Loading...
1/*
2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
5 *
6 * Generic socket support routines. Memory allocators, socket lock/release
7 * handler for protocols to use and generic option handler.
8 *
9 *
10 * Authors: Ross Biro
11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Florian La Roche, <flla@stud.uni-sb.de>
13 * Alan Cox, <A.Cox@swansea.ac.uk>
14 *
15 * Fixes:
16 * Alan Cox : Numerous verify_area() problems
17 * Alan Cox : Connecting on a connecting socket
18 * now returns an error for tcp.
19 * Alan Cox : sock->protocol is set correctly.
20 * and is not sometimes left as 0.
21 * Alan Cox : connect handles icmp errors on a
22 * connect properly. Unfortunately there
23 * is a restart syscall nasty there. I
24 * can't match BSD without hacking the C
25 * library. Ideas urgently sought!
26 * Alan Cox : Disallow bind() to addresses that are
27 * not ours - especially broadcast ones!!
28 * Alan Cox : Socket 1024 _IS_ ok for users. (fencepost)
29 * Alan Cox : sock_wfree/sock_rfree don't destroy sockets,
30 * instead they leave that for the DESTROY timer.
31 * Alan Cox : Clean up error flag in accept
32 * Alan Cox : TCP ack handling is buggy, the DESTROY timer
33 * was buggy. Put a remove_sock() in the handler
34 * for memory when we hit 0. Also altered the timer
35 * code. The ACK stuff can wait and needs major
36 * TCP layer surgery.
37 * Alan Cox : Fixed TCP ack bug, removed remove sock
38 * and fixed timer/inet_bh race.
39 * Alan Cox : Added zapped flag for TCP
40 * Alan Cox : Move kfree_skb into skbuff.c and tidied up surplus code
41 * Alan Cox : for new sk_buff allocations wmalloc/rmalloc now call alloc_skb
42 * Alan Cox : kfree_s calls now are kfree_skbmem so we can track skb resources
43 * Alan Cox : Supports socket option broadcast now as does udp. Packet and raw need fixing.
44 * Alan Cox : Added RCVBUF,SNDBUF size setting. It suddenly occurred to me how easy it was so...
45 * Rick Sladkey : Relaxed UDP rules for matching packets.
46 * C.E.Hawkins : IFF_PROMISC/SIOCGHWADDR support
47 * Pauline Middelink : identd support
48 * Alan Cox : Fixed connect() taking signals I think.
49 * Alan Cox : SO_LINGER supported
50 * Alan Cox : Error reporting fixes
51 * Anonymous : inet_create tidied up (sk->reuse setting)
52 * Alan Cox : inet sockets don't set sk->type!
53 * Alan Cox : Split socket option code
54 * Alan Cox : Callbacks
55 * Alan Cox : Nagle flag for Charles & Johannes stuff
56 * Alex : Removed restriction on inet fioctl
57 * Alan Cox : Splitting INET from NET core
58 * Alan Cox : Fixed bogus SO_TYPE handling in getsockopt()
59 * Adam Caldwell : Missing return in SO_DONTROUTE/SO_DEBUG code
60 * Alan Cox : Split IP from generic code
61 * Alan Cox : New kfree_skbmem()
62 * Alan Cox : Make SO_DEBUG superuser only.
63 * Alan Cox : Allow anyone to clear SO_DEBUG
64 * (compatibility fix)
65 * Alan Cox : Added optimistic memory grabbing for AF_UNIX throughput.
66 * Alan Cox : Allocator for a socket is settable.
67 * Alan Cox : SO_ERROR includes soft errors.
68 * Alan Cox : Allow NULL arguments on some SO_ opts
69 * Alan Cox : Generic socket allocation to make hooks
70 * easier (suggested by Craig Metz).
71 * Michael Pall : SO_ERROR returns positive errno again
72 * Steve Whitehouse: Added default destructor to free
73 * protocol private data.
74 * Steve Whitehouse: Added various other default routines
75 * common to several socket families.
76 * Chris Evans : Call suser() check last on F_SETOWN
77 * Jay Schulist : Added SO_ATTACH_FILTER and SO_DETACH_FILTER.
78 * Andi Kleen : Add sock_kmalloc()/sock_kfree_s()
79 * Andi Kleen : Fix write_space callback
80 * Chris Evans : Security fixes - signedness again
81 * Arnaldo C. Melo : cleanups, use skb_queue_purge
82 *
83 * To Fix:
84 *
85 *
86 * This program is free software; you can redistribute it and/or
87 * modify it under the terms of the GNU General Public License
88 * as published by the Free Software Foundation; either version
89 * 2 of the License, or (at your option) any later version.
90 */
91
92#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
93
94#include <linux/capability.h>
95#include <linux/errno.h>
96#include <linux/types.h>
97#include <linux/socket.h>
98#include <linux/in.h>
99#include <linux/kernel.h>
100#include <linux/module.h>
101#include <linux/proc_fs.h>
102#include <linux/seq_file.h>
103#include <linux/sched.h>
104#include <linux/timer.h>
105#include <linux/string.h>
106#include <linux/sockios.h>
107#include <linux/net.h>
108#include <linux/mm.h>
109#include <linux/slab.h>
110#include <linux/interrupt.h>
111#include <linux/poll.h>
112#include <linux/tcp.h>
113#include <linux/init.h>
114#include <linux/highmem.h>
115#include <linux/user_namespace.h>
116#include <linux/static_key.h>
117#include <linux/memcontrol.h>
118#include <linux/prefetch.h>
119
120#include <asm/uaccess.h>
121
122#include <linux/netdevice.h>
123#include <net/protocol.h>
124#include <linux/skbuff.h>
125#include <net/net_namespace.h>
126#include <net/request_sock.h>
127#include <net/sock.h>
128#include <linux/net_tstamp.h>
129#include <net/xfrm.h>
130#include <linux/ipsec.h>
131#include <net/cls_cgroup.h>
132#include <net/netprio_cgroup.h>
133
134#include <linux/filter.h>
135
136#include <trace/events/sock.h>
137
138#ifdef CONFIG_INET
139#include <net/tcp.h>
140#endif
141
142static DEFINE_MUTEX(proto_list_mutex);
143static LIST_HEAD(proto_list);
144
145#ifdef CONFIG_CGROUP_MEM_RES_CTLR_KMEM
146int mem_cgroup_sockets_init(struct mem_cgroup *memcg, struct cgroup_subsys *ss)
147{
148 struct proto *proto;
149 int ret = 0;
150
151 mutex_lock(&proto_list_mutex);
152 list_for_each_entry(proto, &proto_list, node) {
153 if (proto->init_cgroup) {
154 ret = proto->init_cgroup(memcg, ss);
155 if (ret)
156 goto out;
157 }
158 }
159
160 mutex_unlock(&proto_list_mutex);
161 return ret;
162out:
163 list_for_each_entry_continue_reverse(proto, &proto_list, node)
164 if (proto->destroy_cgroup)
165 proto->destroy_cgroup(memcg);
166 mutex_unlock(&proto_list_mutex);
167 return ret;
168}
169
170void mem_cgroup_sockets_destroy(struct mem_cgroup *memcg)
171{
172 struct proto *proto;
173
174 mutex_lock(&proto_list_mutex);
175 list_for_each_entry_reverse(proto, &proto_list, node)
176 if (proto->destroy_cgroup)
177 proto->destroy_cgroup(memcg);
178 mutex_unlock(&proto_list_mutex);
179}
180#endif
181
182/*
183 * Each address family might have different locking rules, so we have
184 * one slock key per address family:
185 */
186static struct lock_class_key af_family_keys[AF_MAX];
187static struct lock_class_key af_family_slock_keys[AF_MAX];
188
189struct static_key memcg_socket_limit_enabled;
190EXPORT_SYMBOL(memcg_socket_limit_enabled);
191
192/*
193 * Make lock validator output more readable. (we pre-construct these
194 * strings build-time, so that runtime initialization of socket
195 * locks is fast):
196 */
197static const char *const af_family_key_strings[AF_MAX+1] = {
198 "sk_lock-AF_UNSPEC", "sk_lock-AF_UNIX" , "sk_lock-AF_INET" ,
199 "sk_lock-AF_AX25" , "sk_lock-AF_IPX" , "sk_lock-AF_APPLETALK",
200 "sk_lock-AF_NETROM", "sk_lock-AF_BRIDGE" , "sk_lock-AF_ATMPVC" ,
201 "sk_lock-AF_X25" , "sk_lock-AF_INET6" , "sk_lock-AF_ROSE" ,
202 "sk_lock-AF_DECnet", "sk_lock-AF_NETBEUI" , "sk_lock-AF_SECURITY" ,
203 "sk_lock-AF_KEY" , "sk_lock-AF_NETLINK" , "sk_lock-AF_PACKET" ,
204 "sk_lock-AF_ASH" , "sk_lock-AF_ECONET" , "sk_lock-AF_ATMSVC" ,
205 "sk_lock-AF_RDS" , "sk_lock-AF_SNA" , "sk_lock-AF_IRDA" ,
206 "sk_lock-AF_PPPOX" , "sk_lock-AF_WANPIPE" , "sk_lock-AF_LLC" ,
207 "sk_lock-27" , "sk_lock-28" , "sk_lock-AF_CAN" ,
208 "sk_lock-AF_TIPC" , "sk_lock-AF_BLUETOOTH", "sk_lock-IUCV" ,
209 "sk_lock-AF_RXRPC" , "sk_lock-AF_ISDN" , "sk_lock-AF_PHONET" ,
210 "sk_lock-AF_IEEE802154", "sk_lock-AF_CAIF" , "sk_lock-AF_ALG" ,
211 "sk_lock-AF_NFC" , "sk_lock-AF_MAX"
212};
213static const char *const af_family_slock_key_strings[AF_MAX+1] = {
214 "slock-AF_UNSPEC", "slock-AF_UNIX" , "slock-AF_INET" ,
215 "slock-AF_AX25" , "slock-AF_IPX" , "slock-AF_APPLETALK",
216 "slock-AF_NETROM", "slock-AF_BRIDGE" , "slock-AF_ATMPVC" ,
217 "slock-AF_X25" , "slock-AF_INET6" , "slock-AF_ROSE" ,
218 "slock-AF_DECnet", "slock-AF_NETBEUI" , "slock-AF_SECURITY" ,
219 "slock-AF_KEY" , "slock-AF_NETLINK" , "slock-AF_PACKET" ,
220 "slock-AF_ASH" , "slock-AF_ECONET" , "slock-AF_ATMSVC" ,
221 "slock-AF_RDS" , "slock-AF_SNA" , "slock-AF_IRDA" ,
222 "slock-AF_PPPOX" , "slock-AF_WANPIPE" , "slock-AF_LLC" ,
223 "slock-27" , "slock-28" , "slock-AF_CAN" ,
224 "slock-AF_TIPC" , "slock-AF_BLUETOOTH", "slock-AF_IUCV" ,
225 "slock-AF_RXRPC" , "slock-AF_ISDN" , "slock-AF_PHONET" ,
226 "slock-AF_IEEE802154", "slock-AF_CAIF" , "slock-AF_ALG" ,
227 "slock-AF_NFC" , "slock-AF_MAX"
228};
229static const char *const af_family_clock_key_strings[AF_MAX+1] = {
230 "clock-AF_UNSPEC", "clock-AF_UNIX" , "clock-AF_INET" ,
231 "clock-AF_AX25" , "clock-AF_IPX" , "clock-AF_APPLETALK",
232 "clock-AF_NETROM", "clock-AF_BRIDGE" , "clock-AF_ATMPVC" ,
233 "clock-AF_X25" , "clock-AF_INET6" , "clock-AF_ROSE" ,
234 "clock-AF_DECnet", "clock-AF_NETBEUI" , "clock-AF_SECURITY" ,
235 "clock-AF_KEY" , "clock-AF_NETLINK" , "clock-AF_PACKET" ,
236 "clock-AF_ASH" , "clock-AF_ECONET" , "clock-AF_ATMSVC" ,
237 "clock-AF_RDS" , "clock-AF_SNA" , "clock-AF_IRDA" ,
238 "clock-AF_PPPOX" , "clock-AF_WANPIPE" , "clock-AF_LLC" ,
239 "clock-27" , "clock-28" , "clock-AF_CAN" ,
240 "clock-AF_TIPC" , "clock-AF_BLUETOOTH", "clock-AF_IUCV" ,
241 "clock-AF_RXRPC" , "clock-AF_ISDN" , "clock-AF_PHONET" ,
242 "clock-AF_IEEE802154", "clock-AF_CAIF" , "clock-AF_ALG" ,
243 "clock-AF_NFC" , "clock-AF_MAX"
244};
245
246/*
247 * sk_callback_lock locking rules are per-address-family,
248 * so split the lock classes by using a per-AF key:
249 */
250static struct lock_class_key af_callback_keys[AF_MAX];
251
252/* Take into consideration the size of the struct sk_buff overhead in the
253 * determination of these values, since that is non-constant across
254 * platforms. This makes socket queueing behavior and performance
255 * not depend upon such differences.
256 */
257#define _SK_MEM_PACKETS 256
258#define _SK_MEM_OVERHEAD SKB_TRUESIZE(256)
259#define SK_WMEM_MAX (_SK_MEM_OVERHEAD * _SK_MEM_PACKETS)
260#define SK_RMEM_MAX (_SK_MEM_OVERHEAD * _SK_MEM_PACKETS)
261
262/* Run time adjustable parameters. */
263__u32 sysctl_wmem_max __read_mostly = SK_WMEM_MAX;
264EXPORT_SYMBOL(sysctl_wmem_max);
265__u32 sysctl_rmem_max __read_mostly = SK_RMEM_MAX;
266EXPORT_SYMBOL(sysctl_rmem_max);
267__u32 sysctl_wmem_default __read_mostly = SK_WMEM_MAX;
268__u32 sysctl_rmem_default __read_mostly = SK_RMEM_MAX;
269
270/* Maximal space eaten by iovec or ancillary data plus some space */
271int sysctl_optmem_max __read_mostly = sizeof(unsigned long)*(2*UIO_MAXIOV+512);
272EXPORT_SYMBOL(sysctl_optmem_max);
273
274#if defined(CONFIG_CGROUPS)
275#if !defined(CONFIG_NET_CLS_CGROUP)
276int net_cls_subsys_id = -1;
277EXPORT_SYMBOL_GPL(net_cls_subsys_id);
278#endif
279#if !defined(CONFIG_NETPRIO_CGROUP)
280int net_prio_subsys_id = -1;
281EXPORT_SYMBOL_GPL(net_prio_subsys_id);
282#endif
283#endif
284
285static int sock_set_timeout(long *timeo_p, char __user *optval, int optlen)
286{
287 struct timeval tv;
288
289 if (optlen < sizeof(tv))
290 return -EINVAL;
291 if (copy_from_user(&tv, optval, sizeof(tv)))
292 return -EFAULT;
293 if (tv.tv_usec < 0 || tv.tv_usec >= USEC_PER_SEC)
294 return -EDOM;
295
296 if (tv.tv_sec < 0) {
297 static int warned __read_mostly;
298
299 *timeo_p = 0;
300 if (warned < 10 && net_ratelimit()) {
301 warned++;
302 pr_info("%s: `%s' (pid %d) tries to set negative timeout\n",
303 __func__, current->comm, task_pid_nr(current));
304 }
305 return 0;
306 }
307 *timeo_p = MAX_SCHEDULE_TIMEOUT;
308 if (tv.tv_sec == 0 && tv.tv_usec == 0)
309 return 0;
310 if (tv.tv_sec < (MAX_SCHEDULE_TIMEOUT/HZ - 1))
311 *timeo_p = tv.tv_sec*HZ + (tv.tv_usec+(1000000/HZ-1))/(1000000/HZ);
312 return 0;
313}
314
315static void sock_warn_obsolete_bsdism(const char *name)
316{
317 static int warned;
318 static char warncomm[TASK_COMM_LEN];
319 if (strcmp(warncomm, current->comm) && warned < 5) {
320 strcpy(warncomm, current->comm);
321 pr_warn("process `%s' is using obsolete %s SO_BSDCOMPAT\n",
322 warncomm, name);
323 warned++;
324 }
325}
326
327#define SK_FLAGS_TIMESTAMP ((1UL << SOCK_TIMESTAMP) | (1UL << SOCK_TIMESTAMPING_RX_SOFTWARE))
328
329static void sock_disable_timestamp(struct sock *sk, unsigned long flags)
330{
331 if (sk->sk_flags & flags) {
332 sk->sk_flags &= ~flags;
333 if (!(sk->sk_flags & SK_FLAGS_TIMESTAMP))
334 net_disable_timestamp();
335 }
336}
337
338
339int sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
340{
341 int err;
342 int skb_len;
343 unsigned long flags;
344 struct sk_buff_head *list = &sk->sk_receive_queue;
345
346 if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf) {
347 atomic_inc(&sk->sk_drops);
348 trace_sock_rcvqueue_full(sk, skb);
349 return -ENOMEM;
350 }
351
352 err = sk_filter(sk, skb);
353 if (err)
354 return err;
355
356 if (!sk_rmem_schedule(sk, skb->truesize)) {
357 atomic_inc(&sk->sk_drops);
358 return -ENOBUFS;
359 }
360
361 skb->dev = NULL;
362 skb_set_owner_r(skb, sk);
363
364 /* Cache the SKB length before we tack it onto the receive
365 * queue. Once it is added it no longer belongs to us and
366 * may be freed by other threads of control pulling packets
367 * from the queue.
368 */
369 skb_len = skb->len;
370
371 /* we escape from rcu protected region, make sure we dont leak
372 * a norefcounted dst
373 */
374 skb_dst_force(skb);
375
376 spin_lock_irqsave(&list->lock, flags);
377 skb->dropcount = atomic_read(&sk->sk_drops);
378 __skb_queue_tail(list, skb);
379 spin_unlock_irqrestore(&list->lock, flags);
380
381 if (!sock_flag(sk, SOCK_DEAD))
382 sk->sk_data_ready(sk, skb_len);
383 return 0;
384}
385EXPORT_SYMBOL(sock_queue_rcv_skb);
386
387int sk_receive_skb(struct sock *sk, struct sk_buff *skb, const int nested)
388{
389 int rc = NET_RX_SUCCESS;
390
391 if (sk_filter(sk, skb))
392 goto discard_and_relse;
393
394 skb->dev = NULL;
395
396 if (sk_rcvqueues_full(sk, skb, sk->sk_rcvbuf)) {
397 atomic_inc(&sk->sk_drops);
398 goto discard_and_relse;
399 }
400 if (nested)
401 bh_lock_sock_nested(sk);
402 else
403 bh_lock_sock(sk);
404 if (!sock_owned_by_user(sk)) {
405 /*
406 * trylock + unlock semantics:
407 */
408 mutex_acquire(&sk->sk_lock.dep_map, 0, 1, _RET_IP_);
409
410 rc = sk_backlog_rcv(sk, skb);
411
412 mutex_release(&sk->sk_lock.dep_map, 1, _RET_IP_);
413 } else if (sk_add_backlog(sk, skb, sk->sk_rcvbuf)) {
414 bh_unlock_sock(sk);
415 atomic_inc(&sk->sk_drops);
416 goto discard_and_relse;
417 }
418
419 bh_unlock_sock(sk);
420out:
421 sock_put(sk);
422 return rc;
423discard_and_relse:
424 kfree_skb(skb);
425 goto out;
426}
427EXPORT_SYMBOL(sk_receive_skb);
428
429void sk_reset_txq(struct sock *sk)
430{
431 sk_tx_queue_clear(sk);
432}
433EXPORT_SYMBOL(sk_reset_txq);
434
435struct dst_entry *__sk_dst_check(struct sock *sk, u32 cookie)
436{
437 struct dst_entry *dst = __sk_dst_get(sk);
438
439 if (dst && dst->obsolete && dst->ops->check(dst, cookie) == NULL) {
440 sk_tx_queue_clear(sk);
441 RCU_INIT_POINTER(sk->sk_dst_cache, NULL);
442 dst_release(dst);
443 return NULL;
444 }
445
446 return dst;
447}
448EXPORT_SYMBOL(__sk_dst_check);
449
450struct dst_entry *sk_dst_check(struct sock *sk, u32 cookie)
451{
452 struct dst_entry *dst = sk_dst_get(sk);
453
454 if (dst && dst->obsolete && dst->ops->check(dst, cookie) == NULL) {
455 sk_dst_reset(sk);
456 dst_release(dst);
457 return NULL;
458 }
459
460 return dst;
461}
462EXPORT_SYMBOL(sk_dst_check);
463
464static int sock_bindtodevice(struct sock *sk, char __user *optval, int optlen)
465{
466 int ret = -ENOPROTOOPT;
467#ifdef CONFIG_NETDEVICES
468 struct net *net = sock_net(sk);
469 char devname[IFNAMSIZ];
470 int index;
471
472 /* Sorry... */
473 ret = -EPERM;
474 if (!capable(CAP_NET_RAW))
475 goto out;
476
477 ret = -EINVAL;
478 if (optlen < 0)
479 goto out;
480
481 /* Bind this socket to a particular device like "eth0",
482 * as specified in the passed interface name. If the
483 * name is "" or the option length is zero the socket
484 * is not bound.
485 */
486 if (optlen > IFNAMSIZ - 1)
487 optlen = IFNAMSIZ - 1;
488 memset(devname, 0, sizeof(devname));
489
490 ret = -EFAULT;
491 if (copy_from_user(devname, optval, optlen))
492 goto out;
493
494 index = 0;
495 if (devname[0] != '\0') {
496 struct net_device *dev;
497
498 rcu_read_lock();
499 dev = dev_get_by_name_rcu(net, devname);
500 if (dev)
501 index = dev->ifindex;
502 rcu_read_unlock();
503 ret = -ENODEV;
504 if (!dev)
505 goto out;
506 }
507
508 lock_sock(sk);
509 sk->sk_bound_dev_if = index;
510 sk_dst_reset(sk);
511 release_sock(sk);
512
513 ret = 0;
514
515out:
516#endif
517
518 return ret;
519}
520
521static inline void sock_valbool_flag(struct sock *sk, int bit, int valbool)
522{
523 if (valbool)
524 sock_set_flag(sk, bit);
525 else
526 sock_reset_flag(sk, bit);
527}
528
529/*
530 * This is meant for all protocols to use and covers goings on
531 * at the socket level. Everything here is generic.
532 */
533
534int sock_setsockopt(struct socket *sock, int level, int optname,
535 char __user *optval, unsigned int optlen)
536{
537 struct sock *sk = sock->sk;
538 int val;
539 int valbool;
540 struct linger ling;
541 int ret = 0;
542
543 /*
544 * Options without arguments
545 */
546
547 if (optname == SO_BINDTODEVICE)
548 return sock_bindtodevice(sk, optval, optlen);
549
550 if (optlen < sizeof(int))
551 return -EINVAL;
552
553 if (get_user(val, (int __user *)optval))
554 return -EFAULT;
555
556 valbool = val ? 1 : 0;
557
558 lock_sock(sk);
559
560 switch (optname) {
561 case SO_DEBUG:
562 if (val && !capable(CAP_NET_ADMIN))
563 ret = -EACCES;
564 else
565 sock_valbool_flag(sk, SOCK_DBG, valbool);
566 break;
567 case SO_REUSEADDR:
568 sk->sk_reuse = (valbool ? SK_CAN_REUSE : SK_NO_REUSE);
569 break;
570 case SO_TYPE:
571 case SO_PROTOCOL:
572 case SO_DOMAIN:
573 case SO_ERROR:
574 ret = -ENOPROTOOPT;
575 break;
576 case SO_DONTROUTE:
577 sock_valbool_flag(sk, SOCK_LOCALROUTE, valbool);
578 break;
579 case SO_BROADCAST:
580 sock_valbool_flag(sk, SOCK_BROADCAST, valbool);
581 break;
582 case SO_SNDBUF:
583 /* Don't error on this BSD doesn't and if you think
584 * about it this is right. Otherwise apps have to
585 * play 'guess the biggest size' games. RCVBUF/SNDBUF
586 * are treated in BSD as hints
587 */
588 val = min_t(u32, val, sysctl_wmem_max);
589set_sndbuf:
590 sk->sk_userlocks |= SOCK_SNDBUF_LOCK;
591 sk->sk_sndbuf = max_t(u32, val * 2, SOCK_MIN_SNDBUF);
592 /* Wake up sending tasks if we upped the value. */
593 sk->sk_write_space(sk);
594 break;
595
596 case SO_SNDBUFFORCE:
597 if (!capable(CAP_NET_ADMIN)) {
598 ret = -EPERM;
599 break;
600 }
601 goto set_sndbuf;
602
603 case SO_RCVBUF:
604 /* Don't error on this BSD doesn't and if you think
605 * about it this is right. Otherwise apps have to
606 * play 'guess the biggest size' games. RCVBUF/SNDBUF
607 * are treated in BSD as hints
608 */
609 val = min_t(u32, val, sysctl_rmem_max);
610set_rcvbuf:
611 sk->sk_userlocks |= SOCK_RCVBUF_LOCK;
612 /*
613 * We double it on the way in to account for
614 * "struct sk_buff" etc. overhead. Applications
615 * assume that the SO_RCVBUF setting they make will
616 * allow that much actual data to be received on that
617 * socket.
618 *
619 * Applications are unaware that "struct sk_buff" and
620 * other overheads allocate from the receive buffer
621 * during socket buffer allocation.
622 *
623 * And after considering the possible alternatives,
624 * returning the value we actually used in getsockopt
625 * is the most desirable behavior.
