xref: /linux/net/l2tp/l2tp_netlink.c (revision 3932b9ca55b0be314a36d3e84faff3e823c081f5)
1 /*
2  * L2TP netlink layer, for management
3  *
4  * Copyright (c) 2008,2009,2010 Katalix Systems Ltd
5  *
6  * Partly based on the IrDA nelink implementation
7  * (see net/irda/irnetlink.c) which is:
8  * Copyright (c) 2007 Samuel Ortiz <samuel@sortiz.org>
9  * which is in turn partly based on the wireless netlink code:
10  * Copyright 2006 Johannes Berg <johannes@sipsolutions.net>
11  *
12  * This program is free software; you can redistribute it and/or modify
13  * it under the terms of the GNU General Public License version 2 as
14  * published by the Free Software Foundation.
15  */
16 
17 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
18 
19 #include <net/sock.h>
20 #include <net/genetlink.h>
21 #include <net/udp.h>
22 #include <linux/in.h>
23 #include <linux/udp.h>
24 #include <linux/socket.h>
25 #include <linux/module.h>
26 #include <linux/list.h>
27 #include <net/net_namespace.h>
28 
29 #include <linux/l2tp.h>
30 
31 #include "l2tp_core.h"
32 
33 
34 static struct genl_family l2tp_nl_family = {
35 	.id		= GENL_ID_GENERATE,
36 	.name		= L2TP_GENL_NAME,
37 	.version	= L2TP_GENL_VERSION,
38 	.hdrsize	= 0,
39 	.maxattr	= L2TP_ATTR_MAX,
40 	.netnsok	= true,
41 };
42 
43 /* Accessed under genl lock */
44 static const struct l2tp_nl_cmd_ops *l2tp_nl_cmd_ops[__L2TP_PWTYPE_MAX];
45 
46 static struct l2tp_session *l2tp_nl_session_find(struct genl_info *info)
47 {
48 	u32 tunnel_id;
49 	u32 session_id;
50 	char *ifname;
51 	struct l2tp_tunnel *tunnel;
52 	struct l2tp_session *session = NULL;
53 	struct net *net = genl_info_net(info);
54 
55 	if (info->attrs[L2TP_ATTR_IFNAME]) {
56 		ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]);
57 		session = l2tp_session_find_by_ifname(net, ifname);
58 	} else if ((info->attrs[L2TP_ATTR_SESSION_ID]) &&
59 		   (info->attrs[L2TP_ATTR_CONN_ID])) {
60 		tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
61 		session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]);
62 		tunnel = l2tp_tunnel_find(net, tunnel_id);
63 		if (tunnel)
64 			session = l2tp_session_find(net, tunnel, session_id);
65 	}
66 
67 	return session;
68 }
69 
70 static int l2tp_nl_cmd_noop(struct sk_buff *skb, struct genl_info *info)
71 {
72 	struct sk_buff *msg;
73 	void *hdr;
74 	int ret = -ENOBUFS;
75 
76 	msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
77 	if (!msg) {
78 		ret = -ENOMEM;
79 		goto out;
80 	}
81 
82 	hdr = genlmsg_put(msg, info->snd_portid, info->snd_seq,
83 			  &l2tp_nl_family, 0, L2TP_CMD_NOOP);
84 	if (!hdr) {
85 		ret = -EMSGSIZE;
86 		goto err_out;
87 	}
88 
89 	genlmsg_end(msg, hdr);
90 
91 	return genlmsg_unicast(genl_info_net(info), msg, info->snd_portid);
92 
93 err_out:
94 	nlmsg_free(msg);
95 
96 out:
97 	return ret;
98 }
99 
100 static int l2tp_nl_cmd_tunnel_create(struct sk_buff *skb, struct genl_info *info)
101 {
102 	u32 tunnel_id;
103 	u32 peer_tunnel_id;
104 	int proto_version;
105 	int fd;
106 	int ret = 0;
107 	struct l2tp_tunnel_cfg cfg = { 0, };
108 	struct l2tp_tunnel *tunnel;
109 	struct net *net = genl_info_net(info);
110 
111 	if (!info->attrs[L2TP_ATTR_CONN_ID]) {
112 		ret = -EINVAL;
113 		goto out;
114 	}
115 	tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
116 
117 	if (!info->attrs[L2TP_ATTR_PEER_CONN_ID]) {
118 		ret = -EINVAL;
119 		goto out;
120 	}
