net/l2tp/l2tp_netlink.c

   1 // SPDX-License-Identifier: GPL-2.0-only
   2 /*
   3  * L2TP netlink layer, for management
   4  *
   5  * Copyright (c) 2008,2009,2010 Katalix Systems Ltd
   6  *
   7  * Partly based on the IrDA nelink implementation
   8  * (see net/irda/irnetlink.c) which is:
   9  * Copyright (c) 2007 Samuel Ortiz <samuel@sortiz.org>
  10  * which is in turn partly based on the wireless netlink code:
  11  * Copyright 2006 Johannes Berg <johannes@sipsolutions.net>
  12  */
  13
  14 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
  15
  16 #include <net/sock.h>
  17 #include <net/genetlink.h>
  18 #include <net/udp.h>
  19 #include <linux/in.h>
  20 #include <linux/udp.h>
  21 #include <linux/socket.h>
  22 #include <linux/module.h>
  23 #include <linux/list.h>
  24 #include <net/net_namespace.h>
  25
  26 #include <linux/l2tp.h>
  27
  28 #include "l2tp_core.h"
  29
  30
  31 static struct genl_family l2tp_nl_family;
  32
  33 static const struct genl_multicast_group l2tp_multicast_group[] = {
  34         {
  35                 .name = L2TP_GENL_MCGROUP,
  36         },
  37 };
  38
  39 static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq,
  40                                int flags, struct l2tp_tunnel *tunnel, u8 cmd);
  41 static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq,
  42                                 int flags, struct l2tp_session *session,
  43                                 u8 cmd);
  44
  45 /* Accessed under genl lock */
  46 static const struct l2tp_nl_cmd_ops *l2tp_nl_cmd_ops[__L2TP_PWTYPE_MAX];
  47
  48 static struct l2tp_session *l2tp_nl_session_get(struct genl_info *info)
  49 {
  50         u32 tunnel_id;
  51         u32 session_id;
  52         char *ifname;
  53         struct l2tp_tunnel *tunnel;
  54         struct l2tp_session *session = NULL;
  55         struct net *net = genl_info_net(info);
  56
  57         if (info->attrs[L2TP_ATTR_IFNAME]) {
  58                 ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]);
  59                 session = l2tp_session_get_by_ifname(net, ifname);
  60         } else if ((info->attrs[L2TP_ATTR_SESSION_ID]) &&
  61                    (info->attrs[L2TP_ATTR_CONN_ID])) {
  62                 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
  63                 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]);
  64                 tunnel = l2tp_tunnel_get(net, tunnel_id);
  65                 if (tunnel) {
  66                         session = l2tp_tunnel_get_session(tunnel, session_id);
  67                         l2tp_tunnel_dec_refcount(tunnel);
  68                 }
  69         }
  70
  71         return session;
  72 }
  73
  74 static int l2tp_nl_cmd_noop(struct sk_buff *skb, struct genl_info *info)
  75 {
  76         struct sk_buff *msg;
  77         void *hdr;
  78         int ret = -ENOBUFS;
  79
  80         msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  81         if (!msg) {
  82                 ret = -ENOMEM;
  83                 goto out;
  84         }
  85
  86         hdr = genlmsg_put(msg, info->snd_portid, info->snd_seq,
  87                           &l2tp_nl_family, 0, L2TP_CMD_NOOP);
  88         if (!hdr) {
  89                 ret = -EMSGSIZE;
  90                 goto err_out;
  91         }
  92
  93         genlmsg_end(msg, hdr);
  94
  95         return genlmsg_unicast(genl_info_net(info), msg, info->snd_portid);
  96
  97 err_out:
  98         nlmsg_free(msg);
  99
 100 out:
 101         return ret;
 102 }
 103
 104 static int l2tp_tunnel_notify(struct genl_family *family,
 105                               struct genl_info *info,
 106                               struct l2tp_tunnel *tunnel,
 107                               u8 cmd)
 108 {
 109         struct sk_buff *msg;
 110         int ret;
 111
 112         msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
 113         if (!msg)
 114                 return -ENOMEM;
 115
 116         ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq,
 117                                   NLM_F_ACK, tunnel, cmd);
 118
 119         if (ret >= 0) {
 120                 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC);
 121                 /* We don't care if no one is listening */
 122                 if (ret == -ESRCH)
 123                         ret = 0;
 124                 return ret;
 125         }
 126
 127         nlmsg_free(msg);
 128
 129         return ret;
 130 }
 131
 132 static int l2tp_session_notify(struct genl_family *family,
 133                                struct genl_info *info,
 134                                struct l2tp_session *session,
 135                                u8 cmd)
 136 {
 137         struct sk_buff *msg;
 138         int ret;
 139
 140         msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
 141         if (!msg)
 142                 return -ENOMEM;
 143
 144         ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq,
 145                                    NLM_F_ACK, session, cmd);
 146
 147         if (ret >= 0) {
