2 * Check decoding of netlink protocol.
4 * Copyright (c) 2014-2017 Dmitry V. Levin <ldv@altlinux.org>
5 * Copyright (c) 2016 Fabien Siron <fabien.siron@epita.fr>
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. The name of the author may not be used to endorse or promote products
17 * derived from this software without specific prior written permission.
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
24 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
28 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33 #ifdef HAVE_SYS_XATTR_H
39 # include <sys/xattr.h>
40 # include <netinet/in.h>
41 # include <linux/netlink.h>
42 # include <linux/sock_diag.h>
43 # include <linux/netlink_diag.h>
45 # if !defined NETLINK_SOCK_DIAG && defined NETLINK_INET_DIAG
46 # define NETLINK_SOCK_DIAG NETLINK_INET_DIAG
50 send_query(const int fd)
52 static const struct req {
57 .nlmsg_len = sizeof(struct req),
58 .nlmsg_type = NLMSG_NOOP,
59 .nlmsg_flags = NLM_F_DUMP | NLM_F_REQUEST
63 struct req *const req = tail_memdup(&c_req, sizeof(c_req));
68 rc = sendto(fd, NULL, sizeof(*req), MSG_DONTWAIT, NULL, 0);
69 printf("sendto(%d, NULL, %u, MSG_DONTWAIT, NULL, 0) = %s\n",
70 fd, (unsigned) sizeof(*req), sprintrc(rc));
73 rc = sendto(fd, req, 0, MSG_DONTWAIT, NULL, 0);
74 printf("sendto(%d, \"\", 0, MSG_DONTWAIT, NULL, 0) = %s\n",
77 /* zero address and length */
78 rc = sendto(fd, NULL, 0, MSG_DONTWAIT, NULL, 0);
79 printf("sendto(%d, NULL, 0, MSG_DONTWAIT, NULL, 0) = %s\n",
82 /* unfetchable struct nlmsghdr */
83 const void *const efault = tail_alloc(sizeof(struct nlmsghdr) - 1);
84 rc = sendto(fd, efault, sizeof(struct nlmsghdr), MSG_DONTWAIT, NULL, 0);
85 printf("sendto(%d, %p, %u, MSG_DONTWAIT, NULL, 0) = %s\n",
86 fd, efault, (unsigned) sizeof(struct nlmsghdr), sprintrc(rc));
88 /* whole message length < sizeof(struct nlmsghdr) */
89 rc = sendto(fd, req->magic, sizeof(req->magic), MSG_DONTWAIT, NULL, 0);
90 printf("sendto(%d, \"abcd\", %u, MSG_DONTWAIT, NULL, 0) = %s\n",
91 fd, (unsigned) sizeof(req->magic), sprintrc(rc));
93 /* a single message with some data */
94 rc = sendto(fd, req, sizeof(*req), MSG_DONTWAIT, NULL, 0);
95 printf("sendto(%d, {{len=%u, type=NLMSG_NOOP, flags=NLM_F_REQUEST|0x%x"
96 ", seq=0, pid=0}, \"abcd\"}, %u, MSG_DONTWAIT, NULL, 0) = %s\n",
97 fd, req->nlh.nlmsg_len, NLM_F_DUMP,
98 (unsigned) sizeof(*req), sprintrc(rc));
100 /* a single message without data */
101 req->nlh.nlmsg_len = sizeof(req->nlh);
102 rc = sendto(fd, &req->nlh, sizeof(req->nlh), MSG_DONTWAIT, NULL, 0);
103 printf("sendto(%d, {{len=%u, type=NLMSG_NOOP, flags=NLM_F_REQUEST|0x%x"
