1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause
3 *
4 * Copyright (c) 2022 Alexander V. Chernikov <melifaro@FreeBSD.org>
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 * SUCH DAMAGE.
26 */
27
28 #include <sys/cdefs.h>
29 #include "opt_inet.h"
30 #include "opt_inet6.h"
31 #include <sys/types.h>
32 #include <sys/malloc.h>
33 #include <sys/rmlock.h>
34 #include <sys/socket.h>
35
36 #include <machine/stdarg.h>
37
38 #include <net/if.h>
39 #include <net/route.h>
40 #include <net/route/nhop.h>
41
42 #include <net/route/route_ctl.h>
43 #include <netlink/netlink.h>
44 #include <netlink/netlink_ctl.h>
45 #include <netlink/netlink_var.h>
46 #include <netlink/netlink_route.h>
47
48 #define DEBUG_MOD_NAME nl_parser
49 #define DEBUG_MAX_LEVEL LOG_DEBUG3
50 #include <netlink/netlink_debug.h>
51 _DECLARE_DEBUG(LOG_DEBUG);
52
53 bool
nlmsg_report_err_msg(struct nl_pstate * npt,const char * fmt,...)54 nlmsg_report_err_msg(struct nl_pstate *npt, const char *fmt, ...)
55 {
56 va_list ap;
57
58 if (npt->err_msg != NULL)
59 return (false);
60 char *buf = npt_alloc(npt, NL_MAX_ERROR_BUF);
61 if (buf == NULL)
62 return (false);
63 va_start(ap, fmt);
64 vsnprintf(buf, NL_MAX_ERROR_BUF, fmt, ap);
65 va_end(ap);
66
67 npt->err_msg = buf;
68 return (true);
69 }
70
71 bool
nlmsg_report_err_offset(struct nl_pstate * npt,uint32_t off)72 nlmsg_report_err_offset(struct nl_pstate *npt, uint32_t off)
73 {
74 if (npt->err_off != 0)
75 return (false);
76 npt->err_off = off;
77 return (true);
78 }
79
80 void
nlmsg_report_cookie(struct nl_pstate * npt,struct nlattr * nla)81 nlmsg_report_cookie(struct nl_pstate *npt, struct nlattr *nla)
82 {
83 MPASS(nla->nla_type == NLMSGERR_ATTR_COOKIE);
84 MPASS(nla->nla_len >= sizeof(struct nlattr));
85 npt->cookie = nla;
86 }
87
88 void
nlmsg_report_cookie_u32(struct nl_pstate * npt,uint32_t val)89 nlmsg_report_cookie_u32(struct nl_pstate *npt, uint32_t val)
90 {
91 struct nlattr *nla = npt_alloc(npt, sizeof(*nla) + sizeof(uint32_t));
92
93 nla->nla_type = NLMSGERR_ATTR_COOKIE;
94 nla->nla_len = sizeof(*nla) + sizeof(uint32_t);
95 memcpy(nla + 1, &val, sizeof(uint32_t));
96 nlmsg_report_cookie(npt, nla);
97 }
98
99 static const struct nlattr_parser *
search_states(const struct nlattr_parser * ps,int pslen,int key)100 search_states(const struct nlattr_parser *ps, int pslen, int key)
101 {
102 int left_i = 0, right_i = pslen - 1;
103
104 if (key < ps[0].type || key > ps[pslen - 1].type)
105 return (NULL);
106
107 while (left_i + 1 < right_i) {
108 int mid_i = (left_i + right_i) / 2;
109 if (key < ps[mid_i].type)
110 right_i = mid_i;
111 else if (key > ps[mid_i].type)
112 left_i = mid_i + 1;
113 else
114 return (&ps[mid_i]);
115 }
116 if (ps[left_i].type == key)
117 return (&ps[left_i]);
118 else if (ps[right_i].type == key)
119 return (&ps[right_i]);
120 return (NULL);
121 }
122
123 int
nl_parse_attrs_raw(struct nlattr * nla_head,int len,const struct nlattr_parser * ps,int pslen,struct nl_pstate * npt,void * target)124 nl_parse_attrs_raw(struct nlattr *nla_head, int len, const struct nlattr_parser *ps, int pslen,
