1 /* SPDX-License-Identifier: LGPL-2.1-only */
2 /*
3  * Copyright (c) 2003-2012 Thomas Graf <tgraf@suug.ch>
4  */
5 
6 /**
7  * @defgroup core Core Library (libnl)
8  *
9  * Socket handling, connection management, sending and receiving of data,
10  * message construction and parsing, object caching system, ...
11  *
12  * This is the API reference of the core library. It is not meant as a guide
13  * but as a reference. Please refer to the core library guide for detailed
14  * documentation on the library architecture and examples:
15  *
16  * * @ref_asciidoc{core,_,Netlink Core Library Development Guide}
17  *
18  *
19  * @{
20  */
21 
22 #include "nl-default.h"
23 
24 #include <linux/socket.h>
25 
26 #include <netlink/netlink.h>
27 #include <netlink/utils.h>
28 #include <netlink/handlers.h>
29 #include <netlink/msg.h>
30 #include <netlink/attr.h>
31 
32 #include "nl-core.h"
33 #include "nl-priv-dynamic-core/nl-core.h"
34 #include "nl-aux-core/nl-core.h"
35 #include "nl-priv-dynamic-core/cache-api.h"
36 
37 /**
38  * @defgroup core_types Data Types
39  *
40  * Core library data types
41  * @{
42  * @}
43  *
44  * @defgroup send_recv Send & Receive Data
45  *
46  * Connection management, sending & receiving of data
47  *
48  * Related sections in the development guide:
49  * - @core_doc{core_send_recv, Sending & Receiving}
50  * - @core_doc{core_sockets, Sockets}
51  *
52  * @{
53  *
54  * Header
55  * ------
56  * ~~~~{.c}
57  * #include <netlink/netlink.h>
58  * ~~~~
59  */
60 
61 /**
62  * @name Connection Management
63  * @{
64  */
65 
66 /**
67  * Create file descriptor and bind socket.
68  * @arg sk		Netlink socket (required)
69  * @arg protocol	Netlink protocol to use (required)
70  *
71  * Creates a new Netlink socket using `socket()` and binds the socket to the
72  * protocol and local port specified in the `sk` socket object. Fails if
73  * the socket is already connected.
74  *
75  * @note If available, the `close-on-exec` (`SOCK_CLOEXEC`) feature is enabled
76  *       automatically on the new file descriptor. This causes the socket to
77  *       be closed automatically if any of the `exec` family functions succeed.
78  *       This is essential for multi threaded programs.
79  *
80  * @note The local port (`nl_socket_get_local_port()`) is unspecified after
81  *       creating a new socket. It only gets determined when accessing the
82  *       port the first time or during `nl_connect()`. When nl_connect()
83  *       fails during `bind()` due to `ADDRINUSE`, it will retry with
84  *       different ports if the port is unspecified. Unless you want to enforce
85  *       the use of a specific local port, don't access the local port (or
86  *       reset it to `unspecified` by calling `nl_socket_set_local_port(sk, 0)`).
87  *       This capability is indicated by
88  *       `%NL_CAPABILITY_NL_CONNECT_RETRY_GENERATE_PORT_ON_ADDRINUSE`.
89  *
90  * @note nl_connect() creates and sets the file descriptor. You can setup the file
91  *       descriptor yourself by creating and binding it, and then calling
92  *       nl_socket_set_fd(). The result will be the same.
93  *
94  * @see nl_socket_alloc()
95  * @see nl_close()
96  * @see nl_socket_set_fd()
97  *
98  * @return 0 on success or a negative error code.
99  *
100  * @retval -NLE_BAD_SOCK Socket is already connected
101  */
nl_connect(struct nl_sock * sk,int protocol)102 int nl_connect(struct nl_sock *sk, int protocol)
103 {
104 	int err, flags = 0;
105 	int errsv;
106 	socklen_t addrlen;
107 	struct sockaddr_nl local = { 0 };
108 	int try_bind = 1;
109 
110 #ifdef SOCK_CLOEXEC
111 	flags |= SOCK_CLOEXEC;
112 #endif
113 
114 	if (sk->s_fd != -1)
115 		return -NLE_BAD_SOCK;
116 
117 	sk->s_fd = socket(AF_NETLINK, SOCK_RAW | flags, protocol);
118 	if (sk->s_fd < 0) {
119 		errsv = errno;
120 		NL_DBG(4, "nl_connect(%p): socket() failed with %d (%s)\n", sk, errsv,
121 			nl_strerror_l(errsv));
122 		err = -nl_syserr2nlerr(errsv);
123 		goto errout;
124 	}
125 
126 	err = nl_socket_set_buffer_size(sk, 0, 0);
127 	if (err < 0)
128 		goto errout;
129 
130 	if (_nl_socket_is_local_port_unspecified (sk)) {
131 		uint32_t port;
132 		uint32_t used_ports[32] = { 0 };
133 		int ntries = 0;
134 
135 		while (1) {
136 			if (ntries++ > 5) {
137 				/* try only a few times. We hit this only if many ports are already in
138 				 * use but allocated *outside* libnl/generate_local_port(). */
139 				_nl_socket_set_local_port_no_release (sk, 0);
140 				break;
141 			}
142 
143 			port = _nl_socket_set_local_port_no_release(sk, 1);
144 			if (port == 0)
145 				break;
146 
147 			err = bind(sk->s_fd, (struct sockaddr*) &sk->s_local,
148 				   sizeof(sk->s_local));
149 			if (err == 0) {
150 				try_bind = 0;
151 				break;
152 			}
153 
154 			errsv = errno;
155 			if (errsv == EADDRINUSE) {
156 				NL_DBG(4, "nl_connect(%p): local port %u already in use. Retry.\n", sk, (unsigned) port);
157 				_nl_socket_used_ports_set(used_ports, port);
158 			} else {
159 				NL_DBG(4, "nl_connect(%p): bind() for port %u failed with %d (%s)\n",
