1 // SPDX-License-Identifier: GPL-2.0
3 * NETLINK Netlink attributes
5 * Authors: Thomas Graf <tgraf@suug.ch>
6 * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
9 #include <linux/export.h>
10 #include <linux/kernel.h>
11 #include <linux/errno.h>
12 #include <linux/jiffies.h>
13 #include <linux/skbuff.h>
14 #include <linux/string.h>
15 #include <linux/types.h>
16 #include <net/netlink.h>
18 static const u8 nla_attr_minlen[NLA_TYPE_MAX+1] = {
19 [NLA_U8] = sizeof(u8),
20 [NLA_U16] = sizeof(u16),
21 [NLA_U32] = sizeof(u32),
22 [NLA_U64] = sizeof(u64),
23 [NLA_MSECS] = sizeof(u64),
24 [NLA_NESTED] = NLA_HDRLEN,
25 [NLA_S8] = sizeof(s8),
26 [NLA_S16] = sizeof(s16),
27 [NLA_S32] = sizeof(s32),
28 [NLA_S64] = sizeof(s64),
31 static int validate_nla_bitfield32(const struct nlattr *nla,
32 u32 *valid_flags_allowed)
34 const struct nla_bitfield32 *bf = nla_data(nla);
35 u32 *valid_flags_mask = valid_flags_allowed;
37 if (!valid_flags_allowed)
40 /*disallow invalid bit selector */
41 if (bf->selector & ~*valid_flags_mask)
44 /*disallow invalid bit values */
45 if (bf->value & ~*valid_flags_mask)
48 /*disallow valid bit values that are not selected*/
49 if (bf->value & ~bf->selector)
55 static int validate_nla(const struct nlattr *nla, int maxtype,
56 const struct nla_policy *policy)
58 const struct nla_policy *pt;
59 int minlen = 0, attrlen = nla_len(nla), type = nla_type(nla);
61 if (type <= 0 || type > maxtype)
66 BUG_ON(pt->type > NLA_TYPE_MAX);
75 if (attrlen != sizeof(struct nla_bitfield32))
78 return validate_nla_bitfield32(nla, pt->validation_data);
82 minlen = min_t(int, attrlen, pt->len + 1);
86 if (!minlen || memchr(nla_data(nla), '\0', minlen) == NULL)
95 char *buf = nla_data(nla);
97 if (buf[attrlen - 1] == '\0')
100 if (attrlen > pt->len)
106 if (pt->len && attrlen > pt->len)
110 case NLA_NESTED_COMPAT:
111 if (attrlen < pt->len)
113 if (attrlen < NLA_ALIGN(pt->len))
115 if (attrlen < NLA_ALIGN(pt->len) + NLA_HDRLEN)
117 nla = nla_data(nla) + NLA_ALIGN(pt->len);
118 if (attrlen < NLA_ALIGN(pt->len) + NLA_HDRLEN + nla_len(nla))
122 /* a nested attributes is allowed to be empty; if its not,
123 * it must have a size of at least NLA_HDRLEN.
130 else if (pt->type != NLA_UNSPEC)
131 minlen = nla_attr_minlen[pt->type];
133 if (attrlen < minlen)
141 * nla_validate - Validate a stream of attributes
142 * @head: head of attribute stream
143 * @len: length of attribute stream
144 * @maxtype: maximum attribute type to be expected
145 * @policy: validation policy
146 * @extack: extended ACK report struct
148 * Validates all attributes in the specified attribute stream against the
149 * specified policy. Attributes with a type exceeding maxtype will be
150 * ignored. See documenation of struct nla_policy for more details.
152 * Returns 0 on success or a negative error code.
154 int nla_validate(const struct nlattr *head, int len, int maxtype,
155 const struct nla_policy *policy,
156 struct netlink_ext_ack *extack)
158 const struct nlattr *nla;
161 nla_for_each_attr(nla, head, len, rem) {
162 int err = validate_nla(nla, maxtype, policy);
166 extack->bad_attr = nla;
173 EXPORT_SYMBOL(nla_validate);
176 * nla_policy_len - Determin the max. length of a policy
177 * @policy: policy to use
178 * @n: number of policies
180 * Determines the max. length of the policy. It is currently used
181 * to allocated Netlink buffers roughly the size of the actual
184 * Returns 0 on success or a negative error code.
