1 /* SPDX-License-Identifier: LGPL-2.1-only */
2 /*
3 * Copyright (c) 2007, 2008 Patrick McHardy <kaber@trash.net>
4 */
5
6 #include "nl-default.h"
7
8 #include <linux/netfilter.h>
9
10 #include <netlink/netfilter/nfnl.h>
11 #include <netlink/netfilter/netfilter.h>
12 #include <netlink/netfilter/queue_msg.h>
13 #include <netlink/route/link.h>
14
15 #include "nl-netfilter.h"
16 #include "nl-priv-dynamic-core/nl-core.h"
17
18 /** @cond SKIP */
19 #define QUEUE_MSG_ATTR_GROUP (1UL << 0)
20 #define QUEUE_MSG_ATTR_FAMILY (1UL << 1)
21 #define QUEUE_MSG_ATTR_PACKETID (1UL << 2)
22 #define QUEUE_MSG_ATTR_HWPROTO (1UL << 3)
23 #define QUEUE_MSG_ATTR_HOOK (1UL << 4)
24 #define QUEUE_MSG_ATTR_MARK (1UL << 5)
25 #define QUEUE_MSG_ATTR_TIMESTAMP (1UL << 6)
26 #define QUEUE_MSG_ATTR_INDEV (1UL << 7)
27 #define QUEUE_MSG_ATTR_OUTDEV (1UL << 8)
28 #define QUEUE_MSG_ATTR_PHYSINDEV (1UL << 9)
29 #define QUEUE_MSG_ATTR_PHYSOUTDEV (1UL << 10)
30 #define QUEUE_MSG_ATTR_HWADDR (1UL << 11)
31 #define QUEUE_MSG_ATTR_PAYLOAD (1UL << 12)
32 #define QUEUE_MSG_ATTR_VERDICT (1UL << 13)
33 /** @endcond */
34
nfnl_queue_msg_free_data(struct nl_object * c)35 static void nfnl_queue_msg_free_data(struct nl_object *c)
36 {
37 struct nfnl_queue_msg *msg = (struct nfnl_queue_msg *) c;
38
39 if (msg == NULL)
40 return;
41
42 free(msg->queue_msg_payload);
43 }
44
nfnl_queue_msg_clone(struct nl_object * _dst,struct nl_object * _src)45 static int nfnl_queue_msg_clone(struct nl_object *_dst, struct nl_object *_src)
46 {
47 struct nfnl_queue_msg *dst = (struct nfnl_queue_msg *) _dst;
48 struct nfnl_queue_msg *src = (struct nfnl_queue_msg *) _src;
49 int err;
50
51 dst->queue_msg_payload = NULL;
52 dst->queue_msg_payload_len = 0;
53
54 if (src->queue_msg_payload) {
55 err = nfnl_queue_msg_set_payload(dst, src->queue_msg_payload,
56 src->queue_msg_payload_len);
57 if (err < 0)
58 return err;
59 }
60
61 return 0;
62 }
63
nfnl_queue_msg_dump(struct nl_object * a,struct nl_dump_params * p)64 static void nfnl_queue_msg_dump(struct nl_object *a, struct nl_dump_params *p)
65 {
66 struct nfnl_queue_msg *msg = (struct nfnl_queue_msg *) a;
67 struct nl_cache *link_cache;
68 char buf[64];
69
70 link_cache = nl_cache_mngt_require_safe("route/link");
71
72 nl_new_line(p);
73
74 if (msg->ce_mask & QUEUE_MSG_ATTR_GROUP)
75 nl_dump(p, "GROUP=%u ", msg->queue_msg_group);
76
77 if (msg->ce_mask & QUEUE_MSG_ATTR_INDEV) {
78 if (link_cache)
79 nl_dump(p, "IN=%s ",
80 rtnl_link_i2name(link_cache,
81 msg->queue_msg_indev,
82 buf, sizeof(buf)));
83 else
84 nl_dump(p, "IN=%d ", msg->queue_msg_indev);
85 }
86
87 if (msg->ce_mask & QUEUE_MSG_ATTR_PHYSINDEV) {
88 if (link_cache)
89 nl_dump(p, "PHYSIN=%s ",
90 rtnl_link_i2name(link_cache,
91 msg->queue_msg_physindev,
92 buf, sizeof(buf)));
93 else
94 nl_dump(p, "IN=%d ", msg->queue_msg_physindev);
