LXR linux/net/netlink/genetlink.c

   1// SPDX-License-Identifier: GPL-2.0
   2/*
   3 * NETLINK      Generic Netlink Family
   4 *
   5 *              Authors:        Jamal Hadi Salim
   6 *                              Thomas Graf <tgraf@suug.ch>
   7 *                              Johannes Berg <johannes@sipsolutions.net>
   8 */
   9
  10#include <linux/module.h>
  11#include <linux/kernel.h>
  12#include <linux/slab.h>
  13#include <linux/errno.h>
  14#include <linux/types.h>
  15#include <linux/socket.h>
  16#include <linux/string.h>
  17#include <linux/skbuff.h>
  18#include <linux/mutex.h>
  19#include <linux/bitmap.h>
  20#include <linux/rwsem.h>
  21#include <linux/idr.h>
  22#include <net/sock.h>
  23#include <net/genetlink.h>
  24
  25static DEFINE_MUTEX(genl_mutex); /* serialization of message processing */
  26static DECLARE_RWSEM(cb_lock);
  27
  28atomic_t genl_sk_destructing_cnt = ATOMIC_INIT(0);
  29DECLARE_WAIT_QUEUE_HEAD(genl_sk_destructing_waitq);
  30
  31void genl_lock(void)
  32{
  33        mutex_lock(&genl_mutex);
  34}
  35EXPORT_SYMBOL(genl_lock);
  36
  37void genl_unlock(void)
  38{
  39        mutex_unlock(&genl_mutex);
  40}
  41EXPORT_SYMBOL(genl_unlock);
  42
  43#ifdef CONFIG_LOCKDEP
  44bool lockdep_genl_is_held(void)
  45{
  46        return lockdep_is_held(&genl_mutex);
  47}
  48EXPORT_SYMBOL(lockdep_genl_is_held);
  49#endif
  50
  51static void genl_lock_all(void)
  52{
  53        down_write(&cb_lock);
  54        genl_lock();
  55}
  56
  57static void genl_unlock_all(void)
  58{
  59        genl_unlock();
  60        up_write(&cb_lock);
  61}
  62
  63static DEFINE_IDR(genl_fam_idr);
  64
  65/*
  66 * Bitmap of multicast groups that are currently in use.
  67 *
  68 * To avoid an allocation at boot of just one unsigned long,
  69 * declare it global instead.
  70 * Bit 0 is marked as already used since group 0 is invalid.
  71 * Bit 1 is marked as already used since the drop-monitor code
  72 * abuses the API and thinks it can statically use group 1.
  73 * That group will typically conflict with other groups that
  74 * any proper users use.
  75 * Bit 16 is marked as used since it's used for generic netlink
  76 * and the code no longer marks pre-reserved IDs as used.
  77 * Bit 17 is marked as already used since the VFS quota code
  78 * also abused this API and relied on family == group ID, we
  79 * cater to that by giving it a static family and group ID.
  80 * Bit 18 is marked as already used since the PMCRAID driver
  81 * did the same thing as the VFS quota code (maybe copied?)
  82 */
  83static unsigned long mc_group_start = 0x3 | BIT(GENL_ID_CTRL) |
  84                                      BIT(GENL_ID_VFS_DQUOT) |
  85                                      BIT(GENL_ID_PMCRAID);
  86static unsigned long *mc_groups = &mc_group_start;
  87static unsigned long mc_groups_longs = 1;
  88
  89static int genl_ctrl_event(int event, const struct genl_family *family,
  90                           const struct genl_multicast_group *grp,
  91                           int grp_id);
  92
  93static const struct genl_family *genl_family_find_byid(unsigned int id)
  94{
  95        return idr_find(&genl_fam_idr, id);
  96}
  97
  98static const struct genl_family *genl_family_find_byname(char *name)
  99{
 100        const struct genl_family *family;
 101        unsigned int id;
 102
 103        idr_for_each_entry(&genl_fam_idr, family, id)
 104                if (strcmp(family->name, name) == 0)
 105                        return family;
 106
 107        return NULL;
 108}
 109
 110static const struct genl_ops *genl_get_cmd(u8 cmd,
 111                                           const struct genl_family *family)
 112{
 113        int i;
 114
 115        for (i = 0; i < family->n_ops; i++)
 116                if (family->ops[i].cmd == cmd)
 117                        return &family->ops[i];
 118
 119        return NULL;
 120}
 121
 122static int genl_allocate_reserve_groups(int n_groups, int *first_id)
 123{
 124        unsigned long *new_groups;
 125        int start = 0;
 126        int i;
 127        int id;
 128        bool fits;
 129
 130        do {
 131                if (start == 0)
 132                        id = find_first_zero_bit(mc_groups,
 133                                                 mc_groups_longs *
 134                                                 BITS_PER_LONG);
 135                else
 136                        id = find_next_zero_bit(mc_groups,
 137                                                mc_groups_longs * BITS_PER_LONG,
 138                                                start);
 139
 140                fits = true;
 141                for (i = id;
 142                     i < min_t(int, id + n_groups,
 143                               mc_groups_longs * BITS_PER_LONG);
 144                     i++) {
 145                        if (test_bit(i, mc_groups)) {
 146                                start = i;
 147                                fits = false;
 148                                break;
 149                        }
 150                }
 151
 152                if (id + n_groups > mc_groups_longs * BITS_PER_LONG) {
 153                        unsigned long new_longs = mc_groups_longs +
 154                                                  BITS_TO_LONGS(n_groups);
 155                        size_t nlen = new_longs * sizeof(unsigned long);
 156
 157                        if (mc_groups == &mc_group_start) {
 158                                new_groups = kzalloc(nlen, GFP_KERNEL);
 159                                if (!new_groups)
 160                                        return -ENOMEM;
 161                                mc_groups = new_groups;
 162                                *mc_groups = mc_group_start;