160 					sk, (unsigned) port, errsv, nl_strerror_l(errsv));
161 				_nl_socket_used_ports_release_all(used_ports);
162 				err = -nl_syserr2nlerr(errsv);
163 				goto errout;
164 			}
165 		}
166 		_nl_socket_used_ports_release_all(used_ports);
167 	}
168 	if (try_bind) {
169 		err = bind(sk->s_fd, (struct sockaddr*) &sk->s_local,
170 			   sizeof(sk->s_local));
171 		if (err != 0) {
172 			errsv = errno;
173 			NL_DBG(4, "nl_connect(%p): bind() failed with %d (%s)\n",
174 				sk, errsv, nl_strerror_l(errsv));
175 			err = -nl_syserr2nlerr(errsv);
176 			goto errout;
177 		}
178 	}
179 
180 	addrlen = sizeof(local);
181 	err = getsockname(sk->s_fd, (struct sockaddr *) &local,
182 			  &addrlen);
183 	if (err < 0) {
184 		NL_DBG(4, "nl_connect(%p): getsockname() failed with %d (%s)\n",
185 			sk, errno, nl_strerror_l(errno));
186 		err = -nl_syserr2nlerr(errno);
187 		goto errout;
188 	}
189 
190 	if (addrlen != sizeof(local)) {
191 		err = -NLE_NOADDR;
192 		goto errout;
193 	}
194 
195 	if (local.nl_family != AF_NETLINK) {
196 		err = -NLE_AF_NOSUPPORT;
197 		goto errout;
198 	}
199 
200 	if (sk->s_local.nl_pid != local.nl_pid) {
201 		/* The port id is different. That can happen if the port id was zero
202 		 * and kernel assigned a local port. */
203 		nl_socket_set_local_port (sk, local.nl_pid);
204 	}
205 	sk->s_local = local;
206 	sk->s_proto = protocol;
207 
208 	return 0;
209 errout:
210 	if (sk->s_fd != -1) {
211 		close(sk->s_fd);
212 		sk->s_fd = -1;
213 	}
214 
215 	return err;
216 }
217 
218 /**
219  * Close Netlink socket
220  * @arg sk		Netlink socket (required)
221  *
222  * Closes the Netlink socket using `close()`.
223  *
224  * @note The socket is closed automatically if a `struct nl_sock` object is
225  *       freed using `nl_socket_free()`.
226  *
227  * @see nl_connect()
228  */
nl_close(struct nl_sock * sk)229 void nl_close(struct nl_sock *sk)
230 {
231 	if (sk->s_fd >= 0) {
232 		close(sk->s_fd);
233 		sk->s_fd = -1;
234 	}
235 
236 	sk->s_proto = 0;
237 }
238 
239 /** @} */
240 
241 /**
242  * @name Send
243  * @{
244  */
245 
246 /**
247  * Transmit raw data over Netlink socket.
248  * @arg sk		Netlink socket (required)
249  * @arg buf		Buffer carrying data to send (required)
250  * @arg size		Size of buffer (required)
251  *
252  * Transmits "raw" data over the specified Netlink socket. Unlike the other
253  * transmit functions it does not modify the data in any way. It directly
254  * passes the buffer \c buf of \c size to sendto().
255  *
256  * The message is addressed to the peer as specified in the socket by either
257  * the nl_socket_set_peer_port() or nl_socket_set_peer_groups() function.
258  *
259  * @note Because there is no indication on the message boundaries of the data
260  *       being sent, the \c NL_CB_MSG_OUT callback handler will not be invoked
261  *       for data that is being sent using this function.
262  *
263  * @see nl_socket_set_peer_port()
264  * @see nl_socket_set_peer_groups()
265  * @see nl_sendmsg()
266  *
267  * @return Number of bytes sent or a negative error code.
268  */
nl_sendto(struct nl_sock * sk,void * buf,size_t size)269 int nl_sendto(struct nl_sock *sk, void *buf, size_t size)
270 {
271 	int ret;
272 
273 	if (!buf)
274 		return -NLE_INVAL;
275 
276 	if (sk->s_fd < 0)
277 		return -NLE_BAD_SOCK;
278 
279 	ret = sendto(sk->s_fd, buf, size, 0, (struct sockaddr *)
280 		     &sk->s_peer, sizeof(sk->s_peer));
281 	if (ret < 0) {
282 		NL_DBG(4, "nl_sendto(%p): sendto() failed with %d (%s)\n",
283 			sk, errno, nl_strerror_l(errno));
284 		return -nl_syserr2nlerr(errno);
285 	}
286 
287 	return ret;
288 }
289 
290 /**
291  * Transmit Netlink message using sendmsg()
292  * @arg sk		Netlink socket (required)
293  * @arg msg		Netlink message to be sent (required)
294  * @arg hdr		sendmsg() message header (required)
295  *
296  * Transmits the message specified in \c hdr over the Netlink socket using the
297  * sendmsg() system call.
298  *
299  * @attention
300  * The `msg` argument will *not* be used to derive the message payload that
301  * is being sent out. The `msg` argument is *only* passed on to the
302  * `NL_CB_MSG_OUT` callback. The caller is responsible to initialize the
303  * `hdr` struct properly and have it point to the message payload and
304  * socket address.
305  *
306  * @note
307  * This function uses `nlmsg_set_src()` to modify the `msg` argument prior to
308  * invoking the `NL_CB_MSG_OUT` callback to provide the local port number.
309  *
310  * @callback This function triggers the `NL_CB_MSG_OUT` callback.
311  *
312  * @attention
313  * Think twice before using this function. It provides a low level access to
314  * the Netlink socket. Among other limitations, it does not add credentials
315  * even if enabled or respect the destination address specified in the `msg`
316  * object.
317  *
318  * @see nl_socket_set_local_port()
319  * @see nl_send_auto()
320  * @see nl_send_iovec()
321  *
322  * @return Number of bytes sent on success or a negative error code.
