Loading...
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * INET An implementation of the TCP/IP protocol suite for the LINUX
4 * operating system. INET is implemented using the BSD Socket
5 * interface as the means of communication with the user level.
6 *
7 * Generic socket support routines. Memory allocators, socket lock/release
8 * handler for protocols to use and generic option handler.
9 *
10 * Authors: Ross Biro
11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Florian La Roche, <flla@stud.uni-sb.de>
13 * Alan Cox, <A.Cox@swansea.ac.uk>
14 *
15 * Fixes:
16 * Alan Cox : Numerous verify_area() problems
17 * Alan Cox : Connecting on a connecting socket
18 * now returns an error for tcp.
19 * Alan Cox : sock->protocol is set correctly.
20 * and is not sometimes left as 0.
21 * Alan Cox : connect handles icmp errors on a
22 * connect properly. Unfortunately there
23 * is a restart syscall nasty there. I
24 * can't match BSD without hacking the C
25 * library. Ideas urgently sought!
26 * Alan Cox : Disallow bind() to addresses that are
27 * not ours - especially broadcast ones!!
28 * Alan Cox : Socket 1024 _IS_ ok for users. (fencepost)
29 * Alan Cox : sock_wfree/sock_rfree don't destroy sockets,
30 * instead they leave that for the DESTROY timer.
31 * Alan Cox : Clean up error flag in accept
32 * Alan Cox : TCP ack handling is buggy, the DESTROY timer
33 * was buggy. Put a remove_sock() in the handler
34 * for memory when we hit 0. Also altered the timer
35 * code. The ACK stuff can wait and needs major
36 * TCP layer surgery.
37 * Alan Cox : Fixed TCP ack bug, removed remove sock
38 * and fixed timer/inet_bh race.
39 * Alan Cox : Added zapped flag for TCP
40 * Alan Cox : Move kfree_skb into skbuff.c and tidied up surplus code
41 * Alan Cox : for new sk_buff allocations wmalloc/rmalloc now call alloc_skb
42 * Alan Cox : kfree_s calls now are kfree_skbmem so we can track skb resources
43 * Alan Cox : Supports socket option broadcast now as does udp. Packet and raw need fixing.
44 * Alan Cox : Added RCVBUF,SNDBUF size setting. It suddenly occurred to me how easy it was so...
45 * Rick Sladkey : Relaxed UDP rules for matching packets.
46 * C.E.Hawkins : IFF_PROMISC/SIOCGHWADDR support
47 * Pauline Middelink : identd support
48 * Alan Cox : Fixed connect() taking signals I think.
49 * Alan Cox : SO_LINGER supported
50 * Alan Cox : Error reporting fixes
51 * Anonymous : inet_create tidied up (sk->reuse setting)
52 * Alan Cox : inet sockets don't set sk->type!
53 * Alan Cox : Split socket option code
54 * Alan Cox : Callbacks
55 * Alan Cox : Nagle flag for Charles & Johannes stuff
56 * Alex : Removed restriction on inet fioctl
57 * Alan Cox : Splitting INET from NET core
58 * Alan Cox : Fixed bogus SO_TYPE handling in getsockopt()
59 * Adam Caldwell : Missing return in SO_DONTROUTE/SO_DEBUG code
60 * Alan Cox : Split IP from generic code
61 * Alan Cox : New kfree_skbmem()
62 * Alan Cox : Make SO_DEBUG superuser only.
63 * Alan Cox : Allow anyone to clear SO_DEBUG
64 * (compatibility fix)
65 * Alan Cox : Added optimistic memory grabbing for AF_UNIX throughput.
66 * Alan Cox : Allocator for a socket is settable.
67 * Alan Cox : SO_ERROR includes soft errors.
68 * Alan Cox : Allow NULL arguments on some SO_ opts
69 * Alan Cox : Generic socket allocation to make hooks
70 * easier (suggested by Craig Metz).
71 * Michael Pall : SO_ERROR returns positive errno again
72 * Steve Whitehouse: Added default destructor to free
73 * protocol private data.
74 * Steve Whitehouse: Added various other default routines
75 * common to several socket families.
76 * Chris Evans : Call suser() check last on F_SETOWN
77 * Jay Schulist : Added SO_ATTACH_FILTER and SO_DETACH_FILTER.
78 * Andi Kleen : Add sock_kmalloc()/sock_kfree_s()
79 * Andi Kleen : Fix write_space callback
80 * Chris Evans : Security fixes - signedness again
81 * Arnaldo C. Melo : cleanups, use skb_queue_purge
82 *
83 * To Fix:
84 */
85
86#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
87
88#include <asm/unaligned.h>
89#include <linux/capability.h>
90#include <linux/errno.h>
91#include <linux/errqueue.h>
92#include <linux/types.h>
93#include <linux/socket.h>
94#include <linux/in.h>
95#include <linux/kernel.h>
96#include <linux/module.h>
97#include <linux/proc_fs.h>
98#include <linux/seq_file.h>
99#include <linux/sched.h>
100#include <linux/sched/mm.h>
101#include <linux/timer.h>
102#include <linux/string.h>
103#include <linux/sockios.h>
104#include <linux/net.h>
105#include <linux/mm.h>
106#include <linux/slab.h>
107#include <linux/interrupt.h>
108#include <linux/poll.h>
109#include <linux/tcp.h>
110#include <linux/udp.h>
111#include <linux/init.h>
112#include <linux/highmem.h>
113#include <linux/user_namespace.h>
114#include <linux/static_key.h>
115#include <linux/memcontrol.h>
116#include <linux/prefetch.h>
117#include <linux/compat.h>
118#include <linux/mroute.h>
119#include <linux/mroute6.h>
120#include <linux/icmpv6.h>
121
122#include <linux/uaccess.h>
123
124#include <linux/netdevice.h>
125#include <net/protocol.h>
126#include <linux/skbuff.h>
127#include <net/net_namespace.h>
128#include <net/request_sock.h>
129#include <net/sock.h>
130#include <linux/net_tstamp.h>
131#include <net/xfrm.h>
132#include <linux/ipsec.h>
133#include <net/cls_cgroup.h>
134#include <net/netprio_cgroup.h>
135#include <linux/sock_diag.h>
136
137#include <linux/filter.h>
138#include <net/sock_reuseport.h>
139#include <net/bpf_sk_storage.h>
140
141#include <trace/events/sock.h>
142
143#include <net/tcp.h>
144#include <net/busy_poll.h>
145#include <net/phonet/phonet.h>
146
147#include <linux/ethtool.h>
148
149#include "dev.h"
150
151static DEFINE_MUTEX(proto_list_mutex);
152static LIST_HEAD(proto_list);
153
154static void sock_def_write_space_wfree(struct sock *sk);
155static void sock_def_write_space(struct sock *sk);
156
157/**
158 * sk_ns_capable - General socket capability test
159 * @sk: Socket to use a capability on or through
160 * @user_ns: The user namespace of the capability to use
161 * @cap: The capability to use
162 *
163 * Test to see if the opener of the socket had when the socket was
164 * created and the current process has the capability @cap in the user
165 * namespace @user_ns.
166 */
167bool sk_ns_capable(const struct sock *sk,
168 struct user_namespace *user_ns, int cap)
169{
170 return file_ns_capable(sk->sk_socket->file, user_ns, cap) &&
171 ns_capable(user_ns, cap);
172}
173EXPORT_SYMBOL(sk_ns_capable);
174
175/**
176 * sk_capable - Socket global capability test
177 * @sk: Socket to use a capability on or through
178 * @cap: The global capability to use
179 *
180 * Test to see if the opener of the socket had when the socket was
181 * created and the current process has the capability @cap in all user
182 * namespaces.
183 */
184bool sk_capable(const struct sock *sk, int cap)
185{
186 return sk_ns_capable(sk, &init_user_ns, cap);
187}
188EXPORT_SYMBOL(sk_capable);
189
190/**
191 * sk_net_capable - Network namespace socket capability test
192 * @sk: Socket to use a capability on or through
193 * @cap: The capability to use
194 *
195 * Test to see if the opener of the socket had when the socket was created
196 * and the current process has the capability @cap over the network namespace
197 * the socket is a member of.
198 */
199bool sk_net_capable(const struct sock *sk, int cap)
200{
201 return sk_ns_capable(sk, sock_net(sk)->user_ns, cap);
202}
203EXPORT_SYMBOL(sk_net_capable);
204
205/*
206 * Each address family might have different locking rules, so we have
207 * one slock key per address family and separate keys for internal and
208 * userspace sockets.
209 */
210static struct lock_class_key af_family_keys[AF_MAX];
211static struct lock_class_key af_family_kern_keys[AF_MAX];
212static struct lock_class_key af_family_slock_keys[AF_MAX];
213static struct lock_class_key af_family_kern_slock_keys[AF_MAX];
214
215/*
216 * Make lock validator output more readable. (we pre-construct these
217 * strings build-time, so that runtime initialization of socket
218 * locks is fast):
219 */
220
221#define _sock_locks(x) \
222 x "AF_UNSPEC", x "AF_UNIX" , x "AF_INET" , \
223 x "AF_AX25" , x "AF_IPX" , x "AF_APPLETALK", \
224 x "AF_NETROM", x "AF_BRIDGE" , x "AF_ATMPVC" , \
225 x "AF_X25" , x "AF_INET6" , x "AF_ROSE" , \
226 x "AF_DECnet", x "AF_NETBEUI" , x "AF_SECURITY" , \
227 x "AF_KEY" , x "AF_NETLINK" , x "AF_PACKET" , \
228 x "AF_ASH" , x "AF_ECONET" , x "AF_ATMSVC" , \
229 x "AF_RDS" , x "AF_SNA" , x "AF_IRDA" , \
230 x "AF_PPPOX" , x "AF_WANPIPE" , x "AF_LLC" , \
231 x "27" , x "28" , x "AF_CAN" , \
232 x "AF_TIPC" , x "AF_BLUETOOTH", x "IUCV" , \
233 x "AF_RXRPC" , x "AF_ISDN" , x "AF_PHONET" , \
234 x "AF_IEEE802154", x "AF_CAIF" , x "AF_ALG" , \
235 x "AF_NFC" , x "AF_VSOCK" , x "AF_KCM" , \
236 x "AF_QIPCRTR", x "AF_SMC" , x "AF_XDP" , \
237 x "AF_MCTP" , \
238 x "AF_MAX"
239
240static const char *const af_family_key_strings[AF_MAX+1] = {
241 _sock_locks("sk_lock-")
242};
243static const char *const af_family_slock_key_strings[AF_MAX+1] = {
244 _sock_locks("slock-")
245};
246static const char *const af_family_clock_key_strings[AF_MAX+1] = {
247 _sock_locks("clock-")
248};
249
250static const char *const af_family_kern_key_strings[AF_MAX+1] = {
251 _sock_locks("k-sk_lock-")
252};
253static const char *const af_family_kern_slock_key_strings[AF_MAX+1] = {
254 _sock_locks("k-slock-")
255};
256static const char *const af_family_kern_clock_key_strings[AF_MAX+1] = {
257 _sock_locks("k-clock-")
258};
259static const char *const af_family_rlock_key_strings[AF_MAX+1] = {
260 _sock_locks("rlock-")
261};
262static const char *const af_family_wlock_key_strings[AF_MAX+1] = {
263 _sock_locks("wlock-")
264};
265static const char *const af_family_elock_key_strings[AF_MAX+1] = {
266 _sock_locks("elock-")
267};
268
269/*
270 * sk_callback_lock and sk queues locking rules are per-address-family,
271 * so split the lock classes by using a per-AF key:
272 */
273static struct lock_class_key af_callback_keys[AF_MAX];
274static struct lock_class_key af_rlock_keys[AF_MAX];
275static struct lock_class_key af_wlock_keys[AF_MAX];
276static struct lock_class_key af_elock_keys[AF_MAX];
277static struct lock_class_key af_kern_callback_keys[AF_MAX];
278
279/* Run time adjustable parameters. */
280__u32 sysctl_wmem_max __read_mostly = SK_WMEM_MAX;
281EXPORT_SYMBOL(sysctl_wmem_max);
282__u32 sysctl_rmem_max __read_mostly = SK_RMEM_MAX;
283EXPORT_SYMBOL(sysctl_rmem_max);
284__u32 sysctl_wmem_default __read_mostly = SK_WMEM_MAX;
285__u32 sysctl_rmem_default __read_mostly = SK_RMEM_MAX;
286
287int sysctl_tstamp_allow_data __read_mostly = 1;
288
289DEFINE_STATIC_KEY_FALSE(memalloc_socks_key);
290EXPORT_SYMBOL_GPL(memalloc_socks_key);
291
292/**
293 * sk_set_memalloc - sets %SOCK_MEMALLOC
294 * @sk: socket to set it on
295 *
296 * Set %SOCK_MEMALLOC on a socket for access to emergency reserves.
297 * It's the responsibility of the admin to adjust min_free_kbytes
298 * to meet the requirements
299 */
300void sk_set_memalloc(struct sock *sk)
301{
302 sock_set_flag(sk, SOCK_MEMALLOC);
303 sk->sk_allocation |= __GFP_MEMALLOC;
304 static_branch_inc(&memalloc_socks_key);
305}
306EXPORT_SYMBOL_GPL(sk_set_memalloc);
307
308void sk_clear_memalloc(struct sock *sk)
309{
310 sock_reset_flag(sk, SOCK_MEMALLOC);
311 sk->sk_allocation &= ~__GFP_MEMALLOC;
312 static_branch_dec(&memalloc_socks_key);
313
314 /*
315 * SOCK_MEMALLOC is allowed to ignore rmem limits to ensure forward
316 * progress of swapping. SOCK_MEMALLOC may be cleared while
317 * it has rmem allocations due to the last swapfile being deactivated
318 * but there is a risk that the socket is unusable due to exceeding
319 * the rmem limits. Reclaim the reserves and obey rmem limits again.
320 */
321 sk_mem_reclaim(sk);
322}
323EXPORT_SYMBOL_GPL(sk_clear_memalloc);
324
325int __sk_backlog_rcv(struct sock *sk, struct sk_buff *skb)
326{
327 int ret;
328 unsigned int noreclaim_flag;
329
330 /* these should have been dropped before queueing */
331 BUG_ON(!sock_flag(sk, SOCK_MEMALLOC));
332
333 noreclaim_flag = memalloc_noreclaim_save();
334 ret = INDIRECT_CALL_INET(sk->sk_backlog_rcv,
335 tcp_v6_do_rcv,
336 tcp_v4_do_rcv,
337 sk, skb);
338 memalloc_noreclaim_restore(noreclaim_flag);
339
340 return ret;
341}
342EXPORT_SYMBOL(__sk_backlog_rcv);
343
344void sk_error_report(struct sock *sk)
345{
346 sk->sk_error_report(sk);
347
348 switch (sk->sk_family) {
349 case AF_INET:
350 fallthrough;
351 case AF_INET6:
352 trace_inet_sk_error_report(sk);
353 break;
354 default:
355 break;
356 }
357}
358EXPORT_SYMBOL(sk_error_report);
359
360int sock_get_timeout(long timeo, void *optval, bool old_timeval)
361{
362 struct __kernel_sock_timeval tv;
363
364 if (timeo == MAX_SCHEDULE_TIMEOUT) {
365 tv.tv_sec = 0;
366 tv.tv_usec = 0;
367 } else {
368 tv.tv_sec = timeo / HZ;
369 tv.tv_usec = ((timeo % HZ) * USEC_PER_SEC) / HZ;
370 }
371
372 if (old_timeval && in_compat_syscall() && !COMPAT_USE_64BIT_TIME) {
373 struct old_timeval32 tv32 = { tv.tv_sec, tv.tv_usec };
374 *(struct old_timeval32 *)optval = tv32;
375 return sizeof(tv32);
376 }
377
378 if (old_timeval) {
379 struct __kernel_old_timeval old_tv;
380 old_tv.tv_sec = tv.tv_sec;
381 old_tv.tv_usec = tv.tv_usec;
382 *(struct __kernel_old_timeval *)optval = old_tv;
383 return sizeof(old_tv);
384 }
385
386 *(struct __kernel_sock_timeval *)optval = tv;
387 return sizeof(tv);
388}
389EXPORT_SYMBOL(sock_get_timeout);
390
391int sock_copy_user_timeval(struct __kernel_sock_timeval *tv,
392 sockptr_t optval, int optlen, bool old_timeval)
393{
394 if (old_timeval && in_compat_syscall() && !COMPAT_USE_64BIT_TIME) {
395 struct old_timeval32 tv32;
396
397 if (optlen < sizeof(tv32))
398 return -EINVAL;
399
400 if (copy_from_sockptr(&tv32, optval, sizeof(tv32)))
401 return -EFAULT;
402 tv->tv_sec = tv32.tv_sec;
403 tv->tv_usec = tv32.tv_usec;
404 } else if (old_timeval) {
405 struct __kernel_old_timeval old_tv;
406
407 if (optlen < sizeof(old_tv))
408 return -EINVAL;
409 if (copy_from_sockptr(&old_tv, optval, sizeof(old_tv)))
410 return -EFAULT;
411 tv->tv_sec = old_tv.tv_sec;
412 tv->tv_usec = old_tv.tv_usec;
413 } else {
414 if (optlen < sizeof(*tv))
415 return -EINVAL;
416 if (copy_from_sockptr(tv, optval, sizeof(*tv)))
417 return -EFAULT;
418 }
419
420 return 0;
421}
422EXPORT_SYMBOL(sock_copy_user_timeval);
423
424static int sock_set_timeout(long *timeo_p, sockptr_t optval, int optlen,
425 bool old_timeval)
426{
427 struct __kernel_sock_timeval tv;
428 int err = sock_copy_user_timeval(&tv, optval, optlen, old_timeval);
429 long val;
430
431 if (err)
432 return err;
433
434 if (tv.tv_usec < 0 || tv.tv_usec >= USEC_PER_SEC)
435 return -EDOM;
436
437 if (tv.tv_sec < 0) {
438 static int warned __read_mostly;
439
440 WRITE_ONCE(*timeo_p, 0);
441 if (warned < 10 && net_ratelimit()) {
442 warned++;
443 pr_info("%s: `%s' (pid %d) tries to set negative timeout\n",
444 __func__, current->comm, task_pid_nr(current));
445 }
446 return 0;
447 }
448 val = MAX_SCHEDULE_TIMEOUT;
449 if ((tv.tv_sec || tv.tv_usec) &&
450 (tv.tv_sec < (MAX_SCHEDULE_TIMEOUT / HZ - 1)))
451 val = tv.tv_sec * HZ + DIV_ROUND_UP((unsigned long)tv.tv_usec,
452 USEC_PER_SEC / HZ);
453 WRITE_ONCE(*timeo_p, val);
454 return 0;
455}
456
457static bool sock_needs_netstamp(const struct sock *sk)
458{
459 switch (sk->sk_family) {
460 case AF_UNSPEC:
461 case AF_UNIX:
462 return false;
463 default:
464 return true;
465 }
466}
467
468static void sock_disable_timestamp(struct sock *sk, unsigned long flags)
469{
470 if (sk->sk_flags & flags) {
471 sk->sk_flags &= ~flags;
472 if (sock_needs_netstamp(sk) &&
473 !(sk->sk_flags & SK_FLAGS_TIMESTAMP))
474 net_disable_timestamp();
475 }
476}
477
478
479int __sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
480{
481 unsigned long flags;
482 struct sk_buff_head *list = &sk->sk_receive_queue;
483
484 if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf) {
485 atomic_inc(&sk->sk_drops);
486 trace_sock_rcvqueue_full(sk, skb);
487 return -ENOMEM;
488 }
489
490 if (!sk_rmem_schedule(sk, skb, skb->truesize)) {
491 atomic_inc(&sk->sk_drops);
492 return -ENOBUFS;
493 }
494
495 skb->dev = NULL;
496 skb_set_owner_r(skb, sk);
497
498 /* we escape from rcu protected region, make sure we dont leak
499 * a norefcounted dst
500 */
501 skb_dst_force(skb);
502
503 spin_lock_irqsave(&list->lock, flags);
504 sock_skb_set_dropcount(sk, skb);
505 __skb_queue_tail(list, skb);
506 spin_unlock_irqrestore(&list->lock, flags);
507
508 if (!sock_flag(sk, SOCK_DEAD))
509 sk->sk_data_ready(sk);
510 return 0;
511}
512EXPORT_SYMBOL(__sock_queue_rcv_skb);
513
514int sock_queue_rcv_skb_reason(struct sock *sk, struct sk_buff *skb,
515 enum skb_drop_reason *reason)
516{
517 enum skb_drop_reason drop_reason;
518 int err;
519
520 err = sk_filter(sk, skb);
521 if (err) {
522 drop_reason = SKB_DROP_REASON_SOCKET_FILTER;
523 goto out;
524 }
525 err = __sock_queue_rcv_skb(sk, skb);
526 switch (err) {
527 case -ENOMEM:
528 drop_reason = SKB_DROP_REASON_SOCKET_RCVBUFF;
529 break;
530 case -ENOBUFS:
531 drop_reason = SKB_DROP_REASON_PROTO_MEM;
532 break;
533 default:
534 drop_reason = SKB_NOT_DROPPED_YET;
535 break;
536 }
537out:
538 if (reason)
539 *reason = drop_reason;
540 return err;
541}
542EXPORT_SYMBOL(sock_queue_rcv_skb_reason);
543
544int __sk_receive_skb(struct sock *sk, struct sk_buff *skb,
545 const int nested, unsigned int trim_cap, bool refcounted)
546{
547 int rc = NET_RX_SUCCESS;
548
549 if (sk_filter_trim_cap(sk, skb, trim_cap))
550 goto discard_and_relse;
551
552 skb->dev = NULL;
553
554 if (sk_rcvqueues_full(sk, sk->sk_rcvbuf)) {
555 atomic_inc(&sk->sk_drops);
556 goto discard_and_relse;
557 }
558 if (nested)
559 bh_lock_sock_nested(sk);
560 else
561 bh_lock_sock(sk);
562 if (!sock_owned_by_user(sk)) {
563 /*
564 * trylock + unlock semantics:
565 */
566 mutex_acquire(&sk->sk_lock.dep_map, 0, 1, _RET_IP_);
567
568 rc = sk_backlog_rcv(sk, skb);
569
570 mutex_release(&sk->sk_lock.dep_map, _RET_IP_);
571 } else if (sk_add_backlog(sk, skb, READ_ONCE(sk->sk_rcvbuf))) {
572 bh_unlock_sock(sk);
573 atomic_inc(&sk->sk_drops);
574 goto discard_and_relse;
575 }
576
577 bh_unlock_sock(sk);
578out:
579 if (refcounted)
580 sock_put(sk);
581 return rc;
582discard_and_relse:
583 kfree_skb(skb);
584 goto out;
585}
586EXPORT_SYMBOL(__sk_receive_skb);
587
588INDIRECT_CALLABLE_DECLARE(struct dst_entry *ip6_dst_check(struct dst_entry *,
589 u32));
590INDIRECT_CALLABLE_DECLARE(struct dst_entry *ipv4_dst_check(struct dst_entry *,
591 u32));
592struct dst_entry *__sk_dst_check(struct sock *sk, u32 cookie)
593{
594 struct dst_entry *dst = __sk_dst_get(sk);
595
596 if (dst && dst->obsolete &&
597 INDIRECT_CALL_INET(dst->ops->check, ip6_dst_check, ipv4_dst_check,
598 dst, cookie) == NULL) {
599 sk_tx_queue_clear(sk);
600 WRITE_ONCE(sk->sk_dst_pending_confirm, 0);
601 RCU_INIT_POINTER(sk->sk_dst_cache, NULL);
602 dst_release(dst);
603 return NULL;
604 }
605
606 return dst;
607}
608EXPORT_SYMBOL(__sk_dst_check);
609
610struct dst_entry *sk_dst_check(struct sock *sk, u32 cookie)
611{
612 struct dst_entry *dst = sk_dst_get(sk);
613
614 if (dst && dst->obsolete &&
615 INDIRECT_CALL_INET(dst->ops->check, ip6_dst_check, ipv4_dst_check,
616 dst, cookie) == NULL) {
617 sk_dst_reset(sk);
618 dst_release(dst);
619 return NULL;
620 }
621
622 return dst;
623}
624EXPORT_SYMBOL(sk_dst_check);
625
626static int sock_bindtoindex_locked(struct sock *sk, int ifindex)
627{
628 int ret = -ENOPROTOOPT;
629#ifdef CONFIG_NETDEVICES
630 struct net *net = sock_net(sk);
631
632 /* Sorry... */
633 ret = -EPERM;
634 if (sk->sk_bound_dev_if && !ns_capable(net->user_ns, CAP_NET_RAW))
635 goto out;
636
637 ret = -EINVAL;
638 if (ifindex < 0)
639 goto out;
640
641 /* Paired with all READ_ONCE() done locklessly. */
642 WRITE_ONCE(sk->sk_bound_dev_if, ifindex);
643
644 if (sk->sk_prot->rehash)
645 sk->sk_prot->rehash(sk);
646 sk_dst_reset(sk);
647
648 ret = 0;
649
650out:
651#endif
652
653 return ret;
654}
655
656int sock_bindtoindex(struct sock *sk, int ifindex, bool lock_sk)
657{
658 int ret;
659
660 if (lock_sk)
661 lock_sock(sk);
662 ret = sock_bindtoindex_locked(sk, ifindex);
663 if (lock_sk)
664 release_sock(sk);
665
666 return ret;
667}
668EXPORT_SYMBOL(sock_bindtoindex);
669
670static int sock_setbindtodevice(struct sock *sk, sockptr_t optval, int optlen)
671{
672 int ret = -ENOPROTOOPT;
673#ifdef CONFIG_NETDEVICES
674 struct net *net = sock_net(sk);
675 char devname[IFNAMSIZ];
676 int index;
677
678 ret = -EINVAL;
679 if (optlen < 0)
680 goto out;
681
682 /* Bind this socket to a particular device like "eth0",
683 * as specified in the passed interface name. If the
684 * name is "" or the option length is zero the socket
685 * is not bound.
