1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 2022 Alexander V. Chernikov <melifaro@FreeBSD.org> 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25 * SUCH DAMAGE. 26 */ 27 28 #include <sys/cdefs.h> 29 __FBSDID("$FreeBSD$"); 30 #include "opt_inet.h" 31 #include "opt_inet6.h" 32 #include <sys/types.h> 33 #include <sys/malloc.h> 34 #include <sys/rmlock.h> 35 #include <sys/socket.h> 36 37 #include <machine/stdarg.h> 38 39 #include <net/if.h> 40 #include <net/route.h> 41 #include <net/route/nhop.h> 42 43 #include <net/route/route_ctl.h> 44 #include <netinet/in.h> 45 #include <netlink/netlink.h> 46 #include <netlink/netlink_ctl.h> 47 #include <netlink/netlink_var.h> 48 #include <netlink/netlink_route.h> 49 50 #define DEBUG_MOD_NAME nl_parser 51 #define DEBUG_MAX_LEVEL LOG_DEBUG3 52 #include <netlink/netlink_debug.h> 53 _DECLARE_DEBUG(LOG_DEBUG); 54 55 bool 56 nlmsg_report_err_msg(struct nl_pstate *npt, const char *fmt, ...) 57 { 58 va_list ap; 59 60 if (npt->err_msg != NULL) 61 return (false); 62 char *buf = npt_alloc(npt, NL_MAX_ERROR_BUF); 63 if (buf == NULL) 64 return (false); 65 va_start(ap, fmt); 66 vsnprintf(buf, NL_MAX_ERROR_BUF, fmt, ap); 67 va_end(ap); 68 69 npt->err_msg = buf; 70 return (true); 71 } 72 73 bool 74 nlmsg_report_err_offset(struct nl_pstate *npt, uint32_t off) 75 { 76 if (npt->err_off != 0) 77 return (false); 78 npt->err_off = off; 79 return (true); 80 } 81 82 void 83 nlmsg_report_cookie(struct nl_pstate *npt, struct nlattr *nla) 84 { 85 MPASS(nla->nla_type == NLMSGERR_ATTR_COOKIE); 86 MPASS(nla->nla_len >= sizeof(struct nlattr)); 87 npt->cookie = nla; 88 } 89 90 void 91 nlmsg_report_cookie_u32(struct nl_pstate *npt, uint32_t val) 92 { 93 struct nlattr *nla = npt_alloc(npt, sizeof(*nla) + sizeof(uint32_t)); 94 95 nla->nla_type = NLMSGERR_ATTR_COOKIE; 96 nla->nla_len = sizeof(*nla) + sizeof(uint32_t); 97 memcpy(nla + 1, &val, sizeof(uint32_t)); 98 nlmsg_report_cookie(npt, nla); 99 } 100 101 static const struct nlattr_parser * 102 search_states(const struct nlattr_parser *ps, int pslen, int key) 103 { 104 int left_i = 0, right_i = pslen - 1; 105 106 if (key < ps[0].type || key > ps[pslen - 1].type) 107 return (NULL); 108 109 while (left_i + 1 < right_i) { 110 int mid_i = (left_i + right_i) / 2; 111 if (key < ps[mid_i].type) 112 right_i = mid_i; 113 else if (key > ps[mid_i].type) 114 left_i = mid_i + 1; 115 else 116 return (&ps[mid_i]); 117 } 118 if (ps[left_i].type == key) 119 return (&ps[left_i]); 120 else if (ps[right_i].type == key) 121 return (&ps[right_i]); 122 return (NULL); 123 } 124 125 int 126 nl_parse_attrs_raw(struct nlattr *nla_head, int len, const struct nlattr_parser *ps, int pslen, 127 struct nl_pstate *npt, void *target) 128 { 129 struct nlattr *nla = NULL; 130 int error = 0; 131 132 NL_LOG(LOG_DEBUG3, "parse %p remaining_len %d", nla_head, len); 133 int orig_len = len; 134 NLA_FOREACH(nla, nla_head, len) { 135 NL_LOG(LOG_DEBUG3, ">> parsing %p attr_type %d len %d (rem %d)", nla, nla->nla_type, nla->nla_len, len); 136 if (nla->nla_len < sizeof(struct nlattr)) { 137 NLMSG_REPORT_ERR_MSG(npt, "Invalid attr %p type %d len: %d", 138 nla, nla->nla_type, nla->nla_len); 139 uint32_t off = (char *)nla - (char *)npt->hdr; 140 nlmsg_report_err_offset(npt, off); 141 return (EINVAL); 142 } 143 144 int nla_type = nla->nla_type & NLA_TYPE_MASK; 145 const struct nlattr_parser *s = search_states(ps, pslen, nla_type); 146 if (s != NULL) { 147 void *ptr = (void *)((char *)target + s->off); 148 error = s->cb(nla, npt, s->arg, ptr); 149 if (error != 0) { 150 uint32_t off = (char *)nla - (char *)npt->hdr; 151 nlmsg_report_err_offset(npt, off); 152 NL_LOG(LOG_DEBUG3, "parse failed att offset %u", off); 153 return (error); 154 } 155 } else { 156 /* Ignore non-specified attributes */ 157 NL_LOG(LOG_DEBUG3, "ignoring attr %d", nla->nla_type); 158 } 159 } 160 if (len >= sizeof(struct nlattr)) { 161 nla = (struct nlattr *)((char *)nla_head + (orig_len - len)); 162 NL_LOG(LOG_DEBUG3, " >>> end %p attr_type %d len %d", nla, 163 nla->nla_type, nla->nla_len); 164 } 165 NL_LOG(LOG_DEBUG3, "end parse: %p remaining_len %d", nla, len); 166 167 return (0); 168 } 169 170 void 171 nl_get_attrs_bmask_raw(struct nlattr *nla_head, int len, struct nlattr_bmask *bm) 172 { 173 struct nlattr *nla = NULL; 174 175 BIT_ZERO(NL_ATTR_BMASK_SIZE, bm); 176 177 NLA_FOREACH(nla, nla_head, len) { 178 if (nla->nla_len < sizeof(struct nlattr)) 179 return; 180 int nla_type = nla->nla_type & NLA_TYPE_MASK; 181 if (nla_type < NL_ATTR_BMASK_SIZE) 182 BIT_SET(NL_ATTR_BMASK_SIZE, nla_type, bm); 183 else 184 NL_LOG(LOG_DEBUG2, "Skipping type %d in the mask: too short", 185 nla_type); 186 } 187 } 188 189 bool 190 nl_has_attr(const struct nlattr_bmask *bm, unsigned int nla_type) 191 { 192 MPASS(nla_type < NL_ATTR_BMASK_SIZE); 193 194 return (BIT_ISSET(NL_ATTR_BMASK_SIZE, nla_type, bm)); 195 } 196 197 int 198 nlattr_get_flag(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target) 199 { 200 if (__predict_false(NLA_DATA_LEN(nla) != 0)) { 201 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not a flag", 202 nla->nla_type, NLA_DATA_LEN(nla)); 203 return (EINVAL); 204 } 205 206 *((uint8_t *)target) = 1; 207 return (0); 208 } 209 210 static struct sockaddr * 211 parse_rta_ip4(void *rta_data, struct nl_pstate *npt, int *perror) 212 { 213 struct sockaddr_in *sin; 214 215 sin = (struct sockaddr_in *)npt_alloc_sockaddr(npt, sizeof(struct sockaddr_in)); 216 if (__predict_false(sin == NULL)) { 217 *perror = ENOBUFS; 218 return (NULL); 219 } 220 sin->sin_len = sizeof(struct sockaddr_in); 221 sin->sin_family = AF_INET; 222 memcpy(&sin->sin_addr, rta_data, sizeof(struct in_addr)); 223 return ((struct sockaddr *)sin); 224 } 225 226 static struct sockaddr * 227 parse_rta_ip6(void *rta_data, struct nl_pstate *npt, int *perror) 228 { 229 struct sockaddr_in6 *sin6; 230 231 sin6 = (struct sockaddr_in6 *)npt_alloc_sockaddr(npt, sizeof(struct sockaddr_in6)); 232 if (__predict_false(sin6 == NULL)) { 233 *perror = ENOBUFS; 234 return (NULL); 235 } 236 sin6->sin6_len = sizeof(struct sockaddr_in6); 237 sin6->sin6_family = AF_INET6; 238 memcpy(&sin6->sin6_addr, rta_data, sizeof(struct in6_addr)); 239 return ((struct sockaddr *)sin6); 240 } 241 242 static struct sockaddr * 243 parse_rta_ip(struct rtattr *rta, struct nl_pstate *npt, int *perror) 244 { 245 void *rta_data = NL_RTA_DATA(rta); 246 int rta_len = NL_RTA_DATA_LEN(rta); 247 248 if (rta_len == sizeof(struct in_addr)) { 249 return (parse_rta_ip4(rta_data, npt, perror)); 250 } else if (rta_len == sizeof(struct in6_addr)) { 251 return (parse_rta_ip6(rta_data, npt, perror)); 252 } else { 253 NLMSG_REPORT_ERR_MSG(npt, "unknown IP len: %d for rta type %d", 254 rta_len, rta->rta_type); 255 *perror = ENOTSUP; 256 return (NULL); 257 } 258 return (NULL); 259 } 260 261 int 262 nlattr_get_ip(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target) 263 { 264 int error = 0; 265 266 struct sockaddr *sa = parse_rta_ip((struct rtattr *)nla, npt, &error); 267 268 *((struct sockaddr **)target) = sa; 269 return (error); 270 } 271 272 static struct sockaddr * 273 parse_rta_via(struct rtattr *rta, struct nl_pstate *npt, int *perror) 274 { 275 struct rtvia *via = NL_RTA_DATA(rta); 276 int data_len = NL_RTA_DATA_LEN(rta); 277 278 if (__predict_false(data_len) < sizeof(struct rtvia)) { 279 NLMSG_REPORT_ERR_MSG(npt, "undersized RTA_VIA(%d) attr: len %d", 280 rta->rta_type, data_len); 281 *perror = EINVAL; 282 return (NULL); 283 } 284 data_len -= offsetof(struct rtvia, rtvia_addr); 285 286 switch (via->rtvia_family) { 287 case AF_INET: 288 if (__predict_false(data_len < sizeof(struct in_addr))) { 289 *perror = EINVAL; 290 return (NULL); 291 } 292 return (parse_rta_ip4(via->rtvia_addr, npt, perror)); 293 case AF_INET6: 294 if (__predict_false(data_len < sizeof(struct in6_addr))) { 295 *perror = EINVAL; 296 return (NULL); 297 } 298 return (parse_rta_ip6(via->rtvia_addr, npt, perror)); 299 default: 300 *perror = ENOTSUP; 301 return (NULL); 302 } 303 } 304 305 int 306 nlattr_get_ipvia(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target) 307 { 308 int error = 0; 309 310 struct sockaddr *sa = parse_rta_via((struct rtattr *)nla, npt, &error); 311 312 *((struct sockaddr **)target) = sa; 313 return (error); 314 } 315 316 317 int 318 nlattr_get_uint16(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target) 319 { 320 if (__predict_false(NLA_DATA_LEN(nla) != sizeof(uint16_t))) { 321 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not uint32", 322 nla->nla_type, NLA_DATA_LEN(nla)); 323 return (EINVAL); 324 } 325 *((uint16_t *)target) = *((const uint16_t *)NL_RTA_DATA_CONST(nla)); 326 return (0); 327 } 328 329 int 330 nlattr_get_uint32(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target) 331 { 332 if (__predict_false(NLA_DATA_LEN(nla) != sizeof(uint32_t))) { 333 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not uint32", 334 nla->nla_type, NLA_DATA_LEN(nla)); 335 return (EINVAL); 336 } 337 *((uint32_t *)target) = *((const uint32_t *)NL_RTA_DATA_CONST(nla)); 338 return (0); 339 } 340 341 int 342 nlattr_get_uint64(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target) 343 { 344 if (__predict_false(NLA_DATA_LEN(nla) != sizeof(uint64_t))) { 345 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not uint64", 346 nla->nla_type, NLA_DATA_LEN(nla)); 347 return (EINVAL); 348 } 349 memcpy(target, NL_RTA_DATA_CONST(nla), sizeof(uint64_t)); 350 return (0); 351 } 352 353 int 354 nlattr_get_in_addr(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target) 355 { 356 if (__predict_false(NLA_DATA_LEN(nla) != sizeof(in_addr_t))) { 357 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not in_addr_t", 358 nla->nla_type, NLA_DATA_LEN(nla)); 359 return (EINVAL); 360 } 361 memcpy(target, NLA_DATA_CONST(nla), sizeof(in_addr_t)); 362 return (0); 363 } 364 365 int 366 nlattr_get_in6_addr(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target) 367 { 368 if (__predict_false(NLA_DATA_LEN(nla) != sizeof(struct in6_addr))) { 369 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not struct in6_addr", 370 nla->nla_type, NLA_DATA_LEN(nla)); 371 return (EINVAL); 372 } 373 memcpy(target, NLA_DATA_CONST(nla), sizeof(struct in6_addr)); 374 return (0); 375 } 376 377 static int 378 nlattr_get_ifp_internal(struct nlattr *nla, struct nl_pstate *npt, 379 void *target, bool zero_ok) 380 { 381 if (__predict_false(NLA_DATA_LEN(nla) != sizeof(uint32_t))) { 382 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not uint32", 383 nla->nla_type, NLA_DATA_LEN(nla)); 384 return (EINVAL); 385 } 386 uint32_t ifindex = *((const uint32_t *)NLA_DATA_CONST(nla)); 387 388 if (ifindex == 0 && zero_ok) { 389 *((struct