projects / linux / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge back staging AVS changes for v4.21.
[linux] / net / netfilter / nf_conntrack_netlink.c
1 /* Connection tracking via netlink socket. Allows for user space
2  * protocol helpers and general trouble making from userspace.
3  *
4  * (C) 2001 by Jay Schulist <jschlst@samba.org>
5  * (C) 2002-2006 by Harald Welte <laforge@gnumonks.org>
6  * (C) 2003 by Patrick Mchardy <kaber@trash.net>
7  * (C) 2005-2012 by Pablo Neira Ayuso <pablo@netfilter.org>
8  *
9  * Initial connection tracking via netlink development funded and
10  * generally made possible by Network Robots, Inc. (www.networkrobots.com)
11  *
12  * Further development of this code funded by Astaro AG (http://www.astaro.com)
13  *
14  * This software may be used and distributed according to the terms
15  * of the GNU General Public License, incorporated herein by reference.
16  */
17
18 #include <linux/init.h>
19 #include <linux/module.h>
20 #include <linux/kernel.h>
21 #include <linux/rculist.h>
22 #include <linux/rculist_nulls.h>
23 #include <linux/types.h>
24 #include <linux/timer.h>
25 #include <linux/security.h>
26 #include <linux/skbuff.h>
27 #include <linux/errno.h>
28 #include <linux/netlink.h>
29 #include <linux/spinlock.h>
30 #include <linux/interrupt.h>
31 #include <linux/slab.h>
32
33 #include <linux/netfilter.h>
34 #include <net/netlink.h>
35 #include <net/sock.h>
36 #include <net/netfilter/nf_conntrack.h>
37 #include <net/netfilter/nf_conntrack_core.h>
38 #include <net/netfilter/nf_conntrack_expect.h>
39 #include <net/netfilter/nf_conntrack_helper.h>
40 #include <net/netfilter/nf_conntrack_seqadj.h>
41 #include <net/netfilter/nf_conntrack_l4proto.h>
42 #include <net/netfilter/nf_conntrack_tuple.h>
43 #include <net/netfilter/nf_conntrack_acct.h>
44 #include <net/netfilter/nf_conntrack_zones.h>
45 #include <net/netfilter/nf_conntrack_timestamp.h>
46 #include <net/netfilter/nf_conntrack_labels.h>
47 #include <net/netfilter/nf_conntrack_synproxy.h>
48 #ifdef CONFIG_NF_NAT_NEEDED
49 #include <net/netfilter/nf_nat_core.h>
50 #include <net/netfilter/nf_nat_l4proto.h>
51 #include <net/netfilter/nf_nat_helper.h>
52 #endif
53
54 #include <linux/netfilter/nfnetlink.h>
55 #include <linux/netfilter/nfnetlink_conntrack.h>
56
57 MODULE_LICENSE("GPL");
58
59 static int ctnetlink_dump_tuples_proto(struct sk_buff *skb,
60                                 const struct nf_conntrack_tuple *tuple,
61                                 const struct nf_conntrack_l4proto *l4proto)
62 {
63         int ret = 0;
64         struct nlattr *nest_parms;
65
66         nest_parms = nla_nest_start(skb, CTA_TUPLE_PROTO | NLA_F_NESTED);
67         if (!nest_parms)
68                 goto nla_put_failure;
69         if (nla_put_u8(skb, CTA_PROTO_NUM, tuple->dst.protonum))
70                 goto nla_put_failure;
71
72         if (likely(l4proto->tuple_to_nlattr))
73                 ret = l4proto->tuple_to_nlattr(skb, tuple);
74
75         nla_nest_end(skb, nest_parms);
76
77         return ret;
78
79 nla_put_failure:
80         return -1;
81 }
82
83 static int ipv4_tuple_to_nlattr(struct sk_buff *skb,
84                                 const struct nf_conntrack_tuple *tuple)
85 {
86         if (nla_put_in_addr(skb, CTA_IP_V4_SRC, tuple->src.u3.ip) ||
87             nla_put_in_addr(skb, CTA_IP_V4_DST, tuple->dst.u3.ip))
88                 return -EMSGSIZE;
89         return 0;
90 }
91
92 static int ipv6_tuple_to_nlattr(struct sk_buff *skb,
93                                 const struct nf_conntrack_tuple *tuple)
94 {
95         if (nla_put_in6_addr(skb, CTA_IP_V6_SRC, &tuple->src.u3.in6) ||
96             nla_put_in6_addr(skb, CTA_IP_V6_DST, &tuple->dst.u3.in6))
97                 return -EMSGSIZE;
98         return 0;
99 }
100
101 static int ctnetlink_dump_tuples_ip(struct sk_buff *skb,
102                                     const struct nf_conntrack_tuple *tuple)
103 {
104         int ret = 0;
105         struct nlattr *nest_parms;
106
107         nest_parms = nla_nest_start(skb, CTA_TUPLE_IP | NLA_F_NESTED);
108         if (!nest_parms)
109                 goto nla_put_failure;
110
111         switch (tuple->src.l3num) {
112         case NFPROTO_IPV4:
113                 ret = ipv4_tuple_to_nlattr(skb, tuple);
114                 break;
115         case NFPROTO_IPV6:
116                 ret = ipv6_tuple_to_nlattr(skb, tuple);
117                 break;
118         }
119
120         nla_nest_end(skb, nest_parms);
121
122         return ret;
123
124 nla_put_failure:
125         return -1;
126 }
127
128 static int ctnetlink_dump_tuples(struct sk_buff *skb,
129                                  const struct nf_conntrack_tuple *tuple)
130 {
131         const struct nf_conntrack_l4proto *l4proto;
132         int ret;
133
134         rcu_read_lock();
135         ret = ctnetlink_dump_tuples_ip(skb, tuple);
136
137         if (ret >= 0) {
138                 l4proto = __nf_ct_l4proto_find(tuple->dst.protonum);
139                 ret = ctnetlink_dump_tuples_proto(skb, tuple, l4proto);
140         }
141         rcu_read_unlock();
142         return ret;
143 }
144
145 static int ctnetlink_dump_zone_id(struct sk_buff *skb, int attrtype,
146                                   const struct nf_conntrack_zone *zone, int dir)
147 {
148         if (zone->id == NF_CT_DEFAULT_ZONE_ID || zone->dir != dir)
149                 return 0;
150         if (nla_put_be16(skb, attrtype, htons(zone->id)))
151                 goto nla_put_failure;
152         return 0;
153
154 nla_put_failure:
155         return -1;
156 }
157
158 static int ctnetlink_dump_status(struct sk_buff *skb, const struct nf_conn *ct)
159 {
160         if (nla_put_be32(skb, CTA_STATUS, htonl(ct->status)))
161                 goto nla_put_failure;
162         return 0;
163
164 nla_put_failure:
165         return -1;
166 }
167
168 static int ctnetlink_dump_timeout(struct sk_buff *skb, const struct nf_conn *ct)
169 {
170         long timeout = nf_ct_expires(ct) / HZ;
171
172         if (nla_put_be32(skb, CTA_TIMEOUT, htonl(timeout)))
173                 goto nla_put_failure;
174         return 0;
175
176 nla_put_failure:
177         return -1;
178 }
179
180 static int ctnetlink_dump_protoinfo(struct sk_buff *skb, struct nf_conn *ct)
181 {
182         const struct nf_conntrack_l4proto *l4proto;
183         struct nlattr *nest_proto;
184         int ret;
185
186         l4proto = __nf_ct_l4proto_find(nf_ct_protonum(ct));
187         if (!l4proto->to_nlattr)
188                 return 0;
189
190         nest_proto = nla_nest_start(skb, CTA_PROTOINFO | NLA_F_NESTED);
191         if (!nest_proto)
192                 goto nla_put_failure;
193
194         ret = l4proto->to_nlattr(skb, nest_proto, ct);
195
196         nla_nest_end(skb, nest_proto);
197
198         return ret;
199
200 nla_put_failure:
201         return -1;
202 }
203
204 static int ctnetlink_dump_helpinfo(struct sk_buff *skb,
205                                    const struct nf_conn *ct)
206 {
207         struct nlattr *nest_helper;
208         const struct nf_conn_help *help = nfct_help(ct);
209         struct nf_conntrack_helper *helper;
210
211         if (!help)
212                 return 0;
213
214         helper = rcu_dereference(help->helper);
215         if (!helper)
216                 goto out;
217
218         nest_helper = nla_nest_start(skb, CTA_HELP | NLA_F_NESTED);
219         if (!nest_helper)
220                 goto nla_put_failure;
221         if (nla_put_string(skb, CTA_HELP_NAME, helper->name))
222                 goto nla_put_failure;
223
224         if (helper->to_nlattr)
225                 helper->to_nlattr(skb, ct);
226
227         nla_nest_end(skb, nest_helper);
228 out:
229         return 0;
230
231 nla_put_failure:
232         return -1;
233 }
234
235 static int
236 dump_counters(struct sk_buff *skb, struct nf_conn_acct *acct,
237               enum ip_conntrack_dir dir, int type)
238 {
239         enum ctattr_type attr = dir ? CTA_COUNTERS_REPLY: CTA_COUNTERS_ORIG;
240         struct nf_conn_counter *counter = acct->counter;
241         struct nlattr *nest_count;
242         u64 pkts, bytes;
243
244         if (type == IPCTNL_MSG_CT_GET_CTRZERO) {
245                 pkts = atomic64_xchg(&counter[dir].packets, 0);
246                 bytes = atomic64_xchg(&counter[dir].bytes, 0);
247         } else {
248                 pkts = atomic64_read(&counter[dir].packets);
249                 bytes = atomic64_read(&counter[dir].bytes);
250         }
251
252         nest_count = nla_nest_start(skb, attr | NLA_F_NESTED);
253         if (!nest_count)
254                 goto nla_put_failure;
255
256         if (nla_put_be64(skb, CTA_COUNTERS_PACKETS, cpu_to_be64(pkts),
257                          CTA_COUNTERS_PAD) ||
258             nla_put_be64(skb, CTA_COUNTERS_BYTES, cpu_to_be64(bytes),
259                          CTA_COUNTERS_PAD))
260                 goto nla_put_failure;
261
262         nla_nest_end(skb, nest_count);
263
264         return 0;
265
266 nla_put_failure:
267         return -1;
268 }
269
270 static int
271 ctnetlink_dump_acct(struct sk_buff *skb, const struct nf_conn *ct, int type)
272 {
273         struct nf_conn_acct *acct = nf_conn_acct_find(ct);
274
275         if (!acct)
276                 return 0;
277
278         if (dump_counters(skb, acct, IP_CT_DIR_ORIGINAL, type) < 0)
279                 return -1;
280         if (dump_counters(skb, acct, IP_CT_DIR_REPLY, type) < 0)
281                 return -1;
282
283         return 0;
284 }
285
286 static int
287 ctnetlink_dump_timestamp(struct sk_buff *skb, const struct nf_conn *ct)
288 {
289         struct nlattr *nest_count;
290         const struct nf_conn_tstamp *tstamp;
291
292         tstamp = nf_conn_tstamp_find(ct);
293         if (!tstamp)
294                 return 0;
295
296         nest_count = nla_nest_start(skb, CTA_TIMESTAMP | NLA_F_NESTED);
297         if (!nest_count)
298                 goto nla_put_failure;
299
300         if (nla_put_be64(skb, CTA_TIMESTAMP_START, cpu_to_be64(tstamp->start),
301                          CTA_TIMESTAMP_PAD) ||
302             (tstamp->stop != 0 && nla_put_be64(skb, CTA_TIMESTAMP_STOP,
303                                                cpu_to_be64(tstamp->stop),
304                                                CTA_TIMESTAMP_PAD)))
305                 goto nla_put_failure;
306         nla_nest_end(skb, nest_count);
307
308         return 0;
309
310 nla_put_failure:
311         return -1;
312 }
313
314 #ifdef CONFIG_NF_CONNTRACK_MARK
315 static int ctnetlink_dump_mark(struct sk_buff *skb, const struct nf_conn *ct)
316 {
317         if (nla_put_be32(skb, CTA_MARK, htonl(ct->mark)))
318                 goto nla_put_failure;
319         return 0;
320
321 nla_put_failure:
322         return -1;
323 }
324 #else
325 #define ctnetlink_dump_mark(a, b) (0)
326 #endif
327
328 #ifdef CONFIG_NF_CONNTRACK_SECMARK
329 static int ctnetlink_dump_secctx(struct sk_buff *skb, const struct nf_conn *ct)
330 {
331         struct nlattr *nest_secctx;
332         int len, ret;
333         char *secctx;
334
335         ret = security_secid_to_secctx(ct->secmark, &secctx, &len);
336         if (ret)
337                 return 0;
338
339         ret = -1;
340         nest_secctx = nla_nest_start(skb, CTA_SECCTX | NLA_F_NESTED);
341         if (!nest_secctx)
342                 goto nla_put_failure;
343
344         if (nla_put_string(skb, CTA_SECCTX_NAME, secctx))
345                 goto nla_put_failure;
346         nla_nest_end(skb, nest_secctx);
347
348         ret = 0;
349 nla_put_failure:
350         security_release_secctx(secctx, len);
351         return ret;
352 }
353 #else
354 #define ctnetlink_dump_secctx(a, b) (0)
355 #endif
356
357 #ifdef CONFIG_NF_CONNTRACK_LABELS
358 static inline int ctnetlink_label_size(const struct nf_conn *ct)
359 {
360         struct nf_conn_labels *labels = nf_ct_labels_find(ct);
361
362         if (!labels)
363                 return 0;
364         return nla_total_size(sizeof(labels->bits));
365 }
366
367 static int
368 ctnetlink_dump_labels(struct sk_buff *skb, const struct nf_conn *ct)
369 {
370         struct nf_conn_labels *labels = nf_ct_labels_find(ct);
371         unsigned int i;
372
373         if (!labels)
374                 return 0;
375
376         i = 0;
377         do {
378                 if (labels->bits[i] != 0)
379                         return nla_put(skb, CTA_LABELS, sizeof(labels->bits),
380                                        labels->bits);
381                 i++;
382         } while (i < ARRAY_SIZE(labels->bits));
383
384         return 0;
385 }
386 #else
387 #define ctnetlink_dump_labels(a, b) (0)
388 #define ctnetlink_label_size(a) (0)
389 #endif
390
391 #define master_tuple(ct) &(ct->master->tuplehash[IP_CT_DIR_ORIGINAL].tuple)
392
393 static int ctnetlink_dump_master(struct sk_buff *skb, const struct nf_conn *ct)
394 {
395         struct nlattr *nest_parms;
396
397         if (!(ct->status & IPS_EXPECTED))
398                 return 0;
399
400         nest_parms = nla_nest_start(skb, CTA_TUPLE_MASTER | NLA_F_NESTED);
401         if (!nest_parms)
402                 goto nla_put_failure;
403         if (ctnetlink_dump_tuples(skb, master_tuple(ct)) < 0)
404                 goto nla_put_failure;
405         nla_nest_end(skb, nest_parms);
406
407         return 0;
408
409 nla_put_failure:
410         return -1;
411 }
412
413 static int
414 dump_ct_seq_adj(struct sk_buff *skb, const struct nf_ct_seqadj *seq, int type)
415 {
416         struct nlattr *nest_parms;
417
418         nest_parms = nla_nest_start(skb, type | NLA_F_NESTED);
419         if (!nest_parms)
420                 goto nla_put_failure;
421
422         if (nla_put_be32(skb, CTA_SEQADJ_CORRECTION_POS,
423                          htonl(seq->correction_pos)) ||
424             nla_put_be32(skb, CTA_SEQADJ_OFFSET_BEFORE,
425                          htonl(seq->offset_before)) ||
426             nla_put_be32(skb, CTA_SEQADJ_OFFSET_AFTER,
427                          htonl(seq->offset_after)))
428                 goto nla_put_failure;
429
430         nla_nest_end(skb, nest_parms);
431
432         return 0;
433
434 nla_put_failure:
435         return -1;
436 }
437
438 static int ctnetlink_dump_ct_seq_adj(struct sk_buff *skb, struct nf_conn *ct)
439 {
440         struct nf_conn_seqadj *seqadj = nfct_seqadj(ct);
441         struct nf_ct_seqadj *seq;
442
443         if (!(ct->status & IPS_SEQ_ADJUST) || !seqadj)
444                 return 0;
445
446         spin_lock_bh(&ct->lock);
447         seq = &seqadj->seq[IP_CT_DIR_ORIGINAL];
448         if (dump_ct_seq_adj(skb, seq, CTA_SEQ_ADJ_ORIG) == -1)
449                 goto err;
450
451         seq = &seqadj->seq[IP_CT_DIR_REPLY];
452         if (dump_ct_seq_adj(skb, seq, CTA_SEQ_ADJ_REPLY) == -1)
453                 goto err;
454
455         spin_unlock_bh(&ct->lock);
456         return 0;
457 err:
458         spin_unlock_bh(&ct->lock);
459         return -1;
460 }
461
462 static int ctnetlink_dump_ct_synproxy(struct sk_buff *skb, struct nf_conn *ct)
463 {
464         struct nf_conn_synproxy *synproxy = nfct_synproxy(ct);
465         struct nlattr *nest_parms;
466
467         if (!synproxy)
468                 return 0;
469
470         nest_parms = nla_nest_start(skb, CTA_SYNPROXY | NLA_F_NESTED);
471         if (!nest_parms)
472                 goto nla_put_failure;
473
