1 /* 2 * L2TP netlink layer, for management 3 * 4 * Copyright (c) 2008,2009,2010 Katalix Systems Ltd 5 * 6 * Partly based on the IrDA nelink implementation 7 * (see net/irda/irnetlink.c) which is: 8 * Copyright (c) 2007 Samuel Ortiz <samuel@sortiz.org> 9 * which is in turn partly based on the wireless netlink code: 10 * Copyright 2006 Johannes Berg <johannes@sipsolutions.net> 11 * 12 * This program is free software; you can redistribute it and/or modify 13 * it under the terms of the GNU General Public License version 2 as 14 * published by the Free Software Foundation. 15 */ 16 17 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 18 19 #include <net/sock.h> 20 #include <net/genetlink.h> 21 #include <net/udp.h> 22 #include <linux/in.h> 23 #include <linux/udp.h> 24 #include <linux/socket.h> 25 #include <linux/module.h> 26 #include <linux/list.h> 27 #include <net/net_namespace.h> 28 29 #include <linux/l2tp.h> 30 31 #include "l2tp_core.h" 32 33 34 static struct genl_family l2tp_nl_family; 35 36 static const struct genl_multicast_group l2tp_multicast_group[] = { 37 { 38 .name = L2TP_GENL_MCGROUP, 39 }, 40 }; 41 42 static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, 43 int flags, struct l2tp_tunnel *tunnel, u8 cmd); 44 static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, 45 int flags, struct l2tp_session *session, 46 u8 cmd); 47 48 /* Accessed under genl lock */ 49 static const struct l2tp_nl_cmd_ops *l2tp_nl_cmd_ops[__L2TP_PWTYPE_MAX]; 50 51 static struct l2tp_session *l2tp_nl_session_get(struct genl_info *info) 52 { 53 u32 tunnel_id; 54 u32 session_id; 55 char *ifname; 56 struct l2tp_tunnel *tunnel; 57 struct l2tp_session *session = NULL; 58 struct net *net = genl_info_net(info); 59 60 if (info->attrs[L2TP_ATTR_IFNAME]) { 61 ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]); 62 session = l2tp_session_get_by_ifname(net, ifname); 63 } else if ((info->attrs[L2TP_ATTR_SESSION_ID]) && 64 (info->attrs[L2TP_ATTR_CONN_ID])) { 65 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 66 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]); 67 tunnel = l2tp_tunnel_get(net, tunnel_id); 68 if (tunnel) { 69 session = l2tp_session_get(net, tunnel, session_id); 70 l2tp_tunnel_dec_refcount(tunnel); 71 } 72 } 73 74 return session; 75 } 76 77 static int l2tp_nl_cmd_noop(struct sk_buff *skb, struct genl_info *info) 78 { 79 struct sk_buff *msg; 80 void *hdr; 81 int ret = -ENOBUFS; 82 83 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 84 if (!msg) { 85 ret = -ENOMEM; 86 goto out; 87 } 88 89 hdr = genlmsg_put(msg, info->snd_portid, info->snd_seq, 90 &l2tp_nl_family, 0, L2TP_CMD_NOOP); 91 if (!hdr) { 92 ret = -EMSGSIZE; 93 goto err_out; 94 } 95 96 genlmsg_end(msg, hdr); 97 98 return genlmsg_unicast(genl_info_net(info), msg, info->snd_portid); 99 100 err_out: 101 nlmsg_free(msg); 102 103 out: 104 return ret; 105 } 106 107 static int l2tp_tunnel_notify(struct genl_family *family, 108 struct genl_info *info, 109 struct l2tp_tunnel *tunnel, 110 u8 cmd) 111 { 112 struct sk_buff *msg; 113 int ret; 114 115 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 116 if (!msg) 117 return -ENOMEM; 118 119 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq, 120 NLM_F_ACK, tunnel, cmd); 121 122 if (ret >= 0) { 123 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC); 124 /* We don't care if no one is listening */ 125 if (ret == -ESRCH) 126 ret = 0; 127 return ret; 128 } 129 130 nlmsg_free(msg); 131 132 return ret; 133 } 134 135 static int l2tp_session_notify(struct genl_family *family, 136 struct genl_info *info, 137 struct l2tp_session *session, 138 u8 cmd) 139 { 140 struct sk_buff *msg; 141 int ret; 142 143 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 144 if (!msg) 145 return -ENOMEM; 146 147 