1/*
2 * L2TP netlink layer, for management
3 *
4 * Copyright (c) 2008,2009,2010 Katalix Systems Ltd
5 *
6 * Partly based on the IrDA nelink implementation
7 * (see net/irda/irnetlink.c) which is:
8 * Copyright (c) 2007 Samuel Ortiz <samuel@sortiz.org>
9 * which is in turn partly based on the wireless netlink code:
10 * Copyright 2006 Johannes Berg <johannes@sipsolutions.net>
11 *
12 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License version 2 as
14 * published by the Free Software Foundation.
15 */
16
17#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
18
19#include <net/sock.h>
20#include <net/genetlink.h>
21#include <net/udp.h>
22#include <linux/in.h>
23#include <linux/udp.h>
24#include <linux/socket.h>
25#include <linux/module.h>
26#include <linux/list.h>
27#include <net/net_namespace.h>
28
29#include <linux/l2tp.h>
30
31#include "l2tp_core.h"
32
33
34static struct genl_family l2tp_nl_family = {
35	.id		= GENL_ID_GENERATE,
36	.name		= L2TP_GENL_NAME,
37	.version	= L2TP_GENL_VERSION,
38	.hdrsize	= 0,
39	.maxattr	= L2TP_ATTR_MAX,
40	.netnsok	= true,
41};
42
43static const struct genl_multicast_group l2tp_multicast_group[] = {
44	{
45		.name = L2TP_GENL_MCGROUP,
46	},
47};
48
49static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq,
50			       int flags, struct l2tp_tunnel *tunnel, u8 cmd);
51static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq,
52				int flags, struct l2tp_session *session,
53				u8 cmd);
54
55/* Accessed under genl lock */
56static const struct l2tp_nl_cmd_ops *l2tp_nl_cmd_ops[__L2TP_PWTYPE_MAX];
57
58static struct l2tp_session *l2tp_nl_session_find(struct genl_info *info)
59{
60	u32 tunnel_id;
61	u32 session_id;
62	char *ifname;
63	struct l2tp_tunnel *tunnel;
64	struct l2tp_session *session = NULL;
65	struct net *net = genl_info_net(info);
66
67	if (info->attrs[L2TP_ATTR_IFNAME]) {
68		ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]);
69		session = l2tp_session_find_by_ifname(net, ifname);
70	} else if ((info->attrs[L2TP_ATTR_SESSION_ID]) &&
71		   (info->attrs[L2TP_ATTR_CONN_ID])) {
72		tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
73		session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]);
74		tunnel = l2tp_tunnel_find(net, tunnel_id);
75		if (tunnel)
76			session = l2tp_session_find(net, tunnel, session_id);
77	}
78
79	return session;
80}
81
82static int l2tp_nl_cmd_noop(struct sk_buff *skb, struct genl_info *info)
83{
84	struct sk_buff *msg;
85	void *hdr;
86	int ret = -ENOBUFS;
87
88	msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
89	if (!msg) {
90		ret = -ENOMEM;
91		goto out;
92	}
93
94	hdr = genlmsg_put(msg, info->snd_portid, info->snd_seq,
95			  &l2tp_nl_family, 0, L2TP_CMD_NOOP);
96	if (!hdr) {
97		ret = -EMSGSIZE;
98		goto err_out;
99	}
100
101	genlmsg_end(msg, hdr);
102
103	return genlmsg_unicast(genl_info_net(info), msg, info->snd_portid);
104
105err_out:
106	nlmsg_free(msg);
107
108out:
109	return ret;
110}
111
112static int l2tp_tunnel_notify(struct genl_family *family,
113			      struct genl_info *info,
114			      struct l2tp_tunnel *tunnel,
115			      u8 cmd)
116{
117	struct sk_buff *msg;
118	int ret;
119
120	msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
121	if (!msg)
122		return -ENOMEM;
123
124	ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq,
125				  NLM_F_ACK, tunnel, cmd);
126
127	if (ret >= 0) {
128		ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC);
129		/* We don't care if no one is listening */
130		if (ret == -ESRCH)
131			ret = 0;
132		return ret;
133	}
134
135	nlmsg_free(msg);
