Loading...
Note: File does not exist in v3.5.6.
1// SPDX-License-Identifier: GPL-2.0
2// Copyright (c) 2010-2011 EIA Electronics,
3// Pieter Beyens <pieter.beyens@eia.be>
4// Copyright (c) 2010-2011 EIA Electronics,
5// Kurt Van Dijck <kurt.van.dijck@eia.be>
6// Copyright (c) 2018 Protonic,
7// Robin van der Gracht <robin@protonic.nl>
8// Copyright (c) 2017-2019 Pengutronix,
9// Marc Kleine-Budde <kernel@pengutronix.de>
10// Copyright (c) 2017-2019 Pengutronix,
11// Oleksij Rempel <kernel@pengutronix.de>
12
13#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
14
15#include <linux/can/can-ml.h>
16#include <linux/can/core.h>
17#include <linux/can/skb.h>
18#include <linux/errqueue.h>
19#include <linux/if_arp.h>
20
21#include "j1939-priv.h"
22
23#define J1939_MIN_NAMELEN CAN_REQUIRED_SIZE(struct sockaddr_can, can_addr.j1939)
24
25/* conversion function between struct sock::sk_priority from linux and
26 * j1939 priority field
27 */
28static inline priority_t j1939_prio(u32 sk_priority)
29{
30 sk_priority = min(sk_priority, 7U);
31
32 return 7 - sk_priority;
33}
34
35static inline u32 j1939_to_sk_priority(priority_t prio)
36{
37 return 7 - prio;
38}
39
40/* function to see if pgn is to be evaluated */
41static inline bool j1939_pgn_is_valid(pgn_t pgn)
42{
43 return pgn <= J1939_PGN_MAX;
44}
45
46/* test function to avoid non-zero DA placeholder for pdu1 pgn's */
47static inline bool j1939_pgn_is_clean_pdu(pgn_t pgn)
48{
49 if (j1939_pgn_is_pdu1(pgn))
50 return !(pgn & 0xff);
51 else
52 return true;
53}
54
55static inline void j1939_sock_pending_add(struct sock *sk)
56{
57 struct j1939_sock *jsk = j1939_sk(sk);
58
59 atomic_inc(&jsk->skb_pending);
60}
61
62static int j1939_sock_pending_get(struct sock *sk)
63{
64 struct j1939_sock *jsk = j1939_sk(sk);
65
66 return atomic_read(&jsk->skb_pending);
67}
68
69void j1939_sock_pending_del(struct sock *sk)
70{
71 struct j1939_sock *jsk = j1939_sk(sk);
72
73 /* atomic_dec_return returns the new value */
74 if (!atomic_dec_return(&jsk->skb_pending))
75 wake_up(&jsk->waitq); /* no pending SKB's */
76}
77
78static void j1939_jsk_add(struct j1939_priv *priv, struct j1939_sock *jsk)
79{
80 jsk->state |= J1939_SOCK_BOUND;
81 j1939_priv_get(priv);
82
83 spin_lock_bh(&priv->j1939_socks_lock);
84 list_add_tail(&jsk->list, &priv->j1939_socks);
85 spin_unlock_bh(&priv->j1939_socks_lock);
86}
87
88static void j1939_jsk_del(struct j1939_priv *priv, struct j1939_sock *jsk)
89{
90 spin_lock_bh(&priv->j1939_socks_lock);
91 list_del_init(&jsk->list);
92 spin_unlock_bh(&priv->j1939_socks_lock);
93
94 j1939_priv_put(priv);
95 jsk->state &= ~J1939_SOCK_BOUND;
96}
97
98static bool j1939_sk_queue_session(struct j1939_session *session)
99{
100 struct j1939_sock *jsk = j1939_sk(session->sk);
101 bool empty;
102
103 spin_lock_bh(&jsk->sk_session_queue_lock);
104 empty = list_empty(&jsk->sk_session_queue);
105 j1939_session_get(session);
106 list_add_tail(&session->sk_session_queue_entry, &jsk->sk_session_queue);
107 spin_unlock_bh(&jsk->sk_session_queue_lock);
108 j1939_sock_pending_add(&jsk->sk);
109
110 return empty;
111}
112
113static struct
114j1939_session *j1939_sk_get_incomplete_session(struct j1939_sock *jsk)
115{
116 struct j1939_session *session = NULL;
117
118 spin_lock_bh(&jsk->sk_session_queue_lock);
119 if (!list_empty(&jsk->sk_session_queue)) {
120 session = list_last_entry(&jsk->sk_session_queue,
121 struct j1939_session,
122 sk_session_queue_entry);
123 if (session->total_queued_size == session->total_message_size)
124 session = NULL;
125 else
126 j1939_session_get(session);
127 }
128 spin_unlock_bh(&jsk->sk_session_queue_lock);
129
130 return session;
131}
132
133static void j1939_sk_queue_drop_all(struct j1939_priv *priv,
134 struct j1939_sock *jsk, int err)
135{
136 struct j1939_session *session, *tmp;
137
138 netdev_dbg(priv->ndev, "%s: err: %i\n", __func__, err);
139 spin_lock_bh(&jsk->sk_session_queue_lock);
140 list_for_each_entry_safe(session, tmp, &jsk->sk_session_queue,
141 sk_session_queue_entry) {
142 list_del_init(&session->sk_session_queue_entry);
143 session->err = err;
144 j1939_session_put(session);
145 }
146 spin_unlock_bh(&jsk->sk_session_queue_lock);
147}
148
149static void j1939_sk_queue_activate_next_locked(struct j1939_session *session)
150{
151 struct j1939_sock *jsk;
152 struct j1939_session *first;
153 int err;
154
155 /* RX-Session don't have a socket (yet) */
156 if (!session->sk)
157 return;
158
159 jsk = j1939_sk(session->sk);
160 lockdep_assert_held(&jsk->sk_session_queue_lock);
161
162 err = session->err;
163
164 first = list_first_entry_or_null(&jsk->sk_session_queue,
165 struct j1939_session,
166 sk_session_queue_entry);
167
168 /* Some else has already activated the next session */
169 if (first != session)
170 return;
171
172activate_next:
