1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * NETLINK Netlink attributes
4 *
5 * Authors: Thomas Graf <tgraf@suug.ch>
6 * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
7 */
8
9 #include <linux/export.h>
10 #include <linux/kernel.h>
11 #include <linux/errno.h>
12 #include <linux/jiffies.h>
13 #include <linux/nospec.h>
14 #include <linux/skbuff.h>
15 #include <linux/string.h>
16 #include <linux/types.h>
17 #include <net/netlink.h>
18
19 /* For these data types, attribute length should be exactly the given
20 * size. However, to maintain compatibility with broken commands, if the
21 * attribute length does not match the expected size a warning is emitted
22 * to the user that the command is sending invalid data and needs to be fixed.
23 */
24 static const u8 nla_attr_len[NLA_TYPE_MAX+1] = {
25 [NLA_U8] = sizeof(u8),
26 [NLA_U16] = sizeof(u16),
27 [NLA_U32] = sizeof(u32),
28 [NLA_U64] = sizeof(u64),
29 [NLA_S8] = sizeof(s8),
30 [NLA_S16] = sizeof(s16),
31 [NLA_S32] = sizeof(s32),
32 [NLA_S64] = sizeof(s64),
33 };
34
35 static const u8 nla_attr_minlen[NLA_TYPE_MAX+1] = {
36 [NLA_U8] = sizeof(u8),
37 [NLA_U16] = sizeof(u16),
38 [NLA_U32] = sizeof(u32),
39 [NLA_U64] = sizeof(u64),
40 [NLA_MSECS] = sizeof(u64),
41 [NLA_NESTED] = NLA_HDRLEN,
42 [NLA_S8] = sizeof(s8),
43 [NLA_S16] = sizeof(s16),
44 [NLA_S32] = sizeof(s32),
45 [NLA_S64] = sizeof(s64),
46 };
47
48 /*
49 * Nested policies might refer back to the original
50 * policy in some cases, and userspace could try to
51 * abuse that and recurse by nesting in the right
52 * ways. Limit recursion to avoid this problem.
53 */
54 #define MAX_POLICY_RECURSION_DEPTH 10
55
56 static int __nla_validate_parse(const struct nlattr *head, int len, int maxtype,
57 const struct nla_policy *policy,
58 unsigned int validate,
59 struct netlink_ext_ack *extack,
60 struct nlattr **tb, unsigned int depth);
61
validate_nla_bitfield32(const struct nlattr * nla,const u32 valid_flags_mask)62 static int validate_nla_bitfield32(const struct nlattr *nla,
63 const u32 valid_flags_mask)
64 {
65 const struct nla_bitfield32 *bf = nla_data(nla);
66
67 if (!valid_flags_mask)
68 return -EINVAL;
69
70 /*disallow invalid bit selector */
71 if (bf->selector & ~valid_flags_mask)
72 return -EINVAL;
73
74 /*disallow invalid bit values */
75 if (bf->value & ~valid_flags_mask)
76 return -EINVAL;
77
78 /*disallow valid bit values that are not selected*/
79 if (bf->value & ~bf->selector)
80 return -EINVAL;
81
82 return 0;
83 }
84
nla_validate_array(const struct nlattr * head,int len,int maxtype,const struct nla_policy * policy,struct netlink_ext_ack * extack,unsigned int validate,unsigned int depth)85 static int nla_validate_array(const struct nlattr *head, int len, int maxtype,
86 const struct nla_policy *policy,
87 struct netlink_ext_ack *extack,
88 unsigned int validate, unsigned int depth)
89 {
90 const struct nlattr *entry;
91 int rem;
92
93 nla_for_each_attr(entry, head, len, rem) {
94 int ret;
95
96 if (nla_len(entry) == 0)
97 continue;
98
99 if (nla_len(entry) < NLA_HDRLEN) {
100 NL_SET_ERR_MSG_ATTR_POL(extack, entry, policy,
101 "Array element too short");
102 return -ERANGE;
103 }
104
105 ret = __nla_validate_parse(nla_data(entry), nla_len(entry),
106 maxtype, policy, validate, extack,
107 NULL, depth + 1);
108 if (ret < 0)
109 return ret;
110 }
111
112 return 0;
113 }
114
nla_get_range_unsigned(const struct nla_policy * pt,struct netlink_range_validation * range)115 void nla_get_range_unsigned(const struct nla_policy *pt,
116 struct netlink_range_validation *range)
117 {
118 WARN_ON_ONCE(pt->validation_type != NLA_VALIDATE_RANGE_PTR &&
119 (pt->min < 0 || pt->max < 0));
120
121 range->min = 0;
122
123 switch (pt->type) {
124 case NLA_U8:
125 range->max = U8_MAX;
126 break;
127 case NLA_U16:
128 case NLA_BINARY:
129 range->max = U16_MAX;
130 break;
131 case NLA_U32:
132 range->max = U32_MAX;
133 break;
134 case NLA_U64:
135 case NLA_MSECS:
136 range->max = U64_MAX;
137 break;
138 default:
139 WARN_ON_ONCE(1);
140 return;
141 }
142
143 switch (pt->validation_type) {
