sys/linux: use type templates for netlink

-350 lines of descriptions

executor/syscalls_linux.h

@@ -2,7 +2,7 @@
 
 #if defined(__i386__) || 0
 #define GOARCH "386"
-#define SYZ_REVISION "60e4a07d354bb722a431bf46d523f9aa90eacfc4"
+#define SYZ_REVISION "06b3f0c6861639be4563896825a11553e772909f"
 #define __NR_syz_emit_ethernet 1000000
 #define __NR_syz_extract_tcp_res 1000001
 #define __NR_syz_fuse_mount 1000002
@@ -1511,7 +1511,7 @@ call_t syscalls[] = {
 
 #if defined(__x86_64__) || 0
 #define GOARCH "amd64"
-#define SYZ_REVISION "2e682becd8d7b5132cc415f50ccd04e4c48357d6"
+#define SYZ_REVISION "b54ecf272e7f7c3c8b64f1491f301fea237859bb"
 #define __NR_syz_emit_ethernet 1000000
 #define __NR_syz_extract_tcp_res 1000001
 #define __NR_syz_fuse_mount 1000002
@@ -3073,7 +3073,7 @@ call_t syscalls[] = {
 
 #if defined(__arm__) || 0
 #define GOARCH "arm"
-#define SYZ_REVISION "2b020240de0d6ebb7b3a556196e52c219826e744"
+#define SYZ_REVISION "17740fbac19fdbde68a1dec73989863f81a31a56"
 #define __NR_syz_emit_ethernet 1000000
 #define __NR_syz_extract_tcp_res 1000001
 #define __NR_syz_fuse_mount 1000002
@@ -4592,7 +4592,7 @@ call_t syscalls[] = {
 
 #if defined(__aarch64__) || 0
 #define GOARCH "arm64"
-#define SYZ_REVISION "1681a7f46f5226c3b94952faa7116481f9db058f"
+#define SYZ_REVISION "fb916c0a347778e229092fb28f0dc20593d1eb35"
 #define __NR_syz_emit_ethernet 1000000
 #define __NR_syz_extract_tcp_res 1000001
 #define __NR_syz_fuse_mount 1000002
@@ -6083,7 +6083,7 @@ call_t syscalls[] = {
 
 #if defined(__ppc64__) || defined(__PPC64__) || defined(__powerpc64__) || 0
 #define GOARCH "ppc64le"
-#define SYZ_REVISION "826e8302e62189d0525f546a8949de09b658763e"
+#define SYZ_REVISION "7ee459ec9e838df79959f0e83d49471728eca535"
 #define __NR_syz_emit_ethernet 1000000
 #define __NR_syz_extract_tcp_res 1000001
 #define __NR_syz_fuse_mount 1000002

sys/linux/socket_netlink.txt

@@ -16,7 +16,7 @@ bind$netlink(fd sock_netlink, addr ptr[in, sockaddr_nl_proc], addrlen len[addr])
 connect$netlink(fd sock_netlink, addr ptr[in, sockaddr_nl], addrlen len[addr])
 getsockname$netlink(fd sock_netlink, addr ptr[out, sockaddr_nl_unspec], addrlen ptr[inout, len[addr, int32]])
 getpeername$netlink(fd sock_netlink, peer ptr[out, sockaddr_nl_unspec], peerlen ptr[inout, len[peer, int32]])
-sendmsg$netlink(fd sock_netlink, msg ptr[in, msghdr_netlink], f flags[send_flags])
+sendmsg$netlink(fd sock_netlink, msg ptr[in, msghdr_netlink_generic], f flags[send_flags])
 setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_ADD_MEMBERSHIP], arg ptr[in, int32[0:31]], arglen len[arg])
 setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_DROP_MEMBERSHIP], arg ptr[in, int32[0:31]], arglen len[arg])
 setsockopt$netlink_NETLINK_PKTINFO(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_PKTINFO], arg ptr[in, int32], arglen len[arg])
@@ -45,72 +45,76 @@ sockaddr_nl_send [
 	proc	sockaddr_nl_proc
 ]
 
-sockaddr_nl_proc {
-	nl_family	const[AF_NETLINK, int16]
+type sockaddr_nl_t[FAMILY, PID, GROUPS] {
+	nl_family	const[FAMILY, int16]
 	nl_pad		const[0, int16]
-	nl_pid		netlink_port_id
-	nl_groups	flags[netlink_group_bitmap, int32]
+	nl_pid		PID
+	nl_groups	GROUPS
 }
+type sockaddr_nl_proc sockaddr_nl_t[AF_NETLINK, netlink_port_id, flags[netlink_group_bitmap, int32]]
+type sockaddr_nl_kern sockaddr_nl_t[AF_NETLINK, const[0, int32], flags[netlink_group_bitmap, int32]]
+type sockaddr_nl_unspec sockaddr_nl_t[AF_UNSPEC, const[0, int32], const[0, int32]]
 