173 list_del_init(&first->sk_session_queue_entry);
174 j1939_session_put(first);
175 first = list_first_entry_or_null(&jsk->sk_session_queue,
176 struct j1939_session,
177 sk_session_queue_entry);
178 if (!first)
179 return;
180
181 if (WARN_ON_ONCE(j1939_session_activate(first))) {
182 first->err = -EBUSY;
183 goto activate_next;
184 } else {
185 /* Give receiver some time (arbitrary chosen) to recover */
186 int time_ms = 0;
187
188 if (err)
189 time_ms = 10 + prandom_u32_max(16);
190
191 j1939_tp_schedule_txtimer(first, time_ms);
192 }
193}
194
195void j1939_sk_queue_activate_next(struct j1939_session *session)
196{
197 struct j1939_sock *jsk;
198
199 if (!session->sk)
200 return;
201
202 jsk = j1939_sk(session->sk);
203
204 spin_lock_bh(&jsk->sk_session_queue_lock);
205 j1939_sk_queue_activate_next_locked(session);
206 spin_unlock_bh(&jsk->sk_session_queue_lock);
207}
208
209static bool j1939_sk_match_dst(struct j1939_sock *jsk,
210 const struct j1939_sk_buff_cb *skcb)
211{
212 if ((jsk->state & J1939_SOCK_PROMISC))
213 return true;
214
215 /* Destination address filter */
216 if (jsk->addr.src_name && skcb->addr.dst_name) {
217 if (jsk->addr.src_name != skcb->addr.dst_name)
218 return false;
219 } else {
220 /* receive (all sockets) if
221 * - all packages that match our bind() address
222 * - all broadcast on a socket if SO_BROADCAST
223 * is set
224 */
225 if (j1939_address_is_unicast(skcb->addr.da)) {
226 if (jsk->addr.sa != skcb->addr.da)
227 return false;
228 } else if (!sock_flag(&jsk->sk, SOCK_BROADCAST)) {
229 /* receiving broadcast without SO_BROADCAST
230 * flag is not allowed
231 */
232 return false;
233 }
234 }
235
236 /* Source address filter */
237 if (jsk->state & J1939_SOCK_CONNECTED) {
238 /* receive (all sockets) if
239 * - all packages that match our connect() name or address
240 */
241 if (jsk->addr.dst_name && skcb->addr.src_name) {
242 if (jsk->addr.dst_name != skcb->addr.src_name)
243 return false;
244 } else {
245 if (jsk->addr.da != skcb->addr.sa)
246 return false;
247 }
248 }
249
250 /* PGN filter */
251 if (j1939_pgn_is_valid(jsk->pgn_rx_filter) &&
252 jsk->pgn_rx_filter != skcb->addr.pgn)
253 return false;
254
255 return true;
256}
257
258/* matches skb control buffer (addr) with a j1939 filter */
259static bool j1939_sk_match_filter(struct j1939_sock *jsk,
260 const struct j1939_sk_buff_cb *skcb)
261{
262 const struct j1939_filter *f = jsk->filters;
263 int nfilter = jsk->nfilters;
264
265 if (!nfilter)
266 /* receive all when no filters are assigned */
267 return true;
268
269 for (; nfilter; ++f, --nfilter) {
270 if ((skcb->addr.pgn & f->pgn_mask) != f->pgn)
271 continue;
272 if ((skcb->addr.sa & f->addr_mask) != f->addr)
273 continue;
274 if ((skcb->addr.src_name & f->name_mask) != f->name)
275 continue;
276 return true;
277 }
278 return false;
279}
280
281static bool j1939_sk_recv_match_one(struct j1939_sock *jsk,
282 const struct j1939_sk_buff_cb *skcb)
283{
284 if (!(jsk->state & J1939_SOCK_BOUND))
285 return false;
286
287 if (!j1939_sk_match_dst(jsk, skcb))
288 return false;
289
290 if (!j1939_sk_match_filter(jsk, skcb))
291 return false;
292
293 return true;
294}
295
296static void j1939_sk_recv_one(struct j1939_sock *jsk, struct sk_buff *oskb)
297{
298 const struct j1939_sk_buff_cb *oskcb = j1939_skb_to_cb(oskb);
299 struct j1939_sk_buff_cb *skcb;
300 struct sk_buff *skb;
301
302 if (oskb->sk == &jsk->sk)
303 return;
304
305 if (!j1939_sk_recv_match_one(jsk, oskcb))
306 return;
307
308 skb = skb_clone(oskb, GFP_ATOMIC);
309 if (!skb) {
310 pr_warn("skb clone failed\n");
311 return;
312 }
313 can_skb_set_owner(skb, oskb->sk);
314
315 skcb = j1939_skb_to_cb(skb);
316 skcb->msg_flags &= ~(MSG_DONTROUTE);
317 if (skb->sk)
318 skcb->msg_flags |= MSG_DONTROUTE;
319
320 if (sock_queue_rcv_skb(&jsk->sk, skb) < 0)
321 kfree_skb(skb);
322}
323
324bool j1939_sk_recv_match(struct j1939_priv *priv, struct j1939_sk_buff_cb *skcb)
325{
326 struct j1939_sock *jsk;
327 bool match = false;
328
329 spin_lock_bh(&priv->j1939_socks_lock);
330 list_for_each_entry(jsk, &priv->j1939_socks, list) {
331 match = j1939_sk_recv_match_one(jsk, skcb);
332 if (match)
333 break;
334 }
335 spin_unlock_bh(&priv->j1939_socks_lock);
336
337 return match;
338}
339
340void j1939_sk_recv(struct j1939_priv *priv, struct sk_buff *skb)
341{
342 struct j1939_sock *jsk;
343
344 spin_lock_bh(&priv->j1939_socks_lock);
345 list_for_each_entry(jsk, &priv->j1939_socks, list) {
346 j1939_sk_recv_one(jsk, skb);
347 }
348 spin_unlock_bh(&priv->j1939_socks_lock);
349}
350
351static void j1939_sk_sock_destruct(struct sock *sk)
352{
353 struct j1939_sock *jsk = j1939_sk(sk);
354
355 /* This function will be call by the generic networking code, when then
356 * the socket is ultimately closed (sk->sk_destruct).
