xref: /linux/net/xfrm/xfrm_compat.c (revision c532de5a67a70f8533d495f8f2aaa9a0491c3ad0)
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * XFRM compat layer
4  * Author: Dmitry Safonov <dima@arista.com>
5  * Based on code and translator idea by: Florian Westphal <fw@strlen.de>
6  */
7 #include <linux/compat.h>
8 #include <linux/nospec.h>
9 #include <linux/xfrm.h>
10 #include <net/xfrm.h>
11 
12 struct compat_xfrm_lifetime_cfg {
13 	compat_u64 soft_byte_limit, hard_byte_limit;
14 	compat_u64 soft_packet_limit, hard_packet_limit;
15 	compat_u64 soft_add_expires_seconds, hard_add_expires_seconds;
16 	compat_u64 soft_use_expires_seconds, hard_use_expires_seconds;
17 }; /* same size on 32bit, but only 4 byte alignment required */
18 
19 struct compat_xfrm_lifetime_cur {
20 	compat_u64 bytes, packets, add_time, use_time;
21 }; /* same size on 32bit, but only 4 byte alignment required */
22 
23 struct compat_xfrm_userpolicy_info {
24 	struct xfrm_selector sel;
25 	struct compat_xfrm_lifetime_cfg lft;
26 	struct compat_xfrm_lifetime_cur curlft;
27 	__u32 priority, index;
28 	u8 dir, action, flags, share;
29 	/* 4 bytes additional padding on 64bit */
30 };
31 
32 struct compat_xfrm_usersa_info {
33 	struct xfrm_selector sel;
34 	struct xfrm_id id;
35 	xfrm_address_t saddr;
36 	struct compat_xfrm_lifetime_cfg lft;
37 	struct compat_xfrm_lifetime_cur curlft;
38 	struct xfrm_stats stats;
39 	__u32 seq, reqid;
40 	u16 family;
41 	u8 mode, replay_window, flags;
42 	/* 4 bytes additional padding on 64bit */
43 };
44 
45 struct compat_xfrm_user_acquire {
46 	struct xfrm_id id;
47 	xfrm_address_t saddr;
48 	struct xfrm_selector sel;
49 	struct compat_xfrm_userpolicy_info policy;
50 	/* 4 bytes additional padding on 64bit */
51 	__u32 aalgos, ealgos, calgos, seq;
52 };
53 
54 struct compat_xfrm_userspi_info {
55 	struct compat_xfrm_usersa_info info;
56 	/* 4 bytes additional padding on 64bit */
57 	__u32 min, max;
58 };
59 
60 struct compat_xfrm_user_expire {
61 	struct compat_xfrm_usersa_info state;
62 	/* 8 bytes additional padding on 64bit */
63 	u8 hard;
64 };
65 
66 struct compat_xfrm_user_polexpire {
67 	struct compat_xfrm_userpolicy_info pol;
68 	/* 8 bytes additional padding on 64bit */
69 	u8 hard;
70 };
71 
72 #define XMSGSIZE(type) sizeof(struct type)
73 
74 static const int compat_msg_min[XFRM_NR_MSGTYPES] = {
75 	[XFRM_MSG_NEWSA       - XFRM_MSG_BASE] = XMSGSIZE(compat_xfrm_usersa_info),
76 	[XFRM_MSG_DELSA       - XFRM_MSG_BASE] = XMSGSIZE(xfrm_usersa_id),
77 	[XFRM_MSG_GETSA       - XFRM_MSG_BASE] = XMSGSIZE(xfrm_usersa_id),
78 	[XFRM_MSG_NEWPOLICY   - XFRM_MSG_BASE] = XMSGSIZE(compat_xfrm_userpolicy_info),
79 	[XFRM_MSG_DELPOLICY   - XFRM_MSG_BASE] = XMSGSIZE(xfrm_userpolicy_id),
80 	[XFRM_MSG_GETPOLICY   - XFRM_MSG_BASE] = XMSGSIZE(xfrm_userpolicy_id),