121 	peer_tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_CONN_ID]);
122 
123 	if (!info->attrs[L2TP_ATTR_PROTO_VERSION]) {
124 		ret = -EINVAL;
125 		goto out;
126 	}
127 	proto_version = nla_get_u8(info->attrs[L2TP_ATTR_PROTO_VERSION]);
128 
129 	if (!info->attrs[L2TP_ATTR_ENCAP_TYPE]) {
130 		ret = -EINVAL;
131 		goto out;
132 	}
133 	cfg.encap = nla_get_u16(info->attrs[L2TP_ATTR_ENCAP_TYPE]);
134 
135 	fd = -1;
136 	if (info->attrs[L2TP_ATTR_FD]) {
137 		fd = nla_get_u32(info->attrs[L2TP_ATTR_FD]);
138 	} else {
139 #if IS_ENABLED(CONFIG_IPV6)
140 		if (info->attrs[L2TP_ATTR_IP6_SADDR] &&
141 		    info->attrs[L2TP_ATTR_IP6_DADDR]) {
142 			cfg.local_ip6 = nla_data(
143 				info->attrs[L2TP_ATTR_IP6_SADDR]);
144 			cfg.peer_ip6 = nla_data(
145 				info->attrs[L2TP_ATTR_IP6_DADDR]);
146 		} else
147 #endif
148 		if (info->attrs[L2TP_ATTR_IP_SADDR] &&
149 		    info->attrs[L2TP_ATTR_IP_DADDR]) {
150 			cfg.local_ip.s_addr = nla_get_be32(
151 				info->attrs[L2TP_ATTR_IP_SADDR]);
152 			cfg.peer_ip.s_addr = nla_get_be32(
153 				info->attrs[L2TP_ATTR_IP_DADDR]);
154 		} else {
155 			ret = -EINVAL;
156 			goto out;
157 		}
158 		if (info->attrs[L2TP_ATTR_UDP_SPORT])
159 			cfg.local_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_SPORT]);
160 		if (info->attrs[L2TP_ATTR_UDP_DPORT])
161 			cfg.peer_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_DPORT]);
162 		if (info->attrs[L2TP_ATTR_UDP_CSUM])
163 			cfg.use_udp_checksums = nla_get_flag(info->attrs[L2TP_ATTR_UDP_CSUM]);
164 
165 #if IS_ENABLED(CONFIG_IPV6)
166 		if (info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_TX])
167 			cfg.udp6_zero_tx_checksums = nla_get_flag(info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_TX]);
168 		if (info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_RX])
169 			cfg.udp6_zero_rx_checksums = nla_get_flag(info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_RX]);
170 #endif
171 	}
172 
173 	if (info->attrs[L2TP_ATTR_DEBUG])
174 		cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]);
175 
176 	tunnel = l2tp_tunnel_find(net, tunnel_id);
177 	if (tunnel != NULL) {
178 		ret = -EEXIST;
179 		goto out;
180 	}
181 
182 	ret = -EINVAL;
183 	switch (cfg.encap) {
184 	case L2TP_ENCAPTYPE_UDP:
185 	case L2TP_ENCAPTYPE_IP:
186 		ret = l2tp_tunnel_create(net, fd, proto_version, tunnel_id,
187 					 peer_tunnel_id, &cfg, &tunnel);
188 		break;
189 	}
190 
191 out:
192 	return ret;
193 }
194 
195 static int l2tp_nl_cmd_tunnel_delete(struct sk_buff *skb, struct genl_info *info)
196 {
197 	struct l2tp_tunnel *tunnel;
198 	u32 tunnel_id;
199 	int ret = 0;
200 	struct net *net = genl_info_net(info);
201 
202 	if (!info->attrs[L2TP_ATTR_CONN_ID]) {
203 		ret = -EINVAL;
204 		goto out;
205 	}
206 	tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
207 
208 	tunnel = l2tp_tunnel_find(net, tunnel_id);
209 	if (tunnel == NULL) {
210 		ret = -ENODEV;
211 		goto out;
212 	}
213 
214 	(void) l2tp_tunnel_delete(tunnel);
215 
216 out:
217 	return ret;
218 }
219 
220 static int l2tp_nl_cmd_tunnel_modify(struct sk_buff *skb, struct genl_info *info)
221 {
222 	struct l2tp_tunnel *tunnel;
223 	u32 tunnel_id;
224 	int ret = 0;
225 	struct net *net = genl_info_net(info);
226 
227 	if (!info->attrs[L2TP_ATTR_CONN_ID]) {
228 		ret = -EINVAL;
229 		goto out;
230 	}
231 	tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
232 
