1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * NETLINK Generic Netlink Family 4 * 5 * Authors: Jamal Hadi Salim 6 * Thomas Graf <tgraf@suug.ch> 7 * Johannes Berg <johannes@sipsolutions.net> 8 */ 9 10 #include <linux/module.h> 11 #include <linux/kernel.h> 12 #include <linux/slab.h> 13 #include <linux/errno.h> 14 #include <linux/types.h> 15 #include <linux/socket.h> 16 #include <linux/string_helpers.h> 17 #include <linux/skbuff.h> 18 #include <linux/mutex.h> 19 #include <linux/bitmap.h> 20 #include <linux/rwsem.h> 21 #include <linux/idr.h> 22 #include <net/sock.h> 23 #include <net/genetlink.h> 24 25 static DEFINE_MUTEX(genl_mutex); /* serialization of message processing */ 26 static DECLARE_RWSEM(cb_lock); 27 28 atomic_t genl_sk_destructing_cnt = ATOMIC_INIT(0); 29 DECLARE_WAIT_QUEUE_HEAD(genl_sk_destructing_waitq); 30 31 void genl_lock(void) 32 { 33 mutex_lock(&genl_mutex); 34 } 35 EXPORT_SYMBOL(genl_lock); 36 37 void genl_unlock(void) 38 { 39 mutex_unlock(&genl_mutex); 40 } 41 EXPORT_SYMBOL(genl_unlock); 42 43 static void genl_lock_all(void) 44 { 45 down_write(&cb_lock); 46 genl_lock(); 47 } 48 49 static void genl_unlock_all(void) 50 { 51 genl_unlock(); 52 up_write(&cb_lock); 53 } 54 55 static void genl_op_lock(const struct genl_family *family) 56 { 57 if (!family->parallel_ops) 58 genl_lock(); 59 } 60 61 static void genl_op_unlock(const struct genl_family *family) 62 { 63 if (!family->parallel_ops) 64 genl_unlock(); 65 } 66 67 static DEFINE_IDR(genl_fam_idr); 68 69 /* 70 * Bitmap of multicast groups that are currently in use. 71 * 72 * To avoid an allocation at boot of just one unsigned long, 73 * declare it global instead. 74 * Bit 0 is marked as already used since group 0 is invalid. 75 * Bit 1 is marked as already used since the drop-monitor code 76 * abuses the API and thinks it can statically use group 1. 77 * That group will typically conflict with other groups that 78 * any proper users use. 79 * Bit 16 is marked as used since it's used for generic netlink 80 * and the code no longer marks pre-reserved IDs as used. 81 * Bit 17 is marked as already used since the VFS quota code 82 * also abused this API and relied on family == group ID, we 83 * cater to that by giving it a static family and group ID. 84 * Bit 18 is marked as already used since the PMCRAID driver 85 * did the same thing as the VFS quota code (maybe copied?) 86 */ 87 static unsigned long mc_group_start = 0x3 | BIT(GENL_ID_CTRL) | 88 BIT(GENL_ID_VFS_DQUOT) | 89 BIT(GENL_ID_PMCRAID); 90 static unsigned long *mc_groups = &mc_group_start; 91 static unsigned long mc_groups_longs = 1; 92 93 /* We need the last attribute with non-zero ID therefore a 2-entry array */ 94 static struct nla_policy genl_policy_reject_all[] = { 95 { .type = NLA_REJECT }, 96 { .type = NLA_REJECT }, 97 }; 98 99 static int genl_ctrl_event(int event, const struct genl_family *family, 100 const struct genl_multicast_group *grp, 101 int grp_id); 102 103 static void 104 genl_op_fill_in_reject_policy(const struct genl_family *family, 105 struct genl_ops *op) 106 { 107 BUILD_BUG_ON(ARRAY_SIZE(genl_policy_reject_all) - 1 != 1); 108 109 if (op->policy || op->cmd < family->resv_start_op) 110 return; 111 112 op->policy = genl_policy_reject_all; 113 op->maxattr = 1; 114 } 115 116 static void 117 genl_op_fill_in_reject_policy_split(const struct genl_family *family, 118 struct genl_split_ops *op) 119 { 120 if (op->policy) 121 return; 122 123 op->policy = genl_policy_reject_all; 124 op->maxattr = 1; 125 } 126 127 static const struct genl_family *genl_family_find_byid(unsigned int id) 128 { 129 return idr_find(&genl_fam_idr, id); 130 } 131 132 static const struct genl_family *genl_family_find_byname(char *name) 133 { 134 const struct genl_family *family; 135 unsigned int id; 136 137 idr_for_each_entry(&genl_fam_idr, family, id) 138 if (strcmp(family->name, name) == 0) 139 return family; 140 141 return NULL; 142 } 143 144 struct genl_op_iter { 145 const struct genl_family *family; 146 struct genl_split_ops doit; 147 struct genl_split_ops dumpit; 148 int cmd_idx; 149 int entry_idx; 150 u32 cmd; 151 u8 flags; 152 }; 153 154 static void genl_op_from_full(const struct genl_family *family, 155 unsigned int i, struct genl_ops *op) 156 { 157 *op = family->ops[i]; 158 159 if (!op->maxattr) 160 op->maxattr = family->maxattr; 161 if (!op->policy) 162 op->policy = family->policy; 163 164 genl_op_fill_in_reject_policy(family, op); 165 } 166 167 static int genl_get_cmd_full(u32 cmd, const struct genl_family *family, 168 struct genl_ops *op) 169 { 170 int i; 171 172 for (i = 0; i < family->n_ops; i++) 173 if (family->ops[i].cmd == cmd) { 174 genl_op_from_full(family, i, op); 175 return 0; 176 } 177 178 return -ENOENT; 179 } 180 181 static void genl_op_from_small(const struct genl_family *family, 182 unsigned int i, struct genl_ops *op) 183 { 184 memset(op, 0, sizeof(*op)); 185 op->doit = family->small_ops[i].doit; 186 op->dumpit = family->small_ops[i].dumpit; 187 op->cmd = family->small_ops[i].cmd; 188 op->internal_flags = family->small_ops[i].internal_flags; 189 op->flags = family->small_ops[i].flags; 190 op->validate = family->small_ops[i].validate; 191 192 op->maxattr = family->maxattr; 193 op->policy = family->policy; 194 195 genl_op_fill_in_reject_policy(family, op); 196 } 197 198 static int genl_get_cmd_small(u32 cmd, const struct genl_family *family, 199 struct genl_ops *op) 200 { 201 int i; 202 203 for (i = 0; i < family->n_small_ops; i++) 204 if (family->small_ops[i].cmd == cmd) { 205 genl_op_from_small(family, i, op); 206 return 0; 207 } 208 209 return -ENOENT; 210 } 211 212 static void genl_op_from_split(struct genl_op_iter *iter) 213 { 214 const struct genl_family *family = iter->family; 215 int i, cnt = 0; 216 217 i = iter->entry_idx - family->n_ops - family->n_small_ops; 218 219 if (family->split_ops[i + cnt].flags & GENL_CMD_CAP_DO) { 220 iter->doit = family->split_ops[i + cnt]; 221 genl_op_fill_in_reject_policy_split(family, &iter->doit); 222 cnt++; 223 } else { 224 memset(&iter->doit, 0, sizeof(iter->doit)); 225 } 226 227 if (i + cnt < family->n_split_ops && 228 family->split_ops[i + cnt].flags & GENL_CMD_CAP_DUMP) { 229 iter->dumpit = family->split_ops[i + cnt]; 230 genl_op_fill_in_reject_policy_split(family, &iter->dumpit); 231 cnt++; 232 } else { 233 memset(&iter->dumpit, 0, sizeof(iter->dumpit)); 234 } 235 236 WARN_ON(!cnt); 237 iter->entry_idx += cnt; 238 } 239 240 static int 241 genl_get_cmd_split(u32 cmd, u8 flag, const struct genl_family *family, 242 struct genl_split_ops *op) 243 { 244 int i; 245 246 for (i = 0; i < family->n_split_ops; i++) 247 if (family->split_ops[i].cmd == cmd && 248 family->split_ops[i].flags & flag) { 249 *op = family->split_ops[i]; 250 return 0; 251 } 252 253 return -ENOENT; 254 } 255 256 static int 257 genl_cmd_full_to_split(struct genl_split_ops *op, 258 const struct genl_family *family, 259 const struct genl_ops *full, u8 flags) 260 { 261 if ((flags & GENL_CMD_CAP_DO && !full->doit) || 262 (flags & GENL_CMD_CAP_DUMP && !full->dumpit)) { 263 memset(op, 0, sizeof(*op)); 264 return -ENOENT; 265 } 266 267 if (flags & GENL_CMD_CAP_DUMP) { 268 op->start = full->start; 269 op->dumpit = full->dumpit; 270 op->done = full->done; 271 } else { 272 op->pre_doit = family->pre_doit; 273 op->doit = full->doit; 274 op->post_doit = family->post_doit; 275 } 276 277 if (flags & GENL_CMD_CAP_DUMP && 278 full->validate & GENL_DONT_VALIDATE_DUMP) { 279 op->policy = NULL; 280 op->maxattr = 0; 281 } else { 282 op->policy = full->policy; 283 op->maxattr = full->maxattr; 284 } 285 286 op->cmd = full->cmd; 287 op->internal_flags = full->internal_flags; 288 op->flags = full->flags; 289 op->validate = full->validate; 290 291 /* Make sure flags include the GENL_CMD_CAP_DO / GENL_CMD_CAP_DUMP */ 292 op->flags |= flags; 293 294 return 0; 295 } 296 297 /* Must make sure that op is initialized to 0 on failure */ 298 static int 299 genl_get_cmd(u32 cmd, u8 flags, const struct genl_family *family, 300 struct genl_split_ops *op) 301 { 302 struct genl_ops full; 303 int err; 304 305 err = genl_get_cmd_full(cmd, family, &full); 306 if (err == -ENOENT) 307 err = genl_get_cmd_small(cmd, family, &full); 308 /* Found one of legacy forms */ 309 if (err == 0) 310 return genl_cmd_full_to_split(op, family, &full, flags); 311 312 err = genl_get_cmd_split(cmd, flags, family, op); 313 if (err) 314 memset(op, 0, sizeof(*op)); 315 return err; 316 } 317 318 /* For policy dumping only, get ops of both do and dump. 319 * Fail if both are missing, genl_get_cmd() will zero-init in case of failure. 320 */ 321 static int 322 genl_get_cmd_both(u32 cmd, const struct genl_family *family, 323 struct genl_split_ops *doit, struct genl_split_ops *dumpit) 324 { 325 int err1, err2; 326 327 err1 = genl_get_cmd(cmd, GENL_CMD_CAP_DO, family, doit); 328 err2 = genl_get_cmd(cmd, GENL_CMD_CAP_DUMP, family, dumpit); 329 330 return err1 && err2 ? -ENOENT : 0; 331 } 332 333 static bool 334 genl_op_iter_init(const struct genl_family *family, struct genl_op_iter *iter) 335 { 336 iter->family = family; 337 iter->cmd_idx = 0; 338 iter->entry_idx = 0; 339 340 iter->flags = 0; 341 342 return iter->family->n_ops + 343 iter->family->n_small_ops + 344 iter->family->n_split_ops; 345 } 346 347 static bool genl_op_iter_next(struct genl_op_iter *iter) 348 { 349 const struct genl_family *family = iter->family; 350 bool legacy_op = true; 351 struct genl_ops op; 352 353 if (iter->entry_idx < family->n_ops) { 354 genl_op_from_full(family, iter->entry_idx, &op); 355 } else if (iter->entry_idx < family->n_ops + family->n_small_ops) { 356 genl_op_from_small(family, iter->entry_idx - family->n_ops, 357 &op); 358 } else if (iter->entry_idx < 359 family->n_ops + family->n_small_ops + family->n_split_ops) { 360 legacy_op = false; 361 /* updates entry_idx */ 362 genl_op_from_split(iter); 363 } else { 364 return false; 365 } 366 367 iter->cmd_idx++; 368 369 if (legacy_op) { 370 iter->entry_idx++; 371 372 genl_cmd_full_to_split(&iter->doit, family, 373 &op, GENL_CMD_CAP_DO); 374 genl_cmd_full_to_split(&iter->dumpit, family, 375 &op, GENL_CMD_CAP_DUMP); 376 } 377 378 iter->cmd = iter->doit.cmd | iter->dumpit.cmd; 379 iter->flags = iter->doit.flags | iter->dumpit.flags; 380 381 return true; 382 } 383 384 static void 385 genl_op_iter_copy(struct genl_op_iter *dst, struct genl_op_iter *src) 386 { 387 *dst = *src; 388 } 389 390 static unsigned int genl_op_iter_idx(struct genl_op_iter *iter) 391 { 392 return iter->cmd_idx; 393 } 394 395 static int genl_allocate_reserve_groups(int n_groups, int *first_id) 396 { 397 unsigned long *new_groups; 398 int start = 0; 399 int i; 400 int id; 401 bool fits; 402 403 do { 404 if (start == 0) 405 id = find_first_zero_bit(mc_groups, 406 mc_groups_longs * 407 BITS_PER_LONG); 408 else 409 id = find_next_zero_bit(mc_groups, 410 mc_groups_longs * BITS_PER_LONG, 411 start); 412 413 fits = true; 414 for (i = id; 415 i < min_t(int, id + n_groups, 416 mc_groups_longs * BITS_PER_LONG); 417 i++) { 418 if (test_bit(i, mc_groups)) { 419 start = i; 420 fits = false; 421 break; 422 } 423 } 424 425 if (id + n_groups > mc_groups_longs * BITS_PER_LONG) { 426 unsigned long new_longs = mc_groups_longs + 427 BITS_TO_LONGS(n_groups); 428 size_t nlen = new_longs * sizeof(unsigned long); 429 430 if (mc_groups == &mc_group_start) { 431 new_groups = kzalloc(nlen, GFP_KERNEL); 432 if (!new_groups) 433 return -ENOMEM; 434 mc_groups = new_groups; 435 *mc_groups = mc_group_start; 436 } else { 437 new_groups = krealloc(mc_groups, nlen, 438 GFP_KERNEL); 439 if (!new_groups) 440 return -ENOMEM; 441 mc_groups = new_groups; 442 for (i = 0; i < BITS_TO_LONGS(n_groups); i++) 443 