CoCalc -- l2tp_netlink.c

GitHub Repository: torvalds/linux
Path: blob/master/net/l2tp/l2tp_netlink.c
²⁶¹⁴⁶ views
1
// SPDX-License-Identifier: GPL-2.0-only
2
/* L2TP netlink layer, for management
3
 *
4
 * Copyright (c) 2008,2009,2010 Katalix Systems Ltd
5
 *
6
 * Partly based on the IrDA nelink implementation
7
 * (see net/irda/irnetlink.c) which is:
8
 * Copyright (c) 2007 Samuel Ortiz <[email protected]>
9
 * which is in turn partly based on the wireless netlink code:
10
 * Copyright 2006 Johannes Berg <[email protected]>
11
 */
12

13
#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
14

15
#include <net/sock.h>
16
#include <net/genetlink.h>
17
#include <net/udp.h>
18
#include <linux/in.h>
19
#include <linux/udp.h>
20
#include <linux/socket.h>
21
#include <linux/module.h>
22
#include <linux/list.h>
23
#include <net/net_namespace.h>
24

25
#include <linux/l2tp.h>
26

27
#include "l2tp_core.h"
28

29
static struct genl_family l2tp_nl_family;
30

31
static const struct genl_multicast_group l2tp_multicast_group[] = {
32
	{
33
		.name = L2TP_GENL_MCGROUP,
34
	},
35
};
36

37
static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq,
38
			       int flags, struct l2tp_tunnel *tunnel, u8 cmd);
39
static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq,
40
				int flags, struct l2tp_session *session,
41
				u8 cmd);
42

43
/* Accessed under genl lock */
44
static const struct l2tp_nl_cmd_ops *l2tp_nl_cmd_ops[__L2TP_PWTYPE_MAX];
45

46
static struct l2tp_session *l2tp_nl_session_get(struct genl_info *info)
47
{
48
	u32 tunnel_id;
49
	u32 session_id;
50
	char *ifname;
51
	struct l2tp_tunnel *tunnel;
52
	struct l2tp_session *session = NULL;
53
	struct net *net = genl_info_net(info);
54

55
	if (info->attrs[L2TP_ATTR_IFNAME]) {
56
		ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]);
57
		session = l2tp_session_get_by_ifname(net, ifname);
58
	} else if ((info->attrs[L2TP_ATTR_SESSION_ID]) &&
59
		   (info->attrs[L2TP_ATTR_CONN_ID])) {
60
		tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
61
		session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]);
62
		tunnel = l2tp_tunnel_get(net, tunnel_id);
63
		if (tunnel) {
64
			session = l2tp_session_get(net, tunnel->sock, tunnel->version,
65
						   tunnel_id, session_id);
66
			l2tp_tunnel_put(tunnel);
67
		}
68
	}
69

70
	return session;
71
}
72

73
static int l2tp_nl_cmd_noop(struct sk_buff *skb, struct genl_info *info)
74
{
75
	struct sk_buff *msg;
76
	void *hdr;
77
	int ret = -ENOBUFS;
78

79
	msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
80
	if (!msg) {
81
		ret = -ENOMEM;
82
		goto out;
83
	}
84

85
	hdr = genlmsg_put(msg, info->snd_portid, info->snd_seq,
86
			  &l2tp_nl_family, 0, L2TP_CMD_NOOP);
87
	if (!hdr) {
88
		ret = -EMSGSIZE;
89
		goto err_out;
90
	}
91

92
	genlmsg_end(msg, hdr);
93

94
	return genlmsg_unicast(genl_info_net(info), msg, info->snd_portid);
95

96
err_out:
97
	nlmsg_free(msg);
98

99
out:
100
	return ret;
101
}
102

103
static int l2tp_tunnel_notify(struct genl_family *family,
104
			      struct genl_info *info,
105
			      struct l2tp_tunnel *tunnel,
106
			      u8 cmd)
107
{
108
	struct sk_buff *msg;
109
	int ret;
110

111
	msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
112
	if (!msg)
113
		return -ENOMEM;
114

115
	ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq,
116
				  NLM_F_ACK, tunnel, cmd);
117

118
	if (ret >= 0) {
119
		ret = genlmsg_multicast_allns(family, msg, 0, 0);
120
		/* We don't care if no one is listening */
121
		if (ret == -ESRCH)
122
			ret = 0;
123
		return ret;
124
	}
125

126
	nlmsg_free(msg);
127

128
	return ret;
129
}
130

131
static int l2tp_session_notify(struct genl_family *family,
132
			       struct genl_info *info,
133
			       struct l2tp_session *session,
134
			       u8 cmd)
135
{
136
	struct sk_buff *msg;
137
	int ret;
138

139
	msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
140
	if (!msg)
141
		return -ENOMEM;
142

143
	ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq,
144
				   NLM_F_ACK, session, cmd);
145

146
	if (ret >= 0) {
147
		ret = genlmsg_multicast_allns(family, msg, 0, 0);
148
		/* We don't care if no one is listening */
149
		if (ret == -ESRCH)
150
			ret = 0;
151
		return ret;
152
	}
153

154
	nlmsg_free(msg);
155

156
	return ret;
157
}
158

159
static int l2tp_nl_cmd_tunnel_create_get_addr(struct nlattr **attrs, struct l2tp_tunnel_cfg *cfg)
160
{
161
	if (attrs[L2TP_ATTR_UDP_SPORT])
162
		cfg->local_udp_port = nla_get_u16(attrs[L2TP_ATTR_UDP_SPORT]);
163
	if (attrs[L2TP_ATTR_UDP_DPORT])
164
		cfg->peer_udp_port = nla_get_u16(attrs[L2TP_ATTR_UDP_DPORT]);
165
	cfg->use_udp_checksums = nla_get_flag(attrs[L2TP_ATTR_UDP_CSUM]);
166