 163                        } else {
 164                                new_groups = krealloc(mc_groups, nlen,
 165                                                      GFP_KERNEL);
 166                                if (!new_groups)
 167                                        return -ENOMEM;
 168                                mc_groups = new_groups;
 169                                for (i = 0; i < BITS_TO_LONGS(n_groups); i++)
 170                                        mc_groups[mc_groups_longs + i] = 0;
 171                        }
 172                        mc_groups_longs = new_longs;
 173                }
 174        } while (!fits);
 175
 176        for (i = id; i < id + n_groups; i++)
 177                set_bit(i, mc_groups);
 178        *first_id = id;
 179        return 0;
 180}
 181
 182static struct genl_family genl_ctrl;
 183
 184static int genl_validate_assign_mc_groups(struct genl_family *family)
 185{
 186        int first_id;
 187        int n_groups = family->n_mcgrps;
 188        int err = 0, i;
 189        bool groups_allocated = false;
 190
 191        if (!n_groups)
 192                return 0;
 193
 194        for (i = 0; i < n_groups; i++) {
 195                const struct genl_multicast_group *grp = &family->mcgrps[i];
 196
 197                if (WARN_ON(grp->name[0] == '\0'))
 198                        return -EINVAL;
 199                if (WARN_ON(memchr(grp->name, '\0', GENL_NAMSIZ) == NULL))
 200                        return -EINVAL;
 201        }
 202
 203        /* special-case our own group and hacks */
 204        if (family == &genl_ctrl) {
 205                first_id = GENL_ID_CTRL;
 206                BUG_ON(n_groups != 1);
 207        } else if (strcmp(family->name, "NET_DM") == 0) {
 208                first_id = 1;
 209                BUG_ON(n_groups != 1);
 210        } else if (family->id == GENL_ID_VFS_DQUOT) {
 211                first_id = GENL_ID_VFS_DQUOT;
 212                BUG_ON(n_groups != 1);
 213        } else if (family->id == GENL_ID_PMCRAID) {
 214                first_id = GENL_ID_PMCRAID;
 215                BUG_ON(n_groups != 1);
 216        } else {
 217                groups_allocated = true;
 218                err = genl_allocate_reserve_groups(n_groups, &first_id);
 219                if (err)
 220                        return err;
 221        }
 222
 223        family->mcgrp_offset = first_id;
 224
 225        /* if still initializing, can't and don't need to to realloc bitmaps */
 226        if (!init_net.genl_sock)
 227                return 0;
 228
 229        if (family->netnsok) {
 230                struct net *net;
 231
 232                netlink_table_grab();
 233                rcu_read_lock();
 234                for_each_net_rcu(net) {
 235                        err = __netlink_change_ngroups(net->genl_sock,
 236                                        mc_groups_longs * BITS_PER_LONG);
 237                        if (err) {
 238                                /*
 239                                 * No need to roll back, can only fail if
 240                                 * memory allocation fails and then the
 241                                 * number of _possible_ groups has been
 242                                 * increased on some sockets which is ok.
 243                                 */
 244                                break;
 245                        }
 246                }
 247                rcu_read_unlock();
 248                netlink_table_ungrab();
 249        } else {
 250                err = netlink_change_ngroups(init_net.genl_sock,
 251                                             mc_groups_longs * BITS_PER_LONG);
 252        }
 253
 254        if (groups_allocated && err) {
 255                for (i = 0; i < family->n_mcgrps; i++)
 256                        clear_bit(family->mcgrp_offset + i, mc_groups);
 257        }
 258
 259        return err;
 260}
 261
 262static void genl_unregister_mc_groups(const struct genl_family *family)
 263{
 264        struct net *net;
 265        int i;
 266
 267        netlink_table_grab();
 268        rcu_read_lock();
 269        for_each_net_rcu(net) {
 270                for (i = 0; i < family->n_mcgrps; i++)
 271                        __netlink_clear_multicast_users(
 272                                net->genl_sock, family->mcgrp_offset + i);
 273        }
 274        rcu_read_unlock();
 275        netlink_table_ungrab();
 276
 277        for (i = 0; i < family->n_mcgrps; i++) {
 278                int grp_id = family->mcgrp_offset + i;
 279
 280                if (grp_id != 1)
 281                        clear_bit(grp_id, mc_groups);
 282                genl_ctrl_event(CTRL_CMD_DELMCAST_GRP, family,
 283                                &family->mcgrps[i], grp_id);
 284        }
 285}
 286
 287static int genl_validate_ops(const struct genl_family *family)
 288{
 289        const struct genl_ops *ops = family->ops;
 290        unsigned int n_ops = family->n_ops;
 291        int i, j;
 292
 293        if (WARN_ON(n_ops && !ops))
 294                return -EINVAL;
 295
 296        if (!n_ops)
 297                return 0;
 298
 299        for (i = 0; i < n_ops; i++) {
 300                if (ops[i].dumpit == NULL && ops[i].doit == NULL)
 301                        return -EINVAL;
 302                for (j = i + 1; j < n_ops; j++)
 303                        if (ops[i].cmd == ops[j].cmd)
 304                                return -EINVAL;
 305        }
 306
 307        return 0;
 308}
 309
 310/**
 311 * genl_register_family - register a generic netlink family
 312 * @family: generic netlink family
 313 *
 314 * Registers the specified family after validating it first. Only one
 315 * family may be registered with the same family name or identifier.