144 case NLA_VALIDATE_RANGE:
145 case NLA_VALIDATE_RANGE_WARN_TOO_LONG:
146 range->min = pt->min;
147 range->max = pt->max;
148 break;
149 case NLA_VALIDATE_RANGE_PTR:
150 *range = *pt->range;
151 break;
152 case NLA_VALIDATE_MIN:
153 range->min = pt->min;
154 break;
155 case NLA_VALIDATE_MAX:
156 range->max = pt->max;
157 break;
158 default:
159 break;
160 }
161 }
162
nla_validate_range_unsigned(const struct nla_policy * pt,const struct nlattr * nla,struct netlink_ext_ack * extack,unsigned int validate)163 static int nla_validate_range_unsigned(const struct nla_policy *pt,
164 const struct nlattr *nla,
165 struct netlink_ext_ack *extack,
166 unsigned int validate)
167 {
168 struct netlink_range_validation range;
169 u64 value;
170
171 switch (pt->type) {
172 case NLA_U8:
173 value = nla_get_u8(nla);
174 break;
175 case NLA_U16:
176 value = nla_get_u16(nla);
177 break;
178 case NLA_U32:
179 value = nla_get_u32(nla);
180 break;
181 case NLA_U64:
182 case NLA_MSECS:
183 value = nla_get_u64(nla);
184 break;
185 case NLA_BINARY:
186 value = nla_len(nla);
187 break;
188 default:
189 return -EINVAL;
190 }
191
192 nla_get_range_unsigned(pt, &range);
193
194 if (pt->validation_type == NLA_VALIDATE_RANGE_WARN_TOO_LONG &&
195 pt->type == NLA_BINARY && value > range.max) {
196 pr_warn_ratelimited("netlink: '%s': attribute type %d has an invalid length.\n",
197 current->comm, pt->type);
198 if (validate & NL_VALIDATE_STRICT_ATTRS) {
199 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
200 "invalid attribute length");
201 return -EINVAL;
202 }
203
204 /* this assumes min <= max (don't validate against min) */
205 return 0;
206 }
207
208 if (value < range.min || value > range.max) {
209 bool binary = pt->type == NLA_BINARY;
210
211 if (binary)
212 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
213 "binary attribute size out of range");
214 else
215 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
216 "integer out of range");
217
218 return -ERANGE;
219 }
220
221 return 0;
222 }
223
nla_get_range_signed(const struct nla_policy * pt,struct netlink_range_validation_signed * range)224 void nla_get_range_signed(const struct nla_policy *pt,
225 struct netlink_range_validation_signed *range)
226 {
227 switch (pt->type) {
228 case NLA_S8:
229 range->min = S8_MIN;
230 range->max = S8_MAX;
231 break;
232 case NLA_S16:
233 range->min = S16_MIN;
234 range->max = S16_MAX;
235 break;
236 case NLA_S32:
237 range->min = S32_MIN;
238 range->max = S32_MAX;
239 break;
240 case NLA_S64:
241 range->min = S64_MIN;
242 range->max = S64_MAX;
243 break;
244 default:
245 WARN_ON_ONCE(1);
246 return;
247 }
248
249 switch (pt->validation_type) {
250 case NLA_VALIDATE_RANGE:
251 range->min = pt->min;
252 range->max = pt->max;
253 break;
254 case NLA_VALIDATE_RANGE_PTR:
255 *range = *pt->range_signed;
256 break;
257 case NLA_VALIDATE_MIN:
258 range->min = pt->min;
259 break;
260 case NLA_VALIDATE_MAX:
261 range->max = pt->max;
262 break;
263 default:
264 break;
265 }
266 }
267
nla_validate_int_range_signed(const struct nla_policy * pt,const struct nlattr * nla,struct netlink_ext_ack * extack)268 static int nla_validate_int_range_signed(const struct nla_policy *pt,
269 const struct nlattr *nla,
270 struct netlink_ext_ack *extack)
271 {
272 struct netlink_range_validation_signed range;
273 s64 value;
274
275 switch (pt->type) {
276 case NLA_S8:
277 value = nla_get_s8(nla);
278 break;
279 case NLA_S16:
280 value = nla_get_s16(nla);
281 break;
282 case NLA_S32:
283 value = nla_get_s32(nla);
284 break;
285 case NLA_S64:
286 value = nla_get_s64(nla);
287 break;
288 default:
289 return -EINVAL;
290 }
291
292 nla_get_range_signed(pt, &range);
293
294 if (value < range.min || value > range.max) {
295 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
296 "integer out of range");
297 return -ERANGE;
298 }
299
300 return 0;
301 }
302
nla_validate_int_range(const struct nla_policy * pt,const struct nlattr * nla,struct netlink_ext_ack * extack,unsigned int validate)303 static int nla_validate_int_range(const struct nla_policy *pt,
304 const struct nlattr *nla,
