; 259 } else { 260 op->pre_doit = family->pre_doit; 261 op->doit = full->doit; 262 op->post_doit = family->post_doit; 263 } 264 265 if (flags & GENL_CMD_CAP_DUMP && 266 full->validate & GENL_DONT_VALIDATE_DUMP) { 267 op->policy = NULL; 268 op->maxattr = 0; 269 } else { 270 op->policy = full->policy; 271 op->maxattr = full->maxattr; 272 } 273 274 op->cmd = full->cmd; 275 op->internal_flags = full->internal_flags; 276 op->flags = full->flags; 277 op->validate = full->validate; 278 279 /* Make sure flags include the GENL_CMD_CAP_DO / GENL_CMD_CAP_DUMP */ 280 op->flags |= flags; 281 282 return 0; 283 } 284 285 /* Must make sure that op is initialized to 0 on failure */ 286 static int 287 genl_get_cmd(u32 cmd, u8 flags, const struct genl_family *family, 288 struct genl_split_ops *op) 289 { 290 struct genl_ops full; 291 int err; 292 293 err = genl_get_cmd_full(cmd, family, &full); 294 if (err == -ENOENT) 295 err = genl_get_cmd_small(cmd, family, &full); 296 /* Found one of legacy forms */ 297 if (err == 0) 298 return genl_cmd_full_to_split(op, family, &full, flags); 299 300 err = genl_get_cmd_split(cmd, flags, family, op); 301 if (err) 302 memset(op, 0, sizeof(*op)); 303 return err; 304 } 305 306 /* For policy dumping only, get ops of both do and dump. 307 * Fail if both are missing, genl_get_cmd() will zero-init in case of failure. 308 */ 309 static int 310 genl_get_cmd_both(u32 cmd, const struct genl_family *family, 311 struct genl_split_ops *doit, struct genl_split_ops *dumpit) 312 { 313 int err1, err2; 314 315 err1 = genl_get_cmd(cmd, GENL_CMD_CAP_DO, family, doit); 316 err2 = genl_get_cmd(cmd, GENL_CMD_CAP_DUMP, family, dumpit); 317 318 return err1 && err2 ? -ENOENT : 0; 319 } 320 321 static bool 322 genl_op_iter_init(const struct genl_family *family, struct genl_op_iter *iter) 323 { 324 iter->family = family; 325 iter->cmd_idx = 0; 326 iter->entry_idx = 0; 327 328 iter->flags = 0; 329 330 return iter->family->n_ops + 331 iter->family->n_small_ops + 332 iter->family->n_split_ops; 333 } 334 335 static bool genl_op_iter_next(struct genl_op_iter *iter) 336 { 337 const struct genl_family *family = iter->family; 338 bool legacy_op = true; 339 struct genl_ops op; 340 341 if (iter->entry_idx < family->n_ops) { 342 genl_op_from_full(family, iter->entry_idx, &op); 343 } else if (iter->entry_idx < family->n_ops + family->n_small_ops) { 344 genl_op_from_small(family, iter->entry_idx - family->n_ops, 345 &op); 346 } else if (iter->entry_idx < 347 family->n_ops + family->n_small_ops + family->n_split_ops) { 348 legacy_op = false; 349 /* updates entry_idx */ 350 genl_op_from_split(iter); 351 } else { 352 return false; 353 } 354 355 iter->cmd_idx++; 356 357 if (legacy_op) { 358 iter->entry_idx++; 359 360 genl_cmd_full_to_split(&iter->doit, family, 361 &op, GENL_CMD_CAP_DO); 362 genl_cmd_full_to_split(&iter->dumpit, family, 363 &op, GENL_CMD_CAP_DUMP); 364 } 365 366 iter->cmd = iter->doit.cmd | iter->dumpit.cmd; 367 iter->flags = iter->doit.flags | iter->dumpit.flags; 368 369 return true; 370 } 371 372 static void 373 genl_op_iter_copy(struct genl_op_iter *dst, struct genl_op_iter *src) 374 { 375 *dst = *src; 376 } 377 378 static unsigned int genl_op_iter_idx(struct genl_op_iter *iter) 379 { 380 return iter->cmd_idx; 381 } 382 383 static int genl_allocate_reserve_groups(int n_groups, int *first_id) 384 { 385 unsigned long *new_groups; 386 int start = 0; 387 int i; 388 int id; 389 bool fits; 390 391 do { 392 if (start == 0) 393 id = find_first_zero_bit(mc_groups, 394 mc_groups_longs * 395 BITS_PER_LONG); 396 else 397 id = find_next_zero_bit(mc_groups, 398 mc_groups_longs * BITS_PER_LONG, 399 start); 400 401 fits = true; 402 for (i = id; 403 i < min_t(int, id + n_groups, 404 mc_groups_longs * BITS_PER_LONG); 405 i++) { 406 if (test_bit(i, mc_groups)) { 407 start = i; 408 fits = false; 409 break; 410 } 411 } 412 413 if (id + n_groups > mc_groups_longs * BITS_PER_LONG) { 414 unsigned long new_longs = mc_groups_longs + 415 BITS_TO_LONGS(n_groups); 416 size_t nlen = new_longs * sizeof(unsigned long); 417 418 if (mc_groups == &mc_group_start) { 419 new_groups = kzalloc(nlen, GFP_KERNEL); 420 if (!new_groups) 421 return -ENOMEM; 422 mc_groups = new_groups; 423 *mc_groups = mc_group_start; 424 } else { 425 new_groups = krealloc(mc_groups, nlen, 426 GFP_KERNEL); 427 if (!new_groups) 428 return -ENOMEM; 429 mc_groups = new_groups; 430 for (i = 0; i < BITS_TO_LONGS(n_groups); i++) 431 mc_groups[mc_groups_longs + i] = 0; 432 } 433 mc_groups_longs = new_longs; 434 } 435 } while (!fits); 436 437 for (i = id; i < id + n_groups; i++) 438 set_bit(i, mc_groups); 439 *first_id = id; 440 return 0; 441 } 442 443 static struct genl_family genl_ctrl; 444 445 static int genl_validate_assign_mc_groups(struct genl_family *family) 446 { 447 int first_id; 448 int n_groups = family->n_mcgrps; 449 int err = 0, i; 450 bool groups_allocated = false; 451 452 if (!n_groups) 453 return 0; 454 455 for (i = 0; i < n_groups; i++) { 456 const struct genl_multicast_group *grp = &family->mcgrps[i]; 457 458 if (WARN_ON(grp->name[0] == '\0')) 459 return -EINVAL; 460 if (WARN_ON(!string_is_terminated(grp->name, GENL_NAMSIZ))) 461 return -EINVAL; 462 } 463 464 /* special-case our own group and hacks */ 465 if (family == &genl_ctrl) { 466 first_id = GENL_ID_CTRL; 467 BUG_ON(n_groups != 1); 468 } else if (strcmp(family->name, "NET_DM") == 0) { 469 first_id = 1; 470 BUG_ON(n_groups != 1); 471 } else if (family->id == GENL_ID_VFS_DQUOT) { 472 first_id = GENL_ID_VFS_DQUOT; 473 BUG_ON(n_groups != 1); 474 } else if (family->id == GENL_ID_PMCRAID) { 475 first_id = GENL_ID_PMCRAID; 476 BUG_ON(n_groups != 1); 477 } else { 478 groups_allocated = true; 479 err = genl_allocate_reserve_groups(n_groups, &first_id); 480 if (err) 481 return err; 482 } 483 484 family->mcgrp_offset = first_id; 485 486 /* if still initializing, can't and don't need to realloc bitmaps */ 487 if (!init_net.genl_sock) 488 return 0; 489 490 if (family->netnsok) { 491 struct net *net; 492 493 netlink_table_grab(); 494 rcu_read_lock(); 495 for_each_net_rcu(net) { 496 err = __netlink_change_ngroups(net->genl_sock, 497 mc_groups_longs * BITS_PER_LONG); 498 if (err) { 499 /* 500 * No need to roll back, can only fail if 501 * memory allocation fails and then the 502 * number of _possible_ groups has been 503 * increased on some sockets which is ok. 504 */ 505 break; 506 } 507 } 508 rcu_read_unlock(); 509 netlink_table_ungrab(); 510 } else { 511 err = netlink_change_ngroups(init_net.genl_sock, 512 mc_groups_longs * BITS_PER_LONG); 513 } 514 515 if (groups_allocated && err) { 516 for (i = 0; i < family->n_mcgrps; i++) 517 clear_bit(family->mcgrp_offset + i, mc_groups); 518 } 519 520 return err; 521 } 522 523 static void genl_unregister_mc_groups(const struct genl_family *family) 524 { 525 struct net *net; 526 int i; 527 528 netlink_table_grab(); 529 rcu_read_lock(); 530 for_each_net_rcu(net) { 531 for (i = 0; i < family->n_mcgrps; i++) 532 __netlink_clear_multicast_users( 533 net->genl_sock, family->mcgrp_offset + i); 534 } 535 rcu_read_unlock(); 536 netlink_table_ungrab(); 537 538 for (i = 0; i < family->n_mcgrps; i++) { 539 int grp_id = family->mcgrp_offset + i; 540 541 if (grp_id != 1) 542 clear_bit(grp_id, mc_groups); 543 genl_ctrl_event(CTRL_CMD_DELMCAST_GRP, family, 544 &family->mcgrps[i], grp_id); 545 } 546 } 547 548 static bool genl_split_op_check(const struct genl_split_ops *op) 549 { 550 if (WARN_ON(hweight8(op->flags & (GENL_CMD_CAP_DO | 551 GENL_CMD_CAP_DUMP)) != 1)) 552 return true; 553 return false; 554 } 555 556 static int genl_validate_ops(const struct genl_family *family) 557 { 558 struct genl_op_iter i, j; 559 unsigned int s; 560 561 if (WARN_ON(family->n_ops && !family->ops) || 562 WARN_ON(family->n_small_ops && !family->small_ops) || 563 WARN_ON(family->n_split_ops && !family->split_ops)) 564 return -EINVAL; 565 566 for (genl_op_iter_init(family, &i); genl_op_iter_next(&i); ) { 567 if (!(i.flags & (GENL_CMD_CAP_DO | GENL_CMD_CAP_DUMP))) 568 return -EINVAL; 569 570 if (WARN_ON(i.cmd >= family->resv_start_op && 571 (i.doit.validate || i.dumpit.validate))) 572 return -EINVAL; 573 574 genl_op_iter_copy(&j, &i); 575 while (genl_op_iter_next(&j)) { 576 if (i.cmd == j.cmd) 577 return -EINVAL; 578 } 579 } 580 581 if (family->n_split_ops) { 582 if (genl_split_op_check(&family->split_ops[0])) 583 return -EINVAL; 584 } 585 586 for (s = 1; s < family->n_split_ops; s++) { 587 const struct genl_split_ops *a, *b; 588 589 a = &family->split_ops[s - 1]; 590 b = &family->split_ops[s]; 591 592 if (genl_split_op_check(b)) 593 return -EINVAL; 594 595 /* Check sort order */ 596 if (a->cmd < b->cmd) 597 continue; 598 599 if (a->internal_flags != b->internal_flags || 600 ((a->flags ^ b->flags) & ~(GENL_CMD_CAP_DO | 601 GENL_CMD_CAP_DUMP))) { 602 WARN_ON(1); 603 return -EINVAL; 604 } 605 606 if ((a->flags & GENL_CMD_CAP_DO) && 607 (b->flags & GENL_CMD_CAP_DUMP)) 608 continue; 609 610 WARN_ON(1); 611 return -EINVAL; 612 } 613 614 return 0; 615 } 616 617 /** 618 * genl_register_family - register a generic netlink family 619 * @family: generic netlink family 620 * 621 * Registers the specified family after validating it first. Only one 622 * family may be registered with the same family name or identifier. 623 * 624 * The family's ops, multicast groups and module pointer must already 625 * be assigned. 626 * 627 * Return 0 on success or a negative error code. 628 */ 629 int genl_register_family(struct genl_family *family) 630 { 631 int err, i; 632 int start = GENL_START_ALLOC, end = GENL_MAX_ID; 633 634 err = genl_validate_ops(family); 635 if (err) 636 return err; 637 638 genl_lock_all(); 639 640 if (genl_family_find_byname(family->name)) { 641 err = -EEXIST; 642 goto errout_locked; 643 } 644 645 /* 646 * Sadly, a few cases need to be special-cased 647 * due to them having previously abused the API 648 * and having used their family ID also as their 649 * multicast group ID, so we use reserved IDs 650 * for both to be sure we can do that mapping. 