 316 *
 317 * The family's ops, multicast groups and module pointer must already
 318 * be assigned.
 319 *
 320 * Return 0 on success or a negative error code.
 321 */
 322int genl_register_family(struct genl_family *family)
 323{
 324        int err, i;
 325        int start = GENL_START_ALLOC, end = GENL_MAX_ID;
 326
 327        err = genl_validate_ops(family);
 328        if (err)
 329                return err;
 330
 331        genl_lock_all();
 332
 333        if (genl_family_find_byname(family->name)) {
 334                err = -EEXIST;
 335                goto errout_locked;
 336        }
 337
 338        /*
 339         * Sadly, a few cases need to be special-cased
 340         * due to them having previously abused the API
 341         * and having used their family ID also as their
 342         * multicast group ID, so we use reserved IDs
 343         * for both to be sure we can do that mapping.
 344         */
 345        if (family == &genl_ctrl) {
 346                /* and this needs to be special for initial family lookups */
 347                start = end = GENL_ID_CTRL;
 348        } else if (strcmp(family->name, "pmcraid") == 0) {
 349                start = end = GENL_ID_PMCRAID;
 350        } else if (strcmp(family->name, "VFS_DQUOT") == 0) {
 351                start = end = GENL_ID_VFS_DQUOT;
 352        }
 353
 354        if (family->maxattr && !family->parallel_ops) {
 355                family->attrbuf = kmalloc_array(family->maxattr + 1,
 356                                                sizeof(struct nlattr *),
 357                                                GFP_KERNEL);
 358                if (family->attrbuf == NULL) {
 359                        err = -ENOMEM;
 360                        goto errout_locked;
 361                }
 362        } else
 363                family->attrbuf = NULL;
 364
 365        family->id = idr_alloc_cyclic(&genl_fam_idr, family,
 366                                      start, end + 1, GFP_KERNEL);
 367        if (family->id < 0) {
 368                err = family->id;
 369                goto errout_free;
 370        }
 371
 372        err = genl_validate_assign_mc_groups(family);
 373        if (err)
 374                goto errout_remove;
 375
 376        genl_unlock_all();
 377
 378        /* send all events */
 379        genl_ctrl_event(CTRL_CMD_NEWFAMILY, family, NULL, 0);
 380        for (i = 0; i < family->n_mcgrps; i++)
 381                genl_ctrl_event(CTRL_CMD_NEWMCAST_GRP, family,
 382                                &family->mcgrps[i], family->mcgrp_offset + i);
 383
 384        return 0;
 385
 386errout_remove:
 387        idr_remove(&genl_fam_idr, family->id);
 388errout_free:
 389        kfree(family->attrbuf);
 390errout_locked:
 391        genl_unlock_all();
 392        return err;
 393}
 394EXPORT_SYMBOL(genl_register_family);
 395
 396/**
 397 * genl_unregister_family - unregister generic netlink family
 398 * @family: generic netlink family
 399 *
 400 * Unregisters the specified family.
 401 *
 402 * Returns 0 on success or a negative error code.
