1/* 2 * L2TP netlink layer, for management 3 * 4 * Copyright (c) 2008,2009,2010 Katalix Systems Ltd 5 * 6 * Partly based on the IrDA nelink implementation 7 * (see net/irda/irnetlink.c) which is: 8 * Copyright (c) 2007 Samuel Ortiz <samuel@sortiz.org> 9 * which is in turn partly based on the wireless netlink code: 10 * Copyright 2006 Johannes Berg <johannes@sipsolutions.net> 11 * 12 * This program is free software; you can redistribute it and/or modify 13 * it under the terms of the GNU General Public License version 2 as 14 * published by the Free Software Foundation. 15 */ 16 17#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 18 19#include <net/sock.h> 20#include <net/genetlink.h> 21#include <net/udp.h> 22#include <linux/in.h> 23#include <linux/udp.h> 24#include <linux/socket.h> 25#include <linux/module.h> 26#include <linux/list.h> 27#include <net/net_namespace.h> 28 29#include <linux/l2tp.h> 30 31#include "l2tp_core.h" 32 33 34static struct genl_family l2tp_nl_family = { 35 .id = GENL_ID_GENERATE, 36 .name = L2TP_GENL_NAME, 37 .version = L2TP_GENL_VERSION, 38 .hdrsize = 0, 39 .maxattr = L2TP_ATTR_MAX, 40 .netnsok = true, 41}; 42 43static const struct genl_multicast_group l2tp_multicast_group[] = { 44 { 45 .name = L2TP_GENL_MCGROUP, 46 }, 47}; 48 49static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, 50 int flags, struct l2tp_tunnel *tunnel, u8 cmd); 51static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, 52 int flags, struct l2tp_session *session, 53 u8 cmd); 54 55/* Accessed under genl lock */ 56static const struct l2tp_nl_cmd_ops *l2tp_nl_cmd_ops[__L2TP_PWTYPE_MAX]; 57 58static struct l2tp_session *l2tp_nl_session_find(struct genl_info *info) 59{ 60 u32 tunnel_id; 61 u32 session_id; 62 char *ifname; 63 struct l2tp_tunnel *tunnel; 64 struct l2tp_session *session = NULL; 65 struct net *net = genl_info_net(info); 66 67 if (info->attrs[L2TP_ATTR_IFNAME]) { 68 ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]); 69 session = l2tp_session_find_by_ifname(net, ifname); 70 } else if ((info->attrs[L2TP_ATTR_SESSION_ID]) && 71 (info->attrs[L2TP_ATTR_CONN_ID])) { 72 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 73 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]); 74 tunnel = l2tp_tunnel_find(net, tunnel_id); 75 if (tunnel) 76 session = l2tp_session_find(net, tunnel, session_id); 77 } 78 79 return session; 80} 81 82static int l2tp_nl_cmd_noop(struct sk_buff *skb, struct genl_info *info) 83{ 84 struct sk_buff *msg; 85 void *hdr; 86 int ret = -ENOBUFS; 87 88 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 89 if (!msg) { 90 ret = -ENOMEM; 91 goto out; 92 } 93 94 hdr = genlmsg_put(msg, info->snd_portid, info->snd_seq, 95 &l2tp_nl_family, 0, L2TP_CMD_NOOP); 96 if (!hdr) { 97 ret = -EMSGSIZE; 98 goto err_out; 99 } 100 101 genlmsg_end(msg, hdr); 102 103 return genlmsg_unicast(genl_info_net(info), msg, info->snd_portid); 104 105err_out: 106 nlmsg_free(msg); 107 108out: 109 return ret; 110} 111 112static int l2tp_tunnel_notify(struct genl_family *family, 113 struct genl_info *info, 114 struct l2tp_tunnel *tunnel, 115 u8 cmd) 116{ 117 struct sk_buff *msg; 118 int ret; 119 120 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 121 if (!msg) 122 return -ENOMEM; 123 124 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq, 125 NLM_F_ACK, tunnel, cmd); 126 127 if (ret >= 0) { 128 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC); 129 /* We don't care if no one is listening */ 130 if (ret == -ESRCH) 131 ret = 0; 132 return ret; 133 } 134 135 nlmsg_free(msg); 136 137 return ret; 138} 139 140static int l2tp_session_notify(struct genl_family *family, 141 struct genl_info *info, 142 struct l2tp_session *session, 143 u8 cmd) 144{ 145 struct sk_buff *msg; 146 int ret; 147 148 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 149 if (!msg) 150 return -ENOMEM; 151 152 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq, 153 NLM_F_ACK, session, cmd); 154 155 if (ret >= 0) { 156 ret = genlmsg_multicast_allns(family, msg, 0, 0, GFP_ATOMIC); 157 /* We don't care if no one is listening */ 158 if (ret == -ESRCH) 159 ret = 0; 160 return ret; 161 } 162 163 nlmsg_free(msg); 164 165 return ret; 166} 167 168static int l2tp_nl_cmd_tunnel_create(struct sk_buff *skb, struct genl_info *info) 169{ 170 u32 tunnel_id; 171 u32 peer_tunnel_id; 172 int proto_version; 173 int fd; 174 int ret = 0; 175 struct l2tp_tunnel_cfg cfg = { 0, }; 176 struct l2tp_tunnel *tunnel; 177 struct net *net = genl_info_net(info); 178 179 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 180 ret = -EINVAL; 181 goto out; 182 } 183 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 184 185 if (!info->attrs[L2TP_ATTR_PEER_CONN_ID]) { 186 ret = -EINVAL; 187 goto out; 188 } 189 peer_tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_CONN_ID]); 190 191 if (!info->attrs[L2TP_ATTR_PROTO_VERSION]) { 192 ret = -EINVAL; 193 goto out; 194 } 195 proto_version = nla_get_u8(info->attrs[L2TP_ATTR_PROTO_VERSION]); 196 197 if (!info->attrs[L2TP_ATTR_ENCAP_TYPE]) { 198 ret = -EINVAL; 199 goto out; 200 } 201 cfg.encap = nla_get_u16(info->attrs[L2TP_ATTR_ENCAP_TYPE]); 202 203 fd = -1; 204 if (info->attrs[L2TP_ATTR_FD]) { 205 fd = nla_get_u32(info->attrs[L2TP_ATTR_FD]); 206 } else { 207#if IS_ENABLED(CONFIG_IPV6) 208 if (info->attrs[L2TP_ATTR_IP6_SADDR] && 209 info->attrs[L2TP_ATTR_IP6_DADDR]) { 210 cfg.local_ip6 = nla_data( 211 info->attrs[L2TP_ATTR_IP6_SADDR]); 212 cfg.peer_ip6 = nla_data( 213 info->attrs[L2TP_ATTR_IP6_DADDR]); 214 } else 215#endif 216 if (info->attrs[L2TP_ATTR_IP_SADDR] && 217 info->attrs[L2TP_ATTR_IP_DADDR]) { 218 cfg.local_ip.s_addr = nla_get_in_addr( 219 info->attrs[L2TP_ATTR_IP_SADDR]); 220 cfg.peer_ip.s_addr = nla_get_in_addr( 221 info->attrs[L2TP_ATTR_IP_DADDR]); 222 } else { 223 ret = -EINVAL; 224 goto out; 225 } 226 if (info->attrs[L2TP_ATTR_UDP_SPORT]) 227 cfg.local_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_SPORT]); 228 if (info->attrs[L2TP_ATTR_UDP_DPORT]) 229 cfg.peer_udp_port = nla_get_u16(info->attrs[L2TP_ATTR_UDP_DPORT]); 230 if (info->attrs[L2TP_ATTR_UDP_CSUM]) 231 cfg.use_udp_checksums = nla_get_flag(info->attrs[L2TP_ATTR_UDP_CSUM]); 232 233#if IS_ENABLED(CONFIG_IPV6) 234 if (info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_TX]) 235 cfg.udp6_zero_tx_checksums = nla_get_flag(info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_TX]); 236 if (info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_RX]) 237 cfg.udp6_zero_rx_checksums = nla_get_flag(info->attrs[L2TP_ATTR_UDP_ZERO_CSUM6_RX]); 238#endif 239 } 240 241 if (info->attrs[L2TP_ATTR_DEBUG]) 242 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 243 244 tunnel = l2tp_tunnel_find(net, tunnel_id); 245 if (tunnel != NULL) { 246 ret = -EEXIST; 247 goto out; 248 } 249 250 ret = -EINVAL; 251 switch (cfg.encap) { 252 case L2TP_ENCAPTYPE_UDP: 253 case L2TP_ENCAPTYPE_IP: 254 ret = l2tp_tunnel_create(net, fd, proto_version, tunnel_id, 255 