136
137	return ret;
138}
139
140static int l2tp_session_notify(struct genl_family *family,
141			       struct genl_info *info,
142			       struct l2tp_session *session,
143			       u8 cmd)
144{
145	struct sk_buff *msg;
146	int ret;
147
148	msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
149	if (!msg)
150		return -ENOMEM;
151
152	ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq,
153				   NLM_F_ACK, session, cmd);
154
155	if (ret >= 0) {
156		ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC);
157		/* We don't care if no one is listening */
158		if (ret == -ESRCH)
159			ret = 0;
160		return ret;
161	}
162
163	nlmsg_free(msg);
164
165	return ret;
166}
167
168static int l2tp_nl_cmd_tunnel_create(struct sk_buff *skb, struct genl_info *info)
169{
170	u32 tunnel_id;
171	u32 peer_tunnel_id;
172	int proto_version;
173	int fd;
174	int ret = 0;
175	struct l2tp_tunnel_cfg cfg = { 0, };
176	struct l2tp_tunnel *tunnel;
177	struct net *net = genl_info_net(info);
178
179	if (!info->attrs[L2TP_ATTR_CONN_ID]) {
180		ret = -EINVAL;
181		goto out;
182	}
183	tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
184
185	if (!info->attrs[L2TP_ATTR_PEER_CONN_ID]) {
186		ret = -EINVAL;
187		goto out;
188	}
189	peer_tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_CONN_ID]);
190
191	if (!info->attrs[L2TP_ATTR_PROTO_VERSION]) {
192		ret = -EINVAL;
193		goto out;
194	}
195	proto_version = nla_get_u8(info->attrs[L2TP_ATTR_PROTO_VERSION]);
196
197	if (!info->attrs[L2TP_ATTR_ENCAP_TYPE]) {
198		ret = -EINVAL;
199		goto out;
200	}
201	cfg.encap = nla_get_u16(info->attrs[L2TP_ATTR_ENCAP_TYPE]);
202
203	fd = -1;
204	if (info->attrs[L2TP_ATTR_FD]) {
205		fd = nla_get_u32(info->attrs[L2TP_ATTR_FD]);
206	} else {
207#if IS_ENABLED(CONFIG_IPV6)
208		if (info->attrs[L2TP_ATTR_IP6_SADDR] &&
209		    info->attrs[L2TP_ATTR_IP6_DADDR]) {
210			cfg.local_ip6 = nla_data(
211				info->attrs[L2TP_ATTR_IP6_SADDR]);
212			cfg.peer_ip6 = nla_data(
213				info->attrs[L2TP_ATTR_IP6_DADDR]);
214		} else
215#endif
216		if (info->attrs[L2TP_ATTR_IP_SADDR] &&
217		    info->attrs[L2TP_ATTR_IP_DADDR]) {
218			cfg.local_ip.s_addr = nla_get_in_addr(
219				info->attrs[L2TP_ATTR_IP_SADDR]);
220			cfg.peer_ip.s_addr = nla_get_in_addr(
221				info->attrs[L2TP_ATTR_IP_DADDR]);
222		} else {
223			ret = -EINVAL;
224			goto out;
225		}
226		if (info->attrs[L2TP_ATTR_UDP_SPORT])
227			cfg.local_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_SPORT]);
228		if (info->attrs[L2TP_ATTR_UDP_DPORT])
229			cfg.peer_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_DPORT]);
230		if (info->attrs[L2TP_ATTR_UDP_CSUM])
231			cfg.use_udp_checksums = nla_get_flag(info->attrs[L2TP_ATTR_UDP_CSUM]);
232
233#if IS_ENABLED(CONFIG_IPV6)
234		if (info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_TX])
235			cfg.udp6_zero_tx_checksums = nla_get_flag(info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_TX]);
236		if (info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_RX])
237			cfg.udp6_zero_rx_checksums = nla_get_flag(info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_RX]);
238#endif
239	}
240
241	if (info->attrs[L2TP_ATTR_DEBUG])
242		cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]);
243
244	tunnel = l2tp_tunnel_find(net, tunnel_id);
245	if (tunnel != NULL) {
246		ret = -EEXIST;
247		goto out;
248	}
249
250	ret = -EINVAL;
251	switch (cfg.encap) {
252	case L2TP_ENCAPTYPE_UDP:
253	case L2TP_ENCAPTYPE_IP:
254		ret = l2tp_tunnel_create(net, fd, proto_version, tunnel_id,
255					 peer_tunnel_id, &cfg, &tunnel);
256		break;
257	}
258
