1
2
3
4
5
6
7
8#include <linux/export.h>
9#include <linux/kernel.h>
10#include <linux/errno.h>
11#include <linux/jiffies.h>
12#include <linux/skbuff.h>
13#include <linux/string.h>
14#include <linux/types.h>
15#include <net/netlink.h>
16
17static const u16 nla_attr_minlen[NLA_TYPE_MAX+1] = {
18 [NLA_U8] = sizeof(u8),
19 [NLA_U16] = sizeof(u16),
20 [NLA_U32] = sizeof(u32),
21 [NLA_U64] = sizeof(u64),
22 [NLA_MSECS] = sizeof(u64),
23 [NLA_NESTED] = NLA_HDRLEN,
24 [NLA_S8] = sizeof(s8),
25 [NLA_S16] = sizeof(s16),
26 [NLA_S32] = sizeof(s32),
27 [NLA_S64] = sizeof(s64),
28};
29
30static int validate_nla(const struct nlattr *nla, int maxtype,
31 const struct nla_policy *policy)
32{
33 const struct nla_policy *pt;
34 int minlen = 0, attrlen = nla_len(nla), type = nla_type(nla);
35
36 if (type <= 0 || type > maxtype)
37 return 0;
38
39 pt = &policy[type];
40
41 BUG_ON(pt->type > NLA_TYPE_MAX);
42
43 switch (pt->type) {
44 case NLA_FLAG:
45 if (attrlen > 0)
46 return -ERANGE;
47 break;
48
49 case NLA_NUL_STRING:
50 if (pt->len)
51 minlen = min_t(int, attrlen, pt->len + 1);
52 else
53 minlen = attrlen;
54
55 if (!minlen || memchr(nla_data(nla), '\0', minlen) == NULL)
56 return -EINVAL;
57
58
59 case NLA_STRING:
60 if (attrlen < 1)
61 return -ERANGE;
62
63 if (pt->len) {
64 char *buf = nla_data(nla);
65
66 if (buf[attrlen - 1] == '\0')
67 attrlen--;
68
69 if (attrlen > pt->len)
70 return -ERANGE;
71 }
72 break;
73
74 case NLA_BINARY:
75 if (pt->len && attrlen > pt->len)
76 return -ERANGE;
77 break;
78
79 case NLA_NESTED_COMPAT:
80 if (attrlen < pt->len)
81 return -ERANGE;
82 if (attrlen < NLA_ALIGN(pt->len))
83 break;
84 if (attrlen < NLA_ALIGN(pt->len) + NLA_HDRLEN)
85 return -ERANGE;
86 nla = nla_data(nla) + NLA_ALIGN(pt->len);
87 if (attrlen < NLA_ALIGN(pt->len) + NLA_HDRLEN + nla_len(nla))
88 return -ERANGE;
89 break;
90 case NLA_NESTED:
91
92
93
94 if (attrlen == 0)
95 break;
96 default:
97 if (pt->len)
98 minlen = pt->len;
99 else if (pt->type != NLA_UNSPEC)
100 minlen = nla_attr_minlen[pt->type];
101
102 if (attrlen < minlen)
103 return -ERANGE;
104 }
105
106 return 0;
107}
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122int nla_validate(const struct nlattr *head, int len, int maxtype,
123 const struct nla_policy *policy)
124{
125 const struct nlattr *nla;
126 int rem, err;
127
128 nla_for_each_attr(nla, head, len, rem) {
129 err = validate_nla(nla, maxtype, policy);
130 if (err < 0)
131 goto errout;
132 }
133
134 err = 0;
135errout:
136 return err;
137}
138EXPORT_SYMBOL(nla_validate);
139
140
141
142
143
144
145
146
147
148
149
150
151int
152nla_policy_len(const struct nla_policy *p, int n)
153{
154 int i, len = 0;
155
156 for (i = 0; i < n; i++, p++) {
157 if (p->len)
158 len += nla_total_size(p->len);
159 else if (nla_attr_minlen[p->type])
160 len += nla_total_size(nla_attr_minlen[p->type]);
161 }
162
163 return len;
164}
165EXPORT_SYMBOL(nla_policy_len);
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182int nla_parse(struct nlattr **tb, int maxtype, const struct nlattr *head,
183 int len, const struct nla_policy *policy)
184{
185 const struct nlattr *nla;
186 int rem, err;
187
188 memset(tb, 0, sizeof(struct nlattr *) * (maxtype + 1));
189
190 nla_for_each_attr(nla, head, len, rem) {
191 u16 type = nla_type(nla);
192
193 if (type > 0 && type <= maxtype) {
194 if (policy) {
195 err = validate_nla(nla, maxtype, policy);
196 if (err < 0)
197 goto errout;
198 }
199
200 tb[type] = (struct nlattr *)nla;
201 }
202 }
203
204 if (unlikely(rem > 0))
205 pr_warn_ratelimited("netlink: %d bytes leftover after parsing attributes in process `%s'.\n",
206 rem, current->comm);
207
208 err = 0;
209errout:
210 return err;
211}
212EXPORT_SYMBOL(nla_parse);
213
214
215
216
217
218
219
220
221
222struct nlattr *nla_find(const struct nlattr *head, int len, int attrtype)
223{
224 const struct nlattr *nla;
225 int rem;
226
227 nla_for_each_attr(nla, head, len, rem)
228 if (nla_type(nla) == attrtype)
229 return (struct nlattr *)nla;
230
231 return NULL;
232}
233EXPORT_SYMBOL(nla_find);
234
235
236
237
238
239
240
241
242
243
244
245
246
247size_t nla_strlcpy(char *dst, const struct nlattr *nla, size_t dstsize)
