From 13dbd03bf7ca0a245cfdfd2d8c8b73e486bbaa7b Mon Sep 17 00:00:00 2001
From: Dmitry Vyukov <dvyukov@google.com>
Date: Mon, 2 Dec 2024 10:57:36 +0100
Subject: pkg/declextract: emit more netlink families

Emit families w/o policy, emit duplicate commands.
---
 pkg/declextract/declextract.go                |  3 ++-
 pkg/declextract/netlink.go                    | 38 +++++++++++----------------
 sys/linux/auto.txt                            | 35 ++++++++++++++++++++++++
 sys/linux/auto.txt.const                      |  9 +++++++
 sys/linux/auto.txt.info                       | 15 +++++++++++
 tools/syz-declextract/testdata/netlink.c      | 27 +++++++++++++++++++
 tools/syz-declextract/testdata/netlink.c.info |  1 +
 tools/syz-declextract/testdata/netlink.c.json | 30 +++++++++++++++++++++
 tools/syz-declextract/testdata/netlink.c.txt  | 12 +++++++++
 9 files changed, 146 insertions(+), 24 deletions(-)

diff --git a/pkg/declextract/declextract.go b/pkg/declextract/declextract.go
index e99d6754c..1d650b9ae 100644
--- a/pkg/declextract/declextract.go
+++ b/pkg/declextract/declextract.go
@@ -357,7 +357,7 @@ func (ctx *context) fieldTypeStruct(f *Field) string {
 	}
 	f.Type.Struct += autoSuffix
 	if ctx.structs[f.Type.Struct].ByteSize == 0 {
-		return "void"
+		return voidType
 	}
 	return f.Type.Struct
 }
@@ -378,6 +378,7 @@ func (ctx *context) bounds(name string, min, max int) string {
 const (
 	autoSuffix = "$auto"
 	todoType   = "auto_todo"
+	voidType   = "void"
 )
 
 func fixIdentifier(name string) string {
diff --git a/pkg/declextract/netlink.go b/pkg/declextract/netlink.go
index 2efc83639..47ae7c664 100644
--- a/pkg/declextract/netlink.go
+++ b/pkg/declextract/netlink.go
@@ -17,7 +17,9 @@ func (ctx *context) serializeNetlink() {
 		pq.policies[pol.Name] = pol
 	}
 	for _, fam := range ctx.NetlinkFamilies {
-		if isEmptyFamily(fam) {
+		if len(fam.Ops) == 0 {
+			// TODO: do something for these as well. These exist for a reason.
+			// Probably only send broadcast notifications (can bind and recvmsg).
 			continue
 		}
 		id := stringIdentifier(fam.Name)
@@ -27,22 +29,21 @@ func (ctx *context) serializeNetlink() {
 		ctx.fmt("syz_genetlink_get_family_id%v_%v(name ptr[in, string[\"%v\"]],"+
 			" fd sock_nl_generic) genl_%v_family_id%v\n\n", autoSuffix, id, fam.Name, id, autoSuffix)
 
-		dedup := make(map[string]bool)
+		dedup := make(map[string]int)
 		for _, op := range fam.Ops {
-			// TODO: emit these as well, these are dump commands w/o input arguments.
-			if op.Policy == "" {
-				continue
+			policy := voidType
+			if op.Policy != "" {
+				policy = op.Policy + autoSuffix
+				pq.policyUsed(op.Policy)
 			}
-			// TODO: emit all of these with unique names, these should be doit/dump variants.
-			// They may have different policies.
-			if dedup[op.Name] {
-				continue
+			suffix := ""
+			dedup[op.Name]++
+			if v := dedup[op.Name]; v != 1 {
+				suffix = fmt.Sprint(v)
 			}
-			dedup[op.Name] = true
-			ctx.fmt("sendmsg%v_%v(fd sock_nl_generic,"+
+			ctx.fmt("sendmsg%v_%v%v(fd sock_nl_generic,"+
 				" msg ptr[in, msghdr_%v%v[%v, %v]], f flags[send_flags])\n",
-				autoSuffix, op.Name, id, autoSuffix, op.Name, op.Policy+autoSuffix)
-			pq.policyUsed(op.Policy)
+				autoSuffix, op.Name, suffix, id, autoSuffix, op.Name, policy)
 
 			ctx.noteInterface(&Interface{
 				Type:             IfaceNetlinkOp,
@@ -87,15 +88,6 @@ func (ctx *context) serializeNetlinkPolicy(pol *NetlinkPolicy, pq *policyQueue)
 	ctx.fmt("] [varlen]\n")
 }
 
-func isEmptyFamily(fam *NetlinkFamily) bool {
-	for _, op := range fam.Ops {
-		if op.Policy != "" {
-			return false
-		}
-	}
-	return true
-}
-
 func (ctx *context) nlattrType(attr *NetlinkAttr, pq *policyQueue) string {
 	nlattr, typ := "nlattr", ""
 	switch attr.Kind {
@@ -105,7 +97,7 @@ func (ctx *context) nlattrType(attr *NetlinkAttr, pq *policyQueue) string {
 	case "NLA_MSECS":
 		typ = "int64"
 	case "NLA_FLAG":
-		typ = "void"
+		typ = voidType
 	case "NLA_NESTED", "NLA_NESTED_ARRAY":
 		nlattr = "nlnest"
 		policy := "nl_generic_attr"
diff --git a/sys/linux/auto.txt b/sys/linux/auto.txt
index 4e9e7311d..d38da2bd6 100644
--- a/sys/linux/auto.txt
+++ b/sys/linux/auto.txt
@@ -623,8 +623,10 @@ syz_genetlink_get_family_id$auto_ioam6(name ptr[in, string["IOAM6"]], fd sock_nl
 