104 ", seq=0, pid=0}}, %u, MSG_DONTWAIT, NULL, 0) = %s\n",
105 fd, req->nlh.nlmsg_len, NLM_F_DUMP,
106 (unsigned) sizeof(req->nlh), sprintrc(rc));
108 /* nlmsg_len > whole message length */
109 req->nlh.nlmsg_len = sizeof(*req) + 8;
110 rc = sendto(fd, req, sizeof(*req), MSG_DONTWAIT, NULL, 0);
111 printf("sendto(%d, {{len=%u, type=NLMSG_NOOP, flags=NLM_F_REQUEST|0x%x"
112 ", seq=0, pid=0}, \"abcd\"}, %u, MSG_DONTWAIT, NULL, 0) = %s\n",
113 fd, req->nlh.nlmsg_len, NLM_F_DUMP,
114 (unsigned) sizeof(*req), sprintrc(rc));
116 /* nlmsg_len < sizeof(struct nlmsghdr) */
117 req->nlh.nlmsg_len = 8;
118 rc = sendto(fd, req, sizeof(*req), MSG_DONTWAIT, NULL, 0);
119 printf("sendto(%d, {{len=%u, type=NLMSG_NOOP, flags=NLM_F_REQUEST|0x%x"
120 ", seq=0, pid=0}}, %u, MSG_DONTWAIT, NULL, 0) = %s\n",
121 fd, req->nlh.nlmsg_len, NLM_F_DUMP,
122 (unsigned) sizeof(*req), sprintrc(rc));
124 /* a sequence of two nlmsg objects */
127 char padding[NLMSG_ALIGN(sizeof(struct req)) - sizeof(struct req)];
129 } *const reqs = tail_alloc(sizeof(*reqs));
130 memcpy(&reqs->req1, &c_req, sizeof(c_req));
131 memcpy(&reqs->req2, &c_req, sizeof(c_req));
133 rc = sendto(fd, reqs, sizeof(*reqs), MSG_DONTWAIT, NULL, 0);
134 printf("sendto(%d, [{{len=%u, type=NLMSG_NOOP, flags=NLM_F_REQUEST|0x%x"
135 ", seq=0, pid=0}, \"abcd\"}, {{len=%u, type=NLMSG_NOOP"
136 ", flags=NLM_F_REQUEST|0x%x, seq=0, pid=0}, \"abcd\"}]"
137 ", %u, MSG_DONTWAIT, NULL, 0) = %s\n",
138 fd, reqs->req1.nlh.nlmsg_len, NLM_F_DUMP,
139 reqs->req2.nlh.nlmsg_len, NLM_F_DUMP,
140 (unsigned) sizeof(*reqs), sprintrc(rc));
142 /* unfetchable second struct nlmsghdr */
143 void *const efault2 = tail_memdup(&reqs->req1, sizeof(reqs->req1));
144 rc = sendto(fd, efault2, sizeof(*reqs), MSG_DONTWAIT, NULL, 0);
145 printf("sendto(%d, [{{len=%u, type=NLMSG_NOOP, flags=NLM_F_REQUEST|0x%x"
146 ", seq=0, pid=0}, \"abcd\"}, %p], %u, MSG_DONTWAIT, NULL, 0)"
148 fd, reqs->req1.nlh.nlmsg_len, NLM_F_DUMP,
149 &((struct reqs *) efault2)->req2, (unsigned) sizeof(*reqs),
152 /* message length is not enough for the second struct nlmsghdr */
153 rc = sendto(fd, reqs, sizeof(*reqs) - sizeof(req->nlh), MSG_DONTWAIT,
155 errstr = sprintrc(rc);
156 printf("sendto(%d, [{{len=%u, type=NLMSG_NOOP, flags=NLM_F_REQUEST|0x%x"
157 ", seq=0, pid=0}, \"abcd\"}, \"",
158 fd, reqs->req1.nlh.nlmsg_len, NLM_F_DUMP);
159 print_quoted_memory((void *) &reqs->req2.nlh,
160 sizeof(reqs->req2) - sizeof(req->nlh));
161 printf("\"], %u, MSG_DONTWAIT, NULL, 0) = %s\n",
162 (unsigned) (sizeof(*reqs) - sizeof(req->nlh)), errstr);
