1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
18
19#include <net/sock.h>
20#include <net/genetlink.h>
21#include <net/udp.h>
22#include <linux/in.h>
23#include <linux/udp.h>
24#include <linux/socket.h>
25#include <linux/module.h>
26#include <linux/list.h>
27#include <net/net_namespace.h>
28
29#include <linux/l2tp.h>
30
31#include "l2tp_core.h"
32
33
34static struct genl_family l2tp_nl_family;
35
36static const struct genl_multicast_group l2tp_multicast_group[] = {
37 {
38 .name = L2TP_GENL_MCGROUP,
39 },
40};
41
42static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq,
43 int flags, struct l2tp_tunnel *tunnel, u8 cmd);
44static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq,
45 int flags, struct l2tp_session *session,
46 u8 cmd);
47
48
49static const struct l2tp_nl_cmd_ops *l2tp_nl_cmd_ops[__L2TP_PWTYPE_MAX];
50
51static struct l2tp_session *l2tp_nl_session_get(struct genl_info *info)
52{
53 u32 tunnel_id;
54 u32 session_id;
55 char *ifname;
56 struct l2tp_tunnel *tunnel;
57 struct l2tp_session *session = NULL;
58 struct net *net = genl_info_net(info);
59
60 if (info->attrs[L2TP_ATTR_IFNAME]) {
61 ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]);
62 session = l2tp_session_get_by_ifname(net, ifname);
63 } else if ((info->attrs[L2TP_ATTR_SESSION_ID]) &&
64 (info->attrs[L2TP_ATTR_CONN_ID])) {
65 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
66 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]);
67 tunnel = l2tp_tunnel_get(net, tunnel_id);
68 if (tunnel) {
69 session = l2tp_tunnel_get_session(tunnel, session_id);
70 l2tp_tunnel_dec_refcount(tunnel);
71 }
72 }
73
74 return session;
75}
76
77static int l2tp_nl_cmd_noop(struct sk_buff *skb, struct genl_info *info)
78{
79 struct sk_buff *msg;
80 void *hdr;
81 int ret = -ENOBUFS;
82
83 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
84 if (!msg) {
85 ret = -ENOMEM;
86 goto out;
87 }
88
89 hdr = genlmsg_put(msg, info->snd_portid, info->snd_seq,
90 &l2tp_nl_family, 0, L2TP_CMD_NOOP);
91 if (!hdr) {
92 ret = -EMSGSIZE;
93 goto err_out;
94 }
95
96 genlmsg_end(msg, hdr);
97
98 return genlmsg_unicast(genl_info_net(info), msg, info->snd_portid);
99
100err_out:
101 nlmsg_free(msg);
102
103out:
104 return ret;
105}
106
107static int l2tp_tunnel_notify(struct genl_family *family,
108 struct genl_info *info,
109 struct l2tp_tunnel *tunnel,
110 u8 cmd)
111{
112 struct sk_buff *msg;
113 int ret;
114
115 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
116 if (!msg)
117 return -ENOMEM;
118
119 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq,
120 NLM_F_ACK, tunnel, cmd);
121
122 if (ret >= 0) {
123 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC);
124
125 if (ret == -ESRCH)
126 ret = 0;
127 return ret;
128 }
129
130 nlmsg_free(msg);
131
132 return ret;
133}
134
135static int l2tp_session_notify(struct genl_family *family,
136 struct genl_info *info,
137 struct l2tp_session *session,
138 u8 cmd)
139{
140 struct sk_buff *msg;
141 int ret;
142
143 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
144 if (!msg)
145 return -ENOMEM;
146
147 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq,
148 NLM_F_ACK, session, cmd);
149
150 if (ret >= 0) {
151 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC);
152
153 if (ret == -ESRCH)
154 ret = 0;
155 return ret;
156 }
157
158 nlmsg_free(msg);
159
160 return ret;
161}
162
163static int l2tp_nl_cmd_tunnel_create(struct sk_buff *skb, struct genl_info *info)