357 *
358 * The race between
359 * - processing a received CAN frame
360 * (can_receive -> j1939_can_recv)
361 * and accessing j1939_priv
362 * ... and ...
363 * - closing a socket
364 * (j1939_can_rx_unregister -> can_rx_unregister)
365 * and calling the final j1939_priv_put()
366 *
367 * is avoided by calling the final j1939_priv_put() from this
368 * RCU deferred cleanup call.
369 */
370 if (jsk->priv) {
371 j1939_priv_put(jsk->priv);
372 jsk->priv = NULL;
373 }
374
375 /* call generic CAN sock destruct */
376 can_sock_destruct(sk);
377}
378
379static int j1939_sk_init(struct sock *sk)
380{
381 struct j1939_sock *jsk = j1939_sk(sk);
382
383 /* Ensure that "sk" is first member in "struct j1939_sock", so that we
384 * can skip it during memset().
385 */
386 BUILD_BUG_ON(offsetof(struct j1939_sock, sk) != 0);
387 memset((void *)jsk + sizeof(jsk->sk), 0x0,
388 sizeof(*jsk) - sizeof(jsk->sk));
389
390 INIT_LIST_HEAD(&jsk->list);
391 init_waitqueue_head(&jsk->waitq);
392 jsk->sk.sk_priority = j1939_to_sk_priority(6);
393 jsk->sk.sk_reuse = 1; /* per default */
394 jsk->addr.sa = J1939_NO_ADDR;
395 jsk->addr.da = J1939_NO_ADDR;
396 jsk->addr.pgn = J1939_NO_PGN;
397 jsk->pgn_rx_filter = J1939_NO_PGN;
398 atomic_set(&jsk->skb_pending, 0);
399 spin_lock_init(&jsk->sk_session_queue_lock);
400 INIT_LIST_HEAD(&jsk->sk_session_queue);
401
402 /* j1939_sk_sock_destruct() depends on SOCK_RCU_FREE flag */
403 sock_set_flag(sk, SOCK_RCU_FREE);
404 sk->sk_destruct = j1939_sk_sock_destruct;
405 sk->sk_protocol = CAN_J1939;
406
407 return 0;
408}
409
410static int j1939_sk_sanity_check(struct sockaddr_can *addr, int len)
411{
412 if (!addr)
413 return -EDESTADDRREQ;
414 if (len < J1939_MIN_NAMELEN)
415 return -EINVAL;
416 if (addr->can_family != AF_CAN)
417 return -EINVAL;
418 if (!addr->can_ifindex)
419 return -ENODEV;
420 if (j1939_pgn_is_valid(addr->can_addr.j1939.pgn) &&
421 !j1939_pgn_is_clean_pdu(addr->can_addr.j1939.pgn))
422 return -EINVAL;
423
424 return 0;
425}
426
427static int j1939_sk_bind(struct socket *sock, struct sockaddr *uaddr, int len)
428{
429 struct sockaddr_can *addr = (struct sockaddr_can *)uaddr;
430 struct j1939_sock *jsk = j1939_sk(sock->sk);
431 struct j1939_priv *priv;
432 struct sock *sk;
433 struct net *net;
434 int ret = 0;
435
436 ret = j1939_sk_sanity_check(addr, len);
437 if (ret)
438 return ret;
439
440 lock_sock(sock->sk);
441
442 priv = jsk->priv;
443 sk = sock->sk;
444 net = sock_net(sk);
445
446 /* Already bound to an interface? */
447 if (jsk->state & J1939_SOCK_BOUND) {
448 /* A re-bind() to a different interface is not
449 * supported.
