sys/linux: use type templates for netlink

-350 lines of descriptions
2024-11-24 03:49:45 +00:00 · 2018-01-10 16:24:12 +01:00 · 2018-01-10 16:24:12 +01:00 · 125dadd3c9
commit 125dadd3c9
parent 5585946e22
11 changed files with 3082 additions and 2789 deletions
--- a/executor/syscalls_linux.h
+++ b/executor/syscalls_linux.h
@ -2,7 +2,7 @@
 #if defined(__i386__) || 0
 #define GOARCH "386"
-#define SYZ_REVISION "60e4a07d354bb722a431bf46d523f9aa90eacfc4"
+#define SYZ_REVISION "06b3f0c6861639be4563896825a11553e772909f"
 #define __NR_syz_emit_ethernet 1000000
 #define __NR_syz_extract_tcp_res 1000001
 #define __NR_syz_fuse_mount 1000002
@ -1511,7 +1511,7 @@ call_t syscalls[] = {
 #if defined(__x86_64__) || 0
 #define GOARCH "amd64"
-#define SYZ_REVISION "2e682becd8d7b5132cc415f50ccd04e4c48357d6"
+#define SYZ_REVISION "b54ecf272e7f7c3c8b64f1491f301fea237859bb"
 #define __NR_syz_emit_ethernet 1000000
 #define __NR_syz_extract_tcp_res 1000001
 #define __NR_syz_fuse_mount 1000002
@ -3073,7 +3073,7 @@ call_t syscalls[] = {
 #if defined(__arm__) || 0
 #define GOARCH "arm"
-#define SYZ_REVISION "2b020240de0d6ebb7b3a556196e52c219826e744"
+#define SYZ_REVISION "17740fbac19fdbde68a1dec73989863f81a31a56"
 #define __NR_syz_emit_ethernet 1000000
 #define __NR_syz_extract_tcp_res 1000001
 #define __NR_syz_fuse_mount 1000002
@ -4592,7 +4592,7 @@ call_t syscalls[] = {
 #if defined(__aarch64__) || 0
 #define GOARCH "arm64"
-#define SYZ_REVISION "1681a7f46f5226c3b94952faa7116481f9db058f"
+#define SYZ_REVISION "fb916c0a347778e229092fb28f0dc20593d1eb35"
 #define __NR_syz_emit_ethernet 1000000
 #define __NR_syz_extract_tcp_res 1000001
 #define __NR_syz_fuse_mount 1000002
@ -6083,7 +6083,7 @@ call_t syscalls[] = {
 #if defined(__ppc64__) || defined(__PPC64__) || defined(__powerpc64__) || 0
 #define GOARCH "ppc64le"
-#define SYZ_REVISION "826e8302e62189d0525f546a8949de09b658763e"
+#define SYZ_REVISION "7ee459ec9e838df79959f0e83d49471728eca535"
 #define __NR_syz_emit_ethernet 1000000
 #define __NR_syz_extract_tcp_res 1000001
 #define __NR_syz_fuse_mount 1000002
--- a/sys/linux/386.go
+++ b/sys/linux/386.go
--- a/sys/linux/amd64.go
+++ b/sys/linux/amd64.go
--- a/sys/linux/arm.go
+++ b/sys/linux/arm.go
--- a/sys/linux/arm64.go
+++ b/sys/linux/arm64.go
--- a/sys/linux/ppc64le.go
+++ b/sys/linux/ppc64le.go
--- a/sys/linux/socket_netlink.txt
+++ b/sys/linux/socket_netlink.txt
@ -16,7 +16,7 @@ bind$netlink(fd sock_netlink, addr ptr[in, sockaddr_nl_proc], addrlen len[addr])
 connect$netlink(fd sock_netlink, addr ptr[in, sockaddr_nl], addrlen len[addr])
 getsockname$netlink(fd sock_netlink, addr ptr[out, sockaddr_nl_unspec], addrlen ptr[inout, len[addr, int32]])
 getpeername$netlink(fd sock_netlink, peer ptr[out, sockaddr_nl_unspec], peerlen ptr[inout, len[peer, int32]])
-sendmsg$netlink(fd sock_netlink, msg ptr[in, msghdr_netlink], f flags[send_flags])
+sendmsg$netlink(fd sock_netlink, msg ptr[in, msghdr_netlink_generic], f flags[send_flags])
 setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_ADD_MEMBERSHIP], arg ptr[in, int32[0:31]], arglen len[arg])
 setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_DROP_MEMBERSHIP], arg ptr[in, int32[0:31]], arglen len[arg])
 setsockopt$netlink_NETLINK_PKTINFO(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_PKTINFO], arg ptr[in, int32], arglen len[arg])
@ -45,72 +45,76 @@ sockaddr_nl_send [
 	proc	sockaddr_nl_proc
 ]
-sockaddr_nl_proc {
+type sockaddr_nl_t[FAMILY, PID, GROUPS] {
-	nl_family	const[AF_NETLINK, int16]
+	nl_family	const[FAMILY, int16]
 	nl_pad		const[0, int16]
-	nl_pid		netlink_port_id
+	nl_pid		PID
-	nl_groups	flags[netlink_group_bitmap, int32]
+	nl_groups	GROUPS
 }
 type sockaddr_nl_proc sockaddr_nl_t[AF_NETLINK, netlink_port_id, flags[netlink_group_bitmap, int32]]
 type sockaddr_nl_kern sockaddr_nl_t[AF_NETLINK, const[0, int32], flags[netlink_group_bitmap, int32]]
 type sockaddr_nl_unspec sockaddr_nl_t[AF_UNSPEC, const[0, int32], const[0, int32]]
-sockaddr_nl_kern {
+type msghdr_netlink_full[MSG] {
 	nl_family	const[AF_NETLINK, int16]
 	nl_pad		const[0, int16]
 	nl_pid		const[0, int32]
 	nl_groups	flags[netlink_group_bitmap, int32]
 }
 sockaddr_nl_unspec {
 	nl_family	const[AF_UNSPEC, int16]
 	nl_pad		const[0, int16]
 	nl_pid		const[0, int32]
 	nl_groups	const[0, int32]
 }
 msghdr_netlink {
 	addr	ptr[in, sockaddr_nl_send, opt]
 	addrlen	len[addr, int32]
-	vec	ptr[in, array[iovec_nl]]
+	vec	ptr[in, array[iovec[in, MSG]]]
 	vlen	len[vec, intptr]
 	ctrl	ptr[in, array[cmsghdr_un], opt]
 	ctrllen	bytesize[ctrl, intptr]
 	f	flags[send_flags, int32]
 }
-iovec_nl {
+# Simplified version of msghdr_netlink_full with kernel address, no control data and only 1 iovec.
-	data	ptr[in, array[netlink_msg]]
+# It's enough for most protocols.
-	len	bytesize[data, intptr]
+type msghdr_netlink[MSG] {
 	addr	ptr[in, sockaddr_nl_kern]
 	addrlen	len[addr, int32]
 	vec	ptr[in, iovec[in, MSG]]
 	vlen	const[1, intptr]
 	ctrl	const[0, intptr]
 	ctrllen	const[0, intptr]
 	f	flags[send_flags, int32]
 }
-netlink_msg {
+# No body. Generic attribute can represent a random body.
 type msghdr_netlink_generic msghdr_netlink_full[netlink_msg_t[netlink_random_msg_type, void, nl_generic_attr]]
 type netlink_msg_t[TYPE, PAYLOAD, ATTRS] {
 	len	len[parent, int32]
-	type	netlink_random_msg_type
+	type	TYPE
 	flags	flags[netlink_msg_flags, int16]
 	seq	netlink_seq
 	pid	netlink_port_id
-# No body. Generic attribute can represent a random body.
+	payload	PAYLOAD
-	attrs	array[nl_generic_attr]
+	attrs	array[ATTRS]
 } [align_4]
 type netlink_msg[TYPE, PAYLOAD, ATTRS] netlink_msg_t[const[TYPE, int16], PAYLOAD, ATTRS]
 type nlattr_t[TYPE, PAYLOAD] {
 	nla_len		len[parent, int16]
 	nla_type	TYPE
 	payload		PAYLOAD
 } [align_4]
 # NL80211 has 150 attributes.
 type nlattr_anytype[PAYLOAD] nlattr_t[int16[0:150], PAYLOAD]
 type nlattr[TYPE, PAYLOAD] nlattr_t[const[TYPE, int16], PAYLOAD]
 nl_generic_attr [
 	generic	array[int8]
-	flag	nl_generic_attr_flag
+	typed	nlattr_anytype[nl_generic_attr_data]
-	typed	nl_generic_attr_typed
+	nested	nlattr_anytype[array[nl_generic_attr_nonested]]
 	nested	nl_generic_attr_nested
 ] [varlen]
-nl_generic_attr_flag {
+nl_generic_attr_nonested [
-	nla_len		len[parent, int16]
+	generic	array[int8]
-# NL80211 has 150 attributes.
