1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
18
19#include <net/sock.h>
20#include <net/genetlink.h>
21#include <net/udp.h>
22#include <linux/in.h>
23#include <linux/udp.h>
24#include <linux/socket.h>
25#include <linux/module.h>
26#include <linux/list.h>
27#include <net/net_namespace.h>
28
29#include <linux/l2tp.h>
30
31#include "l2tp_core.h"
32
33
34static struct genl_family l2tp_nl_family;
35
36static const struct genl_multicast_group l2tp_multicast_group[] = {
37 {
38 .name = L2TP_GENL_MCGROUP,
39 },
40};
41
42static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq,
43 int flags, struct l2tp_tunnel *tunnel, u8 cmd);
44static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq,
45 int flags, struct l2tp_session *session,
46 u8 cmd);
47
48
49static const struct l2tp_nl_cmd_ops *l2tp_nl_cmd_ops[__L2TP_PWTYPE_MAX];
50
51static struct l2tp_session *l2tp_nl_session_get(struct genl_info *info,
52 bool do_ref)
53{
54 u32 tunnel_id;
55 u32 session_id;
56 char *ifname;
57 struct l2tp_tunnel *tunnel;
58 struct l2tp_session *session = NULL;
59 struct net *net = genl_info_net(info);
60
61 if (info->attrs[L2TP_ATTR_IFNAME]) {
62 ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]);
63 session = l2tp_session_get_by_ifname(net, ifname, do_ref);
64 } else if ((info->attrs[L2TP_ATTR_SESSION_ID]) &&
65 (info->attrs[L2TP_ATTR_CONN_ID])) {
66 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
67 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]);
68 tunnel = l2tp_tunnel_get(net, tunnel_id);
69 if (tunnel) {
70 session = l2tp_session_get(net, tunnel, session_id,
71 do_ref);
72 l2tp_tunnel_dec_refcount(tunnel);
73 }
74 }
75
76 return session;
77}
78
79static int l2tp_nl_cmd_noop(struct sk_buff *skb, struct genl_info *info)
80{
81 struct sk_buff *msg;
82 void *hdr;
83 int ret = -ENOBUFS;
84
85 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
86 if (!msg) {
87 ret = -ENOMEM;
88 goto out;
89 }
90
91 hdr = genlmsg_put(msg, info->snd_portid, info->snd_seq,
92 &l2tp_nl_family, 0, L2TP_CMD_NOOP);
93 if (!hdr) {
94 ret = -EMSGSIZE;
95 goto err_out;
96 }
97
98 genlmsg_end(msg, hdr);
99
100 return genlmsg_unicast(genl_info_net(info), msg, info->snd_portid);
101
102err_out:
103 nlmsg_free(msg);
104
105out:
106 return ret;
107}
108
109static int l2tp_tunnel_notify(struct genl_family *family,
110 struct genl_info *info,
111 struct l2tp_tunnel *tunnel,
112 u8 cmd)
113{
114 struct sk_buff *msg;
115 int ret;
116
117 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
118 if (!msg)
119 return -ENOMEM;
120
121 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq,
122 NLM_F_ACK, tunnel, cmd);
123
124 if (ret >= 0) {
125 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC);
126
127 if (ret == -ESRCH)
128 ret = 0;
129 return ret;
130 }
131
132 nlmsg_free(msg);
133
134 return ret;
135}
136
137static int l2tp_session_notify(struct genl_family *family,
138 struct genl_info *info,
139 struct l2tp_session *session,
140 u8 cmd)
141{
142 struct sk_buff *msg;
143 int ret;
144
145 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
146 if (!msg)
147 return -ENOMEM;
148
149 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq,
150 NLM_F_ACK, session, cmd);
151
152 if (ret >= 0) {
153 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC);
154
155 if (ret == -ESRCH)
156 ret = 0;
157 return ret;
158 }
159
160 nlmsg_free(msg);
161
162 return ret;
163}
164
165static int l2tp_nl_cmd_tunnel_create(struct sk_buff *skb, struct genl_info *info)
166{
167 u32 tunnel_id;
168 u32 peer_tunnel_id;
169 int proto_version;
170 int fd;
171 int ret = 0;