305 struct netlink_ext_ack *extack,
306 unsigned int validate)
307 {
308 switch (pt->type) {
309 case NLA_U8:
310 case NLA_U16:
311 case NLA_U32:
312 case NLA_U64:
313 case NLA_MSECS:
314 case NLA_BINARY:
315 return nla_validate_range_unsigned(pt, nla, extack, validate);
316 case NLA_S8:
317 case NLA_S16:
318 case NLA_S32:
319 case NLA_S64:
320 return nla_validate_int_range_signed(pt, nla, extack);
321 default:
322 WARN_ON(1);
323 return -EINVAL;
324 }
325 }
326
nla_validate_mask(const struct nla_policy * pt,const struct nlattr * nla,struct netlink_ext_ack * extack)327 static int nla_validate_mask(const struct nla_policy *pt,
328 const struct nlattr *nla,
329 struct netlink_ext_ack *extack)
330 {
331 u64 value;
332
333 switch (pt->type) {
334 case NLA_U8:
335 value = nla_get_u8(nla);
336 break;
337 case NLA_U16:
338 value = nla_get_u16(nla);
339 break;
340 case NLA_U32:
341 value = nla_get_u32(nla);
342 break;
343 case NLA_U64:
344 value = nla_get_u64(nla);
345 break;
346 default:
347 return -EINVAL;
348 }
349
350 if (value & ~(u64)pt->mask) {
351 NL_SET_ERR_MSG_ATTR(extack, nla, "reserved bit set");
352 return -EINVAL;
353 }
354
355 return 0;
356 }
357
validate_nla(const struct nlattr * nla,int maxtype,const struct nla_policy * policy,unsigned int validate,struct netlink_ext_ack * extack,unsigned int depth)358 static int validate_nla(const struct nlattr *nla, int maxtype,
359 const struct nla_policy *policy, unsigned int validate,
360 struct netlink_ext_ack *extack, unsigned int depth)
361 {
362 u16 strict_start_type = policy[0].strict_start_type;
363 const struct nla_policy *pt;
364 int minlen = 0, attrlen = nla_len(nla), type = nla_type(nla);
365 int err = -ERANGE;
366
367 if (strict_start_type && type >= strict_start_type)
368 validate |= NL_VALIDATE_STRICT;
369
370 if (type <= 0 || type > maxtype)
371 return 0;
372
373 type = array_index_nospec(type, maxtype + 1);
374 pt = &policy[type];
375
376 BUG_ON(pt->type > NLA_TYPE_MAX);
377
378 if (nla_attr_len[pt->type] && attrlen != nla_attr_len[pt->type]) {
379 pr_warn_ratelimited("netlink: '%s': attribute type %d has an invalid length.\n",
380 current->comm, type);
381 if (validate & NL_VALIDATE_STRICT_ATTRS) {
382 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
383 "invalid attribute length");
384 return -EINVAL;
385 }
386 }
387
388 if (validate & NL_VALIDATE_NESTED) {
389 if ((pt->type == NLA_NESTED || pt->type == NLA_NESTED_ARRAY) &&
390 !(nla->nla_type & NLA_F_NESTED)) {
391 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
392 "NLA_F_NESTED is missing");
393 return -EINVAL;
394 }
395 if (pt->type != NLA_NESTED && pt->type != NLA_NESTED_ARRAY &&
396 pt->type != NLA_UNSPEC && (nla->nla_type & NLA_F_NESTED)) {
397 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
398 "NLA_F_NESTED not expected");
399 return -EINVAL;
400 }
401 }
402
403 switch (pt->type) {
404 case NLA_REJECT:
405 if (extack && pt->reject_message) {
406 NL_SET_BAD_ATTR(extack, nla);
407 extack->_msg = pt->reject_message;
408 return -EINVAL;
409 }
410 err = -EINVAL;
411 goto out_err;
412
413 case NLA_FLAG:
414 if (attrlen > 0)
415 goto out_err;
416 break;
417
418 case NLA_BITFIELD32:
419 if (attrlen != sizeof(struct nla_bitfield32))
420 goto out_err;
421
422 err = validate_nla_bitfield32(nla, pt->bitfield32_valid);
423 if (err)
424 goto out_err;
425 break;
426
427 case NLA_NUL_STRING:
428 if (pt->len)
429 minlen = min_t(int, attrlen, pt->len + 1);
430 else
431 minlen = attrlen;
432
433 if (!minlen || memchr(nla_data(nla), '\0', minlen) == NULL) {
434 err = -EINVAL;
435 goto out_err;
436 }
437 fallthrough;
438
439 case NLA_STRING:
440 if (attrlen < 1)
441 goto out_err;
442
443 if (pt->len) {
444 char *buf = nla_data(nla);
445
446 if (buf[attrlen - 1] == '\0')
447 attrlen--;
448
449 if (attrlen > pt->len)
450 goto out_err;
451 }
452 break;
453
454 case NLA_BINARY:
455 if (pt->len && attrlen > pt->len)
456 goto out_err;
457 break;
458
459 case NLA_NESTED:
460 /* a nested attributes is allowed to be empty; if its not,
461 * it must have a size of at least NLA_HDRLEN.