323  *
324  * @lowlevel
325  */
nl_sendmsg(struct nl_sock * sk,struct nl_msg * msg,struct msghdr * hdr)326 int nl_sendmsg(struct nl_sock *sk, struct nl_msg *msg, struct msghdr *hdr)
327 {
328 	struct nl_cb *cb;
329 	int ret;
330 
331 	if (sk->s_fd < 0)
332 		return -NLE_BAD_SOCK;
333 
334 	nlmsg_set_src(msg, &sk->s_local);
335 
336 	cb = sk->s_cb;
337 	if (cb->cb_set[NL_CB_MSG_OUT])
338 		if ((ret = nl_cb_call(cb, NL_CB_MSG_OUT, msg)) != NL_OK)
339 			return ret;
340 
341 	ret = sendmsg(sk->s_fd, hdr, 0);
342 	if (ret < 0) {
343 		NL_DBG(4, "nl_sendmsg(%p): sendmsg() failed with %d (%s)\n",
344 			sk, errno, nl_strerror_l(errno));
345 		return -nl_syserr2nlerr(errno);
346 	}
347 
348 	NL_DBG(4, "sent %d bytes\n", ret);
349 	return ret;
350 }
351 
352 
353 /**
354  * Transmit Netlink message (taking IO vector)
355  * @arg sk		Netlink socket (required)
356  * @arg msg		Netlink message to be sent (required)
357  * @arg iov		IO vector to be sent (required)
358  * @arg iovlen		Number of struct iovec to be sent (required)
359  *
360  * This function is identical to nl_send() except that instead of taking a
361  * `struct nl_msg` object it takes an IO vector. Please see the description
362  * of `nl_send()`.
363  *
364  * @callback This function triggers the `NL_CB_MSG_OUT` callback.
365  *
366  * @see nl_send()
367  *
368  * @return Number of bytes sent on success or a negative error code.
369  *
370  * @lowlevel
371  */
nl_send_iovec(struct nl_sock * sk,struct nl_msg * msg,struct iovec * iov,unsigned iovlen)372 int nl_send_iovec(struct nl_sock *sk, struct nl_msg *msg, struct iovec *iov, unsigned iovlen)
373 {
374 	struct sockaddr_nl *dst;
375 	struct ucred *creds;
376 	struct msghdr hdr = {
377 		.msg_name = (void *) &sk->s_peer,
378 		.msg_namelen = sizeof(struct sockaddr_nl),
379 		.msg_iov = iov,
380 		.msg_iovlen = iovlen,
381 	};
382 	char buf[CMSG_SPACE(sizeof(struct ucred))];
383 
384 	/* Overwrite destination if specified in the message itself, defaults
385 	 * to the peer address of the socket.
386 	 */
387 	dst = nlmsg_get_dst(msg);
388 	if (dst->nl_family == AF_NETLINK)
389 		hdr.msg_name = dst;
390 
391 	/* Add credentials if present. */
392 	creds = nlmsg_get_creds(msg);
393 	if (creds != NULL) {
394 		struct cmsghdr *cmsg;
395 
396 		hdr.msg_control = buf;
397 		hdr.msg_controllen = sizeof(buf);
398 
399 		cmsg = CMSG_FIRSTHDR(&hdr);
400 		cmsg->cmsg_level = SOL_SOCKET;
401 		cmsg->cmsg_type = SCM_CREDENTIALS;
402 		cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
403 		memcpy(CMSG_DATA(cmsg), creds, sizeof(struct ucred));
404 	}
405 
406 	return nl_sendmsg(sk, msg, &hdr);
407 }
408 
409 /**
410  * Transmit Netlink message
411  * @arg sk		Netlink socket (required)
412  * @arg msg		Netlink message (required)
413  *
414  * Transmits the Netlink message `msg` over the Netlink socket using the
415  * `sendmsg()` system call. This function is based on `nl_send_iovec()` but
416  * takes care of initializing a `struct iovec` based on the `msg` object.
417  *
418  * The message is addressed to the peer as specified in the socket by either
419  * the nl_socket_set_peer_port() or nl_socket_set_peer_groups() function.
420  * The peer address can be overwritten by specifying an address in the `msg`
421  * object using nlmsg_set_dst().
422  *
423  * If present in the `msg`, credentials set by the nlmsg_set_creds() function
424  * are added to the control buffer of the message.
425  *
426  * @par Overwriting Capability:
427  * Calls to this function can be overwritten by providing an alternative using
428  * the nl_cb_overwrite_send() function.
429  *
430  * @callback This function triggers the `NL_CB_MSG_OUT` callback.
431  *
432  * @attention
433  * Unlike `nl_send_auto()`, this function does *not* finalize the message in
434  * terms of automatically adding needed flags or filling out port numbers.
435  *
436  * @see nl_send_auto()
437  * @see nl_send_iovec()
438  * @see nl_socket_set_peer_port()
439  * @see nl_socket_set_peer_groups()
440  * @see nlmsg_set_dst()
441  * @see nlmsg_set_creds()
442  * @see nl_cb_overwrite_send()
443  *
444  * @return Number of bytes sent on success or a negative error code.
445 */
nl_send(struct nl_sock * sk,struct nl_msg * msg)446 int nl_send(struct nl_sock *sk, struct nl_msg *msg)
447 {
448 	struct nl_cb *cb = sk->s_cb;
449 
450 	if (cb->cb_send_ow)
451 		return cb->cb_send_ow(sk, msg);
452 	else {
453 		struct iovec iov = {
454 			.iov_base = (void *) nlmsg_hdr(msg),
455 			.iov_len = nlmsg_hdr(msg)->nlmsg_len,
456 		};
457 
458 		return nl_send_iovec(sk, msg, &iov, 1);
459 	}
460 }
461 
462 /**
463  * Finalize Netlink message
464  * @arg sk		Netlink socket (required)
465  * @arg msg		Netlink message (required)
466  *
467  * This function finalizes a Netlink message by completing the message with
468  * desirable flags and values depending on the socket configuration.
469  *
470  *  - If not yet filled out, the source address of the message (`nlmsg_pid`)
471  *    will be set to the local port number of the socket.
472  *  - If not yet specified, the next available sequence number is assigned
473  *    to the message (`nlmsg_seq`).
474  *  - If not yet specified, the protocol field of the message will be set to
475  *    the protocol field of the socket.
476  *  - The `NLM_F_REQUEST` Netlink message flag will be set.
