search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
mtd: spi-nor: Move Everspin bits out of core.c
[linux/fpc-iii.git] / net / netfilter / nfnetlink_osf.c
blob9f5dea0064ea86b52dbca0c1e127564be91a7cca
1 // SPDX-License-Identifier: GPL-2.0-only
2 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
3 #include <linux/module.h>
4 #include <linux/kernel.h>
5
6 #include <linux/capability.h>
7 #include <linux/if.h>
8 #include <linux/inetdevice.h>
9 #include <linux/ip.h>
10 #include <linux/list.h>
11 #include <linux/rculist.h>
12 #include <linux/skbuff.h>
13 #include <linux/slab.h>
14 #include <linux/tcp.h>
15
16 #include <net/ip.h>
17 #include <net/tcp.h>
18
19 #include <linux/netfilter/nfnetlink.h>
20 #include <linux/netfilter/x_tables.h>
21 #include <net/netfilter/nf_log.h>
22 #include <linux/netfilter/nfnetlink_osf.h>
23
24 /*
25 * Indexed by dont-fragment bit.
26 * It is the only constant value in the fingerprint.
27 */
28 struct list_head nf_osf_fingers[2];
29 EXPORT_SYMBOL_GPL(nf_osf_fingers);
30
31 static inline int nf_osf_ttl(const struct sk_buff *skb,
32 int ttl_check, unsigned char f_ttl)
33 {
34 struct in_device *in_dev = __in_dev_get_rcu(skb->dev);
35 const struct iphdr *ip = ip_hdr(skb);
36 const struct in_ifaddr *ifa;
37 int ret = 0;
38
39 if (ttl_check == NF_OSF_TTL_TRUE)
40 return ip->ttl == f_ttl;
41 if (ttl_check == NF_OSF_TTL_NOCHECK)
42 return 1;
43 else if (ip->ttl <= f_ttl)
44 return 1;
45
46 in_dev_for_each_ifa_rcu(ifa, in_dev) {
47 if (inet_ifa_match(ip->saddr, ifa)) {
48 ret = (ip->ttl == f_ttl);
49 break;
50 }
51 }
52
53 return ret;
54 }
55
56 struct nf_osf_hdr_ctx {
57 bool df;
58 u16 window;
59 u16 totlen;
60 const unsigned char *optp;
61 unsigned int optsize;
62 };
63
64 static bool nf_osf_match_one(const struct sk_buff *skb,
65 const struct nf_osf_user_finger *f,
66 int ttl_check,
67 struct nf_osf_hdr_ctx *ctx)
68 {
69 const __u8 *optpinit = ctx->optp;
70 unsigned int check_WSS = 0;
71 int fmatch = FMATCH_WRONG;
72 int foptsize, optnum;
73 u16 mss = 0;
74
75 if (ctx->totlen != f->ss || !nf_osf_ttl(skb, ttl_check, f->ttl))
76 return false;
77
78 /*
79 * Should not happen if userspace parser was written correctly.
80 */
81 if (f->wss.wc >= OSF_WSS_MAX)
82 return false;
83
84 /* Check options */
85
86 foptsize = 0;
87 for (optnum = 0; optnum < f->opt_num; ++optnum)
88 foptsize += f->opt[optnum].length;
89
90 if (foptsize > MAX_IPOPTLEN ||
91 ctx->optsize > MAX_IPOPTLEN ||
92 ctx->optsize != foptsize)
93 return false;
94
95 check_WSS = f->wss.wc;
96
97 for (optnum = 0; optnum < f->opt_num; ++optnum) {
98 if (f->opt[optnum].kind == *ctx->optp) {
99 __u32 len = f->opt[optnum].length;
100 const __u8 *optend = ctx->optp + len;
101
102 fmatch = FMATCH_OK;
103
104 switch (*ctx->optp) {
105 case OSFOPT_MSS:
106 mss = ctx->optp[3];
107 mss <<= 8;
108 mss |= ctx->optp[2];
109
110 mss = ntohs((__force __be16)mss);
111 break;
112 case OSFOPT_TS:
113 break;
114 }
115
116 ctx->optp = optend;
117 } else
118 fmatch = FMATCH_OPT_WRONG;
119
120 if (fmatch != FMATCH_OK)
121 break;
122 }
123
124 if (fmatch != FMATCH_OPT_WRONG) {
125 fmatch = FMATCH_WRONG;
126
127 switch (check_WSS) {
128 case OSF_WSS_PLAIN:
129 if (f->wss.val == 0 || ctx->window == f->wss.val)
130 fmatch = FMATCH_OK;
131 break;
132 case OSF_WSS_MSS:
133 /*
134 * Some smart modems decrease mangle MSS to
135 * SMART_MSS_2, so we check standard, decreased
136 * and the one provided in the fingerprint MSS
137 * values.