 sendmsg$auto_IOAM6_CMD_ADD_NAMESPACE(fd sock_nl_generic, msg ptr[in, msghdr_ioam6$auto[IOAM6_CMD_ADD_NAMESPACE, ioam6_genl_policy_addns_ioam6$auto]], f flags[send_flags])
 sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(fd sock_nl_generic, msg ptr[in, msghdr_ioam6$auto[IOAM6_CMD_DEL_NAMESPACE, ioam6_genl_policy_delns_ioam6$auto]], f flags[send_flags])
+sendmsg$auto_IOAM6_CMD_DUMP_NAMESPACES(fd sock_nl_generic, msg ptr[in, msghdr_ioam6$auto[IOAM6_CMD_DUMP_NAMESPACES, void]], f flags[send_flags])
 sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(fd sock_nl_generic, msg ptr[in, msghdr_ioam6$auto[IOAM6_CMD_ADD_SCHEMA, ioam6_genl_policy_addsc_ioam6$auto]], f flags[send_flags])
 sendmsg$auto_IOAM6_CMD_DEL_SCHEMA(fd sock_nl_generic, msg ptr[in, msghdr_ioam6$auto[IOAM6_CMD_DEL_SCHEMA, ioam6_genl_policy_delsc_ioam6$auto]], f flags[send_flags])
+sendmsg$auto_IOAM6_CMD_DUMP_SCHEMAS(fd sock_nl_generic, msg ptr[in, msghdr_ioam6$auto[IOAM6_CMD_DUMP_SCHEMAS, void]], f flags[send_flags])
 sendmsg$auto_IOAM6_CMD_NS_SET_SCHEMA(fd sock_nl_generic, msg ptr[in, msghdr_ioam6$auto[IOAM6_CMD_NS_SET_SCHEMA, ioam6_genl_policy_ns_sc_ioam6$auto]], f flags[send_flags])
 
 ioam6_genl_policy_addns_ioam6$auto [
@@ -1692,16 +1694,22 @@ type msghdr_net_shaper$auto[CMD, POLICY] msghdr_netlink[netlink_msg_t[genl_net_s
 syz_genetlink_get_family_id$auto_net_shaper(name ptr[in, string["net-shaper"]], fd sock_nl_generic) genl_net_shaper_family_id$auto
 
 sendmsg$auto_NET_SHAPER_CMD_GET(fd sock_nl_generic, msg ptr[in, msghdr_net_shaper$auto[NET_SHAPER_CMD_GET, net_shaper_get_do_nl_policy_shaper_nl_gen$auto]], f flags[send_flags])
+sendmsg$auto_NET_SHAPER_CMD_GET2(fd sock_nl_generic, msg ptr[in, msghdr_net_shaper$auto[NET_SHAPER_CMD_GET, net_shaper_get_dump_nl_policy_shaper_nl_gen$auto]], f flags[send_flags])
 sendmsg$auto_NET_SHAPER_CMD_SET(fd sock_nl_generic, msg ptr[in, msghdr_net_shaper$auto[NET_SHAPER_CMD_SET, net_shaper_set_nl_policy_shaper_nl_gen$auto]], f flags[send_flags])
 sendmsg$auto_NET_SHAPER_CMD_DELETE(fd sock_nl_generic, msg ptr[in, msghdr_net_shaper$auto[NET_SHAPER_CMD_DELETE, net_shaper_delete_nl_policy_shaper_nl_gen$auto]], f flags[send_flags])
 sendmsg$auto_NET_SHAPER_CMD_GROUP(fd sock_nl_generic, msg ptr[in, msghdr_net_shaper$auto[NET_SHAPER_CMD_GROUP, net_shaper_group_nl_policy_shaper_nl_gen$auto]], f flags[send_flags])
 sendmsg$auto_NET_SHAPER_CMD_CAP_GET(fd sock_nl_generic, msg ptr[in, msghdr_net_shaper$auto[NET_SHAPER_CMD_CAP_GET, net_shaper_cap_get_do_nl_policy_shaper_nl_gen$auto]], f flags[send_flags])
+sendmsg$auto_NET_SHAPER_CMD_CAP_GET2(fd sock_nl_generic, msg ptr[in, msghdr_net_shaper$auto[NET_SHAPER_CMD_CAP_GET, net_shaper_cap_get_dump_nl_policy_shaper_nl_gen$auto]], f flags[send_flags])
 
 net_shaper_get_do_nl_policy_shaper_nl_gen$auto [
 	NET_SHAPER_A_IFINDEX	nlattr[NET_SHAPER_A_IFINDEX, ifindex]
 	NET_SHAPER_A_HANDLE	nlnest[NET_SHAPER_A_HANDLE, array[net_shaper_handle_nl_policy_shaper_nl_gen$auto]]
 ] [varlen]
 
+net_shaper_get_dump_nl_policy_shaper_nl_gen$auto [
+	NET_SHAPER_A_IFINDEX	nlattr[NET_SHAPER_A_IFINDEX, ifindex]
+] [varlen]
+
 net_shaper_set_nl_policy_shaper_nl_gen$auto [
 	NET_SHAPER_A_IFINDEX	nlattr[NET_SHAPER_A_IFINDEX, ifindex]
 	NET_SHAPER_A_HANDLE	nlnest[NET_SHAPER_A_HANDLE, array[net_shaper_handle_nl_policy_shaper_nl_gen$auto]]
@@ -1736,6 +1744,10 @@ net_shaper_cap_get_do_nl_policy_shaper_nl_gen$auto [
 	NET_SHAPER_A_CAPS_SCOPE		nlattr[NET_SHAPER_A_CAPS_SCOPE, int32]
 ] [varlen]
 