187 nla_policy_len(const struct nla_policy *p, int n)
191 for (i = 0; i < n; i++, p++) {
193 len += nla_total_size(p->len);
194 else if (nla_attr_minlen[p->type])
195 len += nla_total_size(nla_attr_minlen[p->type]);
200 EXPORT_SYMBOL(nla_policy_len);
203 * nla_parse - Parse a stream of attributes into a tb buffer
204 * @tb: destination array with maxtype+1 elements
205 * @maxtype: maximum attribute type to be expected
206 * @head: head of attribute stream
207 * @len: length of attribute stream
208 * @policy: validation policy
210 * Parses a stream of attributes and stores a pointer to each attribute in
211 * the tb array accessible via the attribute type. Attributes with a type
212 * exceeding maxtype will be silently ignored for backwards compatibility
213 * reasons. policy may be set to NULL if no validation is required.
215 * Returns 0 on success or a negative error code.
217 int nla_parse(struct nlattr **tb, int maxtype, const struct nlattr *head,
218 int len, const struct nla_policy *policy,
219 struct netlink_ext_ack *extack)
221 const struct nlattr *nla;
224 memset(tb, 0, sizeof(struct nlattr *) * (maxtype + 1));
226 nla_for_each_attr(nla, head, len, rem) {
227 u16 type = nla_type(nla);
229 if (type > 0 && type <= maxtype) {
231 err = validate_nla(nla, maxtype, policy);
234 extack->bad_attr = nla;
239 tb[type] = (struct nlattr *)nla;
243 if (unlikely(rem > 0))
244 pr_warn_ratelimited("netlink: %d bytes leftover after parsing attributes in process `%s'.\n",
251 EXPORT_SYMBOL(nla_parse);
254 * nla_find - Find a specific attribute in a stream of attributes
255 * @head: head of attribute stream
256 * @len: length of attribute stream
257 * @attrtype: type of attribute to look for
259 * Returns the first attribute in the stream matching the specified type.
261 struct nlattr *nla_find(const struct nlattr *head, int len, int attrtype)
263 const struct nlattr *nla;
266 nla_for_each_attr(nla, head, len, rem)
267 if (nla_type(nla) == attrtype)
268 return (struct nlattr *)nla;
272 EXPORT_SYMBOL(nla_find);
275 * nla_strlcpy - Copy string attribute payload into a sized buffer
276 * @dst: where to copy the string to
277 * @nla: attribute to copy the string from
278 * @dstsize: size of destination buffer
280 * Copies at most dstsize - 1 bytes into the destination buffer.
281 * The result is always a valid NUL-terminated string. Unlike
282 * strlcpy the destination buffer is always padded out.
284 * Returns the length of the source buffer.
286 size_t nla_strlcpy(char *dst, const struct nlattr *nla, size_t dstsize)
288 size_t srclen = nla_len(nla);
289 char *src = nla_data(nla);
291 if (srclen > 0 && src[srclen - 1] == '\0')
295 size_t len = (srclen >= dstsize) ? dstsize - 1 : srclen;
297 memset(dst, 0, dstsize);
298 memcpy(dst, src, len);
303 EXPORT_SYMBOL(nla_strlcpy);
306 * nla_strdup - Copy string attribute payload into a newly allocated buffer
307 * @nla: attribute to copy the string from
308 * @flags: the type of memory to allocate (see kmalloc).
310 * Returns a pointer to the allocated buffer or NULL on error.
312 char *nla_strdup(const struct nlattr *nla, gfp_t flags)
314 size_t srclen = nla_len(nla);
315 char *src = nla_data(nla), *dst;
317 if (srclen > 0 && src[srclen - 1] == '\0')
320 dst = kmalloc(srclen + 1, flags);
322 memcpy(dst, src, srclen);
327 EXPORT_SYMBOL(nla_strdup);
330 * nla_memcpy - Copy a netlink attribute into another memory area
331 * @dest: where to copy to memcpy
332 * @src: netlink attribute to copy from
333 * @count: size of the destination area
335 * Note: The number of bytes copied is limited by the length of
336 * attribute's payload. memcpy
338 * Returns the number of bytes copied.
