Avoid reading past buffer when calling GETACL
[zen-stable.git] / net / nfc / netlink.c
blob6989dfa28ee21d585d0f91fe8274e493a5f73c36
1 /*
2 * Copyright (C) 2011 Instituto Nokia de Tecnologia
4 * Authors:
5 * Lauro Ramos Venancio <lauro.venancio@openbossa.org>
6 * Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the
20 * Free Software Foundation, Inc.,
21 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
24 #define pr_fmt(fmt) KBUILD_MODNAME ": %s: " fmt, __func__
26 #include <net/genetlink.h>
27 #include <linux/nfc.h>
28 #include <linux/slab.h>
30 #include "nfc.h"
32 static struct genl_multicast_group nfc_genl_event_mcgrp = {
33 .name = NFC_GENL_MCAST_EVENT_NAME,
36 struct genl_family nfc_genl_family = {
37 .id = GENL_ID_GENERATE,
38 .hdrsize = 0,
39 .name = NFC_GENL_NAME,
40 .version = NFC_GENL_VERSION,
41 .maxattr = NFC_ATTR_MAX,
44 static const struct nla_policy nfc_genl_policy[NFC_ATTR_MAX + 1] = {
45 [NFC_ATTR_DEVICE_INDEX] = { .type = NLA_U32 },
46 [NFC_ATTR_DEVICE_NAME] = { .type = NLA_STRING,
47 .len = NFC_DEVICE_NAME_MAXSIZE },
48 [NFC_ATTR_PROTOCOLS] = { .type = NLA_U32 },
49 [NFC_ATTR_COMM_MODE] = { .type = NLA_U8 },
50 [NFC_ATTR_RF_MODE] = { .type = NLA_U8 },
53 static int nfc_genl_send_target(struct sk_buff *msg, struct nfc_target *target,
54 struct netlink_callback *cb, int flags)
56 void *hdr;
58 hdr = genlmsg_put(msg, NETLINK_CB(cb->skb).pid, cb->nlh->nlmsg_seq,
59 &nfc_genl_family, flags, NFC_CMD_GET_TARGET);
60 if (!hdr)
61 return -EMSGSIZE;
63 genl_dump_check_consistent(cb, hdr, &nfc_genl_family);
65 NLA_PUT_U32(msg, NFC_ATTR_TARGET_INDEX, target->idx);
66 NLA_PUT_U32(msg, NFC_ATTR_PROTOCOLS,
67 target->supported_protocols);
68 NLA_PUT_U16(msg, NFC_ATTR_TARGET_SENS_RES, target->sens_res);
69 NLA_PUT_U8(msg, NFC_ATTR_TARGET_SEL_RES, target->sel_res);
70 if (target->nfcid1_len > 0)
71 NLA_PUT(msg, NFC_ATTR_TARGET_NFCID1, target->nfcid1_len,
72 target->nfcid1);
74 return genlmsg_end(msg, hdr);
76 nla_put_failure:
77 genlmsg_cancel(msg, hdr);
78 return -EMSGSIZE;
81 static struct nfc_dev *__get_device_from_cb(struct netlink_callback *cb)
83 struct nfc_dev *dev;
84 int rc;
85 u32 idx;
87 rc = nlmsg_parse(cb->nlh, GENL_HDRLEN + nfc_genl_family.hdrsize,
88 nfc_genl_family.attrbuf,
89 nfc_genl_family.maxattr,
90 nfc_genl_policy);
91 if (rc < 0)
92 return ERR_PTR(rc);
94 if (!nfc_genl_family.attrbuf[NFC_ATTR_DEVICE_INDEX])
95 return ERR_PTR(-EINVAL);
97 idx = nla_get_u32(nfc_genl_family.attrbuf[NFC_ATTR_DEVICE_INDEX]);
99 dev = nfc_get_device(idx);
100 if (!dev)
101 return ERR_PTR(-ENODEV);
103 return dev;
106 static int nfc_genl_dump_targets(struct sk_buff *skb,
107 struct netlink_callback *cb)
109 int i = cb->args[0];
110 struct nfc_dev *dev = (struct nfc_dev *) cb->args[1];
111 int rc;
113 if (!dev) {
114 dev = __get_device_from_cb(cb);
115 if (IS_ERR(dev))
116 return PTR_ERR(dev);
118 cb->args[1] = (long) dev;
121 spin_lock_bh(&dev->targets_lock);
123 cb->seq = dev->targets_generation;
125 while (i < dev->n_targets) {
126 rc = nfc_genl_send_target(skb, &dev->targets[i], cb,
