1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause
3 *
4 * Copyright (c) 2022 Alexander V. Chernikov <[email protected]>
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 * SUCH DAMAGE.
26 */
27
28 #include <sys/cdefs.h>
29 #include "opt_inet.h"
30 #include "opt_inet6.h"
31 #include <sys/types.h>
32 #include <sys/malloc.h>
33 #include <sys/rmlock.h>
34 #include <sys/socket.h>
35
36 #include <machine/stdarg.h>
37
38 #include <net/if.h>
39 #include <net/route.h>
40 #include <net/route/nhop.h>
41
42 #include <net/route/route_ctl.h>
43 #include <netinet/in.h>
44 #include <netlink/netlink.h>
45 #include <netlink/netlink_ctl.h>
46 #include <netlink/netlink_var.h>
47 #include <netlink/netlink_route.h>
48
49 #define DEBUG_MOD_NAME nl_parser
50 #define DEBUG_MAX_LEVEL LOG_DEBUG3
51 #include <netlink/netlink_debug.h>
52 _DECLARE_DEBUG(LOG_INFO);
53
54 bool
nlmsg_report_err_msg(struct nl_pstate * npt,const char * fmt,...)55 nlmsg_report_err_msg(struct nl_pstate *npt, const char *fmt, ...)
56 {
57 va_list ap;
58
59 if (npt->err_msg != NULL)
60 return (false);
61 char *buf = npt_alloc(npt, NL_MAX_ERROR_BUF);
62 if (buf == NULL)
63 return (false);
64 va_start(ap, fmt);
65 vsnprintf(buf, NL_MAX_ERROR_BUF, fmt, ap);
66 va_end(ap);
67
68 npt->err_msg = buf;
69 return (true);
70 }
71
72 bool
nlmsg_report_err_offset(struct nl_pstate * npt,uint32_t off)73 nlmsg_report_err_offset(struct nl_pstate *npt, uint32_t off)
74 {
75 if (npt->err_off != 0)
76 return (false);
77 npt->err_off = off;
78 return (true);
79 }
80
81 void
nlmsg_report_cookie(struct nl_pstate * npt,struct nlattr * nla)82 nlmsg_report_cookie(struct nl_pstate *npt, struct nlattr *nla)
83 {
84 MPASS(nla->nla_type == NLMSGERR_ATTR_COOKIE);
85 MPASS(nla->nla_len >= sizeof(struct nlattr));
86 npt->cookie = nla;
87 }
88
89 void
nlmsg_report_cookie_u32(struct nl_pstate * npt,uint32_t val)90 nlmsg_report_cookie_u32(struct nl_pstate *npt, uint32_t val)
91 {
92 struct nlattr *nla = npt_alloc(npt, sizeof(*nla) + sizeof(uint32_t));
93
94 nla->nla_type = NLMSGERR_ATTR_COOKIE;
95 nla->nla_len = sizeof(*nla) + sizeof(uint32_t);
96 memcpy(nla + 1, &val, sizeof(uint32_t));
97 nlmsg_report_cookie(npt, nla);
98 }
99
100 static const struct nlattr_parser *
search_states(const struct nlattr_parser * ps,int pslen,int key)101 search_states(const struct nlattr_parser *ps, int pslen, int key)
102 {
103 int left_i = 0, right_i = pslen - 1;
104
105 if (key < ps[0].type || key > ps[pslen - 1].type)
106 return (NULL);
107
108 while (left_i + 1 < right_i) {
109 int mid_i = (left_i + right_i) / 2;
110 if (key < ps[mid_i].type)
111 right_i = mid_i;
112 else if (key > ps[mid_i].type)
113 left_i = mid_i + 1;
114 else
115 return (&ps[mid_i]);
116 }
117 if (ps[left_i].type == key)
118 return (&ps[left_i]);
119 else if (ps[right_i].type == key)
120 return (&ps[right_i]);
121 return (NULL);
122 }
123
124 int
nl_parse_attrs_raw(struct nlattr * nla_head,int len,const struct nlattr_parser * ps,int pslen,struct nl_pstate * npt,void * target)125 nl_parse_attrs_raw(struct nlattr *nla_head, int len, const struct nlattr_parser *ps, int pslen,
126 struct nl_pstate *npt, void *target)
127 {
128 struct nlattr *nla = NULL;
129 int error = 0;
130
131 NL_LOG(LOG_DEBUG3, "parse %p remaining_len %d", nla_head, len);
132 int orig_len = len;
133 NLA_FOREACH(nla, nla_head, len) {