259	if (ret >= 0)
260		ret = l2tp_tunnel_notify(&l2tp_nl_family, info,
261					 tunnel, L2TP_CMD_TUNNEL_CREATE);
262out:
263	return ret;
264}
265
266static int l2tp_nl_cmd_tunnel_delete(struct sk_buff *skb, struct genl_info *info)
267{
268	struct l2tp_tunnel *tunnel;
269	u32 tunnel_id;
270	int ret = 0;
271	struct net *net = genl_info_net(info);
272
273	if (!info->attrs[L2TP_ATTR_CONN_ID]) {
274		ret = -EINVAL;
275		goto out;
276	}
277	tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
278
279	tunnel = l2tp_tunnel_find(net, tunnel_id);
280	if (tunnel == NULL) {
281		ret = -ENODEV;
282		goto out;
283	}
284
285	l2tp_tunnel_notify(&l2tp_nl_family, info,
286			   tunnel, L2TP_CMD_TUNNEL_DELETE);
287
288	(void) l2tp_tunnel_delete(tunnel);
289
290out:
291	return ret;
292}
293
294static int l2tp_nl_cmd_tunnel_modify(struct sk_buff *skb, struct genl_info *info)
295{
296	struct l2tp_tunnel *tunnel;
297	u32 tunnel_id;
298	int ret = 0;
299	struct net *net = genl_info_net(info);
300
301	if (!info->attrs[L2TP_ATTR_CONN_ID]) {
302		ret = -EINVAL;
303		goto out;
304	}
305	tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
306
307	tunnel = l2tp_tunnel_find(net, tunnel_id);
308	if (tunnel == NULL) {
309		ret = -ENODEV;
310		goto out;
311	}
312
313	if (info->attrs[L2TP_ATTR_DEBUG])
314		tunnel->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]);
315
316	ret = l2tp_tunnel_notify(&l2tp_nl_family, info,
317				 tunnel, L2TP_CMD_TUNNEL_MODIFY);
318
319out:
320	return ret;
321}
322
323static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, int flags,
324			       struct l2tp_tunnel *tunnel, u8 cmd)
325{
326	void *hdr;
327	struct nlattr *nest;
328	struct sock *sk = NULL;
329	struct inet_sock *inet;
330#if IS_ENABLED(CONFIG_IPV6)
331	struct ipv6_pinfo *np = NULL;
332#endif
333
334	hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd);
335	if (!hdr)
336		return -EMSGSIZE;
337
338	if (nla_put_u8(skb, L2TP_ATTR_PROTO_VERSION, tunnel->version) ||
339	    nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) ||
340	    nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) ||
341	    nla_put_u32(skb, L2TP_ATTR_DEBUG, tunnel->debug) ||
342	    nla_put_u16(skb, L2TP_ATTR_ENCAP_TYPE, tunnel->encap))
343		goto nla_put_failure;
344
345	nest = nla_nest_start(skb, L2TP_ATTR_STATS);
346	if (nest == NULL)
347		goto nla_put_failure;
348
349	if (nla_put_u64(skb, L2TP_ATTR_TX_PACKETS,
350		    atomic_long_read(&tunnel->stats.tx_packets)) ||
351	    nla_put_u64(skb, L2TP_ATTR_TX_BYTES,
352		    atomic_long_read(&tunnel->stats.tx_bytes)) ||
353	    nla_put_u64(skb, L2TP_ATTR_TX_ERRORS,
354		    atomic_long_read(&tunnel->stats.tx_errors)) ||
355	    nla_put_u64(skb, L2TP_ATTR_RX_PACKETS,
356		    atomic_long_read(&tunnel->stats.rx_packets)) ||
357	    nla_put_u64(skb, L2TP_ATTR_RX_BYTES,
358		    atomic_long_read(&tunnel->stats.rx_bytes)) ||
359	    nla_put_u64(skb, L2TP_ATTR_RX_SEQ_DISCARDS,
360		    atomic_long_read(&tunnel->stats.rx_seq_discards)) ||
361	    nla_put_u64(skb, L2TP_ATTR_RX_OOS_PACKETS,
362		    atomic_long_read(&tunnel->stats.rx_oos_packets)) ||
363	    nla_put_u64(skb, L2TP_ATTR_RX_ERRORS,
364		    atomic_long_read(&tunnel->stats.rx_errors)))
365		goto nla_put_failure;
366	nla_nest_end(skb, nest);
367
368	sk = tunnel->sock;
369	if (!sk)
370		goto out;
371
372#if IS_ENABLED(CONFIG_IPV6)
373	if (sk->sk_family == AF_INET6)
374		np = inet6_sk(sk);
375#endif
376
377	inet = inet_sk(sk);
378
379	switch (tunnel->encap) {
380	case L2TP_ENCAPTYPE_UDP:
381		if (nla_put_u16(skb, L2TP_ATTR_UDP_SPORT, ntohs(inet->inet_sport)) ||