626 */
627 sk->sk_rcvbuf = max_t(u32, val * 2, SOCK_MIN_RCVBUF);
628 break;
629
630 case SO_RCVBUFFORCE:
631 if (!capable(CAP_NET_ADMIN)) {
632 ret = -EPERM;
633 break;
634 }
635 goto set_rcvbuf;
636
637 case SO_KEEPALIVE:
638#ifdef CONFIG_INET
639 if (sk->sk_protocol == IPPROTO_TCP)
640 tcp_set_keepalive(sk, valbool);
641#endif
642 sock_valbool_flag(sk, SOCK_KEEPOPEN, valbool);
643 break;
644
645 case SO_OOBINLINE:
646 sock_valbool_flag(sk, SOCK_URGINLINE, valbool);
647 break;
648
649 case SO_NO_CHECK:
650 sk->sk_no_check = valbool;
651 break;
652
653 case SO_PRIORITY:
654 if ((val >= 0 && val <= 6) || capable(CAP_NET_ADMIN))
655 sk->sk_priority = val;
656 else
657 ret = -EPERM;
658 break;
659
660 case SO_LINGER:
661 if (optlen < sizeof(ling)) {
662 ret = -EINVAL; /* 1003.1g */
663 break;
664 }
665 if (copy_from_user(&ling, optval, sizeof(ling))) {
666 ret = -EFAULT;
667 break;
668 }
669 if (!ling.l_onoff)
670 sock_reset_flag(sk, SOCK_LINGER);
671 else {
672#if (BITS_PER_LONG == 32)
673 if ((unsigned int)ling.l_linger >= MAX_SCHEDULE_TIMEOUT/HZ)
674 sk->sk_lingertime = MAX_SCHEDULE_TIMEOUT;
675 else
676#endif
677 sk->sk_lingertime = (unsigned int)ling.l_linger * HZ;
678 sock_set_flag(sk, SOCK_LINGER);
679 }
680 break;
681
682 case SO_BSDCOMPAT:
683 sock_warn_obsolete_bsdism("setsockopt");
684 break;
685
686 case SO_PASSCRED:
687 if (valbool)
688 set_bit(SOCK_PASSCRED, &sock->flags);
689 else
690 clear_bit(SOCK_PASSCRED, &sock->flags);
691 break;
692
693 case SO_TIMESTAMP:
694 case SO_TIMESTAMPNS:
695 if (valbool) {
696 if (optname == SO_TIMESTAMP)
697 sock_reset_flag(sk, SOCK_RCVTSTAMPNS);
698 else
699 sock_set_flag(sk, SOCK_RCVTSTAMPNS);
700 sock_set_flag(sk, SOCK_RCVTSTAMP);
701 sock_enable_timestamp(sk, SOCK_TIMESTAMP);
702 } else {
703 sock_reset_flag(sk, SOCK_RCVTSTAMP);
704 sock_reset_flag(sk, SOCK_RCVTSTAMPNS);
705 }
706 break;
707
708 case SO_TIMESTAMPING:
709 if (val & ~SOF_TIMESTAMPING_MASK) {
710 ret = -EINVAL;
711 break;
712 }
713 sock_valbool_flag(sk, SOCK_TIMESTAMPING_TX_HARDWARE,
714 val & SOF_TIMESTAMPING_TX_HARDWARE);
715 sock_valbool_flag(sk, SOCK_TIMESTAMPING_TX_SOFTWARE,
716 val & SOF_TIMESTAMPING_TX_SOFTWARE);
717 sock_valbool_flag(sk, SOCK_TIMESTAMPING_RX_HARDWARE,
718 val & SOF_TIMESTAMPING_RX_HARDWARE);
719 if (val & SOF_TIMESTAMPING_RX_SOFTWARE)
720 sock_enable_timestamp(sk,
721 SOCK_TIMESTAMPING_RX_SOFTWARE);
722 else
723 sock_disable_timestamp(sk,
724 (1UL << SOCK_TIMESTAMPING_RX_SOFTWARE));
725 sock_valbool_flag(sk, SOCK_TIMESTAMPING_SOFTWARE,
726 val & SOF_TIMESTAMPING_SOFTWARE);
727 sock_valbool_flag(sk, SOCK_TIMESTAMPING_SYS_HARDWARE,
728 val & SOF_TIMESTAMPING_SYS_HARDWARE);
729 sock_valbool_flag(sk, SOCK_TIMESTAMPING_RAW_HARDWARE,
730 val & SOF_TIMESTAMPING_RAW_HARDWARE);
731 break;
732
733 case SO_RCVLOWAT:
734 if (val < 0)
735 val = INT_MAX;
736 sk->sk_rcvlowat = val ? : 1;
737 break;
738
739 case SO_RCVTIMEO:
740 ret = sock_set_timeout(&sk->sk_rcvtimeo, optval, optlen);
741 break;
742
743 case SO_SNDTIMEO:
744 ret = sock_set_timeout(&sk->sk_sndtimeo, optval, optlen);
745 break;
746
747 case SO_ATTACH_FILTER:
748 ret = -EINVAL;
749 if (optlen == sizeof(struct sock_fprog)) {
750 struct sock_fprog fprog;
751
752 ret = -EFAULT;
753 if (copy_from_user(&fprog, optval, sizeof(fprog)))
754 break;
755
756 ret = sk_attach_filter(&fprog, sk);
757 }
758 break;
759
760 case SO_DETACH_FILTER:
761 ret = sk_detach_filter(sk);
762 break;
763
764 case SO_PASSSEC:
765 if (valbool)
766 set_bit(SOCK_PASSSEC, &sock->flags);
767 else
768 clear_bit(SOCK_PASSSEC, &sock->flags);
769 break;
770 case SO_MARK:
771 if (!capable(CAP_NET_ADMIN))
772 ret = -EPERM;
773 else
774 sk->sk_mark = val;
775 break;
776
777 /* We implement the SO_SNDLOWAT etc to
778 not be settable (1003.1g 5.3) */
779 case SO_RXQ_OVFL:
780 sock_valbool_flag(sk, SOCK_RXQ_OVFL, valbool);
781 break;
782
783 case SO_WIFI_STATUS:
784 sock_valbool_flag(sk, SOCK_WIFI_STATUS, valbool);
785 break;
786
787 case SO_PEEK_OFF:
788 if (sock->ops->set_peek_off)
789 sock->ops->set_peek_off(sk, val);
790 else
791 ret = -EOPNOTSUPP;
792 break;
793
794 case SO_NOFCS:
795 sock_valbool_flag(sk, SOCK_NOFCS, valbool);
796 break;
797
798 default:
799 ret = -ENOPROTOOPT;
800 break;
801 }
802 release_sock(sk);
803 return ret;
804}
805EXPORT_SYMBOL(sock_setsockopt);
806
807
808void cred_to_ucred(struct pid *pid, const struct cred *cred,
809 struct ucred *ucred)
810{
811 ucred->pid = pid_vnr(pid);
812 ucred->uid = ucred->gid = -1;
813 if (cred) {
814 struct user_namespace *current_ns = current_user_ns();
815
816 ucred->uid = from_kuid(current_ns, cred->euid);
817 ucred->gid = from_kgid(current_ns, cred->egid);
818 }
819}
820EXPORT_SYMBOL_GPL(cred_to_ucred);
821
822int sock_getsockopt(struct socket *sock, int level, int optname,
823 char __user *optval, int __user *optlen)
824{
825 struct sock *sk = sock->sk;
826
827 union {
828 int val;
829 struct linger ling;
830 struct timeval tm;
831 } v;
832
833 int lv = sizeof(int);
834 int len;
835
836 if (get_user(len, optlen))
837 return -EFAULT;
838 if (len < 0)
839 return -EINVAL;
840
841 memset(&v, 0, sizeof(v));
842
843 switch (optname) {
844 case SO_DEBUG:
845 v.val = sock_flag(sk, SOCK_DBG);
846 break;
847
848 case SO_DONTROUTE:
849 v.val = sock_flag(sk, SOCK_LOCALROUTE);
850 break;
851
852 case SO_BROADCAST:
853 v.val = sock_flag(sk, SOCK_BROADCAST);
854 break;
855
856 case SO_SNDBUF:
857 v.val = sk->sk_sndbuf;
858 break;
859
860 case SO_RCVBUF:
861 v.val = sk->sk_rcvbuf;
862 break;
863
864 case SO_REUSEADDR:
865 v.val = sk->sk_reuse;
866 break;
867
868 case SO_KEEPALIVE:
869 v.val = sock_flag(sk, SOCK_KEEPOPEN);
870 break;
871
872 case SO_TYPE:
873 v.val = sk->sk_type;
874 break;
875
876 case SO_PROTOCOL:
877 v.val = sk->sk_protocol;
878 break;
879
880 case SO_DOMAIN:
881 v.val = sk->sk_family;
882 break;
883
884 case SO_ERROR:
885 v.val = -sock_error(sk);
886 if (v.val == 0)
887 v.val = xchg(&sk->sk_err_soft, 0);
888 break;
889
890 case SO_OOBINLINE:
891 v.val = sock_flag(sk, SOCK_URGINLINE);
892 break;
893
894 case SO_NO_CHECK:
895 v.val = sk->sk_no_check;
896 break;
897
898 case SO_PRIORITY:
899 v.val = sk->sk_priority;
900 break;
901
902 case SO_LINGER:
903 lv = sizeof(v.ling);
904 v.ling.l_onoff = sock_flag(sk, SOCK_LINGER);
905 v.ling.l_linger = sk->sk_lingertime / HZ;
906 break;
907
908 case SO_BSDCOMPAT:
909 sock_warn_obsolete_bsdism("getsockopt");
910 break;
911
912 case SO_TIMESTAMP:
913 v.val = sock_flag(sk, SOCK_RCVTSTAMP) &&
914 !sock_flag(sk, SOCK_RCVTSTAMPNS);
915 break;
916
917 case SO_TIMESTAMPNS:
918 v.val = sock_flag(sk, SOCK_RCVTSTAMPNS);
919 break;
920
921 case SO_TIMESTAMPING:
922 v.val = 0;
923 if (sock_flag(sk, SOCK_TIMESTAMPING_TX_HARDWARE))
924 v.val |= SOF_TIMESTAMPING_TX_HARDWARE;
925 if (sock_flag(sk, SOCK_TIMESTAMPING_TX_SOFTWARE))
926 v.val |= SOF_TIMESTAMPING_TX_SOFTWARE;
927 if (sock_flag(sk, SOCK_TIMESTAMPING_RX_HARDWARE))
928 v.val |= SOF_TIMESTAMPING_RX_HARDWARE;
929 if (sock_flag(sk, SOCK_TIMESTAMPING_RX_SOFTWARE))
930 v.val |= SOF_TIMESTAMPING_RX_SOFTWARE;
931 if (sock_flag(sk, SOCK_TIMESTAMPING_SOFTWARE))
932 v.val |= SOF_TIMESTAMPING_SOFTWARE;
933 if (sock_flag(sk, SOCK_TIMESTAMPING_SYS_HARDWARE))
934 v.val |= SOF_TIMESTAMPING_SYS_HARDWARE;
935 if (sock_flag(sk, SOCK_TIMESTAMPING_RAW_HARDWARE))
936 v.val |= SOF_TIMESTAMPING_RAW_HARDWARE;
937 break;
938
939 case SO_RCVTIMEO:
940 lv = sizeof(struct timeval);
941 if (sk->sk_rcvtimeo == MAX_SCHEDULE_TIMEOUT) {
942 v.tm.tv_sec = 0;
943 v.tm.tv_usec = 0;
944 } else {
945 v.tm.tv_sec = sk->sk_rcvtimeo / HZ;
946 v.tm.tv_usec = ((sk->sk_rcvtimeo % HZ) * 1000000) / HZ;
947 }
948 break;
949
950 case SO_SNDTIMEO:
951 lv = sizeof(struct timeval);
952 if (sk->sk_sndtimeo == MAX_SCHEDULE_TIMEOUT) {
953 v.tm.tv_sec = 0;
954 v.tm.tv_usec = 0;
955 } else {
956 v.tm.tv_sec = sk->sk_sndtimeo / HZ;
957 v.tm.tv_usec = ((sk->sk_sndtimeo % HZ) * 1000000) / HZ;
958 }
959 break;
960
961 case SO_RCVLOWAT:
962 v.val = sk->sk_rcvlowat;
963 break;
964
965 case SO_SNDLOWAT:
966 v.val = 1;
967 break;
968
969 case SO_PASSCRED:
970 v.val = !!test_bit(SOCK_PASSCRED, &sock->flags);
971 break;
972
973 case SO_PEERCRED:
974 {
975 struct ucred peercred;
976 if (len > sizeof(peercred))
977 len = sizeof(peercred);
978 cred_to_ucred(sk->sk_peer_pid, sk->sk_peer_cred, &peercred);
979 if (copy_to_user(optval, &peercred, len))
980 return -EFAULT;
981 goto lenout;
982 }
983
984 case SO_PEERNAME:
985 {
986 char address[128];
987
988 if (sock->ops->getname(sock, (struct sockaddr *)address, &lv, 2))
989 return -ENOTCONN;
990 if (lv < len)
991 return -EINVAL;
992 if (copy_to_user(optval, address, len))
993 return -EFAULT;
994 goto lenout;
995 }
996
997 /* Dubious BSD thing... Probably nobody even uses it, but
998 * the UNIX standard wants it for whatever reason... -DaveM
999 */
1000 case SO_ACCEPTCONN:
1001 v.val = sk->sk_state == TCP_LISTEN;
1002 break;
1003
1004 case SO_PASSSEC:
1005 v.val = !!test_bit(SOCK_PASSSEC, &sock->flags);
1006 break;
1007
1008 case SO_PEERSEC:
1009 return security_socket_getpeersec_stream(sock, optval, optlen, len);
1010
1011 case SO_MARK:
1012 v.val = sk->sk_mark;
1013 break;
1014
1015 case SO_RXQ_OVFL:
1016 v.val = sock_flag(sk, SOCK_RXQ_OVFL);
1017 break;
1018
1019 case SO_WIFI_STATUS:
1020 v.val = sock_flag(sk, SOCK_WIFI_STATUS);
1021 break;
1022
1023 case SO_PEEK_OFF:
1024 if (!sock->ops->set_peek_off)
1025 return -EOPNOTSUPP;
1026
1027 v.val = sk->sk_peek_off;
1028 break;
1029 case SO_NOFCS:
1030 v.val = sock_flag(sk, SOCK_NOFCS);
1031 break;
1032 default:
1033 return -ENOPROTOOPT;
1034 }
1035
1036 if (len > lv)
1037 len = lv;
1038 if (copy_to_user(optval, &v, len))
1039 return -EFAULT;
1040lenout:
1041 if (put_user(len, optlen))
1042 return -EFAULT;
1043 return 0;
1044}
1045
1046/*
1047 * Initialize an sk_lock.
1048 *
1049 * (We also register the sk_lock with the lock validator.)
1050 */
1051static inline void sock_lock_init(struct sock *sk)
1052{
1053 sock_lock_init_class_and_name(sk,
1054 af_family_slock_key_strings[sk->sk_family],
1055 af_family_slock_keys + sk->sk_family,
1056 af_family_key_strings[sk->sk_family],
1057 af_family_keys + sk->sk_family);
1058}
1059
1060/*
1061 * Copy all fields from osk to nsk but nsk->sk_refcnt must not change yet,
1062 * even temporarly, because of RCU lookups. sk_node should also be left as is.
1063 * We must not copy fields between sk_dontcopy_begin and sk_dontcopy_end
1064 */
1065static void sock_copy(struct sock *nsk, const struct sock *osk)
1066{
1067#ifdef CONFIG_SECURITY_NETWORK
1068 void *sptr = nsk->sk_security;
1069#endif
1070 memcpy(nsk, osk, offsetof(struct sock, sk_dontcopy_begin));
1071
1072 memcpy(&nsk->sk_dontcopy_end, &osk->sk_dontcopy_end,
1073 osk->sk_prot->obj_size - offsetof(struct sock, sk_dontcopy_end));
1074
1075#ifdef CONFIG_SECURITY_NETWORK
1076 nsk->sk_security = sptr;
1077 security_sk_clone(osk, nsk);
1078#endif
1079}
1080
1081/*
1082 * caches using SLAB_DESTROY_BY_RCU should let .next pointer from nulls nodes
1083 * un-modified. Special care is taken when initializing object to zero.
1084 */
1085static inline void sk_prot_clear_nulls(struct sock *sk, int size)
1086{
1087 if (offsetof(struct sock, sk_node.next) != 0)
1088 memset(sk, 0, offsetof(struct sock, sk_node.next));
1089 memset(&sk->sk_node.pprev, 0,
1090 size - offsetof(struct sock, sk_node.pprev));
1091}
1092
1093void sk_prot_clear_portaddr_nulls(struct sock *sk, int size)
1094{
1095 unsigned long nulls1, nulls2;
1096
1097 nulls1 = offsetof(struct sock, __sk_common.skc_node.next);
1098 nulls2 = offsetof(struct sock, __sk_common.skc_portaddr_node.next);
1099 if (nulls1 > nulls2)
1100 swap(nulls1, nulls2);
1101
1102 if (nulls1 != 0)
1103 memset((char *)sk, 0, nulls1);
1104 memset((char *)sk + nulls1 + sizeof(void *), 0,
1105 nulls2 - nulls1 - sizeof(void *));
1106 memset((char *)sk + nulls2 + sizeof(void *), 0,
1107 size - nulls2 - sizeof(void *));
1108}
1109EXPORT_SYMBOL(sk_prot_clear_portaddr_nulls);
1110
1111static struct sock *sk_prot_alloc(struct proto *prot, gfp_t priority,
1112 int family)
1113{
1114 struct sock *sk;
1115 struct kmem_cache *slab;
1116
1117 slab = prot->slab;
1118 if (slab != NULL) {
1119 sk = kmem_cache_alloc(slab, priority & ~__GFP_ZERO);
1120 if (!sk)
1121 return sk;
1122 if (priority & __GFP_ZERO) {
1123 if (prot->clear_sk)
1124 prot->clear_sk(sk, prot->obj_size);
1125 else
1126 sk_prot_clear_nulls(sk, prot->obj_size);
1127 }
1128 } else
1129 sk = kmalloc(prot->obj_size, priority);
1130
1131 if (sk != NULL) {
1132 kmemcheck_annotate_bitfield(sk, flags);
1133
1134 if (security_sk_alloc(sk, family, priority))
1135 goto out_free;
1136
1137 if (!try_module_get(prot->owner))
1138 goto out_free_sec;
1139 sk_tx_queue_clear(sk);
1140 }
1141
1142 return sk;
1143
1144out_free_sec:
1145 security_sk_free(sk);
1146out_free:
1147 if (slab != NULL)
1148 kmem_cache_free(slab, sk);
1149 else
1150 kfree(sk);
1151 return NULL;
1152}
1153
1154static void sk_prot_free(struct proto *prot, struct sock *sk)
1155{
1156 struct kmem_cache *slab;
1157 struct module *owner;
1158
1159 owner = prot->owner;
1160 slab = prot->slab;
1161
1162 security_sk_free(sk);
1163 if (slab != NULL)
1164 kmem_cache_free(slab, sk);
1165 else
1166 kfree(sk);
1167 module_put(owner);
1168}
1169
1170#ifdef CONFIG_CGROUPS
1171void sock_update_classid(struct sock *sk)
1172{
1173 u32 classid;
1174
1175 rcu_read_lock(); /* doing current task, which cannot vanish. */
1176 classid = task_cls_classid(current);
1177 rcu_read_unlock();
1178 if (classid && classid != sk->sk_classid)
1179 sk->sk_classid = classid;
1180}
1181EXPORT_SYMBOL(sock_update_classid);
1182
1183void sock_update_netprioidx(struct sock *sk)
1184{
1185 if (in_interrupt())
1186 return;
1187
1188 sk->sk_cgrp_prioidx = task_netprioidx(current);
1189}
1190EXPORT_SYMBOL_GPL(sock_update_netprioidx);
1191#endif
1192
1193/**
1194 * sk_alloc - All socket objects are allocated here
1195 * @net: the applicable net namespace
1196 * @family: protocol family
1197 * @priority: for allocation (%GFP_KERNEL, %GFP_ATOMIC, etc)
1198 * @prot: struct proto associated with this new sock instance
1199 */
1200struct sock *sk_alloc(struct net *net, int family, gfp_t priority,
1201 struct proto *prot)
1202{
1203 struct sock *sk;
1204
1205 sk = sk_prot_alloc(prot, priority | __GFP_ZERO, family);
1206 if (sk) {
1207 sk->sk_family = family;
1208 /*
1209 * See comment in struct sock definition to understand
1210 * why we need sk_prot_creator -acme
1211 */
1212 sk->sk_prot = sk->sk_prot_creator = prot;
1213 sock_lock_init(sk);
1214 sock_net_set(sk, get_net(net));
1215 atomic_set(&sk->sk_wmem_alloc, 1);
1216
1217 sock_update_classid(sk);
1218 sock_update_netprioidx(sk);
1219 }
1220
1221 return sk;
1222}
1223EXPORT_SYMBOL(sk_alloc);
1224
1225static void __sk_free(struct sock *sk)
1226{
1227 struct sk_filter *filter;
1228
1229 if (sk->sk_destruct)
1230 sk->sk_destruct(sk);
1231
1232 filter = rcu_dereference_check(sk->sk_filter,
1233 atomic_read(&sk->sk_wmem_alloc) == 0);
1234 if (filter) {
1235 sk_filter_uncharge(sk, filter);
1236 RCU_INIT_POINTER(sk->sk_filter, NULL);
1237 }
1238
1239 sock_disable_timestamp(sk, SK_FLAGS_TIMESTAMP);
1240
1241 if (atomic_read(&sk->sk_omem_alloc))
1242 pr_debug("%s: optmem leakage (%d bytes) detected\n",
1243 __func__, atomic_read(&sk->sk_omem_alloc));
1244
1245 if (sk->sk_peer_cred)
1246 put_cred(sk->sk_peer_cred);
1247 put_pid(sk->sk_peer_pid);
1248 put_net(sock_net(sk));
1249 sk_prot_free(sk->sk_prot_creator, sk);
1250}
1251
1252void sk_free(struct sock *sk)
1253{
1254 /*
1255 * We subtract one from sk_wmem_alloc and can know if
1256 * some packets are still in some tx queue.
1257 * If not null, sock_wfree() will call __sk_free(sk) later
1258 */
1259 if (atomic_dec_and_test(&sk->sk_wmem_alloc))
1260 __sk_free(sk);
1261}
1262EXPORT_SYMBOL(sk_free);
1263
1264/*
1265 * Last sock_put should drop reference to sk->sk_net. It has already
1266 * been dropped in sk_change_net. Taking reference to stopping namespace
1267 * is not an option.
1268 * Take reference to a socket to remove it from hash _alive_ and after that
1269 * destroy it in the context of init_net.
1270 */
1271void sk_release_kernel(struct sock *sk)
1272{
1273 if (sk == NULL || sk->sk_socket == NULL)
1274 return;
1275
1276 sock_hold(sk);
1277 sock_release(sk->sk_socket);
1278 release_net(sock_net(sk));
1279 sock_net_set(sk, get_net(&init_net));
1280 sock_put(sk);
1281}
1282EXPORT_SYMBOL(sk_release_kernel);
1283
1284static void sk_update_clone(const struct sock *sk, struct sock *newsk)
1285{
1286 if (mem_cgroup_sockets_enabled && sk->sk_cgrp)
1287 sock_update_memcg(newsk);
1288}
1289
1290/**
1291 * sk_clone_lock - clone a socket, and lock its clone
1292 * @sk: the socket to clone
1293 * @priority: for allocation (%GFP_KERNEL, %GFP_ATOMIC, etc)
1294 *
1295 * Caller must unlock socket even in error path (bh_unlock_sock(newsk))
1296 */
1297struct sock *sk_clone_lock(const struct sock *sk, const gfp_t priority)
1298{
1299 struct sock *newsk;
1300
1301 newsk = sk_prot_alloc(sk->sk_prot, priority, sk->sk_family);
1302 if (newsk != NULL) {
1303 struct sk_filter *filter;
1304
1305 sock_copy(newsk, sk);
1306
1307 /* SANITY */
1308 get_net(sock_net(newsk));
1309 sk_node_init(&newsk->sk_node);
1310 sock_lock_init(newsk);
1311 bh_lock_sock(newsk);
1312 newsk->sk_backlog.head = newsk->sk_backlog.tail = NULL;
1313 newsk->sk_backlog.len = 0;
1314
1315 atomic_set(&newsk->sk_rmem_alloc, 0);
1316 /*
1317 * sk_wmem_alloc set to one (see sk_free() and sock_wfree())
1318 */
1319 atomic_set(&newsk->sk_wmem_alloc, 1);
1320 atomic_set(&newsk->sk_omem_alloc, 0);
1321 skb_queue_head_init(&newsk->sk_receive_queue);
1322 skb_queue_head_init(&newsk->sk_write_queue);
1323#ifdef CONFIG_NET_DMA
1324 skb_queue_head_init(&newsk->sk_async_wait_queue);
1325#endif
1326
1327 spin_lock_init(&newsk->sk_dst_lock);
1328 rwlock_init(&newsk->sk_callback_lock);
1329 lockdep_set_class_and_name(&newsk->sk_callback_lock,
1330 af_callback_keys + newsk->sk_family,
1331 af_family_clock_key_strings[newsk->sk_family]);
1332
1333 newsk->sk_dst_cache = NULL;
1334 newsk->sk_wmem_queued = 0;
1335 newsk->sk_forward_alloc = 0;
1336 newsk->sk_send_head = NULL;
1337 newsk->sk_userlocks = sk->sk_userlocks & ~SOCK_BINDPORT_LOCK;
1338
1339 sock_reset_flag(newsk, SOCK_DONE);
1340 skb_queue_head_init(&newsk->sk_error_queue);
1341
1342 filter = rcu_dereference_protected(newsk->sk_filter, 1);
1343 if (filter != NULL)
1344 sk_filter_charge(newsk, filter);
1345
1346 if (unlikely(xfrm_sk_clone_policy(newsk))) {
1347 /* It is still raw copy of parent, so invalidate
1348 * destructor and make plain sk_free() */
1349 newsk->sk_destruct = NULL;
1350 bh_unlock_sock(newsk);
1351 sk_free(newsk);
1352 newsk = NULL;
1353 goto out;
1354 }
1355
1356 newsk->sk_err = 0;
1357 newsk->sk_priority = 0;
1358 /*
1359 * Before updating sk_refcnt, we must commit prior changes to memory
1360 * (Documentation/RCU/rculist_nulls.txt for details)
1361 */
1362 smp_wmb();
1363 atomic_set(&newsk->sk_refcnt, 2);
1364
1365 /*
1366 * Increment the counter in the same struct proto as the master
1367 * sock (sk_refcnt_debug_inc uses newsk->sk_prot->socks, that
1368 * is the same as sk->sk_prot->socks, as this field was copied
1369 * with memcpy).
1370 *
1371 * This _changes_ the previous behaviour, where
1372 * tcp_create_openreq_child always was incrementing the
1373 * equivalent to tcp_prot->socks (inet_sock_nr), so this have
1374 * to be taken into account in all callers. -acme
1375 */
1376 sk_refcnt_debug_inc(newsk);
1377 sk_set_socket(newsk, NULL);
1378 newsk->sk_wq = NULL;
1379
1380 sk_update_clone(sk, newsk);
1381
1382 if (newsk->sk_prot->sockets_allocated)
1383 sk_sockets_allocated_inc(newsk);
1384
1385 if (newsk->sk_flags & SK_FLAGS_TIMESTAMP)
1386 net_enable_timestamp();
1387 }
1388out:
1389 return newsk;
1390}
1391EXPORT_SYMBOL_GPL(sk_clone_lock);
1392
1393void sk_setup_caps(struct sock *sk, struct dst_entry *dst)
1394{
1395 __sk_dst_set(sk, dst);
1396 sk->sk_route_caps = dst->dev->features;
1397 if (sk->sk_route_caps & NETIF_F_GSO)
1398 sk->sk_route_caps |= NETIF_F_GSO_SOFTWARE;
1399 sk->sk_route_caps &= ~sk->sk_route_nocaps;
1400 if (sk_can_gso(sk)) {
1401 if (dst->header_len) {
1402 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
1403 } else {
1404 sk->sk_route_caps |= NETIF_F_SG | NETIF_F_HW_CSUM;
1405 sk->sk_gso_max_size = dst->dev->gso_max_size;
1406 sk->sk_gso_max_segs = dst->dev->gso_max_segs;
1407 }
1408 }
1409}
1410EXPORT_SYMBOL_GPL(sk_setup_caps);
1411
1412void __init sk_init(void)
1413{
1414 if (totalram_pages <= 4096) {
1415 sysctl_wmem_max = 32767;
1416 sysctl_rmem_max = 32767;
1417 sysctl_wmem_default = 32767;
1418 sysctl_rmem_default = 32767;
1419 } else if (totalram_pages >= 131072) {
1420 sysctl_wmem_max = 131071;
1421 sysctl_rmem_max = 131071;
1422 }
1423}
1424
1425/*
1426 * Simple resource managers for sockets.
1427 */
1428
1429
1430/*
1431 * Write buffer destructor automatically called from kfree_skb.
1432 */
1433void sock_wfree(struct sk_buff *skb)
1434{
1435 struct sock *sk = skb->sk;
1436 unsigned int len = skb->truesize;
1437
1438 if (!sock_flag(sk, SOCK_USE_WRITE_QUEUE)) {
1439 /*
1440 * Keep a reference on sk_wmem_alloc, this will be released
1441 * after sk_write_space() call
1442 */
1443 atomic_sub(len - 1, &sk->sk_wmem_alloc);
1444 sk->sk_write_space(sk);
1445 len = 1;
1446 }
1447 /*
1448 * if sk_wmem_alloc reaches 0, we must finish what sk_free()
1449 * could not do because of in-flight packets
1450 */
1451 if (atomic_sub_and_test(len, &sk->sk_wmem_alloc))
1452 __sk_free(sk);
1453}
1454EXPORT_SYMBOL(sock_wfree);
1455
1456/*
1457 * Read buffer destructor automatically called from kfree_skb.
1458 */
1459void sock_rfree(struct sk_buff *skb)
1460{
1461 struct sock *sk = skb->sk;
1462 unsigned int len = skb->truesize;
1463
1464 atomic_sub(len, &sk->sk_rmem_alloc);
1465 sk_mem_uncharge(sk, len);
1466}
1467EXPORT_SYMBOL(sock_rfree);
1468
1469
1470int sock_i_uid(struct sock *sk)
1471{
1472 int uid;
1473
1474 read_lock_bh(&sk->sk_callback_lock);
1475 uid = sk->sk_socket ? SOCK_INODE(sk->sk_socket)->i_uid : 0;
1476 read_unlock_bh(&sk->sk_callback_lock);
1477 return uid;
1478}
1479EXPORT_SYMBOL(sock_i_uid);
1480
1481unsigned long sock_i_ino(struct sock *sk)
1482{
1483 unsigned long ino;
1484
1485 read_lock_bh(&sk->sk_callback_lock);
1486 ino = sk->sk_socket ? SOCK_INODE(sk->sk_socket)->i_ino : 0;
1487 read_unlock_bh(&sk->sk_callback_lock);
1488 return ino;
1489}
1490EXPORT_SYMBOL(sock_i_ino);
1491
1492/*
1493 * Allocate a skb from the socket's send buffer.
1494 */
1495struct sk_buff *sock_wmalloc(struct sock *sk, unsigned long size, int force,
1496 gfp_t priority)
1497{
1498 if (force || atomic_read(&sk->sk_wmem_alloc) < sk->sk_sndbuf) {
1499 struct sk_buff *skb = alloc_skb(size, priority);
1500 if (skb) {
1501 skb_set_owner_w(skb, sk);
1502 return skb;
1503 }
1504 }
1505 return NULL;
1506}
1507EXPORT_SYMBOL(sock_wmalloc);
1508
1509/*
1510 * Allocate a skb from the socket's receive buffer.
1511 */
1512struct sk_buff *sock_rmalloc(struct sock *sk, unsigned long size, int force,
1513 gfp_t priority)
1514{
1515 if (force || atomic_read(&sk->sk_rmem_alloc) < sk->sk_rcvbuf) {
1516 struct sk_buff *skb = alloc_skb(size, priority);
1517 if (skb) {
1518 skb_set_owner_r(skb, sk);
1519 return skb;
1520 }
1521 }
1522 return NULL;
1523}
1524
1525/*
1526 * Allocate a memory block from the socket's option memory buffer.
1527 */
1528void *sock_kmalloc(struct sock *sk, int size, gfp_t priority)
1529{
1530 if ((unsigned int)size <= sysctl_optmem_max &&
1531 atomic_read(&sk->sk_omem_alloc) + size < sysctl_optmem_max) {
1532 void *mem;
1533 /* First do the add, to avoid the race if kmalloc
1534 * might sleep.
1535 */
1536 atomic_add(size, &sk->sk_omem_alloc);
1537 mem = kmalloc(size, priority);
1538 if (mem)
1539 return mem;
1540 atomic_sub(size, &sk->sk_omem_alloc);
1541 }
1542 return NULL;
1543}
1544EXPORT_SYMBOL(sock_kmalloc);
1545
1546/*
1547 * Free an option memory block.
1548 */
1549void sock_kfree_s(struct sock *sk, void *mem, int size)
1550{
1551 kfree(mem);
1552 atomic_sub(size, &sk->sk_omem_alloc);
1553}
1554EXPORT_SYMBOL(sock_kfree_s);
1555
1556/* It is almost wait_for_tcp_memory minus release_sock/lock_sock.
1557 I think, these locks should be removed for datagram sockets.
1558 */
1559static long sock_wait_for_wmem(struct sock *sk, long timeo)
1560{
1561 DEFINE_WAIT(wait);
1562
1563 clear_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags);
1564 for (;;) {
1565 if (!timeo)
1566 break;
1567 if (signal_pending(current))
1568 break;
1569 set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
1570 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1571 if (atomic_read(&sk->sk_wmem_alloc) < sk->sk_sndbuf)
1572 break;
1573 if (sk->sk_shutdown & SEND_SHUTDOWN)
1574 break;
1575 if (sk->sk_err)
1576 break;
1577 timeo = schedule_timeout(timeo);
1578 }
1579 finish_wait(sk_sleep(sk), &wait);
1580 return timeo;
1581}
1582
1583
1584/*
1585 * Generic send/receive buffer handlers
1586 */
1587
1588struct sk_buff *sock_alloc_send_pskb(struct sock *sk, unsigned long header_len,
1589 unsigned long data_len, int noblock,
1590 int *errcode)
1591{
1592 struct sk_buff *skb;
1593 gfp_t gfp_mask;
1594 long timeo;
1595 int err;
1596 int npages = (data_len + (PAGE_SIZE - 1)) >> PAGE_SHIFT;
1597
1598 err = -EMSGSIZE;
1599 if (npages > MAX_SKB_FRAGS)
1600 goto failure;
1601
1602 gfp_mask = sk->sk_allocation;
1603 if (gfp_mask & __GFP_WAIT)
1604 gfp_mask |= __GFP_REPEAT;
1605
1606 timeo = sock_sndtimeo(sk, noblock);
1607 while (1) {
1608 err = sock_error(sk);
1609 if (err != 0)
1610 goto failure;
1611
1612 err = -EPIPE;
1613 if (sk->sk_shutdown & SEND_SHUTDOWN)
1614 goto failure;
1615
1616 if (atomic_read(&sk->sk_wmem_alloc) < sk->sk_sndbuf) {
1617 skb = alloc_skb(header_len, gfp_mask);
1618 if (skb) {
1619 int i;
1620
1621 /* No pages, we're done... */
1622 if (!data_len)
1623 break;
1624
1625 skb->truesize += data_len;
1626 skb_shinfo(skb)->nr_frags = npages;
1627 for (i = 0; i < npages; i++) {
1628 struct page *page;
1629
1630 page = alloc_pages(sk->sk_allocation, 0);
1631 if (!page) {
1632 err = -ENOBUFS;
1633 skb_shinfo(skb)->nr_frags = i;
1634 kfree_skb(skb);
1635 goto failure;
1636 }
1637
1638 __skb_fill_page_desc(skb, i,
1639 page, 0,
1640 (data_len >= PAGE_SIZE ?