450 */
451 if (jsk->ifindex != addr->can_ifindex) {
452 ret = -EINVAL;
453 goto out_release_sock;
454 }
455
456 /* drop old references */
457 j1939_jsk_del(priv, jsk);
458 j1939_local_ecu_put(priv, jsk->addr.src_name, jsk->addr.sa);
459 } else {
460 struct can_ml_priv *can_ml;
461 struct net_device *ndev;
462
463 ndev = dev_get_by_index(net, addr->can_ifindex);
464 if (!ndev) {
465 ret = -ENODEV;
466 goto out_release_sock;
467 }
468
469 can_ml = can_get_ml_priv(ndev);
470 if (!can_ml) {
471 dev_put(ndev);
472 ret = -ENODEV;
473 goto out_release_sock;
474 }
475
476 if (!(ndev->flags & IFF_UP)) {
477 dev_put(ndev);
478 ret = -ENETDOWN;
479 goto out_release_sock;
480 }
481
482 priv = j1939_netdev_start(ndev);
483 dev_put(ndev);
484 if (IS_ERR(priv)) {
485 ret = PTR_ERR(priv);
486 goto out_release_sock;
487 }
488
489 jsk->ifindex = addr->can_ifindex;
490
491 /* the corresponding j1939_priv_put() is called via
492 * sk->sk_destruct, which points to j1939_sk_sock_destruct()
493 */
494 j1939_priv_get(priv);
495 jsk->priv = priv;
496 }
497
498 /* set default transmit pgn */
499 if (j1939_pgn_is_valid(addr->can_addr.j1939.pgn))
500 jsk->pgn_rx_filter = addr->can_addr.j1939.pgn;
501 jsk->addr.src_name = addr->can_addr.j1939.name;
502 jsk->addr.sa = addr->can_addr.j1939.addr;
503
504 /* get new references */
505 ret = j1939_local_ecu_get(priv, jsk->addr.src_name, jsk->addr.sa);
506 if (ret) {
507 j1939_netdev_stop(priv);
508 goto out_release_sock;
509 }
510
511 j1939_jsk_add(priv, jsk);
512
513 out_release_sock: /* fall through */
514 release_sock(sock->sk);
515
516 return ret;
517}
518
519static int j1939_sk_connect(struct socket *sock, struct sockaddr *uaddr,
520 int len, int flags)
521{
522 struct sockaddr_can *addr = (struct sockaddr_can *)uaddr;
523 struct j1939_sock *jsk = j1939_sk(sock->sk);
524 int ret = 0;
525
526 ret = j1939_sk_sanity_check(addr, len);
527 if (ret)
528 return ret;
529
530 lock_sock(sock->sk);
531
532 /* bind() before connect() is mandatory */
533 if (!(jsk->state & J1939_SOCK_BOUND)) {
534 ret = -EINVAL;
535 goto out_release_sock;
536 }
537
538 /* A connect() to a different interface is not supported. */
539 if (jsk->ifindex != addr->can_ifindex) {
540 ret = -EINVAL;
541 goto out_release_sock;
542 }
543
544 if (!addr->can_addr.j1939.name &&
545 addr->can_addr.j1939.addr == J1939_NO_ADDR &&
546 !sock_flag(&jsk->sk, SOCK_BROADCAST)) {
547 /* broadcast, but SO_BROADCAST not set */
548 ret = -EACCES;
549 goto out_release_sock;
550 }
551
552 jsk->addr.dst_name = addr->can_addr.j1939.name;
553 jsk->addr.da = addr->can_addr.j1939.addr;
554
555 if (j1939_pgn_is_valid(addr->can_addr.j1939.pgn))
556 jsk->addr.pgn = addr->can_addr.j1939.pgn;
557
558 jsk->state |= J1939_SOCK_CONNECTED;
559
560 out_release_sock: /* fall through */
561 release_sock(sock->sk);
562
563 return ret;
564}
565
566static void j1939_sk_sock2sockaddr_can(struct sockaddr_can *addr,
567 const struct j1939_sock *jsk, int peer)
568{
569 /* There are two holes (2 bytes and 3 bytes) to clear to avoid
570 * leaking kernel information to user space.
571 */
572 memset(addr, 0, J1939_MIN_NAMELEN);
573
574 addr->can_family = AF_CAN;
575 addr->can_ifindex = jsk->ifindex;
576 addr->can_addr.j1939.pgn = jsk->addr.pgn;
577 if (peer) {
578 addr->can_addr.j1939.name = jsk->addr.dst_name;
579 addr->can_addr.j1939.addr = jsk->addr.da;
580 } else {
581 addr->can_addr.j1939.name = jsk->addr.src_name;
582 addr->can_addr.j1939.addr = jsk->addr.sa;
583 }
584}
585
586static int j1939_sk_getname(struct socket *sock, struct sockaddr *uaddr,
587 int peer)
588{
589 struct sockaddr_can *addr = (struct sockaddr_can *)uaddr;
590 struct sock *sk = sock->sk;
591 struct j1939_sock *jsk = j1939_sk(sk);
592 int ret = 0;
593
594 lock_sock(sk);
595
596 if (peer && !(jsk->state & J1939_SOCK_CONNECTED)) {
597 ret = -EADDRNOTAVAIL;
598 goto failure;
599 }
600
601 j1939_sk_sock2sockaddr_can(addr, jsk, peer);
602 ret = J1939_MIN_NAMELEN;
603
604 failure:
605 release_sock(sk);
