[PATCH net-next v2 11/11] wireguard: netlink: generate netlink code
From: Asbjørn Sloth Tønnesen <hidden>
Date: 2025-10-31 16:07:20
Also in:
lkml
Subsystem:
networking drivers, the rest, wireguard secure network tunnel · Maintainers:
Andrew Lunn, "David S. Miller", Eric Dumazet, Jakub Kicinski, Paolo Abeni, Linus Torvalds, Jason A. Donenfeld
This patch adopts netlink policy and command definitions as generated by ynl-gen, thus completing the conversion to YNL. Given that the old and new policy is functionally identical, and just moved to a new file, then it serves to verify that the policy in the spec in identical to the previous policy code. The new files are covered by drivers/net/wireguard/ pattern in MAINTAINERS. No behavioural changes intended. Signed-off-by: Asbjørn Sloth Tønnesen <redacted> --- drivers/net/wireguard/Makefile | 1 + drivers/net/wireguard/netlink.c | 64 +++--------------------- drivers/net/wireguard/netlink_gen.c | 77 +++++++++++++++++++++++++++++ drivers/net/wireguard/netlink_gen.h | 29 +++++++++++ 4 files changed, 114 insertions(+), 57 deletions(-) create mode 100644 drivers/net/wireguard/netlink_gen.c create mode 100644 drivers/net/wireguard/netlink_gen.h
diff --git a/drivers/net/wireguard/Makefile b/drivers/net/wireguard/Makefile
index dbe1f8514efc..ae4b479cddbd 100644
--- a/drivers/net/wireguard/Makefile
+++ b/drivers/net/wireguard/Makefile@@ -14,4 +14,5 @@ wireguard-y += allowedips.o wireguard-y += ratelimiter.o wireguard-y += cookie.o wireguard-y += netlink.o +wireguard-y += netlink_gen.o obj-$(CONFIG_WIREGUARD) := wireguard.o
diff --git a/drivers/net/wireguard/netlink.c b/drivers/net/wireguard/netlink.c
index ff1549fe55e2..6a7e522e3a78 100644
--- a/drivers/net/wireguard/netlink.c
+++ b/drivers/net/wireguard/netlink.c@@ -9,6 +9,7 @@ #include "socket.h" #include "queueing.h" #include "messages.h" +#include "netlink_gen.h" #include <uapi/linux/wireguard.h>
@@ -18,39 +19,6 @@ #include <crypto/utils.h> static struct genl_family genl_family; -static const struct nla_policy peer_policy[WGPEER_A_MAX + 1]; -static const struct nla_policy allowedip_policy[WGALLOWEDIP_A_MAX + 1]; - -static const struct nla_policy device_policy[WGDEVICE_A_MAX + 1] = { - [WGDEVICE_A_IFINDEX] = { .type = NLA_U32 }, - [WGDEVICE_A_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ - 1 }, - [WGDEVICE_A_PRIVATE_KEY] = NLA_POLICY_EXACT_LEN(WG_KEY_LEN), - [WGDEVICE_A_PUBLIC_KEY] = NLA_POLICY_EXACT_LEN(WG_KEY_LEN), - [WGDEVICE_A_FLAGS] = NLA_POLICY_MASK(NLA_U32, 0x1), - [WGDEVICE_A_LISTEN_PORT] = { .type = NLA_U16 }, - [WGDEVICE_A_FWMARK] = { .type = NLA_U32 }, - [WGDEVICE_A_PEERS] = NLA_POLICY_NESTED_ARRAY(peer_policy), -}; - -static const struct nla_policy peer_policy[WGPEER_A_MAX + 1] = { - [WGPEER_A_PUBLIC_KEY] = NLA_POLICY_EXACT_LEN(WG_KEY_LEN), - [WGPEER_A_PRESHARED_KEY] = NLA_POLICY_EXACT_LEN(WG_KEY_LEN), - [WGPEER_A_FLAGS] = NLA_POLICY_MASK(NLA_U32, 0x7), - [WGPEER_A_ENDPOINT] = NLA_POLICY_MIN_LEN(sizeof(struct sockaddr)), - [WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL] = { .type = NLA_U16 }, - [WGPEER_A_LAST_HANDSHAKE_TIME] = NLA_POLICY_EXACT_LEN(sizeof(struct __kernel_timespec)), - [WGPEER_A_RX_BYTES] = { .type = NLA_U64 }, - [WGPEER_A_TX_BYTES] = { .type = NLA_U64 }, - [WGPEER_A_ALLOWEDIPS] = NLA_POLICY_NESTED_ARRAY(allowedip_policy), - [WGPEER_A_PROTOCOL_VERSION] = { .type = NLA_U32 } -}; - -static const struct nla_policy allowedip_policy[WGALLOWEDIP_A_MAX + 1] = { - [WGALLOWEDIP_A_FAMILY] = { .type = NLA_U16 }, - [WGALLOWEDIP_A_IPADDR] = NLA_POLICY_MIN_LEN(sizeof(struct in_addr)), - [WGALLOWEDIP_A_CIDR_MASK] = { .type = NLA_U8 }, - [WGALLOWEDIP_A_FLAGS] = NLA_POLICY_MASK(NLA_U32, 0x1), -}; static struct wg_device *lookup_interface(struct nlattr **attrs, struct sk_buff *skb)