172 struct l2tp_tunnel_cfg cfg = { 0, };
173 struct l2tp_tunnel *tunnel;
174 struct net *net = genl_info_net(info);
175
176 if (!info->attrs[L2TP_ATTR_CONN_ID]) {
177 ret = -EINVAL;
178 goto out;
179 }
180 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
181
182 if (!info->attrs[L2TP_ATTR_PEER_CONN_ID]) {
183 ret = -EINVAL;
184 goto out;
185 }
186 peer_tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_CONN_ID]);
187
188 if (!info->attrs[L2TP_ATTR_PROTO_VERSION]) {
189 ret = -EINVAL;
190 goto out;
191 }
192 proto_version = nla_get_u8(info->attrs[L2TP_ATTR_PROTO_VERSION]);
193
194 if (!info->attrs[L2TP_ATTR_ENCAP_TYPE]) {
195 ret = -EINVAL;
196 goto out;
197 }
198 cfg.encap = nla_get_u16(info->attrs[L2TP_ATTR_ENCAP_TYPE]);
199
200 fd = -1;
201 if (info->attrs[L2TP_ATTR_FD]) {
202 fd = nla_get_u32(info->attrs[L2TP_ATTR_FD]);
203 } else {
204#if IS_ENABLED(CONFIG_IPV6)
205 if (info->attrs[L2TP_ATTR_IP6_SADDR] &&
206 info->attrs[L2TP_ATTR_IP6_DADDR]) {
207 cfg.local_ip6 = nla_data(
208 info->attrs[L2TP_ATTR_IP6_SADDR]);
209 cfg.peer_ip6 = nla_data(
210 info->attrs[L2TP_ATTR_IP6_DADDR]);
211 } else
212#endif
213 if (info->attrs[L2TP_ATTR_IP_SADDR] &&
214 info->attrs[L2TP_ATTR_IP_DADDR]) {
215 cfg.local_ip.s_addr = nla_get_in_addr(
216 info->attrs[L2TP_ATTR_IP_SADDR]);
217 cfg.peer_ip.s_addr = nla_get_in_addr(
218 info->attrs[L2TP_ATTR_IP_DADDR]);
219 } else {
220 ret = -EINVAL;
221 goto out;
222 }
223 if (info->attrs[L2TP_ATTR_UDP_SPORT])
224 cfg.local_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_SPORT]);
225 if (info->attrs[L2TP_ATTR_UDP_DPORT])
226 cfg.peer_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_DPORT]);
227 cfg.use_udp_checksums = nla_get_flag(
228 info->attrs[L2TP_ATTR_UDP_CSUM]);
229
230#if IS_ENABLED(CONFIG_IPV6)
231 cfg.udp6_zero_tx_checksums = nla_get_flag(
232 info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_TX]);
233 cfg.udp6_zero_rx_checksums = nla_get_flag(
234 info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_RX]);
235#endif
236 }
237
238 if (info->attrs[L2TP_ATTR_DEBUG])
239 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]);
240
241 tunnel = l2tp_tunnel_find(net, tunnel_id);
242 if (tunnel != NULL) {
243 ret = -EEXIST;
244 goto out;
245 }
246
247 ret = -EINVAL;
248 switch (cfg.encap) {
249 case L2TP_ENCAPTYPE_UDP:
250 case L2TP_ENCAPTYPE_IP:
251 ret = l2tp_tunnel_create(net, fd, proto_version, tunnel_id,
252 peer_tunnel_id, &cfg, &tunnel);
253 break;
254 }
255
256 if (ret >= 0)
257 ret = l2tp_tunnel_notify(&l2tp_nl_family, info,
258 tunnel, L2TP_CMD_TUNNEL_CREATE);
259out:
260 return ret;
261}
262
263static int l2tp_nl_cmd_tunnel_delete(struct sk_buff *skb, struct genl_info *info)
264{
265 struct l2tp_tunnel *tunnel;
266 u32 tunnel_id;
267 int ret = 0;
268 struct net *net = genl_info_net(info);
269
270 if (!info->attrs[L2TP_ATTR_CONN_ID]) {
271 ret = -EINVAL;
272 goto out;
273 }
274 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
275
276 tunnel = l2tp_tunnel_get(net, tunnel_id);
277 if (!tunnel) {
278 ret = -ENODEV;
279 goto out;
280 }
281
282 l2tp_tunnel_notify(&l2tp_nl_family, info,
283 tunnel, L2TP_CMD_TUNNEL_DELETE);
284
285 (void) l2tp_tunnel_delete(tunnel);
286
287 l2tp_tunnel_dec_refcount(tunnel);
288
289out:
290 return ret;
291}
292
293static int l2tp_nl_cmd_tunnel_modify(struct sk_buff *skb, struct genl_info *info)
294{
295 struct l2tp_tunnel *tunnel;
296 u32 tunnel_id;
297 int ret = 0;
298 struct net *net = genl_info_net(info);
299
300 if (!info->attrs[L2TP_ATTR_CONN_ID]) {
301 ret = -EINVAL;
302 goto out;
303 }
304 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