477  *  - The `NLM_F_ACK` flag will be set if Auto-ACK mode is enabled on the
478  *    socket.
479  */
nl_complete_msg(struct nl_sock * sk,struct nl_msg * msg)480 void nl_complete_msg(struct nl_sock *sk, struct nl_msg *msg)
481 {
482 	struct nlmsghdr *nlh;
483 
484 	nlh = nlmsg_hdr(msg);
485 	if (nlh->nlmsg_pid == NL_AUTO_PORT)
486 		nlh->nlmsg_pid = nl_socket_get_local_port(sk);
487 
488 	if (nlh->nlmsg_seq == NL_AUTO_SEQ)
489 		nlh->nlmsg_seq = nl_socket_use_seq(sk);
490 
491 	if (msg->nm_protocol == -1)
492 		msg->nm_protocol = sk->s_proto;
493 
494 	nlh->nlmsg_flags |= NLM_F_REQUEST;
495 
496 	if (!(sk->s_flags & NL_NO_AUTO_ACK))
497 		nlh->nlmsg_flags |= NLM_F_ACK;
498 }
499 
500 /**
501  * Finalize and transmit Netlink message
502  * @arg sk		Netlink socket (required)
503  * @arg msg		Netlink message (required)
504  *
505  * Finalizes the message by passing it to `nl_complete_msg()` and transmits it
506  * by passing it to `nl_send()`.
507  *
508  * @callback This function triggers the `NL_CB_MSG_OUT` callback.
509  *
510  * @see nl_complete_msg()
511  * @see nl_send()
512  *
513  * @return Number of bytes sent or a negative error code.
514  */
nl_send_auto(struct nl_sock * sk,struct nl_msg * msg)515 int nl_send_auto(struct nl_sock *sk, struct nl_msg *msg)
516 {
517 	nl_complete_msg(sk, msg);
518 
519 	return nl_send(sk, msg);
520 }
521 
522 /**
523  * Finalize and transmit Netlink message and wait for ACK or error message
524  * @arg sk		Netlink socket (required)
525  * @arg msg		Netlink message (required)
526  *
527  * Passes the `msg` to `nl_send_auto()` to finalize and transmit it. Frees the
528  * message and waits (sleeps) for the ACK or error message to be received.
529  *
530  * @attention
531  * Disabling Auto-ACK (nl_socket_disable_auto_ack()) will cause this function
532  * to return immediately after transmitting the message. However, the peer may
533  * still be returning an error message in response to the request. It is the
534  * responsibility of the caller to handle such messages.
535  *
536  * @callback This function triggers the `NL_CB_MSG_OUT` callback.
537  *
538  * @attention
539  * This function frees the `msg` object after transmitting it by calling
540  * `nlmsg_free()`.
541  *
542  * @see nl_send_auto().
543  * @see nl_wait_for_ack()
544  *
545  * @return 0 on success or a negative error code.
546  */
nl_send_sync(struct nl_sock * sk,struct nl_msg * msg)547 int nl_send_sync(struct nl_sock *sk, struct nl_msg *msg)
548 {
549 	int err;
550 
551 	err = nl_send_auto(sk, msg);
552 	nlmsg_free(msg);
553 	if (err < 0)
554 		return err;
555 
556 	return wait_for_ack(sk);
557 }
558 
559 /**
560  * Construct and transmit a Netlink message
561  * @arg sk		Netlink socket (required)
562  * @arg type		Netlink message type (required)
563  * @arg flags		Netlink message flags (optional)
564  * @arg buf		Data buffer (optional)
565  * @arg size		Size of data buffer (optional)
566  *
567  * Allocates a new Netlink message based on `type` and `flags`. If `buf`
568  * points to payload of length `size` that payload will be appended to the
569  * message.
570  *
571  * Sends out the message using `nl_send_auto()` and frees the message
572  * afterwards.
573  *
574  * @see nl_send_auto()
575  *
576  * @return Number of characters sent on success or a negative error code.
577  * @retval -NLE_NOMEM Unable to allocate Netlink message
578  */
nl_send_simple(struct nl_sock * sk,int type,int flags,void * buf,size_t size)579 int nl_send_simple(struct nl_sock *sk, int type, int flags, void *buf,
580 		   size_t size)
581 {
582 	int err;
583 	struct nl_msg *msg;
584 
585 	msg = nlmsg_alloc_simple(type, flags);
586 	if (!msg)
587 		return -NLE_NOMEM;
588 
589 	if (buf && size) {
590 		err = nlmsg_append(msg, buf, size, NLMSG_ALIGNTO);
591 		if (err < 0)
592 			goto errout;
593 	}
594 
595 	err = nl_send_auto(sk, msg);
596 errout:
597 	nlmsg_free(msg);
598 
599 	return err;
600 }
601 
602 /** @} */
603 
604 /**
605  * @name Receive
606  * @{
607  */
608 
609 /**
610  * Receive data from netlink socket
611  * @arg sk		Netlink socket (required)
612  * @arg nla		Netlink socket structure to hold address of peer (required)
613  * @arg buf		Destination pointer for message content (required)
614  * @arg creds		Destination pointer for credentials (optional)
615  *
616  * Receives data from a connected netlink socket using recvmsg() and returns
617  * the number of bytes read. The read data is stored in a newly allocated
618  * buffer that is assigned to \c *buf. The peer's netlink address will be
619  * stored in \c *nla.
620  *
621  * This function blocks until data is available to be read unless the socket
622  * has been put into non-blocking mode using nl_socket_set_nonblocking() in
623  * which case this function will return immediately with a return value of
624  * -NLA_AGAIN (versions before 3.2.22 returned instead 0, in which case you
625  * should check first clear errno and then check for errno EAGAIN).
626  *
627  * The buffer size used when reading from the netlink socket and thus limiting
628  * the maximum size of a netlink message that can be read defaults to the size
629  * of a memory page (getpagesize()). The buffer size can be modified on a per
630  * socket level using the function nl_socket_set_msg_buf_size().