 148                 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC);
 149                 /* We don't care if no one is listening */
 150                 if (ret == -ESRCH)
 151                         ret = 0;
 152                 return ret;
 153         }
 154
 155         nlmsg_free(msg);
 156
 157         return ret;
 158 }
 159
 160 static int l2tp_nl_cmd_tunnel_create(struct sk_buff *skb, struct genl_info *info)
 161 {
 162         u32 tunnel_id;
 163         u32 peer_tunnel_id;
 164         int proto_version;
 165         int fd;
 166         int ret = 0;
 167         struct l2tp_tunnel_cfg cfg = { 0, };
 168         struct l2tp_tunnel *tunnel;
 169         struct net *net = genl_info_net(info);
 170
 171         if (!info->attrs[L2TP_ATTR_CONN_ID]) {
 172                 ret = -EINVAL;
 173                 goto out;
 174         }
 175         tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
 176
 177         if (!info->attrs[L2TP_ATTR_PEER_CONN_ID]) {
 178                 ret = -EINVAL;
 179                 goto out;
 180         }
 181         peer_tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_CONN_ID]);
 182
 183         if (!info->attrs[L2TP_ATTR_PROTO_VERSION]) {
 184                 ret = -EINVAL;
 185                 goto out;
 186         }
 187         proto_version = nla_get_u8(info->attrs[L2TP_ATTR_PROTO_VERSION]);
 188
 189         if (!info->attrs[L2TP_ATTR_ENCAP_TYPE]) {
 190                 ret = -EINVAL;
 191                 goto out;
 192         }
 193         cfg.encap = nla_get_u16(info->attrs[L2TP_ATTR_ENCAP_TYPE]);
 194
 195         fd = -1;
 196         if (info->attrs[L2TP_ATTR_FD]) {
 197                 fd = nla_get_u32(info->attrs[L2TP_ATTR_FD]);
 198         } else {
 199 #if IS_ENABLED(CONFIG_IPV6)
 200                 if (info->attrs[L2TP_ATTR_IP6_SADDR] &&
 201                     info->attrs[L2TP_ATTR_IP6_DADDR]) {
 202                         cfg.local_ip6 = nla_data(
 203                                 info->attrs[L2TP_ATTR_IP6_SADDR]);
 204                         cfg.peer_ip6 = nla_data(
 205                                 info->attrs[L2TP_ATTR_IP6_DADDR]);
 206                 } else
 207 #endif
 208                 if (info->attrs[L2TP_ATTR_IP_SADDR] &&
 209                     info->attrs[L2TP_ATTR_IP_DADDR]) {
 210                         cfg.local_ip.s_addr = nla_get_in_addr(
 211                                 info->attrs[L2TP_ATTR_IP_SADDR]);
 212                         cfg.peer_ip.s_addr = nla_get_in_addr(
 213                                 info->attrs[L2TP_ATTR_IP_DADDR]);
 214                 } else {
 215                         ret = -EINVAL;
 216                         goto out;
 217                 }
 218                 if (info->attrs[L2TP_ATTR_UDP_SPORT])
 219                         cfg.local_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_SPORT]);
 220                 if (info->attrs[L2TP_ATTR_UDP_DPORT])
 221                         cfg.peer_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_DPORT]);
 222                 cfg.use_udp_checksums = nla_get_flag(
 223                         info->attrs[L2TP_ATTR_UDP_CSUM]);
 224
 225 #if IS_ENABLED(CONFIG_IPV6)
 226                 cfg.udp6_zero_tx_checksums = nla_get_flag(
 227                         info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_TX]);
 228                 cfg.udp6_zero_rx_checksums = nla_get_flag(
 229                         info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_RX]);
 230 #endif
 231         }
 232
 233         if (info->attrs[L2TP_ATTR_DEBUG])
 234                 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]);
 235
 236         ret = -EINVAL;
 237         switch (cfg.encap) {
 238         case L2TP_ENCAPTYPE_UDP:
 239         case L2TP_ENCAPTYPE_IP:
 240                 ret = l2tp_tunnel_create(net, fd, proto_version, tunnel_id,
 241                                          peer_tunnel_id, &cfg, &tunnel);
 242                 break;
 243         }
 244
 245         if (ret < 0)
 246                 goto out;
 247
 248         l2tp_tunnel_inc_refcount(tunnel);
 249         ret = l2tp_tunnel_register(tunnel, net, &cfg);
 250         if (ret < 0) {
 251                 kfree(tunnel);
 252                 goto out;
 253         }
 254         ret = l2tp_tunnel_notify(&l2tp_nl_family, info, tunnel,
 255                                  L2TP_CMD_TUNNEL_CREATE);
 256         l2tp_tunnel_dec_refcount(tunnel);
 257
 258 out:
 259         return ret;
 260 }
 261
 262 static int l2tp_nl_cmd_tunnel_delete(struct sk_buff *skb, struct genl_info *info)
 263 {
 264         struct l2tp_tunnel *tunnel;
 265         u32 tunnel_id;
 266         int ret = 0;
 267         struct net *net = genl_info_net(info);
 268
 269         if (!info->attrs[L2TP_ATTR_CONN_ID]) {
 270                 ret = -EINVAL;
 271                 goto out;
 272         }
 273         tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
 274
 275         tunnel = l2tp_tunnel_get(net, tunnel_id);
 276         if (!tunnel) {
 277                 ret = -ENODEV;
 278                 goto out;