474         if (nla_put_be32(skb, CTA_SYNPROXY_ISN, htonl(synproxy->isn)) ||
475             nla_put_be32(skb, CTA_SYNPROXY_ITS, htonl(synproxy->its)) ||
476             nla_put_be32(skb, CTA_SYNPROXY_TSOFF, htonl(synproxy->tsoff)))
477                 goto nla_put_failure;
478
479         nla_nest_end(skb, nest_parms);
480
481         return 0;
482
483 nla_put_failure:
484         return -1;
485 }
486
487 static int ctnetlink_dump_id(struct sk_buff *skb, const struct nf_conn *ct)
488 {
489         if (nla_put_be32(skb, CTA_ID, htonl((unsigned long)ct)))
490                 goto nla_put_failure;
491         return 0;
492
493 nla_put_failure:
494         return -1;
495 }
496
497 static int ctnetlink_dump_use(struct sk_buff *skb, const struct nf_conn *ct)
498 {
499         if (nla_put_be32(skb, CTA_USE, htonl(atomic_read(&ct->ct_general.use))))
500                 goto nla_put_failure;
501         return 0;
502
503 nla_put_failure:
504         return -1;
505 }
506
507 static int
508 ctnetlink_fill_info(struct sk_buff *skb, u32 portid, u32 seq, u32 type,
509                     struct nf_conn *ct)
510 {
511         const struct nf_conntrack_zone *zone;
512         struct nlmsghdr *nlh;
513         struct nfgenmsg *nfmsg;
514         struct nlattr *nest_parms;
515         unsigned int flags = portid ? NLM_F_MULTI : 0, event;
516
517         event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK, IPCTNL_MSG_CT_NEW);
518         nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
519         if (nlh == NULL)
520                 goto nlmsg_failure;
521
522         nfmsg = nlmsg_data(nlh);
523         nfmsg->nfgen_family = nf_ct_l3num(ct);
524         nfmsg->version      = NFNETLINK_V0;
525         nfmsg->res_id       = 0;
526
527         zone = nf_ct_zone(ct);
528
529         nest_parms = nla_nest_start(skb, CTA_TUPLE_ORIG | NLA_F_NESTED);
530         if (!nest_parms)
531                 goto nla_put_failure;
532         if (ctnetlink_dump_tuples(skb, nf_ct_tuple(ct, IP_CT_DIR_ORIGINAL)) < 0)
533                 goto nla_put_failure;
534         if (ctnetlink_dump_zone_id(skb, CTA_TUPLE_ZONE, zone,
535                                    NF_CT_ZONE_DIR_ORIG) < 0)
536                 goto nla_put_failure;
537         nla_nest_end(skb, nest_parms);
538
539         nest_parms = nla_nest_start(skb, CTA_TUPLE_REPLY | NLA_F_NESTED);
540         if (!nest_parms)
541                 goto nla_put_failure;
542         if (ctnetlink_dump_tuples(skb, nf_ct_tuple(ct, IP_CT_DIR_REPLY)) < 0)
543                 goto nla_put_failure;
544         if (ctnetlink_dump_zone_id(skb, CTA_TUPLE_ZONE, zone,
545                                    NF_CT_ZONE_DIR_REPL) < 0)
546                 goto nla_put_failure;
547         nla_nest_end(skb, nest_parms);
548
549         if (ctnetlink_dump_zone_id(skb, CTA_ZONE, zone,
550                                    NF_CT_DEFAULT_ZONE_DIR) < 0)
551                 goto nla_put_failure;
552
553         if (ctnetlink_dump_status(skb, ct) < 0 ||
554             ctnetlink_dump_timeout(skb, ct) < 0 ||
555             ctnetlink_dump_acct(skb, ct, type) < 0 ||
556             ctnetlink_dump_timestamp(skb, ct) < 0 ||
557             ctnetlink_dump_protoinfo(skb, ct) < 0 ||
558             ctnetlink_dump_helpinfo(skb, ct) < 0 ||
559             ctnetlink_dump_mark(skb, ct) < 0 ||
560             ctnetlink_dump_secctx(skb, ct) < 0 ||
561             ctnetlink_dump_labels(skb, ct) < 0 ||
562             ctnetlink_dump_id(skb, ct) < 0 ||
563             ctnetlink_dump_use(skb, ct) < 0 ||
564             ctnetlink_dump_master(skb, ct) < 0 ||
565             ctnetlink_dump_ct_seq_adj(skb, ct) < 0 ||
566             ctnetlink_dump_ct_synproxy(skb, ct) < 0)
567                 goto nla_put_failure;
568
569         nlmsg_end(skb, nlh);
570         return skb->len;
571
572 nlmsg_failure:
573 nla_put_failure:
574         nlmsg_cancel(skb, nlh);
575         return -1;
576 }
577
578 static const struct nla_policy cta_ip_nla_policy[CTA_IP_MAX + 1] = {
579         [CTA_IP_V4_SRC] = { .type = NLA_U32 },
580         [CTA_IP_V4_DST] = { .type = NLA_U32 },
581         [CTA_IP_V6_SRC] = { .len = sizeof(__be32) * 4 },
582         [CTA_IP_V6_DST] = { .len = sizeof(__be32) * 4 },
583 };
584
585 #if defined(CONFIG_NETFILTER_NETLINK_GLUE_CT) || defined(CONFIG_NF_CONNTRACK_EVENTS)
586 static size_t ctnetlink_proto_size(const struct nf_conn *ct)
587 {
588         const struct nf_conntrack_l4proto *l4proto;
589         size_t len, len4 = 0;
590
591         len = nla_policy_len(cta_ip_nla_policy, CTA_IP_MAX + 1);
592         len *= 3u; /* ORIG, REPLY, MASTER */
593
594         l4proto = __nf_ct_l4proto_find(nf_ct_protonum(ct));
595         len += l4proto->nlattr_size;
596         if (l4proto->nlattr_tuple_size) {
597                 len4 = l4proto->nlattr_tuple_size();
598                 len4 *= 3u; /* ORIG, REPLY, MASTER */
599         }
600
601         return len + len4;
602 }
603 #endif
604
605 static inline size_t ctnetlink_acct_size(const struct nf_conn *ct)
606 {
607         if (!nf_ct_ext_exist(ct, NF_CT_EXT_ACCT))
608                 return 0;
609         return 2 * nla_total_size(0) /* CTA_COUNTERS_ORIG|REPL */
610                + 2 * nla_total_size_64bit(sizeof(uint64_t)) /* CTA_COUNTERS_PACKETS */
611                + 2 * nla_total_size_64bit(sizeof(uint64_t)) /* CTA_COUNTERS_BYTES */
612                ;
613 }
614
615 static inline int ctnetlink_secctx_size(const struct nf_conn *ct)
616 {
617 #ifdef CONFIG_NF_CONNTRACK_SECMARK
618         int len, ret;
619
620         ret = security_secid_to_secctx(ct->secmark, NULL, &len);
621         if (ret)
622                 return 0;
623
624         return nla_total_size(0) /* CTA_SECCTX */
625                + nla_total_size(sizeof(char) * len); /* CTA_SECCTX_NAME */
626 #else
627         return 0;
628 #endif
629 }
630
631 static inline size_t ctnetlink_timestamp_size(const struct nf_conn *ct)
632 {
633 #ifdef CONFIG_NF_CONNTRACK_TIMESTAMP
634         if (!nf_ct_ext_exist(ct, NF_CT_EXT_TSTAMP))
635                 return 0;
636         return nla_total_size(0) + 2 * nla_total_size_64bit(sizeof(uint64_t));
637 #else
638         return 0;
639 #endif
640 }
641
642 #ifdef CONFIG_NF_CONNTRACK_EVENTS
643 static size_t ctnetlink_nlmsg_size(const struct nf_conn *ct)
644 {
645         return NLMSG_ALIGN(sizeof(struct nfgenmsg))
646                + 3 * nla_total_size(0) /* CTA_TUPLE_ORIG|REPL|MASTER */
647                + 3 * nla_total_size(0) /* CTA_TUPLE_IP */
648                + 3 * nla_total_size(0) /* CTA_TUPLE_PROTO */
649                + 3 * nla_total_size(sizeof(u_int8_t)) /* CTA_PROTO_NUM */
650                + nla_total_size(sizeof(u_int32_t)) /* CTA_ID */
651                + nla_total_size(sizeof(u_int32_t)) /* CTA_STATUS */
652                + ctnetlink_acct_size(ct)
653                + ctnetlink_timestamp_size(ct)
654                + nla_total_size(sizeof(u_int32_t)) /* CTA_TIMEOUT */
655                + nla_total_size(0) /* CTA_PROTOINFO */
656                + nla_total_size(0) /* CTA_HELP */
657                + nla_total_size(NF_CT_HELPER_NAME_LEN) /* CTA_HELP_NAME */
658                + ctnetlink_secctx_size(ct)
659 #ifdef CONFIG_NF_NAT_NEEDED
660                + 2 * nla_total_size(0) /* CTA_NAT_SEQ_ADJ_ORIG|REPL */
661                + 6 * nla_total_size(sizeof(u_int32_t)) /* CTA_NAT_SEQ_OFFSET */
662 #endif
663 #ifdef CONFIG_NF_CONNTRACK_MARK
664                + nla_total_size(sizeof(u_int32_t)) /* CTA_MARK */
665 #endif
666 #ifdef CONFIG_NF_CONNTRACK_ZONES
667                + nla_total_size(sizeof(u_int16_t)) /* CTA_ZONE|CTA_TUPLE_ZONE */
668 #endif
669                + ctnetlink_proto_size(ct)
670                + ctnetlink_label_size(ct)
671                ;
672 }
673
674 static int
675 ctnetlink_conntrack_event(unsigned int events, struct nf_ct_event *item)
676 {
677         const struct nf_conntrack_zone *zone;
678         struct net *net;
679         struct nlmsghdr *nlh;
680         struct nfgenmsg *nfmsg;
681         struct nlattr *nest_parms;
682         struct nf_conn *ct = item->ct;
683         struct sk_buff *skb;
684         unsigned int type;
685         unsigned int flags = 0, group;
686         int err;
687
688         if (events & (1 << IPCT_DESTROY)) {
689                 type = IPCTNL_MSG_CT_DELETE;
690                 group = NFNLGRP_CONNTRACK_DESTROY;
691         } else if (events & ((1 << IPCT_NEW) | (1 << IPCT_RELATED))) {
692                 type = IPCTNL_MSG_CT_NEW;
693                 flags = NLM_F_CREATE|NLM_F_EXCL;
694                 group = NFNLGRP_CONNTRACK_NEW;
695         } else if (events) {
696                 type = IPCTNL_MSG_CT_NEW;
697                 group = NFNLGRP_CONNTRACK_UPDATE;
698         } else
699                 return 0;
700
701         net = nf_ct_net(ct);
702         if (!item->report && !nfnetlink_has_listeners(net, group))
703                 return 0;
704
705         skb = nlmsg_new(ctnetlink_nlmsg_size(ct), GFP_ATOMIC);
706         if (skb == NULL)
707                 goto errout;
708
709         type = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK, type);
710         nlh = nlmsg_put(skb, item->portid, 0, type, sizeof(*nfmsg), flags);
711         if (nlh == NULL)
712                 goto nlmsg_failure;
713
714         nfmsg = nlmsg_data(nlh);
715         nfmsg->nfgen_family = nf_ct_l3num(ct);
716         nfmsg->version  = NFNETLINK_V0;
717         nfmsg->res_id   = 0;
718
719         zone = nf_ct_zone(ct);
720
721         nest_parms = nla_nest_start(skb, CTA_TUPLE_ORIG | NLA_F_NESTED);
722         if (!nest_parms)
723                 goto nla_put_failure;
724         if (ctnetlink_dump_tuples(skb, nf_ct_tuple(ct, IP_CT_DIR_ORIGINAL)) < 0)
725                 goto nla_put_failure;
726         if (ctnetlink_dump_zone_id(skb, CTA_TUPLE_ZONE, zone,
727                                    NF_CT_ZONE_DIR_ORIG) < 0)
728                 goto nla_put_failure;
729         nla_nest_end(skb, nest_parms);
730
731         nest_parms = nla_nest_start(skb, CTA_TUPLE_REPLY | NLA_F_NESTED);
732         if (!nest_parms)
733                 goto nla_put_failure;
734         if (ctnetlink_dump_tuples(skb, nf_ct_tuple(ct, IP_CT_DIR_REPLY)) < 0)
735                 goto nla_put_failure;
736         if (ctnetlink_dump_zone_id(skb, CTA_TUPLE_ZONE, zone,
737                                    NF_CT_ZONE_DIR_REPL) < 0)
738                 goto nla_put_failure;
739         nla_nest_end(skb, nest_parms);
740
741         if (ctnetlink_dump_zone_id(skb, CTA_ZONE, zone,
742                                    NF_CT_DEFAULT_ZONE_DIR) < 0)
743                 goto nla_put_failure;
744
745         if (ctnetlink_dump_id(skb, ct) < 0)
746                 goto nla_put_failure;
747
748         if (ctnetlink_dump_status(skb, ct) < 0)
749                 goto nla_put_failure;
750
751         if (events & (1 << IPCT_DESTROY)) {
752                 if (ctnetlink_dump_acct(skb, ct, type) < 0 ||
753                     ctnetlink_dump_timestamp(skb, ct) < 0)
754                         goto nla_put_failure;
755         } else {
756                 if (ctnetlink_dump_timeout(skb, ct) < 0)
757                         goto nla_put_failure;
758
759                 if (events & (1 << IPCT_PROTOINFO)
760                     && ctnetlink_dump_protoinfo(skb, ct) < 0)
761                         goto nla_put_failure;
762
763                 if ((events & (1 << IPCT_HELPER) || nfct_help(ct))
764                     && ctnetlink_dump_helpinfo(skb, ct) < 0)
765                         goto nla_put_failure;
766
767 #ifdef CONFIG_NF_CONNTRACK_SECMARK
768                 if ((events & (1 << IPCT_SECMARK) || ct->secmark)
769                     && ctnetlink_dump_secctx(skb, ct) < 0)
770                         goto nla_put_failure;
771 #endif
772                 if (events & (1 << IPCT_LABEL) &&
773                      ctnetlink_dump_labels(skb, ct) < 0)
774                         goto nla_put_failure;
775
776                 if (events & (1 << IPCT_RELATED) &&
777                     ctnetlink_dump_master(skb, ct) < 0)
778                         goto nla_put_failure;
779
780                 if (events & (1 << IPCT_SEQADJ) &&
781                     ctnetlink_dump_ct_seq_adj(skb, ct) < 0)
782                         goto nla_put_failure;
783
784                 if (events & (1 << IPCT_SYNPROXY) &&
785                     ctnetlink_dump_ct_synproxy(skb, ct) < 0)
786                         goto nla_put_failure;
787         }
788
789 #ifdef CONFIG_NF_CONNTRACK_MARK
790         if ((events & (1 << IPCT_MARK) || ct->mark)
791             && ctnetlink_dump_mark(skb, ct) < 0)
792                 goto nla_put_failure;
793 #endif
794         nlmsg_end(skb, nlh);
795         err = nfnetlink_send(skb, net, item->portid, group, item->report,
796                              GFP_ATOMIC);
797         if (err == -ENOBUFS || err == -EAGAIN)
798                 return -ENOBUFS;
799
800         return 0;
801
802 nla_put_failure:
803         nlmsg_cancel(skb, nlh);
804 nlmsg_failure:
805         kfree_skb(skb);
806 errout:
807         if (nfnetlink_set_err(net, 0, group, -ENOBUFS) > 0)
808                 return -ENOBUFS;
809
810         return 0;
811 }
812 #endif /* CONFIG_NF_CONNTRACK_EVENTS */
813
814 static int ctnetlink_done(struct netlink_callback *cb)
815 {
816         if (cb->args[1])
817                 nf_ct_put((struct nf_conn *)cb->args[1]);
818         kfree(cb->data);
819         return 0;
820 }
821
822 struct ctnetlink_filter {
823         u8 family;
824         struct {
825                 u_int32_t val;
826                 u_int32_t mask;
827         } mark;
828 };
829
830 static struct ctnetlink_filter *
831 ctnetlink_alloc_filter(const struct nlattr * const cda[], u8 family)
832 {
833         struct ctnetlink_filter *filter;
834
835 #ifndef CONFIG_NF_CONNTRACK_MARK
836         if (cda[CTA_MARK] && cda[CTA_MARK_MASK])
837                 return ERR_PTR(-EOPNOTSUPP);
838 #endif
839
840         filter = kzalloc(sizeof(*filter), GFP_KERNEL);
841         if (filter == NULL)
842                 return ERR_PTR(-ENOMEM);
843
844         filter->family = family;
845
846 #ifdef CONFIG_NF_CONNTRACK_MARK
847         if (cda[CTA_MARK] && cda[CTA_MARK_MASK]) {
848                 filter->mark.val = ntohl(nla_get_be32(cda[CTA_MARK]));
849                 filter->mark.mask = ntohl(nla_get_be32(cda[CTA_MARK_MASK]));
850         }
851 #endif
852         return filter;
853 }
854
855 static int ctnetlink_start(struct netlink_callback *cb)
856 {
857         const struct nlattr * const *cda = cb->data;
858         struct ctnetlink_filter *filter = NULL;
859         struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
860         u8 family = nfmsg->nfgen_family;
861
862         if (family || (cda[CTA_MARK] && cda[CTA_MARK_MASK])) {
863                 filter = ctnetlink_alloc_filter(cda, family);
864                 if (IS_ERR(filter))
865                         return PTR_ERR(filter);
866         }
867
868         cb->data = filter;
869         return 0;
870 }
871
872 static int ctnetlink_filter_match(struct nf_conn *ct, void *data)
873 {
874         struct ctnetlink_filter *filter = data;
875
876         if (filter == NULL)
877                 goto out;
878
879         /* Match entries of a given L3 protocol number.
880          * If it is not specified, ie. l3proto == 0,
881          * then match everything.