95 }
96
97 if (msg->ce_mask & QUEUE_MSG_ATTR_OUTDEV) {
98 if (link_cache)
99 nl_dump(p, "OUT=%s ",
100 rtnl_link_i2name(link_cache,
101 msg->queue_msg_outdev,
102 buf, sizeof(buf)));
103 else
104 nl_dump(p, "OUT=%d ", msg->queue_msg_outdev);
105 }
106
107 if (msg->ce_mask & QUEUE_MSG_ATTR_PHYSOUTDEV) {
108 if (link_cache)
109 nl_dump(p, "PHYSOUT=%s ",
110 rtnl_link_i2name(link_cache,
111 msg->queue_msg_physoutdev,
112 buf, sizeof(buf)));
113 else
114 nl_dump(p, "PHYSOUT=%d ", msg->queue_msg_physoutdev);
115 }
116
117 if (msg->ce_mask & QUEUE_MSG_ATTR_HWADDR) {
118 int i;
119
120 nl_dump(p, "MAC");
121 for (i = 0; i < msg->queue_msg_hwaddr_len; i++)
122 nl_dump(p, "%c%02x", i?':':'=',
123 msg->queue_msg_hwaddr[i]);
124 nl_dump(p, " ");
125 }
126
127 if (msg->ce_mask & QUEUE_MSG_ATTR_FAMILY)
128 nl_dump(p, "FAMILY=%s ",
129 nl_af2str(msg->queue_msg_family, buf, sizeof(buf)));
130
131 if (msg->ce_mask & QUEUE_MSG_ATTR_HWPROTO)
132 nl_dump(p, "HWPROTO=%s ",
133 nl_ether_proto2str(ntohs(msg->queue_msg_hwproto),
134 buf, sizeof(buf)));
135
136 if (msg->ce_mask & QUEUE_MSG_ATTR_HOOK)
137 nl_dump(p, "HOOK=%s ",
138 nfnl_inet_hook2str(msg->queue_msg_hook,
139 buf, sizeof(buf)));
140
141 if (msg->ce_mask & QUEUE_MSG_ATTR_MARK)
142 nl_dump(p, "MARK=%d ", msg->queue_msg_mark);
143
144 if (msg->ce_mask & QUEUE_MSG_ATTR_PAYLOAD)
145 nl_dump(p, "PAYLOADLEN=%d ", msg->queue_msg_payload_len);
146
147 if (msg->ce_mask & QUEUE_MSG_ATTR_PACKETID)
148 nl_dump(p, "PACKETID=%u ", msg->queue_msg_packetid);
149
150 if (msg->ce_mask & QUEUE_MSG_ATTR_VERDICT)
151 nl_dump(p, "VERDICT=%s ",
152 nfnl_verdict2str(msg->queue_msg_verdict,
153 buf, sizeof(buf)));
154
155 nl_dump(p, "\n");
156
157 if (link_cache)
158 nl_cache_put(link_cache);
159 }
160
161 /**
162 * @name Allocation/Freeing
163 * @{
164 */
165
nfnl_queue_msg_alloc(void)166 struct nfnl_queue_msg *nfnl_queue_msg_alloc(void)
167 {
168 return (struct nfnl_queue_msg *) nl_object_alloc(&queue_msg_obj_ops);
169 }
170
nfnl_queue_msg_get(struct nfnl_queue_msg * msg)171 void nfnl_queue_msg_get(struct nfnl_queue_msg *msg)
172 {
173 nl_object_get((struct nl_object *) msg);
174 }
175
nfnl_queue_msg_put(struct nfnl_queue_msg * msg)176 void nfnl_queue_msg_put(struct nfnl_queue_msg *msg)
177 {
178 nl_object_put((struct nl_object *) msg);
179 }
180
181 /** @} */
182
183 /**
184 * @name Attributes
185 * @{
186 */
187
nfnl_queue_msg_set_group(struct nfnl_queue_msg * msg,uint16_t group)188 void nfnl_queue_msg_set_group(struct nfnl_queue_msg *msg, uint16_t group)
189 {
190 msg->queue_msg_group = group;
191 msg->ce_mask |= QUEUE_MSG_ATTR_GROUP;
192 }
193
nfnl_queue_msg_test_group(const struct nfnl_queue_msg * msg)194 int nfnl_queue_msg_test_group(const struct nfnl_queue_msg *msg)
195 {
196 return !!(msg->ce_mask & QUEUE_MSG_ATTR_GROUP);