125 struct nl_pstate *npt, void *target)
126 {
127 struct nlattr *nla = NULL;
128 int error = 0;
129
130 NL_LOG(LOG_DEBUG3, "parse %p remaining_len %d", nla_head, len);
131 int orig_len = len;
132 NLA_FOREACH(nla, nla_head, len) {
133 NL_LOG(LOG_DEBUG3, ">> parsing %p attr_type %d len %d (rem %d)", nla, nla->nla_type, nla->nla_len, len);
134 if (nla->nla_len < sizeof(struct nlattr)) {
135 NLMSG_REPORT_ERR_MSG(npt, "Invalid attr %p type %d len: %d",
136 nla, nla->nla_type, nla->nla_len);
137 uint32_t off = (char *)nla - (char *)npt->hdr;
138 nlmsg_report_err_offset(npt, off);
139 return (EINVAL);
140 }
141
142 int nla_type = nla->nla_type & NLA_TYPE_MASK;
143 const struct nlattr_parser *s = search_states(ps, pslen, nla_type);
144 if (s != NULL) {
145 void *ptr = (void *)((char *)target + s->off);
146 error = s->cb(nla, npt, s->arg, ptr);
147 if (error != 0) {
148 uint32_t off = (char *)nla - (char *)npt->hdr;
149 nlmsg_report_err_offset(npt, off);
150 NL_LOG(LOG_DEBUG3, "parse failed att offset %u", off);
151 return (error);
152 }
153 } else {
154 /* Ignore non-specified attributes */
155 NL_LOG(LOG_DEBUG3, "ignoring attr %d", nla->nla_type);
156 }
157 }
158 if (len >= sizeof(struct nlattr)) {
159 nla = (struct nlattr *)((char *)nla_head + (orig_len - len));
160 NL_LOG(LOG_DEBUG3, " >>> end %p attr_type %d len %d", nla,
161 nla->nla_type, nla->nla_len);
162 }
163 NL_LOG(LOG_DEBUG3, "end parse: %p remaining_len %d", nla, len);
164
165 return (0);
166 }
167
168 void
nl_get_attrs_bmask_raw(struct nlattr * nla_head,int len,struct nlattr_bmask * bm)169 nl_get_attrs_bmask_raw(struct nlattr *nla_head, int len, struct nlattr_bmask *bm)
170 {
171 struct nlattr *nla = NULL;
172
173 BIT_ZERO(NL_ATTR_BMASK_SIZE, bm);
174
175 NLA_FOREACH(nla, nla_head, len) {
176 if (nla->nla_len < sizeof(struct nlattr))
177 return;
178 int nla_type = nla->nla_type & NLA_TYPE_MASK;
179 if (nla_type < NL_ATTR_BMASK_SIZE)
180 BIT_SET(NL_ATTR_BMASK_SIZE, nla_type, bm);
181 else
182 NL_LOG(LOG_DEBUG2, "Skipping type %d in the mask: too short",
183 nla_type);
184 }
185 }
186
187 bool
nl_has_attr(const struct nlattr_bmask * bm,unsigned int nla_type)188 nl_has_attr(const struct nlattr_bmask *bm, unsigned int nla_type)
189 {
190 MPASS(nla_type < NL_ATTR_BMASK_SIZE);
191
192 return (BIT_ISSET(NL_ATTR_BMASK_SIZE, nla_type, bm));
193 }
194
195 int
nlattr_get_flag(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)196 nlattr_get_flag(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
197 {
198 if (__predict_false(NLA_DATA_LEN(nla) != 0)) {
199 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not a flag",
200 nla->nla_type, NLA_DATA_LEN(nla));
201 return (EINVAL);
202 }
203
204 *((uint8_t *)target) = 1;
205 return (0);
206 }
207
208 static struct sockaddr *
parse_rta_ip4(void * rta_data,struct nl_pstate * npt,int * perror)209 parse_rta_ip4(void *rta_data, struct nl_pstate *npt, int *perror)
210 {
211 struct sockaddr_in *sin;
212
213 sin = (struct sockaddr_in *)npt_alloc_sockaddr(npt, sizeof(struct sockaddr_in));
214 if (__predict_false(sin == NULL)) {
215 *perror = ENOBUFS;
216 return (NULL);
217 }
