1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * NETLINK Generic Netlink Family 4 * 5 * Authors: Jamal Hadi Salim 6 * Thomas Graf <tgraf@suug.ch> 7 * Johannes Berg <johannes@sipsolutions.net> 8 */ 9 10 #include <linux/module.h> 11 #include <linux/kernel.h> 12 #include <linux/slab.h> 13 #include <linux/errno.h> 14 #include <linux/types.h> 15 #include <linux/socket.h> 16 #include <linux/string_helpers.h> 17 #include <linux/skbuff.h> 18 #include <linux/mutex.h> 19 #include <linux/bitmap.h> 20 #include <linux/rwsem.h> 21 #include <linux/idr.h> 22 #include <net/sock.h> 23 #include <net/genetlink.h> 24 25 static DEFINE_MUTEX(genl_mutex); /* serialization of message processing */ 26 static DECLARE_RWSEM(cb_lock); 27 28 atomic_t genl_sk_destructing_cnt = ATOMIC_INIT(0); 29 DECLARE_WAIT_QUEUE_HEAD(genl_sk_destructing_waitq); 30 31 void genl_lock(void) 32 { 33 mutex_lock(&genl_mutex); 34 } 35 EXPORT_SYMBOL(genl_lock); 36 37 void genl_unlock(void) 38 { 39 mutex_unlock(&genl_mutex); 40 } 41 EXPORT_SYMBOL(genl_unlock); 42 43 static void genl_lock_all(void) 44 { 45 down_write(&cb_lock); 46 genl_lock(); 47 } 48 49 static void genl_unlock_all(void) 50 { 51 genl_unlock(); 52 up_write(&cb_lock); 53 } 54 55 static void genl_op_lock(const struct genl_family *family) 56 { 57 if (!family->parallel_ops) 58 genl_lock(); 59 } 60 61 static void genl_op_unlock(const struct genl_family *family) 62 { 63 if (!family->parallel_ops) 64 genl_unlock(); 65 } 66 67 static DEFINE_IDR(genl_fam_idr); 68 69 /* 70 * Bitmap of multicast groups that are currently in use. 71 * 72 * To avoid an allocation at boot of just one unsigned long, 73 * declare it global instead. 74 * Bit 0 is marked as already used since group 0 is invalid. 75 * Bit 1 is marked as already used since the drop-monitor code 76 * abuses the API and thinks it can statically use group 1. 77 * That group will typically conflict with other groups that 78 * any proper users use. 79 * Bit 16 is marked as used since it's used for generic netlink 80 * and the code no longer marks pre-reserved IDs as used. 81 * Bit 17 is marked as already used since the VFS quota code 82 * also abused this API and relied on family == group ID, we 83 * cater to that by giving it a static family and group ID. 84 * Bit 18 is marked as already used since the PMCRAID driver 85 * did the same thing as the VFS quota code (maybe copied?) 86 */ 87 static unsigned long mc_group_start = 0x3 | BIT(GENL_ID_CTRL) | 88 BIT(GENL_ID_VFS_DQUOT) | 89 BIT(GENL_ID_PMCRAID); 90 static unsigned long *mc_groups = &mc_group_start; 91 static unsigned long mc_groups_longs = 1; 92 93 /* We need the last attribute with non-zero ID therefore a 2-entry array */ 94 static struct nla_policy genl_policy_reject_all[] = { 95 { .type = NLA_REJECT }, 96 { .type = NLA_REJECT }, 97 }; 98 99 static int genl_ctrl_event(int event, const struct genl_family *family, 100 const struct genl_multicast_group *grp, 101 int grp_id); 102 103 static void 104 genl_op_fill_in_reject_policy(const struct genl_family *family, 105 struct genl_ops *op) 106 { 107 BUILD_BUG_ON(ARRAY_SIZE(genl_policy_reject_all) - 1 != 1); 108 109 if (op->policy || op->cmd < family->resv_start_op) 110 return; 111 112 op->policy = genl_policy_reject_all; 113 op->maxattr = 1; 114 } 115 116 static void 117 genl_op_fill_in_reject_policy_split(const struct genl_family *family, 118 struct genl_split_ops *op) 119 { 120 if (op->policy) 121 return; 122 123 op->policy = genl_policy_reject_all; 124 op->maxattr = 1; 125 } 126 127 static const struct genl_family *genl_family_find_byid(unsigned int id) 128 { 129 return idr_find(&genl_fam_idr, id); 130 } 131 132 static const struct genl_family *genl_family_find_byname(char *name) 133 { 134 const struct genl_family *family; 135 unsigned int id; 136 137 idr_for_each_entry(&genl_fam_idr, family, id) 138 if (strcmp(family->name, name) == 0) 139 return family; 140 141 return NULL; 142 } 143 144 struct genl_op_iter { 145 const struct genl_family *family; 146 struct genl_split_ops doit; 147 struct genl_split_ops dumpit; 148 int cmd_idx; 149 int entry_idx; 150 u32 cmd; 151 u8 flags; 152 }; 153 154 static void genl_op_from_full(const struct genl_family *family, 155 unsigned int i, struct genl_ops *op) 156 { 157 *op = family->ops[i]; 158 159 if (!op->maxattr) 160 op->maxattr = family->maxattr; 161 if (!op->policy) 162 op->policy = family->policy; 163 164 genl_op_fill_in_reject_policy(family, op); 165 } 166 167 static int genl_get_cmd_full(u32 cmd, const struct genl_family *family, 168 struct genl_ops *op) 169 { 170 int i; 171 172 for (i = 0; i < family->n_ops; i++) 173 if (family->ops[i].cmd == cmd) { 174 genl_op_from_full(family, i, op); 175 return 0; 176 } 177 178 return -ENOENT; 179 } 180 181 static void genl_op_from_small(const struct genl_family *family, 182 unsigned int i, struct genl_ops *op) 183 { 184 memset(op, 0, sizeof(*op)); 185 op->doit = family->small_ops[i].doit; 186 op->dumpit = family->small_ops[i].dumpit; 187 op->cmd = family->small_ops[i].cmd; 188 op->internal_flags = family->small_ops[i].internal_flags; 189 op->flags = family->small_ops[i].flags; 190 op->validate = family->small_ops[i].validate; 191 192 op->maxattr = family->maxattr; 193 op->policy = family->policy; 194 195 genl_op_fill_in_reject_policy(family, op); 196 } 197 198 static int genl_get_cmd_small(u32 cmd, const struct genl_family *family, 199 struct genl_ops *op) 200 { 201 int i; 202 203 for (i = 0; i < family->n_small_ops; i++) 204 if (family->small_ops[i].cmd == cmd) { 205 genl_op_from_small(family, i, op); 206 return 0; 207 } 208 209 return -ENOENT; 210 } 211 212 static void genl_op_from_split(struct genl_op_iter *iter) 213 { 214 const struct genl_family *family = iter->family; 215 int i, cnt = 0; 216 217 i = iter->entry_idx - family->n_ops - family->n_small_ops; 218 219 if (family->split_ops[i + cnt].flags & GENL_CMD_CAP_DO) { 220 iter->doit = family->split_ops[i + cnt]; 221 genl_op_fill_in_reject_policy_split(family, &iter->doit); 222 cnt++; 223 } else { 224 memset(&iter->doit, 0, sizeof(iter->doit)); 225 } 226 227 if (i + cnt < family->n_split_ops && 228 family->split_ops[i + cnt].flags & GENL_CMD_CAP_DUMP) { 229 iter->dumpit = family->split_ops[i + cnt]; 230 genl_op_fill_in_reject_policy_split(family, &iter->dumpit); 231 cnt++; 232 } else { 233 memset(&iter->dumpit, 0, sizeof(iter->dumpit)); 234 } 235 236 WARN_ON(!cnt); 237 iter->entry_idx += cnt; 238 } 239 240 static int 241 genl_get_cmd_split(u32 cmd, u8 flag, const struct genl_family *family, 242 struct genl_split_ops *op) 243 { 244 int i; 245 246 for (i = 0; i < family->n_split_ops; i++) 247 if (family->split_ops[i].cmd == cmd && 248 family->split_ops[i].flags & flag) { 249 *op = family->split_ops[i]; 250 return 0; 251 } 252 253 return -ENOENT; 254 } 255 256 static int 257 genl_cmd_full_to_split(struct genl_split_ops *op, 258 const struct genl_family *family, 259 const struct genl_ops *full, u8 flags) 260 { 261 if ((flags & GENL_CMD_CAP_DO && !full->doit) || 262 (flags & GENL_CMD_CAP_DUMP && !full->dumpit)) { 263 memset(op, 0, sizeof(*op)); 264 return -ENOENT; 265 } 266 267 if (flags & GENL_CMD_CAP_DUMP) { 268 op->start = full->start; 269 op->dumpit = full->dumpit; 270 op->done = full->done; 271 } else { 272 op->pre_doit = family->pre_doit; 273 op->doit = full->doit; 274 op->post_doit = family->post_doit; 275 } 276 277 if (flags & GENL_CMD_CAP_DUMP && 278 full->validate & GENL_DONT_VALIDATE_DUMP) { 279 op->policy = NULL; 280 op->maxattr = 0; 281 } else { 282 op->policy = full->policy; 283 op->maxattr = full->maxattr; 284 } 285 286 op->cmd = full->cmd; 287 op->internal_flags = full->internal_flags; 288 op->flags = full->flags; 289 op->validate = full->validate; 290 291 /* Make sure flags include the GENL_CMD_CAP_DO / GENL_CMD_CAP_DUMP */ 292 op->flags |= flags; 293 294 return 0; 295 } 296 297 /* Must make sure that op is initialized to 0 on failure */ 298 static int 299 genl_get_cmd(u32 cmd, u8 flags, const struct genl_family *family, 300 struct genl_split_ops *op) 301 { 302 struct genl_ops full; 303 int err; 304 305 err = genl_get_cmd_full(cmd, family, &full); 306 if (err == -ENOENT) 307 err = genl_get_cmd_small(cmd, family, &full); 308 /* Found one of legacy forms */ 309 if (err == 0) 310 return genl_cmd_full_to_split(op, family, &full, flags); 311 312 err = genl_get_cmd_split(cmd, flags, family, op); 313 if (err) 314 memset(op, 0, sizeof(*op)); 315 return err; 316 } 317 318 /* For policy dumping only, get ops of both do and dump. 319 * Fail if both are missing, genl_get_cmd() will zero-init in case of failure. 320 */ 321 static int 322 genl_get_cmd_both(u32 cmd, const struct genl_family *family, 323 struct genl_split_ops *doit, struct genl_split_ops *dumpit) 324 { 325 int err1, err2; 326 327 err1 = genl_get_cmd(cmd, GENL_CMD_CAP_DO, family, doit); 328 err2 = genl_get_cmd(cmd, GENL_CMD_CAP_DUMP, family, dumpit); 329 330 return err1 && err2 ? -ENOENT : 0; 331 } 332 333 static bool 334 genl_op_iter_init(const struct genl_family *family, struct genl_op_iter *iter) 335 { 336 iter->family = family; 337 iter->cmd_idx = 0; 338 iter->entry_idx = 0; 339 340 iter->flags = 0; 341 342 return iter->family->n_ops + 343 iter->family->n_small_ops + 344 iter->family->n_split_ops; 345 } 346 347 static bool genl_op_iter_next(struct genl_op_iter *iter) 348 { 349 const struct genl_family *family = iter->family; 350 bool legacy_op = true; 351 struct genl_ops op; 352 353 if (iter->entry_idx < family->n_ops) { 354 genl_op_from_full(family, iter->entry_idx, &op); 355 } else if (iter->entry_idx < family->n_ops + family->n_small_ops) { 356 genl_op_from_small(family, iter->entry_idx - family->n_ops, 357 &op); 358 } else if (iter->entry_idx < 359 family->n_ops + family->n_small_ops + family->n_split_ops) { 360 legacy_op = false; 361 /* updates entry_idx */ 362 genl_op_from_split(iter); 363 } else { 364 return false; 365 } 366 367 iter->cmd_idx++; 368 369 if (legacy_op) { 370 iter->entry_idx++; 371 372 genl_cmd_full_to_split(&iter->doit, family, 373 &op, GENL_CMD_CAP_DO); 374 genl_cmd_full_to_split(&iter->dumpit, family, 375 &op, GENL_CMD_CAP_DUMP); 376 } 377 378 iter->cmd = iter->doit.cmd | iter->dumpit.cmd; 379 iter->flags = iter->doit.flags | iter->dumpit.flags; 380 381 return true; 382 } 383 384 static void 385 genl_op_iter_copy(struct genl_op_iter *dst, struct genl_op_iter *src) 386 { 387 *dst = *src; 388 } 389 390 static unsigned int genl_op_iter_idx(struct genl_op_iter *iter) 391 { 392 return iter->cmd_idx; 393 } 394 395 static int genl_allocate_reserve_groups(int n_groups, int *first_id) 396 { 397 unsigned long *new_groups; 398 int start = 0; 399 int i; 400 int id; 401 bool fits; 402 403 do { 404 if (start == 0) 405 id = find_first_zero_bit(mc_groups, 406 mc_groups_longs * 407 BITS_PER_LONG); 408 else 409 id = find_next_zero_bit(mc_groups, 410 mc_groups_longs * BITS_PER_LONG, 411 start); 412 413 fits = true; 414 for (i = id; 415 i < min_t(int, id + n_groups, 416 mc_groups_longs * BITS_PER_LONG); 417 i++) { 418 if (test_bit(i, mc_groups)) { 419 start = i; 420 fits = false; 421 break; 422 } 423 } 424 425 if (id + n_groups > mc_groups_longs * BITS_PER_LONG) { 426 unsigned long new_longs = mc_groups_longs + 427 BITS_TO_LONGS(n_groups); 428 size_t nlen = new_longs * sizeof(unsigned long); 429 430 if (mc_groups == &mc_group_start) { 431 new_groups = kzalloc(nlen, GFP_KERNEL); 432 if (!new_groups) 433 return -ENOMEM; 434 mc_groups = new_groups; 435 *mc_groups = mc_group_start; 436 } else { 437 new_groups = krealloc(mc_groups, nlen, 438 GFP_KERNEL); 439 if (!new_groups) 440 return -ENOMEM; 441 mc_groups = new_groups; 442 for (i = 0; i < BITS_TO_LONGS(n_groups); i++) 443 mc_groups[mc_groups_longs + i] = 0; 444 } 445 mc_groups_longs = new_longs; 446 } 447 } while (!fits); 448 449 for (i = id; i < id + n_groups; i++) 450 set_bit(i, mc_groups); 451 *first_id = id; 452 return 0; 453 } 454 455 static struct genl_family genl_ctrl; 456 457 static int genl_validate_assign_mc_groups(struct genl_family *family) 458 { 459 int first_id; 460 int n_groups = family->n_mcgrps; 461 int err = 0, i; 462 bool groups_allocated = false; 463 464 if (!n_groups) 465 return 0; 466 467 for (i = 0; i < n_groups; i++) { 468 const struct genl_multicast_group *grp = &family->mcgrps[i]; 469 470 if (WARN_ON(grp->name[0] == '\0')) 471 return -EINVAL; 472 if (WARN_ON(!string_is_terminated(grp->name, GENL_NAMSIZ))) 473 return -EINVAL; 474 } 475 476 /* special-case our own group and hacks */ 477 if (family == &genl_ctrl) { 478 first_id = GENL_ID_CTRL; 479 BUG_ON(n_groups != 1); 480 } else if (strcmp(family->name, "NET_DM") == 0) { 481 first_id = 1; 482 BUG_ON(n_groups != 1); 483 } else if (family->id == GENL_ID_VFS_DQUOT) { 484 first_id = GENL_ID_VFS_DQUOT; 485 BUG_ON(n_groups != 1); 486 } else if (family->id == GENL_ID_PMCRAID) { 487 first_id = GENL_ID_PMCRAID; 488 BUG_ON(n_groups != 1); 489 } else { 490 groups_allocated = true; 491 err = genl_allocate_reserve_groups(n_groups, &first_id); 492 if (err) 493 return err; 494 } 495 496 family->mcgrp_offset = first_id; 497 498 /* if still initializing, can't and don't need to realloc bitmaps */ 499 if (!init_net.genl_sock) 500 return 0; 501 502 if (family->netnsok) { 503 struct net *net; 504 505 netlink_table_grab(); 506 rcu_read_lock(); 507 for_each_net_rcu(net) { 508 err = __netlink_change_ngroups(net->genl_sock, 509 mc_groups_longs * BITS_PER_LONG); 510 if (err) { 511 /* 512 * No need to roll back, can only fail if 513 * memory allocation fails and then the 514 * number of _possible_ groups has been 515 * increased on some sockets which is ok. 516 */ 517 break; 518 } 519 } 520 rcu_read_unlock(); 521 netlink_table_ungrab(); 522 } else { 523 err = netlink_change_ngroups(init_net.genl_sock, 524 mc_groups_longs * BITS_PER_LONG); 525 } 526 527 if (groups_allocated && err) { 528 for (i = 0; i < family->n_mcgrps; i++) 529 clear_bit(family->mcgrp_offset + i, mc_groups); 530 } 531 532 return err; 533 } 534 535 static void genl_unregister_mc_groups(const struct genl_family *family) 536 { 537 struct net *net; 538 int i; 539 540 netlink_table_grab(); 541 rcu_read_lock(); 542 for_each_net_rcu(net) { 543 for (i = 0; i < family->n_mcgrps; i++) 544 __netlink_clear_multicast_users( 545 net->genl_sock, family->mcgrp_offset + i); 546 } 547 rcu_read_unlock(); 548 netlink_table_ungrab(); 549 550 for (i = 0; i < family->n_mcgrps; i++) { 551 int grp_id = family->mcgrp_offset + i; 552 553 if (grp_id != 1) 554 clear_bit(grp_id, mc_groups); 555 genl_ctrl_event(CTRL_CMD_DELMCAST_GRP, family, 556 &family->mcgrps[i], grp_id); 557 } 558 } 559 560 static bool genl_split_op_check(const struct genl_split_ops *op) 561 { 562 if (WARN_ON(hweight8(op->flags & (GENL_CMD_CAP_DO | 563 GENL_CMD_CAP_DUMP)) != 1)) 564 return true; 565 return false; 566 } 567 568 static int genl_validate_ops(const struct genl_family *family) 569 { 570 struct genl_op_iter i, j; 571 unsigned int s; 572 573 if (WARN_ON(family->n_ops && !family->ops) || 574 WARN_ON(family->n_small_ops && !family->small_ops) || 575 WARN_ON(family->n_split_ops && !family->split_ops)) 576 return -EINVAL; 577 578 for (genl_op_iter_init(family, &i); genl_op_iter_next(&i); ) { 579 if (!(i.flags & (GENL_CMD_CAP_DO | GENL_CMD_CAP_DUMP))) 580 return -EINVAL; 581 582 if (WARN_ON(i.cmd >= family->resv_start_op && 583 (i.doit.validate || i.dumpit.validate))) 584 return -EINVAL; 585 586 genl_op_iter_copy(&j, &i); 587 while (genl_op_iter_next(&j)) { 588 if (i.cmd == j.cmd) 589 return -EINVAL; 590 } 591 } 592 593 if (family->n_split_ops) { 594 if (genl_split_op_check(&family->split_ops[0])) 595 return -EINVAL; 596 } 597 598 for (s = 1; s < family->n_split_ops; s++) { 599 const struct genl_split_ops *a, *b; 600 601 a = &family->split_ops[s - 1]; 602 b = &family->split_ops[s]; 603 604 if (genl_split_op_check(b)) 605 return -EINVAL; 606 607 /* Check sort order */ 608 if (a->cmd < b->cmd) { 609 continue; 610 } else if (a->cmd > b->cmd) { 611 WARN_ON(1); 612 return -EINVAL; 613 } 614 615 if (a->internal_flags != b->internal_flags || 616 ((a->flags ^ b->flags) & ~(GENL_CMD_CAP_DO | 617 GENL_CMD_CAP_DUMP))) { 618 WARN_ON(1); 619 return -EINVAL; 620 } 621 622 if ((a->flags & GENL_CMD_CAP_DO) && 623 (b->flags & GENL_CMD_CAP_DUMP)) 624 continue; 625 626 WARN_ON(1); 627 return -EINVAL; 628 } 629 630 return 0; 631 } 632 633 /** 634 * genl_register_family - register a generic netlink family 635 * @family: generic netlink family 636 * 637 * Registers the specified family after validating it first. Only one 638 * family may be registered with the same family name or identifier. 639 * 640 * The family's ops, multicast groups and module pointer must already 641 * be assigned. 642 * 643 * Return 0 on success or a negative error code. 644 */ 645 int genl_register_family(struct genl_family *family) 646 { 647 int err, i; 648 int start = GENL_START_ALLOC, end = GENL_MAX_ID; 649 650 err = genl_validate_ops(family); 651 if (err) 652 return err; 653 654 genl_lock_all(); 655 656 if (genl_family_find_byname(family->name)) { 657 err = -EEXIST; 658 goto errout_locked; 659 } 660 661 /* 662 * Sadly, a few cases need to be special-cased 663 * due to them having previously abused the API 664 * and having used their family ID also as their 665 * multicast group ID, so we use reserved IDs 666 * for both to be sure we can do that mapping. 