81 	[XFRM_MSG_ALLOCSPI    - XFRM_MSG_BASE] = XMSGSIZE(compat_xfrm_userspi_info),
82 	[XFRM_MSG_ACQUIRE     - XFRM_MSG_BASE] = XMSGSIZE(compat_xfrm_user_acquire),
83 	[XFRM_MSG_EXPIRE      - XFRM_MSG_BASE] = XMSGSIZE(compat_xfrm_user_expire),
84 	[XFRM_MSG_UPDPOLICY   - XFRM_MSG_BASE] = XMSGSIZE(compat_xfrm_userpolicy_info),
85 	[XFRM_MSG_UPDSA       - XFRM_MSG_BASE] = XMSGSIZE(compat_xfrm_usersa_info),
86 	[XFRM_MSG_POLEXPIRE   - XFRM_MSG_BASE] = XMSGSIZE(compat_xfrm_user_polexpire),
87 	[XFRM_MSG_FLUSHSA     - XFRM_MSG_BASE] = XMSGSIZE(xfrm_usersa_flush),
88 	[XFRM_MSG_FLUSHPOLICY - XFRM_MSG_BASE] = 0,
89 	[XFRM_MSG_NEWAE       - XFRM_MSG_BASE] = XMSGSIZE(xfrm_aevent_id),
90 	[XFRM_MSG_GETAE       - XFRM_MSG_BASE] = XMSGSIZE(xfrm_aevent_id),
91 	[XFRM_MSG_REPORT      - XFRM_MSG_BASE] = XMSGSIZE(xfrm_user_report),
92 	[XFRM_MSG_MIGRATE     - XFRM_MSG_BASE] = XMSGSIZE(xfrm_userpolicy_id),
93 	[XFRM_MSG_NEWSADINFO  - XFRM_MSG_BASE] = sizeof(u32),
94 	[XFRM_MSG_GETSADINFO  - XFRM_MSG_BASE] = sizeof(u32),
95 	[XFRM_MSG_NEWSPDINFO  - XFRM_MSG_BASE] = sizeof(u32),
96 	[XFRM_MSG_GETSPDINFO  - XFRM_MSG_BASE] = sizeof(u32),
97 	[XFRM_MSG_MAPPING     - XFRM_MSG_BASE] = XMSGSIZE(xfrm_user_mapping)
98 };
99 
100 static const struct nla_policy compat_policy[XFRMA_MAX+1] = {
101 	[XFRMA_UNSPEC]          = { .strict_start_type = XFRMA_SA_DIR },
102 	[XFRMA_SA]		= { .len = XMSGSIZE(compat_xfrm_usersa_info)},
103 	[XFRMA_POLICY]		= { .len = XMSGSIZE(compat_xfrm_userpolicy_info)},
104 	[XFRMA_LASTUSED]	= { .type = NLA_U64},
105 	[XFRMA_ALG_AUTH_TRUNC]	= { .len = sizeof(struct xfrm_algo_auth)},
106 	[XFRMA_ALG_AEAD]	= { .len = sizeof(struct xfrm_algo_aead) },
107 	[XFRMA_ALG_AUTH]	= { .len = sizeof(struct xfrm_algo) },
108 	[XFRMA_ALG_CRYPT]	= { .len = sizeof(struct xfrm_algo) },
109 	[XFRMA_ALG_COMP]	= { .len = sizeof(struct xfrm_algo) },
110 	[XFRMA_ENCAP]		= { .len = sizeof(struct xfrm_encap_tmpl) },
111 	[XFRMA_TMPL]		= { .len = sizeof(struct xfrm_user_tmpl) },
112 	[XFRMA_SEC_CTX]		= { .len = sizeof(struct xfrm_user_sec_ctx) },
113 	[XFRMA_LTIME_VAL]	= { .len = sizeof(struct xfrm_lifetime_cur) },
114 	[XFRMA_REPLAY_VAL]	= { .len = sizeof(struct xfrm_replay_state) },
115 	[XFRMA_REPLAY_THRESH]	= { .type = NLA_U32 },
116 	[XFRMA_ETIMER_THRESH]	= { .type = NLA_U32 },
117 	[XFRMA_SRCADDR]		= { .len = sizeof(xfrm_address_t) },
118 	[XFRMA_COADDR]		= { .len = sizeof(xfrm_address_t) },
119 	[XFRMA_POLICY_TYPE]	= { .len = sizeof(struct xfrm_userpolicy_type)},
120 	[XFRMA_MIGRATE]		= { .len = sizeof(struct xfrm_user_migrate) },
121 	[XFRMA_KMADDRESS]	= { .len = sizeof(struct xfrm_user_kmaddress) },
122 	[XFRMA_MARK]		= { .len = sizeof(struct xfrm_mark) },
123 	[XFRMA_TFCPAD]		= { .type = NLA_U32 },
124 	[XFRMA_REPLAY_ESN_VAL]	= { .len = sizeof(struct xfrm_replay_state_esn) },