mc_groups[mc_groups_longs + i] = 0; 444 } 445 mc_groups_longs = new_longs; 446 } 447 } while (!fits); 448 449 for (i = id; i < id + n_groups; i++) 450 set_bit(i, mc_groups); 451 *first_id = id; 452 return 0; 453 } 454 455 static struct genl_family genl_ctrl; 456 457 static int genl_validate_assign_mc_groups(struct genl_family *family) 458 { 459 int first_id; 460 int n_groups = family->n_mcgrps; 461 int err = 0, i; 462 bool groups_allocated = false; 463 464 if (!n_groups) 465 return 0; 466 467 for (i = 0; i < n_groups; i++) { 468 const struct genl_multicast_group *grp = &family->mcgrps[i]; 469 470 if (WARN_ON(grp->name[0] == '\0')) 471 return -EINVAL; 472 if (WARN_ON(!string_is_terminated(grp->name, GENL_NAMSIZ))) 473 return -EINVAL; 474 } 475 476 /* special-case our own group and hacks */ 477 if (family == &genl_ctrl) { 478 first_id = GENL_ID_CTRL; 479 BUG_ON(n_groups != 1); 480 } else if (strcmp(family->name, "NET_DM") == 0) { 481 first_id = 1; 482 BUG_ON(n_groups != 1); 483 } else if (family->id == GENL_ID_VFS_DQUOT) { 484 first_id = GENL_ID_VFS_DQUOT; 485 BUG_ON(n_groups != 1); 486 } else if (family->id == GENL_ID_PMCRAID) { 487 first_id = GENL_ID_PMCRAID; 488 BUG_ON(n_groups != 1); 489 } else { 490 groups_allocated = true; 491 err = genl_allocate_reserve_groups(n_groups, &first_id); 492 if (err) 493 return err; 494 } 495 496 family->mcgrp_offset = first_id; 497 498 /* if still initializing, can't and don't need to realloc bitmaps */ 499 if (!init_net.genl_sock) 500 return 0; 501 502 if (family->netnsok) { 503 struct net *net; 504 505 netlink_table_grab(); 506 rcu_read_lock(); 507 for_each_net_rcu(net) { 508 err = __netlink_change_ngroups(net->genl_sock, 509 mc_groups_longs * BITS_PER_LONG); 510 if (err) { 511 /* 512 * No need to roll back, can only fail if 513 * memory allocation fails and then the 514 * number of _possible_ groups has been 515 * increased on some sockets which is ok. 516 */ 517 break; 518 } 519 } 520 rcu_read_unlock(); 521 netlink_table_ungrab(); 522 } else { 523 err = netlink_change_ngroups(init_net.genl_sock, 524 mc_groups_longs * BITS_PER_LONG); 525 } 526 527 if (groups_allocated && err) { 528 for (i = 0; i < family->n_mcgrps; i++) 529 clear_bit(family->mcgrp_offset + i, mc_groups); 530 } 531 532 return err; 533 } 534 535 static void genl_unregister_mc_groups(const struct genl_family *family) 536 { 537 struct net *net; 538 int i; 539 540 netlink_table_grab(); 541 rcu_read_lock(); 542 for_each_net_rcu(net) { 543 for (i = 0; i < family->n_mcgrps; i++) 544 __netlink_clear_multicast_users( 545 net->genl_sock, family->mcgrp_offset + i); 546 } 547 rcu_read_unlock(); 548 netlink_table_ungrab(); 549 550 for (i = 0; i < family->n_mcgrps; i++) { 551 int grp_id = family->mcgrp_offset + i; 552 553 if (grp_id != 1) 554 clear_bit(grp_id, mc_groups); 555 genl_ctrl_event(CTRL_CMD_DELMCAST_GRP, family, 556 &family->mcgrps[i], grp_id); 557 } 558 } 559 560 static bool genl_split_op_check(const struct genl_split_ops *op) 561 { 562 if (WARN_ON(hweight8(op->flags & (GENL_CMD_CAP_DO | 563 GENL_CMD_CAP_DUMP)) != 1)) 564 return true; 565 return false; 566 } 567 568 static int genl_validate_ops(const struct genl_family *family) 569 { 570 struct genl_op_iter i, j; 571 unsigned int s; 572 573 if (WARN_ON(family->n_ops && !family->ops) || 574 WARN_ON(family->n_small_ops && !family->small_ops) || 575 WARN_ON(family->n_split_ops && !family->split_ops)) 576 return -EINVAL; 577 578 for (genl_op_iter_init(family, &i); genl_op_iter_next(&i); ) { 579 if (!(i.flags & (GENL_CMD_CAP_DO | GENL_CMD_CAP_DUMP))) 580 return -EINVAL; 581 582 if (WARN_ON(i.cmd >= family->resv_start_op && 583 (i.doit.validate || i.dumpit.validate))) 584 return -EINVAL; 585 586 genl_op_iter_copy(&j, &i); 587 while (genl_op_iter_next(&j)) { 588 if (i.cmd == j.cmd) 589 return -EINVAL; 590 } 591 } 592 593 if (family->n_split_ops) { 594 if (genl_split_op_check(&family->split_ops[0])) 595 return -EINVAL; 596 } 597 598 for (s = 1; s < family->n_split_ops; s++) { 599 const struct genl_split_ops *a, *b; 600 601 a = &family->split_ops[s - 1]; 602 b = &family->split_ops[s]; 603 604 if (genl_split_op_check(b)) 605 return -EINVAL; 606 607 /* Check sort order */ 608 if (a->cmd < b->cmd) { 609 continue; 610 } else if (a->cmd > b->cmd) { 611 WARN_ON(1); 612 return -EINVAL; 613 } 614 615 if (a->internal_flags != b->internal_flags || 616 ((a->flags ^ b->flags) & ~(GENL_CMD_CAP_DO | 617 GENL_CMD_CAP_DUMP))) { 618 WARN_ON(1); 619 return -EINVAL; 620 } 621 622 if ((a->flags & GENL_CMD_CAP_DO) && 623 (b->flags & GENL_CMD_CAP_DUMP)) 624 continue; 625 626 WARN_ON(1); 627 return -EINVAL; 628 } 629 630 return 0; 631 } 632 633 /** 634 * genl_register_family - register a generic netlink family 635 * @family: generic netlink family 636 * 637 * Registers the specified family after validating it first. Only one 638 * family may be registered with the same family name or identifier. 639 * 640 * The family's ops, multicast groups and module pointer must already 641 * be assigned. 642 * 643 * Return 0 on success or a negative error code. 644 */ 645 int genl_register_family(struct genl_family *family) 646 { 647 int err, i; 648 int start = GENL_START_ALLOC, end = GENL_MAX_ID; 649 650 err = genl_validate_ops(family); 651 if (err) 652 return err; 653 654 genl_lock_all(); 655 656 if (genl_family_find_byname(family->name)) { 657 err = -EEXIST; 658 goto errout_locked; 659 } 660 661 /* 662 * Sadly, a few cases need to be special-cased 663 * due to them having previously abused the API 664 * and having used their family ID also as their 665 * multicast group ID, so we use reserved IDs 666 * for both to be sure we can do that mapping. 