xref: /openbmc/linux/net/netlink/policy.c (revision d2681e93) 
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * NETLINK      Policy advertisement to userspace
4  *
5  * 		Authors:	Johannes Berg <johannes@sipsolutions.net>
6  *
7  * Copyright 2019 Intel Corporation
8  */
9 
10 #include <linux/kernel.h>
11 #include <linux/errno.h>
12 #include <linux/types.h>
13 #include <net/netlink.h>
14 
15 #define INITIAL_POLICIES_ALLOC	10
16 
17 struct netlink_policy_dump_state {
18 	unsigned int policy_idx;
19 	unsigned int attr_idx;
20 	unsigned int n_alloc;
21 	struct {
22 		const struct nla_policy *policy;
23 		unsigned int maxtype;
24 	} policies[];
25 };
26 
27 static int add_policy(struct netlink_policy_dump_state **statep,
28 		      const struct nla_policy *policy,
29 		      unsigned int maxtype)
30 {
31 	struct netlink_policy_dump_state *state = *statep;
32 	unsigned int n_alloc, i;
33 
34 	if (!policy || !maxtype)
35 		return 0;
36 
37 	for (i = 0; i < state->n_alloc; i++) {
38 		if (state->policies[i].policy == policy &&
39 		    state->policies[i].maxtype == maxtype)
40 			return 0;
41 
42 		if (!state->policies[i].policy) {
43 			state->policies[i].policy = policy;
44 			state->policies[i].maxtype = maxtype;
45 			return 0;
46 		}
47 	}
48 
49 	n_alloc = state->n_alloc + INITIAL_POLICIES_ALLOC;
50 	state = krealloc(state, struct_size(state, policies, n_alloc),
51 			 GFP_KERNEL);
52 	if (!state)
53 		return -ENOMEM;
54 
55 	memset(&state->policies[state->n_alloc], 0,
56 	       flex_array_size(state, policies, n_alloc - state->n_alloc));
57 
58 	state->policies[state->n_alloc].policy = policy;
59 	state->policies[state->n_alloc].maxtype = maxtype;
60 	state->n_alloc = n_alloc;
61 	*statep = state;
62 
63 	return 0;
64 }
65 
66 /**
67  * netlink_policy_dump_get_policy_idx - retrieve policy index
68  * @state: the policy dump state
69  * @policy: the policy to find
70  * @maxtype: the policy's maxattr
71  *
72  * Returns: the index of the given policy in the dump state
73  *
74  * Call this to find a policy index when you've added multiple and e.g.
75  * need to tell userspace which command has which policy (by index).
76  *
77  * Note: this will WARN and return 0 if the policy isn't found, which
78  *	 means it wasn't added in the first place, which would be an
79  *	 internal consistency bug.
80  */
81 int netlink_policy_dump_get_policy_idx(struct netlink_policy_dump_state *state,
82 				       const struct nla_policy *policy,
83 				       unsigned int maxtype)
84 {
85 	unsigned int i;
86 
87 	if (WARN_ON(!policy || !maxtype))
88                 return 0;
89 
90 	for (i = 0; i < state->n_alloc; i++) {
91 		if (state->policies[i].policy == policy &&
92 		    state->policies[i].maxtype == maxtype)
93 			return i;
94 	}
95 
96 	WARN_ON(1);
97 	return 0;
98 }
99 
100 static struct netlink_policy_dump_state *alloc_state(void)
101 {
102 	struct netlink_policy_dump_state *state;
103 
104 	state = kzalloc(struct_size(state, policies, INITIAL_POLICIES_ALLOC),
105 			GFP_KERNEL);
106 	if (!state)
107 		return ERR_PTR(-ENOMEM);
108 	state->n_alloc = INITIAL_POLICIES_ALLOC;
109 
110 	return state;
111 }
112 
113 /**
114  * netlink_policy_dump_add_policy - add a policy to the dump
115  * @pstate: state to add to, may be reallocated, must be %NULL the first time
116  * @policy: the new policy to add to the dump
117  * @maxtype: the new policy's max attr type
118  *
119  * Returns: 0 on success, a negative error code otherwise.
120  *
121  * Call this to allocate a policy dump state, and to add policies to it. This
122  * should be called from the dump start() callback.
123  *
124  * Note: on failures, any previously allocated state is freed.
125  */
126 int netlink_policy_dump_add_policy(struct netlink_policy_dump_state **pstate,
127 				   const struct nla_policy *policy,
128 				   unsigned int maxtype)
129 {
130 	struct netlink_policy_dump_state *state = *pstate;
131 	unsigned int policy_idx;
132 	int err;
133 
134 	if (!state) {
135 		state = alloc_state();
136 		if (IS_ERR(state))
137 			return PTR_ERR(state);
138 	}
139 
140 	/*
141 	 * walk the policies and nested ones first, and build
142 	 * a linear list of them.
