1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
# Copyright 2022 syzkaller project authors. All rights reserved.
# Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
# AF_NETLINK/NETLINK_GENERIC/nfc support.
include <linux/net.h>
include <uapi/linux/netlink.h>
include <uapi/linux/genetlink.h>
include <uapi/linux/nfc.h>
include <net/sock.h>
include <net/nfc/nfc.h>
include <net/nfc/llcp.h>
resource genl_nfc_family_id[int16]
type msghdr_nl_nfc[CMD, POLICY] msghdr_netlink[netlink_msg_t[genl_nfc_family_id, genlmsghdr_t[CMD], POLICY]]
syz_genetlink_get_family_id$nfc(name ptr[in, string["nfc"]], fd sock_nl_generic_init) genl_nfc_family_id
# TODO: it's unclear if anybody uses target idx other than 0. I only see 0.
type nfc_target_idx int32[NFC_TARGET_IDX_ANY:1]
sendmsg$NFC_CMD_GET_DEVICE(fd sock_nl_generic_init, msg ptr[in, msghdr_nl_nfc[NFC_CMD_GET_DEVICE, nfc_genl_policy_dev_index]], f flags[send_flags])
sendmsg$NFC_CMD_DEV_UP(fd sock_nl_generic_init, msg ptr[in, msghdr_nl_nfc[NFC_CMD_DEV_UP, nfc_genl_policy_dev_index]], f flags[send_flags])
sendmsg$NFC_CMD_DEV_DOWN(fd sock_nl_generic_init, msg ptr[in, msghdr_nl_nfc[NFC_CMD_DEV_DOWN, nfc_genl_policy_dev_index]], f flags[send_flags])
sendmsg$NFC_CMD_START_POLL(fd sock_nl_generic_init, msg ptr[in, msghdr_nl_nfc[NFC_CMD_START_POLL, nfc_genl_policy_START_POLL]], f flags[send_flags])
sendmsg$NFC_CMD_ACTIVATE_TARGET(fd sock_nl_generic_init, msg ptr[in, msghdr_nl_nfc[NFC_CMD_ACTIVATE_TARGET, nfc_genl_policy_ACTIVATE_TARGET]], f flags[send_flags])
sendmsg$NFC_CMD_DEACTIVATE_TARGET(fd sock_nl_generic_init, msg ptr[in, msghdr_nl_nfc[NFC_CMD_DEACTIVATE_TARGET, nfc_genl_policy_DEACTIVATE_TARGET]], f flags[send_flags])
sendmsg$NFC_CMD_DEP_LINK_UP(fd sock_nl_generic_init, msg ptr[in, msghdr_nl_nfc[NFC_CMD_DEP_LINK_UP, nfc_genl_policy_DEP_LINK_UP]], f flags[send_flags])
sendmsg$NFC_CMD_DEP_LINK_DOWN(fd sock_nl_generic_init, msg ptr[in, msghdr_nl_nfc[NFC_CMD_DEP_LINK_DOWN, nfc_genl_policy_DEP_LINK_DOWN]], f flags[send_flags])
sendmsg$NFC_CMD_GET_TARGET(fd sock_nl_generic_init, msg ptr[in, msghdr_nl_nfc[NFC_CMD_GET_TARGET, void]], f flags[send_flags])
sendmsg$NFC_CMD_LLC_GET_PARAMS(fd sock_nl_generic_init, msg ptr[in, msghdr_nl_nfc[NFC_CMD_LLC_GET_PARAMS, nfc_genl_policy_LLC_GET_PARAMS]], f flags[send_flags])
sendmsg$NFC_CMD_LLC_SET_PARAMS(fd sock_nl_generic_init, msg ptr[in, msghdr_nl_nfc[NFC_CMD_LLC_SET_PARAMS, nfc_genl_policy_LLC_SET_PARAMS]], f flags[send_flags])
sendmsg$NFC_CMD_LLC_SDREQ(fd sock_nl_generic_init, msg ptr[in, msghdr_nl_nfc[NFC_CMD_LLC_SDREQ, nfc_genl_policy_LLC_SDREQ]], f flags[send_flags])
sendmsg$NFC_CMD_ENABLE_SE(fd sock_nl_generic_init, msg ptr[in, msghdr_nl_nfc[NFC_CMD_ENABLE_SE, nfc_genl_policy_se]], f flags[send_flags])
sendmsg$NFC_CMD_DISABLE_SE(fd sock_nl_generic_init, msg ptr[in, msghdr_nl_nfc[NFC_CMD_DISABLE_SE, nfc_genl_policy_se]], f flags[send_flags])
sendmsg$NFC_CMD_FW_DOWNLOAD(fd sock_nl_generic_init, msg ptr[in, msghdr_nl_nfc[NFC_CMD_FW_DOWNLOAD, nfc_genl_policy_FW_DOWNLOAD]], f flags[send_flags])
sendmsg$NFC_CMD_GET_SE(fd sock_nl_generic_init, msg ptr[in, msghdr_nl_nfc[NFC_CMD_GET_SE, void]], f flags[send_flags])