-sockaddr_nl_kern {
-	nl_family	const[AF_NETLINK, int16]
-	nl_pad		const[0, int16]
-	nl_pid		const[0, int32]
-	nl_groups	flags[netlink_group_bitmap, int32]
-}
-
-sockaddr_nl_unspec {
-	nl_family	const[AF_UNSPEC, int16]
-	nl_pad		const[0, int16]
-	nl_pid		const[0, int32]
-	nl_groups	const[0, int32]
-}
-
-msghdr_netlink {
+type msghdr_netlink_full[MSG] {
 	addr	ptr[in, sockaddr_nl_send, opt]
 	addrlen	len[addr, int32]
-	vec	ptr[in, array[iovec_nl]]
+	vec	ptr[in, array[iovec[in, MSG]]]
 	vlen	len[vec, intptr]
 	ctrl	ptr[in, array[cmsghdr_un], opt]
 	ctrllen	bytesize[ctrl, intptr]
 	f	flags[send_flags, int32]
 }
 
-iovec_nl {
-	data	ptr[in, array[netlink_msg]]
-	len	bytesize[data, intptr]
+# Simplified version of msghdr_netlink_full with kernel address, no control data and only 1 iovec.
+# It's enough for most protocols.
+type msghdr_netlink[MSG] {
+	addr	ptr[in, sockaddr_nl_kern]
+	addrlen	len[addr, int32]
+	vec	ptr[in, iovec[in, MSG]]
+	vlen	const[1, intptr]
+	ctrl	const[0, intptr]
+	ctrllen	const[0, intptr]
+	f	flags[send_flags, int32]
 }
 
-netlink_msg {
+# No body. Generic attribute can represent a random body.
+type msghdr_netlink_generic msghdr_netlink_full[netlink_msg_t[netlink_random_msg_type, void, nl_generic_attr]]
+
+type netlink_msg_t[TYPE, PAYLOAD, ATTRS] {
 	len	len[parent, int32]
-	type	netlink_random_msg_type
+	type	TYPE
 	flags	flags[netlink_msg_flags, int16]
 	seq	netlink_seq
 	pid	netlink_port_id
-# No body. Generic attribute can represent a random body.
-	attrs	array[nl_generic_attr]
+	payload	PAYLOAD
+	attrs	array[ATTRS]
 } [align_4]
 
+type netlink_msg[TYPE, PAYLOAD, ATTRS] netlink_msg_t[const[TYPE, int16], PAYLOAD, ATTRS]
+
+type nlattr_t[TYPE, PAYLOAD] {
+	nla_len		len[parent, int16]
+	nla_type	TYPE
+	payload		PAYLOAD
+} [align_4]
+
+# NL80211 has 150 attributes.
+type nlattr_anytype[PAYLOAD] nlattr_t[int16[0:150], PAYLOAD]
+type nlattr[TYPE, PAYLOAD] nlattr_t[const[TYPE, int16], PAYLOAD]
+
 nl_generic_attr [
 	generic	array[int8]
-	flag	nl_generic_attr_flag
-	typed	nl_generic_attr_typed
-	nested	nl_generic_attr_nested
+	typed	nlattr_anytype[nl_generic_attr_data]
+	nested	nlattr_anytype[array[nl_generic_attr_nonested]]
 ] [varlen]
 
-nl_generic_attr_flag {
-	nla_len		len[parent, int16]
-# NL80211 has 150 attributes.
-	nla_type	int16[0:150]
-} [align_4]
-
-nl_generic_attr_typed {
-	nla_len		len[parent, int16]
-	nla_type	int16[0:150]
-	data		nl_generic_attr_data
-} [align_4]
+nl_generic_attr_nonested [
+	generic	array[int8]
+	typed	nlattr_anytype[nl_generic_attr_data]
+] [varlen]
 
 nl_generic_attr_data [
+	void	void
 	u32	int32
 	u64	int64
 	ipv4	ipv4_addr
@@ -122,18 +126,6 @@ nl_generic_attr_data [
 	binary	array[int8]
 ] [varlen]
 