127 NLM_F_MULTI);
128 if (rc < 0)
129 break;
131 i++;
134 spin_unlock_bh(&dev->targets_lock);
136 cb->args[0] = i;
138 return skb->len;
141 static int nfc_genl_dump_targets_done(struct netlink_callback *cb)
143 struct nfc_dev *dev = (struct nfc_dev *) cb->args[1];
145 if (dev)
146 nfc_put_device(dev);
148 return 0;
151 int nfc_genl_targets_found(struct nfc_dev *dev)
153 struct sk_buff *msg;
154 void *hdr;
156 dev->genl_data.poll_req_pid = 0;
158 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_ATOMIC);
159 if (!msg)
160 return -ENOMEM;
162 hdr = genlmsg_put(msg, 0, 0, &nfc_genl_family, 0,
163 NFC_EVENT_TARGETS_FOUND);
164 if (!hdr)
165 goto free_msg;
167 NLA_PUT_U32(msg, NFC_ATTR_DEVICE_INDEX, dev->idx);
169 genlmsg_end(msg, hdr);
171 return genlmsg_multicast(msg, 0, nfc_genl_event_mcgrp.id, GFP_ATOMIC);
173 nla_put_failure:
174 genlmsg_cancel(msg, hdr);
175 free_msg:
176 nlmsg_free(msg);
177 return -EMSGSIZE;
180 int nfc_genl_device_added(struct nfc_dev *dev)
182 struct sk_buff *msg;
183 void *hdr;
185 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
186 if (!msg)
187 return -ENOMEM;
189 hdr = genlmsg_put(msg, 0, 0, &nfc_genl_family, 0,
190 NFC_EVENT_DEVICE_ADDED);
191 if (!hdr)
192 goto free_msg;
194 NLA_PUT_STRING(msg, NFC_ATTR_DEVICE_NAME, nfc_device_name(dev));
195 NLA_PUT_U32(msg, NFC_ATTR_DEVICE_INDEX, dev->idx);
196 NLA_PUT_U32(msg, NFC_ATTR_PROTOCOLS, dev->supported_protocols);
198 genlmsg_end(msg, hdr);
200 genlmsg_multicast(msg, 0, nfc_genl_event_mcgrp.id, GFP_KERNEL);
202 return 0;
204 nla_put_failure:
205 genlmsg_cancel(msg, hdr);
206 free_msg:
207 nlmsg_free(msg);
208 return -EMSGSIZE;
211 int nfc_genl_device_removed(struct nfc_dev *dev)
213 struct sk_buff *msg;
214 void *hdr;
216 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
217 if (!msg)
218 return -ENOMEM;
220 hdr = genlmsg_put(msg, 0, 0, &nfc_genl_family, 0,
221 NFC_EVENT_DEVICE_REMOVED);
222 if (!hdr)
223 goto free_msg;
225 NLA_PUT_U32(msg, NFC_ATTR_DEVICE_INDEX, dev->idx);
227 genlmsg_end(msg, hdr);
229 genlmsg_multicast(msg, 0, nfc_genl_event_mcgrp.id, GFP_KERNEL);
231 return 0;
233 nla_put_failure:
234 genlmsg_cancel(msg, hdr);
235 free_msg:
236 nlmsg_free(msg);
237 return -EMSGSIZE;
240 static int nfc_genl_send_device(struct sk_buff *msg, struct nfc_dev *dev,
241 u32 pid, u32 seq,
242 struct netlink_callback *cb,
243 int flags)
245 void *hdr;
247 hdr = genlmsg_put(msg, pid, seq, &nfc_genl_family, flags,
248 NFC_CMD_GET_DEVICE);
249 if (!hdr)
250 return -EMSGSIZE;
252 if (cb)
253 genl_dump_check_consistent(cb, hdr, &nfc_genl_family);
255 NLA_PUT_STRING(msg, NFC_ATTR_DEVICE_NAME, nfc_device_name(dev));
256 NLA_PUT_U32(msg, NFC_ATTR_DEVICE_INDEX, dev->idx);
257 NLA_PUT_U32(msg, NFC_ATTR_PROTOCOLS, dev->supported_protocols);
259 return genlmsg_end(msg, hdr);
261 nla_put_failure:
262 genlmsg_cancel(msg, hdr);
263 return -EMSGSIZE;
266 static int nfc_genl_dump_devices(struct sk_buff *skb,
267 struct netlink_callback *cb)
269 struct class_dev_iter *iter = (struct class_dev_iter *) cb->args[0];
270 struct nfc_dev *dev = (struct nfc_dev *) cb->args[1];