667 */ 668 if (family == &genl_ctrl) { 669 /* and this needs to be special for initial family lookups */ 670 start = end = GENL_ID_CTRL; 671 } else if (strcmp(family->name, "pmcraid") == 0) { 672 start = end = GENL_ID_PMCRAID; 673 } else if (strcmp(family->name, "VFS_DQUOT") == 0) { 674 start = end = GENL_ID_VFS_DQUOT; 675 } 676 677 family->id = idr_alloc_cyclic(&genl_fam_idr, family, 678 start, end + 1, GFP_KERNEL); 679 if (family->id < 0) { 680 err = family->id; 681 goto errout_locked; 682 } 683 684 err = genl_validate_assign_mc_groups(family); 685 if (err) 686 goto errout_remove; 687 688 genl_unlock_all(); 689 690 /* send all events */ 691 genl_ctrl_event(CTRL_CMD_NEWFAMILY, family, NULL, 0); 692 for (i = 0; i < family->n_mcgrps; i++) 693 genl_ctrl_event(CTRL_CMD_NEWMCAST_GRP, family, 694 &family->mcgrps[i], family->mcgrp_offset + i); 695 696 return 0; 697 698 errout_remove: 699 idr_remove(&genl_fam_idr, family->id); 700 errout_locked: 701 genl_unlock_all(); 702 return err; 703 } 704 EXPORT_SYMBOL(genl_register_family); 705 706 /** 707 * genl_unregister_family - unregister generic netlink family 708 * @family: generic netlink family 709 * 710 * Unregisters the specified family. 711 * 712 * Returns 0 on success or a negative error code. 713 */ 714 int genl_unregister_family(const struct genl_family *family) 715 { 716 genl_lock_all(); 717 718 if (!genl_family_find_byid(family->id)) { 719 genl_unlock_all(); 720 return -ENOENT; 721 } 722 723 genl_unregister_mc_groups(family); 724 725 idr_remove(&genl_fam_idr, family->id); 726 727 up_write(&cb_lock); 728 wait_event(genl_sk_destructing_waitq, 729 atomic_read(&genl_sk_destructing_cnt) == 0); 730 genl_unlock(); 731 732 genl_ctrl_event(CTRL_CMD_DELFAMILY, family, NULL, 0); 733 734 return 0; 735 } 736 EXPORT_SYMBOL(genl_unregister_family); 737 738 /** 739 * genlmsg_put - Add generic netlink header to netlink message 740 * @skb: socket buffer holding the message 741 * @portid: netlink portid the message is addressed to 742 * @seq: sequence number (usually the one of the sender) 743 * @family: generic netlink family 744 * @flags: netlink message flags 745 * @cmd: generic netlink command 746 * 747 * Returns pointer to user specific header 748 */ 749 void *genlmsg_put(struct sk_buff *skb, u32 portid, u32 seq, 750 const struct genl_family *family, int flags, u8 cmd) 751 { 752 struct nlmsghdr *nlh; 753 struct genlmsghdr *hdr; 754 755 nlh = nlmsg_put(skb, portid, seq, family->id, GENL_HDRLEN + 756 family->hdrsize, flags); 757 if (nlh == NULL) 758 return NULL; 759 760 hdr = nlmsg_data(nlh); 761 hdr->cmd = cmd; 762 hdr->version = family->version; 763 hdr->reserved = 0; 764 765 return (char *) hdr + GENL_HDRLEN; 766 } 767 EXPORT_SYMBOL(genlmsg_put); 768 769 static struct genl_dumpit_info *genl_dumpit_info_alloc(void) 770 { 771 return kmalloc(sizeof(struct genl_dumpit_info), GFP_KERNEL); 772 } 773 774 static void genl_dumpit_info_free(const struct genl_dumpit_info *info) 775 { 776 kfree(info); 777 } 778 779 static struct nlattr ** 780 genl_family_rcv_msg_attrs_parse(const struct genl_family *family, 781 struct nlmsghdr *nlh, 782 struct netlink_ext_ack *extack, 783 const struct genl_split_ops *ops, 784 int hdrlen, 785 enum genl_validate_flags no_strict_flag) 786 { 787 enum netlink_validation validate = ops->validate & no_strict_flag ? 788 NL_VALIDATE_LIBERAL : 789 NL_VALIDATE_STRICT; 790 struct nlattr **attrbuf; 791 int err; 792 793 if (!ops->maxattr) 794 return NULL; 795 796 attrbuf = kmalloc_array(ops->maxattr + 1, 797 sizeof(struct nlattr *), GFP_KERNEL); 798 if (!attrbuf) 799 return ERR_PTR(-ENOMEM); 800 801 err = __nlmsg_parse(nlh, hdrlen, attrbuf, ops->maxattr, ops->policy, 802 validate, extack); 803 if (err) { 804 kfree(attrbuf); 805 return ERR_PTR(err); 806 } 807 return attrbuf; 808 } 809 810 static void genl_family_rcv_msg_attrs_free(struct nlattr **attrbuf) 811 { 812 kfree(attrbuf); 813 } 814 815 struct genl_start_context { 816 const struct genl_family *family; 817 struct nlmsghdr *nlh; 818 struct netlink_ext_ack *extack; 819 const struct genl_split_ops *ops; 820 int hdrlen; 821 }; 822 823 static int genl_start(struct netlink_callback *cb) 824 { 825 struct genl_start_context *ctx = cb->data; 826 const struct genl_split_ops *ops; 827 struct genl_dumpit_info *info; 828 struct nlattr **attrs = NULL; 829 int rc = 0; 830 831 ops = ctx->ops; 832 if (!(ops->validate & GENL_DONT_VALIDATE_DUMP) && 833 ctx->nlh->nlmsg_len < nlmsg_msg_size(ctx->hdrlen)) 834 return -EINVAL; 835 836 attrs = genl_family_rcv_msg_attrs_parse(ctx->family, ctx->nlh, ctx->extack, 837 ops, ctx->hdrlen, 838 GENL_DONT_VALIDATE_DUMP_STRICT); 839 if (IS_ERR(attrs)) 840 return PTR_ERR(attrs); 841 842 info = genl_dumpit_info_alloc(); 843 if (!info) { 844 genl_family_rcv_msg_attrs_free(attrs); 845 return -ENOMEM; 846 } 847 info->op = *ops; 848 info->info.family = ctx->family; 849 info->info.snd_seq = cb->nlh->nlmsg_seq; 850 info->info.snd_portid = NETLINK_CB(cb->skb).portid; 851 info->info.nlhdr = cb->nlh; 852 info->info.genlhdr = nlmsg_data(cb->nlh); 853 info->info.attrs = attrs; 854 genl_info_net_set(&info->info, sock_net(cb->skb->sk)); 855 info->info.extack = cb->extack; 856 memset(&info->info.user_ptr, 0, sizeof(info->info.user_ptr)); 857 858 cb->data = info; 859 if (ops->start) { 860 genl_op_lock(ctx->family); 861 rc = ops->start(cb); 862 genl_op_unlock(ctx->family); 863 } 864 865 if (rc) { 866 genl_family_rcv_msg_attrs_free(info->info.attrs); 867 genl_dumpit_info_free(info); 868 cb->data = NULL; 869 } 870 return rc; 871 } 872 873 static int genl_dumpit(struct sk_buff *skb, struct netlink_callback *cb) 874 { 875 struct genl_dumpit_info *dump_info = cb->data; 876 const struct genl_split_ops *ops = &dump_info->op; 877 struct genl_info *info = &dump_info->info; 878 int rc; 879 880 info->extack = cb->extack; 881 882 genl_op_lock(info->family); 883 rc = ops->dumpit(skb, cb); 884 genl_op_unlock(info->family); 885 return rc; 886 } 887 888 static int genl_done(struct netlink_callback *cb) 889 { 890 struct genl_dumpit_info *dump_info = cb->data; 891 const struct genl_split_ops *ops = &dump_info->op; 892 struct genl_info *info = &dump_info->info; 893 int rc = 0; 894 895 info->extack = cb->extack; 896 897 if (ops->done) { 898 genl_op_lock(info->family); 899 rc = ops->done(cb); 900 genl_op_unlock(info->family); 901 } 902 genl_family_rcv_msg_attrs_free(info->attrs); 903 genl_dumpit_info_free(dump_info); 904 return rc; 905 } 906 907 static int genl_family_rcv_msg_dumpit(const struct genl_family *family, 908 struct sk_buff *skb, 909 struct nlmsghdr *nlh, 910 struct netlink_ext_ack *extack, 911 const struct genl_split_ops *ops, 912 int hdrlen, struct net *net) 913 { 914 struct genl_start_context ctx; 915 struct netlink_dump_control c = { 916 .module = family->module, 917 .data = &ctx, 918 .start = genl_start, 919 .dump = genl_dumpit, 920 .done = genl_done, 921 .extack = extack, 922 }; 923 int err; 924 925 ctx.family = family; 926 ctx.nlh = nlh; 927 ctx.extack = extack; 928 ctx.ops = ops; 929 ctx.hdrlen = hdrlen; 930 931 genl_op_unlock(family); 932 err = __netlink_dump_start(net->genl_sock, skb, nlh, &c); 933 genl_op_lock(family); 934 935 return err; 936 } 937 938 static int genl_family_rcv_msg_doit(const struct genl_family *family, 939 struct sk_buff *skb, 940 struct nlmsghdr *nlh, 941 struct netlink_ext_ack *extack, 942 const struct genl_split_ops *ops, 943 int hdrlen, struct net *net) 944 { 945 struct nlattr **attrbuf; 946 struct genl_info info; 947 int err; 948 949 attrbuf = genl_family_rcv_msg_attrs_parse(family, nlh, extack, 950 ops, hdrlen, 951 GENL_DONT_VALIDATE_STRICT); 952 if (IS_ERR(attrbuf)) 953 return PTR_ERR(attrbuf); 954 955 info.snd_seq = nlh->nlmsg_seq; 956 info.snd_portid = NETLINK_CB(skb).portid; 957 info.family = family; 958 info.nlhdr = nlh; 959 info.genlhdr = nlmsg_data(nlh); 960 info.attrs = attrbuf; 961 info.extack = extack; 962 genl_info_net_set(&info, net); 963 memset(&info.user_ptr, 0, sizeof(info.user_ptr)); 964 965 if (ops->pre_doit) { 966 err = ops->pre_doit(ops, skb, &info); 967 if (err) 968 goto out; 969 } 970 971 err = ops->doit(skb, &info); 972 973 if (ops->post_doit) 974 ops->post_doit(ops, skb, &info); 975 976 out: 977 genl_family_rcv_msg_attrs_free(attrbuf); 978 979 return err; 980 } 981 982 static int genl_header_check(const struct genl_family *family, 983 struct nlmsghdr *nlh, struct genlmsghdr *hdr, 984 struct netlink_ext_ack *extack) 985 { 986 u16 flags; 987 988 /* Only for commands added after we started validating */ 989 if (hdr->cmd < family->resv_start_op) 990 return 0; 991 992 if (hdr->reserved) { 993 NL_SET_ERR_MSG(extack, "genlmsghdr.reserved field is not 0"); 994 return -EINVAL; 995 } 996 997 /* Old netlink flags have pretty loose semantics, allow only the flags 998 * consumed by the core where we can enforce the meaning. 999 */ 1000 flags = nlh->nlmsg_flags; 1001 if ((flags & NLM_F_DUMP) == NLM_F_DUMP) /* DUMP is 2 bits */ 1002 flags &= ~NLM_F_DUMP; 1003 if (flags & ~(NLM_F_REQUEST | NLM_F_ACK | NLM_F_ECHO)) { 1004 NL_SET_ERR_MSG(extack, 1005 "ambiguous or reserved bits set in nlmsg_flags"); 1006 return -EINVAL; 1007 } 1008 1009 return 0; 1010 } 1011 1012 static int genl_family_rcv_msg(const struct genl_family *family, 1013 struct sk_buff *skb, 1014 struct nlmsghdr *nlh, 1015 struct netlink_ext_ack *extack) 1016 { 1017 struct net *net = sock_net(skb->sk); 1018 struct genlmsghdr *hdr = nlmsg_data(nlh); 1019 struct genl_split_ops op; 1020 int hdrlen; 1021 u8 flags; 1022 1023 /* this family doesn't exist in this netns */ 1024 if (!family->netnsok && !net_eq(net, &init_net)) 1025 return -ENOENT; 1026 1027 hdrlen = GENL_HDRLEN + family->hdrsize; 1028 if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen)) 1029 return -EINVAL; 1030 1031 if (genl_header_check(family, nlh, hdr, extack)) 1032 return -EINVAL; 1033 1034 flags = (nlh->nlmsg_flags & NLM_F_DUMP) == NLM_F_DUMP ? 1035 GENL_CMD_CAP_DUMP : GENL_CMD_CAP_DO; 1036 if (genl_get_cmd(hdr->cmd, flags, family, &op)) 1037 return -EOPNOTSUPP; 1038 1039 if ((op.flags & GENL_ADMIN_PERM) && 1040 !netlink_capable(skb, CAP_NET_ADMIN)) 1041 return -EPERM; 1042 1043 if ((op.flags & GENL_UNS_ADMIN_PERM) && 1044 !netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN)) 1045 return -EPERM; 1046 1047 if (flags & GENL_CMD_CAP_DUMP) 1048 return genl_family_rcv_msg_dumpit(family, skb, nlh, extack, 1049 &op, hdrlen, net); 1050 else 1051 return genl_family_rcv_msg_doit(family, skb, nlh, extack, 1052 &op, hdrlen, net); 1053 } 1054 1055 static int genl_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh, 1056 struct netlink_ext_ack *extack) 1057 { 1058 const struct genl_family *family; 1059 int err; 1060 1061 family = genl_family_find_byid(nlh->nlmsg_type); 1062 if (family == NULL) 1063 return -ENOENT; 1064 1065 genl_op_lock(family); 1066 err = genl_family_rcv_msg(family, skb, nlh, extack); 1067 genl_op_unlock(family); 1068 1069 return err; 1070 } 1071 1072 static void genl_rcv(struct sk_buff *skb) 1073 { 1074 down_read(&cb_lock); 1075 netlink_rcv_skb(skb, &genl_rcv_msg); 1076 up_read(&cb_lock); 1077 } 1078 1079 /************************************************************************** 1080 * Controller 1081 **************************************************************************/ 1082 1083 static struct genl_family genl_ctrl; 1084 1085 static int ctrl_fill_info(const struct genl_family *family, u32 portid, u32 seq, 1086 u32 flags, struct sk_buff *skb, u8 cmd) 1087 { 1088 struct genl_op_iter i; 1089 void *hdr; 1090 1091 hdr = genlmsg_put(skb, portid, seq, &genl_ctrl, flags, cmd); 1092 if (hdr == NULL) 1093 return -1; 1094 1095 if (nla_put_string(skb, CTRL_ATTR_FAMILY_NAME, family->name) || 1096 nla_put_u16(skb, CTRL_ATTR_FAMILY_ID, family->id) || 1097 nla_put_u32(skb, CTRL_ATTR_VERSION, family->version) || 1098 nla_put_u32(skb, CTRL_ATTR_HDRSIZE, family->hdrsize) || 1099 nla_put_u32(skb, CTRL_ATTR_MAXATTR, family->maxattr)) 1100 goto nla_put_failure; 1101 1102 if (genl_op_iter_init(family, &i)) { 1103 struct nlattr *nla_ops; 1104 1105 nla_ops = nla_nest_start_noflag(skb, CTRL_ATTR_OPS); 1106 if (nla_ops == NULL) 1107 goto nla_put_failure; 1108 1109 while (genl_op_iter_next(&i)) { 