882          */
883         if (filter->family && nf_ct_l3num(ct) != filter->family)
884                 goto ignore_entry;
885
886 #ifdef CONFIG_NF_CONNTRACK_MARK
887         if ((ct->mark & filter->mark.mask) != filter->mark.val)
888                 goto ignore_entry;
889 #endif
890
891 out:
892         return 1;
893
894 ignore_entry:
895         return 0;
896 }
897
898 static int
899 ctnetlink_dump_table(struct sk_buff *skb, struct netlink_callback *cb)
900 {
901         struct net *net = sock_net(skb->sk);
902         struct nf_conn *ct, *last;
903         struct nf_conntrack_tuple_hash *h;
904         struct hlist_nulls_node *n;
905         struct nf_conn *nf_ct_evict[8];
906         int res, i;
907         spinlock_t *lockp;
908
909         last = (struct nf_conn *)cb->args[1];
910         i = 0;
911
912         local_bh_disable();
913         for (; cb->args[0] < nf_conntrack_htable_size; cb->args[0]++) {
914 restart:
915                 while (i) {
916                         i--;
917                         if (nf_ct_should_gc(nf_ct_evict[i]))
918                                 nf_ct_kill(nf_ct_evict[i]);
919                         nf_ct_put(nf_ct_evict[i]);
920                 }
921
922                 lockp = &nf_conntrack_locks[cb->args[0] % CONNTRACK_LOCKS];
923                 nf_conntrack_lock(lockp);
924                 if (cb->args[0] >= nf_conntrack_htable_size) {
925                         spin_unlock(lockp);
926                         goto out;
927                 }
928                 hlist_nulls_for_each_entry(h, n, &nf_conntrack_hash[cb->args[0]],
929                                            hnnode) {
930                         if (NF_CT_DIRECTION(h) != IP_CT_DIR_ORIGINAL)
931                                 continue;
932                         ct = nf_ct_tuplehash_to_ctrack(h);
933                         if (nf_ct_is_expired(ct)) {
934                                 if (i < ARRAY_SIZE(nf_ct_evict) &&
935                                     atomic_inc_not_zero(&ct->ct_general.use))
936                                         nf_ct_evict[i++] = ct;
937                                 continue;
938                         }
939
940                         if (!net_eq(net, nf_ct_net(ct)))
941                                 continue;
942
943                         if (cb->args[1]) {
944                                 if (ct != last)
945                                         continue;
946                                 cb->args[1] = 0;
947                         }
948                         if (!ctnetlink_filter_match(ct, cb->data))
949                                 continue;
950
951                         rcu_read_lock();
952                         res =
953                         ctnetlink_fill_info(skb, NETLINK_CB(cb->skb).portid,
954                                             cb->nlh->nlmsg_seq,
955                                             NFNL_MSG_TYPE(cb->nlh->nlmsg_type),
956                                             ct);
957                         rcu_read_unlock();
958                         if (res < 0) {
959                                 nf_conntrack_get(&ct->ct_general);
960                                 cb->args[1] = (unsigned long)ct;
961                                 spin_unlock(lockp);
962                                 goto out;
963                         }
964                 }
965                 spin_unlock(lockp);
966                 if (cb->args[1]) {
967                         cb->args[1] = 0;
968                         goto restart;
969                 }
970         }
971 out:
972         local_bh_enable();
973         if (last) {
974                 /* nf ct hash resize happened, now clear the leftover. */
975                 if ((struct nf_conn *)cb->args[1] == last)
976                         cb->args[1] = 0;
977
978                 nf_ct_put(last);
979         }
980
981         while (i) {
982                 i--;
983                 if (nf_ct_should_gc(nf_ct_evict[i]))
984                         nf_ct_kill(nf_ct_evict[i]);
985                 nf_ct_put(nf_ct_evict[i]);
986         }
987
988         return skb->len;
989 }
990
991 static int ipv4_nlattr_to_tuple(struct nlattr *tb[],
992                                 struct nf_conntrack_tuple *t)
993 {
994         if (!tb[CTA_IP_V4_SRC] || !tb[CTA_IP_V4_DST])
995                 return -EINVAL;
996
997         t->src.u3.ip = nla_get_in_addr(tb[CTA_IP_V4_SRC]);
998         t->dst.u3.ip = nla_get_in_addr(tb[CTA_IP_V4_DST]);
999
1000         return 0;
1001 }
1002
1003 static int ipv6_nlattr_to_tuple(struct nlattr *tb[],
1004                                 struct nf_conntrack_tuple *t)
1005 {
1006         if (!tb[CTA_IP_V6_SRC] || !tb[CTA_IP_V6_DST])
1007                 return -EINVAL;
1008
1009         t->src.u3.in6 = nla_get_in6_addr(tb[CTA_IP_V6_SRC]);
1010         t->dst.u3.in6 = nla_get_in6_addr(tb[CTA_IP_V6_DST]);
1011
1012         return 0;
1013 }
1014
1015 static int ctnetlink_parse_tuple_ip(struct nlattr *attr,
1016                                     struct nf_conntrack_tuple *tuple)
1017 {
1018         struct nlattr *tb[CTA_IP_MAX+1];
1019         int ret = 0;
1020
1021         ret = nla_parse_nested(tb, CTA_IP_MAX, attr, NULL, NULL);
1022         if (ret < 0)
1023                 return ret;
1024
1025         ret = nla_validate_nested(attr, CTA_IP_MAX,
1026                                   cta_ip_nla_policy, NULL);
1027         if (ret)
1028                 return ret;
1029
1030         switch (tuple->src.l3num) {
1031         case NFPROTO_IPV4:
1032                 ret = ipv4_nlattr_to_tuple(tb, tuple);
1033                 break;
1034         case NFPROTO_IPV6:
1035                 ret = ipv6_nlattr_to_tuple(tb, tuple);
1036                 break;
1037         }
1038
1039         return ret;
1040 }
1041
1042 static const struct nla_policy proto_nla_policy[CTA_PROTO_MAX+1] = {
1043         [CTA_PROTO_NUM] = { .type = NLA_U8 },
1044 };
1045
1046 static int ctnetlink_parse_tuple_proto(struct nlattr *attr,
1047                                        struct nf_conntrack_tuple *tuple)
1048 {
1049         const struct nf_conntrack_l4proto *l4proto;
1050         struct nlattr *tb[CTA_PROTO_MAX+1];
1051         int ret = 0;
1052
1053         ret = nla_parse_nested(tb, CTA_PROTO_MAX, attr, proto_nla_policy,
1054                                NULL);
1055         if (ret < 0)
1056                 return ret;
1057
1058         if (!tb[CTA_PROTO_NUM])
1059                 return -EINVAL;
1060         tuple->dst.protonum = nla_get_u8(tb[CTA_PROTO_NUM]);
1061
1062         rcu_read_lock();
1063         l4proto = __nf_ct_l4proto_find(tuple->dst.protonum);
1064
1065         if (likely(l4proto->nlattr_to_tuple)) {
1066                 ret = nla_validate_nested(attr, CTA_PROTO_MAX,
1067                                           l4proto->nla_policy, NULL);
1068                 if (ret == 0)
1069                         ret = l4proto->nlattr_to_tuple(tb, tuple);
1070         }
1071
1072         rcu_read_unlock();
1073
1074         return ret;
1075 }
1076
1077 static int
1078 ctnetlink_parse_zone(const struct nlattr *attr,
1079                      struct nf_conntrack_zone *zone)
1080 {
1081         nf_ct_zone_init(zone, NF_CT_DEFAULT_ZONE_ID,
1082                         NF_CT_DEFAULT_ZONE_DIR, 0);
1083 #ifdef CONFIG_NF_CONNTRACK_ZONES
1084         if (attr)
1085                 zone->id = ntohs(nla_get_be16(attr));
1086 #else
1087         if (attr)
1088                 return -EOPNOTSUPP;
1089 #endif
1090         return 0;
1091 }
1092
1093 static int
1094 ctnetlink_parse_tuple_zone(struct nlattr *attr, enum ctattr_type type,
1095                            struct nf_conntrack_zone *zone)
1096 {
1097         int ret;
1098
1099         if (zone->id != NF_CT_DEFAULT_ZONE_ID)
1100                 return -EINVAL;
1101
1102         ret = ctnetlink_parse_zone(attr, zone);
1103         if (ret < 0)
1104                 return ret;
1105
1106         if (type == CTA_TUPLE_REPLY)
1107                 zone->dir = NF_CT_ZONE_DIR_REPL;
1108         else
1109                 zone->dir = NF_CT_ZONE_DIR_ORIG;
1110
1111         return 0;
1112 }
1113
1114 static const struct nla_policy tuple_nla_policy[CTA_TUPLE_MAX+1] = {
1115         [CTA_TUPLE_IP]          = { .type = NLA_NESTED },
1116         [CTA_TUPLE_PROTO]       = { .type = NLA_NESTED },
1117         [CTA_TUPLE_ZONE]        = { .type = NLA_U16 },
1118 };
1119
1120 static int
1121 ctnetlink_parse_tuple(const struct nlattr * const cda[],
1122                       struct nf_conntrack_tuple *tuple, u32 type,
1123                       u_int8_t l3num, struct nf_conntrack_zone *zone)
1124 {
1125         struct nlattr *tb[CTA_TUPLE_MAX+1];
1126         int err;
1127
1128         memset(tuple, 0, sizeof(*tuple));
1129
1130         err = nla_parse_nested(tb, CTA_TUPLE_MAX, cda[type], tuple_nla_policy,
1131                                NULL);
1132         if (err < 0)
1133                 return err;
1134
1135         if (!tb[CTA_TUPLE_IP])
1136                 return -EINVAL;
1137
1138         tuple->src.l3num = l3num;
1139
1140         err = ctnetlink_parse_tuple_ip(tb[CTA_TUPLE_IP], tuple);
1141         if (err < 0)
1142                 return err;
1143
1144         if (!tb[CTA_TUPLE_PROTO])
1145                 return -EINVAL;
1146
1147         err = ctnetlink_parse_tuple_proto(tb[CTA_TUPLE_PROTO], tuple);
1148         if (err < 0)
1149                 return err;
1150
1151         if (tb[CTA_TUPLE_ZONE]) {
1152                 if (!zone)
1153                         return -EINVAL;
1154
1155                 err = ctnetlink_parse_tuple_zone(tb[CTA_TUPLE_ZONE],
1156                                                  type, zone);
1157                 if (err < 0)
1158                         return err;
1159         }
1160
1161         /* orig and expect tuples get DIR_ORIGINAL */
1162         if (type == CTA_TUPLE_REPLY)
1163                 tuple->dst.dir = IP_CT_DIR_REPLY;
1164         else
1165                 tuple->dst.dir = IP_CT_DIR_ORIGINAL;
1166
1167         return 0;
1168 }
1169
1170 static const struct nla_policy help_nla_policy[CTA_HELP_MAX+1] = {
1171         [CTA_HELP_NAME]         = { .type = NLA_NUL_STRING,
1172                                     .len = NF_CT_HELPER_NAME_LEN - 1 },
1173 };
1174
1175 static int ctnetlink_parse_help(const struct nlattr *attr, char **helper_name,
1176                                 struct nlattr **helpinfo)
1177 {
1178         int err;
1179         struct nlattr *tb[CTA_HELP_MAX+1];
1180
1181         err = nla_parse_nested(tb, CTA_HELP_MAX, attr, help_nla_policy, NULL);
1182         if (err < 0)
1183                 return err;
1184
1185         if (!tb[CTA_HELP_NAME])
1186                 return -EINVAL;
1187
1188         *helper_name = nla_data(tb[CTA_HELP_NAME]);
1189
1190         if (tb[CTA_HELP_INFO])
1191                 *helpinfo = tb[CTA_HELP_INFO];
1192
1193         return 0;
1194 }
1195
1196 static const struct nla_policy ct_nla_policy[CTA_MAX+1] = {
1197         [CTA_TUPLE_ORIG]        = { .type = NLA_NESTED },
1198         [CTA_TUPLE_REPLY]       = { .type = NLA_NESTED },
1199         [CTA_STATUS]            = { .type = NLA_U32 },
1200         [CTA_PROTOINFO]         = { .type = NLA_NESTED },
1201         [CTA_HELP]              = { .type = NLA_NESTED },
1202         [CTA_NAT_SRC]           = { .type = NLA_NESTED },
1203         [CTA_TIMEOUT]           = { .type = NLA_U32 },
1204         [CTA_MARK]              = { .type = NLA_U32 },
1205         [CTA_ID]                = { .type = NLA_U32 },
1206         [CTA_NAT_DST]           = { .type = NLA_NESTED },
1207         [CTA_TUPLE_MASTER]      = { .type = NLA_NESTED },
1208         [CTA_NAT_SEQ_ADJ_ORIG]  = { .type = NLA_NESTED },
1209         [CTA_NAT_SEQ_ADJ_REPLY] = { .type = NLA_NESTED },
1210         [CTA_ZONE]              = { .type = NLA_U16 },
1211         [CTA_MARK_MASK]         = { .type = NLA_U32 },
1212         [CTA_LABELS]            = { .type = NLA_BINARY,
1213                                     .len = NF_CT_LABELS_MAX_SIZE },
1214         [CTA_LABELS_MASK]       = { .type = NLA_BINARY,
1215                                     .len = NF_CT_LABELS_MAX_SIZE },
1216 };
1217
1218 static int ctnetlink_flush_iterate(struct nf_conn *ct, void *data)
1219 {
1220         if (test_bit(IPS_OFFLOAD_BIT, &ct->status))
1221                 return 0;
1222
1223         return ctnetlink_filter_match(ct, data);
1224 }
1225
1226 static int ctnetlink_flush_conntrack(struct net *net,
1227                                      const struct nlattr * const cda[],
1228                                      u32 portid, int report, u8 family)
1229 {
1230         struct ctnetlink_filter *filter = NULL;
1231
1232         if (family || (cda[CTA_MARK] && cda[CTA_MARK_MASK])) {
1233                 filter = ctnetlink_alloc_filter(cda, family);
1234                 if (IS_ERR(filter))
1235                         return PTR_ERR(filter);
1236         }
1237
1238         nf_ct_iterate_cleanup_net(net, ctnetlink_flush_iterate, filter,
1239                                   portid, report);
1240         kfree(filter);
1241
1242         return 0;
1243 }
1244
1245 static int ctnetlink_del_conntrack(struct net *net, struct sock *ctnl,
1246                                    struct sk_buff *skb,
1247                                    const struct nlmsghdr *nlh,
1248                                    const struct nlattr * const cda[],
1249                                    struct netlink_ext_ack *extack)
1250 {
1251         struct nf_conntrack_tuple_hash *h;
1252         struct nf_conntrack_tuple tuple;
1253         struct nf_conn *ct;
1254         struct nfgenmsg *nfmsg = nlmsg_data(nlh);
1255         u_int8_t u3 = nfmsg->nfgen_family;
1256         struct nf_conntrack_zone zone;
1257         int err;
1258
1259         err = ctnetlink_parse_zone(cda[CTA_ZONE], &zone);
1260         if (err < 0)
1261                 return err;
1262
1263         if (cda[CTA_TUPLE_ORIG])
1264                 err = ctnetlink_parse_tuple(cda, &tuple, CTA_TUPLE_ORIG,
1265                                             u3, &zone);
1266         else if (cda[CTA_TUPLE_REPLY])
1267                 err = ctnetlink_parse_tuple(cda, &tuple, CTA_TUPLE_REPLY,
1268                                             u3, &zone);
1269         else {
1270                 return ctnetlink_flush_conntrack(net, cda,
1271                                                  NETLINK_CB(skb).portid,
1272                                                  nlmsg_report(nlh), u3);
1273         }
1274
1275         if (err < 0)
1276                 return err;
1277
1278         h = nf_conntrack_find_get(net, &zone, &tuple);
1279         if (!h)
1280                 return -ENOENT;
1281
1282         ct = nf_ct_tuplehash_to_ctrack(h);
1283
1284         if (test_bit(IPS_OFFLOAD_BIT, &ct->status)) {
1285                 nf_ct_put(ct);
1286                 return -EBUSY;
1287         }
1288
1289         if (cda[CTA_ID]) {
1290                 u_int32_t id = ntohl(nla_get_be32(cda[CTA_ID]));
1291                 if (id != (u32)(unsigned long)ct) {
1292                         nf_ct_put(ct);
1293                         return -ENOENT;
1294                 }
1295         }
1296
1297         nf_ct_delete(ct, NETLINK_CB(skb).portid, nlmsg_report(nlh));
1298         nf_ct_put(ct);
1299
1300         return 0;
1301 }
1302
1303 static int ctnetlink_get_conntrack(struct net *net, struct sock *ctnl,
1304                                    struct sk_buff *skb,
1305                                    const struct nlmsghdr *nlh,
1306                                    const struct nlattr * const cda[],
1307                                    struct netlink_ext_ack *extack)
1308 {
1309         struct nf_conntrack_tuple_hash *h;
1310         struct nf_conntrack_tuple tuple;
1311         struct nf_conn *ct;
1312         struct sk_buff *skb2 = NULL;
1313         struct nfgenmsg *nfmsg = nlmsg_data(nlh);
1314         u_int8_t u3 = nfmsg->nfgen_family;
1315         struct nf_conntrack_zone zone;
1316         int err;
1317
1318         if (nlh->nlmsg_flags & NLM_F_DUMP) {
1319                 struct netlink_dump_control c = {
1320                         .start = ctnetlink_start,
1321                         .dump = ctnetlink_dump_table,
1322                         .done = ctnetlink_done,
1323                         .data = (void *)cda,
1324                 };
1325
1326                 return netlink_dump_start(ctnl, skb, nlh, &c);
1327         }
1328
1329         err = ctnetlink_parse_zone(cda[CTA_ZONE], &zone);
1330         if (err < 0)
1331                 return err;
1332
1333         if (cda[CTA_TUPLE_ORIG])
1334                 err = ctnetlink_parse_tuple(cda, &tuple, CTA_TUPLE_ORIG,
1335                                             u3, &zone);
1336         else if (cda[CTA_TUPLE_REPLY])
1337                 err = ctnetlink_parse_tuple(cda, &tuple, CTA_TUPLE_REPLY,
1338                                             u3, &zone);
1339         else
1340                 return -EINVAL;
1341
1342         if (err < 0)
1343                 return err;
1344
1345         h = nf_conntrack_find_get(net, &zone, &tuple);
1346         if (!h)
1347                 return -ENOENT;
1348