340 int nla_memcpy(void *dest, const struct nlattr *src, int count)
342 int minlen = min_t(int, count, nla_len(src));
344 memcpy(dest, nla_data(src), minlen);
346 memset(dest + minlen, 0, count - minlen);
350 EXPORT_SYMBOL(nla_memcpy);
353 * nla_memcmp - Compare an attribute with sized memory area
354 * @nla: netlink attribute
356 * @size: size of memory area
358 int nla_memcmp(const struct nlattr *nla, const void *data,
361 int d = nla_len(nla) - size;
364 d = memcmp(nla_data(nla), data, size);
368 EXPORT_SYMBOL(nla_memcmp);
371 * nla_strcmp - Compare a string attribute against a string
372 * @nla: netlink string attribute
373 * @str: another string
375 int nla_strcmp(const struct nlattr *nla, const char *str)
377 int len = strlen(str);
378 char *buf = nla_data(nla);
379 int attrlen = nla_len(nla);
382 if (attrlen > 0 && buf[attrlen - 1] == '\0')
387 d = memcmp(nla_data(nla), str, len);
391 EXPORT_SYMBOL(nla_strcmp);
395 * __nla_reserve - reserve room for attribute on the skb
396 * @skb: socket buffer to reserve room on
397 * @attrtype: attribute type
398 * @attrlen: length of attribute payload
400 * Adds a netlink attribute header to a socket buffer and reserves
401 * room for the payload but does not copy it.
403 * The caller is responsible to ensure that the skb provides enough
404 * tailroom for the attribute header and payload.
406 struct nlattr *__nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
410 nla = skb_put(skb, nla_total_size(attrlen));
411 nla->nla_type = attrtype;
412 nla->nla_len = nla_attr_size(attrlen);
414 memset((unsigned char *) nla + nla->nla_len, 0, nla_padlen(attrlen));
418 EXPORT_SYMBOL(__nla_reserve);
421 * __nla_reserve_64bit - reserve room for attribute on the skb and align it
422 * @skb: socket buffer to reserve room on
423 * @attrtype: attribute type
424 * @attrlen: length of attribute payload
425 * @padattr: attribute type for the padding
427 * Adds a netlink attribute header to a socket buffer and reserves
428 * room for the payload but does not copy it. It also ensure that this
429 * attribute will have a 64-bit aligned nla_data() area.
431 * The caller is responsible to ensure that the skb provides enough
432 * tailroom for the attribute header and payload.
434 struct nlattr *__nla_reserve_64bit(struct sk_buff *skb, int attrtype,
435 int attrlen, int padattr)
437 if (nla_need_padding_for_64bit(skb))
438 nla_align_64bit(skb, padattr);
440 return __nla_reserve(skb, attrtype, attrlen);
442 EXPORT_SYMBOL(__nla_reserve_64bit);
445 * __nla_reserve_nohdr - reserve room for attribute without header
446 * @skb: socket buffer to reserve room on
447 * @attrlen: length of attribute payload
449 * Reserves room for attribute payload without a header.
451 * The caller is responsible to ensure that the skb provides enough
452 * tailroom for the payload.
454 void *__nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
456 return skb_put_zero(skb, NLA_ALIGN(attrlen));
458 EXPORT_SYMBOL(__nla_reserve_nohdr);
461 * nla_reserve - reserve room for attribute on the skb
462 * @skb: socket buffer to reserve room on
463 * @attrtype: attribute type
464 * @attrlen: length of attribute payload
466 * Adds a netlink attribute header to a socket buffer and reserves
467 * room for the payload but does not copy it.
469 * Returns NULL if the tailroom of the skb is insufficient to store
470 * the attribute header and payload.
472 struct nlattr *nla_reserve(struct sk_buff *skb, int attrtype, int attrlen)
474 if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
477 return __nla_reserve(skb, attrtype, attrlen);
479 EXPORT_SYMBOL(nla_reserve);
482 * nla_reserve_64bit - reserve room for attribute on the skb and align it
483 * @skb: socket buffer to reserve room on
484 * @attrtype: attribute type
485 * @attrlen: length of attribute payload
486 * @padattr: attribute type for the padding
488 * Adds a netlink attribute header to a socket buffer and reserves
489 * room for the payload but does not copy it. It also ensure that this
490 * attribute will have a 64-bit aligned nla_data() area.
492 * Returns NULL if the tailroom of the skb is insufficient to store
493 * the attribute header and payload.
495 struct nlattr *nla_reserve_64bit(struct sk_buff *skb, int attrtype, int attrlen,
500 if (nla_need_padding_for_64bit(skb))
501 len = nla_total_size_64bit(attrlen);
503 len = nla_total_size(attrlen);
504 if (unlikely(skb_tailroom(skb) < len))
507 return __nla_reserve_64bit(skb, attrtype, attrlen, padattr);
509 EXPORT_SYMBOL(nla_reserve_64bit);
512 * nla_reserve_nohdr - reserve room for attribute without header
513 * @skb: socket buffer to reserve room on
514 * @attrlen: length of attribute payload
516 * Reserves room for attribute payload without a header.