651 */ 652 if (family == &genl_ctrl) { 653 /* and this needs to be special for initial family lookups */ 654 start = end = GENL_ID_CTRL; 655 } else if (strcmp(family->name, "pmcraid") == 0) { 656 start = end = GENL_ID_PMCRAID; 657 } else if (strcmp(family->name, "VFS_DQUOT") == 0) { 658 start = end = GENL_ID_VFS_DQUOT; 659 } 660 661 family->id = idr_alloc_cyclic(&genl_fam_idr, family, 662 start, end + 1, GFP_KERNEL); 663 if (family->id < 0) { 664 err = family->id; 665 goto errout_locked; 666 } 667 668 err = genl_validate_assign_mc_groups(family); 669 if (err) 670 goto errout_remove; 671 672 genl_unlock_all(); 673 674 /* send all events */ 675 genl_ctrl_event(CTRL_CMD_NEWFAMILY, family, NULL, 0); 676 for (i = 0; i < family->n_mcgrps; i++) 677 genl_ctrl_event(CTRL_CMD_NEWMCAST_GRP, family, 678 &family->mcgrps[i], family->mcgrp_offset + i); 679 680 return 0; 681 682 errout_remove: 683 idr_remove(&genl_fam_idr, family->id); 684 errout_locked: 685 genl_unlock_all(); 686 return err; 687 } 688 EXPORT_SYMBOL(genl_register_family); 689 690 /** 691 * genl_unregister_family - unregister generic netlink family 692 * @family: generic netlink family 693 * 694 * Unregisters the specified family. 695 * 696 * Returns 0 on success or a negative error code. 697 */ 698 int genl_unregister_family(const struct genl_family *family) 699 { 700 genl_lock_all(); 701 702 if (!genl_family_find_byid(family->id)) { 703 genl_unlock_all(); 704 return -ENOENT; 705 } 706 707 genl_unregister_mc_groups(family); 708 709 idr_remove(&genl_fam_idr, family->id); 710 711 up_write(&cb_lock); 712 wait_event(genl_sk_destructing_waitq, 713 atomic_read(&genl_sk_destructing_cnt) == 0); 714 genl_unlock(); 715 716 genl_ctrl_event(CTRL_CMD_DELFAMILY, family, NULL, 0); 717 718 return 0; 719 } 720 EXPORT_SYMBOL(genl_unregister_family); 721 722 /** 723 * genlmsg_put - Add generic netlink header to netlink message 724 * @skb: socket buffer holding the message 725 * @portid: netlink portid the message is addressed to 726 * @seq: sequence number (usually the one of the sender) 727 * @family: generic netlink family 728 * @flags: netlink message flags 729 * @cmd: generic netlink command 730 * 731 * Returns pointer to user specific header 732 */ 733 void *genlmsg_put(struct sk_buff *skb, u32 portid, u32 seq, 734 const struct genl_family *family, int flags, u8 cmd) 735 { 736 struct nlmsghdr *nlh; 737 struct genlmsghdr *hdr; 738 739 nlh = nlmsg_put(skb, portid, seq, family->id, GENL_HDRLEN + 740 family->hdrsize, flags); 741 if (nlh == NULL) 742 return NULL; 743 744 hdr = nlmsg_data(nlh); 745 hdr->cmd = cmd; 746 hdr->version = family->version; 747 hdr->reserved = 0; 748 749 return (char *) hdr + GENL_HDRLEN; 750 } 751 EXPORT_SYMBOL(genlmsg_put); 752 753 static struct genl_dumpit_info *genl_dumpit_info_alloc(void) 754 { 755 return kmalloc(sizeof(struct genl_dumpit_info), GFP_KERNEL); 756 } 757 758 static void genl_dumpit_info_free(const struct genl_dumpit_info *info) 759 { 760 kfree(info); 761 } 762 763 static struct nlattr ** 764 genl_family_rcv_msg_attrs_parse(const struct genl_family *family, 765 struct nlmsghdr *nlh, 766 struct netlink_ext_ack *extack, 767 const struct genl_split_ops *ops, 768 int hdrlen, 769 enum genl_validate_flags no_strict_flag) 770 { 771 enum netlink_validation validate = ops->validate & no_strict_flag ? 772 NL_VALIDATE_LIBERAL : 773 NL_VALIDATE_STRICT; 774 struct nlattr **attrbuf; 775 int err; 776 777 if (!ops->maxattr) 778 return NULL; 779 780 attrbuf = kmalloc_array(ops->maxattr + 1, 781 sizeof(struct nlattr *), GFP_KERNEL); 782 if (!attrbuf) 783 return ERR_PTR(-ENOMEM); 784 785 err = __nlmsg_parse(nlh, hdrlen, attrbuf, ops->maxattr, ops->policy, 786 validate, extack); 787 if (err) { 788 kfree(attrbuf); 789 return ERR_PTR(err); 790 } 791 return attrbuf; 792 } 793 794 static void genl_family_rcv_msg_attrs_free(struct nlattr **attrbuf) 795 { 796 kfree(attrbuf); 797 } 798 799 struct genl_start_context { 800 const struct genl_family *family; 801 struct nlmsghdr *nlh; 802 struct netlink_ext_ack *extack; 803 const struct genl_split_ops *ops; 804 int hdrlen; 805 }; 806 807 static int genl_start(struct netlink_callback *cb) 808 { 809 struct genl_start_context *ctx = cb->data; 810 const struct genl_split_ops *ops; 811 struct genl_dumpit_info *info; 812 struct nlattr **attrs = NULL; 813 int rc = 0; 814 815 ops = ctx->ops; 816 if (!