1349         ct = nf_ct_tuplehash_to_ctrack(h);
1350
1351         err = -ENOMEM;
1352         skb2 = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
1353         if (skb2 == NULL) {
1354                 nf_ct_put(ct);
1355                 return -ENOMEM;
1356         }
1357
1358         rcu_read_lock();
1359         err = ctnetlink_fill_info(skb2, NETLINK_CB(skb).portid, nlh->nlmsg_seq,
1360                                   NFNL_MSG_TYPE(nlh->nlmsg_type), ct);
1361         rcu_read_unlock();
1362         nf_ct_put(ct);
1363         if (err <= 0)
1364                 goto free;
1365
1366         err = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).portid, MSG_DONTWAIT);
1367         if (err < 0)
1368                 goto out;
1369
1370         return 0;
1371
1372 free:
1373         kfree_skb(skb2);
1374 out:
1375         /* this avoids a loop in nfnetlink. */
1376         return err == -EAGAIN ? -ENOBUFS : err;
1377 }
1378
1379 static int ctnetlink_done_list(struct netlink_callback *cb)
1380 {
1381         if (cb->args[1])
1382                 nf_ct_put((struct nf_conn *)cb->args[1]);
1383         return 0;
1384 }
1385
1386 static int
1387 ctnetlink_dump_list(struct sk_buff *skb, struct netlink_callback *cb, bool dying)
1388 {
1389         struct nf_conn *ct, *last;
1390         struct nf_conntrack_tuple_hash *h;
1391         struct hlist_nulls_node *n;
1392         struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
1393         u_int8_t l3proto = nfmsg->nfgen_family;
1394         int res;
1395         int cpu;
1396         struct hlist_nulls_head *list;
1397         struct net *net = sock_net(skb->sk);
1398
1399         if (cb->args[2])
1400                 return 0;
1401
1402         last = (struct nf_conn *)cb->args[1];
1403
1404         for (cpu = cb->args[0]; cpu < nr_cpu_ids; cpu++) {
1405                 struct ct_pcpu *pcpu;
1406
1407                 if (!cpu_possible(cpu))
1408                         continue;
1409
1410                 pcpu = per_cpu_ptr(net->ct.pcpu_lists, cpu);
1411                 spin_lock_bh(&pcpu->lock);
1412                 list = dying ? &pcpu->dying : &pcpu->unconfirmed;
1413 restart:
1414                 hlist_nulls_for_each_entry(h, n, list, hnnode) {
1415                         ct = nf_ct_tuplehash_to_ctrack(h);
1416                         if (l3proto && nf_ct_l3num(ct) != l3proto)
1417                                 continue;
1418                         if (cb->args[1]) {
1419                                 if (ct != last)
1420                                         continue;
1421                                 cb->args[1] = 0;
1422                         }
1423                         rcu_read_lock();
1424                         res = ctnetlink_fill_info(skb, NETLINK_CB(cb->skb).portid,
1425                                                   cb->nlh->nlmsg_seq,
1426                                                   NFNL_MSG_TYPE(cb->nlh->nlmsg_type),
1427                                                   ct);
1428                         rcu_read_unlock();
1429                         if (res < 0) {
1430                                 if (!atomic_inc_not_zero(&ct->ct_general.use))
1431                                         continue;
1432                                 cb->args[0] = cpu;
1433                                 cb->args[1] = (unsigned long)ct;
1434                                 spin_unlock_bh(&pcpu->lock);
1435                                 goto out;
1436                         }
1437                 }
1438                 if (cb->args[1]) {
1439                         cb->args[1] = 0;
1440                         goto restart;
1441                 }
1442                 spin_unlock_bh(&pcpu->lock);
1443         }
1444         cb->args[2] = 1;
1445 out:
1446         if (last)
1447                 nf_ct_put(last);
1448
1449         return skb->len;
1450 }
1451
1452 static int
1453 ctnetlink_dump_dying(struct sk_buff *skb, struct netlink_callback *cb)
1454 {
1455         return ctnetlink_dump_list(skb, cb, true);
1456 }
1457
1458 static int ctnetlink_get_ct_dying(struct net *net, struct sock *ctnl,
1459                                   struct sk_buff *skb,
1460                                   const struct nlmsghdr *nlh,
1461                                   const struct nlattr * const cda[],
1462                                   struct netlink_ext_ack *extack)
1463 {
1464         if (nlh->nlmsg_flags & NLM_F_DUMP) {
1465                 struct netlink_dump_control c = {
1466                         .dump = ctnetlink_dump_dying,
1467                         .done = ctnetlink_done_list,
1468                 };
1469                 return netlink_dump_start(ctnl, skb, nlh, &c);
1470         }
1471
1472         return -EOPNOTSUPP;
1473 }
1474
1475 static int
1476 ctnetlink_dump_unconfirmed(struct sk_buff *skb, struct netlink_callback *cb)
1477 {
1478         return ctnetlink_dump_list(skb, cb, false);
1479 }
1480
1481 static int ctnetlink_get_ct_unconfirmed(struct net *net, struct sock *ctnl,
1482                                         struct sk_buff *skb,
1483                                         const struct nlmsghdr *nlh,
1484                                         const struct nlattr * const cda[],
1485                                         struct netlink_ext_ack *extack)
1486 {
1487         if (nlh->nlmsg_flags & NLM_F_DUMP) {
1488                 struct netlink_dump_control c = {
1489                         .dump = ctnetlink_dump_unconfirmed,
1490                         .done = ctnetlink_done_list,
1491                 };
1492                 return netlink_dump_start(ctnl, skb, nlh, &c);
1493         }
1494
1495         return -EOPNOTSUPP;
1496 }
1497
1498 #ifdef CONFIG_NF_NAT_NEEDED
1499 static int
1500 ctnetlink_parse_nat_setup(struct nf_conn *ct,
1501                           enum nf_nat_manip_type manip,
1502                           const struct nlattr *attr)
1503 {
1504         struct nf_nat_hook *nat_hook;
1505         int err;
1506
1507         nat_hook = rcu_dereference(nf_nat_hook);
1508         if (!nat_hook) {
1509 #ifdef CONFIG_MODULES
1510                 rcu_read_unlock();
1511                 nfnl_unlock(NFNL_SUBSYS_CTNETLINK);
1512                 if (request_module("nf-nat") < 0) {
1513                         nfnl_lock(NFNL_SUBSYS_CTNETLINK);
1514                         rcu_read_lock();
1515                         return -EOPNOTSUPP;
1516                 }
1517                 nfnl_lock(NFNL_SUBSYS_CTNETLINK);
1518                 rcu_read_lock();
1519                 nat_hook = rcu_dereference(nf_nat_hook);
1520                 if (nat_hook)
1521                         return -EAGAIN;
1522 #endif
1523                 return -EOPNOTSUPP;
1524         }
1525
1526         err = nat_hook->parse_nat_setup(ct, manip, attr);
1527         if (err == -EAGAIN) {
1528 #ifdef CONFIG_MODULES
1529                 rcu_read_unlock();
1530                 nfnl_unlock(NFNL_SUBSYS_CTNETLINK);
1531                 if (request_module("nf-nat-%u", nf_ct_l3num(ct)) < 0) {
1532                         nfnl_lock(NFNL_SUBSYS_CTNETLINK);
1533                         rcu_read_lock();
1534                         return -EOPNOTSUPP;
1535                 }
1536                 nfnl_lock(NFNL_SUBSYS_CTNETLINK);
1537                 rcu_read_lock();
1538 #else
1539                 err = -EOPNOTSUPP;
1540 #endif
1541         }
1542         return err;
1543 }
1544 #endif
1545
1546 static void
1547 __ctnetlink_change_status(struct nf_conn *ct, unsigned long on,
1548                           unsigned long off)
1549 {
1550         unsigned int bit;
1551
1552         /* Ignore these unchangable bits */
1553         on &= ~IPS_UNCHANGEABLE_MASK;
1554         off &= ~IPS_UNCHANGEABLE_MASK;
1555
1556         for (bit = 0; bit < __IPS_MAX_BIT; bit++) {
1557                 if (on & (1 << bit))
1558                         set_bit(bit, &ct->status);
1559                 else if (off & (1 << bit))
1560                         clear_bit(bit, &ct->status);
1561         }
1562 }
1563
1564 static int
1565 ctnetlink_change_status(struct nf_conn *ct, const struct nlattr * const cda[])
1566 {
1567         unsigned long d;
1568         unsigned int status = ntohl(nla_get_be32(cda[CTA_STATUS]));
1569         d = ct->status ^ status;
1570
1571         if (d & (IPS_EXPECTED|IPS_CONFIRMED|IPS_DYING))
1572                 /* unchangeable */
1573                 return -EBUSY;
1574
1575         if (d & IPS_SEEN_REPLY && !(status & IPS_SEEN_REPLY))
1576                 /* SEEN_REPLY bit can only be set */
1577                 return -EBUSY;
1578
1579         if (d & IPS_ASSURED && !(status & IPS_ASSURED))
1580                 /* ASSURED bit can only be set */
1581                 return -EBUSY;
1582
1583         __ctnetlink_change_status(ct, status, 0);
1584         return 0;
1585 }
1586
1587 static int
1588 ctnetlink_setup_nat(struct nf_conn *ct, const struct nlattr * const cda[])
1589 {
1590 #ifdef CONFIG_NF_NAT_NEEDED
1591         int ret;
1592
1593         if (!cda[CTA_NAT_DST] && !cda[CTA_NAT_SRC])
1594                 return 0;
1595
1596         ret = ctnetlink_parse_nat_setup(ct, NF_NAT_MANIP_DST,
1597                                         cda[CTA_NAT_DST]);
1598         if (ret < 0)
1599                 return ret;
1600
1601         return ctnetlink_parse_nat_setup(ct, NF_NAT_MANIP_SRC,
1602                                          cda[CTA_NAT_SRC]);
1603 #else
1604         if (!cda[CTA_NAT_DST] && !cda[CTA_NAT_SRC])
1605                 return 0;
1606         return -EOPNOTSUPP;
1607 #endif
1608 }
1609
1610 static int ctnetlink_change_helper(struct nf_conn *ct,
1611                                    const struct nlattr * const cda[])
1612 {
1613         struct nf_conntrack_helper *helper;
1614         struct nf_conn_help *help = nfct_help(ct);
1615         char *helpname = NULL;
1616         struct nlattr *helpinfo = NULL;
1617         int err;
1618
1619         err = ctnetlink_parse_help(cda[CTA_HELP], &helpname, &helpinfo);
1620         if (err < 0)
1621                 return err;
1622
1623         /* don't change helper of sibling connections */
1624         if (ct->master) {
1625                 /* If we try to change the helper to the same thing twice,
1626                  * treat the second attempt as a no-op instead of returning
1627                  * an error.
1628                  */
1629                 err = -EBUSY;
1630                 if (help) {
1631                         rcu_read_lock();
1632                         helper = rcu_dereference(help->helper);
1633                         if (helper && !strcmp(helper->name, helpname))
1634                                 err = 0;
1635                         rcu_read_unlock();
1636                 }
1637
1638                 return err;
1639         }
1640
1641         if (!strcmp(helpname, "")) {
1642                 if (help && help->helper) {
1643                         /* we had a helper before ... */
1644                         nf_ct_remove_expectations(ct);
1645                         RCU_INIT_POINTER(help->helper, NULL);
1646                 }
1647
1648                 return 0;
1649         }
1650
1651         rcu_read_lock();
1652         helper = __nf_conntrack_helper_find(helpname, nf_ct_l3num(ct),
1653                                             nf_ct_protonum(ct));
1654         if (helper == NULL) {
1655                 rcu_read_unlock();
1656                 return -EOPNOTSUPP;
1657         }
1658
1659         if (help) {
1660                 if (help->helper == helper) {
1661                         /* update private helper data if allowed. */
1662                         if (helper->from_nlattr)
1663                                 helper->from_nlattr(helpinfo, ct);
1664                         err = 0;
1665                 } else
1666                         err = -EBUSY;
1667         } else {
1668                 /* we cannot set a helper for an existing conntrack */
1669                 err = -EOPNOTSUPP;
1670         }
1671
1672         rcu_read_unlock();
1673         return err;
1674 }
1675
1676 static int ctnetlink_change_timeout(struct nf_conn *ct,
1677                                     const struct nlattr * const cda[])
1678 {
1679         u64 timeout = (u64)ntohl(nla_get_be32(cda[CTA_TIMEOUT])) * HZ;
1680
1681         if (timeout > INT_MAX)
1682                 timeout = INT_MAX;
1683         ct->timeout = nfct_time_stamp + (u32)timeout;
1684
1685         if (test_bit(IPS_DYING_BIT, &ct->status))
1686                 return -ETIME;
1687
1688         return 0;
1689 }
1690
1691 static const struct nla_policy protoinfo_policy[CTA_PROTOINFO_MAX+1] = {
1692         [CTA_PROTOINFO_TCP]     = { .type = NLA_NESTED },
1693         [CTA_PROTOINFO_DCCP]    = { .type = NLA_NESTED },
1694         [CTA_PROTOINFO_SCTP]    = { .type = NLA_NESTED },
1695 };
1696
1697 static int ctnetlink_change_protoinfo(struct nf_conn *ct,
1698                                       const struct nlattr * const cda[])
1699 {
1700         const struct nlattr *attr = cda[CTA_PROTOINFO];
1701         const struct nf_conntrack_l4proto *l4proto;
1702         struct nlattr *tb[CTA_PROTOINFO_MAX+1];
1703         int err = 0;
1704
1705         err = nla_parse_nested(tb, CTA_PROTOINFO_MAX, attr, protoinfo_policy,
1706                                NULL);
1707         if (err < 0)
1708                 return err;
1709
1710         rcu_read_lock();
1711         l4proto = __nf_ct_l4proto_find(nf_ct_protonum(ct));
1712         if (l4proto->from_nlattr)
1713                 err = l4proto->from_nlattr(tb, ct);
1714         rcu_read_unlock();
1715
1716         return err;
1717 }
1718
1719 static const struct nla_policy seqadj_policy[CTA_SEQADJ_MAX+1] = {
1720         [CTA_SEQADJ_CORRECTION_POS]     = { .type = NLA_U32 },
1721         [CTA_SEQADJ_OFFSET_BEFORE]      = { .type = NLA_U32 },
1722         [CTA_SEQADJ_OFFSET_AFTER]       = { .type = NLA_U32 },
1723 };
1724
1725 static int change_seq_adj(struct nf_ct_seqadj *seq,
1726                           const struct nlattr * const attr)
1727 {
1728         int err;
1729         struct nlattr *cda[CTA_SEQADJ_MAX+1];
1730
1731         err = nla_parse_nested(cda, CTA_SEQADJ_MAX, attr, seqadj_policy, NULL);
1732         if (err < 0)
1733                 return err;
1734
1735         if (!cda[CTA_SEQADJ_CORRECTION_POS])
1736                 return -EINVAL;
1737
1738         seq->correction_pos =
1739                 ntohl(nla_get_be32(cda[CTA_SEQADJ_CORRECTION_POS]));
1740
1741         if (!cda[CTA_SEQADJ_OFFSET_BEFORE])
1742                 return -EINVAL;
1743
1744         seq->offset_before =
1745                 ntohl(nla_get_be32(cda[CTA_SEQADJ_OFFSET_BEFORE]));
1746
1747         if (!cda[CTA_SEQADJ_OFFSET_AFTER])
1748                 return -EINVAL;
1749
1750         seq->offset_after =
1751                 ntohl(nla_get_be32(cda[CTA_SEQADJ_OFFSET_AFTER]));
1752
1753         return 0;
1754 }
1755
1756 static int
1757 ctnetlink_change_seq_adj(struct nf_conn *ct,
1758                          const struct nlattr * const cda[])
1759 {
1760         struct nf_conn_seqadj *seqadj = nfct_seqadj(ct);
1761         int ret = 0;
1762
1763         if (!seqadj)
1764                 return 0;
1765
1766         spin_lock_bh(&ct->lock);
1767         if (cda[CTA_SEQ_ADJ_ORIG]) {
1768                 ret = change_seq_adj(&seqadj->seq[IP_CT_DIR_ORIGINAL],
1769                                      cda[CTA_SEQ_ADJ_ORIG]);
1770                 if (ret < 0)
1771                         goto err;
1772
1773                 set_bit(IPS_SEQ_ADJUST_BIT, &ct->status);
1774         }
1775
1776         if (cda[CTA_SEQ_ADJ_REPLY]) {
1777                 ret = change_seq_adj(&seqadj->seq[IP_CT_DIR_REPLY],
1778                                      cda[CTA_SEQ_ADJ_REPLY]);
1779                 if (ret < 0)
1780                         goto err;
1781
1782                 set_bit(IPS_SEQ_ADJUST_BIT, &ct->status);
1783         }
1784
1785         spin_unlock_bh(&ct->lock);
1786         return 0;
1787 err:
1788         spin_unlock_bh(&ct->lock);
1789         return ret;
1790 }
1791
1792 static const struct nla_policy synproxy_policy[CTA_SYNPROXY_MAX + 1] = {
1793         [CTA_SYNPROXY_ISN]      = { .type = NLA_U32 },
1794         [CTA_SYNPROXY_ITS]      = { .type = NLA_U32 },
1795         [CTA_SYNPROXY_TSOFF]    = { .type = NLA_U32 },
1796 };
1797
1798 static int ctnetlink_change_synproxy(struct nf_conn *ct,
1799                                      const struct nlattr * const cda[])
1800 {
1801         struct nf_conn_synproxy *synproxy = nfct_synproxy(ct);
1802         struct nlattr *tb[CTA_SYNPROXY_MAX + 1];
1803         int err;
1804
1805         if (!synproxy)
1806                 return 0;
1807
1808         err = nla_parse_nested(tb, CTA_SYNPROXY_MAX, cda[CTA_SYNPROXY],
1809                                synproxy_policy, NULL);
1810         if (err < 0)
1811                 return err;
1812
1813         if (!tb[CTA_SYNPROXY_ISN] ||
1814             !tb[CTA_SYNPROXY_ITS] ||
1815             !tb[CTA_SYNPROXY_TSOFF])
1816                 return -EINVAL;
1817
1818         synproxy->isn = ntohl(nla_get_be32(tb[CTA_SYNPROXY_ISN]));
1819         synproxy->its = ntohl(nla_get_be32(tb[CTA_SYNPROXY_ITS]));