248{
249 size_t srclen = nla_len(nla);
250 char *src = nla_data(nla);
251
252 if (srclen > 0 && src[srclen - 1] == '\0')
253 srclen--;
254
255 if (dstsize > 0) {
256 size_t len = (srclen >= dstsize) ? dstsize - 1 : srclen;
257
258 memset(dst, 0, dstsize);
259 memcpy(dst, src, len);
260 }
261
262 return srclen;
263}
264EXPORT_SYMBOL(nla_strlcpy);
265
266
267
268
269
270
271
272
273
274
275
276
277int nla_memcpy(void *dest, const struct nlattr *src, int count)
278{
279 int minlen = min_t(int, count, nla_len(src));
280
281 memcpy(dest, nla_data(src), minlen);
282 if (count > minlen)
283 memset(dest + minlen, 0, count - minlen);
284
285 return minlen;
286}
287EXPORT_SYMBOL(nla_memcpy);
288
289
290
291
292
293
294
295int nla_memcmp(const struct nlattr *nla, const void *data,
296 size_t size)
297{
298 int d = nla_len(nla) - size;
299
300 if (d == 0)
301 d = memcmp(nla_data(nla), data, size);
302
303 return d;
304}
305EXPORT_SYMBOL(nla_memcmp);
306
307
308
309
310
311
312int nla_strcmp(const struct nlattr *nla, const char *str)
313{
314 int len = strlen(str);
315 char *buf = nla_data(nla);
316 int attrlen = nla_len(nla);
317 int d;
318
319 if (attrlen > 0 && buf[attrlen - 1] == '\0')
320 attrlen--;
321
322 d = attrlen - len;
323 if (d == 0)
324 d = memcmp(nla_data(nla), str, len);
325
326 return d;
327}
328EXPORT_SYMBOL(nla_strcmp);
329
330#ifdef CONFIG_NET
331
332
333
334
335
336
337
338
339
340
341
342
343struct nlattr *__nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
344{
345 struct nlattr *nla;
346
347 nla = (struct nlattr *) skb_put(skb, nla_total_size(attrlen));
348 nla->nla_type = attrtype;
349 nla->nla_len = nla_attr_size(attrlen);
350
351 memset((unsigned char *) nla + nla->nla_len, 0, nla_padlen(attrlen));
352
353 return nla;
354}
355EXPORT_SYMBOL(__nla_reserve);
356
357
358
359
360
361
362
363
364
365
366
367void *__nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
368{
369 void *start;
370
371 start = skb_put(skb, NLA_ALIGN(attrlen));
372 memset(start, 0, NLA_ALIGN(attrlen));
373
374 return start;
375}
376EXPORT_SYMBOL(__nla_reserve_nohdr);
377
378
379
380
381
382
383
384
385
386
387
388
389
390struct nlattr *nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
391{
392 if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
393 return NULL;
394
395 return __nla_reserve(skb, attrtype, attrlen);
396}
397EXPORT_SYMBOL(nla_reserve);
398
399
400
401
402
403
404
405
406
407
408
409void *nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
410{
411 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
412 return NULL;
413
414 return __nla_reserve_nohdr(skb, attrlen);
415}
416EXPORT_SYMBOL(nla_reserve_nohdr);
417
418
419
420
421
422
423
424
425
426
427
428void __nla_put(struct sk_buff *skb, int attrtype, int attrlen,
429 const void *data)
430{
431 struct nlattr *nla;
432
433 nla = __nla_reserve(skb, attrtype, attrlen);
434 memcpy(nla_data(nla), data, attrlen);
435}
436EXPORT_SYMBOL(__nla_put);
437
438
439
440
441
442
443
444
445
446
447void __nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
448{
449 void *start;
450
451 start = __nla_reserve_nohdr(skb, attrlen);
452 memcpy(start, data, attrlen);
453}
454EXPORT_SYMBOL(__nla_put_nohdr);
455
456
457
458
459
460
461
462
463
464
465
466int nla_put(struct sk_buff *skb, int attrtype, int attrlen, const void *data)
467{
468 if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
469 return -EMSGSIZE;
470
471 __nla_put(skb, attrtype, attrlen, data);
472 return 0;
473}
474EXPORT_SYMBOL(nla_put);
475
476
477
478
479
480
481
482
483
484
485int nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
486{
487 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
488 return -EMSGSIZE;
489
490 __nla_put_nohdr(skb, attrlen, data);
491 return 0;
492}
493EXPORT_SYMBOL(nla_put_nohdr);
494
495
496
497
498
499
500
501
502
503
504int nla_append(struct sk_buff *skb, int attrlen, const void *data)
505{
506 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
507 return -EMSGSIZE;
508
509 memcpy(skb_put(skb, attrlen), data, attrlen);
510 return 0;
511}
512EXPORT_SYMBOL(nla_append);
513#endif
514