125 	[XFRMA_SA_EXTRA_FLAGS]	= { .type = NLA_U32 },
126 	[XFRMA_PROTO]		= { .type = NLA_U8 },
127 	[XFRMA_ADDRESS_FILTER]	= { .len = sizeof(struct xfrm_address_filter) },
128 	[XFRMA_OFFLOAD_DEV]	= { .len = sizeof(struct xfrm_user_offload) },
129 	[XFRMA_SET_MARK]	= { .type = NLA_U32 },
130 	[XFRMA_SET_MARK_MASK]	= { .type = NLA_U32 },
131 	[XFRMA_IF_ID]		= { .type = NLA_U32 },
132 	[XFRMA_MTIMER_THRESH]	= { .type = NLA_U32 },
133 	[XFRMA_SA_DIR]          = NLA_POLICY_RANGE(NLA_U8, XFRM_SA_DIR_IN, XFRM_SA_DIR_OUT),
134 	[XFRMA_NAT_KEEPALIVE_INTERVAL]	= { .type = NLA_U32 },
135 };
136 
137 static struct nlmsghdr *xfrm_nlmsg_put_compat(struct sk_buff *skb,
138 			const struct nlmsghdr *nlh_src, u16 type)
139 {
140 	int payload = compat_msg_min[type];
141 	int src_len = xfrm_msg_min[type];
142 	struct nlmsghdr *nlh_dst;
143 
144 	/* Compat messages are shorter or equal to native (+padding) */
145 	if (WARN_ON_ONCE(src_len < payload))
146 		return ERR_PTR(-EMSGSIZE);
147 
148 	nlh_dst = nlmsg_put(skb, nlh_src->nlmsg_pid, nlh_src->nlmsg_seq,
149 			    nlh_src->nlmsg_type, payload, nlh_src->nlmsg_flags);
150 	if (!nlh_dst)
151 		return ERR_PTR(-EMSGSIZE);
152 
153 	memset(nlmsg_data(nlh_dst), 0, payload);
154 
155 	switch (nlh_src->nlmsg_type) {
156 	/* Compat message has the same layout as native */
157 	case XFRM_MSG_DELSA:
158 	case XFRM_MSG_DELPOLICY:
159 	case XFRM_MSG_FLUSHSA:
160 	case XFRM_MSG_FLUSHPOLICY:
161 	case XFRM_MSG_NEWAE:
162 	case XFRM_MSG_REPORT:
163 	case XFRM_MSG_MIGRATE:
164 	case XFRM_MSG_NEWSADINFO:
165 	case XFRM_MSG_NEWSPDINFO:
166 	case XFRM_MSG_MAPPING:
167 		WARN_ON_ONCE(src_len != payload);
168 		memcpy(nlmsg_data(nlh_dst), nlmsg_data(nlh_src), src_len);
169 		break;
170 	/* 4 byte alignment for trailing u64 on native, but not on compat */
171 	case XFRM_MSG_NEWSA:
172 	case XFRM_MSG_NEWPOLICY:
173 	case XFRM_MSG_UPDSA:
174 	case XFRM_MSG_UPDPOLICY:
175 		WARN_ON_ONCE(src_len != payload + 4);
176 		memcpy(nlmsg_data(nlh_dst), nlmsg_data(nlh_src), payload);
177 		break;
178 	case XFRM_MSG_EXPIRE: {
179 		const struct xfrm_user_expire *src_ue  = nlmsg_data(nlh_src);
180 		struct compat_xfrm_user_expire *dst_ue = nlmsg_data(nlh_dst);
181 
182 		/* compat_xfrm_user_expire has 4-byte smaller state */
183 		memcpy(dst_ue, src_ue, sizeof(dst_ue->state));
184 		dst_ue->hard = src_ue->hard;
185 		break;
186 	}
187 	case XFRM_MSG_ACQUIRE: {
188 		const struct xfrm_user_acquire *src_ua  = nlmsg_data(nlh_src);
189 		struct compat_xfrm_user_acquire *dst_ua = nlmsg_data(nlh_dst);
190 
191 		memcpy(dst_ua, src_ua, offsetof(struct compat_xfrm_user_acquire, aalgos));
192 		dst_ua->aalgos = src_ua->aalgos;
193 		dst_ua->ealgos = src_ua->ealgos;
194 		dst_ua->calgos = src_ua->calgos;
195 		dst_ua->seq    = src_ua->seq;
196 		break;
197 	}
198 	case XFRM_MSG_POLEXPIRE: {