-nl_generic_attr_nested {
-	nla_len		len[parent, int16]
-	nla_type	int16[0:150]
-	data		array[nl_generic_attr_nonested]
-} [align_4]
-
-nl_generic_attr_nonested [
-	generic	array[int8]
-	flag	nl_generic_attr_flag
-	typed	nl_generic_attr_typed
-] [varlen]
-
 nl_mmap_req {
 	bsize	int32
 	bnumber	int32

sys/linux/socket_netlink_crypto.txt

@@ -14,37 +14,17 @@ socket$nl_crypto(domain const[AF_NETLINK], type const[SOCK_RAW], proto const[NET
 
 sendmsg$nl_crypto(fd sock_nl_crypto, msg ptr[in, msghdr_nl_crypto], f flags[send_flags])
 
-msghdr_nl_crypto {
-	addr	ptr[in, sockaddr_nl_kern]
-	addrlen	len[addr, int32]
-	vec	ptr[in, iovec_nl_crypto]
-	vlen	const[1, intptr]
-	ctrl	const[0, intptr]
-	ctrllen	const[0, intptr]
-	f	flags[send_flags, int32]
-}
-
-iovec_nl_crypto {
-	data	ptr[in, netlink_msg_crypto]
-	len	bytesize[data, intptr]
-}
+type msghdr_nl_crypto msghdr_netlink[netlink_msg_crypto]
 
 netlink_msg_crypto [
-	alg	nl_crypto_alg_msg
-	delrng	nl_crypto_delrng_msg
+	alg	netlink_msg[CRYPTO_MSG_NEWALG, crypto_user_alg, netlink_crypto_attrs]
+	del	netlink_msg[CRYPTO_MSG_DELALG, crypto_user_alg, netlink_crypto_attrs]
+	upd	netlink_msg[CRYPTO_MSG_UPDATEALG, crypto_user_alg, netlink_crypto_attrs]
+	get	netlink_msg[CRYPTO_MSG_GETALG, crypto_user_alg, netlink_crypto_attrs]
+	delrng	netlink_msg[CRYPTO_MSG_DELRNG, void, void]
 ] [varlen]
 
-nl_crypto_alg_msg {
-	len	len[parent, int32]
-	type	flags[nl_crypto_alg_msgs, int16]
-	flags	flags[netlink_msg_flags, int16]
-	seq	netlink_seq
-	pid	netlink_port_id
-	msg	crypto_user_alg
-	attrs	array[nl_crypto_attr]
-} [align_4]
-
-nl_crypto_alg_msgs = CRYPTO_MSG_NEWALG, CRYPTO_MSG_DELALG, CRYPTO_MSG_UPDATEALG, CRYPTO_MSG_GETALG
+type netlink_crypto_attrs nlattr[CRYPTOCFGA_PRIORITY_VAL, int32]
 
 crypto_user_alg {
 	cru_name	alg_name
@@ -58,17 +38,3 @@ crypto_user_alg {
 }
 
 crypto_user_alg_flags = CRYPTO_ALG_TESTED, CRYPTO_ALG_INTERNAL
-
-nl_crypto_delrng_msg {
-	len	len[parent, int32]
-	type	const[CRYPTO_MSG_DELRNG, int16]
-	flags	flags[netlink_msg_flags, int16]
-	seq	netlink_seq
-	pid	netlink_port_id
-} [align_4]
-
-nl_crypto_attr {
-	nla_len		len[parent, int16]
-	nla_type	const[CRYPTOCFGA_PRIORITY_VAL, int16]
-	data		int32
-} [align_4]

sys/linux/socket_netlink_generic.txt

@@ -15,31 +15,7 @@ socket$nl_generic(domain const[AF_NETLINK], type const[SOCK_RAW], proto const[NE
 
 sendmsg$nl_generic(fd sock_nl_generic, msg ptr[in, msghdr_nl_generic], f flags[send_flags])
 
-msghdr_nl_generic {
-	addr	ptr[in, sockaddr_nl_kern]
-	addrlen	len[addr, int32]
-	vec	ptr[in, iovec_nl_generic]
-	vlen	const[1, intptr]
-	ctrl	const[0, intptr]
-	ctrllen	const[0, intptr]
-	f	flags[send_flags, int32]
-}
-
-iovec_nl_generic {
-	data	ptr[in, netlink_msg_generic]
-	len	bytesize[data, intptr]
-}
-
-netlink_msg_generic {
-	len	len[parent, int32]
-	type	netlink_random_msg_type
-	flags	flags[netlink_msg_flags, int16]
-	seq	netlink_seq
-	pid	netlink_port_id
-	hdr	genlmsghdr
-# No body. Generic attribute can represent a random body.
-	attrs	array[nl_generic_attr]
-} [align_4]
+type msghdr_nl_generic msghdr_netlink[netlink_msg_t[netlink_random_msg_type, genlmsghdr, nl_generic_attr]]
 
 genlmsghdr {
 	cmd		int8[0:32]

sys/linux/socket_netlink_xfrm.txt

@@ -17,50 +17,35 @@ socket$nl_xfrm(domain const[AF_NETLINK], type const[SOCK_RAW], proto const[NETLI
 
 sendmsg$nl_xfrm(fd sock_nl_xfrm, msg ptr[in, msghdr_nl_xfrm], f flags[send_flags])
 