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq, 148 NLM_F_ACK, session, cmd); 149 150 if (ret >= 0) { 151 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC); 152 /* We don't care if no one is listening */ 153 if (ret == -ESRCH) 154 ret = 0; 155 return ret; 156 } 157 158 nlmsg_free(msg); 159 160 return ret; 161 } 162 163 static int l2tp_nl_cmd_tunnel_create(struct sk_buff *skb, struct genl_info *info) 164 { 165 u32 tunnel_id; 166 u32 peer_tunnel_id; 167 int proto_version; 168 int fd; 169 int ret = 0; 170 struct l2tp_tunnel_cfg cfg = { 0, }; 171 struct l2tp_tunnel *tunnel; 172 struct net *net = genl_info_net(info); 173 174 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 175 ret = -EINVAL; 176 goto out; 177 } 178 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 179 180 if (!info->attrs[L2TP_ATTR_PEER_CONN_ID]) { 181 ret = -EINVAL; 182 goto out; 183 } 184 peer_tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_CONN_ID]); 185 186 if (!info->attrs[L2TP_ATTR_PROTO_VERSION]) { 187 ret = -EINVAL; 188 goto out; 189 } 190 proto_version = nla_get_u8(info->attrs[L2TP_ATTR_PROTO_VERSION]); 191 192 if (!info->attrs[L2TP_ATTR_ENCAP_TYPE]) { 193 ret = -EINVAL; 194 goto out; 195 } 196 cfg.encap = nla_get_u16(info->attrs[L2TP_ATTR_ENCAP_TYPE]); 197 198 fd = -1; 199 if (info->attrs[L2TP_ATTR_FD]) { 200 fd = nla_get_u32(info->attrs[L2TP_ATTR_FD]); 201 } else { 202 #if IS_ENABLED(CONFIG_IPV6) 203 if (info->attrs[L2TP_ATTR_IP6_SADDR] && 204 info->attrs[L2TP_ATTR_IP6_DADDR]) { 205 cfg.local_ip6 = nla_data( 206 info->attrs[L2TP_ATTR_IP6_SADDR]); 207 cfg.peer_ip6 = nla_data( 208 info->attrs[L2TP_ATTR_IP6_DADDR]); 209 } else 210 #endif 211 if (info->attrs[L2TP_ATTR_IP_SADDR] && 212 info->attrs[L2TP_ATTR_IP_DADDR]) { 213 cfg.local_ip.s_addr = nla_get_in_addr( 214 info->attrs[L2TP_ATTR_IP_SADDR]); 215 cfg.peer_ip.s_addr = nla_get_in_addr( 216 info->attrs[L2TP_ATTR_IP_DADDR]); 217 } else { 218 ret = -EINVAL; 219 goto out; 220 } 221 if (info->attrs[L2TP_ATTR_UDP_SPORT]) 222 cfg.local_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_SPORT]); 223 if (info->attrs[L2TP_ATTR_UDP_DPORT]) 224 cfg.peer_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_DPORT]); 225 cfg.use_udp_checksums = nla_get_flag( 226 info->attrs[L2TP_ATTR_UDP_CSUM]); 227 228 #if IS_ENABLED(CONFIG_IPV6) 229 cfg.udp6_zero_tx_checksums = nla_get_flag( 230 info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_TX]); 231 cfg.udp6_zero_rx_checksums = nla_get_flag( 232 info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_RX]); 233 #endif 234 } 235 236 if (info->attrs[L2TP_ATTR_DEBUG]) 237 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 238 239 tunnel = l2tp_tunnel_find(net, tunnel_id); 240 if (tunnel != NULL) { 241 ret = -EEXIST; 242 goto out; 243 } 244 245 ret = -EINVAL; 246 switch (cfg.encap) { 247 case L2TP_ENCAPTYPE_UDP: 248 case L2TP_ENCAPTYPE_IP: 249 ret = l2tp_tunnel_create(net, fd, proto_version, tunnel_id, 250 peer_tunnel_id, &cfg, &tunnel); 251 break; 252 } 253 254 if (ret >= 0) 255 ret = l2tp_tunnel_notify(&l2tp_nl_family, info, 256 tunnel, L2TP_CMD_TUNNEL_CREATE); 257 out: 258 return ret; 259 } 260 261 static int l2tp_nl_cmd_tunnel_delete(struct sk_buff *skb, struct genl_info *info) 262 { 263 struct l2tp_tunnel *tunnel; 264 u32 tunnel_id; 265 int ret = 0; 266 struct net *net = genl_info_net(info); 267 268 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 269 ret = -EINVAL; 270 goto out; 271 } 272 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 273 274 tunnel = l2tp_tunnel_get(net, tunnel_id); 275 if (!tunnel) { 276 ret = -ENODEV; 277 goto out; 278 } 279 280 l2tp_tunnel_notify(&l2tp_nl_family, info, 281 tunnel, L2TP_CMD_TUNNEL_DELETE); 282 283 l2tp_tunnel_delete(tunnel); 284 285 l2tp_tunnel_dec_refcount(tunnel); 286 287 out: 288 return ret; 289 } 290 291 