Home | History | Annotate | Download | only in linux 
      1 # Copyright 2017 syzkaller project authors. All rights reserved.
      2 # Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
      3 
      4 # AF_NETLINK support.
      5 
      6 include <linux/net.h>
      7 include <uapi/linux/netlink.h>
      8 include <uapi/linux/rtnetlink.h>
      9 
     10 resource sock_netlink[sock]
     11 type netlink_seq int32[7388453:7388461]
     12 type netlink_port_id int32[635427835:635427839]
     13 
     14 socket$netlink(domain const[AF_NETLINK], type const[SOCK_RAW], proto flags[netlink_proto]) sock_netlink
     15 bind$netlink(fd sock_netlink, addr ptr[in, sockaddr_nl_proc], addrlen len[addr])
     16 connect$netlink(fd sock_netlink, addr ptr[in, sockaddr_nl], addrlen len[addr])
     17 getsockname$netlink(fd sock_netlink, addr ptr[out, sockaddr_nl_unspec], addrlen ptr[inout, len[addr, int32]])
     18 getpeername$netlink(fd sock_netlink, peer ptr[out, sockaddr_nl_unspec], peerlen ptr[inout, len[peer, int32]])
     19 sendmsg$netlink(fd sock_netlink, msg ptr[in, msghdr_netlink_generic], f flags[send_flags])
     20 setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_ADD_MEMBERSHIP], arg ptr[in, int32[0:31]], arglen len[arg])
     21 setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_DROP_MEMBERSHIP], arg ptr[in, int32[0:31]], arglen len[arg])
     22 setsockopt$netlink_NETLINK_PKTINFO(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_PKTINFO], arg ptr[in, int32], arglen len[arg])
     23 setsockopt$netlink_NETLINK_BROADCAST_ERROR(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_BROADCAST_ERROR], arg ptr[in, int32], arglen len[arg])
     24 setsockopt$netlink_NETLINK_NO_ENOBUFS(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_NO_ENOBUFS], arg ptr[in, int32], arglen len[arg])
     25 setsockopt$netlink_NETLINK_RX_RING(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_RX_RING], arg ptr[in, nl_mmap_req], arglen len[arg])
     26 setsockopt$netlink_NETLINK_TX_RING(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_TX_RING], arg ptr[in, nl_mmap_req], arglen len[arg])
     27 setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_LISTEN_ALL_NSID], arg ptr[in, int32], arglen len[arg])
     28 setsockopt$netlink_NETLINK_CAP_ACK(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_CAP_ACK], arg ptr[in, int32], arglen len[arg])
     29 getsockopt$netlink(fd sock_netlink, level const[SOL_NETLINK], opt flags[netlink_sockopts], arg buffer[out], arglen ptr[inout, len[arg, int32]])
     30 
     31 netlink_proto = NETLINK_ROUTE, NETLINK_UNUSED, NETLINK_USERSOCK, NETLINK_FIREWALL, NETLINK_SOCK_DIAG, NETLINK_NFLOG, NETLINK_XFRM, NETLINK_SELINUX, NETLINK_ISCSI, NETLINK_AUDIT, NETLINK_FIB_LOOKUP, NETLINK_CONNECTOR, NETLINK_NETFILTER, NETLINK_IP6_FW, NETLINK_DNRTMSG, NETLINK_KOBJECT_UEVENT, NETLINK_GENERIC, NETLINK_SCSITRANSPORT, NETLINK_ECRYPTFS, NETLINK_RDMA, NETLINK_CRYPTO, NETLINK_INET_DIAG, NETLINK_SMC
     32 netlink_sockopts = NETLINK_ADD_MEMBERSHIP, NETLINK_DROP_MEMBERSHIP, NETLINK_PKTINFO, NETLINK_BROADCAST_ERROR, NETLINK_NO_ENOBUFS, NETLINK_RX_RING, NETLINK_TX_RING, NETLINK_LISTEN_ALL_NSID, NETLINK_LIST_MEMBERSHIPS, NETLINK_CAP_ACK
     33 netlink_msg_flags = NLM_F_REQUEST, NLM_F_MULTI, NLM_F_ACK, NLM_F_ECHO, NLM_F_DUMP_INTR, NLM_F_DUMP_FILTERED, NLM_F_ROOT, NLM_F_MATCH, NLM_F_ATOMIC, NLM_F_DUMP, NLM_F_REPLACE, NLM_F_EXCL, NLM_F_CREATE, NLM_F_APPEND
     34 netlink_group_bitmap = 0x0, 0x1, 0x2, 0x4, 0x8, 0x10, 0x20, 0x40, 0x80, 0x100, 0x200, 0x400, 0x800, 0x1000, 0x2000, 0x4000, 0x8000, 0x10000, 0x20000, 0x40000, 0x80000, 0x100000, 0x200000, 0x400000, 0x800000, 0x1000000, 0x2000000, 0x4000000, 0x8000000, 0x10000000, 0x20000000, 0x40000000, 0x80000000