167
	/* Must have either AF_INET or AF_INET6 address for source and destination */
168
#if IS_ENABLED(CONFIG_IPV6)
169
	if (attrs[L2TP_ATTR_IP6_SADDR] && attrs[L2TP_ATTR_IP6_DADDR]) {
170
		cfg->local_ip6 = nla_data(attrs[L2TP_ATTR_IP6_SADDR]);
171
		cfg->peer_ip6 = nla_data(attrs[L2TP_ATTR_IP6_DADDR]);
172
		cfg->udp6_zero_tx_checksums = nla_get_flag(attrs[L2TP_ATTR_UDP_ZERO_CSUM6_TX]);
173
		cfg->udp6_zero_rx_checksums = nla_get_flag(attrs[L2TP_ATTR_UDP_ZERO_CSUM6_RX]);
174
		return 0;
175
	}
176
#endif
177
	if (attrs[L2TP_ATTR_IP_SADDR] && attrs[L2TP_ATTR_IP_DADDR]) {
178
		cfg->local_ip.s_addr = nla_get_in_addr(attrs[L2TP_ATTR_IP_SADDR]);
179
		cfg->peer_ip.s_addr = nla_get_in_addr(attrs[L2TP_ATTR_IP_DADDR]);
180
		return 0;
181
	}
182
	return -EINVAL;
183
}
184

185
static int l2tp_nl_cmd_tunnel_create(struct sk_buff *skb, struct genl_info *info)
186
{
187
	u32 tunnel_id;
188
	u32 peer_tunnel_id;
189
	int proto_version;
190
	int fd = -1;
191
	int ret = 0;
192
	struct l2tp_tunnel_cfg cfg = { 0, };
193
	struct l2tp_tunnel *tunnel;
194
	struct net *net = genl_info_net(info);
195
	struct nlattr **attrs = info->attrs;
196

197
	if (!attrs[L2TP_ATTR_CONN_ID]) {
198
		ret = -EINVAL;
199
		goto out;
200
	}
201
	tunnel_id = nla_get_u32(attrs[L2TP_ATTR_CONN_ID]);
202

203
	if (!attrs[L2TP_ATTR_PEER_CONN_ID]) {
204
		ret = -EINVAL;
205
		goto out;
206
	}
207
	peer_tunnel_id = nla_get_u32(attrs[L2TP_ATTR_PEER_CONN_ID]);
208

209
	if (!attrs[L2TP_ATTR_PROTO_VERSION]) {
210
		ret = -EINVAL;
211
		goto out;
212
	}
213
	proto_version = nla_get_u8(attrs[L2TP_ATTR_PROTO_VERSION]);
214

215
	if (!attrs[L2TP_ATTR_ENCAP_TYPE]) {
216
		ret = -EINVAL;
217
		goto out;
218
	}
219
	cfg.encap = nla_get_u16(attrs[L2TP_ATTR_ENCAP_TYPE]);
220

221
	/* Managed tunnels take the tunnel socket from userspace.
222
	 * Unmanaged tunnels must call out the source and destination addresses
223
	 * for the kernel to create the tunnel socket itself.
224
	 */
225
	if (attrs[L2TP_ATTR_FD]) {
226
		fd = nla_get_u32(attrs[L2TP_ATTR_FD]);
227
	} else {
228
		ret = l2tp_nl_cmd_tunnel_create_get_addr(attrs, &cfg);
229
		if (ret < 0)
230
			goto out;
231
	}
232

233
	ret = -EINVAL;
234
	switch (cfg.encap) {
235
	case L2TP_ENCAPTYPE_UDP:
236
	case L2TP_ENCAPTYPE_IP:
237
		ret = l2tp_tunnel_create(fd, proto_version, tunnel_id,
238
					 peer_tunnel_id, &cfg, &tunnel);
239
		break;
240
	}
241

242
	if (ret < 0)
243
		goto out;
244

245
	refcount_inc(&tunnel->ref_count);
246
	ret = l2tp_tunnel_register(tunnel, net, &cfg);
247
	if (ret < 0) {
248
		kfree(tunnel);
249
		goto out;
250
	}
251
	ret = l2tp_tunnel_notify(&l2tp_nl_family, info, tunnel,
252
				 L2TP_CMD_TUNNEL_CREATE);
253
	l2tp_tunnel_put(tunnel);
254

255
out:
256
	return ret;
257
}
258

259
static int l2tp_nl_cmd_tunnel_delete(struct sk_buff *skb, struct genl_info *info)
260
{
261
	struct l2tp_tunnel *tunnel;
262
	u32 tunnel_id;
263
	int ret = 0;
264
	struct net *net = genl_info_net(info);
265

266
	if (!info->attrs[L2TP_ATTR_CONN_ID]) {
267
		ret = -EINVAL;
268
		goto out;
269
	}
270
	tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
271

272
	tunnel = l2tp_tunnel_get(net, tunnel_id);
273
	if (!tunnel) {
274
		ret = -ENODEV;
275
		goto out;
276
	}
277

278
	l2tp_tunnel_notify(&l2tp_nl_family, info,
279
			   tunnel, L2TP_CMD_TUNNEL_DELETE);
280

281
	l2tp_tunnel_delete(tunnel);
282

283
	l2tp_tunnel_put(tunnel);
284

285
out:
286
	return ret;
287
}
288

289
static int l2tp_nl_cmd_tunnel_modify(struct sk_buff *skb, struct genl_info *info)
290
{
291
	struct l2tp_tunnel *tunnel;
292
	u32 tunnel_id;
293
	int ret = 0;
294
	struct net *net = genl_info_net(info);
295