462 */
463 if (attrlen == 0)
464 break;
465 if (attrlen < NLA_HDRLEN)
466 goto out_err;
467 if (pt->nested_policy) {
468 err = __nla_validate_parse(nla_data(nla), nla_len(nla),
469 pt->len, pt->nested_policy,
470 validate, extack, NULL,
471 depth + 1);
472 if (err < 0) {
473 /*
474 * return directly to preserve the inner
475 * error message/attribute pointer
476 */
477 return err;
478 }
479 }
480 break;
481 case NLA_NESTED_ARRAY:
482 /* a nested array attribute is allowed to be empty; if its not,
483 * it must have a size of at least NLA_HDRLEN.
484 */
485 if (attrlen == 0)
486 break;
487 if (attrlen < NLA_HDRLEN)
488 goto out_err;
489 if (pt->nested_policy) {
490 int err;
491
492 err = nla_validate_array(nla_data(nla), nla_len(nla),
493 pt->len, pt->nested_policy,
494 extack, validate, depth);
495 if (err < 0) {
496 /*
497 * return directly to preserve the inner
498 * error message/attribute pointer
499 */
500 return err;
501 }
502 }
503 break;
504
505 case NLA_UNSPEC:
506 if (validate & NL_VALIDATE_UNSPEC) {
507 NL_SET_ERR_MSG_ATTR(extack, nla,
508 "Unsupported attribute");
509 return -EINVAL;
510 }
511 if (attrlen < pt->len)
512 goto out_err;
513 break;
514
515 default:
516 if (pt->len)
517 minlen = pt->len;
518 else
519 minlen = nla_attr_minlen[pt->type];
520
521 if (attrlen < minlen)
522 goto out_err;
523 }
524
525 /* further validation */
526 switch (pt->validation_type) {
527 case NLA_VALIDATE_NONE:
528 /* nothing to do */
529 break;
530 case NLA_VALIDATE_RANGE_PTR:
531 case NLA_VALIDATE_RANGE:
532 case NLA_VALIDATE_RANGE_WARN_TOO_LONG:
533 case NLA_VALIDATE_MIN:
534 case NLA_VALIDATE_MAX:
535 err = nla_validate_int_range(pt, nla, extack, validate);
536 if (err)
537 return err;
538 break;
539 case NLA_VALIDATE_MASK:
540 err = nla_validate_mask(pt, nla, extack);
541 if (err)
542 return err;
543 break;
544 case NLA_VALIDATE_FUNCTION:
545 if (pt->validate) {
546 err = pt->validate(nla, extack);
547 if (err)
548 return err;
549 }
550 break;
551 }
552
553 return 0;
554 out_err:
555 NL_SET_ERR_MSG_ATTR_POL(extack, nla, pt,
556 "Attribute failed policy validation");
557 return err;
558 }
559
__nla_validate_parse(const struct nlattr * head,int len,int maxtype,const struct nla_policy * policy,unsigned int validate,struct netlink_ext_ack * extack,struct nlattr ** tb,unsigned int depth)560 static int __nla_validate_parse(const struct nlattr *head, int len, int maxtype,
561 const struct nla_policy *policy,
562 unsigned int validate,
563 struct netlink_ext_ack *extack,
564 struct nlattr **tb, unsigned int depth)
565 {
566 const struct nlattr *nla;
567 int rem;
568
569 if (depth >= MAX_POLICY_RECURSION_DEPTH) {
570 NL_SET_ERR_MSG(extack,
571 "allowed policy recursion depth exceeded");
572 return -EINVAL;
573 }
574
575 if (tb)
576 memset(tb, 0, sizeof(struct nlattr *) * (maxtype + 1));
577
578 nla_for_each_attr(nla, head, len, rem) {
579 u16 type = nla_type(nla);
580
581 if (type == 0 || type > maxtype) {
582 if (validate & NL_VALIDATE_MAXTYPE) {
583 NL_SET_ERR_MSG_ATTR(extack, nla,
584 "Unknown attribute type");
585 return -EINVAL;
586 }
587 continue;
588 }
589 type = array_index_nospec(type, maxtype + 1);
590 if (policy) {
591 int err = validate_nla(nla, maxtype, policy,
592 validate, extack, depth);
593
594 if (err < 0)
595 return err;
596 }
597
598 if (tb)
599 tb[type] = (struct nlattr *)nla;
600 }
601
602 if (unlikely(rem > 0)) {
603 pr_warn_ratelimited("netlink: %d bytes leftover after parsing attributes in process `%s'.\n",
604 rem, current->comm);
605 NL_SET_ERR_MSG(extack, "bytes leftover after parsing attributes");
606 if (validate & NL_VALIDATE_TRAILING)
607 return -EINVAL;
608 }
609
610 return 0;
611 }
612
613 /**
614 * __nla_validate - Validate a stream of attributes
615 * @head: head of attribute stream
616 * @len: length of attribute stream
617 * @maxtype: maximum attribute type to be expected
618 * @policy: validation policy
619 * @validate: validation strictness
620 * @extack: extended ACK report struct
621 *
622 * Validates all attributes in the specified attribute stream against the
623 * specified policy. Validation depends on the validate flags passed, see
624 * &enum netlink_validation for more details on that.