(ops->validate & GENL_DONT_VALIDATE_DUMP) && 817 ctx->nlh->nlmsg_len < nlmsg_msg_size(ctx->hdrlen)) 818 return -EINVAL; 819 820 attrs = genl_family_rcv_msg_attrs_parse(ctx->family, ctx->nlh, ctx->extack, 821 ops, ctx->hdrlen, 822 GENL_DONT_VALIDATE_DUMP_STRICT); 823 if (IS_ERR(attrs)) 824 return PTR_ERR(attrs); 825 826 info = genl_dumpit_info_alloc(); 827 if (!info) { 828 genl_family_rcv_msg_attrs_free(attrs); 829 return -ENOMEM; 830 } 831 info->family = ctx->family; 832 info->op = *ops; 833 info->attrs = attrs; 834 835 cb->data = info; 836 if (ops->start) { 837 if (!ctx->family->parallel_ops) 838 genl_lock(); 839 rc = ops->start(cb); 840 if (!ctx->family->parallel_ops) 841 genl_unlock(); 842 } 843 844 if (rc) { 845 genl_family_rcv_msg_attrs_free(info->attrs); 846 genl_dumpit_info_free(info); 847 cb->data = NULL; 848 } 849 return rc; 850 } 851 852 static int genl_lock_dumpit(struct sk_buff *skb, struct netlink_callback *cb) 853 { 854 const struct genl_split_ops *ops = &genl_dumpit_info(cb)->op; 855 int rc; 856 857 genl_lock(); 858 rc = ops->dumpit(skb, cb); 859 genl_unlock(); 860 return rc; 861 } 862 863 static int genl_lock_done(struct netlink_callback *cb) 864 { 865 const struct genl_dumpit_info *info = genl_dumpit_info(cb); 866 const struct genl_split_ops *ops = &info->op; 867 int rc = 0; 868 869 if (ops->done) { 870 genl_lock(); 871 rc = ops->done(cb); 872 genl_unlock(); 873 } 874 genl_family_rcv_msg_attrs_free(info->attrs); 875 genl_dumpit_info_free(info); 876 return rc; 877 } 878 879 static int genl_parallel_done(struct netlink_callback *cb) 880 { 881 const struct genl_dumpit_info *info = genl_dumpit_info(cb); 882 const struct genl_split_ops *ops = &info->op; 883 int rc = 0; 884 885 if (ops->done) 886 rc = ops->done(cb); 887 genl_family_rcv_msg_attrs_free(info->attrs); 888 genl_dumpit_info_free(info); 889 return rc; 890 } 891 892 static int genl_family_rcv_msg_dumpit(const struct genl_family *family, 893 struct sk_buff *skb, 894 struct nlmsghdr *nlh, 895 struct netlink_ext_ack *extack, 896 const struct genl_split_ops *ops, 897 int hdrlen, struct net *net) 898 { 899 struct genl_start_context ctx; 900 int err; 901 902 ctx.family = family; 903 ctx.nlh = nlh; 904 ctx.extack = extack; 905 ctx.ops = ops; 906 ctx.hdrlen = hdrlen; 907 908 if (!family->parallel_ops) { 909 struct netlink_dump_control c = { 910 .module = family->module, 911 .data = &ctx, 912 .start = genl_start, 913 .dump = genl_lock_dumpit, 914 .done = genl_lock_done, 915 }; 916 917 genl_unlock(); 918 err = __netlink_dump_start(net->genl_sock, skb, nlh, &c); 919 genl_lock(); 920 } else { 921 struct netlink_dump_control c = { 922 .module = family->module, 923 .data = &ctx, 924 .start = genl_start, 925 .dump = ops->dumpit, 926 .done = genl_parallel_done, 927 }; 928 929 err = __netlink_dump_start(net->genl_sock, skb, nlh, &c); 930 } 931 932 return err; 933 } 934 935 static int genl_family_rcv_msg_doit(const struct genl_family *family, 936 struct sk_buff *skb, 937 struct nlmsghdr *nlh, 938 struct netlink_ext_ack *extack, 939 const struct genl_split_ops *ops, 940 int hdrlen, struct net *net) 941 { 942 struct nlattr **attrbuf; 943 struct genl_info info; 944 int err; 945 946 attrbuf = genl_family_rcv_msg_attrs_parse(family, nlh, extack, 947 ops, hdrlen, 948 GENL_DONT_VALIDATE_STRICT); 949 if (IS_ERR(attrbuf)) 950 return PTR_ERR(attrbuf); 951 952 info.snd_seq = nlh->nlmsg_seq; 953 info.snd_portid = NETLINK_CB(skb).portid; 954 info.nlhdr = nlh; 955 info.genlhdr = nlmsg_data(nlh); 956 info.userhdr = nlmsg_data(nlh) + GENL_HDRLEN; 957 info.attrs = attrbuf; 958 info.extack = extack; 959 genl_info_net_set(&info, net); 960 memset(&info.user_ptr, 0, sizeof(info.user_ptr)); 961 962 if (ops->pre_doit) { 963 err = ops->pre_doit(ops, skb, &info); 964 if (err) 965 goto out; 966 } 967 968 err = ops->doit(skb, &info); 969 970 if (ops->post_doit) 971 ops->post_doit(ops, skb, &info); 972 973 out: 974 genl_family_rcv_msg_attrs_free(attrbuf); 975 976 return err; 977 } 978 979 static int genl_header_check(const struct genl_family *family, 980 struct nlmsghdr *nlh, struct genlmsghdr *hdr, 981 struct netlink_ext_ack *extack) 982 { 983 u16 flags; 984 985 /* Only for commands added after we started validating */ 986 if (hdr->cmd < family->resv_start_op) 987 return 0; 988 989 if (hdr->reserved) { 990 NL_SET_ERR_MSG(extack, "genlmsghdr.reserved field is not 0"); 991 return -EINVAL; 992 } 993 994 /* Old netlink flags have pretty loose semantics, allow only the flags 995 * consumed by the core where we can enforce the meaning. 996 */ 997 flags = nlh->nlmsg_flags; 998 if ((flags & NLM_F_DUMP) == NLM_F_DUMP) /* DUMP is 2 bits */ 999 flags &= ~NLM_F_DUMP; 1000 if (flags & ~(NLM_F_REQUEST | NLM_F_ACK | NLM_F_ECHO)) { 1001 NL_SET_ERR_MSG(extack, 1002 "ambiguous or reserved bits set in nlmsg_flags"); 1003 return -EINVAL; 1004 } 1005 1006 return 0; 1007 } 1008 1009 static int genl_family_rcv_msg(const struct genl_family *family, 1010 struct sk_buff *skb, 1011 struct nlmsghdr *nlh, 1012 struct netlink_ext_ack *extack) 1013 { 1014 struct net *net = sock_net(skb->sk); 1015 struct genlmsghdr *hdr = nlmsg_data(nlh); 1016 struct genl_split_ops op; 1017 int hdrlen; 1018 u8 flags; 1019 1020 /* this family doesn't exist in this netns */ 1021 if (!family->netnsok && !net_eq(net, &init_net)) 1022 return -ENOENT; 1023 1024 hdrlen = GENL_HDRLEN + family->hdrsize; 1025 if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen)) 1026 return -EINVAL; 1027 1028 if (genl_header_check(family, nlh, hdr, extack)) 1029 return -EINVAL; 1030 1031 flags = (nlh->nlmsg_flags & NLM_F_DUMP) == NLM_F_DUMP ? 