 279         }
 280
 281         l2tp_tunnel_notify(&l2tp_nl_family, info,
 282                            tunnel, L2TP_CMD_TUNNEL_DELETE);
 283
 284         l2tp_tunnel_delete(tunnel);
 285
 286         l2tp_tunnel_dec_refcount(tunnel);
 287
 288 out:
 289         return ret;
 290 }
 291
 292 static int l2tp_nl_cmd_tunnel_modify(struct sk_buff *skb, struct genl_info *info)
 293 {
 294         struct l2tp_tunnel *tunnel;
 295         u32 tunnel_id;
 296         int ret = 0;
 297         struct net *net = genl_info_net(info);
 298
 299         if (!info->attrs[L2TP_ATTR_CONN_ID]) {
 300                 ret = -EINVAL;
 301                 goto out;
 302         }
 303         tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
 304
 305         tunnel = l2tp_tunnel_get(net, tunnel_id);
 306         if (!tunnel) {
 307                 ret = -ENODEV;
 308                 goto out;
 309         }
 310
 311         if (info->attrs[L2TP_ATTR_DEBUG])
 312                 tunnel->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]);
 313
 314         ret = l2tp_tunnel_notify(&l2tp_nl_family, info,
 315                                  tunnel, L2TP_CMD_TUNNEL_MODIFY);
 316
 317         l2tp_tunnel_dec_refcount(tunnel);
 318
 319 out:
 320         return ret;
 321 }
 322
 323 static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, int flags,
 324                                struct l2tp_tunnel *tunnel, u8 cmd)
 325 {
 326         void *hdr;
 327         struct nlattr *nest;
 328         struct sock *sk = NULL;
 329         struct inet_sock *inet;
 330 #if IS_ENABLED(CONFIG_IPV6)
 331         struct ipv6_pinfo *np = NULL;
 332 #endif
 333
 334         hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd);
 335         if (!hdr)
 336                 return -EMSGSIZE;
 337
 338         if (nla_put_u8(skb, L2TP_ATTR_PROTO_VERSION, tunnel->version) ||
 339             nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) ||
 340             nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) ||
 341             nla_put_u32(skb, L2TP_ATTR_DEBUG, tunnel->debug) ||
 342             nla_put_u16(skb, L2TP_ATTR_ENCAP_TYPE, tunnel->encap))
 343                 goto nla_put_failure;
 344
 345         nest = nla_nest_start_noflag(skb, L2TP_ATTR_STATS);
 346         if (nest == NULL)
 347                 goto nla_put_failure;
 348
 349         if (nla_put_u64_64bit(skb, L2TP_ATTR_TX_PACKETS,
 350                               atomic_long_read(&tunnel->stats.tx_packets),
 351                               L2TP_ATTR_STATS_PAD) ||
 352             nla_put_u64_64bit(skb, L2TP_ATTR_TX_BYTES,
 353                               atomic_long_read(&tunnel->stats.tx_bytes),
 354                               L2TP_ATTR_STATS_PAD) ||
 355             nla_put_u64_64bit(skb, L2TP_ATTR_TX_ERRORS,
 356                               atomic_long_read(&tunnel->stats.tx_errors),
 357                               L2TP_ATTR_STATS_PAD) ||
 358             nla_put_u64_64bit(skb, L2TP_ATTR_RX_PACKETS,
 359                               atomic_long_read(&tunnel->stats.rx_packets),
 360                               L2TP_ATTR_STATS_PAD) ||
 361             nla_put_u64_64bit(skb, L2TP_ATTR_RX_BYTES,
 362                               atomic_long_read(&tunnel->stats.rx_bytes),
 363                               L2TP_ATTR_STATS_PAD) ||
 364             nla_put_u64_64bit(skb, L2TP_ATTR_RX_SEQ_DISCARDS,
 365                               atomic_long_read(&tunnel->stats.rx_seq_discards),
 366                               L2TP_ATTR_STATS_PAD) ||
 367             nla_put_u64_64bit(skb, L2TP_ATTR_RX_OOS_PACKETS,
 368                               atomic_long_read(&tunnel->stats.rx_oos_packets),
 369                               L2TP_ATTR_STATS_PAD) ||
 370             nla_put_u64_64bit(skb, L2TP_ATTR_RX_ERRORS,
 371                               atomic_long_read(&tunnel->stats.rx_errors),
 372                               L2TP_ATTR_STATS_PAD))
 373                 goto nla_put_failure;
 374         nla_nest_end(skb, nest);
 375
 376         sk = tunnel->sock;
 377         if (!sk)
 378                 goto out;
 379
 380 #if IS_ENABLED(CONFIG_IPV6)
 381         if (sk->sk_family == AF_INET6)
 382                 np = inet6_sk(sk);
 383 #endif
 384
 385         inet = inet_sk(sk);
 386
 387         switch (tunnel->encap) {
 388         case L2TP_ENCAPTYPE_UDP:
 389                 switch (sk->sk_family) {
 390                 case AF_INET:
 391                         if (nla_put_u8(skb, L2TP_ATTR_UDP_CSUM, !sk->sk_no_check_tx))
 392                                 goto nla_put_failure;
 393                         break;
 394 #if IS_ENABLED(CONFIG_IPV6)
 395                 case AF_INET6:
 396                         if (udp_get_no_check6_tx(sk) &&
 397                             nla_put_flag(skb, L2TP_ATTR_UDP_ZERO_CSUM6_TX))
 398                                 goto nla_put_failure;
 399                         if (udp_get_no_check6_rx(sk) &&
 400                             nla_put_flag(skb, L2TP_ATTR_UDP_ZERO_CSUM6_RX))