static int l2tp_nl_cmd_tunnel_modify(struct sk_buff *skb, struct genl_info *info) 292 { 293 struct l2tp_tunnel *tunnel; 294 u32 tunnel_id; 295 int ret = 0; 296 struct net *net = genl_info_net(info); 297 298 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 299 ret = -EINVAL; 300 goto out; 301 } 302 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 303 304 tunnel = l2tp_tunnel_get(net, tunnel_id); 305 if (!tunnel) { 306 ret = -ENODEV; 307 goto out; 308 } 309 310 if (info->attrs[L2TP_ATTR_DEBUG]) 311 tunnel->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 312 313 ret = l2tp_tunnel_notify(&l2tp_nl_family, info, 314 tunnel, L2TP_CMD_TUNNEL_MODIFY); 315 316 l2tp_tunnel_dec_refcount(tunnel); 317 318 out: 319 return ret; 320 } 321 322 static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, int flags, 323 struct l2tp_tunnel *tunnel, u8 cmd) 324 { 325 void *hdr; 326 struct nlattr *nest; 327 struct sock *sk = NULL; 328 struct inet_sock *inet; 329 #if IS_ENABLED(CONFIG_IPV6) 330 struct ipv6_pinfo *np = NULL; 331 #endif 332 333 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd); 334 if (!hdr) 335 return -EMSGSIZE; 336 337 if (nla_put_u8(skb, L2TP_ATTR_PROTO_VERSION, tunnel->version) || 338 nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) || 339 nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) || 340 nla_put_u32(skb, L2TP_ATTR_DEBUG, tunnel->debug) || 341 nla_put_u16(skb, L2TP_ATTR_ENCAP_TYPE, tunnel->encap)) 342 goto nla_put_failure; 343 344 nest = nla_nest_start(skb, L2TP_ATTR_STATS); 345 if (nest == NULL) 346 goto nla_put_failure; 347 348 if (nla_put_u64_64bit(skb, L2TP_ATTR_TX_PACKETS, 349 atomic_long_read(&tunnel->stats.tx_packets), 350 L2TP_ATTR_STATS_PAD) || 351 nla_put_u64_64bit(skb, L2TP_ATTR_TX_BYTES, 352 atomic_long_read(&tunnel->stats.tx_bytes), 353 L2TP_ATTR_STATS_PAD) || 354 nla_put_u64_64bit(skb, L2TP_ATTR_TX_ERRORS, 355 atomic_long_read(&tunnel->stats.tx_errors), 356 L2TP_ATTR_STATS_PAD) || 357 nla_put_u64_64bit(skb, L2TP_ATTR_RX_PACKETS, 358 atomic_long_read(&tunnel->stats.rx_packets), 359 L2TP_ATTR_STATS_PAD) || 360 nla_put_u64_64bit(skb, L2TP_ATTR_RX_BYTES, 361 atomic_long_read(&tunnel->stats.rx_bytes), 362 L2TP_ATTR_STATS_PAD) || 363 nla_put_u64_64bit(skb, L2TP_ATTR_RX_SEQ_DISCARDS, 364 atomic_long_read(&tunnel->stats.rx_seq_discards), 365 L2TP_ATTR_STATS_PAD) || 366 nla_put_u64_64bit(skb, L2TP_ATTR_RX_OOS_PACKETS, 367 atomic_long_read(&tunnel->stats.rx_oos_packets), 368 L2TP_ATTR_STATS_PAD) || 369 nla_put_u64_64bit(skb, L2TP_ATTR_RX_ERRORS, 370 atomic_long_read(&tunnel->stats.rx_errors), 371 L2TP_ATTR_STATS_PAD)) 372 goto nla_put_failure; 373 nla_nest_end(skb, nest); 374 375 sk = tunnel->sock; 376 if (!sk) 377 goto out; 378 379 #if IS_ENABLED(CONFIG_IPV6) 380 if (sk->sk_family == AF_INET6) 381 np = inet6_sk(sk); 382 #endif 383 384 inet = inet_sk(sk); 385 386 switch (tunnel->encap) { 387 case L2TP_ENCAPTYPE_UDP: 388 switch (sk->sk_family) { 389 case AF_INET: 390 if (nla_put_u8(skb, L2TP_ATTR_UDP_CSUM, !sk->sk_no_check_tx)) 391 goto nla_put_failure; 392 break; 393 #if IS_ENABLED(CONFIG_IPV6) 394 case AF_INET6: 395 if (udp_get_no_check6_tx(sk) && 396 nla_put_flag(skb, L2TP_ATTR_UDP_ZERO_CSUM6_TX)) 397 goto nla_put_failure; 398 if (udp_get_no_check6_rx(sk) && 399 nla_put_flag(skb, L2TP_ATTR_UDP_ZERO_CSUM6_RX)) 400 goto nla_put_failure; 401 break; 402 #endif 403 } 404 if (nla_put_u16(skb, L2TP_ATTR_UDP_SPORT, ntohs(inet->inet_sport)) || 405 nla_put_u16(skb, L2TP_ATTR_UDP_DPORT, ntohs(inet->inet_dport))) 406 goto nla_put_failure; 407 /* fall through */ 408 case L2TP_ENCAPTYPE_IP: 409 #if IS_ENABLED(CONFIG_IPV6) 410 if (np) { 411 if (nla_put_in6_addr(skb, L2TP_ATTR_IP6_SADDR, 412 &np->saddr) || 413 nla_put_in6_addr(skb, L2TP_ATTR_IP6_DADDR, 414 &sk->sk_v6_daddr)) 415 goto nla_put_failure; 