1641 PAGE_SIZE :
1642 data_len));
1643 data_len -= PAGE_SIZE;
1644 }
1645
1646 /* Full success... */
1647 break;
1648 }
1649 err = -ENOBUFS;
1650 goto failure;
1651 }
1652 set_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags);
1653 set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
1654 err = -EAGAIN;
1655 if (!timeo)
1656 goto failure;
1657 if (signal_pending(current))
1658 goto interrupted;
1659 timeo = sock_wait_for_wmem(sk, timeo);
1660 }
1661
1662 skb_set_owner_w(skb, sk);
1663 return skb;
1664
1665interrupted:
1666 err = sock_intr_errno(timeo);
1667failure:
1668 *errcode = err;
1669 return NULL;
1670}
1671EXPORT_SYMBOL(sock_alloc_send_pskb);
1672
1673struct sk_buff *sock_alloc_send_skb(struct sock *sk, unsigned long size,
1674 int noblock, int *errcode)
1675{
1676 return sock_alloc_send_pskb(sk, size, 0, noblock, errcode);
1677}
1678EXPORT_SYMBOL(sock_alloc_send_skb);
1679
1680static void __lock_sock(struct sock *sk)
1681 __releases(&sk->sk_lock.slock)
1682 __acquires(&sk->sk_lock.slock)
1683{
1684 DEFINE_WAIT(wait);
1685
1686 for (;;) {
1687 prepare_to_wait_exclusive(&sk->sk_lock.wq, &wait,
1688 TASK_UNINTERRUPTIBLE);
1689 spin_unlock_bh(&sk->sk_lock.slock);
1690 schedule();
1691 spin_lock_bh(&sk->sk_lock.slock);
1692 if (!sock_owned_by_user(sk))
1693 break;
1694 }
1695 finish_wait(&sk->sk_lock.wq, &wait);
1696}
1697
1698static void __release_sock(struct sock *sk)
1699 __releases(&sk->sk_lock.slock)
1700 __acquires(&sk->sk_lock.slock)
1701{
1702 struct sk_buff *skb = sk->sk_backlog.head;
1703
1704 do {
1705 sk->sk_backlog.head = sk->sk_backlog.tail = NULL;
1706 bh_unlock_sock(sk);
1707
1708 do {
1709 struct sk_buff *next = skb->next;
1710
1711 prefetch(next);
1712 WARN_ON_ONCE(skb_dst_is_noref(skb));
1713 skb->next = NULL;
1714 sk_backlog_rcv(sk, skb);
1715
1716 /*
1717 * We are in process context here with softirqs
1718 * disabled, use cond_resched_softirq() to preempt.
1719 * This is safe to do because we've taken the backlog
1720 * queue private:
1721 */
1722 cond_resched_softirq();
1723
1724 skb = next;
1725 } while (skb != NULL);
1726
1727 bh_lock_sock(sk);
1728 } while ((skb = sk->sk_backlog.head) != NULL);
1729
1730 /*
1731 * Doing the zeroing here guarantee we can not loop forever
1732 * while a wild producer attempts to flood us.
1733 */
1734 sk->sk_backlog.len = 0;
1735}
1736
1737/**
1738 * sk_wait_data - wait for data to arrive at sk_receive_queue
1739 * @sk: sock to wait on
1740 * @timeo: for how long
1741 *
1742 * Now socket state including sk->sk_err is changed only under lock,
1743 * hence we may omit checks after joining wait queue.
1744 * We check receive queue before schedule() only as optimization;
1745 * it is very likely that release_sock() added new data.
1746 */
1747int sk_wait_data(struct sock *sk, long *timeo)
1748{
1749 int rc;
1750 DEFINE_WAIT(wait);
1751
1752 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1753 set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
1754 rc = sk_wait_event(sk, timeo, !skb_queue_empty(&sk->sk_receive_queue));
1755 clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
1756 finish_wait(sk_sleep(sk), &wait);
1757 return rc;
1758}
1759EXPORT_SYMBOL(sk_wait_data);
1760
1761/**
1762 * __sk_mem_schedule - increase sk_forward_alloc and memory_allocated
1763 * @sk: socket
1764 * @size: memory size to allocate
1765 * @kind: allocation type
1766 *
1767 * If kind is SK_MEM_SEND, it means wmem allocation. Otherwise it means
1768 * rmem allocation. This function assumes that protocols which have
1769 * memory_pressure use sk_wmem_queued as write buffer accounting.
1770 */
1771int __sk_mem_schedule(struct sock *sk, int size, int kind)
1772{
1773 struct proto *prot = sk->sk_prot;
1774 int amt = sk_mem_pages(size);
1775 long allocated;
1776 int parent_status = UNDER_LIMIT;
1777
1778 sk->sk_forward_alloc += amt * SK_MEM_QUANTUM;
1779
1780 allocated = sk_memory_allocated_add(sk, amt, &parent_status);
1781
1782 /* Under limit. */
1783 if (parent_status == UNDER_LIMIT &&
1784 allocated <= sk_prot_mem_limits(sk, 0)) {
1785 sk_leave_memory_pressure(sk);
1786 return 1;
1787 }
1788
1789 /* Under pressure. (we or our parents) */
1790 if ((parent_status > SOFT_LIMIT) ||
1791 allocated > sk_prot_mem_limits(sk, 1))
1792 sk_enter_memory_pressure(sk);
1793
1794 /* Over hard limit (we or our parents) */
1795 if ((parent_status == OVER_LIMIT) ||
1796 (allocated > sk_prot_mem_limits(sk, 2)))
1797 goto suppress_allocation;
1798
1799 /* guarantee minimum buffer size under pressure */
1800 if (kind == SK_MEM_RECV) {
1801 if (atomic_read(&sk->sk_rmem_alloc) < prot->sysctl_rmem[0])
1802 return 1;
1803
1804 } else { /* SK_MEM_SEND */
1805 if (sk->sk_type == SOCK_STREAM) {
1806 if (sk->sk_wmem_queued < prot->sysctl_wmem[0])
1807 return 1;
1808 } else if (atomic_read(&sk->sk_wmem_alloc) <
1809 prot->sysctl_wmem[0])
1810 return 1;
1811 }
1812
1813 if (sk_has_memory_pressure(sk)) {
1814 int alloc;
1815
1816 if (!sk_under_memory_pressure(sk))
1817 return 1;
1818 alloc = sk_sockets_allocated_read_positive(sk);
1819 if (sk_prot_mem_limits(sk, 2) > alloc *
1820 sk_mem_pages(sk->sk_wmem_queued +
1821 atomic_read(&sk->sk_rmem_alloc) +
1822 sk->sk_forward_alloc))
1823 return 1;
1824 }
1825
1826suppress_allocation:
1827
1828 if (kind == SK_MEM_SEND && sk->sk_type == SOCK_STREAM) {
1829 sk_stream_moderate_sndbuf(sk);
1830
1831 /* Fail only if socket is _under_ its sndbuf.
1832 * In this case we cannot block, so that we have to fail.
1833 */
1834 if (sk->sk_wmem_queued + size >= sk->sk_sndbuf)
1835 return 1;
1836 }
1837
1838 trace_sock_exceed_buf_limit(sk, prot, allocated);
1839
1840 /* Alas. Undo changes. */
1841 sk->sk_forward_alloc -= amt * SK_MEM_QUANTUM;
1842
1843 sk_memory_allocated_sub(sk, amt);
1844
1845 return 0;
1846}
1847EXPORT_SYMBOL(__sk_mem_schedule);
1848
1849/**
1850 * __sk_reclaim - reclaim memory_allocated
1851 * @sk: socket
1852 */
1853void __sk_mem_reclaim(struct sock *sk)
1854{
1855 sk_memory_allocated_sub(sk,
1856 sk->sk_forward_alloc >> SK_MEM_QUANTUM_SHIFT);
1857 sk->sk_forward_alloc &= SK_MEM_QUANTUM - 1;
1858
1859 if (sk_under_memory_pressure(sk) &&
1860 (sk_memory_allocated(sk) < sk_prot_mem_limits(sk, 0)))
1861 sk_leave_memory_pressure(sk);
1862}
1863EXPORT_SYMBOL(__sk_mem_reclaim);
1864
1865
1866/*
1867 * Set of default routines for initialising struct proto_ops when
1868 * the protocol does not support a particular function. In certain
1869 * cases where it makes no sense for a protocol to have a "do nothing"
1870 * function, some default processing is provided.
1871 */
1872
1873int sock_no_bind(struct socket *sock, struct sockaddr *saddr, int len)
1874{
1875 return -EOPNOTSUPP;
1876}
1877EXPORT_SYMBOL(sock_no_bind);
1878
1879int sock_no_connect(struct socket *sock, struct sockaddr *saddr,
1880 int len, int flags)
1881{
1882 return -EOPNOTSUPP;
1883}
1884EXPORT_SYMBOL(sock_no_connect);
1885
1886int sock_no_socketpair(struct socket *sock1, struct socket *sock2)
1887{
1888 return -EOPNOTSUPP;
1889}
1890EXPORT_SYMBOL(sock_no_socketpair);
1891
1892int sock_no_accept(struct socket *sock, struct socket *newsock, int flags)
1893{
1894 return -EOPNOTSUPP;
1895}
1896EXPORT_SYMBOL(sock_no_accept);
1897
1898int sock_no_getname(struct socket *sock, struct sockaddr *saddr,
1899 int *len, int peer)
1900{
1901 return -EOPNOTSUPP;
1902}
1903EXPORT_SYMBOL(sock_no_getname);
1904
1905unsigned int sock_no_poll(struct file *file, struct socket *sock, poll_table *pt)
1906{
1907 return 0;
1908}
1909EXPORT_SYMBOL(sock_no_poll);
1910
1911int sock_no_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1912{
1913 return -EOPNOTSUPP;
1914}
1915EXPORT_SYMBOL(sock_no_ioctl);
1916
1917int sock_no_listen(struct socket *sock, int backlog)
1918{
1919 return -EOPNOTSUPP;
1920}
1921EXPORT_SYMBOL(sock_no_listen);
1922
1923int sock_no_shutdown(struct socket *sock, int how)
1924{
1925 return -EOPNOTSUPP;
1926}
1927EXPORT_SYMBOL(sock_no_shutdown);
1928
1929int sock_no_setsockopt(struct socket *sock, int level, int optname,
1930 char __user *optval, unsigned int optlen)
1931{
1932 return -EOPNOTSUPP;
1933}
1934EXPORT_SYMBOL(sock_no_setsockopt);
1935
1936int sock_no_getsockopt(struct socket *sock, int level, int optname,
1937 char __user *optval, int __user *optlen)
1938{
1939 return -EOPNOTSUPP;
1940}
1941EXPORT_SYMBOL(sock_no_getsockopt);
1942
1943int sock_no_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *m,
1944 size_t len)
1945{
1946 return -EOPNOTSUPP;
1947}
1948EXPORT_SYMBOL(sock_no_sendmsg);
1949
1950int sock_no_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *m,
1951 size_t len, int flags)
1952{
1953 return -EOPNOTSUPP;
1954}
1955EXPORT_SYMBOL(sock_no_recvmsg);
1956
1957int sock_no_mmap(struct file *file, struct socket *sock, struct vm_area_struct *vma)
1958{
1959 /* Mirror missing mmap method error code */
1960 return -ENODEV;
1961}
1962EXPORT_SYMBOL(sock_no_mmap);
1963
1964ssize_t sock_no_sendpage(struct socket *sock, struct page *page, int offset, size_t size, int flags)
1965{
1966 ssize_t res;
1967 struct msghdr msg = {.msg_flags = flags};
1968 struct kvec iov;
1969 char *kaddr = kmap(page);
1970 iov.iov_base = kaddr + offset;
1971 iov.iov_len = size;
1972 res = kernel_sendmsg(sock, &msg, &iov, 1, size);
1973 kunmap(page);
1974 return res;
1975}
1976EXPORT_SYMBOL(sock_no_sendpage);
1977
1978/*
1979 * Default Socket Callbacks
1980 */
1981
1982static void sock_def_wakeup(struct sock *sk)
1983{
1984 struct socket_wq *wq;
1985
1986 rcu_read_lock();
1987 wq = rcu_dereference(sk->sk_wq);
1988 if (wq_has_sleeper(wq))
1989 wake_up_interruptible_all(&wq->wait);
1990 rcu_read_unlock();
1991}
1992
1993static void sock_def_error_report(struct sock *sk)
1994{
1995 struct socket_wq *wq;
1996
1997 rcu_read_lock();
1998 wq = rcu_dereference(sk->sk_wq);
1999 if (wq_has_sleeper(wq))
2000 wake_up_interruptible_poll(&wq->wait, POLLERR);
2001 sk_wake_async(sk, SOCK_WAKE_IO, POLL_ERR);
2002 rcu_read_unlock();
2003}
2004
2005static void sock_def_readable(struct sock *sk, int len)
2006{
2007 struct socket_wq *wq;
2008
2009 rcu_read_lock();
2010 wq = rcu_dereference(sk->sk_wq);
2011 if (wq_has_sleeper(wq))
2012 wake_up_interruptible_sync_poll(&wq->wait, POLLIN | POLLPRI |
2013 POLLRDNORM | POLLRDBAND);
2014 sk_wake_async(sk, SOCK_WAKE_WAITD, POLL_IN);
2015 rcu_read_unlock();
2016}
2017
2018static void sock_def_write_space(struct sock *sk)
2019{
2020 struct socket_wq *wq;
2021
2022 rcu_read_lock();
2023
2024 /* Do not wake up a writer until he can make "significant"
2025 * progress. --DaveM
2026 */
2027 if ((atomic_read(&sk->sk_wmem_alloc) << 1) <= sk->sk_sndbuf) {
2028 wq = rcu_dereference(sk->sk_wq);
2029 if (wq_has_sleeper(wq))
2030 wake_up_interruptible_sync_poll(&wq->wait, POLLOUT |
2031 POLLWRNORM | POLLWRBAND);
2032
2033 /* Should agree with poll, otherwise some programs break */
2034 if (sock_writeable(sk))
2035 sk_wake_async(sk, SOCK_WAKE_SPACE, POLL_OUT);
2036 }
2037
2038 rcu_read_unlock();
2039}
2040
2041static void sock_def_destruct(struct sock *sk)
2042{
2043 kfree(sk->sk_protinfo);
2044}
2045
2046void sk_send_sigurg(struct sock *sk)
2047{
2048 if (sk->sk_socket && sk->sk_socket->file)
2049 if (send_sigurg(&sk->sk_socket->file->f_owner))
2050 sk_wake_async(sk, SOCK_WAKE_URG, POLL_PRI);
2051}
2052EXPORT_SYMBOL(sk_send_sigurg);
2053
2054void sk_reset_timer(struct sock *sk, struct timer_list* timer,
2055 unsigned long expires)
2056{
2057 if (!mod_timer(timer, expires))
2058 sock_hold(sk);
2059}
2060EXPORT_SYMBOL(sk_reset_timer);
2061
2062void sk_stop_timer(struct sock *sk, struct timer_list* timer)
2063{
2064 if (timer_pending(timer) && del_timer(timer))
2065 __sock_put(sk);
2066}
2067EXPORT_SYMBOL(sk_stop_timer);
2068
2069void sock_init_data(struct socket *sock, struct sock *sk)
2070{
2071 skb_queue_head_init(&sk->sk_receive_queue);
2072 skb_queue_head_init(&sk->sk_write_queue);
2073 skb_queue_head_init(&sk->sk_error_queue);
2074#ifdef CONFIG_NET_DMA
2075 skb_queue_head_init(&sk->sk_async_wait_queue);
2076#endif
2077
2078 sk->sk_send_head = NULL;
2079
2080 init_timer(&sk->sk_timer);
2081
2082 sk->sk_allocation = GFP_KERNEL;
2083 sk->sk_rcvbuf = sysctl_rmem_default;
2084 sk->sk_sndbuf = sysctl_wmem_default;
2085 sk->sk_state = TCP_CLOSE;
2086 sk_set_socket(sk, sock);
2087
2088 sock_set_flag(sk, SOCK_ZAPPED);
2089
2090 if (sock) {
2091 sk->sk_type = sock->type;
2092 sk->sk_wq = sock->wq;
2093 sock->sk = sk;
2094 } else
2095 sk->sk_wq = NULL;
2096
2097 spin_lock_init(&sk->sk_dst_lock);
2098 rwlock_init(&sk->sk_callback_lock);
2099 lockdep_set_class_and_name(&sk->sk_callback_lock,
2100 af_callback_keys + sk->sk_family,
2101 af_family_clock_key_strings[sk->sk_family]);
2102
2103 sk->sk_state_change = sock_def_wakeup;
2104 sk->sk_data_ready = sock_def_readable;
2105 sk->sk_write_space = sock_def_write_space;
2106 sk->sk_error_report = sock_def_error_report;
2107 sk->sk_destruct = sock_def_destruct;
2108
2109 sk->sk_sndmsg_page = NULL;
2110 sk->sk_sndmsg_off = 0;
2111 sk->sk_peek_off = -1;
2112
2113 sk->sk_peer_pid = NULL;
2114 sk->sk_peer_cred = NULL;
2115 sk->sk_write_pending = 0;
2116 sk->sk_rcvlowat = 1;
2117 sk->sk_rcvtimeo = MAX_SCHEDULE_TIMEOUT;
2118 sk->sk_sndtimeo = MAX_SCHEDULE_TIMEOUT;
2119
2120 sk->sk_stamp = ktime_set(-1L, 0);
2121
2122 /*
2123 * Before updating sk_refcnt, we must commit prior changes to memory
2124 * (Documentation/RCU/rculist_nulls.txt for details)
2125 */
2126 smp_wmb();
2127 atomic_set(&sk->sk_refcnt, 1);
2128 atomic_set(&sk->sk_drops, 0);
2129}
2130EXPORT_SYMBOL(sock_init_data);
2131
2132void lock_sock_nested(struct sock *sk, int subclass)
2133{
2134 might_sleep();
2135 spin_lock_bh(&sk->sk_lock.slock);
2136 if (sk->sk_lock.owned)
2137 __lock_sock(sk);
2138 sk->sk_lock.owned = 1;
2139 spin_unlock(&sk->sk_lock.slock);
2140 /*
2141 * The sk_lock has mutex_lock() semantics here:
2142 */
2143 mutex_acquire(&sk->sk_lock.dep_map, subclass, 0, _RET_IP_);
2144 local_bh_enable();
2145}
2146EXPORT_SYMBOL(lock_sock_nested);
2147
2148void release_sock(struct sock *sk)
2149{
2150 /*
2151 * The sk_lock has mutex_unlock() semantics:
2152 */
2153 mutex_release(&sk->sk_lock.dep_map, 1, _RET_IP_);
2154
2155 spin_lock_bh(&sk->sk_lock.slock);
2156 if (sk->sk_backlog.tail)
2157 __release_sock(sk);
2158 sk->sk_lock.owned = 0;
2159 if (waitqueue_active(&sk->sk_lock.wq))
2160 wake_up(&sk->sk_lock.wq);
2161 spin_unlock_bh(&sk->sk_lock.slock);
2162}
2163EXPORT_SYMBOL(release_sock);
2164
2165/**
2166 * lock_sock_fast - fast version of lock_sock
2167 * @sk: socket
2168 *
2169 * This version should be used for very small section, where process wont block
2170 * return false if fast path is taken
2171 * sk_lock.slock locked, owned = 0, BH disabled
2172 * return true if slow path is taken
2173 * sk_lock.slock unlocked, owned = 1, BH enabled
2174 */
2175bool lock_sock_fast(struct sock *sk)
2176{
2177 might_sleep();
2178 spin_lock_bh(&sk->sk_lock.slock);
2179
2180 if (!sk->sk_lock.owned)
2181 /*
2182 * Note : We must disable BH
2183 */
2184 return false;
2185
2186 __lock_sock(sk);
2187 sk->sk_lock.owned = 1;
2188 spin_unlock(&sk->sk_lock.slock);
2189 /*
2190 * The sk_lock has mutex_lock() semantics here:
2191 */
2192 mutex_acquire(&sk->sk_lock.dep_map, 0, 0, _RET_IP_);
2193 local_bh_enable();
2194 return true;
2195}
2196EXPORT_SYMBOL(lock_sock_fast);
2197
2198int sock_get_timestamp(struct sock *sk, struct timeval __user *userstamp)
2199{
2200 struct timeval tv;
2201 if (!sock_flag(sk, SOCK_TIMESTAMP))
2202 sock_enable_timestamp(sk, SOCK_TIMESTAMP);
2203 tv = ktime_to_timeval(sk->sk_stamp);
2204 if (tv.tv_sec == -1)
2205 return -ENOENT;
2206 if (tv.tv_sec == 0) {
2207 sk->sk_stamp = ktime_get_real();
2208 tv = ktime_to_timeval(sk->sk_stamp);
2209 }
2210 return copy_to_user(userstamp, &tv, sizeof(tv)) ? -EFAULT : 0;
2211}
2212EXPORT_SYMBOL(sock_get_timestamp);
2213
2214int sock_get_timestampns(struct sock *sk, struct timespec __user *userstamp)
2215{
2216 struct timespec ts;
2217 if (!sock_flag(sk, SOCK_TIMESTAMP))
2218 sock_enable_timestamp(sk, SOCK_TIMESTAMP);
2219 ts = ktime_to_timespec(sk->sk_stamp);
2220 if (ts.tv_sec == -1)
2221 return -ENOENT;
2222 if (ts.tv_sec == 0) {
2223 sk->sk_stamp = ktime_get_real();
2224 ts = ktime_to_timespec(sk->sk_stamp);
2225 }
2226 return copy_to_user(userstamp, &ts, sizeof(ts)) ? -EFAULT : 0;
2227}
2228EXPORT_SYMBOL(sock_get_timestampns);
2229
2230void sock_enable_timestamp(struct sock *sk, int flag)
2231{
2232 if (!sock_flag(sk, flag)) {
2233 unsigned long previous_flags = sk->sk_flags;
2234
2235 sock_set_flag(sk, flag);
2236 /*
2237 * we just set one of the two flags which require net
2238 * time stamping, but time stamping might have been on
2239 * already because of the other one
2240 */
2241 if (!(previous_flags & SK_FLAGS_TIMESTAMP))
2242 net_enable_timestamp();
2243 }
2244}
2245
2246/*
2247 * Get a socket option on an socket.
2248 *
2249 * FIX: POSIX 1003.1g is very ambiguous here. It states that
2250 * asynchronous errors should be reported by getsockopt. We assume
2251 * this means if you specify SO_ERROR (otherwise whats the point of it).
2252 */
2253int sock_common_getsockopt(struct socket *sock, int level, int optname,
2254 char __user *optval, int __user *optlen)
2255{
2256 struct sock *sk = sock->sk;
2257
2258 return sk->sk_prot->getsockopt(sk, level, optname, optval, optlen);
2259}
2260EXPORT_SYMBOL(sock_common_getsockopt);
2261
2262#ifdef CONFIG_COMPAT
2263int compat_sock_common_getsockopt(struct socket *sock, int level, int optname,
2264 char __user *optval, int __user *optlen)
2265{
2266 struct sock *sk = sock->sk;
2267
2268 if (sk->sk_prot->compat_getsockopt != NULL)
2269 return sk->sk_prot->compat_getsockopt(sk, level, optname,
2270 optval, optlen);
2271 return sk->sk_prot->getsockopt(sk, level, optname, optval, optlen);
2272}
2273EXPORT_SYMBOL(compat_sock_common_getsockopt);
2274#endif
2275
2276int sock_common_recvmsg(struct kiocb *iocb, struct socket *sock,
2277 struct msghdr *msg, size_t size, int flags)
2278{
2279 struct sock *sk = sock->sk;
2280 int addr_len = 0;
2281 int err;
2282
2283 err = sk->sk_prot->recvmsg(iocb, sk, msg, size, flags & MSG_DONTWAIT,
2284 flags & ~MSG_DONTWAIT, &addr_len);
2285 if (err >= 0)
2286 msg->msg_namelen = addr_len;
2287 return err;
2288}
2289EXPORT_SYMBOL(sock_common_recvmsg);
2290
2291/*
2292 * Set socket options on an inet socket.
2293 */
2294int sock_common_setsockopt(struct socket *sock, int level, int optname,
2295 char __user *optval, unsigned int optlen)
2296{
2297 struct sock *sk = sock->sk;
2298
2299 return sk->sk_prot->setsockopt(sk, level, optname, optval, optlen);
2300}
2301EXPORT_SYMBOL(sock_common_setsockopt);
2302
2303#ifdef CONFIG_COMPAT
2304int compat_sock_common_setsockopt(struct socket *sock, int level, int optname,
2305 char __user *optval, unsigned int optlen)
2306{
2307 struct sock *sk = sock->sk;
2308
2309 if (sk->sk_prot->compat_setsockopt != NULL)
2310 return sk->sk_prot->compat_setsockopt(sk, level, optname,
2311 optval, optlen);
2312 return sk->sk_prot->setsockopt(sk, level, optname, optval, optlen);
2313}
2314EXPORT_SYMBOL(compat_sock_common_setsockopt);
2315#endif
2316
2317void sk_common_release(struct sock *sk)
2318{
2319 if (sk->sk_prot->destroy)
2320 sk->sk_prot->destroy(sk);
2321
2322 /*
2323 * Observation: when sock_common_release is called, processes have
2324 * no access to socket. But net still has.
2325 * Step one, detach it from networking:
2326 *
2327 * A. Remove from hash tables.
2328 */
2329
2330 sk->sk_prot->unhash(sk);
2331
2332 /*
2333 * In this point socket cannot receive new packets, but it is possible
2334 * that some packets are in flight because some CPU runs receiver and
2335 * did hash table lookup before we unhashed socket. They will achieve
2336 * receive queue and will be purged by socket destructor.
2337 *
2338 * Also we still have packets pending on receive queue and probably,
2339 * our own packets waiting in device queues. sock_destroy will drain
2340 * receive queue, but transmitted packets will delay socket destruction
2341 * until the last reference will be released.
2342 */
2343
2344 sock_orphan(sk);
2345
2346 xfrm_sk_free_policy(sk);
2347
2348 sk_refcnt_debug_release(sk);
2349 sock_put(sk);
2350}
2351EXPORT_SYMBOL(sk_common_release);
2352
2353#ifdef CONFIG_PROC_FS
2354#define PROTO_INUSE_NR 64 /* should be enough for the first time */
2355struct prot_inuse {
2356 int val[PROTO_INUSE_NR];
2357};
2358
2359static DECLARE_BITMAP(proto_inuse_idx, PROTO_INUSE_NR);
2360
2361#ifdef CONFIG_NET_NS
2362void sock_prot_inuse_add(struct net *net, struct proto *prot, int val)
2363{
2364 __this_cpu_add(net->core.inuse->val[prot->inuse_idx], val);
2365}
2366EXPORT_SYMBOL_GPL(sock_prot_inuse_add);
2367
2368int sock_prot_inuse_get(struct net *net, struct proto *prot)
2369{
2370 int cpu, idx = prot->inuse_idx;
2371 int res = 0;
2372
2373 for_each_possible_cpu(cpu)
2374 res += per_cpu_ptr(net->core.inuse, cpu)->val[idx];
2375
2376 return res >= 0 ? res : 0;
2377}
2378EXPORT_SYMBOL_GPL(sock_prot_inuse_get);
2379
2380static int __net_init sock_inuse_init_net(struct net *net)
2381{
2382 net->core.inuse = alloc_percpu(struct prot_inuse);
2383 return net->core.inuse ? 0 : -ENOMEM;
2384}
2385
2386static void __net_exit sock_inuse_exit_net(struct net *net)
2387{
2388 free_percpu(net->core.inuse);
2389}
2390
2391static struct pernet_operations net_inuse_ops = {
2392 .init = sock_inuse_init_net,
2393 .exit = sock_inuse_exit_net,
2394};
2395
2396static __init int net_inuse_init(void)
2397{
2398 if (register_pernet_subsys(&net_inuse_ops))
2399 panic("Cannot initialize net inuse counters");
2400
2401 return 0;
2402}
2403
2404core_initcall(net_inuse_init);
2405#else
2406static DEFINE_PER_CPU(struct prot_inuse, prot_inuse);
2407
2408void sock_prot_inuse_add(struct net *net, struct proto *prot, int val)
2409{
2410 __this_cpu_add(prot_inuse.val[prot->inuse_idx], val);
2411}
2412EXPORT_SYMBOL_GPL(sock_prot_inuse_add);
2413
2414int sock_prot_inuse_get(struct net *net, struct proto *prot)
2415{
2416 int cpu, idx = prot->inuse_idx;
2417 int res = 0;
2418
2419 for_each_possible_cpu(cpu)
2420 res += per_cpu(prot_inuse, cpu).val[idx];
2421
2422 return res >= 0 ? res : 0;
2423}
2424EXPORT_SYMBOL_GPL(sock_prot_inuse_get);
2425#endif
2426
2427static void assign_proto_idx(struct proto *prot)
2428{
2429 prot->inuse_idx = find_first_zero_bit(proto_inuse_idx, PROTO_INUSE_NR);
2430
2431 if (unlikely(prot->inuse_idx == PROTO_INUSE_NR - 1)) {
2432 pr_err("PROTO_INUSE_NR exhausted\n");
2433 return;
2434 }
2435
2436 set_bit(prot->inuse_idx, proto_inuse_idx);
2437}
2438
2439static void release_proto_idx(struct proto *prot)
2440{
2441 if (prot->inuse_idx != PROTO_INUSE_NR - 1)
2442 clear_bit(prot->inuse_idx, proto_inuse_idx);
2443}
2444#else
2445static inline void assign_proto_idx(struct proto *prot)
2446{
2447}
2448
2449static inline void release_proto_idx(struct proto *prot)
2450{
2451}
2452#endif
2453
2454int proto_register(struct proto *prot, int alloc_slab)
2455{
2456 if (alloc_slab) {
2457 prot->slab = kmem_cache_create(prot->name, prot->obj_size, 0,
2458 SLAB_HWCACHE_ALIGN | prot->slab_flags,
2459 NULL);
2460
2461 if (prot->slab == NULL) {
2462 pr_crit("%s: Can't create sock SLAB cache!\n",
2463 prot->name);
2464 goto out;
2465 }
2466
2467 if (prot->rsk_prot != NULL) {
2468 prot->rsk_prot->slab_name = kasprintf(GFP_KERNEL, "request_sock_%s", prot->name);
2469 if (prot->rsk_prot->slab_name == NULL)
2470 goto out_free_sock_slab;
2471
2472 prot->rsk_prot->slab = kmem_cache_create(prot->rsk_prot->slab_name,
2473 prot->rsk_prot->obj_size, 0,
2474 SLAB_HWCACHE_ALIGN, NULL);
2475
2476 if (prot->rsk_prot->slab == NULL) {
2477 pr_crit("%s: Can't create request sock SLAB cache!\n",
2478 prot->name);
2479 goto out_free_request_sock_slab_name;
2480 }
2481 }
2482
2483 if (prot->twsk_prot != NULL) {
2484 prot->twsk_prot->twsk_slab_name = kasprintf(GFP_KERNEL, "tw_sock_%s", prot->name);
2485
2486 if (prot->twsk_prot->twsk_slab_name == NULL)
2487 goto out_free_request_sock_slab;
2488
2489 prot->twsk_prot->twsk_slab =
2490 kmem_cache_create(prot->twsk_prot->twsk_slab_name,
2491 prot->twsk_prot->twsk_obj_size,
2492 0,
2493 SLAB_HWCACHE_ALIGN |
2494 prot->slab_flags,
2495 NULL);
2496 if (prot->twsk_prot->twsk_slab == NULL)
2497 goto out_free_timewait_sock_slab_name;
2498 }
2499 }
2500
2501 mutex_lock(&proto_list_mutex);
2502 list_add(&prot->node, &proto_list);
2503 assign_proto_idx(prot);
2504 mutex_unlock(&proto_list_mutex);
2505 return 0;
2506
2507out_free_timewait_sock_slab_name:
2508 kfree(prot->twsk_prot->twsk_slab_name);
2509out_free_request_sock_slab:
2510 if (prot->rsk_prot && prot->rsk_prot->slab) {
2511 kmem_cache_destroy(prot->rsk_prot->slab);
2512 prot->rsk_prot->slab = NULL;
2513 }
2514out_free_request_sock_slab_name:
2515 if (prot->rsk_prot)
2516 kfree(prot->rsk_prot->slab_name);
2517out_free_sock_slab:
2518 kmem_cache_destroy(prot->slab);
2519 prot->slab = NULL;
2520out:
2521 return -ENOBUFS;
2522}
2523EXPORT_SYMBOL(proto_register);
2524
2525void proto_unregister(struct proto *prot)
2526{
2527 mutex_lock(&proto_list_mutex);
2528 release_proto_idx(prot);
2529 list_del(&prot->node);
2530 mutex_unlock(&proto_list_mutex);
2531
2532 if (prot->slab != NULL) {
2533 kmem_cache_destroy(prot->slab);
2534 prot->slab = NULL;
2535 }
2536
2537 if (prot->rsk_prot != NULL && prot->rsk_prot->slab != NULL) {
2538 kmem_cache_destroy(prot->rsk_prot->slab);
2539 kfree(prot->rsk_prot->slab_name);
2540 prot->rsk_prot->slab = NULL;
2541 }
2542
2543 if (prot->twsk_prot != NULL && prot->twsk_prot->twsk_slab != NULL) {
2544 kmem_cache_destroy(prot->twsk_prot->twsk_slab);
2545 kfree(prot->twsk_prot->twsk_slab_name);
2546 prot->twsk_prot->twsk_slab = NULL;
2547 }
2548}
2549EXPORT_SYMBOL(proto_unregister);
2550
2551#ifdef CONFIG_PROC_FS
2552static void *proto_seq_start(struct seq_file *seq, loff_t *pos)
2553 __acquires(proto_list_mutex)
2554{
2555 mutex_lock(&proto_list_mutex);
2556 return seq_list_start_head(&proto_list, *pos);
2557}
2558
2559static void *proto_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2560{
2561 return seq_list_next(v, &proto_list, pos);
2562}
2563
2564static void proto_seq_stop(struct seq_file *seq, void *v)
2565 __releases(proto_list_mutex)
2566{
2567 mutex_unlock(&proto_list_mutex);
2568}
2569
2570static char proto_method_implemented(const void *method)
2571{
2572 return method == NULL ? 'n' : 'y';
2573}
2574static long sock_prot_memory_allocated(struct proto *proto)
2575{
2576 return proto->memory_allocated != NULL ? proto_memory_allocated(proto) : -1L;
2577}
2578
2579static char *sock_prot_memory_pressure(struct proto *proto)
2580{
2581 return proto->memory_pressure != NULL ?