199 		const struct xfrm_user_polexpire *src_upe  = nlmsg_data(nlh_src);
200 		struct compat_xfrm_user_polexpire *dst_upe = nlmsg_data(nlh_dst);
201 
202 		/* compat_xfrm_user_polexpire has 4-byte smaller state */
203 		memcpy(dst_upe, src_upe, sizeof(dst_upe->pol));
204 		dst_upe->hard = src_upe->hard;
205 		break;
206 	}
207 	case XFRM_MSG_ALLOCSPI: {
208 		const struct xfrm_userspi_info *src_usi = nlmsg_data(nlh_src);
209 		struct compat_xfrm_userspi_info *dst_usi = nlmsg_data(nlh_dst);
210 
211 		/* compat_xfrm_user_polexpire has 4-byte smaller state */
212 		memcpy(dst_usi, src_usi, sizeof(src_usi->info));
213 		dst_usi->min = src_usi->min;
214 		dst_usi->max = src_usi->max;
215 		break;
216 	}
217 	/* Not being sent by kernel */
218 	case XFRM_MSG_GETSA:
219 	case XFRM_MSG_GETPOLICY:
220 	case XFRM_MSG_GETAE:
221 	case XFRM_MSG_GETSADINFO:
222 	case XFRM_MSG_GETSPDINFO:
223 	default:
224 		pr_warn_once("unsupported nlmsg_type %d\n", nlh_src->nlmsg_type);
225 		return ERR_PTR(-EOPNOTSUPP);
226 	}
227 
228 	return nlh_dst;
229 }
230 
231 static int xfrm_nla_cpy(struct sk_buff *dst, const struct nlattr *src, int len)
232 {
233 	return nla_put(dst, src->nla_type, len, nla_data(src));
234 }
235 
236 static int xfrm_xlate64_attr(struct sk_buff *dst, const struct nlattr *src)
237 {
238 	switch (src->nla_type) {
239 	case XFRMA_PAD:
240 		/* Ignore */
241 		return 0;
242 	case XFRMA_UNSPEC:
243 	case XFRMA_ALG_AUTH:
244 	case XFRMA_ALG_CRYPT:
245 	case XFRMA_ALG_COMP:
246 	case XFRMA_ENCAP:
247 	case XFRMA_TMPL:
248 		return xfrm_nla_cpy(dst, src, nla_len(src));
249 	case XFRMA_SA:
250 		return xfrm_nla_cpy(dst, src, XMSGSIZE(compat_xfrm_usersa_info));
251 	case XFRMA_POLICY:
252 		return xfrm_nla_cpy(dst, src, XMSGSIZE(compat_xfrm_userpolicy_info));
253 	case XFRMA_SEC_CTX:
254 		return xfrm_nla_cpy(dst, src, nla_len(src));
255 	case XFRMA_LTIME_VAL:
256 		return nla_put_64bit(dst, src->nla_type, nla_len(src),
257 			nla_data(src), XFRMA_PAD);
258 	case XFRMA_REPLAY_VAL:
259 	case XFRMA_REPLAY_THRESH:
260 	case XFRMA_ETIMER_THRESH:
261 	case XFRMA_SRCADDR:
262 	case XFRMA_COADDR:
263 		return xfrm_nla_cpy(dst, src, nla_len(src));
264 	case XFRMA_LASTUSED:
265 		return nla_put_64bit(dst, src->nla_type, nla_len(src),
266 			nla_data(src), XFRMA_PAD);
267 	case XFRMA_POLICY_TYPE:
268 	case XFRMA_MIGRATE:
269 	case XFRMA_ALG_AEAD:
270 	case XFRMA_KMADDRESS:
271 	case XFRMA_ALG_AUTH_TRUNC:
272 	case XFRMA_MARK:
273 	case XFRMA_TFCPAD:
274 	case XFRMA_REPLAY_ESN_VAL:
275 	case XFRMA_SA_EXTRA_FLAGS:
276 	case XFRMA_PROTO:
277 	case XFRMA_ADDRESS_FILTER:
278 	case XFRMA_OFFLOAD_DEV:
279 	case XFRMA_SET_MARK:
280 	case XFRMA_SET_MARK_MASK:
281 	case XFRMA_IF_ID:
282 	case XFRMA_MTIMER_THRESH:
283 	case XFRMA_SA_DIR:
284 	case XFRMA_NAT_KEEPALIVE_INTERVAL:
285 		return xfrm_nla_cpy(dst, src, nla_len(src));