686 */
687 if (optlen > IFNAMSIZ - 1)
688 optlen = IFNAMSIZ - 1;
689 memset(devname, 0, sizeof(devname));
690
691 ret = -EFAULT;
692 if (copy_from_sockptr(devname, optval, optlen))
693 goto out;
694
695 index = 0;
696 if (devname[0] != '\0') {
697 struct net_device *dev;
698
699 rcu_read_lock();
700 dev = dev_get_by_name_rcu(net, devname);
701 if (dev)
702 index = dev->ifindex;
703 rcu_read_unlock();
704 ret = -ENODEV;
705 if (!dev)
706 goto out;
707 }
708
709 sockopt_lock_sock(sk);
710 ret = sock_bindtoindex_locked(sk, index);
711 sockopt_release_sock(sk);
712out:
713#endif
714
715 return ret;
716}
717
718static int sock_getbindtodevice(struct sock *sk, sockptr_t optval,
719 sockptr_t optlen, int len)
720{
721 int ret = -ENOPROTOOPT;
722#ifdef CONFIG_NETDEVICES
723 int bound_dev_if = READ_ONCE(sk->sk_bound_dev_if);
724 struct net *net = sock_net(sk);
725 char devname[IFNAMSIZ];
726
727 if (bound_dev_if == 0) {
728 len = 0;
729 goto zero;
730 }
731
732 ret = -EINVAL;
733 if (len < IFNAMSIZ)
734 goto out;
735
736 ret = netdev_get_name(net, devname, bound_dev_if);
737 if (ret)
738 goto out;
739
740 len = strlen(devname) + 1;
741
742 ret = -EFAULT;
743 if (copy_to_sockptr(optval, devname, len))
744 goto out;
745
746zero:
747 ret = -EFAULT;
748 if (copy_to_sockptr(optlen, &len, sizeof(int)))
749 goto out;
750
751 ret = 0;
752
753out:
754#endif
755
756 return ret;
757}
758
759bool sk_mc_loop(const struct sock *sk)
760{
761 if (dev_recursion_level())
762 return false;
763 if (!sk)
764 return true;
765 /* IPV6_ADDRFORM can change sk->sk_family under us. */
766 switch (READ_ONCE(sk->sk_family)) {
767 case AF_INET:
768 return inet_test_bit(MC_LOOP, sk);
769#if IS_ENABLED(CONFIG_IPV6)
770 case AF_INET6:
771 return inet6_test_bit(MC6_LOOP, sk);
772#endif
773 }
774 WARN_ON_ONCE(1);
775 return true;
776}
777EXPORT_SYMBOL(sk_mc_loop);
778
779void sock_set_reuseaddr(struct sock *sk)
780{
781 lock_sock(sk);
782 sk->sk_reuse = SK_CAN_REUSE;
783 release_sock(sk);
784}
785EXPORT_SYMBOL(sock_set_reuseaddr);
786
787void sock_set_reuseport(struct sock *sk)
788{
789 lock_sock(sk);
790 sk->sk_reuseport = true;
791 release_sock(sk);
792}
793EXPORT_SYMBOL(sock_set_reuseport);
794
795void sock_no_linger(struct sock *sk)
796{
797 lock_sock(sk);
798 WRITE_ONCE(sk->sk_lingertime, 0);
799 sock_set_flag(sk, SOCK_LINGER);
800 release_sock(sk);
801}
802EXPORT_SYMBOL(sock_no_linger);
803
804void sock_set_priority(struct sock *sk, u32 priority)
805{
806 WRITE_ONCE(sk->sk_priority, priority);
807}
808EXPORT_SYMBOL(sock_set_priority);
809
810void sock_set_sndtimeo(struct sock *sk, s64 secs)
811{
812 lock_sock(sk);
813 if (secs && secs < MAX_SCHEDULE_TIMEOUT / HZ - 1)
814 WRITE_ONCE(sk->sk_sndtimeo, secs * HZ);
815 else
816 WRITE_ONCE(sk->sk_sndtimeo, MAX_SCHEDULE_TIMEOUT);
817 release_sock(sk);
818}
819EXPORT_SYMBOL(sock_set_sndtimeo);
820
821static void __sock_set_timestamps(struct sock *sk, bool val, bool new, bool ns)
822{
823 if (val) {
824 sock_valbool_flag(sk, SOCK_TSTAMP_NEW, new);
825 sock_valbool_flag(sk, SOCK_RCVTSTAMPNS, ns);
826 sock_set_flag(sk, SOCK_RCVTSTAMP);
827 sock_enable_timestamp(sk, SOCK_TIMESTAMP);
828 } else {
829 sock_reset_flag(sk, SOCK_RCVTSTAMP);
830 sock_reset_flag(sk, SOCK_RCVTSTAMPNS);
831 }
832}
833
834void sock_enable_timestamps(struct sock *sk)
835{
836 lock_sock(sk);
837 __sock_set_timestamps(sk, true, false, true);
838 release_sock(sk);
839}
840EXPORT_SYMBOL(sock_enable_timestamps);
841
842void sock_set_timestamp(struct sock *sk, int optname, bool valbool)
843{
844 switch (optname) {
845 case SO_TIMESTAMP_OLD:
846 __sock_set_timestamps(sk, valbool, false, false);
847 break;
848 case SO_TIMESTAMP_NEW:
849 __sock_set_timestamps(sk, valbool, true, false);
850 break;
851 case SO_TIMESTAMPNS_OLD:
852 __sock_set_timestamps(sk, valbool, false, true);
853 break;
854 case SO_TIMESTAMPNS_NEW:
855 __sock_set_timestamps(sk, valbool, true, true);
856 break;
857 }
858}
859
860static int sock_timestamping_bind_phc(struct sock *sk, int phc_index)
861{
862 struct net *net = sock_net(sk);
863 struct net_device *dev = NULL;
864 bool match = false;
865 int *vclock_index;
866 int i, num;
867
868 if (sk->sk_bound_dev_if)
869 dev = dev_get_by_index(net, sk->sk_bound_dev_if);
870
871 if (!dev) {
872 pr_err("%s: sock not bind to device\n", __func__);
873 return -EOPNOTSUPP;
874 }
875
876 num = ethtool_get_phc_vclocks(dev, &vclock_index);
877 dev_put(dev);
878
879 for (i = 0; i < num; i++) {
880 if (*(vclock_index + i) == phc_index) {
881 match = true;
882 break;
883 }
884 }
885
886 if (num > 0)
887 kfree(vclock_index);
888
889 if (!match)
890 return -EINVAL;
891
892 WRITE_ONCE(sk->sk_bind_phc, phc_index);
893
894 return 0;
895}
896
897int sock_set_timestamping(struct sock *sk, int optname,
898 struct so_timestamping timestamping)
899{
900 int val = timestamping.flags;
901 int ret;
902
903 if (val & ~SOF_TIMESTAMPING_MASK)
904 return -EINVAL;
905
906 if (val & SOF_TIMESTAMPING_OPT_ID_TCP &&
907 !(val & SOF_TIMESTAMPING_OPT_ID))
908 return -EINVAL;
909
910 if (val & SOF_TIMESTAMPING_OPT_ID &&
911 !(sk->sk_tsflags & SOF_TIMESTAMPING_OPT_ID)) {
912 if (sk_is_tcp(sk)) {
913 if ((1 << sk->sk_state) &
914 (TCPF_CLOSE | TCPF_LISTEN))
915 return -EINVAL;
916 if (val & SOF_TIMESTAMPING_OPT_ID_TCP)
917 atomic_set(&sk->sk_tskey, tcp_sk(sk)->write_seq);
918 else
919 atomic_set(&sk->sk_tskey, tcp_sk(sk)->snd_una);
920 } else {
921 atomic_set(&sk->sk_tskey, 0);
922 }
923 }
924
925 if (val & SOF_TIMESTAMPING_OPT_STATS &&
926 !(val & SOF_TIMESTAMPING_OPT_TSONLY))
927 return -EINVAL;
928
929 if (val & SOF_TIMESTAMPING_BIND_PHC) {
930 ret = sock_timestamping_bind_phc(sk, timestamping.bind_phc);
931 if (ret)
932 return ret;
933 }
934
935 WRITE_ONCE(sk->sk_tsflags, val);
936 sock_valbool_flag(sk, SOCK_TSTAMP_NEW, optname == SO_TIMESTAMPING_NEW);
937
938 if (val & SOF_TIMESTAMPING_RX_SOFTWARE)
939 sock_enable_timestamp(sk,
940 SOCK_TIMESTAMPING_RX_SOFTWARE);
941 else
942 sock_disable_timestamp(sk,
943 (1UL << SOCK_TIMESTAMPING_RX_SOFTWARE));
944 return 0;
945}
946
947void sock_set_keepalive(struct sock *sk)
948{
949 lock_sock(sk);
950 if (sk->sk_prot->keepalive)
951 sk->sk_prot->keepalive(sk, true);
952 sock_valbool_flag(sk, SOCK_KEEPOPEN, true);
953 release_sock(sk);
954}
955EXPORT_SYMBOL(sock_set_keepalive);
956
957static void __sock_set_rcvbuf(struct sock *sk, int val)
958{
959 /* Ensure val * 2 fits into an int, to prevent max_t() from treating it
960 * as a negative value.
961 */
962 val = min_t(int, val, INT_MAX / 2);
963 sk->sk_userlocks |= SOCK_RCVBUF_LOCK;
964
965 /* We double it on the way in to account for "struct sk_buff" etc.
966 * overhead. Applications assume that the SO_RCVBUF setting they make
967 * will allow that much actual data to be received on that socket.
968 *
969 * Applications are unaware that "struct sk_buff" and other overheads
970 * allocate from the receive buffer during socket buffer allocation.
971 *
972 * And after considering the possible alternatives, returning the value
973 * we actually used in getsockopt is the most desirable behavior.
974 */
975 WRITE_ONCE(sk->sk_rcvbuf, max_t(int, val * 2, SOCK_MIN_RCVBUF));
976}
977
978void sock_set_rcvbuf(struct sock *sk, int val)
979{
980 lock_sock(sk);
981 __sock_set_rcvbuf(sk, val);
982 release_sock(sk);
983}
984EXPORT_SYMBOL(sock_set_rcvbuf);
985
986static void __sock_set_mark(struct sock *sk, u32 val)
987{
988 if (val != sk->sk_mark) {
989 WRITE_ONCE(sk->sk_mark, val);
990 sk_dst_reset(sk);
991 }
992}
993
994void sock_set_mark(struct sock *sk, u32 val)
995{
996 lock_sock(sk);
997 __sock_set_mark(sk, val);
998 release_sock(sk);
999}
1000EXPORT_SYMBOL(sock_set_mark);
1001
1002static void sock_release_reserved_memory(struct sock *sk, int bytes)
1003{
1004 /* Round down bytes to multiple of pages */
1005 bytes = round_down(bytes, PAGE_SIZE);
1006
1007 WARN_ON(bytes > sk->sk_reserved_mem);
1008 WRITE_ONCE(sk->sk_reserved_mem, sk->sk_reserved_mem - bytes);
1009 sk_mem_reclaim(sk);
1010}
1011
1012static int sock_reserve_memory(struct sock *sk, int bytes)
1013{
1014 long allocated;
1015 bool charged;
1016 int pages;
1017
1018 if (!mem_cgroup_sockets_enabled || !sk->sk_memcg || !sk_has_account(sk))
1019 return -EOPNOTSUPP;
1020
1021 if (!bytes)
1022 return 0;
1023
1024 pages = sk_mem_pages(bytes);
1025
1026 /* pre-charge to memcg */
1027 charged = mem_cgroup_charge_skmem(sk->sk_memcg, pages,
1028 GFP_KERNEL | __GFP_RETRY_MAYFAIL);
1029 if (!charged)
1030 return -ENOMEM;
1031
1032 /* pre-charge to forward_alloc */
1033 sk_memory_allocated_add(sk, pages);
1034 allocated = sk_memory_allocated(sk);
1035 /* If the system goes into memory pressure with this
1036 * precharge, give up and return error.
1037 */
1038 if (allocated > sk_prot_mem_limits(sk, 1)) {
1039 sk_memory_allocated_sub(sk, pages);
1040 mem_cgroup_uncharge_skmem(sk->sk_memcg, pages);
1041 return -ENOMEM;
1042 }
1043 sk_forward_alloc_add(sk, pages << PAGE_SHIFT);
1044
1045 WRITE_ONCE(sk->sk_reserved_mem,
1046 sk->sk_reserved_mem + (pages << PAGE_SHIFT));
1047
1048 return 0;
1049}
1050
1051void sockopt_lock_sock(struct sock *sk)
1052{
1053 /* When current->bpf_ctx is set, the setsockopt is called from
1054 * a bpf prog. bpf has ensured the sk lock has been
1055 * acquired before calling setsockopt().
1056 */
1057 if (has_current_bpf_ctx())
1058 return;
1059
1060 lock_sock(sk);
1061}
1062EXPORT_SYMBOL(sockopt_lock_sock);
1063
1064void sockopt_release_sock(struct sock *sk)
1065{
1066 if (has_current_bpf_ctx())
1067 return;
1068
1069 release_sock(sk);
1070}
1071EXPORT_SYMBOL(sockopt_release_sock);
1072
1073bool sockopt_ns_capable(struct user_namespace *ns, int cap)
1074{
1075 return has_current_bpf_ctx() || ns_capable(ns, cap);
1076}
1077EXPORT_SYMBOL(sockopt_ns_capable);
1078
1079bool sockopt_capable(int cap)
1080{
1081 return has_current_bpf_ctx() || capable(cap);
1082}
1083EXPORT_SYMBOL(sockopt_capable);
1084
1085/*
1086 * This is meant for all protocols to use and covers goings on
1087 * at the socket level. Everything here is generic.
1088 */
1089
1090int sk_setsockopt(struct sock *sk, int level, int optname,
1091 sockptr_t optval, unsigned int optlen)
1092{
1093 struct so_timestamping timestamping;
1094 struct socket *sock = sk->sk_socket;
1095 struct sock_txtime sk_txtime;
1096 int val;
1097 int valbool;
1098 struct linger ling;
1099 int ret = 0;
1100
1101 /*
1102 * Options without arguments
1103 */
1104
1105 if (optname == SO_BINDTODEVICE)
1106 return sock_setbindtodevice(sk, optval, optlen);
1107
1108 if (optlen < sizeof(int))
1109 return -EINVAL;
1110
1111 if (copy_from_sockptr(&val, optval, sizeof(val)))
1112 return -EFAULT;
1113
1114 valbool = val ? 1 : 0;
1115
1116 /* handle options which do not require locking the socket. */
1117 switch (optname) {
1118 case SO_PRIORITY:
1119 if ((val >= 0 && val <= 6) ||
1120 sockopt_ns_capable(sock_net(sk)->user_ns, CAP_NET_RAW) ||
1121 sockopt_ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) {
1122 sock_set_priority(sk, val);
1123 return 0;
1124 }
1125 return -EPERM;
1126 case SO_PASSSEC:
1127 assign_bit(SOCK_PASSSEC, &sock->flags, valbool);
1128 return 0;
1129 case SO_PASSCRED:
1130 assign_bit(SOCK_PASSCRED, &sock->flags, valbool);
1131 return 0;
1132 case SO_PASSPIDFD:
1133 assign_bit(SOCK_PASSPIDFD, &sock->flags, valbool);
1134 return 0;
1135 case SO_TYPE:
1136 case SO_PROTOCOL:
1137 case SO_DOMAIN:
1138 case SO_ERROR:
1139 return -ENOPROTOOPT;
1140#ifdef CONFIG_NET_RX_BUSY_POLL
1141 case SO_BUSY_POLL:
1142 if (val < 0)
1143 return -EINVAL;
1144 WRITE_ONCE(sk->sk_ll_usec, val);
1145 return 0;
1146 case SO_PREFER_BUSY_POLL:
1147 if (valbool && !sockopt_capable(CAP_NET_ADMIN))
1148 return -EPERM;
1149 WRITE_ONCE(sk->sk_prefer_busy_poll, valbool);
1150 return 0;
1151 case SO_BUSY_POLL_BUDGET:
1152 if (val > READ_ONCE(sk->sk_busy_poll_budget) &&
1153 !sockopt_capable(CAP_NET_ADMIN))
1154 return -EPERM;
1155 if (val < 0 || val > U16_MAX)
1156 return -EINVAL;
1157 WRITE_ONCE(sk->sk_busy_poll_budget, val);
1158 return 0;
1159#endif
1160 case SO_MAX_PACING_RATE:
1161 {
1162 unsigned long ulval = (val == ~0U) ? ~0UL : (unsigned int)val;
1163 unsigned long pacing_rate;
1164
1165 if (sizeof(ulval) != sizeof(val) &&
1166 optlen >= sizeof(ulval) &&
1167 copy_from_sockptr(&ulval, optval, sizeof(ulval))) {
1168 return -EFAULT;
1169 }
1170 if (ulval != ~0UL)
1171 cmpxchg(&sk->sk_pacing_status,
1172 SK_PACING_NONE,
1173 SK_PACING_NEEDED);
1174 /* Pairs with READ_ONCE() from sk_getsockopt() */
1175 WRITE_ONCE(sk->sk_max_pacing_rate, ulval);
1176 pacing_rate = READ_ONCE(sk->sk_pacing_rate);
1177 if (ulval < pacing_rate)
1178 WRITE_ONCE(sk->sk_pacing_rate, ulval);
1179 return 0;
1180 }
1181 case SO_TXREHASH:
1182 if (val < -1 || val > 1)
1183 return -EINVAL;
1184 if ((u8)val == SOCK_TXREHASH_DEFAULT)
1185 val = READ_ONCE(sock_net(sk)->core.sysctl_txrehash);
1186 /* Paired with READ_ONCE() in tcp_rtx_synack()
1187 * and sk_getsockopt().
1188 */
1189 WRITE_ONCE(sk->sk_txrehash, (u8)val);
1190 return 0;
1191 case SO_PEEK_OFF:
1192 {
1193 int (*set_peek_off)(struct sock *sk, int val);
1194
1195 set_peek_off = READ_ONCE(sock->ops)->set_peek_off;
1196 if (set_peek_off)
1197 ret = set_peek_off(sk, val);
1198 else
1199 ret = -EOPNOTSUPP;
1200 return ret;
1201 }
1202 }
1203
1204 sockopt_lock_sock(sk);
1205
1206 switch (optname) {
1207 case SO_DEBUG:
1208 if (val && !sockopt_capable(CAP_NET_ADMIN))
1209 ret = -EACCES;
1210 else
1211 sock_valbool_flag(sk, SOCK_DBG, valbool);
1212 break;
1213 case SO_REUSEADDR:
1214 sk->sk_reuse = (valbool ? SK_CAN_REUSE : SK_NO_REUSE);
1215 break;
1216 case SO_REUSEPORT:
1217 sk->sk_reuseport = valbool;
1218 break;
1219 case SO_DONTROUTE:
1220 sock_valbool_flag(sk, SOCK_LOCALROUTE, valbool);
1221 sk_dst_reset(sk);
1222 break;
1223 case SO_BROADCAST:
1224 sock_valbool_flag(sk, SOCK_BROADCAST, valbool);
1225 break;
1226 case SO_SNDBUF:
1227 /* Don't error on this BSD doesn't and if you think
1228 * about it this is right. Otherwise apps have to
1229 * play 'guess the biggest size' games. RCVBUF/SNDBUF
1230 * are treated in BSD as hints
1231 */
1232 val = min_t(u32, val, READ_ONCE(sysctl_wmem_max));
1233set_sndbuf:
1234 /* Ensure val * 2 fits into an int, to prevent max_t()
1235 * from treating it as a negative value.
1236 */
1237 val = min_t(int, val, INT_MAX / 2);
1238 sk->sk_userlocks |= SOCK_SNDBUF_LOCK;
1239 WRITE_ONCE(sk->sk_sndbuf,
1240 max_t(int, val * 2, SOCK_MIN_SNDBUF));
1241 /* Wake up sending tasks if we upped the value. */
1242 sk->sk_write_space(sk);
1243 break;
1244
1245 case SO_SNDBUFFORCE:
1246 if (!sockopt_capable(CAP_NET_ADMIN)) {
1247 ret = -EPERM;
1248 break;
1249 }
1250
1251 /* No negative values (to prevent underflow, as val will be
1252 * multiplied by 2).
1253 */
1254 if (val < 0)
1255 val = 0;
1256 goto set_sndbuf;
1257
1258 case SO_RCVBUF:
1259 /* Don't error on this BSD doesn't and if you think
1260 * about it this is right. Otherwise apps have to
1261 * play 'guess the biggest size' games. RCVBUF/SNDBUF
1262 * are treated in BSD as hints
1263 */
1264 __sock_set_rcvbuf(sk, min_t(u32, val, READ_ONCE(sysctl_rmem_max)));
1265 break;
1266
1267 case SO_RCVBUFFORCE:
1268 if (!sockopt_capable(CAP_NET_ADMIN)) {
1269 ret = -EPERM;
1270 break;
1271 }
1272
1273 /* No negative values (to prevent underflow, as val will be
1274 * multiplied by 2).
1275 */
1276 __sock_set_rcvbuf(sk, max(val, 0));
1277 break;
1278
1279 case SO_KEEPALIVE:
1280 if (sk->sk_prot->keepalive)
1281 sk->sk_prot->keepalive(sk, valbool);
1282 sock_valbool_flag(sk, SOCK_KEEPOPEN, valbool);
1283 break;
1284
1285 case SO_OOBINLINE:
1286 sock_valbool_flag(sk, SOCK_URGINLINE, valbool);
1287 break;
1288
1289 case SO_NO_CHECK:
1290 sk->sk_no_check_tx = valbool;
1291 break;
1292
1293 case SO_LINGER:
1294 if (optlen < sizeof(ling)) {
1295 ret = -EINVAL; /* 1003.1g */
1296 break;
1297 }
1298 if (copy_from_sockptr(&ling, optval, sizeof(ling))) {
1299 ret = -EFAULT;
1300 break;
1301 }
1302 if (!ling.l_onoff) {
1303 sock_reset_flag(sk, SOCK_LINGER);
1304 } else {
1305 unsigned long t_sec = ling.l_linger;
1306
1307 if (t_sec >= MAX_SCHEDULE_TIMEOUT / HZ)
1308 WRITE_ONCE(sk->sk_lingertime, MAX_SCHEDULE_TIMEOUT);
1309 else
1310 WRITE_ONCE(sk->sk_lingertime, t_sec * HZ);
1311 sock_set_flag(sk, SOCK_LINGER);
1312 }
1313 break;
1314
1315 case SO_BSDCOMPAT:
1316 break;
1317
1318 case SO_TIMESTAMP_OLD:
1319 case SO_TIMESTAMP_NEW:
1320 case SO_TIMESTAMPNS_OLD:
1321 case SO_TIMESTAMPNS_NEW:
1322 sock_set_timestamp(sk, optname, valbool);
1323 break;
1324
1325 case SO_TIMESTAMPING_NEW:
1326 case SO_TIMESTAMPING_OLD:
1327 if (optlen == sizeof(timestamping)) {
1328 if (copy_from_sockptr(×tamping, optval,
1329 sizeof(timestamping))) {
1330 ret = -EFAULT;
1331 break;
1332 }
1333 } else {
1334 memset(×tamping, 0, sizeof(timestamping));
1335 timestamping.flags = val;
1336 }
1337 ret = sock_set_timestamping(sk, optname, timestamping);
1338 break;
1339
1340 case SO_RCVLOWAT:
1341 {
1342 int (*set_rcvlowat)(struct sock *sk, int val) = NULL;
1343
1344 if (val < 0)
1345 val = INT_MAX;
1346 if (sock)
1347 set_rcvlowat = READ_ONCE(sock->ops)->set_rcvlowat;
1348 if (set_rcvlowat)
1349 ret = set_rcvlowat(sk, val);
1350 else
1351 WRITE_ONCE(sk->sk_rcvlowat, val ? : 1);
1352 break;
1353 }
1354 case SO_RCVTIMEO_OLD:
1355 case SO_RCVTIMEO_NEW:
1356 ret = sock_set_timeout(&sk->sk_rcvtimeo, optval,
1357 optlen, optname == SO_RCVTIMEO_OLD);
1358 break;
1359
1360 case SO_SNDTIMEO_OLD:
1361 case SO_SNDTIMEO_NEW:
1362 ret = sock_set_timeout(&sk->sk_sndtimeo, optval,
1363 optlen, optname == SO_SNDTIMEO_OLD);
1364 break;
1365
1366 case SO_ATTACH_FILTER: {
1367 struct sock_fprog fprog;
1368
1369 ret = copy_bpf_fprog_from_user(&fprog, optval, optlen);
1370 if (!ret)
1371 ret = sk_attach_filter(&fprog, sk);
1372 break;
1373 }
1374 case SO_ATTACH_BPF:
1375 ret = -EINVAL;
1376 if (optlen == sizeof(u32)) {
1377 u32 ufd;
1378
1379 ret = -EFAULT;
1380 if (copy_from_sockptr(&ufd, optval, sizeof(ufd)))
1381 break;
1382
1383 ret = sk_attach_bpf(ufd, sk);
1384 }
1385 break;
1386
1387 case SO_ATTACH_REUSEPORT_CBPF: {
1388 struct sock_fprog fprog;
1389
1390 ret = copy_bpf_fprog_from_user(&fprog, optval, optlen);
1391 if (!ret)
1392 ret = sk_reuseport_attach_filter(&fprog, sk);
1393 break;
1394 }
1395 case SO_ATTACH_REUSEPORT_EBPF:
1396 ret = -EINVAL;
1397 if (optlen == sizeof(u32)) {
1398 u32 ufd;
1399
1400 ret = -EFAULT;
1401 if (copy_from_sockptr(&ufd, optval, sizeof(ufd)))
1402 break;
1403
1404 ret = sk_reuseport_attach_bpf(ufd, sk);
1405 }
1406 break;
1407
1408 case SO_DETACH_REUSEPORT_BPF:
1409 ret = reuseport_detach_prog(sk);
1410 break;
1411
1412 case SO_DETACH_FILTER:
1413 ret = sk_detach_filter(sk);
1414 break;
1415
1416 case SO_LOCK_FILTER:
1417 if (sock_flag(sk, SOCK_FILTER_LOCKED) && !valbool)
1418 ret = -EPERM;
1419 else
1420 sock_valbool_flag(sk, SOCK_FILTER_LOCKED, valbool);
1421 break;
1422
1423 case SO_MARK:
1424 if (!sockopt_ns_capable(sock_net(sk)->user_ns, CAP_NET_RAW) &&
1425 !sockopt_ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) {
1426 ret = -EPERM;
1427 break;
1428 }
1429
1430 __sock_set_mark(sk, val);
1431 break;
1432 case SO_RCVMARK:
1433 sock_valbool_flag(sk, SOCK_RCVMARK, valbool);
1434 break;
1435
1436 case SO_RXQ_OVFL:
1437 sock_valbool_flag(sk, SOCK_RXQ_OVFL, valbool);
1438 break;
1439
1440 case SO_WIFI_STATUS:
1441 sock_valbool_flag(sk, SOCK_WIFI_STATUS, valbool);
1442 break;
1443
1444 case SO_NOFCS:
1445 sock_valbool_flag(sk, SOCK_NOFCS, valbool);
1446 break;
1447
1448 case SO_SELECT_ERR_QUEUE:
1449 sock_valbool_flag(sk, SOCK_SELECT_ERR_QUEUE, valbool);
1450 break;
1451
1452
1453 case SO_INCOMING_CPU:
1454 reuseport_update_incoming_cpu(sk, val);
1455 break;
1456
1457 case SO_CNX_ADVICE:
1458 if (val == 1)
1459 dst_negative_advice(sk);
1460 break;
1461
1462 case SO_ZEROCOPY:
1463 if (sk->sk_family == PF_INET || sk->sk_family == PF_INET6) {
1464 if (!(sk_is_tcp(sk) ||
1465 (sk->sk_type == SOCK_DGRAM &&
1466 sk->sk_protocol == IPPROTO_UDP)))
1467 ret = -EOPNOTSUPP;
1468 } else if (sk->sk_family != PF_RDS) {
1469 ret = -EOPNOTSUPP;
1470 }
1471 if (!ret) {
1472 if (val < 0 || val > 1)
1473 ret = -EINVAL;
1474 else
1475 sock_valbool_flag(sk, SOCK_ZEROCOPY, valbool);
1476 }
1477 break;
1478
1479 case SO_TXTIME:
1480 if (optlen != sizeof(struct sock_txtime)) {
1481 ret = -EINVAL;
1482 break;
1483 } else if (copy_from_sockptr(&sk_txtime, optval,
1484 sizeof(struct sock_txtime))) {
1485 ret = -EFAULT;
1486 break;
1487 } else if (sk_txtime.flags & ~SOF_TXTIME_FLAGS_MASK) {
1488 ret = -EINVAL;
1489 break;
1490 }
1491 /* CLOCK_MONOTONIC is only used by sch_fq, and this packet
1492 * scheduler has enough safe guards.
1493 */
1494 if (sk_txtime.clockid != CLOCK_MONOTONIC &&
1495 !sockopt_ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) {
1496 ret = -EPERM;
1497 break;
1498 }
1499 sock_valbool_flag(sk, SOCK_TXTIME, true);
1500 sk->sk_clockid = sk_txtime.clockid;
1501 sk->sk_txtime_deadline_mode =
1502 !!(sk_txtime.flags & SOF_TXTIME_DEADLINE_MODE);
1503 sk->sk_txtime_report_errors =
1504 !!(sk_txtime.flags & SOF_TXTIME_REPORT_ERRORS);
1505 break;
1506
1507 case SO_BINDTOIFINDEX:
1508 ret = sock_bindtoindex_locked(sk, val);
1509 break;
1510
1511 case SO_BUF_LOCK:
1512 if (val & ~SOCK_BUF_LOCK_MASK) {
1513 ret = -EINVAL;
1514 break;
1515 }
1516 sk->sk_userlocks = val | (sk->sk_userlocks &
1517 ~SOCK_BUF_LOCK_MASK);
1518 break;
1519
1520 case SO_RESERVE_MEM:
1521 {
1522 int delta;
1523
1524 if (val < 0) {
1525 ret = -EINVAL;
1526 break;
1527 }
1528
1529 delta = val - sk->sk_reserved_mem;
1530 if (delta < 0)
1531 sock_release_reserved_memory(sk, -delta);
1532 else
1533 ret = sock_reserve_memory(sk, delta);
1534 break;
1535 }
1536
1537 default:
1538 ret = -ENOPROTOOPT;
1539 break;
1540 }
1541 sockopt_release_sock(sk);
1542 return ret;
1543}
1544
1545int sock_setsockopt(struct socket *sock, int level, int optname,
1546 sockptr_t optval, unsigned int optlen)
1547{
1548 return sk_setsockopt(sock->sk, level, optname,
1549 optval, optlen);
1550}
1551EXPORT_SYMBOL(sock_setsockopt);
1552
1553static const struct cred *sk_get_peer_cred(struct sock *sk)
1554{
1555 const struct cred *cred;
1556
1557 spin_lock(&sk->sk_peer_lock);
1558 cred = get_cred(sk->sk_peer_cred);
1559 spin_unlock(&sk->sk_peer_lock);
1560
1561 return cred;
1562}
1563
1564static void cred_to_ucred(struct pid *pid, const struct cred *cred,
1565 struct ucred *ucred)
1566{
1567 ucred->pid = pid_vnr(pid);
1568 ucred->uid = ucred->gid = -1;
1569 if (cred) {
1570 struct user_namespace *current_ns = current_user_ns();
1571
1572 ucred->uid = from_kuid_munged(current_ns, cred->euid);
1573 ucred->gid = from_kgid_munged(current_ns, cred->egid);
1574 }
1575}
1576
1577static int groups_to_user(sockptr_t dst, const struct group_info *src)
1578{
1579 struct user_namespace *user_ns = current_user_ns();
1580 int i;
1581
1582 for (i = 0; i < src->ngroups; i++) {
1583 gid_t gid = from_kgid_munged(user_ns, src->gid[i]);
1584
1585 if (copy_to_sockptr_offset(dst, i * sizeof(gid), &gid, sizeof(gid)))
1586 return -EFAULT;
1587 }
1588
1589 return 0;
1590}
1591
1592int sk_getsockopt(struct sock *sk, int level, int optname,
1593 sockptr_t optval, sockptr_t optlen)
1594{
1595 struct socket *sock = sk->sk_socket;
1596
1597 union {
1598 int val;
1599 u64 val64;
1600 unsigned long ulval;
1601 struct linger ling;
1602 struct old_timeval32 tm32;
1603 struct __kernel_old_timeval tm;
1604 struct __kernel_sock_timeval stm;
1605 struct sock_txtime txtime;
1606 struct so_timestamping timestamping;
1607 } v;
1608
1609 int lv = sizeof(int);
1610 int len;
1611
1612 if (copy_from_sockptr(&len, optlen, sizeof(int)))
1613 return -EFAULT;
1614 if (len < 0)
1615 return -EINVAL;
1616
1617 memset(&v, 0, sizeof(v));
1618
1619 switch (optname) {
1620 case SO_DEBUG:
1621 v.val = sock_flag(sk, SOCK_DBG);
1622 break;
1623
1624 case SO_DONTROUTE:
1625 v.val = sock_flag(sk, SOCK_LOCALROUTE);
1626 break;
1627
1628 case SO_BROADCAST:
1629 v.val = sock_flag(sk, SOCK_BROADCAST);
1630 break;
1631
1632 case SO_SNDBUF:
1633 v.val = READ_ONCE(sk->sk_sndbuf);
1634 break;
1635
1636 case SO_RCVBUF:
1637 v.val = READ_ONCE(sk->sk_rcvbuf);
1638 break;
1639
1640 case SO_REUSEADDR:
1641 v.val = sk->sk_reuse;
1642 break;
1643
1644 case SO_REUSEPORT:
1645 v.val = sk->sk_reuseport;
1646 break;
1647
1648 case SO_KEEPALIVE:
1649 v.val = sock_flag(sk, SOCK_KEEPOPEN);
1650 break;
1651
1652 case SO_TYPE:
1653 v.val = sk->sk_type;
1654 break;
1655
1656 case SO_PROTOCOL:
1657 v.val = sk->sk_protocol;
1658 break;
1659
1660 case SO_DOMAIN:
1661 v.val = sk->sk_family;
1662 break;
1663
1664 case SO_ERROR:
1665 v.val = -sock_error(sk);
1666 if (v.val == 0)
1667 v.val = xchg(&sk->sk_err_soft, 0);
1668 break;
1669
1670 case SO_OOBINLINE:
1671 v.val = sock_flag(sk, SOCK_URGINLINE);
1672 break;
1673
1674 case SO_NO_CHECK:
1675 v.val = sk->sk_no_check_tx;
1676 break;
1677
1678 case SO_PRIORITY:
1679 v.val = READ_ONCE(sk->sk_priority);
1680 break;
1681
1682 case SO_LINGER:
1683 lv = sizeof(v.ling);
1684 v.ling.l_onoff = sock_flag(sk, SOCK_LINGER);
1685 v.ling.l_linger = READ_ONCE(sk->sk_lingertime) / HZ;
1686 break;
1687
1688 case SO_BSDCOMPAT:
1689 break;
1690
1691 case SO_TIMESTAMP_OLD:
1692 v.val = sock_flag(sk, SOCK_RCVTSTAMP) &&
1693 !sock_flag(sk, SOCK_TSTAMP_NEW) &&
1694 !sock_flag(sk, SOCK_RCVTSTAMPNS);
1695 break;
1696
1697 case SO_TIMESTAMPNS_OLD:
1698 v.val = sock_flag(sk, SOCK_RCVTSTAMPNS) && !sock_flag(sk, SOCK_TSTAMP_NEW);
1699 break;
1700
1701 case SO_TIMESTAMP_NEW:
1702 v.val = sock_flag(sk, SOCK_RCVTSTAMP) && sock_flag(sk, SOCK_TSTAMP_NEW);
1703 break;
1704
1705 case SO_TIMESTAMPNS_NEW:
1706 v.val = sock_flag(sk, SOCK_RCVTSTAMPNS) && sock_flag(sk, SOCK_TSTAMP_NEW);
1707 break;
1708
1709 case SO_TIMESTAMPING_OLD:
1710 case SO_TIMESTAMPING_NEW:
1711 lv = sizeof(v.timestamping);
1712 /* For the later-added case SO_TIMESTAMPING_NEW: Be strict about only
1713 * returning the flags when they were set through the same option.