164 /* second nlmsg_len < sizeof(struct nlmsghdr) */
165 reqs->req2.nlh.nlmsg_len = 4;
166 rc = sendto(fd, reqs, sizeof(*reqs), MSG_DONTWAIT, NULL, 0);
167 printf("sendto(%d, [{{len=%u, type=NLMSG_NOOP, flags=NLM_F_REQUEST|0x%x"
168 ", seq=0, pid=0}, \"abcd\"}, {{len=%u, type=NLMSG_NOOP"
169 ", flags=NLM_F_REQUEST|0x%x, seq=0, pid=0}}], %u"
170 ", MSG_DONTWAIT, NULL, 0) = %s\n",
171 fd, reqs->req1.nlh.nlmsg_len, NLM_F_DUMP,
172 reqs->req2.nlh.nlmsg_len, NLM_F_DUMP,
173 (unsigned) sizeof(*reqs), sprintrc(rc));
175 /* abbreviated output */
176 # define DEFAULT_STRLEN 32
177 # define ABBREV_LEN (DEFAULT_STRLEN + 1)
178 const unsigned int msg_len = sizeof(struct nlmsghdr) * ABBREV_LEN;
179 struct nlmsghdr *const msgs = tail_alloc(msg_len);
181 for (i = 0; i < ABBREV_LEN; ++i) {
182 msgs[i].nlmsg_len = sizeof(*msgs);
183 msgs[i].nlmsg_type = NLMSG_NOOP;
184 msgs[i].nlmsg_flags = NLM_F_DUMP | NLM_F_REQUEST;
185 msgs[i].nlmsg_seq = i;
186 msgs[i].nlmsg_pid = 0;
189 rc = sendto(fd, msgs, msg_len, MSG_DONTWAIT, NULL, 0);
190 errstr = sprintrc(rc);
191 printf("sendto(%d, [", fd);
192 for (i = 0; i < DEFAULT_STRLEN; ++i) {
195 printf("{{len=%u, type=NLMSG_NOOP, flags=NLM_F_REQUEST|0x%x"
197 msgs[i].nlmsg_len, NLM_F_DUMP, msgs[i].nlmsg_seq);
199 printf(", ...], %u, MSG_DONTWAIT, NULL, 0) = %s\n", msg_len, errstr);
203 test_nlmsgerr(const int fd)
205 struct nlmsgerr *err;
206 struct nlmsghdr *nlh;
207 void *const nlh0 = tail_alloc(NLMSG_HDRLEN);
210 /* error message without enough room for the error code */
212 nlh->nlmsg_len = NLMSG_HDRLEN + 4;
213 nlh->nlmsg_type = NLMSG_ERROR;
214 nlh->nlmsg_flags = NLM_F_REQUEST;
218 rc = sendto(fd, nlh, nlh->nlmsg_len, MSG_DONTWAIT, NULL, 0);
219 printf("sendto(%d, {{len=%u, type=NLMSG_ERROR, flags=NLM_F_REQUEST"
220 ", seq=0, pid=0}, %p}, %u, MSG_DONTWAIT, NULL, 0) = %s\n",
221 fd, nlh->nlmsg_len, nlh0 + NLMSG_HDRLEN,
222 nlh->nlmsg_len, sprintrc(rc));
224 nlh->nlmsg_len = NLMSG_HDRLEN + 2;
226 memmove(nlh, nlh0, sizeof(*nlh));
227 memcpy(NLMSG_DATA(nlh), "42", 2);
229 rc = sendto(fd, nlh, NLMSG_HDRLEN + 2, MSG_DONTWAIT, NULL, 0);
230 printf("sendto(%d, {{len=%u, type=NLMSG_ERROR, flags=NLM_F_REQUEST"
231 ", seq=0, pid=0}, \"42\"}, %u, MSG_DONTWAIT, NULL, 0) = %s\n",
232 fd, NLMSG_HDRLEN + 2, NLMSG_HDRLEN + 2, sprintrc(rc));
234 /* error message with room for the error code only */
235 nlh = nlh0 - sizeof(err->error);
236 nlh->nlmsg_len = NLMSG_HDRLEN + sizeof(err->error);
237 nlh->nlmsg_type = NLMSG_ERROR;
238 nlh->nlmsg_flags = NLM_F_REQUEST;
241 err = NLMSG_DATA(nlh);