138 */
139 #define SMART_MSS_1 1460
140 #define SMART_MSS_2 1448
141 if (ctx->window == f->wss.val * mss ||
142 ctx->window == f->wss.val * SMART_MSS_1 ||
143 ctx->window == f->wss.val * SMART_MSS_2)
144 fmatch = FMATCH_OK;
145 break;
146 case OSF_WSS_MTU:
147 if (ctx->window == f->wss.val * (mss + 40) ||
148 ctx->window == f->wss.val * (SMART_MSS_1 + 40) ||
149 ctx->window == f->wss.val * (SMART_MSS_2 + 40))
150 fmatch = FMATCH_OK;
151 break;
152 case OSF_WSS_MODULO:
153 if ((ctx->window % f->wss.val) == 0)
154 fmatch = FMATCH_OK;
155 break;
156 }
157 }
158
159 if (fmatch != FMATCH_OK)
160 ctx->optp = optpinit;
161
162 return fmatch == FMATCH_OK;
163 }
164
165 static const struct tcphdr *nf_osf_hdr_ctx_init(struct nf_osf_hdr_ctx *ctx,
166 const struct sk_buff *skb,
167 const struct iphdr *ip,
168 unsigned char *opts)
169 {
170 const struct tcphdr *tcp;
171 struct tcphdr _tcph;
172
173 tcp = skb_header_pointer(skb, ip_hdrlen(skb), sizeof(struct tcphdr), &_tcph);
174 if (!tcp)
175 return NULL;
176
177 if (!tcp->syn)
178 return NULL;
179
180 ctx->totlen = ntohs(ip->tot_len);
181 ctx->df = ntohs(ip->frag_off) & IP_DF;
182 ctx->window = ntohs(tcp->window);
183
184 if (tcp->doff * 4 > sizeof(struct tcphdr)) {
185 ctx->optsize = tcp->doff * 4 - sizeof(struct tcphdr);
186
187 ctx->optp = skb_header_pointer(skb, ip_hdrlen(skb) +
188 sizeof(struct tcphdr), ctx->optsize, opts);
189 }
190
191 return tcp;
192 }
193
194 bool
195 nf_osf_match(const struct sk_buff *skb, u_int8_t family,
196 int hooknum, struct net_device *in, struct net_device *out,
197 const struct nf_osf_info *info, struct net *net,
198 const struct list_head *nf_osf_fingers)
199 {
200 const struct iphdr *ip = ip_hdr(skb);
201 const struct nf_osf_user_finger *f;
202 unsigned char opts[MAX_IPOPTLEN];
203 const struct nf_osf_finger *kf;
204 int fcount = 0, ttl_check;
205 int fmatch = FMATCH_WRONG;
206 struct nf_osf_hdr_ctx ctx;
207 const struct tcphdr *tcp;
208
209 memset(&ctx, 0, sizeof(ctx));
210
211 tcp = nf_osf_hdr_ctx_init(&ctx, skb, ip, opts);
212 if (!tcp)
213 return false;
214
215 ttl_check = (info->flags & NF_OSF_TTL) ? info->ttl : 0;
216
217 list_for_each_entry_rcu(kf, &nf_osf_fingers[ctx.df], finger_entry) {
218
219 f = &kf->finger;
220
221 if (!(info->flags & NF_OSF_LOG) && strcmp(info->genre, f->genre))
222 continue;
223
224 if (!nf_osf_match_one(skb, f, ttl_check, &ctx))
225 continue;
226
227 fmatch = FMATCH_OK;
228
229 fcount++;
230
231 if (info->flags & NF_OSF_LOG)
232 nf_log_packet(net, family, hooknum, skb,
233 in, out, NULL,
234 "%s [%s:%s] : %pI4:%d -> %pI4:%d hops=%d\n",