+net_shaper_cap_get_dump_nl_policy_shaper_nl_gen$auto [
+	NET_SHAPER_A_CAPS_IFINDEX	nlattr[NET_SHAPER_A_CAPS_IFINDEX, ifindex]
+] [varlen]
+
 net_shaper_handle_nl_policy_shaper_nl_gen$auto [
 	NET_SHAPER_A_HANDLE_SCOPE	nlattr[NET_SHAPER_A_HANDLE_SCOPE, int32]
 	NET_SHAPER_A_HANDLE_ID		nlattr[NET_SHAPER_A_HANDLE_ID, int32]
@@ -1752,9 +1764,13 @@ type msghdr_netdev$auto[CMD, POLICY] msghdr_netlink[netlink_msg_t[genl_netdev_fa
 syz_genetlink_get_family_id$auto_netdev(name ptr[in, string["netdev"]], fd sock_nl_generic) genl_netdev_family_id$auto
 
 sendmsg$auto_NETDEV_CMD_DEV_GET(fd sock_nl_generic, msg ptr[in, msghdr_netdev$auto[NETDEV_CMD_DEV_GET, netdev_dev_get_nl_policy_netdev_genl_gen$auto]], f flags[send_flags])
+sendmsg$auto_NETDEV_CMD_DEV_GET2(fd sock_nl_generic, msg ptr[in, msghdr_netdev$auto[NETDEV_CMD_DEV_GET, void]], f flags[send_flags])
 sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(fd sock_nl_generic, msg ptr[in, msghdr_netdev$auto[NETDEV_CMD_PAGE_POOL_GET, netdev_page_pool_get_nl_policy_netdev_genl_gen$auto]], f flags[send_flags])
+sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET2(fd sock_nl_generic, msg ptr[in, msghdr_netdev$auto[NETDEV_CMD_PAGE_POOL_GET, void]], f flags[send_flags])
 sendmsg$auto_NETDEV_CMD_QUEUE_GET(fd sock_nl_generic, msg ptr[in, msghdr_netdev$auto[NETDEV_CMD_QUEUE_GET, netdev_queue_get_do_nl_policy_netdev_genl_gen$auto]], f flags[send_flags])
+sendmsg$auto_NETDEV_CMD_QUEUE_GET2(fd sock_nl_generic, msg ptr[in, msghdr_netdev$auto[NETDEV_CMD_QUEUE_GET, netdev_queue_get_dump_nl_policy_netdev_genl_gen$auto]], f flags[send_flags])
 sendmsg$auto_NETDEV_CMD_NAPI_GET(fd sock_nl_generic, msg ptr[in, msghdr_netdev$auto[NETDEV_CMD_NAPI_GET, netdev_napi_get_do_nl_policy_netdev_genl_gen$auto]], f flags[send_flags])
+sendmsg$auto_NETDEV_CMD_NAPI_GET2(fd sock_nl_generic, msg ptr[in, msghdr_netdev$auto[NETDEV_CMD_NAPI_GET, netdev_napi_get_dump_nl_policy_netdev_genl_gen$auto]], f flags[send_flags])
 sendmsg$auto_NETDEV_CMD_QSTATS_GET(fd sock_nl_generic, msg ptr[in, msghdr_netdev$auto[NETDEV_CMD_QSTATS_GET, netdev_qstats_get_nl_policy_netdev_genl_gen$auto]], f flags[send_flags])
 sendmsg$auto_NETDEV_CMD_BIND_RX(fd sock_nl_generic, msg ptr[in, msghdr_netdev$auto[NETDEV_CMD_BIND_RX, netdev_bind_rx_nl_policy_netdev_genl_gen$auto]], f flags[send_flags])
 sendmsg$auto_NETDEV_CMD_NAPI_SET(fd sock_nl_generic, msg ptr[in, msghdr_netdev$auto[NETDEV_CMD_NAPI_SET, netdev_napi_set_nl_policy_netdev_genl_gen$auto]], f flags[send_flags])
@@ -1773,10 +1789,18 @@ netdev_queue_get_do_nl_policy_netdev_genl_gen$auto [
 	NETDEV_A_QUEUE_ID	nlattr[NETDEV_A_QUEUE_ID, int32]
 ] [varlen]
 
+netdev_queue_get_dump_nl_policy_netdev_genl_gen$auto [
+	NETDEV_A_QUEUE_IFINDEX	nlattr[NETDEV_A_QUEUE_IFINDEX, ifindex]
+] [varlen]
+
 netdev_napi_get_do_nl_policy_netdev_genl_gen$auto [
 	NETDEV_A_NAPI_ID	nlattr[NETDEV_A_NAPI_ID, int32]
 ] [varlen]
 
+netdev_napi_get_dump_nl_policy_netdev_genl_gen$auto [
+	NETDEV_A_NAPI_IFINDEX	nlattr[NETDEV_A_NAPI_IFINDEX, ifindex]
+] [varlen]
+
 netdev_qstats_get_nl_policy_netdev_genl_gen$auto [
 	NETDEV_A_QSTATS_IFINDEX	nlattr[NETDEV_A_QSTATS_IFINDEX, ifindex]
 	NETDEV_A_QSTATS_SCOPE	nlattr[NETDEV_A_QSTATS_SCOPE, int64]
@@ -1850,10 +1874,15 @@ resource genl_nfsd_family_id$auto[int16]
 type msghdr_nfsd$auto[CMD, POLICY] msghdr_netlink[netlink_msg_t[genl_nfsd_family_id$auto, genlmsghdr_t[CMD], POLICY]]
 syz_genetlink_get_family_id$auto_nfsd(name ptr[in, string["nfsd"]], fd sock_nl_generic) genl_nfsd_family_id$auto
 