+	typed	nlattr_anytype[nl_generic_attr_data]
-	nla_type	int16[0:150]
+] [varlen]
 } [align_4]
 nl_generic_attr_typed {
 	nla_len		len[parent, int16]
 	nla_type	int16[0:150]
 	data		nl_generic_attr_data
 } [align_4]
 nl_generic_attr_data [
 	void	void
 	u32	int32
 	u64	int64
 	ipv4	ipv4_addr
@ -122,18 +126,6 @@ nl_generic_attr_data [
 	binary	array[int8]
 ] [varlen]
 nl_generic_attr_nested {
 	nla_len		len[parent, int16]
 	nla_type	int16[0:150]
 	data		array[nl_generic_attr_nonested]
 } [align_4]
 nl_generic_attr_nonested [
 	generic	array[int8]
 	flag	nl_generic_attr_flag
 	typed	nl_generic_attr_typed
 ] [varlen]
 nl_mmap_req {
 	bsize	int32
 	bnumber	int32
--- a/sys/linux/socket_netlink_crypto.txt
+++ b/sys/linux/socket_netlink_crypto.txt
@ -14,37 +14,17 @@ socket$nl_crypto(domain const[AF_NETLINK], type const[SOCK_RAW], proto const[NET
 sendmsg$nl_crypto(fd sock_nl_crypto, msg ptr[in, msghdr_nl_crypto], f flags[send_flags])
-msghdr_nl_crypto {
+type msghdr_nl_crypto msghdr_netlink[netlink_msg_crypto]
 	addr	ptr[in, sockaddr_nl_kern]
 	addrlen	len[addr, int32]
 	vec	ptr[in, iovec_nl_crypto]
 	vlen	const[1, intptr]
 	ctrl	const[0, intptr]
 	ctrllen	const[0, intptr]
 	f	flags[send_flags, int32]
 }
 iovec_nl_crypto {
 	data	ptr[in, netlink_msg_crypto]
 	len	bytesize[data, intptr]
 }
 netlink_msg_crypto [
-	alg	nl_crypto_alg_msg
+	alg	netlink_msg[CRYPTO_MSG_NEWALG, crypto_user_alg, netlink_crypto_attrs]
-	delrng	nl_crypto_delrng_msg
+	del	netlink_msg[CRYPTO_MSG_DELALG, crypto_user_alg, netlink_crypto_attrs]
 	upd	netlink_msg[CRYPTO_MSG_UPDATEALG, crypto_user_alg, netlink_crypto_attrs]
 	get	netlink_msg[CRYPTO_MSG_GETALG, crypto_user_alg, netlink_crypto_attrs]
 	delrng	netlink_msg[CRYPTO_MSG_DELRNG, void, void]
 ] [varlen]
-nl_crypto_alg_msg {
+type netlink_crypto_attrs nlattr[CRYPTOCFGA_PRIORITY_VAL, int32]
 	len	len[parent, int32]
 	type	flags[nl_crypto_alg_msgs, int16]
 	flags	flags[netlink_msg_flags, int16]
 	seq	netlink_seq
 	pid	netlink_port_id
 	msg	crypto_user_alg
 	attrs	array[nl_crypto_attr]
 } [align_4]
 nl_crypto_alg_msgs = CRYPTO_MSG_NEWALG, CRYPTO_MSG_DELALG, CRYPTO_MSG_UPDATEALG, CRYPTO_MSG_GETALG
 crypto_user_alg {
 	cru_name	alg_name
@ -58,17 +38,3 @@ crypto_user_alg {
 }
 crypto_user_alg_flags = CRYPTO_ALG_TESTED, CRYPTO_ALG_INTERNAL
 nl_crypto_delrng_msg {
 	len	len[parent, int32]
 	type	const[CRYPTO_MSG_DELRNG, int16]
 	flags	flags[netlink_msg_flags, int16]
 	seq	netlink_seq
 	pid	netlink_port_id
 } [align_4]
 nl_crypto_attr {
 	nla_len		len[parent, int16]
 	nla_type	const[CRYPTOCFGA_PRIORITY_VAL, int16]
 	data		int32
 } [align_4]
--- a/sys/linux/socket_netlink_generic.txt
+++ b/sys/linux/socket_netlink_generic.txt
@ -15,31 +15,7 @@ socket$nl_generic(domain const[AF_NETLINK], type const[SOCK_RAW], proto const[NE
 sendmsg$nl_generic(fd sock_nl_generic, msg ptr[in, msghdr_nl_generic], f flags[send_flags])
-msghdr_nl_generic {
+type msghdr_nl_generic msghdr_netlink[netlink_msg_t[netlink_random_msg_type, genlmsghdr, nl_generic_attr]]
 	addr	ptr[in, sockaddr_nl_kern]
 	addrlen	len[addr, int32]
 	vec	ptr[in, iovec_nl_generic]
 	vlen	const[1, intptr]
 	ctrl	const[0, intptr]
 	ctrllen	const[0, intptr]
 	f	flags[send_flags, int32]
 }
 iovec_nl_generic {
 	data	ptr[in, netlink_msg_generic]
 	len	bytesize[data, intptr]
 }
 netlink_msg_generic {
 	len	len[parent, int32]
 	type	netlink_random_msg_type
 	flags	flags[netlink_msg_flags, int16]