2582 proto_memory_pressure(proto) ? "yes" : "no" : "NI";
2583}
2584
2585static void proto_seq_printf(struct seq_file *seq, struct proto *proto)
2586{
2587
2588 seq_printf(seq, "%-9s %4u %6d %6ld %-3s %6u %-3s %-10s "
2589 "%2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c\n",
2590 proto->name,
2591 proto->obj_size,
2592 sock_prot_inuse_get(seq_file_net(seq), proto),
2593 sock_prot_memory_allocated(proto),
2594 sock_prot_memory_pressure(proto),
2595 proto->max_header,
2596 proto->slab == NULL ? "no" : "yes",
2597 module_name(proto->owner),
2598 proto_method_implemented(proto->close),
2599 proto_method_implemented(proto->connect),
2600 proto_method_implemented(proto->disconnect),
2601 proto_method_implemented(proto->accept),
2602 proto_method_implemented(proto->ioctl),
2603 proto_method_implemented(proto->init),
2604 proto_method_implemented(proto->destroy),
2605 proto_method_implemented(proto->shutdown),
2606 proto_method_implemented(proto->setsockopt),
2607 proto_method_implemented(proto->getsockopt),
2608 proto_method_implemented(proto->sendmsg),
2609 proto_method_implemented(proto->recvmsg),
2610 proto_method_implemented(proto->sendpage),
2611 proto_method_implemented(proto->bind),
2612 proto_method_implemented(proto->backlog_rcv),
2613 proto_method_implemented(proto->hash),
2614 proto_method_implemented(proto->unhash),
2615 proto_method_implemented(proto->get_port),
2616 proto_method_implemented(proto->enter_memory_pressure));
2617}
2618
2619static int proto_seq_show(struct seq_file *seq, void *v)
2620{
2621 if (v == &proto_list)
2622 seq_printf(seq, "%-9s %-4s %-8s %-6s %-5s %-7s %-4s %-10s %s",
2623 "protocol",
2624 "size",
2625 "sockets",
2626 "memory",
2627 "press",
2628 "maxhdr",
2629 "slab",
2630 "module",
2631 "cl co di ac io in de sh ss gs se re sp bi br ha uh gp em\n");
2632 else
2633 proto_seq_printf(seq, list_entry(v, struct proto, node));
2634 return 0;
2635}
2636
2637static const struct seq_operations proto_seq_ops = {
2638 .start = proto_seq_start,
2639 .next = proto_seq_next,
2640 .stop = proto_seq_stop,
2641 .show = proto_seq_show,
2642};
2643
2644static int proto_seq_open(struct inode *inode, struct file *file)
2645{
2646 return seq_open_net(inode, file, &proto_seq_ops,
2647 sizeof(struct seq_net_private));
2648}
2649
2650static const struct file_operations proto_seq_fops = {
2651 .owner = THIS_MODULE,
2652 .open = proto_seq_open,
2653 .read = seq_read,
2654 .llseek = seq_lseek,
2655 .release = seq_release_net,
2656};
2657
2658static __net_init int proto_init_net(struct net *net)
2659{
2660 if (!proc_net_fops_create(net, "protocols", S_IRUGO, &proto_seq_fops))
2661 return -ENOMEM;
2662
2663 return 0;
2664}
2665
2666static __net_exit void proto_exit_net(struct net *net)
2667{
2668 proc_net_remove(net, "protocols");
2669}
2670
2671
2672static __net_initdata struct pernet_operations proto_net_ops = {
2673 .init = proto_init_net,
2674 .exit = proto_exit_net,
2675};
2676
2677static int __init proto_init(void)
2678{
2679 return register_pernet_subsys(&proto_net_ops);
2680}
2681
2682subsys_initcall(proto_init);
2683
2684#endif /* PROC_FS */
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * INET An implementation of the TCP/IP protocol suite for the LINUX
4 * operating system. INET is implemented using the BSD Socket
5 * interface as the means of communication with the user level.
6 *
7 * Generic socket support routines. Memory allocators, socket lock/release
8 * handler for protocols to use and generic option handler.
9 *
10 * Authors: Ross Biro
11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Florian La Roche, <flla@stud.uni-sb.de>
13 * Alan Cox, <A.Cox@swansea.ac.uk>
14 *
15 * Fixes:
16 * Alan Cox : Numerous verify_area() problems
17 * Alan Cox : Connecting on a connecting socket
18 * now returns an error for tcp.
19 * Alan Cox : sock->protocol is set correctly.
20 * and is not sometimes left as 0.
21 * Alan Cox : connect handles icmp errors on a
22 * connect properly. Unfortunately there
23 * is a restart syscall nasty there. I
24 * can't match BSD without hacking the C
25 * library. Ideas urgently sought!
26 * Alan Cox : Disallow bind() to addresses that are
27 * not ours - especially broadcast ones!!
28 * Alan Cox : Socket 1024 _IS_ ok for users. (fencepost)
29 * Alan Cox : sock_wfree/sock_rfree don't destroy sockets,
30 * instead they leave that for the DESTROY timer.
31 * Alan Cox : Clean up error flag in accept
32 * Alan Cox : TCP ack handling is buggy, the DESTROY timer
33 * was buggy. Put a remove_sock() in the handler
34 * for memory when we hit 0. Also altered the timer
35 * code. The ACK stuff can wait and needs major
36 * TCP layer surgery.
37 * Alan Cox : Fixed TCP ack bug, removed remove sock
38 * and fixed timer/inet_bh race.
39 * Alan Cox : Added zapped flag for TCP
40 * Alan Cox : Move kfree_skb into skbuff.c and tidied up surplus code
41 * Alan Cox : for new sk_buff allocations wmalloc/rmalloc now call alloc_skb
42 * Alan Cox : kfree_s calls now are kfree_skbmem so we can track skb resources
43 * Alan Cox : Supports socket option broadcast now as does udp. Packet and raw need fixing.
44 * Alan Cox : Added RCVBUF,SNDBUF size setting. It suddenly occurred to me how easy it was so...
45 * Rick Sladkey : Relaxed UDP rules for matching packets.
46 * C.E.Hawkins : IFF_PROMISC/SIOCGHWADDR support
47 * Pauline Middelink : identd support
48 * Alan Cox : Fixed connect() taking signals I think.
49 * Alan Cox : SO_LINGER supported
50 * Alan Cox : Error reporting fixes
51 * Anonymous : inet_create tidied up (sk->reuse setting)
52 * Alan Cox : inet sockets don't set sk->type!
53 * Alan Cox : Split socket option code
54 * Alan Cox : Callbacks
55 * Alan Cox : Nagle flag for Charles & Johannes stuff
56 * Alex : Removed restriction on inet fioctl
57 * Alan Cox : Splitting INET from NET core
58 * Alan Cox : Fixed bogus SO_TYPE handling in getsockopt()
59 * Adam Caldwell : Missing return in SO_DONTROUTE/SO_DEBUG code
60 * Alan Cox : Split IP from generic code
61 * Alan Cox : New kfree_skbmem()
62 * Alan Cox : Make SO_DEBUG superuser only.
63 * Alan Cox : Allow anyone to clear SO_DEBUG
64 * (compatibility fix)
65 * Alan Cox : Added optimistic memory grabbing for AF_UNIX throughput.
66 * Alan Cox : Allocator for a socket is settable.
67 * Alan Cox : SO_ERROR includes soft errors.
68 * Alan Cox : Allow NULL arguments on some SO_ opts
69 * Alan Cox : Generic socket allocation to make hooks
70 * easier (suggested by Craig Metz).
71 * Michael Pall : SO_ERROR returns positive errno again
72 * Steve Whitehouse: Added default destructor to free
73 * protocol private data.
74 * Steve Whitehouse: Added various other default routines
75 * common to several socket families.
76 * Chris Evans : Call suser() check last on F_SETOWN
77 * Jay Schulist : Added SO_ATTACH_FILTER and SO_DETACH_FILTER.
78 * Andi Kleen : Add sock_kmalloc()/sock_kfree_s()
79 * Andi Kleen : Fix write_space callback
80 * Chris Evans : Security fixes - signedness again
81 * Arnaldo C. Melo : cleanups, use skb_queue_purge
82 *
83 * To Fix:
84 */
85
86#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
87
88#include <asm/unaligned.h>
89#include <linux/capability.h>
90#include <linux/errno.h>
91#include <linux/errqueue.h>
92#include <linux/types.h>
93#include <linux/socket.h>
94#include <linux/in.h>
95#include <linux/kernel.h>
96#include <linux/module.h>
97#include <linux/proc_fs.h>
98#include <linux/seq_file.h>
99#include <linux/sched.h>
100#include <linux/sched/mm.h>
101#include <linux/timer.h>
102#include <linux/string.h>
103#include <linux/sockios.h>
104#include <linux/net.h>
105#include <linux/mm.h>
106#include <linux/slab.h>
107#include <linux/interrupt.h>
108#include <linux/poll.h>
109#include <linux/tcp.h>
110#include <linux/init.h>
111#include <linux/highmem.h>
112#include <linux/user_namespace.h>
113#include <linux/static_key.h>
114#include <linux/memcontrol.h>
115#include <linux/prefetch.h>
116#include <linux/compat.h>
117
118#include <linux/uaccess.h>
119
120#include <linux/netdevice.h>
121#include <net/protocol.h>
122#include <linux/skbuff.h>
123#include <net/net_namespace.h>
124#include <net/request_sock.h>
125#include <net/sock.h>
126#include <linux/net_tstamp.h>
127#include <net/xfrm.h>
128#include <linux/ipsec.h>
129#include <net/cls_cgroup.h>
130#include <net/netprio_cgroup.h>
131#include <linux/sock_diag.h>
132
133#include <linux/filter.h>
134#include <net/sock_reuseport.h>
135#include <net/bpf_sk_storage.h>
136
137#include <trace/events/sock.h>
138
139#include <net/tcp.h>
140#include <net/busy_poll.h>
141
142#include <linux/ethtool.h>
143
144#include "dev.h"
145
146static DEFINE_MUTEX(proto_list_mutex);
147static LIST_HEAD(proto_list);
148
149static void sock_def_write_space_wfree(struct sock *sk);
150static void sock_def_write_space(struct sock *sk);
151
152/**
153 * sk_ns_capable - General socket capability test
154 * @sk: Socket to use a capability on or through
155 * @user_ns: The user namespace of the capability to use
156 * @cap: The capability to use
157 *
158 * Test to see if the opener of the socket had when the socket was
159 * created and the current process has the capability @cap in the user
160 * namespace @user_ns.
161 */
162bool sk_ns_capable(const struct sock *sk,
163 struct user_namespace *user_ns, int cap)
164{
165 return file_ns_capable(sk->sk_socket->file, user_ns, cap) &&
166 ns_capable(user_ns, cap);
167}
168EXPORT_SYMBOL(sk_ns_capable);
169
170/**
171 * sk_capable - Socket global capability test
172 * @sk: Socket to use a capability on or through
173 * @cap: The global capability to use
174 *
175 * Test to see if the opener of the socket had when the socket was
176 * created and the current process has the capability @cap in all user
177 * namespaces.
178 */
179bool sk_capable(const struct sock *sk, int cap)
180{
181 return sk_ns_capable(sk, &init_user_ns, cap);
182}
183EXPORT_SYMBOL(sk_capable);
184
185/**
186 * sk_net_capable - Network namespace socket capability test
187 * @sk: Socket to use a capability on or through
188 * @cap: The capability to use
189 *
190 * Test to see if the opener of the socket had when the socket was created
191 * and the current process has the capability @cap over the network namespace
192 * the socket is a member of.
193 */
194bool sk_net_capable(const struct sock *sk, int cap)
195{
196 return sk_ns_capable(sk, sock_net(sk)->user_ns, cap);
197}
198EXPORT_SYMBOL(sk_net_capable);
199
200/*
201 * Each address family might have different locking rules, so we have
202 * one slock key per address family and separate keys for internal and
203 * userspace sockets.
204 */
205static struct lock_class_key af_family_keys[AF_MAX];
206static struct lock_class_key af_family_kern_keys[AF_MAX];
207static struct lock_class_key af_family_slock_keys[AF_MAX];
208static struct lock_class_key af_family_kern_slock_keys[AF_MAX];
209
210/*
211 * Make lock validator output more readable. (we pre-construct these
212 * strings build-time, so that runtime initialization of socket
213 * locks is fast):
214 */
215
216#define _sock_locks(x) \
217 x "AF_UNSPEC", x "AF_UNIX" , x "AF_INET" , \
218 x "AF_AX25" , x "AF_IPX" , x "AF_APPLETALK", \
219 x "AF_NETROM", x "AF_BRIDGE" , x "AF_ATMPVC" , \
220 x "AF_X25" , x "AF_INET6" , x "AF_ROSE" , \
221 x "AF_DECnet", x "AF_NETBEUI" , x "AF_SECURITY" , \
222 x "AF_KEY" , x "AF_NETLINK" , x "AF_PACKET" , \
223 x "AF_ASH" , x "AF_ECONET" , x "AF_ATMSVC" , \
224 x "AF_RDS" , x "AF_SNA" , x "AF_IRDA" , \
225 x "AF_PPPOX" , x "AF_WANPIPE" , x "AF_LLC" , \
226 x "27" , x "28" , x "AF_CAN" , \
227 x "AF_TIPC" , x "AF_BLUETOOTH", x "IUCV" , \
228 x "AF_RXRPC" , x "AF_ISDN" , x "AF_PHONET" , \
229 x "AF_IEEE802154", x "AF_CAIF" , x "AF_ALG" , \
230 x "AF_NFC" , x "AF_VSOCK" , x "AF_KCM" , \
231 x "AF_QIPCRTR", x "AF_SMC" , x "AF_XDP" , \
232 x "AF_MCTP" , \
233 x "AF_MAX"
234
235static const char *const af_family_key_strings[AF_MAX+1] = {
236 _sock_locks("sk_lock-")
237};
238static const char *const af_family_slock_key_strings[AF_MAX+1] = {
239 _sock_locks("slock-")
240};
241static const char *const af_family_clock_key_strings[AF_MAX+1] = {
242 _sock_locks("clock-")
243};
244
245static const char *const af_family_kern_key_strings[AF_MAX+1] = {
246 _sock_locks("k-sk_lock-")
247};
248static const char *const af_family_kern_slock_key_strings[AF_MAX+1] = {
249 _sock_locks("k-slock-")
250};
251static const char *const af_family_kern_clock_key_strings[AF_MAX+1] = {
252 _sock_locks("k-clock-")
253};
254static const char *const af_family_rlock_key_strings[AF_MAX+1] = {
255 _sock_locks("rlock-")
256};
257static const char *const af_family_wlock_key_strings[AF_MAX+1] = {
258 _sock_locks("wlock-")
259};
260static const char *const af_family_elock_key_strings[AF_MAX+1] = {
261 _sock_locks("elock-")
262};
263
264/*
265 * sk_callback_lock and sk queues locking rules are per-address-family,
266 * so split the lock classes by using a per-AF key:
267 */
268static struct lock_class_key af_callback_keys[AF_MAX];
269static struct lock_class_key af_rlock_keys[AF_MAX];
270static struct lock_class_key af_wlock_keys[AF_MAX];
271static struct lock_class_key af_elock_keys[AF_MAX];
272static struct lock_class_key af_kern_callback_keys[AF_MAX];
273
274/* Run time adjustable parameters. */
275__u32 sysctl_wmem_max __read_mostly = SK_WMEM_MAX;
276EXPORT_SYMBOL(sysctl_wmem_max);
277__u32 sysctl_rmem_max __read_mostly = SK_RMEM_MAX;
278EXPORT_SYMBOL(sysctl_rmem_max);
279__u32 sysctl_wmem_default __read_mostly = SK_WMEM_MAX;
280__u32 sysctl_rmem_default __read_mostly = SK_RMEM_MAX;
281
282/* Maximal space eaten by iovec or ancillary data plus some space */
283int sysctl_optmem_max __read_mostly = sizeof(unsigned long)*(2*UIO_MAXIOV+512);
284EXPORT_SYMBOL(sysctl_optmem_max);
285
286int sysctl_tstamp_allow_data __read_mostly = 1;
287
288DEFINE_STATIC_KEY_FALSE(memalloc_socks_key);
289EXPORT_SYMBOL_GPL(memalloc_socks_key);
290
291/**
292 * sk_set_memalloc - sets %SOCK_MEMALLOC
293 * @sk: socket to set it on
294 *
295 * Set %SOCK_MEMALLOC on a socket for access to emergency reserves.
296 * It's the responsibility of the admin to adjust min_free_kbytes
297 * to meet the requirements
298 */
299void sk_set_memalloc(struct sock *sk)
300{
301 sock_set_flag(sk, SOCK_MEMALLOC);
302 sk->sk_allocation |= __GFP_MEMALLOC;
303 static_branch_inc(&memalloc_socks_key);
304}
305EXPORT_SYMBOL_GPL(sk_set_memalloc);
306
307void sk_clear_memalloc(struct sock *sk)
308{
309 sock_reset_flag(sk, SOCK_MEMALLOC);
310 sk->sk_allocation &= ~__GFP_MEMALLOC;
311 static_branch_dec(&memalloc_socks_key);
312
313 /*
314 * SOCK_MEMALLOC is allowed to ignore rmem limits to ensure forward
315 * progress of swapping. SOCK_MEMALLOC may be cleared while
316 * it has rmem allocations due to the last swapfile being deactivated
317 * but there is a risk that the socket is unusable due to exceeding
318 * the rmem limits. Reclaim the reserves and obey rmem limits again.
319 */
320 sk_mem_reclaim(sk);
321}
322EXPORT_SYMBOL_GPL(sk_clear_memalloc);
323
324int __sk_backlog_rcv(struct sock *sk, struct sk_buff *skb)
325{
326 int ret;
327 unsigned int noreclaim_flag;
328
329 /* these should have been dropped before queueing */
330 BUG_ON(!sock_flag(sk, SOCK_MEMALLOC));
331
332 noreclaim_flag = memalloc_noreclaim_save();
333 ret = INDIRECT_CALL_INET(sk->sk_backlog_rcv,
334 tcp_v6_do_rcv,
335 tcp_v4_do_rcv,
336 sk, skb);
337 memalloc_noreclaim_restore(noreclaim_flag);
338
339 return ret;
340}
341EXPORT_SYMBOL(__sk_backlog_rcv);
342
343void sk_error_report(struct sock *sk)
344{
345 sk->sk_error_report(sk);
346
347 switch (sk->sk_family) {
348 case AF_INET:
349 fallthrough;
350 case AF_INET6:
351 trace_inet_sk_error_report(sk);
352 break;
353 default:
354 break;
355 }
356}
357EXPORT_SYMBOL(sk_error_report);
358
359int sock_get_timeout(long timeo, void *optval, bool old_timeval)
360{
361 struct __kernel_sock_timeval tv;
362
363 if (timeo == MAX_SCHEDULE_TIMEOUT) {
364 tv.tv_sec = 0;
365 tv.tv_usec = 0;
366 } else {
367 tv.tv_sec = timeo / HZ;
368 tv.tv_usec = ((timeo % HZ) * USEC_PER_SEC) / HZ;
369 }
370
371 if (old_timeval && in_compat_syscall() && !COMPAT_USE_64BIT_TIME) {
372 struct old_timeval32 tv32 = { tv.tv_sec, tv.tv_usec };
373 *(struct old_timeval32 *)optval = tv32;
374 return sizeof(tv32);
375 }
376
377 if (old_timeval) {
378 struct __kernel_old_timeval old_tv;
379 old_tv.tv_sec = tv.tv_sec;
380 old_tv.tv_usec = tv.tv_usec;
381 *(struct __kernel_old_timeval *)optval = old_tv;
382 return sizeof(old_tv);
383 }
384
385 *(struct __kernel_sock_timeval *)optval = tv;
386 return sizeof(tv);
387}
388EXPORT_SYMBOL(sock_get_timeout);
389
390int sock_copy_user_timeval(struct __kernel_sock_timeval *tv,
391 sockptr_t optval, int optlen, bool old_timeval)
392{
393 if (old_timeval && in_compat_syscall() && !COMPAT_USE_64BIT_TIME) {
394 struct old_timeval32 tv32;
395
396 if (optlen < sizeof(tv32))
397 return -EINVAL;
398
399 if (copy_from_sockptr(&tv32, optval, sizeof(tv32)))
400 return -EFAULT;
401 tv->tv_sec = tv32.tv_sec;
402 tv->tv_usec = tv32.tv_usec;
403 } else if (old_timeval) {
404 struct __kernel_old_timeval old_tv;
405
406 if (optlen < sizeof(old_tv))
407 return -EINVAL;
408 if (copy_from_sockptr(&old_tv, optval, sizeof(old_tv)))
409 return -EFAULT;
410 tv->tv_sec = old_tv.tv_sec;
411 tv->tv_usec = old_tv.tv_usec;
412 } else {
413 if (optlen < sizeof(*tv))
414 return -EINVAL;
415 if (copy_from_sockptr(tv, optval, sizeof(*tv)))
416 return -EFAULT;
417 }
418
419 return 0;
420}
421EXPORT_SYMBOL(sock_copy_user_timeval);
422
423static int sock_set_timeout(long *timeo_p, sockptr_t optval, int optlen,
424 bool old_timeval)
425{
426 struct __kernel_sock_timeval tv;
427 int err = sock_copy_user_timeval(&tv, optval, optlen, old_timeval);
428
429 if (err)
430 return err;
431
432 if (tv.tv_usec < 0 || tv.tv_usec >= USEC_PER_SEC)
433 return -EDOM;
434
435 if (tv.tv_sec < 0) {
436 static int warned __read_mostly;
437
438 *timeo_p = 0;
439 if (warned < 10 && net_ratelimit()) {
440 warned++;
441 pr_info("%s: `%s' (pid %d) tries to set negative timeout\n",
442 __func__, current->comm, task_pid_nr(current));
443 }
444 return 0;
445 }
446 *timeo_p = MAX_SCHEDULE_TIMEOUT;
447 if (tv.tv_sec == 0 && tv.tv_usec == 0)
448 return 0;
449 if (tv.tv_sec < (MAX_SCHEDULE_TIMEOUT / HZ - 1))
450 *timeo_p = tv.tv_sec * HZ + DIV_ROUND_UP((unsigned long)tv.tv_usec, USEC_PER_SEC / HZ);
451 return 0;
452}
453
454static bool sock_needs_netstamp(const struct sock *sk)
455{
456 switch (sk->sk_family) {
457 case AF_UNSPEC:
458 case AF_UNIX:
459 return false;
460 default:
461 return true;
462 }
463}
464
465static void sock_disable_timestamp(struct sock *sk, unsigned long flags)
466{
467 if (sk->sk_flags & flags) {
468 sk->sk_flags &= ~flags;
469 if (sock_needs_netstamp(sk) &&
470 !(sk->sk_flags & SK_FLAGS_TIMESTAMP))
471 net_disable_timestamp();
472 }
473}
474
475
476int __sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
477{
478 unsigned long flags;
479 struct sk_buff_head *list = &sk->sk_receive_queue;
480
481 if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf) {
482 atomic_inc(&sk->sk_drops);
483 trace_sock_rcvqueue_full(sk, skb);
484 return -ENOMEM;
485 }
486
487 if (!sk_rmem_schedule(sk, skb, skb->truesize)) {
488 atomic_inc(&sk->sk_drops);
489 return -ENOBUFS;
490 }
491
492 skb->dev = NULL;
493 skb_set_owner_r(skb, sk);
494
495 /* we escape from rcu protected region, make sure we dont leak
496 * a norefcounted dst
497 */
498 skb_dst_force(skb);
499
500 spin_lock_irqsave(&list->lock, flags);
501 sock_skb_set_dropcount(sk, skb);
502 __skb_queue_tail(list, skb);
503 spin_unlock_irqrestore(&list->lock, flags);
504
505 if (!sock_flag(sk, SOCK_DEAD))
506 sk->sk_data_ready(sk);
507 return 0;
508}
509EXPORT_SYMBOL(__sock_queue_rcv_skb);
510
511int sock_queue_rcv_skb_reason(struct sock *sk, struct sk_buff *skb,
512 enum skb_drop_reason *reason)
513{
514 enum skb_drop_reason drop_reason;
515 int err;
516
517 err = sk_filter(sk, skb);
518 if (err) {
519 drop_reason = SKB_DROP_REASON_SOCKET_FILTER;
520 goto out;
521 }
522 err = __sock_queue_rcv_skb(sk, skb);
523 switch (err) {
524 case -ENOMEM:
525 drop_reason = SKB_DROP_REASON_SOCKET_RCVBUFF;
526 break;
527 case -ENOBUFS:
528 drop_reason = SKB_DROP_REASON_PROTO_MEM;
529 break;
530 default:
531 drop_reason = SKB_NOT_DROPPED_YET;
532 break;
533 }
534out:
535 if (reason)
536 *reason = drop_reason;
537 return err;
538}
539EXPORT_SYMBOL(sock_queue_rcv_skb_reason);
540
541int __sk_receive_skb(struct sock *sk, struct sk_buff *skb,
542 const int nested, unsigned int trim_cap, bool refcounted)
543{
544 int rc = NET_RX_SUCCESS;
545
546 if (sk_filter_trim_cap(sk, skb, trim_cap))
547 goto discard_and_relse;
548
549 skb->dev = NULL;
550
551 if (sk_rcvqueues_full(sk, sk->sk_rcvbuf)) {
552 atomic_inc(&sk->sk_drops);
553 goto discard_and_relse;
554 }
555 if (nested)
556 bh_lock_sock_nested(sk);
557 else
558 bh_lock_sock(sk);
559 if (!sock_owned_by_user(sk)) {
560 /*
561 * trylock + unlock semantics:
562 */
563 mutex_acquire(&sk->sk_lock.dep_map, 0, 1, _RET_IP_);
564
565 rc = sk_backlog_rcv(sk, skb);
566
567 mutex_release(&sk->sk_lock.dep_map, _RET_IP_);
568 } else if (sk_add_backlog(sk, skb, READ_ONCE(sk->sk_rcvbuf))) {
569 bh_unlock_sock(sk);
570 atomic_inc(&sk->sk_drops);
571 goto discard_and_relse;
572 }
573
574 bh_unlock_sock(sk);
575out:
576 if (refcounted)
577 sock_put(sk);
578 return rc;
579discard_and_relse:
580 kfree_skb(skb);
581 goto out;
582}
583EXPORT_SYMBOL(__sk_receive_skb);
584
585INDIRECT_CALLABLE_DECLARE(struct dst_entry *ip6_dst_check(struct dst_entry *,
586 u32));
587INDIRECT_CALLABLE_DECLARE(struct dst_entry *ipv4_dst_check(struct dst_entry *,
588 u32));
589struct dst_entry *__sk_dst_check(struct sock *sk, u32 cookie)
590{
591 struct dst_entry *dst = __sk_dst_get(sk);
592
593 if (dst && dst->obsolete &&
594 INDIRECT_CALL_INET(dst->ops->check, ip6_dst_check, ipv4_dst_check,
595 dst, cookie) == NULL) {
596 sk_tx_queue_clear(sk);
597 sk->sk_dst_pending_confirm = 0;
598 RCU_INIT_POINTER(sk->sk_dst_cache, NULL);
599 dst_release(dst);
600 return NULL;
601 }
602
603 return dst;
604}
605EXPORT_SYMBOL(__sk_dst_check);
606
607struct dst_entry *sk_dst_check(struct sock *sk, u32 cookie)
608{
609 struct dst_entry *dst = sk_dst_get(sk);
610
611 if (dst && dst->obsolete &&
612 INDIRECT_CALL_INET(dst->ops->check, ip6_dst_check, ipv4_dst_check,
613 dst, cookie) == NULL) {
614 sk_dst_reset(sk);
615 dst_release(dst);
616 return NULL;
617 }
618
619 return dst;
620}
621EXPORT_SYMBOL(sk_dst_check);
622
623static int sock_bindtoindex_locked(struct sock *sk, int ifindex)
624{
625 int ret = -ENOPROTOOPT;
626#ifdef CONFIG_NETDEVICES
627 struct net *net = sock_net(sk);
628
629 /* Sorry... */
630 ret = -EPERM;
631 if (sk->sk_bound_dev_if && !ns_capable(net->user_ns, CAP_NET_RAW))
632 goto out;
633
634 ret = -EINVAL;
635 if (ifindex < 0)
636 goto out;
637
638 /* Paired with all READ_ONCE() done locklessly. */
639 WRITE_ONCE(sk->sk_bound_dev_if, ifindex);
640
641 if (sk->sk_prot->rehash)
642 sk->sk_prot->rehash(sk);
643 sk_dst_reset(sk);
644
645 ret = 0;
646
647out:
648#endif
649
650 return ret;
651}
652
653int sock_bindtoindex(struct sock *sk, int ifindex, bool lock_sk)
654{
655 int ret;
656
657 if (lock_sk)
658 lock_sock(sk);
659 ret = sock_bindtoindex_locked(sk, ifindex);
660 if (lock_sk)
661 release_sock(sk);
662
663 return ret;
664}
665EXPORT_SYMBOL(sock_bindtoindex);
666
667static int sock_setbindtodevice(struct sock *sk, sockptr_t optval, int optlen)
668{
669 int ret = -ENOPROTOOPT;
670#ifdef CONFIG_NETDEVICES
671 struct net *net = sock_net(sk);
672 char devname[IFNAMSIZ];
673 int index;
674
675 ret = -EINVAL;
676 if (optlen < 0)
677 goto out;
678
679 /* Bind this socket to a particular device like "eth0",
680 * as specified in the passed interface name. If the
681 * name is "" or the option length is zero the socket
682 * is not bound.