382		    nla_put_u16(skb, L2TP_ATTR_UDP_DPORT, ntohs(inet->inet_dport)) ||
383		    nla_put_u8(skb, L2TP_ATTR_UDP_CSUM, !sk->sk_no_check_tx))
384			goto nla_put_failure;
385		/* NOBREAK */
386	case L2TP_ENCAPTYPE_IP:
387#if IS_ENABLED(CONFIG_IPV6)
388		if (np) {
389			if (nla_put_in6_addr(skb, L2TP_ATTR_IP6_SADDR,
390					     &np->saddr) ||
391			    nla_put_in6_addr(skb, L2TP_ATTR_IP6_DADDR,
392					     &sk->sk_v6_daddr))
393				goto nla_put_failure;
394		} else
395#endif
396		if (nla_put_in_addr(skb, L2TP_ATTR_IP_SADDR,
397				    inet->inet_saddr) ||
398		    nla_put_in_addr(skb, L2TP_ATTR_IP_DADDR,
399				    inet->inet_daddr))
400			goto nla_put_failure;
401		break;
402	}
403
404out:
405	genlmsg_end(skb, hdr);
406	return 0;
407
408nla_put_failure:
409	genlmsg_cancel(skb, hdr);
410	return -1;
411}
412
413static int l2tp_nl_cmd_tunnel_get(struct sk_buff *skb, struct genl_info *info)
414{
415	struct l2tp_tunnel *tunnel;
416	struct sk_buff *msg;
417	u32 tunnel_id;
418	int ret = -ENOBUFS;
419	struct net *net = genl_info_net(info);
420
421	if (!info->attrs[L2TP_ATTR_CONN_ID]) {
422		ret = -EINVAL;
423		goto out;
424	}
425
426	tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
427
428	tunnel = l2tp_tunnel_find(net, tunnel_id);
429	if (tunnel == NULL) {
430		ret = -ENODEV;
431		goto out;
432	}
433
434	msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
435	if (!msg) {
436		ret = -ENOMEM;
437		goto out;
438	}
439
440	ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq,
441				  NLM_F_ACK, tunnel, L2TP_CMD_TUNNEL_GET);
442	if (ret < 0)
443		goto err_out;
444
445	return genlmsg_unicast(net, msg, info->snd_portid);
446
447err_out:
448	nlmsg_free(msg);
449
450out:
451	return ret;
452}
453
454static int l2tp_nl_cmd_tunnel_dump(struct sk_buff *skb, struct netlink_callback *cb)
455{
456	int ti = cb->args[0];
457	struct l2tp_tunnel *tunnel;
458	struct net *net = sock_net(skb->sk);
459
460	for (;;) {
461		tunnel = l2tp_tunnel_find_nth(net, ti);
462		if (tunnel == NULL)
463			goto out;
464
465		if (l2tp_nl_tunnel_send(skb, NETLINK_CB(cb->skb).portid,
466					cb->nlh->nlmsg_seq, NLM_F_MULTI,
467					tunnel, L2TP_CMD_TUNNEL_GET) < 0)
468			goto out;
469
470		ti++;
471	}
472
473out:
474	cb->args[0] = ti;
475
476	return skb->len;
477}
478
479static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *info)
480{
481	u32 tunnel_id = 0;
482	u32 session_id;
483	u32 peer_session_id;
484	int ret = 0;
485	struct l2tp_tunnel *tunnel;
486	struct l2tp_session *session;
487	struct l2tp_session_cfg cfg = { 0, };
488	struct net *net = genl_info_net(info);
489
490	if (!info->attrs[L2TP_ATTR_CONN_ID]) {
491		ret = -EINVAL;
492		goto out;
493	}
494	tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]);
495	tunnel = l2tp_tunnel_find(net, tunnel_id);
496	if (!tunnel) {
497		ret = -ENODEV;
498		goto out;
499	}
500
501	if (!info->attrs[L2TP_ATTR_SESSION_ID]) {
502		ret = -EINVAL;
503		goto out;
504	}
505	session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]);
506	session = l2tp_session_find(net, tunnel, session_id);
507	if (session) {
508		ret = -EEXIST;
509		goto out;
510	}
511
512	if (!info->attrs[L2TP_ATTR_PEER_SESSION_ID]) {
513		ret = -EINVAL;
514		goto out;
515	}
516	peer_session_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_SESSION_ID]);
517
518	if (!info->attrs[L2TP_ATTR_PW_TYPE]) {
519		ret = -EINVAL;
520		goto out;
521	}
522	cfg.pw_type = nla_get_u16(info->attrs[L2TP_ATTR_PW_TYPE]);
523	if (cfg.pw_type >= __L2TP_PWTYPE_MAX) {
524		ret = -EINVAL;
525		goto out;
526	}
527
528	if (tunnel->version > 2) {