 401                                 goto nla_put_failure;
 402                         break;
 403 #endif
 404                 }
 405                 if (nla_put_u16(skb, L2TP_ATTR_UDP_SPORT, ntohs(inet->inet_sport)) ||
 406                     nla_put_u16(skb, L2TP_ATTR_UDP_DPORT, ntohs(inet->inet_dport)))
 407                         goto nla_put_failure;
 408                 /* fall through  */
 409         case L2TP_ENCAPTYPE_IP:
 410 #if IS_ENABLED(CONFIG_IPV6)
 411                 if (np) {
 412                         if (nla_put_in6_addr(skb, L2TP_ATTR_IP6_SADDR,
 413                                              &np->saddr) ||
 414                             nla_put_in6_addr(skb, L2TP_ATTR_IP6_DADDR,
 415                                              &sk->sk_v6_daddr))
 416                                 goto nla_put_failure;
 417                 } else
 418 #endif
 419                 if (nla_put_in_addr(skb, L2TP_ATTR_IP_SADDR,
 420                                     inet->inet_saddr) ||
 421                     nla_put_in_addr(skb, L2TP_ATTR_IP_DADDR,
 422                                     inet->inet_daddr))
 423                         goto nla_put_failure;
 424                 break;
 425         }
 426
 427 out:
 428         genlmsg_end(skb, hdr);
 429         return 0;
 430
 431 nla_put_failure:
 432         genlmsg_cancel(skb, hdr);
 433         return -1;
 434 }
 435
 436 static int l2tp_nl_cmd_tunnel_get(struct sk_buff *skb, struct genl_info *info)
 437 {
 438         struct l2tp_tunnel *tunnel;
 439         struct sk_buff *msg;
 440         u32 tunnel_id;
 441         int ret = -ENOBUFS;
 442         struct net *net = genl_info_net(info);
 443
 444         if (!info->attrs[L2TP_ATTR_CONN_ID]) {
 445                 ret = -EINVAL;
 446                 goto err;
 447         }
 448
 449         tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
 450
 451         msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
 452         if (!msg) {
 453                 ret = -ENOMEM;
 454                 goto err;
 455         }
 456
 457         tunnel = l2tp_tunnel_get(net, tunnel_id);
 458         if (!tunnel) {
 459                 ret = -ENODEV;
 460                 goto err_nlmsg;
 461         }
 462
 463         ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq,
 464                                   NLM_F_ACK, tunnel, L2TP_CMD_TUNNEL_GET);
 465         if (ret < 0)
 466                 goto err_nlmsg_tunnel;
 467
 468         l2tp_tunnel_dec_refcount(tunnel);
 469
 470         return genlmsg_unicast(net, msg, info->snd_portid);
 471
 472 err_nlmsg_tunnel:
 473         l2tp_tunnel_dec_refcount(tunnel);
 474 err_nlmsg:
 475         nlmsg_free(msg);
 476 err:
 477         return ret;
 478 }
 479
 480 static int l2tp_nl_cmd_tunnel_dump(struct sk_buff *skb, struct netlink_callback *cb)
 481 {
 482         int ti = cb->args[0];
 483         struct l2tp_tunnel *tunnel;
 484         struct net *net = sock_net(skb->sk);
 485
 486         for (;;) {
 487                 tunnel = l2tp_tunnel_get_nth(net, ti);
 488                 if (tunnel == NULL)
 489                         goto out;
 490
 491                 if (l2tp_nl_tunnel_send(skb, NETLINK_CB(cb->skb).portid,
 492                                         cb->nlh->nlmsg_seq, NLM_F_MULTI,
 493                                         tunnel, L2TP_CMD_TUNNEL_GET) < 0) {
 494                         l2tp_tunnel_dec_refcount(tunnel);
 495                         goto out;
 496                 }
 497                 l2tp_tunnel_dec_refcount(tunnel);
 498
 499                 ti++;
 500         }
 501
 502 out:
 503         cb->args[0] = ti;
 504
 505         return skb->len;
 506 }
 507
 508 static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *info)
 509 {
 510         u32 tunnel_id = 0;
 511         u32 session_id;
 512         u32 peer_session_id;
 513         int ret = 0;
 514         struct l2tp_tunnel *tunnel;
 515         struct l2tp_session *session;
 516         struct l2tp_session_cfg cfg = { 0, };
 517         struct net *net = genl_info_net(info);
 518
 519         if (!info->attrs[L2TP_ATTR_CONN_ID]) {
 520                 ret = -EINVAL;
 521                 goto out;
 522         }
 523
 524         tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
 525         tunnel = l2tp_tunnel_get(net, tunnel_id);
 526         if (!tunnel) {
 527                 ret = -ENODEV;
 528                 goto out;
 529         }
 530
 531         if (!info->attrs[L2TP_ATTR_SESSION_ID]) {
 532                 ret = -EINVAL;
 533                 goto out_tunnel;
 534         }
 535         session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]);
 536
 537         if (!info->attrs[L2TP_ATTR_PEER_SESSION_ID]) {
 538                 ret = -EINVAL;
 539                 goto out_tunnel;
 540         }
 541         peer_session_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_SESSION_ID]);
 542
 543         if (!info->attrs[L2TP_ATTR_PW_TYPE]) {
 544                 ret = -EINVAL;
 545                 goto out_tunnel;
 546         }