235 f->genre, f->version, f->subtype,
236 &ip->saddr, ntohs(tcp->source),
237 &ip->daddr, ntohs(tcp->dest),
238 f->ttl - ip->ttl);
239
240 if ((info->flags & NF_OSF_LOG) &&
241 info->loglevel == NF_OSF_LOGLEVEL_FIRST)
242 break;
243 }
244
245 if (!fcount && (info->flags & NF_OSF_LOG))
246 nf_log_packet(net, family, hooknum, skb, in, out, NULL,
247 "Remote OS is not known: %pI4:%u -> %pI4:%u\n",
248 &ip->saddr, ntohs(tcp->source),
249 &ip->daddr, ntohs(tcp->dest));
250
251 if (fcount)
252 fmatch = FMATCH_OK;
253
254 return fmatch == FMATCH_OK;
255 }
256 EXPORT_SYMBOL_GPL(nf_osf_match);
257
258 bool nf_osf_find(const struct sk_buff *skb,
259 const struct list_head *nf_osf_fingers,
260 const int ttl_check, struct nf_osf_data *data)
261 {
262 const struct iphdr *ip = ip_hdr(skb);
263 const struct nf_osf_user_finger *f;
264 unsigned char opts[MAX_IPOPTLEN];
265 const struct nf_osf_finger *kf;
266 struct nf_osf_hdr_ctx ctx;
267 const struct tcphdr *tcp;
268
269 memset(&ctx, 0, sizeof(ctx));
270
271 tcp = nf_osf_hdr_ctx_init(&ctx, skb, ip, opts);
272 if (!tcp)
273 return false;
274
275 list_for_each_entry_rcu(kf, &nf_osf_fingers[ctx.df], finger_entry) {
276 f = &kf->finger;
277 if (!nf_osf_match_one(skb, f, ttl_check, &ctx))
278 continue;
279
280 data->genre = f->genre;
281 data->version = f->version;
282 break;
283 }
284
285 return true;
286 }
287 EXPORT_SYMBOL_GPL(nf_osf_find);
288
289 static const struct nla_policy nfnl_osf_policy[OSF_ATTR_MAX + 1] = {
290 [OSF_ATTR_FINGER] = { .len = sizeof(struct nf_osf_user_finger) },
291 };
292
293 static int nfnl_osf_add_callback(struct net *net, struct sock *ctnl,
294 struct sk_buff *skb, const struct nlmsghdr *nlh,
295 const struct nlattr * const osf_attrs[],
296 struct netlink_ext_ack *extack)
297 {
298 struct nf_osf_user_finger *f;
299 struct nf_osf_finger *kf = NULL, *sf;
300 int err = 0;
301
302 if (!capable(CAP_NET_ADMIN))
303 return -EPERM;
304
305 if (!osf_attrs[OSF_ATTR_FINGER])
306 return -EINVAL;
307
308 if (!(nlh->nlmsg_flags & NLM_F_CREATE))
309 return -EINVAL;
310
311 f = nla_data(osf_attrs[OSF_ATTR_FINGER]);
312
313 kf = kmalloc(sizeof(struct nf_osf_finger), GFP_KERNEL);
314 if (!kf)
315 return -ENOMEM;
316
317 memcpy(&kf->finger, f, sizeof(struct nf_osf_user_finger));
318
319 list_for_each_entry(sf, &nf_osf_fingers[!!f->df], finger_entry) {
320 if (memcmp(&sf->finger, f, sizeof(struct nf_osf_user_finger)))
321 continue;
322
323 kfree(kf);
324 kf = NULL;
325
326 if (nlh->nlmsg_flags & NLM_F_EXCL)
327 err = -EEXIST;
328 break;
329 }
330
331 /*
332 * We are protected by nfnl mutex.