529		if (info->attrs[L2TP_ATTR_OFFSET])
530			cfg.offset = nla_get_u16(info->attrs[L2TP_ATTR_OFFSET]);
531
532		if (info->attrs[L2TP_ATTR_DATA_SEQ])
533			cfg.data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]);
534
535		cfg.l2specific_type = L2TP_L2SPECTYPE_DEFAULT;
536		if (info->attrs[L2TP_ATTR_L2SPEC_TYPE])
537			cfg.l2specific_type = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_TYPE]);
538
539		cfg.l2specific_len = 4;
540		if (info->attrs[L2TP_ATTR_L2SPEC_LEN])
541			cfg.l2specific_len = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_LEN]);
542
543		if (info->attrs[L2TP_ATTR_COOKIE]) {
544			u16 len = nla_len(info->attrs[L2TP_ATTR_COOKIE]);
545			if (len > 8) {
546				ret = -EINVAL;
547				goto out;
548			}
549			cfg.cookie_len = len;
550			memcpy(&cfg.cookie[0], nla_data(info->attrs[L2TP_ATTR_COOKIE]), len);
551		}
552		if (info->attrs[L2TP_ATTR_PEER_COOKIE]) {
553			u16 len = nla_len(info->attrs[L2TP_ATTR_PEER_COOKIE]);
554			if (len > 8) {
555				ret = -EINVAL;
556				goto out;
557			}
558			cfg.peer_cookie_len = len;
559			memcpy(&cfg.peer_cookie[0], nla_data(info->attrs[L2TP_ATTR_PEER_COOKIE]), len);
560		}
561		if (info->attrs[L2TP_ATTR_IFNAME])
562			cfg.ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]);
563
564		if (info->attrs[L2TP_ATTR_VLAN_ID])
565			cfg.vlan_id = nla_get_u16(info->attrs[L2TP_ATTR_VLAN_ID]);
566	}
567
568	if (info->attrs[L2TP_ATTR_DEBUG])
569		cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]);
570
571	if (info->attrs[L2TP_ATTR_RECV_SEQ])
572		cfg.recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]);
573
574	if (info->attrs[L2TP_ATTR_SEND_SEQ])
575		cfg.send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]);
576
577	if (info->attrs[L2TP_ATTR_LNS_MODE])
578		cfg.lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]);
579
580	if (info->attrs[L2TP_ATTR_RECV_TIMEOUT])
581		cfg.reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]);
582
583	if (info->attrs[L2TP_ATTR_MTU])
584		cfg.mtu = nla_get_u16(info->attrs[L2TP_ATTR_MTU]);
585
586	if (info->attrs[L2TP_ATTR_MRU])
587		cfg.mru = nla_get_u16(info->attrs[L2TP_ATTR_MRU]);
588
589	if ((l2tp_nl_cmd_ops[cfg.pw_type] == NULL) ||
590	    (l2tp_nl_cmd_ops[cfg.pw_type]->session_create == NULL)) {
591		ret = -EPROTONOSUPPORT;
592		goto out;
593	}
594
595	/* Check that pseudowire-specific params are present */
596	switch (cfg.pw_type) {
597	case L2TP_PWTYPE_NONE:
598		break;
599	case L2TP_PWTYPE_ETH_VLAN:
600		if (!info->attrs[L2TP_ATTR_VLAN_ID]) {
601			ret = -EINVAL;
602			goto out;
603		}
604		break;
605	case L2TP_PWTYPE_ETH:
606		break;
607	case L2TP_PWTYPE_PPP:
608	case L2TP_PWTYPE_PPP_AC:
609		break;
610	case L2TP_PWTYPE_IP:
611	default:
612		ret = -EPROTONOSUPPORT;
613		break;
614	}
615
616	ret = -EPROTONOSUPPORT;
617	if (l2tp_nl_cmd_ops[cfg.pw_type]->session_create)
618		ret = (*l2tp_nl_cmd_ops[cfg.pw_type]->session_create)(net, tunnel_id,
619			session_id, peer_session_id, &cfg);
620
621	if (ret >= 0) {
622		session = l2tp_session_find(net, tunnel, session_id);
623		if (session)
624			ret = l2tp_session_notify(&l2tp_nl_family, info, session,
625						  L2TP_CMD_SESSION_CREATE);
626	}
627
628out:
629	return ret;
630}
631
632static int l2tp_nl_cmd_session_delete(struct sk_buff *skb, struct genl_info *info)
633{
634	int ret = 0;
635	struct l2tp_session *session;
636	u16 pw_type;
637
638	session = l2tp_nl_session_find(info);
639	if (session == NULL) {
640		ret = -ENODEV;
641		goto out;
642	}
643
644	l2tp_session_notify(&l2tp_nl_family, info,
645			    session, L2TP_CMD_SESSION_DELETE);
646