305
306 tunnel = l2tp_tunnel_get(net, tunnel_id);
307 if (!tunnel) {
308 ret = -ENODEV;
309 goto out;
310 }
311
312 if (info->attrs[L2TP_ATTR_DEBUG])
313 tunnel->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]);
314
315 ret = l2tp_tunnel_notify(&l2tp_nl_family, info,
316 tunnel, L2TP_CMD_TUNNEL_MODIFY);
317
318 l2tp_tunnel_dec_refcount(tunnel);
319
320out:
321 return ret;
322}
323
324static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, int flags,
325 struct l2tp_tunnel *tunnel, u8 cmd)
326{
327 void *hdr;
328 struct nlattr *nest;
329 struct sock *sk = NULL;
330 struct inet_sock *inet;
331#if IS_ENABLED(CONFIG_IPV6)
332 struct ipv6_pinfo *np = NULL;
333#endif
334
335 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd);
336 if (!hdr)
337 return -EMSGSIZE;
338
339 if (nla_put_u8(skb, L2TP_ATTR_PROTO_VERSION, tunnel->version) ||
340 nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) ||
341 nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) ||
342 nla_put_u32(skb, L2TP_ATTR_DEBUG, tunnel->debug) ||
343 nla_put_u16(skb, L2TP_ATTR_ENCAP_TYPE, tunnel->encap))
344 goto nla_put_failure;
345
346 nest = nla_nest_start(skb, L2TP_ATTR_STATS);
347 if (nest == NULL)
348 goto nla_put_failure;
349
350 if (nla_put_u64_64bit(skb, L2TP_ATTR_TX_PACKETS,
351 atomic_long_read(&tunnel->stats.tx_packets),
352 L2TP_ATTR_STATS_PAD) ||
353 nla_put_u64_64bit(skb, L2TP_ATTR_TX_BYTES,
354 atomic_long_read(&tunnel->stats.tx_bytes),
355 L2TP_ATTR_STATS_PAD) ||
356 nla_put_u64_64bit(skb, L2TP_ATTR_TX_ERRORS,
357 atomic_long_read(&tunnel->stats.tx_errors),
358 L2TP_ATTR_STATS_PAD) ||
359 nla_put_u64_64bit(skb, L2TP_ATTR_RX_PACKETS,
360 atomic_long_read(&tunnel->stats.rx_packets),
361 L2TP_ATTR_STATS_PAD) ||
362 nla_put_u64_64bit(skb, L2TP_ATTR_RX_BYTES,
363 atomic_long_read(&tunnel->stats.rx_bytes),
364 L2TP_ATTR_STATS_PAD) ||
365 nla_put_u64_64bit(skb, L2TP_ATTR_RX_SEQ_DISCARDS,
366 atomic_long_read(&tunnel->stats.rx_seq_discards),
367 L2TP_ATTR_STATS_PAD) ||
368 nla_put_u64_64bit(skb, L2TP_ATTR_RX_OOS_PACKETS,
369 atomic_long_read(&tunnel->stats.rx_oos_packets),
370 L2TP_ATTR_STATS_PAD) ||
371 nla_put_u64_64bit(skb, L2TP_ATTR_RX_ERRORS,
372 atomic_long_read(&tunnel->stats.rx_errors),
373 L2TP_ATTR_STATS_PAD))
374 goto nla_put_failure;
375 nla_nest_end(skb, nest);
376
377 sk = tunnel->sock;
378 if (!sk)
379 goto out;
380
381#if IS_ENABLED(CONFIG_IPV6)
382 if (sk->sk_family == AF_INET6)
383 np = inet6_sk(sk);
384#endif
385
386 inet = inet_sk(sk);
387
388 switch (tunnel->encap) {
389 case L2TP_ENCAPTYPE_UDP:
390 switch (sk->sk_family) {
391 case AF_INET:
392 if (nla_put_u8(skb, L2TP_ATTR_UDP_CSUM, !sk->sk_no_check_tx))
393 goto nla_put_failure;
394 break;
395#if IS_ENABLED(CONFIG_IPV6)
396 case AF_INET6:
397 if (udp_get_no_check6_tx(sk) &&
398 nla_put_flag(skb, L2TP_ATTR_UDP_ZERO_CSUM6_TX))
399 goto nla_put_failure;
400 if (udp_get_no_check6_rx(sk) &&
401 nla_put_flag(skb, L2TP_ATTR_UDP_ZERO_CSUM6_RX))
402 goto nla_put_failure;
403 break;
404#endif
405 }
406 if (nla_put_u16(skb, L2TP_ATTR_UDP_SPORT, ntohs(inet->inet_sport)) ||
407 nla_put_u16(skb, L2TP_ATTR_UDP_DPORT, ntohs(inet->inet_dport)))
408 goto nla_put_failure;
409
410 case L2TP_ENCAPTYPE_IP:
411#if IS_ENABLED(CONFIG_IPV6)
412 if (np) {
413 if (nla_put_in6_addr(skb, L2TP_ATTR_IP6_SADDR,
414 &np->saddr) ||
415 nla_put_in6_addr(skb, L2TP_ATTR_IP6_DADDR,
416 &sk->sk_v6_daddr))
417 goto nla_put_failure;
418 } else
419#endif
420 if (nla_put_in_addr(skb, L2TP_ATTR_IP_SADDR,
421 inet->inet_saddr) ||
422 nla_put_in_addr(skb, L2TP_ATTR_IP_DADDR,
423 inet->inet_daddr))
424 goto nla_put_failure;