1820         synproxy->tsoff = ntohl(nla_get_be32(tb[CTA_SYNPROXY_TSOFF]));
1821
1822         return 0;
1823 }
1824
1825 static int
1826 ctnetlink_attach_labels(struct nf_conn *ct, const struct nlattr * const cda[])
1827 {
1828 #ifdef CONFIG_NF_CONNTRACK_LABELS
1829         size_t len = nla_len(cda[CTA_LABELS]);
1830         const void *mask = cda[CTA_LABELS_MASK];
1831
1832         if (len & (sizeof(u32)-1)) /* must be multiple of u32 */
1833                 return -EINVAL;
1834
1835         if (mask) {
1836                 if (nla_len(cda[CTA_LABELS_MASK]) == 0 ||
1837                     nla_len(cda[CTA_LABELS_MASK]) != len)
1838                         return -EINVAL;
1839                 mask = nla_data(cda[CTA_LABELS_MASK]);
1840         }
1841
1842         len /= sizeof(u32);
1843
1844         return nf_connlabels_replace(ct, nla_data(cda[CTA_LABELS]), mask, len);
1845 #else
1846         return -EOPNOTSUPP;
1847 #endif
1848 }
1849
1850 static int
1851 ctnetlink_change_conntrack(struct nf_conn *ct,
1852                            const struct nlattr * const cda[])
1853 {
1854         int err;
1855
1856         /* only allow NAT changes and master assignation for new conntracks */
1857         if (cda[CTA_NAT_SRC] || cda[CTA_NAT_DST] || cda[CTA_TUPLE_MASTER])
1858                 return -EOPNOTSUPP;
1859
1860         if (cda[CTA_HELP]) {
1861                 err = ctnetlink_change_helper(ct, cda);
1862                 if (err < 0)
1863                         return err;
1864         }
1865
1866         if (cda[CTA_TIMEOUT]) {
1867                 err = ctnetlink_change_timeout(ct, cda);
1868                 if (err < 0)
1869                         return err;
1870         }
1871
1872         if (cda[CTA_STATUS]) {
1873                 err = ctnetlink_change_status(ct, cda);
1874                 if (err < 0)
1875                         return err;
1876         }
1877
1878         if (cda[CTA_PROTOINFO]) {
1879                 err = ctnetlink_change_protoinfo(ct, cda);
1880                 if (err < 0)
1881                         return err;
1882         }
1883
1884 #if defined(CONFIG_NF_CONNTRACK_MARK)
1885         if (cda[CTA_MARK])
1886                 ct->mark = ntohl(nla_get_be32(cda[CTA_MARK]));
1887 #endif
1888
1889         if (cda[CTA_SEQ_ADJ_ORIG] || cda[CTA_SEQ_ADJ_REPLY]) {
1890                 err = ctnetlink_change_seq_adj(ct, cda);
1891                 if (err < 0)
1892                         return err;
1893         }
1894
1895         if (cda[CTA_SYNPROXY]) {
1896                 err = ctnetlink_change_synproxy(ct, cda);
1897                 if (err < 0)
1898                         return err;
1899         }
1900
1901         if (cda[CTA_LABELS]) {
1902                 err = ctnetlink_attach_labels(ct, cda);
1903                 if (err < 0)
1904                         return err;
1905         }
1906
1907         return 0;
1908 }
1909
1910 static struct nf_conn *
1911 ctnetlink_create_conntrack(struct net *net,
1912                            const struct nf_conntrack_zone *zone,
1913                            const struct nlattr * const cda[],
1914                            struct nf_conntrack_tuple *otuple,
1915                            struct nf_conntrack_tuple *rtuple,
1916                            u8 u3)
1917 {
1918         struct nf_conn *ct;
1919         int err = -EINVAL;
1920         struct nf_conntrack_helper *helper;
1921         struct nf_conn_tstamp *tstamp;
1922         u64 timeout;
1923
1924         ct = nf_conntrack_alloc(net, zone, otuple, rtuple, GFP_ATOMIC);
1925         if (IS_ERR(ct))
1926                 return ERR_PTR(-ENOMEM);
1927
1928         if (!cda[CTA_TIMEOUT])
1929                 goto err1;
1930
1931         timeout = (u64)ntohl(nla_get_be32(cda[CTA_TIMEOUT])) * HZ;
1932         if (timeout > INT_MAX)
1933                 timeout = INT_MAX;
1934         ct->timeout = (u32)timeout + nfct_time_stamp;
1935
1936         rcu_read_lock();
1937         if (cda[CTA_HELP]) {
1938                 char *helpname = NULL;
1939                 struct nlattr *helpinfo = NULL;
1940
1941                 err = ctnetlink_parse_help(cda[CTA_HELP], &helpname, &helpinfo);
1942                 if (err < 0)
1943                         goto err2;
1944
1945                 helper = __nf_conntrack_helper_find(helpname, nf_ct_l3num(ct),
1946                                                     nf_ct_protonum(ct));
1947                 if (helper == NULL) {
1948                         rcu_read_unlock();
1949 #ifdef CONFIG_MODULES
1950                         if (request_module("nfct-helper-%s", helpname) < 0) {
1951                                 err = -EOPNOTSUPP;
1952                                 goto err1;
1953                         }
1954
1955                         rcu_read_lock();
1956                         helper = __nf_conntrack_helper_find(helpname,
1957                                                             nf_ct_l3num(ct),
1958                                                             nf_ct_protonum(ct));
1959                         if (helper) {
1960                                 err = -EAGAIN;
1961                                 goto err2;
1962                         }
1963                         rcu_read_unlock();
1964 #endif
1965                         err = -EOPNOTSUPP;
1966                         goto err1;
1967                 } else {
1968                         struct nf_conn_help *help;
1969
1970                         help = nf_ct_helper_ext_add(ct, GFP_ATOMIC);
1971                         if (help == NULL) {
1972                                 err = -ENOMEM;
1973                                 goto err2;
1974                         }
1975                         /* set private helper data if allowed. */
1976                         if (helper->from_nlattr)
1977                                 helper->from_nlattr(helpinfo, ct);
1978
1979                         /* not in hash table yet so not strictly necessary */
1980                         RCU_INIT_POINTER(help->helper, helper);
1981                 }
1982         } else {
1983                 /* try an implicit helper assignation */
1984                 err = __nf_ct_try_assign_helper(ct, NULL, GFP_ATOMIC);
1985                 if (err < 0)
1986                         goto err2;
1987         }
1988
1989         err = ctnetlink_setup_nat(ct, cda);
1990         if (err < 0)
1991                 goto err2;
1992
1993         nf_ct_acct_ext_add(ct, GFP_ATOMIC);
1994         nf_ct_tstamp_ext_add(ct, GFP_ATOMIC);
1995         nf_ct_ecache_ext_add(ct, 0, 0, GFP_ATOMIC);
1996         nf_ct_labels_ext_add(ct);
1997         nfct_seqadj_ext_add(ct);
1998         nfct_synproxy_ext_add(ct);
1999
2000         /* we must add conntrack extensions before confirmation. */
2001         ct->status |= IPS_CONFIRMED;
2002
2003         if (cda[CTA_STATUS]) {
2004                 err = ctnetlink_change_status(ct, cda);
2005                 if (err < 0)
2006                         goto err2;
2007         }
2008
2009         if (cda[CTA_SEQ_ADJ_ORIG] || cda[CTA_SEQ_ADJ_REPLY]) {
2010                 err = ctnetlink_change_seq_adj(ct, cda);
2011                 if (err < 0)
2012                         goto err2;
2013         }
2014
2015         memset(&ct->proto, 0, sizeof(ct->proto));
2016         if (cda[CTA_PROTOINFO]) {
2017                 err = ctnetlink_change_protoinfo(ct, cda);
2018                 if (err < 0)
2019                         goto err2;
2020         }
2021
2022         if (cda[CTA_SYNPROXY]) {
2023                 err = ctnetlink_change_synproxy(ct, cda);
2024                 if (err < 0)
2025                         goto err2;
2026         }
2027
2028 #if defined(CONFIG_NF_CONNTRACK_MARK)
2029         if (cda[CTA_MARK])
2030                 ct->mark = ntohl(nla_get_be32(cda[CTA_MARK]));
2031 #endif
2032
2033         /* setup master conntrack: this is a confirmed expectation */
2034         if (cda[CTA_TUPLE_MASTER]) {
2035                 struct nf_conntrack_tuple master;
2036                 struct nf_conntrack_tuple_hash *master_h;
2037                 struct nf_conn *master_ct;
2038
2039                 err = ctnetlink_parse_tuple(cda, &master, CTA_TUPLE_MASTER,
2040                                             u3, NULL);
2041                 if (err < 0)
2042                         goto err2;
2043
2044                 master_h = nf_conntrack_find_get(net, zone, &master);
2045                 if (master_h == NULL) {
2046                         err = -ENOENT;
2047                         goto err2;
2048                 }
2049                 master_ct = nf_ct_tuplehash_to_ctrack(master_h);
2050                 __set_bit(IPS_EXPECTED_BIT, &ct->status);
2051                 ct->master = master_ct;
2052         }
2053         tstamp = nf_conn_tstamp_find(ct);
2054         if (tstamp)
2055                 tstamp->start = ktime_get_real_ns();
2056
2057         err = nf_conntrack_hash_check_insert(ct);
2058         if (err < 0)
2059                 goto err2;
2060
2061         rcu_read_unlock();
2062
2063         return ct;
2064
2065 err2:
2066         rcu_read_unlock();
2067 err1:
2068         nf_conntrack_free(ct);
2069         return ERR_PTR(err);
2070 }
2071
2072 static int ctnetlink_new_conntrack(struct net *net, struct sock *ctnl,
2073                                    struct sk_buff *skb,
2074                                    const struct nlmsghdr *nlh,
2075                                    const struct nlattr * const cda[],
2076                                    struct netlink_ext_ack *extack)
2077 {
2078         struct nf_conntrack_tuple otuple, rtuple;
2079         struct nf_conntrack_tuple_hash *h = NULL;
2080         struct nfgenmsg *nfmsg = nlmsg_data(nlh);
2081         struct nf_conn *ct;
2082         u_int8_t u3 = nfmsg->nfgen_family;
2083         struct nf_conntrack_zone zone;
2084         int err;
2085
2086         err = ctnetlink_parse_zone(cda[CTA_ZONE], &zone);
2087         if (err < 0)
2088                 return err;
2089
2090         if (cda[CTA_TUPLE_ORIG]) {
2091                 err = ctnetlink_parse_tuple(cda, &otuple, CTA_TUPLE_ORIG,
2092                                             u3, &zone);
2093                 if (err < 0)
2094                         return err;
2095         }
2096
2097         if (cda[CTA_TUPLE_REPLY]) {
2098                 err = ctnetlink_parse_tuple(cda, &rtuple, CTA_TUPLE_REPLY,
2099                                             u3, &zone);
2100                 if (err < 0)
2101                         return err;
2102         }
2103
2104         if (cda[CTA_TUPLE_ORIG])
2105                 h = nf_conntrack_find_get(net, &zone, &otuple);
2106         else if (cda[CTA_TUPLE_REPLY])
2107                 h = nf_conntrack_find_get(net, &zone, &rtuple);
2108
2109         if (h == NULL) {
2110                 err = -ENOENT;
2111                 if (nlh->nlmsg_flags & NLM_F_CREATE) {
2112                         enum ip_conntrack_events events;
2113
2114                         if (!cda[CTA_TUPLE_ORIG] || !cda[CTA_TUPLE_REPLY])
2115                                 return -EINVAL;
2116                         if (otuple.dst.protonum != rtuple.dst.protonum)
2117                                 return -EINVAL;
2118
2119                         ct = ctnetlink_create_conntrack(net, &zone, cda, &otuple,
2120                                                         &rtuple, u3);
2121                         if (IS_ERR(ct))
2122                                 return PTR_ERR(ct);
2123
2124                         err = 0;
2125                         if (test_bit(IPS_EXPECTED_BIT, &ct->status))
2126                                 events = 1 << IPCT_RELATED;
2127                         else
2128                                 events = 1 << IPCT_NEW;
2129
2130                         if (cda[CTA_LABELS] &&
2131                             ctnetlink_attach_labels(ct, cda) == 0)
2132                                 events |= (1 << IPCT_LABEL);
2133
2134                         nf_conntrack_eventmask_report((1 << IPCT_REPLY) |
2135                                                       (1 << IPCT_ASSURED) |
2136                                                       (1 << IPCT_HELPER) |
2137                                                       (1 << IPCT_PROTOINFO) |
2138                                                       (1 << IPCT_SEQADJ) |
2139                                                       (1 << IPCT_MARK) |
2140                                                       (1 << IPCT_SYNPROXY) |
2141                                                       events,
2142                                                       ct, NETLINK_CB(skb).portid,
2143                                                       nlmsg_report(nlh));
2144                         nf_ct_put(ct);
2145                 }
2146
2147                 return err;
2148         }
2149         /* implicit 'else' */
2150
2151         err = -EEXIST;
2152         ct = nf_ct_tuplehash_to_ctrack(h);
2153         if (!(nlh->nlmsg_flags & NLM_F_EXCL)) {
2154                 err = ctnetlink_change_conntrack(ct, cda);
2155                 if (err == 0) {
2156                         nf_conntrack_eventmask_report((1 << IPCT_REPLY) |
2157                                                       (1 << IPCT_ASSURED) |
2158                                                       (1 << IPCT_HELPER) |
2159                                                       (1 << IPCT_LABEL) |
2160                                                       (1 << IPCT_PROTOINFO) |
2161                                                       (1 << IPCT_SEQADJ) |
2162                                                       (1 << IPCT_MARK) |
2163                                                       (1 << IPCT_SYNPROXY),
2164                                                       ct, NETLINK_CB(skb).portid,
2165                                                       nlmsg_report(nlh));
2166                 }
2167         }
2168
2169         nf_ct_put(ct);
2170         return err;
2171 }
2172
2173 static int
2174 ctnetlink_ct_stat_cpu_fill_info(struct sk_buff *skb, u32 portid, u32 seq,
2175                                 __u16 cpu, const struct ip_conntrack_stat *st)
2176 {
2177         struct nlmsghdr *nlh;
2178         struct nfgenmsg *nfmsg;
2179         unsigned int flags = portid ? NLM_F_MULTI : 0, event;
2180
2181         event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK,
2182                               IPCTNL_MSG_CT_GET_STATS_CPU);
2183         nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
2184         if (nlh == NULL)
2185                 goto nlmsg_failure;
2186
2187         nfmsg = nlmsg_data(nlh);
2188         nfmsg->nfgen_family = AF_UNSPEC;
2189         nfmsg->version      = NFNETLINK_V0;
2190         nfmsg->res_id       = htons(cpu);
2191
2192         if (nla_put_be32(skb, CTA_STATS_FOUND, htonl(st->found)) ||
2193             nla_put_be32(skb, CTA_STATS_INVALID, htonl(st->invalid)) ||
2194             nla_put_be32(skb, CTA_STATS_IGNORE, htonl(st->ignore)) ||
2195             nla_put_be32(skb, CTA_STATS_INSERT, htonl(st->insert)) ||
2196             nla_put_be32(skb, CTA_STATS_INSERT_FAILED,
2197                                 htonl(st->insert_failed)) ||
2198             nla_put_be32(skb, CTA_STATS_DROP, htonl(st->drop)) ||
2199             nla_put_be32(skb, CTA_STATS_EARLY_DROP, htonl(st->early_drop)) ||
2200             nla_put_be32(skb, CTA_STATS_ERROR, htonl(st->error)) ||
2201             nla_put_be32(skb, CTA_STATS_SEARCH_RESTART,
2202                                 htonl(st->search_restart)))
2203                 goto nla_put_failure;
2204
2205         nlmsg_end(skb, nlh);
2206         return skb->len;
2207
2208 nla_put_failure:
2209 nlmsg_failure:
2210         nlmsg_cancel(skb, nlh);
2211         return -1;
2212 }
2213
2214 static int
2215 ctnetlink_ct_stat_cpu_dump(struct sk_buff *skb, struct netlink_callback *cb)
2216 {
2217         int cpu;
2218         struct net *net = sock_net(skb->sk);
2219
2220         if (cb->args[0] == nr_cpu_ids)
2221                 return 0;
2222
2223         for (cpu = cb->args[0]; cpu < nr_cpu_ids; cpu++) {
2224                 const struct ip_conntrack_stat *st;
2225
2226                 if (!cpu_possible(cpu))
2227                         continue;
2228
2229                 st = per_cpu_ptr(net->ct.stat, cpu);
2230                 if (ctnetlink_ct_stat_cpu_fill_info(skb,
2231                                                     NETLINK_CB(cb->skb).portid,
2232                                                     cb->nlh->nlmsg_seq,
2233                                                     cpu, st) < 0)
2234                                 break;
2235         }
2236         cb->args[0] = cpu;
2237
2238         return skb->len;
2239 }
2240
2241 static int ctnetlink_stat_ct_cpu(struct net *net, struct sock *ctnl,
2242                                  struct sk_buff *skb,
2243                                  const struct nlmsghdr *nlh,
2244                                  const struct nlattr * const cda[],
2245                                  struct netlink_ext_ack *extack)
2246 {
2247         if (nlh->nlmsg_flags & NLM_F_DUMP) {