@@ -199,7 +167,7 @@ get_peer(struct wg_peer *peer, struct sk_buff *skb, struct dump_ctx *ctx) return -EMSGSIZE; } -static int wireguard_nl_get_device_start(struct netlink_callback *cb) +int wireguard_nl_get_device_start(struct netlink_callback *cb) { struct wg_device *wg;
@@ -210,8 +178,8 @@ static int wireguard_nl_get_device_start(struct netlink_callback *cb) return 0; } -static int wireguard_nl_get_device_dumpit(struct sk_buff *skb, - struct netlink_callback *cb) +int wireguard_nl_get_device_dumpit(struct sk_buff *skb, + struct netlink_callback *cb) { struct wg_peer *peer, *next_peer_cursor; struct dump_ctx *ctx = DUMP_CTX(cb);
@@ -305,7 +273,7 @@ static int wireguard_nl_get_device_dumpit(struct sk_buff *skb, */ } -static int wireguard_nl_get_device_done(struct netlink_callback *cb) +int wireguard_nl_get_device_done(struct netlink_callback *cb) { struct dump_ctx *ctx = DUMP_CTX(cb);
@@ -503,8 +471,8 @@ static int set_peer(struct wg_device *wg, struct nlattr **attrs) return ret; } -static int wireguard_nl_set_device_doit(struct sk_buff *skb, - struct genl_info *info) +int wireguard_nl_set_device_doit(struct sk_buff *skb, + struct genl_info *info) { struct wg_device *wg = lookup_interface(info->attrs, skb); u32 flags = 0;
@@ -618,24 +586,6 @@ static int wireguard_nl_set_device_doit(struct sk_buff *skb, return ret; } -static const struct genl_split_ops wireguard_nl_ops[] = { - { - .cmd = WG_CMD_GET_DEVICE, - .start = wireguard_nl_get_device_start, - .dumpit = wireguard_nl_get_device_dumpit, - .done = wireguard_nl_get_device_done, - .policy = device_policy, - .maxattr = WGDEVICE_A_PEERS, - .flags = GENL_UNS_ADMIN_PERM | GENL_CMD_CAP_DUMP, - }, { - .cmd = WG_CMD_SET_DEVICE, - .doit = wireguard_nl_set_device_doit, - .policy = device_policy, - .maxattr = WGDEVICE_A_PEERS, - .flags = GENL_UNS_ADMIN_PERM | GENL_CMD_CAP_DO, - } -}; - static struct genl_family genl_family __ro_after_init = { .split_ops = wireguard_nl_ops, .n_split_ops = ARRAY_SIZE(wireguard_nl_ops),
diff --git a/drivers/net/wireguard/netlink_gen.c b/drivers/net/wireguard/netlink_gen.c
new file mode 100644
index 000000000000..f95fa133778f
--- /dev/null
+++ b/drivers/net/wireguard/netlink_gen.c@@ -0,0 +1,77 @@ +// SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) +/* Do not edit directly, auto-generated from: */ +/* Documentation/netlink/specs/wireguard.yaml */ +/* YNL-GEN kernel source */ + +#include <net/netlink.h> +#include <net/genetlink.h> + +#include "netlink_gen.h" + +#include <uapi/linux/wireguard.h> +#include <linux/time_types.h> + +/* Common nested types */ +const struct nla_policy wireguard_wgallowedip_nl_policy[WGALLOWEDIP_A_FLAGS + 1] = { + [WGALLOWEDIP_A_FAMILY] = { .type = NLA_U16, }, + [WGALLOWEDIP_A_IPADDR] = NLA_POLICY_MIN_LEN(4), + [WGALLOWEDIP_A_CIDR_MASK] = { .type = NLA_U8, }, + [WGALLOWEDIP_A_FLAGS] = NLA_POLICY_MASK(NLA_U32, 0x1), +}; + +const struct nla_policy wireguard_wgpeer_nl_policy[WGPEER_A_PROTOCOL_VERSION + 1] = { + [WGPEER_A_PUBLIC_KEY] = NLA_POLICY_EXACT_LEN(WG_KEY_LEN), + [WGPEER_A_PRESHARED_KEY] = NLA_POLICY_EXACT_LEN(WG_KEY_LEN), + [WGPEER_A_FLAGS] = NLA_POLICY_MASK(NLA_U32, 