606
607 return ret;
608}
609
610static int j1939_sk_release(struct socket *sock)
611{
612 struct sock *sk = sock->sk;
613 struct j1939_sock *jsk;
614
615 if (!sk)
616 return 0;
617
618 lock_sock(sk);
619 jsk = j1939_sk(sk);
620
621 if (jsk->state & J1939_SOCK_BOUND) {
622 struct j1939_priv *priv = jsk->priv;
623
624 if (wait_event_interruptible(jsk->waitq,
625 !j1939_sock_pending_get(&jsk->sk))) {
626 j1939_cancel_active_session(priv, sk);
627 j1939_sk_queue_drop_all(priv, jsk, ESHUTDOWN);
628 }
629
630 j1939_jsk_del(priv, jsk);
631
632 j1939_local_ecu_put(priv, jsk->addr.src_name,
633 jsk->addr.sa);
634
635 j1939_netdev_stop(priv);
636 }
637
638 kfree(jsk->filters);
639 sock_orphan(sk);
640 sock->sk = NULL;
641
642 release_sock(sk);
643 sock_put(sk);
644
645 return 0;
646}
647
648static int j1939_sk_setsockopt_flag(struct j1939_sock *jsk, sockptr_t optval,
649 unsigned int optlen, int flag)
650{
651 int tmp;
652
653 if (optlen != sizeof(tmp))
654 return -EINVAL;
655 if (copy_from_sockptr(&tmp, optval, optlen))
656 return -EFAULT;
657 lock_sock(&jsk->sk);
658 if (tmp)
659 jsk->state |= flag;
660 else
661 jsk->state &= ~flag;
662 release_sock(&jsk->sk);
663 return tmp;
664}
665
666static int j1939_sk_setsockopt(struct socket *sock, int level, int optname,
667 sockptr_t optval, unsigned int optlen)
668{
669 struct sock *sk = sock->sk;
670 struct j1939_sock *jsk = j1939_sk(sk);
671 int tmp, count = 0, ret = 0;
672 struct j1939_filter *filters = NULL, *ofilters;
673
674 if (level != SOL_CAN_J1939)
675 return -EINVAL;
676
677 switch (optname) {
678 case SO_J1939_FILTER:
679 if (!sockptr_is_null(optval) && optlen != 0) {
680 struct j1939_filter *f;
681 int c;
682
683 if (optlen % sizeof(*filters) != 0)
684 return -EINVAL;
685
686 if (optlen > J1939_FILTER_MAX *
687 sizeof(struct j1939_filter))
688 return -EINVAL;
689
690 count = optlen / sizeof(*filters);
691 filters = memdup_sockptr(optval, optlen);
692 if (IS_ERR(filters))
693 return PTR_ERR(filters);
694
695 for (f = filters, c = count; c; f++, c--) {
696 f->name &= f->name_mask;
697 f->pgn &= f->pgn_mask;
698 f->addr &= f->addr_mask;
699 }
700 }
701
702 lock_sock(&jsk->sk);
703 ofilters = jsk->filters;
704 jsk->filters = filters;
705 jsk->nfilters = count;
706 release_sock(&jsk->sk);
707 kfree(ofilters);
708 return 0;
709 case SO_J1939_PROMISC:
710 return j1939_sk_setsockopt_flag(jsk, optval, optlen,
711 J1939_SOCK_PROMISC);
712 case SO_J1939_ERRQUEUE:
713 ret = j1939_sk_setsockopt_flag(jsk, optval, optlen,
714 J1939_SOCK_ERRQUEUE);
715 if (ret < 0)
716 return ret;
717
718 if (!(jsk->state & J1939_SOCK_ERRQUEUE))
719 skb_queue_purge(&sk->sk_error_queue);
720 return ret;
721 case SO_J1939_SEND_PRIO:
722 if (optlen != sizeof(tmp))
723 return -EINVAL;
724 if (copy_from_sockptr(&tmp, optval, optlen))
725 return -EFAULT;
726 if (tmp < 0 || tmp > 7)
727 return -EDOM;
728 if (tmp < 2 && !capable(CAP_NET_ADMIN))
729 return -EPERM;
730 lock_sock(&jsk->sk);
731 jsk->sk.sk_priority = j1939_to_sk_priority(tmp);
732 release_sock(&jsk->sk);
733 return 0;
734 default:
735 return -ENOPROTOOPT;
736 }
737}
738
739static int j1939_sk_getsockopt(struct socket *sock, int level, int optname,
740 char __user *optval, int __user *optlen)
741{
742 struct sock *sk = sock->sk;
743 struct j1939_sock *jsk = j1939_sk(sk);
744 int ret, ulen;
745 /* set defaults for using 'int' properties */
746 int tmp = 0;
747 int len = sizeof(tmp);
748 void *val = &tmp;
749
750 if (level != SOL_CAN_J1939)
751 return -EINVAL;
752 if (get_user(ulen, optlen))
753 return -EFAULT;
754 if (ulen < 0)
755 return -EINVAL;
756
757 lock_sock(&jsk->sk);
758 switch (optname) {
759 case SO_J1939_PROMISC:
760 tmp = (jsk->state & J1939_SOCK_PROMISC) ? 1 : 0;
761 break;
762 case SO_J1939_ERRQUEUE:
763 tmp = (jsk->state & J1939_SOCK_ERRQUEUE) ? 1 : 0;
764 break;
765 case SO_J1939_SEND_PRIO:
766 tmp = j1939_prio(jsk->sk.sk_priority);
767 break;
768 default:
769 ret = -ENOPROTOOPT;
770 goto no_copy;
771 }
772