647	pw_type = session->pwtype;
648	if (pw_type < __L2TP_PWTYPE_MAX)
649		if (l2tp_nl_cmd_ops[pw_type] && l2tp_nl_cmd_ops[pw_type]->session_delete)
650			ret = (*l2tp_nl_cmd_ops[pw_type]->session_delete)(session);
651
652out:
653	return ret;
654}
655
656static int l2tp_nl_cmd_session_modify(struct sk_buff *skb, struct genl_info *info)
657{
658	int ret = 0;
659	struct l2tp_session *session;
660
661	session = l2tp_nl_session_find(info);
662	if (session == NULL) {
663		ret = -ENODEV;
664		goto out;
665	}
666
667	if (info->attrs[L2TP_ATTR_DEBUG])
668		session->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]);
669
670	if (info->attrs[L2TP_ATTR_DATA_SEQ])
671		session->data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]);
672
673	if (info->attrs[L2TP_ATTR_RECV_SEQ])
674		session->recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]);
675
676	if (info->attrs[L2TP_ATTR_SEND_SEQ]) {
677		session->send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]);
678		l2tp_session_set_header_len(session, session->tunnel->version);
679	}
680
681	if (info->attrs[L2TP_ATTR_LNS_MODE])
682		session->lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]);
683
684	if (info->attrs[L2TP_ATTR_RECV_TIMEOUT])
685		session->reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]);
686
687	if (info->attrs[L2TP_ATTR_MTU])
688		session->mtu = nla_get_u16(info->attrs[L2TP_ATTR_MTU]);
689
690	if (info->attrs[L2TP_ATTR_MRU])
691		session->mru = nla_get_u16(info->attrs[L2TP_ATTR_MRU]);
692
693	ret = l2tp_session_notify(&l2tp_nl_family, info,
694				  session, L2TP_CMD_SESSION_MODIFY);
695
696out:
697	return ret;
698}
699
700static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, int flags,
701				struct l2tp_session *session, u8 cmd)
702{
703	void *hdr;
704	struct nlattr *nest;
705	struct l2tp_tunnel *tunnel = session->tunnel;
706	struct sock *sk = NULL;
707
708	sk = tunnel->sock;
709
710	hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd);
711	if (!hdr)
712		return -EMSGSIZE;
713
714	if (nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) ||
715	    nla_put_u32(skb, L2TP_ATTR_SESSION_ID, session->session_id) ||
716	    nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) ||
717	    nla_put_u32(skb, L2TP_ATTR_PEER_SESSION_ID,
718			session->peer_session_id) ||
719	    nla_put_u32(skb, L2TP_ATTR_DEBUG, session->debug) ||
720	    nla_put_u16(skb, L2TP_ATTR_PW_TYPE, session->pwtype) ||
721	    nla_put_u16(skb, L2TP_ATTR_MTU, session->mtu) ||
722	    (session->mru &&
723	     nla_put_u16(skb, L2TP_ATTR_MRU, session->mru)))
724		goto nla_put_failure;
725
726	if ((session->ifname[0] &&
727	     nla_put_string(skb, L2TP_ATTR_IFNAME, session->ifname)) ||
728	    (session->cookie_len &&
729	     nla_put(skb, L2TP_ATTR_COOKIE, session->cookie_len,
730		     &session->cookie[0])) ||
731	    (session->peer_cookie_len &&
732	     nla_put(skb, L2TP_ATTR_PEER_COOKIE, session->peer_cookie_len,
733		     &session->peer_cookie[0])) ||
734	    nla_put_u8(skb, L2TP_ATTR_RECV_SEQ, session->recv_seq) ||
735	    nla_put_u8(skb, L2TP_ATTR_SEND_SEQ, session->send_seq) ||
736	    nla_put_u8(skb, L2TP_ATTR_LNS_MODE, session->lns_mode) ||
737#ifdef CONFIG_XFRM
738	    (((sk) && (sk->sk_policy[0] || sk->sk_policy[1])) &&
739	     nla_put_u8(skb, L2TP_ATTR_USING_IPSEC, 1)) ||
740#endif
741	    (session->reorder_timeout &&
742	     nla_put_msecs(skb, L2TP_ATTR_RECV_TIMEOUT, session->reorder_timeout)))
743		goto nla_put_failure;
744
745	nest = nla_nest_start(skb, L2TP_ATTR_STATS);
746	if (nest == NULL)
747		goto nla_put_failure;
748