164{
165 u32 tunnel_id;
166 u32 peer_tunnel_id;
167 int proto_version;
168 int fd;
169 int ret = 0;
170 struct l2tp_tunnel_cfg cfg = { 0, };
171 struct l2tp_tunnel *tunnel;
172 struct net *net = genl_info_net(info);
173
174 if (!info->attrs[L2TP_ATTR_CONN_ID]) {
175 ret = -EINVAL;
176 goto out;
177 }
178 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
179
180 if (!info->attrs[L2TP_ATTR_PEER_CONN_ID]) {
181 ret = -EINVAL;
182 goto out;
183 }
184 peer_tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_CONN_ID]);
185
186 if (!info->attrs[L2TP_ATTR_PROTO_VERSION]) {
187 ret = -EINVAL;
188 goto out;
189 }
190 proto_version = nla_get_u8(info->attrs[L2TP_ATTR_PROTO_VERSION]);
191
192 if (!info->attrs[L2TP_ATTR_ENCAP_TYPE]) {
193 ret = -EINVAL;
194 goto out;
195 }
196 cfg.encap = nla_get_u16(info->attrs[L2TP_ATTR_ENCAP_TYPE]);
197
198 fd = -1;
199 if (info->attrs[L2TP_ATTR_FD]) {
200 fd = nla_get_u32(info->attrs[L2TP_ATTR_FD]);
201 } else {
202#if IS_ENABLED(CONFIG_IPV6)
203 if (info->attrs[L2TP_ATTR_IP6_SADDR] &&
204 info->attrs[L2TP_ATTR_IP6_DADDR]) {
205 cfg.local_ip6 = nla_data(
206 info->attrs[L2TP_ATTR_IP6_SADDR]);
207 cfg.peer_ip6 = nla_data(
208 info->attrs[L2TP_ATTR_IP6_DADDR]);
209 } else
210#endif
211 if (info->attrs[L2TP_ATTR_IP_SADDR] &&
212 info->attrs[L2TP_ATTR_IP_DADDR]) {
213 cfg.local_ip.s_addr = nla_get_in_addr(
214 info->attrs[L2TP_ATTR_IP_SADDR]);
215 cfg.peer_ip.s_addr = nla_get_in_addr(
216 info->attrs[L2TP_ATTR_IP_DADDR]);
217 } else {
218 ret = -EINVAL;
219 goto out;
220 }
221 if (info->attrs[L2TP_ATTR_UDP_SPORT])
222 cfg.local_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_SPORT]);
223 if (info->attrs[L2TP_ATTR_UDP_DPORT])
224 cfg.peer_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_DPORT]);
225 cfg.use_udp_checksums = nla_get_flag(
226 info->attrs[L2TP_ATTR_UDP_CSUM]);
227
228#if IS_ENABLED(CONFIG_IPV6)
229 cfg.udp6_zero_tx_checksums = nla_get_flag(
230 info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_TX]);
231 cfg.udp6_zero_rx_checksums = nla_get_flag(
232 info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_RX]);
233#endif
234 }
235
236 if (info->attrs[L2TP_ATTR_DEBUG])
237 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]);
238
239 ret = -EINVAL;
240 switch (cfg.encap) {
241 case L2TP_ENCAPTYPE_UDP:
242 case L2TP_ENCAPTYPE_IP:
243 ret = l2tp_tunnel_create(net, fd, proto_version, tunnel_id,
244 peer_tunnel_id, &cfg, &tunnel);
245 break;
246 }
247
248 if (ret < 0)
249 goto out;
250
251 l2tp_tunnel_inc_refcount(tunnel);
252 ret = l2tp_tunnel_register(tunnel, net, &cfg);
253 if (ret < 0) {
254 kfree(tunnel);
255 goto out;
256 }
257 ret = l2tp_tunnel_notify(&l2tp_nl_family, info, tunnel,
258 L2TP_CMD_TUNNEL_CREATE);
259 l2tp_tunnel_dec_refcount(tunnel);
260
261out:
262 return ret;
263}
264
265static int l2tp_nl_cmd_tunnel_delete(struct sk_buff *skb, struct genl_info *info)
266{
267 struct l2tp_tunnel *tunnel;
268 u32 tunnel_id;
269 int ret = 0;
270 struct net *net = genl_info_net(info);
271
272 if (!info->attrs[L2TP_ATTR_CONN_ID]) {
273 ret = -EINVAL;
274 goto out;
275 }
276 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
277
278 tunnel = l2tp_tunnel_get(net, tunnel_id);
279 if (!tunnel) {
280 ret = -ENODEV;
281 goto out;
282 }
283
284 l2tp_tunnel_notify(&l2tp_nl_family, info,
285 tunnel, L2TP_CMD_TUNNEL_DELETE);
286
287 l2tp_tunnel_delete(tunnel);
288
289 l2tp_tunnel_dec_refcount(tunnel);
290