 547         cfg.pw_type = nla_get_u16(info->attrs[L2TP_ATTR_PW_TYPE]);
 548         if (cfg.pw_type >= __L2TP_PWTYPE_MAX) {
 549                 ret = -EINVAL;
 550                 goto out_tunnel;
 551         }
 552
 553         /* L2TPv2 only accepts PPP pseudo-wires */
 554         if (tunnel->version == 2 && cfg.pw_type != L2TP_PWTYPE_PPP) {
 555                 ret = -EPROTONOSUPPORT;
 556                 goto out_tunnel;
 557         }
 558
 559         if (tunnel->version > 2) {
 560                 if (info->attrs[L2TP_ATTR_L2SPEC_TYPE]) {
 561                         cfg.l2specific_type = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_TYPE]);
 562                         if (cfg.l2specific_type != L2TP_L2SPECTYPE_DEFAULT &&
 563                             cfg.l2specific_type != L2TP_L2SPECTYPE_NONE) {
 564                                 ret = -EINVAL;
 565                                 goto out_tunnel;
 566                         }
 567                 } else {
 568                         cfg.l2specific_type = L2TP_L2SPECTYPE_DEFAULT;
 569                 }
 570
 571                 if (info->attrs[L2TP_ATTR_COOKIE]) {
 572                         u16 len = nla_len(info->attrs[L2TP_ATTR_COOKIE]);
 573                         if (len > 8) {
 574                                 ret = -EINVAL;
 575                                 goto out_tunnel;
 576                         }
 577                         cfg.cookie_len = len;
 578                         memcpy(&cfg.cookie[0], nla_data(info->attrs[L2TP_ATTR_COOKIE]), len);
 579                 }
 580                 if (info->attrs[L2TP_ATTR_PEER_COOKIE]) {
 581                         u16 len = nla_len(info->attrs[L2TP_ATTR_PEER_COOKIE]);
 582                         if (len > 8) {
 583                                 ret = -EINVAL;
 584                                 goto out_tunnel;
 585                         }
 586                         cfg.peer_cookie_len = len;
 587                         memcpy(&cfg.peer_cookie[0], nla_data(info->attrs[L2TP_ATTR_PEER_COOKIE]), len);
 588                 }
 589                 if (info->attrs[L2TP_ATTR_IFNAME])
 590                         cfg.ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]);
 591         }
 592
 593         if (info->attrs[L2TP_ATTR_DEBUG])
 594                 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]);
 595
 596         if (info->attrs[L2TP_ATTR_RECV_SEQ])
 597                 cfg.recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]);
 598
 599         if (info->attrs[L2TP_ATTR_SEND_SEQ])
 600                 cfg.send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]);
 601
 602         if (info->attrs[L2TP_ATTR_LNS_MODE])
 603                 cfg.lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]);
 604
 605         if (info->attrs[L2TP_ATTR_RECV_TIMEOUT])
 606                 cfg.reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]);
 607
 608 #ifdef CONFIG_MODULES
 609         if (l2tp_nl_cmd_ops[cfg.pw_type] == NULL) {
 610                 genl_unlock();
 611                 request_module("net-l2tp-type-%u", cfg.pw_type);
 612                 genl_lock();
 613         }
 614 #endif
 615         if ((l2tp_nl_cmd_ops[cfg.pw_type] == NULL) ||
 616             (l2tp_nl_cmd_ops[cfg.pw_type]->session_create == NULL)) {
 617                 ret = -EPROTONOSUPPORT;
 618                 goto out_tunnel;
 619         }
 620
 621         ret = l2tp_nl_cmd_ops[cfg.pw_type]->session_create(net, tunnel,
 622                                                            session_id,
 623                                                            peer_session_id,
 624                                                            &cfg);
 625
 626         if (ret >= 0) {
 627                 session = l2tp_tunnel_get_session(tunnel, session_id);
 628                 if (session) {
 629                         ret = l2tp_session_notify(&l2tp_nl_family, info, session,
 630                                                   L2TP_CMD_SESSION_CREATE);
 631                         l2tp_session_dec_refcount(session);
 632                 }
 633         }
 634
 635 out_tunnel:
 636         l2tp_tunnel_dec_refcount(tunnel);
 637 out:
 638         return ret;
 639 }
 640
 641 static int l2tp_nl_cmd_session_delete(struct sk_buff *skb, struct genl_info *info)
 642 {
 643         int ret = 0;
 644         struct l2tp_session *session;
 645         u16 pw_type;
 646
 647         session = l2tp_nl_session_get(info);
 648         if (session == NULL) {
 649                 ret = -ENODEV;
 650                 goto out;
 651         }
 652
 653         l2tp_session_notify(&l2tp_nl_family, info,
 654                             session, L2TP_CMD_SESSION_DELETE);
 655
 656         pw_type = session->pwtype;
 657         if (pw_type < __L2TP_PWTYPE_MAX)
 658                 if (l2tp_nl_cmd_ops[pw_type] && l2tp_nl_cmd_ops[pw_type]->session_delete)
 659                         ret = (*l2tp_nl_cmd_ops[pw_type]->session_delete)(session);
 660
 661         l2tp_session_dec_refcount(session);
 662
 663 out:
 664         return ret;