683 */
684 if (optlen > IFNAMSIZ - 1)
685 optlen = IFNAMSIZ - 1;
686 memset(devname, 0, sizeof(devname));
687
688 ret = -EFAULT;
689 if (copy_from_sockptr(devname, optval, optlen))
690 goto out;
691
692 index = 0;
693 if (devname[0] != '\0') {
694 struct net_device *dev;
695
696 rcu_read_lock();
697 dev = dev_get_by_name_rcu(net, devname);
698 if (dev)
699 index = dev->ifindex;
700 rcu_read_unlock();
701 ret = -ENODEV;
702 if (!dev)
703 goto out;
704 }
705
706 sockopt_lock_sock(sk);
707 ret = sock_bindtoindex_locked(sk, index);
708 sockopt_release_sock(sk);
709out:
710#endif
711
712 return ret;
713}
714
715static int sock_getbindtodevice(struct sock *sk, sockptr_t optval,
716 sockptr_t optlen, int len)
717{
718 int ret = -ENOPROTOOPT;
719#ifdef CONFIG_NETDEVICES
720 int bound_dev_if = READ_ONCE(sk->sk_bound_dev_if);
721 struct net *net = sock_net(sk);
722 char devname[IFNAMSIZ];
723
724 if (bound_dev_if == 0) {
725 len = 0;
726 goto zero;
727 }
728
729 ret = -EINVAL;
730 if (len < IFNAMSIZ)
731 goto out;
732
733 ret = netdev_get_name(net, devname, bound_dev_if);
734 if (ret)
735 goto out;
736
737 len = strlen(devname) + 1;
738
739 ret = -EFAULT;
740 if (copy_to_sockptr(optval, devname, len))
741 goto out;
742
743zero:
744 ret = -EFAULT;
745 if (copy_to_sockptr(optlen, &len, sizeof(int)))
746 goto out;
747
748 ret = 0;
749
750out:
751#endif
752
753 return ret;
754}
755
756bool sk_mc_loop(struct sock *sk)
757{
758 if (dev_recursion_level())
759 return false;
760 if (!sk)
761 return true;
762 switch (sk->sk_family) {
763 case AF_INET:
764 return inet_sk(sk)->mc_loop;
765#if IS_ENABLED(CONFIG_IPV6)
766 case AF_INET6:
767 return inet6_sk(sk)->mc_loop;
768#endif
769 }
770 WARN_ON_ONCE(1);
771 return true;
772}
773EXPORT_SYMBOL(sk_mc_loop);
774
775void sock_set_reuseaddr(struct sock *sk)
776{
777 lock_sock(sk);
778 sk->sk_reuse = SK_CAN_REUSE;
779 release_sock(sk);
780}
781EXPORT_SYMBOL(sock_set_reuseaddr);
782
783void sock_set_reuseport(struct sock *sk)
784{
785 lock_sock(sk);
786 sk->sk_reuseport = true;
787 release_sock(sk);
788}
789EXPORT_SYMBOL(sock_set_reuseport);
790
791void sock_no_linger(struct sock *sk)
792{
793 lock_sock(sk);
794 sk->sk_lingertime = 0;
795 sock_set_flag(sk, SOCK_LINGER);
796 release_sock(sk);
797}
798EXPORT_SYMBOL(sock_no_linger);
799
800void sock_set_priority(struct sock *sk, u32 priority)
801{
802 lock_sock(sk);
803 sk->sk_priority = priority;
804 release_sock(sk);
805}
806EXPORT_SYMBOL(sock_set_priority);
807
808void sock_set_sndtimeo(struct sock *sk, s64 secs)
809{
810 lock_sock(sk);
811 if (secs && secs < MAX_SCHEDULE_TIMEOUT / HZ - 1)
812 sk->sk_sndtimeo = secs * HZ;
813 else
814 sk->sk_sndtimeo = MAX_SCHEDULE_TIMEOUT;
815 release_sock(sk);
816}
817EXPORT_SYMBOL(sock_set_sndtimeo);
818
819static void __sock_set_timestamps(struct sock *sk, bool val, bool new, bool ns)
820{
821 if (val) {
822 sock_valbool_flag(sk, SOCK_TSTAMP_NEW, new);
823 sock_valbool_flag(sk, SOCK_RCVTSTAMPNS, ns);
824 sock_set_flag(sk, SOCK_RCVTSTAMP);
825 sock_enable_timestamp(sk, SOCK_TIMESTAMP);
826 } else {
827 sock_reset_flag(sk, SOCK_RCVTSTAMP);
828 sock_reset_flag(sk, SOCK_RCVTSTAMPNS);
829 }
830}
831
832void sock_enable_timestamps(struct sock *sk)
833{
834 lock_sock(sk);
835 __sock_set_timestamps(sk, true, false, true);
836 release_sock(sk);
837}
838EXPORT_SYMBOL(sock_enable_timestamps);
839
840void sock_set_timestamp(struct sock *sk, int optname, bool valbool)
841{
842 switch (optname) {
843 case SO_TIMESTAMP_OLD:
844 __sock_set_timestamps(sk, valbool, false, false);
845 break;
846 case SO_TIMESTAMP_NEW:
847 __sock_set_timestamps(sk, valbool, true, false);
848 break;
849 case SO_TIMESTAMPNS_OLD:
850 __sock_set_timestamps(sk, valbool, false, true);
851 break;
852 case SO_TIMESTAMPNS_NEW:
853 __sock_set_timestamps(sk, valbool, true, true);
854 break;
855 }
856}
857
858static int sock_timestamping_bind_phc(struct sock *sk, int phc_index)
859{
860 struct net *net = sock_net(sk);
861 struct net_device *dev = NULL;
862 bool match = false;
863 int *vclock_index;
864 int i, num;
865
866 if (sk->sk_bound_dev_if)
867 dev = dev_get_by_index(net, sk->sk_bound_dev_if);
868
869 if (!dev) {
870 pr_err("%s: sock not bind to device\n", __func__);
871 return -EOPNOTSUPP;
872 }
873
874 num = ethtool_get_phc_vclocks(dev, &vclock_index);
875 dev_put(dev);
876
877 for (i = 0; i < num; i++) {
878 if (*(vclock_index + i) == phc_index) {
879 match = true;
880 break;
881 }
882 }
883
884 if (num > 0)
885 kfree(vclock_index);
886
887 if (!match)
888 return -EINVAL;
889
890 sk->sk_bind_phc = phc_index;
891
892 return 0;
893}
894
895int sock_set_timestamping(struct sock *sk, int optname,
896 struct so_timestamping timestamping)
897{
898 int val = timestamping.flags;
899 int ret;
900
901 if (val & ~SOF_TIMESTAMPING_MASK)
902 return -EINVAL;
903
904 if (val & SOF_TIMESTAMPING_OPT_ID_TCP &&
905 !(val & SOF_TIMESTAMPING_OPT_ID))
906 return -EINVAL;
907
908 if (val & SOF_TIMESTAMPING_OPT_ID &&
909 !(sk->sk_tsflags & SOF_TIMESTAMPING_OPT_ID)) {
910 if (sk_is_tcp(sk)) {
911 if ((1 << sk->sk_state) &
912 (TCPF_CLOSE | TCPF_LISTEN))
913 return -EINVAL;
914 if (val & SOF_TIMESTAMPING_OPT_ID_TCP)
915 atomic_set(&sk->sk_tskey, tcp_sk(sk)->write_seq);
916 else
917 atomic_set(&sk->sk_tskey, tcp_sk(sk)->snd_una);
918 } else {
919 atomic_set(&sk->sk_tskey, 0);
920 }
921 }
922
923 if (val & SOF_TIMESTAMPING_OPT_STATS &&
924 !(val & SOF_TIMESTAMPING_OPT_TSONLY))
925 return -EINVAL;
926
927 if (val & SOF_TIMESTAMPING_BIND_PHC) {
928 ret = sock_timestamping_bind_phc(sk, timestamping.bind_phc);
929 if (ret)
930 return ret;
931 }
932
933 sk->sk_tsflags = val;
934 sock_valbool_flag(sk, SOCK_TSTAMP_NEW, optname == SO_TIMESTAMPING_NEW);
935
936 if (val & SOF_TIMESTAMPING_RX_SOFTWARE)
937 sock_enable_timestamp(sk,
938 SOCK_TIMESTAMPING_RX_SOFTWARE);
939 else
940 sock_disable_timestamp(sk,
941 (1UL << SOCK_TIMESTAMPING_RX_SOFTWARE));
942 return 0;
943}
944
945void sock_set_keepalive(struct sock *sk)
946{
947 lock_sock(sk);
948 if (sk->sk_prot->keepalive)
949 sk->sk_prot->keepalive(sk, true);
950 sock_valbool_flag(sk, SOCK_KEEPOPEN, true);
951 release_sock(sk);
952}
953EXPORT_SYMBOL(sock_set_keepalive);
954
955static void __sock_set_rcvbuf(struct sock *sk, int val)
956{
957 /* Ensure val * 2 fits into an int, to prevent max_t() from treating it
958 * as a negative value.
959 */
960 val = min_t(int, val, INT_MAX / 2);
961 sk->sk_userlocks |= SOCK_RCVBUF_LOCK;
962
963 /* We double it on the way in to account for "struct sk_buff" etc.
964 * overhead. Applications assume that the SO_RCVBUF setting they make
965 * will allow that much actual data to be received on that socket.
966 *
967 * Applications are unaware that "struct sk_buff" and other overheads
968 * allocate from the receive buffer during socket buffer allocation.
969 *
970 * And after considering the possible alternatives, returning the value
971 * we actually used in getsockopt is the most desirable behavior.
972 */
973 WRITE_ONCE(sk->sk_rcvbuf, max_t(int, val * 2, SOCK_MIN_RCVBUF));
974}
975
976void sock_set_rcvbuf(struct sock *sk, int val)
977{
978 lock_sock(sk);
979 __sock_set_rcvbuf(sk, val);
980 release_sock(sk);
981}
982EXPORT_SYMBOL(sock_set_rcvbuf);
983
984static void __sock_set_mark(struct sock *sk, u32 val)
985{
986 if (val != sk->sk_mark) {
987 sk->sk_mark = val;
988 sk_dst_reset(sk);
989 }
990}
991
992void sock_set_mark(struct sock *sk, u32 val)
993{
994 lock_sock(sk);
995 __sock_set_mark(sk, val);
996 release_sock(sk);
997}
998EXPORT_SYMBOL(sock_set_mark);
999
1000static void sock_release_reserved_memory(struct sock *sk, int bytes)
1001{
1002 /* Round down bytes to multiple of pages */
1003 bytes = round_down(bytes, PAGE_SIZE);
1004
1005 WARN_ON(bytes > sk->sk_reserved_mem);
1006 sk->sk_reserved_mem -= bytes;
1007 sk_mem_reclaim(sk);
1008}
1009
1010static int sock_reserve_memory(struct sock *sk, int bytes)
1011{
1012 long allocated;
1013 bool charged;
1014 int pages;
1015
1016 if (!mem_cgroup_sockets_enabled || !sk->sk_memcg || !sk_has_account(sk))
1017 return -EOPNOTSUPP;
1018
1019 if (!bytes)
1020 return 0;
1021
1022 pages = sk_mem_pages(bytes);
1023
1024 /* pre-charge to memcg */
1025 charged = mem_cgroup_charge_skmem(sk->sk_memcg, pages,
1026 GFP_KERNEL | __GFP_RETRY_MAYFAIL);
1027 if (!charged)
1028 return -ENOMEM;
1029
1030 /* pre-charge to forward_alloc */
1031 sk_memory_allocated_add(sk, pages);
1032 allocated = sk_memory_allocated(sk);
1033 /* If the system goes into memory pressure with this
1034 * precharge, give up and return error.
1035 */
1036 if (allocated > sk_prot_mem_limits(sk, 1)) {
1037 sk_memory_allocated_sub(sk, pages);
1038 mem_cgroup_uncharge_skmem(sk->sk_memcg, pages);
1039 return -ENOMEM;
1040 }
1041 sk->sk_forward_alloc += pages << PAGE_SHIFT;
1042
1043 sk->sk_reserved_mem += pages << PAGE_SHIFT;
1044
1045 return 0;
1046}
1047
1048void sockopt_lock_sock(struct sock *sk)
1049{
1050 /* When current->bpf_ctx is set, the setsockopt is called from
1051 * a bpf prog. bpf has ensured the sk lock has been
1052 * acquired before calling setsockopt().
1053 */
1054 if (has_current_bpf_ctx())
1055 return;
1056
1057 lock_sock(sk);
1058}
1059EXPORT_SYMBOL(sockopt_lock_sock);
1060
1061void sockopt_release_sock(struct sock *sk)
1062{
1063 if (has_current_bpf_ctx())
1064 return;
1065
1066 release_sock(sk);
1067}
1068EXPORT_SYMBOL(sockopt_release_sock);
1069
1070bool sockopt_ns_capable(struct user_namespace *ns, int cap)
1071{
1072 return has_current_bpf_ctx() || ns_capable(ns, cap);
1073}
1074EXPORT_SYMBOL(sockopt_ns_capable);
1075
1076bool sockopt_capable(int cap)
1077{
1078 return has_current_bpf_ctx() || capable(cap);
1079}
1080EXPORT_SYMBOL(sockopt_capable);
1081
1082/*
1083 * This is meant for all protocols to use and covers goings on
1084 * at the socket level. Everything here is generic.
1085 */
1086
1087int sk_setsockopt(struct sock *sk, int level, int optname,
1088 sockptr_t optval, unsigned int optlen)
1089{
1090 struct so_timestamping timestamping;
1091 struct socket *sock = sk->sk_socket;
1092 struct sock_txtime sk_txtime;
1093 int val;
1094 int valbool;
1095 struct linger ling;
1096 int ret = 0;
1097
1098 /*
1099 * Options without arguments
1100 */
1101
1102 if (optname == SO_BINDTODEVICE)
1103 return sock_setbindtodevice(sk, optval, optlen);
1104
1105 if (optlen < sizeof(int))
1106 return -EINVAL;
1107
1108 if (copy_from_sockptr(&val, optval, sizeof(val)))
1109 return -EFAULT;
1110
1111 valbool = val ? 1 : 0;
1112
1113 sockopt_lock_sock(sk);
1114
1115 switch (optname) {
1116 case SO_DEBUG:
1117 if (val && !sockopt_capable(CAP_NET_ADMIN))
1118 ret = -EACCES;
1119 else
1120 sock_valbool_flag(sk, SOCK_DBG, valbool);
1121 break;
1122 case SO_REUSEADDR:
1123 sk->sk_reuse = (valbool ? SK_CAN_REUSE : SK_NO_REUSE);
1124 break;
1125 case SO_REUSEPORT:
1126 sk->sk_reuseport = valbool;
1127 break;
1128 case SO_TYPE:
1129 case SO_PROTOCOL:
1130 case SO_DOMAIN:
1131 case SO_ERROR:
1132 ret = -ENOPROTOOPT;
1133 break;
1134 case SO_DONTROUTE:
1135 sock_valbool_flag(sk, SOCK_LOCALROUTE, valbool);
1136 sk_dst_reset(sk);
1137 break;
1138 case SO_BROADCAST:
1139 sock_valbool_flag(sk, SOCK_BROADCAST, valbool);
1140 break;
1141 case SO_SNDBUF:
1142 /* Don't error on this BSD doesn't and if you think
1143 * about it this is right. Otherwise apps have to
1144 * play 'guess the biggest size' games. RCVBUF/SNDBUF
1145 * are treated in BSD as hints
1146 */
1147 val = min_t(u32, val, READ_ONCE(sysctl_wmem_max));
1148set_sndbuf:
1149 /* Ensure val * 2 fits into an int, to prevent max_t()
1150 * from treating it as a negative value.
1151 */
1152 val = min_t(int, val, INT_MAX / 2);
1153 sk->sk_userlocks |= SOCK_SNDBUF_LOCK;
1154 WRITE_ONCE(sk->sk_sndbuf,
1155 max_t(int, val * 2, SOCK_MIN_SNDBUF));
1156 /* Wake up sending tasks if we upped the value. */
1157 sk->sk_write_space(sk);
1158 break;
1159
1160 case SO_SNDBUFFORCE:
1161 if (!sockopt_capable(CAP_NET_ADMIN)) {
1162 ret = -EPERM;
1163 break;
1164 }
1165
1166 /* No negative values (to prevent underflow, as val will be
1167 * multiplied by 2).
1168 */
1169 if (val < 0)
1170 val = 0;
1171 goto set_sndbuf;
1172
1173 case SO_RCVBUF:
1174 /* Don't error on this BSD doesn't and if you think
1175 * about it this is right. Otherwise apps have to
1176 * play 'guess the biggest size' games. RCVBUF/SNDBUF
1177 * are treated in BSD as hints
1178 */
1179 __sock_set_rcvbuf(sk, min_t(u32, val, READ_ONCE(sysctl_rmem_max)));
1180 break;
1181
1182 case SO_RCVBUFFORCE:
1183 if (!sockopt_capable(CAP_NET_ADMIN)) {
1184 ret = -EPERM;
1185 break;
1186 }
1187
1188 /* No negative values (to prevent underflow, as val will be
1189 * multiplied by 2).
1190 */
1191 __sock_set_rcvbuf(sk, max(val, 0));
1192 break;
1193
1194 case SO_KEEPALIVE:
1195 if (sk->sk_prot->keepalive)
1196 sk->sk_prot->keepalive(sk, valbool);
1197 sock_valbool_flag(sk, SOCK_KEEPOPEN, valbool);
1198 break;
1199
1200 case SO_OOBINLINE:
1201 sock_valbool_flag(sk, SOCK_URGINLINE, valbool);
1202 break;
1203
1204 case SO_NO_CHECK:
1205 sk->sk_no_check_tx = valbool;
1206 break;
1207
1208 case SO_PRIORITY:
1209 if ((val >= 0 && val <= 6) ||
1210 sockopt_ns_capable(sock_net(sk)->user_ns, CAP_NET_RAW) ||
1211 sockopt_ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN))
1212 sk->sk_priority = val;
1213 else
1214 ret = -EPERM;
1215 break;
1216
1217 case SO_LINGER:
1218 if (optlen < sizeof(ling)) {
1219 ret = -EINVAL; /* 1003.1g */
1220 break;
1221 }
1222 if (copy_from_sockptr(&ling, optval, sizeof(ling))) {
1223 ret = -EFAULT;
1224 break;
1225 }
1226 if (!ling.l_onoff)
1227 sock_reset_flag(sk, SOCK_LINGER);
1228 else {
1229#if (BITS_PER_LONG == 32)
1230 if ((unsigned int)ling.l_linger >= MAX_SCHEDULE_TIMEOUT/HZ)
1231 sk->sk_lingertime = MAX_SCHEDULE_TIMEOUT;
1232 else
1233#endif
1234 sk->sk_lingertime = (unsigned int)ling.l_linger * HZ;
1235 sock_set_flag(sk, SOCK_LINGER);
1236 }
1237 break;
1238
1239 case SO_BSDCOMPAT:
1240 break;
1241
1242 case SO_PASSCRED:
1243 if (valbool)
1244 set_bit(SOCK_PASSCRED, &sock->flags);
1245 else
1246 clear_bit(SOCK_PASSCRED, &sock->flags);
1247 break;
1248
1249 case SO_TIMESTAMP_OLD:
1250 case SO_TIMESTAMP_NEW:
1251 case SO_TIMESTAMPNS_OLD:
1252 case SO_TIMESTAMPNS_NEW:
1253 sock_set_timestamp(sk, optname, valbool);
1254 break;
1255
1256 case SO_TIMESTAMPING_NEW:
1257 case SO_TIMESTAMPING_OLD:
1258 if (optlen == sizeof(timestamping)) {
1259 if (copy_from_sockptr(×tamping, optval,
1260 sizeof(timestamping))) {
1261 ret = -EFAULT;
1262 break;
1263 }
1264 } else {
1265 memset(×tamping, 0, sizeof(timestamping));
1266 timestamping.flags = val;
1267 }
1268 ret = sock_set_timestamping(sk, optname, timestamping);
1269 break;
1270
1271 case SO_RCVLOWAT:
1272 if (val < 0)
1273 val = INT_MAX;
1274 if (sock && sock->ops->set_rcvlowat)
1275 ret = sock->ops->set_rcvlowat(sk, val);
1276 else
1277 WRITE_ONCE(sk->sk_rcvlowat, val ? : 1);
1278 break;
1279
1280 case SO_RCVTIMEO_OLD:
1281 case SO_RCVTIMEO_NEW:
1282 ret = sock_set_timeout(&sk->sk_rcvtimeo, optval,
1283 optlen, optname == SO_RCVTIMEO_OLD);
1284 break;
1285
1286 case SO_SNDTIMEO_OLD:
1287 case SO_SNDTIMEO_NEW:
1288 ret = sock_set_timeout(&sk->sk_sndtimeo, optval,
1289 optlen, optname == SO_SNDTIMEO_OLD);
1290 break;
1291
1292 case SO_ATTACH_FILTER: {
1293 struct sock_fprog fprog;
1294
1295 ret = copy_bpf_fprog_from_user(&fprog, optval, optlen);
1296 if (!ret)
1297 ret = sk_attach_filter(&fprog, sk);
1298 break;
1299 }
1300 case SO_ATTACH_BPF:
1301 ret = -EINVAL;
1302 if (optlen == sizeof(u32)) {
1303 u32 ufd;
1304
1305 ret = -EFAULT;
1306 if (copy_from_sockptr(&ufd, optval, sizeof(ufd)))
1307 break;
1308
1309 ret = sk_attach_bpf(ufd, sk);
1310 }
1311 break;
1312
1313 case SO_ATTACH_REUSEPORT_CBPF: {
1314 struct sock_fprog fprog;
1315
1316 ret = copy_bpf_fprog_from_user(&fprog, optval, optlen);
1317 if (!ret)
1318 ret = sk_reuseport_attach_filter(&fprog, sk);
1319 break;
1320 }
1321 case SO_ATTACH_REUSEPORT_EBPF:
1322 ret = -EINVAL;
1323 if (optlen == sizeof(u32)) {
1324 u32 ufd;
1325
1326 ret = -EFAULT;
1327 if (copy_from_sockptr(&ufd, optval, sizeof(ufd)))
1328 break;
1329
1330 ret = sk_reuseport_attach_bpf(ufd, sk);
1331 }
1332 break;
1333
1334 case SO_DETACH_REUSEPORT_BPF:
1335 ret = reuseport_detach_prog(sk);
1336 break;
1337
1338 case SO_DETACH_FILTER:
1339 ret = sk_detach_filter(sk);
1340 break;
1341
1342 case SO_LOCK_FILTER:
1343 if (sock_flag(sk, SOCK_FILTER_LOCKED) && !valbool)
1344 ret = -EPERM;
1345 else
1346 sock_valbool_flag(sk, SOCK_FILTER_LOCKED, valbool);
1347 break;
1348
1349 case SO_PASSSEC:
1350 if (valbool)
1351 set_bit(SOCK_PASSSEC, &sock->flags);
1352 else
1353 clear_bit(SOCK_PASSSEC, &sock->flags);
1354 break;
1355 case SO_MARK:
1356 if (!sockopt_ns_capable(sock_net(sk)->user_ns, CAP_NET_RAW) &&
1357 !sockopt_ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) {
1358 ret = -EPERM;
1359 break;
1360 }
1361
1362 __sock_set_mark(sk, val);
1363 break;
1364 case SO_RCVMARK:
1365 if (!sockopt_ns_capable(sock_net(sk)->user_ns, CAP_NET_RAW) &&
1366 !sockopt_ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) {
1367 ret = -EPERM;
1368 break;
1369 }
1370
1371 sock_valbool_flag(sk, SOCK_RCVMARK, valbool);
1372 break;
1373
1374 case SO_RXQ_OVFL:
1375 sock_valbool_flag(sk, SOCK_RXQ_OVFL, valbool);
1376 break;
1377
1378 case SO_WIFI_STATUS:
1379 sock_valbool_flag(sk, SOCK_WIFI_STATUS, valbool);
1380 break;
1381
1382 case SO_PEEK_OFF:
1383 if (sock->ops->set_peek_off)
1384 ret = sock->ops->set_peek_off(sk, val);
1385 else
1386 ret = -EOPNOTSUPP;
1387 break;
1388
1389 case SO_NOFCS:
1390 sock_valbool_flag(sk, SOCK_NOFCS, valbool);
1391 break;
1392
1393 case SO_SELECT_ERR_QUEUE:
1394 sock_valbool_flag(sk, SOCK_SELECT_ERR_QUEUE, valbool);
1395 break;
1396
1397#ifdef CONFIG_NET_RX_BUSY_POLL
1398 case SO_BUSY_POLL:
1399 /* allow unprivileged users to decrease the value */
1400 if ((val > sk->sk_ll_usec) && !sockopt_capable(CAP_NET_ADMIN))
1401 ret = -EPERM;
1402 else {
1403 if (val < 0)
1404 ret = -EINVAL;
1405 else
1406 WRITE_ONCE(sk->sk_ll_usec, val);
1407 }
1408 break;
1409 case SO_PREFER_BUSY_POLL:
1410 if (valbool && !sockopt_capable(CAP_NET_ADMIN))
1411 ret = -EPERM;
1412 else
1413 WRITE_ONCE(sk->sk_prefer_busy_poll, valbool);
1414 break;
1415 case SO_BUSY_POLL_BUDGET:
1416 if (val > READ_ONCE(sk->sk_busy_poll_budget) && !sockopt_capable(CAP_NET_ADMIN)) {
1417 ret = -EPERM;
1418 } else {
1419 if (val < 0 || val > U16_MAX)
1420 ret = -EINVAL;
1421 else
1422 WRITE_ONCE(sk->sk_busy_poll_budget, val);
1423 }
1424 break;
1425#endif
1426
1427 case SO_MAX_PACING_RATE:
1428 {
1429 unsigned long ulval = (val == ~0U) ? ~0UL : (unsigned int)val;
1430
1431 if (sizeof(ulval) != sizeof(val) &&
1432 optlen >= sizeof(ulval) &&
1433 copy_from_sockptr(&ulval, optval, sizeof(ulval))) {
1434 ret = -EFAULT;
1435 break;
1436 }
1437 if (ulval != ~0UL)
1438 cmpxchg(&sk->sk_pacing_status,
1439 SK_PACING_NONE,
1440 SK_PACING_NEEDED);
1441 sk->sk_max_pacing_rate = ulval;
1442 sk->sk_pacing_rate = min(sk->sk_pacing_rate, ulval);
1443 break;
1444 }
1445 case SO_INCOMING_CPU:
1446 reuseport_update_incoming_cpu(sk, val);
1447 break;
1448
1449 case SO_CNX_ADVICE:
1450 if (val == 1)
1451 dst_negative_advice(sk);
1452 break;
1453
1454 case SO_ZEROCOPY:
1455 if (sk->sk_family == PF_INET || sk->sk_family == PF_INET6) {
1456 if (!(sk_is_tcp(sk) ||
1457 (sk->sk_type == SOCK_DGRAM &&
1458 sk->sk_protocol == IPPROTO_UDP)))
1459 ret = -EOPNOTSUPP;
1460 } else if (sk->sk_family != PF_RDS) {
1461 ret = -EOPNOTSUPP;
1462 }
1463 if (!ret) {
1464 if (val < 0 || val > 1)
1465 ret = -EINVAL;
1466 else
1467 sock_valbool_flag(sk, SOCK_ZEROCOPY, valbool);
1468 }
1469 break;
1470
1471 case SO_TXTIME:
1472 if (optlen != sizeof(struct sock_txtime)) {
1473 ret = -EINVAL;
1474 break;
1475 } else if (copy_from_sockptr(&sk_txtime, optval,
1476 sizeof(struct sock_txtime))) {
1477 ret = -EFAULT;
1478 break;
1479 } else if (sk_txtime.flags & ~SOF_TXTIME_FLAGS_MASK) {
1480 ret = -EINVAL;
1481 break;
1482 }
1483 /* CLOCK_MONOTONIC is only used by sch_fq, and this packet
1484 * scheduler has enough safe guards.