1714 * Don't change the beviour for the old case SO_TIMESTAMPING_OLD.
1715 */
1716 if (optname == SO_TIMESTAMPING_OLD || sock_flag(sk, SOCK_TSTAMP_NEW)) {
1717 v.timestamping.flags = READ_ONCE(sk->sk_tsflags);
1718 v.timestamping.bind_phc = READ_ONCE(sk->sk_bind_phc);
1719 }
1720 break;
1721
1722 case SO_RCVTIMEO_OLD:
1723 case SO_RCVTIMEO_NEW:
1724 lv = sock_get_timeout(READ_ONCE(sk->sk_rcvtimeo), &v,
1725 SO_RCVTIMEO_OLD == optname);
1726 break;
1727
1728 case SO_SNDTIMEO_OLD:
1729 case SO_SNDTIMEO_NEW:
1730 lv = sock_get_timeout(READ_ONCE(sk->sk_sndtimeo), &v,
1731 SO_SNDTIMEO_OLD == optname);
1732 break;
1733
1734 case SO_RCVLOWAT:
1735 v.val = READ_ONCE(sk->sk_rcvlowat);
1736 break;
1737
1738 case SO_SNDLOWAT:
1739 v.val = 1;
1740 break;
1741
1742 case SO_PASSCRED:
1743 v.val = !!test_bit(SOCK_PASSCRED, &sock->flags);
1744 break;
1745
1746 case SO_PASSPIDFD:
1747 v.val = !!test_bit(SOCK_PASSPIDFD, &sock->flags);
1748 break;
1749
1750 case SO_PEERCRED:
1751 {
1752 struct ucred peercred;
1753 if (len > sizeof(peercred))
1754 len = sizeof(peercred);
1755
1756 spin_lock(&sk->sk_peer_lock);
1757 cred_to_ucred(sk->sk_peer_pid, sk->sk_peer_cred, &peercred);
1758 spin_unlock(&sk->sk_peer_lock);
1759
1760 if (copy_to_sockptr(optval, &peercred, len))
1761 return -EFAULT;
1762 goto lenout;
1763 }
1764
1765 case SO_PEERPIDFD:
1766 {
1767 struct pid *peer_pid;
1768 struct file *pidfd_file = NULL;
1769 int pidfd;
1770
1771 if (len > sizeof(pidfd))
1772 len = sizeof(pidfd);
1773
1774 spin_lock(&sk->sk_peer_lock);
1775 peer_pid = get_pid(sk->sk_peer_pid);
1776 spin_unlock(&sk->sk_peer_lock);
1777
1778 if (!peer_pid)
1779 return -ENODATA;
1780
1781 pidfd = pidfd_prepare(peer_pid, 0, &pidfd_file);
1782 put_pid(peer_pid);
1783 if (pidfd < 0)
1784 return pidfd;
1785
1786 if (copy_to_sockptr(optval, &pidfd, len) ||
1787 copy_to_sockptr(optlen, &len, sizeof(int))) {
1788 put_unused_fd(pidfd);
1789 fput(pidfd_file);
1790
1791 return -EFAULT;
1792 }
1793
1794 fd_install(pidfd, pidfd_file);
1795 return 0;
1796 }
1797
1798 case SO_PEERGROUPS:
1799 {
1800 const struct cred *cred;
1801 int ret, n;
1802
1803 cred = sk_get_peer_cred(sk);
1804 if (!cred)
1805 return -ENODATA;
1806
1807 n = cred->group_info->ngroups;
1808 if (len < n * sizeof(gid_t)) {
1809 len = n * sizeof(gid_t);
1810 put_cred(cred);
1811 return copy_to_sockptr(optlen, &len, sizeof(int)) ? -EFAULT : -ERANGE;
1812 }
1813 len = n * sizeof(gid_t);
1814
1815 ret = groups_to_user(optval, cred->group_info);
1816 put_cred(cred);
1817 if (ret)
1818 return ret;
1819 goto lenout;
1820 }
1821
1822 case SO_PEERNAME:
1823 {
1824 struct sockaddr_storage address;
1825
1826 lv = READ_ONCE(sock->ops)->getname(sock, (struct sockaddr *)&address, 2);
1827 if (lv < 0)
1828 return -ENOTCONN;
1829 if (lv < len)
1830 return -EINVAL;
1831 if (copy_to_sockptr(optval, &address, len))
1832 return -EFAULT;
1833 goto lenout;
1834 }
1835
1836 /* Dubious BSD thing... Probably nobody even uses it, but
1837 * the UNIX standard wants it for whatever reason... -DaveM
1838 */
1839 case SO_ACCEPTCONN:
1840 v.val = sk->sk_state == TCP_LISTEN;
1841 break;
1842
1843 case SO_PASSSEC:
1844 v.val = !!test_bit(SOCK_PASSSEC, &sock->flags);
1845 break;
1846
1847 case SO_PEERSEC:
1848 return security_socket_getpeersec_stream(sock,
1849 optval, optlen, len);
1850
1851 case SO_MARK:
1852 v.val = READ_ONCE(sk->sk_mark);
1853 break;
1854
1855 case SO_RCVMARK:
1856 v.val = sock_flag(sk, SOCK_RCVMARK);
1857 break;
1858
1859 case SO_RXQ_OVFL:
1860 v.val = sock_flag(sk, SOCK_RXQ_OVFL);
1861 break;
1862
1863 case SO_WIFI_STATUS:
1864 v.val = sock_flag(sk, SOCK_WIFI_STATUS);
1865 break;
1866
1867 case SO_PEEK_OFF:
1868 if (!READ_ONCE(sock->ops)->set_peek_off)
1869 return -EOPNOTSUPP;
1870
1871 v.val = READ_ONCE(sk->sk_peek_off);
1872 break;
1873 case SO_NOFCS:
1874 v.val = sock_flag(sk, SOCK_NOFCS);
1875 break;
1876
1877 case SO_BINDTODEVICE:
1878 return sock_getbindtodevice(sk, optval, optlen, len);
1879
1880 case SO_GET_FILTER:
1881 len = sk_get_filter(sk, optval, len);
1882 if (len < 0)
1883 return len;
1884
1885 goto lenout;
1886
1887 case SO_LOCK_FILTER:
1888 v.val = sock_flag(sk, SOCK_FILTER_LOCKED);
1889 break;
1890
1891 case SO_BPF_EXTENSIONS:
1892 v.val = bpf_tell_extensions();
1893 break;
1894
1895 case SO_SELECT_ERR_QUEUE:
1896 v.val = sock_flag(sk, SOCK_SELECT_ERR_QUEUE);
1897 break;
1898
1899#ifdef CONFIG_NET_RX_BUSY_POLL
1900 case SO_BUSY_POLL:
1901 v.val = READ_ONCE(sk->sk_ll_usec);
1902 break;
1903 case SO_PREFER_BUSY_POLL:
1904 v.val = READ_ONCE(sk->sk_prefer_busy_poll);
1905 break;
1906#endif
1907
1908 case SO_MAX_PACING_RATE:
1909 /* The READ_ONCE() pair with the WRITE_ONCE() in sk_setsockopt() */
1910 if (sizeof(v.ulval) != sizeof(v.val) && len >= sizeof(v.ulval)) {
1911 lv = sizeof(v.ulval);
1912 v.ulval = READ_ONCE(sk->sk_max_pacing_rate);
1913 } else {
1914 /* 32bit version */
1915 v.val = min_t(unsigned long, ~0U,
1916 READ_ONCE(sk->sk_max_pacing_rate));
1917 }
1918 break;
1919
1920 case SO_INCOMING_CPU:
1921 v.val = READ_ONCE(sk->sk_incoming_cpu);
1922 break;
1923
1924 case SO_MEMINFO:
1925 {
1926 u32 meminfo[SK_MEMINFO_VARS];
1927
1928 sk_get_meminfo(sk, meminfo);
1929
1930 len = min_t(unsigned int, len, sizeof(meminfo));
1931 if (copy_to_sockptr(optval, &meminfo, len))
1932 return -EFAULT;
1933
1934 goto lenout;
1935 }
1936
1937#ifdef CONFIG_NET_RX_BUSY_POLL
1938 case SO_INCOMING_NAPI_ID:
1939 v.val = READ_ONCE(sk->sk_napi_id);
1940
1941 /* aggregate non-NAPI IDs down to 0 */
1942 if (v.val < MIN_NAPI_ID)
1943 v.val = 0;
1944
1945 break;
1946#endif
1947
1948 case SO_COOKIE:
1949 lv = sizeof(u64);
1950 if (len < lv)
1951 return -EINVAL;
1952 v.val64 = sock_gen_cookie(sk);
1953 break;
1954
1955 case SO_ZEROCOPY:
1956 v.val = sock_flag(sk, SOCK_ZEROCOPY);
1957 break;
1958
1959 case SO_TXTIME:
1960 lv = sizeof(v.txtime);
1961 v.txtime.clockid = sk->sk_clockid;
1962 v.txtime.flags |= sk->sk_txtime_deadline_mode ?
1963 SOF_TXTIME_DEADLINE_MODE : 0;
1964 v.txtime.flags |= sk->sk_txtime_report_errors ?
1965 SOF_TXTIME_REPORT_ERRORS : 0;
1966 break;
1967
1968 case SO_BINDTOIFINDEX:
1969 v.val = READ_ONCE(sk->sk_bound_dev_if);
1970 break;
1971
1972 case SO_NETNS_COOKIE:
1973 lv = sizeof(u64);
1974 if (len != lv)
1975 return -EINVAL;
1976 v.val64 = sock_net(sk)->net_cookie;
1977 break;
1978
1979 case SO_BUF_LOCK:
1980 v.val = sk->sk_userlocks & SOCK_BUF_LOCK_MASK;
1981 break;
1982
1983 case SO_RESERVE_MEM:
1984 v.val = READ_ONCE(sk->sk_reserved_mem);
1985 break;
1986
1987 case SO_TXREHASH:
1988 /* Paired with WRITE_ONCE() in sk_setsockopt() */
1989 v.val = READ_ONCE(sk->sk_txrehash);
1990 break;
1991
1992 default:
1993 /* We implement the SO_SNDLOWAT etc to not be settable
1994 * (1003.1g 7).
1995 */
1996 return -ENOPROTOOPT;
1997 }
1998
1999 if (len > lv)
2000 len = lv;
2001 if (copy_to_sockptr(optval, &v, len))
2002 return -EFAULT;
2003lenout:
2004 if (copy_to_sockptr(optlen, &len, sizeof(int)))
2005 return -EFAULT;
2006 return 0;
2007}
2008
2009/*
2010 * Initialize an sk_lock.
2011 *
2012 * (We also register the sk_lock with the lock validator.)
2013 */
2014static inline void sock_lock_init(struct sock *sk)
2015{
2016 if (sk->sk_kern_sock)
2017 sock_lock_init_class_and_name(
2018 sk,
2019 af_family_kern_slock_key_strings[sk->sk_family],
2020 af_family_kern_slock_keys + sk->sk_family,
2021 af_family_kern_key_strings[sk->sk_family],
2022 af_family_kern_keys + sk->sk_family);
2023 else
2024 sock_lock_init_class_and_name(
2025 sk,
2026 af_family_slock_key_strings[sk->sk_family],
2027 af_family_slock_keys + sk->sk_family,
2028 af_family_key_strings[sk->sk_family],
2029 af_family_keys + sk->sk_family);
2030}
2031
2032/*
2033 * Copy all fields from osk to nsk but nsk->sk_refcnt must not change yet,
2034 * even temporarly, because of RCU lookups. sk_node should also be left as is.
2035 * We must not copy fields between sk_dontcopy_begin and sk_dontcopy_end
2036 */
2037static void sock_copy(struct sock *nsk, const struct sock *osk)
2038{
2039 const struct proto *prot = READ_ONCE(osk->sk_prot);
2040#ifdef CONFIG_SECURITY_NETWORK
2041 void *sptr = nsk->sk_security;
2042#endif
2043
2044 /* If we move sk_tx_queue_mapping out of the private section,
2045 * we must check if sk_tx_queue_clear() is called after
2046 * sock_copy() in sk_clone_lock().
2047 */
2048 BUILD_BUG_ON(offsetof(struct sock, sk_tx_queue_mapping) <
2049 offsetof(struct sock, sk_dontcopy_begin) ||
2050 offsetof(struct sock, sk_tx_queue_mapping) >=
2051 offsetof(struct sock, sk_dontcopy_end));
2052
2053 memcpy(nsk, osk, offsetof(struct sock, sk_dontcopy_begin));
2054
2055 memcpy(&nsk->sk_dontcopy_end, &osk->sk_dontcopy_end,
2056 prot->obj_size - offsetof(struct sock, sk_dontcopy_end));
2057
2058#ifdef CONFIG_SECURITY_NETWORK
2059 nsk->sk_security = sptr;
2060 security_sk_clone(osk, nsk);
2061#endif
2062}
2063
2064static struct sock *sk_prot_alloc(struct proto *prot, gfp_t priority,
2065 int family)
2066{
2067 struct sock *sk;
2068 struct kmem_cache *slab;
2069
2070 slab = prot->slab;
2071 if (slab != NULL) {
2072 sk = kmem_cache_alloc(slab, priority & ~__GFP_ZERO);
2073 if (!sk)
2074 return sk;
2075 if (want_init_on_alloc(priority))
2076 sk_prot_clear_nulls(sk, prot->obj_size);
2077 } else
2078 sk = kmalloc(prot->obj_size, priority);
2079
2080 if (sk != NULL) {
2081 if (security_sk_alloc(sk, family, priority))
2082 goto out_free;
2083
2084 if (!try_module_get(prot->owner))
2085 goto out_free_sec;
2086 }
2087
2088 return sk;
2089
2090out_free_sec:
2091 security_sk_free(sk);
2092out_free:
2093 if (slab != NULL)
2094 kmem_cache_free(slab, sk);
2095 else
2096 kfree(sk);
2097 return NULL;
2098}
2099
2100static void sk_prot_free(struct proto *prot, struct sock *sk)
2101{
2102 struct kmem_cache *slab;
2103 struct module *owner;
2104
2105 owner = prot->owner;
2106 slab = prot->slab;
2107
2108 cgroup_sk_free(&sk->sk_cgrp_data);
2109 mem_cgroup_sk_free(sk);
2110 security_sk_free(sk);
2111 if (slab != NULL)
2112 kmem_cache_free(slab, sk);
2113 else
2114 kfree(sk);
2115 module_put(owner);
2116}
2117
2118/**
2119 * sk_alloc - All socket objects are allocated here
2120 * @net: the applicable net namespace
2121 * @family: protocol family
2122 * @priority: for allocation (%GFP_KERNEL, %GFP_ATOMIC, etc)
2123 * @prot: struct proto associated with this new sock instance
2124 * @kern: is this to be a kernel socket?
2125 */
2126struct sock *sk_alloc(struct net *net, int family, gfp_t priority,
2127 struct proto *prot, int kern)
2128{
2129 struct sock *sk;
2130
2131 sk = sk_prot_alloc(prot, priority | __GFP_ZERO, family);
2132 if (sk) {
2133 sk->sk_family = family;
2134 /*
2135 * See comment in struct sock definition to understand
2136 * why we need sk_prot_creator -acme
2137 */
2138 sk->sk_prot = sk->sk_prot_creator = prot;
2139 sk->sk_kern_sock = kern;
2140 sock_lock_init(sk);
2141 sk->sk_net_refcnt = kern ? 0 : 1;
2142 if (likely(sk->sk_net_refcnt)) {
2143 get_net_track(net, &sk->ns_tracker, priority);
2144 sock_inuse_add(net, 1);
2145 } else {
2146 __netns_tracker_alloc(net, &sk->ns_tracker,
2147 false, priority);
2148 }
2149
2150 sock_net_set(sk, net);
2151 refcount_set(&sk->sk_wmem_alloc, 1);
2152
2153 mem_cgroup_sk_alloc(sk);
2154 cgroup_sk_alloc(&sk->sk_cgrp_data);
2155 sock_update_classid(&sk->sk_cgrp_data);
2156 sock_update_netprioidx(&sk->sk_cgrp_data);
2157 sk_tx_queue_clear(sk);
2158 }
2159
2160 return sk;
2161}
2162EXPORT_SYMBOL(sk_alloc);
2163
2164/* Sockets having SOCK_RCU_FREE will call this function after one RCU
2165 * grace period. This is the case for UDP sockets and TCP listeners.
2166 */
2167static void __sk_destruct(struct rcu_head *head)
2168{
2169 struct sock *sk = container_of(head, struct sock, sk_rcu);
2170 struct sk_filter *filter;
2171
2172 if (sk->sk_destruct)
2173 sk->sk_destruct(sk);
2174
2175 filter = rcu_dereference_check(sk->sk_filter,
2176 refcount_read(&sk->sk_wmem_alloc) == 0);
2177 if (filter) {
2178 sk_filter_uncharge(sk, filter);
2179 RCU_INIT_POINTER(sk->sk_filter, NULL);
2180 }
2181
2182 sock_disable_timestamp(sk, SK_FLAGS_TIMESTAMP);
2183
2184#ifdef CONFIG_BPF_SYSCALL
2185 bpf_sk_storage_free(sk);
2186#endif
2187
2188 if (atomic_read(&sk->sk_omem_alloc))
2189 pr_debug("%s: optmem leakage (%d bytes) detected\n",
2190 __func__, atomic_read(&sk->sk_omem_alloc));
2191
2192 if (sk->sk_frag.page) {
2193 put_page(sk->sk_frag.page);
2194 sk->sk_frag.page = NULL;
2195 }
2196
2197 /* We do not need to acquire sk->sk_peer_lock, we are the last user. */
2198 put_cred(sk->sk_peer_cred);
2199 put_pid(sk->sk_peer_pid);
2200
2201 if (likely(sk->sk_net_refcnt))
2202 put_net_track(sock_net(sk), &sk->ns_tracker);
2203 else
2204 __netns_tracker_free(sock_net(sk), &sk->ns_tracker, false);
2205
2206 sk_prot_free(sk->sk_prot_creator, sk);
2207}
2208
2209void sk_destruct(struct sock *sk)
2210{
2211 bool use_call_rcu = sock_flag(sk, SOCK_RCU_FREE);
2212
2213 if (rcu_access_pointer(sk->sk_reuseport_cb)) {
2214 reuseport_detach_sock(sk);
2215 use_call_rcu = true;
2216 }
2217
2218 if (use_call_rcu)
2219 call_rcu(&sk->sk_rcu, __sk_destruct);
2220 else
2221 __sk_destruct(&sk->sk_rcu);
2222}
2223
2224static void __sk_free(struct sock *sk)
2225{
2226 if (likely(sk->sk_net_refcnt))
2227 sock_inuse_add(sock_net(sk), -1);
2228
2229 if (unlikely(sk->sk_net_refcnt && sock_diag_has_destroy_listeners(sk)))
2230 sock_diag_broadcast_destroy(sk);
2231 else
2232 sk_destruct(sk);
2233}
2234
2235void sk_free(struct sock *sk)
2236{
2237 /*
2238 * We subtract one from sk_wmem_alloc and can know if
2239 * some packets are still in some tx queue.
2240 * If not null, sock_wfree() will call __sk_free(sk) later
2241 */
2242 if (refcount_dec_and_test(&sk->sk_wmem_alloc))
2243 __sk_free(sk);
2244}
2245EXPORT_SYMBOL(sk_free);
2246
2247static void sk_init_common(struct sock *sk)
2248{
2249 skb_queue_head_init(&sk->sk_receive_queue);
2250 skb_queue_head_init(&sk->sk_write_queue);
2251 skb_queue_head_init(&sk->sk_error_queue);
2252
2253 rwlock_init(&sk->sk_callback_lock);
2254 lockdep_set_class_and_name(&sk->sk_receive_queue.lock,
2255 af_rlock_keys + sk->sk_family,
2256 af_family_rlock_key_strings[sk->sk_family]);
2257 lockdep_set_class_and_name(&sk->sk_write_queue.lock,
2258 af_wlock_keys + sk->sk_family,
2259 af_family_wlock_key_strings[sk->sk_family]);
2260 lockdep_set_class_and_name(&sk->sk_error_queue.lock,
2261 af_elock_keys + sk->sk_family,
2262 af_family_elock_key_strings[sk->sk_family]);
2263 lockdep_set_class_and_name(&sk->sk_callback_lock,
2264 af_callback_keys + sk->sk_family,
2265 af_family_clock_key_strings[sk->sk_family]);
2266}
2267
2268/**
2269 * sk_clone_lock - clone a socket, and lock its clone
2270 * @sk: the socket to clone
2271 * @priority: for allocation (%GFP_KERNEL, %GFP_ATOMIC, etc)
2272 *
2273 * Caller must unlock socket even in error path (bh_unlock_sock(newsk))
2274 */
2275struct sock *sk_clone_lock(const struct sock *sk, const gfp_t priority)
2276{
2277 struct proto *prot = READ_ONCE(sk->sk_prot);
2278 struct sk_filter *filter;
2279 bool is_charged = true;
2280 struct sock *newsk;
2281
2282 newsk = sk_prot_alloc(prot, priority, sk->sk_family);
2283 if (!newsk)
2284 goto out;
2285
2286 sock_copy(newsk, sk);
2287
2288 newsk->sk_prot_creator = prot;
2289
2290 /* SANITY */
2291 if (likely(newsk->sk_net_refcnt)) {
2292 get_net_track(sock_net(newsk), &newsk->ns_tracker, priority);
2293 sock_inuse_add(sock_net(newsk), 1);
2294 } else {
2295 /* Kernel sockets are not elevating the struct net refcount.
2296 * Instead, use a tracker to more easily detect if a layer
2297 * is not properly dismantling its kernel sockets at netns
2298 * destroy time.
2299 */
2300 __netns_tracker_alloc(sock_net(newsk), &newsk->ns_tracker,
2301 false, priority);
2302 }
2303 sk_node_init(&newsk->sk_node);
2304 sock_lock_init(newsk);
2305 bh_lock_sock(newsk);
2306 newsk->sk_backlog.head = newsk->sk_backlog.tail = NULL;
2307 newsk->sk_backlog.len = 0;
2308
2309 atomic_set(&newsk->sk_rmem_alloc, 0);
2310
2311 /* sk_wmem_alloc set to one (see sk_free() and sock_wfree()) */
2312 refcount_set(&newsk->sk_wmem_alloc, 1);
2313
2314 atomic_set(&newsk->sk_omem_alloc, 0);
2315 sk_init_common(newsk);
2316
2317 newsk->sk_dst_cache = NULL;
2318 newsk->sk_dst_pending_confirm = 0;
2319 newsk->sk_wmem_queued = 0;
2320 newsk->sk_forward_alloc = 0;
2321 newsk->sk_reserved_mem = 0;
2322 atomic_set(&newsk->sk_drops, 0);
2323 newsk->sk_send_head = NULL;
2324 newsk->sk_userlocks = sk->sk_userlocks & ~SOCK_BINDPORT_LOCK;
2325 atomic_set(&newsk->sk_zckey, 0);
2326
2327 sock_reset_flag(newsk, SOCK_DONE);
2328
2329 /* sk->sk_memcg will be populated at accept() time */
2330 newsk->sk_memcg = NULL;
2331
2332 cgroup_sk_clone(&newsk->sk_cgrp_data);
2333
2334 rcu_read_lock();
2335 filter = rcu_dereference(sk->sk_filter);
2336 if (filter != NULL)
2337 /* though it's an empty new sock, the charging may fail
2338 * if sysctl_optmem_max was changed between creation of
2339 * original socket and cloning
2340 */
2341 is_charged = sk_filter_charge(newsk, filter);
2342 RCU_INIT_POINTER(newsk->sk_filter, filter);
2343 rcu_read_unlock();
2344
2345 if (unlikely(!is_charged || xfrm_sk_clone_policy(newsk, sk))) {
2346 /* We need to make sure that we don't uncharge the new
2347 * socket if we couldn't charge it in the first place
2348 * as otherwise we uncharge the parent's filter.
2349 */
2350 if (!is_charged)
2351 RCU_INIT_POINTER(newsk->sk_filter, NULL);
2352 sk_free_unlock_clone(newsk);
2353 newsk = NULL;
2354 goto out;
2355 }
2356 RCU_INIT_POINTER(newsk->sk_reuseport_cb, NULL);
2357
2358 if (bpf_sk_storage_clone(sk, newsk)) {
2359 sk_free_unlock_clone(newsk);
2360 newsk = NULL;
2361 goto out;
2362 }
2363
2364 /* Clear sk_user_data if parent had the pointer tagged
2365 * as not suitable for copying when cloning.