197 }
198
nfnl_queue_msg_get_group(const struct nfnl_queue_msg * msg)199 uint16_t nfnl_queue_msg_get_group(const struct nfnl_queue_msg *msg)
200 {
201 return msg->queue_msg_group;
202 }
203
204 /**
205 * Set the protocol family
206 * @arg msg NF queue message
207 * @arg family AF_XXX address family example: AF_INET, AF_UNIX, etc
208 */
nfnl_queue_msg_set_family(struct nfnl_queue_msg * msg,uint8_t family)209 void nfnl_queue_msg_set_family(struct nfnl_queue_msg *msg, uint8_t family)
210 {
211 msg->queue_msg_family = family;
212 msg->ce_mask |= QUEUE_MSG_ATTR_FAMILY;
213 }
214
nfnl_queue_msg_test_family(const struct nfnl_queue_msg * msg)215 int nfnl_queue_msg_test_family(const struct nfnl_queue_msg *msg)
216 {
217 return !!(msg->ce_mask & QUEUE_MSG_ATTR_FAMILY);
218 }
219
nfnl_queue_msg_get_family(const struct nfnl_queue_msg * msg)220 uint8_t nfnl_queue_msg_get_family(const struct nfnl_queue_msg *msg)
221 {
222 if (msg->ce_mask & QUEUE_MSG_ATTR_FAMILY)
223 return msg->queue_msg_family;
224 else
225 return AF_UNSPEC;
226 }
227
nfnl_queue_msg_set_packetid(struct nfnl_queue_msg * msg,uint32_t packetid)228 void nfnl_queue_msg_set_packetid(struct nfnl_queue_msg *msg, uint32_t packetid)
229 {
230 msg->queue_msg_packetid = packetid;
231 msg->ce_mask |= QUEUE_MSG_ATTR_PACKETID;
232 }
233
nfnl_queue_msg_test_packetid(const struct nfnl_queue_msg * msg)234 int nfnl_queue_msg_test_packetid(const struct nfnl_queue_msg *msg)
235 {
236 return !!(msg->ce_mask & QUEUE_MSG_ATTR_PACKETID);
237 }
238
nfnl_queue_msg_get_packetid(const struct nfnl_queue_msg * msg)239 uint32_t nfnl_queue_msg_get_packetid(const struct nfnl_queue_msg *msg)
240 {
241 return msg->queue_msg_packetid;
242 }
243
nfnl_queue_msg_set_hwproto(struct nfnl_queue_msg * msg,uint16_t hwproto)244 void nfnl_queue_msg_set_hwproto(struct nfnl_queue_msg *msg, uint16_t hwproto)
245 {
246 msg->queue_msg_hwproto = hwproto;
247 msg->ce_mask |= QUEUE_MSG_ATTR_HWPROTO;
248 }
249
nfnl_queue_msg_test_hwproto(const struct nfnl_queue_msg * msg)250 int nfnl_queue_msg_test_hwproto(const struct nfnl_queue_msg *msg)
251 {
252 return !!(msg->ce_mask & QUEUE_MSG_ATTR_HWPROTO);
253 }
254
nfnl_queue_msg_get_hwproto(const struct nfnl_queue_msg * msg)255 uint16_t nfnl_queue_msg_get_hwproto(const struct nfnl_queue_msg *msg)
256 {
257 return msg->queue_msg_hwproto;
258 }
259
nfnl_queue_msg_set_hook(struct nfnl_queue_msg * msg,uint8_t hook)260 void nfnl_queue_msg_set_hook(struct nfnl_queue_msg *msg, uint8_t hook)
261 {
262 msg->queue_msg_hook = hook;
263 msg->ce_mask |= QUEUE_MSG_ATTR_HOOK;
264 }
265
nfnl_queue_msg_test_hook(const struct nfnl_queue_msg * msg)266 int nfnl_queue_msg_test_hook(const struct nfnl_queue_msg *msg)
267 {
268 return !!(msg->ce_mask & QUEUE_MSG_ATTR_HOOK);
269 }
270