416 } else 417 #endif 418 if (nla_put_in_addr(skb, L2TP_ATTR_IP_SADDR, 419 inet->inet_saddr) || 420 nla_put_in_addr(skb, L2TP_ATTR_IP_DADDR, 421 inet->inet_daddr)) 422 goto nla_put_failure; 423 break; 424 } 425 426 out: 427 genlmsg_end(skb, hdr); 428 return 0; 429 430 nla_put_failure: 431 genlmsg_cancel(skb, hdr); 432 return -1; 433 } 434 435 static int l2tp_nl_cmd_tunnel_get(struct sk_buff *skb, struct genl_info *info) 436 { 437 struct l2tp_tunnel *tunnel; 438 struct sk_buff *msg; 439 u32 tunnel_id; 440 int ret = -ENOBUFS; 441 struct net *net = genl_info_net(info); 442 443 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 444 ret = -EINVAL; 445 goto err; 446 } 447 448 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 449 450 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 451 if (!msg) { 452 ret = -ENOMEM; 453 goto err; 454 } 455 456 tunnel = l2tp_tunnel_get(net, tunnel_id); 457 if (!tunnel) { 458 ret = -ENODEV; 459 goto err_nlmsg; 460 } 461 462 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq, 463 NLM_F_ACK, tunnel, L2TP_CMD_TUNNEL_GET); 464 if (ret < 0) 465 goto err_nlmsg_tunnel; 466 467 l2tp_tunnel_dec_refcount(tunnel); 468 469 return genlmsg_unicast(net, msg, info->snd_portid); 470 471 err_nlmsg_tunnel: 472 l2tp_tunnel_dec_refcount(tunnel); 473 err_nlmsg: 474 nlmsg_free(msg); 475 err: 476 return ret; 477 } 478 479 static int l2tp_nl_cmd_tunnel_dump(struct sk_buff *skb, struct netlink_callback *cb) 480 { 481 int ti = cb->args[0]; 482 struct l2tp_tunnel *tunnel; 483 struct net *net = sock_net(skb->sk); 484 485 for (;;) { 486 tunnel = l2tp_tunnel_find_nth(net, ti); 487 if (tunnel == NULL) 488 goto out; 489 490 if (l2tp_nl_tunnel_send(skb, NETLINK_CB(cb->skb).portid, 491 cb->nlh->nlmsg_seq, NLM_F_MULTI, 492 tunnel, L2TP_CMD_TUNNEL_GET) < 0) 493 goto out; 494 495 ti++; 496 } 497 498 out: 499 cb->args[0] = ti; 500 501 return skb->len; 502 } 503 504 static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *info) 505 { 506 u32 tunnel_id = 0; 507 u32 session_id; 508 u32 peer_session_id; 509 int ret = 0; 510 struct l2tp_tunnel *tunnel; 511 struct l2tp_session *session; 512 struct l2tp_session_cfg cfg = { 0, }; 513 struct net *net = genl_info_net(info); 514 515 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 516 ret = -EINVAL; 517 goto out; 518 } 519 520 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 521 tunnel = l2tp_tunnel_get(net, tunnel_id); 522 if (!tunnel) { 523 ret = -ENODEV; 524 goto out; 525 } 526 527 if (!info->attrs[L2TP_ATTR_SESSION_ID]) { 528 ret = -EINVAL; 529 goto out_tunnel; 530 } 531 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]); 532 533 if (!info->attrs[L2TP_ATTR_PEER_SESSION_ID]) { 534 ret = -EINVAL; 535 goto out_tunnel; 536 } 537 peer_session_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_SESSION_ID]); 538 539 if (!info->attrs[L2TP_ATTR_PW_TYPE]) { 540 ret = -EINVAL; 541 goto out_tunnel; 542 } 543 cfg.pw_type = nla_get_u16(info->attrs[L2TP_ATTR_PW_TYPE]); 544 if (cfg.pw_type >= __L2TP_PWTYPE_MAX) { 545 ret = -EINVAL; 546 goto out_tunnel; 547 } 548 549 if (tunnel->version > 2) { 550 if (info->attrs[L2TP_ATTR_PEER_OFFSET]) { 551 struct nlattr *peer_offset; 552 553 peer_offset = info->attrs[L2TP_ATTR_PEER_OFFSET]; 554 cfg.peer_offset = nla_get_u16(peer_offset); 555 } 556 557 if (info->attrs[L2TP_ATTR_OFFSET]) { 558 cfg.offset = nla_get_u16(info->attrs[L2TP_ATTR_OFFSET]); 559 560 /* in order to maintain compatibility with older 561 * versions where offset was used for both tx and 562 * rx side, update rx side with offset if peer_offset 563 * is not provided by userspace 564 */ 565 if (!info->attrs[L2TP_ATTR_PEER_OFFSET]) 566 cfg.peer_offset = cfg.offset; 567 } 568 569 if (info->attrs[L2TP_ATTR_DATA_SEQ]) 570 cfg.data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]); 