625 * See documentation of struct nla_policy for more details.
626 *
627 * Returns 0 on success or a negative error code.
628 */
__nla_validate(const struct nlattr * head,int len,int maxtype,const struct nla_policy * policy,unsigned int validate,struct netlink_ext_ack * extack)629 int __nla_validate(const struct nlattr *head, int len, int maxtype,
630 const struct nla_policy *policy, unsigned int validate,
631 struct netlink_ext_ack *extack)
632 {
633 return __nla_validate_parse(head, len, maxtype, policy, validate,
634 extack, NULL, 0);
635 }
636 EXPORT_SYMBOL(__nla_validate);
637
638 /**
639 * nla_policy_len - Determine the max. length of a policy
640 * @policy: policy to use
641 * @n: number of policies
642 *
643 * Determines the max. length of the policy. It is currently used
644 * to allocated Netlink buffers roughly the size of the actual
645 * message.
646 *
647 * Returns 0 on success or a negative error code.
648 */
649 int
nla_policy_len(const struct nla_policy * p,int n)650 nla_policy_len(const struct nla_policy *p, int n)
651 {
652 int i, len = 0;
653
654 for (i = 0; i < n; i++, p++) {
655 if (p->len)
656 len += nla_total_size(p->len);
657 else if (nla_attr_len[p->type])
658 len += nla_total_size(nla_attr_len[p->type]);
659 else if (nla_attr_minlen[p->type])
660 len += nla_total_size(nla_attr_minlen[p->type]);
661 }
662
663 return len;
664 }
665 EXPORT_SYMBOL(nla_policy_len);
666
667 /**
668 * __nla_parse - Parse a stream of attributes into a tb buffer
669 * @tb: destination array with maxtype+1 elements
670 * @maxtype: maximum attribute type to be expected
671 * @head: head of attribute stream
672 * @len: length of attribute stream
673 * @policy: validation policy
674 * @validate: validation strictness
675 * @extack: extended ACK pointer
676 *
677 * Parses a stream of attributes and stores a pointer to each attribute in
678 * the tb array accessible via the attribute type.
679 * Validation is controlled by the @validate parameter.
680 *
681 * Returns 0 on success or a negative error code.
682 */
__nla_parse(struct nlattr ** tb,int maxtype,const struct nlattr * head,int len,const struct nla_policy * policy,unsigned int validate,struct netlink_ext_ack * extack)683 int __nla_parse(struct nlattr **tb, int maxtype,
684 const struct nlattr *head, int len,
685 const struct nla_policy *policy, unsigned int validate,
686 struct netlink_ext_ack *extack)
687 {
688 return __nla_validate_parse(head, len, maxtype, policy, validate,
689 extack, tb, 0);
690 }
691 EXPORT_SYMBOL(__nla_parse);
692
693 /**
694 * nla_find - Find a specific attribute in a stream of attributes
695 * @head: head of attribute stream
696 * @len: length of attribute stream
697 * @attrtype: type of attribute to look for
698 *
699 * Returns the first attribute in the stream matching the specified type.
700 */
nla_find(const struct nlattr * head,int len,int attrtype)701 struct nlattr *nla_find(const struct nlattr *head, int len, int attrtype)
702 {
703 const struct nlattr *nla;
704 int rem;
705
706 nla_for_each_attr(nla, head, len, rem)
707 if (nla_type(nla) == attrtype)
708 return (struct nlattr *)nla;
709
710 return NULL;
711 }
712 EXPORT_SYMBOL(nla_find);
713
714 /**
715 * nla_strscpy - Copy string attribute payload into a sized buffer
716 * @dst: Where to copy the string to.
717 * @nla: Attribute to copy the string from.
718 * @dstsize: Size of destination buffer.
719 *
720 * Copies at most dstsize - 1 bytes into the destination buffer.
721 * Unlike strlcpy the destination buffer is always padded out.
722 *
723 * Return:
724 * * srclen - Returns @nla length (not including the trailing %NUL).
725 * * -E2BIG - If @dstsize is 0 or greater than U16_MAX or @nla length greater
726 * than @dstsize.