296
	if (!info->attrs[L2TP_ATTR_CONN_ID]) {
297
		ret = -EINVAL;
298
		goto out;
299
	}
300
	tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
301

302
	tunnel = l2tp_tunnel_get(net, tunnel_id);
303
	if (!tunnel) {
304
		ret = -ENODEV;
305
		goto out;
306
	}
307

308
	ret = l2tp_tunnel_notify(&l2tp_nl_family, info,
309
				 tunnel, L2TP_CMD_TUNNEL_MODIFY);
310

311
	l2tp_tunnel_put(tunnel);
312

313
out:
314
	return ret;
315
}
316

317
#if IS_ENABLED(CONFIG_IPV6)
318
static int l2tp_nl_tunnel_send_addr6(struct sk_buff *skb, struct sock *sk,
319
				     enum l2tp_encap_type encap)
320
{
321
	struct inet_sock *inet = inet_sk(sk);
322
	struct ipv6_pinfo *np = inet6_sk(sk);
323

324
	switch (encap) {
325
	case L2TP_ENCAPTYPE_UDP:
326
		if (udp_get_no_check6_tx(sk) &&
327
		    nla_put_flag(skb, L2TP_ATTR_UDP_ZERO_CSUM6_TX))
328
			return -1;
329
		if (udp_get_no_check6_rx(sk) &&
330
		    nla_put_flag(skb, L2TP_ATTR_UDP_ZERO_CSUM6_RX))
331
			return -1;
332
		if (nla_put_u16(skb, L2TP_ATTR_UDP_SPORT, ntohs(inet->inet_sport)) ||
333
		    nla_put_u16(skb, L2TP_ATTR_UDP_DPORT, ntohs(inet->inet_dport)))
334
			return -1;
335
		fallthrough;
336
	case L2TP_ENCAPTYPE_IP:
337
		if (nla_put_in6_addr(skb, L2TP_ATTR_IP6_SADDR, &np->saddr) ||
338
		    nla_put_in6_addr(skb, L2TP_ATTR_IP6_DADDR, &sk->sk_v6_daddr))
339
			return -1;
340
		break;
341
	}
342
	return 0;
343
}
344
#endif
345

346
static int l2tp_nl_tunnel_send_addr4(struct sk_buff *skb, struct sock *sk,
347
				     enum l2tp_encap_type encap)
348
{
349
	struct inet_sock *inet = inet_sk(sk);
350

351
	switch (encap) {
352
	case L2TP_ENCAPTYPE_UDP:
353
		if (nla_put_u8(skb, L2TP_ATTR_UDP_CSUM, !sk->sk_no_check_tx) ||
354
		    nla_put_u16(skb, L2TP_ATTR_UDP_SPORT, ntohs(inet->inet_sport)) ||
355
		    nla_put_u16(skb, L2TP_ATTR_UDP_DPORT, ntohs(inet->inet_dport)))
356
			return -1;
357
		fallthrough;
358
	case L2TP_ENCAPTYPE_IP:
359
		if (nla_put_in_addr(skb, L2TP_ATTR_IP_SADDR, inet->inet_saddr) ||
360
		    nla_put_in_addr(skb, L2TP_ATTR_IP_DADDR, inet->inet_daddr))
361
			return -1;
362
		break;
363
	}
364

365
	return 0;
366
}
367

368
/* Append attributes for the tunnel address, handling the different attribute types
369
 * used for different tunnel encapsulation and AF_INET v.s. AF_INET6.
370
 */
371
static int l2tp_nl_tunnel_send_addr(struct sk_buff *skb, struct l2tp_tunnel *tunnel)
372
{
373
	struct sock *sk = tunnel->sock;
374

375
	if (!sk)
376
		return 0;
377

378
#if IS_ENABLED(CONFIG_IPV6)
379
	if (sk->sk_family == AF_INET6)
380
		return l2tp_nl_tunnel_send_addr6(skb, sk, tunnel->encap);
381
#endif
382
	return l2tp_nl_tunnel_send_addr4(skb, sk, tunnel->encap);
383
}
384

385
static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, int flags,
386
			       struct l2tp_tunnel *tunnel, u8 cmd)
387
{
388
	void *hdr;
389
	struct nlattr *nest;
390

391
	hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd);
392
	if (!hdr)
393
		return -EMSGSIZE;
394

395
	if (nla_put_u8(skb, L2TP_ATTR_PROTO_VERSION, tunnel->version) ||
396
	    nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) ||
397
	    nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) ||
398
	    nla_put_u32(skb, L2TP_ATTR_DEBUG, 0) ||
399
	    nla_put_u16(skb, L2TP_ATTR_ENCAP_TYPE, tunnel->encap))
400
		goto nla_put_failure;
401

402
	nest = nla_nest_start_noflag(skb, L2TP_ATTR_STATS);
403
	if (!nest)
404
		goto nla_put_failure;
405