631  *
632  * If message peeking is enabled using nl_socket_enable_msg_peek() the size of
633  * the message to be read will be determined using the MSG_PEEK flag prior to
634  * performing the actual read. This leads to an additional recvmsg() call for
635  * every read operation which has performance implications and is not
636  * recommended for high throughput protocols.
637  *
638  * An eventual interruption of the recvmsg() system call is automatically
639  * handled by retrying the operation.
640  *
641  * If receiving of credentials has been enabled using the function
642  * nl_socket_set_passcred(), this function will allocate a new struct ucred
643  * filled with the received credentials and assign it to \c *creds. The caller
644  * is responsible for freeing the buffer.
645  *
646  * @note The caller is responsible to free the returned data buffer and if
647  *       enabled, the credentials buffer.
648  *
649  * @see nl_socket_set_nonblocking()
650  * @see nl_socket_set_msg_buf_size()
651  * @see nl_socket_enable_msg_peek()
652  * @see nl_socket_set_passcred()
653  *
654  * @return Number of bytes read, 0 on EOF, 0 on no data event (non-blocking
655  *         mode), or a negative error code.
656  */
nl_recv(struct nl_sock * sk,struct sockaddr_nl * nla,unsigned char ** buf,struct ucred ** creds)657 int nl_recv(struct nl_sock *sk, struct sockaddr_nl *nla,
658 	    unsigned char **buf, struct ucred **creds)
659 {
660 	ssize_t n;
661 	int flags = 0;
662 	static int page_size = 0; /* GLOBAL! */
663 	struct iovec iov;
664 	struct msghdr msg = {
665 		.msg_name = (void *) nla,
666 		.msg_namelen = sizeof(struct sockaddr_nl),
667 		.msg_iov = &iov,
668 		.msg_iovlen = 1,
669 	};
670 	struct ucred* tmpcreds = NULL;
671 	int retval = 0;
672 
673 	if (!buf || !nla)
674 		return -NLE_INVAL;
675 
676 	if (   (sk->s_flags & NL_MSG_PEEK)
677 	    || (!(sk->s_flags & NL_MSG_PEEK_EXPLICIT) && sk->s_bufsize == 0))
678 		flags |= MSG_PEEK | MSG_TRUNC;
679 
680 	if (page_size == 0)
681 		page_size = getpagesize() * 4;
682 
683 	iov.iov_len = sk->s_bufsize ? sk->s_bufsize : ((size_t)page_size);
684 	iov.iov_base = malloc(iov.iov_len);
685 
686 	if (!iov.iov_base) {
687 		retval = -NLE_NOMEM;
688 		goto abort;
689 	}
690 
691 	if (creds && (sk->s_flags & NL_SOCK_PASSCRED)) {
692 		msg.msg_controllen = CMSG_SPACE(sizeof(struct ucred));
693 		msg.msg_control = malloc(msg.msg_controllen);
694 		if (!msg.msg_control) {
695 			retval = -NLE_NOMEM;
696 			goto abort;
697 		}
698 	}
699 retry:
700 
701 	n = recvmsg(sk->s_fd, &msg, flags);
702 	if (!n) {
703 		retval = 0;
704 		goto abort;
705 	}
706 	if (n < 0) {
707 		if (errno == EINTR) {
708 			NL_DBG(3, "recvmsg() returned EINTR, retrying\n");
709 			goto retry;
710 		}
711 
712 		NL_DBG(4, "recvmsg(%p): nl_recv() failed with %d (%s)\n",
713 			sk, errno, nl_strerror_l(errno));
714 		retval = -nl_syserr2nlerr(errno);
715 		goto abort;
716 	}
717 
718 	if (msg.msg_flags & MSG_CTRUNC) {
719 		void *tmp;
720 
721 		if (msg.msg_controllen == 0) {
722 			retval = -NLE_MSG_TRUNC;
723 			NL_DBG(4, "recvmsg(%p): Received unexpected control data", sk);
724 			goto abort;
725 		}
726 
727 		msg.msg_controllen *= 2;
728 		tmp = realloc(msg.msg_control, msg.msg_controllen);
729 		if (!tmp) {
730 			retval = -NLE_NOMEM;
731 			goto abort;
732 		}
733 		msg.msg_control = tmp;
734 		goto retry;
735 	}
736 
737 	if (iov.iov_len < ((size_t)n) || (msg.msg_flags & MSG_TRUNC)) {
738 		void *tmp;
739 
740 		/* respond with error to an incomplete message */
741 		if (flags == 0) {
742 			retval = -NLE_MSG_TRUNC;
743 			goto abort;
744 		}
745 
746 		/* Provided buffer is not long enough, enlarge it
747 		 * to size of n (which should be total length of the message)
748 		 * and try again. */
749 		iov.iov_len = n;
750 		tmp = realloc(iov.iov_base, iov.iov_len);
751 		if (!tmp) {
752 			retval = -NLE_NOMEM;
753 			goto abort;
754 		}
755 		iov.iov_base = tmp;
756 		flags = 0;
757 		goto retry;
758 	}
759 
760 	if (flags != 0) {
761 		/* Buffer is big enough, do the actual reading */
762 		flags = 0;
763 		goto retry;
764 	}
765 
766 	if (msg.msg_namelen != sizeof(struct sockaddr_nl)) {
767 		retval =  -NLE_NOADDR;
768 		goto abort;
769 	}
770 
771 	if (creds && (sk->s_flags & NL_SOCK_PASSCRED)) {
772 		struct cmsghdr *cmsg;
773 
774 		for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) {
775 			if (cmsg->cmsg_level != SOL_SOCKET)
776 				continue;
777 			if (cmsg->cmsg_type != SCM_CREDENTIALS)
778 				continue;
779 			tmpcreds = malloc(sizeof(*tmpcreds));
780 			if (!tmpcreds) {
781 				retval = -NLE_NOMEM;
782 				goto abort;
783 			}
784 			memcpy(tmpcreds, CMSG_DATA(cmsg), sizeof(*tmpcreds));
785 			break;
786 		}
787 	}
788 
789 	retval = n;
790 abort:
791 	free(msg.msg_control);
792 
793 	if (retval <= 0) {
794 		free(iov.iov_base);
795 		iov.iov_base = NULL;
796 		free(tmpcreds);
797 		tmpcreds = NULL;
798 	} else
799 		*buf = iov.iov_base;
800 
801 	if (creds)
802 		*creds = tmpcreds;
803 
804 	return retval;
805 }
806 
807 /** @cond SKIP */
808 #define NL_CB_CALL(cb, type, msg) \
809 do { \
810 	err = nl_cb_call(cb, type, msg); \
811 	switch (err) { \
812 	case NL_OK: \
813 		err = 0; \
814 		break; \
815 	case NL_SKIP: \
816 		goto skip; \
817 	case NL_STOP: \
818 		goto stop; \
819 	default: \
820 		goto out; \
821 	} \
822 } while (0)
823 /** @endcond */
824 
recvmsgs(struct nl_sock * sk,struct nl_cb * cb)825 static int recvmsgs(struct nl_sock *sk, struct nl_cb *cb)
826 {
827 	int n, err = 0, multipart = 0, interrupted = 0, nrecv = 0;
828 	unsigned char *buf = NULL;
829 	struct nlmsghdr *hdr;
830 
831 	/*
832 	nla is passed on to not only to nl_recv() but may also be passed
833 	to a function pointer provided by the caller which may or may not
834 	initialize the variable. Thomas Graf.