2366 */
2367 if (sk_user_data_is_nocopy(newsk))
2368 newsk->sk_user_data = NULL;
2369
2370 newsk->sk_err = 0;
2371 newsk->sk_err_soft = 0;
2372 newsk->sk_priority = 0;
2373 newsk->sk_incoming_cpu = raw_smp_processor_id();
2374
2375 /* Before updating sk_refcnt, we must commit prior changes to memory
2376 * (Documentation/RCU/rculist_nulls.rst for details)
2377 */
2378 smp_wmb();
2379 refcount_set(&newsk->sk_refcnt, 2);
2380
2381 sk_set_socket(newsk, NULL);
2382 sk_tx_queue_clear(newsk);
2383 RCU_INIT_POINTER(newsk->sk_wq, NULL);
2384
2385 if (newsk->sk_prot->sockets_allocated)
2386 sk_sockets_allocated_inc(newsk);
2387
2388 if (sock_needs_netstamp(sk) && newsk->sk_flags & SK_FLAGS_TIMESTAMP)
2389 net_enable_timestamp();
2390out:
2391 return newsk;
2392}
2393EXPORT_SYMBOL_GPL(sk_clone_lock);
2394
2395void sk_free_unlock_clone(struct sock *sk)
2396{
2397 /* It is still raw copy of parent, so invalidate
2398 * destructor and make plain sk_free() */
2399 sk->sk_destruct = NULL;
2400 bh_unlock_sock(sk);
2401 sk_free(sk);
2402}
2403EXPORT_SYMBOL_GPL(sk_free_unlock_clone);
2404
2405static u32 sk_dst_gso_max_size(struct sock *sk, struct dst_entry *dst)
2406{
2407 bool is_ipv6 = false;
2408 u32 max_size;
2409
2410#if IS_ENABLED(CONFIG_IPV6)
2411 is_ipv6 = (sk->sk_family == AF_INET6 &&
2412 !ipv6_addr_v4mapped(&sk->sk_v6_rcv_saddr));
2413#endif
2414 /* pairs with the WRITE_ONCE() in netif_set_gso(_ipv4)_max_size() */
2415 max_size = is_ipv6 ? READ_ONCE(dst->dev->gso_max_size) :
2416 READ_ONCE(dst->dev->gso_ipv4_max_size);
2417 if (max_size > GSO_LEGACY_MAX_SIZE && !sk_is_tcp(sk))
2418 max_size = GSO_LEGACY_MAX_SIZE;
2419
2420 return max_size - (MAX_TCP_HEADER + 1);
2421}
2422
2423void sk_setup_caps(struct sock *sk, struct dst_entry *dst)
2424{
2425 u32 max_segs = 1;
2426
2427 sk->sk_route_caps = dst->dev->features;
2428 if (sk_is_tcp(sk))
2429 sk->sk_route_caps |= NETIF_F_GSO;
2430 if (sk->sk_route_caps & NETIF_F_GSO)
2431 sk->sk_route_caps |= NETIF_F_GSO_SOFTWARE;
2432 if (unlikely(sk->sk_gso_disabled))
2433 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
2434 if (sk_can_gso(sk)) {
2435 if (dst->header_len && !xfrm_dst_offload_ok(dst)) {
2436 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
2437 } else {
2438 sk->sk_route_caps |= NETIF_F_SG | NETIF_F_HW_CSUM;
2439 sk->sk_gso_max_size = sk_dst_gso_max_size(sk, dst);
2440 /* pairs with the WRITE_ONCE() in netif_set_gso_max_segs() */
2441 max_segs = max_t(u32, READ_ONCE(dst->dev->gso_max_segs), 1);
2442 }
2443 }
2444 sk->sk_gso_max_segs = max_segs;
2445 sk_dst_set(sk, dst);
2446}
2447EXPORT_SYMBOL_GPL(sk_setup_caps);
2448
2449/*
2450 * Simple resource managers for sockets.
2451 */
2452
2453
2454/*
2455 * Write buffer destructor automatically called from kfree_skb.
2456 */
2457void sock_wfree(struct sk_buff *skb)
2458{
2459 struct sock *sk = skb->sk;
2460 unsigned int len = skb->truesize;
2461 bool free;
2462
2463 if (!sock_flag(sk, SOCK_USE_WRITE_QUEUE)) {
2464 if (sock_flag(sk, SOCK_RCU_FREE) &&
2465 sk->sk_write_space == sock_def_write_space) {
2466 rcu_read_lock();
2467 free = refcount_sub_and_test(len, &sk->sk_wmem_alloc);
2468 sock_def_write_space_wfree(sk);
2469 rcu_read_unlock();
2470 if (unlikely(free))
2471 __sk_free(sk);
2472 return;
2473 }
2474
2475 /*
2476 * Keep a reference on sk_wmem_alloc, this will be released
2477 * after sk_write_space() call
2478 */
2479 WARN_ON(refcount_sub_and_test(len - 1, &sk->sk_wmem_alloc));
2480 sk->sk_write_space(sk);
2481 len = 1;
2482 }
2483 /*
2484 * if sk_wmem_alloc reaches 0, we must finish what sk_free()
2485 * could not do because of in-flight packets
2486 */
2487 if (refcount_sub_and_test(len, &sk->sk_wmem_alloc))
2488 __sk_free(sk);
2489}
2490EXPORT_SYMBOL(sock_wfree);
2491
2492/* This variant of sock_wfree() is used by TCP,
2493 * since it sets SOCK_USE_WRITE_QUEUE.
2494 */
2495void __sock_wfree(struct sk_buff *skb)
2496{
2497 struct sock *sk = skb->sk;
2498
2499 if (refcount_sub_and_test(skb->truesize, &sk->sk_wmem_alloc))
2500 __sk_free(sk);
2501}
2502
2503void skb_set_owner_w(struct sk_buff *skb, struct sock *sk)
2504{
2505 skb_orphan(skb);
2506 skb->sk = sk;
2507#ifdef CONFIG_INET
2508 if (unlikely(!sk_fullsock(sk))) {
2509 skb->destructor = sock_edemux;
2510 sock_hold(sk);
2511 return;
2512 }
2513#endif
2514 skb->destructor = sock_wfree;
2515 skb_set_hash_from_sk(skb, sk);
2516 /*
2517 * We used to take a refcount on sk, but following operation
2518 * is enough to guarantee sk_free() wont free this sock until
2519 * all in-flight packets are completed
2520 */
2521 refcount_add(skb->truesize, &sk->sk_wmem_alloc);
2522}
2523EXPORT_SYMBOL(skb_set_owner_w);
2524
2525static bool can_skb_orphan_partial(const struct sk_buff *skb)
2526{
2527#ifdef CONFIG_TLS_DEVICE
2528 /* Drivers depend on in-order delivery for crypto offload,
2529 * partial orphan breaks out-of-order-OK logic.
2530 */
2531 if (skb->decrypted)
2532 return false;
2533#endif
2534 return (skb->destructor == sock_wfree ||
2535 (IS_ENABLED(CONFIG_INET) && skb->destructor == tcp_wfree));
2536}
2537
2538/* This helper is used by netem, as it can hold packets in its
2539 * delay queue. We want to allow the owner socket to send more
2540 * packets, as if they were already TX completed by a typical driver.
2541 * But we also want to keep skb->sk set because some packet schedulers
2542 * rely on it (sch_fq for example).
2543 */
2544void skb_orphan_partial(struct sk_buff *skb)
2545{
2546 if (skb_is_tcp_pure_ack(skb))
2547 return;
2548
2549 if (can_skb_orphan_partial(skb) && skb_set_owner_sk_safe(skb, skb->sk))
2550 return;
2551
2552 skb_orphan(skb);
2553}
2554EXPORT_SYMBOL(skb_orphan_partial);
2555
2556/*
2557 * Read buffer destructor automatically called from kfree_skb.
2558 */
2559void sock_rfree(struct sk_buff *skb)
2560{
2561 struct sock *sk = skb->sk;
2562 unsigned int len = skb->truesize;
2563
2564 atomic_sub(len, &sk->sk_rmem_alloc);
2565 sk_mem_uncharge(sk, len);
2566}
2567EXPORT_SYMBOL(sock_rfree);
2568
2569/*
2570 * Buffer destructor for skbs that are not used directly in read or write
2571 * path, e.g. for error handler skbs. Automatically called from kfree_skb.
2572 */
2573void sock_efree(struct sk_buff *skb)
2574{
2575 sock_put(skb->sk);
2576}
2577EXPORT_SYMBOL(sock_efree);
2578
2579/* Buffer destructor for prefetch/receive path where reference count may
2580 * not be held, e.g. for listen sockets.
2581 */
2582#ifdef CONFIG_INET
2583void sock_pfree(struct sk_buff *skb)
2584{
2585 if (sk_is_refcounted(skb->sk))
2586 sock_gen_put(skb->sk);
2587}
2588EXPORT_SYMBOL(sock_pfree);
2589#endif /* CONFIG_INET */
2590
2591kuid_t sock_i_uid(struct sock *sk)
2592{
2593 kuid_t uid;
2594
2595 read_lock_bh(&sk->sk_callback_lock);
2596 uid = sk->sk_socket ? SOCK_INODE(sk->sk_socket)->i_uid : GLOBAL_ROOT_UID;
2597 read_unlock_bh(&sk->sk_callback_lock);
2598 return uid;
2599}
2600EXPORT_SYMBOL(sock_i_uid);
2601
2602unsigned long __sock_i_ino(struct sock *sk)
2603{
2604 unsigned long ino;
2605
2606 read_lock(&sk->sk_callback_lock);
2607 ino = sk->sk_socket ? SOCK_INODE(sk->sk_socket)->i_ino : 0;
2608 read_unlock(&sk->sk_callback_lock);
2609 return ino;
2610}
2611EXPORT_SYMBOL(__sock_i_ino);
2612
2613unsigned long sock_i_ino(struct sock *sk)
2614{
2615 unsigned long ino;
2616
2617 local_bh_disable();
2618 ino = __sock_i_ino(sk);
2619 local_bh_enable();
2620 return ino;
2621}
2622EXPORT_SYMBOL(sock_i_ino);
2623
2624/*
2625 * Allocate a skb from the socket's send buffer.
2626 */
2627struct sk_buff *sock_wmalloc(struct sock *sk, unsigned long size, int force,
2628 gfp_t priority)
2629{
2630 if (force ||
2631 refcount_read(&sk->sk_wmem_alloc) < READ_ONCE(sk->sk_sndbuf)) {
2632 struct sk_buff *skb = alloc_skb(size, priority);
2633
2634 if (skb) {
2635 skb_set_owner_w(skb, sk);
2636 return skb;
2637 }
2638 }
2639 return NULL;
2640}
2641EXPORT_SYMBOL(sock_wmalloc);
2642
2643static void sock_ofree(struct sk_buff *skb)
2644{
2645 struct sock *sk = skb->sk;
2646
2647 atomic_sub(skb->truesize, &sk->sk_omem_alloc);
2648}
2649
2650struct sk_buff *sock_omalloc(struct sock *sk, unsigned long size,
2651 gfp_t priority)
2652{
2653 struct sk_buff *skb;
2654
2655 /* small safe race: SKB_TRUESIZE may differ from final skb->truesize */
2656 if (atomic_read(&sk->sk_omem_alloc) + SKB_TRUESIZE(size) >
2657 READ_ONCE(sock_net(sk)->core.sysctl_optmem_max))
2658 return NULL;
2659
2660 skb = alloc_skb(size, priority);
2661 if (!skb)
2662 return NULL;
2663
2664 atomic_add(skb->truesize, &sk->sk_omem_alloc);
2665 skb->sk = sk;
2666 skb->destructor = sock_ofree;
2667 return skb;
2668}
2669
2670/*
2671 * Allocate a memory block from the socket's option memory buffer.
2672 */
2673void *sock_kmalloc(struct sock *sk, int size, gfp_t priority)
2674{
2675 int optmem_max = READ_ONCE(sock_net(sk)->core.sysctl_optmem_max);
2676
2677 if ((unsigned int)size <= optmem_max &&
2678 atomic_read(&sk->sk_omem_alloc) + size < optmem_max) {
2679 void *mem;
2680 /* First do the add, to avoid the race if kmalloc
2681 * might sleep.
2682 */
2683 atomic_add(size, &sk->sk_omem_alloc);
2684 mem = kmalloc(size, priority);
2685 if (mem)
2686 return mem;
2687 atomic_sub(size, &sk->sk_omem_alloc);
2688 }
2689 return NULL;
2690}
2691EXPORT_SYMBOL(sock_kmalloc);
2692
2693/* Free an option memory block. Note, we actually want the inline
2694 * here as this allows gcc to detect the nullify and fold away the
2695 * condition entirely.
2696 */
2697static inline void __sock_kfree_s(struct sock *sk, void *mem, int size,
2698 const bool nullify)
2699{
2700 if (WARN_ON_ONCE(!mem))
2701 return;
2702 if (nullify)
2703 kfree_sensitive(mem);
2704 else
2705 kfree(mem);
2706 atomic_sub(size, &sk->sk_omem_alloc);
2707}
2708
2709void sock_kfree_s(struct sock *sk, void *mem, int size)
2710{
2711 __sock_kfree_s(sk, mem, size, false);
2712}
2713EXPORT_SYMBOL(sock_kfree_s);
2714
2715void sock_kzfree_s(struct sock *sk, void *mem, int size)
2716{
2717 __sock_kfree_s(sk, mem, size, true);
2718}
2719EXPORT_SYMBOL(sock_kzfree_s);
2720
2721/* It is almost wait_for_tcp_memory minus release_sock/lock_sock.
2722 I think, these locks should be removed for datagram sockets.
2723 */
2724static long sock_wait_for_wmem(struct sock *sk, long timeo)
2725{
2726 DEFINE_WAIT(wait);
2727
2728 sk_clear_bit(SOCKWQ_ASYNC_NOSPACE, sk);
2729 for (;;) {
2730 if (!timeo)
2731 break;
2732 if (signal_pending(current))
2733 break;
2734 set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
2735 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
2736 if (refcount_read(&sk->sk_wmem_alloc) < READ_ONCE(sk->sk_sndbuf))
2737 break;
2738 if (READ_ONCE(sk->sk_shutdown) & SEND_SHUTDOWN)
2739 break;
2740 if (READ_ONCE(sk->sk_err))
2741 break;
2742 timeo = schedule_timeout(timeo);
2743 }
2744 finish_wait(sk_sleep(sk), &wait);
2745 return timeo;
2746}
2747
2748
2749/*
2750 * Generic send/receive buffer handlers
2751 */
2752
2753struct sk_buff *sock_alloc_send_pskb(struct sock *sk, unsigned long header_len,
2754 unsigned long data_len, int noblock,
2755 int *errcode, int max_page_order)
2756{
2757 struct sk_buff *skb;
2758 long timeo;
2759 int err;
2760
2761 timeo = sock_sndtimeo(sk, noblock);
2762 for (;;) {
2763 err = sock_error(sk);
2764 if (err != 0)
2765 goto failure;
2766
2767 err = -EPIPE;
2768 if (READ_ONCE(sk->sk_shutdown) & SEND_SHUTDOWN)
2769 goto failure;
2770
2771 if (sk_wmem_alloc_get(sk) < READ_ONCE(sk->sk_sndbuf))
2772 break;
2773
2774 sk_set_bit(SOCKWQ_ASYNC_NOSPACE, sk);
2775 set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
2776 err = -EAGAIN;
2777 if (!timeo)
2778 goto failure;
2779 if (signal_pending(current))
2780 goto interrupted;
2781 timeo = sock_wait_for_wmem(sk, timeo);
2782 }
2783 skb = alloc_skb_with_frags(header_len, data_len, max_page_order,
2784 errcode, sk->sk_allocation);
2785 if (skb)
2786 skb_set_owner_w(skb, sk);
2787 return skb;
2788
2789interrupted:
2790 err = sock_intr_errno(timeo);
2791failure:
2792 *errcode = err;
2793 return NULL;
2794}
2795EXPORT_SYMBOL(sock_alloc_send_pskb);
2796
2797int __sock_cmsg_send(struct sock *sk, struct cmsghdr *cmsg,
2798 struct sockcm_cookie *sockc)
2799{
2800 u32 tsflags;
2801
2802 switch (cmsg->cmsg_type) {
2803 case SO_MARK:
2804 if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_RAW) &&
2805 !ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN))
2806 return -EPERM;
2807 if (cmsg->cmsg_len != CMSG_LEN(sizeof(u32)))
2808 return -EINVAL;
2809 sockc->mark = *(u32 *)CMSG_DATA(cmsg);
2810 break;
2811 case SO_TIMESTAMPING_OLD:
2812 case SO_TIMESTAMPING_NEW:
2813 if (cmsg->cmsg_len != CMSG_LEN(sizeof(u32)))
2814 return -EINVAL;
2815
2816 tsflags = *(u32 *)CMSG_DATA(cmsg);
2817 if (tsflags & ~SOF_TIMESTAMPING_TX_RECORD_MASK)
2818 return -EINVAL;
2819
2820 sockc->tsflags &= ~SOF_TIMESTAMPING_TX_RECORD_MASK;
2821 sockc->tsflags |= tsflags;
2822 break;
2823 case SCM_TXTIME:
2824 if (!sock_flag(sk, SOCK_TXTIME))
2825 return -EINVAL;
2826 if (cmsg->cmsg_len != CMSG_LEN(sizeof(u64)))
2827 return -EINVAL;
2828 sockc->transmit_time = get_unaligned((u64 *)CMSG_DATA(cmsg));
2829 break;
2830 /* SCM_RIGHTS and SCM_CREDENTIALS are semantically in SOL_UNIX. */
2831 case SCM_RIGHTS:
2832 case SCM_CREDENTIALS:
2833 break;
2834 default:
2835 return -EINVAL;
2836 }
2837 return 0;
2838}
2839EXPORT_SYMBOL(__sock_cmsg_send);
2840
2841int sock_cmsg_send(struct sock *sk, struct msghdr *msg,
2842 struct sockcm_cookie *sockc)
2843{
2844 struct cmsghdr *cmsg;
2845 int ret;
2846
2847 for_each_cmsghdr(cmsg, msg) {
2848 if (!CMSG_OK(msg, cmsg))
2849 return -EINVAL;
2850 if (cmsg->cmsg_level != SOL_SOCKET)
2851 continue;
2852 ret = __sock_cmsg_send(sk, cmsg, sockc);
2853 if (ret)
2854 return ret;
2855 }
2856 return 0;
2857}
2858EXPORT_SYMBOL(sock_cmsg_send);
2859
2860static void sk_enter_memory_pressure(struct sock *sk)
2861{
2862 if (!sk->sk_prot->enter_memory_pressure)
2863 return;
2864
2865 sk->sk_prot->enter_memory_pressure(sk);
2866}
2867
2868static void sk_leave_memory_pressure(struct sock *sk)
2869{
2870 if (sk->sk_prot->leave_memory_pressure) {
2871 INDIRECT_CALL_INET_1(sk->sk_prot->leave_memory_pressure,
2872 tcp_leave_memory_pressure, sk);
2873 } else {
2874 unsigned long *memory_pressure = sk->sk_prot->memory_pressure;
2875
2876 if (memory_pressure && READ_ONCE(*memory_pressure))
2877 WRITE_ONCE(*memory_pressure, 0);
2878 }
2879}
2880
2881DEFINE_STATIC_KEY_FALSE(net_high_order_alloc_disable_key);
2882
2883/**
2884 * skb_page_frag_refill - check that a page_frag contains enough room
2885 * @sz: minimum size of the fragment we want to get
2886 * @pfrag: pointer to page_frag
2887 * @gfp: priority for memory allocation
2888 *
2889 * Note: While this allocator tries to use high order pages, there is
2890 * no guarantee that allocations succeed. Therefore, @sz MUST be
2891 * less or equal than PAGE_SIZE.
2892 */
2893bool skb_page_frag_refill(unsigned int sz, struct page_frag *pfrag, gfp_t gfp)
2894{
2895 if (pfrag->page) {
2896 if (page_ref_count(pfrag->page) == 1) {
2897 pfrag->offset = 0;
2898 return true;
2899 }
2900 if (pfrag->offset + sz <= pfrag->size)
2901 return true;
2902 put_page(pfrag->page);
2903 }
2904
2905 pfrag->offset = 0;
2906 if (SKB_FRAG_PAGE_ORDER &&
2907 !static_branch_unlikely(&net_high_order_alloc_disable_key)) {
2908 /* Avoid direct reclaim but allow kswapd to wake */
2909 pfrag->page = alloc_pages((gfp & ~__GFP_DIRECT_RECLAIM) |
2910 __GFP_COMP | __GFP_NOWARN |
2911 __GFP_NORETRY,
2912 SKB_FRAG_PAGE_ORDER);
2913 if (likely(pfrag->page)) {
2914 pfrag->size = PAGE_SIZE << SKB_FRAG_PAGE_ORDER;
2915 return true;
2916 }
2917 }
2918 pfrag->page = alloc_page(gfp);
2919 if (likely(pfrag->page)) {
2920 pfrag->size = PAGE_SIZE;
2921 return true;
2922 }
2923 return false;
2924}
2925EXPORT_SYMBOL(skb_page_frag_refill);
2926
2927bool sk_page_frag_refill(struct sock *sk, struct page_frag *pfrag)
2928{
2929 if (likely(skb_page_frag_refill(32U, pfrag, sk->sk_allocation)))
2930 return true;
2931
2932 sk_enter_memory_pressure(sk);
2933 sk_stream_moderate_sndbuf(sk);
2934 return false;
2935}
2936EXPORT_SYMBOL(sk_page_frag_refill);
2937
2938void __lock_sock(struct sock *sk)
2939 __releases(&sk->sk_lock.slock)
2940 __acquires(&sk->sk_lock.slock)
2941{
2942 DEFINE_WAIT(wait);
2943
2944 for (;;) {
2945 prepare_to_wait_exclusive(&sk->sk_lock.wq, &wait,
2946 TASK_UNINTERRUPTIBLE);
2947 spin_unlock_bh(&sk->sk_lock.slock);
2948 schedule();
2949 spin_lock_bh(&sk->sk_lock.slock);
2950 if (!sock_owned_by_user(sk))
2951 break;
2952 }
2953 finish_wait(&sk->sk_lock.wq, &wait);
2954}
2955
2956void __release_sock(struct sock *sk)
2957 __releases(&sk->sk_lock.slock)
2958 __acquires(&sk->sk_lock.slock)
2959{
2960 struct sk_buff *skb, *next;
2961
2962 while ((skb = sk->sk_backlog.head) != NULL) {
2963 sk->sk_backlog.head = sk->sk_backlog.tail = NULL;
2964
2965 spin_unlock_bh(&sk->sk_lock.slock);
2966
2967 do {
2968 next = skb->next;
2969 prefetch(next);
2970 DEBUG_NET_WARN_ON_ONCE(skb_dst_is_noref(skb));
2971 skb_mark_not_on_list(skb);
2972 sk_backlog_rcv(sk, skb);
2973
2974 cond_resched();
2975
2976 skb = next;
2977 } while (skb != NULL);
2978
2979 spin_lock_bh(&sk->sk_lock.slock);
2980 }
2981
2982 /*
2983 * Doing the zeroing here guarantee we can not loop forever
2984 * while a wild producer attempts to flood us.
2985 */
2986 sk->sk_backlog.len = 0;
2987}
2988
2989void __sk_flush_backlog(struct sock *sk)
2990{
2991 spin_lock_bh(&sk->sk_lock.slock);
2992 __release_sock(sk);
2993
2994 if (sk->sk_prot->release_cb)
2995 INDIRECT_CALL_INET_1(sk->sk_prot->release_cb,
2996 tcp_release_cb, sk);
2997
2998 spin_unlock_bh(&sk->sk_lock.slock);
2999}
3000EXPORT_SYMBOL_GPL(__sk_flush_backlog);
3001
3002/**
3003 * sk_wait_data - wait for data to arrive at sk_receive_queue
3004 * @sk: sock to wait on
3005 * @timeo: for how long
3006 * @skb: last skb seen on sk_receive_queue
3007 *
3008 * Now socket state including sk->sk_err is changed only under lock,
3009 * hence we may omit checks after joining wait queue.
3010 * We check receive queue before schedule() only as optimization;
3011 * it is very likely that release_sock() added new data.
3012 */
3013int sk_wait_data(struct sock *sk, long *timeo, const struct sk_buff *skb)
3014{
3015 DEFINE_WAIT_FUNC(wait, woken_wake_function);
3016 int rc;
3017
3018 add_wait_queue(sk_sleep(sk), &wait);
3019 sk_set_bit(SOCKWQ_ASYNC_WAITDATA, sk);
3020 rc = sk_wait_event(sk, timeo, skb_peek_tail(&sk->sk_receive_queue) != skb, &wait);
3021 sk_clear_bit(SOCKWQ_ASYNC_WAITDATA, sk);
3022 remove_wait_queue(sk_sleep(sk), &wait);
3023 return rc;
3024}
3025EXPORT_SYMBOL(sk_wait_data);
3026
3027/**
3028 * __sk_mem_raise_allocated - increase memory_allocated
3029 * @sk: socket
3030 * @size: memory size to allocate
3031 * @amt: pages to allocate
3032 * @kind: allocation type
3033 *
3034 * Similar to __sk_mem_schedule(), but does not update sk_forward_alloc.
3035 *
3036 * Unlike the globally shared limits among the sockets under same protocol,
3037 * consuming the budget of a memcg won't have direct effect on other ones.
3038 * So be optimistic about memcg's tolerance, and leave the callers to decide
3039 * whether or not to raise allocated through sk_under_memory_pressure() or
3040 * its variants.
3041 */
3042int __sk_mem_raise_allocated(struct sock *sk, int size, int amt, int kind)
3043{
3044 struct mem_cgroup *memcg = mem_cgroup_sockets_enabled ? sk->sk_memcg : NULL;
3045 struct proto *prot = sk->sk_prot;
3046 bool charged = false;
3047 long allocated;
3048
3049 sk_memory_allocated_add(sk, amt);
3050 allocated = sk_memory_allocated(sk);
3051
3052 if (memcg) {
3053 if (!mem_cgroup_charge_skmem(memcg, amt, gfp_memcg_charge()))
3054 goto suppress_allocation;
3055 charged = true;
3056 }
3057
3058 /* Under limit. */
3059 if (allocated <= sk_prot_mem_limits(sk, 0)) {
3060 sk_leave_memory_pressure(sk);
3061 return 1;
3062 }
3063
3064 /* Under pressure. */
3065 if (allocated > sk_prot_mem_limits(sk, 1))
3066 sk_enter_memory_pressure(sk);
3067
3068 /* Over hard limit. */
3069 if (allocated > sk_prot_mem_limits(sk, 2))
3070 goto suppress_allocation;
3071
3072 /* Guarantee minimum buffer size under pressure (either global
3073 * or memcg) to make sure features described in RFC 7323 (TCP
3074 * Extensions for High Performance) work properly.
3075 *
3076 * This rule does NOT stand when exceeds global or memcg's hard
3077 * limit, or else a DoS attack can be taken place by spawning
3078 * lots of sockets whose usage are under minimum buffer size.
3079 */
3080 if (kind == SK_MEM_RECV) {
3081 if (atomic_read(&sk->sk_rmem_alloc) < sk_get_rmem0(sk, prot))
3082 return 1;
3083
3084 } else { /* SK_MEM_SEND */
3085 int wmem0 = sk_get_wmem0(sk, prot);
3086
3087 if (sk->sk_type == SOCK_STREAM) {
3088 if (sk->sk_wmem_queued < wmem0)
3089 return 1;
3090 } else if (refcount_read(&sk->sk_wmem_alloc) < wmem0) {
3091 return 1;
3092 }
3093 }
3094
3095 if (sk_has_memory_pressure(sk)) {
3096 u64 alloc;
3097
3098 /* The following 'average' heuristic is within the
3099 * scope of global accounting, so it only makes
3100 * sense for global memory pressure.
3101 */
3102 if (!sk_under_global_memory_pressure(sk))
3103 return 1;
3104
3105 /* Try to be fair among all the sockets under global
3106 * pressure by allowing the ones that below average
3107 * usage to raise.
3108 */
3109 alloc = sk_sockets_allocated_read_positive(sk);
3110 if (sk_prot_mem_limits(sk, 2) > alloc *
3111 sk_mem_pages(sk->sk_wmem_queued +
3112 atomic_read(&sk->sk_rmem_alloc) +
3113 sk->sk_forward_alloc))
3114 return 1;
3115 }
3116
3117suppress_allocation:
3118
3119 if (kind == SK_MEM_SEND && sk->sk_type == SOCK_STREAM) {
3120 sk_stream_moderate_sndbuf(sk);
3121
3122 /* Fail only if socket is _under_ its sndbuf.
3123 * In this case we cannot block, so that we have to fail.
3124 */
3125 if (sk->sk_wmem_queued + size >= sk->sk_sndbuf) {
3126 /* Force charge with __GFP_NOFAIL */
3127 if (memcg && !charged) {
3128 mem_cgroup_charge_skmem(memcg, amt,
3129 gfp_memcg_charge() | __GFP_NOFAIL);
3130 }
3131 return 1;
3132 }
3133 }
3134
3135 if (kind == SK_MEM_SEND || (kind == SK_MEM_RECV && charged))
3136 trace_sock_exceed_buf_limit(sk, prot, allocated, kind);
3137
3138 sk_memory_allocated_sub(sk, amt);
3139
3140 if (charged)
3141 mem_cgroup_uncharge_skmem(memcg, amt);
3142
3143 return 0;
3144}
3145
3146/**
3147 * __sk_mem_schedule - increase sk_forward_alloc and memory_allocated
3148 * @sk: socket
3149 * @size: memory size to allocate
3150 * @kind: allocation type
3151 *
3152 * If kind is SK_MEM_SEND, it means wmem allocation. Otherwise it means
3153 * rmem allocation. This function assumes that protocols which have
3154 * memory_pressure use sk_wmem_queued as write buffer accounting.