233 	tunnel = l2tp_tunnel_find(net, tunnel_id);
234 	if (tunnel == NULL) {
235 		ret = -ENODEV;
236 		goto out;
237 	}
238 
239 	if (info->attrs[L2TP_ATTR_DEBUG])
240 		tunnel->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]);
241 
242 out:
243 	return ret;
244 }
245 
246 static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, int flags,
247 			       struct l2tp_tunnel *tunnel)
248 {
249 	void *hdr;
250 	struct nlattr *nest;
251 	struct sock *sk = NULL;
252 	struct inet_sock *inet;
253 #if IS_ENABLED(CONFIG_IPV6)
254 	struct ipv6_pinfo *np = NULL;
255 #endif
256 
257 	hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags,
258 			  L2TP_CMD_TUNNEL_GET);
259 	if (!hdr)
260 		return -EMSGSIZE;
261 
262 	if (nla_put_u8(skb, L2TP_ATTR_PROTO_VERSION, tunnel->version) ||
263 	    nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) ||
264 	    nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) ||
265 	    nla_put_u32(skb, L2TP_ATTR_DEBUG, tunnel->debug) ||
266 	    nla_put_u16(skb, L2TP_ATTR_ENCAP_TYPE, tunnel->encap))
267 		goto nla_put_failure;
268 
269 	nest = nla_nest_start(skb, L2TP_ATTR_STATS);
270 	if (nest == NULL)
271 		goto nla_put_failure;
272 
273 	if (nla_put_u64(skb, L2TP_ATTR_TX_PACKETS,
274 		    atomic_long_read(&tunnel->stats.tx_packets)) ||
275 	    nla_put_u64(skb, L2TP_ATTR_TX_BYTES,
276 		    atomic_long_read(&tunnel->stats.tx_bytes)) ||
277 	    nla_put_u64(skb, L2TP_ATTR_TX_ERRORS,
278 		    atomic_long_read(&tunnel->stats.tx_errors)) ||
279 	    nla_put_u64(skb, L2TP_ATTR_RX_PACKETS,
280 		    atomic_long_read(&tunnel->stats.rx_packets)) ||
281 	    nla_put_u64(skb, L2TP_ATTR_RX_BYTES,
282 		    atomic_long_read(&tunnel->stats.rx_bytes)) ||
283 	    nla_put_u64(skb, L2TP_ATTR_RX_SEQ_DISCARDS,
284 		    atomic_long_read(&tunnel->stats.rx_seq_discards)) ||
285 	    nla_put_u64(skb, L2TP_ATTR_RX_OOS_PACKETS,
286 		    atomic_long_read(&tunnel->stats.rx_oos_packets)) ||
287 	    nla_put_u64(skb, L2TP_ATTR_RX_ERRORS,
288 		    atomic_long_read(&tunnel->stats.rx_errors)))
289 		goto nla_put_failure;
290 	nla_nest_end(skb, nest);
291 
292 	sk = tunnel->sock;
293 	if (!sk)
294 		goto out;
295 
296 #if IS_ENABLED(CONFIG_IPV6)
297 	if (sk->sk_family == AF_INET6)
298 		np = inet6_sk(sk);
299 #endif
300 
301 	inet = inet_sk(sk);
302 
303 	switch (tunnel->encap) {
304 	case L2TP_ENCAPTYPE_UDP:
305 		if (nla_put_u16(skb, L2TP_ATTR_UDP_SPORT, ntohs(inet->inet_sport)) ||
306 		    nla_put_u16(skb, L2TP_ATTR_UDP_DPORT, ntohs(inet->inet_dport)) ||
307 		    nla_put_u8(skb, L2TP_ATTR_UDP_CSUM, !sk->sk_no_check_tx))
308 			goto nla_put_failure;
309 		/* NOBREAK */
310 	case L2TP_ENCAPTYPE_IP:
311 #if IS_ENABLED(CONFIG_IPV6)
312 		if (np) {
313 			if (nla_put(skb, L2TP_ATTR_IP6_SADDR, sizeof(np->saddr),
314 				    &np->saddr) ||
315 			    nla_put(skb, L2TP_ATTR_IP6_DADDR, sizeof(sk->sk_v6_daddr),
316 				    &sk->sk_v6_daddr))
317 				goto nla_put_failure;
318 		} else
319 #endif
320 		if (nla_put_be32(skb, L2TP_ATTR_IP_SADDR, inet->inet_saddr) ||
321 		    nla_put_be32(skb, L2TP_ATTR_IP_DADDR, inet->inet_daddr))
322 			goto nla_put_failure;
323 		break;
324 	}
325 
326 out:
327 	return genlmsg_end(skb, hdr);
328 
329 nla_put_failure:
330 	genlmsg_cancel(skb, hdr);
331 	return -1;
332 }
333 
334 static int l2tp_nl_cmd_tunnel_get(struct sk_buff *skb, struct genl_info *info)
335 {
336 	struct l2tp_tunnel *tunnel;