134 NL_LOG(LOG_DEBUG3, ">> parsing %p attr_type %d len %d (rem %d)", nla, nla->nla_type, nla->nla_len, len);
135 if (nla->nla_len < sizeof(struct nlattr)) {
136 NLMSG_REPORT_ERR_MSG(npt, "Invalid attr %p type %d len: %d",
137 nla, nla->nla_type, nla->nla_len);
138 uint32_t off = (char *)nla - (char *)npt->hdr;
139 nlmsg_report_err_offset(npt, off);
140 return (EINVAL);
141 }
142
143 int nla_type = nla->nla_type & NLA_TYPE_MASK;
144 const struct nlattr_parser *s = search_states(ps, pslen, nla_type);
145 if (s != NULL) {
146 void *ptr = (void *)((char *)target + s->off);
147 error = s->cb(nla, npt, s->arg, ptr);
148 if (error != 0) {
149 uint32_t off = (char *)nla - (char *)npt->hdr;
150 nlmsg_report_err_offset(npt, off);
151 NL_LOG(LOG_DEBUG3, "parse failed at offset %u", off);
152 return (error);
153 }
154 } else {
155 /* Ignore non-specified attributes */
156 NL_LOG(LOG_DEBUG3, "ignoring attr %d", nla->nla_type);
157 }
158 }
159 if (len >= sizeof(struct nlattr)) {
160 nla = (struct nlattr *)((char *)nla_head + (orig_len - len));
161 NL_LOG(LOG_DEBUG3, " >>> end %p attr_type %d len %d", nla,
162 nla->nla_type, nla->nla_len);
163 }
164 NL_LOG(LOG_DEBUG3, "end parse: %p remaining_len %d", nla, len);
165
166 return (0);
167 }
168
169 void
nl_get_attrs_bmask_raw(struct nlattr * nla_head,int len,struct nlattr_bmask * bm)170 nl_get_attrs_bmask_raw(struct nlattr *nla_head, int len, struct nlattr_bmask *bm)
171 {
172 struct nlattr *nla = NULL;
173
174 BIT_ZERO(NL_ATTR_BMASK_SIZE, bm);
175
176 NLA_FOREACH(nla, nla_head, len) {
177 if (nla->nla_len < sizeof(struct nlattr))
178 return;
179 int nla_type = nla->nla_type & NLA_TYPE_MASK;
180 if (nla_type < NL_ATTR_BMASK_SIZE)
181 BIT_SET(NL_ATTR_BMASK_SIZE, nla_type, bm);
182 else
183 NL_LOG(LOG_DEBUG2, "Skipping type %d in the mask: too short",
184 nla_type);
185 }
186 }
187
188 bool
nl_has_attr(const struct nlattr_bmask * bm,unsigned int nla_type)189 nl_has_attr(const struct nlattr_bmask *bm, unsigned int nla_type)
190 {
191 MPASS(nla_type < NL_ATTR_BMASK_SIZE);
192
193 return (BIT_ISSET(NL_ATTR_BMASK_SIZE, nla_type, bm));
194 }
195
196 int
nlattr_get_flag(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)197 nlattr_get_flag(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
198 {
199 if (__predict_false(NLA_DATA_LEN(nla) != 0)) {
200 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not a flag",
201 nla->nla_type, NLA_DATA_LEN(nla));
202 return (EINVAL);
203 }
204
205 *((uint8_t *)target) = 1;
206 return (0);
207 }
208
209 static struct sockaddr *
parse_rta_ip4(void * rta_data,struct nl_pstate * npt,int * perror)210 parse_rta_ip4(void *rta_data, struct nl_pstate *npt, int *perror)
211 {
212 struct sockaddr_in *sin;
213
214 sin = (struct sockaddr_in *)npt_alloc_sockaddr(npt, sizeof(struct sockaddr_in));
215 if (__predict_false(sin == NULL)) {
216 *perror = ENOBUFS;
217 return (NULL);
218 }
219 sin->sin_len = sizeof(struct sockaddr_in);
220 sin->sin_family = AF_INET;
221 memcpy(&sin->sin_addr, rta_data, sizeof(struct in_addr));
222 return ((struct sockaddr *)sin);
223 }
224
225 static struct sockaddr *
parse_rta_ip6(void * rta_data,struct nl_pstate * npt,int * perror)226 parse_rta_ip6(void *rta_data, struct nl_pstate *npt, int *perror)
227 {
228 struct sockaddr_in6 *sin6;
229
230 sin6 = (struct sockaddr_in6 *)npt_alloc_sockaddr(npt, sizeof(struct sockaddr_in6));
231 if (__predict_false(sin6 == NULL)) {
232 *perror = ENOBUFS;