271 bool first_call = false;
273 if (!iter) {
274 first_call = true;
275 iter = kmalloc(sizeof(struct class_dev_iter), GFP_KERNEL);
276 if (!iter)
277 return -ENOMEM;
278 cb->args[0] = (long) iter;
281 mutex_lock(&nfc_devlist_mutex);
283 cb->seq = nfc_devlist_generation;
285 if (first_call) {
286 nfc_device_iter_init(iter);
287 dev = nfc_device_iter_next(iter);
290 while (dev) {
291 int rc;
293 rc = nfc_genl_send_device(skb, dev, NETLINK_CB(cb->skb).pid,
294 cb->nlh->nlmsg_seq,
295 cb, NLM_F_MULTI);
296 if (rc < 0)
297 break;
299 dev = nfc_device_iter_next(iter);
302 mutex_unlock(&nfc_devlist_mutex);
304 cb->args[1] = (long) dev;
306 return skb->len;
309 static int nfc_genl_dump_devices_done(struct netlink_callback *cb)
311 struct class_dev_iter *iter = (struct class_dev_iter *) cb->args[0];
313 nfc_device_iter_exit(iter);
314 kfree(iter);
316 return 0;
319 int nfc_genl_dep_link_up_event(struct nfc_dev *dev, u32 target_idx,
320 u8 comm_mode, u8 rf_mode)
322 struct sk_buff *msg;
323 void *hdr;
325 pr_debug("DEP link is up\n");
327 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_ATOMIC);
328 if (!msg)
329 return -ENOMEM;
331 hdr = genlmsg_put(msg, 0, 0, &nfc_genl_family, 0,
332 NFC_CMD_DEP_LINK_UP);
333 if (!hdr)
334 goto free_msg;
336 NLA_PUT_U32(msg, NFC_ATTR_DEVICE_INDEX, dev->idx);
337 if (rf_mode == NFC_RF_INITIATOR)
338 NLA_PUT_U32(msg, NFC_ATTR_TARGET_INDEX, target_idx);
339 NLA_PUT_U8(msg, NFC_ATTR_COMM_MODE, comm_mode);
340 NLA_PUT_U8(msg, NFC_ATTR_RF_MODE, rf_mode);
342 genlmsg_end(msg, hdr);
344 dev->dep_link_up = true;
346 genlmsg_multicast(msg, 0, nfc_genl_event_mcgrp.id, GFP_ATOMIC);
348 return 0;
350 nla_put_failure:
351 genlmsg_cancel(msg, hdr);
352 free_msg:
353 nlmsg_free(msg);
354 return -EMSGSIZE;
357 int nfc_genl_dep_link_down_event(struct nfc_dev *dev)
359 struct sk_buff *msg;
360 void *hdr;
362 pr_debug("DEP link is down\n");
364 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_ATOMIC);
365 if (!msg)
366 return -ENOMEM;
368 hdr = genlmsg_put(msg, 0, 0, &nfc_genl_family, 0,
369 NFC_CMD_DEP_LINK_DOWN);
370 if (!hdr)
371 goto free_msg;
373 NLA_PUT_U32(msg, NFC_ATTR_DEVICE_INDEX, dev->idx);
375 genlmsg_end(msg, hdr);
377 genlmsg_multicast(msg, 0, nfc_genl_event_mcgrp.id, GFP_ATOMIC);
379 return 0;
381 nla_put_failure:
382 genlmsg_cancel(msg, hdr);
383 free_msg:
384 nlmsg_free(msg);
385 return -EMSGSIZE;
388 static int nfc_genl_get_device(struct sk_buff *skb, struct genl_info *info)
390 struct sk_buff *msg;
391 struct nfc_dev *dev;
392 u32 idx;
393 int rc = -ENOBUFS;
395 if (!info->attrs[NFC_ATTR_DEVICE_INDEX])
396 return -EINVAL;
398 idx = nla_get_u32(info->attrs[NFC_ATTR_DEVICE_INDEX]);
400 dev = nfc_get_device(idx);
401 if (!dev)
402 return -ENODEV;
404 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
405 if (!msg) {
406 rc = -ENOMEM;
407 goto out_putdev;
410 rc = nfc_genl_send_device(msg, dev, info->snd_pid, info->snd_seq,
411 NULL, 0);
412 if (rc < 0)
413 goto out_free;
415 nfc_put_device(dev);
417 return genlmsg_reply(msg, info);
419 out_free:
420 nlmsg_free(msg);
421 out_putdev:
422 nfc_put_device(dev);
423 return rc;
426 static int nfc_genl_dev_up(struct sk_buff *skb, struct genl_info *info)
428 struct nfc_dev *dev;
429 int rc;
430 u32 idx;
432 if (!info->attrs[NFC_ATTR_DEVICE_INDEX])
433 return -EINVAL;
435 idx = nla_get_u32(info->attrs[NFC_ATTR_DEVICE_INDEX]);
437 dev = nfc_get_device(idx);
438 if (!dev)
439 return -ENODEV;
441 rc = nfc_dev_up(dev);
443 nfc_put_device(dev);
444 return rc;
447 static int nfc_genl_dev_down(struct sk_buff *skb, struct genl_info *info)
449 struct nfc_dev *dev;
450 int rc;
451 u32 idx;
453 if (!info->attrs[NFC_ATTR_DEVICE_INDEX])
454 return -EINVAL;
456 idx = nla_get_u32(info->attrs[NFC_ATTR_DEVICE_INDEX]);
458 dev = nfc_get_device(idx);
459 if (!dev)
460 return -ENODEV;
462 rc = nfc_dev_down(dev);
464 nfc_put_device(dev);
465 return rc;
468 static int nfc_genl_start_poll(struct sk_buff *skb, struct genl_info *info)
470 struct nfc_dev *dev;
471 int rc;
472 u32 idx;
473 u32 protocols;
475 pr_debug("Poll start\n");
477 if (!info->attrs[NFC_ATTR_DEVICE_INDEX] ||
478 !info->attrs[NFC_ATTR_PROTOCOLS])
479 return -EINVAL;
481 idx = nla_get_u32(info->attrs[NFC_ATTR_DEVICE_INDEX]);
482 protocols = nla_get_u32(info->attrs[NFC_ATTR_PROTOCOLS]);
484 dev = nfc_get_device(idx);
485 if (!dev)
486 return -ENODEV;
488 mutex_lock(&dev->genl_data.genl_data_mutex);
490 rc = nfc_start_poll(dev, protocols);
491 if (!rc)
492 dev->genl_data.poll_req_pid = info->snd_pid;
494 mutex_unlock(&dev->genl_data.genl_data_mutex);
496 nfc_put_device(dev);
497 return rc;
500 static int nfc_genl_stop_poll(struct sk_buff *skb, struct genl_info *info)
502 struct nfc_dev *dev;
503 int rc;
504 u32 idx;
506 if (!info->attrs[NFC_ATTR_DEVICE_INDEX])
507 return -EINVAL;
509 idx = nla_get_u32(info->attrs[NFC_ATTR_DEVICE_INDEX]);
511 dev = nfc_get_device(idx);
512 if (!dev)
513 return -ENODEV;
515 mutex_lock(&dev->genl_data.genl_data_mutex);
517 if (dev->genl_data.poll_req_pid != info->snd_pid) {
518 rc = -EBUSY;
519 goto out;
522 rc = nfc_stop_poll(dev);
523 dev->genl_data.poll_req_pid = 0;
525 out:
526 mutex_unlock(&dev->genl_data.genl_data_mutex);
527 nfc_put_device(dev);
528 return rc;
531 static int nfc_genl_dep_link_up(struct sk_buff *skb, struct genl_info *info)
533 struct nfc_dev *dev;
534 int rc, tgt_idx;
535 u32 idx;
536 u8 comm, rf;
538 pr_debug("DEP link up\n");
540 if (!info->attrs[NFC_ATTR_DEVICE_INDEX] ||
541 !info->attrs[NFC_ATTR_COMM_MODE] ||
542 !info->attrs[NFC_ATTR_RF_MODE])
543 return -EINVAL;
545 idx = nla_get_u32(info->attrs[NFC_ATTR_DEVICE_INDEX]);
546 if (!info->attrs[NFC_ATTR_TARGET_INDEX])
547 tgt_idx = NFC_TARGET_IDX_ANY;
548 else
549 tgt_idx = nla_get_u32(info->attrs[NFC_ATTR_TARGET_INDEX]);
551 comm = nla_get_u8(info->attrs[NFC_ATTR_COMM_MODE]);
552 rf = nla_get_u8(info->attrs[NFC_ATTR_RF_MODE]);
554 if (comm != NFC_COMM_ACTIVE && comm != NFC_COMM_PASSIVE)
555 return -EINVAL;
557 if (rf != NFC_RF_INITIATOR && comm != NFC_RF_TARGET)
558 return -EINVAL;
560 dev = nfc_get_device(idx);
561 if (!dev)
562 return -ENODEV;