nfnl_queue_msg_get_hook(const struct nfnl_queue_msg * msg)271 uint8_t nfnl_queue_msg_get_hook(const struct nfnl_queue_msg *msg)
272 {
273 return msg->queue_msg_hook;
274 }
275
nfnl_queue_msg_set_mark(struct nfnl_queue_msg * msg,uint32_t mark)276 void nfnl_queue_msg_set_mark(struct nfnl_queue_msg *msg, uint32_t mark)
277 {
278 msg->queue_msg_mark = mark;
279 msg->ce_mask |= QUEUE_MSG_ATTR_MARK;
280 }
281
nfnl_queue_msg_test_mark(const struct nfnl_queue_msg * msg)282 int nfnl_queue_msg_test_mark(const struct nfnl_queue_msg *msg)
283 {
284 return !!(msg->ce_mask & QUEUE_MSG_ATTR_MARK);
285 }
286
nfnl_queue_msg_get_mark(const struct nfnl_queue_msg * msg)287 uint32_t nfnl_queue_msg_get_mark(const struct nfnl_queue_msg *msg)
288 {
289 return msg->queue_msg_mark;
290 }
291
nfnl_queue_msg_set_timestamp(struct nfnl_queue_msg * msg,struct timeval * tv)292 void nfnl_queue_msg_set_timestamp(struct nfnl_queue_msg *msg,
293 struct timeval *tv)
294 {
295 msg->queue_msg_timestamp.tv_sec = tv->tv_sec;
296 msg->queue_msg_timestamp.tv_usec = tv->tv_usec;
297 msg->ce_mask |= QUEUE_MSG_ATTR_TIMESTAMP;
298 }
299
nfnl_queue_msg_test_timestamp(const struct nfnl_queue_msg * msg)300 int nfnl_queue_msg_test_timestamp(const struct nfnl_queue_msg *msg)
301 {
302 return !!(msg->ce_mask & QUEUE_MSG_ATTR_TIMESTAMP);
303 }
304
nfnl_queue_msg_get_timestamp(const struct nfnl_queue_msg * msg)305 const struct timeval *nfnl_queue_msg_get_timestamp(const struct nfnl_queue_msg *msg)
306 {
307 if (!(msg->ce_mask & QUEUE_MSG_ATTR_TIMESTAMP))
308 return NULL;
309 return &msg->queue_msg_timestamp;
310 }
311
nfnl_queue_msg_set_indev(struct nfnl_queue_msg * msg,uint32_t indev)312 void nfnl_queue_msg_set_indev(struct nfnl_queue_msg *msg, uint32_t indev)
313 {
314 msg->queue_msg_indev = indev;
315 msg->ce_mask |= QUEUE_MSG_ATTR_INDEV;
316 }
317
nfnl_queue_msg_test_indev(const struct nfnl_queue_msg * msg)318 int nfnl_queue_msg_test_indev(const struct nfnl_queue_msg *msg)
319 {
320 return !!(msg->ce_mask & QUEUE_MSG_ATTR_INDEV);
321 }
322
nfnl_queue_msg_get_indev(const struct nfnl_queue_msg * msg)323 uint32_t nfnl_queue_msg_get_indev(const struct nfnl_queue_msg *msg)
324 {
325 return msg->queue_msg_indev;
326 }
327
nfnl_queue_msg_set_outdev(struct nfnl_queue_msg * msg,uint32_t outdev)328 void nfnl_queue_msg_set_outdev(struct nfnl_queue_msg *msg, uint32_t outdev)
329 {
330 msg->queue_msg_outdev = outdev;
331 msg->ce_mask |= QUEUE_MSG_ATTR_OUTDEV;
332 }
333
nfnl_queue_msg_test_outdev(const struct nfnl_queue_msg * msg)334 int nfnl_queue_msg_test_outdev(const struct nfnl_queue_msg *msg)
335 {
336 return !!(msg->ce_mask & QUEUE_MSG_ATTR_OUTDEV);
337 }
338
nfnl_queue_msg_get_outdev(const struct nfnl_queue_msg * msg)339 uint32_t nfnl_queue_msg_get_outdev(const struct nfnl_queue_msg *msg)
340 {
341 return msg->queue_msg_outdev;
342 }
343