337 	struct sk_buff *msg;
338 	u32 tunnel_id;
339 	int ret = -ENOBUFS;
340 	struct net *net = genl_info_net(info);
341 
342 	if (!info->attrs[L2TP_ATTR_CONN_ID]) {
343 		ret = -EINVAL;
344 		goto out;
345 	}
346 
347 	tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
348 
349 	tunnel = l2tp_tunnel_find(net, tunnel_id);
350 	if (tunnel == NULL) {
351 		ret = -ENODEV;
352 		goto out;
353 	}
354 
355 	msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
356 	if (!msg) {
357 		ret = -ENOMEM;
358 		goto out;
359 	}
360 
361 	ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq,
362 				  NLM_F_ACK, tunnel);
363 	if (ret < 0)
364 		goto err_out;
365 
366 	return genlmsg_unicast(net, msg, info->snd_portid);
367 
368 err_out:
369 	nlmsg_free(msg);
370 
371 out:
372 	return ret;
373 }
374 
375 static int l2tp_nl_cmd_tunnel_dump(struct sk_buff *skb, struct netlink_callback *cb)
376 {
377 	int ti = cb->args[0];
378 	struct l2tp_tunnel *tunnel;
379 	struct net *net = sock_net(skb->sk);
380 
381 	for (;;) {
382 		tunnel = l2tp_tunnel_find_nth(net, ti);
383 		if (tunnel == NULL)
384 			goto out;
385 
386 		if (l2tp_nl_tunnel_send(skb, NETLINK_CB(cb->skb).portid,
387 					cb->nlh->nlmsg_seq, NLM_F_MULTI,
388 					tunnel) <= 0)
389 			goto out;
390 
391 		ti++;
392 	}
393 
394 out:
395 	cb->args[0] = ti;
396 
397 	return skb->len;
398 }
399 
400 static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *info)
401 {
402 	u32 tunnel_id = 0;
403 	u32 session_id;
404 	u32 peer_session_id;
405 	int ret = 0;
406 	struct l2tp_tunnel *tunnel;
407 	struct l2tp_session *session;
408 	struct l2tp_session_cfg cfg = { 0, };
409 	struct net *net = genl_info_net(info);
410 
411 	if (!info->attrs[L2TP_ATTR_CONN_ID]) {
412 		ret = -EINVAL;
413 		goto out;
414 	}
415 	tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
416 	tunnel = l2tp_tunnel_find(net, tunnel_id);
417 	if (!tunnel) {
418 		ret = -ENODEV;
419 		goto out;
420 	}
421 
422 	if (!info->attrs[L2TP_ATTR_SESSION_ID]) {
423 		ret = -EINVAL;
424 		goto out;
425 	}
426 	session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]);
427 	session = l2tp_session_find(net, tunnel, session_id);
428 	if (session) {
429 		ret = -EEXIST;
430 		goto out;
431 	}
432 
433 	if (!info->attrs[L2TP_ATTR_PEER_SESSION_ID]) {
434 		ret = -EINVAL;
435 		goto out;
436 	}
437 	peer_session_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_SESSION_ID]);
438 
439 	if (!info->attrs[L2TP_ATTR_PW_TYPE]) {
440 		ret = -EINVAL;
441 		goto out;
442 	}
443 	cfg.pw_type = nla_get_u16(info->attrs[L2TP_ATTR_PW_TYPE]);
444 	if (cfg.pw_type >= __L2TP_PWTYPE_MAX) {
445 		ret = -EINVAL;
446 		goto out;
447 	}
448 
449 	if (tunnel->version > 2) {
450 		if (info->attrs[L2TP_ATTR_OFFSET])
451 			cfg.offset = nla_get_u16(info->attrs[L2TP_ATTR_OFFSET]);
452 
453 		if (info->attrs[L2TP_ATTR_DATA_SEQ])
454 			cfg.data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]);
455 
456 		cfg.l2specific_type = L2TP_L2SPECTYPE_DEFAULT;
457 		if (info->attrs[L2TP_ATTR_L2SPEC_TYPE])
458 			cfg.l2specific_type = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_TYPE]);
459 
460 		cfg.l2specific_len = 4;
461 		if (info->attrs[L2TP_ATTR_L2SPEC_LEN])
462 			cfg.l2specific_len = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_LEN]);
463 
464 		if (info->attrs[L2TP_ATTR_COOKIE]) {
465 			u16 len = nla_len(info->attrs[L2TP_ATTR_COOKIE]);