406
	if (nla_put_u64_64bit(skb, L2TP_ATTR_TX_PACKETS,
407
			      atomic_long_read(&tunnel->stats.tx_packets),
408
			      L2TP_ATTR_STATS_PAD) ||
409
	    nla_put_u64_64bit(skb, L2TP_ATTR_TX_BYTES,
410
			      atomic_long_read(&tunnel->stats.tx_bytes),
411
			      L2TP_ATTR_STATS_PAD) ||
412
	    nla_put_u64_64bit(skb, L2TP_ATTR_TX_ERRORS,
413
			      atomic_long_read(&tunnel->stats.tx_errors),
414
			      L2TP_ATTR_STATS_PAD) ||
415
	    nla_put_u64_64bit(skb, L2TP_ATTR_RX_PACKETS,
416
			      atomic_long_read(&tunnel->stats.rx_packets),
417
			      L2TP_ATTR_STATS_PAD) ||
418
	    nla_put_u64_64bit(skb, L2TP_ATTR_RX_BYTES,
419
			      atomic_long_read(&tunnel->stats.rx_bytes),
420
			      L2TP_ATTR_STATS_PAD) ||
421
	    nla_put_u64_64bit(skb, L2TP_ATTR_RX_SEQ_DISCARDS,
422
			      atomic_long_read(&tunnel->stats.rx_seq_discards),
423
			      L2TP_ATTR_STATS_PAD) ||
424
	    nla_put_u64_64bit(skb, L2TP_ATTR_RX_COOKIE_DISCARDS,
425
			      atomic_long_read(&tunnel->stats.rx_cookie_discards),
426
			      L2TP_ATTR_STATS_PAD) ||
427
	    nla_put_u64_64bit(skb, L2TP_ATTR_RX_OOS_PACKETS,
428
			      atomic_long_read(&tunnel->stats.rx_oos_packets),
429
			      L2TP_ATTR_STATS_PAD) ||
430
	    nla_put_u64_64bit(skb, L2TP_ATTR_RX_ERRORS,
431
			      atomic_long_read(&tunnel->stats.rx_errors),
432
			      L2TP_ATTR_STATS_PAD) ||
433
	    nla_put_u64_64bit(skb, L2TP_ATTR_RX_INVALID,
434
			      atomic_long_read(&tunnel->stats.rx_invalid),
435
			      L2TP_ATTR_STATS_PAD))
436
		goto nla_put_failure;
437
	nla_nest_end(skb, nest);
438

439
	if (l2tp_nl_tunnel_send_addr(skb, tunnel))
440
		goto nla_put_failure;
441

442
	genlmsg_end(skb, hdr);
443
	return 0;
444

445
nla_put_failure:
446
	genlmsg_cancel(skb, hdr);
447
	return -1;
448
}
449

450
static int l2tp_nl_cmd_tunnel_get(struct sk_buff *skb, struct genl_info *info)
451
{
452
	struct l2tp_tunnel *tunnel;
453
	struct sk_buff *msg;
454
	u32 tunnel_id;
455
	int ret = -ENOBUFS;
456
	struct net *net = genl_info_net(info);
457

458
	if (!info->attrs[L2TP_ATTR_CONN_ID]) {
459
		ret = -EINVAL;
460
		goto err;
461
	}
462

463
	tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
464

465
	msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
466
	if (!msg) {
467
		ret = -ENOMEM;
468
		goto err;
469
	}
470

471
	tunnel = l2tp_tunnel_get(net, tunnel_id);
472
	if (!tunnel) {
473
		ret = -ENODEV;
474
		goto err_nlmsg;
475
	}
476

477
	ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq,
478
				  NLM_F_ACK, tunnel, L2TP_CMD_TUNNEL_GET);
479
	if (ret < 0)
480
		goto err_nlmsg_tunnel;
481

482
	l2tp_tunnel_put(tunnel);
483

484
	return genlmsg_unicast(net, msg, info->snd_portid);
485

486
err_nlmsg_tunnel:
487
	l2tp_tunnel_put(tunnel);
488
err_nlmsg:
489
	nlmsg_free(msg);
490
err:
491
	return ret;
492
}
493

494
struct l2tp_nl_cb_data {
495
	unsigned long tkey;
496
	unsigned long skey;
497
};
498

499
static int l2tp_nl_cmd_tunnel_dump(struct sk_buff *skb, struct netlink_callback *cb)
500
{
501
	struct l2tp_nl_cb_data *cbd = (void *)&cb->ctx[0];
502
	unsigned long key = cbd->tkey;
503
	struct l2tp_tunnel *tunnel;
504
	struct net *net = sock_net(skb->sk);
505

506
	for (;;) {
507
		tunnel = l2tp_tunnel_get_next(net, &key);
508
		if (!tunnel)
509
			goto out;
510

511
		if (l2tp_nl_tunnel_send(skb, NETLINK_CB(cb->skb).portid,
512
					cb->nlh->nlmsg_seq, NLM_F_MULTI,
513
					tunnel, L2TP_CMD_TUNNEL_GET) < 0) {
514
			l2tp_tunnel_put(tunnel);
515
			goto out;
516
		}
517
		l2tp_tunnel_put(tunnel);
518

519
		key++;
520
	}
521

522
out:
523
	cbd->tkey = key;
524

525
	return skb->len;
526
}
527

528
static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *info)
529
{
530
	u32 tunnel_id = 0;
531
	u32 session_id;
532
	u32 peer_session_id;
533
	int ret = 0;
534
	struct l2tp_tunnel *tunnel;
535
	struct l2tp_session *session;
536
	struct l2tp_session_cfg cfg = { 0, };
537
	struct net *net = genl_info_net(info);
538

539
	if (!info->attrs[L2TP_ATTR_CONN_ID]) {
540
		ret = -EINVAL;
541
		goto out;
542
	}
543

544
	tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
545
	tunnel = l2tp_tunnel_get(net, tunnel_id);
546
	if (!tunnel) {
547
		ret = -ENODEV;
548
		goto out;
549
	}
550

551
	if (!info->attrs[L2TP_ATTR_SESSION_ID]) {
552
		ret = -EINVAL;
553
		goto out_tunnel;
554
	}
555
	session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]);
556