 	seq	netlink_seq
 	pid	netlink_port_id
 	hdr	genlmsghdr
 # No body. Generic attribute can represent a random body.
 	attrs	array[nl_generic_attr]
 } [align_4]
 genlmsghdr {
 	cmd		int8[0:32]
--- a/sys/linux/socket_netlink_xfrm.txt
+++ b/sys/linux/socket_netlink_xfrm.txt
@ -17,50 +17,35 @@ socket$nl_xfrm(domain const[AF_NETLINK], type const[SOCK_RAW], proto const[NETLI
 sendmsg$nl_xfrm(fd sock_nl_xfrm, msg ptr[in, msghdr_nl_xfrm], f flags[send_flags])
-msghdr_nl_xfrm {
+type msghdr_nl_xfrm msghdr_netlink[netlink_msg_xfrm]
 	addr	ptr[in, sockaddr_nl_kern]
 	addrlen	len[addr, int32]
 	vec	ptr[in, iovec_nl_xfrm]
 	vlen	const[1, intptr]
 	ctrl	const[0, intptr]
 	ctrllen	const[0, intptr]
 	f	flags[send_flags, int32]
 }
-iovec_nl_xfrm {
+type xfrm_msg[TYPE, PAYLOAD] netlink_msg[TYPE, PAYLOAD, xfrm_attrs]
 	data	ptr[in, netlink_msg_xfrm]
 	len	bytesize[data, intptr]
 }
 netlink_msg_xfrm [
-	generic		array[int8]
+	newsa		xfrm_msg[XFRM_MSG_NEWSA, xfrm_usersa_info]
-	newsa		xfrm_newsa
+	updsa		xfrm_msg[XFRM_MSG_UPDSA, xfrm_usersa_info]
-	delsa		xfrm_delsa
+	delsa		xfrm_msg[XFRM_MSG_DELSA, xfrm_usersa_id]
-	newpolicy	xfrm_newpolicy
+	getsa		xfrm_msg[XFRM_MSG_GETSA, xfrm_usersa_id]
-	delpolicy	xfrm_delpolicy
+	newpolicy	xfrm_msg[XFRM_MSG_NEWPOLICY, xfrm_userpolicy_info]
-	allocspi	xfrm_allocspi
+	updpolicy	xfrm_msg[XFRM_MSG_UPDPOLICY, xfrm_userpolicy_info]
-	acquire		xfrm_acquire
+	delpolicy	xfrm_msg[XFRM_MSG_DELPOLICY, xfrm_userpolicy_id]
-	expire		xfrm_expire
+	getpolicy	xfrm_msg[XFRM_MSG_GETPOLICY, xfrm_userpolicy_id]
-	polexpire	xfrm_polexpire
+	migrate		xfrm_msg[XFRM_MSG_MIGRATE, xfrm_userpolicy_id]
-	flushsa		xfrm_flushsa
+	allocspi	xfrm_msg[XFRM_MSG_ALLOCSPI, xfrm_userspi_info]
-	report		xfrm_report
+	acquire		xfrm_msg[XFRM_MSG_ACQUIRE, xfrm_user_acquire]
-	flushpolicy	xfrm_flushpolicy
+	expire		xfrm_msg[XFRM_MSG_EXPIRE, xfrm_user_expire]
-	newae		xfrm_newae
+	polexpire	xfrm_msg[XFRM_MSG_POLEXPIRE, xfrm_user_polexpire]
-	getsadinfo	xfrm_getsadinfo
+	flushsa		xfrm_msg[XFRM_MSG_FLUSHSA, xfrm_usersa_flush]
 	report		xfrm_msg[XFRM_MSG_REPORT, xfrm_user_report]
 	flushpolicy	xfrm_msg[XFRM_MSG_FLUSHPOLICY, void]
 	newae		xfrm_msg[XFRM_MSG_NEWAE, xfrm_aevent_id]
 	getae		xfrm_msg[XFRM_MSG_GETAE, xfrm_aevent_id]