3155 */
3156int __sk_mem_schedule(struct sock *sk, int size, int kind)
3157{
3158 int ret, amt = sk_mem_pages(size);
3159
3160 sk_forward_alloc_add(sk, amt << PAGE_SHIFT);
3161 ret = __sk_mem_raise_allocated(sk, size, amt, kind);
3162 if (!ret)
3163 sk_forward_alloc_add(sk, -(amt << PAGE_SHIFT));
3164 return ret;
3165}
3166EXPORT_SYMBOL(__sk_mem_schedule);
3167
3168/**
3169 * __sk_mem_reduce_allocated - reclaim memory_allocated
3170 * @sk: socket
3171 * @amount: number of quanta
3172 *
3173 * Similar to __sk_mem_reclaim(), but does not update sk_forward_alloc
3174 */
3175void __sk_mem_reduce_allocated(struct sock *sk, int amount)
3176{
3177 sk_memory_allocated_sub(sk, amount);
3178
3179 if (mem_cgroup_sockets_enabled && sk->sk_memcg)
3180 mem_cgroup_uncharge_skmem(sk->sk_memcg, amount);
3181
3182 if (sk_under_global_memory_pressure(sk) &&
3183 (sk_memory_allocated(sk) < sk_prot_mem_limits(sk, 0)))
3184 sk_leave_memory_pressure(sk);
3185}
3186
3187/**
3188 * __sk_mem_reclaim - reclaim sk_forward_alloc and memory_allocated
3189 * @sk: socket
3190 * @amount: number of bytes (rounded down to a PAGE_SIZE multiple)
3191 */
3192void __sk_mem_reclaim(struct sock *sk, int amount)
3193{
3194 amount >>= PAGE_SHIFT;
3195 sk_forward_alloc_add(sk, -(amount << PAGE_SHIFT));
3196 __sk_mem_reduce_allocated(sk, amount);
3197}
3198EXPORT_SYMBOL(__sk_mem_reclaim);
3199
3200int sk_set_peek_off(struct sock *sk, int val)
3201{
3202 WRITE_ONCE(sk->sk_peek_off, val);
3203 return 0;
3204}
3205EXPORT_SYMBOL_GPL(sk_set_peek_off);
3206
3207/*
3208 * Set of default routines for initialising struct proto_ops when
3209 * the protocol does not support a particular function. In certain
3210 * cases where it makes no sense for a protocol to have a "do nothing"
3211 * function, some default processing is provided.
3212 */
3213
3214int sock_no_bind(struct socket *sock, struct sockaddr *saddr, int len)
3215{
3216 return -EOPNOTSUPP;
3217}
3218EXPORT_SYMBOL(sock_no_bind);
3219
3220int sock_no_connect(struct socket *sock, struct sockaddr *saddr,
3221 int len, int flags)
3222{
3223 return -EOPNOTSUPP;
3224}
3225EXPORT_SYMBOL(sock_no_connect);
3226
3227int sock_no_socketpair(struct socket *sock1, struct socket *sock2)
3228{
3229 return -EOPNOTSUPP;
3230}
3231EXPORT_SYMBOL(sock_no_socketpair);
3232
3233int sock_no_accept(struct socket *sock, struct socket *newsock, int flags,
3234 bool kern)
3235{
3236 return -EOPNOTSUPP;
3237}
3238EXPORT_SYMBOL(sock_no_accept);
3239
3240int sock_no_getname(struct socket *sock, struct sockaddr *saddr,
3241 int peer)
3242{
3243 return -EOPNOTSUPP;
3244}
3245EXPORT_SYMBOL(sock_no_getname);
3246
3247int sock_no_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
3248{
3249 return -EOPNOTSUPP;
3250}
3251EXPORT_SYMBOL(sock_no_ioctl);
3252
3253int sock_no_listen(struct socket *sock, int backlog)
3254{
3255 return -EOPNOTSUPP;
3256}
3257EXPORT_SYMBOL(sock_no_listen);
3258
3259int sock_no_shutdown(struct socket *sock, int how)
3260{
3261 return -EOPNOTSUPP;
3262}
3263EXPORT_SYMBOL(sock_no_shutdown);
3264
3265int sock_no_sendmsg(struct socket *sock, struct msghdr *m, size_t len)
3266{
3267 return -EOPNOTSUPP;
3268}
3269EXPORT_SYMBOL(sock_no_sendmsg);
3270
3271int sock_no_sendmsg_locked(struct sock *sk, struct msghdr *m, size_t len)
3272{
3273 return -EOPNOTSUPP;
3274}
3275EXPORT_SYMBOL(sock_no_sendmsg_locked);
3276
3277int sock_no_recvmsg(struct socket *sock, struct msghdr *m, size_t len,
3278 int flags)
3279{
3280 return -EOPNOTSUPP;
3281}
3282EXPORT_SYMBOL(sock_no_recvmsg);
3283
3284int sock_no_mmap(struct file *file, struct socket *sock, struct vm_area_struct *vma)
3285{
3286 /* Mirror missing mmap method error code */
3287 return -ENODEV;
3288}
3289EXPORT_SYMBOL(sock_no_mmap);
3290
3291/*
3292 * When a file is received (via SCM_RIGHTS, etc), we must bump the
3293 * various sock-based usage counts.
3294 */
3295void __receive_sock(struct file *file)
3296{
3297 struct socket *sock;
3298
3299 sock = sock_from_file(file);
3300 if (sock) {
3301 sock_update_netprioidx(&sock->sk->sk_cgrp_data);
3302 sock_update_classid(&sock->sk->sk_cgrp_data);
3303 }
3304}
3305
3306/*
3307 * Default Socket Callbacks
3308 */
3309
3310static void sock_def_wakeup(struct sock *sk)
3311{
3312 struct socket_wq *wq;
3313
3314 rcu_read_lock();
3315 wq = rcu_dereference(sk->sk_wq);
3316 if (skwq_has_sleeper(wq))
3317 wake_up_interruptible_all(&wq->wait);
3318 rcu_read_unlock();
3319}
3320
3321static void sock_def_error_report(struct sock *sk)
3322{
3323 struct socket_wq *wq;
3324
3325 rcu_read_lock();
3326 wq = rcu_dereference(sk->sk_wq);
3327 if (skwq_has_sleeper(wq))
3328 wake_up_interruptible_poll(&wq->wait, EPOLLERR);
3329 sk_wake_async(sk, SOCK_WAKE_IO, POLL_ERR);
3330 rcu_read_unlock();
3331}
3332
3333void sock_def_readable(struct sock *sk)
3334{
3335 struct socket_wq *wq;
3336
3337 trace_sk_data_ready(sk);
3338
3339 rcu_read_lock();
3340 wq = rcu_dereference(sk->sk_wq);
3341 if (skwq_has_sleeper(wq))
3342 wake_up_interruptible_sync_poll(&wq->wait, EPOLLIN | EPOLLPRI |
3343 EPOLLRDNORM | EPOLLRDBAND);
3344 sk_wake_async(sk, SOCK_WAKE_WAITD, POLL_IN);
3345 rcu_read_unlock();
3346}
3347
3348static void sock_def_write_space(struct sock *sk)
3349{
3350 struct socket_wq *wq;
3351
3352 rcu_read_lock();
3353
3354 /* Do not wake up a writer until he can make "significant"
3355 * progress. --DaveM
3356 */
3357 if (sock_writeable(sk)) {
3358 wq = rcu_dereference(sk->sk_wq);
3359 if (skwq_has_sleeper(wq))
3360 wake_up_interruptible_sync_poll(&wq->wait, EPOLLOUT |
3361 EPOLLWRNORM | EPOLLWRBAND);
3362
3363 /* Should agree with poll, otherwise some programs break */
3364 sk_wake_async(sk, SOCK_WAKE_SPACE, POLL_OUT);
3365 }
3366
3367 rcu_read_unlock();
3368}
3369
3370/* An optimised version of sock_def_write_space(), should only be called
3371 * for SOCK_RCU_FREE sockets under RCU read section and after putting
3372 * ->sk_wmem_alloc.
3373 */
3374static void sock_def_write_space_wfree(struct sock *sk)
3375{
3376 /* Do not wake up a writer until he can make "significant"
3377 * progress. --DaveM
3378 */
3379 if (sock_writeable(sk)) {
3380 struct socket_wq *wq = rcu_dereference(sk->sk_wq);
3381
3382 /* rely on refcount_sub from sock_wfree() */
3383 smp_mb__after_atomic();
3384 if (wq && waitqueue_active(&wq->wait))
3385 wake_up_interruptible_sync_poll(&wq->wait, EPOLLOUT |
3386 EPOLLWRNORM | EPOLLWRBAND);
3387
3388 /* Should agree with poll, otherwise some programs break */
3389 sk_wake_async(sk, SOCK_WAKE_SPACE, POLL_OUT);
3390 }
3391}
3392
3393static void sock_def_destruct(struct sock *sk)
3394{
3395}
3396
3397void sk_send_sigurg(struct sock *sk)
3398{
3399 if (sk->sk_socket && sk->sk_socket->file)
3400 if (send_sigurg(&sk->sk_socket->file->f_owner))
3401 sk_wake_async(sk, SOCK_WAKE_URG, POLL_PRI);
3402}
3403EXPORT_SYMBOL(sk_send_sigurg);
3404
3405void sk_reset_timer(struct sock *sk, struct timer_list* timer,
3406 unsigned long expires)
3407{
3408 if (!mod_timer(timer, expires))
3409 sock_hold(sk);
3410}
3411EXPORT_SYMBOL(sk_reset_timer);
3412
3413void sk_stop_timer(struct sock *sk, struct timer_list* timer)
3414{
3415 if (del_timer(timer))
3416 __sock_put(sk);
3417}
3418EXPORT_SYMBOL(sk_stop_timer);
3419
3420void sk_stop_timer_sync(struct sock *sk, struct timer_list *timer)
3421{
3422 if (del_timer_sync(timer))
3423 __sock_put(sk);
3424}
3425EXPORT_SYMBOL(sk_stop_timer_sync);
3426
3427void sock_init_data_uid(struct socket *sock, struct sock *sk, kuid_t uid)
3428{
3429 sk_init_common(sk);
3430 sk->sk_send_head = NULL;
3431
3432 timer_setup(&sk->sk_timer, NULL, 0);
3433
3434 sk->sk_allocation = GFP_KERNEL;
3435 sk->sk_rcvbuf = READ_ONCE(sysctl_rmem_default);
3436 sk->sk_sndbuf = READ_ONCE(sysctl_wmem_default);
3437 sk->sk_state = TCP_CLOSE;
3438 sk->sk_use_task_frag = true;
3439 sk_set_socket(sk, sock);
3440
3441 sock_set_flag(sk, SOCK_ZAPPED);
3442
3443 if (sock) {
3444 sk->sk_type = sock->type;
3445 RCU_INIT_POINTER(sk->sk_wq, &sock->wq);
3446 sock->sk = sk;
3447 } else {
3448 RCU_INIT_POINTER(sk->sk_wq, NULL);
3449 }
3450 sk->sk_uid = uid;
3451
3452 rwlock_init(&sk->sk_callback_lock);
3453 if (sk->sk_kern_sock)
3454 lockdep_set_class_and_name(
3455 &sk->sk_callback_lock,
3456 af_kern_callback_keys + sk->sk_family,
3457 af_family_kern_clock_key_strings[sk->sk_family]);
3458 else
3459 lockdep_set_class_and_name(
3460 &sk->sk_callback_lock,
3461 af_callback_keys + sk->sk_family,
3462 af_family_clock_key_strings[sk->sk_family]);
3463
3464 sk->sk_state_change = sock_def_wakeup;
3465 sk->sk_data_ready = sock_def_readable;
3466 sk->sk_write_space = sock_def_write_space;
3467 sk->sk_error_report = sock_def_error_report;
3468 sk->sk_destruct = sock_def_destruct;
3469
3470 sk->sk_frag.page = NULL;
3471 sk->sk_frag.offset = 0;
3472 sk->sk_peek_off = -1;
3473
3474 sk->sk_peer_pid = NULL;
3475 sk->sk_peer_cred = NULL;
3476 spin_lock_init(&sk->sk_peer_lock);
3477
3478 sk->sk_write_pending = 0;
3479 sk->sk_rcvlowat = 1;
3480 sk->sk_rcvtimeo = MAX_SCHEDULE_TIMEOUT;
3481 sk->sk_sndtimeo = MAX_SCHEDULE_TIMEOUT;
3482
3483 sk->sk_stamp = SK_DEFAULT_STAMP;
3484#if BITS_PER_LONG==32
3485 seqlock_init(&sk->sk_stamp_seq);
3486#endif
3487 atomic_set(&sk->sk_zckey, 0);
3488
3489#ifdef CONFIG_NET_RX_BUSY_POLL
3490 sk->sk_napi_id = 0;
3491 sk->sk_ll_usec = READ_ONCE(sysctl_net_busy_read);
3492#endif
3493
3494 sk->sk_max_pacing_rate = ~0UL;
3495 sk->sk_pacing_rate = ~0UL;
3496 WRITE_ONCE(sk->sk_pacing_shift, 10);
3497 sk->sk_incoming_cpu = -1;
3498
3499 sk_rx_queue_clear(sk);
3500 /*
3501 * Before updating sk_refcnt, we must commit prior changes to memory
3502 * (Documentation/RCU/rculist_nulls.rst for details)
3503 */
3504 smp_wmb();
3505 refcount_set(&sk->sk_refcnt, 1);
3506 atomic_set(&sk->sk_drops, 0);
3507}
3508EXPORT_SYMBOL(sock_init_data_uid);
3509
3510void sock_init_data(struct socket *sock, struct sock *sk)
3511{
3512 kuid_t uid = sock ?
3513 SOCK_INODE(sock)->i_uid :
3514 make_kuid(sock_net(sk)->user_ns, 0);
3515
3516 sock_init_data_uid(sock, sk, uid);
3517}
3518EXPORT_SYMBOL(sock_init_data);
3519
3520void lock_sock_nested(struct sock *sk, int subclass)
3521{
3522 /* The sk_lock has mutex_lock() semantics here. */
3523 mutex_acquire(&sk->sk_lock.dep_map, subclass, 0, _RET_IP_);
3524
3525 might_sleep();
3526 spin_lock_bh(&sk->sk_lock.slock);
3527 if (sock_owned_by_user_nocheck(sk))
3528 __lock_sock(sk);
3529 sk->sk_lock.owned = 1;
3530 spin_unlock_bh(&sk->sk_lock.slock);
3531}
3532EXPORT_SYMBOL(lock_sock_nested);
3533
3534void release_sock(struct sock *sk)
3535{
3536 spin_lock_bh(&sk->sk_lock.slock);
3537 if (sk->sk_backlog.tail)
3538 __release_sock(sk);
3539
3540 if (sk->sk_prot->release_cb)
3541 INDIRECT_CALL_INET_1(sk->sk_prot->release_cb,
3542 tcp_release_cb, sk);
3543
3544 sock_release_ownership(sk);
3545 if (waitqueue_active(&sk->sk_lock.wq))
3546 wake_up(&sk->sk_lock.wq);
3547 spin_unlock_bh(&sk->sk_lock.slock);
3548}
3549EXPORT_SYMBOL(release_sock);
3550
3551bool __lock_sock_fast(struct sock *sk) __acquires(&sk->sk_lock.slock)
3552{
3553 might_sleep();
3554 spin_lock_bh(&sk->sk_lock.slock);
3555
3556 if (!sock_owned_by_user_nocheck(sk)) {
3557 /*
3558 * Fast path return with bottom halves disabled and
3559 * sock::sk_lock.slock held.
3560 *
3561 * The 'mutex' is not contended and holding
3562 * sock::sk_lock.slock prevents all other lockers to
3563 * proceed so the corresponding unlock_sock_fast() can
3564 * avoid the slow path of release_sock() completely and
3565 * just release slock.
3566 *
3567 * From a semantical POV this is equivalent to 'acquiring'
3568 * the 'mutex', hence the corresponding lockdep
3569 * mutex_release() has to happen in the fast path of
3570 * unlock_sock_fast().
3571 */
3572 return false;
3573 }
3574
3575 __lock_sock(sk);
3576 sk->sk_lock.owned = 1;
3577 __acquire(&sk->sk_lock.slock);
3578 spin_unlock_bh(&sk->sk_lock.slock);
3579 return true;
3580}
3581EXPORT_SYMBOL(__lock_sock_fast);
3582
3583int sock_gettstamp(struct socket *sock, void __user *userstamp,
3584 bool timeval, bool time32)
3585{
3586 struct sock *sk = sock->sk;
3587 struct timespec64 ts;
3588
3589 sock_enable_timestamp(sk, SOCK_TIMESTAMP);
3590 ts = ktime_to_timespec64(sock_read_timestamp(sk));
3591 if (ts.tv_sec == -1)
3592 return -ENOENT;
3593 if (ts.tv_sec == 0) {
3594 ktime_t kt = ktime_get_real();
3595 sock_write_timestamp(sk, kt);
3596 ts = ktime_to_timespec64(kt);
3597 }
3598
3599 if (timeval)
3600 ts.tv_nsec /= 1000;
3601
3602#ifdef CONFIG_COMPAT_32BIT_TIME
3603 if (time32)
3604 return put_old_timespec32(&ts, userstamp);
3605#endif
3606#ifdef CONFIG_SPARC64
3607 /* beware of padding in sparc64 timeval */
3608 if (timeval && !in_compat_syscall()) {
3609 struct __kernel_old_timeval __user tv = {
3610 .tv_sec = ts.tv_sec,
3611 .tv_usec = ts.tv_nsec,
3612 };
3613 if (copy_to_user(userstamp, &tv, sizeof(tv)))
3614 return -EFAULT;
3615 return 0;
3616 }
3617#endif
3618 return put_timespec64(&ts, userstamp);
3619}
3620EXPORT_SYMBOL(sock_gettstamp);
3621
3622void sock_enable_timestamp(struct sock *sk, enum sock_flags flag)
3623{
3624 if (!sock_flag(sk, flag)) {
3625 unsigned long previous_flags = sk->sk_flags;
3626
3627 sock_set_flag(sk, flag);
3628 /*
3629 * we just set one of the two flags which require net
3630 * time stamping, but time stamping might have been on
3631 * already because of the other one
3632 */
3633 if (sock_needs_netstamp(sk) &&
3634 !(previous_flags & SK_FLAGS_TIMESTAMP))
3635 net_enable_timestamp();
3636 }
3637}
3638
3639int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len,
3640 int level, int type)
3641{
3642 struct sock_exterr_skb *serr;
3643 struct sk_buff *skb;
3644 int copied, err;
3645
3646 err = -EAGAIN;
3647 skb = sock_dequeue_err_skb(sk);
3648 if (skb == NULL)
3649 goto out;
3650
3651 copied = skb->len;
3652 if (copied > len) {
3653 msg->msg_flags |= MSG_TRUNC;
3654 copied = len;
3655 }
3656 err = skb_copy_datagram_msg(skb, 0, msg, copied);
3657 if (err)
3658 goto out_free_skb;
3659
3660 sock_recv_timestamp(msg, sk, skb);
3661
3662 serr = SKB_EXT_ERR(skb);
3663 put_cmsg(msg, level, type, sizeof(serr->ee), &serr->ee);
3664
3665 msg->msg_flags |= MSG_ERRQUEUE;
3666 err = copied;
3667
3668out_free_skb:
3669 kfree_skb(skb);
3670out:
3671 return err;
3672}
3673EXPORT_SYMBOL(sock_recv_errqueue);
3674
3675/*
3676 * Get a socket option on an socket.
3677 *
3678 * FIX: POSIX 1003.1g is very ambiguous here. It states that
3679 * asynchronous errors should be reported by getsockopt. We assume
3680 * this means if you specify SO_ERROR (otherwise whats the point of it).
3681 */
3682int sock_common_getsockopt(struct socket *sock, int level, int optname,
3683 char __user *optval, int __user *optlen)
3684{
3685 struct sock *sk = sock->sk;
3686
3687 /* IPV6_ADDRFORM can change sk->sk_prot under us. */
3688 return READ_ONCE(sk->sk_prot)->getsockopt(sk, level, optname, optval, optlen);
3689}
3690EXPORT_SYMBOL(sock_common_getsockopt);
3691
3692int sock_common_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,
3693 int flags)
3694{
3695 struct sock *sk = sock->sk;
3696 int addr_len = 0;
3697 int err;
3698
3699 err = sk->sk_prot->recvmsg(sk, msg, size, flags, &addr_len);
3700 if (err >= 0)
3701 msg->msg_namelen = addr_len;
3702 return err;
3703}
3704EXPORT_SYMBOL(sock_common_recvmsg);
3705
3706/*
3707 * Set socket options on an inet socket.
3708 */
3709int sock_common_setsockopt(struct socket *sock, int level, int optname,
3710 sockptr_t optval, unsigned int optlen)
3711{
3712 struct sock *sk = sock->sk;
3713
3714 /* IPV6_ADDRFORM can change sk->sk_prot under us. */
3715 return READ_ONCE(sk->sk_prot)->setsockopt(sk, level, optname, optval, optlen);
3716}
3717EXPORT_SYMBOL(sock_common_setsockopt);
3718
3719void sk_common_release(struct sock *sk)
3720{
3721 if (sk->sk_prot->destroy)
3722 sk->sk_prot->destroy(sk);
3723
3724 /*
3725 * Observation: when sk_common_release is called, processes have
3726 * no access to socket. But net still has.
3727 * Step one, detach it from networking:
3728 *
3729 * A. Remove from hash tables.
3730 */
3731
3732 sk->sk_prot->unhash(sk);
3733
3734 /*
3735 * In this point socket cannot receive new packets, but it is possible
3736 * that some packets are in flight because some CPU runs receiver and
3737 * did hash table lookup before we unhashed socket. They will achieve
3738 * receive queue and will be purged by socket destructor.
3739 *
3740 * Also we still have packets pending on receive queue and probably,
3741 * our own packets waiting in device queues. sock_destroy will drain
3742 * receive queue, but transmitted packets will delay socket destruction
3743 * until the last reference will be released.
3744 */
3745
3746 sock_orphan(sk);
3747
3748 xfrm_sk_free_policy(sk);
3749
3750 sock_put(sk);
3751}
3752EXPORT_SYMBOL(sk_common_release);
3753
3754void sk_get_meminfo(const struct sock *sk, u32 *mem)
3755{
3756 memset(mem, 0, sizeof(*mem) * SK_MEMINFO_VARS);
3757
3758 mem[SK_MEMINFO_RMEM_ALLOC] = sk_rmem_alloc_get(sk);
3759 mem[SK_MEMINFO_RCVBUF] = READ_ONCE(sk->sk_rcvbuf);
3760 mem[SK_MEMINFO_WMEM_ALLOC] = sk_wmem_alloc_get(sk);
3761 mem[SK_MEMINFO_SNDBUF] = READ_ONCE(sk->sk_sndbuf);
3762 mem[SK_MEMINFO_FWD_ALLOC] = sk_forward_alloc_get(sk);
3763 mem[SK_MEMINFO_WMEM_QUEUED] = READ_ONCE(sk->sk_wmem_queued);
3764 mem[SK_MEMINFO_OPTMEM] = atomic_read(&sk->sk_omem_alloc);
3765 mem[SK_MEMINFO_BACKLOG] = READ_ONCE(sk->sk_backlog.len);
3766 mem[SK_MEMINFO_DROPS] = atomic_read(&sk->sk_drops);
3767}
3768
3769#ifdef CONFIG_PROC_FS
3770static DECLARE_BITMAP(proto_inuse_idx, PROTO_INUSE_NR);
3771
3772int sock_prot_inuse_get(struct net *net, struct proto *prot)
3773{
3774 int cpu, idx = prot->inuse_idx;
3775 int res = 0;
3776
3777 for_each_possible_cpu(cpu)
3778 res += per_cpu_ptr(net->core.prot_inuse, cpu)->val[idx];
3779
3780 return res >= 0 ? res : 0;
3781}
3782EXPORT_SYMBOL_GPL(sock_prot_inuse_get);
3783
3784int sock_inuse_get(struct net *net)
3785{
3786 int cpu, res = 0;
3787
3788 for_each_possible_cpu(cpu)
3789 res += per_cpu_ptr(net->core.prot_inuse, cpu)->all;
3790
3791 return res;
3792}
3793
3794EXPORT_SYMBOL_GPL(sock_inuse_get);
3795
3796static int __net_init sock_inuse_init_net(struct net *net)
3797{
3798 net->core.prot_inuse = alloc_percpu(struct prot_inuse);
3799 if (net->core.prot_inuse == NULL)
3800 return -ENOMEM;
3801 return 0;
3802}
3803
3804static void __net_exit sock_inuse_exit_net(struct net *net)
3805{
3806 free_percpu(net->core.prot_inuse);
3807}
3808
3809static struct pernet_operations net_inuse_ops = {
3810 .init = sock_inuse_init_net,
3811 .exit = sock_inuse_exit_net,
3812};
3813
3814static __init int net_inuse_init(void)
3815{
3816 if (register_pernet_subsys(&net_inuse_ops))
3817 panic("Cannot initialize net inuse counters");
3818
3819 return 0;
3820}
3821
3822core_initcall(net_inuse_init);
3823
3824static int assign_proto_idx(struct proto *prot)
3825{
3826 prot->inuse_idx = find_first_zero_bit(proto_inuse_idx, PROTO_INUSE_NR);
3827
3828 if (unlikely(prot->inuse_idx == PROTO_INUSE_NR - 1)) {
3829 pr_err("PROTO_INUSE_NR exhausted\n");
3830 return -ENOSPC;
3831 }
3832
3833 set_bit(prot->inuse_idx, proto_inuse_idx);
3834 return 0;
3835}
3836
3837static void release_proto_idx(struct proto *prot)
3838{
3839 if (prot->inuse_idx != PROTO_INUSE_NR - 1)
3840 clear_bit(prot->inuse_idx, proto_inuse_idx);
3841}
3842#else
3843static inline int assign_proto_idx(struct proto *prot)
3844{
3845 return 0;
3846}
3847
3848static inline void release_proto_idx(struct proto *prot)
3849{
3850}
3851
3852#endif
3853
3854static void tw_prot_cleanup(struct timewait_sock_ops *twsk_prot)
3855{
3856 if (!twsk_prot)
3857 return;
3858 kfree(twsk_prot->twsk_slab_name);
3859 twsk_prot->twsk_slab_name = NULL;
3860 kmem_cache_destroy(twsk_prot->twsk_slab);
3861 twsk_prot->twsk_slab = NULL;
3862}
3863
3864static int tw_prot_init(const struct proto *prot)
3865{
3866 struct timewait_sock_ops *twsk_prot = prot->twsk_prot;
3867
3868 if (!twsk_prot)
3869 return 0;
3870
3871 twsk_prot->twsk_slab_name = kasprintf(GFP_KERNEL, "tw_sock_%s",
3872 prot->name);
3873 if (!twsk_prot->twsk_slab_name)
3874 return -ENOMEM;
3875
3876 twsk_prot->twsk_slab =
3877 kmem_cache_create(twsk_prot->twsk_slab_name,
3878 twsk_prot->twsk_obj_size, 0,
3879 SLAB_ACCOUNT | prot->slab_flags,
3880 NULL);
3881 if (!twsk_prot->twsk_slab) {
3882 pr_crit("%s: Can't create timewait sock SLAB cache!\n",
3883 prot->name);
3884 return -ENOMEM;
3885 }
3886
3887 return 0;
3888}
3889
3890static void req_prot_cleanup(struct request_sock_ops *rsk_prot)
3891{
3892 if (!rsk_prot)
3893 return;
3894 kfree(rsk_prot->slab_name);
3895 rsk_prot->slab_name = NULL;
3896 kmem_cache_destroy(rsk_prot->slab);
3897 rsk_prot->slab = NULL;
3898}
3899
3900static int req_prot_init(const struct proto *prot)
3901{
3902 struct request_sock_ops *rsk_prot = prot->rsk_prot;
3903
3904 if (!rsk_prot)
3905 return 0;
3906
3907 rsk_prot->slab_name = kasprintf(GFP_KERNEL, "request_sock_%s",
3908 prot->name);
3909 if (!rsk_prot->slab_name)
3910 return -ENOMEM;
3911
3912 rsk_prot->slab = kmem_cache_create(rsk_prot->slab_name,
3913 rsk_prot->obj_size, 0,
3914 SLAB_ACCOUNT | prot->slab_flags,
3915 NULL);
3916
3917 if (!rsk_prot->slab) {
3918 pr_crit("%s: Can't create request sock SLAB cache!\n",
3919 prot->name);
3920 return -ENOMEM;
3921 }
3922 return 0;
3923}
3924
3925int proto_register(struct proto *prot, int alloc_slab)
3926{
3927 int ret = -ENOBUFS;
3928
3929 if (prot->memory_allocated && !prot->sysctl_mem) {
3930 pr_err("%s: missing sysctl_mem\n", prot->name);
3931 return -EINVAL;
3932 }
3933 if (prot->memory_allocated && !prot->per_cpu_fw_alloc) {
3934 pr_err("%s: missing per_cpu_fw_alloc\n", prot->name);
3935 return -EINVAL;
3936 }
3937 if (alloc_slab) {
3938 prot->slab = kmem_cache_create_usercopy(prot->name,
3939 prot->obj_size, 0,
3940 SLAB_HWCACHE_ALIGN | SLAB_ACCOUNT |
3941 prot->slab_flags,
3942 prot->useroffset, prot->usersize,
3943 NULL);
3944
3945 if (prot->slab == NULL) {
3946 pr_crit("%s: Can't create sock SLAB cache!\n",
3947 prot->name);
3948 goto out;
3949 }
3950
3951 if (req_prot_init(prot))
3952 goto out_free_request_sock_slab;
3953
3954 if (tw_prot_init(prot))
3955 goto out_free_timewait_sock_slab;
3956 }
3957
3958 mutex_lock(&proto_list_mutex);
3959 ret = assign_proto_idx(prot);
3960 if (ret) {
3961 mutex_unlock(&proto_list_mutex);
3962 goto out_free_timewait_sock_slab;
3963 }
3964 list_add(&prot->node, &proto_list);
3965 mutex_unlock(&proto_list_mutex);
3966 return ret;
3967
3968out_free_timewait_sock_slab:
3969 if (alloc_slab)
3970 tw_prot_cleanup(prot->twsk_prot);
3971out_free_request_sock_slab:
3972 if (alloc_slab) {
3973 req_prot_cleanup(prot->rsk_prot);
3974
3975 kmem_cache_destroy(prot->slab);
3976 prot->slab = NULL;
3977 }
3978out:
3979 return ret;
3980}
3981EXPORT_SYMBOL(proto_register);
3982
3983void proto_unregister(struct proto *prot)
3984{
3985 mutex_lock(&proto_list_mutex);
3986 release_proto_idx(prot);
3987 list_del(&prot->node);
3988 mutex_unlock(&proto_list_mutex);
3989
3990 kmem_cache_destroy(prot->slab);
3991 prot->slab = NULL;
3992
3993 req_prot_cleanup(prot->rsk_prot);
3994 tw_prot_cleanup(prot->twsk_prot);
3995}
3996EXPORT_SYMBOL(proto_unregister);
3997
3998int sock_load_diag_module(int family, int protocol)
3999{
4000 if (!protocol) {
4001 if (!sock_is_registered(family))
4002 return -ENOENT;
4003
4004 return request_module("net-pf-%d-proto-%d-type-%d", PF_NETLINK,
4005 NETLINK_SOCK_DIAG, family);
4006 }
4007
4008#ifdef CONFIG_INET
4009 if (family == AF_INET &&
4010 protocol != IPPROTO_RAW &&
4011 protocol < MAX_INET_PROTOS &&
4012 !rcu_access_pointer(inet_protos[protocol]))
4013 return -ENOENT;
4014#endif
4015
4016 return request_module("net-pf-%d-proto-%d-type-%d-%d", PF_NETLINK,
4017 NETLINK_SOCK_DIAG, family, protocol);
4018}
4019EXPORT_SYMBOL(sock_load_diag_module);
4020
4021#ifdef CONFIG_PROC_FS
4022static void *proto_seq_start(struct seq_file *seq, loff_t *pos)
4023 __acquires(proto_list_mutex)
4024{
4025 mutex_lock(&proto_list_mutex);
4026 return seq_list_start_head(&proto_list, *pos);
4027}
4028
4029static void *proto_seq_next(struct seq_file *seq, void *v, loff_t *pos)
4030{
4031 return seq_list_next(v, &proto_list, pos);
4032}
4033
4034static void proto_seq_stop(struct seq_file *seq, void *v)
4035 __releases(proto_list_mutex)
4036{
4037 mutex_unlock(&proto_list_mutex);
4038}
4039
4040static char proto_method_implemented(const void *method)
4041{
4042 return method == NULL ? 'n' : 'y';
4043}
4044static long sock_prot_memory_allocated(struct proto *proto)
4045{
4046 return proto->memory_allocated != NULL ? proto_memory_allocated(proto) : -1L;
4047}
4048
4049static const char *sock_prot_memory_pressure(struct proto *proto)
4050{
4051 return proto->memory_pressure != NULL ?