2248                 struct netlink_dump_control c = {
2249                         .dump = ctnetlink_ct_stat_cpu_dump,
2250                 };
2251                 return netlink_dump_start(ctnl, skb, nlh, &c);
2252         }
2253
2254         return 0;
2255 }
2256
2257 static int
2258 ctnetlink_stat_ct_fill_info(struct sk_buff *skb, u32 portid, u32 seq, u32 type,
2259                             struct net *net)
2260 {
2261         struct nlmsghdr *nlh;
2262         struct nfgenmsg *nfmsg;
2263         unsigned int flags = portid ? NLM_F_MULTI : 0, event;
2264         unsigned int nr_conntracks = atomic_read(&net->ct.count);
2265
2266         event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK, IPCTNL_MSG_CT_GET_STATS);
2267         nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
2268         if (nlh == NULL)
2269                 goto nlmsg_failure;
2270
2271         nfmsg = nlmsg_data(nlh);
2272         nfmsg->nfgen_family = AF_UNSPEC;
2273         nfmsg->version      = NFNETLINK_V0;
2274         nfmsg->res_id       = 0;
2275
2276         if (nla_put_be32(skb, CTA_STATS_GLOBAL_ENTRIES, htonl(nr_conntracks)))
2277                 goto nla_put_failure;
2278
2279         if (nla_put_be32(skb, CTA_STATS_GLOBAL_MAX_ENTRIES, htonl(nf_conntrack_max)))
2280                 goto nla_put_failure;
2281
2282         nlmsg_end(skb, nlh);
2283         return skb->len;
2284
2285 nla_put_failure:
2286 nlmsg_failure:
2287         nlmsg_cancel(skb, nlh);
2288         return -1;
2289 }
2290
2291 static int ctnetlink_stat_ct(struct net *net, struct sock *ctnl,
2292                              struct sk_buff *skb, const struct nlmsghdr *nlh,
2293                              const struct nlattr * const cda[],
2294                              struct netlink_ext_ack *extack)
2295 {
2296         struct sk_buff *skb2;
2297         int err;
2298
2299         skb2 = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
2300         if (skb2 == NULL)
2301                 return -ENOMEM;
2302
2303         err = ctnetlink_stat_ct_fill_info(skb2, NETLINK_CB(skb).portid,
2304                                           nlh->nlmsg_seq,
2305                                           NFNL_MSG_TYPE(nlh->nlmsg_type),
2306                                           sock_net(skb->sk));
2307         if (err <= 0)
2308                 goto free;
2309
2310         err = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).portid, MSG_DONTWAIT);
2311         if (err < 0)
2312                 goto out;
2313
2314         return 0;
2315
2316 free:
2317         kfree_skb(skb2);
2318 out:
2319         /* this avoids a loop in nfnetlink. */
2320         return err == -EAGAIN ? -ENOBUFS : err;
2321 }
2322
2323 static const struct nla_policy exp_nla_policy[CTA_EXPECT_MAX+1] = {
2324         [CTA_EXPECT_MASTER]     = { .type = NLA_NESTED },
2325         [CTA_EXPECT_TUPLE]      = { .type = NLA_NESTED },
2326         [CTA_EXPECT_MASK]       = { .type = NLA_NESTED },
2327         [CTA_EXPECT_TIMEOUT]    = { .type = NLA_U32 },
2328         [CTA_EXPECT_ID]         = { .type = NLA_U32 },
2329         [CTA_EXPECT_HELP_NAME]  = { .type = NLA_NUL_STRING,
2330                                     .len = NF_CT_HELPER_NAME_LEN - 1 },
2331         [CTA_EXPECT_ZONE]       = { .type = NLA_U16 },
2332         [CTA_EXPECT_FLAGS]      = { .type = NLA_U32 },
2333         [CTA_EXPECT_CLASS]      = { .type = NLA_U32 },
2334         [CTA_EXPECT_NAT]        = { .type = NLA_NESTED },
2335         [CTA_EXPECT_FN]         = { .type = NLA_NUL_STRING },
2336 };
2337
2338 static struct nf_conntrack_expect *
2339 ctnetlink_alloc_expect(const struct nlattr *const cda[], struct nf_conn *ct,
2340                        struct nf_conntrack_helper *helper,
2341                        struct nf_conntrack_tuple *tuple,
2342                        struct nf_conntrack_tuple *mask);
2343
2344 #ifdef CONFIG_NETFILTER_NETLINK_GLUE_CT
2345 static size_t
2346 ctnetlink_glue_build_size(const struct nf_conn *ct)
2347 {
2348         return 3 * nla_total_size(0) /* CTA_TUPLE_ORIG|REPL|MASTER */
2349                + 3 * nla_total_size(0) /* CTA_TUPLE_IP */
2350                + 3 * nla_total_size(0) /* CTA_TUPLE_PROTO */
2351                + 3 * nla_total_size(sizeof(u_int8_t)) /* CTA_PROTO_NUM */
2352                + nla_total_size(sizeof(u_int32_t)) /* CTA_ID */
2353                + nla_total_size(sizeof(u_int32_t)) /* CTA_STATUS */
2354                + nla_total_size(sizeof(u_int32_t)) /* CTA_TIMEOUT */
2355                + nla_total_size(0) /* CTA_PROTOINFO */
2356                + nla_total_size(0) /* CTA_HELP */
2357                + nla_total_size(NF_CT_HELPER_NAME_LEN) /* CTA_HELP_NAME */
2358                + ctnetlink_secctx_size(ct)
2359 #ifdef CONFIG_NF_NAT_NEEDED
2360                + 2 * nla_total_size(0) /* CTA_NAT_SEQ_ADJ_ORIG|REPL */
2361                + 6 * nla_total_size(sizeof(u_int32_t)) /* CTA_NAT_SEQ_OFFSET */
2362 #endif
2363 #ifdef CONFIG_NF_CONNTRACK_MARK
2364                + nla_total_size(sizeof(u_int32_t)) /* CTA_MARK */
2365 #endif
2366 #ifdef CONFIG_NF_CONNTRACK_ZONES
2367                + nla_total_size(sizeof(u_int16_t)) /* CTA_ZONE|CTA_TUPLE_ZONE */
2368 #endif
2369                + ctnetlink_proto_size(ct)
2370                ;
2371 }
2372
2373 static struct nf_conn *ctnetlink_glue_get_ct(const struct sk_buff *skb,
2374                                              enum ip_conntrack_info *ctinfo)
2375 {
2376         return nf_ct_get(skb, ctinfo);
2377 }
2378
2379 static int __ctnetlink_glue_build(struct sk_buff *skb, struct nf_conn *ct)
2380 {
2381         const struct nf_conntrack_zone *zone;
2382         struct nlattr *nest_parms;
2383
2384         zone = nf_ct_zone(ct);
2385
2386         nest_parms = nla_nest_start(skb, CTA_TUPLE_ORIG | NLA_F_NESTED);
2387         if (!nest_parms)
2388                 goto nla_put_failure;
2389         if (ctnetlink_dump_tuples(skb, nf_ct_tuple(ct, IP_CT_DIR_ORIGINAL)) < 0)
2390                 goto nla_put_failure;
2391         if (ctnetlink_dump_zone_id(skb, CTA_TUPLE_ZONE, zone,
2392                                    NF_CT_ZONE_DIR_ORIG) < 0)
2393                 goto nla_put_failure;
2394         nla_nest_end(skb, nest_parms);
2395
2396         nest_parms = nla_nest_start(skb, CTA_TUPLE_REPLY | NLA_F_NESTED);
2397         if (!nest_parms)
2398                 goto nla_put_failure;
2399         if (ctnetlink_dump_tuples(skb, nf_ct_tuple(ct, IP_CT_DIR_REPLY)) < 0)
2400                 goto nla_put_failure;
2401         if (ctnetlink_dump_zone_id(skb, CTA_TUPLE_ZONE, zone,
2402                                    NF_CT_ZONE_DIR_REPL) < 0)
2403                 goto nla_put_failure;
2404         nla_nest_end(skb, nest_parms);
2405
2406         if (ctnetlink_dump_zone_id(skb, CTA_ZONE, zone,
2407                                    NF_CT_DEFAULT_ZONE_DIR) < 0)
2408                 goto nla_put_failure;
2409
2410         if (ctnetlink_dump_id(skb, ct) < 0)
2411                 goto nla_put_failure;
2412
2413         if (ctnetlink_dump_status(skb, ct) < 0)
2414                 goto nla_put_failure;
2415
2416         if (ctnetlink_dump_timeout(skb, ct) < 0)
2417                 goto nla_put_failure;
2418
2419         if (ctnetlink_dump_protoinfo(skb, ct) < 0)
2420                 goto nla_put_failure;
2421
2422         if (ctnetlink_dump_helpinfo(skb, ct) < 0)
2423                 goto nla_put_failure;
2424
2425 #ifdef CONFIG_NF_CONNTRACK_SECMARK
2426         if (ct->secmark && ctnetlink_dump_secctx(skb, ct) < 0)
2427                 goto nla_put_failure;
2428 #endif
2429         if (ct->master && ctnetlink_dump_master(skb, ct) < 0)
2430                 goto nla_put_failure;
2431
2432         if ((ct->status & IPS_SEQ_ADJUST) &&
2433             ctnetlink_dump_ct_seq_adj(skb, ct) < 0)
2434                 goto nla_put_failure;
2435
2436         if (ctnetlink_dump_ct_synproxy(skb, ct) < 0)
2437                 goto nla_put_failure;
2438
2439 #ifdef CONFIG_NF_CONNTRACK_MARK
2440         if (ct->mark && ctnetlink_dump_mark(skb, ct) < 0)
2441                 goto nla_put_failure;
2442 #endif
2443         if (ctnetlink_dump_labels(skb, ct) < 0)
2444                 goto nla_put_failure;
2445         return 0;
2446
2447 nla_put_failure:
2448         return -ENOSPC;
2449 }
2450
2451 static int
2452 ctnetlink_glue_build(struct sk_buff *skb, struct nf_conn *ct,
2453                      enum ip_conntrack_info ctinfo,
2454                      u_int16_t ct_attr, u_int16_t ct_info_attr)
2455 {
2456         struct nlattr *nest_parms;
2457
2458         nest_parms = nla_nest_start(skb, ct_attr | NLA_F_NESTED);
2459         if (!nest_parms)
2460                 goto nla_put_failure;
2461
2462         if (__ctnetlink_glue_build(skb, ct) < 0)
2463                 goto nla_put_failure;
2464
2465         nla_nest_end(skb, nest_parms);
2466
2467         if (nla_put_be32(skb, ct_info_attr, htonl(ctinfo)))
2468                 goto nla_put_failure;
2469
2470         return 0;
2471
2472 nla_put_failure:
2473         return -ENOSPC;
2474 }
2475
2476 static int
2477 ctnetlink_update_status(struct nf_conn *ct, const struct nlattr * const cda[])
2478 {
2479         unsigned int status = ntohl(nla_get_be32(cda[CTA_STATUS]));
2480         unsigned long d = ct->status ^ status;
2481
2482         if (d & IPS_SEEN_REPLY && !(status & IPS_SEEN_REPLY))
2483                 /* SEEN_REPLY bit can only be set */
2484                 return -EBUSY;
2485
2486         if (d & IPS_ASSURED && !(status & IPS_ASSURED))
2487                 /* ASSURED bit can only be set */
2488                 return -EBUSY;
2489
2490         /* This check is less strict than ctnetlink_change_status()
2491          * because callers often flip IPS_EXPECTED bits when sending
2492          * an NFQA_CT attribute to the kernel.  So ignore the
2493          * unchangeable bits but do not error out. Also user programs
2494          * are allowed to clear the bits that they are allowed to change.
2495          */
2496         __ctnetlink_change_status(ct, status, ~status);
2497         return 0;
2498 }
2499
2500 static int
2501 ctnetlink_glue_parse_ct(const struct nlattr *cda[], struct nf_conn *ct)
2502 {
2503         int err;
2504
2505         if (cda[CTA_TIMEOUT]) {
2506                 err = ctnetlink_change_timeout(ct, cda);
2507                 if (err < 0)
2508                         return err;
2509         }
2510         if (cda[CTA_STATUS]) {
2511                 err = ctnetlink_update_status(ct, cda);
2512                 if (err < 0)
2513                         return err;
2514         }
2515         if (cda[CTA_HELP]) {
2516                 err = ctnetlink_change_helper(ct, cda);
2517                 if (err < 0)
2518                         return err;
2519         }
2520         if (cda[CTA_LABELS]) {
2521                 err = ctnetlink_attach_labels(ct, cda);
2522                 if (err < 0)
2523                         return err;
2524         }
2525 #if defined(CONFIG_NF_CONNTRACK_MARK)
2526         if (cda[CTA_MARK]) {
2527                 u32 mask = 0, mark, newmark;
2528                 if (cda[CTA_MARK_MASK])
2529                         mask = ~ntohl(nla_get_be32(cda[CTA_MARK_MASK]));
2530
2531                 mark = ntohl(nla_get_be32(cda[CTA_MARK]));
2532                 newmark = (ct->mark & mask) ^ mark;
2533                 if (newmark != ct->mark)
2534                         ct->mark = newmark;
2535         }
2536 #endif
2537         return 0;
2538 }
2539
2540 static int
2541 ctnetlink_glue_parse(const struct nlattr *attr, struct nf_conn *ct)
2542 {
2543         struct nlattr *cda[CTA_MAX+1];
2544         int ret;
2545
2546         ret = nla_parse_nested(cda, CTA_MAX, attr, ct_nla_policy, NULL);
2547         if (ret < 0)
2548                 return ret;
2549
2550         return ctnetlink_glue_parse_ct((const struct nlattr **)cda, ct);
2551 }
2552
2553 static int ctnetlink_glue_exp_parse(const struct nlattr * const *cda,
2554                                     const struct nf_conn *ct,
2555                                     struct nf_conntrack_tuple *tuple,
2556                                     struct nf_conntrack_tuple *mask)
2557 {
2558         int err;
2559
2560         err = ctnetlink_parse_tuple(cda, tuple, CTA_EXPECT_TUPLE,
2561                                     nf_ct_l3num(ct), NULL);
2562         if (err < 0)
2563                 return err;
2564
2565         return ctnetlink_parse_tuple(cda, mask, CTA_EXPECT_MASK,
2566                                      nf_ct_l3num(ct), NULL);
2567 }
2568
2569 static int
2570 ctnetlink_glue_attach_expect(const struct nlattr *attr, struct nf_conn *ct,
2571                              u32 portid, u32 report)
2572 {
2573         struct nlattr *cda[CTA_EXPECT_MAX+1];
2574         struct nf_conntrack_tuple tuple, mask;
2575         struct nf_conntrack_helper *helper = NULL;
2576         struct nf_conntrack_expect *exp;
2577         int err;
2578
2579         err = nla_parse_nested(cda, CTA_EXPECT_MAX, attr, exp_nla_policy,
2580                                NULL);
2581         if (err < 0)
2582                 return err;
2583
2584         err = ctnetlink_glue_exp_parse((const struct nlattr * const *)cda,
2585                                        ct, &tuple, &mask);
2586         if (err < 0)
2587                 return err;
2588
2589         if (cda[CTA_EXPECT_HELP_NAME]) {
2590                 const char *helpname = nla_data(cda[CTA_EXPECT_HELP_NAME]);
2591
2592                 helper = __nf_conntrack_helper_find(helpname, nf_ct_l3num(ct),
2593                                                     nf_ct_protonum(ct));
2594                 if (helper == NULL)
2595                         return -EOPNOTSUPP;
2596         }
2597
2598         exp = ctnetlink_alloc_expect((const struct nlattr * const *)cda, ct,
2599                                      helper, &tuple, &mask);
2600         if (IS_ERR(exp))
2601                 return PTR_ERR(exp);
2602
2603         err = nf_ct_expect_related_report(exp, portid, report);
2604         nf_ct_expect_put(exp);
2605         return err;
2606 }
2607
2608 static void ctnetlink_glue_seqadj(struct sk_buff *skb, struct nf_conn *ct,
2609                                   enum ip_conntrack_info ctinfo, int diff)
2610 {
2611         if (!(ct->status & IPS_NAT_MASK))
2612                 return;
2613
2614         nf_ct_tcp_seqadj_set(skb, ct, ctinfo, diff);
2615 }
2616
2617 static struct nfnl_ct_hook ctnetlink_glue_hook = {
2618         .get_ct         = ctnetlink_glue_get_ct,
2619         .build_size     = ctnetlink_glue_build_size,
2620         .build          = ctnetlink_glue_build,
2621         .parse          = ctnetlink_glue_parse,
2622         .attach_expect  = ctnetlink_glue_attach_expect,
2623         .seq_adjust     = ctnetlink_glue_seqadj,
2624 };
2625 #endif /* CONFIG_NETFILTER_NETLINK_GLUE_CT */
2626
2627 /***********************************************************************
2628  * EXPECT
2629  ***********************************************************************/
2630
2631 static int ctnetlink_exp_dump_tuple(struct sk_buff *skb,
2632                                     const struct nf_conntrack_tuple *tuple,
2633                                     u32 type)
2634 {
2635         struct nlattr *nest_parms;
2636
2637         nest_parms = nla_nest_start(skb, type | NLA_F_NESTED);
2638         if (!nest_parms)
2639                 goto nla_put_failure;
2640         if (ctnetlink_dump_tuples(skb, tuple) < 0)
2641                 goto nla_put_failure;
2642         nla_nest_end(skb, nest_parms);
2643
2644         return 0;
2645
2646 nla_put_failure:
2647         return -1;
2648 }
2649
2650 static int ctnetlink_exp_dump_mask(struct sk_buff *skb,
2651                                    const struct nf_conntrack_tuple *tuple,
2652                                    const struct nf_conntrack_tuple_mask *mask)
2653 {
2654         const struct nf_conntrack_l4proto *l4proto;
2655         struct nf_conntrack_tuple m;
2656         struct nlattr *nest_parms;
2657         int ret;
2658
2659         memset(&m, 0xFF, sizeof(m));
2660         memcpy(&m.src.u3, &mask->src.u3, sizeof(m.src.u3));
2661         m.src.u.all = mask->src.u.all;
2662         m.dst.protonum = tuple->dst.protonum;
2663
2664         nest_parms = nla_nest_start(skb, CTA_EXPECT_MASK | NLA_F_NESTED);
2665         if (!nest_parms)
2666                 goto nla_put_failure;
2667
2668         rcu_read_lock();
2669         ret = ctnetlink_dump_tuples_ip(skb, &m);
2670         if (ret >= 0) {
2671                 l4proto = __nf_ct_l4proto_find(tuple->dst.protonum);
2672         ret = ctnetlink_dump_tuples_proto(skb, &m, l4proto);
2673         }
2674         rcu_read_unlock();
2675
2676         if (unlikely(ret < 0))
2677                 goto nla_put_failure;
2678
2679         nla_nest_end(skb, nest_parms);
2680
2681         return 0;
2682
2683 nla_put_failure:
2684         return -1;
2685 }
2686
2687 static const union nf_inet_addr any_addr;
2688
2689 static int
2690 ctnetlink_exp_dump_expect(struct sk_buff *skb,
2691                           const struct nf_conntrack_expect *exp)
2692 {
2693         struct nf_conn *master = exp->master;
2694         long timeout = ((long)exp->timeout.expires - (long)jiffies) / HZ;
2695         struct nf_conn_help *help;