557
	if (!info->attrs[L2TP_ATTR_PEER_SESSION_ID]) {
558
		ret = -EINVAL;
559
		goto out_tunnel;
560
	}
561
	peer_session_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_SESSION_ID]);
562

563
	if (!info->attrs[L2TP_ATTR_PW_TYPE]) {
564
		ret = -EINVAL;
565
		goto out_tunnel;
566
	}
567
	cfg.pw_type = nla_get_u16(info->attrs[L2TP_ATTR_PW_TYPE]);
568
	if (cfg.pw_type >= __L2TP_PWTYPE_MAX) {
569
		ret = -EINVAL;
570
		goto out_tunnel;
571
	}
572

573
	/* L2TPv2 only accepts PPP pseudo-wires */
574
	if (tunnel->version == 2 && cfg.pw_type != L2TP_PWTYPE_PPP) {
575
		ret = -EPROTONOSUPPORT;
576
		goto out_tunnel;
577
	}
578

579
	if (tunnel->version > 2) {
580
		if (info->attrs[L2TP_ATTR_L2SPEC_TYPE]) {
581
			cfg.l2specific_type = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_TYPE]);
582
			if (cfg.l2specific_type != L2TP_L2SPECTYPE_DEFAULT &&
583
			    cfg.l2specific_type != L2TP_L2SPECTYPE_NONE) {
584
				ret = -EINVAL;
585
				goto out_tunnel;
586
			}
587
		} else {
588
			cfg.l2specific_type = L2TP_L2SPECTYPE_DEFAULT;
589
		}
590

591
		if (info->attrs[L2TP_ATTR_COOKIE]) {
592
			u16 len = nla_len(info->attrs[L2TP_ATTR_COOKIE]);
593

594
			if (len > 8) {
595
				ret = -EINVAL;
596
				goto out_tunnel;
597
			}
598
			cfg.cookie_len = len;
599
			memcpy(&cfg.cookie[0], nla_data(info->attrs[L2TP_ATTR_COOKIE]), len);
600
		}
601
		if (info->attrs[L2TP_ATTR_PEER_COOKIE]) {
602
			u16 len = nla_len(info->attrs[L2TP_ATTR_PEER_COOKIE]);
603

604
			if (len > 8) {
605
				ret = -EINVAL;
606
				goto out_tunnel;
607
			}
608
			cfg.peer_cookie_len = len;
609
			memcpy(&cfg.peer_cookie[0], nla_data(info->attrs[L2TP_ATTR_PEER_COOKIE]), len);
610
		}
611
		if (info->attrs[L2TP_ATTR_IFNAME])
612
			cfg.ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]);
613
	}
614

615
	if (info->attrs[L2TP_ATTR_RECV_SEQ])
616
		cfg.recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]);
617

618
	if (info->attrs[L2TP_ATTR_SEND_SEQ])
619
		cfg.send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]);
620

621
	if (info->attrs[L2TP_ATTR_LNS_MODE])
622
		cfg.lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]);
623

624
	if (info->attrs[L2TP_ATTR_RECV_TIMEOUT])
625
		cfg.reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]);
626

627
#ifdef CONFIG_MODULES
628
	if (!l2tp_nl_cmd_ops[cfg.pw_type]) {
629
		genl_unlock();
630
		request_module("net-l2tp-type-%u", cfg.pw_type);
631
		genl_lock();
632
	}
633
#endif
634
	if (!l2tp_nl_cmd_ops[cfg.pw_type] || !l2tp_nl_cmd_ops[cfg.pw_type]->session_create) {
635
		ret = -EPROTONOSUPPORT;
636
		goto out_tunnel;
637
	}
638

639
	ret = l2tp_nl_cmd_ops[cfg.pw_type]->session_create(net, tunnel,
640
							   session_id,
641
							   peer_session_id,
642
							   &cfg);
643

644
	if (ret >= 0) {
645
		session = l2tp_session_get(net, tunnel->sock, tunnel->version,
646
					   tunnel_id, session_id);
647
		if (session) {
648
			ret = l2tp_session_notify(&l2tp_nl_family, info, session,
649
						  L2TP_CMD_SESSION_CREATE);
650
			l2tp_session_put(session);
651
		}
652
	}
653

654
out_tunnel:
655
	l2tp_tunnel_put(tunnel);
656
out:
657
	return ret;
658
}
659

660
static int l2tp_nl_cmd_session_delete(struct sk_buff *skb, struct genl_info *info)
661
{
662
	int ret = 0;
663
	struct l2tp_session *session;
664
	u16 pw_type;
665

666
	session = l2tp_nl_session_get(info);
667
	if (!session) {
668
		ret = -ENODEV;
669
		goto out;
670
	}
671

672
	l2tp_session_notify(&l2tp_nl_family, info,
673
			    session, L2TP_CMD_SESSION_DELETE);
674

675
	pw_type = session->pwtype;
676
	if (pw_type < __L2TP_PWTYPE_MAX)
677
		if (l2tp_nl_cmd_ops[pw_type] && l2tp_nl_cmd_ops[pw_type]->session_delete)
678
			l2tp_nl_cmd_ops[pw_type]->session_delete(session);
679

680
	l2tp_session_put(session);
681

682
out:
683
	return ret;
684
}
685

686
static int l2tp_nl_cmd_session_modify(struct sk_buff *skb, struct genl_info *info)
687
{
688
	int ret = 0;
689
	struct l2tp_session *session;
690

691
	session = l2tp_nl_session_get(info);
692
	if (!session) {
693
		ret = -ENODEV;
694
		goto out;
695
	}
696