 403 */
 404int genl_unregister_family(const struct genl_family *family)
 405{
 406        genl_lock_all();
 407
 408        if (!genl_family_find_byid(family->id)) {
 409                genl_unlock_all();
 410                return -ENOENT;
 411        }
 412
 413        genl_unregister_mc_groups(family);
 414
 415        idr_remove(&genl_fam_idr, family->id);
 416
 417        up_write(&cb_lock);
 418        wait_event(genl_sk_destructing_waitq,
 419                   atomic_read(&genl_sk_destructing_cnt) == 0);
 420        genl_unlock();
 421
 422        kfree(family->attrbuf);
 423
 424        genl_ctrl_event(CTRL_CMD_DELFAMILY, family, NULL, 0);
 425
 426        return 0;
 427}
 428EXPORT_SYMBOL(genl_unregister_family);
 429
 430/**
 431 * genlmsg_put - Add generic netlink header to netlink message
 432 * @skb: socket buffer holding the message
 433 * @portid: netlink portid the message is addressed to
 434 * @seq: sequence number (usually the one of the sender)
 435 * @family: generic netlink family
 436 * @flags: netlink message flags
 437 * @cmd: generic netlink command
 438 *
 439 * Returns pointer to user specific header
 440 */
 441void *genlmsg_put(struct sk_buff *skb, u32 portid, u32 seq,
 442                  const struct genl_family *family, int flags, u8 cmd)
 443{
 444        struct nlmsghdr *nlh;
 445        struct genlmsghdr *hdr;
 446
 447        nlh = nlmsg_put(skb, portid, seq, family->id, GENL_HDRLEN +
 448                        family->hdrsize, flags);
 449        if (nlh == NULL)
 450                return NULL;
 451
 452        hdr = nlmsg_data(nlh);
 453        hdr->cmd = cmd;
 454        hdr->version = family->version;
 455        hdr->reserved = 0;
 456
 457        return (char *) hdr + GENL_HDRLEN;
 458}
 459EXPORT_SYMBOL(genlmsg_put);
 460
 461static int genl_lock_start(struct netlink_callback *cb)
 462{
 463        /* our ops are always const - netlink API doesn't propagate that */
 464        const struct genl_ops *ops = cb->data;
 465        int rc = 0;
 466
 467        if (ops->start) {
 468                genl_lock();
 469                rc = ops->start(cb);
 470                genl_unlock();
 471        }
 472        return rc;
 473}
 474
 475static int genl_lock_dumpit(struct sk_buff *skb, struct netlink_callback *cb)
 476{
 477        /* our ops are always const - netlink API doesn't propagate that */
 478        const struct genl_ops *ops = cb->data;
 479        int rc;
 480
 481        genl_lock();
 482        rc = ops->dumpit(skb, cb);
 483        genl_unlock();
 484        return rc;
 485}
 486
 487static int genl_lock_done(struct netlink_callback *cb)
 488{
 489        /* our ops are always const - netlink API doesn't propagate that */
 490        const struct genl_ops *ops = cb->data;
 491        int rc = 0;
 492
 493        if (ops->done) {
 494                genl_lock();
 495                rc = ops->done(cb);
 496                genl_unlock();
 497        }
 498        return rc;
 499}
 500
 501static int genl_family_rcv_msg(const struct genl_family *family,
 502                               struct sk_buff *skb,
 503                               struct nlmsghdr *nlh,
 504                               struct netlink_ext_ack *extack)
 505{
 506        const struct genl_ops *ops;
 507        struct net *net = sock_net(skb->sk);
 508        struct genl_info info;
 509        struct genlmsghdr *hdr = nlmsg_data(nlh);
 510        struct nlattr **attrbuf;
 511        int hdrlen, err;
 512
 513        /* this family doesn't exist in this netns */
 514        if (!family->netnsok && !net_eq(net, &init_net))
 515                return -ENOENT;
 516
 517        hdrlen = GENL_HDRLEN + family->hdrsize;
 518        if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen))
 519                return -EINVAL;
 520
 521        ops = genl_get_cmd(hdr->cmd, family);
 522        if (ops == NULL)
 523                return -EOPNOTSUPP;
 524
 525        if ((ops->flags & GENL_ADMIN_PERM) &&
 526            !netlink_capable(skb, CAP_NET_ADMIN))
 527                return -EPERM;
 528
 529        if ((ops->flags & GENL_UNS_ADMIN_PERM) &&
 530            !netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN))
 531                return -EPERM;
 532
 533        if ((nlh->nlmsg_flags & NLM_F_DUMP) == NLM_F_DUMP) {
 534                int rc;
 535
 536                if (ops->dumpit == NULL)
 537                        return -EOPNOTSUPP;
 538
 539                if (!(ops->validate & GENL_DONT_VALIDATE_DUMP)) {
 540                        int hdrlen = GENL_HDRLEN + family->hdrsize;
 541
 542                        if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen))
 543                                return -EINVAL;
 544
 545                        if (family->maxattr) {
 546                                unsigned int validate = NL_VALIDATE_STRICT;
 547
 548                                if (ops->validate &
 549                                    GENL_DONT_VALIDATE_DUMP_STRICT)
 550                                        validate = NL_VALIDATE_LIBERAL;
 551                                rc = __nla_validate(nlmsg_attrdata(nlh, hdrlen),
 552                                                    nlmsg_attrlen(nlh, hdrlen),
 553                                                    family->maxattr,
 554                                                    family->policy,
 555                                                    validate, extack);