nfnl_queue_msg_set_physindev(struct nfnl_queue_msg * msg,uint32_t physindev)344 void nfnl_queue_msg_set_physindev(struct nfnl_queue_msg *msg,
345 uint32_t physindev)
346 {
347 msg->queue_msg_physindev = physindev;
348 msg->ce_mask |= QUEUE_MSG_ATTR_PHYSINDEV;
349 }
350
nfnl_queue_msg_test_physindev(const struct nfnl_queue_msg * msg)351 int nfnl_queue_msg_test_physindev(const struct nfnl_queue_msg *msg)
352 {
353 return !!(msg->ce_mask & QUEUE_MSG_ATTR_PHYSINDEV);
354 }
355
nfnl_queue_msg_get_physindev(const struct nfnl_queue_msg * msg)356 uint32_t nfnl_queue_msg_get_physindev(const struct nfnl_queue_msg *msg)
357 {
358 return msg->queue_msg_physindev;
359 }
360
nfnl_queue_msg_set_physoutdev(struct nfnl_queue_msg * msg,uint32_t physoutdev)361 void nfnl_queue_msg_set_physoutdev(struct nfnl_queue_msg *msg,
362 uint32_t physoutdev)
363 {
364 msg->queue_msg_physoutdev = physoutdev;
365 msg->ce_mask |= QUEUE_MSG_ATTR_PHYSOUTDEV;
366 }
367
nfnl_queue_msg_test_physoutdev(const struct nfnl_queue_msg * msg)368 int nfnl_queue_msg_test_physoutdev(const struct nfnl_queue_msg *msg)
369 {
370 return !!(msg->ce_mask & QUEUE_MSG_ATTR_PHYSOUTDEV);
371 }
372
nfnl_queue_msg_get_physoutdev(const struct nfnl_queue_msg * msg)373 uint32_t nfnl_queue_msg_get_physoutdev(const struct nfnl_queue_msg *msg)
374 {
375 return msg->queue_msg_physoutdev;
376 }
377
nfnl_queue_msg_set_hwaddr(struct nfnl_queue_msg * msg,uint8_t * hwaddr,int len)378 void nfnl_queue_msg_set_hwaddr(struct nfnl_queue_msg *msg, uint8_t *hwaddr,
379 int len)
380 {
381 if (len < 0)
382 len = 0;
383 else if (((unsigned)len) > sizeof(msg->queue_msg_hwaddr))
384 len = sizeof(msg->queue_msg_hwaddr);
385 msg->queue_msg_hwaddr_len = len;
386 memcpy(msg->queue_msg_hwaddr, hwaddr, len);
387 msg->ce_mask |= QUEUE_MSG_ATTR_HWADDR;
388 }
389
nfnl_queue_msg_test_hwaddr(const struct nfnl_queue_msg * msg)390 int nfnl_queue_msg_test_hwaddr(const struct nfnl_queue_msg *msg)
391 {
392 return !!(msg->ce_mask & QUEUE_MSG_ATTR_HWADDR);
393 }
394
nfnl_queue_msg_get_hwaddr(const struct nfnl_queue_msg * msg,int * len)395 const uint8_t *nfnl_queue_msg_get_hwaddr(const struct nfnl_queue_msg *msg,
396 int *len)
397 {
398 if (!(msg->ce_mask & QUEUE_MSG_ATTR_HWADDR)) {
399 *len = 0;
400 return NULL;
401 }
402
403 *len = msg->queue_msg_hwaddr_len;
404 return msg->queue_msg_hwaddr;
405 }
406
nfnl_queue_msg_set_payload(struct nfnl_queue_msg * msg,uint8_t * payload,int len)407 int nfnl_queue_msg_set_payload(struct nfnl_queue_msg *msg, uint8_t *payload,
408 int len)
409 {
410 void *p = NULL;
411
412 if (len < 0)
413 return -NLE_INVAL;
414
415 p = _nl_memdup(payload, len);
416 if (!p && len > 0)
417 return -NLE_NOMEM;
418
419 free(msg->queue_msg_payload);
420 msg->queue_msg_payload = p;
421 msg->queue_msg_payload_len = len;
422 if (len > 0)
423 msg->ce_mask |= QUEUE_MSG_ATTR_PAYLOAD;
424 else