571 572 cfg.l2specific_type = L2TP_L2SPECTYPE_DEFAULT; 573 if (info->attrs[L2TP_ATTR_L2SPEC_TYPE]) 574 cfg.l2specific_type = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_TYPE]); 575 576 cfg.l2specific_len = 4; 577 if (info->attrs[L2TP_ATTR_L2SPEC_LEN]) 578 cfg.l2specific_len = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_LEN]); 579 580 if (info->attrs[L2TP_ATTR_COOKIE]) { 581 u16 len = nla_len(info->attrs[L2TP_ATTR_COOKIE]); 582 if (len > 8) { 583 ret = -EINVAL; 584 goto out_tunnel; 585 } 586 cfg.cookie_len = len; 587 memcpy(&cfg.cookie[0], nla_data(info->attrs[L2TP_ATTR_COOKIE]), len); 588 } 589 if (info->attrs[L2TP_ATTR_PEER_COOKIE]) { 590 u16 len = nla_len(info->attrs[L2TP_ATTR_PEER_COOKIE]); 591 if (len > 8) { 592 ret = -EINVAL; 593 goto out_tunnel; 594 } 595 cfg.peer_cookie_len = len; 596 memcpy(&cfg.peer_cookie[0], nla_data(info->attrs[L2TP_ATTR_PEER_COOKIE]), len); 597 } 598 if (info->attrs[L2TP_ATTR_IFNAME]) 599 cfg.ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]); 600 601 if (info->attrs[L2TP_ATTR_VLAN_ID]) 602 cfg.vlan_id = nla_get_u16(info->attrs[L2TP_ATTR_VLAN_ID]); 603 } 604 605 if (info->attrs[L2TP_ATTR_DEBUG]) 606 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 607 608 if (info->attrs[L2TP_ATTR_RECV_SEQ]) 609 cfg.recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]); 610 611 if (info->attrs[L2TP_ATTR_SEND_SEQ]) 612 cfg.send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]); 613 614 if (info->attrs[L2TP_ATTR_LNS_MODE]) 615 cfg.lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]); 616 617 if (info->attrs[L2TP_ATTR_RECV_TIMEOUT]) 618 cfg.reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]); 619 620 if (info->attrs[L2TP_ATTR_MTU]) 621 cfg.mtu = nla_get_u16(info->attrs[L2TP_ATTR_MTU]); 622 623 if (info->attrs[L2TP_ATTR_MRU]) 624 cfg.mru = nla_get_u16(info->attrs[L2TP_ATTR_MRU]); 625 626 #ifdef CONFIG_MODULES 627 if (l2tp_nl_cmd_ops[cfg.pw_type] == NULL) { 628 genl_unlock(); 629 request_module("net-l2tp-type-%u", cfg.pw_type); 630 genl_lock(); 631 } 632 #endif 633 if ((l2tp_nl_cmd_ops[cfg.pw_type] == NULL) || 634 (l2tp_nl_cmd_ops[cfg.pw_type]->session_create == NULL)) { 635 ret = -EPROTONOSUPPORT; 636 goto out_tunnel; 637 } 638 639 /* Check that pseudowire-specific params are present */ 640 switch (cfg.pw_type) { 641 case L2TP_PWTYPE_NONE: 642 break; 643 case L2TP_PWTYPE_ETH_VLAN: 644 if (!info->attrs[L2TP_ATTR_VLAN_ID]) { 645 ret = -EINVAL; 646 goto out_tunnel; 647 } 648 break; 649 case L2TP_PWTYPE_ETH: 650 break; 651 case L2TP_PWTYPE_PPP: 652 case L2TP_PWTYPE_PPP_AC: 653 break; 654 case L2TP_PWTYPE_IP: 655 default: 656 ret = -EPROTONOSUPPORT; 657 break; 658 } 659 660 ret = l2tp_nl_cmd_ops[cfg.pw_type]->session_create(net, tunnel, 661 session_id, 662 peer_session_id, 663 &cfg); 664 665 if (ret >= 0) { 666 session = l2tp_session_get(net, tunnel, session_id); 667 if (session) { 668 ret = l2tp_session_notify(&l2tp_nl_family, info, session, 669 L2TP_CMD_SESSION_CREATE); 670 l2tp_session_dec_refcount(session); 671 } 672 } 673 674 out_tunnel: 675 l2tp_tunnel_dec_refcount(tunnel); 676 out: 677 return ret; 678 } 679 680 static int l2tp_nl_cmd_session_delete(struct sk_buff *skb, struct genl_info *info) 681 { 682 int ret = 0; 683 struct l2tp_session *session; 684 u16 pw_type; 685 686 session = l2tp_nl_session_get(info); 687 if (session == NULL) { 688 ret = -ENODEV; 689 goto out; 690 } 691 692 l2tp_session_notify(&l2tp_nl_family, info, 693 session, L2TP_CMD_SESSION_DELETE); 694 695 pw_type = session->pwtype; 696 if (pw_type < __L2TP_PWTYPE_MAX) 697 if (l2tp_nl_cmd_ops[pw_type] && l2tp_nl_cmd_ops[pw_type]->session_delete) 698 ret = (*l2tp_nl_cmd_ops[pw_type]->session_delete)(session); 699 700 l2tp_session_dec_refcount(session); 701 702 out: 703 return ret; 704 } 705 706 static