     35 
     36 sockaddr_nl [
     37 	kern	sockaddr_nl_kern
     38 	proc	sockaddr_nl_proc
     39 	unspec	sockaddr_nl_unspec
     40 ]
     41 
     42 sockaddr_nl_send [
     43 	kern	sockaddr_nl_kern
     44 	proc	sockaddr_nl_proc
     45 ]
     46 
     47 type sockaddr_nl_t[FAMILY, PID, GROUPS] {
     48 	nl_family	const[FAMILY, int16]
     49 	nl_pad		const[0, int16]
     50 	nl_pid		PID
     51 	nl_groups	GROUPS
     52 }
     53 type sockaddr_nl_proc sockaddr_nl_t[AF_NETLINK, netlink_port_id, flags[netlink_group_bitmap, int32]]
     54 type sockaddr_nl_kern sockaddr_nl_t[AF_NETLINK, const[0, int32], flags[netlink_group_bitmap, int32]]
     55 type sockaddr_nl_unspec sockaddr_nl_t[AF_UNSPEC, const[0, int32], const[0, int32]]
     56 
     57 type msghdr_netlink_full[MSG] {
     58 	addr	ptr[in, sockaddr_nl_send, opt]
     59 	addrlen	len[addr, int32]
     60 	vec	ptr[in, array[iovec[in, MSG]]]
     61 	vlen	len[vec, intptr]
     62 	ctrl	ptr[in, array[cmsghdr_un], opt]
     63 	ctrllen	bytesize[ctrl, intptr]
     64 	f	flags[send_flags, int32]
     65 }
     66 
     67 # Simplified version of msghdr_netlink_full with kernel address, no control data and only 1 iovec.
     68 # It's enough for most protocols.
     69 type msghdr_netlink[MSG] {
     70 	addr	ptr[in, sockaddr_nl_kern]
     71 	addrlen	len[addr, int32]
     72 	vec	ptr[in, iovec[in, MSG]]
     73 	vlen	const[1, intptr]
     74 	ctrl	const[0, intptr]
     75 	ctrllen	const[0, intptr]
     76 	f	flags[send_flags, int32]
     77 }
     78 
     79 # No body. Generic attribute can represent a random body.
     80 type msghdr_netlink_generic msghdr_netlink_full[netlink_msg_t[netlink_random_msg_type, void, nl_generic_attr]]
     81 
     82 type netlink_msg_t[TYPE, PAYLOAD, ATTRS] {
     83 	len	len[parent, int32]
     84 	type	TYPE
     85 	flags	flags[netlink_msg_flags, int16]
     86 	seq	netlink_seq
     87 	pid	netlink_port_id
     88 	payload	PAYLOAD
     89 	attrs	array[ATTRS]
     90 } [align_4]
     91 
     92 type netlink_msg[TYPE, PAYLOAD, ATTRS] netlink_msg_t[const[TYPE, int16], PAYLOAD, ATTRS]
     93 
     94 type nlattr_t[TYPE, PAYLOAD] {
     95 	nla_len		len[parent, int16]
     96 	nla_type	TYPE
     97 	payload		PAYLOAD
     98 } [packed, align_4]
     99 
    100 # NL80211 has 150 attributes.
    101 type nlattr_anytype[PAYLOAD] nlattr_t[int16[0:150], PAYLOAD]
    102 type nlattr[TYPE, PAYLOAD] nlattr_t[const[TYPE, int16], PAYLOAD]
    103 
    104 nl_generic_attr [
    105 	generic	array[int8]
    106 	typed	nlattr_anytype[nl_generic_attr_data]
    107 	nested	nlattr_anytype[array[nl_generic_attr_nonested]]
    108 ] [varlen]
    109 
    110 nl_generic_attr_nonested [
    111 	generic	array[int8]
    112 	typed	nlattr_anytype[nl_generic_attr_data]
    113 ] [varlen]
    114 
    115 nl_generic_attr_data [
    116 	void	void
    117 	u32	int32
    118 	u64	int64
    119 	ipv4	ipv4_addr
    120 	ipv6	ipv6_addr
    121 	fd	fd
    122 	pid	pid
    123 	uid	uid
    124 	str	string
    125 	binary	array[int8]
    126 ] [varlen]
    127 
    128 nl_mmap_req {
    129 	bsize	int32
    130 	bnumber	int32
    131 	fsize	int32
    132 	fnumber	int32
    133 }
    134 
    135 # Removed (if __KERNEL__ defined) in next-20160229 (commit d1b4c689)
    136 define NETLINK_RX_RING	6
    137 define NETLINK_TX_RING	7
    138 
    139 # Some approximation for protocols for which we don't have precise descriptions.
    140 define NLMSG_MAX_TYPE	NLMSG_MIN_TYPE + 50
    141 
    142 type netlink_random_msg_type int16[NLMSG_MIN_TYPE:NLMSG_MAX_TYPE]
    143