425 break;
426 }
427
428out:
429 genlmsg_end(skb, hdr);
430 return 0;
431
432nla_put_failure:
433 genlmsg_cancel(skb, hdr);
434 return -1;
435}
436
437static int l2tp_nl_cmd_tunnel_get(struct sk_buff *skb, struct genl_info *info)
438{
439 struct l2tp_tunnel *tunnel;
440 struct sk_buff *msg;
441 u32 tunnel_id;
442 int ret = -ENOBUFS;
443 struct net *net = genl_info_net(info);
444
445 if (!info->attrs[L2TP_ATTR_CONN_ID]) {
446 ret = -EINVAL;
447 goto err;
448 }
449
450 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
451
452 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
453 if (!msg) {
454 ret = -ENOMEM;
455 goto err;
456 }
457
458 tunnel = l2tp_tunnel_get(net, tunnel_id);
459 if (!tunnel) {
460 ret = -ENODEV;
461 goto err_nlmsg;
462 }
463
464 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq,
465 NLM_F_ACK, tunnel, L2TP_CMD_TUNNEL_GET);
466 if (ret < 0)
467 goto err_nlmsg_tunnel;
468
469 l2tp_tunnel_dec_refcount(tunnel);
470
471 return genlmsg_unicast(net, msg, info->snd_portid);
472
473err_nlmsg_tunnel:
474 l2tp_tunnel_dec_refcount(tunnel);
475err_nlmsg:
476 nlmsg_free(msg);
477err:
478 return ret;
479}
480
481static int l2tp_nl_cmd_tunnel_dump(struct sk_buff *skb, struct netlink_callback *cb)
482{
483 int ti = cb->args[0];
484 struct l2tp_tunnel *tunnel;
485 struct net *net = sock_net(skb->sk);
486
487 for (;;) {
488 tunnel = l2tp_tunnel_find_nth(net, ti);
489 if (tunnel == NULL)
490 goto out;
491
492 if (l2tp_nl_tunnel_send(skb, NETLINK_CB(cb->skb).portid,
493 cb->nlh->nlmsg_seq, NLM_F_MULTI,
494 tunnel, L2TP_CMD_TUNNEL_GET) < 0)
495 goto out;
496
497 ti++;
498 }
499
500out:
501 cb->args[0] = ti;
502
503 return skb->len;
504}
505
506static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *info)
507{
508 u32 tunnel_id = 0;
509 u32 session_id;
510 u32 peer_session_id;
511 int ret = 0;
512 struct l2tp_tunnel *tunnel;
513 struct l2tp_session *session;
514 struct l2tp_session_cfg cfg = { 0, };
515 struct net *net = genl_info_net(info);
516
517 if (!info->attrs[L2TP_ATTR_CONN_ID]) {
518 ret = -EINVAL;
519 goto out;
520 }
521
522 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
523 tunnel = l2tp_tunnel_get(net, tunnel_id);
524 if (!tunnel) {
525 ret = -ENODEV;
526 goto out;
527 }
528
529 if (!info->attrs[L2TP_ATTR_SESSION_ID]) {
530 ret = -EINVAL;
531 goto out_tunnel;
532 }
533 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]);
534
535 if (!info->attrs[L2TP_ATTR_PEER_SESSION_ID]) {
536 ret = -EINVAL;
537 goto out_tunnel;
538 }
539 peer_session_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_SESSION_ID]);
540
541 if (!info->attrs[L2TP_ATTR_PW_TYPE]) {
542 ret = -EINVAL;
543 goto out_tunnel;
544 }
545 cfg.pw_type = nla_get_u16(info->attrs[L2TP_ATTR_PW_TYPE]);
546 if (cfg.pw_type >= __L2TP_PWTYPE_MAX) {
547 ret = -EINVAL;
548 goto out_tunnel;
549 }
550
551 if (tunnel->version > 2) {
552 if (info->attrs[L2TP_ATTR_OFFSET])
553 cfg.offset = nla_get_u16(info->attrs[L2TP_ATTR_OFFSET]);
554
555 if (info->attrs[L2TP_ATTR_DATA_SEQ])
556 cfg.data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]);
557
558 cfg.l2specific_type = L2TP_L2SPECTYPE_DEFAULT;
559 if (info->attrs[L2TP_ATTR_L2SPEC_TYPE])
560 cfg.l2specific_type = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_TYPE]);
561
562 cfg.l2specific_len = 4;
563 if (info->attrs[L2TP_ATTR_L2SPEC_LEN])
564 cfg.l2specific_len = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_LEN]);
565
566 if (info->attrs[L2TP_ATTR_COOKIE]) {
567 u16 len = nla_len(info->attrs[L2TP_ATTR_COOKIE]);
568 if (len > 8) {
569 ret = -EINVAL;
570 goto out_tunnel;
571 }
572 cfg.cookie_len = len;