+sendmsg$auto_NFSD_CMD_RPC_STATUS_GET(fd sock_nl_generic, msg ptr[in, msghdr_nfsd$auto[NFSD_CMD_RPC_STATUS_GET, void]], f flags[send_flags])
 sendmsg$auto_NFSD_CMD_THREADS_SET(fd sock_nl_generic, msg ptr[in, msghdr_nfsd$auto[NFSD_CMD_THREADS_SET, nfsd_threads_set_nl_policy_netlink$auto]], f flags[send_flags])
+sendmsg$auto_NFSD_CMD_THREADS_GET(fd sock_nl_generic, msg ptr[in, msghdr_nfsd$auto[NFSD_CMD_THREADS_GET, void]], f flags[send_flags])
 sendmsg$auto_NFSD_CMD_VERSION_SET(fd sock_nl_generic, msg ptr[in, msghdr_nfsd$auto[NFSD_CMD_VERSION_SET, nfsd_version_set_nl_policy_netlink$auto]], f flags[send_flags])
+sendmsg$auto_NFSD_CMD_VERSION_GET(fd sock_nl_generic, msg ptr[in, msghdr_nfsd$auto[NFSD_CMD_VERSION_GET, void]], f flags[send_flags])
 sendmsg$auto_NFSD_CMD_LISTENER_SET(fd sock_nl_generic, msg ptr[in, msghdr_nfsd$auto[NFSD_CMD_LISTENER_SET, nfsd_listener_set_nl_policy_netlink$auto]], f flags[send_flags])
+sendmsg$auto_NFSD_CMD_LISTENER_GET(fd sock_nl_generic, msg ptr[in, msghdr_nfsd$auto[NFSD_CMD_LISTENER_GET, void]], f flags[send_flags])
 sendmsg$auto_NFSD_CMD_POOL_MODE_SET(fd sock_nl_generic, msg ptr[in, msghdr_nfsd$auto[NFSD_CMD_POOL_MODE_SET, nfsd_pool_mode_set_nl_policy_netlink$auto]], f flags[send_flags])
+sendmsg$auto_NFSD_CMD_POOL_MODE_GET(fd sock_nl_generic, msg ptr[in, msghdr_nfsd$auto[NFSD_CMD_POOL_MODE_GET, void]], f flags[send_flags])
 
 nfsd_threads_set_nl_policy_netlink$auto [
 	NFSD_A_SERVER_THREADS	nlattr[NFSD_A_SERVER_THREADS, int32]
@@ -2462,6 +2491,7 @@ type msghdr_nlctrl$auto[CMD, POLICY] msghdr_netlink[netlink_msg_t[genl_nlctrl_fa
 syz_genetlink_get_family_id$auto_nlctrl(name ptr[in, string["nlctrl"]], fd sock_nl_generic) genl_nlctrl_family_id$auto
 
 sendmsg$auto_CTRL_CMD_GETFAMILY(fd sock_nl_generic, msg ptr[in, msghdr_nlctrl$auto[CTRL_CMD_GETFAMILY, ctrl_policy_family_genetlink$auto]], f flags[send_flags])
+sendmsg$auto_CTRL_CMD_GETFAMILY2(fd sock_nl_generic, msg ptr[in, msghdr_nlctrl$auto[CTRL_CMD_GETFAMILY, ctrl_policy_family_genetlink$auto]], f flags[send_flags])
 sendmsg$auto_CTRL_CMD_GETPOLICY(fd sock_nl_generic, msg ptr[in, msghdr_nlctrl$auto[CTRL_CMD_GETPOLICY, ctrl_policy_policy_genetlink$auto]], f flags[send_flags])
 
 ctrl_policy_family_genetlink$auto [
@@ -2579,6 +2609,11 @@ vport_policy_datapath$auto [
 	OVS_VPORT_ATTR_UPCALL_STATS	nlnest[OVS_VPORT_ATTR_UPCALL_STATS, array[nl_generic_attr]]
 ] [varlen]
 