727 */
nla_strscpy(char * dst,const struct nlattr * nla,size_t dstsize)728 ssize_t nla_strscpy(char *dst, const struct nlattr *nla, size_t dstsize)
729 {
730 size_t srclen = nla_len(nla);
731 char *src = nla_data(nla);
732 ssize_t ret;
733 size_t len;
734
735 if (dstsize == 0 || WARN_ON_ONCE(dstsize > U16_MAX))
736 return -E2BIG;
737
738 if (srclen > 0 && src[srclen - 1] == '\0')
739 srclen--;
740
741 if (srclen >= dstsize) {
742 len = dstsize - 1;
743 ret = -E2BIG;
744 } else {
745 len = srclen;
746 ret = len;
747 }
748
749 memcpy(dst, src, len);
750 /* Zero pad end of dst. */
751 memset(dst + len, 0, dstsize - len);
752
753 return ret;
754 }
755 EXPORT_SYMBOL(nla_strscpy);
756
757 /**
758 * nla_strdup - Copy string attribute payload into a newly allocated buffer
759 * @nla: attribute to copy the string from
760 * @flags: the type of memory to allocate (see kmalloc).
761 *
762 * Returns a pointer to the allocated buffer or NULL on error.
763 */
nla_strdup(const struct nlattr * nla,gfp_t flags)764 char *nla_strdup(const struct nlattr *nla, gfp_t flags)
765 {
766 size_t srclen = nla_len(nla);
767 char *src = nla_data(nla), *dst;
768
769 if (srclen > 0 && src[srclen - 1] == '\0')
770 srclen--;
771
772 dst = kmalloc(srclen + 1, flags);
773 if (dst != NULL) {
774 memcpy(dst, src, srclen);
775 dst[srclen] = '\0';
776 }
777 return dst;
778 }
779 EXPORT_SYMBOL(nla_strdup);
780
781 /**
782 * nla_memcpy - Copy a netlink attribute into another memory area
783 * @dest: where to copy to memcpy
784 * @src: netlink attribute to copy from
785 * @count: size of the destination area
786 *
787 * Note: The number of bytes copied is limited by the length of
788 * attribute's payload. memcpy
789 *
790 * Returns the number of bytes copied.
791 */
nla_memcpy(void * dest,const struct nlattr * src,int count)792 int nla_memcpy(void *dest, const struct nlattr *src, int count)
793 {
794 int minlen = min_t(int, count, nla_len(src));
795
796 memcpy(dest, nla_data(src), minlen);
797 if (count > minlen)
798 memset(dest + minlen, 0, count - minlen);
799
800 return minlen;
801 }
802 EXPORT_SYMBOL(nla_memcpy);
803
804 /**
805 * nla_memcmp - Compare an attribute with sized memory area
806 * @nla: netlink attribute
807 * @data: memory area
808 * @size: size of memory area
809 */
nla_memcmp(const struct nlattr * nla,const void * data,size_t size)810 int nla_memcmp(const struct nlattr *nla, const void *data,
811 size_t size)
812 {
813 int d = nla_len(nla) - size;
814
815 if (d == 0)
816 d = memcmp(nla_data(nla), data, size);
817
818 return d;
819 }
820 EXPORT_SYMBOL(nla_memcmp);
821
822 /**
823 * nla_strcmp - Compare a string attribute against a string
824 * @nla: netlink string attribute
825 * @str: another string
826 */
nla_strcmp(const struct nlattr * nla,const char * str)827 int nla_strcmp(const struct nlattr *nla, const char *str)
828 {
829 int len = strlen(str);
830 char *buf = nla_data(nla);
831 int attrlen = nla_len(nla);
832 int d;
833
834 while (attrlen > 0 && buf[attrlen - 1] == '\0')
835 attrlen--;
836
837 d = attrlen - len;
838 if (d == 0)
839 d = memcmp(nla_data(nla), str, len);
840
841 return d;
842 }
843 EXPORT_SYMBOL(nla_strcmp);
844
845 #ifdef CONFIG_NET
846 /**
847 * __nla_reserve - reserve room for attribute on the skb
848 * @skb: socket buffer to reserve room on
849 * @attrtype: attribute type
850 * @attrlen: length of attribute payload
851 *
852 * Adds a netlink attribute header to a socket buffer and reserves
853 * room for the payload but does not copy it.
854 *
855 * The caller is responsible to ensure that the skb provides enough
856 * tailroom for the attribute header and payload.