573 memcpy(&cfg.cookie[0], nla_data(info->attrs[L2TP_ATTR_COOKIE]), len);
574 }
575 if (info->attrs[L2TP_ATTR_PEER_COOKIE]) {
576 u16 len = nla_len(info->attrs[L2TP_ATTR_PEER_COOKIE]);
577 if (len > 8) {
578 ret = -EINVAL;
579 goto out_tunnel;
580 }
581 cfg.peer_cookie_len = len;
582 memcpy(&cfg.peer_cookie[0], nla_data(info->attrs[L2TP_ATTR_PEER_COOKIE]), len);
583 }
584 if (info->attrs[L2TP_ATTR_IFNAME])
585 cfg.ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]);
586
587 if (info->attrs[L2TP_ATTR_VLAN_ID])
588 cfg.vlan_id = nla_get_u16(info->attrs[L2TP_ATTR_VLAN_ID]);
589 }
590
591 if (info->attrs[L2TP_ATTR_DEBUG])
592 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]);
593
594 if (info->attrs[L2TP_ATTR_RECV_SEQ])
595 cfg.recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]);
596
597 if (info->attrs[L2TP_ATTR_SEND_SEQ])
598 cfg.send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]);
599
600 if (info->attrs[L2TP_ATTR_LNS_MODE])
601 cfg.lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]);
602
603 if (info->attrs[L2TP_ATTR_RECV_TIMEOUT])
604 cfg.reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]);
605
606 if (info->attrs[L2TP_ATTR_MTU])
607 cfg.mtu = nla_get_u16(info->attrs[L2TP_ATTR_MTU]);
608
609 if (info->attrs[L2TP_ATTR_MRU])
610 cfg.mru = nla_get_u16(info->attrs[L2TP_ATTR_MRU]);
611
612#ifdef CONFIG_MODULES
613 if (l2tp_nl_cmd_ops[cfg.pw_type] == NULL) {
614 genl_unlock();
615 request_module("net-l2tp-type-%u", cfg.pw_type);
616 genl_lock();
617 }
618#endif
619 if ((l2tp_nl_cmd_ops[cfg.pw_type] == NULL) ||
620 (l2tp_nl_cmd_ops[cfg.pw_type]->session_create == NULL)) {
621 ret = -EPROTONOSUPPORT;
622 goto out_tunnel;
623 }
624
625
626 switch (cfg.pw_type) {
627 case L2TP_PWTYPE_NONE:
628 break;
629 case L2TP_PWTYPE_ETH_VLAN:
630 if (!info->attrs[L2TP_ATTR_VLAN_ID]) {
631 ret = -EINVAL;
632 goto out_tunnel;
633 }
634 break;
635 case L2TP_PWTYPE_ETH:
636 break;
637 case L2TP_PWTYPE_PPP:
638 case L2TP_PWTYPE_PPP_AC:
639 break;
640 case L2TP_PWTYPE_IP:
641 default:
642 ret = -EPROTONOSUPPORT;
643 break;
644 }
645
646 ret = -EPROTONOSUPPORT;
647 if (l2tp_nl_cmd_ops[cfg.pw_type]->session_create)
648 ret = (*l2tp_nl_cmd_ops[cfg.pw_type]->session_create)(net, tunnel_id,
649 session_id, peer_session_id, &cfg);
650
651 if (ret >= 0) {
652 session = l2tp_session_get(net, tunnel, session_id, false);
653 if (session) {
654 ret = l2tp_session_notify(&l2tp_nl_family, info, session,
655 L2TP_CMD_SESSION_CREATE);
656 l2tp_session_dec_refcount(session);
657 }
658 }
659
660out_tunnel:
661 l2tp_tunnel_dec_refcount(tunnel);
662out:
663 return ret;
664}
665
666static int l2tp_nl_cmd_session_delete(struct sk_buff *skb, struct genl_info *info)
667{
668 int ret = 0;
669 struct l2tp_session *session;
670 u16 pw_type;
671
672 session = l2tp_nl_session_get(info, true);
673 if (session == NULL) {
674 ret = -ENODEV;
675 goto out;
676 }
677
678 l2tp_session_notify(&l2tp_nl_family, info,
679 session, L2TP_CMD_SESSION_DELETE);
680
681 pw_type = session->pwtype;
682 if (pw_type < __L2TP_PWTYPE_MAX)
683 if (l2tp_nl_cmd_ops[pw_type] && l2tp_nl_cmd_ops[pw_type]->session_delete)
684 ret = (*l2tp_nl_cmd_ops[pw_type]->session_delete)(session);
685
686 if (session->deref)
687 session->deref(session);
688 l2tp_session_dec_refcount(session);
689
690out:
691 return ret;
692}
693
694static int l2tp_nl_cmd_session_modify(struct sk_buff *skb, struct genl_info *info)
695{
696 int ret = 0;
697 struct l2tp_session *session;
698
699 session = l2tp_nl_session_get(info, false);
700 if (session == NULL) {
701 ret = -ENODEV;
702 goto out;
703 }
704