697
	if (info->attrs[L2TP_ATTR_RECV_SEQ])
698
		session->recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]);
699

700
	if (info->attrs[L2TP_ATTR_SEND_SEQ]) {
701
		struct l2tp_tunnel *tunnel = session->tunnel;
702

703
		session->send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]);
704
		l2tp_session_set_header_len(session, tunnel->version, tunnel->encap);
705
	}
706

707
	if (info->attrs[L2TP_ATTR_LNS_MODE])
708
		session->lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]);
709

710
	if (info->attrs[L2TP_ATTR_RECV_TIMEOUT])
711
		session->reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]);
712

713
	ret = l2tp_session_notify(&l2tp_nl_family, info,
714
				  session, L2TP_CMD_SESSION_MODIFY);
715

716
	l2tp_session_put(session);
717

718
out:
719
	return ret;
720
}
721

722
static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, int flags,
723
				struct l2tp_session *session, u8 cmd)
724
{
725
	void *hdr;
726
	struct nlattr *nest;
727
	struct l2tp_tunnel *tunnel = session->tunnel;
728

729
	hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd);
730
	if (!hdr)
731
		return -EMSGSIZE;
732

733
	if (nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) ||
734
	    nla_put_u32(skb, L2TP_ATTR_SESSION_ID, session->session_id) ||
735
	    nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) ||
736
	    nla_put_u32(skb, L2TP_ATTR_PEER_SESSION_ID, session->peer_session_id) ||
737
	    nla_put_u32(skb, L2TP_ATTR_DEBUG, 0) ||
738
	    nla_put_u16(skb, L2TP_ATTR_PW_TYPE, session->pwtype))
739
		goto nla_put_failure;
740

741
	if ((session->ifname[0] &&
742
	     nla_put_string(skb, L2TP_ATTR_IFNAME, session->ifname)) ||
743
	    (session->cookie_len &&
744
	     nla_put(skb, L2TP_ATTR_COOKIE, session->cookie_len, session->cookie)) ||
745
	    (session->peer_cookie_len &&
746
	     nla_put(skb, L2TP_ATTR_PEER_COOKIE, session->peer_cookie_len, session->peer_cookie)) ||
747
	    nla_put_u8(skb, L2TP_ATTR_RECV_SEQ, session->recv_seq) ||
748
	    nla_put_u8(skb, L2TP_ATTR_SEND_SEQ, session->send_seq) ||
749
	    nla_put_u8(skb, L2TP_ATTR_LNS_MODE, session->lns_mode) ||
750
	    (l2tp_tunnel_uses_xfrm(tunnel) &&
751
	     nla_put_u8(skb, L2TP_ATTR_USING_IPSEC, 1)) ||
752
	    (session->reorder_timeout &&
753
	     nla_put_msecs(skb, L2TP_ATTR_RECV_TIMEOUT,
754
			   session->reorder_timeout, L2TP_ATTR_PAD)))
755
		goto nla_put_failure;
756

757
	nest = nla_nest_start_noflag(skb, L2TP_ATTR_STATS);
758
	if (!nest)
759
		goto nla_put_failure;
760

761
	if (nla_put_u64_64bit(skb, L2TP_ATTR_TX_PACKETS,
762
			      atomic_long_read(&session->stats.tx_packets),
763
			      L2TP_ATTR_STATS_PAD) ||
764
	    nla_put_u64_64bit(skb, L2TP_ATTR_TX_BYTES,
765
			      atomic_long_read(&session->stats.tx_bytes),
766
			      L2TP_ATTR_STATS_PAD) ||
767
	    nla_put_u64_64bit(skb, L2TP_ATTR_TX_ERRORS,
768
			      atomic_long_read(&session->stats.tx_errors),
769
			      L2TP_ATTR_STATS_PAD) ||
770
	    nla_put_u64_64bit(skb, L2TP_ATTR_RX_PACKETS,
771
			      atomic_long_read(&session->stats.rx_packets),
772
			      L2TP_ATTR_STATS_PAD) ||
773
	    nla_put_u64_64bit(skb, L2TP_ATTR_RX_BYTES,
774
			      atomic_long_read(&session->stats.rx_bytes),
775
			      L2TP_ATTR_STATS_PAD) ||
776
	    nla_put_u64_64bit(skb, L2TP_ATTR_RX_SEQ_DISCARDS,
777
			      atomic_long_read(&session->stats.rx_seq_discards),
778
			      L2TP_ATTR_STATS_PAD) ||
779
	    nla_put_u64_64bit(skb, L2TP_ATTR_RX_COOKIE_DISCARDS,
780
			      atomic_long_read(&session->stats.rx_cookie_discards),
781
			      L2TP_ATTR_STATS_PAD) ||
782
	    nla_put_u64_64bit(skb, L2TP_ATTR_RX_OOS_PACKETS,
783
			      atomic_long_read(&session->stats.rx_oos_packets),
784
			      L2TP_ATTR_STATS_PAD) ||
785
	    nla_put_u64_64bit(skb, L2TP_ATTR_RX_ERRORS,
786
			      atomic_long_read(&session->stats.rx_errors),
787
			      L2TP_ATTR_STATS_PAD) ||
788
	    nla_put_u64_64bit(skb, L2TP_ATTR_RX_INVALID,
789
			      atomic_long_read(&session->stats.rx_invalid),
790
			      L2TP_ATTR_STATS_PAD))
791
		goto nla_put_failure;
792
	nla_nest_end(skb, nest);
793