425 msg->ce_mask &= ~QUEUE_MSG_ATTR_PAYLOAD;
426 return 0;
427 }
428
nfnl_queue_msg_test_payload(const struct nfnl_queue_msg * msg)429 int nfnl_queue_msg_test_payload(const struct nfnl_queue_msg *msg)
430 {
431 return !!(msg->ce_mask & QUEUE_MSG_ATTR_PAYLOAD);
432 }
433
nfnl_queue_msg_get_payload(const struct nfnl_queue_msg * msg,int * len)434 const void *nfnl_queue_msg_get_payload(const struct nfnl_queue_msg *msg, int *len)
435 {
436 if (!(msg->ce_mask & QUEUE_MSG_ATTR_PAYLOAD)) {
437 *len = 0;
438 return NULL;
439 }
440
441 *len = msg->queue_msg_payload_len;
442 return msg->queue_msg_payload;
443 }
444
445 /**
446 * Return the number of items matching a filter in the cache
447 * @arg msg queue msg
448 * @arg verdict NF_DROP, NF_ACCEPT, NF_REPEAT, etc
449 */
nfnl_queue_msg_set_verdict(struct nfnl_queue_msg * msg,unsigned int verdict)450 void nfnl_queue_msg_set_verdict(struct nfnl_queue_msg *msg,
451 unsigned int verdict)
452 {
453 msg->queue_msg_verdict = verdict;
454 msg->ce_mask |= QUEUE_MSG_ATTR_VERDICT;
455 }
456
nfnl_queue_msg_test_verdict(const struct nfnl_queue_msg * msg)457 int nfnl_queue_msg_test_verdict(const struct nfnl_queue_msg *msg)
458 {
459 return !!(msg->ce_mask & QUEUE_MSG_ATTR_VERDICT);
460 }
461
nfnl_queue_msg_get_verdict(const struct nfnl_queue_msg * msg)462 unsigned int nfnl_queue_msg_get_verdict(const struct nfnl_queue_msg *msg)
463 {
464 return msg->queue_msg_verdict;
465 }
466
467 static const struct trans_tbl nfnl_queue_msg_attrs[] = {
468 __ADD(QUEUE_MSG_ATTR_GROUP, group),
469 __ADD(QUEUE_MSG_ATTR_FAMILY, family),
470 __ADD(QUEUE_MSG_ATTR_PACKETID, packetid),
471 __ADD(QUEUE_MSG_ATTR_HWPROTO, hwproto),
472 __ADD(QUEUE_MSG_ATTR_HOOK, hook),
473 __ADD(QUEUE_MSG_ATTR_MARK, mark),
474 __ADD(QUEUE_MSG_ATTR_TIMESTAMP, timestamp),
475 __ADD(QUEUE_MSG_ATTR_INDEV, indev),
476 __ADD(QUEUE_MSG_ATTR_OUTDEV, outdev),
477 __ADD(QUEUE_MSG_ATTR_PHYSINDEV, physindev),
478 __ADD(QUEUE_MSG_ATTR_PHYSOUTDEV, physoutdev),
479 __ADD(QUEUE_MSG_ATTR_HWADDR, hwaddr),
480 __ADD(QUEUE_MSG_ATTR_PAYLOAD, payload),
481 __ADD(QUEUE_MSG_ATTR_VERDICT, verdict),
482 };
483
nfnl_queue_msg_attrs2str(int attrs,char * buf,size_t len)484 static char *nfnl_queue_msg_attrs2str(int attrs, char *buf, size_t len)
485 {
486 return __flags2str(attrs, buf, len, nfnl_queue_msg_attrs,
487 ARRAY_SIZE(nfnl_queue_msg_attrs));
488 }
489
490 /** @} */
491
492 struct nl_object_ops queue_msg_obj_ops = {
493 .oo_name = "netfilter/queuemsg",
494 .oo_size = sizeof(struct nfnl_queue_msg),
495 .oo_free_data = nfnl_queue_msg_free_data,
496 .oo_clone = nfnl_queue_msg_clone,
497 .oo_dump = {
498 [NL_DUMP_LINE] = nfnl_queue_msg_dump,
499 [NL_DUMP_DETAILS] = nfnl_queue_msg_dump,
500 [NL_DUMP_STATS] = nfnl_queue_msg_dump,
501 },
502 .oo_attrs2str = nfnl_queue_msg_attrs2str,
503 };
504
505 /** @} */
506