 556                                if (rc)
 557                                        return rc;
 558                        }
 559                }
 560
 561                if (!family->parallel_ops) {
 562                        struct netlink_dump_control c = {
 563                                .module = family->module,
 564                                /* we have const, but the netlink API doesn't */
 565                                .data = (void *)ops,
 566                                .start = genl_lock_start,
 567                                .dump = genl_lock_dumpit,
 568                                .done = genl_lock_done,
 569                        };
 570
 571                        genl_unlock();
 572                        rc = __netlink_dump_start(net->genl_sock, skb, nlh, &c);
 573                        genl_lock();
 574
 575                } else {
 576                        struct netlink_dump_control c = {
 577                                .module = family->module,
 578                                .start = ops->start,
 579                                .dump = ops->dumpit,
 580                                .done = ops->done,
 581                        };
 582
 583                        rc = __netlink_dump_start(net->genl_sock, skb, nlh, &c);
 584                }
 585
 586                return rc;
 587        }
 588
 589        if (ops->doit == NULL)
 590                return -EOPNOTSUPP;
 591
 592        if (family->maxattr && family->parallel_ops) {
 593                attrbuf = kmalloc_array(family->maxattr + 1,
 594                                        sizeof(struct nlattr *),
 595                                        GFP_KERNEL);
 596                if (attrbuf == NULL)
 597                        return -ENOMEM;
 598        } else
 599                attrbuf = family->attrbuf;
 600
 601        if (attrbuf) {
 602                enum netlink_validation validate = NL_VALIDATE_STRICT;
 603
 604                if (ops->validate & GENL_DONT_VALIDATE_STRICT)
 605                        validate = NL_VALIDATE_LIBERAL;
 606
 607                err = __nlmsg_parse(nlh, hdrlen, attrbuf, family->maxattr,
 608                                    family->policy, validate, extack);
 609                if (err < 0)
 610                        goto out;
 611        }
 612
 613        info.snd_seq = nlh->nlmsg_seq;
 614        info.snd_portid = NETLINK_CB(skb).portid;
 615        info.nlhdr = nlh;
 616        info.genlhdr = nlmsg_data(nlh);
 617        info.userhdr = nlmsg_data(nlh) + GENL_HDRLEN;
 618        info.attrs = attrbuf;
 619        info.extack = extack;
 620        genl_info_net_set(&info, net);
 621        memset(&info.user_ptr, 0, sizeof(info.user_ptr));
 622
 623        if (family->pre_doit) {
 624                err = family->pre_doit(ops, skb, &info);
 625                if (err)
 626                        goto out;
 627        }
 628
 629        err = ops->doit(skb, &info);
 630
 631        if (family->post_doit)
 632                family->post_doit(ops, skb, &info);
 633
 634out:
 635        if (family->parallel_ops)
 636                kfree(attrbuf);
 637
 638        return err;
 639}
 640
 641static int genl_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh,
 642                        struct netlink_ext_ack *extack)
 643{
 644        const struct genl_family *family;
 645        int err;
 646
 647        family = genl_family_find_byid(nlh->nlmsg_type);
 648        if (family == NULL)
 649                return -ENOENT;
 650
 651        if (!family->parallel_ops)
 652                genl_lock();
 653
 654        err = genl_family_rcv_msg(family, skb, nlh, extack);
 655
 656        if (!family->parallel_ops)
 657                genl_unlock();
 658
 659        return err;
 660}
 661
 662static void genl_rcv(struct sk_buff *skb)
 663{
 664        down_read(&cb_lock);
 665        netlink_rcv_skb(skb, &genl_rcv_msg);
 666        up_read(&cb_lock);
 667}
 668
 669/**************************************************************************
 670 * Controller
 671 **************************************************************************/
 672
 673static struct genl_family genl_ctrl;
 674
 675static int ctrl_fill_info(const struct genl_family *family, u32 portid, u32 seq,
 676                          u32 flags, struct sk_buff *skb, u8 cmd)
 677{
 678        void *hdr;
 679
 680        hdr = genlmsg_put(skb, portid, seq, &genl_ctrl, flags, cmd);
 681        if (hdr == NULL)
 682                return -1;
 683
 684        if (nla_put_string(skb, CTRL_ATTR_FAMILY_NAME, family->name) ||
 685            nla_put_u16(skb, CTRL_ATTR_FAMILY_ID, family->id) ||
 686            nla_put_u32(skb, CTRL_ATTR_VERSION, family->version) ||
 687            nla_put_u32(skb, CTRL_ATTR_HDRSIZE, family->hdrsize) ||
 688            nla_put_u32(skb, CTRL_ATTR_MAXATTR, family->maxattr))
 689                goto nla_put_failure;
 690
 691        if (family->n_ops) {
 692                struct nlattr *nla_ops;
 693                int i;
 694
 695                nla_ops = nla_nest_start_noflag(skb, CTRL_ATTR_OPS);
 696                if (nla_ops == NULL)
 697                        goto nla_put_failure;
 698
 699                for (i = 0; i < family->n_ops; i++) {
 700                        struct nlattr *nest;
 701                        const struct genl_ops *ops = &family->ops[i];
