From patchwork Thu Jul 26 02:31:34 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Dmitry Safonov <dima@arista.com>
X-Patchwork-Id: 949435
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming-netdev@ozlabs.org
Delivered-To: patchwork-incoming-netdev@ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=vger.kernel.org
	(client-ip=209.132.180.67; helo=vger.kernel.org;
	envelope-from=netdev-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=pass (p=quarantine dis=none)
	header.from=arista.com
Authentication-Results: ozlabs.org; dkim=pass (2048-bit key;
	unprotected) header.d=arista.com header.i=@arista.com
	header.b="hMmVlOjg"; dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 41bbjr4yy6z9s21
	for <patchwork-incoming-netdev@ozlabs.org>;
	Thu, 26 Jul 2018 12:33:04 +1000 (AEST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1729144AbeGZDqc (ORCPT
	<rfc822;patchwork-incoming-netdev@ozlabs.org>);
	Wed, 25 Jul 2018 23:46:32 -0400
Received: from mail-ed1-f68.google.com ([209.85.208.68]:39191 "EHLO
	mail-ed1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1728975AbeGZDq3 (ORCPT
	<rfc822;netdev@vger.kernel.org>); Wed, 25 Jul 2018 23:46:29 -0400
Received: by mail-ed1-f68.google.com with SMTP id h4-v6so331518edi.6
	for <netdev@vger.kernel.org>; Wed, 25 Jul 2018 19:31:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=arista.com; s=googlenew;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=KGoK3OMLZtNNtazxqMz9O1g2b/QG4N/rvtrmfVBaNKw=;
	b=hMmVlOjgu3cExAPljGXnFlQTIdhe78lf0XeL2+7TMs2vyPC0CLm9NDLe8hHRqzhPGK
	v5k5DzwZJ9afvV+2eWV4wfxAAW7q2LJ8p+kYm6aZOwVzxJtoeKeE5dgDoTVIsnfLGHSR
	ALvMPhlnF2U07EMdj/LD6BRnKx60Ajtz62Q6oWdxakQjMeRQoWqi2xap/HB0EVsDyjuX
	wL0JhXNgN6IZ0HzPEfuBObuMx0sqD8Wy+2e7BjbVkVN6HOFJcCNuUwFrG2Pm6Ey+zenX
	UPc0IeqrxthOdcy0eBd3xGvkvDNXhsX/ie+x/DG1eZJIJeWRJTDuLTZmcKtqoFO5zOpD
	iqKw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=KGoK3OMLZtNNtazxqMz9O1g2b/QG4N/rvtrmfVBaNKw=;
	b=HP+UL/TsLg+VUsI4VGAWdJsIoqYcvyPVOKK4q2wAEDH/Ytj0Pojxzc91ZcVeJFfQwX
	ghbUJLsbKPMioeyM+gCB2ibK+xb2S5L01i9dtVJtBZBhEjIkoVn1wLV6lE7iT9sBh9ra
	kPBdjhyW1VE0EmTwaAP5e9JEIT3mLD4LNbqkNNdDpn5A6apxfymyTMjzC+W4dBPewlCF
	dUG31fHSZzw0H6W7ffaz+df/2yKB/NneX1+Ytq1/Cs1RTyY66rtamK9cFZMxO8uEppsd
	MRQuxBxzObUVwps9H36oeBSf3uWHZSMUIGWDeQah4E7uXzGwioBVbn5/sNUCap04n54B
	m8kw==
X-Gm-Message-State: AOUpUlE0dmhj+Y20tiFc9wu8gVxcR0GRivQtezD6Lbq8QBWAIP2peCRe
	3T0SUFWHI8IgKEzfWvo5vE71RQ==
X-Google-Smtp-Source: 
 AAOMgpcCx3zX76fNkUdYYaZw3nPEC29UpNy9FQ4yDkLe6RMPV6dLWZLv7f+lyUK2dsznK4WoA9JMRA==
X-Received: by 2002:a50:a402:: with SMTP id
	u2-v6mr459068edb.237.1532572315834;
	Wed, 25 Jul 2018 19:31:55 -0700 (PDT)
Received: from dhcp.ire.aristanetworks.com ([217.173.96.166])
	by smtp.gmail.com with ESMTPSA id
	x13-v6sm241024edx.17.2018.07.25.19.31.54
	(version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
	Wed, 25 Jul 2018 19:31:55 -0700 (PDT)
From: Dmitry Safonov <dima@arista.com>
To: linux-kernel@vger.kernel.org
Cc: Dmitry Safonov <dima@arista.com>,
	"David S. Miller" <davem@davemloft.net>,
	Herbert Xu <herbert@gondor.apana.org.au>,
	Steffen Klassert <steffen.klassert@secunet.com>,
	Dmitry Safonov <0x7f454c46@gmail.com>, netdev@vger.kernel.org
Subject: [PATCH 08/18] xfrm: Add in-kernel groups for compat notifications
Date: Thu, 26 Jul 2018 03:31:34 +0100
Message-Id: <20180726023144.31066-9-dima@arista.com>
X-Mailer: git-send-email 2.13.6
In-Reply-To: <20180726023144.31066-1-dima@arista.com>
References: <20180726023144.31066-1-dima@arista.com>
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