-msghdr_nl_xfrm {
-	addr	ptr[in, sockaddr_nl_kern]
-	addrlen	len[addr, int32]
-	vec	ptr[in, iovec_nl_xfrm]
-	vlen	const[1, intptr]
-	ctrl	const[0, intptr]
-	ctrllen	const[0, intptr]
-	f	flags[send_flags, int32]
-}
+type msghdr_nl_xfrm msghdr_netlink[netlink_msg_xfrm]
 
-iovec_nl_xfrm {
-	data	ptr[in, netlink_msg_xfrm]
-	len	bytesize[data, intptr]
-}
+type xfrm_msg[TYPE, PAYLOAD] netlink_msg[TYPE, PAYLOAD, xfrm_attrs]
 
 netlink_msg_xfrm [
-	generic		array[int8]
-	newsa		xfrm_newsa
-	delsa		xfrm_delsa
-	newpolicy	xfrm_newpolicy
-	delpolicy	xfrm_delpolicy
-	allocspi	xfrm_allocspi
-	acquire		xfrm_acquire
-	expire		xfrm_expire
-	polexpire	xfrm_polexpire
-	flushsa		xfrm_flushsa
-	report		xfrm_report
-	flushpolicy	xfrm_flushpolicy
-	newae		xfrm_newae
-	getsadinfo	xfrm_getsadinfo
+	newsa		xfrm_msg[XFRM_MSG_NEWSA, xfrm_usersa_info]
+	updsa		xfrm_msg[XFRM_MSG_UPDSA, xfrm_usersa_info]
+	delsa		xfrm_msg[XFRM_MSG_DELSA, xfrm_usersa_id]
+	getsa		xfrm_msg[XFRM_MSG_GETSA, xfrm_usersa_id]
+	newpolicy	xfrm_msg[XFRM_MSG_NEWPOLICY, xfrm_userpolicy_info]
+	updpolicy	xfrm_msg[XFRM_MSG_UPDPOLICY, xfrm_userpolicy_info]
+	delpolicy	xfrm_msg[XFRM_MSG_DELPOLICY, xfrm_userpolicy_id]
+	getpolicy	xfrm_msg[XFRM_MSG_GETPOLICY, xfrm_userpolicy_id]
+	migrate		xfrm_msg[XFRM_MSG_MIGRATE, xfrm_userpolicy_id]
+	allocspi	xfrm_msg[XFRM_MSG_ALLOCSPI, xfrm_userspi_info]
+	acquire		xfrm_msg[XFRM_MSG_ACQUIRE, xfrm_user_acquire]
+	expire		xfrm_msg[XFRM_MSG_EXPIRE, xfrm_user_expire]
+	polexpire	xfrm_msg[XFRM_MSG_POLEXPIRE, xfrm_user_polexpire]
+	flushsa		xfrm_msg[XFRM_MSG_FLUSHSA, xfrm_usersa_flush]
+	report		xfrm_msg[XFRM_MSG_REPORT, xfrm_user_report]
+	flushpolicy	xfrm_msg[XFRM_MSG_FLUSHPOLICY, void]
+	newae		xfrm_msg[XFRM_MSG_NEWAE, xfrm_aevent_id]
+	getae		xfrm_msg[XFRM_MSG_GETAE, xfrm_aevent_id]
+# TODO: what is this int32?
+	getsadinfo	xfrm_msg[XFRM_MSG_GETSADINFO, int32]
+	newspdinfo	xfrm_msg[XFRM_MSG_NEWSPDINFO, int32]
+	getspdinfo	xfrm_msg[XFRM_MSG_GETSPDINFO, int32]
 ] [varlen]
 