291out:
292 return ret;
293}
294
295static int l2tp_nl_cmd_tunnel_modify(struct sk_buff *skb, struct genl_info *info)
296{
297 struct l2tp_tunnel *tunnel;
298 u32 tunnel_id;
299 int ret = 0;
300 struct net *net = genl_info_net(info);
301
302 if (!info->attrs[L2TP_ATTR_CONN_ID]) {
303 ret = -EINVAL;
304 goto out;
305 }
306 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
307
308 tunnel = l2tp_tunnel_get(net, tunnel_id);
309 if (!tunnel) {
310 ret = -ENODEV;
311 goto out;
312 }
313
314 if (info->attrs[L2TP_ATTR_DEBUG])
315 tunnel->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]);
316
317 ret = l2tp_tunnel_notify(&l2tp_nl_family, info,
318 tunnel, L2TP_CMD_TUNNEL_MODIFY);
319
320 l2tp_tunnel_dec_refcount(tunnel);
321
322out:
323 return ret;
324}
325
326static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, int flags,
327 struct l2tp_tunnel *tunnel, u8 cmd)
328{
329 void *hdr;
330 struct nlattr *nest;
331 struct sock *sk = NULL;
332 struct inet_sock *inet;
333#if IS_ENABLED(CONFIG_IPV6)
334 struct ipv6_pinfo *np = NULL;
335#endif
336
337 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd);
338 if (!hdr)
339 return -EMSGSIZE;
340
341 if (nla_put_u8(skb, L2TP_ATTR_PROTO_VERSION, tunnel->version) ||
342 nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) ||
343 nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) ||
344 nla_put_u32(skb, L2TP_ATTR_DEBUG, tunnel->debug) ||
345 nla_put_u16(skb, L2TP_ATTR_ENCAP_TYPE, tunnel->encap))
346 goto nla_put_failure;
347
348 nest = nla_nest_start(skb, L2TP_ATTR_STATS);
349 if (nest == NULL)
350 goto nla_put_failure;
351
352 if (nla_put_u64_64bit(skb, L2TP_ATTR_TX_PACKETS,
353 atomic_long_read(&tunnel->stats.tx_packets),
354 L2TP_ATTR_STATS_PAD) ||
355 nla_put_u64_64bit(skb, L2TP_ATTR_TX_BYTES,
356 atomic_long_read(&tunnel->stats.tx_bytes),
357 L2TP_ATTR_STATS_PAD) ||
358 nla_put_u64_64bit(skb, L2TP_ATTR_TX_ERRORS,
359 atomic_long_read(&tunnel->stats.tx_errors),
360 L2TP_ATTR_STATS_PAD) ||
361 nla_put_u64_64bit(skb, L2TP_ATTR_RX_PACKETS,
362 atomic_long_read(&tunnel->stats.rx_packets),
363 L2TP_ATTR_STATS_PAD) ||
364 nla_put_u64_64bit(skb, L2TP_ATTR_RX_BYTES,
365 atomic_long_read(&tunnel->stats.rx_bytes),
366 L2TP_ATTR_STATS_PAD) ||
367 nla_put_u64_64bit(skb, L2TP_ATTR_RX_SEQ_DISCARDS,
368 atomic_long_read(&tunnel->stats.rx_seq_discards),
369 L2TP_ATTR_STATS_PAD) ||
370 nla_put_u64_64bit(skb, L2TP_ATTR_RX_OOS_PACKETS,
371 atomic_long_read(&tunnel->stats.rx_oos_packets),
372 L2TP_ATTR_STATS_PAD) ||
373 nla_put_u64_64bit(skb, L2TP_ATTR_RX_ERRORS,
374 atomic_long_read(&tunnel->stats.rx_errors),
375 L2TP_ATTR_STATS_PAD))
376 goto nla_put_failure;
377 nla_nest_end(skb, nest);
378
379 sk = tunnel->sock;
380 if (!sk)
381 goto out;
382
383#if IS_ENABLED(CONFIG_IPV6)
384 if (sk->sk_family == AF_INET6)
385 np = inet6_sk(sk);
386#endif
387
388 inet = inet_sk(sk);
389
390 switch (tunnel->encap) {
391 case L2TP_ENCAPTYPE_UDP:
392 switch (sk->sk_family) {
393 case AF_INET:
394 if (nla_put_u8(skb, L2TP_ATTR_UDP_CSUM, !sk->sk_no_check_tx))
395 goto nla_put_failure;
396 break;
397#if IS_ENABLED(CONFIG_IPV6)
398 case AF_INET6:
399 if (udp_get_no_check6_tx(sk) &&
400 nla_put_flag(skb, L2TP_ATTR_UDP_ZERO_CSUM6_TX))
401 goto nla_put_failure;
402 if (udp_get_no_check6_rx(sk) &&
403 nla_put_flag(skb, L2TP_ATTR_UDP_ZERO_CSUM6_RX))
404 goto nla_put_failure;
405 break;
406#endif
407 }
408 if (nla_put_u16(skb, L2TP_ATTR_UDP_SPORT, ntohs(inet->inet_sport)) ||