4052 proto_memory_pressure(proto) ? "yes" : "no" : "NI";
4053}
4054
4055static void proto_seq_printf(struct seq_file *seq, struct proto *proto)
4056{
4057
4058 seq_printf(seq, "%-9s %4u %6d %6ld %-3s %6u %-3s %-10s "
4059 "%2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c\n",
4060 proto->name,
4061 proto->obj_size,
4062 sock_prot_inuse_get(seq_file_net(seq), proto),
4063 sock_prot_memory_allocated(proto),
4064 sock_prot_memory_pressure(proto),
4065 proto->max_header,
4066 proto->slab == NULL ? "no" : "yes",
4067 module_name(proto->owner),
4068 proto_method_implemented(proto->close),
4069 proto_method_implemented(proto->connect),
4070 proto_method_implemented(proto->disconnect),
4071 proto_method_implemented(proto->accept),
4072 proto_method_implemented(proto->ioctl),
4073 proto_method_implemented(proto->init),
4074 proto_method_implemented(proto->destroy),
4075 proto_method_implemented(proto->shutdown),
4076 proto_method_implemented(proto->setsockopt),
4077 proto_method_implemented(proto->getsockopt),
4078 proto_method_implemented(proto->sendmsg),
4079 proto_method_implemented(proto->recvmsg),
4080 proto_method_implemented(proto->bind),
4081 proto_method_implemented(proto->backlog_rcv),
4082 proto_method_implemented(proto->hash),
4083 proto_method_implemented(proto->unhash),
4084 proto_method_implemented(proto->get_port),
4085 proto_method_implemented(proto->enter_memory_pressure));
4086}
4087
4088static int proto_seq_show(struct seq_file *seq, void *v)
4089{
4090 if (v == &proto_list)
4091 seq_printf(seq, "%-9s %-4s %-8s %-6s %-5s %-7s %-4s %-10s %s",
4092 "protocol",
4093 "size",
4094 "sockets",
4095 "memory",
4096 "press",
4097 "maxhdr",
4098 "slab",
4099 "module",
4100 "cl co di ac io in de sh ss gs se re bi br ha uh gp em\n");
4101 else
4102 proto_seq_printf(seq, list_entry(v, struct proto, node));
4103 return 0;
4104}
4105
4106static const struct seq_operations proto_seq_ops = {
4107 .start = proto_seq_start,
4108 .next = proto_seq_next,
4109 .stop = proto_seq_stop,
4110 .show = proto_seq_show,
4111};
4112
4113static __net_init int proto_init_net(struct net *net)
4114{
4115 if (!proc_create_net("protocols", 0444, net->proc_net, &proto_seq_ops,
4116 sizeof(struct seq_net_private)))
4117 return -ENOMEM;
4118
4119 return 0;
4120}
4121
4122static __net_exit void proto_exit_net(struct net *net)
4123{
4124 remove_proc_entry("protocols", net->proc_net);
4125}
4126
4127
4128static __net_initdata struct pernet_operations proto_net_ops = {
4129 .init = proto_init_net,
4130 .exit = proto_exit_net,
4131};
4132
4133static int __init proto_init(void)
4134{
4135 return register_pernet_subsys(&proto_net_ops);
4136}
4137
4138subsys_initcall(proto_init);
4139
4140#endif /* PROC_FS */
4141
4142#ifdef CONFIG_NET_RX_BUSY_POLL
4143bool sk_busy_loop_end(void *p, unsigned long start_time)
4144{
4145 struct sock *sk = p;
4146
4147 if (!skb_queue_empty_lockless(&sk->sk_receive_queue))
4148 return true;
4149
4150 if (sk_is_udp(sk) &&
4151 !skb_queue_empty_lockless(&udp_sk(sk)->reader_queue))
4152 return true;
4153
4154 return sk_busy_loop_timeout(sk, start_time);
4155}
4156EXPORT_SYMBOL(sk_busy_loop_end);
4157#endif /* CONFIG_NET_RX_BUSY_POLL */
4158
4159int sock_bind_add(struct sock *sk, struct sockaddr *addr, int addr_len)
4160{
4161 if (!sk->sk_prot->bind_add)
4162 return -EOPNOTSUPP;
4163 return sk->sk_prot->bind_add(sk, addr, addr_len);
4164}
4165EXPORT_SYMBOL(sock_bind_add);
4166
4167/* Copy 'size' bytes from userspace and return `size` back to userspace */
4168int sock_ioctl_inout(struct sock *sk, unsigned int cmd,
4169 void __user *arg, void *karg, size_t size)
4170{
4171 int ret;
4172
4173 if (copy_from_user(karg, arg, size))
4174 return -EFAULT;
4175
4176 ret = READ_ONCE(sk->sk_prot)->ioctl(sk, cmd, karg);
4177 if (ret)
4178 return ret;
4179
4180 if (copy_to_user(arg, karg, size))
4181 return -EFAULT;
4182
4183 return 0;
4184}
4185EXPORT_SYMBOL(sock_ioctl_inout);
4186
4187/* This is the most common ioctl prep function, where the result (4 bytes) is
4188 * copied back to userspace if the ioctl() returns successfully. No input is
4189 * copied from userspace as input argument.
4190 */
4191static int sock_ioctl_out(struct sock *sk, unsigned int cmd, void __user *arg)
4192{
4193 int ret, karg = 0;
4194
4195 ret = READ_ONCE(sk->sk_prot)->ioctl(sk, cmd, &karg);
4196 if (ret)
4197 return ret;
4198
4199 return put_user(karg, (int __user *)arg);
4200}
4201
4202/* A wrapper around sock ioctls, which copies the data from userspace
4203 * (depending on the protocol/ioctl), and copies back the result to userspace.
4204 * The main motivation for this function is to pass kernel memory to the
4205 * protocol ioctl callbacks, instead of userspace memory.
4206 */
4207int sk_ioctl(struct sock *sk, unsigned int cmd, void __user *arg)
4208{
4209 int rc = 1;
4210
4211 if (sk->sk_type == SOCK_RAW && sk->sk_family == AF_INET)
4212 rc = ipmr_sk_ioctl(sk, cmd, arg);
4213 else if (sk->sk_type == SOCK_RAW && sk->sk_family == AF_INET6)
4214 rc = ip6mr_sk_ioctl(sk, cmd, arg);
4215 else if (sk_is_phonet(sk))
4216 rc = phonet_sk_ioctl(sk, cmd, arg);
4217
4218 /* If ioctl was processed, returns its value */
4219 if (rc <= 0)
4220 return rc;
4221
4222 /* Otherwise call the default handler */
4223 return sock_ioctl_out(sk, cmd, arg);
4224}
4225EXPORT_SYMBOL(sk_ioctl);
1/*
2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
5 *
6 * Generic socket support routines. Memory allocators, socket lock/release
7 * handler for protocols to use and generic option handler.
8 *
9 *
10 * Authors: Ross Biro
11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Florian La Roche, <flla@stud.uni-sb.de>
13 * Alan Cox, <A.Cox@swansea.ac.uk>
14 *
15 * Fixes:
16 * Alan Cox : Numerous verify_area() problems
17 * Alan Cox : Connecting on a connecting socket
18 * now returns an error for tcp.
19 * Alan Cox : sock->protocol is set correctly.
20 * and is not sometimes left as 0.
21 * Alan Cox : connect handles icmp errors on a
22 * connect properly. Unfortunately there
23 * is a restart syscall nasty there. I
24 * can't match BSD without hacking the C
25 * library. Ideas urgently sought!
26 * Alan Cox : Disallow bind() to addresses that are
27 * not ours - especially broadcast ones!!
28 * Alan Cox : Socket 1024 _IS_ ok for users. (fencepost)
29 * Alan Cox : sock_wfree/sock_rfree don't destroy sockets,
30 * instead they leave that for the DESTROY timer.
31 * Alan Cox : Clean up error flag in accept
32 * Alan Cox : TCP ack handling is buggy, the DESTROY timer
33 * was buggy. Put a remove_sock() in the handler
34 * for memory when we hit 0. Also altered the timer
35 * code. The ACK stuff can wait and needs major
36 * TCP layer surgery.
37 * Alan Cox : Fixed TCP ack bug, removed remove sock
38 * and fixed timer/inet_bh race.
39 * Alan Cox : Added zapped flag for TCP
40 * Alan Cox : Move kfree_skb into skbuff.c and tidied up surplus code
41 * Alan Cox : for new sk_buff allocations wmalloc/rmalloc now call alloc_skb
42 * Alan Cox : kfree_s calls now are kfree_skbmem so we can track skb resources
43 * Alan Cox : Supports socket option broadcast now as does udp. Packet and raw need fixing.
44 * Alan Cox : Added RCVBUF,SNDBUF size setting. It suddenly occurred to me how easy it was so...
45 * Rick Sladkey : Relaxed UDP rules for matching packets.
46 * C.E.Hawkins : IFF_PROMISC/SIOCGHWADDR support
47 * Pauline Middelink : identd support
48 * Alan Cox : Fixed connect() taking signals I think.
49 * Alan Cox : SO_LINGER supported
50 * Alan Cox : Error reporting fixes
51 * Anonymous : inet_create tidied up (sk->reuse setting)
52 * Alan Cox : inet sockets don't set sk->type!
53 * Alan Cox : Split socket option code
54 * Alan Cox : Callbacks
55 * Alan Cox : Nagle flag for Charles & Johannes stuff
56 * Alex : Removed restriction on inet fioctl
57 * Alan Cox : Splitting INET from NET core
58 * Alan Cox : Fixed bogus SO_TYPE handling in getsockopt()
59 * Adam Caldwell : Missing return in SO_DONTROUTE/SO_DEBUG code
60 * Alan Cox : Split IP from generic code
61 * Alan Cox : New kfree_skbmem()
62 * Alan Cox : Make SO_DEBUG superuser only.
63 * Alan Cox : Allow anyone to clear SO_DEBUG
64 * (compatibility fix)
65 * Alan Cox : Added optimistic memory grabbing for AF_UNIX throughput.
66 * Alan Cox : Allocator for a socket is settable.
67 * Alan Cox : SO_ERROR includes soft errors.
68 * Alan Cox : Allow NULL arguments on some SO_ opts
69 * Alan Cox : Generic socket allocation to make hooks
70 * easier (suggested by Craig Metz).
71 * Michael Pall : SO_ERROR returns positive errno again
72 * Steve Whitehouse: Added default destructor to free
73 * protocol private data.
74 * Steve Whitehouse: Added various other default routines
75 * common to several socket families.
76 * Chris Evans : Call suser() check last on F_SETOWN
77 * Jay Schulist : Added SO_ATTACH_FILTER and SO_DETACH_FILTER.
78 * Andi Kleen : Add sock_kmalloc()/sock_kfree_s()
79 * Andi Kleen : Fix write_space callback
80 * Chris Evans : Security fixes - signedness again
81 * Arnaldo C. Melo : cleanups, use skb_queue_purge
82 *
83 * To Fix:
84 *
85 *
86 * This program is free software; you can redistribute it and/or
87 * modify it under the terms of the GNU General Public License
88 * as published by the Free Software Foundation; either version
89 * 2 of the License, or (at your option) any later version.
90 */
91
92#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
93
94#include <linux/capability.h>
95#include <linux/errno.h>
96#include <linux/errqueue.h>
97#include <linux/types.h>
98#include <linux/socket.h>
99#include <linux/in.h>
100#include <linux/kernel.h>
101#include <linux/module.h>
102#include <linux/proc_fs.h>
103#include <linux/seq_file.h>
104#include <linux/sched.h>
105#include <linux/timer.h>
106#include <linux/string.h>
107#include <linux/sockios.h>
108#include <linux/net.h>
109#include <linux/mm.h>
110#include <linux/slab.h>
111#include <linux/interrupt.h>
112#include <linux/poll.h>
113#include <linux/tcp.h>
114#include <linux/init.h>
115#include <linux/highmem.h>
116#include <linux/user_namespace.h>
117#include <linux/static_key.h>
118#include <linux/memcontrol.h>
119#include <linux/prefetch.h>
120
121#include <linux/uaccess.h>
122
123#include <linux/netdevice.h>
124#include <net/protocol.h>
125#include <linux/skbuff.h>
126#include <net/net_namespace.h>
127#include <net/request_sock.h>
128#include <net/sock.h>
129#include <linux/net_tstamp.h>
130#include <net/xfrm.h>
131#include <linux/ipsec.h>
132#include <net/cls_cgroup.h>
133#include <net/netprio_cgroup.h>
134#include <linux/sock_diag.h>
135
136#include <linux/filter.h>
137#include <net/sock_reuseport.h>
138
139#include <trace/events/sock.h>
140
141#ifdef CONFIG_INET
142#include <net/tcp.h>
143#endif
144
145#include <net/busy_poll.h>
146
147static DEFINE_MUTEX(proto_list_mutex);
148static LIST_HEAD(proto_list);
149
150/**
151 * sk_ns_capable - General socket capability test
152 * @sk: Socket to use a capability on or through
153 * @user_ns: The user namespace of the capability to use
154 * @cap: The capability to use
155 *
156 * Test to see if the opener of the socket had when the socket was
157 * created and the current process has the capability @cap in the user
158 * namespace @user_ns.
159 */
160bool sk_ns_capable(const struct sock *sk,
161 struct user_namespace *user_ns, int cap)
162{
163 return file_ns_capable(sk->sk_socket->file, user_ns, cap) &&
164 ns_capable(user_ns, cap);
165}
166EXPORT_SYMBOL(sk_ns_capable);
167
168/**
169 * sk_capable - Socket global capability test
170 * @sk: Socket to use a capability on or through
171 * @cap: The global capability to use
172 *
173 * Test to see if the opener of the socket had when the socket was
174 * created and the current process has the capability @cap in all user
175 * namespaces.
176 */
177bool sk_capable(const struct sock *sk, int cap)
178{
179 return sk_ns_capable(sk, &init_user_ns, cap);
180}
181EXPORT_SYMBOL(sk_capable);
182
183/**
184 * sk_net_capable - Network namespace socket capability test
185 * @sk: Socket to use a capability on or through
186 * @cap: The capability to use
187 *
188 * Test to see if the opener of the socket had when the socket was created
189 * and the current process has the capability @cap over the network namespace
190 * the socket is a member of.
191 */
192bool sk_net_capable(const struct sock *sk, int cap)
193{
194 return sk_ns_capable(sk, sock_net(sk)->user_ns, cap);
195}
196EXPORT_SYMBOL(sk_net_capable);
197
198/*
199 * Each address family might have different locking rules, so we have
200 * one slock key per address family:
201 */
202static struct lock_class_key af_family_keys[AF_MAX];
203static struct lock_class_key af_family_slock_keys[AF_MAX];
204
205/*
206 * Make lock validator output more readable. (we pre-construct these
207 * strings build-time, so that runtime initialization of socket
208 * locks is fast):
209 */
210static const char *const af_family_key_strings[AF_MAX+1] = {
211 "sk_lock-AF_UNSPEC", "sk_lock-AF_UNIX" , "sk_lock-AF_INET" ,
212 "sk_lock-AF_AX25" , "sk_lock-AF_IPX" , "sk_lock-AF_APPLETALK",
213 "sk_lock-AF_NETROM", "sk_lock-AF_BRIDGE" , "sk_lock-AF_ATMPVC" ,
214 "sk_lock-AF_X25" , "sk_lock-AF_INET6" , "sk_lock-AF_ROSE" ,
215 "sk_lock-AF_DECnet", "sk_lock-AF_NETBEUI" , "sk_lock-AF_SECURITY" ,
216 "sk_lock-AF_KEY" , "sk_lock-AF_NETLINK" , "sk_lock-AF_PACKET" ,
217 "sk_lock-AF_ASH" , "sk_lock-AF_ECONET" , "sk_lock-AF_ATMSVC" ,
218 "sk_lock-AF_RDS" , "sk_lock-AF_SNA" , "sk_lock-AF_IRDA" ,
219 "sk_lock-AF_PPPOX" , "sk_lock-AF_WANPIPE" , "sk_lock-AF_LLC" ,
220 "sk_lock-27" , "sk_lock-28" , "sk_lock-AF_CAN" ,
221 "sk_lock-AF_TIPC" , "sk_lock-AF_BLUETOOTH", "sk_lock-IUCV" ,
222 "sk_lock-AF_RXRPC" , "sk_lock-AF_ISDN" , "sk_lock-AF_PHONET" ,
223 "sk_lock-AF_IEEE802154", "sk_lock-AF_CAIF" , "sk_lock-AF_ALG" ,
224 "sk_lock-AF_NFC" , "sk_lock-AF_VSOCK" , "sk_lock-AF_KCM" ,
225 "sk_lock-AF_QIPCRTR", "sk_lock-AF_MAX"
226};
227static const char *const af_family_slock_key_strings[AF_MAX+1] = {
228 "slock-AF_UNSPEC", "slock-AF_UNIX" , "slock-AF_INET" ,
229 "slock-AF_AX25" , "slock-AF_IPX" , "slock-AF_APPLETALK",
230 "slock-AF_NETROM", "slock-AF_BRIDGE" , "slock-AF_ATMPVC" ,
231 "slock-AF_X25" , "slock-AF_INET6" , "slock-AF_ROSE" ,
232 "slock-AF_DECnet", "slock-AF_NETBEUI" , "slock-AF_SECURITY" ,
233 "slock-AF_KEY" , "slock-AF_NETLINK" , "slock-AF_PACKET" ,
234 "slock-AF_ASH" , "slock-AF_ECONET" , "slock-AF_ATMSVC" ,
235 "slock-AF_RDS" , "slock-AF_SNA" , "slock-AF_IRDA" ,
236 "slock-AF_PPPOX" , "slock-AF_WANPIPE" , "slock-AF_LLC" ,
237 "slock-27" , "slock-28" , "slock-AF_CAN" ,
238 "slock-AF_TIPC" , "slock-AF_BLUETOOTH", "slock-AF_IUCV" ,
239 "slock-AF_RXRPC" , "slock-AF_ISDN" , "slock-AF_PHONET" ,
240 "slock-AF_IEEE802154", "slock-AF_CAIF" , "slock-AF_ALG" ,
241 "slock-AF_NFC" , "slock-AF_VSOCK" ,"slock-AF_KCM" ,
242 "slock-AF_QIPCRTR", "slock-AF_MAX"
243};
244static const char *const af_family_clock_key_strings[AF_MAX+1] = {
245 "clock-AF_UNSPEC", "clock-AF_UNIX" , "clock-AF_INET" ,
246 "clock-AF_AX25" , "clock-AF_IPX" , "clock-AF_APPLETALK",
247 "clock-AF_NETROM", "clock-AF_BRIDGE" , "clock-AF_ATMPVC" ,
248 "clock-AF_X25" , "clock-AF_INET6" , "clock-AF_ROSE" ,
249 "clock-AF_DECnet", "clock-AF_NETBEUI" , "clock-AF_SECURITY" ,
250 "clock-AF_KEY" , "clock-AF_NETLINK" , "clock-AF_PACKET" ,
251 "clock-AF_ASH" , "clock-AF_ECONET" , "clock-AF_ATMSVC" ,
252 "clock-AF_RDS" , "clock-AF_SNA" , "clock-AF_IRDA" ,
253 "clock-AF_PPPOX" , "clock-AF_WANPIPE" , "clock-AF_LLC" ,
254 "clock-27" , "clock-28" , "clock-AF_CAN" ,
255 "clock-AF_TIPC" , "clock-AF_BLUETOOTH", "clock-AF_IUCV" ,
256 "clock-AF_RXRPC" , "clock-AF_ISDN" , "clock-AF_PHONET" ,
257 "clock-AF_IEEE802154", "clock-AF_CAIF" , "clock-AF_ALG" ,
258 "clock-AF_NFC" , "clock-AF_VSOCK" , "clock-AF_KCM" ,
259 "clock-AF_QIPCRTR", "clock-AF_MAX"
260};
261
262/*
263 * sk_callback_lock locking rules are per-address-family,
264 * so split the lock classes by using a per-AF key:
265 */
266static struct lock_class_key af_callback_keys[AF_MAX];
267
268/* Take into consideration the size of the struct sk_buff overhead in the
269 * determination of these values, since that is non-constant across
270 * platforms. This makes socket queueing behavior and performance
271 * not depend upon such differences.
272 */
273#define _SK_MEM_PACKETS 256
274#define _SK_MEM_OVERHEAD SKB_TRUESIZE(256)
275#define SK_WMEM_MAX (_SK_MEM_OVERHEAD * _SK_MEM_PACKETS)
276#define SK_RMEM_MAX (_SK_MEM_OVERHEAD * _SK_MEM_PACKETS)
277
278/* Run time adjustable parameters. */
279__u32 sysctl_wmem_max __read_mostly = SK_WMEM_MAX;
280EXPORT_SYMBOL(sysctl_wmem_max);
281__u32 sysctl_rmem_max __read_mostly = SK_RMEM_MAX;
282EXPORT_SYMBOL(sysctl_rmem_max);
283__u32 sysctl_wmem_default __read_mostly = SK_WMEM_MAX;
284__u32 sysctl_rmem_default __read_mostly = SK_RMEM_MAX;
285
286/* Maximal space eaten by iovec or ancillary data plus some space */
287int sysctl_optmem_max __read_mostly = sizeof(unsigned long)*(2*UIO_MAXIOV+512);
288EXPORT_SYMBOL(sysctl_optmem_max);
289
290int sysctl_tstamp_allow_data __read_mostly = 1;
291
292struct static_key memalloc_socks = STATIC_KEY_INIT_FALSE;
293EXPORT_SYMBOL_GPL(memalloc_socks);
294
295/**
296 * sk_set_memalloc - sets %SOCK_MEMALLOC
297 * @sk: socket to set it on
298 *
299 * Set %SOCK_MEMALLOC on a socket for access to emergency reserves.
300 * It's the responsibility of the admin to adjust min_free_kbytes
301 * to meet the requirements
302 */
303void sk_set_memalloc(struct sock *sk)
304{
305 sock_set_flag(sk, SOCK_MEMALLOC);
306 sk->sk_allocation |= __GFP_MEMALLOC;
307 static_key_slow_inc(&memalloc_socks);
308}
309EXPORT_SYMBOL_GPL(sk_set_memalloc);
310
311void sk_clear_memalloc(struct sock *sk)
312{
313 sock_reset_flag(sk, SOCK_MEMALLOC);
314 sk->sk_allocation &= ~__GFP_MEMALLOC;
315 static_key_slow_dec(&memalloc_socks);
316
317 /*
318 * SOCK_MEMALLOC is allowed to ignore rmem limits to ensure forward
319 * progress of swapping. SOCK_MEMALLOC may be cleared while
320 * it has rmem allocations due to the last swapfile being deactivated
321 * but there is a risk that the socket is unusable due to exceeding
322 * the rmem limits. Reclaim the reserves and obey rmem limits again.
323 */
324 sk_mem_reclaim(sk);
325}
326EXPORT_SYMBOL_GPL(sk_clear_memalloc);
327
328int __sk_backlog_rcv(struct sock *sk, struct sk_buff *skb)
329{
330 int ret;
331 unsigned long pflags = current->flags;
332
333 /* these should have been dropped before queueing */
334 BUG_ON(!sock_flag(sk, SOCK_MEMALLOC));
335
336 current->flags |= PF_MEMALLOC;
337 ret = sk->sk_backlog_rcv(sk, skb);
338 tsk_restore_flags(current, pflags, PF_MEMALLOC);
339
340 return ret;
341}
342EXPORT_SYMBOL(__sk_backlog_rcv);
343
344static int sock_set_timeout(long *timeo_p, char __user *optval, int optlen)
345{
346 struct timeval tv;
347
348 if (optlen < sizeof(tv))
349 return -EINVAL;
350 if (copy_from_user(&tv, optval, sizeof(tv)))
351 return -EFAULT;
352 if (tv.tv_usec < 0 || tv.tv_usec >= USEC_PER_SEC)
353 return -EDOM;
354
355 if (tv.tv_sec < 0) {
356 static int warned __read_mostly;
357
358 *timeo_p = 0;
359 if (warned < 10 && net_ratelimit()) {
360 warned++;
361 pr_info("%s: `%s' (pid %d) tries to set negative timeout\n",
362 __func__, current->comm, task_pid_nr(current));
363 }
364 return 0;
365 }
366 *timeo_p = MAX_SCHEDULE_TIMEOUT;
367 if (tv.tv_sec == 0 && tv.tv_usec == 0)
368 return 0;
369 if (tv.tv_sec < (MAX_SCHEDULE_TIMEOUT/HZ - 1))
370 *timeo_p = tv.tv_sec*HZ + (tv.tv_usec+(1000000/HZ-1))/(1000000/HZ);
371 return 0;
372}
373
374static void sock_warn_obsolete_bsdism(const char *name)
375{
376 static int warned;
377 static char warncomm[TASK_COMM_LEN];
378 if (strcmp(warncomm, current->comm) && warned < 5) {
379 strcpy(warncomm, current->comm);
380 pr_warn("process `%s' is using obsolete %s SO_BSDCOMPAT\n",
381 warncomm, name);
382 warned++;
383 }
384}
385
386static bool sock_needs_netstamp(const struct sock *sk)
387{
388 switch (sk->sk_family) {
389 case AF_UNSPEC:
390 case AF_UNIX:
391 return false;
392 default:
393 return true;
394 }
395}
396
397static void sock_disable_timestamp(struct sock *sk, unsigned long flags)
398{
399 if (sk->sk_flags & flags) {
400 sk->sk_flags &= ~flags;
401 if (sock_needs_netstamp(sk) &&
402 !(sk->sk_flags & SK_FLAGS_TIMESTAMP))
403 net_disable_timestamp();
404 }
405}
406
407
408int __sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
409{
410 unsigned long flags;
411 struct sk_buff_head *list = &sk->sk_receive_queue;
412
413 if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf) {
414 atomic_inc(&sk->sk_drops);
415 trace_sock_rcvqueue_full(sk, skb);
416 return -ENOMEM;
417 }
418
419 if (!sk_rmem_schedule(sk, skb, skb->truesize)) {
420 atomic_inc(&sk->sk_drops);
421 return -ENOBUFS;
422 }
423
424 skb->dev = NULL;
425 skb_set_owner_r(skb, sk);
426
427 /* we escape from rcu protected region, make sure we dont leak
428 * a norefcounted dst
429 */
430 skb_dst_force(skb);
431
432 spin_lock_irqsave(&list->lock, flags);
433 sock_skb_set_dropcount(sk, skb);
434 __skb_queue_tail(list, skb);
435 spin_unlock_irqrestore(&list->lock, flags);
436
437 if (!sock_flag(sk, SOCK_DEAD))
438 sk->sk_data_ready(sk);
439 return 0;
440}
441EXPORT_SYMBOL(__sock_queue_rcv_skb);
442
443int sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
444{
445 int err;
446
447 err = sk_filter(sk, skb);
448 if (err)
449 return err;
450
451 return __sock_queue_rcv_skb(sk, skb);
452}
453EXPORT_SYMBOL(sock_queue_rcv_skb);
454
455int __sk_receive_skb(struct sock *sk, struct sk_buff *skb,
456 const int nested, unsigned int trim_cap, bool refcounted)
457{
458 int rc = NET_RX_SUCCESS;
459
460 if (sk_filter_trim_cap(sk, skb, trim_cap))
461 goto discard_and_relse;
462
463 skb->dev = NULL;
464
465 if (sk_rcvqueues_full(sk, sk->sk_rcvbuf)) {
466 atomic_inc(&sk->sk_drops);
467 goto discard_and_relse;
468 }
469 if (nested)
470 bh_lock_sock_nested(sk);
471 else
472 bh_lock_sock(sk);
473 if (!sock_owned_by_user(sk)) {
474 /*
475 * trylock + unlock semantics:
476 */
477 mutex_acquire(&sk->sk_lock.dep_map, 0, 1, _RET_IP_);
478
479 rc = sk_backlog_rcv(sk, skb);
480
481 mutex_release(&sk->sk_lock.dep_map, 1, _RET_IP_);
482 } else if (sk_add_backlog(sk, skb, sk->sk_rcvbuf)) {
483 bh_unlock_sock(sk);
484 atomic_inc(&sk->sk_drops);
485 goto discard_and_relse;
486 }
487
488 bh_unlock_sock(sk);
489out:
490 if (refcounted)
491 sock_put(sk);
492 return rc;
493discard_and_relse:
494 kfree_skb(skb);
495 goto out;
496}
497EXPORT_SYMBOL(__sk_receive_skb);
498
499struct dst_entry *__sk_dst_check(struct sock *sk, u32 cookie)
500{
501 struct dst_entry *dst = __sk_dst_get(sk);
502
503 if (dst && dst->obsolete && dst->ops->check(dst, cookie) == NULL) {
504 sk_tx_queue_clear(sk);
505 RCU_INIT_POINTER(sk->sk_dst_cache, NULL);
506 dst_release(dst);
507 return NULL;
508 }
509
510 return dst;
511}
512EXPORT_SYMBOL(__sk_dst_check);
513
514struct dst_entry *sk_dst_check(struct sock *sk, u32 cookie)
515{
516 struct dst_entry *dst = sk_dst_get(sk);
517
518 if (dst && dst->obsolete && dst->ops->check(dst, cookie) == NULL) {
519 sk_dst_reset(sk);
520 dst_release(dst);
521 return NULL;
522 }
523
524 return dst;
525}
526EXPORT_SYMBOL(sk_dst_check);
527
528static int sock_setbindtodevice(struct sock *sk, char __user *optval,
529 int optlen)
530{
531 int ret = -ENOPROTOOPT;
532#ifdef CONFIG_NETDEVICES
533 struct net *net = sock_net(sk);
534 char devname[IFNAMSIZ];
535 int index;
536
537 /* Sorry... */
538 ret = -EPERM;
539 if (!ns_capable(net->user_ns, CAP_NET_RAW))
540 goto out;
541
542 ret = -EINVAL;
543 if (optlen < 0)
544 goto out;
545
546 /* Bind this socket to a particular device like "eth0",
547 * as specified in the passed interface name. If the
548 * name is "" or the option length is zero the socket
549 * is not bound.