835 	*/
836 	struct sockaddr_nl nla = {0};
837 	struct nl_msg *msg = NULL;
838 	struct ucred *creds = NULL;
839 
840 continue_reading:
841 	NL_DBG(3, "Attempting to read from %p\n", sk);
842 	if (cb->cb_recv_ow)
843 		n = cb->cb_recv_ow(sk, &nla, &buf, &creds);
844 	else
845 		n = nl_recv(sk, &nla, &buf, &creds);
846 
847 	if (n <= 0)
848 		return n;
849 
850 	NL_DBG(3, "recvmsgs(%p): Read %d bytes\n", sk, n);
851 
852 	hdr = (struct nlmsghdr *) buf;
853 	while (nlmsg_ok(hdr, n)) {
854 		NL_DBG(3, "recvmsgs(%p): Processing valid message...\n", sk);
855 
856 		nlmsg_free(msg);
857 		msg = nlmsg_convert(hdr);
858 		if (!msg) {
859 			err = -NLE_NOMEM;
860 			goto out;
861 		}
862 
863 		nlmsg_set_proto(msg, sk->s_proto);
864 		nlmsg_set_src(msg, &nla);
865 		if (creds)
866 			nlmsg_set_creds(msg, creds);
867 
868 		nrecv++;
869 
870 		/* Raw callback is the first, it gives the most control
871 		 * to the user and he can do his very own parsing. */
872 		if (cb->cb_set[NL_CB_MSG_IN])
873 			NL_CB_CALL(cb, NL_CB_MSG_IN, msg);
874 
875 		/* Sequence number checking. The check may be done by
876 		 * the user, otherwise a very simple check is applied
877 		 * enforcing strict ordering */
878 		if (cb->cb_set[NL_CB_SEQ_CHECK]) {
879 			NL_CB_CALL(cb, NL_CB_SEQ_CHECK, msg);
880 
881 		/* Only do sequence checking if auto-ack mode is enabled */
882 		} else if (!(sk->s_flags & NL_NO_AUTO_ACK)) {
883 			if (hdr->nlmsg_seq != sk->s_seq_expect) {
884 				if (cb->cb_set[NL_CB_INVALID])
885 					NL_CB_CALL(cb, NL_CB_INVALID, msg);
886 				else {
887 					err = -NLE_SEQ_MISMATCH;
888 					goto out;
889 				}
890 			}
891 		}
892 
893 		if (hdr->nlmsg_type == NLMSG_DONE ||
894 		    hdr->nlmsg_type == NLMSG_ERROR ||
895 		    hdr->nlmsg_type == NLMSG_NOOP ||
896 		    hdr->nlmsg_type == NLMSG_OVERRUN) {
897 			/* We can't check for !NLM_F_MULTI since some netlink
898 			 * users in the kernel are broken. */
899 			sk->s_seq_expect++;
900 			NL_DBG(3, "recvmsgs(%p): Increased expected " \
901 			       "sequence number to %d\n",
902 			       sk, sk->s_seq_expect);
903 		}
904 
905 		if (hdr->nlmsg_flags & NLM_F_MULTI)
906 			multipart = 1;
907 
908 		if (hdr->nlmsg_flags & NLM_F_DUMP_INTR) {
909 			if (cb->cb_set[NL_CB_DUMP_INTR])
910 				NL_CB_CALL(cb, NL_CB_DUMP_INTR, msg);
911 			else {
912 				/*
913 				 * We have to continue reading to clear
914 				 * all messages until a NLMSG_DONE is
915 				 * received and report the inconsistency.