1485 */
1486 if (sk_txtime.clockid != CLOCK_MONOTONIC &&
1487 !sockopt_ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) {
1488 ret = -EPERM;
1489 break;
1490 }
1491 sock_valbool_flag(sk, SOCK_TXTIME, true);
1492 sk->sk_clockid = sk_txtime.clockid;
1493 sk->sk_txtime_deadline_mode =
1494 !!(sk_txtime.flags & SOF_TXTIME_DEADLINE_MODE);
1495 sk->sk_txtime_report_errors =
1496 !!(sk_txtime.flags & SOF_TXTIME_REPORT_ERRORS);
1497 break;
1498
1499 case SO_BINDTOIFINDEX:
1500 ret = sock_bindtoindex_locked(sk, val);
1501 break;
1502
1503 case SO_BUF_LOCK:
1504 if (val & ~SOCK_BUF_LOCK_MASK) {
1505 ret = -EINVAL;
1506 break;
1507 }
1508 sk->sk_userlocks = val | (sk->sk_userlocks &
1509 ~SOCK_BUF_LOCK_MASK);
1510 break;
1511
1512 case SO_RESERVE_MEM:
1513 {
1514 int delta;
1515
1516 if (val < 0) {
1517 ret = -EINVAL;
1518 break;
1519 }
1520
1521 delta = val - sk->sk_reserved_mem;
1522 if (delta < 0)
1523 sock_release_reserved_memory(sk, -delta);
1524 else
1525 ret = sock_reserve_memory(sk, delta);
1526 break;
1527 }
1528
1529 case SO_TXREHASH:
1530 if (val < -1 || val > 1) {
1531 ret = -EINVAL;
1532 break;
1533 }
1534 if ((u8)val == SOCK_TXREHASH_DEFAULT)
1535 val = READ_ONCE(sock_net(sk)->core.sysctl_txrehash);
1536 /* Paired with READ_ONCE() in tcp_rtx_synack() */
1537 WRITE_ONCE(sk->sk_txrehash, (u8)val);
1538 break;
1539
1540 default:
1541 ret = -ENOPROTOOPT;
1542 break;
1543 }
1544 sockopt_release_sock(sk);
1545 return ret;
1546}
1547
1548int sock_setsockopt(struct socket *sock, int level, int optname,
1549 sockptr_t optval, unsigned int optlen)
1550{
1551 return sk_setsockopt(sock->sk, level, optname,
1552 optval, optlen);
1553}
1554EXPORT_SYMBOL(sock_setsockopt);
1555
1556static const struct cred *sk_get_peer_cred(struct sock *sk)
1557{
1558 const struct cred *cred;
1559
1560 spin_lock(&sk->sk_peer_lock);
1561 cred = get_cred(sk->sk_peer_cred);
1562 spin_unlock(&sk->sk_peer_lock);
1563
1564 return cred;
1565}
1566
1567static void cred_to_ucred(struct pid *pid, const struct cred *cred,
1568 struct ucred *ucred)
1569{
1570 ucred->pid = pid_vnr(pid);
1571 ucred->uid = ucred->gid = -1;
1572 if (cred) {
1573 struct user_namespace *current_ns = current_user_ns();
1574
1575 ucred->uid = from_kuid_munged(current_ns, cred->euid);
1576 ucred->gid = from_kgid_munged(current_ns, cred->egid);
1577 }
1578}
1579
1580static int groups_to_user(sockptr_t dst, const struct group_info *src)
1581{
1582 struct user_namespace *user_ns = current_user_ns();
1583 int i;
1584
1585 for (i = 0; i < src->ngroups; i++) {
1586 gid_t gid = from_kgid_munged(user_ns, src->gid[i]);
1587
1588 if (copy_to_sockptr_offset(dst, i * sizeof(gid), &gid, sizeof(gid)))
1589 return -EFAULT;
1590 }
1591
1592 return 0;
1593}
1594
1595int sk_getsockopt(struct sock *sk, int level, int optname,
1596 sockptr_t optval, sockptr_t optlen)
1597{
1598 struct socket *sock = sk->sk_socket;
1599
1600 union {
1601 int val;
1602 u64 val64;
1603 unsigned long ulval;
1604 struct linger ling;
1605 struct old_timeval32 tm32;
1606 struct __kernel_old_timeval tm;
1607 struct __kernel_sock_timeval stm;
1608 struct sock_txtime txtime;
1609 struct so_timestamping timestamping;
1610 } v;
1611
1612 int lv = sizeof(int);
1613 int len;
1614
1615 if (copy_from_sockptr(&len, optlen, sizeof(int)))
1616 return -EFAULT;
1617 if (len < 0)
1618 return -EINVAL;
1619
1620 memset(&v, 0, sizeof(v));
1621
1622 switch (optname) {
1623 case SO_DEBUG:
1624 v.val = sock_flag(sk, SOCK_DBG);
1625 break;
1626
1627 case SO_DONTROUTE:
1628 v.val = sock_flag(sk, SOCK_LOCALROUTE);
1629 break;
1630
1631 case SO_BROADCAST:
1632 v.val = sock_flag(sk, SOCK_BROADCAST);
1633 break;
1634
1635 case SO_SNDBUF:
1636 v.val = sk->sk_sndbuf;
1637 break;
1638
1639 case SO_RCVBUF:
1640 v.val = sk->sk_rcvbuf;
1641 break;
1642
1643 case SO_REUSEADDR:
1644 v.val = sk->sk_reuse;
1645 break;
1646
1647 case SO_REUSEPORT:
1648 v.val = sk->sk_reuseport;
1649 break;
1650
1651 case SO_KEEPALIVE:
1652 v.val = sock_flag(sk, SOCK_KEEPOPEN);
1653 break;
1654
1655 case SO_TYPE:
1656 v.val = sk->sk_type;
1657 break;
1658
1659 case SO_PROTOCOL:
1660 v.val = sk->sk_protocol;
1661 break;
1662
1663 case SO_DOMAIN:
1664 v.val = sk->sk_family;
1665 break;
1666
1667 case SO_ERROR:
1668 v.val = -sock_error(sk);
1669 if (v.val == 0)
1670 v.val = xchg(&sk->sk_err_soft, 0);
1671 break;
1672
1673 case SO_OOBINLINE:
1674 v.val = sock_flag(sk, SOCK_URGINLINE);
1675 break;
1676
1677 case SO_NO_CHECK:
1678 v.val = sk->sk_no_check_tx;
1679 break;
1680
1681 case SO_PRIORITY:
1682 v.val = sk->sk_priority;
1683 break;
1684
1685 case SO_LINGER:
1686 lv = sizeof(v.ling);
1687 v.ling.l_onoff = sock_flag(sk, SOCK_LINGER);
1688 v.ling.l_linger = sk->sk_lingertime / HZ;
1689 break;
1690
1691 case SO_BSDCOMPAT:
1692 break;
1693
1694 case SO_TIMESTAMP_OLD:
1695 v.val = sock_flag(sk, SOCK_RCVTSTAMP) &&
1696 !sock_flag(sk, SOCK_TSTAMP_NEW) &&
1697 !sock_flag(sk, SOCK_RCVTSTAMPNS);
1698 break;
1699
1700 case SO_TIMESTAMPNS_OLD:
1701 v.val = sock_flag(sk, SOCK_RCVTSTAMPNS) && !sock_flag(sk, SOCK_TSTAMP_NEW);
1702 break;
1703
1704 case SO_TIMESTAMP_NEW:
1705 v.val = sock_flag(sk, SOCK_RCVTSTAMP) && sock_flag(sk, SOCK_TSTAMP_NEW);
1706 break;
1707
1708 case SO_TIMESTAMPNS_NEW:
1709 v.val = sock_flag(sk, SOCK_RCVTSTAMPNS) && sock_flag(sk, SOCK_TSTAMP_NEW);
1710 break;
1711
1712 case SO_TIMESTAMPING_OLD:
1713 lv = sizeof(v.timestamping);
1714 v.timestamping.flags = sk->sk_tsflags;
1715 v.timestamping.bind_phc = sk->sk_bind_phc;
1716 break;
1717
1718 case SO_RCVTIMEO_OLD:
1719 case SO_RCVTIMEO_NEW:
1720 lv = sock_get_timeout(sk->sk_rcvtimeo, &v, SO_RCVTIMEO_OLD == optname);
1721 break;
1722
1723 case SO_SNDTIMEO_OLD:
1724 case SO_SNDTIMEO_NEW:
1725 lv = sock_get_timeout(sk->sk_sndtimeo, &v, SO_SNDTIMEO_OLD == optname);
1726 break;
1727
1728 case SO_RCVLOWAT:
1729 v.val = sk->sk_rcvlowat;
1730 break;
1731
1732 case SO_SNDLOWAT:
1733 v.val = 1;
1734 break;
1735
1736 case SO_PASSCRED:
1737 v.val = !!test_bit(SOCK_PASSCRED, &sock->flags);
1738 break;
1739
1740 case SO_PEERCRED:
1741 {
1742 struct ucred peercred;
1743 if (len > sizeof(peercred))
1744 len = sizeof(peercred);
1745
1746 spin_lock(&sk->sk_peer_lock);
1747 cred_to_ucred(sk->sk_peer_pid, sk->sk_peer_cred, &peercred);
1748 spin_unlock(&sk->sk_peer_lock);
1749
1750 if (copy_to_sockptr(optval, &peercred, len))
1751 return -EFAULT;
1752 goto lenout;
1753 }
1754
1755 case SO_PEERGROUPS:
1756 {
1757 const struct cred *cred;
1758 int ret, n;
1759
1760 cred = sk_get_peer_cred(sk);
1761 if (!cred)
1762 return -ENODATA;
1763
1764 n = cred->group_info->ngroups;
1765 if (len < n * sizeof(gid_t)) {
1766 len = n * sizeof(gid_t);
1767 put_cred(cred);
1768 return copy_to_sockptr(optlen, &len, sizeof(int)) ? -EFAULT : -ERANGE;
1769 }
1770 len = n * sizeof(gid_t);
1771
1772 ret = groups_to_user(optval, cred->group_info);
1773 put_cred(cred);
1774 if (ret)
1775 return ret;
1776 goto lenout;
1777 }
1778
1779 case SO_PEERNAME:
1780 {
1781 char address[128];
1782
1783 lv = sock->ops->getname(sock, (struct sockaddr *)address, 2);
1784 if (lv < 0)
1785 return -ENOTCONN;
1786 if (lv < len)
1787 return -EINVAL;
1788 if (copy_to_sockptr(optval, address, len))
1789 return -EFAULT;
1790 goto lenout;
1791 }
1792
1793 /* Dubious BSD thing... Probably nobody even uses it, but
1794 * the UNIX standard wants it for whatever reason... -DaveM
1795 */
1796 case SO_ACCEPTCONN:
1797 v.val = sk->sk_state == TCP_LISTEN;
1798 break;
1799
1800 case SO_PASSSEC:
1801 v.val = !!test_bit(SOCK_PASSSEC, &sock->flags);
1802 break;
1803
1804 case SO_PEERSEC:
1805 return security_socket_getpeersec_stream(sock,
1806 optval, optlen, len);
1807
1808 case SO_MARK:
1809 v.val = sk->sk_mark;
1810 break;
1811
1812 case SO_RCVMARK:
1813 v.val = sock_flag(sk, SOCK_RCVMARK);
1814 break;
1815
1816 case SO_RXQ_OVFL:
1817 v.val = sock_flag(sk, SOCK_RXQ_OVFL);
1818 break;
1819
1820 case SO_WIFI_STATUS:
1821 v.val = sock_flag(sk, SOCK_WIFI_STATUS);
1822 break;
1823
1824 case SO_PEEK_OFF:
1825 if (!sock->ops->set_peek_off)
1826 return -EOPNOTSUPP;
1827
1828 v.val = sk->sk_peek_off;
1829 break;
1830 case SO_NOFCS:
1831 v.val = sock_flag(sk, SOCK_NOFCS);
1832 break;
1833
1834 case SO_BINDTODEVICE:
1835 return sock_getbindtodevice(sk, optval, optlen, len);
1836
1837 case SO_GET_FILTER:
1838 len = sk_get_filter(sk, optval, len);
1839 if (len < 0)
1840 return len;
1841
1842 goto lenout;
1843
1844 case SO_LOCK_FILTER:
1845 v.val = sock_flag(sk, SOCK_FILTER_LOCKED);
1846 break;
1847
1848 case SO_BPF_EXTENSIONS:
1849 v.val = bpf_tell_extensions();
1850 break;
1851
1852 case SO_SELECT_ERR_QUEUE:
1853 v.val = sock_flag(sk, SOCK_SELECT_ERR_QUEUE);
1854 break;
1855
1856#ifdef CONFIG_NET_RX_BUSY_POLL
1857 case SO_BUSY_POLL:
1858 v.val = sk->sk_ll_usec;
1859 break;
1860 case SO_PREFER_BUSY_POLL:
1861 v.val = READ_ONCE(sk->sk_prefer_busy_poll);
1862 break;
1863#endif
1864
1865 case SO_MAX_PACING_RATE:
1866 if (sizeof(v.ulval) != sizeof(v.val) && len >= sizeof(v.ulval)) {
1867 lv = sizeof(v.ulval);
1868 v.ulval = sk->sk_max_pacing_rate;
1869 } else {
1870 /* 32bit version */
1871 v.val = min_t(unsigned long, sk->sk_max_pacing_rate, ~0U);
1872 }
1873 break;
1874
1875 case SO_INCOMING_CPU:
1876 v.val = READ_ONCE(sk->sk_incoming_cpu);
1877 break;
1878
1879 case SO_MEMINFO:
1880 {
1881 u32 meminfo[SK_MEMINFO_VARS];
1882
1883 sk_get_meminfo(sk, meminfo);
1884
1885 len = min_t(unsigned int, len, sizeof(meminfo));
1886 if (copy_to_sockptr(optval, &meminfo, len))
1887 return -EFAULT;
1888
1889 goto lenout;
1890 }
1891
1892#ifdef CONFIG_NET_RX_BUSY_POLL
1893 case SO_INCOMING_NAPI_ID:
1894 v.val = READ_ONCE(sk->sk_napi_id);
1895
1896 /* aggregate non-NAPI IDs down to 0 */
1897 if (v.val < MIN_NAPI_ID)
1898 v.val = 0;
1899
1900 break;
1901#endif
1902
1903 case SO_COOKIE:
1904 lv = sizeof(u64);
1905 if (len < lv)
1906 return -EINVAL;
1907 v.val64 = sock_gen_cookie(sk);
1908 break;
1909
1910 case SO_ZEROCOPY:
1911 v.val = sock_flag(sk, SOCK_ZEROCOPY);
1912 break;
1913
1914 case SO_TXTIME:
1915 lv = sizeof(v.txtime);
1916 v.txtime.clockid = sk->sk_clockid;
1917 v.txtime.flags |= sk->sk_txtime_deadline_mode ?
1918 SOF_TXTIME_DEADLINE_MODE : 0;
1919 v.txtime.flags |= sk->sk_txtime_report_errors ?
1920 SOF_TXTIME_REPORT_ERRORS : 0;
1921 break;
1922
1923 case SO_BINDTOIFINDEX:
1924 v.val = READ_ONCE(sk->sk_bound_dev_if);
1925 break;
1926
1927 case SO_NETNS_COOKIE:
1928 lv = sizeof(u64);
1929 if (len != lv)
1930 return -EINVAL;
1931 v.val64 = sock_net(sk)->net_cookie;
1932 break;
1933
1934 case SO_BUF_LOCK:
1935 v.val = sk->sk_userlocks & SOCK_BUF_LOCK_MASK;
1936 break;
1937
1938 case SO_RESERVE_MEM:
1939 v.val = sk->sk_reserved_mem;
1940 break;
1941
1942 case SO_TXREHASH:
1943 v.val = sk->sk_txrehash;
1944 break;
1945
1946 default:
1947 /* We implement the SO_SNDLOWAT etc to not be settable
1948 * (1003.1g 7).
1949 */
1950 return -ENOPROTOOPT;
1951 }
1952
1953 if (len > lv)
1954 len = lv;
1955 if (copy_to_sockptr(optval, &v, len))
1956 return -EFAULT;
1957lenout:
1958 if (copy_to_sockptr(optlen, &len, sizeof(int)))
1959 return -EFAULT;
1960 return 0;
1961}
1962
1963int sock_getsockopt(struct socket *sock, int level, int optname,
1964 char __user *optval, int __user *optlen)
1965{
1966 return sk_getsockopt(sock->sk, level, optname,
1967 USER_SOCKPTR(optval),
1968 USER_SOCKPTR(optlen));
1969}
1970
1971/*
1972 * Initialize an sk_lock.
1973 *
1974 * (We also register the sk_lock with the lock validator.)
1975 */
1976static inline void sock_lock_init(struct sock *sk)
1977{
1978 if (sk->sk_kern_sock)
1979 sock_lock_init_class_and_name(
1980 sk,
1981 af_family_kern_slock_key_strings[sk->sk_family],
1982 af_family_kern_slock_keys + sk->sk_family,
1983 af_family_kern_key_strings[sk->sk_family],
1984 af_family_kern_keys + sk->sk_family);
1985 else
1986 sock_lock_init_class_and_name(
1987 sk,
1988 af_family_slock_key_strings[sk->sk_family],
1989 af_family_slock_keys + sk->sk_family,
1990 af_family_key_strings[sk->sk_family],
1991 af_family_keys + sk->sk_family);
1992}
1993
1994/*
1995 * Copy all fields from osk to nsk but nsk->sk_refcnt must not change yet,
1996 * even temporarly, because of RCU lookups. sk_node should also be left as is.
1997 * We must not copy fields between sk_dontcopy_begin and sk_dontcopy_end
1998 */
1999static void sock_copy(struct sock *nsk, const struct sock *osk)
2000{
2001 const struct proto *prot = READ_ONCE(osk->sk_prot);
2002#ifdef CONFIG_SECURITY_NETWORK
2003 void *sptr = nsk->sk_security;
2004#endif
2005
2006 /* If we move sk_tx_queue_mapping out of the private section,
2007 * we must check if sk_tx_queue_clear() is called after
2008 * sock_copy() in sk_clone_lock().
2009 */
2010 BUILD_BUG_ON(offsetof(struct sock, sk_tx_queue_mapping) <
2011 offsetof(struct sock, sk_dontcopy_begin) ||
2012 offsetof(struct sock, sk_tx_queue_mapping) >=
2013 offsetof(struct sock, sk_dontcopy_end));
2014
2015 memcpy(nsk, osk, offsetof(struct sock, sk_dontcopy_begin));
2016
2017 memcpy(&nsk->sk_dontcopy_end, &osk->sk_dontcopy_end,
2018 prot->obj_size - offsetof(struct sock, sk_dontcopy_end));
2019
2020#ifdef CONFIG_SECURITY_NETWORK
2021 nsk->sk_security = sptr;
2022 security_sk_clone(osk, nsk);
2023#endif
2024}
2025
2026static struct sock *sk_prot_alloc(struct proto *prot, gfp_t priority,
2027 int family)
2028{
2029 struct sock *sk;
2030 struct kmem_cache *slab;
2031
2032 slab = prot->slab;
2033 if (slab != NULL) {
2034 sk = kmem_cache_alloc(slab, priority & ~__GFP_ZERO);
2035 if (!sk)
2036 return sk;
2037 if (want_init_on_alloc(priority))
2038 sk_prot_clear_nulls(sk, prot->obj_size);
2039 } else
2040 sk = kmalloc(prot->obj_size, priority);
2041
2042 if (sk != NULL) {
2043 if (security_sk_alloc(sk, family, priority))
2044 goto out_free;
2045
2046 if (!try_module_get(prot->owner))
2047 goto out_free_sec;
2048 }
2049
2050 return sk;
2051
2052out_free_sec:
2053 security_sk_free(sk);
2054out_free:
2055 if (slab != NULL)
2056 kmem_cache_free(slab, sk);
2057 else
2058 kfree(sk);
2059 return NULL;
2060}
2061
2062static void sk_prot_free(struct proto *prot, struct sock *sk)
2063{
2064 struct kmem_cache *slab;
2065 struct module *owner;
2066
2067 owner = prot->owner;
2068 slab = prot->slab;
2069
2070 cgroup_sk_free(&sk->sk_cgrp_data);
2071 mem_cgroup_sk_free(sk);
2072 security_sk_free(sk);
2073 if (slab != NULL)
2074 kmem_cache_free(slab, sk);
2075 else
2076 kfree(sk);
2077 module_put(owner);
2078}
2079
2080/**
2081 * sk_alloc - All socket objects are allocated here
2082 * @net: the applicable net namespace
2083 * @family: protocol family
2084 * @priority: for allocation (%GFP_KERNEL, %GFP_ATOMIC, etc)
2085 * @prot: struct proto associated with this new sock instance
2086 * @kern: is this to be a kernel socket?
2087 */
2088struct sock *sk_alloc(struct net *net, int family, gfp_t priority,
2089 struct proto *prot, int kern)
2090{
2091 struct sock *sk;
2092
2093 sk = sk_prot_alloc(prot, priority | __GFP_ZERO, family);
2094 if (sk) {
2095 sk->sk_family = family;
2096 /*
2097 * See comment in struct sock definition to understand
2098 * why we need sk_prot_creator -acme
2099 */
2100 sk->sk_prot = sk->sk_prot_creator = prot;
2101 sk->sk_kern_sock = kern;
2102 sock_lock_init(sk);
2103 sk->sk_net_refcnt = kern ? 0 : 1;
2104 if (likely(sk->sk_net_refcnt)) {
2105 get_net_track(net, &sk->ns_tracker, priority);
2106 sock_inuse_add(net, 1);
2107 } else {
2108 __netns_tracker_alloc(net, &sk->ns_tracker,
2109 false, priority);
2110 }
2111
2112 sock_net_set(sk, net);
2113 refcount_set(&sk->sk_wmem_alloc, 1);
2114
2115 mem_cgroup_sk_alloc(sk);
2116 cgroup_sk_alloc(&sk->sk_cgrp_data);
2117 sock_update_classid(&sk->sk_cgrp_data);
2118 sock_update_netprioidx(&sk->sk_cgrp_data);
2119 sk_tx_queue_clear(sk);
2120 }
2121
2122 return sk;
2123}
2124EXPORT_SYMBOL(sk_alloc);
2125
2126/* Sockets having SOCK_RCU_FREE will call this function after one RCU
2127 * grace period. This is the case for UDP sockets and TCP listeners.
2128 */
2129static void __sk_destruct(struct rcu_head *head)
2130{
2131 struct sock *sk = container_of(head, struct sock, sk_rcu);
2132 struct sk_filter *filter;
2133
2134 if (sk->sk_destruct)
2135 sk->sk_destruct(sk);
2136
2137 filter = rcu_dereference_check(sk->sk_filter,
2138 refcount_read(&sk->sk_wmem_alloc) == 0);
2139 if (filter) {
2140 sk_filter_uncharge(sk, filter);
2141 RCU_INIT_POINTER(sk->sk_filter, NULL);
2142 }
2143
2144 sock_disable_timestamp(sk, SK_FLAGS_TIMESTAMP);
2145
2146#ifdef CONFIG_BPF_SYSCALL
2147 bpf_sk_storage_free(sk);
2148#endif
2149
2150 if (atomic_read(&sk->sk_omem_alloc))
2151 pr_debug("%s: optmem leakage (%d bytes) detected\n",
2152 __func__, atomic_read(&sk->sk_omem_alloc));
2153
2154 if (sk->sk_frag.page) {
2155 put_page(sk->sk_frag.page);
2156 sk->sk_frag.page = NULL;
2157 }
2158
2159 /* We do not need to acquire sk->sk_peer_lock, we are the last user. */
2160 put_cred(sk->sk_peer_cred);
2161 put_pid(sk->sk_peer_pid);
2162
2163 if (likely(sk->sk_net_refcnt))
2164 put_net_track(sock_net(sk), &sk->ns_tracker);
2165 else
2166 __netns_tracker_free(sock_net(sk), &sk->ns_tracker, false);
2167
2168 sk_prot_free(sk->sk_prot_creator, sk);
2169}
2170
2171void sk_destruct(struct sock *sk)
2172{
2173 bool use_call_rcu = sock_flag(sk, SOCK_RCU_FREE);
2174
2175 if (rcu_access_pointer(sk->sk_reuseport_cb)) {
2176 reuseport_detach_sock(sk);
2177 use_call_rcu = true;
2178 }
2179
2180 if (use_call_rcu)
2181 call_rcu(&sk->sk_rcu, __sk_destruct);
2182 else
2183 __sk_destruct(&sk->sk_rcu);
2184}
2185
2186static void __sk_free(struct sock *sk)
2187{
2188 if (likely(sk->sk_net_refcnt))
2189 sock_inuse_add(sock_net(sk), -1);
2190
2191 if (unlikely(sk->sk_net_refcnt && sock_diag_has_destroy_listeners(sk)))
2192 sock_diag_broadcast_destroy(sk);
2193 else
2194 sk_destruct(sk);
2195}
2196
2197void sk_free(struct sock *sk)
2198{
2199 /*
2200 * We subtract one from sk_wmem_alloc and can know if
2201 * some packets are still in some tx queue.
2202 * If not null, sock_wfree() will call __sk_free(sk) later
2203 */
2204 if (refcount_dec_and_test(&sk->sk_wmem_alloc))
2205 __sk_free(sk);
2206}
2207EXPORT_SYMBOL(sk_free);
2208
2209static void sk_init_common(struct sock *sk)
2210{
2211 skb_queue_head_init(&sk->sk_receive_queue);
2212 skb_queue_head_init(&sk->sk_write_queue);
2213 skb_queue_head_init(&sk->sk_error_queue);
2214
2215 rwlock_init(&sk->sk_callback_lock);
2216 lockdep_set_class_and_name(&sk->sk_receive_queue.lock,
2217 af_rlock_keys + sk->sk_family,
2218 af_family_rlock_key_strings[sk->sk_family]);
2219 lockdep_set_class_and_name(&sk->sk_write_queue.lock,
2220 af_wlock_keys + sk->sk_family,
2221 af_family_wlock_key_strings[sk->sk_family]);
2222 lockdep_set_class_and_name(&sk->sk_error_queue.lock,
2223 af_elock_keys + sk->sk_family,
2224 af_family_elock_key_strings[sk->sk_family]);
2225 lockdep_set_class_and_name(&sk->sk_callback_lock,
2226 af_callback_keys + sk->sk_family,
2227 af_family_clock_key_strings[sk->sk_family]);
2228}
2229
2230/**
2231 * sk_clone_lock - clone a socket, and lock its clone
2232 * @sk: the socket to clone
2233 * @priority: for allocation (%GFP_KERNEL, %GFP_ATOMIC, etc)
2234 *
2235 * Caller must unlock socket even in error path (bh_unlock_sock(newsk))
2236 */
2237struct sock *sk_clone_lock(const struct sock *sk, const gfp_t priority)
2238{
2239 struct proto *prot = READ_ONCE(sk->sk_prot);
2240 struct sk_filter *filter;
2241 bool is_charged = true;
2242 struct sock *newsk;
2243
2244 newsk = sk_prot_alloc(prot, priority, sk->sk_family);
2245 if (!newsk)
2246 goto out;
2247
2248 sock_copy(newsk, sk);
2249
2250 newsk->sk_prot_creator = prot;
2251
2252 /* SANITY */
2253 if (likely(newsk->sk_net_refcnt)) {
2254 get_net_track(sock_net(newsk), &newsk->ns_tracker, priority);
2255 sock_inuse_add(sock_net(newsk), 1);
2256 } else {
2257 /* Kernel sockets are not elevating the struct net refcount.
2258 * Instead, use a tracker to more easily detect if a layer
2259 * is not properly dismantling its kernel sockets at netns
2260 * destroy time.
2261 */
2262 __netns_tracker_alloc(sock_net(newsk), &newsk->ns_tracker,
2263 false, priority);
2264 }
2265 sk_node_init(&newsk->sk_node);
2266 sock_lock_init(newsk);
2267 bh_lock_sock(newsk);
2268 newsk->sk_backlog.head = newsk->sk_backlog.tail = NULL;
2269 newsk->sk_backlog.len = 0;
2270
2271 atomic_set(&newsk->sk_rmem_alloc, 0);
2272
2273 /* sk_wmem_alloc set to one (see sk_free() and sock_wfree()) */
2274 refcount_set(&newsk->sk_wmem_alloc, 1);
2275
2276 atomic_set(&newsk->sk_omem_alloc, 0);
2277 sk_init_common(newsk);
2278
2279 newsk->sk_dst_cache = NULL;
2280 newsk->sk_dst_pending_confirm = 0;
2281 newsk->sk_wmem_queued = 0;
2282 newsk->sk_forward_alloc = 0;
2283 newsk->sk_reserved_mem = 0;
2284 atomic_set(&newsk->sk_drops, 0);
2285 newsk->sk_send_head = NULL;
2286 newsk->sk_userlocks = sk->sk_userlocks & ~SOCK_BINDPORT_LOCK;
2287 atomic_set(&newsk->sk_zckey, 0);
2288
2289 sock_reset_flag(newsk, SOCK_DONE);
2290
2291 /* sk->sk_memcg will be populated at accept() time */
2292 newsk->sk_memcg = NULL;
2293
2294 cgroup_sk_clone(&newsk->sk_cgrp_data);
2295
2296 rcu_read_lock();
2297 filter = rcu_dereference(sk->sk_filter);
2298 if (filter != NULL)
2299 /* though it's an empty new sock, the charging may fail
2300 * if sysctl_optmem_max was changed between creation of
2301 * original socket and cloning
2302 */
2303 is_charged = sk_filter_charge(newsk, filter);
2304 RCU_INIT_POINTER(newsk->sk_filter, filter);
2305 rcu_read_unlock();
2306
2307 if (unlikely(!is_charged || xfrm_sk_clone_policy(newsk, sk))) {
2308 /* We need to make sure that we don't uncharge the new
2309 * socket if we couldn't charge it in the first place
2310 * as otherwise we uncharge the parent's filter.
2311 */
2312 if (!is_charged)
2313 RCU_INIT_POINTER(newsk->sk_filter, NULL);
2314 sk_free_unlock_clone(newsk);
2315 newsk = NULL;
2316 goto out;
2317 }
2318 RCU_INIT_POINTER(newsk->sk_reuseport_cb, NULL);
2319
2320 if (bpf_sk_storage_clone(sk, newsk)) {
2321 sk_free_unlock_clone(newsk);
2322 newsk = NULL;
2323 goto out;
2324 }
2325
2326 /* Clear sk_user_data if parent had the pointer tagged
2327 * as not suitable for copying when cloning.
2328 */
2329 if (sk_user_data_is_nocopy(newsk))
2330 newsk->sk_user_data = NULL;
2331
2332 newsk->sk_err = 0;
2333 newsk->sk_err_soft = 0;
2334 newsk->sk_priority = 0;
2335 newsk->sk_incoming_cpu = raw_smp_processor_id();
2336
2337 /* Before updating sk_refcnt, we must commit prior changes to memory
2338 * (Documentation/RCU/rculist_nulls.rst for details)
2339 */
2340 smp_wmb();
2341 refcount_set(&newsk->sk_refcnt, 2);
2342
2343 /* Increment the counter in the same struct proto as the master
2344 * sock (sk_refcnt_debug_inc uses newsk->sk_prot->socks, that
2345 * is the same as sk->sk_prot->socks, as this field was copied
2346 * with memcpy).
2347 *
2348 * This _changes_ the previous behaviour, where
2349 * tcp_create_openreq_child always was incrementing the
2350 * equivalent to tcp_prot->socks (inet_sock_nr), so this have
2351 * to be taken into account in all callers. -acme
2352 */
2353 sk_refcnt_debug_inc(newsk);
2354 sk_set_socket(newsk, NULL);
2355 sk_tx_queue_clear(newsk);
2356 RCU_INIT_POINTER(newsk->sk_wq, NULL);
2357
2358 if (newsk->sk_prot->sockets_allocated)
2359 sk_sockets_allocated_inc(newsk);
2360
2361 if (sock_needs_netstamp(sk) && newsk->sk_flags & SK_FLAGS_TIMESTAMP)
2362 net_enable_timestamp();
2363out:
2364 return newsk;
2365}
2366EXPORT_SYMBOL_GPL(sk_clone_lock);
2367
2368void sk_free_unlock_clone(struct sock *sk)
2369{
2370 /* It is still raw copy of parent, so invalidate
2371 * destructor and make plain sk_free() */
2372 sk->sk_destruct = NULL;
2373 bh_unlock_sock(sk);
2374 sk_free(sk);
2375}
2376EXPORT_SYMBOL_GPL(sk_free_unlock_clone);
2377
2378static void sk_trim_gso_size(struct sock *sk)
2379{
2380 if (sk->sk_gso_max_size <= GSO_LEGACY_MAX_SIZE)
2381 return;
2382#if IS_ENABLED(CONFIG_IPV6)
2383 if (sk->sk_family == AF_INET6 &&
2384 sk_is_tcp(sk) &&
2385 !ipv6_addr_v4mapped(&sk->sk_v6_rcv_saddr))
2386 return;
2387#endif
2388 sk->sk_gso_max_size = GSO_LEGACY_MAX_SIZE;
2389}
2390
2391void sk_setup_caps(struct sock *sk, struct dst_entry *dst)
2392{
2393 u32 max_segs = 1;
2394
2395 sk_dst_set(sk, dst);
2396 sk->sk_route_caps = dst->dev->features;
2397 if (sk_is_tcp(sk))
2398 sk->sk_route_caps |= NETIF_F_GSO;
2399 if (sk->sk_route_caps & NETIF_F_GSO)
2400 sk->sk_route_caps |= NETIF_F_GSO_SOFTWARE;
2401 if (unlikely(sk->sk_gso_disabled))
2402 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
2403 if (sk_can_gso(sk)) {
2404 if (dst->header_len && !xfrm_dst_offload_ok(dst)) {
2405 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
2406 } else {
2407 sk->sk_route_caps |= NETIF_F_SG | NETIF_F_HW_CSUM;
2408 /* pairs with the WRITE_ONCE() in netif_set_gso_max_size() */
2409 sk->sk_gso_max_size = READ_ONCE(dst->dev->gso_max_size);
2410 sk_trim_gso_size(sk);
2411 sk->sk_gso_max_size -= (MAX_TCP_HEADER + 1);
2412 /* pairs with the WRITE_ONCE() in netif_set_gso_max_segs() */
2413 max_segs = max_t(u32, READ_ONCE(dst->dev->gso_max_segs), 1);
2414 }
2415 }
2416 sk->sk_gso_max_segs = max_segs;
2417}
2418EXPORT_SYMBOL_GPL(sk_setup_caps);
2419
2420/*
2421 * Simple resource managers for sockets.