409 nla_put_u16(skb, L2TP_ATTR_UDP_DPORT, ntohs(inet->inet_dport)))
410 goto nla_put_failure;
411
412 case L2TP_ENCAPTYPE_IP:
413#if IS_ENABLED(CONFIG_IPV6)
414 if (np) {
415 if (nla_put_in6_addr(skb, L2TP_ATTR_IP6_SADDR,
416 &np->saddr) ||
417 nla_put_in6_addr(skb, L2TP_ATTR_IP6_DADDR,
418 &sk->sk_v6_daddr))
419 goto nla_put_failure;
420 } else
421#endif
422 if (nla_put_in_addr(skb, L2TP_ATTR_IP_SADDR,
423 inet->inet_saddr) ||
424 nla_put_in_addr(skb, L2TP_ATTR_IP_DADDR,
425 inet->inet_daddr))
426 goto nla_put_failure;
427 break;
428 }
429
430out:
431 genlmsg_end(skb, hdr);
432 return 0;
433
434nla_put_failure:
435 genlmsg_cancel(skb, hdr);
436 return -1;
437}
438
439static int l2tp_nl_cmd_tunnel_get(struct sk_buff *skb, struct genl_info *info)
440{
441 struct l2tp_tunnel *tunnel;
442 struct sk_buff *msg;
443 u32 tunnel_id;
444 int ret = -ENOBUFS;
445 struct net *net = genl_info_net(info);
446
447 if (!info->attrs[L2TP_ATTR_CONN_ID]) {
448 ret = -EINVAL;
449 goto err;
450 }
451
452 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
453
454 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
455 if (!msg) {
456 ret = -ENOMEM;
457 goto err;
458 }
459
460 tunnel = l2tp_tunnel_get(net, tunnel_id);
461 if (!tunnel) {
462 ret = -ENODEV;
463 goto err_nlmsg;
464 }
465
466 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq,
467 NLM_F_ACK, tunnel, L2TP_CMD_TUNNEL_GET);
468 if (ret < 0)
469 goto err_nlmsg_tunnel;
470
471 l2tp_tunnel_dec_refcount(tunnel);
472
473 return genlmsg_unicast(net, msg, info->snd_portid);
474
475err_nlmsg_tunnel:
476 l2tp_tunnel_dec_refcount(tunnel);
477err_nlmsg:
478 nlmsg_free(msg);
479err:
480 return ret;
481}
482
483static int l2tp_nl_cmd_tunnel_dump(struct sk_buff *skb, struct netlink_callback *cb)
484{
485 int ti = cb->args[0];
486 struct l2tp_tunnel *tunnel;
487 struct net *net = sock_net(skb->sk);
488
489 for (;;) {
490 tunnel = l2tp_tunnel_get_nth(net, ti);
491 if (tunnel == NULL)
492 goto out;
493
494 if (l2tp_nl_tunnel_send(skb, NETLINK_CB(cb->skb).portid,
495 cb->nlh->nlmsg_seq, NLM_F_MULTI,
496 tunnel, L2TP_CMD_TUNNEL_GET) < 0) {
497 l2tp_tunnel_dec_refcount(tunnel);
498 goto out;
499 }
500 l2tp_tunnel_dec_refcount(tunnel);
501
502 ti++;
503 }
504
505out:
506 cb->args[0] = ti;
507
508 return skb->len;
509}
510
511static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *info)
512{
513 u32 tunnel_id = 0;
514 u32 session_id;
515 u32 peer_session_id;
516 int ret = 0;
517 struct l2tp_tunnel *tunnel;
518 struct l2tp_session *session;
519 struct l2tp_session_cfg cfg = { 0, };
520 struct net *net = genl_info_net(info);
521
522 if (!info->attrs[L2TP_ATTR_CONN_ID]) {
523 ret = -EINVAL;
524 goto out;
525 }
526
527 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
528 tunnel = l2tp_tunnel_get(net, tunnel_id);
529 if (!tunnel) {
530 ret = -ENODEV;
531 goto out;
532 }
533
534 if (!info->attrs[L2TP_ATTR_SESSION_ID]) {
535 ret = -EINVAL;
536 goto out_tunnel;
537 }
538 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]);
539
540 if (!info->attrs[L2TP_ATTR_PEER_SESSION_ID]) {
541 ret = -EINVAL;
542 goto out_tunnel;
543 }
544 peer_session_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_SESSION_ID]);
545
546 if (!info->attrs[L2TP_ATTR_PW_TYPE]) {
547 ret = -EINVAL;
548 goto out_tunnel;
549 }
550 cfg.pw_type = nla_get_u16(info->attrs[L2TP_ATTR_PW_TYPE]);
551 if (cfg.pw_type >= __L2TP_PWTYPE_MAX) {
552 ret = -EINVAL;
553 goto out_tunnel;