+resource genl_psample_family_id$auto[int16]
+type msghdr_psample$auto[CMD, POLICY] msghdr_netlink[netlink_msg_t[genl_psample_family_id$auto, genlmsghdr_t[CMD], POLICY]]
+syz_genetlink_get_family_id$auto_psample(name ptr[in, string["psample"]], fd sock_nl_generic) genl_psample_family_id$auto
+
+sendmsg$auto_PSAMPLE_CMD_GET_GROUP(fd sock_nl_generic, msg ptr[in, msghdr_psample$auto[PSAMPLE_CMD_GET_GROUP, void]], f flags[send_flags])
 resource genl_tcp_metrics_family_id$auto[int16]
 type msghdr_tcp_metrics$auto[CMD, POLICY] msghdr_netlink[netlink_msg_t[genl_tcp_metrics_family_id$auto, genlmsghdr_t[CMD], POLICY]]
 syz_genetlink_get_family_id$auto_tcp_metrics(name ptr[in, string["tcp_metrics"]], fd sock_nl_generic) genl_tcp_metrics_family_id$auto
diff --git a/sys/linux/auto.txt.const b/sys/linux/auto.txt.const
index 8fc43268a..36eca3307 100644
--- a/sys/linux/auto.txt.const
+++ b/sys/linux/auto.txt.const
@@ -450,6 +450,8 @@ IOAM6_CMD_ADD_NAMESPACE = 1
 IOAM6_CMD_ADD_SCHEMA = 4
 IOAM6_CMD_DEL_NAMESPACE = 2
 IOAM6_CMD_DEL_SCHEMA = 5
+IOAM6_CMD_DUMP_NAMESPACES = 3
+IOAM6_CMD_DUMP_SCHEMAS = 6
 IOAM6_CMD_NS_SET_SCHEMA = 7
 IPVS_CMD_ATTR_DAEMON = 3
 IPVS_CMD_ATTR_DEST = 2
@@ -578,6 +580,7 @@ NETDEV_A_DMABUF_QUEUES = 2
 NETDEV_A_NAPI_DEFER_HARD_IRQS = 5
 NETDEV_A_NAPI_GRO_FLUSH_TIMEOUT = 6
 NETDEV_A_NAPI_ID = 2
+NETDEV_A_NAPI_IFINDEX = 1
 NETDEV_A_NAPI_IRQ_SUSPEND_TIMEOUT = 7
 NETDEV_A_PAGE_POOL_ID = 1
 NETDEV_A_QSTATS_IFINDEX = 1
@@ -672,9 +675,14 @@ NFSD_A_SOCK_TRANSPORT_NAME = 2
 NFSD_A_VERSION_ENABLED = 3
 NFSD_A_VERSION_MAJOR = 1
 NFSD_A_VERSION_MINOR = 2
+NFSD_CMD_LISTENER_GET = 7
 NFSD_CMD_LISTENER_SET = 6
+NFSD_CMD_POOL_MODE_GET = 9
 NFSD_CMD_POOL_MODE_SET = 8
+NFSD_CMD_RPC_STATUS_GET = 1
+NFSD_CMD_THREADS_GET = 3
 NFSD_CMD_THREADS_SET = 2
+NFSD_CMD_VERSION_GET = 5
 NFSD_CMD_VERSION_SET = 4
 NL80211_ATTR_4ADDR = 83
 NL80211_ATTR_ACL_POLICY = 165
@@ -1359,6 +1367,7 @@ OVS_VPORT_CMD_DEL = 2
 OVS_VPORT_CMD_GET = 3
 OVS_VPORT_CMD_NEW = 1
 OVS_VPORT_CMD_SET = 4
+PSAMPLE_CMD_GET_GROUP = 1
 QCA_WLAN_VENDOR_ATTR_MAX = 8
 SEG6_ATTR_ALGID = 6
 SEG6_ATTR_DST = 1
diff --git a/sys/linux/auto.txt.info b/sys/linux/auto.txt.info
index 3ee32e87f..0b71da58c 100644
--- a/sys/linux/auto.txt.info
+++ b/sys/linux/auto.txt.info
@@ -76,6 +76,7 @@ NETLINK	BATADV_CMD_TP_METER	func:batadv_netlink_tp_meter_start	access:ns_admin	m
 NETLINK	BATADV_CMD_TP_METER_CANCEL	func:batadv_netlink_tp_meter_cancel	access:ns_admin	manual_desc:true	auto_desc:true	file:net/batman-adv/netlink.c	subsystem:batman
 NETLINK	CGROUPSTATS_CMD_GET	func:cgroupstats_user_cmd	access:user	manual_desc:false	auto_desc:true	file:kernel/taskstats.c	subsystem:kernel
 NETLINK	CIFS_GENL_CMD_SWN_NOTIFY	func:cifs_swn_notify	access:user	manual_desc:false	auto_desc:true	file:fs/smb/client/netlink.c	subsystem:cifs
+NETLINK	CTRL_CMD_GETFAMILY	func:ctrl_dumpfamily	access:user	manual_desc:false	auto_desc:true	file:net/netlink/genetlink.c	subsystem:net
 NETLINK	CTRL_CMD_GETFAMILY	func:ctrl_getfamily	access:user	manual_desc:false	auto_desc:true	file:net/netlink/genetlink.c	subsystem:net
 NETLINK	CTRL_CMD_GETPOLICY	func:ctrl_dumppolicy_start	access:user	manual_desc:false	auto_desc:true	file:net/netlink/genetlink.c	subsystem:net
 NETLINK	ETHTOOL_MSG_CABLE_TEST_ACT	func:ethnl_act_cable_test	access:ns_admin	manual_desc:false	auto_desc:true	file:net/ethtool/netlink.c	subsystem:net
@@ -170,6 +171,8 @@ NETLINK	IOAM6_CMD_ADD_NAMESPACE	func:ioam6_genl_addns	access:admin	manual_desc:f
 NETLINK	IOAM6_CMD_ADD_SCHEMA	func:ioam6_genl_addsc	access:admin	manual_desc:false	auto_desc:true	file:net/ipv6/ioam6.c	subsystem:net
 NETLINK	IOAM6_CMD_DEL_NAMESPACE	func:ioam6_genl_delns	access:admin	manual_desc:false	auto_desc:true	file:net/ipv6/ioam6.c	subsystem:net
 NETLINK	IOAM6_CMD_DEL_SCHEMA	func:ioam6_genl_delsc	access:admin	manual_desc:false	auto_desc:true	file:net/ipv6/ioam6.c	subsystem:net
+NETLINK	IOAM6_CMD_DUMP_NAMESPACES	func:ioam6_genl_dumpns	access:admin	manual_desc:false	auto_desc:true	file:net/ipv6/ioam6.c	subsystem:net
+NETLINK	IOAM6_CMD_DUMP_SCHEMAS	func:ioam6_genl_dumpsc	access:admin	manual_desc:false	auto_desc:true	file:net/ipv6/ioam6.c	subsystem:net
 NETLINK	IOAM6_CMD_NS_SET_SCHEMA	func:ioam6_genl_ns_set_schema	access:admin	manual_desc:false	auto_desc:true	file:net/ipv6/ioam6.c	subsystem:net
 NETLINK	IPVS_CMD_DEL_DAEMON	func:ip_vs_genl_set_daemon	access:admin	manual_desc:true	auto_desc:true	file:net/netfilter/ipvs/ip_vs_ctl.c	subsystem:lvs
 NETLINK	IPVS_CMD_DEL_DEST	func:ip_vs_genl_set_cmd	access:admin	manual_desc:true	auto_desc:true	file:net/netfilter/ipvs/ip_vs_ctl.c	subsystem:lvs
@@ -225,19 +228,25 @@ NETLINK	NCSI_CMD_SET_INTERFACE	func:ncsi_set_interface_nl	access:admin	manual_de
 NETLINK	NCSI_CMD_SET_PACKAGE_MASK	func:ncsi_set_package_mask_nl	access:admin	manual_desc:false	auto_desc:true	file:net/ncsi/ncsi-netlink.c	subsystem:net
 NETLINK	NETDEV_CMD_BIND_RX	func:netdev_nl_bind_rx_doit	access:admin	manual_desc:false	auto_desc:true	file:net/core/netdev-genl-gen.c	subsystem:net
 NETLINK	NETDEV_CMD_DEV_GET	func:netdev_nl_dev_get_doit	access:user	manual_desc:false	auto_desc:true	file:net/core/netdev-genl-gen.c	subsystem:net
+NETLINK	NETDEV_CMD_DEV_GET	func:netdev_nl_dev_get_dumpit	access:user	manual_desc:false	auto_desc:true	file:net/core/netdev-genl-gen.c	subsystem:net
 NETLINK	NETDEV_CMD_NAPI_GET	func:netdev_nl_napi_get_doit	access:user	manual_desc:false	auto_desc:true	file:net/core/netdev-genl-gen.c	subsystem:net
+NETLINK	NETDEV_CMD_NAPI_GET	func:netdev_nl_napi_get_dumpit	access:user	manual_desc:false	auto_desc:true	file:net/core/netdev-genl-gen.c	subsystem:net
 NETLINK	NETDEV_CMD_NAPI_SET	func:netdev_nl_napi_set_doit	access:admin	manual_desc:false	auto_desc:true	file:net/core/netdev-genl-gen.c	subsystem:net
 NETLINK	NETDEV_CMD_PAGE_POOL_GET	func:netdev_nl_page_pool_get_doit	access:user	manual_desc:false	auto_desc:true	file:net/core/netdev-genl-gen.c	subsystem:net
+NETLINK	NETDEV_CMD_PAGE_POOL_GET	func:netdev_nl_page_pool_get_dumpit	access:user	manual_desc:false	auto_desc:true	file:net/core/netdev-genl-gen.c	subsystem:net