773 /* copy to user, based on 'len' & 'val'
774 * but most sockopt's are 'int' properties, and have 'len' & 'val'
775 * left unchanged, but instead modified 'tmp'
776 */
777 if (len > ulen)
778 ret = -EFAULT;
779 else if (put_user(len, optlen))
780 ret = -EFAULT;
781 else if (copy_to_user(optval, val, len))
782 ret = -EFAULT;
783 else
784 ret = 0;
785 no_copy:
786 release_sock(&jsk->sk);
787 return ret;
788}
789
790static int j1939_sk_recvmsg(struct socket *sock, struct msghdr *msg,
791 size_t size, int flags)
792{
793 struct sock *sk = sock->sk;
794 struct sk_buff *skb;
795 struct j1939_sk_buff_cb *skcb;
796 int ret = 0;
797
798 if (flags & ~(MSG_DONTWAIT | MSG_ERRQUEUE))
799 return -EINVAL;
800
801 if (flags & MSG_ERRQUEUE)
802 return sock_recv_errqueue(sock->sk, msg, size, SOL_CAN_J1939,
803 SCM_J1939_ERRQUEUE);
804
805 skb = skb_recv_datagram(sk, flags, 0, &ret);
806 if (!skb)
807 return ret;
808
809 if (size < skb->len)
810 msg->msg_flags |= MSG_TRUNC;
811 else
812 size = skb->len;
813
814 ret = memcpy_to_msg(msg, skb->data, size);
815 if (ret < 0) {
816 skb_free_datagram(sk, skb);
817 return ret;
818 }
819
820 skcb = j1939_skb_to_cb(skb);
821 if (j1939_address_is_valid(skcb->addr.da))
822 put_cmsg(msg, SOL_CAN_J1939, SCM_J1939_DEST_ADDR,
823 sizeof(skcb->addr.da), &skcb->addr.da);
824
825 if (skcb->addr.dst_name)
826 put_cmsg(msg, SOL_CAN_J1939, SCM_J1939_DEST_NAME,
827 sizeof(skcb->addr.dst_name), &skcb->addr.dst_name);
828
829 put_cmsg(msg, SOL_CAN_J1939, SCM_J1939_PRIO,
830 sizeof(skcb->priority), &skcb->priority);
831
832 if (msg->msg_name) {
833 struct sockaddr_can *paddr = msg->msg_name;
834
835 msg->msg_namelen = J1939_MIN_NAMELEN;
836 memset(msg->msg_name, 0, msg->msg_namelen);
837 paddr->can_family = AF_CAN;
838 paddr->can_ifindex = skb->skb_iif;
839 paddr->can_addr.j1939.name = skcb->addr.src_name;
840 paddr->can_addr.j1939.addr = skcb->addr.sa;
841 paddr->can_addr.j1939.pgn = skcb->addr.pgn;
842 }
843
844 sock_recv_ts_and_drops(msg, sk, skb);
845 msg->msg_flags |= skcb->msg_flags;
846 skb_free_datagram(sk, skb);
847
848 return size;
849}
850
851static struct sk_buff *j1939_sk_alloc_skb(struct net_device *ndev,
852 struct sock *sk,
853 struct msghdr *msg, size_t size,
854 int *errcode)
855{
856 struct j1939_sock *jsk = j1939_sk(sk);
857 struct j1939_sk_buff_cb *skcb;
858 struct sk_buff *skb;
859 int ret;
860
861 skb = sock_alloc_send_skb(sk,
862 size +
863 sizeof(struct can_frame) -
864 sizeof(((struct can_frame *)NULL)->data) +
865 sizeof(struct can_skb_priv),
866 msg->msg_flags & MSG_DONTWAIT, &ret);
867 if (!skb)
868 goto failure;
869
870 can_skb_reserve(skb);
871 can_skb_prv(skb)->ifindex = ndev->ifindex;
872 can_skb_prv(skb)->skbcnt = 0;
873 skb_reserve(skb, offsetof(struct can_frame, data));
874
875 ret = memcpy_from_msg(skb_put(skb, size), msg, size);
876 if (ret < 0)
877 goto free_skb;
878
879 skb->dev = ndev;
880
881 skcb = j1939_skb_to_cb(skb);
882 memset(skcb, 0, sizeof(*skcb));
883 skcb->addr = jsk->addr;
884 skcb->priority = j1939_prio(sk->sk_priority);
885
886 if (msg->msg_name) {
887 struct sockaddr_can *addr = msg->msg_name;
888
889 if (addr->can_addr.j1939.name ||
890 addr->can_addr.j1939.addr != J1939_NO_ADDR) {
891 skcb->addr.dst_name = addr->can_addr.j1939.name;
892 skcb->addr.da = addr->can_addr.j1939.addr;
893 }
894 if (j1939_pgn_is_valid(addr->can_addr.j1939.pgn))
895 skcb->addr.pgn = addr->can_addr.j1939.pgn;
896 }
897
898 *errcode = ret;
899 return skb;
900
901free_skb:
902 kfree_skb(skb);
903failure:
904 *errcode = ret;
905 return NULL;
906}
907
908static size_t j1939_sk_opt_stats_get_size(void)
909{
910 return
911 nla_total_size(sizeof(u32)) + /* J1939_NLA_BYTES_ACKED */
912 0;
913}
914
915static struct sk_buff *
916j1939_sk_get_timestamping_opt_stats(struct j1939_session *session)
917{
918 struct sk_buff *stats;
919 u32 size;
920
921 stats = alloc_skb(j1939_sk_opt_stats_get_size(), GFP_ATOMIC);
922 if (!stats)
923 return NULL;
924
925 if (session->skcb.addr.type == J1939_SIMPLE)