794
	genlmsg_end(skb, hdr);
795
	return 0;
796

797
 nla_put_failure:
798
	genlmsg_cancel(skb, hdr);
799
	return -1;
800
}
801

802
static int l2tp_nl_cmd_session_get(struct sk_buff *skb, struct genl_info *info)
803
{
804
	struct l2tp_session *session;
805
	struct sk_buff *msg;
806
	int ret;
807

808
	session = l2tp_nl_session_get(info);
809
	if (!session) {
810
		ret = -ENODEV;
811
		goto err;
812
	}
813

814
	msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
815
	if (!msg) {
816
		ret = -ENOMEM;
817
		goto err_ref;
818
	}
819

820
	ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq,
821
				   0, session, L2TP_CMD_SESSION_GET);
822
	if (ret < 0)
823
		goto err_ref_msg;
824

825
	ret = genlmsg_unicast(genl_info_net(info), msg, info->snd_portid);
826

827
	l2tp_session_put(session);
828

829
	return ret;
830

831
err_ref_msg:
832
	nlmsg_free(msg);
833
err_ref:
834
	l2tp_session_put(session);
835
err:
836
	return ret;
837
}
838

839
static int l2tp_nl_cmd_session_dump(struct sk_buff *skb, struct netlink_callback *cb)
840
{
841
	struct l2tp_nl_cb_data *cbd = (void *)&cb->ctx[0];
842
	struct net *net = sock_net(skb->sk);
843
	struct l2tp_session *session;
844
	struct l2tp_tunnel *tunnel = NULL;
845
	unsigned long tkey = cbd->tkey;
846
	unsigned long skey = cbd->skey;
847

848
	for (;;) {
849
		if (!tunnel) {
850
			tunnel = l2tp_tunnel_get_next(net, &tkey);
851
			if (!tunnel)
852
				goto out;
853
		}
854

855
		session = l2tp_session_get_next(net, tunnel->sock, tunnel->version,
856
						tunnel->tunnel_id, &skey);
857
		if (!session) {
858
			tkey++;
859
			l2tp_tunnel_put(tunnel);
860
			tunnel = NULL;
861
			skey = 0;
862
			continue;
863
		}
864

865
		if (l2tp_nl_session_send(skb, NETLINK_CB(cb->skb).portid,
866
					 cb->nlh->nlmsg_seq, NLM_F_MULTI,
867
					 session, L2TP_CMD_SESSION_GET) < 0) {
868
			l2tp_session_put(session);
869
			l2tp_tunnel_put(tunnel);
870
			break;
871
		}
872
		l2tp_session_put(session);
873

874
		skey++;
875
	}
876

877
out:
878
	cbd->tkey = tkey;
879
	cbd->skey = skey;
880

881
	return skb->len;
882
}
883

884
static const struct nla_policy l2tp_nl_policy[L2TP_ATTR_MAX + 1] = {
885
	[L2TP_ATTR_NONE]		= { .type = NLA_UNSPEC, },
886
	[L2TP_ATTR_PW_TYPE]		= { .type = NLA_U16, },
887
	[L2TP_ATTR_ENCAP_TYPE]		= { .type = NLA_U16, },
888
	[L2TP_ATTR_OFFSET]		= { .type = NLA_U16, },
889
	[L2TP_ATTR_DATA_SEQ]		= { .type = NLA_U8, },
890
	[L2TP_ATTR_L2SPEC_TYPE]		= { .type = NLA_U8, },
891
	[L2TP_ATTR_L2SPEC_LEN]		= { .type = NLA_U8, },
892
	[L2TP_ATTR_PROTO_VERSION]	= { .type = NLA_U8, },
893
	[L2TP_ATTR_CONN_ID]		= { .type = NLA_U32, },
894
	[L2TP_ATTR_PEER_CONN_ID]	= { .type = NLA_U32, },
895
	[L2TP_ATTR_SESSION_ID]		= { .type = NLA_U32, },
896
	[L2TP_ATTR_PEER_SESSION_ID]	= { .type = NLA_U32, },
897
	[L2TP_ATTR_UDP_CSUM]		= { .type = NLA_U8, },
898
	[L2TP_ATTR_VLAN_ID]		= { .type = NLA_U16, },
899
	[L2TP_ATTR_DEBUG]		= { .type = NLA_U32, },
900
	[L2TP_ATTR_RECV_SEQ]		= { .type = NLA_U8, },
901
	[L2TP_ATTR_SEND_SEQ]		= { .type = NLA_U8, },
902
	[L2TP_ATTR_LNS_MODE]		= { .type = NLA_U8, },
903
	[L2TP_ATTR_USING_IPSEC]		= { .type = NLA_U8, },
904
	[L2TP_ATTR_RECV_TIMEOUT]	= { .type = NLA_MSECS, },
905
	[L2TP_ATTR_FD]			= { .type = NLA_U32, },
906
	[L2TP_ATTR_IP_SADDR]		= { .type = NLA_U32, },
907
	[L2TP_ATTR_IP_DADDR]		= { .type = NLA_U32, },
908
	[L2TP_ATTR_UDP_SPORT]		= { .type = NLA_U16, },
909
	[L2TP_ATTR_UDP_DPORT]		= { .type = NLA_U16, },
910
	[L2TP_ATTR_MTU]			= { .type = NLA_U16, },
911
	[L2TP_ATTR_MRU]			= { .type = NLA_U16, },
912
	[L2TP_ATTR_STATS]		= { .type = NLA_NESTED, },
913
	[L2TP_ATTR_IP6_SADDR] = {
914
		.type = NLA_BINARY,
915
		.len = sizeof(struct in6_addr),
916
	},
917
	[L2TP_ATTR_IP6_DADDR] = {
918
		.type = NLA_BINARY,
919
		.len = sizeof(struct in6_addr),
920
	},
921
	[L2TP_ATTR_IFNAME] = {
922
		.type = NLA_NUL_STRING,
923
		.len = IFNAMSIZ - 1,
924
	},
925
	[L2TP_ATTR_COOKIE] = {
926
		.type = NLA_BINARY,
927
		.len = 8,
928
	},
929
	[L2TP_ATTR_PEER_COOKIE] = {
930
		.type = NLA_BINARY,
931
		.len = 8,
932
	},
933
};
934