466 			if (len > 8) {
467 				ret = -EINVAL;
468 				goto out;
469 			}
470 			cfg.cookie_len = len;
471 			memcpy(&cfg.cookie[0], nla_data(info->attrs[L2TP_ATTR_COOKIE]), len);
472 		}
473 		if (info->attrs[L2TP_ATTR_PEER_COOKIE]) {
474 			u16 len = nla_len(info->attrs[L2TP_ATTR_PEER_COOKIE]);
475 			if (len > 8) {
476 				ret = -EINVAL;
477 				goto out;
478 			}
479 			cfg.peer_cookie_len = len;
480 			memcpy(&cfg.peer_cookie[0], nla_data(info->attrs[L2TP_ATTR_PEER_COOKIE]), len);
481 		}
482 		if (info->attrs[L2TP_ATTR_IFNAME])
483 			cfg.ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]);
484 
485 		if (info->attrs[L2TP_ATTR_VLAN_ID])
486 			cfg.vlan_id = nla_get_u16(info->attrs[L2TP_ATTR_VLAN_ID]);
487 	}
488 
489 	if (info->attrs[L2TP_ATTR_DEBUG])
490 		cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]);
491 
492 	if (info->attrs[L2TP_ATTR_RECV_SEQ])
493 		cfg.recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]);
494 
495 	if (info->attrs[L2TP_ATTR_SEND_SEQ])
496 		cfg.send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]);
497 
498 	if (info->attrs[L2TP_ATTR_LNS_MODE])
499 		cfg.lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]);
500 
501 	if (info->attrs[L2TP_ATTR_RECV_TIMEOUT])
502 		cfg.reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]);
503 
504 	if (info->attrs[L2TP_ATTR_MTU])
505 		cfg.mtu = nla_get_u16(info->attrs[L2TP_ATTR_MTU]);
506 
507 	if (info->attrs[L2TP_ATTR_MRU])
508 		cfg.mru = nla_get_u16(info->attrs[L2TP_ATTR_MRU]);
509 
510 	if ((l2tp_nl_cmd_ops[cfg.pw_type] == NULL) ||
511 	    (l2tp_nl_cmd_ops[cfg.pw_type]->session_create == NULL)) {
512 		ret = -EPROTONOSUPPORT;
513 		goto out;
514 	}
515 
516 	/* Check that pseudowire-specific params are present */
517 	switch (cfg.pw_type) {
518 	case L2TP_PWTYPE_NONE:
519 		break;
520 	case L2TP_PWTYPE_ETH_VLAN:
521 		if (!info->attrs[L2TP_ATTR_VLAN_ID]) {
522 			ret = -EINVAL;
523 			goto out;
524 		}
525 		break;
526 	case L2TP_PWTYPE_ETH:
527 		break;
528 	case L2TP_PWTYPE_PPP:
529 	case L2TP_PWTYPE_PPP_AC:
530 		break;
531 	case L2TP_PWTYPE_IP:
532 	default:
533 		ret = -EPROTONOSUPPORT;
534 		break;
535 	}
536 
537 	ret = -EPROTONOSUPPORT;
538 	if (l2tp_nl_cmd_ops[cfg.pw_type]->session_create)
539 		ret = (*l2tp_nl_cmd_ops[cfg.pw_type]->session_create)(net, tunnel_id,
540 			session_id, peer_session_id, &cfg);
541 
542 out:
543 	return ret;
544 }
545 
546 static int l2tp_nl_cmd_session_delete(struct sk_buff *skb, struct genl_info *info)
547 {
548 	int ret = 0;
549 	struct l2tp_session *session;
550 	u16 pw_type;
551 
552 	session = l2tp_nl_session_find(info);
553 	if (session == NULL) {
554 		ret = -ENODEV;
555 		goto out;
556 	}
557 
558 	pw_type = session->pwtype;
559 	if (pw_type < __L2TP_PWTYPE_MAX)
560 		if (l2tp_nl_cmd_ops[pw_type] && l2tp_nl_cmd_ops[pw_type]->session_delete)
561 			ret = (*l2tp_nl_cmd_ops[pw_type]->session_delete)(session);
562 
563 out:
564 	return ret;
565 }
566 
567 static int l2tp_nl_cmd_session_modify(struct sk_buff *skb, struct genl_info *info)
568 {
569 	int ret = 0;
570 	struct l2tp_session *session;
571 
572 	session = l2tp_nl_session_find(info);
573 	if (session == NULL) {
574 		ret = -ENODEV;
575 		goto out;
576 	}
577 
578 	if (info->attrs[L2TP_ATTR_DEBUG])
579 		session->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]);
580 
581 	if (info->attrs[L2TP_ATTR_DATA_SEQ])