2422 */
2423
2424
2425/*
2426 * Write buffer destructor automatically called from kfree_skb.
2427 */
2428void sock_wfree(struct sk_buff *skb)
2429{
2430 struct sock *sk = skb->sk;
2431 unsigned int len = skb->truesize;
2432 bool free;
2433
2434 if (!sock_flag(sk, SOCK_USE_WRITE_QUEUE)) {
2435 if (sock_flag(sk, SOCK_RCU_FREE) &&
2436 sk->sk_write_space == sock_def_write_space) {
2437 rcu_read_lock();
2438 free = refcount_sub_and_test(len, &sk->sk_wmem_alloc);
2439 sock_def_write_space_wfree(sk);
2440 rcu_read_unlock();
2441 if (unlikely(free))
2442 __sk_free(sk);
2443 return;
2444 }
2445
2446 /*
2447 * Keep a reference on sk_wmem_alloc, this will be released
2448 * after sk_write_space() call
2449 */
2450 WARN_ON(refcount_sub_and_test(len - 1, &sk->sk_wmem_alloc));
2451 sk->sk_write_space(sk);
2452 len = 1;
2453 }
2454 /*
2455 * if sk_wmem_alloc reaches 0, we must finish what sk_free()
2456 * could not do because of in-flight packets
2457 */
2458 if (refcount_sub_and_test(len, &sk->sk_wmem_alloc))
2459 __sk_free(sk);
2460}
2461EXPORT_SYMBOL(sock_wfree);
2462
2463/* This variant of sock_wfree() is used by TCP,
2464 * since it sets SOCK_USE_WRITE_QUEUE.
2465 */
2466void __sock_wfree(struct sk_buff *skb)
2467{
2468 struct sock *sk = skb->sk;
2469
2470 if (refcount_sub_and_test(skb->truesize, &sk->sk_wmem_alloc))
2471 __sk_free(sk);
2472}
2473
2474void skb_set_owner_w(struct sk_buff *skb, struct sock *sk)
2475{
2476 skb_orphan(skb);
2477 skb->sk = sk;
2478#ifdef CONFIG_INET
2479 if (unlikely(!sk_fullsock(sk))) {
2480 skb->destructor = sock_edemux;
2481 sock_hold(sk);
2482 return;
2483 }
2484#endif
2485 skb->destructor = sock_wfree;
2486 skb_set_hash_from_sk(skb, sk);
2487 /*
2488 * We used to take a refcount on sk, but following operation
2489 * is enough to guarantee sk_free() wont free this sock until
2490 * all in-flight packets are completed
2491 */
2492 refcount_add(skb->truesize, &sk->sk_wmem_alloc);
2493}
2494EXPORT_SYMBOL(skb_set_owner_w);
2495
2496static bool can_skb_orphan_partial(const struct sk_buff *skb)
2497{
2498#ifdef CONFIG_TLS_DEVICE
2499 /* Drivers depend on in-order delivery for crypto offload,
2500 * partial orphan breaks out-of-order-OK logic.
2501 */
2502 if (skb->decrypted)
2503 return false;
2504#endif
2505 return (skb->destructor == sock_wfree ||
2506 (IS_ENABLED(CONFIG_INET) && skb->destructor == tcp_wfree));
2507}
2508
2509/* This helper is used by netem, as it can hold packets in its
2510 * delay queue. We want to allow the owner socket to send more
2511 * packets, as if they were already TX completed by a typical driver.
2512 * But we also want to keep skb->sk set because some packet schedulers
2513 * rely on it (sch_fq for example).
2514 */
2515void skb_orphan_partial(struct sk_buff *skb)
2516{
2517 if (skb_is_tcp_pure_ack(skb))
2518 return;
2519
2520 if (can_skb_orphan_partial(skb) && skb_set_owner_sk_safe(skb, skb->sk))
2521 return;
2522
2523 skb_orphan(skb);
2524}
2525EXPORT_SYMBOL(skb_orphan_partial);
2526
2527/*
2528 * Read buffer destructor automatically called from kfree_skb.
2529 */
2530void sock_rfree(struct sk_buff *skb)
2531{
2532 struct sock *sk = skb->sk;
2533 unsigned int len = skb->truesize;
2534
2535 atomic_sub(len, &sk->sk_rmem_alloc);
2536 sk_mem_uncharge(sk, len);
2537}
2538EXPORT_SYMBOL(sock_rfree);
2539
2540/*
2541 * Buffer destructor for skbs that are not used directly in read or write
2542 * path, e.g. for error handler skbs. Automatically called from kfree_skb.
2543 */
2544void sock_efree(struct sk_buff *skb)
2545{
2546 sock_put(skb->sk);
2547}
2548EXPORT_SYMBOL(sock_efree);
2549
2550/* Buffer destructor for prefetch/receive path where reference count may
2551 * not be held, e.g. for listen sockets.
2552 */
2553#ifdef CONFIG_INET
2554void sock_pfree(struct sk_buff *skb)
2555{
2556 if (sk_is_refcounted(skb->sk))
2557 sock_gen_put(skb->sk);
2558}
2559EXPORT_SYMBOL(sock_pfree);
2560#endif /* CONFIG_INET */
2561
2562kuid_t sock_i_uid(struct sock *sk)
2563{
2564 kuid_t uid;
2565
2566 read_lock_bh(&sk->sk_callback_lock);
2567 uid = sk->sk_socket ? SOCK_INODE(sk->sk_socket)->i_uid : GLOBAL_ROOT_UID;
2568 read_unlock_bh(&sk->sk_callback_lock);
2569 return uid;
2570}
2571EXPORT_SYMBOL(sock_i_uid);
2572
2573unsigned long sock_i_ino(struct sock *sk)
2574{
2575 unsigned long ino;
2576
2577 read_lock_bh(&sk->sk_callback_lock);
2578 ino = sk->sk_socket ? SOCK_INODE(sk->sk_socket)->i_ino : 0;
2579 read_unlock_bh(&sk->sk_callback_lock);
2580 return ino;
2581}
2582EXPORT_SYMBOL(sock_i_ino);
2583
2584/*
2585 * Allocate a skb from the socket's send buffer.
2586 */
2587struct sk_buff *sock_wmalloc(struct sock *sk, unsigned long size, int force,
2588 gfp_t priority)
2589{
2590 if (force ||
2591 refcount_read(&sk->sk_wmem_alloc) < READ_ONCE(sk->sk_sndbuf)) {
2592 struct sk_buff *skb = alloc_skb(size, priority);
2593
2594 if (skb) {
2595 skb_set_owner_w(skb, sk);
2596 return skb;
2597 }
2598 }
2599 return NULL;
2600}
2601EXPORT_SYMBOL(sock_wmalloc);
2602
2603static void sock_ofree(struct sk_buff *skb)
2604{
2605 struct sock *sk = skb->sk;
2606
2607 atomic_sub(skb->truesize, &sk->sk_omem_alloc);
2608}
2609
2610struct sk_buff *sock_omalloc(struct sock *sk, unsigned long size,
2611 gfp_t priority)
2612{
2613 struct sk_buff *skb;
2614
2615 /* small safe race: SKB_TRUESIZE may differ from final skb->truesize */
2616 if (atomic_read(&sk->sk_omem_alloc) + SKB_TRUESIZE(size) >
2617 READ_ONCE(sysctl_optmem_max))
2618 return NULL;
2619
2620 skb = alloc_skb(size, priority);
2621 if (!skb)
2622 return NULL;
2623
2624 atomic_add(skb->truesize, &sk->sk_omem_alloc);
2625 skb->sk = sk;
2626 skb->destructor = sock_ofree;
2627 return skb;
2628}
2629
2630/*
2631 * Allocate a memory block from the socket's option memory buffer.
2632 */
2633void *sock_kmalloc(struct sock *sk, int size, gfp_t priority)
2634{
2635 int optmem_max = READ_ONCE(sysctl_optmem_max);
2636
2637 if ((unsigned int)size <= optmem_max &&
2638 atomic_read(&sk->sk_omem_alloc) + size < optmem_max) {
2639 void *mem;
2640 /* First do the add, to avoid the race if kmalloc
2641 * might sleep.
2642 */
2643 atomic_add(size, &sk->sk_omem_alloc);
2644 mem = kmalloc(size, priority);
2645 if (mem)
2646 return mem;
2647 atomic_sub(size, &sk->sk_omem_alloc);
2648 }
2649 return NULL;
2650}
2651EXPORT_SYMBOL(sock_kmalloc);
2652
2653/* Free an option memory block. Note, we actually want the inline
2654 * here as this allows gcc to detect the nullify and fold away the
2655 * condition entirely.
2656 */
2657static inline void __sock_kfree_s(struct sock *sk, void *mem, int size,
2658 const bool nullify)
2659{
2660 if (WARN_ON_ONCE(!mem))
2661 return;
2662 if (nullify)
2663 kfree_sensitive(mem);
2664 else
2665 kfree(mem);
2666 atomic_sub(size, &sk->sk_omem_alloc);
2667}
2668
2669void sock_kfree_s(struct sock *sk, void *mem, int size)
2670{
2671 __sock_kfree_s(sk, mem, size, false);
2672}
2673EXPORT_SYMBOL(sock_kfree_s);
2674
2675void sock_kzfree_s(struct sock *sk, void *mem, int size)
2676{
2677 __sock_kfree_s(sk, mem, size, true);
2678}
2679EXPORT_SYMBOL(sock_kzfree_s);
2680
2681/* It is almost wait_for_tcp_memory minus release_sock/lock_sock.
2682 I think, these locks should be removed for datagram sockets.
2683 */
2684static long sock_wait_for_wmem(struct sock *sk, long timeo)
2685{
2686 DEFINE_WAIT(wait);
2687
2688 sk_clear_bit(SOCKWQ_ASYNC_NOSPACE, sk);
2689 for (;;) {
2690 if (!timeo)
2691 break;
2692 if (signal_pending(current))
2693 break;
2694 set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
2695 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
2696 if (refcount_read(&sk->sk_wmem_alloc) < READ_ONCE(sk->sk_sndbuf))
2697 break;
2698 if (sk->sk_shutdown & SEND_SHUTDOWN)
2699 break;
2700 if (sk->sk_err)
2701 break;
2702 timeo = schedule_timeout(timeo);
2703 }
2704 finish_wait(sk_sleep(sk), &wait);
2705 return timeo;
2706}
2707
2708
2709/*
2710 * Generic send/receive buffer handlers
2711 */
2712
2713struct sk_buff *sock_alloc_send_pskb(struct sock *sk, unsigned long header_len,
2714 unsigned long data_len, int noblock,
2715 int *errcode, int max_page_order)
2716{
2717 struct sk_buff *skb;
2718 long timeo;
2719 int err;
2720
2721 timeo = sock_sndtimeo(sk, noblock);
2722 for (;;) {
2723 err = sock_error(sk);
2724 if (err != 0)
2725 goto failure;
2726
2727 err = -EPIPE;
2728 if (sk->sk_shutdown & SEND_SHUTDOWN)
2729 goto failure;
2730
2731 if (sk_wmem_alloc_get(sk) < READ_ONCE(sk->sk_sndbuf))
2732 break;
2733
2734 sk_set_bit(SOCKWQ_ASYNC_NOSPACE, sk);
2735 set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
2736 err = -EAGAIN;
2737 if (!timeo)
2738 goto failure;
2739 if (signal_pending(current))
2740 goto interrupted;
2741 timeo = sock_wait_for_wmem(sk, timeo);
2742 }
2743 skb = alloc_skb_with_frags(header_len, data_len, max_page_order,
2744 errcode, sk->sk_allocation);
2745 if (skb)
2746 skb_set_owner_w(skb, sk);
2747 return skb;
2748
2749interrupted:
2750 err = sock_intr_errno(timeo);
2751failure:
2752 *errcode = err;
2753 return NULL;
2754}
2755EXPORT_SYMBOL(sock_alloc_send_pskb);
2756
2757int __sock_cmsg_send(struct sock *sk, struct cmsghdr *cmsg,
2758 struct sockcm_cookie *sockc)
2759{
2760 u32 tsflags;
2761
2762 switch (cmsg->cmsg_type) {
2763 case SO_MARK:
2764 if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_RAW) &&
2765 !ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN))
2766 return -EPERM;
2767 if (cmsg->cmsg_len != CMSG_LEN(sizeof(u32)))
2768 return -EINVAL;
2769 sockc->mark = *(u32 *)CMSG_DATA(cmsg);
2770 break;
2771 case SO_TIMESTAMPING_OLD:
2772 if (cmsg->cmsg_len != CMSG_LEN(sizeof(u32)))
2773 return -EINVAL;
2774
2775 tsflags = *(u32 *)CMSG_DATA(cmsg);
2776 if (tsflags & ~SOF_TIMESTAMPING_TX_RECORD_MASK)
2777 return -EINVAL;
2778
2779 sockc->tsflags &= ~SOF_TIMESTAMPING_TX_RECORD_MASK;
2780 sockc->tsflags |= tsflags;
2781 break;
2782 case SCM_TXTIME:
2783 if (!sock_flag(sk, SOCK_TXTIME))
2784 return -EINVAL;
2785 if (cmsg->cmsg_len != CMSG_LEN(sizeof(u64)))
2786 return -EINVAL;
2787 sockc->transmit_time = get_unaligned((u64 *)CMSG_DATA(cmsg));
2788 break;
2789 /* SCM_RIGHTS and SCM_CREDENTIALS are semantically in SOL_UNIX. */
2790 case SCM_RIGHTS:
2791 case SCM_CREDENTIALS:
2792 break;
2793 default:
2794 return -EINVAL;
2795 }
2796 return 0;
2797}
2798EXPORT_SYMBOL(__sock_cmsg_send);
2799
2800int sock_cmsg_send(struct sock *sk, struct msghdr *msg,
2801 struct sockcm_cookie *sockc)
2802{
2803 struct cmsghdr *cmsg;
2804 int ret;
2805
2806 for_each_cmsghdr(cmsg, msg) {
2807 if (!CMSG_OK(msg, cmsg))
2808 return -EINVAL;
2809 if (cmsg->cmsg_level != SOL_SOCKET)
2810 continue;
2811 ret = __sock_cmsg_send(sk, cmsg, sockc);
2812 if (ret)
2813 return ret;
2814 }
2815 return 0;
2816}
2817EXPORT_SYMBOL(sock_cmsg_send);
2818
2819static void sk_enter_memory_pressure(struct sock *sk)
2820{
2821 if (!sk->sk_prot->enter_memory_pressure)
2822 return;
2823
2824 sk->sk_prot->enter_memory_pressure(sk);
2825}
2826
2827static void sk_leave_memory_pressure(struct sock *sk)
2828{
2829 if (sk->sk_prot->leave_memory_pressure) {
2830 sk->sk_prot->leave_memory_pressure(sk);
2831 } else {
2832 unsigned long *memory_pressure = sk->sk_prot->memory_pressure;
2833
2834 if (memory_pressure && READ_ONCE(*memory_pressure))
2835 WRITE_ONCE(*memory_pressure, 0);
2836 }
2837}
2838
2839DEFINE_STATIC_KEY_FALSE(net_high_order_alloc_disable_key);
2840
2841/**
2842 * skb_page_frag_refill - check that a page_frag contains enough room
2843 * @sz: minimum size of the fragment we want to get
2844 * @pfrag: pointer to page_frag
2845 * @gfp: priority for memory allocation
2846 *
2847 * Note: While this allocator tries to use high order pages, there is
2848 * no guarantee that allocations succeed. Therefore, @sz MUST be
2849 * less or equal than PAGE_SIZE.
2850 */
2851bool skb_page_frag_refill(unsigned int sz, struct page_frag *pfrag, gfp_t gfp)
2852{
2853 if (pfrag->page) {
2854 if (page_ref_count(pfrag->page) == 1) {
2855 pfrag->offset = 0;
2856 return true;
2857 }
2858 if (pfrag->offset + sz <= pfrag->size)
2859 return true;
2860 put_page(pfrag->page);
2861 }
2862
2863 pfrag->offset = 0;
2864 if (SKB_FRAG_PAGE_ORDER &&
2865 !static_branch_unlikely(&net_high_order_alloc_disable_key)) {
2866 /* Avoid direct reclaim but allow kswapd to wake */
2867 pfrag->page = alloc_pages((gfp & ~__GFP_DIRECT_RECLAIM) |
2868 __GFP_COMP | __GFP_NOWARN |
2869 __GFP_NORETRY,
2870 SKB_FRAG_PAGE_ORDER);
2871 if (likely(pfrag->page)) {
2872 pfrag->size = PAGE_SIZE << SKB_FRAG_PAGE_ORDER;
2873 return true;
2874 }
2875 }
2876 pfrag->page = alloc_page(gfp);
2877 if (likely(pfrag->page)) {
2878 pfrag->size = PAGE_SIZE;
2879 return true;
2880 }
2881 return false;
2882}
2883EXPORT_SYMBOL(skb_page_frag_refill);
2884
2885bool sk_page_frag_refill(struct sock *sk, struct page_frag *pfrag)
2886{
2887 if (likely(skb_page_frag_refill(32U, pfrag, sk->sk_allocation)))
2888 return true;
2889
2890 sk_enter_memory_pressure(sk);
2891 sk_stream_moderate_sndbuf(sk);
2892 return false;
2893}
2894EXPORT_SYMBOL(sk_page_frag_refill);
2895
2896void __lock_sock(struct sock *sk)
2897 __releases(&sk->sk_lock.slock)
2898 __acquires(&sk->sk_lock.slock)
2899{
2900 DEFINE_WAIT(wait);
2901
2902 for (;;) {
2903 prepare_to_wait_exclusive(&sk->sk_lock.wq, &wait,
2904 TASK_UNINTERRUPTIBLE);
2905 spin_unlock_bh(&sk->sk_lock.slock);
2906 schedule();
2907 spin_lock_bh(&sk->sk_lock.slock);
2908 if (!sock_owned_by_user(sk))
2909 break;
2910 }
2911 finish_wait(&sk->sk_lock.wq, &wait);
2912}
2913
2914void __release_sock(struct sock *sk)
2915 __releases(&sk->sk_lock.slock)
2916 __acquires(&sk->sk_lock.slock)
2917{
2918 struct sk_buff *skb, *next;
2919
2920 while ((skb = sk->sk_backlog.head) != NULL) {
2921 sk->sk_backlog.head = sk->sk_backlog.tail = NULL;
2922
2923 spin_unlock_bh(&sk->sk_lock.slock);
2924
2925 do {
2926 next = skb->next;
2927 prefetch(next);
2928 DEBUG_NET_WARN_ON_ONCE(skb_dst_is_noref(skb));
2929 skb_mark_not_on_list(skb);
2930 sk_backlog_rcv(sk, skb);
2931
2932 cond_resched();
2933
2934 skb = next;
2935 } while (skb != NULL);
2936
2937 spin_lock_bh(&sk->sk_lock.slock);
2938 }
2939
2940 /*
2941 * Doing the zeroing here guarantee we can not loop forever
2942 * while a wild producer attempts to flood us.
2943 */
2944 sk->sk_backlog.len = 0;
2945}
2946
2947void __sk_flush_backlog(struct sock *sk)
2948{
2949 spin_lock_bh(&sk->sk_lock.slock);
2950 __release_sock(sk);
2951 spin_unlock_bh(&sk->sk_lock.slock);
2952}
2953EXPORT_SYMBOL_GPL(__sk_flush_backlog);
2954
2955/**
2956 * sk_wait_data - wait for data to arrive at sk_receive_queue
2957 * @sk: sock to wait on
2958 * @timeo: for how long
2959 * @skb: last skb seen on sk_receive_queue
2960 *
2961 * Now socket state including sk->sk_err is changed only under lock,
2962 * hence we may omit checks after joining wait queue.
2963 * We check receive queue before schedule() only as optimization;
2964 * it is very likely that release_sock() added new data.
2965 */
2966int sk_wait_data(struct sock *sk, long *timeo, const struct sk_buff *skb)
2967{
2968 DEFINE_WAIT_FUNC(wait, woken_wake_function);
2969 int rc;
2970
2971 add_wait_queue(sk_sleep(sk), &wait);
2972 sk_set_bit(SOCKWQ_ASYNC_WAITDATA, sk);
2973 rc = sk_wait_event(sk, timeo, skb_peek_tail(&sk->sk_receive_queue) != skb, &wait);
2974 sk_clear_bit(SOCKWQ_ASYNC_WAITDATA, sk);
2975 remove_wait_queue(sk_sleep(sk), &wait);
2976 return rc;
2977}
2978EXPORT_SYMBOL(sk_wait_data);
2979
2980/**
2981 * __sk_mem_raise_allocated - increase memory_allocated
2982 * @sk: socket
2983 * @size: memory size to allocate
2984 * @amt: pages to allocate
2985 * @kind: allocation type
2986 *
2987 * Similar to __sk_mem_schedule(), but does not update sk_forward_alloc
2988 */
2989int __sk_mem_raise_allocated(struct sock *sk, int size, int amt, int kind)
2990{
2991 bool memcg_charge = mem_cgroup_sockets_enabled && sk->sk_memcg;
2992 struct proto *prot = sk->sk_prot;
2993 bool charged = true;
2994 long allocated;
2995
2996 sk_memory_allocated_add(sk, amt);
2997 allocated = sk_memory_allocated(sk);
2998 if (memcg_charge &&
2999 !(charged = mem_cgroup_charge_skmem(sk->sk_memcg, amt,
3000 gfp_memcg_charge())))
3001 goto suppress_allocation;
3002
3003 /* Under limit. */
3004 if (allocated <= sk_prot_mem_limits(sk, 0)) {
3005 sk_leave_memory_pressure(sk);
3006 return 1;
3007 }
3008
3009 /* Under pressure. */
3010 if (allocated > sk_prot_mem_limits(sk, 1))
3011 sk_enter_memory_pressure(sk);
3012
3013 /* Over hard limit. */
3014 if (allocated > sk_prot_mem_limits(sk, 2))
3015 goto suppress_allocation;
3016
3017 /* guarantee minimum buffer size under pressure */
3018 if (kind == SK_MEM_RECV) {
3019 if (atomic_read(&sk->sk_rmem_alloc) < sk_get_rmem0(sk, prot))
3020 return 1;
3021
3022 } else { /* SK_MEM_SEND */
3023 int wmem0 = sk_get_wmem0(sk, prot);
3024
3025 if (sk->sk_type == SOCK_STREAM) {
3026 if (sk->sk_wmem_queued < wmem0)
3027 return 1;
3028 } else if (refcount_read(&sk->sk_wmem_alloc) < wmem0) {
3029 return 1;
3030 }
3031 }
3032
3033 if (sk_has_memory_pressure(sk)) {
3034 u64 alloc;
3035
3036 if (!sk_under_memory_pressure(sk))
3037 return 1;
3038 alloc = sk_sockets_allocated_read_positive(sk);
3039 if (sk_prot_mem_limits(sk, 2) > alloc *
3040 sk_mem_pages(sk->sk_wmem_queued +
3041 atomic_read(&sk->sk_rmem_alloc) +
3042 sk->sk_forward_alloc))
3043 return 1;
3044 }
3045
3046suppress_allocation:
3047
3048 if (kind == SK_MEM_SEND && sk->sk_type == SOCK_STREAM) {
3049 sk_stream_moderate_sndbuf(sk);
3050
3051 /* Fail only if socket is _under_ its sndbuf.
3052 * In this case we cannot block, so that we have to fail.
3053 */
3054 if (sk->sk_wmem_queued + size >= sk->sk_sndbuf) {
3055 /* Force charge with __GFP_NOFAIL */
3056 if (memcg_charge && !charged) {
3057 mem_cgroup_charge_skmem(sk->sk_memcg, amt,
3058 gfp_memcg_charge() | __GFP_NOFAIL);
3059 }
3060 return 1;
3061 }
3062 }
3063
3064 if (kind == SK_MEM_SEND || (kind == SK_MEM_RECV && charged))
3065 trace_sock_exceed_buf_limit(sk, prot, allocated, kind);
3066
3067 sk_memory_allocated_sub(sk, amt);
3068
3069 if (memcg_charge && charged)
3070 mem_cgroup_uncharge_skmem(sk->sk_memcg, amt);
3071
3072 return 0;
3073}
3074
3075/**
3076 * __sk_mem_schedule - increase sk_forward_alloc and memory_allocated
3077 * @sk: socket
3078 * @size: memory size to allocate
3079 * @kind: allocation type
3080 *
3081 * If kind is SK_MEM_SEND, it means wmem allocation. Otherwise it means
3082 * rmem allocation. This function assumes that protocols which have
3083 * memory_pressure use sk_wmem_queued as write buffer accounting.
3084 */
3085int __sk_mem_schedule(struct sock *sk, int size, int kind)
3086{
3087 int ret, amt = sk_mem_pages(size);
3088
3089 sk->sk_forward_alloc += amt << PAGE_SHIFT;
3090 ret = __sk_mem_raise_allocated(sk, size, amt, kind);
3091 if (!ret)
3092 sk->sk_forward_alloc -= amt << PAGE_SHIFT;
3093 return ret;
3094}
3095EXPORT_SYMBOL(__sk_mem_schedule);
3096
3097/**
3098 * __sk_mem_reduce_allocated - reclaim memory_allocated
3099 * @sk: socket
3100 * @amount: number of quanta
3101 *
3102 * Similar to __sk_mem_reclaim(), but does not update sk_forward_alloc
3103 */
3104void __sk_mem_reduce_allocated(struct sock *sk, int amount)
3105{
3106 sk_memory_allocated_sub(sk, amount);
3107
3108 if (mem_cgroup_sockets_enabled && sk->sk_memcg)
3109 mem_cgroup_uncharge_skmem(sk->sk_memcg, amount);
3110
3111 if (sk_under_memory_pressure(sk) &&
3112 (sk_memory_allocated(sk) < sk_prot_mem_limits(sk, 0)))
3113 sk_leave_memory_pressure(sk);
3114}
3115
3116/**
3117 * __sk_mem_reclaim - reclaim sk_forward_alloc and memory_allocated
3118 * @sk: socket
3119 * @amount: number of bytes (rounded down to a PAGE_SIZE multiple)
3120 */
3121void __sk_mem_reclaim(struct sock *sk, int amount)
3122{
3123 amount >>= PAGE_SHIFT;
3124 sk->sk_forward_alloc -= amount << PAGE_SHIFT;
3125 __sk_mem_reduce_allocated(sk, amount);
3126}
3127EXPORT_SYMBOL(__sk_mem_reclaim);
3128
3129int sk_set_peek_off(struct sock *sk, int val)
3130{
3131 sk->sk_peek_off = val;
3132 return 0;
3133}
3134EXPORT_SYMBOL_GPL(sk_set_peek_off);
3135
3136/*
3137 * Set of default routines for initialising struct proto_ops when
3138 * the protocol does not support a particular function. In certain
3139 * cases where it makes no sense for a protocol to have a "do nothing"
3140 * function, some default processing is provided.
3141 */
3142
3143int sock_no_bind(struct socket *sock, struct sockaddr *saddr, int len)
3144{
3145 return -EOPNOTSUPP;
3146}
3147EXPORT_SYMBOL(sock_no_bind);
3148
3149int sock_no_connect(struct socket *sock, struct sockaddr *saddr,
3150 int len, int flags)
3151{
3152 return -EOPNOTSUPP;
3153}
3154EXPORT_SYMBOL(sock_no_connect);
3155
3156int sock_no_socketpair(struct socket *sock1, struct socket *sock2)
3157{
3158 return -EOPNOTSUPP;
3159}
3160EXPORT_SYMBOL(sock_no_socketpair);
3161
3162int sock_no_accept(struct socket *sock, struct socket *newsock, int flags,
3163 bool kern)
3164{
3165 return -EOPNOTSUPP;
3166}
3167EXPORT_SYMBOL(sock_no_accept);
3168
3169int sock_no_getname(struct socket *sock, struct sockaddr *saddr,
3170 int peer)
3171{
3172 return -EOPNOTSUPP;
3173}
3174EXPORT_SYMBOL(sock_no_getname);
3175
3176int sock_no_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
3177{
3178 return -EOPNOTSUPP;
3179}
3180EXPORT_SYMBOL(sock_no_ioctl);
3181
3182int sock_no_listen(struct socket *sock, int backlog)
3183{
3184 return -EOPNOTSUPP;
3185}
3186EXPORT_SYMBOL(sock_no_listen);
3187
3188int sock_no_shutdown(struct socket *sock, int how)
3189{
3190 return -EOPNOTSUPP;
3191}
3192EXPORT_SYMBOL(sock_no_shutdown);
3193
3194int sock_no_sendmsg(struct socket *sock, struct msghdr *m, size_t len)
3195{
3196 return -EOPNOTSUPP;
3197}
3198EXPORT_SYMBOL(sock_no_sendmsg);
3199
3200int sock_no_sendmsg_locked(struct sock *sk, struct msghdr *m, size_t len)
3201{
3202 return -EOPNOTSUPP;
3203}
3204EXPORT_SYMBOL(sock_no_sendmsg_locked);
3205
3206int sock_no_recvmsg(struct socket *sock, struct msghdr *m, size_t len,
3207 int flags)
3208{
3209 return -EOPNOTSUPP;
3210}
3211EXPORT_SYMBOL(sock_no_recvmsg);
3212
3213int sock_no_mmap(struct file *file, struct socket *sock, struct vm_area_struct *vma)
3214{
3215 /* Mirror missing mmap method error code */
3216 return -ENODEV;
3217}
3218EXPORT_SYMBOL(sock_no_mmap);
3219
3220/*
3221 * When a file is received (via SCM_RIGHTS, etc), we must bump the
3222 * various sock-based usage counts.