 702                        u32 op_flags = ops->flags;
 703
 704                        if (ops->dumpit)
 705                                op_flags |= GENL_CMD_CAP_DUMP;
 706                        if (ops->doit)
 707                                op_flags |= GENL_CMD_CAP_DO;
 708                        if (family->policy)
 709                                op_flags |= GENL_CMD_CAP_HASPOL;
 710
 711                        nest = nla_nest_start_noflag(skb, i + 1);
 712                        if (nest == NULL)
 713                                goto nla_put_failure;
 714
 715                        if (nla_put_u32(skb, CTRL_ATTR_OP_ID, ops->cmd) ||
 716                            nla_put_u32(skb, CTRL_ATTR_OP_FLAGS, op_flags))
 717                                goto nla_put_failure;
 718
 719                        nla_nest_end(skb, nest);
 720                }
 721
 722                nla_nest_end(skb, nla_ops);
 723        }
 724
 725        if (family->n_mcgrps) {
 726                struct nlattr *nla_grps;
 727                int i;
 728
 729                nla_grps = nla_nest_start_noflag(skb, CTRL_ATTR_MCAST_GROUPS);
 730                if (nla_grps == NULL)
 731                        goto nla_put_failure;
 732
 733                for (i = 0; i < family->n_mcgrps; i++) {
 734                        struct nlattr *nest;
 735                        const struct genl_multicast_group *grp;
 736
 737                        grp = &family->mcgrps[i];
 738
 739                        nest = nla_nest_start_noflag(skb, i + 1);
 740                        if (nest == NULL)
 741                                goto nla_put_failure;
 742
 743                        if (nla_put_u32(skb, CTRL_ATTR_MCAST_GRP_ID,
 744                                        family->mcgrp_offset + i) ||
 745                            nla_put_string(skb, CTRL_ATTR_MCAST_GRP_NAME,
 746                                           grp->name))
 747                                goto nla_put_failure;
 748
 749                        nla_nest_end(skb, nest);
 750                }
 751                nla_nest_end(skb, nla_grps);
 752        }
 753
 754        genlmsg_end(skb, hdr);
 755        return 0;
 756
 757nla_put_failure:
 758        genlmsg_cancel(skb, hdr);
 759        return -EMSGSIZE;
 760}
 761
 762static int ctrl_fill_mcgrp_info(const struct genl_family *family,
 763                                const struct genl_multicast_group *grp,
 764                                int grp_id, u32 portid, u32 seq, u32 flags,
 765                                struct sk_buff *skb, u8 cmd)
 766{
 767        void *hdr;
 768        struct nlattr *nla_grps;
 769        struct nlattr *nest;
 770
 771        hdr = genlmsg_put(skb, portid, seq, &genl_ctrl, flags, cmd);
 772        if (hdr == NULL)
 773                return -1;
 774
 775        if (nla_put_string(skb, CTRL_ATTR_FAMILY_NAME, family->name) ||
 776            nla_put_u16(skb, CTRL_ATTR_FAMILY_ID, family->id))
 777                goto nla_put_failure;
 778
 779        nla_grps = nla_nest_start_noflag(skb, CTRL_ATTR_MCAST_GROUPS);
 780        if (nla_grps == NULL)
 781                goto nla_put_failure;
 782
 783        nest = nla_nest_start_noflag(skb, 1);
 784        if (nest == NULL)
 785                goto nla_put_failure;
 786
 787        if (nla_put_u32(skb, CTRL_ATTR_MCAST_GRP_ID, grp_id) ||
 788            nla_put_string(skb, CTRL_ATTR_MCAST_GRP_NAME,
 789                           grp->name))
 790                goto nla_put_failure;
 791
 792        nla_nest_end(skb, nest);
 793        nla_nest_end(skb, nla_grps);
 794
 795        genlmsg_end(skb, hdr);
 796        return 0;
 797
 798nla_put_failure:
 799        genlmsg_cancel(skb, hdr);
 800        return -EMSGSIZE;
 801}
 802
 803static int ctrl_dumpfamily(struct sk_buff *skb, struct netlink_callback *cb)
 804{
 805        int n = 0;
 806        struct genl_family *rt;
 807        struct net *net = sock_net(skb->sk);
 808        int fams_to_skip = cb->args[0];
 809        unsigned int id;
 810
 811        idr_for_each_entry(&genl_fam_idr, rt, id) {
 812                if (!rt->netnsok && !net_eq(net, &init_net))
 813                        continue;
 814
 815                if (n++ < fams_to_skip)
 816                        continue;
 817
 818                if (ctrl_fill_info(rt, NETLINK_CB(cb->skb).portid,
 819                                   cb->nlh->nlmsg_seq, NLM_F_MULTI,
 820                                   skb, CTRL_CMD_NEWFAMILY) < 0) {
 821                        n--;
 822                        break;
 823                }
 824        }
 825
 826        cb->args[0] = n;
 827        return skb->len;
 828}
 829
 830static struct sk_buff *ctrl_build_family_msg(const struct genl_family *family,
 831                                             u32 portid, int seq, u8 cmd)
 832{
 833        struct sk_buff *skb;
 834        int err;
 835
 836        skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
 837        if (skb == NULL)
 838                return ERR_PTR(-ENOBUFS);
 839
 840        err = ctrl_fill_info(family, portid, seq, 0, skb, cmd);
 841        if (err < 0) {
 842                nlmsg_free(skb);
 843                return ERR_PTR(err);
 844        }
 845
 846        return skb;
 847}
 848
 849static struct sk_buff *
 850ctrl_build_mcgrp_msg(const struct genl_family *family,
 851                     const struct genl_multicast_group *grp,