peer_tunnel_id, &cfg, &tunnel); 256 break; 257 } 258 259 if (ret >= 0) 260 ret = l2tp_tunnel_notify(&l2tp_nl_family, info, 261 tunnel, L2TP_CMD_TUNNEL_CREATE); 262out: 263 return ret; 264} 265 266static int l2tp_nl_cmd_tunnel_delete(struct sk_buff *skb, struct genl_info *info) 267{ 268 struct l2tp_tunnel *tunnel; 269 u32 tunnel_id; 270 int ret = 0; 271 struct net *net = genl_info_net(info); 272 273 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 274 ret = -EINVAL; 275 goto out; 276 } 277 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 278 279 tunnel = l2tp_tunnel_find(net, tunnel_id); 280 if (tunnel == NULL) { 281 ret = -ENODEV; 282 goto out; 283 } 284 285 l2tp_tunnel_notify(&l2tp_nl_family, info, 286 tunnel, L2TP_CMD_TUNNEL_DELETE); 287 288 (void) l2tp_tunnel_delete(tunnel); 289 290out: 291 return ret; 292} 293 294static int l2tp_nl_cmd_tunnel_modify(struct sk_buff *skb, struct genl_info *info) 295{ 296 struct l2tp_tunnel *tunnel; 297 u32 tunnel_id; 298 int ret = 0; 299 struct net *net = genl_info_net(info); 300 301 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 302 ret = -EINVAL; 303 goto out; 304 } 305 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 306 307 tunnel = l2tp_tunnel_find(net, tunnel_id); 308 if (tunnel == NULL) { 309 ret = -ENODEV; 310 goto out; 311 } 312 313 if (info->attrs[L2TP_ATTR_DEBUG]) 314 tunnel->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 315 316 ret = l2tp_tunnel_notify(&l2tp_nl_family, info, 317 tunnel, L2TP_CMD_TUNNEL_MODIFY); 318 319out: 320 return ret; 321} 322 323static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, int flags, 324 struct l2tp_tunnel *tunnel, u8 cmd) 325{ 326 void *hdr; 327 struct nlattr *nest; 328 struct sock *sk = NULL; 329 struct inet_sock *inet; 330#if IS_ENABLED(CONFIG_IPV6) 331 struct ipv6_pinfo *np = NULL; 332#endif 333 334 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd); 335 if (!hdr) 336 return -EMSGSIZE; 337 338 if (nla_put_u8(skb, L2TP_ATTR_PROTO_VERSION, tunnel->version) || 339 nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) || 340 nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) || 341 nla_put_u32(skb, L2TP_ATTR_DEBUG, tunnel->debug) || 342 nla_put_u16(skb, L2TP_ATTR_ENCAP_TYPE, tunnel->encap)) 343 goto nla_put_failure; 344 345 nest = nla_nest_start(skb, L2TP_ATTR_STATS); 346 if (nest == NULL) 347 goto nla_put_failure; 348 349 if (nla_put_u64(skb, L2TP_ATTR_TX_PACKETS, 350 atomic_long_read(&tunnel->stats.tx_packets)) || 351 nla_put_u64(skb, L2TP_ATTR_TX_BYTES, 352 atomic_long_read(&tunnel->stats.tx_bytes)) || 353 nla_put_u64(skb, L2TP_ATTR_TX_ERRORS, 354 atomic_long_read(&tunnel->stats.tx_errors)) || 355 nla_put_u64(skb, L2TP_ATTR_RX_PACKETS, 356 atomic_long_read(&tunnel->stats.rx_packets)) || 357 nla_put_u64(skb, L2TP_ATTR_RX_BYTES, 358 atomic_long_read(&tunnel->stats.rx_bytes)) || 359 nla_put_u64(skb, L2TP_ATTR_RX_SEQ_DISCARDS, 360 atomic_long_read(&tunnel->stats.rx_seq_discards)) || 361 nla_put_u64(skb, L2TP_ATTR_RX_OOS_PACKETS, 362 atomic_long_read(&tunnel->stats.rx_oos_packets)) || 363 nla_put_u64(skb, L2TP_ATTR_RX_ERRORS, 364 atomic_long_read(&tunnel->stats.rx_errors))) 365 goto nla_put_failure; 366 nla_nest_end(skb, nest); 367 368 sk = tunnel->sock; 369 if (!sk) 370 goto out; 371 372#if IS_ENABLED(CONFIG_IPV6) 373 if (sk->sk_family == AF_INET6) 374 np = inet6_sk(sk); 375#endif 376 377 inet = inet_sk(sk); 378 379 switch (tunnel->encap) { 380 case L2TP_ENCAPTYPE_UDP: 381 if (nla_put_u16(skb, L2TP_ATTR_UDP_SPORT, ntohs(inet->inet_sport)) || 382 nla_put_u16(skb, L2TP_ATTR_UDP_DPORT, ntohs(inet->inet_dport)) || 383 nla_put_u8(skb, L2TP_ATTR_UDP_CSUM, !sk->sk_no_check_tx)) 384 goto nla_put_failure; 385 /* NOBREAK */ 386 case L2TP_ENCAPTYPE_IP: 387#if IS_ENABLED(CONFIG_IPV6) 388 if (np) { 389 if (nla_put_in6_addr(skb, L2TP_ATTR_IP6_SADDR, 390 &np->saddr) || 391 nla_put_in6_addr(skb, L2TP_ATTR_IP6_DADDR, 392 &sk->sk_v6_daddr)) 393 goto nla_put_failure; 394 } else 395#endif 396 if (nla_put_in_addr(skb, L2TP_ATTR_IP_SADDR, 397 inet->inet_saddr) || 398 nla_put_in_addr(skb, L2TP_ATTR_IP_DADDR, 399 inet->inet_daddr)) 400 goto nla_put_failure; 401 break; 402 } 403 404out: 405 genlmsg_end(skb, hdr); 406 return 0; 407 408nla_put_failure: 409 genlmsg_cancel(skb, hdr); 410 return -1; 411} 412 413static int l2tp_nl_cmd_tunnel_get(struct sk_buff *skb, struct genl_info *info) 414{ 415 struct l2tp_tunnel *tunnel; 416 struct sk_buff *msg; 417 u32 tunnel_id; 418 int ret = -ENOBUFS; 419 struct net *net = genl_info_net(info); 420 421 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 422 ret = -EINVAL; 423 goto out; 424 } 425 426 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 427 428 tunnel = l2tp_tunnel_find(net, tunnel_id); 429 if (tunnel == NULL) { 430 ret = -ENODEV; 431 goto out; 432 } 433 434 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 435 if (!msg) { 436 ret = -ENOMEM; 437 goto out; 438 } 439 440 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq, 441 NLM_F_ACK, tunnel, L2TP_CMD_TUNNEL_GET); 442 if (ret < 0) 443 goto err_out; 444 445 return genlmsg_unicast(net, msg, info->snd_portid); 446 447err_out: 448 nlmsg_free(msg); 449 450out: 451 return ret; 452} 453 454static int l2tp_nl_cmd_tunnel_dump(struct sk_buff *skb, struct netlink_callback *cb) 455{ 456 int ti = cb->args[0]; 457 struct l2tp_tunnel *tunnel; 458 struct net *net = sock_net(skb->sk); 459 460 for (;;) { 461 tunnel = l2tp_tunnel_find_nth(net, ti); 462 if (tunnel == NULL) 463 goto out; 464 465 if (l2tp_nl_tunnel_send(skb, NETLINK_CB(cb->skb).portid, 466 cb->nlh->nlmsg_seq, NLM_F_MULTI, 467 tunnel, L2TP_CMD_TUNNEL_GET) < 0) 468 goto out; 469 470 ti++; 471 } 472 473out: 474 cb->args[0] = ti; 475 476 return skb->len; 477} 478 479static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *info) 480{ 481 u32 tunnel_id = 0; 482 u32 session_id; 483 u32 peer_session_id; 484 int ret = 0; 485 struct l2tp_tunnel *tunnel; 486 struct l2tp_session *session; 487 struct l2tp_session_cfg cfg = { 0, }; 488 struct net *net = genl_info_net(info); 489 490 if (!info->attrs[L2TP_ATTR_CONN_ID]) { 491 ret = -EINVAL; 492 goto out; 493 } 494 tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); 495 tunnel = l2tp_tunnel_find(net, tunnel_id); 496 if (!tunnel) { 497 ret = -ENODEV; 498 goto out; 499 } 500 501 if (!info->attrs[L2TP_ATTR_SESSION_ID]) { 502 ret = -EINVAL; 503 goto out; 504 } 505 session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]); 506 session = l2tp_session_find(net, tunnel, session_id); 507 if (session) { 508 ret = -EEXIST; 509 goto out; 510 } 511 512 if (!info->attrs[L2TP_ATTR_PEER_SESSION_ID]) { 513 ret = -EINVAL; 514 goto out; 515 } 516 peer_session_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_SESSION_ID]); 517 518 if (!info->attrs[L2TP_ATTR_PW_TYPE]) { 519 ret = -EINVAL; 520 goto out; 521 } 522 cfg.pw_type = nla_get_u16(info->attrs[L2TP_ATTR_PW_TYPE]); 523 if (cfg.pw_type >= __L2TP_PWTYPE_MAX) { 524 ret = -EINVAL; 525 goto out; 526 } 527 528 if (tunnel->version > 2) { 529 if (info->attrs[L2TP_ATTR_OFFSET]) 530 cfg.offset = nla_get_u16(info->attrs[L2TP_ATTR_OFFSET]); 531 532 if (info->attrs[L2TP_ATTR_DATA_SEQ]) 533 cfg.data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]); 534 535 cfg.l2specific_type = L2TP_L2SPECTYPE_DEFAULT; 536 if (info->attrs[L2TP_ATTR_L2SPEC_TYPE]) 537 cfg.l2specific_type = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_TYPE]); 538 539 cfg.l2specific_len = 4; 540 if (info->attrs[L2TP_ATTR_L2SPEC_LEN]) 541 cfg.l2specific_len = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_LEN]); 542 543 if (info->attrs[L2TP_ATTR_COOKIE]) { 544 u16 len = nla_len(info->attrs[L2TP_ATTR_COOKIE]); 545 if (len > 8) { 546 ret = -EINVAL; 547 goto out; 548 } 549 cfg.cookie_len = len; 550 memcpy(&cfg.cookie[0], nla_data(info->attrs[L2TP_ATTR_COOKIE]), len); 551 } 552 if (info->attrs[L2TP_ATTR_PEER_COOKIE]) { 553 u16 len = nla_len(info->attrs[L2TP_ATTR_PEER_COOKIE]); 554 if (len > 8) { 555 ret = -EINVAL; 556 goto out; 557 } 558 cfg.peer_cookie_len = len; 559 memcpy(&cfg.peer_cookie[0], nla_data(info->attrs[L2TP_ATTR_PEER_COOKIE]), len); 560 } 561 if (info->attrs[L2TP_ATTR_IFNAME]) 562 cfg.ifname = nla_data(info->attrs[L2TP_ATTR_IFNAME]); 563 564 if (info->attrs[L2TP_ATTR_VLAN_ID]) 565 cfg.vlan_id = nla_get_u16(info->attrs[L2TP_ATTR_VLAN_ID]); 566 } 567 568 if (info->attrs[L2TP_ATTR_DEBUG]) 569 cfg.debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 570 571 if (info->attrs[L2TP_ATTR_RECV_SEQ]) 572 cfg.recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]); 573 574 if (info->attrs[L2TP_ATTR_SEND_SEQ]) 575 cfg.send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]); 576 577 if (info->attrs[L2TP_ATTR_LNS_MODE]) 578 cfg.lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]); 579 580 if (info->attrs[L2TP_ATTR_RECV_TIMEOUT]) 581 cfg.reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]); 582 583 if (info->attrs[L2TP_ATTR_MTU]) 584 cfg.mtu = nla_get_u16(info->attrs[L2TP_ATTR_MTU]); 585 586 if (info->attrs[L2TP_ATTR_MRU]) 587 cfg.mru = nla_get_u16(info->attrs[L2TP_ATTR_MRU]); 588 589 if ((l2tp_nl_cmd_ops[cfg.pw_type] == NULL) || 590 (l2tp_nl_cmd_ops[cfg.pw_type]->session_create == NULL)) { 591 ret = -EPROTONOSUPPORT; 592 goto out; 593 } 594 595 /* Check that pseudowire-specific params are present */ 596 switch (cfg.pw_type) { 597 case L2TP_PWTYPE_NONE: 598 break; 599 case L2TP_PWTYPE_ETH_VLAN: 600 if (!info->attrs[L2TP_ATTR_VLAN_ID]) { 601 ret = -EINVAL; 602 goto out; 603 } 604 break; 605 case L2TP_PWTYPE_ETH: 606 break; 607 case L2TP_PWTYPE_PPP: 608 case L2TP_PWTYPE_PPP_AC: 609 break; 610 case L2TP_PWTYPE_IP: 611 default: 612 ret = -EPROTONOSUPPORT; 613 break; 614 } 615 616 ret = -EPROTONOSUPPORT; 617 if (l2tp_nl_cmd_ops[cfg.pw_type]->session_create) 618 ret = (*l2tp_nl_cmd_ops[cfg.pw_type]->session_create)(net, tunnel_id, 619 session_id, peer_session_id, &cfg); 620 621 if (ret >= 0) { 622 session = l2tp_session_find(net, tunnel, session_id); 623 if (session) 624 ret = l2tp_session_notify(&l2tp_nl_family, info, session, 625 L2TP_CMD_SESSION_CREATE); 626 } 627 628out: 629 return ret; 630} 631 632static int l2tp_nl_cmd_session_delete(struct sk_buff *skb, struct genl_info *info) 633{ 634 int ret = 0; 635 struct l2tp_session *session; 636 u16 pw_type; 637 638 session = l2tp_nl_session_find(info); 639 if (session == NULL) { 640 ret = -ENODEV; 641 goto out; 642 } 643 644 l2tp_session_notify(&l2tp_nl_family, info, 645 session, L2TP_CMD_SESSION_DELETE); 