916 				 */
917 				interrupted = 1;
918 			}
919 		}
920 
921 		/* Other side wishes to see an ack for this message */
922 		if (hdr->nlmsg_flags & NLM_F_ACK) {
923 			if (cb->cb_set[NL_CB_SEND_ACK])
924 				NL_CB_CALL(cb, NL_CB_SEND_ACK, msg);
925 			else {
926 				/* FIXME: implement */
927 			}
928 		}
929 
930 		/* messages terminates a multipart message, this is
931 		 * usually the end of a message and therefore we slip
932 		 * out of the loop by default. the user may overrule
933 		 * this action by skipping this packet. */
934 		if (hdr->nlmsg_type == NLMSG_DONE) {
935 			multipart = 0;
936 			if (cb->cb_set[NL_CB_FINISH])
937 				NL_CB_CALL(cb, NL_CB_FINISH, msg);
938 		}
939 
940 		/* Message to be ignored, the default action is to
941 		 * skip this message if no callback is specified. The
942 		 * user may overrule this action by returning
943 		 * NL_PROCEED. */
944 		else if (hdr->nlmsg_type == NLMSG_NOOP) {
945 			if (cb->cb_set[NL_CB_SKIPPED])
946 				NL_CB_CALL(cb, NL_CB_SKIPPED, msg);
947 			else
948 				goto skip;
949 		}
950 
951 		/* Data got lost, report back to user. The default action is to
952 		 * quit parsing. The user may overrule this action by retuning
953 		 * NL_SKIP or NL_PROCEED (dangerous) */
954 		else if (hdr->nlmsg_type == NLMSG_OVERRUN) {
955 			if (cb->cb_set[NL_CB_OVERRUN])
956 				NL_CB_CALL(cb, NL_CB_OVERRUN, msg);
957 			else {
958 				err = -NLE_MSG_OVERFLOW;
959 				goto out;
960 			}
961 		}
962 
963 		/* Message carries a nlmsgerr */
964 		else if (hdr->nlmsg_type == NLMSG_ERROR) {
965 			struct nlmsgerr *e = nlmsg_data(hdr);
966 
967 			if (hdr->nlmsg_len <
968 			    ((unsigned)nlmsg_size(sizeof(*e)))) {
969 				/* Truncated error message, the default action
970 				 * is to stop parsing. The user may overrule
971 				 * this action by returning NL_SKIP or
972 				 * NL_PROCEED (dangerous) */
973 				if (cb->cb_set[NL_CB_INVALID])
974 					NL_CB_CALL(cb, NL_CB_INVALID, msg);
975 				else {
976 					err = -NLE_MSG_TRUNC;
977 					goto out;
978 				}
979 			} else if (e->error) {
980 				NL_DBG(4, "recvmsgs(%p): RTNETLINK responded with %d (%s)\n",
981 					sk, -e->error, nl_strerror_l(-e->error));
982 
983 				/* Error message reported back from kernel. */
984 				if (cb->cb_err) {
985 					err = cb->cb_err(&nla, e,
986 							 cb->cb_err_arg);
987 					if (err < 0)
988 						goto out;
989 					else if (err == NL_SKIP)
990 						goto skip;
991 					else if (err == NL_STOP) {
992 						err = -nl_syserr2nlerr(e->error);
993 						goto out;
994 					}
995 				} else {
996 					err = -nl_syserr2nlerr(e->error);
997 					goto out;
998 				}
999 			} else if (cb->cb_set[NL_CB_ACK])
1000 				NL_CB_CALL(cb, NL_CB_ACK, msg);
1001 		} else {
1002 			/* Valid message (not checking for MULTIPART bit to
1003 			 * get along with broken kernels. NL_SKIP has no
1004 			 * effect on this.  */
1005 			if (cb->cb_set[NL_CB_VALID])
1006 				NL_CB_CALL(cb, NL_CB_VALID, msg);
1007 		}
1008 skip:
1009 		err = 0;
1010 		hdr = nlmsg_next(hdr, &n);
1011 	}
1012 
1013 	nlmsg_free(msg);
1014 	free(buf);
1015 	free(creds);
1016 	buf = NULL;
1017 	msg = NULL;
1018 	creds = NULL;
1019 
1020 	if (multipart) {
1021 		/* Multipart message not yet complete, continue reading */
1022 		goto continue_reading;
1023 	}
1024 stop:
1025 	err = 0;
1026 out:
1027 	nlmsg_free(msg);
1028 	free(buf);
1029 	free(creds);
1030 
1031 	if (interrupted)
1032 		err = -NLE_DUMP_INTR;
1033 
1034 	if (!err)
1035 		err = nrecv;
1036 
1037 	return err;
1038 }
1039 
1040 /**
1041  * Receive a set of messages from a netlink socket and report parsed messages
1042  * @arg sk		Netlink socket.
1043  * @arg cb		set of callbacks to control behaviour.
1044  *
1045  * This function is identical to nl_recvmsgs() to the point that it will
1046  * return the number of parsed messages instead of 0 on success.
1047  *
1048  * @see nl_recvmsgs()
1049  *
1050  * @return Number of received messages or a negative error code from nl_recv().
1051  */
nl_recvmsgs_report(struct nl_sock * sk,struct nl_cb * cb)1052 int nl_recvmsgs_report(struct nl_sock *sk, struct nl_cb *cb)
1053 {
1054 	if (cb->cb_recvmsgs_ow)
1055 		return cb->cb_recvmsgs_ow(sk, cb);
1056 	else
1057 		return recvmsgs(sk, cb);
1058 }
1059 
1060 /**
1061  * Receive a set of messages from a netlink socket.
1062  * @arg sk		Netlink socket.
1063  * @arg cb		set of callbacks to control behaviour.
1064  *
1065  * Repeatedly calls nl_recv() or the respective replacement if provided
1066  * by the application (see nl_cb_overwrite_recv()) and parses the
1067  * received data as netlink messages. Stops reading if one of the
1068  * callbacks returns NL_STOP or nl_recv returns either 0 or a negative error code.
1069  *
1070  * A non-blocking sockets causes the function to return immediately if
1071  * no data is available.
1072  *
1073  * @see nl_recvmsgs_report()
1074  *
1075  * @return 0 on success or a negative error code from nl_recv().
1076  */
nl_recvmsgs(struct nl_sock * sk,struct nl_cb * cb)1077 int nl_recvmsgs(struct nl_sock *sk, struct nl_cb *cb)
1078 {
1079 	int err;
1080 
1081 	if ((err = nl_recvmsgs_report(sk, cb)) > 0)
1082 		err = 0;
1083 
1084 	return err;
1085 }
1086 
1087 /**
1088  * Receive a set of message from a netlink socket using handlers in nl_sock.
1089  * @arg sk		Netlink socket.
1090  *
1091  * Calls nl_recvmsgs() with the handlers configured in the netlink socket.
1092  */
nl_recvmsgs_default(struct nl_sock * sk)1093 int nl_recvmsgs_default(struct nl_sock *sk)
1094 {
1095 	return nl_recvmsgs(sk, sk->s_cb);
1096 
1097 }
1098 
ack_wait_handler(struct nl_msg * msg,void * arg)1099 static int ack_wait_handler(struct nl_msg *msg, void *arg)
1100 {
1101 	return NL_STOP;
1102 }
1103 
1104 /**
1105  * Wait for ACK.