667 */ 668 if (family == &genl_ctrl) { 669 /* and this needs to be special for initial family lookups */ 670 start = end = GENL_ID_CTRL; 671 } else if (strcmp(family->name, "pmcraid") == 0) { 672 start = end = GENL_ID_PMCRAID; 673 } else if (strcmp(family->name, "VFS_DQUOT") == 0) { 674 start = end = GENL_ID_VFS_DQUOT; 675 } 676 677 family->id = idr_alloc_cyclic(&genl_fam_idr, family, 678 start, end + 1, GFP_KERNEL); 679 if (family->id < 0) { 680 err = family->id; 681 goto errout_locked; 682 } 683 684 err = genl_validate_assign_mc_groups(family); 685 if (err) 686 goto errout_remove; 687 688 genl_unlock_all(); 689 690 /* send all events */ 691 genl_ctrl_event(CTRL_CMD_NEWFAMILY, family, NULL, 0); 692 for (i = 0; i < family->n_mcgrps; i++) 693 genl_ctrl_event(CTRL_CMD_NEWMCAST_GRP, family, 694 &family->mcgrps[i], family->mcgrp_offset + i); 695 696 return 0; 697 698 errout_remove: 699 idr_remove(&genl_fam_idr, family->id); 700 errout_locked: 701 genl_unlock_all(); 702 return err; 703 } 704 EXPORT_SYMBOL(genl_register_family); 705 706 /** 707 * genl_unregister_family - unregister generic netlink family 708 * @family: generic netlink family 709 * 710 * Unregisters the specified family. 711 * 712 * Returns 0 on success or a negative error code. 713 */ 714 int genl_unregister_family(const struct genl_family *family) 715 { 716 genl_lock_all(); 717 718 if (!genl_family_find_byid(family->id)) { 719 genl_unlock_all(); 720 return -ENOENT; 721 } 722 723 genl_unregister_mc_groups(family); 724 725 idr_remove(&genl_fam_idr, family->id); 726 727 up_write(&cb_lock); 728 wait_event(genl_sk_destructing_waitq, 729 atomic_read(&genl_sk_destructing_cnt) == 0); 730 genl_unlock(); 731 732 genl_ctrl_event(CTRL_CMD_DELFAMILY, family, NULL, 0); 733 734 return 0; 735 } 736 EXPORT_SYMBOL(genl_unregister_family); 737 738 /** 739 * genlmsg_put - Add generic netlink header to netlink message 740 * @skb: socket buffer holding the message 741 * @portid: netlink portid the message is addressed to 742 * @seq: sequence number (usually the one of the sender) 743 * @family: generic netlink family 744 * @flags: netlink message flags 745 * @cmd: generic netlink command 746 * 747 * Returns pointer to user specific header 748 */ 749 void *genlmsg_put(struct sk_buff *skb, u32 portid, u32 seq, 750 const struct genl_family *family, int flags, u8 cmd) 751 { 752 struct nlmsghdr *nlh; 753 struct genlmsghdr *hdr; 754 755 nlh = nlmsg_put(skb, portid, seq, family->id, GENL_HDRLEN + 756 family->hdrsize, flags); 757 if (nlh == NULL) 758 return NULL; 759 760 hdr = nlmsg_data(nlh); 761 hdr->cmd = cmd; 762 hdr->version = family->version; 763 hdr->reserved = 0; 764 765 return (char *) hdr + GENL_HDRLEN; 766 } 767 EXPORT_SYMBOL(genlmsg_put); 768 769 static struct genl_dumpit_info *genl_dumpit_info_alloc(void) 770 { 771 return kmalloc(sizeof(struct genl_dumpit_info), GFP_KERNEL); 772 } 773 774 static void genl_dumpit_info_free(const struct genl_dumpit_info *info) 775 { 776 kfree(info); 777 } 778 779 static struct nlattr ** 780 genl_family_rcv_msg_attrs_parse(const struct genl_family *family, 781 struct nlmsghdr *nlh, 782 struct netlink_ext_ack *extack, 783 const struct genl_split_ops *ops, 784 int hdrlen, 785 enum genl_validate_flags no_strict_flag) 786 { 787 enum netlink_validation validate = ops->validate & no_strict_flag ? 788 NL_VALIDATE_LIBERAL : 789 NL_VALIDATE_STRICT; 790 struct nlattr **attrbuf; 791 int err; 792 793 if (!ops->maxattr) 794 return NULL; 795 796 attrbuf = kmalloc_array(ops->maxattr + 1, 797 sizeof(struct nlattr *), GFP_KERNEL); 798 if (!attrbuf) 799 return ERR_PTR(-ENOMEM); 800 801 err = __nlmsg_parse(nlh, hdrlen, attrbuf, ops->maxattr, ops->policy, 802 validate, extack); 803 if (err) { 804 kfree(attrbuf); 805 return ERR_PTR(err); 806 } 807 return attrbuf; 808 } 809 810 static void genl_family_rcv_msg_attrs_free(struct nlattr **attrbuf) 811 { 812 kfree(attrbuf); 813 } 814 815 struct genl_start_context { 816 const struct genl_family *family; 817 struct nlmsghdr *nlh; 818 struct netlink_ext_ack *extack; 819 const struct genl_split_ops *ops; 820 int hdrlen; 821 }; 822 823 static int genl_start(struct netlink_callback *cb) 824 { 825 struct genl_start_context *ctx = cb->data; 826 const struct genl_split_ops *ops; 827 struct genl_dumpit_info *info; 828 struct nlattr **attrs = NULL; 829 int rc = 0; 830 831 ops = ctx->ops; 832 if (!(ops->validate & GENL_DONT_VALIDATE_DUMP) && 833 ctx->nlh->nlmsg_len < nlmsg_msg_size(ctx->hdrlen)) 834 return -EINVAL; 835 836 attrs = genl_family_rcv_msg_attrs_parse(ctx->family, ctx->nlh, ctx->extack, 837 ops, ctx->hdrlen, 838 GENL_DONT_VALIDATE_DUMP_STRICT); 839 if (IS_ERR(attrs)) 840 return PTR_ERR(attrs); 841 842 info = genl_dumpit_info_alloc(); 843 if (!info) { 844 genl_family_rcv_msg_attrs_free(attrs); 845 return -ENOMEM; 846 } 847 info->family = ctx->family; 848 info->op = *ops; 849 info->attrs = attrs; 850 851 cb->data = info; 852 if (ops->start) { 853 genl_op_lock(ctx->family); 854 rc = ops->start(cb); 855 genl_op_unlock(ctx->family); 856 } 857 858 if (rc) { 859 genl_family_rcv_msg_attrs_free(info->attrs); 860 genl_dumpit_info_free(info); 861 cb->data = NULL; 862 } 863 return rc; 864 } 865 866 static int genl_dumpit(struct sk_buff *skb, struct netlink_callback *cb) 867 { 868 const struct genl_dumpit_info *info = genl_dumpit_info(cb); 869 const struct genl_split_ops *ops = &info->op; 870 int rc; 871 872 genl_op_lock(info->family); 873 rc = ops->dumpit(skb, cb); 874 genl_op_unlock(info->family); 875 return rc; 876 } 877 878 static int genl_done(struct netlink_callback *cb) 879 { 880 const struct genl_dumpit_info *info = genl_dumpit_info(cb); 881 const struct genl_split_ops *ops = &info->op; 882 int rc = 0; 883 884 if (ops->done) { 885 genl_op_lock(info->family); 886 rc = ops->done(cb); 887 genl_op_unlock(info->family); 888 } 889 genl_family_rcv_msg_attrs_free(info->attrs); 890 genl_dumpit_info_free(info); 891 return rc; 892 } 893 894 static int genl_family_rcv_msg_dumpit(const struct genl_family *family, 895 struct