-xfrm_newsa {
-	len	len[parent, int32]
-	type	flags[xfrm_newsa_msgs, int16]
-	flags	flags[netlink_msg_flags, int16]
-	seq	netlink_seq
-	pid	netlink_port_id
-	msg	xfrm_usersa_info
-	attrs	array[xfrm_attr]
-} [align_4]
-
-xfrm_newsa_msgs = XFRM_MSG_NEWSA, XFRM_MSG_UPDSA
-
 xfrm_usersa_info {
 	sel		xfrm_selector
 	id		xfrm_id
@@ -76,18 +61,6 @@ xfrm_usersa_info {
 	flags		flags[xfrm_state, int8]
 }
 
-xfrm_delsa {
-	len	len[parent, int32]
-	type	flags[xfrm_delsa_msgs, int16]
-	flags	flags[netlink_msg_flags, int16]
-	seq	netlink_seq
-	pid	netlink_port_id
-	msg	xfrm_usersa_id
-	attrs	array[xfrm_attr]
-} [align_4]
-
-xfrm_delsa_msgs = XFRM_MSG_DELSA, XFRM_MSG_GETSA
-
 xfrm_usersa_id {
 	daddr	xfrm_address
 	spi	proc[1234, 4, int32be]
@@ -95,62 +68,18 @@ xfrm_usersa_id {
 	proto	flags[xfrm_proto, int8]
 }
 
-xfrm_newpolicy {
-	len	len[parent, int32]
-	type	flags[xfrm_newpolicy_msgs, int16]
-	flags	flags[netlink_msg_flags, int16]
-	seq	netlink_seq
-	pid	netlink_port_id
-	msg	xfrm_userpolicy_info
-	attrs	array[xfrm_attr]
-} [align_4]
-
-xfrm_newpolicy_msgs = XFRM_MSG_NEWPOLICY, XFRM_MSG_UPDPOLICY
-
-xfrm_delpolicy {
-	len	len[parent, int32]
-	type	flags[xfrm_delpolicy_msgs, int16]
-	flags	flags[netlink_msg_flags, int16]
-	seq	netlink_seq
-	pid	netlink_port_id
-	msg	xfrm_userpolicy_id
-	attrs	array[xfrm_attr]
-} [align_4]
-
-xfrm_delpolicy_msgs = XFRM_MSG_DELPOLICY, XFRM_MSG_GETPOLICY, XFRM_MSG_MIGRATE
-
 xfrm_userpolicy_id {
 	sel	xfrm_selector
 	index	xfrm_policy_index
 	dir	flags[xfrm_policy_dir, int8]
 }
 
-xfrm_allocspi {
-	len	len[parent, int32]
-	type	const[XFRM_MSG_ALLOCSPI, int16]
-	flags	flags[netlink_msg_flags, int16]
-	seq	netlink_seq
-	pid	netlink_port_id
-	msg	xfrm_userspi_info
-	attrs	array[xfrm_attr]
-} [align_4]
-
 xfrm_userspi_info {
 	info	xfrm_usersa_info
 	min	int32
 	max	int32
 }
 
-xfrm_acquire {
-	len	len[parent, int32]
-	type	const[XFRM_MSG_ACQUIRE, int16]
-	flags	flags[netlink_msg_flags, int16]
-	seq	netlink_seq
-	pid	netlink_port_id
-	msg	xfrm_user_acquire
-	attrs	array[xfrm_attr]
-} [align_4]
-
 xfrm_user_acquire {
 	id	xfrm_id
 	saddr	xfrm_address
@@ -162,86 +91,25 @@ xfrm_user_acquire {
 	seq	netlink_seq
 }
 
-xfrm_expire {
-	len	len[parent, int32]
-	type	const[XFRM_MSG_EXPIRE, int16]
-	flags	flags[netlink_msg_flags, int16]
-	seq	netlink_seq
-	pid	netlink_port_id
-	msg	xfrm_user_expire
-	attrs	array[xfrm_attr]
-} [align_4]
-
 xfrm_user_expire {
 	state	xfrm_usersa_info
 	hard	int8
 }
 
-xfrm_polexpire {
-	len	len[parent, int32]
-	type	const[XFRM_MSG_POLEXPIRE, int16]
-	flags	flags[netlink_msg_flags, int16]
-	seq	netlink_seq
-	pid	netlink_port_id
-	msg	xfrm_user_polexpire
-	attrs	array[xfrm_attr]
-} [align_4]
-
 xfrm_user_polexpire {
 	pol	xfrm_userpolicy_info
 	hard	int8
 }
 
-xfrm_flushsa {
-	len	len[parent, int32]
-	type	const[XFRM_MSG_FLUSHSA, int16]
-	flags	flags[netlink_msg_flags, int16]
-	seq	netlink_seq
-	pid	netlink_port_id
-	msg	xfrm_usersa_flush
-	attrs	array[xfrm_attr]
-} [align_4]
-
 xfrm_usersa_flush {
 	proto	flags[xfrm_proto, int8]
 }
 