554 }
555
556
557 if (tunnel->version == 2 && cfg.pw_type != L2TP_PWTYPE_PPP) {
558 ret = -EPROTONOSUPPORT;
559 goto out_tunnel;
560 }
561
562 if (tunnel->version > 2) {
563 if (info->attrs[L2TP_ATTR_L2SPEC_TYPE]) {
564 cfg.l2specific_type = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_TYPE]);
565 if (cfg.l2specific_type != L2TP_L2SPECTYPE_DEFAULT &&
566 cfg.l2specific_type != L2TP_L2SPECTYPE_NONE) {
567 ret = -EINVAL;
568 goto out_tunnel;
569 }
570 } else {
571 cfg.l2specific_type = L2TP_L2SPECTYPE_DEFAULT;
572 }
573
574 if (info->attrs[L2TP_ATTR_COOKIE]) {
575 u16 len = nla_len(info->attrs[L2TP_ATTR_COOKIE]);
576 if (len > 8) {
577 ret = -EINVAL;
578 goto out_tunnel;
579 }
580 cfg.cookie_len = len;
581 memcpy(&cfg.cookie[0], nla_data(info->attrs[L2TP_ATTR_COOKIE]), len);
582 }
583 if (info->attrs[L2TP_ATTR_PEER_COOKIE]) {
584 u16 len = nla_len(info->attrs[L2TP_ATTR_PEER_COOKIE]);
585 if (len > 8) {
586 ret = -EINVAL;
587 goto out_tunnel;
588 }
589 cfg.peer_cookie_len = len;
590 memcpy(&cfg.peer_cookie[0], nla_data(info->attrs[L2TP_ATTR_PEER_COOKIE]), len);
591 }
592 if (info->attrs[L2TP_ATTR_IFNAME])
593 cfg.ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]);
594 }
595
596 if (info->attrs[L2TP_ATTR_DEBUG])
597 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]);
598
599 if (info->attrs[L2TP_ATTR_RECV_SEQ])
600 cfg.recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]);
601
602 if (info->attrs[L2TP_ATTR_SEND_SEQ])
603 cfg.send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]);
604
605 if (info->attrs[L2TP_ATTR_LNS_MODE])
606 cfg.lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]);
607
608 if (info->attrs[L2TP_ATTR_RECV_TIMEOUT])
609 cfg.reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]);
610
611#ifdef CONFIG_MODULES
612 if (l2tp_nl_cmd_ops[cfg.pw_type] == NULL) {
613 genl_unlock();
614 request_module("net-l2tp-type-%u", cfg.pw_type);
615 genl_lock();
616 }
617#endif
618 if ((l2tp_nl_cmd_ops[cfg.pw_type] == NULL) ||
619 (l2tp_nl_cmd_ops[cfg.pw_type]->session_create == NULL)) {
620 ret = -EPROTONOSUPPORT;
621 goto out_tunnel;
622 }
623
624 ret = l2tp_nl_cmd_ops[cfg.pw_type]->session_create(net, tunnel,
625 session_id,
626 peer_session_id,
627 &cfg);
628
629 if (ret >= 0) {
630 session = l2tp_tunnel_get_session(tunnel, session_id);
631 if (session) {
632 ret = l2tp_session_notify(&l2tp_nl_family, info, session,
633 L2TP_CMD_SESSION_CREATE);
634 l2tp_session_dec_refcount(session);
635 }
636 }
637
638out_tunnel:
639 l2tp_tunnel_dec_refcount(tunnel);
640out:
641 return ret;
642}
643
644static int l2tp_nl_cmd_session_delete(struct sk_buff *skb, struct genl_info *info)
645{
646 int ret = 0;
647 struct l2tp_session *session;
648 u16 pw_type;
649
650 session = l2tp_nl_session_get(info);
651 if (session == NULL) {
652 ret = -ENODEV;
653 goto out;
654 }
655
656 l2tp_session_notify(&l2tp_nl_family, info,
657 session, L2TP_CMD_SESSION_DELETE);
658
659 pw_type = session->pwtype;
660 if (pw_type < __L2TP_PWTYPE_MAX)
661 if (l2tp_nl_cmd_ops[pw_type] && l2tp_nl_cmd_ops[pw_type]->session_delete)
662 ret = (*l2tp_nl_cmd_ops[pw_type]->session_delete)(session);
663
664 l2tp_session_dec_refcount(session);
665
666out:
667 return ret;
668}
669
670static int l2tp_nl_cmd_session_modify(struct sk_buff *skb, struct genl_info *info)
671{
672 int ret = 0;
673 struct l2tp_session *session;
674
675 session = l2tp_nl_session_get(info);
676 if (session == NULL) {
677 ret = -ENODEV;