1110 struct nlattr *nest; 1111 u32 op_flags; 1112 1113 op_flags = i.flags; 1114 if (i.doit.policy || i.dumpit.policy) 1115 op_flags |= GENL_CMD_CAP_HASPOL; 1116 1117 nest = nla_nest_start_noflag(skb, genl_op_iter_idx(&i)); 1118 if (nest == NULL) 1119 goto nla_put_failure; 1120 1121 if (nla_put_u32(skb, CTRL_ATTR_OP_ID, i.cmd) || 1122 nla_put_u32(skb, CTRL_ATTR_OP_FLAGS, op_flags)) 1123 goto nla_put_failure; 1124 1125 nla_nest_end(skb, nest); 1126 } 1127 1128 nla_nest_end(skb, nla_ops); 1129 } 1130 1131 if (family->n_mcgrps) { 1132 struct nlattr *nla_grps; 1133 int i; 1134 1135 nla_grps = nla_nest_start_noflag(skb, CTRL_ATTR_MCAST_GROUPS); 1136 if (nla_grps == NULL) 1137 goto nla_put_failure; 1138 1139 for (i = 0; i < family->n_mcgrps; i++) { 1140 struct nlattr *nest; 1141 const struct genl_multicast_group *grp; 1142 1143 grp = &family->mcgrps[i]; 1144 1145 nest = nla_nest_start_noflag(skb, i + 1); 1146 if (nest == NULL) 1147 goto nla_put_failure; 1148 1149 if (nla_put_u32(skb, CTRL_ATTR_MCAST_GRP_ID, 1150 family->mcgrp_offset + i) || 1151 nla_put_string(skb, CTRL_ATTR_MCAST_GRP_NAME, 1152 grp->name)) 1153 goto nla_put_failure; 1154 1155 nla_nest_end(skb, nest); 1156 } 1157 nla_nest_end(skb, nla_grps); 1158 } 1159 1160 genlmsg_end(skb, hdr); 1161 return 0; 1162 1163 nla_put_failure: 1164 genlmsg_cancel(skb, hdr); 1165 return -EMSGSIZE; 1166 } 1167 1168 static int ctrl_fill_mcgrp_info(const struct genl_family *family, 1169 const struct genl_multicast_group *grp, 1170 int grp_id, u32 portid, u32 seq, u32 flags, 1171 struct sk_buff *skb, u8 cmd) 1172 { 1173 void *hdr; 1174 struct nlattr *nla_grps; 1175 struct nlattr *nest; 1176 1177 hdr = genlmsg_put(skb, portid, seq, &genl_ctrl, flags, cmd); 1178 if (hdr == NULL) 1179 return -1; 1180 1181 if (nla_put_string(skb, CTRL_ATTR_FAMILY_NAME, family->name) || 1182 nla_put_u16(skb, CTRL_ATTR_FAMILY_ID, family->id)) 1183 goto nla_put_failure; 1184 1185 nla_grps = nla_nest_start_noflag(skb, CTRL_ATTR_MCAST_GROUPS); 1186 if (nla_grps == NULL) 1187 goto nla_put_failure; 1188 1189 nest = nla_nest_start_noflag(skb, 1); 1190 if (nest == NULL) 1191 goto nla_put_failure; 1192 1193 if (nla_put_u32(skb, CTRL_ATTR_MCAST_GRP_ID, grp_id) || 1194 nla_put_string(skb, CTRL_ATTR_MCAST_GRP_NAME, 1195 grp->name)) 1196 goto nla_put_failure; 1197 1198 nla_nest_end(skb, nest); 1199 nla_nest_end(skb, nla_grps); 1200 1201 genlmsg_end(skb, hdr); 1202 return 0; 1203 1204 nla_put_failure: 1205 genlmsg_cancel(skb, hdr); 1206 return -EMSGSIZE; 1207 } 1208 1209 static int ctrl_dumpfamily(struct sk_buff *skb, struct netlink_callback *cb) 1210 { 1211 int n = 0; 1212 struct genl_family *rt; 1213 struct net *net = sock_net(skb->sk); 1214 int fams_to_skip = cb->args[0]; 1215 unsigned int id; 1216 1217 idr_for_each_entry(&genl_fam_idr, rt, id) { 1218 if (!rt->netnsok && !net_eq(net, &init_net)) 1219 continue; 1220 1221 if (n++ < fams_to_skip) 1222 continue; 1223 1224 if (ctrl_fill_info(rt, NETLINK_CB(cb->skb).portid, 1225 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1226 skb, CTRL_CMD_NEWFAMILY) < 0) { 1227 n--; 1228 break; 1229 } 1230 } 1231 1232 cb->args[0] = n; 1233 return skb->len; 1234 } 1235 1236 static struct sk_buff *ctrl_build_family_msg(const struct genl_family *family, 1237 u32 portid, int seq, u8 cmd) 1238 { 1239 struct sk_buff *skb; 1240 int err; 1241 1242 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1243 if (skb == NULL) 1244 return ERR_PTR(-ENOBUFS); 1245 1246 err = ctrl_fill_info(family, portid, seq, 0, skb, cmd); 1247 if (err < 0) { 1248 nlmsg_free(skb); 1249 return ERR_PTR(err); 1250 } 1251 1252 return skb; 1253 } 1254 1255 static struct sk_buff * 1256 ctrl_build_mcgrp_msg(const struct genl_family *family, 1257 const struct genl_multicast_group *grp, 1258 int grp_id, u32 portid, int seq, u8 cmd) 1259 { 1260 struct sk_buff *skb; 1261 int err; 1262 1263 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1264 if (skb == NULL) 1265 return ERR_PTR(-ENOBUFS); 1266 1267 err = ctrl_fill_mcgrp_info(family, grp, grp_id, portid, 1268 seq, 0, skb, cmd); 1269 if (err < 0) { 1270 nlmsg_free(skb); 1271 return ERR_PTR(err); 1272 } 1273 1274 return skb; 1275 } 1276 1277 static const struct nla_policy ctrl_policy_family[] = { 1278 [CTRL_ATTR_FAMILY_ID] = { .type = NLA_U16 }, 1279 [CTRL_ATTR_FAMILY_NAME] = { .type = NLA_NUL_STRING, 1280 .len = GENL_NAMSIZ - 1 }, 1281 }; 1282 1283 static int ctrl_getfamily(struct sk_buff *skb, struct genl_info *info) 1284 { 1285 struct sk_buff *msg; 1286 const struct genl_family *res = NULL; 1287 int err = -EINVAL; 1288 1289 if (info->attrs[CTRL_ATTR_FAMILY_ID]) { 1290 u16 id = nla_get_u16(info->attrs[CTRL_ATTR_FAMILY_ID]); 1291 res = genl_family_find_byid(id); 1292 err = -ENOENT; 1293 } 1294 1295 if (info->attrs[CTRL_ATTR_FAMILY_NAME]) { 1296 char *name; 1297 1298 name = nla_data(info->attrs[CTRL_ATTR_FAMILY_NAME]); 1299 res = genl_family_find_byname(name); 1300 #ifdef CONFIG_MODULES 1301 if (res == NULL) { 1302 genl_unlock(); 1303 up_read(&cb_lock); 1304 request_module("net-pf-%d-proto-%d-family-%s", 1305 PF_NETLINK, NETLINK_GENERIC, name); 1306 down_read(&cb_lock); 1307 genl_lock(); 1308 res = genl_family_find_byname(name); 1309 } 1310 #endif 1311 err = -ENOENT; 1312 } 1313 1314 if (res == NULL) 1315 return err; 1316 1317 if (!res->netnsok && !net_eq(genl_info_net(info), &init_net)) { 1318 /* family doesn't exist here */ 1319 return -ENOENT; 1320 } 1321 1322 msg = ctrl_build_family_msg(res, info->snd_portid, info->snd_seq, 1323 CTRL_CMD_NEWFAMILY); 1324 if (IS_ERR(msg)) 1325 return PTR_ERR(msg); 1326 1327 return genlmsg_reply(msg, info); 1328 } 1329 1330 static int genl_ctrl_event(int event, const struct genl_family *family, 1331 const struct genl_multicast_group *grp, 1332 int grp_id) 1333 { 1334 struct sk_buff *msg; 1335 1336 /* genl is still initialising */ 1337 if (!init_net.genl_sock) 1338 return 0; 1339 1340 switch (event) { 1341 case CTRL_CMD_NEWFAMILY: 1342 case CTRL_CMD_DELFAMILY: 1343 WARN_ON(grp); 1344 msg = ctrl_build_family_msg(family, 0, 0, event); 1345 break; 1346 case CTRL_CMD_NEWMCAST_GRP: 1347 case CTRL_CMD_DELMCAST_GRP: 1348 BUG_ON(!grp); 1349 msg = ctrl_build_mcgrp_msg(family, grp, grp_id, 0, 0, event); 1350 break; 1351 default: 1352 return -EINVAL; 1353 } 1354 1355 if (IS_ERR(msg)) 1356 return PTR_ERR(msg); 1357 1358 if (!family->netnsok) { 1359 genlmsg_multicast_netns(&genl_ctrl, &init_net, msg, 0, 1360 0, GFP_KERNEL); 1361 } else { 1362 rcu_read_lock(); 1363 genlmsg_multicast_allns(&genl_ctrl, msg, 0, 1364 0, GFP_ATOMIC); 1365 rcu_read_unlock(); 1366 } 1367 1368 return 0; 1369 } 1370 1371 struct ctrl_dump_policy_ctx { 1372 struct netlink_policy_dump_state *state; 1373 const struct genl_family *rt; 1374 struct genl_op_iter *op_iter; 1375 u32 op; 1376 u16 fam_id; 1377 u8 dump_map:1, 1378 single_op:1; 1379 }; 1380 1381 static const struct nla_policy ctrl_policy_policy[] = { 1382 [CTRL_ATTR_FAMILY_ID] = { .type = NLA_U16 }, 1383 [CTRL_ATTR_FAMILY_NAME] = { .type = NLA_NUL_STRING, 1384 .len = GENL_NAMSIZ - 1 }, 1385 [CTRL_ATTR_OP] = { .type = NLA_U32 }, 1386 }; 1387 1388 static int ctrl_dumppolicy_start(struct netlink_callback *cb) 1389 { 1390 const struct genl_dumpit_info *info = genl_dumpit_info(cb); 1391 struct ctrl_dump_policy_ctx *ctx = (void *)cb->ctx; 1392 struct nlattr **tb = info->info.attrs; 1393 const struct genl_family *rt; 1394 struct genl_op_iter i; 1395 int err; 1396 1397 BUILD_BUG_ON(sizeof(*ctx) > sizeof(cb->ctx)); 1398 1399 if (!tb[CTRL_ATTR_FAMILY_ID] && !tb[CTRL_ATTR_FAMILY_NAME]) 1400 return -EINVAL; 1401 1402 if (tb[CTRL_ATTR_FAMILY_ID]) { 1403 ctx->fam_id = nla_get_u16(tb[CTRL_ATTR_FAMILY_ID]); 1404 } else { 1405 rt = genl_family_find_byname( 1406 nla_data(tb[CTRL_ATTR_FAMILY_NAME])); 1407 if (!rt) 1408 return -ENOENT; 1409 ctx->fam_id = rt->id; 1410 } 1411 1412 rt = genl_family_find_byid(ctx->fam_id); 1413 if (!rt) 1414 return -ENOENT; 1415 1416 ctx->rt = rt; 1417 1418 if (tb[CTRL_ATTR_OP]) { 1419 struct genl_split_ops doit, dump; 1420 1421 ctx->single_op = true; 1422 ctx->op = nla_get_u32(tb[CTRL_ATTR_OP]); 1423 1424 err = genl_get_cmd_both(ctx->op, rt, &doit, &dump); 1425 if (err) { 1426 NL_SET_BAD_ATTR(cb->extack, tb[CTRL_ATTR_OP]); 1427 return err; 1428 } 1429 1430 if (doit.policy) { 1431 err = netlink_policy_dump_add_policy(&ctx->state, 1432 doit.policy, 1433 doit.maxattr); 1434 if (err) 1435 goto err_free_state; 1436 } 1437 if (dump.policy) { 1438 err = netlink_policy_dump_add_policy(&ctx->state, 1439 dump.policy, 1440 dump.maxattr); 1441 if (err) 1442 goto err_free_state; 1443 } 1444 1445 if (!ctx->state) 1446 return -ENODATA; 1447 1448 ctx->dump_map = 1; 1449 return 0; 1450 } 1451 1452 ctx->op_iter = kmalloc(sizeof(*ctx->op_iter), GFP_KERNEL); 1453 if (!ctx->op_iter) 1454 return -ENOMEM; 1455 1456 genl_op_iter_init(rt, ctx->op_iter); 1457 ctx->dump_map = genl_op_iter_next(ctx->op_iter); 1458 1459 for (genl_op_iter_init(rt, &i); genl_op_iter_next(&i); ) { 1460 if (i.doit.policy) { 1461 err = netlink_policy_dump_add_policy(&ctx->state, 1462 i.doit.policy, 1463 i.doit.maxattr); 1464 if (err) 1465 goto err_free_state; 1466 } 1467 if (i.dumpit.policy) { 1468 err = netlink_policy_dump_add_policy(&ctx->state, 1469 i.dumpit.policy, 1470 i.dumpit.maxattr); 1471 if (err) 1472 goto err_free_state; 1473 } 1474 } 1475 1476 if (!ctx->state) { 1477 err = -ENODATA; 1478 goto err_free_op_iter; 1479 } 1480 return 0; 1481 1482 err_free_state: 1483 netlink_policy_dump_free(ctx->state); 1484 err_free_op_iter: 1485 kfree(ctx->op_iter); 1486 return err; 1487 } 1488 1489 static void *ctrl_dumppolicy_prep(struct sk_buff *skb, 1490 struct netlink_callback *cb) 1491 { 1492 struct ctrl_dump_policy_ctx *ctx = (void *)cb->ctx; 1493 void *hdr; 1494 1495 hdr = genlmsg_put(skb, NETLINK_CB(cb->skb).portid, 1496 cb->nlh->nlmsg_seq, &genl_ctrl, 1497 NLM_F_MULTI, CTRL_CMD_GETPOLICY); 1498 if (!hdr) 1499 return NULL; 1500 1501 if (nla_put_u16(skb, CTRL_ATTR_FAMILY_ID, ctx->fam_id)) 1502 return NULL; 1503 1504 return hdr; 1505 } 1506 1507 static int ctrl_dumppolicy_put_op(struct sk_buff *skb, 1508 struct netlink_callback *cb, 1509 struct genl_split_ops *doit, 1510 struct genl_split_ops *dumpit) 1511 { 1512 struct ctrl_dump_policy_ctx *ctx = (void *)cb->ctx; 1513 struct nlattr *nest_pol, *nest_op; 1514 void *hdr; 1515 int idx; 1516 1517 /* skip if we have nothing to show */ 1518 if (!doit->policy && !dumpit->policy) 1519 return 0; 1520 1521 hdr = ctrl_dumppolicy_prep(skb, cb); 1522 if (!hdr) 1523 return -ENOBUFS; 1524 1525 nest_pol = nla_nest_start(skb, CTRL_ATTR_OP_POLICY); 1526 if (!nest_pol) 1527 goto err; 1528 1529 nest_op = nla_nest_start(skb, doit->cmd); 1530 if (!nest_op) 1531 goto err; 1532 1533 if (doit->policy) { 1534 idx = netlink_policy_dump_get_policy_idx(ctx->state, 1535 doit->policy, 1536 doit->maxattr); 1537 1538 if (nla_put_u32(skb, CTRL_ATTR_POLICY_DO, idx)) 1539 goto err; 1540 } 1541 if (dumpit->policy) { 1542 idx = netlink_policy_dump_get_policy_idx(ctx->state, 1543 dumpit->policy, 1544 dumpit->maxattr); 1545 1546 if (nla_put_u32(skb, CTRL_ATTR_POLICY_DUMP, idx)) 1547 goto err; 1548 } 1549 1550 nla_nest_end(skb, nest_op); 1551 nla_nest_end(skb, nest_pol); 1552 genlmsg_end(skb, hdr); 1553 1554 return 0; 1555 err: 1556 genlmsg_cancel(skb, hdr); 1557 return -ENOBUFS; 1558 } 1559 1560 static int ctrl_dumppolicy(struct sk_buff *skb, struct netlink_callback *cb) 1561 { 1562 struct ctrl_dump_policy_ctx *ctx = (void *)cb->ctx; 1563 void *hdr; 1564 1565 if (ctx->dump_map) { 1566 if (ctx->single_op) { 1567 struct genl_split_ops doit, dumpit; 1568 1569 if (WARN_ON(genl_get_cmd_both(ctx->op, ctx->rt, 1570 &doit, &dumpit))) 1571 return -ENOENT; 1572 1573 if (ctrl_dumppolicy_put_op(skb, cb, &doit, &dumpit)) 1574 return skb->len; 1575 1576 /* done with the per-op policy index list */ 1577 