Introduce kernel-only, hidden from userspace groups.
Application that bind()ed by kernel to such group will receive netlink
messages in compatible ABI on 64-bit kernels.

Cc: "David S. Miller" <davem@davemloft.net>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Steffen Klassert <steffen.klassert@secunet.com>
Cc: netdev@vger.kernel.org
Signed-off-by: Dmitry Safonov <dima@arista.com>
---
 net/xfrm/xfrm_user.c | 54 +++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 53 insertions(+), 1 deletion(-)

diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index bf2ca93edaf5..b123e788488f 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -67,6 +67,29 @@ struct xfrm_userspi_info_packed {
 	__u32				max;
 } __packed;
 
+/* In-kernel, non-uapi compat groups.
+ * As compat/native messages differ, send notifications according
+ * to .bind() caller's ABI. There are *_COMPAT hidden from userspace
+ * groups for such task.
+ */
+enum xfrm_nlgroups_kernel {
+	XFRMNLGRP_COMPAT_MIN = XFRMNLGRP_MAX,
+	XFRMNLGRP_COMPAT_ACQUIRE,
+	XFRMNLGRP_COMPAT_EXPIRE,
+	XFRMNLGRP_COMPAT_SA,
+	XFRMNLGRP_COMPAT_POLICY,
+	/* Group messages for the following notifications do not differ
+	 * in size between native and compat structures:
+	 * XFRMNLGRP_AEVENTS,
+	 * XFRMNLGRP_REPORT,
+	 * XFRMNLGRP_MIGRATE,
+	 * XFRMNLGRP_MAPPING,
+	 */
+	__XFRMNLGRP_COMPAT_MAX
+};
+
+#define XFRMNLGRP_KERNEL_MAX	(__XFRMNLGRP_COMPAT_MAX - 1)
+
 static int verify_one_alg(struct nlattr **attrs, enum xfrm_attr_type_t type)
 {
 	struct nlattr *rt = attrs[type];
@@ -2645,6 +2668,34 @@ static void xfrm_netlink_rcv(struct sk_buff *skb)
 	mutex_unlock(&net->xfrm.xfrm_cfg_mutex);
 }
 
+static inline void xfrm_nlgrp_compat(unsigned long *groups,
+		int group, int group_compat)
+{
+	unsigned long group_bit = 1UL << (group - 1);
+
+	if (*groups & group_bit) {
+		*groups &= ~group_bit;
+		*groups |= 1UL << (group_compat - 1);
+	}
+}
+
+static int xfrm_netlink_bind(struct net *net, unsigned long *groups)
+{
+	unsigned long uapi_mask = (1UL << XFRMNLGRP_MAX) - 1;
+
+	*groups &= uapi_mask;
+
+	if (!in_compat_syscall())
+		return 0;
+
+	xfrm_nlgrp_compat(groups, XFRMNLGRP_ACQUIRE, XFRMNLGRP_COMPAT_ACQUIRE);
+	xfrm_nlgrp_compat(groups, XFRMNLGRP_EXPIRE, XFRMNLGRP_COMPAT_EXPIRE);
+	xfrm_nlgrp_compat(groups, XFRMNLGRP_SA, XFRMNLGRP_COMPAT_SA);
+	xfrm_nlgrp_compat(groups, XFRMNLGRP_POLICY, XFRMNLGRP_COMPAT_POLICY);
+
+	return 0;
+}
+
 static inline unsigned int xfrm_expire_msgsize(void)
 {
 	return NLMSG_ALIGN(sizeof(struct xfrm_user_expire))
@@ -3283,8 +3334,9 @@ static int __net_init xfrm_user_net_init(struct net *net)
 {
 	struct sock *nlsk;
 	struct netlink_kernel_cfg cfg = {
-		.groups	= XFRMNLGRP_MAX,
+		.groups	= XFRMNLGRP_KERNEL_MAX,
 		.input	= xfrm_netlink_rcv,
+		.bind	= xfrm_netlink_bind,
 	};
 
 	nlsk = netlink_kernel_create(net, NETLINK_XFRM, &cfg);