233 return (NULL);
234 }
235 sin6->sin6_len = sizeof(struct sockaddr_in6);
236 sin6->sin6_family = AF_INET6;
237 memcpy(&sin6->sin6_addr, rta_data, sizeof(struct in6_addr));
238 return ((struct sockaddr *)sin6);
239 }
240
241 static struct sockaddr *
parse_rta_ip(struct rtattr * rta,struct nl_pstate * npt,int * perror)242 parse_rta_ip(struct rtattr *rta, struct nl_pstate *npt, int *perror)
243 {
244 void *rta_data = NL_RTA_DATA(rta);
245 int rta_len = NL_RTA_DATA_LEN(rta);
246
247 if (rta_len == sizeof(struct in_addr)) {
248 return (parse_rta_ip4(rta_data, npt, perror));
249 } else if (rta_len == sizeof(struct in6_addr)) {
250 return (parse_rta_ip6(rta_data, npt, perror));
251 } else {
252 NLMSG_REPORT_ERR_MSG(npt, "unknown IP len: %d for rta type %d",
253 rta_len, rta->rta_type);
254 *perror = ENOTSUP;
255 return (NULL);
256 }
257 return (NULL);
258 }
259
260 int
nlattr_get_ip(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)261 nlattr_get_ip(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
262 {
263 int error = 0;
264
265 struct sockaddr *sa = parse_rta_ip((struct rtattr *)nla, npt, &error);
266
267 *((struct sockaddr **)target) = sa;
268 return (error);
269 }
270
271 static struct sockaddr *
parse_rta_via(struct rtattr * rta,struct nl_pstate * npt,int * perror)272 parse_rta_via(struct rtattr *rta, struct nl_pstate *npt, int *perror)
273 {
274 struct rtvia *via = NL_RTA_DATA(rta);
275 int data_len = NL_RTA_DATA_LEN(rta);
276
277 if (__predict_false(data_len) < sizeof(struct rtvia)) {
278 NLMSG_REPORT_ERR_MSG(npt, "undersized RTA_VIA(%d) attr: len %d",
279 rta->rta_type, data_len);
280 *perror = EINVAL;
281 return (NULL);
282 }
283 data_len -= offsetof(struct rtvia, rtvia_addr);
284
285 switch (via->rtvia_family) {
286 case AF_INET:
287 if (__predict_false(data_len < sizeof(struct in_addr))) {
288 *perror = EINVAL;
289 return (NULL);
290 }
291 return (parse_rta_ip4(via->rtvia_addr, npt, perror));
292 case AF_INET6:
293 if (__predict_false(data_len < sizeof(struct in6_addr))) {
294 *perror = EINVAL;
295 return (NULL);
296 }
297 return (parse_rta_ip6(via->rtvia_addr, npt, perror));
298 default:
299 *perror = ENOTSUP;
300 return (NULL);
301 }
302 }
303
304 int
nlattr_get_ipvia(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)305 nlattr_get_ipvia(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
306 {
307 int error = 0;
308
309 struct sockaddr *sa = parse_rta_via((struct rtattr *)nla, npt, &error);
310
311 *((struct sockaddr **)target) = sa;
312 return (error);
313 }
314
315
316 int
nlattr_get_uint8(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)317 nlattr_get_uint8(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
318 {
319 if (__predict_false(NLA_DATA_LEN(nla) != sizeof(uint8_t))) {
320 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not uint8",
321 nla->nla_type, NLA_DATA_LEN(nla));
322 return (EINVAL);
323 }
324 *((uint8_t *)target) = *((const uint8_t *)NL_RTA_DATA_CONST(nla));
325 return (0);
326 }
327
328 int
nlattr_get_uint16(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)329 nlattr_get_uint16(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
330 {
331 if (__predict_false(NLA_DATA_LEN(nla) != sizeof(uint16_t))) {
332 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not uint16",
333 nla->nla_type, NLA_DATA_LEN(nla));
334 return (EINVAL);
335 }