3223 */
3224void __receive_sock(struct file *file)
3225{
3226 struct socket *sock;
3227
3228 sock = sock_from_file(file);
3229 if (sock) {
3230 sock_update_netprioidx(&sock->sk->sk_cgrp_data);
3231 sock_update_classid(&sock->sk->sk_cgrp_data);
3232 }
3233}
3234
3235ssize_t sock_no_sendpage(struct socket *sock, struct page *page, int offset, size_t size, int flags)
3236{
3237 ssize_t res;
3238 struct msghdr msg = {.msg_flags = flags};
3239 struct kvec iov;
3240 char *kaddr = kmap(page);
3241 iov.iov_base = kaddr + offset;
3242 iov.iov_len = size;
3243 res = kernel_sendmsg(sock, &msg, &iov, 1, size);
3244 kunmap(page);
3245 return res;
3246}
3247EXPORT_SYMBOL(sock_no_sendpage);
3248
3249ssize_t sock_no_sendpage_locked(struct sock *sk, struct page *page,
3250 int offset, size_t size, int flags)
3251{
3252 ssize_t res;
3253 struct msghdr msg = {.msg_flags = flags};
3254 struct kvec iov;
3255 char *kaddr = kmap(page);
3256
3257 iov.iov_base = kaddr + offset;
3258 iov.iov_len = size;
3259 res = kernel_sendmsg_locked(sk, &msg, &iov, 1, size);
3260 kunmap(page);
3261 return res;
3262}
3263EXPORT_SYMBOL(sock_no_sendpage_locked);
3264
3265/*
3266 * Default Socket Callbacks
3267 */
3268
3269static void sock_def_wakeup(struct sock *sk)
3270{
3271 struct socket_wq *wq;
3272
3273 rcu_read_lock();
3274 wq = rcu_dereference(sk->sk_wq);
3275 if (skwq_has_sleeper(wq))
3276 wake_up_interruptible_all(&wq->wait);
3277 rcu_read_unlock();
3278}
3279
3280static void sock_def_error_report(struct sock *sk)
3281{
3282 struct socket_wq *wq;
3283
3284 rcu_read_lock();
3285 wq = rcu_dereference(sk->sk_wq);
3286 if (skwq_has_sleeper(wq))
3287 wake_up_interruptible_poll(&wq->wait, EPOLLERR);
3288 sk_wake_async(sk, SOCK_WAKE_IO, POLL_ERR);
3289 rcu_read_unlock();
3290}
3291
3292void sock_def_readable(struct sock *sk)
3293{
3294 struct socket_wq *wq;
3295
3296 rcu_read_lock();
3297 wq = rcu_dereference(sk->sk_wq);
3298 if (skwq_has_sleeper(wq))
3299 wake_up_interruptible_sync_poll(&wq->wait, EPOLLIN | EPOLLPRI |
3300 EPOLLRDNORM | EPOLLRDBAND);
3301 sk_wake_async(sk, SOCK_WAKE_WAITD, POLL_IN);
3302 rcu_read_unlock();
3303}
3304
3305static void sock_def_write_space(struct sock *sk)
3306{
3307 struct socket_wq *wq;
3308
3309 rcu_read_lock();
3310
3311 /* Do not wake up a writer until he can make "significant"
3312 * progress. --DaveM
3313 */
3314 if (sock_writeable(sk)) {
3315 wq = rcu_dereference(sk->sk_wq);
3316 if (skwq_has_sleeper(wq))
3317 wake_up_interruptible_sync_poll(&wq->wait, EPOLLOUT |
3318 EPOLLWRNORM | EPOLLWRBAND);
3319
3320 /* Should agree with poll, otherwise some programs break */
3321 sk_wake_async(sk, SOCK_WAKE_SPACE, POLL_OUT);
3322 }
3323
3324 rcu_read_unlock();
3325}
3326
3327/* An optimised version of sock_def_write_space(), should only be called
3328 * for SOCK_RCU_FREE sockets under RCU read section and after putting
3329 * ->sk_wmem_alloc.
3330 */
3331static void sock_def_write_space_wfree(struct sock *sk)
3332{
3333 /* Do not wake up a writer until he can make "significant"
3334 * progress. --DaveM
3335 */
3336 if (sock_writeable(sk)) {
3337 struct socket_wq *wq = rcu_dereference(sk->sk_wq);
3338
3339 /* rely on refcount_sub from sock_wfree() */
3340 smp_mb__after_atomic();
3341 if (wq && waitqueue_active(&wq->wait))
3342 wake_up_interruptible_sync_poll(&wq->wait, EPOLLOUT |
3343 EPOLLWRNORM | EPOLLWRBAND);
3344
3345 /* Should agree with poll, otherwise some programs break */
3346 sk_wake_async(sk, SOCK_WAKE_SPACE, POLL_OUT);
3347 }
3348}
3349
3350static void sock_def_destruct(struct sock *sk)
3351{
3352}
3353
3354void sk_send_sigurg(struct sock *sk)
3355{
3356 if (sk->sk_socket && sk->sk_socket->file)
3357 if (send_sigurg(&sk->sk_socket->file->f_owner))
3358 sk_wake_async(sk, SOCK_WAKE_URG, POLL_PRI);
3359}
3360EXPORT_SYMBOL(sk_send_sigurg);
3361
3362void sk_reset_timer(struct sock *sk, struct timer_list* timer,
3363 unsigned long expires)
3364{
3365 if (!mod_timer(timer, expires))
3366 sock_hold(sk);
3367}
3368EXPORT_SYMBOL(sk_reset_timer);
3369
3370void sk_stop_timer(struct sock *sk, struct timer_list* timer)
3371{
3372 if (del_timer(timer))
3373 __sock_put(sk);
3374}
3375EXPORT_SYMBOL(sk_stop_timer);
3376
3377void sk_stop_timer_sync(struct sock *sk, struct timer_list *timer)
3378{
3379 if (del_timer_sync(timer))
3380 __sock_put(sk);
3381}
3382EXPORT_SYMBOL(sk_stop_timer_sync);
3383
3384void sock_init_data(struct socket *sock, struct sock *sk)
3385{
3386 sk_init_common(sk);
3387 sk->sk_send_head = NULL;
3388
3389 timer_setup(&sk->sk_timer, NULL, 0);
3390
3391 sk->sk_allocation = GFP_KERNEL;
3392 sk->sk_rcvbuf = READ_ONCE(sysctl_rmem_default);
3393 sk->sk_sndbuf = READ_ONCE(sysctl_wmem_default);
3394 sk->sk_state = TCP_CLOSE;
3395 sk->sk_use_task_frag = true;
3396 sk_set_socket(sk, sock);
3397
3398 sock_set_flag(sk, SOCK_ZAPPED);
3399
3400 if (sock) {
3401 sk->sk_type = sock->type;
3402 RCU_INIT_POINTER(sk->sk_wq, &sock->wq);
3403 sock->sk = sk;
3404 sk->sk_uid = SOCK_INODE(sock)->i_uid;
3405 } else {
3406 RCU_INIT_POINTER(sk->sk_wq, NULL);
3407 sk->sk_uid = make_kuid(sock_net(sk)->user_ns, 0);
3408 }
3409
3410 rwlock_init(&sk->sk_callback_lock);
3411 if (sk->sk_kern_sock)
3412 lockdep_set_class_and_name(
3413 &sk->sk_callback_lock,
3414 af_kern_callback_keys + sk->sk_family,
3415 af_family_kern_clock_key_strings[sk->sk_family]);
3416 else
3417 lockdep_set_class_and_name(
3418 &sk->sk_callback_lock,
3419 af_callback_keys + sk->sk_family,
3420 af_family_clock_key_strings[sk->sk_family]);
3421
3422 sk->sk_state_change = sock_def_wakeup;
3423 sk->sk_data_ready = sock_def_readable;
3424 sk->sk_write_space = sock_def_write_space;
3425 sk->sk_error_report = sock_def_error_report;
3426 sk->sk_destruct = sock_def_destruct;
3427
3428 sk->sk_frag.page = NULL;
3429 sk->sk_frag.offset = 0;
3430 sk->sk_peek_off = -1;
3431
3432 sk->sk_peer_pid = NULL;
3433 sk->sk_peer_cred = NULL;
3434 spin_lock_init(&sk->sk_peer_lock);
3435
3436 sk->sk_write_pending = 0;
3437 sk->sk_rcvlowat = 1;
3438 sk->sk_rcvtimeo = MAX_SCHEDULE_TIMEOUT;
3439 sk->sk_sndtimeo = MAX_SCHEDULE_TIMEOUT;
3440
3441 sk->sk_stamp = SK_DEFAULT_STAMP;
3442#if BITS_PER_LONG==32
3443 seqlock_init(&sk->sk_stamp_seq);
3444#endif
3445 atomic_set(&sk->sk_zckey, 0);
3446
3447#ifdef CONFIG_NET_RX_BUSY_POLL
3448 sk->sk_napi_id = 0;
3449 sk->sk_ll_usec = READ_ONCE(sysctl_net_busy_read);
3450#endif
3451
3452 sk->sk_max_pacing_rate = ~0UL;
3453 sk->sk_pacing_rate = ~0UL;
3454 WRITE_ONCE(sk->sk_pacing_shift, 10);
3455 sk->sk_incoming_cpu = -1;
3456
3457 sk_rx_queue_clear(sk);
3458 /*
3459 * Before updating sk_refcnt, we must commit prior changes to memory
3460 * (Documentation/RCU/rculist_nulls.rst for details)
3461 */
3462 smp_wmb();
3463 refcount_set(&sk->sk_refcnt, 1);
3464 atomic_set(&sk->sk_drops, 0);
3465}
3466EXPORT_SYMBOL(sock_init_data);
3467
3468void lock_sock_nested(struct sock *sk, int subclass)
3469{
3470 /* The sk_lock has mutex_lock() semantics here. */
3471 mutex_acquire(&sk->sk_lock.dep_map, subclass, 0, _RET_IP_);
3472
3473 might_sleep();
3474 spin_lock_bh(&sk->sk_lock.slock);
3475 if (sock_owned_by_user_nocheck(sk))
3476 __lock_sock(sk);
3477 sk->sk_lock.owned = 1;
3478 spin_unlock_bh(&sk->sk_lock.slock);
3479}
3480EXPORT_SYMBOL(lock_sock_nested);
3481
3482void release_sock(struct sock *sk)
3483{
3484 spin_lock_bh(&sk->sk_lock.slock);
3485 if (sk->sk_backlog.tail)
3486 __release_sock(sk);
3487
3488 /* Warning : release_cb() might need to release sk ownership,
3489 * ie call sock_release_ownership(sk) before us.
3490 */
3491 if (sk->sk_prot->release_cb)
3492 sk->sk_prot->release_cb(sk);
3493
3494 sock_release_ownership(sk);
3495 if (waitqueue_active(&sk->sk_lock.wq))
3496 wake_up(&sk->sk_lock.wq);
3497 spin_unlock_bh(&sk->sk_lock.slock);
3498}
3499EXPORT_SYMBOL(release_sock);
3500
3501bool __lock_sock_fast(struct sock *sk) __acquires(&sk->sk_lock.slock)
3502{
3503 might_sleep();
3504 spin_lock_bh(&sk->sk_lock.slock);
3505
3506 if (!sock_owned_by_user_nocheck(sk)) {
3507 /*
3508 * Fast path return with bottom halves disabled and
3509 * sock::sk_lock.slock held.
3510 *
3511 * The 'mutex' is not contended and holding
3512 * sock::sk_lock.slock prevents all other lockers to
3513 * proceed so the corresponding unlock_sock_fast() can
3514 * avoid the slow path of release_sock() completely and
3515 * just release slock.
3516 *
3517 * From a semantical POV this is equivalent to 'acquiring'
3518 * the 'mutex', hence the corresponding lockdep
3519 * mutex_release() has to happen in the fast path of
3520 * unlock_sock_fast().
3521 */
3522 return false;
3523 }
3524
3525 __lock_sock(sk);
3526 sk->sk_lock.owned = 1;
3527 __acquire(&sk->sk_lock.slock);
3528 spin_unlock_bh(&sk->sk_lock.slock);
3529 return true;
3530}
3531EXPORT_SYMBOL(__lock_sock_fast);
3532
3533int sock_gettstamp(struct socket *sock, void __user *userstamp,
3534 bool timeval, bool time32)
3535{
3536 struct sock *sk = sock->sk;
3537 struct timespec64 ts;
3538
3539 sock_enable_timestamp(sk, SOCK_TIMESTAMP);
3540 ts = ktime_to_timespec64(sock_read_timestamp(sk));
3541 if (ts.tv_sec == -1)
3542 return -ENOENT;
3543 if (ts.tv_sec == 0) {
3544 ktime_t kt = ktime_get_real();
3545 sock_write_timestamp(sk, kt);
3546 ts = ktime_to_timespec64(kt);
3547 }
3548
3549 if (timeval)
3550 ts.tv_nsec /= 1000;
3551
3552#ifdef CONFIG_COMPAT_32BIT_TIME
3553 if (time32)
3554 return put_old_timespec32(&ts, userstamp);
3555#endif
3556#ifdef CONFIG_SPARC64
3557 /* beware of padding in sparc64 timeval */
3558 if (timeval && !in_compat_syscall()) {
3559 struct __kernel_old_timeval __user tv = {
3560 .tv_sec = ts.tv_sec,
3561 .tv_usec = ts.tv_nsec,
3562 };
3563 if (copy_to_user(userstamp, &tv, sizeof(tv)))
3564 return -EFAULT;
3565 return 0;
3566 }
3567#endif
3568 return put_timespec64(&ts, userstamp);
3569}
3570EXPORT_SYMBOL(sock_gettstamp);
3571
3572void sock_enable_timestamp(struct sock *sk, enum sock_flags flag)
3573{
3574 if (!sock_flag(sk, flag)) {
3575 unsigned long previous_flags = sk->sk_flags;
3576
3577 sock_set_flag(sk, flag);
3578 /*
3579 * we just set one of the two flags which require net
3580 * time stamping, but time stamping might have been on
3581 * already because of the other one
3582 */
3583 if (sock_needs_netstamp(sk) &&
3584 !(previous_flags & SK_FLAGS_TIMESTAMP))
3585 net_enable_timestamp();
3586 }
3587}
3588
3589int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len,
3590 int level, int type)
3591{
3592 struct sock_exterr_skb *serr;
3593 struct sk_buff *skb;
3594 int copied, err;
3595
3596 err = -EAGAIN;
3597 skb = sock_dequeue_err_skb(sk);
3598 if (skb == NULL)
3599 goto out;
3600
3601 copied = skb->len;
3602 if (copied > len) {
3603 msg->msg_flags |= MSG_TRUNC;
3604 copied = len;
3605 }
3606 err = skb_copy_datagram_msg(skb, 0, msg, copied);
3607 if (err)
3608 goto out_free_skb;
3609
3610 sock_recv_timestamp(msg, sk, skb);
3611
3612 serr = SKB_EXT_ERR(skb);
3613 put_cmsg(msg, level, type, sizeof(serr->ee), &serr->ee);
3614
3615 msg->msg_flags |= MSG_ERRQUEUE;
3616 err = copied;
3617
3618out_free_skb:
3619 kfree_skb(skb);
3620out:
3621 return err;
3622}
3623EXPORT_SYMBOL(sock_recv_errqueue);
3624
3625/*
3626 * Get a socket option on an socket.
3627 *
3628 * FIX: POSIX 1003.1g is very ambiguous here. It states that
3629 * asynchronous errors should be reported by getsockopt. We assume
3630 * this means if you specify SO_ERROR (otherwise whats the point of it).
3631 */
3632int sock_common_getsockopt(struct socket *sock, int level, int optname,
3633 char __user *optval, int __user *optlen)
3634{
3635 struct sock *sk = sock->sk;
3636
3637 /* IPV6_ADDRFORM can change sk->sk_prot under us. */
3638 return READ_ONCE(sk->sk_prot)->getsockopt(sk, level, optname, optval, optlen);
3639}
3640EXPORT_SYMBOL(sock_common_getsockopt);
3641
3642int sock_common_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,
3643 int flags)
3644{
3645 struct sock *sk = sock->sk;
3646 int addr_len = 0;
3647 int err;
3648
3649 err = sk->sk_prot->recvmsg(sk, msg, size, flags, &addr_len);
3650 if (err >= 0)
3651 msg->msg_namelen = addr_len;
3652 return err;
3653}
3654EXPORT_SYMBOL(sock_common_recvmsg);
3655
3656/*
3657 * Set socket options on an inet socket.
3658 */
3659int sock_common_setsockopt(struct socket *sock, int level, int optname,
3660 sockptr_t optval, unsigned int optlen)
3661{
3662 struct sock *sk = sock->sk;
3663
3664 /* IPV6_ADDRFORM can change sk->sk_prot under us. */
3665 return READ_ONCE(sk->sk_prot)->setsockopt(sk, level, optname, optval, optlen);
3666}
3667EXPORT_SYMBOL(sock_common_setsockopt);
3668
3669void sk_common_release(struct sock *sk)
3670{
3671 if (sk->sk_prot->destroy)
3672 sk->sk_prot->destroy(sk);
3673
3674 /*
3675 * Observation: when sk_common_release is called, processes have
3676 * no access to socket. But net still has.
3677 * Step one, detach it from networking:
3678 *
3679 * A. Remove from hash tables.
3680 */
3681
3682 sk->sk_prot->unhash(sk);
3683
3684 /*
3685 * In this point socket cannot receive new packets, but it is possible
3686 * that some packets are in flight because some CPU runs receiver and
3687 * did hash table lookup before we unhashed socket. They will achieve
3688 * receive queue and will be purged by socket destructor.
3689 *
3690 * Also we still have packets pending on receive queue and probably,
3691 * our own packets waiting in device queues. sock_destroy will drain
3692 * receive queue, but transmitted packets will delay socket destruction
3693 * until the last reference will be released.
3694 */
3695
3696 sock_orphan(sk);
3697
3698 xfrm_sk_free_policy(sk);
3699
3700 sk_refcnt_debug_release(sk);
3701
3702 sock_put(sk);
3703}
3704EXPORT_SYMBOL(sk_common_release);
3705
3706void sk_get_meminfo(const struct sock *sk, u32 *mem)
3707{
3708 memset(mem, 0, sizeof(*mem) * SK_MEMINFO_VARS);
3709
3710 mem[SK_MEMINFO_RMEM_ALLOC] = sk_rmem_alloc_get(sk);
3711 mem[SK_MEMINFO_RCVBUF] = READ_ONCE(sk->sk_rcvbuf);
3712 mem[SK_MEMINFO_WMEM_ALLOC] = sk_wmem_alloc_get(sk);
3713 mem[SK_MEMINFO_SNDBUF] = READ_ONCE(sk->sk_sndbuf);
3714 mem[SK_MEMINFO_FWD_ALLOC] = sk->sk_forward_alloc;
3715 mem[SK_MEMINFO_WMEM_QUEUED] = READ_ONCE(sk->sk_wmem_queued);
3716 mem[SK_MEMINFO_OPTMEM] = atomic_read(&sk->sk_omem_alloc);
3717 mem[SK_MEMINFO_BACKLOG] = READ_ONCE(sk->sk_backlog.len);
3718 mem[SK_MEMINFO_DROPS] = atomic_read(&sk->sk_drops);
3719}
3720
3721#ifdef CONFIG_PROC_FS
3722static DECLARE_BITMAP(proto_inuse_idx, PROTO_INUSE_NR);
3723
3724int sock_prot_inuse_get(struct net *net, struct proto *prot)
3725{
3726 int cpu, idx = prot->inuse_idx;
3727 int res = 0;
3728
3729 for_each_possible_cpu(cpu)
3730 res += per_cpu_ptr(net->core.prot_inuse, cpu)->val[idx];
3731
3732 return res >= 0 ? res : 0;
3733}
3734EXPORT_SYMBOL_GPL(sock_prot_inuse_get);
3735
3736int sock_inuse_get(struct net *net)
3737{
3738 int cpu, res = 0;
3739
3740 for_each_possible_cpu(cpu)
3741 res += per_cpu_ptr(net->core.prot_inuse, cpu)->all;
3742
3743 return res;
3744}
3745
3746EXPORT_SYMBOL_GPL(sock_inuse_get);
3747
3748static int __net_init sock_inuse_init_net(struct net *net)
3749{
3750 net->core.prot_inuse = alloc_percpu(struct prot_inuse);
3751 if (net->core.prot_inuse == NULL)
3752 return -ENOMEM;
3753 return 0;
3754}
3755
3756static void __net_exit sock_inuse_exit_net(struct net *net)
3757{
3758 free_percpu(net->core.prot_inuse);
3759}
3760
3761static struct pernet_operations net_inuse_ops = {
3762 .init = sock_inuse_init_net,
3763 .exit = sock_inuse_exit_net,
3764};
3765
3766static __init int net_inuse_init(void)
3767{
3768 if (register_pernet_subsys(&net_inuse_ops))
3769 panic("Cannot initialize net inuse counters");
3770
3771 return 0;
3772}
3773
3774core_initcall(net_inuse_init);
3775
3776static int assign_proto_idx(struct proto *prot)
3777{
3778 prot->inuse_idx = find_first_zero_bit(proto_inuse_idx, PROTO_INUSE_NR);
3779
3780 if (unlikely(prot->inuse_idx == PROTO_INUSE_NR - 1)) {
3781 pr_err("PROTO_INUSE_NR exhausted\n");
3782 return -ENOSPC;
3783 }
3784
3785 set_bit(prot->inuse_idx, proto_inuse_idx);
3786 return 0;
3787}
3788
3789static void release_proto_idx(struct proto *prot)
3790{
3791 if (prot->inuse_idx != PROTO_INUSE_NR - 1)
3792 clear_bit(prot->inuse_idx, proto_inuse_idx);
3793}
3794#else
3795static inline int assign_proto_idx(struct proto *prot)
3796{
3797 return 0;
3798}
3799
3800static inline void release_proto_idx(struct proto *prot)
3801{
3802}
3803
3804#endif
3805
3806static void tw_prot_cleanup(struct timewait_sock_ops *twsk_prot)
3807{
3808 if (!twsk_prot)
3809 return;
3810 kfree(twsk_prot->twsk_slab_name);
3811 twsk_prot->twsk_slab_name = NULL;
3812 kmem_cache_destroy(twsk_prot->twsk_slab);
3813 twsk_prot->twsk_slab = NULL;
3814}
3815
3816static int tw_prot_init(const struct proto *prot)
3817{
3818 struct timewait_sock_ops *twsk_prot = prot->twsk_prot;
3819
3820 if (!twsk_prot)
3821 return 0;
3822
3823 twsk_prot->twsk_slab_name = kasprintf(GFP_KERNEL, "tw_sock_%s",
3824 prot->name);
3825 if (!twsk_prot->twsk_slab_name)
3826 return -ENOMEM;
3827
3828 twsk_prot->twsk_slab =
3829 kmem_cache_create(twsk_prot->twsk_slab_name,
3830 twsk_prot->twsk_obj_size, 0,
3831 SLAB_ACCOUNT | prot->slab_flags,
3832 NULL);
3833 if (!twsk_prot->twsk_slab) {
3834 pr_crit("%s: Can't create timewait sock SLAB cache!\n",
3835 prot->name);
3836 return -ENOMEM;
3837 }
3838
3839 return 0;
3840}
3841
3842static void req_prot_cleanup(struct request_sock_ops *rsk_prot)
3843{
3844 if (!rsk_prot)
3845 return;
3846 kfree(rsk_prot->slab_name);
3847 rsk_prot->slab_name = NULL;
3848 kmem_cache_destroy(rsk_prot->slab);
3849 rsk_prot->slab = NULL;
3850}
3851
3852static int req_prot_init(const struct proto *prot)
3853{
3854 struct request_sock_ops *rsk_prot = prot->rsk_prot;
3855
3856 if (!rsk_prot)
3857 return 0;
3858
3859 rsk_prot->slab_name = kasprintf(GFP_KERNEL, "request_sock_%s",
3860 prot->name);
3861 if (!rsk_prot->slab_name)
3862 return -ENOMEM;
3863
3864 rsk_prot->slab = kmem_cache_create(rsk_prot->slab_name,
3865 rsk_prot->obj_size, 0,
3866 SLAB_ACCOUNT | prot->slab_flags,
3867 NULL);
3868
3869 if (!rsk_prot->slab) {
3870 pr_crit("%s: Can't create request sock SLAB cache!\n",
3871 prot->name);
3872 return -ENOMEM;
3873 }
3874 return 0;
3875}
3876
3877int proto_register(struct proto *prot, int alloc_slab)
3878{
3879 int ret = -ENOBUFS;
3880
3881 if (prot->memory_allocated && !prot->sysctl_mem) {
3882 pr_err("%s: missing sysctl_mem\n", prot->name);
3883 return -EINVAL;
3884 }
3885 if (prot->memory_allocated && !prot->per_cpu_fw_alloc) {
3886 pr_err("%s: missing per_cpu_fw_alloc\n", prot->name);
3887 return -EINVAL;
3888 }
3889 if (alloc_slab) {
3890 prot->slab = kmem_cache_create_usercopy(prot->name,
3891 prot->obj_size, 0,
3892 SLAB_HWCACHE_ALIGN | SLAB_ACCOUNT |
3893 prot->slab_flags,
3894 prot->useroffset, prot->usersize,
3895 NULL);
3896
3897 if (prot->slab == NULL) {
3898 pr_crit("%s: Can't create sock SLAB cache!\n",
3899 prot->name);
3900 goto out;
3901 }
3902
3903 if (req_prot_init(prot))
3904 goto out_free_request_sock_slab;
3905
3906 if (tw_prot_init(prot))
3907 goto out_free_timewait_sock_slab;
3908 }
3909
3910 mutex_lock(&proto_list_mutex);
3911 ret = assign_proto_idx(prot);
3912 if (ret) {
3913 mutex_unlock(&proto_list_mutex);
3914 goto out_free_timewait_sock_slab;
3915 }
3916 list_add(&prot->node, &proto_list);
3917 mutex_unlock(&proto_list_mutex);
3918 return ret;
3919
3920out_free_timewait_sock_slab:
3921 if (alloc_slab)
3922 tw_prot_cleanup(prot->twsk_prot);
3923out_free_request_sock_slab:
3924 if (alloc_slab) {
3925 req_prot_cleanup(prot->rsk_prot);
3926
3927 kmem_cache_destroy(prot->slab);
3928 prot->slab = NULL;
3929 }
3930out:
3931 return ret;
3932}
3933EXPORT_SYMBOL(proto_register);
3934
3935void proto_unregister(struct proto *prot)
3936{
3937 mutex_lock(&proto_list_mutex);
3938 release_proto_idx(prot);
3939 list_del(&prot->node);
3940 mutex_unlock(&proto_list_mutex);
3941
3942 kmem_cache_destroy(prot->slab);
3943 prot->slab = NULL;
3944
3945 req_prot_cleanup(prot->rsk_prot);
3946 tw_prot_cleanup(prot->twsk_prot);
3947}
3948EXPORT_SYMBOL(proto_unregister);
3949
3950int sock_load_diag_module(int family, int protocol)
3951{
3952 if (!protocol) {
3953 if (!sock_is_registered(family))
3954 return -ENOENT;
3955
3956 return request_module("net-pf-%d-proto-%d-type-%d", PF_NETLINK,
3957 NETLINK_SOCK_DIAG, family);
3958 }
3959
3960#ifdef CONFIG_INET
3961 if (family == AF_INET &&
3962 protocol != IPPROTO_RAW &&
3963 protocol < MAX_INET_PROTOS &&
3964 !rcu_access_pointer(inet_protos[protocol]))
3965 return -ENOENT;
3966#endif
3967
3968 return request_module("net-pf-%d-proto-%d-type-%d-%d", PF_NETLINK,
3969 NETLINK_SOCK_DIAG, family, protocol);
3970}
3971EXPORT_SYMBOL(sock_load_diag_module);
3972
3973#ifdef CONFIG_PROC_FS
3974static void *proto_seq_start(struct seq_file *seq, loff_t *pos)
3975 __acquires(proto_list_mutex)
3976{
3977 mutex_lock(&proto_list_mutex);
3978 return seq_list_start_head(&proto_list, *pos);
3979}
3980
3981static void *proto_seq_next(struct seq_file *seq, void *v, loff_t *pos)
3982{
3983 return seq_list_next(v, &proto_list, pos);
3984}
3985
3986static void proto_seq_stop(struct seq_file *seq, void *v)
3987 __releases(proto_list_mutex)
3988{
3989 mutex_unlock(&proto_list_mutex);
3990}
3991
3992static char proto_method_implemented(const void *method)
3993{
3994 return method == NULL ? 'n' : 'y';
3995}
3996static long sock_prot_memory_allocated(struct proto *proto)
3997{
3998 return proto->memory_allocated != NULL ? proto_memory_allocated(proto) : -1L;
3999}
4000
4001static const char *sock_prot_memory_pressure(struct proto *proto)
4002{
4003 return proto->memory_pressure != NULL ?
4004 proto_memory_pressure(proto) ? "yes" : "no" : "NI";
4005}
4006
4007static void proto_seq_printf(struct seq_file *seq, struct proto *proto)
4008{
4009
4010 seq_printf(seq, "%-9s %4u %6d %6ld %-3s %6u %-3s %-10s "
4011 "%2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c\n",
4012 proto->name,
4013 proto->obj_size,
4014 sock_prot_inuse_get(seq_file_net(seq), proto),
4015 sock_prot_memory_allocated(proto),
4016 sock_prot_memory_pressure(proto),
4017 proto->max_header,
4018 proto->slab == NULL ? "no" : "yes",
4019 module_name(proto->owner),
4020 proto_method_implemented(proto->close),
4021 proto_method_implemented(proto->connect),
4022 proto_method_implemented(proto->disconnect),
4023 proto_method_implemented(proto->accept),
4024 proto_method_implemented(proto->ioctl),
4025 proto_method_implemented(proto->init),
4026 proto_method_implemented(proto->destroy),
4027 proto_method_implemented(proto->shutdown),
4028 proto_method_implemented(proto->setsockopt),
4029 proto_method_implemented(proto->getsockopt),
4030 proto_method_implemented(proto->sendmsg),
4031 proto_method_implemented(proto->recvmsg),
4032 proto_method_implemented(proto->sendpage),
4033 proto_method_implemented(proto->bind),
4034 proto_method_implemented(proto->backlog_rcv),
4035 proto_method_implemented(proto->hash),
4036 proto_method_implemented(proto->unhash),
4037 proto_method_implemented(proto->get_port),
4038 proto_method_implemented(proto->enter_memory_pressure));
4039}
4040
4041static int proto_seq_show(struct seq_file *seq, void *v)
4042{
4043 if (v == &proto_list)
4044 seq_printf(seq, "%-9s %-4s %-8s %-6s %-5s %-7s %-4s %-10s %s",
4045 "protocol",
4046 "size",
4047 "sockets",
4048 "memory",
4049 "press",
4050 "maxhdr",
4051 "slab",
4052 "module",
4053 "cl co di ac io in de sh ss gs se re sp bi br ha uh gp em\n");
4054 else
4055 proto_seq_printf(seq, list_entry(v, struct proto, node));
4056 return 0;
4057}
4058
4059static const struct seq_operations proto_seq_ops = {
4060 .start = proto_seq_start,
4061 .next = proto_seq_next,
4062 .stop = proto_seq_stop,
4063 .show = proto_seq_show,
4064};
4065
4066static __net_init int proto_init_net(struct net *net)
4067{
4068 if (!proc_create_net("protocols", 0444, net->proc_net, &proto_seq_ops,
4069 sizeof(struct seq_net_private)))
4070 return -ENOMEM;
4071
4072 return 0;
4073}
4074
4075static __net_exit void proto_exit_net(struct net *net)
4076{
4077 remove_proc_entry("protocols", net->proc_net);
4078}
4079
4080
4081static __net_initdata struct pernet_operations proto_net_ops = {
4082 .init = proto_init_net,
4083 .exit = proto_exit_net,
4084};
4085
4086static int __init proto_init(void)
4087{
4088 return register_pernet_subsys(&proto_net_ops);
4089}
4090
4091subsys_initcall(proto_init);
4092
4093#endif /* PROC_FS */
4094
4095#ifdef CONFIG_NET_RX_BUSY_POLL
4096bool sk_busy_loop_end(void *p, unsigned long start_time)
4097{
4098 struct sock *sk = p;
4099
4100 return !skb_queue_empty_lockless(&sk->sk_receive_queue) ||
4101 sk_busy_loop_timeout(sk, start_time);
4102}
4103EXPORT_SYMBOL(sk_busy_loop_end);
4104#endif /* CONFIG_NET_RX_BUSY_POLL */
4105
4106int sock_bind_add(struct sock *sk, struct sockaddr *addr, int addr_len)
4107{
4108 if (!sk->sk_prot->bind_add)
4109 return -EOPNOTSUPP;
4110 return sk->sk_prot->bind_add(sk, addr, addr_len);
4111}
4112EXPORT_SYMBOL(sock_bind_add);