2696 #ifdef CONFIG_NF_NAT_NEEDED
2697         struct nlattr *nest_parms;
2698         struct nf_conntrack_tuple nat_tuple = {};
2699 #endif
2700         struct nf_ct_helper_expectfn *expfn;
2701
2702         if (timeout < 0)
2703                 timeout = 0;
2704
2705         if (ctnetlink_exp_dump_tuple(skb, &exp->tuple, CTA_EXPECT_TUPLE) < 0)
2706                 goto nla_put_failure;
2707         if (ctnetlink_exp_dump_mask(skb, &exp->tuple, &exp->mask) < 0)
2708                 goto nla_put_failure;
2709         if (ctnetlink_exp_dump_tuple(skb,
2710                                  &master->tuplehash[IP_CT_DIR_ORIGINAL].tuple,
2711                                  CTA_EXPECT_MASTER) < 0)
2712                 goto nla_put_failure;
2713
2714 #ifdef CONFIG_NF_NAT_NEEDED
2715         if (!nf_inet_addr_cmp(&exp->saved_addr, &any_addr) ||
2716             exp->saved_proto.all) {
2717                 nest_parms = nla_nest_start(skb, CTA_EXPECT_NAT | NLA_F_NESTED);
2718                 if (!nest_parms)
2719                         goto nla_put_failure;
2720
2721                 if (nla_put_be32(skb, CTA_EXPECT_NAT_DIR, htonl(exp->dir)))
2722                         goto nla_put_failure;
2723
2724                 nat_tuple.src.l3num = nf_ct_l3num(master);
2725                 nat_tuple.src.u3 = exp->saved_addr;
2726                 nat_tuple.dst.protonum = nf_ct_protonum(master);
2727                 nat_tuple.src.u = exp->saved_proto;
2728
2729                 if (ctnetlink_exp_dump_tuple(skb, &nat_tuple,
2730                                                 CTA_EXPECT_NAT_TUPLE) < 0)
2731                         goto nla_put_failure;
2732                 nla_nest_end(skb, nest_parms);
2733         }
2734 #endif
2735         if (nla_put_be32(skb, CTA_EXPECT_TIMEOUT, htonl(timeout)) ||
2736             nla_put_be32(skb, CTA_EXPECT_ID, htonl((unsigned long)exp)) ||
2737             nla_put_be32(skb, CTA_EXPECT_FLAGS, htonl(exp->flags)) ||
2738             nla_put_be32(skb, CTA_EXPECT_CLASS, htonl(exp->class)))
2739                 goto nla_put_failure;
2740         help = nfct_help(master);
2741         if (help) {
2742                 struct nf_conntrack_helper *helper;
2743
2744                 helper = rcu_dereference(help->helper);
2745                 if (helper &&
2746                     nla_put_string(skb, CTA_EXPECT_HELP_NAME, helper->name))
2747                         goto nla_put_failure;
2748         }
2749         expfn = nf_ct_helper_expectfn_find_by_symbol(exp->expectfn);
2750         if (expfn != NULL &&
2751             nla_put_string(skb, CTA_EXPECT_FN, expfn->name))
2752                 goto nla_put_failure;
2753
2754         return 0;
2755
2756 nla_put_failure:
2757         return -1;
2758 }
2759
2760 static int
2761 ctnetlink_exp_fill_info(struct sk_buff *skb, u32 portid, u32 seq,
2762                         int event, const struct nf_conntrack_expect *exp)
2763 {
2764         struct nlmsghdr *nlh;
2765         struct nfgenmsg *nfmsg;
2766         unsigned int flags = portid ? NLM_F_MULTI : 0;
2767
2768         event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK_EXP, event);
2769         nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
2770         if (nlh == NULL)
2771                 goto nlmsg_failure;
2772
2773         nfmsg = nlmsg_data(nlh);
2774         nfmsg->nfgen_family = exp->tuple.src.l3num;
2775         nfmsg->version      = NFNETLINK_V0;
2776         nfmsg->res_id       = 0;
2777
2778         if (ctnetlink_exp_dump_expect(skb, exp) < 0)
2779                 goto nla_put_failure;
2780
2781         nlmsg_end(skb, nlh);
2782         return skb->len;
2783
2784 nlmsg_failure:
2785 nla_put_failure:
2786         nlmsg_cancel(skb, nlh);
2787         return -1;
2788 }
2789
2790 #ifdef CONFIG_NF_CONNTRACK_EVENTS
2791 static int
2792 ctnetlink_expect_event(unsigned int events, struct nf_exp_event *item)
2793 {
2794         struct nf_conntrack_expect *exp = item->exp;
2795         struct net *net = nf_ct_exp_net(exp);
2796         struct nlmsghdr *nlh;
2797         struct nfgenmsg *nfmsg;
2798         struct sk_buff *skb;
2799         unsigned int type, group;
2800         int flags = 0;
2801
2802         if (events & (1 << IPEXP_DESTROY)) {
2803                 type = IPCTNL_MSG_EXP_DELETE;
2804                 group = NFNLGRP_CONNTRACK_EXP_DESTROY;
2805         } else if (events & (1 << IPEXP_NEW)) {
2806                 type = IPCTNL_MSG_EXP_NEW;
2807                 flags = NLM_F_CREATE|NLM_F_EXCL;
2808                 group = NFNLGRP_CONNTRACK_EXP_NEW;
2809         } else
2810                 return 0;
2811
2812         if (!item->report && !nfnetlink_has_listeners(net, group))
2813                 return 0;
2814
2815         skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
2816         if (skb == NULL)
2817                 goto errout;
2818
2819         type = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK_EXP, type);
2820         nlh = nlmsg_put(skb, item->portid, 0, type, sizeof(*nfmsg), flags);
2821         if (nlh == NULL)
2822                 goto nlmsg_failure;
2823
2824         nfmsg = nlmsg_data(nlh);
2825         nfmsg->nfgen_family = exp->tuple.src.l3num;
2826         nfmsg->version      = NFNETLINK_V0;
2827         nfmsg->res_id       = 0;
2828
2829         if (ctnetlink_exp_dump_expect(skb, exp) < 0)
2830                 goto nla_put_failure;
2831
2832         nlmsg_end(skb, nlh);
2833         nfnetlink_send(skb, net, item->portid, group, item->report, GFP_ATOMIC);
2834         return 0;
2835
2836 nla_put_failure:
2837         nlmsg_cancel(skb, nlh);
2838 nlmsg_failure:
2839         kfree_skb(skb);
2840 errout:
2841         nfnetlink_set_err(net, 0, 0, -ENOBUFS);
2842         return 0;
2843 }
2844 #endif
2845 static int ctnetlink_exp_done(struct netlink_callback *cb)
2846 {
2847         if (cb->args[1])
2848                 nf_ct_expect_put((struct nf_conntrack_expect *)cb->args[1]);
2849         return 0;
2850 }
2851
2852 static int
2853 ctnetlink_exp_dump_table(struct sk_buff *skb, struct netlink_callback *cb)
2854 {
2855         struct net *net = sock_net(skb->sk);
2856         struct nf_conntrack_expect *exp, *last;
2857         struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
2858         u_int8_t l3proto = nfmsg->nfgen_family;
2859
2860         rcu_read_lock();
2861         last = (struct nf_conntrack_expect *)cb->args[1];
2862         for (; cb->args[0] < nf_ct_expect_hsize; cb->args[0]++) {
2863 restart:
2864                 hlist_for_each_entry_rcu(exp, &nf_ct_expect_hash[cb->args[0]],
2865                                          hnode) {
2866                         if (l3proto && exp->tuple.src.l3num != l3proto)
2867                                 continue;
2868
2869                         if (!net_eq(nf_ct_net(exp->master), net))
2870                                 continue;
2871
2872                         if (cb->args[1]) {
2873                                 if (exp != last)
2874                                         continue;
2875                                 cb->args[1] = 0;
2876                         }
2877                         if (ctnetlink_exp_fill_info(skb,
2878                                                     NETLINK_CB(cb->skb).portid,
2879                                                     cb->nlh->nlmsg_seq,
2880                                                     IPCTNL_MSG_EXP_NEW,
2881                                                     exp) < 0) {
2882                                 if (!refcount_inc_not_zero(&exp->use))
2883                                         continue;
2884                                 cb->args[1] = (unsigned long)exp;
2885                                 goto out;
2886                         }
2887                 }
2888                 if (cb->args[1]) {
2889                         cb->args[1] = 0;
2890                         goto restart;
2891                 }
2892         }
2893 out:
2894         rcu_read_unlock();
2895         if (last)
2896                 nf_ct_expect_put(last);
2897
2898         return skb->len;
2899 }
2900
2901 static int
2902 ctnetlink_exp_ct_dump_table(struct sk_buff *skb, struct netlink_callback *cb)
2903 {
2904         struct nf_conntrack_expect *exp, *last;
2905         struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
2906         struct nf_conn *ct = cb->data;
2907         struct nf_conn_help *help = nfct_help(ct);
2908         u_int8_t l3proto = nfmsg->nfgen_family;
2909
2910         if (cb->args[0])
2911                 return 0;
2912
2913         rcu_read_lock();
2914         last = (struct nf_conntrack_expect *)cb->args[1];
2915 restart:
2916         hlist_for_each_entry_rcu(exp, &help->expectations, lnode) {
2917                 if (l3proto && exp->tuple.src.l3num != l3proto)
2918                         continue;
2919                 if (cb->args[1]) {
2920                         if (exp != last)
2921                                 continue;
2922                         cb->args[1] = 0;
2923                 }
2924                 if (ctnetlink_exp_fill_info(skb, NETLINK_CB(cb->skb).portid,
2925                                             cb->nlh->nlmsg_seq,
2926                                             IPCTNL_MSG_EXP_NEW,
2927                                             exp) < 0) {
2928                         if (!refcount_inc_not_zero(&exp->use))
2929                                 continue;
2930                         cb->args[1] = (unsigned long)exp;
2931                         goto out;
2932                 }
2933         }
2934         if (cb->args[1]) {
2935                 cb->args[1] = 0;
2936                 goto restart;
2937         }
2938         cb->args[0] = 1;
2939 out:
2940         rcu_read_unlock();
2941         if (last)
2942                 nf_ct_expect_put(last);
2943
2944         return skb->len;
2945 }
2946
2947 static int ctnetlink_dump_exp_ct(struct net *net, struct sock *ctnl,
2948                                  struct sk_buff *skb,
2949                                  const struct nlmsghdr *nlh,
2950                                  const struct nlattr * const cda[],
2951                                  struct netlink_ext_ack *extack)
2952 {
2953         int err;
2954         struct nfgenmsg *nfmsg = nlmsg_data(nlh);
2955         u_int8_t u3 = nfmsg->nfgen_family;
2956         struct nf_conntrack_tuple tuple;
2957         struct nf_conntrack_tuple_hash *h;
2958         struct nf_conn *ct;
2959         struct nf_conntrack_zone zone;
2960         struct netlink_dump_control c = {
2961                 .dump = ctnetlink_exp_ct_dump_table,
2962                 .done = ctnetlink_exp_done,
2963         };
2964
2965         err = ctnetlink_parse_tuple(cda, &tuple, CTA_EXPECT_MASTER,
2966                                     u3, NULL);
2967         if (err < 0)
2968                 return err;
2969
2970         err = ctnetlink_parse_zone(cda[CTA_EXPECT_ZONE], &zone);
2971         if (err < 0)
2972                 return err;
2973
2974         h = nf_conntrack_find_get(net, &zone, &tuple);
2975         if (!h)
2976                 return -ENOENT;
2977
2978         ct = nf_ct_tuplehash_to_ctrack(h);
2979         /* No expectation linked to this connection tracking. */
2980         if (!nfct_help(ct)) {
2981                 nf_ct_put(ct);
2982                 return 0;
2983         }
2984
2985         c.data = ct;
2986
2987         err = netlink_dump_start(ctnl, skb, nlh, &c);
2988         nf_ct_put(ct);
2989
2990         return err;
2991 }
2992
2993 static int ctnetlink_get_expect(struct net *net, struct sock *ctnl,
2994                                 struct sk_buff *skb, const struct nlmsghdr *nlh,
2995                                 const struct nlattr * const cda[],
2996                                 struct netlink_ext_ack *extack)
2997 {
2998         struct nf_conntrack_tuple tuple;
2999         struct nf_conntrack_expect *exp;
3000         struct sk_buff *skb2;
3001         struct nfgenmsg *nfmsg = nlmsg_data(nlh);
3002         u_int8_t u3 = nfmsg->nfgen_family;
3003         struct nf_conntrack_zone zone;
3004         int err;
3005
3006         if (nlh->nlmsg_flags & NLM_F_DUMP) {
3007                 if (cda[CTA_EXPECT_MASTER])
3008                         return ctnetlink_dump_exp_ct(net, ctnl, skb, nlh, cda,
3009                                                      extack);
3010                 else {
3011                         struct netlink_dump_control c = {
3012                                 .dump = ctnetlink_exp_dump_table,
3013                                 .done = ctnetlink_exp_done,
3014                         };
3015                         return netlink_dump_start(ctnl, skb, nlh, &c);
3016                 }
3017         }
3018
3019         err = ctnetlink_parse_zone(cda[CTA_EXPECT_ZONE], &zone);
3020         if (err < 0)
3021                 return err;
3022
3023         if (cda[CTA_EXPECT_TUPLE])
3024                 err = ctnetlink_parse_tuple(cda, &tuple, CTA_EXPECT_TUPLE,
3025                                             u3, NULL);
3026         else if (cda[CTA_EXPECT_MASTER])
3027                 err = ctnetlink_parse_tuple(cda, &tuple, CTA_EXPECT_MASTER,
3028                                             u3, NULL);
3029         else
3030                 return -EINVAL;
3031
3032         if (err < 0)
3033                 return err;
3034
3035         exp = nf_ct_expect_find_get(net, &zone, &tuple);
3036         if (!exp)
3037                 return -ENOENT;
3038
3039         if (cda[CTA_EXPECT_ID]) {
3040                 __be32 id = nla_get_be32(cda[CTA_EXPECT_ID]);
3041                 if (ntohl(id) != (u32)(unsigned long)exp) {
3042                         nf_ct_expect_put(exp);
3043                         return -ENOENT;
3044                 }
3045         }
3046
3047         err = -ENOMEM;
3048         skb2 = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
3049         if (skb2 == NULL) {
3050                 nf_ct_expect_put(exp);
3051                 goto out;
3052         }
3053
3054         rcu_read_lock();
3055         err = ctnetlink_exp_fill_info(skb2, NETLINK_CB(skb).portid,
3056                                       nlh->nlmsg_seq, IPCTNL_MSG_EXP_NEW, exp);
3057         rcu_read_unlock();
3058         nf_ct_expect_put(exp);
3059         if (err <= 0)
3060                 goto free;
3061
3062         err = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).portid, MSG_DONTWAIT);
3063         if (err < 0)
3064                 goto out;
3065
3066         return 0;
3067
3068 free:
3069         kfree_skb(skb2);
3070 out:
3071         /* this avoids a loop in nfnetlink. */
3072         return err == -EAGAIN ? -ENOBUFS : err;
3073 }
3074
3075 static bool expect_iter_name(struct nf_conntrack_expect *exp, void *data)
3076 {
3077         const struct nf_conn_help *m_help;
3078         const char *name = data;
3079
3080         m_help = nfct_help(exp->master);
3081
3082         return strcmp(m_help->helper->name, name) == 0;
3083 }
3084
3085 static bool expect_iter_all(struct nf_conntrack_expect *exp, void *data)
3086 {
3087         return true;
3088 }
3089
3090 static int ctnetlink_del_expect(struct net *net, struct sock *ctnl,
3091                                 struct sk_buff *skb, const struct nlmsghdr *nlh,
3092                                 const struct nlattr * const cda[],
3093                                 struct netlink_ext_ack *extack)
3094 {
3095         struct nf_conntrack_expect *exp;
3096         struct nf_conntrack_tuple tuple;
3097         struct nfgenmsg *nfmsg = nlmsg_data(nlh);
3098         u_int8_t u3 = nfmsg->nfgen_family;
3099         struct nf_conntrack_zone zone;
3100         int err;
3101
3102         if (cda[CTA_EXPECT_TUPLE]) {
3103                 /* delete a single expect by tuple */
3104                 err = ctnetlink_parse_zone(cda[CTA_EXPECT_ZONE], &zone);
3105                 if (err < 0)
3106                         return err;
3107
3108                 err = ctnetlink_parse_tuple(cda, &tuple, CTA_EXPECT_TUPLE,
3109                                             u3, NULL);
3110                 if (err < 0)
3111                         return err;
3112
3113                 /* bump usage count to 2 */
3114                 exp = nf_ct_expect_find_get(net, &zone, &tuple);
3115                 if (!exp)
3116                         return -ENOENT;
3117
3118                 if (cda[CTA_EXPECT_ID]) {
3119                         __be32 id = nla_get_be32(cda[CTA_EXPECT_ID]);
3120                         if (ntohl(id) != (u32)(unsigned long)exp) {
3121                                 nf_ct_expect_put(exp);
3122                                 return -ENOENT;
3123                         }
3124                 }
3125
3126                 /* after list removal, usage count == 1 */
3127                 spin_lock_bh(&nf_conntrack_expect_lock);
3128                 if (del_timer(&exp->timeout)) {
3129                         nf_ct_unlink_expect_report(exp, NETLINK_CB(skb).portid,
3130                                                    nlmsg_report(nlh));
3131                         nf_ct_expect_put(exp);
3132                 }
3133                 spin_unlock_bh(&nf_conntrack_expect_lock);
3134                 /* have to put what we 'get' above.