564 rc = nfc_dep_link_up(dev, tgt_idx, comm, rf);
566 nfc_put_device(dev);
568 return rc;
571 static int nfc_genl_dep_link_down(struct sk_buff *skb, struct genl_info *info)
573 struct nfc_dev *dev;
574 int rc;
575 u32 idx;
577 if (!info->attrs[NFC_ATTR_DEVICE_INDEX])
578 return -EINVAL;
580 idx = nla_get_u32(info->attrs[NFC_ATTR_DEVICE_INDEX]);
582 dev = nfc_get_device(idx);
583 if (!dev)
584 return -ENODEV;
586 rc = nfc_dep_link_down(dev);
588 nfc_put_device(dev);
589 return rc;
592 static struct genl_ops nfc_genl_ops[] = {
594 .cmd = NFC_CMD_GET_DEVICE,
595 .doit = nfc_genl_get_device,
596 .dumpit = nfc_genl_dump_devices,
597 .done = nfc_genl_dump_devices_done,
598 .policy = nfc_genl_policy,
601 .cmd = NFC_CMD_DEV_UP,
602 .doit = nfc_genl_dev_up,
603 .policy = nfc_genl_policy,
606 .cmd = NFC_CMD_DEV_DOWN,
607 .doit = nfc_genl_dev_down,
608 .policy = nfc_genl_policy,
611 .cmd = NFC_CMD_START_POLL,
612 .doit = nfc_genl_start_poll,
613 .policy = nfc_genl_policy,
616 .cmd = NFC_CMD_STOP_POLL,
617 .doit = nfc_genl_stop_poll,
618 .policy = nfc_genl_policy,
621 .cmd = NFC_CMD_DEP_LINK_UP,
622 .doit = nfc_genl_dep_link_up,
623 .policy = nfc_genl_policy,
626 .cmd = NFC_CMD_DEP_LINK_DOWN,
627 .doit = nfc_genl_dep_link_down,
628 .policy = nfc_genl_policy,
631 .cmd = NFC_CMD_GET_TARGET,
632 .dumpit = nfc_genl_dump_targets,
633 .done = nfc_genl_dump_targets_done,
634 .policy = nfc_genl_policy,
638 static int nfc_genl_rcv_nl_event(struct notifier_block *this,
639 unsigned long event, void *ptr)
641 struct netlink_notify *n = ptr;
642 struct class_dev_iter iter;
643 struct nfc_dev *dev;
645 if (event != NETLINK_URELEASE || n->protocol != NETLINK_GENERIC)
646 goto out;
648 pr_debug("NETLINK_URELEASE event from id %d\n", n->pid);
650 nfc_device_iter_init(&iter);
651 dev = nfc_device_iter_next(&iter);
653 while (dev) {
654 if (dev->genl_data.poll_req_pid == n->pid) {
655 nfc_stop_poll(dev);
656 dev->genl_data.poll_req_pid = 0;
658 dev = nfc_device_iter_next(&iter);
661 nfc_device_iter_exit(&iter);
663 out:
664 return NOTIFY_DONE;
667 void nfc_genl_data_init(struct nfc_genl_data *genl_data)
669 genl_data->poll_req_pid = 0;
670 mutex_init(&genl_data->genl_data_mutex);
673 void nfc_genl_data_exit(struct nfc_genl_data *genl_data)
675 mutex_destroy(&genl_data->genl_data_mutex);
678 static struct notifier_block nl_notifier = {
679 .notifier_call = nfc_genl_rcv_nl_event,
683 * nfc_genl_init() - Initialize netlink interface
685 * This initialization function registers the nfc netlink family.
687 int __init nfc_genl_init(void)
689 int rc;
691 rc = genl_register_family_with_ops(&nfc_genl_family, nfc_genl_ops,
692 ARRAY_SIZE(nfc_genl_ops));
693 if (rc)
694 return rc;
696 rc = genl_register_mc_group(&nfc_genl_family, &nfc_genl_event_mcgrp);
698 netlink_register_notifier(&nl_notifier);
700 return rc;
704 * nfc_genl_exit() - Deinitialize netlink interface
706 * This exit function unregisters the nfc netlink family.
708 void nfc_genl_exit(void)
710 netlink_unregister_notifier(&nl_notifier);
711 genl_unregister_family(&nfc_genl_family);