582 		session->data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]);
583 
584 	if (info->attrs[L2TP_ATTR_RECV_SEQ])
585 		session->recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]);
586 
587 	if (info->attrs[L2TP_ATTR_SEND_SEQ]) {
588 		session->send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]);
589 		l2tp_session_set_header_len(session, session->tunnel->version);
590 	}
591 
592 	if (info->attrs[L2TP_ATTR_LNS_MODE])
593 		session->lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]);
594 
595 	if (info->attrs[L2TP_ATTR_RECV_TIMEOUT])
596 		session->reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]);
597 
598 	if (info->attrs[L2TP_ATTR_MTU])
599 		session->mtu = nla_get_u16(info->attrs[L2TP_ATTR_MTU]);
600 
601 	if (info->attrs[L2TP_ATTR_MRU])
602 		session->mru = nla_get_u16(info->attrs[L2TP_ATTR_MRU]);
603 
604 out:
605 	return ret;
606 }
607 
608 static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, int flags,
609 				struct l2tp_session *session)
610 {
611 	void *hdr;
612 	struct nlattr *nest;
613 	struct l2tp_tunnel *tunnel = session->tunnel;
614 	struct sock *sk = NULL;
615 
616 	sk = tunnel->sock;
617 
618 	hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, L2TP_CMD_SESSION_GET);
619 	if (!hdr)
620 		return -EMSGSIZE;
621 
622 	if (nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) ||
623 	    nla_put_u32(skb, L2TP_ATTR_SESSION_ID, session->session_id) ||
624 	    nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) ||
625 	    nla_put_u32(skb, L2TP_ATTR_PEER_SESSION_ID,
626 			session->peer_session_id) ||
627 	    nla_put_u32(skb, L2TP_ATTR_DEBUG, session->debug) ||
628 	    nla_put_u16(skb, L2TP_ATTR_PW_TYPE, session->pwtype) ||
629 	    nla_put_u16(skb, L2TP_ATTR_MTU, session->mtu) ||
630 	    (session->mru &&
631 	     nla_put_u16(skb, L2TP_ATTR_MRU, session->mru)))
632 		goto nla_put_failure;
633 
634 	if ((session->ifname[0] &&
635 	     nla_put_string(skb, L2TP_ATTR_IFNAME, session->ifname)) ||
636 	    (session->cookie_len &&
637 	     nla_put(skb, L2TP_ATTR_COOKIE, session->cookie_len,
638 		     &session->cookie[0])) ||
639 	    (session->peer_cookie_len &&
640 	     nla_put(skb, L2TP_ATTR_PEER_COOKIE, session->peer_cookie_len,
641 		     &session->peer_cookie[0])) ||
642 	    nla_put_u8(skb, L2TP_ATTR_RECV_SEQ, session->recv_seq) ||
643 	    nla_put_u8(skb, L2TP_ATTR_SEND_SEQ, session->send_seq) ||
644 	    nla_put_u8(skb, L2TP_ATTR_LNS_MODE, session->lns_mode) ||
645 #ifdef CONFIG_XFRM
646 	    (((sk) && (sk->sk_policy[0] || sk->sk_policy[1])) &&
647 	     nla_put_u8(skb, L2TP_ATTR_USING_IPSEC, 1)) ||
648 #endif
649 	    (session->reorder_timeout &&
650 	     nla_put_msecs(skb, L2TP_ATTR_RECV_TIMEOUT, session->reorder_timeout)))
651 		goto nla_put_failure;
652 
653 	nest = nla_nest_start(skb, L2TP_ATTR_STATS);
654 	if (nest == NULL)
655 		goto nla_put_failure;
656 
657 	if (nla_put_u64(skb, L2TP_ATTR_TX_PACKETS,
658 		atomic_long_read(&session->stats.tx_packets)) ||
659 	    nla_put_u64(skb, L2TP_ATTR_TX_BYTES,
660 		atomic_long_read(&session->stats.tx_bytes)) ||
661 	    nla_put_u64(skb, L2TP_ATTR_TX_ERRORS,
662 		atomic_long_read(&session->stats.tx_errors)) ||
663 	    nla_put_u64(skb, L2TP_ATTR_RX_PACKETS,
664 		atomic_long_read(&session->stats.rx_packets)) ||
665 	    nla_put_u64(skb, L2TP_ATTR_RX_BYTES,
666 		atomic_long_read(&session->stats.rx_bytes)) ||