 665 }
 666
 667 static int l2tp_nl_cmd_session_modify(struct sk_buff *skb, struct genl_info *info)
 668 {
 669         int ret = 0;
 670         struct l2tp_session *session;
 671
 672         session = l2tp_nl_session_get(info);
 673         if (session == NULL) {
 674                 ret = -ENODEV;
 675                 goto out;
 676         }
 677
 678         if (info->attrs[L2TP_ATTR_DEBUG])
 679                 session->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]);
 680
 681         if (info->attrs[L2TP_ATTR_RECV_SEQ])
 682                 session->recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]);
 683
 684         if (info->attrs[L2TP_ATTR_SEND_SEQ]) {
 685                 session->send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]);
 686                 l2tp_session_set_header_len(session, session->tunnel->version);
 687         }
 688
 689         if (info->attrs[L2TP_ATTR_LNS_MODE])
 690                 session->lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]);
 691
 692         if (info->attrs[L2TP_ATTR_RECV_TIMEOUT])
 693                 session->reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]);
 694
 695         ret = l2tp_session_notify(&l2tp_nl_family, info,
 696                                   session, L2TP_CMD_SESSION_MODIFY);
 697
 698         l2tp_session_dec_refcount(session);
 699
 700 out:
 701         return ret;
 702 }
 703
 704 static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, int flags,
 705                                 struct l2tp_session *session, u8 cmd)
 706 {
 707         void *hdr;
 708         struct nlattr *nest;
 709         struct l2tp_tunnel *tunnel = session->tunnel;
 710
 711         hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd);
 712         if (!hdr)
 713                 return -EMSGSIZE;
 714
 715         if (nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) ||
 716             nla_put_u32(skb, L2TP_ATTR_SESSION_ID, session->session_id) ||
 717             nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) ||
 718             nla_put_u32(skb, L2TP_ATTR_PEER_SESSION_ID,
 719                         session->peer_session_id) ||
 720             nla_put_u32(skb, L2TP_ATTR_DEBUG, session->debug) ||
 721             nla_put_u16(skb, L2TP_ATTR_PW_TYPE, session->pwtype))
 722                 goto nla_put_failure;
 723
 724         if ((session->ifname[0] &&
 725              nla_put_string(skb, L2TP_ATTR_IFNAME, session->ifname)) ||
 726             (session->cookie_len &&
 727              nla_put(skb, L2TP_ATTR_COOKIE, session->cookie_len,
 728                      &session->cookie[0])) ||
 729             (session->peer_cookie_len &&
 730              nla_put(skb, L2TP_ATTR_PEER_COOKIE, session->peer_cookie_len,
 731                      &session->peer_cookie[0])) ||
 732             nla_put_u8(skb, L2TP_ATTR_RECV_SEQ, session->recv_seq) ||
 733             nla_put_u8(skb, L2TP_ATTR_SEND_SEQ, session->send_seq) ||
 734             nla_put_u8(skb, L2TP_ATTR_LNS_MODE, session->lns_mode) ||
 735             (l2tp_tunnel_uses_xfrm(tunnel) &&
 736              nla_put_u8(skb, L2TP_ATTR_USING_IPSEC, 1)) ||
 737             (session->reorder_timeout &&
 738              nla_put_msecs(skb, L2TP_ATTR_RECV_TIMEOUT,
 739                            session->reorder_timeout, L2TP_ATTR_PAD)))
 740                 goto nla_put_failure;
 741
 742         nest = nla_nest_start_noflag(skb, L2TP_ATTR_STATS);
 743         if (nest == NULL)
 744                 goto nla_put_failure;
 745
 746         if (nla_put_u64_64bit(skb, L2TP_ATTR_TX_PACKETS,
 747                               atomic_long_read(&session->stats.tx_packets),
 748                               L2TP_ATTR_STATS_PAD) ||
 749             nla_put_u64_64bit(skb, L2TP_ATTR_TX_BYTES,
 750                               atomic_long_read(&session->stats.tx_bytes),
 751                               L2TP_ATTR_STATS_PAD) ||
 752             nla_put_u64_64bit(skb, L2TP_ATTR_TX_ERRORS,
 753                               atomic_long_read(&session->stats.tx_errors),
 754                               L2TP_ATTR_STATS_PAD) ||
 755             nla_put_u64_64bit(skb, L2TP_ATTR_RX_PACKETS,
 756                               atomic_long_read(&session->stats.rx_packets),
 757                               L2TP_ATTR_STATS_PAD) ||
 758             nla_put_u64_64bit(skb, L2TP_ATTR_RX_BYTES,
 759                               atomic_long_read(&session->stats.rx_bytes),
 760                               L2TP_ATTR_STATS_PAD) ||
 761             nla_put_u64_64bit(skb, L2TP_ATTR_RX_SEQ_DISCARDS,
 762                               atomic_long_read(&session->stats.rx_seq_discards),
 763                               L2TP_ATTR_STATS_PAD) ||
 764             nla_put_u64_64bit(skb, L2TP_ATTR_RX_OOS_PACKETS,
 765                               atomic_long_read(&session->stats.rx_oos_packets),
 766                               L2TP_ATTR_STATS_PAD) ||
 767             nla_put_u64_64bit(skb, L2TP_ATTR_RX_ERRORS,
 768                               atomic_long_read(&session->stats.rx_errors),