678 goto out;
679 }
680
681 if (info->attrs[L2TP_ATTR_DEBUG])
682 session->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]);
683
684 if (info->attrs[L2TP_ATTR_RECV_SEQ])
685 session->recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]);
686
687 if (info->attrs[L2TP_ATTR_SEND_SEQ]) {
688 session->send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]);
689 l2tp_session_set_header_len(session, session->tunnel->version);
690 }
691
692 if (info->attrs[L2TP_ATTR_LNS_MODE])
693 session->lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]);
694
695 if (info->attrs[L2TP_ATTR_RECV_TIMEOUT])
696 session->reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]);
697
698 ret = l2tp_session_notify(&l2tp_nl_family, info,
699 session, L2TP_CMD_SESSION_MODIFY);
700
701 l2tp_session_dec_refcount(session);
702
703out:
704 return ret;
705}
706
707static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, int flags,
708 struct l2tp_session *session, u8 cmd)
709{
710 void *hdr;
711 struct nlattr *nest;
712 struct l2tp_tunnel *tunnel = session->tunnel;
713
714 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd);
715 if (!hdr)
716 return -EMSGSIZE;
717
718 if (nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) ||
719 nla_put_u32(skb, L2TP_ATTR_SESSION_ID, session->session_id) ||
720 nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) ||
721 nla_put_u32(skb, L2TP_ATTR_PEER_SESSION_ID,
722 session->peer_session_id) ||
723 nla_put_u32(skb, L2TP_ATTR_DEBUG, session->debug) ||
724 nla_put_u16(skb, L2TP_ATTR_PW_TYPE, session->pwtype))
725 goto nla_put_failure;
726
727 if ((session->ifname[0] &&
728 nla_put_string(skb, L2TP_ATTR_IFNAME, session->ifname)) ||
729 (session->cookie_len &&
730 nla_put(skb, L2TP_ATTR_COOKIE, session->cookie_len,
731 &session->cookie[0])) ||
732 (session->peer_cookie_len &&
733 nla_put(skb, L2TP_ATTR_PEER_COOKIE, session->peer_cookie_len,
734 &session->peer_cookie[0])) ||
735 nla_put_u8(skb, L2TP_ATTR_RECV_SEQ, session->recv_seq) ||
736 nla_put_u8(skb, L2TP_ATTR_SEND_SEQ, session->send_seq) ||
737 nla_put_u8(skb, L2TP_ATTR_LNS_MODE, session->lns_mode) ||
738 (l2tp_tunnel_uses_xfrm(tunnel) &&
739 nla_put_u8(skb, L2TP_ATTR_USING_IPSEC, 1)) ||
740 (session->reorder_timeout &&
741 nla_put_msecs(skb, L2TP_ATTR_RECV_TIMEOUT,
742 session->reorder_timeout, L2TP_ATTR_PAD)))
743 goto nla_put_failure;
744
745 nest = nla_nest_start(skb, L2TP_ATTR_STATS);
746 if (nest == NULL)
747 goto nla_put_failure;
748
749 if (nla_put_u64_64bit(skb, L2TP_ATTR_TX_PACKETS,
750 atomic_long_read(&session->stats.tx_packets),
751 L2TP_ATTR_STATS_PAD) ||
752 nla_put_u64_64bit(skb, L2TP_ATTR_TX_BYTES,
753 atomic_long_read(&session->stats.tx_bytes),
754 L2TP_ATTR_STATS_PAD) ||
755 nla_put_u64_64bit(skb, L2TP_ATTR_TX_ERRORS,
756 atomic_long_read(&session->stats.tx_errors),
757 L2TP_ATTR_STATS_PAD) ||
758 nla_put_u64_64bit(skb, L2TP_ATTR_RX_PACKETS,
759 atomic_long_read(&session->stats.rx_packets),
760 L2TP_ATTR_STATS_PAD) ||
761 nla_put_u64_64bit(skb, L2TP_ATTR_RX_BYTES,
762 atomic_long_read(&session->stats.rx_bytes),
763 L2TP_ATTR_STATS_PAD) ||
764 nla_put_u64_64bit(skb, L2TP_ATTR_RX_SEQ_DISCARDS,
765 atomic_long_read(&session->stats.rx_seq_discards),
766 L2TP_ATTR_STATS_PAD) ||
767 nla_put_u64_64bit(skb, L2TP_ATTR_RX_OOS_PACKETS,
768 atomic_long_read(&session->stats.rx_oos_packets),
769 L2TP_ATTR_STATS_PAD) ||
770 nla_put_u64_64bit(skb, L2TP_ATTR_RX_ERRORS,