286 	default:
287 		BUILD_BUG_ON(XFRMA_MAX != XFRMA_NAT_KEEPALIVE_INTERVAL);
288 		pr_warn_once("unsupported nla_type %d\n", src->nla_type);
289 		return -EOPNOTSUPP;
290 	}
291 }
292 
293 /* Take kernel-built (64bit layout) and create 32bit layout for userspace */
294 static int xfrm_xlate64(struct sk_buff *dst, const struct nlmsghdr *nlh_src)
295 {
296 	u16 type = nlh_src->nlmsg_type - XFRM_MSG_BASE;
297 	const struct nlattr *nla, *attrs;
298 	struct nlmsghdr *nlh_dst;
299 	int len, remaining;
300 
301 	nlh_dst = xfrm_nlmsg_put_compat(dst, nlh_src, type);
302 	if (IS_ERR(nlh_dst))
303 		return PTR_ERR(nlh_dst);
304 
305 	attrs = nlmsg_attrdata(nlh_src, xfrm_msg_min[type]);
306 	len = nlmsg_attrlen(nlh_src, xfrm_msg_min[type]);
307 
308 	nla_for_each_attr(nla, attrs, len, remaining) {
309 		int err;
310 
311 		switch (nlh_src->nlmsg_type) {
312 		case XFRM_MSG_NEWSPDINFO:
313 			err = xfrm_nla_cpy(dst, nla, nla_len(nla));
314 			break;
315 		default:
316 			err = xfrm_xlate64_attr(dst, nla);
317 			break;
318 		}
319 		if (err)
320 			return err;
321 	}
322 
323 	nlmsg_end(dst, nlh_dst);
324 
325 	return 0;
326 }
327 
328 static int xfrm_alloc_compat(struct sk_buff *skb, const struct nlmsghdr *nlh_src)
329 {
330 	u16 type = nlh_src->nlmsg_type - XFRM_MSG_BASE;
331 	struct sk_buff *new = NULL;
332 	int err;
333 
334 	if (type >= ARRAY_SIZE(xfrm_msg_min)) {
335 		pr_warn_once("unsupported nlmsg_type %d\n", nlh_src->nlmsg_type);
336 		return -EOPNOTSUPP;
337 	}
338 
339 	if (skb_shinfo(skb)->frag_list == NULL) {
340 		new = alloc_skb(skb->len + skb_tailroom(skb), GFP_ATOMIC);
341 		if (!new)
342 			return -ENOMEM;
343 		skb_shinfo(skb)->frag_list = new;
344 	}
345 
346 	err = xfrm_xlate64(skb_shinfo(skb)->frag_list, nlh_src);
347 	if (err) {
348 		if (new) {
349 			kfree_skb(new);
350 			skb_shinfo(skb)->frag_list = NULL;
351 		}
352 		return err;
353 	}
354 
355 	return 0;
356 }
357 
358 /* Calculates len of translated 64-bit message. */
359 static size_t xfrm_user_rcv_calculate_len64(const struct nlmsghdr *src,
360 					    struct nlattr *attrs[XFRMA_MAX + 1],
361 					    int maxtype)
362 {
363 	size_t len = nlmsg_len(src);
364 
365 	switch (src->nlmsg_type) {
366 	case XFRM_MSG_NEWSA:
367 	case XFRM_MSG_NEWPOLICY:
368 	case XFRM_MSG_ALLOCSPI:
369 	case XFRM_MSG_ACQUIRE:
370 	case XFRM_MSG_UPDPOLICY:
371 	case XFRM_MSG_UPDSA:
372 		len += 4;
373 		break;
374 	case XFRM_MSG_EXPIRE:
375 	case XFRM_MSG_POLEXPIRE:
376 		len += 8;
377 		break;
378 	case XFRM_MSG_NEWSPDINFO:
379 		/* attirbutes are xfrm_spdattr_type_t, not xfrm_attr_type_t */
380 		return len;
381 	default:
382 		break;
383 	}
384 
385 	/* Unexpected for anything, but XFRM_MSG_NEWSPDINFO, please
386 	 * correct both 64=>32-bit and 32=>64-bit translators to copy
387 	 * new attributes.