336 *((uint16_t *)target) = *((const uint16_t *)NL_RTA_DATA_CONST(nla));
337 return (0);
338 }
339
340 int
nlattr_get_uint32(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)341 nlattr_get_uint32(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
342 {
343 if (__predict_false(NLA_DATA_LEN(nla) != sizeof(uint32_t))) {
344 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not uint32",
345 nla->nla_type, NLA_DATA_LEN(nla));
346 return (EINVAL);
347 }
348 *((uint32_t *)target) = *((const uint32_t *)NL_RTA_DATA_CONST(nla));
349 return (0);
350 }
351
352 int
nlattr_get_uint64(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)353 nlattr_get_uint64(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
354 {
355 if (__predict_false(NLA_DATA_LEN(nla) != sizeof(uint64_t))) {
356 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not uint64",
357 nla->nla_type, NLA_DATA_LEN(nla));
358 return (EINVAL);
359 }
360 memcpy(target, NL_RTA_DATA_CONST(nla), sizeof(uint64_t));
361 return (0);
362 }
363
364 int
nlattr_get_in_addr(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)365 nlattr_get_in_addr(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
366 {
367 if (__predict_false(NLA_DATA_LEN(nla) != sizeof(in_addr_t))) {
368 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not in_addr_t",
369 nla->nla_type, NLA_DATA_LEN(nla));
370 return (EINVAL);
371 }
372 memcpy(target, NLA_DATA_CONST(nla), sizeof(in_addr_t));
373 return (0);
374 }
375
376 int
nlattr_get_in6_addr(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)377 nlattr_get_in6_addr(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
378 {
379 if (__predict_false(NLA_DATA_LEN(nla) != sizeof(struct in6_addr))) {
380 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not struct in6_addr",
381 nla->nla_type, NLA_DATA_LEN(nla));
382 return (EINVAL);
383 }
384 memcpy(target, NLA_DATA_CONST(nla), sizeof(struct in6_addr));
385 return (0);
386 }
387
388 static int
nlattr_get_ifp_internal(struct nlattr * nla,struct nl_pstate * npt,void * target,bool zero_ok)389 nlattr_get_ifp_internal(struct nlattr *nla, struct nl_pstate *npt,
390 void *target, bool zero_ok)
391 {
392 if (__predict_false(NLA_DATA_LEN(nla) != sizeof(uint32_t))) {
393 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not uint32",
394 nla->nla_type, NLA_DATA_LEN(nla));
395 return (EINVAL);
396 }
397 uint32_t ifindex = *((const uint32_t *)NLA_DATA_CONST(nla));
398
399 if (ifindex == 0 && zero_ok) {
400 *((struct ifnet **)target) = NULL;
401 return (0);
402 }
403
404 NET_EPOCH_ASSERT();
405
406 struct ifnet *ifp = ifnet_byindex(ifindex);
407 if (__predict_false(ifp == NULL)) {
408 NLMSG_REPORT_ERR_MSG(npt, "nla type %d: ifindex %u invalid",
409 nla->nla_type, ifindex);
410 return (ENOENT);
411 }
412 *((struct ifnet **)target) = ifp;
413 NL_LOG(LOG_DEBUG3, "nla type %d: ifindex %u -> %s", nla->nla_type,
414 ifindex, if_name(ifp));
415
416 return (0);
417 }
418
419 int
nlattr_get_ifp(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)420 nlattr_get_ifp(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
421 {
422 return (nlattr_get_ifp_internal(nla, npt, target, false));
423 }
424
425 int
nlattr_get_ifpz(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)426 nlattr_get_ifpz(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
427 {
428 return (nlattr_get_ifp_internal(nla, npt, target, true));
429 }
430
431 int