244 rc = sendto(fd, nlh, nlh->nlmsg_len, MSG_DONTWAIT, NULL, 0);
245 printf("sendto(%d, {{len=%u, type=NLMSG_ERROR, flags=NLM_F_REQUEST"
246 ", seq=0, pid=0}, {error=42}}, %u, MSG_DONTWAIT, NULL, 0)"
247 " = %s\n", fd, nlh->nlmsg_len, nlh->nlmsg_len, sprintrc(rc));
251 rc = sendto(fd, nlh, nlh->nlmsg_len, MSG_DONTWAIT, NULL, 0);
252 printf("sendto(%d, {{len=%u, type=NLMSG_ERROR, flags=NLM_F_REQUEST"
253 ", seq=0, pid=0}, {error=-EPERM}}, %u, MSG_DONTWAIT, NULL, 0)"
254 " = %s\n", fd, nlh->nlmsg_len, nlh->nlmsg_len, sprintrc(rc));
257 nlh->nlmsg_len += sizeof(err->msg.nlmsg_len);
259 rc = sendto(fd, nlh, nlh->nlmsg_len, MSG_DONTWAIT, NULL, 0);
260 printf("sendto(%d, {{len=%u, type=NLMSG_ERROR, flags=NLM_F_REQUEST"
261 ", seq=0, pid=0}, {error=-32767, msg=%p}}"
262 ", %u, MSG_DONTWAIT, NULL, 0) = %s\n",
263 fd, nlh->nlmsg_len, nlh0 + NLMSG_HDRLEN,
264 nlh->nlmsg_len, sprintrc(rc));
266 /* error message with room for the error code and a header */
267 nlh = nlh0 - sizeof(*err);
268 nlh->nlmsg_len = NLMSG_HDRLEN + sizeof(*err);
269 nlh->nlmsg_type = NLMSG_ERROR;
270 nlh->nlmsg_flags = NLM_F_REQUEST;
273 err = NLMSG_DATA(nlh);
275 err->msg.nlmsg_len = NLMSG_HDRLEN;
276 err->msg.nlmsg_type = NLMSG_NOOP;
277 err->msg.nlmsg_flags = NLM_F_DUMP | NLM_F_REQUEST;
278 err->msg.nlmsg_seq = 42;
279 err->msg.nlmsg_pid = 1234;
281 rc = sendto(fd, nlh, nlh->nlmsg_len, MSG_DONTWAIT, NULL, 0);
282 printf("sendto(%d, {{len=%u, type=NLMSG_ERROR, flags=NLM_F_REQUEST"
283 ", seq=0, pid=0}, {error=-EACCES"
284 ", msg={{len=%u, type=NLMSG_NOOP, flags=NLM_F_REQUEST|0x%x"
285 ", seq=%u, pid=%u}}}}, %u, MSG_DONTWAIT, NULL, 0) = %s\n",
286 fd, nlh->nlmsg_len, err->msg.nlmsg_len, NLM_F_DUMP,
287 err->msg.nlmsg_seq, err->msg.nlmsg_pid,
288 nlh->nlmsg_len, sprintrc(rc));
290 /* error message with room for the error code, a header, and some data */
291 nlh = nlh0 - sizeof(*err) - 4;
292 nlh->nlmsg_len = NLMSG_HDRLEN + sizeof(*err) + 4;
293 nlh->nlmsg_type = NLMSG_ERROR;
294 nlh->nlmsg_flags = NLM_F_REQUEST;
297 err = NLMSG_DATA(nlh);
299 err->msg.nlmsg_len = NLMSG_HDRLEN + 4;
300 err->msg.nlmsg_type = NLMSG_NOOP;
301 err->msg.nlmsg_flags = NLM_F_DUMP | NLM_F_REQUEST;
302 err->msg.nlmsg_seq = 421;
303 err->msg.nlmsg_pid = 12345;
304 memcpy(NLMSG_DATA(&err->msg), "abcd", 4);
306 rc = sendto(fd, nlh, nlh->nlmsg_len, MSG_DONTWAIT, NULL, 0);
307 printf("sendto(%d, {{len=%u, type=NLMSG_ERROR, flags=NLM_F_REQUEST"
308 ", seq=0, pid=0}, {error=-EACCES"
309 ", msg={{len=%u, type=NLMSG_NOOP, flags=NLM_F_REQUEST|0x%x"
310 ", seq=%u, pid=%u}, \"abcd\"}}}, %u, MSG_DONTWAIT, NULL, 0)"