 # TODO: what is this int32?
 	getsadinfo	xfrm_msg[XFRM_MSG_GETSADINFO, int32]
 	newspdinfo	xfrm_msg[XFRM_MSG_NEWSPDINFO, int32]
 	getspdinfo	xfrm_msg[XFRM_MSG_GETSPDINFO, int32]
 ] [varlen]
 xfrm_newsa {
 	len	len[parent, int32]
 	type	flags[xfrm_newsa_msgs, int16]
 	flags	flags[netlink_msg_flags, int16]
 	seq	netlink_seq
 	pid	netlink_port_id
 	msg	xfrm_usersa_info
 	attrs	array[xfrm_attr]
 } [align_4]
 xfrm_newsa_msgs = XFRM_MSG_NEWSA, XFRM_MSG_UPDSA
 xfrm_usersa_info {
 	sel		xfrm_selector
 	id		xfrm_id
@ -76,18 +61,6 @@ xfrm_usersa_info {
 	flags		flags[xfrm_state, int8]
 }
 xfrm_delsa {
 	len	len[parent, int32]
 	type	flags[xfrm_delsa_msgs, int16]
 	flags	flags[netlink_msg_flags, int16]
 	seq	netlink_seq
 	pid	netlink_port_id
 	msg	xfrm_usersa_id
 	attrs	array[xfrm_attr]
 } [align_4]
 xfrm_delsa_msgs = XFRM_MSG_DELSA, XFRM_MSG_GETSA
 xfrm_usersa_id {
 	daddr	xfrm_address
 	spi	proc[1234, 4, int32be]
@ -95,62 +68,18 @@ xfrm_usersa_id {
 	proto	flags[xfrm_proto, int8]
 }
 xfrm_newpolicy {
 	len	len[parent, int32]
 	type	flags[xfrm_newpolicy_msgs, int16]
 	flags	flags[netlink_msg_flags, int16]
 	seq	netlink_seq
 	pid	netlink_port_id
 	msg	xfrm_userpolicy_info
 	attrs	array[xfrm_attr]
 } [align_4]
 xfrm_newpolicy_msgs = XFRM_MSG_NEWPOLICY, XFRM_MSG_UPDPOLICY
 xfrm_delpolicy {
 	len	len[parent, int32]
 	type	flags[xfrm_delpolicy_msgs, int16]
 	flags	flags[netlink_msg_flags, int16]
 	seq	netlink_seq
 	pid	netlink_port_id
 	msg	xfrm_userpolicy_id
 	attrs	array[xfrm_attr]
 } [align_4]
 xfrm_delpolicy_msgs = XFRM_MSG_DELPOLICY, XFRM_MSG_GETPOLICY, XFRM_MSG_MIGRATE
 xfrm_userpolicy_id {
 	sel	xfrm_selector
 	index	xfrm_policy_index
 	dir	flags[xfrm_policy_dir, int8]
 }
 xfrm_allocspi {
 	len	len[parent, int32]
 	type	const[XFRM_MSG_ALLOCSPI, int16]
 	flags	flags[netlink_msg_flags, int16]
 	seq	netlink_seq
 	pid	netlink_port_id
 	msg	xfrm_userspi_info
 	attrs	array[xfrm_attr]
 } [align_4]
 xfrm_userspi_info {
 	info	xfrm_usersa_info
 	min	int32
 	max	int32
 }
 xfrm_acquire {
 	len	len[parent, int32]
 	type	const[XFRM_MSG_ACQUIRE, int16]
 	flags	flags[netlink_msg_flags, int16]
 	seq	netlink_seq
 	pid	netlink_port_id
 	msg	xfrm_user_acquire
 	attrs	array[xfrm_attr]
 } [align_4]
 xfrm_user_acquire {
 	id	xfrm_id
 	saddr	xfrm_address
@ -162,86 +91,25 @@ xfrm_user_acquire {
 	seq	netlink_seq
 }
 xfrm_expire {
 	len	len[parent, int32]
 	type	const[XFRM_MSG_EXPIRE, int16]
 	flags	flags[netlink_msg_flags, int16]
 	seq	netlink_seq
 	pid	netlink_port_id
 	msg	xfrm_user_expire
 	attrs	array[xfrm_attr]
 } [align_4]
 xfrm_user_expire {
 	state	xfrm_usersa_info
 	hard	int8
 }
 xfrm_polexpire {
 	len	len[parent, int32]
 	type	const[XFRM_MSG_POLEXPIRE, int16]
 	flags	flags[netlink_msg_flags, int16]
 	seq	netlink_seq
 	pid	netlink_port_id