3135                  * after this line usage count == 0 */
3136                 nf_ct_expect_put(exp);
3137         } else if (cda[CTA_EXPECT_HELP_NAME]) {
3138                 char *name = nla_data(cda[CTA_EXPECT_HELP_NAME]);
3139
3140                 nf_ct_expect_iterate_net(net, expect_iter_name, name,
3141                                          NETLINK_CB(skb).portid,
3142                                          nlmsg_report(nlh));
3143         } else {
3144                 /* This basically means we have to flush everything*/
3145                 nf_ct_expect_iterate_net(net, expect_iter_all, NULL,
3146                                          NETLINK_CB(skb).portid,
3147                                          nlmsg_report(nlh));
3148         }
3149
3150         return 0;
3151 }
3152 static int
3153 ctnetlink_change_expect(struct nf_conntrack_expect *x,
3154                         const struct nlattr * const cda[])
3155 {
3156         if (cda[CTA_EXPECT_TIMEOUT]) {
3157                 if (!del_timer(&x->timeout))
3158                         return -ETIME;
3159
3160                 x->timeout.expires = jiffies +
3161                         ntohl(nla_get_be32(cda[CTA_EXPECT_TIMEOUT])) * HZ;
3162                 add_timer(&x->timeout);
3163         }
3164         return 0;
3165 }
3166
3167 static const struct nla_policy exp_nat_nla_policy[CTA_EXPECT_NAT_MAX+1] = {
3168         [CTA_EXPECT_NAT_DIR]    = { .type = NLA_U32 },
3169         [CTA_EXPECT_NAT_TUPLE]  = { .type = NLA_NESTED },
3170 };
3171
3172 static int
3173 ctnetlink_parse_expect_nat(const struct nlattr *attr,
3174                            struct nf_conntrack_expect *exp,
3175                            u_int8_t u3)
3176 {
3177 #ifdef CONFIG_NF_NAT_NEEDED
3178         struct nlattr *tb[CTA_EXPECT_NAT_MAX+1];
3179         struct nf_conntrack_tuple nat_tuple = {};
3180         int err;
3181
3182         err = nla_parse_nested(tb, CTA_EXPECT_NAT_MAX, attr,
3183                                exp_nat_nla_policy, NULL);
3184         if (err < 0)
3185                 return err;
3186
3187         if (!tb[CTA_EXPECT_NAT_DIR] || !tb[CTA_EXPECT_NAT_TUPLE])
3188                 return -EINVAL;
3189
3190         err = ctnetlink_parse_tuple((const struct nlattr * const *)tb,
3191                                     &nat_tuple, CTA_EXPECT_NAT_TUPLE,
3192                                     u3, NULL);
3193         if (err < 0)
3194                 return err;
3195
3196         exp->saved_addr = nat_tuple.src.u3;
3197         exp->saved_proto = nat_tuple.src.u;
3198         exp->dir = ntohl(nla_get_be32(tb[CTA_EXPECT_NAT_DIR]));
3199
3200         return 0;
3201 #else
3202         return -EOPNOTSUPP;
3203 #endif
3204 }
3205
3206 static struct nf_conntrack_expect *
3207 ctnetlink_alloc_expect(const struct nlattr * const cda[], struct nf_conn *ct,
3208                        struct nf_conntrack_helper *helper,
3209                        struct nf_conntrack_tuple *tuple,
3210                        struct nf_conntrack_tuple *mask)
3211 {
3212         u_int32_t class = 0;
3213         struct nf_conntrack_expect *exp;
3214         struct nf_conn_help *help;
3215         int err;
3216
3217         help = nfct_help(ct);
3218         if (!help)
3219                 return ERR_PTR(-EOPNOTSUPP);
3220
3221         if (cda[CTA_EXPECT_CLASS] && helper) {
3222                 class = ntohl(nla_get_be32(cda[CTA_EXPECT_CLASS]));
3223                 if (class > helper->expect_class_max)
3224                         return ERR_PTR(-EINVAL);
3225         }
3226         exp = nf_ct_expect_alloc(ct);
3227         if (!exp)
3228                 return ERR_PTR(-ENOMEM);
3229
3230         if (cda[CTA_EXPECT_FLAGS]) {
3231                 exp->flags = ntohl(nla_get_be32(cda[CTA_EXPECT_FLAGS]));
3232                 exp->flags &= ~NF_CT_EXPECT_USERSPACE;
3233         } else {
3234                 exp->flags = 0;
3235         }
3236         if (cda[CTA_EXPECT_FN]) {
3237                 const char *name = nla_data(cda[CTA_EXPECT_FN]);
3238                 struct nf_ct_helper_expectfn *expfn;
3239
3240                 expfn = nf_ct_helper_expectfn_find_by_name(name);
3241                 if (expfn == NULL) {
3242                         err = -EINVAL;
3243                         goto err_out;
3244                 }
3245                 exp->expectfn = expfn->expectfn;
3246         } else
3247                 exp->expectfn = NULL;
3248
3249         exp->class = class;
3250         exp->master = ct;
3251         exp->helper = helper;
3252         exp->tuple = *tuple;
3253         exp->mask.src.u3 = mask->src.u3;
3254         exp->mask.src.u.all = mask->src.u.all;
3255
3256         if (cda[CTA_EXPECT_NAT]) {
3257                 err = ctnetlink_parse_expect_nat(cda[CTA_EXPECT_NAT],
3258                                                  exp, nf_ct_l3num(ct));
3259                 if (err < 0)
3260                         goto err_out;
3261         }
3262         return exp;
3263 err_out:
3264         nf_ct_expect_put(exp);
3265         return ERR_PTR(err);
3266 }
3267
3268 static int
3269 ctnetlink_create_expect(struct net *net,
3270                         const struct nf_conntrack_zone *zone,
3271                         const struct nlattr * const cda[],
3272                         u_int8_t u3, u32 portid, int report)
3273 {
3274         struct nf_conntrack_tuple tuple, mask, master_tuple;
3275         struct nf_conntrack_tuple_hash *h = NULL;
3276         struct nf_conntrack_helper *helper = NULL;
3277         struct nf_conntrack_expect *exp;
3278         struct nf_conn *ct;
3279         int err;
3280
3281         /* caller guarantees that those three CTA_EXPECT_* exist */
3282         err = ctnetlink_parse_tuple(cda, &tuple, CTA_EXPECT_TUPLE,
3283                                     u3, NULL);
3284         if (err < 0)
3285                 return err;
3286         err = ctnetlink_parse_tuple(cda, &mask, CTA_EXPECT_MASK,
3287                                     u3, NULL);
3288         if (err < 0)
3289                 return err;
3290         err = ctnetlink_parse_tuple(cda, &master_tuple, CTA_EXPECT_MASTER,
3291                                     u3, NULL);
3292         if (err < 0)
3293                 return err;
3294
3295         /* Look for master conntrack of this expectation */
3296         h = nf_conntrack_find_get(net, zone, &master_tuple);
3297         if (!h)
3298                 return -ENOENT;
3299         ct = nf_ct_tuplehash_to_ctrack(h);
3300
3301         rcu_read_lock();
3302         if (cda[CTA_EXPECT_HELP_NAME]) {
3303                 const char *helpname = nla_data(cda[CTA_EXPECT_HELP_NAME]);
3304
3305                 helper = __nf_conntrack_helper_find(helpname, u3,
3306                                                     nf_ct_protonum(ct));
3307                 if (helper == NULL) {
3308                         rcu_read_unlock();
3309 #ifdef CONFIG_MODULES
3310                         if (request_module("nfct-helper-%s", helpname) < 0) {
3311                                 err = -EOPNOTSUPP;
3312                                 goto err_ct;
3313                         }
3314                         rcu_read_lock();
3315                         helper = __nf_conntrack_helper_find(helpname, u3,
3316                                                             nf_ct_protonum(ct));
3317                         if (helper) {
3318                                 err = -EAGAIN;
3319                                 goto err_rcu;
3320                         }
3321                         rcu_read_unlock();
3322 #endif
3323                         err = -EOPNOTSUPP;
3324                         goto err_ct;
3325                 }
3326         }
3327
3328         exp = ctnetlink_alloc_expect(cda, ct, helper, &tuple, &mask);
3329         if (IS_ERR(exp)) {
3330                 err = PTR_ERR(exp);
3331                 goto err_rcu;
3332         }
3333
3334         err = nf_ct_expect_related_report(exp, portid, report);
3335         nf_ct_expect_put(exp);
3336 err_rcu:
3337         rcu_read_unlock();
3338 err_ct:
3339         nf_ct_put(ct);
3340         return err;
3341 }
3342
3343 static int ctnetlink_new_expect(struct net *net, struct sock *ctnl,
3344                                 struct sk_buff *skb, const struct nlmsghdr *nlh,
3345                                 const struct nlattr * const cda[],
3346                                 struct netlink_ext_ack *extack)
3347 {
3348         struct nf_conntrack_tuple tuple;
3349         struct nf_conntrack_expect *exp;
3350         struct nfgenmsg *nfmsg = nlmsg_data(nlh);
3351         u_int8_t u3 = nfmsg->nfgen_family;
3352         struct nf_conntrack_zone zone;
3353         int err;
3354
3355         if (!cda[CTA_EXPECT_TUPLE]
3356             || !cda[CTA_EXPECT_MASK]
3357             || !cda[CTA_EXPECT_MASTER])
3358                 return -EINVAL;
3359
3360         err = ctnetlink_parse_zone(cda[CTA_EXPECT_ZONE], &zone);
3361         if (err < 0)
3362                 return err;
3363
3364         err = ctnetlink_parse_tuple(cda, &tuple, CTA_EXPECT_TUPLE,
3365                                     u3, NULL);
3366         if (err < 0)
3367                 return err;
3368
3369         spin_lock_bh(&nf_conntrack_expect_lock);
3370         exp = __nf_ct_expect_find(net, &zone, &tuple);
3371         if (!exp) {
3372                 spin_unlock_bh(&nf_conntrack_expect_lock);
3373                 err = -ENOENT;
3374                 if (nlh->nlmsg_flags & NLM_F_CREATE) {
3375                         err = ctnetlink_create_expect(net, &zone, cda, u3,
3376                                                       NETLINK_CB(skb).portid,
3377                                                       nlmsg_report(nlh));
3378                 }
3379                 return err;
3380         }
3381
3382         err = -EEXIST;
3383         if (!(nlh->nlmsg_flags & NLM_F_EXCL))
3384                 err = ctnetlink_change_expect(exp, cda);
3385         spin_unlock_bh(&nf_conntrack_expect_lock);
3386
3387         return err;
3388 }
3389
3390 static int
3391 ctnetlink_exp_stat_fill_info(struct sk_buff *skb, u32 portid, u32 seq, int cpu,
3392                              const struct ip_conntrack_stat *st)
3393 {
3394         struct nlmsghdr *nlh;
3395         struct nfgenmsg *nfmsg;
3396         unsigned int flags = portid ? NLM_F_MULTI : 0, event;
3397
3398         event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK,
3399                               IPCTNL_MSG_EXP_GET_STATS_CPU);
3400         nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
3401         if (nlh == NULL)
3402                 goto nlmsg_failure;
3403
3404         nfmsg = nlmsg_data(nlh);
3405         nfmsg->nfgen_family = AF_UNSPEC;
3406         nfmsg->version      = NFNETLINK_V0;
3407         nfmsg->res_id       = htons(cpu);
3408
3409         if (nla_put_be32(skb, CTA_STATS_EXP_NEW, htonl(st->expect_new)) ||
3410             nla_put_be32(skb, CTA_STATS_EXP_CREATE, htonl(st->expect_create)) ||
3411             nla_put_be32(skb, CTA_STATS_EXP_DELETE, htonl(st->expect_delete)))
3412                 goto nla_put_failure;
3413
3414         nlmsg_end(skb, nlh);
3415         return skb->len;
3416
3417 nla_put_failure:
3418 nlmsg_failure:
3419         nlmsg_cancel(skb, nlh);
3420         return -1;
3421 }
3422
3423 static int
3424 ctnetlink_exp_stat_cpu_dump(struct sk_buff *skb, struct netlink_callback *cb)
3425 {
3426         int cpu;
3427         struct net *net = sock_net(skb->sk);
3428
3429         if (cb->args[0] == nr_cpu_ids)
3430                 return 0;
3431
3432         for (cpu = cb->args[0]; cpu < nr_cpu_ids; cpu++) {
3433                 const struct ip_conntrack_stat *st;
3434
3435                 if (!cpu_possible(cpu))
3436                         continue;
3437
3438                 st = per_cpu_ptr(net->ct.stat, cpu);
3439                 if (ctnetlink_exp_stat_fill_info(skb, NETLINK_CB(cb->skb).portid,
3440                                                  cb->nlh->nlmsg_seq,
3441                                                  cpu, st) < 0)
3442                         break;
3443         }
3444         cb->args[0] = cpu;
3445
3446         return skb->len;
3447 }
3448
3449 static int ctnetlink_stat_exp_cpu(struct net *net, struct sock *ctnl,
3450                                   struct sk_buff *skb,
3451                                   const struct nlmsghdr *nlh,
3452                                   const struct nlattr * const cda[],
3453                                   struct netlink_ext_ack *extack)
3454 {
3455         if (nlh->nlmsg_flags & NLM_F_DUMP) {
3456                 struct netlink_dump_control c = {
3457                         .dump = ctnetlink_exp_stat_cpu_dump,
3458                 };
3459                 return netlink_dump_start(ctnl, skb, nlh, &c);
3460         }
3461
3462         return 0;
3463 }
3464
3465 #ifdef CONFIG_NF_CONNTRACK_EVENTS
3466 static struct nf_ct_event_notifier ctnl_notifier = {
3467         .fcn = ctnetlink_conntrack_event,
3468 };
3469
3470 static struct nf_exp_event_notifier ctnl_notifier_exp = {
3471         .fcn = ctnetlink_expect_event,
3472 };
3473 #endif
3474
3475 static const struct nfnl_callback ctnl_cb[IPCTNL_MSG_MAX] = {
3476         [IPCTNL_MSG_CT_NEW]             = { .call = ctnetlink_new_conntrack,
3477                                             .attr_count = CTA_MAX,
3478                                             .policy = ct_nla_policy },
3479         [IPCTNL_MSG_CT_GET]             = { .call = ctnetlink_get_conntrack,
3480                                             .attr_count = CTA_MAX,
3481                                             .policy = ct_nla_policy },
3482         [IPCTNL_MSG_CT_DELETE]          = { .call = ctnetlink_del_conntrack,
3483                                             .attr_count = CTA_MAX,
3484                                             .policy = ct_nla_policy },
3485         [IPCTNL_MSG_CT_GET_CTRZERO]     = { .call = ctnetlink_get_conntrack,
3486                                             .attr_count = CTA_MAX,
3487                                             .policy = ct_nla_policy },
3488         [IPCTNL_MSG_CT_GET_STATS_CPU]   = { .call = ctnetlink_stat_ct_cpu },
3489         [IPCTNL_MSG_CT_GET_STATS]       = { .call = ctnetlink_stat_ct },
3490         [IPCTNL_MSG_CT_GET_DYING]       = { .call = ctnetlink_get_ct_dying },
3491         [IPCTNL_MSG_CT_GET_UNCONFIRMED] = { .call = ctnetlink_get_ct_unconfirmed },
3492 };
3493
3494 static const struct nfnl_callback ctnl_exp_cb[IPCTNL_MSG_EXP_MAX] = {
3495         [IPCTNL_MSG_EXP_GET]            = { .call = ctnetlink_get_expect,
3496                                             .attr_count = CTA_EXPECT_MAX,
3497                                             .policy = exp_nla_policy },
3498         [IPCTNL_MSG_EXP_NEW]            = { .call = ctnetlink_new_expect,
3499                                             .attr_count = CTA_EXPECT_MAX,
3500                                             .policy = exp_nla_policy },
3501         [IPCTNL_MSG_EXP_DELETE]         = { .call = ctnetlink_del_expect,
3502                                             .attr_count = CTA_EXPECT_MAX,
3503                                             .policy = exp_nla_policy },
3504         [IPCTNL_MSG_EXP_GET_STATS_CPU]  = { .call = ctnetlink_stat_exp_cpu },
3505 };
3506
3507 static const struct nfnetlink_subsystem ctnl_subsys = {
3508         .name                           = "conntrack",
3509         .subsys_id                      = NFNL_SUBSYS_CTNETLINK,
3510         .cb_count                       = IPCTNL_MSG_MAX,
3511         .cb                             = ctnl_cb,
3512 };
3513
3514 static const struct nfnetlink_subsystem ctnl_exp_subsys = {
3515         .name                           = "conntrack_expect",
3516         .subsys_id                      = NFNL_SUBSYS_CTNETLINK_EXP,
3517         .cb_count                       = IPCTNL_MSG_EXP_MAX,
3518         .cb                             = ctnl_exp_cb,
3519 };
3520
3521 MODULE_ALIAS("ip_conntrack_netlink");
3522 MODULE_ALIAS_NFNL_SUBSYS(NFNL_SUBSYS_CTNETLINK);
3523 MODULE_ALIAS_NFNL_SUBSYS(NFNL_SUBSYS_CTNETLINK_EXP);
3524
3525 static int __net_init ctnetlink_net_init(struct net *net)
3526 {
3527 #ifdef CONFIG_NF_CONNTRACK_EVENTS
3528         int ret;
3529
3530         ret = nf_conntrack_register_notifier(net, &ctnl_notifier);
3531         if (ret < 0) {
3532                 pr_err("ctnetlink_init: cannot register notifier.\n");
3533                 goto err_out;
3534         }
3535
3536         ret = nf_ct_expect_register_notifier(net, &ctnl_notifier_exp);
3537         if (ret < 0) {
3538                 pr_err("ctnetlink_init: cannot expect register notifier.\n");
3539                 goto err_unreg_notifier;
3540         }
3541 #endif
3542         return 0;
3543
3544 #ifdef CONFIG_NF_CONNTRACK_EVENTS
3545 err_unreg_notifier:
3546         nf_conntrack_unregister_notifier(net, &ctnl_notifier);
3547 err_out:
3548         return ret;
3549 #endif
3550 }
3551
3552 static void ctnetlink_net_exit(struct net *net)
3553 {
3554 #ifdef CONFIG_NF_CONNTRACK_EVENTS
3555         nf_ct_expect_unregister_notifier(net, &ctnl_notifier_exp);
3556         nf_conntrack_unregister_notifier(net, &ctnl_notifier);
3557 #endif
3558 }
3559
3560 static void __net_exit ctnetlink_net_exit_batch(struct list_head *net_exit_list)
3561 {
3562         struct net *net;
3563
3564         list_for_each_entry(net, net_exit_list, exit_list)
3565                 ctnetlink_net_exit(net);
3566 }
3567
3568 static struct pernet_operations ctnetlink_net_ops = {
3569         .init           = ctnetlink_net_init,
3570         .exit_batch     = ctnetlink_net_exit_batch,
3571 };
3572
3573 static int __init ctnetlink_init(void)
3574 {
3575         int ret;
3576
3577         ret = nfnetlink_subsys_register(&ctnl_subsys);
3578         if (ret < 0) {
3579                 pr_err("ctnetlink_init: cannot register with nfnetlink.\n");
3580                 goto err_out;
3581         }
3582
3583         ret = nfnetlink_subsys_register(&ctnl_exp_subsys);
3584         if (ret < 0) {
3585                 pr_err("ctnetlink_init: cannot register exp with nfnetlink.\n");
3586                 goto err_unreg_subsys;
3587         }
3588
3589         ret = register_pernet_subsys(&ctnetlink_net_ops);
3590         if (ret < 0) {
3591                 pr_err("ctnetlink_init: cannot register pernet operations\n");
3592                 goto err_unreg_exp_subsys;
3593         }
3594 #ifdef CONFIG_NETFILTER_NETLINK_GLUE_CT
3595         /* setup interaction between nf_queue and nf_conntrack_netlink. */
3596         RCU_INIT_POINTER(nfnl_ct_hook, &ctnetlink_glue_hook);
3597 #endif
3598         return 0;
3599
3600 err_unreg_exp_subsys:
3601         nfnetlink_subsys_unregister(&ctnl_exp_subsys);
3602 err_unreg_subsys:
3603         nfnetlink_subsys_unregister(&ctnl_subsys);
3604 err_out:
3605         return ret;
3606 }
3607
3608 static void __exit ctnetlink_exit(void)
3609 {
3610         unregister_pernet_subsys(&ctnetlink_net_ops);
3611         nfnetlink_subsys_unregister(&ctnl_exp_subsys);
3612         nfnetlink_subsys_unregister(&ctnl_subsys);
3613 #ifdef CONFIG_NETFILTER_NETLINK_GLUE_CT
3614         RCU_INIT_POINTER(nfnl_ct_hook, NULL);
3615 #endif
3616         synchronize_rcu();
3617 }
3618
3619 module_init(ctnetlink_init);
3620 module_exit(ctnetlink_exit);
Unnamed repository; edit this file 'description' to name the repository.