926 size = session->total_message_size;
927 else
928 size = min(session->pkt.tx_acked * 7,
929 session->total_message_size);
930
931 nla_put_u32(stats, J1939_NLA_BYTES_ACKED, size);
932
933 return stats;
934}
935
936void j1939_sk_errqueue(struct j1939_session *session,
937 enum j1939_sk_errqueue_type type)
938{
939 struct j1939_priv *priv = session->priv;
940 struct sock *sk = session->sk;
941 struct j1939_sock *jsk;
942 struct sock_exterr_skb *serr;
943 struct sk_buff *skb;
944 char *state = "UNK";
945 int err;
946
947 /* currently we have no sk for the RX session */
948 if (!sk)
949 return;
950
951 jsk = j1939_sk(sk);
952
953 if (!(jsk->state & J1939_SOCK_ERRQUEUE))
954 return;
955
956 skb = j1939_sk_get_timestamping_opt_stats(session);
957 if (!skb)
958 return;
959
960 skb->tstamp = ktime_get_real();
961
962 BUILD_BUG_ON(sizeof(struct sock_exterr_skb) > sizeof(skb->cb));
963
964 serr = SKB_EXT_ERR(skb);
965 memset(serr, 0, sizeof(*serr));
966 switch (type) {
967 case J1939_ERRQUEUE_ACK:
968 if (!(sk->sk_tsflags & SOF_TIMESTAMPING_TX_ACK)) {
969 kfree_skb(skb);
970 return;
971 }
972
973 serr->ee.ee_errno = ENOMSG;
974 serr->ee.ee_origin = SO_EE_ORIGIN_TIMESTAMPING;
975 serr->ee.ee_info = SCM_TSTAMP_ACK;
976 state = "ACK";
977 break;
978 case J1939_ERRQUEUE_SCHED:
979 if (!(sk->sk_tsflags & SOF_TIMESTAMPING_TX_SCHED)) {
980 kfree_skb(skb);
981 return;
982 }
983
984 serr->ee.ee_errno = ENOMSG;
985 serr->ee.ee_origin = SO_EE_ORIGIN_TIMESTAMPING;
986 serr->ee.ee_info = SCM_TSTAMP_SCHED;
987 state = "SCH";
988 break;
989 case J1939_ERRQUEUE_ABORT:
990 serr->ee.ee_errno = session->err;
991 serr->ee.ee_origin = SO_EE_ORIGIN_LOCAL;
992 serr->ee.ee_info = J1939_EE_INFO_TX_ABORT;
993 state = "ABT";
994 break;
995 default:
996 netdev_err(priv->ndev, "Unknown errqueue type %i\n", type);
997 }
998
999 serr->opt_stats = true;
1000 if (sk->sk_tsflags & SOF_TIMESTAMPING_OPT_ID)
1001 serr->ee.ee_data = session->tskey;
1002
1003 netdev_dbg(session->priv->ndev, "%s: 0x%p tskey: %i, state: %s\n",
1004 __func__, session, session->tskey, state);
1005 err = sock_queue_err_skb(sk, skb);
1006
1007 if (err)
1008 kfree_skb(skb);
1009};
1010
1011void j1939_sk_send_loop_abort(struct sock *sk, int err)
1012{
1013 sk->sk_err = err;
1014
1015 sk_error_report(sk);
1016}
1017
1018static int j1939_sk_send_loop(struct j1939_priv *priv, struct sock *sk,
1019 struct msghdr *msg, size_t size)
1020
1021{
1022 struct j1939_sock *jsk = j1939_sk(sk);
1023 struct j1939_session *session = j1939_sk_get_incomplete_session(jsk);
1024 struct sk_buff *skb;
1025 size_t segment_size, todo_size;
1026 int ret = 0;
1027
1028 if (session &&
1029 session->total_message_size != session->total_queued_size + size) {
1030 j1939_session_put(session);
1031 return -EIO;
1032 }
1033
1034 todo_size = size;
1035
1036 while (todo_size) {
1037 struct j1939_sk_buff_cb *skcb;
1038
1039 segment_size = min_t(size_t, J1939_MAX_TP_PACKET_SIZE,
1040 todo_size);
1041
1042 /* Allocate skb for one segment */
1043 skb = j1939_sk_alloc_skb(priv->ndev, sk, msg, segment_size,
1044 &ret);
1045 if (ret)
1046 break;
1047
1048 skcb = j1939_skb_to_cb(skb);
1049
1050 if (!session) {
1051 /* at this point the size should be full size
1052 * of the session
1053 */
1054 skcb->offset = 0;
1055 session = j1939_tp_send(priv, skb, size);
1056 if (IS_ERR(session)) {
1057 ret = PTR_ERR(session);
1058 goto kfree_skb;
1059 }
1060 if (j1939_sk_queue_session(session)) {
1061 /* try to activate session if we a
1062 * fist in the queue
1063 */
1064 if (!j1939_session_activate(session)) {
1065 j1939_tp_schedule_txtimer(session, 0);
1066 } else {
1067 ret = -EBUSY;
1068 session->err = ret;
1069 j1939_sk_queue_drop_all(priv, jsk,
1070 EBUSY);
1071 break;
1072 }
1073 }
1074 } else {
1075 skcb->offset = session->total_queued_size;
1076 j1939_session_skb_queue(session, skb);
1077 }
1078
1079 todo_size -= segment_size;
1080 session->total_queued_size += segment_size;
1081 }
1082
1083 switch (ret) {
1084 case 0: /* OK */