ctx->dump_map = 0; 1578 } 1579 1580 while (ctx->dump_map) { 1581 if (ctrl_dumppolicy_put_op(skb, cb, 1582 &ctx->op_iter->doit, 1583 &ctx->op_iter->dumpit)) 1584 return skb->len; 1585 1586 ctx->dump_map = genl_op_iter_next(ctx->op_iter); 1587 } 1588 } 1589 1590 while (netlink_policy_dump_loop(ctx->state)) { 1591 struct nlattr *nest; 1592 1593 hdr = ctrl_dumppolicy_prep(skb, cb); 1594 if (!hdr) 1595 goto nla_put_failure; 1596 1597 nest = nla_nest_start(skb, CTRL_ATTR_POLICY); 1598 if (!nest) 1599 goto nla_put_failure; 1600 1601 if (netlink_policy_dump_write(skb, ctx->state)) 1602 goto nla_put_failure; 1603 1604 nla_nest_end(skb, nest); 1605 1606 genlmsg_end(skb, hdr); 1607 } 1608 1609 return skb->len; 1610 1611 nla_put_failure: 1612 genlmsg_cancel(skb, hdr); 1613 return skb->len; 1614 } 1615 1616 static int ctrl_dumppolicy_done(struct netlink_callback *cb) 1617 { 1618 struct ctrl_dump_policy_ctx *ctx = (void *)cb->ctx; 1619 1620 kfree(ctx->op_iter); 1621 netlink_policy_dump_free(ctx->state); 1622 return 0; 1623 } 1624 1625 static const struct genl_split_ops genl_ctrl_ops[] = { 1626 { 1627 .cmd = CTRL_CMD_GETFAMILY, 1628 .validate = GENL_DONT_VALIDATE_STRICT, 1629 .policy = ctrl_policy_family, 1630 .maxattr = ARRAY_SIZE(ctrl_policy_family) - 1, 1631 .doit = ctrl_getfamily, 1632 .flags = GENL_CMD_CAP_DO, 1633 }, 1634 { 1635 .cmd = CTRL_CMD_GETFAMILY, 1636 .validate = GENL_DONT_VALIDATE_DUMP, 1637 .policy = ctrl_policy_family, 1638 .maxattr = ARRAY_SIZE(ctrl_policy_family) - 1, 1639 .dumpit = ctrl_dumpfamily, 1640 .flags = GENL_CMD_CAP_DUMP, 1641 }, 1642 { 1643 .cmd = CTRL_CMD_GETPOLICY, 1644 .policy = ctrl_policy_policy, 1645 .maxattr = ARRAY_SIZE(ctrl_policy_policy) - 1, 1646 .start = ctrl_dumppolicy_start, 1647 .dumpit = ctrl_dumppolicy, 1648 .done = ctrl_dumppolicy_done, 1649 .flags = GENL_CMD_CAP_DUMP, 1650 }, 1651 }; 1652 1653 static const struct genl_multicast_group genl_ctrl_groups[] = { 1654 { .name = "notify", }, 1655 }; 1656 1657 static struct genl_family genl_ctrl __ro_after_init = { 1658 .module = THIS_MODULE, 1659 .split_ops = genl_ctrl_ops, 1660 .n_split_ops = ARRAY_SIZE(genl_ctrl_ops), 1661 .resv_start_op = CTRL_CMD_GETPOLICY + 1, 1662 .mcgrps = genl_ctrl_groups, 1663 .n_mcgrps = ARRAY_SIZE(genl_ctrl_groups), 1664 .id = GENL_ID_CTRL, 1665 .name = "nlctrl", 1666 .version = 0x2, 1667 .netnsok = true, 1668 }; 1669 1670 static int genl_bind(struct net *net, int group) 1671 { 1672 const struct genl_family *family; 1673 unsigned int id; 1674 int ret = 0; 1675 1676 down_read(&cb_lock); 1677 1678 idr_for_each_entry(&genl_fam_idr, family, id) { 1679 const struct genl_multicast_group *grp; 1680 int i; 1681 1682 if (family->n_mcgrps == 0) 1683 continue; 1684 1685 i = group - family->mcgrp_offset; 1686 if (i < 0 || i >= family->n_mcgrps) 1687 continue; 1688 1689 grp = &family->mcgrps[i]; 1690 if ((grp->flags & GENL_UNS_ADMIN_PERM) && 1691 !ns_capable(net->user_ns, CAP_NET_ADMIN)) 1692 ret = -EPERM; 1693 1694 break; 1695 } 1696 1697 up_read(&cb_lock); 1698 return ret; 1699 } 1700 1701 static int __net_init genl_pernet_init(struct net *net) 1702 { 1703 struct netlink_kernel_cfg cfg = { 1704 .input = genl_rcv, 1705 .flags = NL_CFG_F_NONROOT_RECV, 1706 .bind = genl_bind, 1707 }; 1708 1709 /* we'll bump the group number right afterwards */ 1710 net->genl_sock = netlink_kernel_create(net, NETLINK_GENERIC, &cfg); 1711 1712 if (!net->genl_sock && net_eq(net, &init_net)) 1713 panic("GENL: Cannot initialize generic netlink\n"); 1714 1715 if (!net->genl_sock) 1716 return -ENOMEM; 1717 1718 return 0; 1719 } 1720 1721 static void __net_exit genl_pernet_exit(struct net *net) 1722 { 1723 netlink_kernel_release(net->genl_sock); 1724 net->genl_sock = NULL; 1725 } 1726 1727 static struct pernet_operations genl_pernet_ops = { 1728 .init = genl_pernet_init, 1729 .exit = genl_pernet_exit, 1730 }; 1731 1732 static int __init genl_init(void) 1733 { 1734 int err; 1735 1736 err = genl_register_family(&genl_ctrl); 1737 if (err < 0) 1738 goto problem; 1739 1740 err = register_pernet_subsys(&genl_pernet_ops); 1741 if (err) 1742 goto problem; 1743 1744 return 0; 1745 1746 problem: 1747 panic("GENL: Cannot register controller: %d\n", err); 1748 } 1749 1750 core_initcall(genl_init); 1751 1752 static int genlmsg_mcast(struct sk_buff *skb, u32 portid, unsigned long group, 1753 gfp_t flags) 1754 { 1755 struct sk_buff *tmp; 1756 struct net *net, *prev = NULL; 1757 bool delivered = false; 1758 int err; 1759 1760 for_each_net_rcu(net) { 1761 if (prev) { 1762 tmp = skb_clone(skb, flags); 1763 if (!tmp) { 1764 err = -ENOMEM; 1765 goto error; 1766 } 1767 err = nlmsg_multicast(prev->genl_sock, tmp, 1768 portid, group, flags); 1769 if (!err) 1770 delivered = true; 1771 else if (err != -ESRCH) 1772 goto error; 1773 } 1774 1775 prev = net; 1776 } 1777 1778 err = nlmsg_multicast(prev->genl_sock, skb, portid, group, flags); 1779 if (!err) 1780 delivered = true; 1781 else if (err != -ESRCH) 1782 return err; 1783 return delivered ? 0 : -ESRCH; 1784 error: 1785 kfree_skb(skb); 1786 return err; 1787 } 1788 1789 int genlmsg_multicast_allns(const struct genl_family *family, 1790 struct sk_buff *skb, u32 portid, 1791 unsigned int group, gfp_t flags) 1792 { 1793 if (WARN_ON_ONCE(group >= family->n_mcgrps)) 1794 return -EINVAL; 1795 1796 group = family->mcgrp_offset + group; 1797 return genlmsg_mcast(skb, portid, group, flags); 1798 } 1799 EXPORT_SYMBOL(genlmsg_multicast_allns); 1800 1801 void genl_notify(const struct genl_family *family, struct sk_buff *skb, 1802 struct genl_info *info, u32 group, gfp_t flags) 1803 { 1804 struct net *net = genl_info_net(info); 1805 struct sock *sk = net->genl_sock; 1806 1807 if (WARN_ON_ONCE(group >= family->n_mcgrps)) 1808 return; 1809 1810 group = family->mcgrp_offset + group; 1811 nlmsg_notify(sk, skb, info->snd_portid, group, 1812 nlmsg_report(info->nlhdr), flags); 1813 } 1814 EXPORT_SYMBOL(genl_notify); 1815