749	if (nla_put_u64(skb, L2TP_ATTR_TX_PACKETS,
750		atomic_long_read(&session->stats.tx_packets)) ||
751	    nla_put_u64(skb, L2TP_ATTR_TX_BYTES,
752		atomic_long_read(&session->stats.tx_bytes)) ||
753	    nla_put_u64(skb, L2TP_ATTR_TX_ERRORS,
754		atomic_long_read(&session->stats.tx_errors)) ||
755	    nla_put_u64(skb, L2TP_ATTR_RX_PACKETS,
756		atomic_long_read(&session->stats.rx_packets)) ||
757	    nla_put_u64(skb, L2TP_ATTR_RX_BYTES,
758		atomic_long_read(&session->stats.rx_bytes)) ||
759	    nla_put_u64(skb, L2TP_ATTR_RX_SEQ_DISCARDS,
760		atomic_long_read(&session->stats.rx_seq_discards)) ||
761	    nla_put_u64(skb, L2TP_ATTR_RX_OOS_PACKETS,
762		atomic_long_read(&session->stats.rx_oos_packets)) ||
763	    nla_put_u64(skb, L2TP_ATTR_RX_ERRORS,
764		atomic_long_read(&session->stats.rx_errors)))
765		goto nla_put_failure;
766	nla_nest_end(skb, nest);
767
768	genlmsg_end(skb, hdr);
769	return 0;
770
771 nla_put_failure:
772	genlmsg_cancel(skb, hdr);
773	return -1;
774}
775
776static int l2tp_nl_cmd_session_get(struct sk_buff *skb, struct genl_info *info)
777{
778	struct l2tp_session *session;
779	struct sk_buff *msg;
780	int ret;
781
782	session = l2tp_nl_session_find(info);
783	if (session == NULL) {
784		ret = -ENODEV;
785		goto out;
786	}
787
788	msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
789	if (!msg) {
790		ret = -ENOMEM;
791		goto out;
792	}
793
794	ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq,
795				   0, session, L2TP_CMD_SESSION_GET);
796	if (ret < 0)
797		goto err_out;
798
799	return genlmsg_unicast(genl_info_net(info), msg, info->snd_portid);
800
801err_out:
802	nlmsg_free(msg);
803
804out:
805	return ret;
806}
807
808static int l2tp_nl_cmd_session_dump(struct sk_buff *skb, struct netlink_callback *cb)
809{
810	struct net *net = sock_net(skb->sk);
811	struct l2tp_session *session;
812	struct l2tp_tunnel *tunnel = NULL;
813	int ti = cb->args[0];
814	int si = cb->args[1];
815
816	for (;;) {
817		if (tunnel == NULL) {
818			tunnel = l2tp_tunnel_find_nth(net, ti);
819			if (tunnel == NULL)
820				goto out;
821		}
822
823		session = l2tp_session_find_nth(tunnel, si);
824		if (session == NULL) {
825			ti++;
826			tunnel = NULL;
827			si = 0;
828			continue;
829		}
830
831		if (l2tp_nl_session_send(skb, NETLINK_CB(cb->skb).portid,
832					 cb->nlh->nlmsg_seq, NLM_F_MULTI,
833					 session, L2TP_CMD_SESSION_GET) < 0)
834			break;
835
836		si++;
837	}
838
839out:
840	cb->args[0] = ti;
841	cb->args[1] = si;
842
843	return skb->len;
844}
845
846static struct nla_policy l2tp_nl_policy[L2TP_ATTR_MAX + 1] = {
847	[L2TP_ATTR_NONE]		= { .type = NLA_UNSPEC, },
848	[L2TP_ATTR_PW_TYPE]		= { .type = NLA_U16, },
849	[L2TP_ATTR_ENCAP_TYPE]		= { .type = NLA_U16, },
850	[L2TP_ATTR_OFFSET]		= { .type = NLA_U16, },
851	[L2TP_ATTR_DATA_SEQ]		= { .type = NLA_U8, },
852	[L2TP_ATTR_L2SPEC_TYPE]		= { .type = NLA_U8, },
853	[L2TP_ATTR_L2SPEC_LEN]		= { .type = NLA_U8, },
854	[L2TP_ATTR_PROTO_VERSION]	= { .type = NLA_U8, },
855	[L2TP_ATTR_CONN_ID]		= { .type = NLA_U32, },
856	[L2TP_ATTR_PEER_CONN_ID]	= { .type = NLA_U32, },
857	[L2TP_ATTR_SESSION_ID]		= { .type = NLA_U32, },
858	[L2TP_ATTR_PEER_SESSION_ID]	= { .type = NLA_U32, },
859	[L2TP_ATTR_UDP_CSUM]		= { .type = NLA_U8, },
860	[L2TP_ATTR_VLAN_ID]		= { .type = NLA_U16, },
861	[L2TP_ATTR_DEBUG]		= { .type = NLA_U32, },
862	[L2TP_ATTR_RECV_SEQ]		= { .type = NLA_U8, },
863	[L2TP_ATTR_SEND_SEQ]		= { .type = NLA_U8, },
864	[L2TP_ATTR_LNS_MODE]		= { .type = NLA_U8, },
865	[L2TP_ATTR_USING_IPSEC]		= { .type = NLA_U8, },
866	[L2TP_ATTR_RECV_TIMEOUT]	= { .type = NLA_MSECS, },