0x7), + [WGPEER_A_ENDPOINT] = NLA_POLICY_MIN_LEN(16), + [WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL] = { .type = NLA_U16, }, + [WGPEER_A_LAST_HANDSHAKE_TIME] = NLA_POLICY_EXACT_LEN(16), + [WGPEER_A_RX_BYTES] = { .type = NLA_U64, }, + [WGPEER_A_TX_BYTES] = { .type = NLA_U64, }, + [WGPEER_A_ALLOWEDIPS] = NLA_POLICY_NESTED_ARRAY(wireguard_wgallowedip_nl_policy), + [WGPEER_A_PROTOCOL_VERSION] = { .type = NLA_U32, }, +}; + +/* WG_CMD_GET_DEVICE - dump */ +static const struct nla_policy wireguard_get_device_nl_policy[WGDEVICE_A_PEERS + 1] = { + [WGDEVICE_A_IFINDEX] = { .type = NLA_U32, }, + [WGDEVICE_A_IFNAME] = { .type = NLA_NUL_STRING, .len = 15, }, + [WGDEVICE_A_PRIVATE_KEY] = NLA_POLICY_EXACT_LEN(WG_KEY_LEN), + [WGDEVICE_A_PUBLIC_KEY] = NLA_POLICY_EXACT_LEN(WG_KEY_LEN), + [WGDEVICE_A_FLAGS] = NLA_POLICY_MASK(NLA_U32, 0x1), + [WGDEVICE_A_LISTEN_PORT] = { .type = NLA_U16, }, + [WGDEVICE_A_FWMARK] = { .type = NLA_U32, }, + [WGDEVICE_A_PEERS] = NLA_POLICY_NESTED_ARRAY(wireguard_wgpeer_nl_policy), +}; + +/* WG_CMD_SET_DEVICE - do */ +static const struct nla_policy wireguard_set_device_nl_policy[WGDEVICE_A_PEERS + 1] = { + [WGDEVICE_A_IFINDEX] = { .type = NLA_U32, }, + [WGDEVICE_A_IFNAME] = { .type = NLA_NUL_STRING, .len = 15, }, + [WGDEVICE_A_PRIVATE_KEY] = NLA_POLICY_EXACT_LEN(WG_KEY_LEN), + [WGDEVICE_A_PUBLIC_KEY] = NLA_POLICY_EXACT_LEN(WG_KEY_LEN), + [WGDEVICE_A_FLAGS] = NLA_POLICY_MASK(NLA_U32, 0x1), + [WGDEVICE_A_LISTEN_PORT] = { .type = NLA_U16, }, + [WGDEVICE_A_FWMARK] = { .type = NLA_U32, }, + [WGDEVICE_A_PEERS] = NLA_POLICY_NESTED_ARRAY(wireguard_wgpeer_nl_policy), +}; + +/* Ops table for wireguard */ +const struct genl_split_ops wireguard_nl_ops[2] = { + { + .cmd = WG_CMD_GET_DEVICE, + .start = wireguard_nl_get_device_start, + .dumpit = wireguard_nl_get_device_dumpit, + .done = wireguard_nl_get_device_done, + .policy = wireguard_get_device_nl_policy, + .maxattr = WGDEVICE_A_PEERS, + .flags = GENL_UNS_ADMIN_PERM | GENL_CMD_CAP_DUMP, + }, + { + .cmd = WG_CMD_SET_DEVICE, + .doit = wireguard_nl_set_device_doit, + .policy = wireguard_set_device_nl_policy, + .maxattr = WGDEVICE_A_PEERS, + .flags = GENL_UNS_ADMIN_PERM | GENL_CMD_CAP_DO, + }, +};
diff --git a/drivers/net/wireguard/netlink_gen.h b/drivers/net/wireguard/netlink_gen.h
new file mode 100644
index 000000000000..e635b1f5f0df
--- /dev/null
+++ b/drivers/net/wireguard/netlink_gen.h@@ -0,0 +1,29 @@ +/* SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) */ +/* Do not edit directly, auto-generated from: */ +/* Documentation/netlink/specs/wireguard.yaml */ +/* YNL-GEN kernel header */ + +#ifndef _LINUX_WIREGUARD_GEN_H +#define _LINUX_WIREGUARD_GEN_H + +#include <net/netlink.h> +#include <net/genetlink.h> + +#include <uapi/linux/wireguard.h> +#include <linux/time_types.h> + +/* Common nested types */ +extern const struct nla_policy wireguard_wgallowedip_nl_policy[WGALLOWEDIP_A_FLAGS + 1]; +extern const struct nla_policy wireguard_wgpeer_nl_policy[WGPEER_A_PROTOCOL_VERSION + 1]; + +/* Ops table for wireguard */ +extern const struct genl_split_ops wireguard_nl_ops[2]; + +int wireguard_nl_get_device_start(struct netlink_callback *cb); +int wireguard_nl_get_device_done(struct netlink_callback *cb); + +int wireguard_nl_get_device_dumpit(struct sk_buff *skb, + struct netlink_callback *cb); +int wireguard_nl_set_device_doit(struct sk_buff *skb, struct genl_info *info); + +#endif /* _LINUX_WIREGUARD_GEN_H */
--
2.51.0