705 if (info->attrs[L2TP_ATTR_DEBUG])
706 session->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]);
707
708 if (info->attrs[L2TP_ATTR_DATA_SEQ])
709 session->data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]);
710
711 if (info->attrs[L2TP_ATTR_RECV_SEQ])
712 session->recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]);
713
714 if (info->attrs[L2TP_ATTR_SEND_SEQ]) {
715 session->send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]);
716 l2tp_session_set_header_len(session, session->tunnel->version);
717 }
718
719 if (info->attrs[L2TP_ATTR_LNS_MODE])
720 session->lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]);
721
722 if (info->attrs[L2TP_ATTR_RECV_TIMEOUT])
723 session->reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]);
724
725 if (info->attrs[L2TP_ATTR_MTU])
726 session->mtu = nla_get_u16(info->attrs[L2TP_ATTR_MTU]);
727
728 if (info->attrs[L2TP_ATTR_MRU])
729 session->mru = nla_get_u16(info->attrs[L2TP_ATTR_MRU]);
730
731 ret = l2tp_session_notify(&l2tp_nl_family, info,
732 session, L2TP_CMD_SESSION_MODIFY);
733
734 l2tp_session_dec_refcount(session);
735
736out:
737 return ret;
738}
739
740static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, int flags,
741 struct l2tp_session *session, u8 cmd)
742{
743 void *hdr;
744 struct nlattr *nest;
745 struct l2tp_tunnel *tunnel = session->tunnel;
746 struct sock *sk = NULL;
747
748 sk = tunnel->sock;
749
750 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd);
751 if (!hdr)
752 return -EMSGSIZE;
753
754 if (nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) ||
755 nla_put_u32(skb, L2TP_ATTR_SESSION_ID, session->session_id) ||
756 nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) ||
757 nla_put_u32(skb, L2TP_ATTR_PEER_SESSION_ID,
758 session->peer_session_id) ||
759 nla_put_u32(skb, L2TP_ATTR_DEBUG, session->debug) ||
760 nla_put_u16(skb, L2TP_ATTR_PW_TYPE, session->pwtype) ||
761 nla_put_u16(skb, L2TP_ATTR_MTU, session->mtu) ||
762 (session->mru &&
763 nla_put_u16(skb, L2TP_ATTR_MRU, session->mru)))
764 goto nla_put_failure;
765
766 if ((session->ifname[0] &&
767 nla_put_string(skb, L2TP_ATTR_IFNAME, session->ifname)) ||
768 (session->cookie_len &&
769 nla_put(skb, L2TP_ATTR_COOKIE, session->cookie_len,
770 &session->cookie[0])) ||
771 (session->peer_cookie_len &&
772 nla_put(skb, L2TP_ATTR_PEER_COOKIE, session->peer_cookie_len,
773 &session->peer_cookie[0])) ||
774 nla_put_u8(skb, L2TP_ATTR_RECV_SEQ, session->recv_seq) ||
775 nla_put_u8(skb, L2TP_ATTR_SEND_SEQ, session->send_seq) ||
776 nla_put_u8(skb, L2TP_ATTR_LNS_MODE, session->lns_mode) ||
777#ifdef CONFIG_XFRM
778 (((sk) && (sk->sk_policy[0] || sk->sk_policy[1])) &&
779 nla_put_u8(skb, L2TP_ATTR_USING_IPSEC, 1)) ||
780#endif
781 (session->reorder_timeout &&
782 nla_put_msecs(skb, L2TP_ATTR_RECV_TIMEOUT,
783 session->reorder_timeout, L2TP_ATTR_PAD)))
784 goto nla_put_failure;
785
786 nest = nla_nest_start(skb, L2TP_ATTR_STATS);
787 if (nest == NULL)
788 goto nla_put_failure;
789
790 if (nla_put_u64_64bit(skb, L2TP_ATTR_TX_PACKETS,
791 atomic_long_read(&session->stats.tx_packets),
792 L2TP_ATTR_STATS_PAD) ||
793 nla_put_u64_64bit(skb, L2TP_ATTR_TX_BYTES,
794 atomic_long_read(&session->stats.tx_bytes),
795 L2TP_ATTR_STATS_PAD) ||
796 nla_put_u64_64bit(skb, L2TP_ATTR_TX_ERRORS,
797 atomic_long_read(&session->stats.tx_errors),
798 L2TP_ATTR_STATS_PAD) ||
799 nla_put_u64_64bit(skb, L2TP_ATTR_RX_PACKETS,
800 atomic_long_read(&session->stats.rx_packets),
801 L2TP_ATTR_STATS_PAD) ||
802 nla_put_u64_64bit(skb, L2TP_ATTR_RX_BYTES,
803 atomic_long_read(&session->stats.rx_bytes),