518 * Returns NULL if the tailroom of the skb is insufficient to store
519 * the attribute payload.
521 void *nla_reserve_nohdr(struct sk_buff *skb, int attrlen)
523 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
526 return __nla_reserve_nohdr(skb, attrlen);
528 EXPORT_SYMBOL(nla_reserve_nohdr);
531 * __nla_put - Add a netlink attribute to a socket buffer
532 * @skb: socket buffer to add attribute to
533 * @attrtype: attribute type
534 * @attrlen: length of attribute payload
535 * @data: head of attribute payload
537 * The caller is responsible to ensure that the skb provides enough
538 * tailroom for the attribute header and payload.
540 void __nla_put(struct sk_buff *skb, int attrtype, int attrlen,
545 nla = __nla_reserve(skb, attrtype, attrlen);
546 memcpy(nla_data(nla), data, attrlen);
548 EXPORT_SYMBOL(__nla_put);
551 * __nla_put_64bit - Add a netlink attribute to a socket buffer and align it
552 * @skb: socket buffer to add attribute to
553 * @attrtype: attribute type
554 * @attrlen: length of attribute payload
555 * @data: head of attribute payload
556 * @padattr: attribute type for the padding
558 * The caller is responsible to ensure that the skb provides enough
559 * tailroom for the attribute header and payload.
561 void __nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen,
562 const void *data, int padattr)
566 nla = __nla_reserve_64bit(skb, attrtype, attrlen, padattr);
567 memcpy(nla_data(nla), data, attrlen);
569 EXPORT_SYMBOL(__nla_put_64bit);
572 * __nla_put_nohdr - Add a netlink attribute without header
573 * @skb: socket buffer to add attribute to
574 * @attrlen: length of attribute payload
575 * @data: head of attribute payload
577 * The caller is responsible to ensure that the skb provides enough
578 * tailroom for the attribute payload.
580 void __nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
584 start = __nla_reserve_nohdr(skb, attrlen);
585 memcpy(start, data, attrlen);
587 EXPORT_SYMBOL(__nla_put_nohdr);
590 * nla_put - Add a netlink attribute to a socket buffer
591 * @skb: socket buffer to add attribute to
592 * @attrtype: attribute type
593 * @attrlen: length of attribute payload
594 * @data: head of attribute payload
596 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
597 * the attribute header and payload.
599 int nla_put(struct sk_buff *skb, int attrtype, int attrlen, const void *data)
601 if (unlikely(skb_tailroom(skb) < nla_total_size(attrlen)))
604 __nla_put(skb, attrtype, attrlen, data);
607 EXPORT_SYMBOL(nla_put);
610 * nla_put_64bit - Add a netlink attribute to a socket buffer and align it
611 * @skb: socket buffer to add attribute to
612 * @attrtype: attribute type
613 * @attrlen: length of attribute payload
614 * @data: head of attribute payload
615 * @padattr: attribute type for the padding
617 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
618 * the attribute header and payload.
620 int nla_put_64bit(struct sk_buff *skb, int attrtype, int attrlen,
621 const void *data, int padattr)
625 if (nla_need_padding_for_64bit(skb))
626 len = nla_total_size_64bit(attrlen);
628 len = nla_total_size(attrlen);
629 if (unlikely(skb_tailroom(skb) < len))
632 __nla_put_64bit(skb, attrtype, attrlen, data, padattr);
635 EXPORT_SYMBOL(nla_put_64bit);
638 * nla_put_nohdr - Add a netlink attribute without header
639 * @skb: socket buffer to add attribute to
640 * @attrlen: length of attribute payload
641 * @data: head of attribute payload
643 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
644 * the attribute payload.
646 int nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data)
648 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
651 __nla_put_nohdr(skb, attrlen, data);
654 EXPORT_SYMBOL(nla_put_nohdr);
657 * nla_append - Add a netlink attribute without header or padding
658 * @skb: socket buffer to add attribute to
659 * @attrlen: length of attribute payload
660 * @data: head of attribute payload
662 * Returns -EMSGSIZE if the tailroom of the skb is insufficient to store
663 * the attribute payload.
665 int nla_append(struct sk_buff *skb, int attrlen, const void *data)
667 if (unlikely(skb_tailroom(skb) < NLA_ALIGN(attrlen)))
670 skb_put_data(skb, data, attrlen);
673 EXPORT_SYMBOL(nla_append);