-xfrm_report {
-	len	len[parent, int32]
-	type	const[XFRM_MSG_REPORT, int16]
-	flags	flags[netlink_msg_flags, int16]
-	seq	netlink_seq
-	pid	netlink_port_id
-	msg	xfrm_user_report
-	attrs	array[xfrm_attr]
-} [align_4]
-
 xfrm_user_report {
 	proto	flags[xfrm_proto, int8]
 	sel	xfrm_selector
 }
 
-xfrm_flushpolicy {
-	len	len[parent, int32]
-	type	const[XFRM_MSG_FLUSHPOLICY, int16]
-	flags	flags[netlink_msg_flags, int16]
-	seq	int32
-	pid	netlink_port_id
-	attrs	array[xfrm_attr]
-} [align_4]
-
-xfrm_newae {
-	len	len[parent, int32]
-	type	flags[xfrm_newae_msgs, int16]
-	flags	flags[netlink_msg_flags, int16]
-	seq	netlink_seq
-	pid	netlink_port_id
-	data	xfrm_aevent_id
-	attrs	array[xfrm_attr]
-} [align_4]
-
-xfrm_newae_msgs = XFRM_MSG_NEWAE, XFRM_MSG_GETAE
-
 xfrm_aevent_id {
 	sa_id	xfrm_usersa_id
 	saddr	xfrm_address
@@ -249,121 +117,40 @@ xfrm_aevent_id {
 	reqid	xfrm_req_id
 }
 
-xfrm_getsadinfo {
-	len	len[parent, int32]
-	type	flags[xfrm_newae_msgs, int16]
-	flags	flags[netlink_msg_flags, int16]
-	seq	netlink_seq
-	pid	netlink_port_id
-	data	int32
-	attrs	array[xfrm_attr]
-} [align_4]
-
-xfrm_getsadinfo_msgs = XFRM_MSG_GETSADINFO, XFRM_MSG_NEWSPDINFO, XFRM_MSG_GETSPDINFO
-
-xfrm_attr [
-	sa		xfrm_attr_sa
-	policy		xfrm_attr_policy
-	lastused	xfrm_attr_lastused
-	algo_auth_trunc	xfrm_attr_algo_auth_trunc
-	algo_aead	xfrm_attr_algo_aead
-	algo_auth	xfrm_attr_algo_auth
-	algo_crypt	xfrm_attr_algo_crypt
-	algo_comp	xfrm_attr_algo_comp
-	srcaddr		xfrm_attr_srcaddr
-	coaddr		xfrm_attr_coaddr
-	u32		xfrm_attr_u32
-	encap		xfrm_attr_encap
-	offload		xfrm_attr_offload
-	sec_ctx		xfrm_attr_sec_ctx
-	lifetime_val	xfrm_attr_lifetime_val
-	tmpl		xfrm_attr_tmpl
-	replay_val	xfrm_attr_replay_val
-	replay_esn_val	xfrm_attr_replay_esn_val
-	policy_type	xfrm_attr_policy_type
-	migrate		xfrm_attr_migrate
-	user_kmaddress	xfrm_attr_user_kmaddress
-	mark		xfrm_attr_mark
-	proto		xfrm_attr_proto
-	address_filter	xfrm_attr_address_filter
-	ipv4_hthresh	xfrm_attr_ipv4_hthresh
-	ipv6_hthresh	xfrm_attr_ipv6_hthresh
+xfrm_attrs [
+	sa		nlattr[XFRMA_SA, xfrm_usersa_info]
+	policy		nlattr[XFRMA_POLICY, xfrm_userpolicy_info]
+	lastused	nlattr[XFRMA_LASTUSED, int64]
+	algo_auth_trunc	nlattr[XFRMA_ALG_AUTH_TRUNC, xfrm_algo_auth]
+	algo_aead	nlattr[XFRMA_ALG_AEAD, xfrm_algo_aead]
+	algo_auth	nlattr[XFRMA_ALG_AUTH, xfrm_algo_hash]
+	algo_crypt	nlattr[XFRMA_ALG_CRYPT, xfrm_algo_blkcipher]
+	algo_comp	nlattr[XFRMA_ALG_COMP, xfrm_algo_compress]
+	srcaddr		nlattr[XFRMA_SRCADDR, xfrm_address]
+	coaddr		nlattr[XFRMA_COADDR, xfrm_address]
+	extra_flags	nlattr[XFRMA_SA_EXTRA_FLAGS, int32]
+	tfcpad		nlattr[XFRMA_TFCPAD, int32]
+	replay_thresh	nlattr[XFRMA_REPLAY_THRESH, int32]
+	etimer_thresh	nlattr[XFRMA_ETIMER_THRESH, int32]
+	output_mark	nlattr[XFRMA_OUTPUT_MARK, int32]
+	encap		nlattr[XFRMA_ENCAP, xfrm_encap_tmpl]
+	offload		nlattr[XFRMA_OFFLOAD_DEV, xfrm_user_offload]
+# TODO: is this xfrm_sec_ctx or xfrm_user_sec_ctx? comments say first, but code seem to expect the second.
+	sec_ctx		nlattr[XFRMA_SEC_CTX, xfrm_user_sec_ctx]
+	lifetime_val	nlattr[XFRMA_LTIME_VAL, xfrm_lifetime_cur]
+	tmpl		nlattr[XFRMA_TMPL, array[xfrm_user_tmpl]]
+	replay_val	nlattr[XFRMA_REPLAY_VAL, xfrm_replay_state]
+	replay_esn_val	nlattr[XFRMA_REPLAY_ESN_VAL, xfrm_replay_state_esn]
+	policy_type	nlattr[XFRMA_POLICY_TYPE, xfrm_userpolicy_type]
+	migrate		nlattr[XFRMA_MIGRATE, array[xfrm_user_migrate]]
+	user_kmaddress	nlattr[XFRMA_KMADDRESS, xfrm_user_kmaddress]
+	mark		nlattr[XFRMA_MARK, xfrm_mark]
+	proto		nlattr[XFRMA_PROTO, flags[xfrm_proto, int8]]
+	address_filter	nlattr[XFRMA_ADDRESS_FILTER, xfrm_address_filter]
+	ipv4_hthresh	nlattr[XFRMA_SPD_IPV4_HTHRESH, xfrmu_spdhthresh4]
+	ipv6_hthresh	nlattr[XFRMA_SPD_IPV6_HTHRESH, xfrmu_spdhthresh6]
 ] [varlen]
 