143 	 */
144 
145 	err = add_policy(&state, policy, maxtype);
146 	if (err)
147 		return err;
148 
149 	for (policy_idx = 0;
150 	     policy_idx < state->n_alloc && state->policies[policy_idx].policy;
151 	     policy_idx++) {
152 		const struct nla_policy *policy;
153 		unsigned int type;
154 
155 		policy = state->policies[policy_idx].policy;
156 
157 		for (type = 0;
158 		     type <= state->policies[policy_idx].maxtype;
159 		     type++) {
160 			switch (policy[type].type) {
161 			case NLA_NESTED:
162 			case NLA_NESTED_ARRAY:
163 				err = add_policy(&state,
164 						 policy[type].nested_policy,
165 						 policy[type].len);
166 				if (err)
167 					return err;
168 				break;
169 			default:
170 				break;
171 			}
172 		}
173 	}
174 
175 	*pstate = state;
176 	return 0;
177 }
178 
179 static bool
180 netlink_policy_dump_finished(struct netlink_policy_dump_state *state)
181 {
182 	return state->policy_idx >= state->n_alloc ||
183 	       !state->policies[state->policy_idx].policy;
184 }
185 
186 /**
187  * netlink_policy_dump_loop - dumping loop indicator
188  * @state: the policy dump state
189  *
190  * Returns: %true if the dump continues, %false otherwise
191  *
192  * Note: this frees the dump state when finishing
193  */
194 bool netlink_policy_dump_loop(struct netlink_policy_dump_state *state)
195 {
196 	return !netlink_policy_dump_finished(state);
197 }
198 
199 static int
200 __netlink_policy_dump_write_attr(struct netlink_policy_dump_state *state,
201 				 struct sk_buff *skb,
202 				 const struct nla_policy *pt,
203 				 int nestattr)
204 {
205 	enum netlink_attribute_type type;
206 	struct nlattr *attr;
207 
208 	attr = nla_nest_start(skb, nestattr);
209 	if (!attr)
210 		return -ENOBUFS;
211 
212 	switch (pt->type) {
213 	default:
214 	case NLA_UNSPEC:
215 	case NLA_REJECT:
216 		/* skip - use NLA_MIN_LEN to advertise such */
217 		nla_nest_cancel(skb, attr);
218 		return -ENODATA;
219 	case NLA_NESTED:
220 		type = NL_ATTR_TYPE_NESTED;
221 		fallthrough;
222 	case NLA_NESTED_ARRAY:
223 		if (pt->type == NLA_NESTED_ARRAY)
224 			type = NL_ATTR_TYPE_NESTED_ARRAY;
225 		if (state && pt->nested_policy && pt->len &&
226 		    (nla_put_u32(skb, NL_POLICY_TYPE_ATTR_POLICY_IDX,
227 				 netlink_policy_dump_get_policy_idx(state,
228 								    pt->nested_policy,
229 								    pt->len)) ||
230 		     nla_put_u32(skb, NL_POLICY_TYPE_ATTR_POLICY_MAXTYPE,
231 				 pt->len)))
232 			goto nla_put_failure;
233 		break;
234 	case NLA_U8:
235 	case NLA_U16:
236 	case NLA_U32:
237 	case NLA_U64:
238 	case NLA_MSECS: {
239 		struct netlink_range_validation range;
240 
241 		if (pt->type == NLA_U8)
242 			type = NL_ATTR_TYPE_U8;
243 		else if (pt->type == NLA_U16)
244 			type = NL_ATTR_TYPE_U16;
245 		else if (pt->type == NLA_U32)
246 			type = NL_ATTR_TYPE_U32;
247 		else
248 			type = NL_ATTR_TYPE_U64;
249 
250 		if (pt->validation_type == NLA_VALIDATE_MASK) {
251 			if (nla_put_u64_64bit(skb, NL_POLICY_TYPE_ATTR_MASK,
252 					      pt->mask,
253 					      NL_POLICY_TYPE_ATTR_PAD))
254 				goto nla_put_failure;
255 			break;
256 		}
257 
258 		nla_get_range_unsigned(pt, &range);
259 
260 		if (nla_put_u64_64bit(skb, NL_POLICY_TYPE_ATTR_MIN_VALUE_U,
261 				      range.min, NL_POLICY_TYPE_ATTR_PAD) ||
262 		    nla_put_u64_64bit(skb, NL_POLICY_TYPE_ATTR_MAX_VALUE_U,
263 				      range.max, NL_POLICY_TYPE_ATTR_PAD))
264 			goto nla_put_failure;
265 		break;
266 	}
267 	case NLA_S8:
268 	case NLA_S16:
269 	case NLA_S32:
270 	case NLA_S64: {
271 		struct netlink_range_validation_signed range;
272 
273 		if (pt->type == NLA_S8)
274 			type = NL_ATTR_TYPE_S8;