867	[L2TP_ATTR_FD]			= { .type = NLA_U32, },
868	[L2TP_ATTR_IP_SADDR]		= { .type = NLA_U32, },
869	[L2TP_ATTR_IP_DADDR]		= { .type = NLA_U32, },
870	[L2TP_ATTR_UDP_SPORT]		= { .type = NLA_U16, },
871	[L2TP_ATTR_UDP_DPORT]		= { .type = NLA_U16, },
872	[L2TP_ATTR_MTU]			= { .type = NLA_U16, },
873	[L2TP_ATTR_MRU]			= { .type = NLA_U16, },
874	[L2TP_ATTR_STATS]		= { .type = NLA_NESTED, },
875	[L2TP_ATTR_IP6_SADDR] = {
876		.type = NLA_BINARY,
877		.len = sizeof(struct in6_addr),
878	},
879	[L2TP_ATTR_IP6_DADDR] = {
880		.type = NLA_BINARY,
881		.len = sizeof(struct in6_addr),
882	},
883	[L2TP_ATTR_IFNAME] = {
884		.type = NLA_NUL_STRING,
885		.len = IFNAMSIZ - 1,
886	},
887	[L2TP_ATTR_COOKIE] = {
888		.type = NLA_BINARY,
889		.len = 8,
890	},
891	[L2TP_ATTR_PEER_COOKIE] = {
892		.type = NLA_BINARY,
893		.len = 8,
894	},
895};
896
897static const struct genl_ops l2tp_nl_ops[] = {
898	{
899		.cmd = L2TP_CMD_NOOP,
900		.doit = l2tp_nl_cmd_noop,
901		.policy = l2tp_nl_policy,
902		/* can be retrieved by unprivileged users */
903	},
904	{
905		.cmd = L2TP_CMD_TUNNEL_CREATE,
906		.doit = l2tp_nl_cmd_tunnel_create,
907		.policy = l2tp_nl_policy,
908		.flags = GENL_ADMIN_PERM,
909	},
910	{
911		.cmd = L2TP_CMD_TUNNEL_DELETE,
912		.doit = l2tp_nl_cmd_tunnel_delete,
913		.policy = l2tp_nl_policy,
914		.flags = GENL_ADMIN_PERM,
915	},
916	{
917		.cmd = L2TP_CMD_TUNNEL_MODIFY,
918		.doit = l2tp_nl_cmd_tunnel_modify,
919		.policy = l2tp_nl_policy,
920		.flags = GENL_ADMIN_PERM,
921	},
922	{
923		.cmd = L2TP_CMD_TUNNEL_GET,
924		.doit = l2tp_nl_cmd_tunnel_get,
925		.dumpit = l2tp_nl_cmd_tunnel_dump,
926		.policy = l2tp_nl_policy,
927		.flags = GENL_ADMIN_PERM,
928	},
929	{
930		.cmd = L2TP_CMD_SESSION_CREATE,
931		.doit = l2tp_nl_cmd_session_create,
932		.policy = l2tp_nl_policy,
933		.flags = GENL_ADMIN_PERM,
934	},
935	{
936		.cmd = L2TP_CMD_SESSION_DELETE,
937		.doit = l2tp_nl_cmd_session_delete,
938		.policy = l2tp_nl_policy,
939		.flags = GENL_ADMIN_PERM,
940	},
941	{
942		.cmd = L2TP_CMD_SESSION_MODIFY,
943		.doit = l2tp_nl_cmd_session_modify,
944		.policy = l2tp_nl_policy,
945		.flags = GENL_ADMIN_PERM,
946	},
947	{
948		.cmd = L2TP_CMD_SESSION_GET,
949		.doit = l2tp_nl_cmd_session_get,
950		.dumpit = l2tp_nl_cmd_session_dump,
951		.policy = l2tp_nl_policy,
952		.flags = GENL_ADMIN_PERM,
953	},
954};
955
956int l2tp_nl_register_ops(enum l2tp_pwtype pw_type, const struct l2tp_nl_cmd_ops *ops)
957{
958	int ret;
959
960	ret = -EINVAL;
961	if (pw_type >= __L2TP_PWTYPE_MAX)
962		goto err;
963
964	genl_lock();
965	ret = -EBUSY;
966	if (l2tp_nl_cmd_ops[pw_type])
967		goto out;
968
969	l2tp_nl_cmd_ops[pw_type] = ops;
970	ret = 0;
971
972out:
973	genl_unlock();
974err:
975	return ret;
976}
977EXPORT_SYMBOL_GPL(l2tp_nl_register_ops);
978
979void l2tp_nl_unregister_ops(enum l2tp_pwtype pw_type)
980{
981	if (pw_type < __L2TP_PWTYPE_MAX) {
982		genl_lock();
983		l2tp_nl_cmd_ops[pw_type] = NULL;
984		genl_unlock();
985	}
986}
987EXPORT_SYMBOL_GPL(l2tp_nl_unregister_ops);
988
989static int l2tp_nl_init(void)
990{
991	pr_info("L2TP netlink interface\n");
992	return genl_register_family_with_ops_groups(&l2tp_nl_family,
993						    l2tp_nl_ops,
994						    l2tp_multicast_group);
995}
996
997static void l2tp_nl_cleanup(void)
998{
999	genl_unregister_family(&l2tp_nl_family);
1000}
1001
1002module_init(l2tp_nl_init);
1003module_exit(l2tp_nl_cleanup);
1004
1005MODULE_AUTHOR("James Chapman <jchapman@katalix.com>");
1006MODULE_DESCRIPTION("L2TP netlink");
1007MODULE_LICENSE("GPL");
1008MODULE_VERSION("1.0");
1009MODULE_ALIAS_GENL_FAMILY("l2tp");
1010