218 sin->sin_len = sizeof(struct sockaddr_in);
219 sin->sin_family = AF_INET;
220 memcpy(&sin->sin_addr, rta_data, sizeof(struct in_addr));
221 return ((struct sockaddr *)sin);
222 }
223
224 static struct sockaddr *
parse_rta_ip6(void * rta_data,struct nl_pstate * npt,int * perror)225 parse_rta_ip6(void *rta_data, struct nl_pstate *npt, int *perror)
226 {
227 struct sockaddr_in6 *sin6;
228
229 sin6 = (struct sockaddr_in6 *)npt_alloc_sockaddr(npt, sizeof(struct sockaddr_in6));
230 if (__predict_false(sin6 == NULL)) {
231 *perror = ENOBUFS;
232 return (NULL);
233 }
234 sin6->sin6_len = sizeof(struct sockaddr_in6);
235 sin6->sin6_family = AF_INET6;
236 memcpy(&sin6->sin6_addr, rta_data, sizeof(struct in6_addr));
237 return ((struct sockaddr *)sin6);
238 }
239
240 static struct sockaddr *
parse_rta_ip(struct rtattr * rta,struct nl_pstate * npt,int * perror)241 parse_rta_ip(struct rtattr *rta, struct nl_pstate *npt, int *perror)
242 {
243 void *rta_data = NL_RTA_DATA(rta);
244 int rta_len = NL_RTA_DATA_LEN(rta);
245
246 if (rta_len == sizeof(struct in_addr)) {
247 return (parse_rta_ip4(rta_data, npt, perror));
248 } else if (rta_len == sizeof(struct in6_addr)) {
249 return (parse_rta_ip6(rta_data, npt, perror));
250 } else {
251 NLMSG_REPORT_ERR_MSG(npt, "unknown IP len: %d for rta type %d",
252 rta_len, rta->rta_type);
253 *perror = ENOTSUP;
254 return (NULL);
255 }
256 return (NULL);
257 }
258
259 int
nlattr_get_ip(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)260 nlattr_get_ip(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
261 {
262 int error = 0;
263
264 struct sockaddr *sa = parse_rta_ip((struct rtattr *)nla, npt, &error);
265
266 *((struct sockaddr **)target) = sa;
267 return (error);
268 }
269
270 static struct sockaddr *
parse_rta_via(struct rtattr * rta,struct nl_pstate * npt,int * perror)271 parse_rta_via(struct rtattr *rta, struct nl_pstate *npt, int *perror)
272 {
273 struct rtvia *via = NL_RTA_DATA(rta);
274 int data_len = NL_RTA_DATA_LEN(rta);
275
276 if (__predict_false(data_len) < sizeof(struct rtvia)) {
277 NLMSG_REPORT_ERR_MSG(npt, "undersized RTA_VIA(%d) attr: len %d",
278 rta->rta_type, data_len);
279 *perror = EINVAL;
280 return (NULL);
281 }
282 data_len -= offsetof(struct rtvia, rtvia_addr);
283
284 switch (via->rtvia_family) {
285 case AF_INET:
286 if (__predict_false(data_len < sizeof(struct in_addr))) {
287 *perror = EINVAL;
288 return (NULL);
289 }
290 return (parse_rta_ip4(via->rtvia_addr, npt, perror));
291 case AF_INET6:
292 if (__predict_false(data_len < sizeof(struct in6_addr))) {
293 *perror = EINVAL;
294 return (NULL);
295 }
296 return (parse_rta_ip6(via->rtvia_addr, npt, perror));
297 default:
298 *perror = ENOTSUP;
299 return (NULL);
300 }
301 }
302
303 int
nlattr_get_ipvia(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)304 nlattr_get_ipvia(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
305 {
306 int error = 0;
307
308 struct sockaddr *sa = parse_rta_via((struct rtattr *)nla, npt, &error);
309
310 *((struct sockaddr **)target) = sa;
311 return (error);
312 }
313
314
315 int