sk_buff *skb, 896 struct nlmsghdr *nlh, 897 struct netlink_ext_ack *extack, 898 const struct genl_split_ops *ops, 899 int hdrlen, struct net *net) 900 { 901 struct genl_start_context ctx; 902 struct netlink_dump_control c = { 903 .module = family->module, 904 .data = &ctx, 905 .start = genl_start, 906 .dump = genl_dumpit, 907 .done = genl_done, 908 .extack = extack, 909 }; 910 int err; 911 912 ctx.family = family; 913 ctx.nlh = nlh; 914 ctx.extack = extack; 915 ctx.ops = ops; 916 ctx.hdrlen = hdrlen; 917 918 genl_op_unlock(family); 919 err = __netlink_dump_start(net->genl_sock, skb, nlh, &c); 920 genl_op_lock(family); 921 922 return err; 923 } 924 925 static int genl_family_rcv_msg_doit(const struct genl_family *family, 926 struct sk_buff *skb, 927 struct nlmsghdr *nlh, 928 struct netlink_ext_ack *extack, 929 const struct genl_split_ops *ops, 930 int hdrlen, struct net *net) 931 { 932 struct nlattr **attrbuf; 933 struct genl_info info; 934 int err; 935 936 attrbuf = genl_family_rcv_msg_attrs_parse(family, nlh, extack, 937 ops, hdrlen, 938 GENL_DONT_VALIDATE_STRICT); 939 if (IS_ERR(attrbuf)) 940 return PTR_ERR(attrbuf); 941 942 info.snd_seq = nlh->nlmsg_seq; 943 info.snd_portid = NETLINK_CB(skb).portid; 944 info.nlhdr = nlh; 945 info.genlhdr = nlmsg_data(nlh); 946 info.userhdr = nlmsg_data(nlh) + GENL_HDRLEN; 947 info.attrs = attrbuf; 948 info.extack = extack; 949 genl_info_net_set(&info, net); 950 memset(&info.user_ptr, 0, sizeof(info.user_ptr)); 951 952 if (ops->pre_doit) { 953 err = ops->pre_doit(ops, skb, &info); 954 if (err) 955 goto out; 956 } 957 958 err = ops->doit(skb, &info); 959 960 if (ops->post_doit) 961 ops->post_doit(ops, skb, &info); 962 963 out: 964 genl_family_rcv_msg_attrs_free(attrbuf); 965 966 return err; 967 } 968 969 static int genl_header_check(const struct genl_family *family, 970 struct nlmsghdr *nlh, struct genlmsghdr *hdr, 971 struct netlink_ext_ack *extack) 972 { 973 u16 flags; 974 975 /* Only for commands added after we started validating */ 976 if (hdr->cmd < family->resv_start_op) 977 return 0; 978 979 if (hdr->reserved) { 980 NL_SET_ERR_MSG(extack, "genlmsghdr.reserved field is not 0"); 981 return -EINVAL; 982 } 983 984 /* Old netlink flags have pretty loose semantics, allow only the flags 985 * consumed by the core where we can enforce the meaning. 986 */ 987 flags = nlh->nlmsg_flags; 988 if ((flags & NLM_F_DUMP) == NLM_F_DUMP) /* DUMP is 2 bits */ 989 flags &= ~NLM_F_DUMP; 990 if (flags & ~(NLM_F_REQUEST | NLM_F_ACK | NLM_F_ECHO)) { 991 NL_SET_ERR_MSG(extack, 992 "ambiguous or reserved bits set in nlmsg_flags"); 993 return -EINVAL; 994 } 995 996 return 0; 997 } 998 999 static int genl_family_rcv_msg(const struct genl_family *family, 1000 struct sk_buff *skb, 1001 struct nlmsghdr *nlh, 1002 struct netlink_ext_ack *extack) 1003 { 1004 struct net *net = sock_net(skb->sk); 1005 struct genlmsghdr *hdr = nlmsg_data(nlh); 1006 struct genl_split_ops op; 1007 int hdrlen; 1008 u8 flags; 1009 1010 /* this family doesn't exist in this netns */ 1011 if (!family->netnsok && !net_eq(net, &init_net)) 1012 return -ENOENT; 1013 1014 hdrlen = GENL_HDRLEN + family->hdrsize; 1015 if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen)) 1016 return -EINVAL; 1017 1018 if (genl_header_check(family, nlh, hdr, extack)) 1019 return -EINVAL; 1020 1021 flags = (nlh->nlmsg_flags & NLM_F_DUMP) == NLM_F_DUMP ? 1022 GENL_CMD_CAP_DUMP : GENL_CMD_CAP_DO; 1023 if (genl_get_cmd(hdr->cmd, flags, family, &op)) 1024 return -EOPNOTSUPP; 1025 1026 if ((op.flags & GENL_ADMIN_PERM) && 1027 !netlink_capable(skb, CAP_NET_ADMIN)) 1028 return -EPERM; 1029 1030 if ((op.flags & GENL_UNS_ADMIN_PERM) && 1031 !netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN)) 1032 return -EPERM; 1033 1034 if (flags & GENL_CMD_CAP_DUMP) 1035 return genl_family_rcv_msg_dumpit(family, skb, nlh, extack, 1036 &op, hdrlen, net); 1037 else 1038 return genl_family_rcv_msg_doit(family, skb, nlh, extack, 1039 &op, hdrlen, net); 1040 } 1041 1042 static int genl_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh, 1043 struct netlink_ext_ack *extack) 1044 { 1045 const struct genl_family *family; 1046 int err; 1047 1048 family = genl_family_find_byid(nlh->nlmsg_type); 1049 if (family == NULL) 1050 return -ENOENT; 1051 1052 genl_op_lock(family); 1053 err = genl_family_rcv_msg(family, skb, nlh, extack); 1054 genl_op_unlock(family); 1055 1056 return err; 1057 } 1058 1059 static void genl_rcv(struct sk_buff *skb) 1060 { 1061 down_read(&cb_lock); 1062 netlink_rcv_skb(skb, &genl_rcv_msg); 1063 up_read(&cb_lock); 1064 } 1065 1066 /************************************************************************** 1067 * Controller 1068 **************************************************************************/ 1069 1070 static struct genl_family genl_ctrl; 1071 1072 static int ctrl_fill_info(const struct genl_family *family, u32 portid, u32 seq, 1073 u32 flags, struct sk_buff *skb, u8 cmd) 1074 { 1075 struct genl_op_iter i; 1076 void *hdr; 1077 1078 hdr = genlmsg_put(skb, portid, seq, &genl_ctrl, flags, cmd); 1079 if (hdr == NULL) 1080 return -1; 1081 1082 if (nla_put_string(skb, CTRL_ATTR_FAMILY_NAME, family->name) || 1083 nla_put_u16(skb, CTRL_ATTR_FAMILY_ID, family->id) || 1084 nla_put_u32(skb, CTRL_ATTR_VERSION, family->version) || 1085 nla_put_u32(skb, CTRL_ATTR_HDRSIZE, family->hdrsize) || 1086 nla_put_u32(skb, CTRL_ATTR_MAXATTR, family->maxattr)) 1087 goto nla_put_failure; 1088 1089 if (genl_op_iter_init(family, &i)) { 1090 struct nlattr *nla_ops; 1091 1092 nla_ops = nla_nest_start_noflag(skb, CTRL_ATTR_OPS); 1093 if (nla_ops == NULL) 1094 goto nla_put_failure; 1095 1096 while (genl_op_iter_next(&i)) { 1097 struct nlattr *nest; 1098 u32 op_flags; 1099 1100 op_flags = i.flags; 1101 if (i.doit.policy || i.dumpit.policy) 1102 op_flags |= GENL_CMD_CAP_HASPOL; 1103 1104 nest = nla_nest_start_noflag(skb, genl_op_iter_idx(&i)); 1105 if (nest == NULL) 1106 goto nla_put_failure; 1107 1108 if (nla_put_u32(skb, CTRL_ATTR_OP_ID, i.cmd) || 1109 nla_put_u32(skb, CTRL_ATTR_OP_FLAGS, op_flags)) 1110 goto nla_put_failure; 1111 1112 nla_nest_end(skb, nest); 1113 } 1114 1115 nla_nest_end(skb, nla_ops); 1116 } 1117 1118 if (family->n_mcgrps) { 1119 struct nlattr *nla_grps; 1120 int i; 1121 1122 nla_grps = nla_nest_start_noflag(skb, CTRL_ATTR_MCAST_GROUPS); 1123 if (nla_grps == NULL) 1124 goto nla_put_failure; 1125 1126 for (i = 0; i < family->n_mcgrps; i++) { 1127 struct nlattr *nest; 1128 const struct genl_multicast_group *grp; 1129 1130 grp = &family->mcgrps[i]; 1131 1132 nest = nla_nest_start_noflag(skb, i + 1); 1133 if (nest == NULL) 1134 goto nla_put_failure; 1135 1136 if (nla_put_u32(skb, CTRL_ATTR_MCAST_GRP_ID, 1137 family->mcgrp_offset + i) || 1138 nla_put_string(skb, CTRL_ATTR_MCAST_GRP_NAME, 1139 grp->name)) 1140 goto nla_put_failure; 1141 1142 nla_nest_end(skb, nest); 1143 } 1144 nla_nest_end(skb, nla_grps); 1145 } 1146 1147 genlmsg_end(skb, hdr); 1148 return 0; 1149 1150 nla_put_failure: 1151 genlmsg_cancel(skb, hdr); 1152 return -EMSGSIZE; 1153 } 1154 1155 static int ctrl_fill_mcgrp_info(const struct genl_family *family, 1156 const struct genl_multicast_group *grp, 1157 int grp_id, u32 portid, u32 seq, u32 flags, 1158 struct sk_buff *skb, u8 cmd) 1159 { 1160 void *hdr; 1161 struct nlattr *nla_grps; 1162 struct nlattr *nest; 1163 1164 hdr = genlmsg_put(skb, portid, seq, &genl_ctrl, flags, cmd); 1165 if (hdr == NULL) 1166 return -1; 1167 1168 if (nla_put_string(skb, CTRL_ATTR_FAMILY_NAME, family->name) || 1169 nla_put_u16(skb, CTRL_ATTR_FAMILY_ID, family->id)) 1170 goto nla_put_failure; 1171 1172 nla_grps = nla_nest_start_noflag(skb, CTRL_ATTR_MCAST_GROUPS); 1173 if (nla_grps == NULL) 1174 goto nla_put_failure; 1175 1176 nest = nla_nest_start_noflag(skb, 1); 1177 if (nest == NULL) 1178 goto nla_put_failure; 1179 1180 if (nla_put_u32(skb, CTRL_ATTR_MCAST_GRP_ID, grp_id) || 1181 nla_put_string(skb, CTRL_ATTR_MCAST_GRP_NAME, 1182 grp->name)) 1183 goto nla_put_failure; 1184 1185 nla_nest_end(skb, nest); 1186 nla_nest_end(skb, nla_grps); 1187 1188 genlmsg_end(skb, hdr); 1189 return 0; 1190 1191 nla_put_failure: 1192 genlmsg_cancel(skb, hdr); 1193 return -EMSGSIZE; 1194 } 1195 1196 static int ctrl_dumpfamily(struct sk_buff *skb, struct netlink_callback *cb) 1197 { 1198 int n = 0; 1199 struct genl_family *rt; 1200 struct net *net = sock_net(skb->sk); 1201 int fams_to_skip = cb->args[0]; 1202 unsigned int id; 1203 1204 idr_for_each_entry(&genl_fam_idr, rt, id) { 1205 if (!rt->netnsok && !net_eq(net, &init_net)) 1206 continue; 1207 1208 if (n++ < fams_to_skip) 1209 continue; 1210 1211 if (ctrl_fill_info(rt, NETLINK_CB(cb->skb).portid, 1212 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1213 skb, CTRL_CMD_NEWFAMILY) < 0) { 1214 n--; 1215 break; 1216 } 1217 } 1218 1219 cb->args[0] = n; 1220 return skb->len; 1221 } 1222 1223 static struct sk_buff *ctrl_build_family_msg(const struct genl_family *family, 1224 u32 portid, int seq, u8 cmd) 1225 { 1226 struct sk_buff *skb; 1227 int err; 1228 1229 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1230 if (skb == NULL) 1231 return ERR_PTR(-ENOBUFS); 1232 1233 err = ctrl_fill_info(family, portid, seq, 0, skb, cmd); 1234 if (err < 0) { 1235 nlmsg_free(skb); 1236 return ERR_PTR(err); 1237 } 1238 1239 return skb; 1240 } 1241 1242 static struct sk_buff * 1243 ctrl_build_mcgrp_msg(const struct genl_family *family, 1244 const struct genl_multicast_group *grp, 1245 int grp_id, u32 portid, int seq, u8 cmd) 1246 { 1247 struct sk_buff *skb; 1248 int err; 1249 1250 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1251 if (skb == NULL) 1252 return ERR_PTR(-ENOBUFS); 1253 1254 err = ctrl_fill_mcgrp_info(family, grp, grp_id, portid, 1255 seq, 0, skb, cmd); 1256 if (err < 0) { 1257 nlmsg_free(skb); 1258 return ERR_PTR(err); 1259 } 1260 1261 return skb; 1262 } 1263 1264 static const struct nla_policy ctrl_policy_family[] = { 1265 [CTRL_ATTR_FAMILY_ID] = { .type = NLA_U16 }, 1266 [CTRL_ATTR_FAMILY_NAME] = { .type = NLA_NUL_STRING, 1267 .len = GENL_NAMSIZ - 1 }, 1268 }; 1269 1270 static int ctrl_getfamily(struct sk_buff *skb, struct genl_info *info) 1271 { 1272 struct sk_buff *msg; 1273 const struct genl_family *res = NULL; 1274 int err = -EINVAL; 1275 1276 if (info->attrs[CTRL_ATTR_FAMILY_ID]) { 1277 u16 id = nla_get_u16(info->attrs[CTRL_ATTR_FAMILY_ID]); 1278 res = genl_family_find_byid(id); 1279 err = -ENOENT; 1280 } 1281 1282 if (info->attrs[CTRL_ATTR_FAMILY_NAME]) { 1283 char *name; 1284 1285 name = nla_data(info->attrs[CTRL_ATTR_FAMILY_NAME]); 1286 res = genl_family_find_byname(name); 1287 #ifdef CONFIG_MODULES 1288 if (res == NULL) { 1289 genl_unlock(); 1290 up_read(&cb_lock); 1291 request_module("net-pf-%d-proto-%d-family-%s", 1292 PF_NETLINK, NETLINK_GENERIC, name); 1293 down_read(&cb_lock); 1294 genl_lock(); 1295 res = genl_family_find_byname(name); 1296 } 1297 #endif 1298 err = -ENOENT; 1299 } 1300 1301 if (res == NULL) 1302 return err; 1303 1304 if (!res->netnsok && !net_eq(genl_info_net(info), &init_net)) { 1305 /* family doesn't exist here */ 1306 return -ENOENT; 1307 } 1308 1309 msg = ctrl_build_family_msg(res, info->snd_portid, info->snd_seq, 1310 CTRL_CMD_NEWFAMILY); 1311 if (IS_ERR(msg)) 1312 return PTR_ERR(msg); 1313 1314 return genlmsg_reply(msg, info); 1315 } 1316 1317 static int genl_ctrl_event(int event, const struct genl_family *family, 1318 const struct genl_multicast_group *grp, 1319 int grp_id) 1320 { 1321 struct sk_buff *msg; 1322 1323 /* genl is still initialising */ 1324 if (!init_net.genl_sock) 1325 return 0; 1326 1327 switch (event) { 1328 case CTRL_CMD_NEWFAMILY: 1329 case CTRL_CMD_DELFAMILY: 1330 WARN_ON(grp); 1331 msg = ctrl_build_family_msg(family, 