 769                               L2TP_ATTR_STATS_PAD))
 770                 goto nla_put_failure;
 771         nla_nest_end(skb, nest);
 772
 773         genlmsg_end(skb, hdr);
 774         return 0;
 775
 776  nla_put_failure:
 777         genlmsg_cancel(skb, hdr);
 778         return -1;
 779 }
 780
 781 static int l2tp_nl_cmd_session_get(struct sk_buff *skb, struct genl_info *info)
 782 {
 783         struct l2tp_session *session;
 784         struct sk_buff *msg;
 785         int ret;
 786
 787         session = l2tp_nl_session_get(info);
 788         if (session == NULL) {
 789                 ret = -ENODEV;
 790                 goto err;
 791         }
 792
 793         msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
 794         if (!msg) {
 795                 ret = -ENOMEM;
 796                 goto err_ref;
 797         }
 798
 799         ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq,
 800                                    0, session, L2TP_CMD_SESSION_GET);
 801         if (ret < 0)
 802                 goto err_ref_msg;
 803
 804         ret = genlmsg_unicast(genl_info_net(info), msg, info->snd_portid);
 805
 806         l2tp_session_dec_refcount(session);
 807
 808         return ret;
 809
 810 err_ref_msg:
 811         nlmsg_free(msg);
 812 err_ref:
 813         l2tp_session_dec_refcount(session);
 814 err:
 815         return ret;
 816 }
 817
 818 static int l2tp_nl_cmd_session_dump(struct sk_buff *skb, struct netlink_callback *cb)
 819 {
 820         struct net *net = sock_net(skb->sk);
 821         struct l2tp_session *session;
 822         struct l2tp_tunnel *tunnel = NULL;
 823         int ti = cb->args[0];
 824         int si = cb->args[1];
 825
 826         for (;;) {
 827                 if (tunnel == NULL) {
 828                         tunnel = l2tp_tunnel_get_nth(net, ti);
 829                         if (tunnel == NULL)
 830                                 goto out;
 831                 }
 832
 833                 session = l2tp_session_get_nth(tunnel, si);
 834                 if (session == NULL) {
 835                         ti++;
 836                         l2tp_tunnel_dec_refcount(tunnel);
 837                         tunnel = NULL;
 838                         si = 0;
 839                         continue;
 840                 }
 841
 842                 if (l2tp_nl_session_send(skb, NETLINK_CB(cb->skb).portid,
 843                                          cb->nlh->nlmsg_seq, NLM_F_MULTI,
 844                                          session, L2TP_CMD_SESSION_GET) < 0) {
 845                         l2tp_session_dec_refcount(session);
 846                         l2tp_tunnel_dec_refcount(tunnel);
 847                         break;
 848                 }
 849                 l2tp_session_dec_refcount(session);
 850
 851                 si++;
 852         }
 853
 854 out:
 855         cb->args[0] = ti;
 856         cb->args[1] = si;
 857
 858         return skb->len;
 859 }
 860
 861 static const struct nla_policy l2tp_nl_policy[L2TP_ATTR_MAX + 1] = {
 862         [L2TP_ATTR_NONE]                = { .type = NLA_UNSPEC, },
 863         [L2TP_ATTR_PW_TYPE]             = { .type = NLA_U16, },
 864         [L2TP_ATTR_ENCAP_TYPE]          = { .type = NLA_U16, },
 865         [L2TP_ATTR_OFFSET]              = { .type = NLA_U16, },
 866         [L2TP_ATTR_DATA_SEQ]            = { .type = NLA_U8, },
 867         [L2TP_ATTR_L2SPEC_TYPE]         = { .type = NLA_U8, },
 868         [L2TP_ATTR_L2SPEC_LEN]          = { .type = NLA_U8, },
 869         [L2TP_ATTR_PROTO_VERSION]       = { .type = NLA_U8, },
 870         [L2TP_ATTR_CONN_ID]             = { .type = NLA_U32, },
 871         [L2TP_ATTR_PEER_CONN_ID]        = { .type = NLA_U32, },
 872         [L2TP_ATTR_SESSION_ID]          = { .type = NLA_U32, },
 873         [L2TP_ATTR_PEER_SESSION_ID]     = { .type = NLA_U32, },
 874         [L2TP_ATTR_UDP_CSUM]            = { .type = NLA_U8, },
 875         [L2TP_ATTR_VLAN_ID]             = { .type = NLA_U16, },
 876         [L2TP_ATTR_DEBUG]               = { .type = NLA_U32, },
 877         [L2TP_ATTR_RECV_SEQ]            = { .type = NLA_U8, },
 878         [L2TP_ATTR_SEND_SEQ]            = { .type = NLA_U8, },
 879         [L2TP_ATTR_LNS_MODE]            = { .type = NLA_U8, },
 880         [L2TP_ATTR_USING_IPSEC]         = { .type = NLA_U8, },
 881         [L2TP_ATTR_RECV_TIMEOUT]        = { .type = NLA_MSECS, },
 882         [L2TP_ATTR_FD]                  = { .type = NLA_U32, },
 883         [L2TP_ATTR_IP_SADDR]            = { .type = NLA_U32, },
 884         [L2TP_ATTR_IP_DADDR]            = { .type = NLA_U32, },
 885         [L2TP_ATTR_UDP_SPORT]           = { .type = NLA_U16, },
 886         [L2TP_ATTR_UDP_DPORT]           = { .type = NLA_U16, },
 887         [L2TP_ATTR_MTU]                 = { .type = NLA_U16, },
 888         [L2TP_ATTR_MRU]                 = { .type = NLA_U16, },
 889         [L2TP_ATTR_STATS]               = { .type = NLA_NESTED, },
 890         [L2TP_ATTR_IP6_SADDR] = {
 891                 .type = NLA_BINARY,
 892                 .len = sizeof(struct in6_addr),