388 	 */
389 	if (WARN_ON_ONCE(maxtype))
390 		return len;
391 
392 	if (attrs[XFRMA_SA])
393 		len += 4;
394 	if (attrs[XFRMA_POLICY])
395 		len += 4;
396 
397 	/* XXX: some attrs may need to be realigned
398 	 * if !CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS
399 	 */
400 
401 	return len;
402 }
403 
404 static int xfrm_attr_cpy32(void *dst, size_t *pos, const struct nlattr *src,
405 			   size_t size, int copy_len, int payload)
406 {
407 	struct nlmsghdr *nlmsg = dst;
408 	struct nlattr *nla;
409 
410 	/* xfrm_user_rcv_msg_compat() relies on fact that 32-bit messages
411 	 * have the same len or shorted than 64-bit ones.
412 	 * 32-bit translation that is bigger than 64-bit original is unexpected.
413 	 */
414 	if (WARN_ON_ONCE(copy_len > payload))
415 		copy_len = payload;
416 
417 	if (size - *pos < nla_attr_size(payload))
418 		return -ENOBUFS;
419 
420 	nla = dst + *pos;
421 
422 	memcpy(nla, src, nla_attr_size(copy_len));
423 	nla->nla_len = nla_attr_size(payload);
424 	*pos += nla_attr_size(copy_len);
425 	nlmsg->nlmsg_len += nla->nla_len;
426 
427 	memset(dst + *pos, 0, payload - copy_len);
428 	*pos += payload - copy_len;
429 
430 	return 0;
431 }
432 
433 static int xfrm_xlate32_attr(void *dst, const struct nlattr *nla,
434 			     size_t *pos, size_t size,
435 			     struct netlink_ext_ack *extack)
436 {
437 	int type = nla_type(nla);
438 	u16 pol_len32, pol_len64;
439 	int err;
440 
441 	if (type > XFRMA_MAX) {
442 		BUILD_BUG_ON(XFRMA_MAX != XFRMA_NAT_KEEPALIVE_INTERVAL);
443 		NL_SET_ERR_MSG(extack, "Bad attribute");
444 		return -EOPNOTSUPP;
445 	}
446 	type = array_index_nospec(type, XFRMA_MAX + 1);
447 	if (nla_len(nla) < compat_policy[type].len) {
448 		NL_SET_ERR_MSG(extack, "Attribute bad length");
449 		return -EOPNOTSUPP;
450 	}
451 
452 	pol_len32 = compat_policy[type].len;
453 	pol_len64 = xfrma_policy[type].len;
454 
455 	/* XFRMA_SA and XFRMA_POLICY - need to know how-to translate */
456 	if (pol_len32 != pol_len64) {
457 		if (nla_len(nla) != compat_policy[type].len) {
458 			NL_SET_ERR_MSG(extack, "Attribute bad length");
459 			return -EOPNOTSUPP;
460 		}
461 		err = xfrm_attr_cpy32(dst, pos, nla, size, pol_len32, pol_len64);
462 		if (err)
463 			return err;
464 	}
465 
466 	return xfrm_attr_cpy32(dst, pos, nla, size, nla_len(nla), nla_len(nla));
467 }
468 
469 static int xfrm_xlate32(struct nlmsghdr *dst, const struct nlmsghdr *src,
470 			struct nlattr *attrs[XFRMA_MAX+1],
471 			size_t size, u8 type, int maxtype,
472 			struct netlink_ext_ack *extack)
473 {
474 	size_t pos;
475 	int i;
476 
477 	memcpy(dst, src, NLMSG_HDRLEN);
478 	dst->nlmsg_len = NLMSG_HDRLEN + xfrm_msg_min[type];
479 	memset(nlmsg_data(dst), 0, xfrm_msg_min[type]);
480 
481 	switch (src->nlmsg_type) {
482 	/* Compat message has the same layout as native */
483 	case XFRM_MSG_DELSA:
484 	case XFRM_MSG_GETSA:
485 	case XFRM_MSG_DELPOLICY:
486 	case XFRM_MSG_GETPOLICY:
487 	case XFRM_MSG_FLUSHSA:
488 	case XFRM_MSG_FLUSHPOLICY:
489 	case XFRM_MSG_NEWAE:
490 	case XFRM_MSG_GETAE:
491 	case XFRM_MSG_REPORT:
492 	case XFRM_MSG_MIGRATE:
493 	case XFRM_MSG_NEWSADINFO:
494 	case XFRM_MSG_GETSADINFO:
495 	case XFRM_MSG_NEWSPDINFO:
496 	case XFRM_MSG_GETSPDINFO:
497 	case XFRM_MSG_MAPPING:
498 		memcpy(nlmsg_data(dst), nlmsg_data(src), compat_msg_min[type]);
499 		break;
500 	/* 4 byte alignment for trailing u64 on native, but not on compat */
501 	case XFRM_MSG_NEWSA:
502 	case XFRM_MSG_NEWPOLICY:
503 	case XFRM_MSG_UPDSA:
504 	case XFRM_MSG_UPDPOLICY:
505 		memcpy(nlmsg_data(dst), nlmsg_data(src), compat_msg_min[type]);
506 		break;
507 	case XFRM_MSG_EXPIRE: {
508 		const struct compat_xfrm_user_expire *src_ue = nlmsg_data(src);
509 		struct xfrm_user_expire *dst_ue = nlmsg_data(dst);
510 
511 		/* compat_xfrm_user_expire has 4-byte smaller state */
512 		memcpy(dst_ue, src_ue, sizeof(src_ue->state));
513 		dst_ue->hard = src_ue->hard;
514 		break;
515 	}
516 	case XFRM_MSG_ACQUIRE: {
517 		const struct compat_xfrm_user_acquire *src_ua = nlmsg_data(src);
518 		struct xfrm_user_acquire *dst_ua = nlmsg_data(dst);
519 
520 		memcpy(dst_ua, src_ua, offsetof(struct compat_xfrm_user_acquire, aalgos));
521 		dst_ua->aalgos = src_ua->aalgos;
522 		dst_ua->ealgos = src_ua->ealgos;
523 		dst_ua->calgos = src_ua->calgos;
524 		dst_ua->seq    = src_ua->seq;
525 		break;
526 	}
527 	case XFRM_MSG_POLEXPIRE: {
528 		const struct compat_xfrm_user_polexpire *src_upe = nlmsg_data(src);
529 		struct xfrm_user_polexpire *dst_upe = nlmsg_data(dst);
530 
531 		/* compat_xfrm_user_polexpire has 4-byte smaller state */
532 		memcpy(dst_upe, src_upe, sizeof(src_upe->pol));
533 		dst_upe->hard = src_upe->hard;
534 		break;
535 	}
536 	case XFRM_MSG_ALLOCSPI: {
537 		const struct compat_xfrm_userspi_info *src_usi = nlmsg_data(src);
538 		struct xfrm_userspi_info *dst_usi = nlmsg_data(dst);
539 
540 		/* compat_xfrm_user_polexpire has 4-byte smaller state */
541 		memcpy(dst_usi, src_usi, sizeof(src_usi->info));
542 		dst_usi->min = src_usi->min;
543 		dst_usi->max = src_usi->max;
544 		break;
545 	}
546 	default:
547 		NL_SET_ERR_MSG(extack, "Unsupported message type");
548 		return -EOPNOTSUPP;
549 	}
550 	pos = dst->nlmsg_len;
551 
552 	if (maxtype) {
553 		/* attirbutes are xfrm_spdattr_type_t, not xfrm_attr_type_t */
554 		WARN_ON_ONCE(src->nlmsg_type != XFRM_MSG_NEWSPDINFO);
555 
556 		for (i = 1; i <= maxtype; i++) {
557 			int err;
558 
559 			if (!attrs[i])
560 				continue;
561 
562 			/* just copy - no need for translation */
563 			err = xfrm_attr_cpy32(dst, &pos, attrs[i], size,
564 					nla_len(attrs[i]), nla_len(attrs[i]));
565 			if (err)
566 				return err;
567 		}
568 		return 0;
569 	}
570 
571 	for (i = 1; i < XFRMA_MAX + 1; i++) {
572 		int err;
573 
574 		if (i == XFRMA_PAD)
575 			continue;
576 
577 		if (!attrs[i])
578 			continue;
579 