804 L2TP_ATTR_STATS_PAD) ||
805 nla_put_u64_64bit(skb, L2TP_ATTR_RX_SEQ_DISCARDS,
806 atomic_long_read(&session->stats.rx_seq_discards),
807 L2TP_ATTR_STATS_PAD) ||
808 nla_put_u64_64bit(skb, L2TP_ATTR_RX_OOS_PACKETS,
809 atomic_long_read(&session->stats.rx_oos_packets),
810 L2TP_ATTR_STATS_PAD) ||
811 nla_put_u64_64bit(skb, L2TP_ATTR_RX_ERRORS,
812 atomic_long_read(&session->stats.rx_errors),
813 L2TP_ATTR_STATS_PAD))
814 goto nla_put_failure;
815 nla_nest_end(skb, nest);
816
817 genlmsg_end(skb, hdr);
818 return 0;
819
820 nla_put_failure:
821 genlmsg_cancel(skb, hdr);
822 return -1;
823}
824
825static int l2tp_nl_cmd_session_get(struct sk_buff *skb, struct genl_info *info)
826{
827 struct l2tp_session *session;
828 struct sk_buff *msg;
829 int ret;
830
831 session = l2tp_nl_session_get(info, false);
832 if (session == NULL) {
833 ret = -ENODEV;
834 goto err;
835 }
836
837 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
838 if (!msg) {
839 ret = -ENOMEM;
840 goto err_ref;
841 }
842
843 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq,
844 0, session, L2TP_CMD_SESSION_GET);
845 if (ret < 0)
846 goto err_ref_msg;
847
848 ret = genlmsg_unicast(genl_info_net(info), msg, info->snd_portid);
849
850 l2tp_session_dec_refcount(session);
851
852 return ret;
853
854err_ref_msg:
855 nlmsg_free(msg);
856err_ref:
857 l2tp_session_dec_refcount(session);
858err:
859 return ret;
860}
861
862static int l2tp_nl_cmd_session_dump(struct sk_buff *skb, struct netlink_callback *cb)
863{
864 struct net *net = sock_net(skb->sk);
865 struct l2tp_session *session;
866 struct l2tp_tunnel *tunnel = NULL;
867 int ti = cb->args[0];
868 int si = cb->args[1];
869
870 for (;;) {
871 if (tunnel == NULL) {
872 tunnel = l2tp_tunnel_find_nth(net, ti);
873 if (tunnel == NULL)
874 goto out;
875 }
876
877 session = l2tp_session_get_nth(tunnel, si, false);
878 if (session == NULL) {
879 ti++;
880 tunnel = NULL;
881 si = 0;
882 continue;
883 }
884
885 if (l2tp_nl_session_send(skb, NETLINK_CB(cb->skb).portid,
886 cb->nlh->nlmsg_seq, NLM_F_MULTI,
887 session, L2TP_CMD_SESSION_GET) < 0) {
888 l2tp_session_dec_refcount(session);
889 break;
890 }
891 l2tp_session_dec_refcount(session);
892
893 si++;
894 }
895
896out:
897 cb->args[0] = ti;
898 cb->args[1] = si;
899
900 return skb->len;
901}
902
903static const struct nla_policy l2tp_nl_policy[L2TP_ATTR_MAX + 1] = {
904 [L2TP_ATTR_NONE] = { .type = NLA_UNSPEC, },
905 [L2TP_ATTR_PW_TYPE] = { .type = NLA_U16, },
906 [L2TP_ATTR_ENCAP_TYPE] = { .type = NLA_U16, },
907 [L2TP_ATTR_OFFSET] = { .type = NLA_U16, },
908 [L2TP_ATTR_DATA_SEQ] = { .type = NLA_U8, },
909 [L2TP_ATTR_L2SPEC_TYPE] = { .type = NLA_U8, },
910 [L2TP_ATTR_L2SPEC_LEN] = { .type = NLA_U8, },
911 [L2TP_ATTR_PROTO_VERSION] = { .type = NLA_U8, },
912 [L2TP_ATTR_CONN_ID] = { .type = NLA_U32, },
913 [L2TP_ATTR_PEER_CONN_ID] = { .type = NLA_U32, },
914 [L2TP_ATTR_SESSION_ID] = { .type = NLA_U32, },
915 [L2TP_ATTR_PEER_SESSION_ID] = { .type = NLA_U32, },
916 [L2TP_ATTR_UDP_CSUM] = { .type = NLA_U8, },
917 [L2TP_ATTR_VLAN_ID] = { .type = NLA_U16, },
918 [L2TP_ATTR_DEBUG] = { .type = NLA_U32, },
919 [L2TP_ATTR_RECV_SEQ] = { .type = NLA_U8, },
920 [L2TP_ATTR_SEND_SEQ] = { .type = NLA_U8, },
921 [L2TP_ATTR_LNS_MODE] = { .type = NLA_U8, },
922 [L2TP_ATTR_USING_IPSEC] = { .type = NLA_U8, },
923 [L2TP_ATTR_RECV_TIMEOUT] = { .type = NLA_MSECS, },
924 [L2TP_ATTR_FD] = { .type = NLA_U32, },
925 [L2TP_ATTR_IP_SADDR] = { .type = NLA_U32, },
926 [L2TP_ATTR_IP_DADDR] = { .type = NLA_U32, },
927 [L2TP_ATTR_UDP_SPORT] = { .type = NLA_U16, },
928 [L2TP_ATTR_UDP_DPORT] = { .type = NLA_U16, },