int l2tp_nl_cmd_session_modify(struct sk_buff *skb, struct genl_info *info) 707 { 708 int ret = 0; 709 struct l2tp_session *session; 710 711 session = l2tp_nl_session_get(info); 712 if (session == NULL) { 713 ret = -ENODEV; 714 goto out; 715 } 716 717 if (info->attrs[L2TP_ATTR_DEBUG]) 718 session->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 719 720 if (info->attrs[L2TP_ATTR_DATA_SEQ]) 721 session->data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]); 722 723 if (info->attrs[L2TP_ATTR_RECV_SEQ]) 724 session->recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]); 725 726 if (info->attrs[L2TP_ATTR_SEND_SEQ]) { 727 session->send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]); 728 l2tp_session_set_header_len(session, session->tunnel->version); 729 } 730 731 if (info->attrs[L2TP_ATTR_LNS_MODE]) 732 session->lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]); 733 734 if (info->attrs[L2TP_ATTR_RECV_TIMEOUT]) 735 session->reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]); 736 737 if (info->attrs[L2TP_ATTR_MTU]) 738 session->mtu = nla_get_u16(info->attrs[L2TP_ATTR_MTU]); 739 740 if (info->attrs[L2TP_ATTR_MRU]) 741 session->mru = nla_get_u16(info->attrs[L2TP_ATTR_MRU]); 742 743 ret = l2tp_session_notify(&l2tp_nl_family, info, 744 session, L2TP_CMD_SESSION_MODIFY); 745 746 l2tp_session_dec_refcount(session); 747 748 out: 749 return ret; 750 } 751 752 static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, int flags, 753 struct l2tp_session *session, u8 cmd) 754 { 755 void *hdr; 756 struct nlattr *nest; 757 struct l2tp_tunnel *tunnel = session->tunnel; 758 struct sock *sk = NULL; 759 760 sk = tunnel->sock; 761 762 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd); 763 if (!hdr) 764 return -EMSGSIZE; 765 766 if (nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) || 767 nla_put_u32(skb, L2TP_ATTR_SESSION_ID, session->session_id) || 768 nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) || 769 nla_put_u32(skb, L2TP_ATTR_PEER_SESSION_ID, 770 session->peer_session_id) || 771 nla_put_u32(skb, L2TP_ATTR_DEBUG, session->debug) || 772 nla_put_u16(skb, L2TP_ATTR_PW_TYPE, session->pwtype) || 773 nla_put_u16(skb, L2TP_ATTR_MTU, session->mtu) || 774 (session->mru && 775 nla_put_u16(skb, L2TP_ATTR_MRU, session->mru))) 776 goto nla_put_failure; 777 778 if ((session->ifname[0] && 779 nla_put_string(skb, L2TP_ATTR_IFNAME, session->ifname)) || 780 (session->offset && 781 nla_put_u16(skb, L2TP_ATTR_OFFSET, session->offset)) || 782 (session->peer_offset && 783 nla_put_u16(skb, L2TP_ATTR_PEER_OFFSET, session->peer_offset)) || 784 (session->cookie_len && 785 nla_put(skb, L2TP_ATTR_COOKIE, session->cookie_len, 786 &session->cookie[0])) || 787 (session->peer_cookie_len && 788 nla_put(skb, L2TP_ATTR_PEER_COOKIE, session->peer_cookie_len, 789 &session->peer_cookie[0])) || 790 nla_put_u8(skb, L2TP_ATTR_RECV_SEQ, session->recv_seq) || 791 nla_put_u8(skb, L2TP_ATTR_SEND_SEQ, session->send_seq) || 792 nla_put_u8(skb, L2TP_ATTR_LNS_MODE, session->lns_mode) || 793 #ifdef CONFIG_XFRM 794 (((sk) && (sk->sk_policy[0] || sk->sk_policy[1])) && 795 nla_put_u8(skb, L2TP_ATTR_USING_IPSEC, 1)) || 796 #endif 797 (session->reorder_timeout && 798 nla_put_msecs(skb, L2TP_ATTR_RECV_TIMEOUT, 799 session->reorder_timeout, L2TP_ATTR_PAD))) 800 goto nla_put_failure; 801 802 nest = nla_nest_start(skb, L2TP_ATTR_STATS); 803 if (nest == NULL) 804 goto nla_put_failure; 805 806 if (nla_put_u64_64bit(skb, L2TP_ATTR_TX_PACKETS, 807 atomic_long_read(&session->stats.tx_packets), 808 L2TP_ATTR_STATS_PAD) || 809 nla_put_u64_64bit(skb, L2TP_ATTR_TX_BYTES, 810 atomic_long_read(&session->stats.tx_bytes), 811 L2TP_ATTR_STATS_PAD) || 812 nla_put_u64_64bit(skb, L2TP_ATTR_TX_ERRORS, 813 atomic_long_read(&session->stats.tx_errors), 814 