-xfrm_attr_sa {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_SA, int16]
-	data		xfrm_usersa_info
-} [align_4]
-
-xfrm_attr_policy {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_POLICY, int16]
-	data		xfrm_userpolicy_info
-} [align_4]
-
-xfrm_attr_lastused {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_LASTUSED, int16]
-	data		int64
-} [align_4]
-
-xfrm_attr_algo_auth_trunc {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_ALG_AUTH_TRUNC, int16]
-	data		xfrm_algo_auth
-} [align_4]
-
-xfrm_attr_algo_aead {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_ALG_AEAD, int16]
-	data		xfrm_algo_aead
-} [align_4]
-
-xfrm_attr_algo_auth {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_ALG_AUTH, int16]
-	data		xfrm_algo_hash
-} [align_4]
-
-xfrm_attr_algo_crypt {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_ALG_CRYPT, int16]
-	data		xfrm_algo_blkcipher
-} [align_4]
-
-xfrm_attr_algo_comp {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_ALG_COMP, int16]
-	data		xfrm_algo_compress
-} [align_4]
-
-xfrm_attr_srcaddr {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_SRCADDR, int16]
-	data		xfrm_address
-} [align_4]
-
-xfrm_attr_coaddr {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_COADDR, int16]
-	data		xfrm_address
-} [align_4]
-
-xfrm_attr_u32 {
-	nla_len		len[parent, int16]
-	nla_type	flags[xfrm_attr_u32s, int16]
-	data		int32
-} [align_4]
-
-xfrm_attr_u32s = XFRMA_SA_EXTRA_FLAGS, XFRMA_TFCPAD, XFRMA_REPLAY_THRESH, XFRMA_ETIMER_THRESH, XFRMA_OUTPUT_MARK
-
-xfrm_attr_encap {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_ENCAP, int16]
-	data		xfrm_encap_tmpl
-} [align_4]
-
 xfrm_encap_tmpl {
 	encap_type	flags[xfrm_encap_type, int16]
 	encap_sport	sock_port
@@ -371,12 +158,6 @@ xfrm_encap_tmpl {
 	encap_oa	xfrm_address
 }
 