 852                     int grp_id, u32 portid, int seq, u8 cmd)
 853{
 854        struct sk_buff *skb;
 855        int err;
 856
 857        skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
 858        if (skb == NULL)
 859                return ERR_PTR(-ENOBUFS);
 860
 861        err = ctrl_fill_mcgrp_info(family, grp, grp_id, portid,
 862                                   seq, 0, skb, cmd);
 863        if (err < 0) {
 864                nlmsg_free(skb);
 865                return ERR_PTR(err);
 866        }
 867
 868        return skb;
 869}
 870
 871static const struct nla_policy ctrl_policy[CTRL_ATTR_MAX+1] = {
 872        [CTRL_ATTR_FAMILY_ID]   = { .type = NLA_U16 },
 873        [CTRL_ATTR_FAMILY_NAME] = { .type = NLA_NUL_STRING,
 874                                    .len = GENL_NAMSIZ - 1 },
 875};
 876
 877static int ctrl_getfamily(struct sk_buff *skb, struct genl_info *info)
 878{
 879        struct sk_buff *msg;
 880        const struct genl_family *res = NULL;
 881        int err = -EINVAL;
 882
 883        if (info->attrs[CTRL_ATTR_FAMILY_ID]) {
 884                u16 id = nla_get_u16(info->attrs[CTRL_ATTR_FAMILY_ID]);
 885                res = genl_family_find_byid(id);
 886                err = -ENOENT;
 887        }
 888
 889        if (info->attrs[CTRL_ATTR_FAMILY_NAME]) {
 890                char *name;
 891
 892                name = nla_data(info->attrs[CTRL_ATTR_FAMILY_NAME]);
 893                res = genl_family_find_byname(name);
 894#ifdef CONFIG_MODULES
 895                if (res == NULL) {
 896                        genl_unlock();
 897                        up_read(&cb_lock);
 898                        request_module("net-pf-%d-proto-%d-family-%s",
 899                                       PF_NETLINK, NETLINK_GENERIC, name);
 900                        down_read(&cb_lock);
 901                        genl_lock();
 902                        res = genl_family_find_byname(name);
 903                }
 904#endif
 905                err = -ENOENT;
 906        }
 907
 908        if (res == NULL)
 909                return err;
 910
 911        if (!res->netnsok && !net_eq(genl_info_net(info), &init_net)) {
 912                /* family doesn't exist here */
 913                return -ENOENT;
 914        }
 915
 916        msg = ctrl_build_family_msg(res, info->snd_portid, info->snd_seq,
 917                                    CTRL_CMD_NEWFAMILY);
 918        if (IS_ERR(msg))
 919                return PTR_ERR(msg);
 920
 921        return genlmsg_reply(msg, info);
 922}
 923
 924static int genl_ctrl_event(int event, const struct genl_family *family,
 925                           const struct genl_multicast_group *grp,
 926                           int grp_id)
 927{
 928        struct sk_buff *msg;
 929
 930        /* genl is still initialising */
 931        if (!init_net.genl_sock)
 932                return 0;
 933
 934        switch (event) {
 935        case CTRL_CMD_NEWFAMILY:
 936        case CTRL_CMD_DELFAMILY:
 937                WARN_ON(grp);
 938                msg = ctrl_build_family_msg(family, 0, 0, event);
 939                break;
 940        case CTRL_CMD_NEWMCAST_GRP:
 941        case CTRL_CMD_DELMCAST_GRP:
 942                BUG_ON(!grp);
 943                msg = ctrl_build_mcgrp_msg(family, grp, grp_id, 0, 0, event);
 944                break;
 945        default:
 946                return -EINVAL;
 947        }
 948
 949        if (IS_ERR(msg))
 950                return PTR_ERR(msg);
 951
 952        if (!family->netnsok) {
 953                genlmsg_multicast_netns(&genl_ctrl, &init_net, msg, 0,
 954                                        0, GFP_KERNEL);
 955        } else {
 956                rcu_read_lock();
 957                genlmsg_multicast_allns(&genl_ctrl, msg, 0,
 958                                        0, GFP_ATOMIC);
 959                rcu_read_unlock();
 960        }
 961
 962        return 0;
 963}
 964
 965static const struct genl_ops genl_ctrl_ops[] = {
 966        {
 967                .cmd            = CTRL_CMD_GETFAMILY,
 968                .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
 969                .doit           = ctrl_getfamily,
 970                .dumpit         = ctrl_dumpfamily,
 971        },
 972};
 973
 974static const struct genl_multicast_group genl_ctrl_groups[] = {
 975        { .name = "notify", },
 976};
 977
 978static struct genl_family genl_ctrl __ro_after_init = {
 979        .module = THIS_MODULE,
 980        .ops = genl_ctrl_ops,
 981        .n_ops = ARRAY_SIZE(genl_ctrl_ops),
 982        .mcgrps = genl_ctrl_groups,
 983        .n_mcgrps = ARRAY_SIZE(genl_ctrl_groups),
 984        .id = GENL_ID_CTRL,
 985        .name = "nlctrl",
 986        .version = 0x2,
 987        .maxattr = CTRL_ATTR_MAX,
 988        .policy = ctrl_policy,
 989        .netnsok = true,
 990};
 991
 992static int genl_bind(struct net *net, int group)
 993{
 994        struct genl_family *f;
 995        int err = -ENOENT;
 996        unsigned int id;
 997
 998        down_read(&cb_lock);
 999
1000        idr_for_each_entry(&genl_fam_idr, f, id) {

1001                if (group >= f->mcgrp_offset &&
1002                    group < f->mcgrp_offset + f->n_mcgrps) {
1003                        int fam_grp = group - f->mcgrp_offset;
1004
1005                        if (!f->netnsok && net != &init_net)
1006                                err = -ENOENT;
1007                        else if (f->mcast_bind)