 893         },
 894         [L2TP_ATTR_IP6_DADDR] = {
 895                 .type = NLA_BINARY,
 896                 .len = sizeof(struct in6_addr),
 897         },
 898         [L2TP_ATTR_IFNAME] = {
 899                 .type = NLA_NUL_STRING,
 900                 .len = IFNAMSIZ - 1,
 901         },
 902         [L2TP_ATTR_COOKIE] = {
 903                 .type = NLA_BINARY,
 904                 .len = 8,
 905         },
 906         [L2TP_ATTR_PEER_COOKIE] = {
 907                 .type = NLA_BINARY,
 908                 .len = 8,
 909         },
 910 };
 911
 912 static const struct genl_ops l2tp_nl_ops[] = {
 913         {
 914                 .cmd = L2TP_CMD_NOOP,
 915                 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
 916                 .doit = l2tp_nl_cmd_noop,
 917                 /* can be retrieved by unprivileged users */
 918         },
 919         {
 920                 .cmd = L2TP_CMD_TUNNEL_CREATE,
 921                 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
 922                 .doit = l2tp_nl_cmd_tunnel_create,
 923                 .flags = GENL_ADMIN_PERM,
 924         },
 925         {
 926                 .cmd = L2TP_CMD_TUNNEL_DELETE,
 927                 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
 928                 .doit = l2tp_nl_cmd_tunnel_delete,
 929                 .flags = GENL_ADMIN_PERM,
 930         },
 931         {
 932                 .cmd = L2TP_CMD_TUNNEL_MODIFY,
 933                 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
 934                 .doit = l2tp_nl_cmd_tunnel_modify,
 935                 .flags = GENL_ADMIN_PERM,
 936         },
 937         {
 938                 .cmd = L2TP_CMD_TUNNEL_GET,
 939                 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
 940                 .doit = l2tp_nl_cmd_tunnel_get,
 941                 .dumpit = l2tp_nl_cmd_tunnel_dump,
 942                 .flags = GENL_ADMIN_PERM,
 943         },
 944         {
 945                 .cmd = L2TP_CMD_SESSION_CREATE,
 946                 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
 947                 .doit = l2tp_nl_cmd_session_create,
 948                 .flags = GENL_ADMIN_PERM,
 949         },
 950         {
 951                 .cmd = L2TP_CMD_SESSION_DELETE,
 952                 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
 953                 .doit = l2tp_nl_cmd_session_delete,
 954                 .flags = GENL_ADMIN_PERM,
 955         },
 956         {
 957                 .cmd = L2TP_CMD_SESSION_MODIFY,
 958                 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
 959                 .doit = l2tp_nl_cmd_session_modify,
 960                 .flags = GENL_ADMIN_PERM,
 961         },
 962         {
 963                 .cmd = L2TP_CMD_SESSION_GET,
 964                 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
 965                 .doit = l2tp_nl_cmd_session_get,
 966                 .dumpit = l2tp_nl_cmd_session_dump,
 967                 .flags = GENL_ADMIN_PERM,
 968         },
 969 };
 970
 971 static struct genl_family l2tp_nl_family __ro_after_init = {
 972         .name           = L2TP_GENL_NAME,
 973         .version        = L2TP_GENL_VERSION,
 974         .hdrsize        = 0,
 975         .maxattr        = L2TP_ATTR_MAX,
 976         .policy = l2tp_nl_policy,
 977         .netnsok        = true,
 978         .module         = THIS_MODULE,
 979         .ops            = l2tp_nl_ops,
 980         .n_ops          = ARRAY_SIZE(l2tp_nl_ops),
 981         .mcgrps         = l2tp_multicast_group,
 982         .n_mcgrps       = ARRAY_SIZE(l2tp_multicast_group),
 983 };
 984
 985 int l2tp_nl_register_ops(enum l2tp_pwtype pw_type, const struct l2tp_nl_cmd_ops *ops)
 986 {
 987         int ret;
 988
 989         ret = -EINVAL;
 990         if (pw_type >= __L2TP_PWTYPE_MAX)
 991                 goto err;
 992
 993         genl_lock();
 994         ret = -EBUSY;
 995         if (l2tp_nl_cmd_ops[pw_type])
 996                 goto out;
 997
 998         l2tp_nl_cmd_ops[pw_type] = ops;
 999         ret = 0;
1000
1001 out:
1002         genl_unlock();
1003 err:
1004         return ret;
1005 }
1006 EXPORT_SYMBOL_GPL(l2tp_nl_register_ops);
1007
1008 void l2tp_nl_unregister_ops(enum l2tp_pwtype pw_type)
1009 {
1010         if (pw_type < __L2TP_PWTYPE_MAX) {
1011                 genl_lock();
1012                 l2tp_nl_cmd_ops[pw_type] = NULL;
1013                 genl_unlock();
1014         }
1015 }
1016 EXPORT_SYMBOL_GPL(l2tp_nl_unregister_ops);
1017
1018 static int __init l2tp_nl_init(void)
1019 {
1020         pr_info("L2TP netlink interface\n");
1021         return genl_register_family(&l2tp_nl_family);
1022 }
1023
1024 static void l2tp_nl_cleanup(void)
1025 {
1026         genl_unregister_family(&l2tp_nl_family);
1027 }
1028
1029 module_init(l2tp_nl_init);
1030 module_exit(l2tp_nl_cleanup);
1031
1032 MODULE_AUTHOR("James Chapman <jchapman@katalix.com>");
1033 MODULE_DESCRIPTION("L2TP netlink");
1034 MODULE_LICENSE("GPL");
1035 MODULE_VERSION("1.0");
1036 MODULE_ALIAS_GENL_FAMILY("l2tp");