L2TP_ATTR_STATS_PAD) || 815 nla_put_u64_64bit(skb, L2TP_ATTR_RX_PACKETS, 816 atomic_long_read(&session->stats.rx_packets), 817 L2TP_ATTR_STATS_PAD) || 818 nla_put_u64_64bit(skb, L2TP_ATTR_RX_BYTES, 819 atomic_long_read(&session->stats.rx_bytes), 820 L2TP_ATTR_STATS_PAD) || 821 nla_put_u64_64bit(skb, L2TP_ATTR_RX_SEQ_DISCARDS, 822 atomic_long_read(&session->stats.rx_seq_discards), 823 L2TP_ATTR_STATS_PAD) || 824 nla_put_u64_64bit(skb, L2TP_ATTR_RX_OOS_PACKETS, 825 atomic_long_read(&session->stats.rx_oos_packets), 826 L2TP_ATTR_STATS_PAD) || 827 nla_put_u64_64bit(skb, L2TP_ATTR_RX_ERRORS, 828 atomic_long_read(&session->stats.rx_errors), 829 L2TP_ATTR_STATS_PAD)) 830 goto nla_put_failure; 831 nla_nest_end(skb, nest); 832 833 genlmsg_end(skb, hdr); 834 return 0; 835 836 nla_put_failure: 837 genlmsg_cancel(skb, hdr); 838 return -1; 839 } 840 841 static int l2tp_nl_cmd_session_get(struct sk_buff *skb, struct genl_info *info) 842 { 843 struct l2tp_session *session; 844 struct sk_buff *msg; 845 int ret; 846 847 session = l2tp_nl_session_get(info); 848 if (session == NULL) { 849 ret = -ENODEV; 850 goto err; 851 } 852 853 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 854 if (!msg) { 855 ret = -ENOMEM; 856 goto err_ref; 857 } 858 859 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq, 860 0, session, L2TP_CMD_SESSION_GET); 861 if (ret < 0) 862 goto err_ref_msg; 863 864 ret = genlmsg_unicast(genl_info_net(info), msg, info->snd_portid); 865 866 l2tp_session_dec_refcount(session); 867 868 return ret; 869 870 err_ref_msg: 871 nlmsg_free(msg); 872 err_ref: 873 l2tp_session_dec_refcount(session); 874 err: 875 return ret; 876 } 877 878 static int l2tp_nl_cmd_session_dump(struct sk_buff *skb, struct netlink_callback *cb) 879 { 880 struct net *net = sock_net(skb->sk); 881 struct l2tp_session *session; 882 struct l2tp_tunnel *tunnel = NULL; 883 int ti = cb->args[0]; 884 int si = cb->args[1]; 885 886 for (;;) { 887 if (tunnel == NULL) { 888 tunnel = l2tp_tunnel_find_nth(net, ti); 889 if (tunnel == NULL) 890 goto out; 891 } 892 893 session = l2tp_session_get_nth(tunnel, si); 894 if (session == NULL) { 895 ti++; 896 tunnel = NULL; 897 si = 0; 898 continue; 899 } 900 901 if (l2tp_nl_session_send(skb, NETLINK_CB(cb->skb).portid, 902 cb->nlh->nlmsg_seq, NLM_F_MULTI, 903 session, L2TP_CMD_SESSION_GET) < 0) { 904 l2tp_session_dec_refcount(session); 905 break; 906 } 907 l2tp_session_dec_refcount(session); 908 909 si++; 910 } 911 912 out: 913 cb->args[0] = ti; 914 cb->args[1] = si; 915 916 return skb->len; 917 } 918 919 static const struct nla_policy l2tp_nl_policy[L2TP_ATTR_MAX + 1] = { 920 [L2TP_ATTR_NONE] = { .type = NLA_UNSPEC, }, 921 [L2TP_ATTR_PW_TYPE] = { .type = NLA_U16, }, 922 [L2TP_ATTR_ENCAP_TYPE] = { .type = NLA_U16, }, 923 [L2TP_ATTR_OFFSET] = { .type = NLA_U16, }, 924 [L2TP_ATTR_PEER_OFFSET] = { .type = NLA_U16, }, 925 [L2TP_ATTR_DATA_SEQ] = { .type = NLA_U8, }, 926 [L2TP_ATTR_L2SPEC_TYPE] = { .type = NLA_U8, }, 927 [L2TP_ATTR_L2SPEC_LEN] = { .type = NLA_U8, }, 928 [L2TP_ATTR_PROTO_VERSION] = { .type = NLA_U8, }, 929 [L2TP_ATTR_CONN_ID] = { .type = NLA_U32, }, 930 [L2TP_ATTR_PEER_CONN_ID] = { .type = NLA_U32, }, 931 [L2TP_ATTR_SESSION_ID] = { .type = NLA_U32, }, 932 [L2TP_ATTR_PEER_SESSION_ID] = { .type = NLA_U32, }, 933 [L2TP_ATTR_UDP_CSUM] = { .type = NLA_U8, }, 934 [L2TP_ATTR_VLAN_ID] = { .type = NLA_U16, }, 935 [L2TP_ATTR_DEBUG] = { .type = NLA_U32, }, 936 [L2TP_ATTR_RECV_SEQ] = { .type = NLA_U8, }, 937 [L2TP_ATTR_SEND_SEQ] = { .type = NLA_U8, }, 938 [L2TP_ATTR_LNS_MODE] = { .type = NLA_U8, }, 939 [L2TP_ATTR_USING_IPSEC] = { .type = NLA_U8, }, 940 [L2TP_ATTR_RECV_TIMEOUT] = { .type = NLA_MSECS, }, 941 [L2TP_ATTR_FD] = { .type = NLA_U32, }, 942 [L2TP_ATTR_IP_SADDR] = { .type = NLA_U32, }, 943 [L2TP_ATTR_IP_DADDR] = { .type = NLA_U32, }, 944 [L2TP_ATTR_UDP_SPORT] = { .type = NLA_U16, }, 945 [L2TP_ATTR_UDP_DPORT] = { .type = NLA_U16, }, 946 [L2TP_ATTR_MTU] = { .type = NLA_U16, }, 947 [L2TP_ATTR_MRU] = { .type = NLA_U16, }, 948 [L2TP_ATTR_STATS] = { .type = NLA_NESTED, }, 949 [L2TP_ATTR_IP6_SADDR] = { 950 .type = NLA_BINARY, 951 .len = sizeof(struct in6_addr), 952 }, 953 [L2TP_ATTR_IP6_DADDR] = { 954 .type = NLA_BINARY, 955 .len = sizeof(struct in6_addr), 956 }, 957 [L2TP_ATTR_IFNAME] = { 958 .type = NLA_NUL_STRING, 959 .len = IFNAMSIZ - 1, 960 }, 961 [L2TP_ATTR_COOKIE] = { 962 .type = NLA_BINARY, 963 .len = 8, 964 }, 965 [L2TP_ATTR_PEER_COOKIE] = { 966 .type = NLA_BINARY, 967 .len = 8, 968 }, 969 }; 970 971 static const struct genl_ops l2tp_nl_ops[] = { 972 { 973 .cmd = L2TP_CMD_NOOP, 974 .doit = l2tp_nl_cmd_noop, 975 .policy = l2tp_nl_policy, 976 /* can be retrieved by unprivileged users */ 977 }, 978 { 979 .cmd = L2TP_CMD_TUNNEL_CREATE, 980 .doit = l2tp_nl_cmd_tunnel_create, 981 .policy = l2tp_nl_policy, 982 .flags = GENL_ADMIN_PERM, 983 }, 984 { 985 .cmd = L2TP_CMD_TUNNEL_DELETE, 986 .doit = l2tp_nl_cmd_tunnel_delete, 987 .policy = l2tp_nl_policy, 988 .flags = GENL_ADMIN_PERM, 989 }, 990 { 991 .cmd = L2TP_CMD_TUNNEL_MODIFY, 992 .doit = l2tp_nl_cmd_tunnel_modify, 993 .policy = l2tp_nl_policy, 994 .flags = GENL_ADMIN_PERM, 995 }, 996 { 997 .cmd = L2TP_CMD_TUNNEL_GET, 998 .doit = l2tp_nl_cmd_tunnel_get, 999 .dumpit = l2tp_nl_cmd_tunnel_dump, 1000 .policy = l2tp_nl_policy, 1001 .flags = GENL_ADMIN_PERM, 1002 }, 1003 { 1004 .cmd = L2TP_CMD_SESSION_CREATE, 1005 .doit = l2tp_nl_cmd_session_create, 1006 .policy = l2tp_nl_policy, 1007 .flags = GENL_ADMIN_PERM, 1008 }, 1009 { 1010 .cmd = L2TP_CMD_SESSION_DELETE, 1011 .doit = l2tp_nl_cmd_session_delete, 1012 .policy = l2tp_nl_policy, 1013 .flags = GENL_ADMIN_PERM, 1014 }, 1015 { 1016 .cmd = L2TP_CMD_SESSION_MODIFY, 1017 .doit = l2tp_nl_cmd_session_modify, 1018 .policy = l2tp_nl_policy, 1019 .flags = GENL_ADMIN_PERM, 1020 }, 1021 { 1022 .cmd = L2TP_CMD_SESSION_GET, 1023 .doit = l2tp_nl_cmd_session_get, 1024 .dumpit = l2tp_nl_cmd_session_dump, 1025 .policy = l2tp_nl_policy, 1026 .flags = GENL_ADMIN_PERM, 1027 }, 1028 }; 1029 1030 static struct genl_family l2tp_nl_family __ro_after_init = { 1031 .name = L2TP_GENL_NAME, 1032 .version = L2TP_GENL_VERSION, 1033 .hdrsize = 0, 1034 .maxattr = L2TP_ATTR_MAX, 1035 .netnsok = true, 1036 .module = THIS_MODULE, 1037 .ops = l2tp_nl_ops, 1038 .n_ops = ARRAY_SIZE(l2tp_nl_ops), 1039 .mcgrps = l2tp_multicast_group, 1040 .n_mcgrps = ARRAY_SIZE(l2tp_multicast_group), 1041 }; 1042 1043 int l2tp_nl_register_ops(enum l2tp_pwtype pw_type, const struct l2tp_nl_cmd_ops *ops) 1044 { 1045 int ret; 1046 1047 ret = -EINVAL; 1048 if (pw_type >= __L2TP_PWTYPE_MAX) 1049 goto err; 1050 1051 genl_lock(); 1052 ret = -EBUSY; 1053 if (l2tp_nl_cmd_ops[pw_type]) 1054 goto out; 1055 1056 l2tp_nl_cmd_ops[pw_type] = ops; 1057 ret = 0; 1058 1059 out: 1060 genl_unlock(); 1061 err: 1062 return ret; 1063 } 1064 EXPORT_SYMBOL_GPL(l2tp_nl_register_ops); 1065 1066 void l2tp_nl_unregister_ops(enum l2tp_pwtype pw_type) 1067 { 1068 if (pw_type < __L2TP_PWTYPE_MAX) { 1069 genl_lock(); 1070 l2tp_nl_cmd_ops[pw_type] = NULL; 1071 genl_unlock(); 1072 } 1073 } 1074 EXPORT_SYMBOL_GPL(l2tp_nl_unregister_ops); 1075 1076 static int __init l2tp_nl_init(void) 1077 { 1078 pr_info("L2TP netlink interface\n"); 1079 return genl_register_family(&l2tp_nl_family); 1080 } 1081 1082 static void l2tp_nl_cleanup(void) 1083 { 1084 genl_unregister_family(&l2tp_nl_family); 1085 } 1086 1087 module_init(l2tp_nl_init); 1088 module_exit(l2tp_nl_cleanup); 1089 1090 MODULE_AUTHOR("James Chapman <jchapman@katalix.com>"); 1091 MODULE_DESCRIPTION("L2TP netlink"); 1092 MODULE_LICENSE("GPL"); 1093 MODULE_VERSION("1.0"); 1094 MODULE_ALIAS_GENL_FAMILY("l2tp"); 1095