sendmsg$NFC_CMD_SE_IO(fd sock_nl_generic_init, msg ptr[in, msghdr_nl_nfc[NFC_CMD_SE_IO, nfc_genl_policy_SE_IO]], f flags[send_flags])
sendmsg$NFC_CMD_VENDOR(fd sock_nl_generic_init, msg ptr[in, msghdr_nl_nfc[NFC_CMD_VENDOR, nfc_genl_policy_VENDOR]], f flags[send_flags])
nfc_genl_policy_dev_index [
NFC_ATTR_DEVICE_INDEX nlattr[NFC_ATTR_DEVICE_INDEX, nfc_dev_id]
] [varlen]
nfc_genl_policy_START_POLL [
NFC_ATTR_DEVICE_INDEX nlattr[NFC_ATTR_DEVICE_INDEX, nfc_dev_id]
NFC_ATTR_PROTOCOLS nlattr[NFC_ATTR_PROTOCOLS, flags[nfc_proto_mask, int32]]
NFC_ATTR_IM_PROTOCOLS nlattr[NFC_ATTR_IM_PROTOCOLS, flags[nfc_proto_mask, int32]]
NFC_ATTR_TM_PROTOCOLS nlattr[NFC_ATTR_TM_PROTOCOLS, flags[nfc_proto_mask, int32]]
] [varlen]
nfc_genl_policy_ACTIVATE_TARGET [
NFC_ATTR_DEVICE_INDEX nlattr[NFC_ATTR_DEVICE_INDEX, nfc_dev_id]
NFC_ATTR_TARGET_INDEX nlattr[NFC_ATTR_TARGET_INDEX, nfc_target_idx]
NFC_ATTR_PROTOCOLS nlattr[NFC_ATTR_PROTOCOLS, flags[nfc_proto, int32]]
] [varlen]
nfc_genl_policy_DEACTIVATE_TARGET [
NFC_ATTR_DEVICE_INDEX nlattr[NFC_ATTR_DEVICE_INDEX, nfc_dev_id]
NFC_ATTR_TARGET_INDEX nlattr[NFC_ATTR_TARGET_INDEX, nfc_target_idx]
] [varlen]
nfc_genl_policy_DEP_LINK_UP [
NFC_ATTR_DEVICE_INDEX nlattr[NFC_ATTR_DEVICE_INDEX, nfc_dev_id]
NFC_ATTR_TARGET_INDEX nlattr[NFC_ATTR_TARGET_INDEX, nfc_target_idx]
NFC_ATTR_COMM_MODE nlattr[NFC_ATTR_COMM_MODE, flags[nfc_comm_mode, int8]]
] [varlen]
nfc_genl_policy_DEP_LINK_DOWN [
NFC_ATTR_DEVICE_INDEX nlattr[NFC_ATTR_DEVICE_INDEX, nfc_dev_id]
NFC_ATTR_TARGET_INDEX nlattr[NFC_ATTR_TARGET_INDEX, nfc_target_idx]
] [varlen]
nfc_genl_policy_LLC_GET_PARAMS [
NFC_ATTR_DEVICE_INDEX nlattr[NFC_ATTR_DEVICE_INDEX, nfc_dev_id]
NFC_ATTR_FIRMWARE_NAME nlattr[NFC_ATTR_FIRMWARE_NAME, stringnoz]
] [varlen]
nfc_genl_policy_LLC_SET_PARAMS [
NFC_ATTR_DEVICE_INDEX nlattr[NFC_ATTR_DEVICE_INDEX, nfc_dev_id]
NFC_ATTR_LLC_PARAM_LTO nlattr[NFC_ATTR_LLC_PARAM_LTO, int8]
NFC_ATTR_LLC_PARAM_RW nlattr[NFC_ATTR_LLC_PARAM_RW, int8[0:LLCP_MAX_RW]]
NFC_ATTR_LLC_PARAM_MIUX nlattr[NFC_ATTR_LLC_PARAM_MIUX, int16[0:LLCP_MAX_MIUX]]
] [varlen]
nfc_genl_policy_se [
NFC_ATTR_DEVICE_INDEX nlattr[NFC_ATTR_DEVICE_INDEX, nfc_dev_id]
NFC_ATTR_SE_INDEX nlattr[NFC_ATTR_SE_INDEX, flags[nfc_se_index, int32]]
] [varlen]
nfc_genl_policy_LLC_SDREQ [
NFC_ATTR_DEVICE_INDEX nlattr[NFC_ATTR_DEVICE_INDEX, nfc_dev_id]
NFC_ATTR_LLC_SDP nlnest[NFC_ATTR_LLC_SDP, array[nlnest[0, array[nlattr[NFC_SDP_ATTR_URI, stringnoz]]]]]
] [varlen]
nfc_genl_policy_FW_DOWNLOAD [
NFC_ATTR_DEVICE_INDEX nlattr[NFC_ATTR_DEVICE_INDEX, nfc_dev_id]
NFC_ATTR_FIRMWARE_NAME nlattr[NFC_ATTR_FIRMWARE_NAME, stringnoz]
] [varlen]
nfc_genl_policy_SE_IO [
NFC_ATTR_DEVICE_INDEX nlattr[NFC_ATTR_DEVICE_INDEX, nfc_dev_id]
NFC_ATTR_SE_INDEX nlattr[NFC_ATTR_SE_INDEX, flags[nfc_se_index, int32]]
NFC_ATTR_SE_APDU nlattr[NFC_ATTR_SE_APDU, array[int8]]
] [varlen]
nfc_genl_policy_VENDOR [
NFC_ATTR_DEVICE_INDEX nlattr[NFC_ATTR_DEVICE_INDEX, nfc_dev_id]
NFC_ATTR_VENDOR_ID nlattr[NFC_ATTR_VENDOR_ID, int32]
NFC_ATTR_VENDOR_SUBCMD nlattr[NFC_ATTR_VENDOR_SUBCMD, int32]
NFC_ATTR_VENDOR_DATA nlattr[NFC_ATTR_VENDOR_DATA, array[int8]]
] [varlen]
nfc_comm_mode = NFC_COMM_ACTIVE, NFC_COMM_PASSIVE
# These are taken from nfc_add_se() arguments.
nfc_se_index = 0, 1, 2, 192
|