550 */
551 if (optlen > IFNAMSIZ - 1)
552 optlen = IFNAMSIZ - 1;
553 memset(devname, 0, sizeof(devname));
554
555 ret = -EFAULT;
556 if (copy_from_user(devname, optval, optlen))
557 goto out;
558
559 index = 0;
560 if (devname[0] != '\0') {
561 struct net_device *dev;
562
563 rcu_read_lock();
564 dev = dev_get_by_name_rcu(net, devname);
565 if (dev)
566 index = dev->ifindex;
567 rcu_read_unlock();
568 ret = -ENODEV;
569 if (!dev)
570 goto out;
571 }
572
573 lock_sock(sk);
574 sk->sk_bound_dev_if = index;
575 sk_dst_reset(sk);
576 release_sock(sk);
577
578 ret = 0;
579
580out:
581#endif
582
583 return ret;
584}
585
586static int sock_getbindtodevice(struct sock *sk, char __user *optval,
587 int __user *optlen, int len)
588{
589 int ret = -ENOPROTOOPT;
590#ifdef CONFIG_NETDEVICES
591 struct net *net = sock_net(sk);
592 char devname[IFNAMSIZ];
593
594 if (sk->sk_bound_dev_if == 0) {
595 len = 0;
596 goto zero;
597 }
598
599 ret = -EINVAL;
600 if (len < IFNAMSIZ)
601 goto out;
602
603 ret = netdev_get_name(net, devname, sk->sk_bound_dev_if);
604 if (ret)
605 goto out;
606
607 len = strlen(devname) + 1;
608
609 ret = -EFAULT;
610 if (copy_to_user(optval, devname, len))
611 goto out;
612
613zero:
614 ret = -EFAULT;
615 if (put_user(len, optlen))
616 goto out;
617
618 ret = 0;
619
620out:
621#endif
622
623 return ret;
624}
625
626static inline void sock_valbool_flag(struct sock *sk, int bit, int valbool)
627{
628 if (valbool)
629 sock_set_flag(sk, bit);
630 else
631 sock_reset_flag(sk, bit);
632}
633
634bool sk_mc_loop(struct sock *sk)
635{
636 if (dev_recursion_level())
637 return false;
638 if (!sk)
639 return true;
640 switch (sk->sk_family) {
641 case AF_INET:
642 return inet_sk(sk)->mc_loop;
643#if IS_ENABLED(CONFIG_IPV6)
644 case AF_INET6:
645 return inet6_sk(sk)->mc_loop;
646#endif
647 }
648 WARN_ON(1);
649 return true;
650}
651EXPORT_SYMBOL(sk_mc_loop);
652
653/*
654 * This is meant for all protocols to use and covers goings on
655 * at the socket level. Everything here is generic.
656 */
657
658int sock_setsockopt(struct socket *sock, int level, int optname,
659 char __user *optval, unsigned int optlen)
660{
661 struct sock *sk = sock->sk;
662 int val;
663 int valbool;
664 struct linger ling;
665 int ret = 0;
666
667 /*
668 * Options without arguments
669 */
670
671 if (optname == SO_BINDTODEVICE)
672 return sock_setbindtodevice(sk, optval, optlen);
673
674 if (optlen < sizeof(int))
675 return -EINVAL;
676
677 if (get_user(val, (int __user *)optval))
678 return -EFAULT;
679
680 valbool = val ? 1 : 0;
681
682 lock_sock(sk);
683
684 switch (optname) {
685 case SO_DEBUG:
686 if (val && !capable(CAP_NET_ADMIN))
687 ret = -EACCES;
688 else
689 sock_valbool_flag(sk, SOCK_DBG, valbool);
690 break;
691 case SO_REUSEADDR:
692 sk->sk_reuse = (valbool ? SK_CAN_REUSE : SK_NO_REUSE);
693 break;
694 case SO_REUSEPORT:
695 sk->sk_reuseport = valbool;
696 break;
697 case SO_TYPE:
698 case SO_PROTOCOL:
699 case SO_DOMAIN:
700 case SO_ERROR:
701 ret = -ENOPROTOOPT;
702 break;
703 case SO_DONTROUTE:
704 sock_valbool_flag(sk, SOCK_LOCALROUTE, valbool);
705 break;
706 case SO_BROADCAST:
707 sock_valbool_flag(sk, SOCK_BROADCAST, valbool);
708 break;
709 case SO_SNDBUF:
710 /* Don't error on this BSD doesn't and if you think
711 * about it this is right. Otherwise apps have to
712 * play 'guess the biggest size' games. RCVBUF/SNDBUF
713 * are treated in BSD as hints
714 */
715 val = min_t(u32, val, sysctl_wmem_max);
716set_sndbuf:
717 sk->sk_userlocks |= SOCK_SNDBUF_LOCK;
718 sk->sk_sndbuf = max_t(int, val * 2, SOCK_MIN_SNDBUF);
719 /* Wake up sending tasks if we upped the value. */
720 sk->sk_write_space(sk);
721 break;
722
723 case SO_SNDBUFFORCE:
724 if (!capable(CAP_NET_ADMIN)) {
725 ret = -EPERM;
726 break;
727 }
728 goto set_sndbuf;
729
730 case SO_RCVBUF:
731 /* Don't error on this BSD doesn't and if you think
732 * about it this is right. Otherwise apps have to
733 * play 'guess the biggest size' games. RCVBUF/SNDBUF
734 * are treated in BSD as hints
735 */
736 val = min_t(u32, val, sysctl_rmem_max);
737set_rcvbuf:
738 sk->sk_userlocks |= SOCK_RCVBUF_LOCK;
739 /*
740 * We double it on the way in to account for
741 * "struct sk_buff" etc. overhead. Applications
742 * assume that the SO_RCVBUF setting they make will
743 * allow that much actual data to be received on that
744 * socket.
745 *
746 * Applications are unaware that "struct sk_buff" and
747 * other overheads allocate from the receive buffer
748 * during socket buffer allocation.
749 *
750 * And after considering the possible alternatives,
751 * returning the value we actually used in getsockopt
752 * is the most desirable behavior.
753 */
754 sk->sk_rcvbuf = max_t(int, val * 2, SOCK_MIN_RCVBUF);
755 break;
756
757 case SO_RCVBUFFORCE:
758 if (!capable(CAP_NET_ADMIN)) {
759 ret = -EPERM;
760 break;
761 }
762 goto set_rcvbuf;
763
764 case SO_KEEPALIVE:
765#ifdef CONFIG_INET
766 if (sk->sk_protocol == IPPROTO_TCP &&
767 sk->sk_type == SOCK_STREAM)
768 tcp_set_keepalive(sk, valbool);
769#endif
770 sock_valbool_flag(sk, SOCK_KEEPOPEN, valbool);
771 break;
772
773 case SO_OOBINLINE:
774 sock_valbool_flag(sk, SOCK_URGINLINE, valbool);
775 break;
776
777 case SO_NO_CHECK:
778 sk->sk_no_check_tx = valbool;
779 break;
780
781 case SO_PRIORITY:
782 if ((val >= 0 && val <= 6) ||
783 ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN))
784 sk->sk_priority = val;
785 else
786 ret = -EPERM;
787 break;
788
789 case SO_LINGER:
790 if (optlen < sizeof(ling)) {
791 ret = -EINVAL; /* 1003.1g */
792 break;
793 }
794 if (copy_from_user(&ling, optval, sizeof(ling))) {
795 ret = -EFAULT;
796 break;
797 }
798 if (!ling.l_onoff)
799 sock_reset_flag(sk, SOCK_LINGER);
800 else {
801#if (BITS_PER_LONG == 32)
802 if ((unsigned int)ling.l_linger >= MAX_SCHEDULE_TIMEOUT/HZ)
803 sk->sk_lingertime = MAX_SCHEDULE_TIMEOUT;
804 else
805#endif
806 sk->sk_lingertime = (unsigned int)ling.l_linger * HZ;
807 sock_set_flag(sk, SOCK_LINGER);
808 }
809 break;
810
811 case SO_BSDCOMPAT:
812 sock_warn_obsolete_bsdism("setsockopt");
813 break;
814
815 case SO_PASSCRED:
816 if (valbool)
817 set_bit(SOCK_PASSCRED, &sock->flags);
818 else
819 clear_bit(SOCK_PASSCRED, &sock->flags);
820 break;
821
822 case SO_TIMESTAMP:
823 case SO_TIMESTAMPNS:
824 if (valbool) {
825 if (optname == SO_TIMESTAMP)
826 sock_reset_flag(sk, SOCK_RCVTSTAMPNS);
827 else
828 sock_set_flag(sk, SOCK_RCVTSTAMPNS);
829 sock_set_flag(sk, SOCK_RCVTSTAMP);
830 sock_enable_timestamp(sk, SOCK_TIMESTAMP);
831 } else {
832 sock_reset_flag(sk, SOCK_RCVTSTAMP);
833 sock_reset_flag(sk, SOCK_RCVTSTAMPNS);
834 }
835 break;
836
837 case SO_TIMESTAMPING:
838 if (val & ~SOF_TIMESTAMPING_MASK) {
839 ret = -EINVAL;
840 break;
841 }
842
843 if (val & SOF_TIMESTAMPING_OPT_ID &&
844 !(sk->sk_tsflags & SOF_TIMESTAMPING_OPT_ID)) {
845 if (sk->sk_protocol == IPPROTO_TCP &&
846 sk->sk_type == SOCK_STREAM) {
847 if ((1 << sk->sk_state) &
848 (TCPF_CLOSE | TCPF_LISTEN)) {
849 ret = -EINVAL;
850 break;
851 }
852 sk->sk_tskey = tcp_sk(sk)->snd_una;
853 } else {
854 sk->sk_tskey = 0;
855 }
856 }
857
858 if (val & SOF_TIMESTAMPING_OPT_STATS &&
859 !(val & SOF_TIMESTAMPING_OPT_TSONLY)) {
860 ret = -EINVAL;
861 break;
862 }
863
864 sk->sk_tsflags = val;
865 if (val & SOF_TIMESTAMPING_RX_SOFTWARE)
866 sock_enable_timestamp(sk,
867 SOCK_TIMESTAMPING_RX_SOFTWARE);
868 else
869 sock_disable_timestamp(sk,
870 (1UL << SOCK_TIMESTAMPING_RX_SOFTWARE));
871 break;
872
873 case SO_RCVLOWAT:
874 if (val < 0)
875 val = INT_MAX;
876 sk->sk_rcvlowat = val ? : 1;
877 break;
878
879 case SO_RCVTIMEO:
880 ret = sock_set_timeout(&sk->sk_rcvtimeo, optval, optlen);
881 break;
882
883 case SO_SNDTIMEO:
884 ret = sock_set_timeout(&sk->sk_sndtimeo, optval, optlen);
885 break;
886
887 case SO_ATTACH_FILTER:
888 ret = -EINVAL;
889 if (optlen == sizeof(struct sock_fprog)) {
890 struct sock_fprog fprog;
891
892 ret = -EFAULT;
893 if (copy_from_user(&fprog, optval, sizeof(fprog)))
894 break;
895
896 ret = sk_attach_filter(&fprog, sk);
897 }
898 break;
899
900 case SO_ATTACH_BPF:
901 ret = -EINVAL;
902 if (optlen == sizeof(u32)) {
903 u32 ufd;
904
905 ret = -EFAULT;
906 if (copy_from_user(&ufd, optval, sizeof(ufd)))
907 break;
908
909 ret = sk_attach_bpf(ufd, sk);
910 }
911 break;
912
913 case SO_ATTACH_REUSEPORT_CBPF:
914 ret = -EINVAL;
915 if (optlen == sizeof(struct sock_fprog)) {
916 struct sock_fprog fprog;
917
918 ret = -EFAULT;
919 if (copy_from_user(&fprog, optval, sizeof(fprog)))
920 break;
921
922 ret = sk_reuseport_attach_filter(&fprog, sk);
923 }
924 break;
925
926 case SO_ATTACH_REUSEPORT_EBPF:
927 ret = -EINVAL;
928 if (optlen == sizeof(u32)) {
929 u32 ufd;
930
931 ret = -EFAULT;
932 if (copy_from_user(&ufd, optval, sizeof(ufd)))
933 break;
934
935 ret = sk_reuseport_attach_bpf(ufd, sk);
936 }
937 break;
938
939 case SO_DETACH_FILTER:
940 ret = sk_detach_filter(sk);
941 break;
942
943 case SO_LOCK_FILTER:
944 if (sock_flag(sk, SOCK_FILTER_LOCKED) && !valbool)
945 ret = -EPERM;
946 else
947 sock_valbool_flag(sk, SOCK_FILTER_LOCKED, valbool);
948 break;
949
950 case SO_PASSSEC:
951 if (valbool)
952 set_bit(SOCK_PASSSEC, &sock->flags);
953 else
954 clear_bit(SOCK_PASSSEC, &sock->flags);
955 break;
956 case SO_MARK:
957 if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN))
958 ret = -EPERM;
959 else
960 sk->sk_mark = val;
961 break;
962
963 case SO_RXQ_OVFL:
964 sock_valbool_flag(sk, SOCK_RXQ_OVFL, valbool);
965 break;
966
967 case SO_WIFI_STATUS:
968 sock_valbool_flag(sk, SOCK_WIFI_STATUS, valbool);
969 break;
970
971 case SO_PEEK_OFF:
972 if (sock->ops->set_peek_off)
973 ret = sock->ops->set_peek_off(sk, val);
974 else
975 ret = -EOPNOTSUPP;
976 break;
977
978 case SO_NOFCS:
979 sock_valbool_flag(sk, SOCK_NOFCS, valbool);
980 break;
981
982 case SO_SELECT_ERR_QUEUE:
983 sock_valbool_flag(sk, SOCK_SELECT_ERR_QUEUE, valbool);
984 break;
985
986#ifdef CONFIG_NET_RX_BUSY_POLL
987 case SO_BUSY_POLL:
988 /* allow unprivileged users to decrease the value */
989 if ((val > sk->sk_ll_usec) && !capable(CAP_NET_ADMIN))
990 ret = -EPERM;
991 else {
992 if (val < 0)
993 ret = -EINVAL;
994 else
995 sk->sk_ll_usec = val;
996 }
997 break;
998#endif
999
1000 case SO_MAX_PACING_RATE:
1001 sk->sk_max_pacing_rate = val;
1002 sk->sk_pacing_rate = min(sk->sk_pacing_rate,
1003 sk->sk_max_pacing_rate);
1004 break;
1005
1006 case SO_INCOMING_CPU:
1007 sk->sk_incoming_cpu = val;
1008 break;
1009
1010 case SO_CNX_ADVICE:
1011 if (val == 1)
1012 dst_negative_advice(sk);
1013 break;
1014 default:
1015 ret = -ENOPROTOOPT;
1016 break;
1017 }
1018 release_sock(sk);
1019 return ret;
1020}
1021EXPORT_SYMBOL(sock_setsockopt);
1022
1023
1024static void cred_to_ucred(struct pid *pid, const struct cred *cred,
1025 struct ucred *ucred)
1026{
1027 ucred->pid = pid_vnr(pid);
1028 ucred->uid = ucred->gid = -1;
1029 if (cred) {
1030 struct user_namespace *current_ns = current_user_ns();
1031
1032 ucred->uid = from_kuid_munged(current_ns, cred->euid);
1033 ucred->gid = from_kgid_munged(current_ns, cred->egid);
1034 }
1035}
1036
1037int sock_getsockopt(struct socket *sock, int level, int optname,
1038 char __user *optval, int __user *optlen)
1039{
1040 struct sock *sk = sock->sk;
1041
1042 union {
1043 int val;
1044 struct linger ling;
1045 struct timeval tm;
1046 } v;
1047
1048 int lv = sizeof(int);
1049 int len;
1050
1051 if (get_user(len, optlen))
1052 return -EFAULT;
1053 if (len < 0)
1054 return -EINVAL;
1055
1056 memset(&v, 0, sizeof(v));
1057
1058 switch (optname) {
1059 case SO_DEBUG:
1060 v.val = sock_flag(sk, SOCK_DBG);
1061 break;
1062
1063 case SO_DONTROUTE:
1064 v.val = sock_flag(sk, SOCK_LOCALROUTE);
1065 break;
1066
1067 case SO_BROADCAST:
1068 v.val = sock_flag(sk, SOCK_BROADCAST);
1069 break;
1070
1071 case SO_SNDBUF:
1072 v.val = sk->sk_sndbuf;
1073 break;
1074
1075 case SO_RCVBUF:
1076 v.val = sk->sk_rcvbuf;
1077 break;
1078
1079 case SO_REUSEADDR:
1080 v.val = sk->sk_reuse;
1081 break;
1082
1083 case SO_REUSEPORT:
1084 v.val = sk->sk_reuseport;
1085 break;
1086
1087 case SO_KEEPALIVE:
1088 v.val = sock_flag(sk, SOCK_KEEPOPEN);
1089 break;
1090
1091 case SO_TYPE:
1092 v.val = sk->sk_type;
1093 break;
1094
1095 case SO_PROTOCOL:
1096 v.val = sk->sk_protocol;
1097 break;
1098
1099 case SO_DOMAIN:
1100 v.val = sk->sk_family;
1101 break;
1102
1103 case SO_ERROR:
1104 v.val = -sock_error(sk);
1105 if (v.val == 0)
1106 v.val = xchg(&sk->sk_err_soft, 0);
1107 break;
1108
1109 case SO_OOBINLINE:
1110 v.val = sock_flag(sk, SOCK_URGINLINE);
1111 break;
1112
1113 case SO_NO_CHECK:
1114 v.val = sk->sk_no_check_tx;
1115 break;
1116
1117 case SO_PRIORITY:
1118 v.val = sk->sk_priority;
1119 break;
1120
1121 case SO_LINGER:
1122 lv = sizeof(v.ling);
1123 v.ling.l_onoff = sock_flag(sk, SOCK_LINGER);
1124 v.ling.l_linger = sk->sk_lingertime / HZ;
1125 break;
1126
1127 case SO_BSDCOMPAT:
1128 sock_warn_obsolete_bsdism("getsockopt");
1129 break;
1130
1131 case SO_TIMESTAMP:
1132 v.val = sock_flag(sk, SOCK_RCVTSTAMP) &&
1133 !sock_flag(sk, SOCK_RCVTSTAMPNS);
1134 break;
1135
1136 case SO_TIMESTAMPNS:
1137 v.val = sock_flag(sk, SOCK_RCVTSTAMPNS);
1138 break;
1139
1140 case SO_TIMESTAMPING:
1141 v.val = sk->sk_tsflags;
1142 break;
1143
1144 case SO_RCVTIMEO:
1145 lv = sizeof(struct timeval);
1146 if (sk->sk_rcvtimeo == MAX_SCHEDULE_TIMEOUT) {
1147 v.tm.tv_sec = 0;
1148 v.tm.tv_usec = 0;
1149 } else {
1150 v.tm.tv_sec = sk->sk_rcvtimeo / HZ;
1151 v.tm.tv_usec = ((sk->sk_rcvtimeo % HZ) * 1000000) / HZ;
1152 }
1153 break;
1154
1155 case SO_SNDTIMEO:
1156 lv = sizeof(struct timeval);
1157 if (sk->sk_sndtimeo == MAX_SCHEDULE_TIMEOUT) {
1158 v.tm.tv_sec = 0;
1159 v.tm.tv_usec = 0;
1160 } else {
1161 v.tm.tv_sec = sk->sk_sndtimeo / HZ;
1162 v.tm.tv_usec = ((sk->sk_sndtimeo % HZ) * 1000000) / HZ;
1163 }
1164 break;
1165
1166 case SO_RCVLOWAT:
1167 v.val = sk->sk_rcvlowat;
1168 break;
1169
1170 case SO_SNDLOWAT:
1171 v.val = 1;
1172 break;
1173
1174 case SO_PASSCRED:
1175 v.val = !!test_bit(SOCK_PASSCRED, &sock->flags);
1176 break;
1177
1178 case SO_PEERCRED:
1179 {
1180 struct ucred peercred;
1181 if (len > sizeof(peercred))
1182 len = sizeof(peercred);
1183 cred_to_ucred(sk->sk_peer_pid, sk->sk_peer_cred, &peercred);
1184 if (copy_to_user(optval, &peercred, len))
1185 return -EFAULT;
1186 goto lenout;
1187 }
1188
1189 case SO_PEERNAME:
1190 {
1191 char address[128];
1192
1193 if (sock->ops->getname(sock, (struct sockaddr *)address, &lv, 2))
1194 return -ENOTCONN;
1195 if (lv < len)
1196 return -EINVAL;
1197 if (copy_to_user(optval, address, len))
1198 return -EFAULT;
1199 goto lenout;
1200 }
1201
1202 /* Dubious BSD thing... Probably nobody even uses it, but
1203 * the UNIX standard wants it for whatever reason... -DaveM
1204 */
1205 case SO_ACCEPTCONN:
1206 v.val = sk->sk_state == TCP_LISTEN;
1207 break;
1208
1209 case SO_PASSSEC:
1210 v.val = !!test_bit(SOCK_PASSSEC, &sock->flags);
1211 break;
1212
1213 case SO_PEERSEC:
1214 return security_socket_getpeersec_stream(sock, optval, optlen, len);
1215
1216 case SO_MARK:
1217 v.val = sk->sk_mark;
1218 break;
1219
1220 case SO_RXQ_OVFL:
1221 v.val = sock_flag(sk, SOCK_RXQ_OVFL);
1222 break;
1223
1224 case SO_WIFI_STATUS:
1225 v.val = sock_flag(sk, SOCK_WIFI_STATUS);
1226 break;
1227
1228 case SO_PEEK_OFF:
1229 if (!sock->ops->set_peek_off)
1230 return -EOPNOTSUPP;
1231
1232 v.val = sk->sk_peek_off;
1233 break;
1234 case SO_NOFCS:
1235 v.val = sock_flag(sk, SOCK_NOFCS);
1236 break;
1237
1238 case SO_BINDTODEVICE:
1239 return sock_getbindtodevice(sk, optval, optlen, len);
1240
1241 case SO_GET_FILTER:
1242 len = sk_get_filter(sk, (struct sock_filter __user *)optval, len);
1243 if (len < 0)
1244 return len;
1245
1246 goto lenout;
1247
1248 case SO_LOCK_FILTER:
1249 v.val = sock_flag(sk, SOCK_FILTER_LOCKED);
1250 break;
1251
1252 case SO_BPF_EXTENSIONS:
1253 v.val = bpf_tell_extensions();
1254 break;
1255
1256 case SO_SELECT_ERR_QUEUE:
1257 v.val = sock_flag(sk, SOCK_SELECT_ERR_QUEUE);
1258 break;
1259
1260#ifdef CONFIG_NET_RX_BUSY_POLL
1261 case SO_BUSY_POLL:
1262 v.val = sk->sk_ll_usec;
1263 break;
1264#endif
1265
1266 case SO_MAX_PACING_RATE:
1267 v.val = sk->sk_max_pacing_rate;
1268 break;
1269
1270 case SO_INCOMING_CPU:
1271 v.val = sk->sk_incoming_cpu;
1272 break;
1273
1274 default:
1275 /* We implement the SO_SNDLOWAT etc to not be settable
1276 * (1003.1g 7).
1277 */
1278 return -ENOPROTOOPT;
1279 }
1280
1281 if (len > lv)
1282 len = lv;
1283 if (copy_to_user(optval, &v, len))
1284 return -EFAULT;
1285lenout:
1286 if (put_user(len, optlen))
1287 return -EFAULT;
1288 return 0;
1289}
1290
1291/*
1292 * Initialize an sk_lock.
1293 *
1294 * (We also register the sk_lock with the lock validator.)
1295 */
1296static inline void sock_lock_init(struct sock *sk)
1297{
1298 sock_lock_init_class_and_name(sk,
1299 af_family_slock_key_strings[sk->sk_family],
1300 af_family_slock_keys + sk->sk_family,
1301 af_family_key_strings[sk->sk_family],
1302 af_family_keys + sk->sk_family);
1303}
1304
1305/*
1306 * Copy all fields from osk to nsk but nsk->sk_refcnt must not change yet,
1307 * even temporarly, because of RCU lookups. sk_node should also be left as is.
1308 * We must not copy fields between sk_dontcopy_begin and sk_dontcopy_end
1309 */
1310static void sock_copy(struct sock *nsk, const struct sock *osk)
1311{
1312#ifdef CONFIG_SECURITY_NETWORK
1313 void *sptr = nsk->sk_security;
1314#endif
1315 memcpy(nsk, osk, offsetof(struct sock, sk_dontcopy_begin));
1316
1317 memcpy(&nsk->sk_dontcopy_end, &osk->sk_dontcopy_end,
1318 osk->sk_prot->obj_size - offsetof(struct sock, sk_dontcopy_end));
1319
1320#ifdef CONFIG_SECURITY_NETWORK
1321 nsk->sk_security = sptr;
1322 security_sk_clone(osk, nsk);
1323#endif
1324}
1325
1326static struct sock *sk_prot_alloc(struct proto *prot, gfp_t priority,
1327 int family)
1328{
1329 struct sock *sk;
1330 struct kmem_cache *slab;
1331
1332 slab = prot->slab;
1333 if (slab != NULL) {
1334 sk = kmem_cache_alloc(slab, priority & ~__GFP_ZERO);
1335 if (!sk)
1336 return sk;
1337 if (priority & __GFP_ZERO)
1338 sk_prot_clear_nulls(sk, prot->obj_size);
1339 } else
1340 sk = kmalloc(prot->obj_size, priority);
1341
1342 if (sk != NULL) {
1343 kmemcheck_annotate_bitfield(sk, flags);
1344
1345 if (security_sk_alloc(sk, family, priority))
1346 goto out_free;
1347
1348 if (!try_module_get(prot->owner))
1349 goto out_free_sec;
1350 sk_tx_queue_clear(sk);
1351 }
1352
1353 return sk;
1354
1355out_free_sec:
1356 security_sk_free(sk);
1357out_free:
1358 if (slab != NULL)
1359 kmem_cache_free(slab, sk);
1360 else
1361 kfree(sk);
1362 return NULL;
1363}
1364
1365static void sk_prot_free(struct proto *prot, struct sock *sk)
1366{
1367 struct kmem_cache *slab;
1368 struct module *owner;
1369
1370 owner = prot->owner;
1371 slab = prot->slab;
1372
1373 cgroup_sk_free(&sk->sk_cgrp_data);
1374 mem_cgroup_sk_free(sk);
1375 security_sk_free(sk);
1376 if (slab != NULL)
1377 kmem_cache_free(slab, sk);
1378 else
1379 kfree(sk);
1380 module_put(owner);
1381}
1382
1383/**
1384 * sk_alloc - All socket objects are allocated here
1385 * @net: the applicable net namespace
1386 * @family: protocol family
1387 * @priority: for allocation (%GFP_KERNEL, %GFP_ATOMIC, etc)
1388 * @prot: struct proto associated with this new sock instance
1389 * @kern: is this to be a kernel socket?