 	msg	xfrm_user_polexpire
 	attrs	array[xfrm_attr]
 } [align_4]
 xfrm_user_polexpire {
 	pol	xfrm_userpolicy_info
 	hard	int8
 }
 xfrm_flushsa {
 	len	len[parent, int32]
 	type	const[XFRM_MSG_FLUSHSA, int16]
 	flags	flags[netlink_msg_flags, int16]
 	seq	netlink_seq
 	pid	netlink_port_id
 	msg	xfrm_usersa_flush
 	attrs	array[xfrm_attr]
 } [align_4]
 xfrm_usersa_flush {
 	proto	flags[xfrm_proto, int8]
 }
 xfrm_report {
 	len	len[parent, int32]
 	type	const[XFRM_MSG_REPORT, int16]
 	flags	flags[netlink_msg_flags, int16]
 	seq	netlink_seq
 	pid	netlink_port_id
 	msg	xfrm_user_report
 	attrs	array[xfrm_attr]
 } [align_4]
 xfrm_user_report {
 	proto	flags[xfrm_proto, int8]
 	sel	xfrm_selector
 }
 xfrm_flushpolicy {
 	len	len[parent, int32]
 	type	const[XFRM_MSG_FLUSHPOLICY, int16]
 	flags	flags[netlink_msg_flags, int16]
 	seq	int32
 	pid	netlink_port_id
 	attrs	array[xfrm_attr]
 } [align_4]
 xfrm_newae {
 	len	len[parent, int32]
 	type	flags[xfrm_newae_msgs, int16]
 	flags	flags[netlink_msg_flags, int16]
 	seq	netlink_seq
 	pid	netlink_port_id
 	data	xfrm_aevent_id
 	attrs	array[xfrm_attr]
 } [align_4]
 xfrm_newae_msgs = XFRM_MSG_NEWAE, XFRM_MSG_GETAE
 xfrm_aevent_id {
 	sa_id	xfrm_usersa_id
 	saddr	xfrm_address
@ -249,121 +117,40 @@ xfrm_aevent_id {
 	reqid	xfrm_req_id
 }
-xfrm_getsadinfo {
+xfrm_attrs [
-	len	len[parent, int32]
+	sa		nlattr[XFRMA_SA, xfrm_usersa_info]
-	type	flags[xfrm_newae_msgs, int16]
+	policy		nlattr[XFRMA_POLICY, xfrm_userpolicy_info]
-	flags	flags[netlink_msg_flags, int16]
+	lastused	nlattr[XFRMA_LASTUSED, int64]
-	seq	netlink_seq
+	algo_auth_trunc	nlattr[XFRMA_ALG_AUTH_TRUNC, xfrm_algo_auth]
-	pid	netlink_port_id
+	algo_aead	nlattr[XFRMA_ALG_AEAD, xfrm_algo_aead]
-	data	int32
+	algo_auth	nlattr[XFRMA_ALG_AUTH, xfrm_algo_hash]
-	attrs	array[xfrm_attr]
+	algo_crypt	nlattr[XFRMA_ALG_CRYPT, xfrm_algo_blkcipher]
-} [align_4]
+	algo_comp	nlattr[XFRMA_ALG_COMP, xfrm_algo_compress]
-
+	srcaddr		nlattr[XFRMA_SRCADDR, xfrm_address]
-xfrm_getsadinfo_msgs = XFRM_MSG_GETSADINFO, XFRM_MSG_NEWSPDINFO, XFRM_MSG_GETSPDINFO
+	coaddr		nlattr[XFRMA_COADDR, xfrm_address]
-
+	extra_flags	nlattr[XFRMA_SA_EXTRA_FLAGS, int32]
-xfrm_attr [
+	tfcpad		nlattr[XFRMA_TFCPAD, int32]
-	sa		xfrm_attr_sa
+	replay_thresh	nlattr[XFRMA_REPLAY_THRESH, int32]
-	policy		xfrm_attr_policy
+	etimer_thresh	nlattr[XFRMA_ETIMER_THRESH, int32]
-	lastused	xfrm_attr_lastused
+	output_mark	nlattr[XFRMA_OUTPUT_MARK, int32]
-	algo_auth_trunc	xfrm_attr_algo_auth_trunc
+	encap		nlattr[XFRMA_ENCAP, xfrm_encap_tmpl]
-	algo_aead	xfrm_attr_algo_aead
+	offload		nlattr[XFRMA_OFFLOAD_DEV, xfrm_user_offload]
-	algo_auth	xfrm_attr_algo_auth
+# TODO: is this xfrm_sec_ctx or xfrm_user_sec_ctx? comments say first, but code seem to expect the second.