312 fd, nlh->nlmsg_len, err->msg.nlmsg_len, NLM_F_DUMP,
313 err->msg.nlmsg_seq, err->msg.nlmsg_pid,
314 nlh->nlmsg_len, sprintrc(rc));
318 test_nlmsg_done(const int fd)
320 struct nlmsghdr *nlh;
321 void *const nlh0 = tail_alloc(NLMSG_HDRLEN);
323 const int num = 0xfacefeed;
325 /* NLMSG_DONE message without enough room for an integer payload */
327 *nlh = (struct nlmsghdr) {
328 .nlmsg_len = NLMSG_HDRLEN + sizeof(num),
329 .nlmsg_type = NLMSG_DONE,
330 .nlmsg_flags = NLM_F_MULTI
333 rc = sendto(fd, nlh, nlh->nlmsg_len, MSG_DONTWAIT, NULL, 0);
334 printf("sendto(%d, {{len=%u, type=NLMSG_DONE, flags=NLM_F_MULTI"
335 ", seq=0, pid=0}, %p}, %u, MSG_DONTWAIT, NULL, 0) = %s\n",
336 fd, nlh->nlmsg_len, nlh0 + NLMSG_HDRLEN,
337 nlh->nlmsg_len, sprintrc(rc));
339 /* NLMSG_DONE message with enough room for an oddly short payload */
340 nlh->nlmsg_len = NLMSG_HDRLEN + 2;
342 /* Beware of unaligned access to nlh members. */
343 memmove(nlh, nlh0, sizeof(*nlh));
344 memcpy(NLMSG_DATA(nlh), "42", 2);
346 rc = sendto(fd, nlh, NLMSG_HDRLEN + 2, MSG_DONTWAIT, NULL, 0);
347 printf("sendto(%d, {{len=%u, type=NLMSG_DONE, flags=NLM_F_MULTI"
348 ", seq=0, pid=0}, \"42\"}, %u, MSG_DONTWAIT, NULL, 0) = %s\n",
349 fd, NLMSG_HDRLEN + 2, NLMSG_HDRLEN + 2, sprintrc(rc));
351 /* NLMSG_DONE message with enough room for an integer payload */
352 nlh = nlh0 - sizeof(num);
353 *nlh = (struct nlmsghdr) {
354 .nlmsg_len = NLMSG_HDRLEN + sizeof(num),
355 .nlmsg_type = NLMSG_DONE,
356 .nlmsg_flags = NLM_F_MULTI
358 memcpy(NLMSG_DATA(nlh), &num, sizeof(num));
360 rc = sendto(fd, nlh, nlh->nlmsg_len, MSG_DONTWAIT, NULL, 0);
361 printf("sendto(%d, {{len=%u, type=NLMSG_DONE, flags=NLM_F_MULTI"
362 ", seq=0, pid=0}, %d}, %u, MSG_DONTWAIT, NULL, 0) = %s\n",
363 fd, nlh->nlmsg_len, num, nlh->nlmsg_len, sprintrc(rc));
368 struct sockaddr_nl addr;
369 socklen_t len = sizeof(addr);
372 memset(&addr, 0, sizeof(addr));
373 addr.nl_family = AF_NETLINK;
375 if ((fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_SOCK_DIAG)) == -1)
376 perror_msg_and_skip("socket AF_NETLINK");
378 printf("socket(AF_NETLINK, SOCK_RAW, NETLINK_SOCK_DIAG) = %d\n",
380 if (bind(fd, (struct sockaddr *) &addr, len))
381 perror_msg_and_skip("bind");
382 printf("bind(%d, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}"
383 ", %u) = 0\n", fd, len);
386 if (asprintf(&path, "/proc/self/fd/%u", fd) < 0)
387 perror_msg_and_fail("asprintf");
389 if (getxattr(path, "system.sockprotoname", buf, sizeof(buf) - 1) < 0)
390 perror_msg_and_skip("getxattr");
397 printf("+++ exited with 0 +++\n");
404 SKIP_MAIN_UNDEFINED("HAVE_SYS_XATTR_H")