935
static const struct genl_small_ops l2tp_nl_ops[] = {
936
	{
937
		.cmd = L2TP_CMD_NOOP,
938
		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
939
		.doit = l2tp_nl_cmd_noop,
940
		/* can be retrieved by unprivileged users */
941
	},
942
	{
943
		.cmd = L2TP_CMD_TUNNEL_CREATE,
944
		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
945
		.doit = l2tp_nl_cmd_tunnel_create,
946
		.flags = GENL_UNS_ADMIN_PERM,
947
	},
948
	{
949
		.cmd = L2TP_CMD_TUNNEL_DELETE,
950
		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
951
		.doit = l2tp_nl_cmd_tunnel_delete,
952
		.flags = GENL_UNS_ADMIN_PERM,
953
	},
954
	{
955
		.cmd = L2TP_CMD_TUNNEL_MODIFY,
956
		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
957
		.doit = l2tp_nl_cmd_tunnel_modify,
958
		.flags = GENL_UNS_ADMIN_PERM,
959
	},
960
	{
961
		.cmd = L2TP_CMD_TUNNEL_GET,
962
		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
963
		.doit = l2tp_nl_cmd_tunnel_get,
964
		.dumpit = l2tp_nl_cmd_tunnel_dump,
965
		.flags = GENL_UNS_ADMIN_PERM,
966
	},
967
	{
968
		.cmd = L2TP_CMD_SESSION_CREATE,
969
		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
970
		.doit = l2tp_nl_cmd_session_create,
971
		.flags = GENL_UNS_ADMIN_PERM,
972
	},
973
	{
974
		.cmd = L2TP_CMD_SESSION_DELETE,
975
		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
976
		.doit = l2tp_nl_cmd_session_delete,
977
		.flags = GENL_UNS_ADMIN_PERM,
978
	},
979
	{
980
		.cmd = L2TP_CMD_SESSION_MODIFY,
981
		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
982
		.doit = l2tp_nl_cmd_session_modify,
983
		.flags = GENL_UNS_ADMIN_PERM,
984
	},
985
	{
986
		.cmd = L2TP_CMD_SESSION_GET,
987
		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
988
		.doit = l2tp_nl_cmd_session_get,
989
		.dumpit = l2tp_nl_cmd_session_dump,
990
		.flags = GENL_UNS_ADMIN_PERM,
991
	},
992
};
993

994
static struct genl_family l2tp_nl_family __ro_after_init = {
995
	.name		= L2TP_GENL_NAME,
996
	.version	= L2TP_GENL_VERSION,
997
	.hdrsize	= 0,
998
	.maxattr	= L2TP_ATTR_MAX,
999
	.policy = l2tp_nl_policy,
1000
	.netnsok	= true,
1001
	.module		= THIS_MODULE,
1002
	.small_ops	= l2tp_nl_ops,
1003
	.n_small_ops	= ARRAY_SIZE(l2tp_nl_ops),
1004
	.resv_start_op	= L2TP_CMD_SESSION_GET + 1,
1005
	.mcgrps		= l2tp_multicast_group,
1006
	.n_mcgrps	= ARRAY_SIZE(l2tp_multicast_group),
1007
};
1008

1009
int l2tp_nl_register_ops(enum l2tp_pwtype pw_type, const struct l2tp_nl_cmd_ops *ops)
1010
{
1011
	int ret;
1012

1013
	ret = -EINVAL;
1014
	if (pw_type >= __L2TP_PWTYPE_MAX)
1015
		goto err;
1016

1017
	genl_lock();
1018
	ret = -EBUSY;
1019
	if (l2tp_nl_cmd_ops[pw_type])
1020
		goto out;
1021

1022
	l2tp_nl_cmd_ops[pw_type] = ops;
1023
	ret = 0;
1024

1025
out:
1026
	genl_unlock();
1027
err:
1028
	return ret;
1029
}
1030
EXPORT_SYMBOL_GPL(l2tp_nl_register_ops);
1031

1032
void l2tp_nl_unregister_ops(enum l2tp_pwtype pw_type)
1033
{
1034
	if (pw_type < __L2TP_PWTYPE_MAX) {
1035
		genl_lock();
1036
		l2tp_nl_cmd_ops[pw_type] = NULL;
1037
		genl_unlock();
1038
	}
1039
}
1040
EXPORT_SYMBOL_GPL(l2tp_nl_unregister_ops);
1041

1042
static int __init l2tp_nl_init(void)
1043
{
1044
	pr_info("L2TP netlink interface\n");
1045
	return genl_register_family(&l2tp_nl_family);
1046
}
1047

1048
static void l2tp_nl_cleanup(void)
1049
{
1050
	genl_unregister_family(&l2tp_nl_family);
1051
}
1052

1053
module_init(l2tp_nl_init);
1054
module_exit(l2tp_nl_cleanup);
1055

1056
MODULE_AUTHOR("James Chapman <[email protected]>");
1057
MODULE_DESCRIPTION("L2TP netlink");
1058
MODULE_LICENSE("GPL");
1059
MODULE_VERSION("1.0");
1060
MODULE_ALIAS_GENL_FAMILY("l2tp");
1061

1062
Product

Resources

Company