-xfrm_attr_offload {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_OFFLOAD_DEV, int16]
-	data		xfrm_user_offload
-} [align_4]
-
 xfrm_user_offload {
 	ifindex	ifindex[opt]
 	flags	flags[xfrm_offload_flags, int8]
@@ -384,13 +165,6 @@ xfrm_user_offload {
 
 xfrm_offload_flags = XFRM_OFFLOAD_IPV6, XFRM_OFFLOAD_INBOUND
 
-xfrm_attr_sec_ctx {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_SEC_CTX, int16]
-# TODO: is this xfrm_sec_ctx or xfrm_user_sec_ctx? comments say first, but code seem to expect the second.
-	data		xfrm_user_sec_ctx
-} [align_4]
-
 xfrm_user_sec_ctx {
 	len	len[parent, int16]
 	exttype	const[XFRMA_SEC_CTX, int16]
@@ -403,36 +177,12 @@ xfrm_user_sec_ctx {
 
 xfrm_sec_ctx_alg = XFRM_SC_ALG_SELINUX
 
-xfrm_attr_lifetime_val {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_LTIME_VAL, int16]
-	data		xfrm_lifetime_cur
-} [align_4]
-
-xfrm_attr_tmpl {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_TMPL, int16]
-	data		array[xfrm_user_tmpl]
-} [align_4]
-
-xfrm_attr_replay_val {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_REPLAY_VAL, int16]
-	data		xfrm_replay_state
-} [align_4]
-
 xfrm_replay_state {
 	oseq	netlink_seq
 	seq	netlink_seq
 	bitmap	int32
 }
 
-xfrm_attr_replay_esn_val {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_REPLAY_ESN_VAL, int16]
-	data		xfrm_replay_state_esn
-} [align_4]
-
 xfrm_replay_state_esn {
 	bmp_len		len[bmp, int32]
 	oseq		netlink_seq
@@ -443,24 +193,12 @@ xfrm_replay_state_esn {
 	bmp		array[int32]
 }
 
-xfrm_attr_policy_type {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_POLICY_TYPE, int16]
-	data		xfrm_userpolicy_type
-} [align_4]
-
 xfrm_userpolicy_type {
 	type		flags[xfrm_policy_types, int8]
 	reserved1	const[0, int16]
 	reserved2	const[0, int8]
 }
 
-xfrm_attr_migrate {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_MIGRATE, int16]
-	data		array[xfrm_user_migrate]
-} [align_4]
-
 xfrm_user_migrate {
 	old_daddr	xfrm_address
 	new_saddr	xfrm_address
@@ -472,12 +210,6 @@ xfrm_user_migrate {
 	new_family	flags[xfrm_family, int16]
 }
 
-xfrm_attr_user_kmaddress {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_KMADDRESS, int16]
-	data		xfrm_user_kmaddress
-} [align_4]
-
 xfrm_user_kmaddress {
 	local		xfrm_address
 	remote		xfrm_address
@@ -485,29 +217,11 @@ xfrm_user_kmaddress {
 	family		flags[xfrm_family, int16]
 }
 
-xfrm_attr_mark {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_MARK, int16]
-	data		xfrm_mark
-} [align_4]
-
 xfrm_mark {
 	v	proc[3475289, 4, int32]
 	m	int32
 }
 
-xfrm_attr_proto {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_PROTO, int16]
-	data		flags[xfrm_proto, int8]
-} [align_4]
-
-xfrm_attr_address_filter {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_ADDRESS_FILTER, int16]
-	data		xfrm_address_filter
-} [align_4]
-
 xfrm_address_filter {
 	saddr	xfrm_address
 	daddr	xfrm_address
@@ -516,23 +230,11 @@ xfrm_address_filter {
 	dplen	int8
 }
 
-xfrm_attr_ipv4_hthresh {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_SPD_IPV4_HTHRESH, int16]
-	data		xfrmu_spdhthresh4
-} [align_4]
-
 xfrmu_spdhthresh4 {
 	lbits	int8[0:32]
 	rbits	int8[0:32]
 }
 
-xfrm_attr_ipv6_hthresh {
-	nla_len		len[parent, int16]
-	nla_type	const[XFRMA_SPD_IPV6_HTHRESH, int16]
-	data		xfrmu_spdhthresh6
-} [align_4]
-
 xfrmu_spdhthresh6 {
 	lbits	int8[0:128]
 	rbits	int8[0:128]

sys/linux/sys.txt

@@ -507,15 +507,12 @@ pipefd {
 	wfd	fd
 }
 
-iovec_in {
-	addr	buffer[in]
-	len	len[addr, intptr]
-}
-
-iovec_out {
-	addr	buffer[out]
+type iovec[DIR, T] {
+	addr	ptr[DIR, T]
 	len	len[addr, intptr]
 }
+type iovec_in iovec[in, array[int8]]
+type iovec_out iovec[out, array[int8]]
 
 stat {
 	dev	int16