nlattr_get_uint16(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)316 nlattr_get_uint16(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
317 {
318 if (__predict_false(NLA_DATA_LEN(nla) != sizeof(uint16_t))) {
319 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not uint32",
320 nla->nla_type, NLA_DATA_LEN(nla));
321 return (EINVAL);
322 }
323 *((uint16_t *)target) = *((const uint16_t *)NL_RTA_DATA_CONST(nla));
324 return (0);
325 }
326
327 int
nlattr_get_uint32(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)328 nlattr_get_uint32(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
329 {
330 if (__predict_false(NLA_DATA_LEN(nla) != sizeof(uint32_t))) {
331 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not uint32",
332 nla->nla_type, NLA_DATA_LEN(nla));
333 return (EINVAL);
334 }
335 *((uint32_t *)target) = *((const uint32_t *)NL_RTA_DATA_CONST(nla));
336 return (0);
337 }
338
339 int
nlattr_get_uint64(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)340 nlattr_get_uint64(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
341 {
342 if (__predict_false(NLA_DATA_LEN(nla) != sizeof(uint64_t))) {
343 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not uint64",
344 nla->nla_type, NLA_DATA_LEN(nla));
345 return (EINVAL);
346 }
347 memcpy(target, NL_RTA_DATA_CONST(nla), sizeof(uint64_t));
348 return (0);
349 }
350
351 static int
nlattr_get_ifp_internal(struct nlattr * nla,struct nl_pstate * npt,void * target,bool zero_ok)352 nlattr_get_ifp_internal(struct nlattr *nla, struct nl_pstate *npt,
353 void *target, bool zero_ok)
354 {
355 if (__predict_false(NLA_DATA_LEN(nla) != sizeof(uint32_t))) {
356 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not uint32",
357 nla->nla_type, NLA_DATA_LEN(nla));
358 return (EINVAL);
359 }
360 uint32_t ifindex = *((const uint32_t *)NLA_DATA_CONST(nla));
361
362 if (ifindex == 0 && zero_ok) {
363 *((struct ifnet **)target) = NULL;
364 return (0);
365 }
366
367 NET_EPOCH_ASSERT();
368
369 struct ifnet *ifp = ifnet_byindex(ifindex);
370 if (__predict_false(ifp == NULL)) {
371 NLMSG_REPORT_ERR_MSG(npt, "nla type %d: ifindex %u invalid",
372 nla->nla_type, ifindex);
373 return (ENOENT);
374 }
375 *((struct ifnet **)target) = ifp;
376 NL_LOG(LOG_DEBUG3, "nla type %d: ifindex %u -> %s", nla->nla_type,
377 ifindex, if_name(ifp));
378
379 return (0);
380 }
381
382 int
nlattr_get_ifp(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)383 nlattr_get_ifp(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
384 {
385 return (nlattr_get_ifp_internal(nla, npt, target, false));
386 }
387
388 int
nlattr_get_ifpz(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)389 nlattr_get_ifpz(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
390 {
391 return (nlattr_get_ifp_internal(nla, npt, target, true));
392 }
393
394 int
nlattr_get_string(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)395 nlattr_get_string(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
396 {
397 int maxlen = NLA_DATA_LEN(nla);
398
399 if (__predict_false(strnlen((char *)NLA_DATA(nla), maxlen) >= maxlen)) {