771 atomic_long_read(&session->stats.rx_errors),
772 L2TP_ATTR_STATS_PAD))
773 goto nla_put_failure;
774 nla_nest_end(skb, nest);
775
776 genlmsg_end(skb, hdr);
777 return 0;
778
779 nla_put_failure:
780 genlmsg_cancel(skb, hdr);
781 return -1;
782}
783
784static int l2tp_nl_cmd_session_get(struct sk_buff *skb, struct genl_info *info)
785{
786 struct l2tp_session *session;
787 struct sk_buff *msg;
788 int ret;
789
790 session = l2tp_nl_session_get(info);
791 if (session == NULL) {
792 ret = -ENODEV;
793 goto err;
794 }
795
796 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
797 if (!msg) {
798 ret = -ENOMEM;
799 goto err_ref;
800 }
801
802 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq,
803 0, session, L2TP_CMD_SESSION_GET);
804 if (ret < 0)
805 goto err_ref_msg;
806
807 ret = genlmsg_unicast(genl_info_net(info), msg, info->snd_portid);
808
809 l2tp_session_dec_refcount(session);
810
811 return ret;
812
813err_ref_msg:
814 nlmsg_free(msg);
815err_ref:
816 l2tp_session_dec_refcount(session);
817err:
818 return ret;
819}
820
821static int l2tp_nl_cmd_session_dump(struct sk_buff *skb, struct netlink_callback *cb)
822{
823 struct net *net = sock_net(skb->sk);
824 struct l2tp_session *session;
825 struct l2tp_tunnel *tunnel = NULL;
826 int ti = cb->args[0];
827 int si = cb->args[1];
828
829 for (;;) {
830 if (tunnel == NULL) {
831 tunnel = l2tp_tunnel_get_nth(net, ti);
832 if (tunnel == NULL)
833 goto out;
834 }
835
836 session = l2tp_session_get_nth(tunnel, si);
837 if (session == NULL) {
838 ti++;
839 l2tp_tunnel_dec_refcount(tunnel);
840 tunnel = NULL;
841 si = 0;
842 continue;
843 }
844
845 if (l2tp_nl_session_send(skb, NETLINK_CB(cb->skb).portid,
846 cb->nlh->nlmsg_seq, NLM_F_MULTI,
847 session, L2TP_CMD_SESSION_GET) < 0) {
848 l2tp_session_dec_refcount(session);
849 l2tp_tunnel_dec_refcount(tunnel);
850 break;
851 }
852 l2tp_session_dec_refcount(session);
853
854 si++;
855 }
856
857out:
858 cb->args[0] = ti;
859 cb->args[1] = si;
860
861 return skb->len;
862}
863
864static const struct nla_policy l2tp_nl_policy[L2TP_ATTR_MAX + 1] = {
865 [L2TP_ATTR_NONE] = { .type = NLA_UNSPEC, },
866 [L2TP_ATTR_PW_TYPE] = { .type = NLA_U16, },
867 [L2TP_ATTR_ENCAP_TYPE] = { .type = NLA_U16, },
868 [L2TP_ATTR_OFFSET] = { .type = NLA_U16, },
869 [L2TP_ATTR_DATA_SEQ] = { .type = NLA_U8, },
870 [L2TP_ATTR_L2SPEC_TYPE] = { .type = NLA_U8, },
871 [L2TP_ATTR_L2SPEC_LEN] = { .type = NLA_U8, },
872 [L2TP_ATTR_PROTO_VERSION] = { .type = NLA_U8, },
873 [L2TP_ATTR_CONN_ID] = { .type = NLA_U32, },
874 [L2TP_ATTR_PEER_CONN_ID] = { .type = NLA_U32, },
875 [L2TP_ATTR_SESSION_ID] = { .type = NLA_U32, },
876 [L2TP_ATTR_PEER_SESSION_ID] = { .type = NLA_U32, },
877 [L2TP_ATTR_UDP_CSUM] = { .type = NLA_U8, },
878 [L2TP_ATTR_VLAN_ID] = { .type = NLA_U16, },
879 [L2TP_ATTR_DEBUG] = { .type = NLA_U32, },
880 [L2TP_ATTR_RECV_SEQ] = { .type = NLA_U8, },
881 [L2TP_ATTR_SEND_SEQ] = { .type = NLA_U8, },
882 [L2TP_ATTR_LNS_MODE] = { .type = NLA_U8, },
883 [L2TP_ATTR_USING_IPSEC] = { .type = NLA_U8, },
884 [L2TP_ATTR_RECV_TIMEOUT] = { .type = NLA_MSECS, },
885 [L2TP_ATTR_FD] = { .type = NLA_U32, },
886 [L2TP_ATTR_IP_SADDR] = { .type = NLA_U32, },
887 [L2TP_ATTR_IP_DADDR] = { .type = NLA_U32, },
888 [L2TP_ATTR_UDP_SPORT] = { .type = NLA_U16, },
889 [L2TP_ATTR_UDP_DPORT] = { .type = NLA_U16, },
890 [L2TP_ATTR_MTU] = { .type = NLA_U16, },
891 [L2TP_ATTR_MRU] = { .type = NLA_U16, },
892 [L2TP_ATTR_STATS] = { .type = NLA_NESTED, },