 NETLINK	NETDEV_CMD_QSTATS_GET	func:netdev_nl_qstats_get_dumpit	access:user	manual_desc:false	auto_desc:true	file:net/core/netdev-genl-gen.c	subsystem:net
 NETLINK	NETDEV_CMD_QUEUE_GET	func:netdev_nl_queue_get_doit	access:user	manual_desc:false	auto_desc:true	file:net/core/netdev-genl-gen.c	subsystem:net
+NETLINK	NETDEV_CMD_QUEUE_GET	func:netdev_nl_queue_get_dumpit	access:user	manual_desc:false	auto_desc:true	file:net/core/netdev-genl-gen.c	subsystem:net
 NETLINK	NET_DM_CMD_CONFIG	func:net_dm_cmd_config	access:admin	manual_desc:false	auto_desc:true	file:net/core/drop_monitor.c	subsystem:net
 NETLINK	NET_DM_CMD_CONFIG_GET	func:net_dm_cmd_config_get	access:user	manual_desc:false	auto_desc:true	file:net/core/drop_monitor.c	subsystem:net
 NETLINK	NET_DM_CMD_START	func:net_dm_cmd_trace	access:admin	manual_desc:true	auto_desc:true	file:net/core/drop_monitor.c	subsystem:net
 NETLINK	NET_DM_CMD_STATS_GET	func:net_dm_cmd_stats_get	access:user	manual_desc:false	auto_desc:true	file:net/core/drop_monitor.c	subsystem:net
 NETLINK	NET_DM_CMD_STOP	func:net_dm_cmd_trace	access:admin	manual_desc:true	auto_desc:true	file:net/core/drop_monitor.c	subsystem:net
 NETLINK	NET_SHAPER_CMD_CAP_GET	func:net_shaper_nl_cap_pre_doit	access:user	manual_desc:false	auto_desc:true	file:net/shaper/shaper_nl_gen.c	subsystem:net
+NETLINK	NET_SHAPER_CMD_CAP_GET	func:net_shaper_nl_cap_pre_dumpit	access:user	manual_desc:false	auto_desc:true	file:net/shaper/shaper_nl_gen.c	subsystem:net
 NETLINK	NET_SHAPER_CMD_DELETE	func:net_shaper_nl_pre_doit	access:admin	manual_desc:false	auto_desc:true	file:net/shaper/shaper_nl_gen.c	subsystem:net
 NETLINK	NET_SHAPER_CMD_GET	func:net_shaper_nl_pre_doit	access:user	manual_desc:false	auto_desc:true	file:net/shaper/shaper_nl_gen.c	subsystem:net
+NETLINK	NET_SHAPER_CMD_GET	func:net_shaper_nl_pre_dumpit	access:user	manual_desc:false	auto_desc:true	file:net/shaper/shaper_nl_gen.c	subsystem:net
 NETLINK	NET_SHAPER_CMD_GROUP	func:net_shaper_nl_pre_doit	access:admin	manual_desc:false	auto_desc:true	file:net/shaper/shaper_nl_gen.c	subsystem:net
 NETLINK	NET_SHAPER_CMD_SET	func:net_shaper_nl_pre_doit	access:admin	manual_desc:false	auto_desc:true	file:net/shaper/shaper_nl_gen.c	subsystem:net
 NETLINK	NFC_CMD_ACTIVATE_TARGET	func:nfc_genl_activate_target	access:admin	manual_desc:true	auto_desc:true	file:net/nfc/netlink.c	subsystem:net	subsystem:nfc
@@ -259,9 +268,14 @@ NETLINK	NFC_CMD_SE_IO	func:nfc_genl_se_io	access:admin	manual_desc:true	auto_des
 NETLINK	NFC_CMD_START_POLL	func:nfc_genl_start_poll	access:admin	manual_desc:true	auto_desc:true	file:net/nfc/netlink.c	subsystem:net	subsystem:nfc
 NETLINK	NFC_CMD_STOP_POLL	func:nfc_genl_stop_poll	access:admin	manual_desc:false	auto_desc:true	file:net/nfc/netlink.c	subsystem:net	subsystem:nfc
 NETLINK	NFC_CMD_VENDOR	func:nfc_genl_vendor_cmd	access:admin	manual_desc:true	auto_desc:true	file:net/nfc/netlink.c	subsystem:net	subsystem:nfc
+NETLINK	NFSD_CMD_LISTENER_GET	func:nfsd_nl_listener_get_doit	access:user	manual_desc:false	auto_desc:true	file:fs/nfsd/netlink.c	subsystem:nfs
 NETLINK	NFSD_CMD_LISTENER_SET	func:nfsd_nl_listener_set_doit	access:admin	manual_desc:false	auto_desc:true	file:fs/nfsd/netlink.c	subsystem:nfs
+NETLINK	NFSD_CMD_POOL_MODE_GET	func:nfsd_nl_pool_mode_get_doit	access:user	manual_desc:false	auto_desc:true	file:fs/nfsd/netlink.c	subsystem:nfs
 NETLINK	NFSD_CMD_POOL_MODE_SET	func:nfsd_nl_pool_mode_set_doit	access:admin	manual_desc:false	auto_desc:true	file:fs/nfsd/netlink.c	subsystem:nfs
+NETLINK	NFSD_CMD_RPC_STATUS_GET	func:nfsd_nl_rpc_status_get_dumpit	access:user	manual_desc:false	auto_desc:true	file:fs/nfsd/netlink.c	subsystem:nfs
+NETLINK	NFSD_CMD_THREADS_GET	func:nfsd_nl_threads_get_doit	access:user	manual_desc:false	auto_desc:true	file:fs/nfsd/netlink.c	subsystem:nfs
 NETLINK	NFSD_CMD_THREADS_SET	func:nfsd_nl_threads_set_doit	access:admin	manual_desc:false	auto_desc:true	file:fs/nfsd/netlink.c	subsystem:nfs
+NETLINK	NFSD_CMD_VERSION_GET	func:nfsd_nl_version_get_doit	access:user	manual_desc:false	auto_desc:true	file:fs/nfsd/netlink.c	subsystem:nfs
 NETLINK	NFSD_CMD_VERSION_SET	func:nfsd_nl_version_set_doit	access:admin	manual_desc:false	auto_desc:true	file:fs/nfsd/netlink.c	subsystem:nfs
 NETLINK	NL80211_CMD_ABORT_SCAN	func:nl80211_abort_scan	access:ns_admin	manual_desc:true	auto_desc:true	file:net/wireless/nl80211.c	subsystem:wireless
 NETLINK	NL80211_CMD_ADD_LINK	func:nl80211_add_link	access:ns_admin	manual_desc:false	auto_desc:true	file:net/wireless/nl80211.c	subsystem:wireless
@@ -459,6 +473,7 @@ NETLINK	OVS_VPORT_CMD_DEL	func:ovs_vport_cmd_del	access:ns_admin	manual_desc:fal
 NETLINK	OVS_VPORT_CMD_GET	func:ovs_vport_cmd_get	access:user	manual_desc:false	auto_desc:true	file:net/openvswitch/datapath.c	subsystem:openvswitch
 NETLINK	OVS_VPORT_CMD_NEW	func:ovs_vport_cmd_new	access:ns_admin	manual_desc:false	auto_desc:true	file:net/openvswitch/datapath.c	subsystem:openvswitch
 NETLINK	OVS_VPORT_CMD_SET	func:ovs_vport_cmd_set	access:ns_admin	manual_desc:false	auto_desc:true	file:net/openvswitch/datapath.c	subsystem:openvswitch
+NETLINK	PSAMPLE_CMD_GET_GROUP	func:psample_nl_cmd_get_group_dumpit	access:user	manual_desc:false	auto_desc:true	file:net/psample/psample.c	subsystem:net
 NETLINK	SEG6_CMD_DUMPHMAC	func:seg6_genl_dumphmac	access:admin	manual_desc:true	auto_desc:true	file:net/ipv6/seg6.c	subsystem:net
 NETLINK	SEG6_CMD_GET_TUNSRC	func:seg6_genl_get_tunsrc	access:admin	manual_desc:true	auto_desc:true	file:net/ipv6/seg6.c	subsystem:net
 NETLINK	SEG6_CMD_SETHMAC	func:seg6_genl_sethmac	access:admin	manual_desc:true	auto_desc:true	file:net/ipv6/seg6.c	subsystem:net
diff --git a/tools/syz-declextract/testdata/netlink.c b/tools/syz-declextract/testdata/netlink.c
index 355b84f1f..dc6ea4388 100644
--- a/tools/syz-declextract/testdata/netlink.c
+++ b/tools/syz-declextract/testdata/netlink.c
@@ -28,6 +28,10 @@ const struct nla_policy foo_genl_policy[] = {
 	[NETLINK_FOO_ATTR7]	= { .len = sizeof(var) },
 };
 