1032 GENL_CMD_CAP_DUMP : GENL_CMD_CAP_DO; 1033 if (genl_get_cmd(hdr->cmd, flags, family, &op)) 1034 return -EOPNOTSUPP; 1035 1036 if ((op.flags & GENL_ADMIN_PERM) && 1037 !netlink_capable(skb, CAP_NET_ADMIN)) 1038 return -EPERM; 1039 1040 if ((op.flags & GENL_UNS_ADMIN_PERM) && 1041 !netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN)) 1042 return -EPERM; 1043 1044 if (flags & GENL_CMD_CAP_DUMP) 1045 return genl_family_rcv_msg_dumpit(family, skb, nlh, extack, 1046 &op, hdrlen, net); 1047 else 1048 return genl_family_rcv_msg_doit(family, skb, nlh, extack, 1049 &op, hdrlen, net); 1050 } 1051 1052 static int genl_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh, 1053 struct netlink_ext_ack *extack) 1054 { 1055 const struct genl_family *family; 1056 int err; 1057 1058 family = genl_family_find_byid(nlh->nlmsg_type); 1059 if (family == NULL) 1060 return -ENOENT; 1061 1062 if (!family->parallel_ops) 1063 genl_lock(); 1064 1065 err = genl_family_rcv_msg(family, skb, nlh, extack); 1066 1067 if (!family->parallel_ops) 1068 genl_unlock(); 1069 1070 return err; 1071 } 1072 1073 static void genl_rcv(struct sk_buff *skb) 1074 { 1075 down_read(&cb_lock); 1076 netlink_rcv_skb(skb, &genl_rcv_msg); 1077 up_read(&cb_lock); 1078 } 1079 1080 /************************************************************************** 1081 * Controller 1082 **************************************************************************/ 1083 1084 static struct genl_family genl_ctrl; 1085 1086 static int ctrl_fill_info(const struct genl_family *family, u32 portid, u32 seq, 1087 u32 flags, struct sk_buff *skb, u8 cmd) 1088 { 1089 struct genl_op_iter i; 1090 void *hdr; 1091 1092 hdr = genlmsg_put(skb, portid, seq, &genl_ctrl, flags, cmd); 1093 if (hdr == NULL) 1094 return -1; 1095 1096 if (nla_put_string(skb, CTRL_ATTR_FAMILY_NAME, family->name) || 1097 nla_put_u16(skb, CTRL_ATTR_FAMILY_ID, family->id) || 1098 nla_put_u32(skb, CTRL_ATTR_VERSION, family->version) || 1099 nla_put_u32(skb, CTRL_ATTR_HDRSIZE, family->hdrsize) || 1100 nla_put_u32(skb, CTRL_ATTR_MAXATTR, family->maxattr)) 1101 goto nla_put_failure; 1102 1103 if (genl_op_iter_init(family, &i)) { 1104 struct nlattr *nla_ops; 1105 1106 nla_ops = nla_nest_start_noflag(skb, CTRL_ATTR_OPS); 1107 if (nla_ops == NULL) 1108 goto nla_put_failure; 1109 1110 while (genl_op_iter_next(&i)) { 1111 struct nlattr *nest; 1112 u32 op_flags; 1113 1114 op_flags = i.flags; 1115 if (i.doit.policy || i.dumpit.policy) 1116 op_flags |= GENL_CMD_CAP_HASPOL; 1117 1118 nest = nla_nest_start_noflag(skb, genl_op_iter_idx(&i)); 1119 if (nest == NULL) 1120 goto nla_put_failure; 1121 1122 if (nla_put_u32(skb, CTRL_ATTR_OP_ID, i.cmd) || 1123 nla_put_u32(skb, CTRL_ATTR_OP_FLAGS, op_flags)) 1124 goto nla_put_failure; 1125 1126 nla_nest_end(skb, nest); 1127 } 1128 1129 nla_nest_end(skb, nla_ops); 1130 } 1131 1132 if (family->n_mcgrps) { 1133 struct nlattr *nla_grps; 1134 int i; 1135 1136 nla_grps = nla_nest_start_noflag(skb, CTRL_ATTR_MCAST_GROUPS); 1137 if (nla_grps == NULL) 1138 goto nla_put_failure; 1139 1140 for (i = 0; i < family->n_mcgrps; i++) { 1141 struct nlattr *nest; 1142 const struct genl_multicast_group *grp; 1143 1144 grp = &family->mcgrps[i]; 1145 1146 nest = nla_nest_start_noflag(skb, i + 1); 1147 if (nest == NULL) 1148 goto nla_put_failure; 1149 1150 if (nla_put_u32(skb, CTRL_ATTR_MCAST_GRP_ID, 1151 family->mcgrp_offset + i) || 1152 nla_put_string(skb, CTRL_ATTR_MCAST_GRP_NAME, 1153 grp->name)) 1154 goto nla_put_failure; 1155 1156 nla_nest_end(skb, nest); 1157 } 1158 nla_nest_end(skb, nla_grps); 1159 } 1160 1161 genlmsg_end(skb, hdr); 1162 return 0; 1163 1164 nla_put_failure: 1165 genlmsg_cancel(skb, hdr); 1166 return -EMSGSIZE; 1167 } 1168 1169 static int ctrl_fill_mcgrp_info(const struct genl_family *family, 1170 const struct genl_multicast_group *grp, 1171 int grp_id, u32 portid, u32 seq, u32 flags, 1172 struct sk_buff *skb, u8 cmd) 1173 { 1174 void *hdr; 1175 struct nlattr *nla_grps; 1176 struct nlattr *nest; 1177 1178 hdr = genlmsg_put(skb, portid, seq, &genl_ctrl, flags, cmd); 1179 if (hdr == NULL) 1180 return -1; 1181 1182 if (nla_put_string(skb, CTRL_ATTR_FAMILY_NAME, family->name) || 1183 nla_put_u16(skb, CTRL_ATTR_FAMILY_ID, family->id)) 1184 goto nla_put_failure; 1185 1186 nla_grps = nla_nest_start_noflag(skb, CTRL_ATTR_MCAST_GROUPS); 1187 if (nla_grps == NULL) 1188 goto nla_put_failure; 1189 1190 nest = nla_nest_start_noflag(skb, 1); 1191 if (nest == NULL) 1192 goto nla_put_failure; 1193 1194 if (nla_put_u32(skb, CTRL_ATTR_MCAST_GRP_ID, grp_id) || 1195 nla_put_string(skb, CTRL_ATTR_MCAST_GRP_NAME, 1196 grp->name)) 1197 goto nla_put_failure; 1198 1199 nla_nest_end(skb, nest); 1200 nla_nest_end(skb, nla_grps); 1201 1202 genlmsg_end(skb, hdr); 1203 return 0; 1204 1205 nla_put_failure: 1206 genlmsg_cancel(skb, hdr); 1207 return -EMSGSIZE; 1208 } 1209 1210 static int ctrl_dumpfamily(struct sk_buff *skb, struct netlink_callback *cb) 1211 { 1212 int n = 0; 1213 struct genl_family *rt; 1214 struct net *net = sock_net(skb->sk); 1215 int fams_to_skip = cb->args[0]; 1216 unsigned int id; 1217 1218 idr_for_each_entry(&genl_fam_idr, rt, id) { 1219 if (!rt->netnsok && !net_eq(net, &init_net)) 1220 continue; 1221 1222 if (n++ < fams_to_skip) 1223 continue; 1224 1225 if (ctrl_fill_info(rt, NETLINK_CB(cb->skb).portid, 1226 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1227 skb, CTRL_CMD_NEWFAMILY) < 0) { 1228 n--; 1229 break; 1230 } 1231 } 1232 1233 cb->args[0] = n; 1234 return skb->len; 1235 } 1236 1237 static struct sk_buff *ctrl_build_family_msg(const struct genl_family *family, 1238 u32 portid, int seq, u8 cmd) 1239 { 1240 struct sk_buff *skb; 1241 int err; 1242 1243 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1244 if (skb == NULL) 1245 return ERR_PTR(-ENOBUFS); 1246 1247 err = ctrl_fill_info(family, portid, seq, 0, skb, cmd); 1248 if (err < 0) { 1249 nlmsg_free(skb); 1250 return ERR_PTR(err); 1251 } 1252 1253 return skb; 1254 } 1255 1256 static struct sk_buff * 1257 ctrl_build_mcgrp_msg(const struct genl_family *family, 1258 const struct genl_multicast_group *grp, 1259 int grp_id, u32 portid, int seq, u8 cmd) 1260 { 1261 struct sk_buff *skb; 1262 int err; 1263 1264 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1265 if (skb == NULL) 1266 return ERR_PTR(-ENOBUFS); 1267 1268 err = ctrl_fill_mcgrp_info(family, grp, grp_id, portid, 1269 seq, 0, skb, cmd); 1270 if (err < 0) { 1271 nlmsg_free(skb); 1272 return ERR_PTR(err); 1273 } 1274 1275 return skb; 1276 } 1277 1278 static const struct nla_policy ctrl_policy_family[] = { 1279 [CTRL_ATTR_FAMILY_ID] = { .type = NLA_U16 }, 1280 [CTRL_ATTR_FAMILY_NAME] = { .type = NLA_NUL_STRING, 1281 .len = GENL_NAMSIZ - 1 }, 1282 }; 1283 1284 static int ctrl_getfamily(struct sk_buff *skb, struct genl_info *info) 1285 { 1286 struct sk_buff *msg; 1287 const struct genl_family *res = NULL; 1288 int err = -EINVAL; 1289 1290 if (info->attrs[CTRL_ATTR_FAMILY_ID]) { 1291 u16 id = nla_get_u16(info->attrs[CTRL_ATTR_FAMILY_ID]); 1292 res = genl_family_find_byid(id); 1293 err = -ENOENT; 1294 } 1295 1296 if (info->attrs[CTRL_ATTR_FAMILY_NAME]) { 1297 char *name; 1298 1299 name = nla_data(info->attrs[CTRL_ATTR_FAMILY_NAME]); 1300 res = genl_family_find_byname(name); 1301 #ifdef CONFIG_MODULES 1302 if (res == NULL) { 1303 genl_unlock(); 1304 up_read(&cb_lock); 1305 request_module("net-pf-%d-proto-%d-family-%s", 1306 PF_NETLINK, NETLINK_GENERIC, name); 1307 down_read(&cb_lock); 1308 genl_lock(); 1309 res = genl_family_find_byname(name); 1310 } 1311 #endif 1312 err = -ENOENT; 1313 } 1314 1315 if (res == NULL) 1316 return err; 1317 1318 if (!res->netnsok && !net_eq(genl_info_net(info), &init_net)) { 1319 /* family doesn't exist here */ 1320 return -ENOENT; 1321 } 1322 1323 msg = ctrl_build_family_msg(res, info->snd_portid, info->snd_seq, 1324 CTRL_CMD_NEWFAMILY); 1325 if (IS_ERR(msg)) 1326 return PTR_ERR(msg); 1327 1328 return genlmsg_reply(msg, info); 1329 } 1330 1331 static int genl_ctrl_event(int event, const struct genl_family *family, 1332 const struct genl_multicast_group *grp, 1333 int grp_id) 1334 { 1335 struct sk_buff *msg; 1336 1337 /* genl is still initialising */ 1338 if (!init_net.genl_sock) 1339 return 0; 1340 1341 switch (event) { 1342 case CTRL_CMD_NEWFAMILY: 1343 case CTRL_CMD_DELFAMILY: 1344 WARN_ON(grp); 1345 msg = ctrl_build_family_msg(family, 0, 0, event); 1346 break; 1347 case CTRL_CMD_NEWMCAST_GRP: 1348 case CTRL_CMD_DELMCAST_GRP: 1349 BUG_ON(!grp); 1350 msg = ctrl_build_mcgrp_msg(family, grp, grp_id, 0, 0, event); 1351 break; 1352 default: 1353 return -EINVAL; 1354 } 1355 1356 if (IS_ERR(msg)) 1357 return PTR_ERR(msg); 1358 1359 if (!family->netnsok) { 1360 genlmsg_multicast_netns(&genl_ctrl, &init_net, msg, 0, 1361 0, GFP_KERNEL); 1362 } else { 1363 rcu_read_lock(); 1364 genlmsg_multicast_allns(&genl_ctrl, msg, 0, 1365 0, GFP_ATOMIC); 1366 rcu_read_unlock(); 1367 } 1368 1369 return 0; 1370 } 1371 1372 struct ctrl_dump_policy_ctx { 1373 struct netlink_policy_dump_state *state; 1374 const struct genl_family *rt; 1375 struct genl_op_iter *op_iter; 1376 u32 op; 1377 u16 fam_id; 1378 u8 dump_map:1, 1379 single_op:1; 1380 }; 1381 1382 static const struct nla_policy ctrl_policy_policy[] = { 1383 [CTRL_ATTR_FAMILY_ID] = { .type = NLA_U16 }, 1384 [CTRL_ATTR_FAMILY_NAME] = { .type = NLA_NUL_STRING, 1385 .len = GENL_NAMSIZ - 1 }, 1386 [CTRL_ATTR_OP] = { .type = NLA_U32 }, 1387 }; 1388 1389 static int ctrl_dumppolicy_start(struct netlink_callback *cb) 1390 { 1391 const struct genl_dumpit_info *info = genl_dumpit_info(cb); 1392 struct ctrl_dump_policy_ctx *ctx = (void *)cb->ctx; 1393 struct nlattr **tb = info->attrs; 1394 const struct genl_family *rt; 1395 struct genl_op_iter i; 1396 int err; 1397 1398 BUILD_BUG_ON(sizeof(*ctx) > sizeof(cb->ctx)); 1399 1400 if (!tb[CTRL_ATTR_FAMILY_ID] && !tb[CTRL_ATTR_FAMILY_NAME]) 1401 return -EINVAL; 1402 1403 if (tb[CTRL_ATTR_FAMILY_ID]) { 1404 ctx->fam_id = nla_get_u16(tb[CTRL_ATTR_FAMILY_ID]); 1405 } else { 1406 rt = genl_family_find_byname( 