333 */
334 if (kf)
335 list_add_tail_rcu(&kf->finger_entry, &nf_osf_fingers[!!f->df]);
336
337 return err;
338 }
339
340 static int nfnl_osf_remove_callback(struct net *net, struct sock *ctnl,
341 struct sk_buff *skb,
342 const struct nlmsghdr *nlh,
343 const struct nlattr * const osf_attrs[],
344 struct netlink_ext_ack *extack)
345 {
346 struct nf_osf_user_finger *f;
347 struct nf_osf_finger *sf;
348 int err = -ENOENT;
349
350 if (!capable(CAP_NET_ADMIN))
351 return -EPERM;
352
353 if (!osf_attrs[OSF_ATTR_FINGER])
354 return -EINVAL;
355
356 f = nla_data(osf_attrs[OSF_ATTR_FINGER]);
357
358 list_for_each_entry(sf, &nf_osf_fingers[!!f->df], finger_entry) {
359 if (memcmp(&sf->finger, f, sizeof(struct nf_osf_user_finger)))
360 continue;
361
362 /*
363 * We are protected by nfnl mutex.
364 */
365 list_del_rcu(&sf->finger_entry);
366 kfree_rcu(sf, rcu_head);
367
368 err = 0;
369 break;
370 }
371
372 return err;
373 }
374
375 static const struct nfnl_callback nfnl_osf_callbacks[OSF_MSG_MAX] = {
376 [OSF_MSG_ADD] = {
377 .call = nfnl_osf_add_callback,
378 .attr_count = OSF_ATTR_MAX,
379 .policy = nfnl_osf_policy,
380 },
381 [OSF_MSG_REMOVE] = {
382 .call = nfnl_osf_remove_callback,
383 .attr_count = OSF_ATTR_MAX,
384 .policy = nfnl_osf_policy,
385 },
386 };
387
388 static const struct nfnetlink_subsystem nfnl_osf_subsys = {
389 .name = "osf",
390 .subsys_id = NFNL_SUBSYS_OSF,
391 .cb_count = OSF_MSG_MAX,
392 .cb = nfnl_osf_callbacks,
393 };
394
395 static int __init nfnl_osf_init(void)
396 {
397 int err = -EINVAL;
398 int i;
399
400 for (i = 0; i < ARRAY_SIZE(nf_osf_fingers); ++i)
401 INIT_LIST_HEAD(&nf_osf_fingers[i]);
402
403 err = nfnetlink_subsys_register(&nfnl_osf_subsys);
404 if (err < 0) {
405 pr_err("Failed to register OSF nsfnetlink helper (%d)\n", err);
406 goto err_out_exit;
407 }
408 return 0;
409
410 err_out_exit:
411 return err;
412 }
413
414 static void __exit nfnl_osf_fini(void)
415 {
416 struct nf_osf_finger *f;
417 int i;
418
419 nfnetlink_subsys_unregister(&nfnl_osf_subsys);
420
421 rcu_read_lock();
422 for (i = 0; i < ARRAY_SIZE(nf_osf_fingers); ++i) {
423 list_for_each_entry_rcu(f, &nf_osf_fingers[i], finger_entry) {
424 list_del_rcu(&f->finger_entry);
425 kfree_rcu(f, rcu_head);
426 }
427 }
428 rcu_read_unlock();
429
430 rcu_barrier();
431 }
432
433 module_init(nfnl_osf_init);
434 module_exit(nfnl_osf_fini);
435
436 MODULE_LICENSE("GPL");
Linux with added FPC-III support