646 647 pw_type = session->pwtype; 648 if (pw_type < __L2TP_PWTYPE_MAX) 649 if (l2tp_nl_cmd_ops[pw_type] && l2tp_nl_cmd_ops[pw_type]->session_delete) 650 ret = (*l2tp_nl_cmd_ops[pw_type]->session_delete)(session); 651 652out: 653 return ret; 654} 655 656static int l2tp_nl_cmd_session_modify(struct sk_buff *skb, struct genl_info *info) 657{ 658 int ret = 0; 659 struct l2tp_session *session; 660 661 session = l2tp_nl_session_find(info); 662 if (session == NULL) { 663 ret = -ENODEV; 664 goto out; 665 } 666 667 if (info->attrs[L2TP_ATTR_DEBUG]) 668 session->debug = nla_get_u32(info->attrs[L2TP_ATTR_DEBUG]); 669 670 if (info->attrs[L2TP_ATTR_DATA_SEQ]) 671 session->data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]); 672 673 if (info->attrs[L2TP_ATTR_RECV_SEQ]) 674 session->recv_seq = nla_get_u8(info->attrs[L2TP_ATTR_RECV_SEQ]); 675 676 if (info->attrs[L2TP_ATTR_SEND_SEQ]) { 677 session->send_seq = nla_get_u8(info->attrs[L2TP_ATTR_SEND_SEQ]); 678 l2tp_session_set_header_len(session, session->tunnel->version); 679 } 680 681 if (info->attrs[L2TP_ATTR_LNS_MODE]) 682 session->lns_mode = nla_get_u8(info->attrs[L2TP_ATTR_LNS_MODE]); 683 684 if (info->attrs[L2TP_ATTR_RECV_TIMEOUT]) 685 session->reorder_timeout = nla_get_msecs(info->attrs[L2TP_ATTR_RECV_TIMEOUT]); 686 687 if (info->attrs[L2TP_ATTR_MTU]) 688 session->mtu = nla_get_u16(info->attrs[L2TP_ATTR_MTU]); 689 690 if (info->attrs[L2TP_ATTR_MRU]) 691 session->mru = nla_get_u16(info->attrs[L2TP_ATTR_MRU]); 692 693 ret = l2tp_session_notify(&l2tp_nl_family, info, 694 session, L2TP_CMD_SESSION_MODIFY); 695 696out: 697 return ret; 698} 699 700static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, int flags, 701 struct l2tp_session *session, u8 cmd) 702{ 703 void *hdr; 704 struct nlattr *nest; 705 struct l2tp_tunnel *tunnel = session->tunnel; 706 struct sock *sk = NULL; 707 708 sk = tunnel->sock; 709 710 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, cmd); 711 if (!hdr) 712 return -EMSGSIZE; 713 714 if (nla_put_u32(skb, L2TP_ATTR_CONN_ID, tunnel->tunnel_id) || 715 nla_put_u32(skb, L2TP_ATTR_SESSION_ID, session->session_id) || 716 nla_put_u32(skb, L2TP_ATTR_PEER_CONN_ID, tunnel->peer_tunnel_id) || 717 nla_put_u32(skb, L2TP_ATTR_PEER_SESSION_ID, 718 session->peer_session_id) || 719 nla_put_u32(skb, L2TP_ATTR_DEBUG, session->debug) || 720 nla_put_u16(skb, L2TP_ATTR_PW_TYPE, session->pwtype) || 721 nla_put_u16(skb, L2TP_ATTR_MTU, session->mtu) || 722 (session->mru && 723 nla_put_u16(skb, L2TP_ATTR_MRU, session->mru))) 724 goto nla_put_failure; 725 726 if ((session->ifname[0] && 727 nla_put_string(skb, L2TP_ATTR_IFNAME, session->ifname)) || 728 (session->cookie_len && 729 nla_put(skb, L2TP_ATTR_COOKIE, session->cookie_len, 730 &session->cookie[0])) || 731 (session->peer_cookie_len && 732 nla_put(skb, L2TP_ATTR_PEER_COOKIE, session->peer_cookie_len, 733 &session->peer_cookie[0])) || 734 nla_put_u8(skb, L2TP_ATTR_RECV_SEQ, session->recv_seq) || 735 nla_put_u8(skb, L2TP_ATTR_SEND_SEQ, session->send_seq) || 736 nla_put_u8(skb, L2TP_ATTR_LNS_MODE, session->lns_mode) || 737#ifdef CONFIG_XFRM 738 (((sk) && (sk->sk_policy[0] || sk->sk_policy[1])) && 739 nla_put_u8(skb, L2TP_ATTR_USING_IPSEC, 1)) || 740#endif 741 (session->reorder_timeout && 742 nla_put_msecs(skb, L2TP_ATTR_RECV_TIMEOUT, session->reorder_timeout))) 743 goto nla_put_failure; 744 745 nest = nla_nest_start(skb, L2TP_ATTR_STATS); 746 if (nest == NULL) 747 goto nla_put_failure; 748 749 if (nla_put_u64(skb, L2TP_ATTR_TX_PACKETS, 750 atomic_long_read(&session->stats.tx_packets)) || 751 nla_put_u64(skb, L2TP_ATTR_TX_BYTES, 752 atomic_long_read(&session->stats.tx_bytes)) || 753 nla_put_u64(skb, L2TP_ATTR_TX_ERRORS, 754 atomic_long_read(&session->stats.tx_errors)) || 755 nla_put_u64(skb, L2TP_ATTR_RX_PACKETS, 756 atomic_long_read(&session->stats.rx_packets)) || 757 nla_put_u64(skb, L2TP_ATTR_RX_BYTES, 758 atomic_long_read(&session->stats.rx_bytes)) || 759 nla_put_u64(skb, L2TP_ATTR_RX_SEQ_DISCARDS, 760 atomic_long_read(&session->stats.rx_seq_discards)) || 761 nla_put_u64(skb, L2TP_ATTR_RX_OOS_PACKETS, 762 atomic_long_read(&session->stats.rx_oos_packets)) || 763 nla_put_u64(skb, L2TP_ATTR_RX_ERRORS, 764 atomic_long_read(&session->stats.rx_errors))) 765 goto nla_put_failure; 766 nla_nest_end(skb, nest); 767 768 genlmsg_end(skb, hdr); 769 return 0; 770 771 nla_put_failure: 772 genlmsg_cancel(skb, hdr); 773 return -1; 774} 775 776static int l2tp_nl_cmd_session_get(struct sk_buff *skb, struct genl_info *info) 777{ 778 struct l2tp_session *session; 779 struct sk_buff *msg; 780 int ret; 781 782 session = l2tp_nl_session_find(info); 783 if (session == NULL) { 784 ret = -ENODEV; 785 goto out; 786 } 787 788 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 789 if (!msg) { 790 ret = -ENOMEM; 791 goto out; 792 } 793 794 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq, 795 0, session, L2TP_CMD_SESSION_GET); 796 if (ret < 0) 797 goto err_out; 798 799 return genlmsg_unicast(genl_info_net(info), msg, info->snd_portid); 800 801err_out: 802 nlmsg_free(msg); 803 804out: 805 return ret; 806} 807 808static int l2tp_nl_cmd_session_dump(struct sk_buff *skb, struct netlink_callback *cb) 809{ 810 struct net *net = sock_net(skb->sk); 811 struct l2tp_session *session; 812 struct l2tp_tunnel *tunnel = NULL; 813 int ti = cb->args[0]; 814 int si = cb->args[1]; 815 816 for (;;) { 817 if (tunnel == NULL) { 818 tunnel = l2tp_tunnel_find_nth(net, ti); 819 if (tunnel == NULL) 820 goto out; 821 } 822 823 session = l2tp_session_find_nth(tunnel, si); 824 if (session == NULL) { 825 ti++; 826 tunnel = NULL; 827 si = 0; 828 continue; 829 } 830 831 if (l2tp_nl_session_send(skb, NETLINK_CB(cb->skb).portid, 832 cb->nlh->nlmsg_seq, NLM_F_MULTI, 833 session, L2TP_CMD_SESSION_GET) < 0) 834 break; 835 836 si++; 837 } 838 839out: 840 cb->args[0] = ti; 841 cb->args[1] = si; 842 843 return skb->len; 844} 845 846static struct nla_policy l2tp_nl_policy[L2TP_ATTR_MAX + 1] = { 847 [L2TP_ATTR_NONE] = { .type = NLA_UNSPEC, }, 848 [L2TP_ATTR_PW_TYPE] = { .type = NLA_U16, }, 849 [L2TP_ATTR_ENCAP_TYPE] = { .type = NLA_U16, }, 850 [L2TP_ATTR_OFFSET] = { .type = NLA_U16, }, 851 [L2TP_ATTR_DATA_SEQ] = { .type = NLA_U8, }, 852 [L2TP_ATTR_L2SPEC_TYPE] = { .type = NLA_U8, }, 853 [L2TP_ATTR_L2SPEC_LEN] = { .type = NLA_U8, }, 854 [L2TP_ATTR_PROTO_VERSION] = { .type = NLA_U8, }, 855 [L2TP_ATTR_CONN_ID] = { .type = NLA_U32, }, 856 [L2TP_ATTR_PEER_CONN_ID] = { .type = NLA_U32, }, 857 [L2TP_ATTR_SESSION_ID] = { .type = NLA_U32, }, 858 [L2TP_ATTR_PEER_SESSION_ID] = { .type = NLA_U32, }, 859 [L2TP_ATTR_UDP_CSUM] = { .type = NLA_U8, }, 860 [L2TP_ATTR_VLAN_ID] = { .type = NLA_U16, }, 861 [L2TP_ATTR_DEBUG] = { .type = NLA_U32, }, 862 [L2TP_ATTR_RECV_SEQ] = { .type = NLA_U8, }, 863 [L2TP_ATTR_SEND_SEQ] = { .type = NLA_U8, }, 864 [L2TP_ATTR_LNS_MODE] = { .type = NLA_U8, }, 865 [L2TP_ATTR_USING_IPSEC] = { .type = NLA_U8, }, 866 [L2TP_ATTR_RECV_TIMEOUT] = { .type = NLA_MSECS, }, 867 [L2TP_ATTR_FD] = { .type = NLA_U32, }, 868 [L2TP_ATTR_IP_SADDR] = { .type = NLA_U32, }, 869 [L2TP_ATTR_IP_DADDR] = { .type = NLA_U32, }, 870 [L2TP_ATTR_UDP_SPORT] = { .type = NLA_U16, }, 871 [L2TP_ATTR_UDP_DPORT] = { .type = NLA_U16, }, 872 [L2TP_ATTR_MTU] = { .type = NLA_U16, }, 873 [L2TP_ATTR_MRU] = { .type = NLA_U16, }, 874 [L2TP_ATTR_STATS] = { .type = NLA_NESTED, }, 875 [L2TP_ATTR_IP6_SADDR] = { 876 .type = NLA_BINARY, 877 .len = sizeof(struct in6_addr), 878 }, 879 [L2TP_ATTR_IP6_DADDR] = { 880 .type = NLA_BINARY, 881 .len = sizeof(struct in6_addr), 882 }, 883 [L2TP_ATTR_IFNAME] = { 884 .type = NLA_NUL_STRING, 885 .len = IFNAMSIZ - 1, 886 }, 887 [L2TP_ATTR_COOKIE] = { 888 .type = NLA_BINARY, 889 .len = 8, 890 }, 891 [L2TP_ATTR_PEER_COOKIE] = { 892 .type = NLA_BINARY, 893 .len = 8, 894 }, 895}; 896 897static const struct genl_ops l2tp_nl_ops[] = { 898 { 899 .cmd = L2TP_CMD_NOOP, 900 .doit = l2tp_nl_cmd_noop, 901 .policy = l2tp_nl_policy, 902 /* can be retrieved by unprivileged users */ 903 }, 904 { 905 .cmd = L2TP_CMD_TUNNEL_CREATE, 906 .doit = l2tp_nl_cmd_tunnel_create, 907 .policy = l2tp_nl_policy, 908 .flags = GENL_ADMIN_PERM, 909 }, 910 { 911 .cmd = L2TP_CMD_TUNNEL_DELETE, 912 .doit = l2tp_nl_cmd_tunnel_delete, 913 .policy = l2tp_nl_policy, 914 .flags = GENL_ADMIN_PERM, 915 }, 916 { 917 .cmd = L2TP_CMD_TUNNEL_MODIFY, 918 .doit = l2tp_nl_cmd_tunnel_modify, 919 .policy = l2tp_nl_policy, 920 .flags = GENL_ADMIN_PERM, 921 }, 922 { 923 .cmd = L2TP_CMD_TUNNEL_GET, 924 .doit = l2tp_nl_cmd_tunnel_get, 925 .dumpit = l2tp_nl_cmd_tunnel_dump, 926 .policy = l2tp_nl_policy, 927 .flags = GENL_ADMIN_PERM, 928 }, 929 { 930 .cmd = L2TP_CMD_SESSION_CREATE, 931 .doit = l2tp_nl_cmd_session_create, 932 .policy = l2tp_nl_policy, 933 .flags = GENL_ADMIN_PERM, 934 }, 935 { 936 .cmd = L2TP_CMD_SESSION_DELETE, 937 .doit = l2tp_nl_cmd_session_delete, 938 .policy = l2tp_nl_policy, 939 .flags = GENL_ADMIN_PERM, 940 }, 941 { 942 .cmd = L2TP_CMD_SESSION_MODIFY, 943 .doit = l2tp_nl_cmd_session_modify, 944 .policy = l2tp_nl_policy, 945 .flags = GENL_ADMIN_PERM, 946 }, 947 { 948 .cmd = L2TP_CMD_SESSION_GET, 949 .doit = l2tp_nl_cmd_session_get, 950 .dumpit = l2tp_nl_cmd_session_dump, 951 .policy = l2tp_nl_policy, 952 .flags = GENL_ADMIN_PERM, 953 }, 954}; 955 956int l2tp_nl_register_ops(enum l2tp_pwtype pw_type, const struct l2tp_nl_cmd_ops *ops) 957{ 958 int ret; 959 960 ret = -EINVAL; 961 if (pw_type >= __L2TP_PWTYPE_MAX) 962 goto err; 963 964 genl_lock(); 965 ret = -EBUSY; 966 if (l2tp_nl_cmd_ops[pw_type]) 967 goto out; 968 969 l2tp_nl_cmd_ops[pw_type] = ops; 970 ret = 0; 971 972out: 973 genl_unlock(); 974err: 975 return ret; 976} 977EXPORT_SYMBOL_GPL(l2tp_nl_register_ops); 978 979void l2tp_nl_unregister_ops(enum l2tp_pwtype pw_type) 980{ 981 if (pw_type < __L2TP_PWTYPE_MAX) { 982 genl_lock(); 983 l2tp_nl_cmd_ops[pw_type] = NULL; 984 genl_unlock(); 985 } 986} 987EXPORT_SYMBOL_GPL(l2tp_nl_unregister_ops); 988 989static int l2tp_nl_init(void) 990{ 991 pr_info("L2TP netlink interface\n"); 992 return genl_register_family_with_ops_groups(&l2tp_nl_family, 993 l2tp_nl_ops, 994 l2tp_multicast_group); 995} 996 997static void l2tp_nl_cleanup(void) 998{ 999 genl_unregister_family(&l2tp_nl_family); 1000} 1001 1002module_init(l2tp_nl_init); 1003module_exit(l2tp_nl_cleanup); 1004 1005MODULE_AUTHOR("James Chapman <jchapman@katalix.com>"); 1006MODULE_DESCRIPTION("L2TP netlink"); 1007MODULE_LICENSE("GPL"); 1008MODULE_VERSION("1.0"); 1009MODULE_ALIAS_GENL_FAMILY("l2tp"); 1010