275 		else if (pt->type == NLA_S16)
276 			type = NL_ATTR_TYPE_S16;
277 		else if (pt->type == NLA_S32)
278 			type = NL_ATTR_TYPE_S32;
279 		else
280 			type = NL_ATTR_TYPE_S64;
281 
282 		nla_get_range_signed(pt, &range);
283 
284 		if (nla_put_s64(skb, NL_POLICY_TYPE_ATTR_MIN_VALUE_S,
285 				range.min, NL_POLICY_TYPE_ATTR_PAD) ||
286 		    nla_put_s64(skb, NL_POLICY_TYPE_ATTR_MAX_VALUE_S,
287 				range.max, NL_POLICY_TYPE_ATTR_PAD))
288 			goto nla_put_failure;
289 		break;
290 	}
291 	case NLA_BITFIELD32:
292 		type = NL_ATTR_TYPE_BITFIELD32;
293 		if (nla_put_u32(skb, NL_POLICY_TYPE_ATTR_BITFIELD32_MASK,
294 				pt->bitfield32_valid))
295 			goto nla_put_failure;
296 		break;
297 	case NLA_STRING:
298 	case NLA_NUL_STRING:
299 	case NLA_BINARY:
300 		if (pt->type == NLA_STRING)
301 			type = NL_ATTR_TYPE_STRING;
302 		else if (pt->type == NLA_NUL_STRING)
303 			type = NL_ATTR_TYPE_NUL_STRING;
304 		else
305 			type = NL_ATTR_TYPE_BINARY;
306 
307 		if (pt->validation_type == NLA_VALIDATE_RANGE ||
308 		    pt->validation_type == NLA_VALIDATE_RANGE_WARN_TOO_LONG) {
309 			struct netlink_range_validation range;
310 
311 			nla_get_range_unsigned(pt, &range);
312 
313 			if (range.min &&
314 			    nla_put_u32(skb, NL_POLICY_TYPE_ATTR_MIN_LENGTH,
315 					range.min))
316 				goto nla_put_failure;
317 
318 			if (range.max < U16_MAX &&
319 			    nla_put_u32(skb, NL_POLICY_TYPE_ATTR_MAX_LENGTH,
320 					range.max))
321 				goto nla_put_failure;
322 		} else if (pt->len &&
323 			   nla_put_u32(skb, NL_POLICY_TYPE_ATTR_MAX_LENGTH,
324 				       pt->len)) {
325 			goto nla_put_failure;
326 		}
327 		break;
328 	case NLA_FLAG:
329 		type = NL_ATTR_TYPE_FLAG;
330 		break;
331 	}
332 
333 	if (nla_put_u32(skb, NL_POLICY_TYPE_ATTR_TYPE, type))
334 		goto nla_put_failure;
335 
336 	nla_nest_end(skb, attr);
337 	return 0;
338 nla_put_failure:
339 	nla_nest_cancel(skb, attr);
340 	return -ENOBUFS;
341 }
342 
343 /**
344  * netlink_policy_dump_write - write current policy dump attributes
345  * @skb: the message skb to write to
346  * @state: the policy dump state
347  *
348  * Returns: 0 on success, an error code otherwise
349  */
350 int netlink_policy_dump_write(struct sk_buff *skb,
351 			      struct netlink_policy_dump_state *state)
352 {
353 	const struct nla_policy *pt;
354 	struct nlattr *policy;
355 	bool again;
356 	int err;
357 
358 send_attribute:
359 	again = false;
360 
361 	pt = &state->policies[state->policy_idx].policy[state->attr_idx];
362 
363 	policy = nla_nest_start(skb, state->policy_idx);
364 	if (!policy)
365 		return -ENOBUFS;
366 
367 	err = __netlink_policy_dump_write_attr(state, skb, pt, state->attr_idx);
368 	if (err == -ENODATA) {
369 		nla_nest_cancel(skb, policy);
370 		again = true;
371 		goto next;
372 	} else if (err) {
373 		goto nla_put_failure;
374 	}
375 
376 	/* finish and move state to next attribute */
377 	nla_nest_end(skb, policy);
378 
379 next:
380 	state->attr_idx += 1;
381 	if (state->attr_idx > state->policies[state->policy_idx].maxtype) {
382 		state->attr_idx = 0;
383 		state->policy_idx++;
384 	}
385 
386 	if (again) {
387 		if (netlink_policy_dump_finished(state))
388 			return -ENODATA;
389 		goto send_attribute;
390 	}
391 
392 	return 0;
393 
394 nla_put_failure:
395 	nla_nest_cancel(skb, policy);
396 	return -ENOBUFS;
397 }
398 
399 /**
400  * netlink_policy_dump_free - free policy dump state
401  * @state: the policy dump state to free
402  *
403  * Call this from the done() method to ensure dump state is freed.
404  */
405 void netlink_policy_dump_free(struct netlink_policy_dump_state *state)
406 {
407 	kfree(state);
408 }
409