1008                                err = f->mcast_bind(net, fam_grp);
1009                        else
1010                                err = 0;
1011                        break;
1012                }
1013        }
1014        up_read(&cb_lock);
1015
1016        return err;
1017}
1018
1019static void genl_unbind(struct net *net, int group)
1020{
1021        struct genl_family *f;
1022        unsigned int id;
1023
1024        down_read(&cb_lock);
1025
1026        idr_for_each_entry(&genl_fam_idr, f, id) {
1027                if (group >= f->mcgrp_offset &&
1028                    group < f->mcgrp_offset + f->n_mcgrps) {
1029                        int fam_grp = group - f->mcgrp_offset;
1030
1031                        if (f->mcast_unbind)
1032                                f->mcast_unbind(net, fam_grp);
1033                        break;
1034                }
1035        }
1036        up_read(&cb_lock);
1037}
1038
1039static int __net_init genl_pernet_init(struct net *net)
1040{
1041        struct netlink_kernel_cfg cfg = {
1042                .input          = genl_rcv,
1043                .flags          = NL_CFG_F_NONROOT_RECV,
1044                .bind           = genl_bind,
1045                .unbind         = genl_unbind,
1046        };
1047
1048        /* we'll bump the group number right afterwards */
1049        net->genl_sock = netlink_kernel_create(net, NETLINK_GENERIC, &cfg);
1050
1051        if (!net->genl_sock && net_eq(net, &init_net))
1052                panic("GENL: Cannot initialize generic netlink\n");
1053
1054        if (!net->genl_sock)
1055                return -ENOMEM;
1056
1057        return 0;
1058}
1059
1060static void __net_exit genl_pernet_exit(struct net *net)
1061{
1062        netlink_kernel_release(net->genl_sock);
1063        net->genl_sock = NULL;
1064}
1065
1066static struct pernet_operations genl_pernet_ops = {
1067        .init = genl_pernet_init,
1068        .exit = genl_pernet_exit,
1069};
1070
1071static int __init genl_init(void)
1072{
1073        int err;
1074
1075        err = genl_register_family(&genl_ctrl);
1076        if (err < 0)
1077                goto problem;
1078
1079        err = register_pernet_subsys(&genl_pernet_ops);
1080        if (err)
1081                goto problem;
1082
1083        return 0;
1084
1085problem:
1086        panic("GENL: Cannot register controller: %d\n", err);
1087}
1088
1089subsys_initcall(genl_init);
1090
1091/**
1092 * genl_family_attrbuf - return family's attrbuf
1093 * @family: the family
1094 *
1095 * Return the family's attrbuf, while validating that it's
1096 * actually valid to access it.
1097 *
1098 * You cannot use this function with a family that has parallel_ops
1099 * and you can only use it within (pre/post) doit/dumpit callbacks.
1100 */
1101struct nlattr **genl_family_attrbuf(const struct genl_family *family)
1102{
1103        if (!WARN_ON(family->parallel_ops))
1104                lockdep_assert_held(&genl_mutex);
1105
1106        return family->attrbuf;
1107}
1108EXPORT_SYMBOL(genl_family_attrbuf);
1109
1110static int genlmsg_mcast(struct sk_buff *skb, u32 portid, unsigned long group,
1111                         gfp_t flags)
1112{
1113        struct sk_buff *tmp;
1114        struct net *net, *prev = NULL;
1115        bool delivered = false;
1116        int err;
1117
1118        for_each_net_rcu(net) {
1119                if (prev) {
1120                        tmp = skb_clone(skb, flags);
1121                        if (!tmp) {
1122                                err = -ENOMEM;
1123                                goto error;
1124                        }
1125                        err = nlmsg_multicast(prev->genl_sock, tmp,
1126                                              portid, group, flags);
1127                        if (!err)
1128                                delivered = true;
1129                        else if (err != -ESRCH)
1130                                goto error;
1131                }
1132
1133                prev = net;
1134        }
1135
1136        err = nlmsg_multicast(prev->genl_sock, skb, portid, group, flags);
1137        if (!err)
1138                delivered = true;
1139        else if (err != -ESRCH)
1140                return err;
1141        return delivered ? 0 : -ESRCH;
1142 error:
1143        kfree_skb(skb);
1144        return err;
1145}
1146
1147int genlmsg_multicast_allns(const struct genl_family *family,
1148                            struct sk_buff *skb, u32 portid,
1149                            unsigned int group, gfp_t flags)
1150{
1151        if (WARN_ON_ONCE(group >= family->n_mcgrps))
1152                return -EINVAL;
1153        group = family->mcgrp_offset + group;
1154        return genlmsg_mcast(skb, portid, group, flags);
1155}
1156EXPORT_SYMBOL(genlmsg_multicast_allns);
1157
1158void genl_notify(const struct genl_family *family, struct sk_buff *skb,
1159                 struct genl_info *info, u32 group, gfp_t flags)
1160{
1161        struct net *net = genl_info_net(info);
1162        struct sock *sk = net->genl_sock;
1163        int report = 0;
1164
1165        if (info->nlhdr)
1166                report = nlmsg_report(info->nlhdr);
1167
1168        if (WARN_ON_ONCE(group >= family->n_mcgrps))
1169                return;
1170        group = family->mcgrp_offset + group;
1171        nlmsg_notify(sk, skb, info->snd_portid, group, report, flags);
1172}
1173EXPORT_SYMBOL(genl_notify);
1174