857 */
__nla_reserve(struct sk_buff * skb,int attrtype,int attrlen)858 struct nlattr *__nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
859 {
860 struct nlattr *nla;
861
862 nla = skb_put(skb, nla_total_size(attrlen));
863 nla->nla_type = attrtype;
864 nla->nla_len = nla_attr_size(attrlen);
865
866 memset((unsigned char *) nla + nla->nla_len, 0, nla_padlen(attrlen));
867
868 return nla;
869 }
870 EXPORT_SYMBOL(__nla_reserve);
871
872 /**
873 * __nla_reserve_64bit - reserve room for attribute on the skb and align it
874 * @skb: socket buffer to reserve room on
875 * @attrtype: attribute type
876 * @attrlen: length of attribute payload
877 * @padattr: attribute type for the padding
878 *
879 * Adds a netlink attribute header to a socket buffer and reserves
880 * room for the payload but does not copy it. It also ensure that this
881 * attribute will have a 64-bit aligned nla_data() area.
882 *
883 * The caller is responsible to ensure that the skb provides enough
884 * tailroom for the attribute header and payload.
885 */
__nla_reserve_64bit(struct sk_buff * skb,int attrtype,int attrlen,int padattr)886 struct nlattr *__nla_reserve_64bit(struct sk_buff *skb, int attrtype,
887 int attrlen, int padattr)
888 {
889 nla_align_64bit(skb, padattr);
890
891 return __nla_reserve(skb, attrtype, attrlen);
892 }
893 EXPORT_SYMBOL(__nla_reserve_64bit);
894
895 /**
896 * __nla_reserve_nohdr - reserve room for attribute without header
897 * @skb: socket buffer to reserve room on
898 * @attrlen: length of attribute payload
899 *
900 * Reserves room for attribute payload without a header.
901 *
902 * The caller is responsible to ensure that the skb provides enough
903 * tailroom for the payload.
904 */
__nla_reserve_nohdr(struct sk_buff * skb,int attrlen)905 void *__nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
906 {
907 return skb_put_zero(skb, NLA_ALIGN(attrlen));
908 }
909 EXPORT_SYMBOL(__nla_reserve_nohdr);
910
911 /**
912 * nla_reserve - reserve room for attribute on the skb
913 * @skb: socket buffer to reserve room on
914 * @attrtype: attribute type
915 * @attrlen: length of attribute payload
916 *
917 * Adds a netlink attribute header to a socket buffer and reserves
918 * room for the payload but does not copy it.
919 *
920 * Returns NULL if the tailroom of the skb is insufficient to store
921 * the attribute header and payload.
922 */
nla_reserve(struct sk_buff * skb,int attrtype,int attrlen)923 struct nlattr *nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
924 {
925 if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
926 return NULL;
927
928 return __nla_reserve(skb, attrtype, attrlen);
929 }
930 EXPORT_SYMBOL(nla_reserve);
931
932 /**
933 * nla_reserve_64bit - reserve room for attribute on the skb and align it
934 * @skb: socket buffer to reserve room on
935 * @attrtype: attribute type
936 * @attrlen: length of attribute payload
937 * @padattr: attribute type for the padding
938 *
939 * Adds a netlink attribute header to a socket buffer and reserves
940 * room for the payload but does not copy it. It also ensure that this
941 * attribute will have a 64-bit aligned nla_data() area.
942 *
943 * Returns NULL if the tailroom of the skb is insufficient to store
944 * the attribute header and payload.
945 */
nla_reserve_64bit(struct sk_buff * skb,int attrtype,int attrlen,int padattr)946 struct nlattr *nla_reserve_64bit(struct sk_buff *skb, int attrtype, int attrlen,
947 int padattr)
948 {
949 size_t len;
950
951 if (nla_need_padding_for_64bit(skb))
952 len = nla_total_size_64bit(attrlen);
953 else
954 len = nla_total_size(attrlen);
955 if (unlikely(skb_tailroom(skb) < len))
956 return NULL;
957
958 return __nla_reserve_64bit(skb, attrtype, attrlen, padattr);
959 }
960 EXPORT_SYMBOL(nla_reserve_64bit);
961
962 /**
963 * nla_reserve_nohdr - reserve room for attribute without header
964 * @skb: socket buffer to reserve room on
965 * @attrlen: length of attribute payload
966 *
967 * Reserves room for attribute payload without a header.
968 *
969 * Returns NULL if the tailroom of the skb is insufficient to store
970 * the attribute payload.
971 */
nla_reserve_nohdr(struct sk_buff * skb,int attrlen)972 void *nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
973 {
974 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
975 return NULL;
976
977 return __nla_reserve_nohdr(skb, attrlen);
978 }
979 EXPORT_SYMBOL(nla_reserve_nohdr);
980
981 /**
982 * __nla_put - Add a netlink attribute to a socket buffer
983 * @skb: socket buffer to add attribute to
984 * @attrtype: attribute type
985 * @attrlen: length of attribute payload
986 * @data: head of attribute payload
987 *
988 * The caller is responsible to ensure that the skb provides enough
989 * tailroom for the attribute header and payload.