1085 if (todo_size)
1086 netdev_warn(priv->ndev,
1087 "no error found and not completely queued?! %zu\n",
1088 todo_size);
1089 ret = size;
1090 break;
1091 case -ERESTARTSYS:
1092 ret = -EINTR;
1093 fallthrough;
1094 case -EAGAIN: /* OK */
1095 if (todo_size != size)
1096 ret = size - todo_size;
1097 break;
1098 default: /* ERROR */
1099 break;
1100 }
1101
1102 if (session)
1103 j1939_session_put(session);
1104
1105 return ret;
1106
1107 kfree_skb:
1108 kfree_skb(skb);
1109 return ret;
1110}
1111
1112static int j1939_sk_sendmsg(struct socket *sock, struct msghdr *msg,
1113 size_t size)
1114{
1115 struct sock *sk = sock->sk;
1116 struct j1939_sock *jsk = j1939_sk(sk);
1117 struct j1939_priv *priv;
1118 int ifindex;
1119 int ret;
1120
1121 lock_sock(sock->sk);
1122 /* various socket state tests */
1123 if (!(jsk->state & J1939_SOCK_BOUND)) {
1124 ret = -EBADFD;
1125 goto sendmsg_done;
1126 }
1127
1128 priv = jsk->priv;
1129 ifindex = jsk->ifindex;
1130
1131 if (!jsk->addr.src_name && jsk->addr.sa == J1939_NO_ADDR) {
1132 /* no source address assigned yet */
1133 ret = -EBADFD;
1134 goto sendmsg_done;
1135 }
1136
1137 /* deal with provided destination address info */
1138 if (msg->msg_name) {
1139 struct sockaddr_can *addr = msg->msg_name;
1140
1141 if (msg->msg_namelen < J1939_MIN_NAMELEN) {
1142 ret = -EINVAL;
1143 goto sendmsg_done;
1144 }
1145
1146 if (addr->can_family != AF_CAN) {
1147 ret = -EINVAL;
1148 goto sendmsg_done;
1149 }
1150
1151 if (addr->can_ifindex && addr->can_ifindex != ifindex) {
1152 ret = -EBADFD;
1153 goto sendmsg_done;
1154 }
1155
1156 if (j1939_pgn_is_valid(addr->can_addr.j1939.pgn) &&
1157 !j1939_pgn_is_clean_pdu(addr->can_addr.j1939.pgn)) {
1158 ret = -EINVAL;
1159 goto sendmsg_done;
1160 }
1161
1162 if (!addr->can_addr.j1939.name &&
1163 addr->can_addr.j1939.addr == J1939_NO_ADDR &&
1164 !sock_flag(sk, SOCK_BROADCAST)) {
1165 /* broadcast, but SO_BROADCAST not set */
1166 ret = -EACCES;
1167 goto sendmsg_done;
1168 }
1169 } else {
1170 if (!jsk->addr.dst_name && jsk->addr.da == J1939_NO_ADDR &&
1171 !sock_flag(sk, SOCK_BROADCAST)) {
1172 /* broadcast, but SO_BROADCAST not set */
1173 ret = -EACCES;
1174 goto sendmsg_done;
1175 }
1176 }
1177
1178 ret = j1939_sk_send_loop(priv, sk, msg, size);
1179
1180sendmsg_done:
1181 release_sock(sock->sk);
1182
1183 return ret;
1184}
1185
1186void j1939_sk_netdev_event_netdown(struct j1939_priv *priv)
1187{
1188 struct j1939_sock *jsk;
1189 int error_code = ENETDOWN;
1190
1191 spin_lock_bh(&priv->j1939_socks_lock);
1192 list_for_each_entry(jsk, &priv->j1939_socks, list) {
1193 jsk->sk.sk_err = error_code;
1194 if (!sock_flag(&jsk->sk, SOCK_DEAD))
1195 sk_error_report(&jsk->sk);
1196
1197 j1939_sk_queue_drop_all(priv, jsk, error_code);
1198 }
1199 spin_unlock_bh(&priv->j1939_socks_lock);
1200}
1201
1202static int j1939_sk_no_ioctlcmd(struct socket *sock, unsigned int cmd,
1203 unsigned long arg)
1204{
1205 /* no ioctls for socket layer -> hand it down to NIC layer */
1206 return -ENOIOCTLCMD;
1207}
1208
1209static const struct proto_ops j1939_ops = {
1210 .family = PF_CAN,
1211 .release = j1939_sk_release,
1212 .bind = j1939_sk_bind,
1213 .connect = j1939_sk_connect,
1214 .socketpair = sock_no_socketpair,
1215 .accept = sock_no_accept,
1216 .getname = j1939_sk_getname,
1217 .poll = datagram_poll,
1218 .ioctl = j1939_sk_no_ioctlcmd,
1219 .listen = sock_no_listen,
1220 .shutdown = sock_no_shutdown,
1221 .setsockopt = j1939_sk_setsockopt,
1222 .getsockopt = j1939_sk_getsockopt,
1223 .sendmsg = j1939_sk_sendmsg,
1224 .recvmsg = j1939_sk_recvmsg,
1225 .mmap = sock_no_mmap,
1226 .sendpage = sock_no_sendpage,
1227};
1228
1229static struct proto j1939_proto __read_mostly = {
1230 .name = "CAN_J1939",
1231 .owner = THIS_MODULE,
1232 .obj_size = sizeof(struct j1939_sock),
1233 .init = j1939_sk_init,
1234};
1235
1236const struct can_proto j1939_can_proto = {
1237 .type = SOCK_DGRAM,
1238 .protocol = CAN_J1939,
1239 .ops = &j1939_ops,
1240 .prot = &j1939_proto,
1241};