-	algo_crypt	xfrm_attr_algo_crypt
+	sec_ctx		nlattr[XFRMA_SEC_CTX, xfrm_user_sec_ctx]
-	algo_comp	xfrm_attr_algo_comp
+	lifetime_val	nlattr[XFRMA_LTIME_VAL, xfrm_lifetime_cur]
-	srcaddr		xfrm_attr_srcaddr
+	tmpl		nlattr[XFRMA_TMPL, array[xfrm_user_tmpl]]
-	coaddr		xfrm_attr_coaddr
+	replay_val	nlattr[XFRMA_REPLAY_VAL, xfrm_replay_state]
-	u32		xfrm_attr_u32
+	replay_esn_val	nlattr[XFRMA_REPLAY_ESN_VAL, xfrm_replay_state_esn]
-	encap		xfrm_attr_encap
+	policy_type	nlattr[XFRMA_POLICY_TYPE, xfrm_userpolicy_type]
-	offload		xfrm_attr_offload
+	migrate		nlattr[XFRMA_MIGRATE, array[xfrm_user_migrate]]
-	sec_ctx		xfrm_attr_sec_ctx
+	user_kmaddress	nlattr[XFRMA_KMADDRESS, xfrm_user_kmaddress]
-	lifetime_val	xfrm_attr_lifetime_val
+	mark		nlattr[XFRMA_MARK, xfrm_mark]
-	tmpl		xfrm_attr_tmpl
+	proto		nlattr[XFRMA_PROTO, flags[xfrm_proto, int8]]
-	replay_val	xfrm_attr_replay_val
+	address_filter	nlattr[XFRMA_ADDRESS_FILTER, xfrm_address_filter]
-	replay_esn_val	xfrm_attr_replay_esn_val
+	ipv4_hthresh	nlattr[XFRMA_SPD_IPV4_HTHRESH, xfrmu_spdhthresh4]
-	policy_type	xfrm_attr_policy_type
+	ipv6_hthresh	nlattr[XFRMA_SPD_IPV6_HTHRESH, xfrmu_spdhthresh6]
 	migrate		xfrm_attr_migrate
 	user_kmaddress	xfrm_attr_user_kmaddress
 	mark		xfrm_attr_mark
 	proto		xfrm_attr_proto
 	address_filter	xfrm_attr_address_filter
 	ipv4_hthresh	xfrm_attr_ipv4_hthresh
 	ipv6_hthresh	xfrm_attr_ipv6_hthresh
 ] [varlen]
 xfrm_attr_sa {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_SA, int16]
 	data		xfrm_usersa_info
 } [align_4]
 xfrm_attr_policy {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_POLICY, int16]
 	data		xfrm_userpolicy_info
 } [align_4]
 xfrm_attr_lastused {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_LASTUSED, int16]
 	data		int64
 } [align_4]
 xfrm_attr_algo_auth_trunc {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_ALG_AUTH_TRUNC, int16]
 	data		xfrm_algo_auth
 } [align_4]
 xfrm_attr_algo_aead {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_ALG_AEAD, int16]
 	data		xfrm_algo_aead
 } [align_4]
 xfrm_attr_algo_auth {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_ALG_AUTH, int16]
 	data		xfrm_algo_hash
 } [align_4]
 xfrm_attr_algo_crypt {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_ALG_CRYPT, int16]
 	data		xfrm_algo_blkcipher
 } [align_4]
 xfrm_attr_algo_comp {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_ALG_COMP, int16]
 	data		xfrm_algo_compress
 } [align_4]
 xfrm_attr_srcaddr {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_SRCADDR, int16]
 	data		xfrm_address
 } [align_4]
 xfrm_attr_coaddr {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_COADDR, int16]
 	data		xfrm_address
 } [align_4]
 xfrm_attr_u32 {
 	nla_len		len[parent, int16]
 	nla_type	flags[xfrm_attr_u32s, int16]
 	data		int32
 } [align_4]
 xfrm_attr_u32s = XFRMA_SA_EXTRA_FLAGS, XFRMA_TFCPAD, XFRMA_REPLAY_THRESH, XFRMA_ETIMER_THRESH, XFRMA_OUTPUT_MARK
 xfrm_attr_encap {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_ENCAP, int16]
 	data		xfrm_encap_tmpl
 } [align_4]
 xfrm_encap_tmpl {
 	encap_type	flags[xfrm_encap_type, int16]
 	encap_sport	sock_port
@ -371,12 +158,6 @@ xfrm_encap_tmpl {
 	encap_oa	xfrm_address
 }
 xfrm_attr_offload {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_OFFLOAD_DEV, int16]
 	data		xfrm_user_offload
 } [align_4]
 xfrm_user_offload {
 	ifindex	ifindex[opt]
 	flags	flags[xfrm_offload_flags, int8]
@ -384,13 +165,6 @@ xfrm_user_offload {
 xfrm_offload_flags = XFRM_OFFLOAD_IPV6, XFRM_OFFLOAD_INBOUND
 xfrm_attr_sec_ctx {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_SEC_CTX, int16]