990 */
__nla_put(struct sk_buff * skb,int attrtype,int attrlen,const void * data)991 void __nla_put(struct sk_buff *skb, int attrtype, int attrlen,
992 const void *data)
993 {
994 struct nlattr *nla;
995
996 nla = __nla_reserve(skb, attrtype, attrlen);
997 memcpy(nla_data(nla), data, attrlen);
998 }
999 EXPORT_SYMBOL(__nla_put);
1000
1001 /**
1002 * __nla_put_64bit - Add a netlink attribute to a socket buffer and align it
1003 * @skb: socket buffer to add attribute to
1004 * @attrtype: attribute type
1005 * @attrlen: length of attribute payload
1006 * @data: head of attribute payload
1007 * @padattr: attribute type for the padding
1008 *
1009 * The caller is responsible to ensure that the skb provides enough
1010 * tailroom for the attribute header and payload.
1011 */
__nla_put_64bit(struct sk_buff * skb,int attrtype,int attrlen,const void * data,int padattr)1012 void __nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen,
1013 const void *data, int padattr)
1014 {
1015 struct nlattr *nla;
1016
1017 nla = __nla_reserve_64bit(skb, attrtype, attrlen, padattr);
1018 memcpy(nla_data(nla), data, attrlen);
1019 }
1020 EXPORT_SYMBOL(__nla_put_64bit);
1021
1022 /**
1023 * __nla_put_nohdr - Add a netlink attribute without header
1024 * @skb: socket buffer to add attribute to
1025 * @attrlen: length of attribute payload
1026 * @data: head of attribute payload
1027 *
1028 * The caller is responsible to ensure that the skb provides enough
1029 * tailroom for the attribute payload.
1030 */
__nla_put_nohdr(struct sk_buff * skb,int attrlen,const void * data)1031 void __nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
1032 {
1033 void *start;
1034
1035 start = __nla_reserve_nohdr(skb, attrlen);
1036 memcpy(start, data, attrlen);
1037 }
1038 EXPORT_SYMBOL(__nla_put_nohdr);
1039
1040 /**
1041 * nla_put - Add a netlink attribute to a socket buffer
1042 * @skb: socket buffer to add attribute to
1043 * @attrtype: attribute type
1044 * @attrlen: length of attribute payload
1045 * @data: head of attribute payload
1046 *
1047 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1048 * the attribute header and payload.
1049 */
nla_put(struct sk_buff * skb,int attrtype,int attrlen,const void * data)1050 int nla_put(struct sk_buff *skb, int attrtype, int attrlen, const void *data)
1051 {
1052 if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
1053 return -EMSGSIZE;
1054
1055 __nla_put(skb, attrtype, attrlen, data);
1056 return 0;
1057 }
1058 EXPORT_SYMBOL(nla_put);
1059
1060 /**
1061 * nla_put_64bit - Add a netlink attribute to a socket buffer and align it
1062 * @skb: socket buffer to add attribute to
1063 * @attrtype: attribute type
1064 * @attrlen: length of attribute payload
1065 * @data: head of attribute payload
1066 * @padattr: attribute type for the padding
1067 *
1068 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1069 * the attribute header and payload.
1070 */
nla_put_64bit(struct sk_buff * skb,int attrtype,int attrlen,const void * data,int padattr)1071 int nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen,
1072 const void *data, int padattr)
1073 {
1074 size_t len;
1075
1076 if (nla_need_padding_for_64bit(skb))
1077 len = nla_total_size_64bit(attrlen);
1078 else
1079 len = nla_total_size(attrlen);
1080 if (unlikely(skb_tailroom(skb) < len))
1081 return -EMSGSIZE;
1082
1083 __nla_put_64bit(skb, attrtype, attrlen, data, padattr);
1084 return 0;
1085 }
1086 EXPORT_SYMBOL(nla_put_64bit);
1087
1088 /**
1089 * nla_put_nohdr - Add a netlink attribute without header
1090 * @skb: socket buffer to add attribute to
1091 * @attrlen: length of attribute payload
1092 * @data: head of attribute payload
1093 *
1094 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1095 * the attribute payload.
1096 */
nla_put_nohdr(struct sk_buff * skb,int attrlen,const void * data)1097 int nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
1098 {
1099 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
1100 return -EMSGSIZE;
1101
1102 __nla_put_nohdr(skb, attrlen, data);
1103 return 0;
1104 }
1105 EXPORT_SYMBOL(nla_put_nohdr);
1106
1107 /**
1108 * nla_append - Add a netlink attribute without header or padding
1109 * @skb: socket buffer to add attribute to
1110 * @attrlen: length of attribute payload
1111 * @data: head of attribute payload
1112 *
1113 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
1114 * the attribute payload.
1115 */
nla_append(struct sk_buff * skb,int attrlen,const void * data)1116 int nla_append(struct sk_buff *skb, int attrlen, const void *data)
1117 {
1118 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
1119 return -EMSGSIZE;
1120
1121 skb_put_data(skb, data, attrlen);
1122 return 0;
1123 }
1124 EXPORT_SYMBOL(nla_append);
1125 #endif
1126