0, 0, event); 1332 break; 1333 case CTRL_CMD_NEWMCAST_GRP: 1334 case CTRL_CMD_DELMCAST_GRP: 1335 BUG_ON(!grp); 1336 msg = ctrl_build_mcgrp_msg(family, grp, grp_id, 0, 0, event); 1337 break; 1338 default: 1339 return -EINVAL; 1340 } 1341 1342 if (IS_ERR(msg)) 1343 return PTR_ERR(msg); 1344 1345 if (!family->netnsok) { 1346 genlmsg_multicast_netns(&genl_ctrl, &init_net, msg, 0, 1347 0, GFP_KERNEL); 1348 } else { 1349 rcu_read_lock(); 1350 genlmsg_multicast_allns(&genl_ctrl, msg, 0, 1351 0, GFP_ATOMIC); 1352 rcu_read_unlock(); 1353 } 1354 1355 return 0; 1356 } 1357 1358 struct ctrl_dump_policy_ctx { 1359 struct netlink_policy_dump_state *state; 1360 const struct genl_family *rt; 1361 struct genl_op_iter *op_iter; 1362 u32 op; 1363 u16 fam_id; 1364 u8 dump_map:1, 1365 single_op:1; 1366 }; 1367 1368 static const struct nla_policy ctrl_policy_policy[] = { 1369 [CTRL_ATTR_FAMILY_ID] = { .type = NLA_U16 }, 1370 [CTRL_ATTR_FAMILY_NAME] = { .type = NLA_NUL_STRING, 1371 .len = GENL_NAMSIZ - 1 }, 1372 [CTRL_ATTR_OP] = { .type = NLA_U32 }, 1373 }; 1374 1375 static int ctrl_dumppolicy_start(struct netlink_callback *cb) 1376 { 1377 const struct genl_dumpit_info *info = genl_dumpit_info(cb); 1378 struct ctrl_dump_policy_ctx *ctx = (void *)cb->ctx; 1379 struct nlattr **tb = info->attrs; 1380 const struct genl_family *rt; 1381 struct genl_op_iter i; 1382 int err; 1383 1384 BUILD_BUG_ON(sizeof(*ctx) > sizeof(cb->ctx)); 1385 1386 if (!tb[CTRL_ATTR_FAMILY_ID] && !tb[CTRL_ATTR_FAMILY_NAME]) 1387 return -EINVAL; 1388 1389 if (tb[CTRL_ATTR_FAMILY_ID]) { 1390 ctx->fam_id = nla_get_u16(tb[CTRL_ATTR_FAMILY_ID]); 1391 } else { 1392 rt = genl_family_find_byname( 1393 nla_data(tb[CTRL_ATTR_FAMILY_NAME])); 1394 if (!rt) 1395 return -ENOENT; 1396 ctx->fam_id = rt->id; 1397 } 1398 1399 rt = genl_family_find_byid(ctx->fam_id); 1400 if (!rt) 1401 return -ENOENT; 1402 1403 ctx->rt = rt; 1404 1405 if (tb[CTRL_ATTR_OP]) { 1406 struct genl_split_ops doit, dump; 1407 1408 ctx->single_op = true; 1409 ctx->op = nla_get_u32(tb[CTRL_ATTR_OP]); 1410 1411 err = genl_get_cmd_both(ctx->op, rt, &doit, &dump); 1412 if (err) { 1413 NL_SET_BAD_ATTR(cb->extack, tb[CTRL_ATTR_OP]); 1414 return err; 1415 } 1416 1417 if (doit.policy) { 1418 err = netlink_policy_dump_add_policy(&ctx->state, 1419 doit.policy, 1420 doit.maxattr); 1421 if (err) 1422 goto err_free_state; 1423 } 1424 if (dump.policy) { 1425 err = netlink_policy_dump_add_policy(&ctx->state, 1426 dump.policy, 1427 dump.maxattr); 1428 if (err) 1429 goto err_free_state; 1430 } 1431 1432 if (!ctx->state) 1433 return -ENODATA; 1434 1435 ctx->dump_map = 1; 1436 return 0; 1437 } 1438 1439 ctx->op_iter = kmalloc(sizeof(*ctx->op_iter), GFP_KERNEL); 1440 if (!ctx->op_iter) 1441 return -ENOMEM; 1442 1443 genl_op_iter_init(rt, ctx->op_iter); 1444 ctx->dump_map = genl_op_iter_next(ctx->op_iter); 1445 1446 for (genl_op_iter_init(rt, &i); genl_op_iter_next(&i); ) { 1447 if (i.doit.policy) { 1448 err = netlink_policy_dump_add_policy(&ctx->state, 1449 i.doit.policy, 1450 i.doit.maxattr); 1451 if (err) 1452 goto err_free_state; 1453 } 1454 if (i.dumpit.policy) { 1455 err = netlink_policy_dump_add_policy(&ctx->state, 1456 i.dumpit.policy, 1457 i.dumpit.maxattr); 1458 if (err) 1459 goto err_free_state; 1460 } 1461 } 1462 1463 if (!ctx->state) { 1464 err = -ENODATA; 1465 goto err_free_op_iter; 1466 } 1467 return 0; 1468 1469 err_free_state: 1470 netlink_policy_dump_free(ctx->state); 1471 err_free_op_iter: 1472 kfree(ctx->op_iter); 1473 return err; 1474 } 1475 1476 static void *ctrl_dumppolicy_prep(struct sk_buff *skb, 1477 struct netlink_callback *cb) 1478 { 1479 struct ctrl_dump_policy_ctx *ctx = (void *)cb->ctx; 1480 void *hdr; 1481 1482 hdr = genlmsg_put(skb, NETLINK_CB(cb->skb).portid, 1483 cb->nlh->nlmsg_seq, &genl_ctrl, 1484 NLM_F_MULTI, CTRL_CMD_GETPOLICY); 1485 if (!hdr) 1486 return NULL; 1487 1488 if (nla_put_u16(skb, CTRL_ATTR_FAMILY_ID, ctx->fam_id)) 1489 return NULL; 1490 1491 return hdr; 1492 } 1493 1494 static int ctrl_dumppolicy_put_op(struct sk_buff *skb, 1495 struct netlink_callback *cb, 1496 struct genl_split_ops *doit, 1497 struct genl_split_ops *dumpit) 1498 { 1499 struct ctrl_dump_policy_ctx *ctx = (void *)cb->ctx; 1500 struct nlattr *nest_pol, *nest_op; 1501 void *hdr; 1502 int idx; 1503 1504 /* skip if we have nothing to show */ 1505 if (!doit->policy && !dumpit->policy) 1506 return 0; 1507 1508 hdr = ctrl_dumppolicy_prep(skb, cb); 1509 if (!hdr) 1510 return -ENOBUFS; 1511 1512 nest_pol = nla_nest_start(skb, CTRL_ATTR_OP_POLICY); 1513 if (!nest_pol) 1514 goto err; 1515 1516 nest_op = nla_nest_start(skb, doit->cmd); 1517 if (!nest_op) 1518 goto err; 1519 1520 if (doit->policy) { 1521 idx = netlink_policy_dump_get_policy_idx(ctx->state, 1522 doit->policy, 1523 doit->maxattr); 1524 1525 if (nla_put_u32(skb, CTRL_ATTR_POLICY_DO, idx)) 1526 goto err; 1527 } 1528 if (dumpit->policy) { 1529 idx = netlink_policy_dump_get_policy_idx(ctx->state, 1530 dumpit->policy, 1531 dumpit->maxattr); 1532 1533 if (nla_put_u32(skb, CTRL_ATTR_POLICY_DUMP, idx)) 1534 goto err; 1535 } 1536 1537 nla_nest_end(skb, nest_op); 1538 nla_nest_end(skb, nest_pol); 1539 genlmsg_end(skb, hdr); 1540 1541 return 0; 1542 err: 1543 genlmsg_cancel(skb, hdr); 1544 return -ENOBUFS; 1545 } 1546 1547 static int ctrl_dumppolicy(struct sk_buff *skb, struct netlink_callback *cb) 1548 { 1549 struct ctrl_dump_policy_ctx *ctx = (void *)cb->ctx; 1550 void *hdr; 1551 1552 if (ctx->dump_map) { 1553 if (ctx->single_op) { 1554 struct genl_split_ops doit, dumpit; 1555 1556 if (WARN_ON(genl_get_cmd_both(ctx->op, ctx->rt, 1557 &doit, &dumpit))) 1558 return -ENOENT; 1559 1560 if (ctrl_dumppolicy_put_op(skb, cb, &doit, &dumpit)) 1561 return skb->len; 1562 1563 /* done with the per-op policy index list */ 1564 ctx->dump_map = 0; 1565 } 1566 1567 while (ctx->dump_map) { 1568 