667 	    nla_put_u64(skb, L2TP_ATTR_RX_SEQ_DISCARDS,
668 		atomic_long_read(&session->stats.rx_seq_discards)) ||
669 	    nla_put_u64(skb, L2TP_ATTR_RX_OOS_PACKETS,
670 		atomic_long_read(&session->stats.rx_oos_packets)) ||
671 	    nla_put_u64(skb, L2TP_ATTR_RX_ERRORS,
672 		atomic_long_read(&session->stats.rx_errors)))
673 		goto nla_put_failure;
674 	nla_nest_end(skb, nest);
675 
676 	return genlmsg_end(skb, hdr);
677 
678  nla_put_failure:
679 	genlmsg_cancel(skb, hdr);
680 	return -1;
681 }
682 
683 static int l2tp_nl_cmd_session_get(struct sk_buff *skb, struct genl_info *info)
684 {
685 	struct l2tp_session *session;
686 	struct sk_buff *msg;
687 	int ret;
688 
689 	session = l2tp_nl_session_find(info);
690 	if (session == NULL) {
691 		ret = -ENODEV;
692 		goto out;
693 	}
694 
695 	msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
696 	if (!msg) {
697 		ret = -ENOMEM;
698 		goto out;
699 	}
700 
701 	ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq,
702 				   0, session);
703 	if (ret < 0)
704 		goto err_out;
705 
706 	return genlmsg_unicast(genl_info_net(info), msg, info->snd_portid);
707 
708 err_out:
709 	nlmsg_free(msg);
710 
711 out:
712 	return ret;
713 }
714 
715 static int l2tp_nl_cmd_session_dump(struct sk_buff *skb, struct netlink_callback *cb)
716 {
717 	struct net *net = sock_net(skb->sk);
718 	struct l2tp_session *session;
719 	struct l2tp_tunnel *tunnel = NULL;
720 	int ti = cb->args[0];
721 	int si = cb->args[1];
722 
723 	for (;;) {
724 		if (tunnel == NULL) {
725 			tunnel = l2tp_tunnel_find_nth(net, ti);
726 			if (tunnel == NULL)
727 				goto out;
728 		}
729 
730 		session = l2tp_session_find_nth(tunnel, si);
731 		if (session == NULL) {
732 			ti++;
733 			tunnel = NULL;
734 			si = 0;
735 			continue;
736 		}
737 
738 		if (l2tp_nl_session_send(skb, NETLINK_CB(cb->skb).portid,
739 					 cb->nlh->nlmsg_seq, NLM_F_MULTI,
740 					 session) <= 0)
741 			break;
742 
743 		si++;
744 	}
745 
746 out:
747 	cb->args[0] = ti;
748 	cb->args[1] = si;
749 
750 	return skb->len;
751 }
752 
753 static struct nla_policy l2tp_nl_policy[L2TP_ATTR_MAX + 1] = {
754 	[L2TP_ATTR_NONE]		= { .type = NLA_UNSPEC, },
755 	[L2TP_ATTR_PW_TYPE]		= { .type = NLA_U16, },
756 	[L2TP_ATTR_ENCAP_TYPE]		= { .type = NLA_U16, },
757 	[L2TP_ATTR_OFFSET]		= { .type = NLA_U16, },
758 	[L2TP_ATTR_DATA_SEQ]		= { .type = NLA_U8, },
759 	[L2TP_ATTR_L2SPEC_TYPE]		= { .type = NLA_U8, },
760 	[L2TP_ATTR_L2SPEC_LEN]		= { .type = NLA_U8, },
761 	[L2TP_ATTR_PROTO_VERSION]	= { .type = NLA_U8, },
762 	[L2TP_ATTR_CONN_ID]		= { .type = NLA_U32, },
763 	[L2TP_ATTR_PEER_CONN_ID]	= { .type = NLA_U32, },
764 	[L2TP_ATTR_SESSION_ID]		= { .type = NLA_U32, },
765 	[L2TP_ATTR_PEER_SESSION_ID]	= { .type = NLA_U32, },
766 	[L2TP_ATTR_UDP_CSUM]		= { .type = NLA_U8, },
767 	[L2TP_ATTR_VLAN_ID]		= { .type = NLA_U16, },
768 	[L2TP_ATTR_DEBUG]		= { .type = NLA_U32, },
769 	[L2TP_ATTR_RECV_SEQ]		= { .type = NLA_U8, },
770 	[L2TP_ATTR_SEND_SEQ]		= { .type = NLA_U8, },
771 	[L2TP_ATTR_LNS_MODE]		= { .type = NLA_U8, },
772 	[L2TP_ATTR_USING_IPSEC]		= { .type = NLA_U8, },
773 	[L2TP_ATTR_RECV_TIMEOUT]	= { .type = NLA_MSECS, },
774 	[L2TP_ATTR_FD]			= { .type = NLA_U32, },
775 	[L2TP_ATTR_IP_SADDR]		= { .type = NLA_U32, },
776 	[L2TP_ATTR_IP_DADDR]		= { .type = NLA_U32, },
777 	[L2TP_ATTR_UDP_SPORT]		= { .type = NLA_U16, },
778 	[L2TP_ATTR_UDP_DPORT]		= { .type = NLA_U16, },