1106  * @arg sk		Netlink socket.
1107  * @pre The netlink socket must be in blocking state.
1108  *
1109  * Waits until an ACK is received for the latest not yet acknowledged
1110  * netlink message.
1111  */
nl_wait_for_ack(struct nl_sock * sk)1112 int nl_wait_for_ack(struct nl_sock *sk)
1113 {
1114 	int err;
1115 	struct nl_cb *cb;
1116 
1117 	cb = nl_cb_clone(sk->s_cb);
1118 	if (cb == NULL)
1119 		return -NLE_NOMEM;
1120 
1121 	nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_wait_handler, NULL);
1122 	err = nl_recvmsgs(sk, cb);
1123 	nl_cb_put(cb);
1124 
1125 	return err;
1126 }
1127 
1128 /** @cond SKIP */
1129 struct pickup_param
1130 {
1131 	int (*parser)(struct nl_cache_ops *, struct sockaddr_nl *,
1132 		      struct nlmsghdr *, struct nl_parser_param *);
1133 	struct nl_object *result;
1134 	int *syserror;
1135 };
1136 
__store_answer(struct nl_object * obj,struct nl_parser_param * p)1137 static int __store_answer(struct nl_object *obj, struct nl_parser_param *p)
1138 {
1139 	struct pickup_param *pp = p->pp_arg;
1140 	/*
1141 	 * the parser will put() the object at the end, expecting the cache
1142 	 * to take the reference.
1143 	 */
1144 	nl_object_get(obj);
1145 	pp->result =  obj;
1146 
1147 	return 0;
1148 }
1149 
__pickup_answer(struct nl_msg * msg,void * arg)1150 static int __pickup_answer(struct nl_msg *msg, void *arg)
1151 {
1152 	struct pickup_param *pp = arg;
1153 	struct nl_parser_param parse_arg = {
1154 		.pp_cb = __store_answer,
1155 		.pp_arg = pp,
1156 	};
1157 
1158 	return pp->parser(NULL, &msg->nm_src, msg->nm_nlh, &parse_arg);
1159 }
1160 
__pickup_answer_syserr(struct sockaddr_nl * nla,struct nlmsgerr * nlerr,void * arg)1161 static int __pickup_answer_syserr(struct sockaddr_nl *nla, struct nlmsgerr *nlerr, void *arg)
1162 {
1163 	*(((struct pickup_param *) arg)->syserror) = nlerr->error;
1164 
1165 	return -nl_syserr2nlerr(nlerr->error);
1166 }
1167 
1168 /** @endcond */
1169 
1170 /**
1171  * Pickup netlink answer, parse is and return object
1172  * @arg sk              Netlink socket
1173  * @arg parser          Parser function to parse answer
1174  * @arg result          Result pointer to return parsed object
1175  *
1176  * @return 0 on success or a negative error code.
1177  */
nl_pickup(struct nl_sock * sk,int (* parser)(struct nl_cache_ops *,struct sockaddr_nl *,struct nlmsghdr *,struct nl_parser_param *),struct nl_object ** result)1178 int nl_pickup(struct nl_sock *sk,
1179               int (*parser)(struct nl_cache_ops *, struct sockaddr_nl *,
1180                             struct nlmsghdr *, struct nl_parser_param *),
1181               struct nl_object **result)
1182 {
1183 	return nl_pickup_keep_syserr(sk, parser, result, NULL);
1184 }
1185 
1186 /**
1187  * Pickup netlink answer, parse is and return object with preserving system error
1188  * @arg sk              Netlink socket
1189  * @arg parser          Parser function to parse answer
1190  * @arg result          Result pointer to return parsed object
1191  * @arg syserr          Result pointer for the system error in case of failure
1192  *
1193  * @return 0 on success or a negative error code.
1194  */
nl_pickup_keep_syserr(struct nl_sock * sk,int (* parser)(struct nl_cache_ops *,struct sockaddr_nl *,struct nlmsghdr *,struct nl_parser_param *),struct nl_object ** result,int * syserror)1195 int nl_pickup_keep_syserr(struct nl_sock *sk,
1196                           int (*parser)(struct nl_cache_ops *, struct sockaddr_nl *,
1197                                         struct nlmsghdr *, struct nl_parser_param *),
1198                           struct nl_object **result,
1199                           int *syserror)
1200 {
1201 	struct nl_cb *cb;
1202 	int err;
1203 	struct pickup_param pp = {
1204 		.parser = parser,
1205 	};
1206 
1207 	cb = nl_cb_clone(sk->s_cb);
1208 	if (cb == NULL)
1209 		return -NLE_NOMEM;
1210 
1211 	nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM, __pickup_answer, &pp);
1212 	if (syserror) {
1213 		*syserror = 0;
1214 		pp.syserror = syserror;
1215 		nl_cb_err(cb, NL_CB_CUSTOM, __pickup_answer_syserr, &pp);
1216 	}
1217 
1218 	err = nl_recvmsgs(sk, cb);
1219 	if (err < 0)
1220 		goto errout;
1221 
1222 	*result = pp.result;
1223 errout:
1224 	nl_cb_put(cb);
1225 
1226 	return err;
1227 }
1228 
1229 /** @} */
1230 
1231 /**
1232  * @name Deprecated
1233  * @{
1234  */
1235 
1236 /**
1237  * @deprecated Please use nl_complete_msg()
1238  */
nl_auto_complete(struct nl_sock * sk,struct nl_msg * msg)1239 void nl_auto_complete(struct nl_sock *sk, struct nl_msg *msg)
1240 {
1241 	nl_complete_msg(sk, msg);
1242 }
1243 
1244 /**
1245  * @deprecated Please use nl_send_auto()
1246  */
nl_send_auto_complete(struct nl_sock * sk,struct nl_msg * msg)1247 int nl_send_auto_complete(struct nl_sock *sk, struct nl_msg *msg)
1248 {
1249 	return nl_send_auto(sk, msg);
1250 }
1251 
1252 
1253 /** @} */
1254 
1255 /** @} */
1256 
1257 /** @} */
1258