400 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not NULL-terminated",
401 nla->nla_type, maxlen);
402 return (EINVAL);
403 }
404
405 *((char **)target) = (char *)NLA_DATA(nla);
406 return (0);
407 }
408
409 int
nlattr_get_stringn(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)410 nlattr_get_stringn(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
411 {
412 int maxlen = NLA_DATA_LEN(nla);
413
414 char *buf = npt_alloc(npt, maxlen + 1);
415 if (buf == NULL)
416 return (ENOMEM);
417 buf[maxlen] = '\0';
418 memcpy(buf, NLA_DATA(nla), maxlen);
419
420 *((char **)target) = buf;
421 return (0);
422 }
423 int
nlattr_get_nla(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)424 nlattr_get_nla(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
425 {
426 NL_LOG(LOG_DEBUG3, "STORING %p len %d", nla, nla->nla_len);
427 *((struct nlattr **)target) = nla;
428 return (0);
429 }
430
431 int
nlattr_get_nested(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)432 nlattr_get_nested(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
433 {
434 const struct nlhdr_parser *p = (const struct nlhdr_parser *)arg;
435 int error;
436
437 /* Assumes target points to the beginning of the structure */
438 error = nl_parse_header(NLA_DATA(nla), NLA_DATA_LEN(nla), p, npt, target);
439 return (error);
440 }
441
442 int
nlf_get_ifp(void * src,struct nl_pstate * npt,void * target)443 nlf_get_ifp(void *src, struct nl_pstate *npt, void *target)
444 {
445 int ifindex = *((const int *)src);
446
447 NET_EPOCH_ASSERT();
448
449 struct ifnet *ifp = ifnet_byindex(ifindex);
450 if (ifp == NULL) {
451 NL_LOG(LOG_DEBUG, "ifindex %u invalid", ifindex);
452 return (ENOENT);
453 }
454 *((struct ifnet **)target) = ifp;
455
456 return (0);
457 }
458
459 int
nlf_get_ifpz(void * src,struct nl_pstate * npt,void * target)460 nlf_get_ifpz(void *src, struct nl_pstate *npt, void *target)
461 {
462 int ifindex = *((const int *)src);
463
464 NET_EPOCH_ASSERT();
465
466 struct ifnet *ifp = ifnet_byindex(ifindex);
467 if (ifindex != 0 && ifp == NULL) {
468 NL_LOG(LOG_DEBUG, "ifindex %u invalid", ifindex);
469 return (ENOENT);
470 }
471 *((struct ifnet **)target) = ifp;
472
473 return (0);
474 }
475
476 int
nlf_get_u8(void * src,struct nl_pstate * npt,void * target)477 nlf_get_u8(void *src, struct nl_pstate *npt, void *target)
478 {
479 uint8_t val = *((const uint8_t *)src);
480
481 *((uint8_t *)target) = val;
482
483 return (0);
484 }
485
486 int
nlf_get_u8_u32(void * src,struct nl_pstate * npt,void * target)487 nlf_get_u8_u32(void *src, struct nl_pstate *npt, void *target)
488 {
489 *((uint32_t *)target) = *((const uint8_t *)src);
490 return (0);
491 }
492
493 int
nlf_get_u16(void * src,struct nl_pstate * npt,void * target)494 nlf_get_u16(void *src, struct nl_pstate *npt, void *target)
495 {
496 *((uint16_t *)target) = *((const uint16_t *)src);
497 return (0);
498 }
499
500 int
nlf_get_u32(void * src,struct nl_pstate * npt,void * target)501 nlf_get_u32(void *src, struct nl_pstate *npt, void *target)
502 {
503 *((uint32_t *)target) = *((const uint32_t *)src);
504 return (0);
505 }
506
507