nlattr_get_string(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)432 nlattr_get_string(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
433 {
434 int maxlen = NLA_DATA_LEN(nla);
435
436 if (__predict_false(strnlen((char *)NLA_DATA(nla), maxlen) >= maxlen)) {
437 NLMSG_REPORT_ERR_MSG(npt, "nla type %d size(%u) is not NULL-terminated",
438 nla->nla_type, maxlen);
439 return (EINVAL);
440 }
441
442 *((char **)target) = (char *)NLA_DATA(nla);
443 return (0);
444 }
445
446 int
nlattr_get_stringn(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)447 nlattr_get_stringn(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
448 {
449 int maxlen = NLA_DATA_LEN(nla);
450
451 char *buf = npt_alloc(npt, maxlen + 1);
452 if (buf == NULL)
453 return (ENOMEM);
454 buf[maxlen] = '\0';
455 memcpy(buf, NLA_DATA(nla), maxlen);
456
457 *((char **)target) = buf;
458 return (0);
459 }
460 int
nlattr_get_nla(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)461 nlattr_get_nla(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
462 {
463 NL_LOG(LOG_DEBUG3, "STORING %p len %d", nla, nla->nla_len);
464 *((struct nlattr **)target) = nla;
465 return (0);
466 }
467
468 int
nlattr_get_nested(struct nlattr * nla,struct nl_pstate * npt,const void * arg,void * target)469 nlattr_get_nested(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
470 {
471 const struct nlhdr_parser *p = (const struct nlhdr_parser *)arg;
472 int error;
473
474 /* Assumes target points to the beginning of the structure */
475 error = nl_parse_header(NLA_DATA(nla), NLA_DATA_LEN(nla), p, npt, target);
476 return (error);
477 }
478
479 int
nlf_get_ifp(void * src,struct nl_pstate * npt,void * target)480 nlf_get_ifp(void *src, struct nl_pstate *npt, void *target)
481 {
482 int ifindex = *((const int *)src);
483
484 NET_EPOCH_ASSERT();
485
486 struct ifnet *ifp = ifnet_byindex(ifindex);
487 if (ifp == NULL) {
488 NL_LOG(LOG_DEBUG, "ifindex %u invalid", ifindex);
489 return (ENOENT);
490 }
491 *((struct ifnet **)target) = ifp;
492
493 return (0);
494 }
495
496 int
nlf_get_ifpz(void * src,struct nl_pstate * npt,void * target)497 nlf_get_ifpz(void *src, struct nl_pstate *npt, void *target)
498 {
499 int ifindex = *((const int *)src);
500
501 NET_EPOCH_ASSERT();
502
503 struct ifnet *ifp = ifnet_byindex(ifindex);
504 if (ifindex != 0 && ifp == NULL) {
505 NL_LOG(LOG_DEBUG, "ifindex %u invalid", ifindex);
506 return (ENOENT);
507 }
508 *((struct ifnet **)target) = ifp;
509
510 return (0);
511 }
512
513 int
nlf_get_u8(void * src,struct nl_pstate * npt,void * target)514 nlf_get_u8(void *src, struct nl_pstate *npt, void *target)
515 {
516 uint8_t val = *((const uint8_t *)src);
517
518 *((uint8_t *)target) = val;
519
520 return (0);
521 }
522
523 int
nlf_get_u8_u32(void * src,struct nl_pstate * npt,void * target)524 nlf_get_u8_u32(void *src, struct nl_pstate *npt, void *target)
525 {
526 *((uint32_t *)target) = *((const uint8_t *)src);
527 return (0);
528 }
529
530 int
nlf_get_u16(void * src,struct nl_pstate * npt,void * target)531 nlf_get_u16(void *src, struct nl_pstate *npt, void *target)
532 {
533 *((uint16_t *)target) = *((const uint16_t *)src);
534 return (0);
535 }
536
537 int
nlf_get_u32(void * src,struct nl_pstate * npt,void * target)538 nlf_get_u32(void *src, struct nl_pstate *npt, void *target)
539 {
540 *((uint32_t *)target) = *((const uint32_t *)src);
541 return (0);
542 }
543
544