+const struct nla_policy foo_dump_genl_policy[] = {
+	[NETLINK_FOO_ATTR1]	= { .type = NLA_U32 },
+};
+
 const struct nla_policy genl_policy_reject_all[] = {
 	{ .type = NLA_REJECT },
 	{ .type = NLA_REJECT },
@@ -44,10 +48,16 @@ static const struct genl_ops foo_ops[] = {
 		.flags = GENL_ADMIN_PERM,
 		.doit = foo_cmd,
 	},
+	{
+		.cmd = NETLINK_FOO_CMD_BAR,
+		.flags = GENL_UNS_ADMIN_PERM,
+		.doit = bar_cmd,
+	},
 	{
 		.cmd = NETLINK_FOO_CMD_BAR,
 		.flags = GENL_UNS_ADMIN_PERM,
 		.dumpit = bar_cmd,
+		.policy = foo_dump_genl_policy,
 	},
 };
 
@@ -85,3 +95,20 @@ struct genl_family bar_family = {
 struct genl_family noops_family = {
 	.name = "NOOPS",
 };
+
+enum netlink_nopolicy_cmds {
+	NETLINK_NOPOLICY_CMD,
+};
+
+static const struct genl_ops nopolicy_ops[] = {
+	{
+		.cmd = NETLINK_NOPOLICY_CMD,
+		.doit = foo_cmd,
+	},
+};
+
+struct genl_family nopolicy_family = {
+	.name = "nopolicy",
+	.ops = nopolicy_ops,
+	.n_ops = ARRAY_SIZE(nopolicy_ops),
+};
diff --git a/tools/syz-declextract/testdata/netlink.c.info b/tools/syz-declextract/testdata/netlink.c.info
index e15a8e738..e57a57c73 100644
--- a/tools/syz-declextract/testdata/netlink.c.info
+++ b/tools/syz-declextract/testdata/netlink.c.info
@@ -1,3 +1,4 @@
 NETLINK	NETLINK_BAR_CMD_FOO	func:NETLINK_BAR_CMD_FOO	access:user	manual_desc:false	auto_desc:true	file:netlink.c	subsystem:kernel
 NETLINK	NETLINK_FOO_CMD_BAR	func:bar_cmd	access:ns_admin	manual_desc:false	auto_desc:true	file:netlink.c	subsystem:kernel
 NETLINK	NETLINK_FOO_CMD_FOO	func:foo_cmd	access:admin	manual_desc:false	auto_desc:true	file:netlink.c	subsystem:kernel
+NETLINK	NETLINK_NOPOLICY_CMD	func:foo_cmd	access:user	manual_desc:false	auto_desc:true	file:netlink.c	subsystem:kernel
diff --git a/tools/syz-declextract/testdata/netlink.c.json b/tools/syz-declextract/testdata/netlink.c.json
index 99b18aae8..ed3a04b79 100644
--- a/tools/syz-declextract/testdata/netlink.c.json
+++ b/tools/syz-declextract/testdata/netlink.c.json
@@ -14,6 +14,10 @@
 		{
 			"name": "NETLINK_FOO_NESTED_ATTR2",
 			"value": "1"
+		},
+		{
+			"name": "NETLINK_NOPOLICY_CMD",
+			"value": "0"
 		}
 	],
 	"structs": [
@@ -127,12 +131,38 @@
 					"func": "bar_cmd",
 					"access": "ns_admin",
 					"policy": "foo_genl_policy_netlink"
+				},
+				{
+					"name": "NETLINK_FOO_CMD_BAR",
+					"func": "bar_cmd",
+					"access": "ns_admin",
+					"policy": "foo_dump_genl_policy_netlink"
+				}
+			],
+			"source_file": "netlink.c"
+		},
+		{
+			"name": "nopolicy",
+			"ops": [
+				{
+					"name": "NETLINK_NOPOLICY_CMD",
+					"func": "foo_cmd",
+					"access": "user"
 				}
 			],
 			"source_file": "netlink.c"
 		}
 	],
 	"netlink_policies": [
+		{
+			"name": "foo_dump_genl_policy_netlink",
+			"attrs": [
+				{
+					"name": "NETLINK_FOO_ATTR1",
+					"kind": "NLA_U32"
+				}
+			]
+		},
 		{
 			"name": "foo_genl_nested_policy_netlink",
 			"attrs": [
diff --git a/tools/syz-declextract/testdata/netlink.c.txt b/tools/syz-declextract/testdata/netlink.c.txt
index 96af4f31b..f4042d816 100644
--- a/tools/syz-declextract/testdata/netlink.c.txt
+++ b/tools/syz-declextract/testdata/netlink.c.txt
@@ -36,6 +36,17 @@ syz_genetlink_get_family_id$auto_foo_family(name ptr[in, string["foo family"]],
 