if (ctrl_dumppolicy_put_op(skb, cb, 1569 &ctx->op_iter->doit, 1570 &ctx->op_iter->dumpit)) 1571 return skb->len; 1572 1573 ctx->dump_map = genl_op_iter_next(ctx->op_iter); 1574 } 1575 } 1576 1577 while (netlink_policy_dump_loop(ctx->state)) { 1578 struct nlattr *nest; 1579 1580 hdr = ctrl_dumppolicy_prep(skb, cb); 1581 if (!hdr) 1582 goto nla_put_failure; 1583 1584 nest = nla_nest_start(skb, CTRL_ATTR_POLICY); 1585 if (!nest) 1586 goto nla_put_failure; 1587 1588 if (netlink_policy_dump_write(skb, ctx->state)) 1589 goto nla_put_failure; 1590 1591 nla_nest_end(skb, nest); 1592 1593 genlmsg_end(skb, hdr); 1594 } 1595 1596 return skb->len; 1597 1598 nla_put_failure: 1599 genlmsg_cancel(skb, hdr); 1600 return skb->len; 1601 } 1602 1603 static int ctrl_dumppolicy_done(struct netlink_callback *cb) 1604 { 1605 struct ctrl_dump_policy_ctx *ctx = (void *)cb->ctx; 1606 1607 kfree(ctx->op_iter); 1608 netlink_policy_dump_free(ctx->state); 1609 return 0; 1610 } 1611 1612 static const struct genl_split_ops genl_ctrl_ops[] = { 1613 { 1614 .cmd = CTRL_CMD_GETFAMILY, 1615 .validate = GENL_DONT_VALIDATE_STRICT, 1616 .policy = ctrl_policy_family, 1617 .maxattr = ARRAY_SIZE(ctrl_policy_family) - 1, 1618 .doit = ctrl_getfamily, 1619 .flags = GENL_CMD_CAP_DO, 1620 }, 1621 { 1622 .cmd = CTRL_CMD_GETFAMILY, 1623 .validate = GENL_DONT_VALIDATE_DUMP, 1624 .policy = ctrl_policy_family, 1625 .maxattr = ARRAY_SIZE(ctrl_policy_family) - 1, 1626 .dumpit = ctrl_dumpfamily, 1627 .flags = GENL_CMD_CAP_DUMP, 1628 }, 1629 { 1630 .cmd = CTRL_CMD_GETPOLICY, 1631 .policy = ctrl_policy_policy, 1632 .maxattr = ARRAY_SIZE(ctrl_policy_policy) - 1, 1633 .start = ctrl_dumppolicy_start, 1634 .dumpit = ctrl_dumppolicy, 1635 .done = ctrl_dumppolicy_done, 1636 .flags = GENL_CMD_CAP_DUMP, 1637 }, 1638 }; 1639 1640 static const struct genl_multicast_group genl_ctrl_groups[] = { 1641 { .name = "notify", }, 1642 }; 1643 1644 static struct genl_family genl_ctrl __ro_after_init = { 1645 .module = THIS_MODULE, 1646 .split_ops = genl_ctrl_ops, 1647 .n_split_ops = ARRAY_SIZE(genl_ctrl_ops), 1648 .resv_start_op = CTRL_CMD_GETPOLICY + 1, 1649 .mcgrps = genl_ctrl_groups, 1650 .n_mcgrps = ARRAY_SIZE(genl_ctrl_groups), 1651 .id = GENL_ID_CTRL, 1652 .name = "nlctrl", 1653 .version = 0x2, 1654 .netnsok = true, 1655 }; 1656 1657 static int genl_bind(struct net *net, int group) 1658 { 1659 const struct genl_family *family; 1660 unsigned int id; 1661 int ret = 0; 1662 1663 down_read(&cb_lock); 1664 1665 idr_for_each_entry(&genl_fam_idr, family, id) { 1666 const struct genl_multicast_group *grp; 1667 int i; 1668 1669 if (family->n_mcgrps == 0) 1670 continue; 1671 1672 i = group - family->mcgrp_offset; 1673 if (i < 0 || i >= family->n_mcgrps) 1674 continue; 1675 1676 grp = &family->mcgrps[i]; 1677 if ((grp->flags & GENL_UNS_ADMIN_PERM) && 1678 !ns_capable(net->user_ns, CAP_NET_ADMIN)) 1679 ret = -EPERM; 1680 1681 break; 1682 } 1683 1684 up_read(&cb_lock); 1685 return ret; 1686 } 1687 1688 static int __net_init genl_pernet_init(struct net *net) 1689 { 1690 struct netlink_kernel_cfg cfg = { 1691 .input = genl_rcv, 1692 .flags = NL_CFG_F_NONROOT_RECV, 1693 .bind = genl_bind, 1694 }; 1695 1696 /* we'll bump the group number right afterwards */ 1697 net->genl_sock = netlink_kernel_create(net, NETLINK_GENERIC, &cfg); 1698 1699 if (!net->genl_sock && net_eq(net, &init_net)) 1700 panic("GENL: Cannot initialize generic netlink\n"); 1701 1702 if (!net->genl_sock) 1703 return -ENOMEM; 1704 1705 return 0; 1706 } 1707 1708 static void __net_exit genl_pernet_exit(struct net *net) 1709 { 1710 netlink_kernel_release(net->genl_sock); 1711 net->genl_sock = NULL; 1712 } 1713 1714 static struct pernet_operations genl_pernet_ops = { 1715 .init = genl_pernet_init, 1716 .exit = genl_pernet_exit, 1717 }; 1718 1719 static int __init genl_init(void) 1720 { 1721 int err; 1722 1723 err = genl_register_family(&genl_ctrl); 1724 if (err < 0) 1725 goto problem; 1726 1727 err = register_pernet_subsys(&genl_pernet_ops); 1728 if (err) 1729 goto problem; 1730 1731 return 0; 1732 1733 problem: 1734 panic("GENL: Cannot register controller: %d\n", err); 1735 } 1736 1737 core_initcall(genl_init); 1738 1739 static int genlmsg_mcast(struct sk_buff *skb, u32 portid, unsigned long group, 1740 gfp_t flags) 1741 { 1742 struct sk_buff *tmp; 1743 struct net *net, *prev = NULL; 1744 bool delivered = false; 1745 int err; 1746 1747 for_each_net_rcu(net) { 1748 if (prev) { 1749 tmp = skb_clone(skb, flags); 1750 if (!tmp) { 1751 err = -ENOMEM; 1752 goto error; 1753 } 1754 err = nlmsg_multicast(prev->genl_sock, tmp, 1755 portid, group, flags); 1756 if (!err) 1757 delivered = true; 1758 else if (err != -ESRCH) 1759 goto error; 1760 } 1761 1762 prev = net; 1763 } 1764 1765 err = nlmsg_multicast(prev->genl_sock, skb, portid, group, flags); 1766 if (!err) 1767 delivered = true; 1768 else if (err != -ESRCH) 1769 return err; 1770 return delivered ? 0 : -ESRCH; 1771 error: 1772 kfree_skb(skb); 1773 return err; 1774 } 1775 1776 int genlmsg_multicast_allns(const struct genl_family *family, 1777 struct sk_buff *skb, u32 portid, 1778 unsigned int group, gfp_t flags) 1779 { 1780 if (WARN_ON_ONCE(group >= family->n_mcgrps)) 1781 return -EINVAL; 1782 1783 group = family->mcgrp_offset + group; 1784 return genlmsg_mcast(skb, portid, group, flags); 1785 } 1786 EXPORT_SYMBOL(genlmsg_multicast_allns); 1787 1788 void genl_notify(const struct genl_family *family, struct sk_buff *skb, 1789 struct genl_info *info, u32 group, gfp_t flags) 1790 { 1791 struct net *net = genl_info_net(info); 1792 struct sock *sk = net->genl_sock; 1793 1794 if (WARN_ON_ONCE(group >= family->n_mcgrps)) 1795 return; 1796 1797 group = family->mcgrp_offset + group; 1798 nlmsg_notify(sk, skb, info->snd_portid, group, 1799 nlmsg_report(info->nlhdr), flags); 1800 } 1801 EXPORT_SYMBOL(genl_notify); 1802