 # TODO: is this xfrm_sec_ctx or xfrm_user_sec_ctx? comments say first, but code seem to expect the second.
 	data		xfrm_user_sec_ctx
 } [align_4]
 xfrm_user_sec_ctx {
 	len	len[parent, int16]
 	exttype	const[XFRMA_SEC_CTX, int16]
@ -403,36 +177,12 @@ xfrm_user_sec_ctx {
 xfrm_sec_ctx_alg = XFRM_SC_ALG_SELINUX
 xfrm_attr_lifetime_val {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_LTIME_VAL, int16]
 	data		xfrm_lifetime_cur
 } [align_4]
 xfrm_attr_tmpl {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_TMPL, int16]
 	data		array[xfrm_user_tmpl]
 } [align_4]
 xfrm_attr_replay_val {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_REPLAY_VAL, int16]
 	data		xfrm_replay_state
 } [align_4]
 xfrm_replay_state {
 	oseq	netlink_seq
 	seq	netlink_seq
 	bitmap	int32
 }
 xfrm_attr_replay_esn_val {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_REPLAY_ESN_VAL, int16]
 	data		xfrm_replay_state_esn
 } [align_4]
 xfrm_replay_state_esn {
 	bmp_len		len[bmp, int32]
 	oseq		netlink_seq
@ -443,24 +193,12 @@ xfrm_replay_state_esn {
 	bmp		array[int32]
 }
 xfrm_attr_policy_type {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_POLICY_TYPE, int16]
 	data		xfrm_userpolicy_type
 } [align_4]
 xfrm_userpolicy_type {
 	type		flags[xfrm_policy_types, int8]
 	reserved1	const[0, int16]
 	reserved2	const[0, int8]
 }
 xfrm_attr_migrate {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_MIGRATE, int16]
 	data		array[xfrm_user_migrate]
 } [align_4]
 xfrm_user_migrate {
 	old_daddr	xfrm_address
 	new_saddr	xfrm_address
@ -472,12 +210,6 @@ xfrm_user_migrate {
 	new_family	flags[xfrm_family, int16]
 }
 xfrm_attr_user_kmaddress {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_KMADDRESS, int16]
 	data		xfrm_user_kmaddress
 } [align_4]
 xfrm_user_kmaddress {
 	local		xfrm_address
 	remote		xfrm_address
@ -485,29 +217,11 @@ xfrm_user_kmaddress {
 	family		flags[xfrm_family, int16]
 }
 xfrm_attr_mark {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_MARK, int16]
 	data		xfrm_mark
 } [align_4]
 xfrm_mark {
 	v	proc[3475289, 4, int32]
 	m	int32
 }
 xfrm_attr_proto {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_PROTO, int16]
 	data		flags[xfrm_proto, int8]
 } [align_4]
 xfrm_attr_address_filter {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_ADDRESS_FILTER, int16]
 	data		xfrm_address_filter
 } [align_4]
 xfrm_address_filter {
 	saddr	xfrm_address
 	daddr	xfrm_address
@ -516,23 +230,11 @@ xfrm_address_filter {
 	dplen	int8
 }
 xfrm_attr_ipv4_hthresh {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_SPD_IPV4_HTHRESH, int16]
 	data		xfrmu_spdhthresh4
 } [align_4]
 xfrmu_spdhthresh4 {
 	lbits	int8[0:32]
 	rbits	int8[0:32]
 }
 xfrm_attr_ipv6_hthresh {
 	nla_len		len[parent, int16]
 	nla_type	const[XFRMA_SPD_IPV6_HTHRESH, int16]
 	data		xfrmu_spdhthresh6
 } [align_4]
 xfrmu_spdhthresh6 {
 	lbits	int8[0:128]
 	rbits	int8[0:128]
--- a/sys/linux/sys.txt
+++ b/sys/linux/sys.txt
@ -507,15 +507,12 @@ pipefd {
 	wfd	fd
 }
-iovec_in {
+type iovec[DIR, T] {
-	addr	buffer[in]
+	addr	ptr[DIR, T]
 	len	len[addr, intptr]
 }
 iovec_out {
 	addr	buffer[out]
 	len	len[addr, intptr]
 }
 type iovec_in iovec[in, array[int8]]
 type iovec_out iovec[out, array[int8]]
 stat {
 	dev	int16