xfrm/compat: Add 32=>64-bit messages translator
Provide the user-to-kernel translator under XFRM_USER_COMPAT, that creates for 32-bit xfrm-user message a 64-bit translation. The translation is afterwards reused by xfrm_user code just as if userspace had sent 64-bit message. Signed-off-by: Dmitry Safonov <dima@arista.com> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
This commit is contained in:
Dmitry Safonov
committed by
Steffen Klassert
Steffen Klassert
parent
e11eb32de3
commit
5106f4a8ac
@@ -1019,7 +1019,6 @@ static int xfrm_dump_sa_done(struct netlink_callback *cb)
|
||||
return 0;
|
||||
}
|
||||
|
||||
static const struct nla_policy xfrma_policy[XFRMA_MAX+1];
|
||||
static int xfrm_dump_sa(struct sk_buff *skb, struct netlink_callback *cb)
|
||||
{
|
||||
struct net *net = sock_net(skb->sk);
|
||||
@@ -2610,7 +2609,7 @@ EXPORT_SYMBOL_GPL(xfrm_msg_min);
|
||||
|
||||
#undef XMSGSIZE
|
||||
|
||||
static const struct nla_policy xfrma_policy[XFRMA_MAX+1] = {
|
||||
const struct nla_policy xfrma_policy[XFRMA_MAX+1] = {
|
||||
[XFRMA_SA] = { .len = sizeof(struct xfrm_usersa_info)},
|
||||
[XFRMA_POLICY] = { .len = sizeof(struct xfrm_userpolicy_info)},
|
||||
[XFRMA_LASTUSED] = { .type = NLA_U64},
|
||||
@@ -2642,6 +2641,7 @@ static const struct nla_policy xfrma_policy[XFRMA_MAX+1] = {
|
||||
[XFRMA_SET_MARK_MASK] = { .type = NLA_U32 },
|
||||
[XFRMA_IF_ID] = { .type = NLA_U32 },
|
||||
};
|
||||
EXPORT_SYMBOL_GPL(xfrma_policy);
|
||||
|
||||
static const struct nla_policy xfrma_spd_policy[XFRMA_SPD_MAX+1] = {
|
||||
[XFRMA_SPD_IPV4_HTHRESH] = { .len = sizeof(struct xfrmu_spdhthresh) },
|
||||
@@ -2691,11 +2691,9 @@ static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh,
|
||||
struct net *net = sock_net(skb->sk);
|
||||
struct nlattr *attrs[XFRMA_MAX+1];
|
||||
const struct xfrm_link *link;
|
||||
struct nlmsghdr *nlh64 = NULL;
|
||||
int type, err;
|
||||
|
||||
if (in_compat_syscall())
|
||||
return -EOPNOTSUPP;
|
||||
|
||||
type = nlh->nlmsg_type;
|
||||
if (type > XFRM_MSG_MAX)
|
||||
return -EINVAL;
|
||||
@@ -2707,32 +2705,55 @@ static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh,
|
||||
if (!netlink_net_capable(skb, CAP_NET_ADMIN))
|
||||
return -EPERM;
|
||||
|
||||
if (in_compat_syscall()) {
|
||||
struct xfrm_translator *xtr = xfrm_get_translator();
|
||||
|
||||
if (!xtr)
|
||||
return -EOPNOTSUPP;
|
||||
|
||||
nlh64 = xtr->rcv_msg_compat(nlh, link->nla_max,
|
||||
link->nla_pol, extack);
|
||||
xfrm_put_translator(xtr);
|
||||
if (IS_ERR(nlh64))
|
||||
return PTR_ERR(nlh64);
|
||||
if (nlh64)
|
||||
nlh = nlh64;
|
||||
}
|
||||
|
||||
if ((type == (XFRM_MSG_GETSA - XFRM_MSG_BASE) ||
|
||||
type == (XFRM_MSG_GETPOLICY - XFRM_MSG_BASE)) &&
|
||||
(nlh->nlmsg_flags & NLM_F_DUMP)) {
|
||||
if (link->dump == NULL)
|
||||
return -EINVAL;
|
||||
struct netlink_dump_control c = {
|
||||
.start = link->start,
|
||||
.dump = link->dump,
|
||||
.done = link->done,
|
||||
};
|
||||
|
||||
{
|
||||
struct netlink_dump_control c = {
|
||||
.start = link->start,
|
||||
.dump = link->dump,
|
||||
.done = link->done,
|
||||
};
|
||||
return netlink_dump_start(net->xfrm.nlsk, skb, nlh, &c);
|
||||
if (link->dump == NULL) {
|
||||
err = -EINVAL;
|
||||
goto err;
|
||||
}
|
||||
|
||||
err = netlink_dump_start(net->xfrm.nlsk, skb, nlh, &c);
|
||||
goto err;
|
||||
}
|
||||
|
||||
err = nlmsg_parse_deprecated(nlh, xfrm_msg_min[type], attrs,
|
||||
link->nla_max ? : XFRMA_MAX,
|
||||
link->nla_pol ? : xfrma_policy, extack);
|
||||
if (err < 0)
|
||||
return err;
|
||||
goto err;
|
||||
|
||||
if (link->doit == NULL)
|
||||
return -EINVAL;
|
||||
if (link->doit == NULL) {
|
||||
err = -EINVAL;
|
||||
goto err;
|
||||
}
|
||||
|
||||
return link->doit(skb, nlh, attrs);
|
||||
err = link->doit(skb, nlh, attrs);
|
||||
|
||||
err:
|
||||
kvfree(nlh64);
|
||||
return err;
|
||||
}
|
||||
|
||||
static void xfrm_netlink_rcv(struct sk_buff *skb)
|
||||
|
||||
Reference in New Issue
Block a user