929 [L2TP_ATTR_MTU] = { .type = NLA_U16, },
930 [L2TP_ATTR_MRU] = { .type = NLA_U16, },
931 [L2TP_ATTR_STATS] = { .type = NLA_NESTED, },
932 [L2TP_ATTR_IP6_SADDR] = {
933 .type = NLA_BINARY,
934 .len = sizeof(struct in6_addr),
935 },
936 [L2TP_ATTR_IP6_DADDR] = {
937 .type = NLA_BINARY,
938 .len = sizeof(struct in6_addr),
939 },
940 [L2TP_ATTR_IFNAME] = {
941 .type = NLA_NUL_STRING,
942 .len = IFNAMSIZ - 1,
943 },
944 [L2TP_ATTR_COOKIE] = {
945 .type = NLA_BINARY,
946 .len = 8,
947 },
948 [L2TP_ATTR_PEER_COOKIE] = {
949 .type = NLA_BINARY,
950 .len = 8,
951 },
952};
953
954static const struct genl_ops l2tp_nl_ops[] = {
955 {
956 .cmd = L2TP_CMD_NOOP,
957 .doit = l2tp_nl_cmd_noop,
958 .policy = l2tp_nl_policy,
959
960 },
961 {
962 .cmd = L2TP_CMD_TUNNEL_CREATE,
963 .doit = l2tp_nl_cmd_tunnel_create,
964 .policy = l2tp_nl_policy,
965 .flags = GENL_ADMIN_PERM,
966 },
967 {
968 .cmd = L2TP_CMD_TUNNEL_DELETE,
969 .doit = l2tp_nl_cmd_tunnel_delete,
970 .policy = l2tp_nl_policy,
971 .flags = GENL_ADMIN_PERM,
972 },
973 {
974 .cmd = L2TP_CMD_TUNNEL_MODIFY,
975 .doit = l2tp_nl_cmd_tunnel_modify,
976 .policy = l2tp_nl_policy,
977 .flags = GENL_ADMIN_PERM,
978 },
979 {
980 .cmd = L2TP_CMD_TUNNEL_GET,
981 .doit = l2tp_nl_cmd_tunnel_get,
982 .dumpit = l2tp_nl_cmd_tunnel_dump,
983 .policy = l2tp_nl_policy,
984 .flags = GENL_ADMIN_PERM,
985 },
986 {
987 .cmd = L2TP_CMD_SESSION_CREATE,
988 .doit = l2tp_nl_cmd_session_create,
989 .policy = l2tp_nl_policy,
990 .flags = GENL_ADMIN_PERM,
991 },
992 {
993 .cmd = L2TP_CMD_SESSION_DELETE,
994 .doit = l2tp_nl_cmd_session_delete,
995 .policy = l2tp_nl_policy,
996 .flags = GENL_ADMIN_PERM,
997 },
998 {
999 .cmd = L2TP_CMD_SESSION_MODIFY,
1000 .doit = l2tp_nl_cmd_session_modify,
1001 .policy = l2tp_nl_policy,
1002 .flags = GENL_ADMIN_PERM,
1003 },
1004 {
1005 .cmd = L2TP_CMD_SESSION_GET,
1006 .doit = l2tp_nl_cmd_session_get,
1007 .dumpit = l2tp_nl_cmd_session_dump,
1008 .policy = l2tp_nl_policy,
1009 .flags = GENL_ADMIN_PERM,
1010 },
1011};
1012
1013static struct genl_family l2tp_nl_family __ro_after_init = {
1014 .name = L2TP_GENL_NAME,
1015 .version = L2TP_GENL_VERSION,
1016 .hdrsize = 0,
1017 .maxattr = L2TP_ATTR_MAX,
1018 .netnsok = true,
1019 .module = THIS_MODULE,
1020 .ops = l2tp_nl_ops,
1021 .n_ops = ARRAY_SIZE(l2tp_nl_ops),
1022 .mcgrps = l2tp_multicast_group,
1023 .n_mcgrps = ARRAY_SIZE(l2tp_multicast_group),
1024};
1025
1026int l2tp_nl_register_ops(enum l2tp_pwtype pw_type, const struct l2tp_nl_cmd_ops *ops)
1027{
1028 int ret;
1029
1030 ret = -EINVAL;
1031 if (pw_type >= __L2TP_PWTYPE_MAX)
1032 goto err;
1033
1034 genl_lock();
1035 ret = -EBUSY;
1036 if (l2tp_nl_cmd_ops[pw_type])
1037 goto out;
1038
1039 l2tp_nl_cmd_ops[pw_type] = ops;
1040 ret = 0;
1041
1042out:
1043 genl_unlock();
1044err:
1045 return ret;
1046}
1047EXPORT_SYMBOL_GPL(l2tp_nl_register_ops);
1048
1049void l2tp_nl_unregister_ops(enum l2tp_pwtype pw_type)
1050{
1051 if (pw_type < __L2TP_PWTYPE_MAX) {
1052 genl_lock();
1053 l2tp_nl_cmd_ops[pw_type] = NULL;
1054 genl_unlock();
1055 }
1056}
1057EXPORT_SYMBOL_GPL(l2tp_nl_unregister_ops);
1058
1059static int __init l2tp_nl_init(void)
1060{
1061 pr_info("L2TP netlink interface\n");
1062 return genl_register_family(&l2tp_nl_family);
1063}
1064
1065static void l2tp_nl_cleanup(void)
1066{
1067 genl_unregister_family(&l2tp_nl_family);
1068}
1069
1070module_init(l2tp_nl_init);
1071module_exit(l2tp_nl_cleanup);
1072
1073MODULE_AUTHOR("James Chapman <jchapman@katalix.com>");
1074MODULE_DESCRIPTION("L2TP netlink");
1075MODULE_LICENSE("GPL");
1076MODULE_VERSION("1.0");
1077MODULE_ALIAS_GENL_FAMILY("l2tp");
1078