779 	[L2TP_ATTR_MTU]			= { .type = NLA_U16, },
780 	[L2TP_ATTR_MRU]			= { .type = NLA_U16, },
781 	[L2TP_ATTR_STATS]		= { .type = NLA_NESTED, },
782 	[L2TP_ATTR_IP6_SADDR] = {
783 		.type = NLA_BINARY,
784 		.len = sizeof(struct in6_addr),
785 	},
786 	[L2TP_ATTR_IP6_DADDR] = {
787 		.type = NLA_BINARY,
788 		.len = sizeof(struct in6_addr),
789 	},
790 	[L2TP_ATTR_IFNAME] = {
791 		.type = NLA_NUL_STRING,
792 		.len = IFNAMSIZ - 1,
793 	},
794 	[L2TP_ATTR_COOKIE] = {
795 		.type = NLA_BINARY,
796 		.len = 8,
797 	},
798 	[L2TP_ATTR_PEER_COOKIE] = {
799 		.type = NLA_BINARY,
800 		.len = 8,
801 	},
802 };
803 
804 static const struct genl_ops l2tp_nl_ops[] = {
805 	{
806 		.cmd = L2TP_CMD_NOOP,
807 		.doit = l2tp_nl_cmd_noop,
808 		.policy = l2tp_nl_policy,
809 		/* can be retrieved by unprivileged users */
810 	},
811 	{
812 		.cmd = L2TP_CMD_TUNNEL_CREATE,
813 		.doit = l2tp_nl_cmd_tunnel_create,
814 		.policy = l2tp_nl_policy,
815 		.flags = GENL_ADMIN_PERM,
816 	},
817 	{
818 		.cmd = L2TP_CMD_TUNNEL_DELETE,
819 		.doit = l2tp_nl_cmd_tunnel_delete,
820 		.policy = l2tp_nl_policy,
821 		.flags = GENL_ADMIN_PERM,
822 	},
823 	{
824 		.cmd = L2TP_CMD_TUNNEL_MODIFY,
825 		.doit = l2tp_nl_cmd_tunnel_modify,
826 		.policy = l2tp_nl_policy,
827 		.flags = GENL_ADMIN_PERM,
828 	},
829 	{
830 		.cmd = L2TP_CMD_TUNNEL_GET,
831 		.doit = l2tp_nl_cmd_tunnel_get,
832 		.dumpit = l2tp_nl_cmd_tunnel_dump,
833 		.policy = l2tp_nl_policy,
834 		.flags = GENL_ADMIN_PERM,
835 	},
836 	{
837 		.cmd = L2TP_CMD_SESSION_CREATE,
838 		.doit = l2tp_nl_cmd_session_create,
839 		.policy = l2tp_nl_policy,
840 		.flags = GENL_ADMIN_PERM,
841 	},
842 	{
843 		.cmd = L2TP_CMD_SESSION_DELETE,
844 		.doit = l2tp_nl_cmd_session_delete,
845 		.policy = l2tp_nl_policy,
846 		.flags = GENL_ADMIN_PERM,
847 	},
848 	{
849 		.cmd = L2TP_CMD_SESSION_MODIFY,
850 		.doit = l2tp_nl_cmd_session_modify,
851 		.policy = l2tp_nl_policy,
852 		.flags = GENL_ADMIN_PERM,
853 	},
854 	{
855 		.cmd = L2TP_CMD_SESSION_GET,
856 		.doit = l2tp_nl_cmd_session_get,
857 		.dumpit = l2tp_nl_cmd_session_dump,
858 		.policy = l2tp_nl_policy,
859 		.flags = GENL_ADMIN_PERM,
860 	},
861 };
862 
863 int l2tp_nl_register_ops(enum l2tp_pwtype pw_type, const struct l2tp_nl_cmd_ops *ops)
864 {
865 	int ret;
866 
867 	ret = -EINVAL;
868 	if (pw_type >= __L2TP_PWTYPE_MAX)
869 		goto err;
870 
871 	genl_lock();
872 	ret = -EBUSY;
873 	if (l2tp_nl_cmd_ops[pw_type])
874 		goto out;
875 
876 	l2tp_nl_cmd_ops[pw_type] = ops;
877 	ret = 0;
878 
879 out:
880 	genl_unlock();
881 err:
882 	return ret;
883 }
884 EXPORT_SYMBOL_GPL(l2tp_nl_register_ops);
885 
886 void l2tp_nl_unregister_ops(enum l2tp_pwtype pw_type)
887 {
888 	if (pw_type < __L2TP_PWTYPE_MAX) {
889 		genl_lock();
890 		l2tp_nl_cmd_ops[pw_type] = NULL;
891 		genl_unlock();
892 	}
893 }
894 EXPORT_SYMBOL_GPL(l2tp_nl_unregister_ops);
895 
896 static int l2tp_nl_init(void)
897 {
898 	pr_info("L2TP netlink interface\n");
899 	return genl_register_family_with_ops(&l2tp_nl_family, l2tp_nl_ops);
900 }
901 
902 static void l2tp_nl_cleanup(void)
903 {
904 	genl_unregister_family(&l2tp_nl_family);
905 }
906 
907 module_init(l2tp_nl_init);
908 module_exit(l2tp_nl_cleanup);
909 
910 MODULE_AUTHOR("James Chapman <jchapman@katalix.com>");
911 MODULE_DESCRIPTION("L2TP netlink");
912 MODULE_LICENSE("GPL");
913 MODULE_VERSION("1.0");
914 MODULE_ALIAS_GENL_FAMILY("l2tp");
915