 sendmsg$auto_NETLINK_FOO_CMD_FOO(fd sock_nl_generic, msg ptr[in, msghdr_foo_family$auto[NETLINK_FOO_CMD_FOO, foo_genl_policy_netlink$auto]], f flags[send_flags])
 sendmsg$auto_NETLINK_FOO_CMD_BAR(fd sock_nl_generic, msg ptr[in, msghdr_foo_family$auto[NETLINK_FOO_CMD_BAR, foo_genl_policy_netlink$auto]], f flags[send_flags])
+sendmsg$auto_NETLINK_FOO_CMD_BAR2(fd sock_nl_generic, msg ptr[in, msghdr_foo_family$auto[NETLINK_FOO_CMD_BAR, foo_dump_genl_policy_netlink$auto]], f flags[send_flags])
+
+foo_dump_genl_policy_netlink$auto [
+	NETLINK_FOO_ATTR1	nlattr[NETLINK_FOO_ATTR1, int32]
+] [varlen]
+
+resource genl_nopolicy_family_id$auto[int16]
+type msghdr_nopolicy$auto[CMD, POLICY] msghdr_netlink[netlink_msg_t[genl_nopolicy_family_id$auto, genlmsghdr_t[CMD], POLICY]]
+syz_genetlink_get_family_id$auto_nopolicy(name ptr[in, string["nopolicy"]], fd sock_nl_generic) genl_nopolicy_family_id$auto
+
+sendmsg$auto_NETLINK_NOPOLICY_CMD(fd sock_nl_generic, msg ptr[in, msghdr_nopolicy$auto[NETLINK_NOPOLICY_CMD, void]], f flags[send_flags])
 
 netlink_foo_struct1$auto {
 	a	int32
@@ -52,3 +63,4 @@ netlink_foo_struct2$auto {
 define NETLINK_BAR_CMD_FOO	0
 define NETLINK_FOO_NESTED_ATTR1	0
 define NETLINK_FOO_NESTED_ATTR2	1
+define NETLINK_NOPOLICY_CMD	0
-- 
cgit mrf-deployment