1407 nla_data(tb[CTRL_ATTR_FAMILY_NAME])); 1408 if (!rt) 1409 return -ENOENT; 1410 ctx->fam_id = rt->id; 1411 } 1412 1413 rt = genl_family_find_byid(ctx->fam_id); 1414 if (!rt) 1415 return -ENOENT; 1416 1417 ctx->rt = rt; 1418 1419 if (tb[CTRL_ATTR_OP]) { 1420 struct genl_split_ops doit, dump; 1421 1422 ctx->single_op = true; 1423 ctx->op = nla_get_u32(tb[CTRL_ATTR_OP]); 1424 1425 err = genl_get_cmd_both(ctx->op, rt, &doit, &dump); 1426 if (err) { 1427 NL_SET_BAD_ATTR(cb->extack, tb[CTRL_ATTR_OP]); 1428 return err; 1429 } 1430 1431 if (doit.policy) { 1432 err = netlink_policy_dump_add_policy(&ctx->state, 1433 doit.policy, 1434 doit.maxattr); 1435 if (err) 1436 goto err_free_state; 1437 } 1438 if (dump.policy) { 1439 err = netlink_policy_dump_add_policy(&ctx->state, 1440 dump.policy, 1441 dump.maxattr); 1442 if (err) 1443 goto err_free_state; 1444 } 1445 1446 if (!ctx->state) 1447 return -ENODATA; 1448 1449 ctx->dump_map = 1; 1450 return 0; 1451 } 1452 1453 ctx->op_iter = kmalloc(sizeof(*ctx->op_iter), GFP_KERNEL); 1454 if (!ctx->op_iter) 1455 return -ENOMEM; 1456 1457 genl_op_iter_init(rt, ctx->op_iter); 1458 ctx->dump_map = genl_op_iter_next(ctx->op_iter); 1459 1460 for (genl_op_iter_init(rt, &i); genl_op_iter_next(&i); ) { 1461 if (i.doit.policy) { 1462 err = netlink_policy_dump_add_policy(&ctx->state, 1463 i.doit.policy, 1464 i.doit.maxattr); 1465 if (err) 1466 goto err_free_state; 1467 } 1468 if (i.dumpit.policy) { 1469 err = netlink_policy_dump_add_policy(&ctx->state, 1470 i.dumpit.policy, 1471 i.dumpit.maxattr); 1472 if (err) 1473 goto err_free_state; 1474 } 1475 } 1476 1477 if (!ctx->state) { 1478 err = -ENODATA; 1479 goto err_free_op_iter; 1480 } 1481 return 0; 1482 1483 err_free_state: 1484 netlink_policy_dump_free(ctx->state); 1485 err_free_op_iter: 1486 kfree(ctx->op_iter); 1487 return err; 1488 } 1489 1490 static void *ctrl_dumppolicy_prep(struct sk_buff *skb, 1491 struct netlink_callback *cb) 1492 { 1493 struct ctrl_dump_policy_ctx *ctx = (void *)cb->ctx; 1494 void *hdr; 1495 1496 hdr = genlmsg_put(skb, NETLINK_CB(cb->skb).portid, 1497 cb->nlh->nlmsg_seq, &genl_ctrl, 1498 NLM_F_MULTI, CTRL_CMD_GETPOLICY); 1499 if (!hdr) 1500 return NULL; 1501 1502 if (nla_put_u16(skb, CTRL_ATTR_FAMILY_ID, ctx->fam_id)) 1503 return NULL; 1504 1505 return hdr; 1506 } 1507 1508 static int ctrl_dumppolicy_put_op(struct sk_buff *skb, 1509 struct netlink_callback *cb, 1510 struct genl_split_ops *doit, 1511 struct genl_split_ops *dumpit) 1512 { 1513 struct ctrl_dump_policy_ctx *ctx = (void *)cb->ctx; 1514 struct nlattr *nest_pol, *nest_op; 1515 void *hdr; 1516 int idx; 1517 1518 /* skip if we have nothing to show */ 1519 if (!doit->policy && !dumpit->policy) 1520 return 0; 1521 1522 hdr = ctrl_dumppolicy_prep(skb, cb); 1523 if (!hdr) 1524 return -ENOBUFS; 1525 1526 nest_pol = nla_nest_start(skb, CTRL_ATTR_OP_POLICY); 1527 if (!nest_pol) 1528 goto err; 1529 1530 nest_op = nla_nest_start(skb, doit->cmd); 1531 if (!nest_op) 1532 goto err; 1533 1534 if (doit->policy) { 1535 idx = netlink_policy_dump_get_policy_idx(ctx->state, 1536 doit->policy, 1537 doit->maxattr); 1538 1539 if (nla_put_u32(skb, CTRL_ATTR_POLICY_DO, idx)) 1540 goto err; 1541 } 1542 if (dumpit->policy) { 1543 idx = netlink_policy_dump_get_policy_idx(ctx->state, 1544 dumpit->policy, 1545 dumpit->maxattr); 1546 1547 if (nla_put_u32(skb, CTRL_ATTR_POLICY_DUMP, idx)) 1548 goto err; 1549 } 1550 1551 nla_nest_end(skb, nest_op); 1552 nla_nest_end(skb, nest_pol); 1553 genlmsg_end(skb, hdr); 1554 1555 return 0; 1556 err: 1557 genlmsg_cancel(skb, hdr); 1558 return -ENOBUFS; 1559 } 1560 1561 static int ctrl_dumppolicy(struct sk_buff *skb, struct netlink_callback *cb) 1562 { 1563 struct ctrl_dump_policy_ctx *ctx = (void *)cb->ctx; 1564 void *hdr; 1565 1566 if (ctx->dump_map) { 1567 if (ctx->single_op) { 1568 struct genl_split_ops doit, dumpit; 1569 1570 if (WARN_ON(genl_get_cmd_both(ctx->op, ctx->rt, 1571 &doit, &dumpit))) 1572 return -ENOENT; 1573 1574 if (ctrl_dumppolicy_put_op(skb, cb, &doit, &dumpit)) 1575 return skb->len; 1576 1577 /* done with the per-op policy index list */ 1578 ctx->dump_map = 0; 1579 } 1580 1581 while (ctx->dump_map) { 1582 if (ctrl_dumppolicy_put_op(skb, cb, 1583 &ctx->op_iter->doit, 1584 &ctx->op_iter->dumpit)) 1585 return skb->len; 1586 1587 ctx->dump_map = genl_op_iter_next(ctx->op_iter); 1588 } 1589 } 1590 1591 while (netlink_policy_dump_loop(ctx->state)) { 1592 struct nlattr *nest; 1593 1594 hdr = ctrl_dumppolicy_prep(skb, cb); 1595 if (!hdr) 1596 goto nla_put_failure; 1597 1598 nest = nla_nest_start(skb, CTRL_ATTR_POLICY); 1599 if (!nest) 1600 goto nla_put_failure; 1601 1602 if (netlink_policy_dump_write(skb, ctx->state)) 1603 goto nla_put_failure; 1604 1605 nla_nest_end(skb, nest); 1606 1607 genlmsg_end(skb, hdr); 1608 } 1609 1610 return skb->len; 1611 1612 nla_put_failure: 1613 genlmsg_cancel(skb, hdr); 1614 return skb->len; 1615 } 1616 1617 static int ctrl_dumppolicy_done(struct netlink_callback *cb) 1618 { 1619 struct ctrl_dump_policy_ctx *ctx = (void *)cb->ctx; 1620 1621 kfree(ctx->op_iter); 1622 netlink_policy_dump_free(ctx->state); 1623 return 0; 1624 } 1625 1626 static const struct genl_split_ops genl_ctrl_ops[] = { 1627 { 1628 .cmd = CTRL_CMD_GETFAMILY, 1629 .validate = GENL_DONT_VALIDATE_STRICT, 1630 .policy = ctrl_policy_family, 1631 .maxattr = ARRAY_SIZE(ctrl_policy_family) - 1, 1632 .doit = ctrl_getfamily, 1633 .flags = GENL_CMD_CAP_DO, 1634 }, 1635 { 1636 .cmd = CTRL_CMD_GETFAMILY, 1637 .validate = GENL_DONT_VALIDATE_DUMP, 1638 .policy = ctrl_policy_family, 1639 .maxattr = ARRAY_SIZE(ctrl_policy_family) - 1, 1640 .dumpit = ctrl_dumpfamily, 1641 .flags = GENL_CMD_CAP_DUMP, 1642 }, 1643 { 1644 .cmd = CTRL_CMD_GETPOLICY, 1645 .policy = ctrl_policy_policy, 1646 .maxattr = ARRAY_SIZE(ctrl_policy_policy) - 1, 1647 .start = ctrl_dumppolicy_start, 1648 .dumpit = ctrl_dumppolicy, 1649 .done = ctrl_dumppolicy_done, 1650 .flags = GENL_CMD_CAP_DUMP, 1651 }, 1652 }; 1653 1654 static const struct genl_multicast_group genl_ctrl_groups[] = { 1655 { .name = "notify", }, 1656 }; 1657 1658 static struct genl_family genl_ctrl __ro_after_init = { 1659 .module = THIS_MODULE, 1660 .split_ops = genl_ctrl_ops, 1661 .n_split_ops = ARRAY_SIZE(genl_ctrl_ops), 1662 .resv_start_op = CTRL_CMD_GETPOLICY + 1, 1663 .mcgrps = genl_ctrl_groups, 1664 .n_mcgrps = ARRAY_SIZE(genl_ctrl_groups), 1665 .id = GENL_ID_CTRL, 1666 .name = "nlctrl", 1667 .version = 0x2, 1668 .netnsok = true, 1669 }; 1670 1671 static int genl_bind(struct net *net, int group) 1672 { 1673 const struct genl_family *family; 1674 unsigned int id; 1675 int ret = 0; 1676 1677 down_read(&cb_lock); 1678 1679 idr_for_each_entry(&genl_fam_idr, family, id) { 1680 const struct genl_multicast_group *grp; 1681 int i; 1682 1683 if (family->n_mcgrps == 0) 1684 continue; 1685 1686 i = group - family->mcgrp_offset; 1687 if (i < 0 || i >= family->n_mcgrps) 1688 continue; 1689 1690 grp = &family->mcgrps[i]; 1691 if ((grp->flags & GENL_UNS_ADMIN_PERM) && 1692 !ns_capable(net->user_ns, CAP_NET_ADMIN)) 1693 ret = -EPERM; 1694 1695 break; 1696 } 1697 1698 up_read(&cb_lock); 1699 return ret; 1700 } 1701 1702 static int __net_init genl_pernet_init(struct net *net) 1703 { 1704 struct netlink_kernel_cfg cfg = { 1705 .input = genl_rcv, 1706 .flags = NL_CFG_F_NONROOT_RECV, 1707 .bind = genl_bind, 1708 }; 1709 1710 /* we'll bump the group number right afterwards */ 1711 net->genl_sock = netlink_kernel_create(net, NETLINK_GENERIC, &cfg); 1712 1713 if (!net->genl_sock && net_eq(net, &init_net)) 1714 panic("GENL: Cannot initialize generic netlink\n"); 1715 1716 if (!net->genl_sock) 1717 return -ENOMEM; 1718 1719 return 0; 1720 } 1721 1722 static void __net_exit genl_pernet_exit(struct net *net) 1723 { 1724 netlink_kernel_release(net->genl_sock); 1725 net->genl_sock = NULL; 1726 } 1727 1728 static struct pernet_operations genl_pernet_ops = { 1729 .init = genl_pernet_init, 1730 .exit = genl_pernet_exit, 1731 }; 1732 1733 static int __init genl_init(void) 1734 { 1735 int err; 1736 1737 err = genl_register_family(&genl_ctrl); 1738 if (err < 0) 1739 goto problem; 1740 1741 err = register_pernet_subsys(&genl_pernet_ops); 1742 if (err) 1743 goto problem; 1744 1745 return 0; 1746 1747 problem: 1748 panic("GENL: Cannot register controller: %d\n", err); 1749 } 1750 1751 core_initcall(genl_init); 1752 1753 static int genlmsg_mcast(struct sk_buff *skb, u32 portid, unsigned long group, 1754 gfp_t flags) 1755 { 1756 struct sk_buff *tmp; 1757 struct net *net, *prev = NULL; 1758 bool delivered = false; 1759 int err; 1760 1761 for_each_net_rcu(net) { 1762 if (prev) { 1763 tmp = skb_clone(skb, flags); 1764 if (!tmp) { 1765 err = -ENOMEM; 1766 goto error; 1767 } 1768 err = nlmsg_multicast(prev->genl_sock, tmp, 1769 portid, group, flags); 1770 if (!err) 1771 delivered = true; 1772 else if (err != -ESRCH) 1773 goto error; 1774 } 1775 1776 prev = net; 1777 } 1778 1779 err = nlmsg_multicast(prev->genl_sock, skb, portid, group, flags); 1780 if (!err) 1781 delivered = true; 1782 else if (err != -ESRCH) 1783 return err; 1784 return delivered ? 0 : -ESRCH; 1785 error: 1786 kfree_skb(skb); 1787 return err; 1788 } 1789 1790 int genlmsg_multicast_allns(const struct genl_family *family, 1791 struct sk_buff *skb, u32 portid, 1792 unsigned int group, gfp_t flags) 1793 { 1794 if (WARN_ON_ONCE(group >= family->n_mcgrps)) 1795 return -EINVAL; 1796 1797 group = family->mcgrp_offset + group; 1798 return genlmsg_mcast(skb, portid, group, flags); 1799 } 1800 EXPORT_SYMBOL(genlmsg_multicast_allns); 1801 1802 void genl_notify(const struct genl_family *family, struct sk_buff *skb, 1803 struct genl_info *info, u32 group, gfp_t flags) 1804 { 1805 struct net *net = genl_info_net(info); 1806 struct sock *sk = net->genl_sock; 1807 1808 if (WARN_ON_ONCE(group >= family->n_mcgrps)) 1809 return; 1810 1811 group = family->mcgrp_offset + group; 1812 nlmsg_notify(sk, skb, info->snd_portid, group, 1813 nlmsg_report(info->nlhdr), flags); 1814 } 1815 EXPORT_SYMBOL(genl_notify); 1816