893 [L2TP_ATTR_IP6_SADDR] = {
894 .type = NLA_BINARY,
895 .len = sizeof(struct in6_addr),
896 },
897 [L2TP_ATTR_IP6_DADDR] = {
898 .type = NLA_BINARY,
899 .len = sizeof(struct in6_addr),
900 },
901 [L2TP_ATTR_IFNAME] = {
902 .type = NLA_NUL_STRING,
903 .len = IFNAMSIZ - 1,
904 },
905 [L2TP_ATTR_COOKIE] = {
906 .type = NLA_BINARY,
907 .len = 8,
908 },
909 [L2TP_ATTR_PEER_COOKIE] = {
910 .type = NLA_BINARY,
911 .len = 8,
912 },
913};
914
915static const struct genl_ops l2tp_nl_ops[] = {
916 {
917 .cmd = L2TP_CMD_NOOP,
918 .doit = l2tp_nl_cmd_noop,
919 .policy = l2tp_nl_policy,
920
921 },
922 {
923 .cmd = L2TP_CMD_TUNNEL_CREATE,
924 .doit = l2tp_nl_cmd_tunnel_create,
925 .policy = l2tp_nl_policy,
926 .flags = GENL_ADMIN_PERM,
927 },
928 {
929 .cmd = L2TP_CMD_TUNNEL_DELETE,
930 .doit = l2tp_nl_cmd_tunnel_delete,
931 .policy = l2tp_nl_policy,
932 .flags = GENL_ADMIN_PERM,
933 },
934 {
935 .cmd = L2TP_CMD_TUNNEL_MODIFY,
936 .doit = l2tp_nl_cmd_tunnel_modify,
937 .policy = l2tp_nl_policy,
938 .flags = GENL_ADMIN_PERM,
939 },
940 {
941 .cmd = L2TP_CMD_TUNNEL_GET,
942 .doit = l2tp_nl_cmd_tunnel_get,
943 .dumpit = l2tp_nl_cmd_tunnel_dump,
944 .policy = l2tp_nl_policy,
945 .flags = GENL_ADMIN_PERM,
946 },
947 {
948 .cmd = L2TP_CMD_SESSION_CREATE,
949 .doit = l2tp_nl_cmd_session_create,
950 .policy = l2tp_nl_policy,
951 .flags = GENL_ADMIN_PERM,
952 },
953 {
954 .cmd = L2TP_CMD_SESSION_DELETE,
955 .doit = l2tp_nl_cmd_session_delete,
956 .policy = l2tp_nl_policy,
957 .flags = GENL_ADMIN_PERM,
958 },
959 {
960 .cmd = L2TP_CMD_SESSION_MODIFY,
961 .doit = l2tp_nl_cmd_session_modify,
962 .policy = l2tp_nl_policy,
963 .flags = GENL_ADMIN_PERM,
964 },
965 {
966 .cmd = L2TP_CMD_SESSION_GET,
967 .doit = l2tp_nl_cmd_session_get,
968 .dumpit = l2tp_nl_cmd_session_dump,
969 .policy = l2tp_nl_policy,
970 .flags = GENL_ADMIN_PERM,
971 },
972};
973
974static struct genl_family l2tp_nl_family __ro_after_init = {
975 .name = L2TP_GENL_NAME,
976 .version = L2TP_GENL_VERSION,
977 .hdrsize = 0,
978 .maxattr = L2TP_ATTR_MAX,
979 .netnsok = true,
980 .module = THIS_MODULE,
981 .ops = l2tp_nl_ops,
982 .n_ops = ARRAY_SIZE(l2tp_nl_ops),
983 .mcgrps = l2tp_multicast_group,
984 .n_mcgrps = ARRAY_SIZE(l2tp_multicast_group),
985};
986
987int l2tp_nl_register_ops(enum l2tp_pwtype pw_type, const struct l2tp_nl_cmd_ops *ops)
988{
989 int ret;
990
991 ret = -EINVAL;
992 if (pw_type >= __L2TP_PWTYPE_MAX)
993 goto err;
994
995 genl_lock();
996 ret = -EBUSY;
997 if (l2tp_nl_cmd_ops[pw_type])
998 goto out;
999
1000 l2tp_nl_cmd_ops[pw_type] = ops;
1001 ret = 0;
1002
1003out:
1004 genl_unlock();
1005err:
1006 return ret;
1007}
1008EXPORT_SYMBOL_GPL(l2tp_nl_register_ops);
1009
1010void l2tp_nl_unregister_ops(enum l2tp_pwtype pw_type)
1011{
1012 if (pw_type < __L2TP_PWTYPE_MAX) {
1013 genl_lock();
1014 l2tp_nl_cmd_ops[pw_type] = NULL;
1015 genl_unlock();
1016 }
1017}
1018EXPORT_SYMBOL_GPL(l2tp_nl_unregister_ops);
1019
1020static int __init l2tp_nl_init(void)
1021{
1022 pr_info("L2TP netlink interface\n");
1023 return genl_register_family(&l2tp_nl_family);
1024}
1025
1026static void l2tp_nl_cleanup(void)
1027{
1028 genl_unregister_family(&l2tp_nl_family);
1029}
1030
1031module_init(l2tp_nl_init);
1032module_exit(l2tp_nl_cleanup);
1033
1034MODULE_AUTHOR("James Chapman <jchapman@katalix.com>");
1035MODULE_DESCRIPTION("L2TP netlink");
1036MODULE_LICENSE("GPL");
1037MODULE_VERSION("1.0");
1038MODULE_ALIAS_GENL_FAMILY("l2tp");
1039