ifnet **)target) = NULL; 390 return (0); 391 } 392 393 NET_EPOCH_ASSERT(); 394 395 struct ifnet *ifp = ifnet_byindex(ifindex); 396 if (__predict_false(ifp == NULL)) { 397 NLMSG_REPORT_ERR_MSG(npt, "nla type %d: ifindex %u invalid", 398 nla->nla_type, ifindex); 399 return (ENOENT); 400 } 401 *((struct ifnet **)target) = ifp; 402 NL_LOG(LOG_DEBUG3, "nla type %d: ifindex %u -> %s", nla->nla_type, 403 ifindex, if_name(ifp)); 404 405 return (0); 406 } 407 408 int 409 nlattr_get_ifp(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target) 410 { 411 return (nlattr_get_ifp_internal(nla, npt, target, false)); 412 } 413 414 int 415 nlattr_get_ifpz(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target) 416 { 417 return (nlattr_get_ifp_internal(nla, npt, target, true)); 418 } 419 420 int 421 nlattr_get_string(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target) 422 { 423 int maxlen = NLA_DATA_LEN(nla); 424 425 if (__predict_false(strnlen((char *)NLA_DATA(nla), maxlen) >= maxlen)) { 426 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not NULL-terminated", 427 nla->nla_type, maxlen); 428 return (EINVAL); 429 } 430 431 *((char **)target) = (char *)NLA_DATA(nla); 432 return (0); 433 } 434 435 int 436 nlattr_get_stringn(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target) 437 { 438 int maxlen = NLA_DATA_LEN(nla); 439 440 char *buf = npt_alloc(npt, maxlen + 1); 441 if (buf == NULL) 442 return (ENOMEM); 443 buf[maxlen] = '\0'; 444 memcpy(buf, NLA_DATA(nla), maxlen); 445 446 *((char **)target) = buf; 447 return (0); 448 } 449 int 450 nlattr_get_nla(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target) 451 { 452 NL_LOG(LOG_DEBUG3, "STORING %p len %d", nla, nla->nla_len); 453 *((struct nlattr **)target) = nla; 454 return (0); 455 } 456 457 int 458 nlattr_get_nested(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target) 459 { 460 const struct nlhdr_parser *p = (const struct nlhdr_parser *)arg; 461 int error; 462 463 /* Assumes target points to the beginning of the structure */ 464 error = nl_parse_header(NLA_DATA(nla), NLA_DATA_LEN(nla), p, npt, target); 465 return (error); 466 } 467 468 int 469 nlf_get_ifp(void *src, struct nl_pstate *npt, void *target) 470 { 471 int ifindex = *((const int *)src); 472 473 NET_EPOCH_ASSERT(); 474 475 struct ifnet *ifp = ifnet_byindex(ifindex); 476 if (ifp == NULL) { 477 NL_LOG(LOG_DEBUG, "ifindex %u invalid", ifindex); 478 return (ENOENT); 479 } 480 *((struct ifnet **)target) = ifp; 481 482 return (0); 483 } 484 485 int 486 nlf_get_ifpz(void *src, struct nl_pstate *npt, void *target) 487 { 488 int ifindex = *((const int *)src); 489 490 NET_EPOCH_ASSERT(); 491 492 struct ifnet *ifp = ifnet_byindex(ifindex); 493 if (ifindex != 0 && ifp == NULL) { 494 NL_LOG(LOG_DEBUG, "ifindex %u invalid", ifindex); 495 return (ENOENT); 496 } 497 *((struct ifnet **)target) = ifp; 498 499 return (0); 500 } 501 502 int 503 nlf_get_u8(void *src, struct nl_pstate *npt, void *target) 504 { 505 uint8_t val = *((const uint8_t *)src); 506 507 *((uint8_t *)target) = val; 508 509 return (0); 510 } 511 512 int 513 nlf_get_u8_u32(void *src, struct nl_pstate *npt, void *target) 514 { 515 *((uint32_t *)target) = *((const uint8_t *)src); 516 return (0); 517 } 518 519 int 520 nlf_get_u16(void *src, struct nl_pstate *npt, void *target) 521 { 522 *((uint16_t *)target) = *((const uint16_t *)src); 523 return (0); 524 } 525 526 int 527 nlf_get_u32(void *src, struct nl_pstate *npt, void *target) 528 { 529 *((uint32_t *)target) = *((const uint32_t *)src); 530 return (0); 531 } 532 533