580 		err = xfrm_xlate32_attr(dst, attrs[i], &pos, size, extack);
581 		if (err)
582 			return err;
583 	}
584 
585 	return 0;
586 }
587 
588 static struct nlmsghdr *xfrm_user_rcv_msg_compat(const struct nlmsghdr *h32,
589 			int maxtype, const struct nla_policy *policy,
590 			struct netlink_ext_ack *extack)
591 {
592 	/* netlink_rcv_skb() checks if a message has full (struct nlmsghdr) */
593 	u16 type = h32->nlmsg_type - XFRM_MSG_BASE;
594 	struct nlattr *attrs[XFRMA_MAX+1];
595 	struct nlmsghdr *h64;
596 	size_t len;
597 	int err;
598 
599 	BUILD_BUG_ON(ARRAY_SIZE(xfrm_msg_min) != ARRAY_SIZE(compat_msg_min));
600 
601 	if (type >= ARRAY_SIZE(xfrm_msg_min))
602 		return ERR_PTR(-EINVAL);
603 
604 	/* Don't call parse: the message might have only nlmsg header */
605 	if ((h32->nlmsg_type == XFRM_MSG_GETSA ||
606 	     h32->nlmsg_type == XFRM_MSG_GETPOLICY) &&
607 	    (h32->nlmsg_flags & NLM_F_DUMP))
608 		return NULL;
609 
610 	err = nlmsg_parse_deprecated(h32, compat_msg_min[type], attrs,
611 			maxtype ? : XFRMA_MAX, policy ? : compat_policy, extack);
612 	if (err < 0)
613 		return ERR_PTR(err);
614 
615 	len = xfrm_user_rcv_calculate_len64(h32, attrs, maxtype);
616 	/* The message doesn't need translation */
617 	if (len == nlmsg_len(h32))
618 		return NULL;
619 
620 	len += NLMSG_HDRLEN;
621 	h64 = kvmalloc(len, GFP_KERNEL);
622 	if (!h64)
623 		return ERR_PTR(-ENOMEM);
624 
625 	err = xfrm_xlate32(h64, h32, attrs, len, type, maxtype, extack);
626 	if (err < 0) {
627 		kvfree(h64);
628 		return ERR_PTR(err);
629 	}
630 
631 	return h64;
632 }
633 
634 static int xfrm_user_policy_compat(u8 **pdata32, int optlen)
635 {
636 	struct compat_xfrm_userpolicy_info *p = (void *)*pdata32;
637 	u8 *src_templates, *dst_templates;
638 	u8 *data64;
639 
640 	if (optlen < sizeof(*p))
641 		return -EINVAL;
642 
643 	data64 = kmalloc_track_caller(optlen + 4, GFP_USER | __GFP_NOWARN);
644 	if (!data64)
645 		return -ENOMEM;
646 
647 	memcpy(data64, *pdata32, sizeof(*p));
648 	memset(data64 + sizeof(*p), 0, 4);
649 
650 	src_templates = *pdata32 + sizeof(*p);
651 	dst_templates = data64 + sizeof(*p) + 4;
652 	memcpy(dst_templates, src_templates, optlen - sizeof(*p));
653 
654 	kfree(*pdata32);
655 	*pdata32 = data64;
656 	return 0;
657 }
658 
659 static struct xfrm_translator xfrm_translator = {
660 	.owner				= THIS_MODULE,
661 	.alloc_compat			= xfrm_alloc_compat,
662 	.rcv_msg_compat			= xfrm_user_rcv_msg_compat,
663 	.xlate_user_policy_sockptr	= xfrm_user_policy_compat,
664 };
665 
666 static int __init xfrm_compat_init(void)
667 {
668 	return xfrm_register_translator(&xfrm_translator);
669 }
670 
671 static void __exit xfrm_compat_exit(void)
672 {
673 	xfrm_unregister_translator(&xfrm_translator);
674 }
675 
676 module_init(xfrm_compat_init);
677 module_exit(xfrm_compat_exit);
678 MODULE_LICENSE("GPL");
679 MODULE_AUTHOR("Dmitry Safonov");
680 MODULE_DESCRIPTION("XFRM 32-bit compatibility layer");
681