1390 */
1391struct sock *sk_alloc(struct net *net, int family, gfp_t priority,
1392 struct proto *prot, int kern)
1393{
1394 struct sock *sk;
1395
1396 sk = sk_prot_alloc(prot, priority | __GFP_ZERO, family);
1397 if (sk) {
1398 sk->sk_family = family;
1399 /*
1400 * See comment in struct sock definition to understand
1401 * why we need sk_prot_creator -acme
1402 */
1403 sk->sk_prot = sk->sk_prot_creator = prot;
1404 sock_lock_init(sk);
1405 sk->sk_net_refcnt = kern ? 0 : 1;
1406 if (likely(sk->sk_net_refcnt))
1407 get_net(net);
1408 sock_net_set(sk, net);
1409 atomic_set(&sk->sk_wmem_alloc, 1);
1410
1411 mem_cgroup_sk_alloc(sk);
1412 cgroup_sk_alloc(&sk->sk_cgrp_data);
1413 sock_update_classid(&sk->sk_cgrp_data);
1414 sock_update_netprioidx(&sk->sk_cgrp_data);
1415 }
1416
1417 return sk;
1418}
1419EXPORT_SYMBOL(sk_alloc);
1420
1421/* Sockets having SOCK_RCU_FREE will call this function after one RCU
1422 * grace period. This is the case for UDP sockets and TCP listeners.
1423 */
1424static void __sk_destruct(struct rcu_head *head)
1425{
1426 struct sock *sk = container_of(head, struct sock, sk_rcu);
1427 struct sk_filter *filter;
1428
1429 if (sk->sk_destruct)
1430 sk->sk_destruct(sk);
1431
1432 filter = rcu_dereference_check(sk->sk_filter,
1433 atomic_read(&sk->sk_wmem_alloc) == 0);
1434 if (filter) {
1435 sk_filter_uncharge(sk, filter);
1436 RCU_INIT_POINTER(sk->sk_filter, NULL);
1437 }
1438 if (rcu_access_pointer(sk->sk_reuseport_cb))
1439 reuseport_detach_sock(sk);
1440
1441 sock_disable_timestamp(sk, SK_FLAGS_TIMESTAMP);
1442
1443 if (atomic_read(&sk->sk_omem_alloc))
1444 pr_debug("%s: optmem leakage (%d bytes) detected\n",
1445 __func__, atomic_read(&sk->sk_omem_alloc));
1446
1447 if (sk->sk_frag.page) {
1448 put_page(sk->sk_frag.page);
1449 sk->sk_frag.page = NULL;
1450 }
1451
1452 if (sk->sk_peer_cred)
1453 put_cred(sk->sk_peer_cred);
1454 put_pid(sk->sk_peer_pid);
1455 if (likely(sk->sk_net_refcnt))
1456 put_net(sock_net(sk));
1457 sk_prot_free(sk->sk_prot_creator, sk);
1458}
1459
1460void sk_destruct(struct sock *sk)
1461{
1462 if (sock_flag(sk, SOCK_RCU_FREE))
1463 call_rcu(&sk->sk_rcu, __sk_destruct);
1464 else
1465 __sk_destruct(&sk->sk_rcu);
1466}
1467
1468static void __sk_free(struct sock *sk)
1469{
1470 if (unlikely(sock_diag_has_destroy_listeners(sk) && sk->sk_net_refcnt))
1471 sock_diag_broadcast_destroy(sk);
1472 else
1473 sk_destruct(sk);
1474}
1475
1476void sk_free(struct sock *sk)
1477{
1478 /*
1479 * We subtract one from sk_wmem_alloc and can know if
1480 * some packets are still in some tx queue.
1481 * If not null, sock_wfree() will call __sk_free(sk) later
1482 */
1483 if (atomic_dec_and_test(&sk->sk_wmem_alloc))
1484 __sk_free(sk);
1485}
1486EXPORT_SYMBOL(sk_free);
1487
1488/**
1489 * sk_clone_lock - clone a socket, and lock its clone
1490 * @sk: the socket to clone
1491 * @priority: for allocation (%GFP_KERNEL, %GFP_ATOMIC, etc)
1492 *
1493 * Caller must unlock socket even in error path (bh_unlock_sock(newsk))
1494 */
1495struct sock *sk_clone_lock(const struct sock *sk, const gfp_t priority)
1496{
1497 struct sock *newsk;
1498 bool is_charged = true;
1499
1500 newsk = sk_prot_alloc(sk->sk_prot, priority, sk->sk_family);
1501 if (newsk != NULL) {
1502 struct sk_filter *filter;
1503
1504 sock_copy(newsk, sk);
1505
1506 /* SANITY */
1507 if (likely(newsk->sk_net_refcnt))
1508 get_net(sock_net(newsk));
1509 sk_node_init(&newsk->sk_node);
1510 sock_lock_init(newsk);
1511 bh_lock_sock(newsk);
1512 newsk->sk_backlog.head = newsk->sk_backlog.tail = NULL;
1513 newsk->sk_backlog.len = 0;
1514
1515 atomic_set(&newsk->sk_rmem_alloc, 0);
1516 /*
1517 * sk_wmem_alloc set to one (see sk_free() and sock_wfree())
1518 */
1519 atomic_set(&newsk->sk_wmem_alloc, 1);
1520 atomic_set(&newsk->sk_omem_alloc, 0);
1521 skb_queue_head_init(&newsk->sk_receive_queue);
1522 skb_queue_head_init(&newsk->sk_write_queue);
1523
1524 rwlock_init(&newsk->sk_callback_lock);
1525 lockdep_set_class_and_name(&newsk->sk_callback_lock,
1526 af_callback_keys + newsk->sk_family,
1527 af_family_clock_key_strings[newsk->sk_family]);
1528
1529 newsk->sk_dst_cache = NULL;
1530 newsk->sk_wmem_queued = 0;
1531 newsk->sk_forward_alloc = 0;
1532 atomic_set(&newsk->sk_drops, 0);
1533 newsk->sk_send_head = NULL;
1534 newsk->sk_userlocks = sk->sk_userlocks & ~SOCK_BINDPORT_LOCK;
1535
1536 sock_reset_flag(newsk, SOCK_DONE);
1537 skb_queue_head_init(&newsk->sk_error_queue);
1538
1539 filter = rcu_dereference_protected(newsk->sk_filter, 1);
1540 if (filter != NULL)
1541 /* though it's an empty new sock, the charging may fail
1542 * if sysctl_optmem_max was changed between creation of
1543 * original socket and cloning
1544 */
1545 is_charged = sk_filter_charge(newsk, filter);
1546
1547 if (unlikely(!is_charged || xfrm_sk_clone_policy(newsk, sk))) {
1548 /* We need to make sure that we don't uncharge the new
1549 * socket if we couldn't charge it in the first place
1550 * as otherwise we uncharge the parent's filter.
1551 */
1552 if (!is_charged)
1553 RCU_INIT_POINTER(newsk->sk_filter, NULL);
1554 /* It is still raw copy of parent, so invalidate
1555 * destructor and make plain sk_free() */
1556 newsk->sk_destruct = NULL;
1557 bh_unlock_sock(newsk);
1558 sk_free(newsk);
1559 newsk = NULL;
1560 goto out;
1561 }
1562 RCU_INIT_POINTER(newsk->sk_reuseport_cb, NULL);
1563
1564 newsk->sk_err = 0;
1565 newsk->sk_err_soft = 0;
1566 newsk->sk_priority = 0;
1567 newsk->sk_incoming_cpu = raw_smp_processor_id();
1568 atomic64_set(&newsk->sk_cookie, 0);
1569
1570 mem_cgroup_sk_alloc(newsk);
1571 cgroup_sk_alloc(&newsk->sk_cgrp_data);
1572
1573 /*
1574 * Before updating sk_refcnt, we must commit prior changes to memory
1575 * (Documentation/RCU/rculist_nulls.txt for details)
1576 */
1577 smp_wmb();
1578 atomic_set(&newsk->sk_refcnt, 2);
1579
1580 /*
1581 * Increment the counter in the same struct proto as the master
1582 * sock (sk_refcnt_debug_inc uses newsk->sk_prot->socks, that
1583 * is the same as sk->sk_prot->socks, as this field was copied
1584 * with memcpy).
1585 *
1586 * This _changes_ the previous behaviour, where
1587 * tcp_create_openreq_child always was incrementing the
1588 * equivalent to tcp_prot->socks (inet_sock_nr), so this have
1589 * to be taken into account in all callers. -acme
1590 */
1591 sk_refcnt_debug_inc(newsk);
1592 sk_set_socket(newsk, NULL);
1593 newsk->sk_wq = NULL;
1594
1595 if (newsk->sk_prot->sockets_allocated)
1596 sk_sockets_allocated_inc(newsk);
1597
1598 if (sock_needs_netstamp(sk) &&
1599 newsk->sk_flags & SK_FLAGS_TIMESTAMP)
1600 net_enable_timestamp();
1601 }
1602out:
1603 return newsk;
1604}
1605EXPORT_SYMBOL_GPL(sk_clone_lock);
1606
1607void sk_setup_caps(struct sock *sk, struct dst_entry *dst)
1608{
1609 u32 max_segs = 1;
1610
1611 sk_dst_set(sk, dst);
1612 sk->sk_route_caps = dst->dev->features;
1613 if (sk->sk_route_caps & NETIF_F_GSO)
1614 sk->sk_route_caps |= NETIF_F_GSO_SOFTWARE;
1615 sk->sk_route_caps &= ~sk->sk_route_nocaps;
1616 if (sk_can_gso(sk)) {
1617 if (dst->header_len) {
1618 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
1619 } else {
1620 sk->sk_route_caps |= NETIF_F_SG | NETIF_F_HW_CSUM;
1621 sk->sk_gso_max_size = dst->dev->gso_max_size;
1622 max_segs = max_t(u32, dst->dev->gso_max_segs, 1);
1623 }
1624 }
1625 sk->sk_gso_max_segs = max_segs;
1626}
1627EXPORT_SYMBOL_GPL(sk_setup_caps);
1628
1629/*
1630 * Simple resource managers for sockets.
1631 */
1632
1633
1634/*
1635 * Write buffer destructor automatically called from kfree_skb.
1636 */
1637void sock_wfree(struct sk_buff *skb)
1638{
1639 struct sock *sk = skb->sk;
1640 unsigned int len = skb->truesize;
1641
1642 if (!sock_flag(sk, SOCK_USE_WRITE_QUEUE)) {
1643 /*
1644 * Keep a reference on sk_wmem_alloc, this will be released
1645 * after sk_write_space() call
1646 */
1647 atomic_sub(len - 1, &sk->sk_wmem_alloc);
1648 sk->sk_write_space(sk);
1649 len = 1;
1650 }
1651 /*
1652 * if sk_wmem_alloc reaches 0, we must finish what sk_free()
1653 * could not do because of in-flight packets
1654 */
1655 if (atomic_sub_and_test(len, &sk->sk_wmem_alloc))
1656 __sk_free(sk);
1657}
1658EXPORT_SYMBOL(sock_wfree);
1659
1660/* This variant of sock_wfree() is used by TCP,
1661 * since it sets SOCK_USE_WRITE_QUEUE.
1662 */
1663void __sock_wfree(struct sk_buff *skb)
1664{
1665 struct sock *sk = skb->sk;
1666
1667 if (atomic_sub_and_test(skb->truesize, &sk->sk_wmem_alloc))
1668 __sk_free(sk);
1669}
1670
1671void skb_set_owner_w(struct sk_buff *skb, struct sock *sk)
1672{
1673 skb_orphan(skb);
1674 skb->sk = sk;
1675#ifdef CONFIG_INET
1676 if (unlikely(!sk_fullsock(sk))) {
1677 skb->destructor = sock_edemux;
1678 sock_hold(sk);
1679 return;
1680 }
1681#endif
1682 skb->destructor = sock_wfree;
1683 skb_set_hash_from_sk(skb, sk);
1684 /*
1685 * We used to take a refcount on sk, but following operation
1686 * is enough to guarantee sk_free() wont free this sock until
1687 * all in-flight packets are completed
1688 */
1689 atomic_add(skb->truesize, &sk->sk_wmem_alloc);
1690}
1691EXPORT_SYMBOL(skb_set_owner_w);
1692
1693/* This helper is used by netem, as it can hold packets in its
1694 * delay queue. We want to allow the owner socket to send more
1695 * packets, as if they were already TX completed by a typical driver.
1696 * But we also want to keep skb->sk set because some packet schedulers
1697 * rely on it (sch_fq for example). So we set skb->truesize to a small
1698 * amount (1) and decrease sk_wmem_alloc accordingly.
1699 */
1700void skb_orphan_partial(struct sk_buff *skb)
1701{
1702 /* If this skb is a TCP pure ACK or already went here,
1703 * we have nothing to do. 2 is already a very small truesize.
1704 */
1705 if (skb->truesize <= 2)
1706 return;
1707
1708 /* TCP stack sets skb->ooo_okay based on sk_wmem_alloc,
1709 * so we do not completely orphan skb, but transfert all
1710 * accounted bytes but one, to avoid unexpected reorders.
1711 */
1712 if (skb->destructor == sock_wfree
1713#ifdef CONFIG_INET
1714 || skb->destructor == tcp_wfree
1715#endif
1716 ) {
1717 atomic_sub(skb->truesize - 1, &skb->sk->sk_wmem_alloc);
1718 skb->truesize = 1;
1719 } else {
1720 skb_orphan(skb);
1721 }
1722}
1723EXPORT_SYMBOL(skb_orphan_partial);
1724
1725/*
1726 * Read buffer destructor automatically called from kfree_skb.
1727 */
1728void sock_rfree(struct sk_buff *skb)
1729{
1730 struct sock *sk = skb->sk;
1731 unsigned int len = skb->truesize;
1732
1733 atomic_sub(len, &sk->sk_rmem_alloc);
1734 sk_mem_uncharge(sk, len);
1735}
1736EXPORT_SYMBOL(sock_rfree);
1737
1738/*
1739 * Buffer destructor for skbs that are not used directly in read or write
1740 * path, e.g. for error handler skbs. Automatically called from kfree_skb.
1741 */
1742void sock_efree(struct sk_buff *skb)
1743{
1744 sock_put(skb->sk);
1745}
1746EXPORT_SYMBOL(sock_efree);
1747
1748kuid_t sock_i_uid(struct sock *sk)
1749{
1750 kuid_t uid;
1751
1752 read_lock_bh(&sk->sk_callback_lock);
1753 uid = sk->sk_socket ? SOCK_INODE(sk->sk_socket)->i_uid : GLOBAL_ROOT_UID;
1754 read_unlock_bh(&sk->sk_callback_lock);
1755 return uid;
1756}
1757EXPORT_SYMBOL(sock_i_uid);
1758
1759unsigned long sock_i_ino(struct sock *sk)
1760{
1761 unsigned long ino;
1762
1763 read_lock_bh(&sk->sk_callback_lock);
1764 ino = sk->sk_socket ? SOCK_INODE(sk->sk_socket)->i_ino : 0;
1765 read_unlock_bh(&sk->sk_callback_lock);
1766 return ino;
1767}
1768EXPORT_SYMBOL(sock_i_ino);
1769
1770/*
1771 * Allocate a skb from the socket's send buffer.
1772 */
1773struct sk_buff *sock_wmalloc(struct sock *sk, unsigned long size, int force,
1774 gfp_t priority)
1775{
1776 if (force || atomic_read(&sk->sk_wmem_alloc) < sk->sk_sndbuf) {
1777 struct sk_buff *skb = alloc_skb(size, priority);
1778 if (skb) {
1779 skb_set_owner_w(skb, sk);
1780 return skb;
1781 }
1782 }
1783 return NULL;
1784}
1785EXPORT_SYMBOL(sock_wmalloc);
1786
1787/*
1788 * Allocate a memory block from the socket's option memory buffer.
1789 */
1790void *sock_kmalloc(struct sock *sk, int size, gfp_t priority)
1791{
1792 if ((unsigned int)size <= sysctl_optmem_max &&
1793 atomic_read(&sk->sk_omem_alloc) + size < sysctl_optmem_max) {
1794 void *mem;
1795 /* First do the add, to avoid the race if kmalloc
1796 * might sleep.
1797 */
1798 atomic_add(size, &sk->sk_omem_alloc);
1799 mem = kmalloc(size, priority);
1800 if (mem)
1801 return mem;
1802 atomic_sub(size, &sk->sk_omem_alloc);
1803 }
1804 return NULL;
1805}
1806EXPORT_SYMBOL(sock_kmalloc);
1807
1808/* Free an option memory block. Note, we actually want the inline
1809 * here as this allows gcc to detect the nullify and fold away the
1810 * condition entirely.
1811 */
1812static inline void __sock_kfree_s(struct sock *sk, void *mem, int size,
1813 const bool nullify)
1814{
1815 if (WARN_ON_ONCE(!mem))
1816 return;
1817 if (nullify)
1818 kzfree(mem);
1819 else
1820 kfree(mem);
1821 atomic_sub(size, &sk->sk_omem_alloc);
1822}
1823
1824void sock_kfree_s(struct sock *sk, void *mem, int size)
1825{
1826 __sock_kfree_s(sk, mem, size, false);
1827}
1828EXPORT_SYMBOL(sock_kfree_s);
1829
1830void sock_kzfree_s(struct sock *sk, void *mem, int size)
1831{
1832 __sock_kfree_s(sk, mem, size, true);
1833}
1834EXPORT_SYMBOL(sock_kzfree_s);
1835
1836/* It is almost wait_for_tcp_memory minus release_sock/lock_sock.
1837 I think, these locks should be removed for datagram sockets.
1838 */
1839static long sock_wait_for_wmem(struct sock *sk, long timeo)
1840{
1841 DEFINE_WAIT(wait);
1842
1843 sk_clear_bit(SOCKWQ_ASYNC_NOSPACE, sk);
1844 for (;;) {
1845 if (!timeo)
1846 break;
1847 if (signal_pending(current))
1848 break;
1849 set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
1850 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1851 if (atomic_read(&sk->sk_wmem_alloc) < sk->sk_sndbuf)
1852 break;
1853 if (sk->sk_shutdown & SEND_SHUTDOWN)
1854 break;
1855 if (sk->sk_err)
1856 break;
1857 timeo = schedule_timeout(timeo);
1858 }
1859 finish_wait(sk_sleep(sk), &wait);
1860 return timeo;
1861}
1862
1863
1864/*
1865 * Generic send/receive buffer handlers
1866 */
1867
1868struct sk_buff *sock_alloc_send_pskb(struct sock *sk, unsigned long header_len,
1869 unsigned long data_len, int noblock,
1870 int *errcode, int max_page_order)
1871{
1872 struct sk_buff *skb;
1873 long timeo;
1874 int err;
1875
1876 timeo = sock_sndtimeo(sk, noblock);
1877 for (;;) {
1878 err = sock_error(sk);
1879 if (err != 0)
1880 goto failure;
1881
1882 err = -EPIPE;
1883 if (sk->sk_shutdown & SEND_SHUTDOWN)
1884 goto failure;
1885
1886 if (sk_wmem_alloc_get(sk) < sk->sk_sndbuf)
1887 break;
1888
1889 sk_set_bit(SOCKWQ_ASYNC_NOSPACE, sk);
1890 set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
1891 err = -EAGAIN;
1892 if (!timeo)
1893 goto failure;
1894 if (signal_pending(current))
1895 goto interrupted;
1896 timeo = sock_wait_for_wmem(sk, timeo);
1897 }
1898 skb = alloc_skb_with_frags(header_len, data_len, max_page_order,
1899 errcode, sk->sk_allocation);
1900 if (skb)
1901 skb_set_owner_w(skb, sk);
1902 return skb;
1903
1904interrupted:
1905 err = sock_intr_errno(timeo);
1906failure:
1907 *errcode = err;
1908 return NULL;
1909}
1910EXPORT_SYMBOL(sock_alloc_send_pskb);
1911
1912struct sk_buff *sock_alloc_send_skb(struct sock *sk, unsigned long size,
1913 int noblock, int *errcode)
1914{
1915 return sock_alloc_send_pskb(sk, size, 0, noblock, errcode, 0);
1916}
1917EXPORT_SYMBOL(sock_alloc_send_skb);
1918
1919int __sock_cmsg_send(struct sock *sk, struct msghdr *msg, struct cmsghdr *cmsg,
1920 struct sockcm_cookie *sockc)
1921{
1922 u32 tsflags;
1923
1924 switch (cmsg->cmsg_type) {
1925 case SO_MARK:
1926 if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN))
1927 return -EPERM;
1928 if (cmsg->cmsg_len != CMSG_LEN(sizeof(u32)))
1929 return -EINVAL;
1930 sockc->mark = *(u32 *)CMSG_DATA(cmsg);
1931 break;
1932 case SO_TIMESTAMPING:
1933 if (cmsg->cmsg_len != CMSG_LEN(sizeof(u32)))
1934 return -EINVAL;
1935
1936 tsflags = *(u32 *)CMSG_DATA(cmsg);
1937 if (tsflags & ~SOF_TIMESTAMPING_TX_RECORD_MASK)
1938 return -EINVAL;
1939
1940 sockc->tsflags &= ~SOF_TIMESTAMPING_TX_RECORD_MASK;
1941 sockc->tsflags |= tsflags;
1942 break;
1943 /* SCM_RIGHTS and SCM_CREDENTIALS are semantically in SOL_UNIX. */
1944 case SCM_RIGHTS:
1945 case SCM_CREDENTIALS:
1946 break;
1947 default:
1948 return -EINVAL;
1949 }
1950 return 0;
1951}
1952EXPORT_SYMBOL(__sock_cmsg_send);
1953
1954int sock_cmsg_send(struct sock *sk, struct msghdr *msg,
1955 struct sockcm_cookie *sockc)
1956{
1957 struct cmsghdr *cmsg;
1958 int ret;
1959
1960 for_each_cmsghdr(cmsg, msg) {
1961 if (!CMSG_OK(msg, cmsg))
1962 return -EINVAL;
1963 if (cmsg->cmsg_level != SOL_SOCKET)
1964 continue;
1965 ret = __sock_cmsg_send(sk, msg, cmsg, sockc);
1966 if (ret)
1967 return ret;
1968 }
1969 return 0;
1970}
1971EXPORT_SYMBOL(sock_cmsg_send);
1972
1973/* On 32bit arches, an skb frag is limited to 2^15 */
1974#define SKB_FRAG_PAGE_ORDER get_order(32768)
1975
1976/**
1977 * skb_page_frag_refill - check that a page_frag contains enough room
1978 * @sz: minimum size of the fragment we want to get
1979 * @pfrag: pointer to page_frag
1980 * @gfp: priority for memory allocation
1981 *
1982 * Note: While this allocator tries to use high order pages, there is
1983 * no guarantee that allocations succeed. Therefore, @sz MUST be
1984 * less or equal than PAGE_SIZE.
1985 */
1986bool skb_page_frag_refill(unsigned int sz, struct page_frag *pfrag, gfp_t gfp)
1987{
1988 if (pfrag->page) {
1989 if (page_ref_count(pfrag->page) == 1) {
1990 pfrag->offset = 0;
1991 return true;
1992 }
1993 if (pfrag->offset + sz <= pfrag->size)
1994 return true;
1995 put_page(pfrag->page);
1996 }
1997
1998 pfrag->offset = 0;
1999 if (SKB_FRAG_PAGE_ORDER) {
2000 /* Avoid direct reclaim but allow kswapd to wake */
2001 pfrag->page = alloc_pages((gfp & ~__GFP_DIRECT_RECLAIM) |
2002 __GFP_COMP | __GFP_NOWARN |
2003 __GFP_NORETRY,
2004 SKB_FRAG_PAGE_ORDER);
2005 if (likely(pfrag->page)) {
2006 pfrag->size = PAGE_SIZE << SKB_FRAG_PAGE_ORDER;
2007 return true;
2008 }
2009 }
2010 pfrag->page = alloc_page(gfp);
2011 if (likely(pfrag->page)) {
2012 pfrag->size = PAGE_SIZE;
2013 return true;
2014 }
2015 return false;
2016}
2017EXPORT_SYMBOL(skb_page_frag_refill);
2018
2019bool sk_page_frag_refill(struct sock *sk, struct page_frag *pfrag)
2020{
2021 if (likely(skb_page_frag_refill(32U, pfrag, sk->sk_allocation)))
2022 return true;
2023
2024 sk_enter_memory_pressure(sk);
2025 sk_stream_moderate_sndbuf(sk);
2026 return false;
2027}
2028EXPORT_SYMBOL(sk_page_frag_refill);
2029
2030static void __lock_sock(struct sock *sk)
2031 __releases(&sk->sk_lock.slock)
2032 __acquires(&sk->sk_lock.slock)
2033{
2034 DEFINE_WAIT(wait);
2035
2036 for (;;) {
2037 prepare_to_wait_exclusive(&sk->sk_lock.wq, &wait,
2038 TASK_UNINTERRUPTIBLE);
2039 spin_unlock_bh(&sk->sk_lock.slock);
2040 schedule();
2041 spin_lock_bh(&sk->sk_lock.slock);
2042 if (!sock_owned_by_user(sk))
2043 break;
2044 }
2045 finish_wait(&sk->sk_lock.wq, &wait);
2046}
2047
2048static void __release_sock(struct sock *sk)
2049 __releases(&sk->sk_lock.slock)
2050 __acquires(&sk->sk_lock.slock)
2051{
2052 struct sk_buff *skb, *next;
2053
2054 while ((skb = sk->sk_backlog.head) != NULL) {
2055 sk->sk_backlog.head = sk->sk_backlog.tail = NULL;
2056
2057 spin_unlock_bh(&sk->sk_lock.slock);
2058
2059 do {
2060 next = skb->next;
2061 prefetch(next);
2062 WARN_ON_ONCE(skb_dst_is_noref(skb));
2063 skb->next = NULL;
2064 sk_backlog_rcv(sk, skb);
2065
2066 cond_resched();
2067
2068 skb = next;
2069 } while (skb != NULL);
2070
2071 spin_lock_bh(&sk->sk_lock.slock);
2072 }
2073
2074 /*
2075 * Doing the zeroing here guarantee we can not loop forever
2076 * while a wild producer attempts to flood us.
2077 */
2078 sk->sk_backlog.len = 0;
2079}
2080
2081void __sk_flush_backlog(struct sock *sk)
2082{
2083 spin_lock_bh(&sk->sk_lock.slock);
2084 __release_sock(sk);
2085 spin_unlock_bh(&sk->sk_lock.slock);
2086}
2087
2088/**
2089 * sk_wait_data - wait for data to arrive at sk_receive_queue
2090 * @sk: sock to wait on
2091 * @timeo: for how long
2092 * @skb: last skb seen on sk_receive_queue
2093 *
2094 * Now socket state including sk->sk_err is changed only under lock,
2095 * hence we may omit checks after joining wait queue.
2096 * We check receive queue before schedule() only as optimization;
2097 * it is very likely that release_sock() added new data.
2098 */
2099int sk_wait_data(struct sock *sk, long *timeo, const struct sk_buff *skb)
2100{
2101 DEFINE_WAIT_FUNC(wait, woken_wake_function);
2102 int rc;
2103
2104 add_wait_queue(sk_sleep(sk), &wait);
2105 sk_set_bit(SOCKWQ_ASYNC_WAITDATA, sk);
2106 rc = sk_wait_event(sk, timeo, skb_peek_tail(&sk->sk_receive_queue) != skb, &wait);
2107 sk_clear_bit(SOCKWQ_ASYNC_WAITDATA, sk);
2108 remove_wait_queue(sk_sleep(sk), &wait);
2109 return rc;
2110}
2111EXPORT_SYMBOL(sk_wait_data);
2112
2113/**
2114 * __sk_mem_raise_allocated - increase memory_allocated
2115 * @sk: socket
2116 * @size: memory size to allocate
2117 * @amt: pages to allocate
2118 * @kind: allocation type
2119 *
2120 * Similar to __sk_mem_schedule(), but does not update sk_forward_alloc
2121 */
2122int __sk_mem_raise_allocated(struct sock *sk, int size, int amt, int kind)
2123{
2124 struct proto *prot = sk->sk_prot;
2125 long allocated = sk_memory_allocated_add(sk, amt);
2126
2127 if (mem_cgroup_sockets_enabled && sk->sk_memcg &&
2128 !mem_cgroup_charge_skmem(sk->sk_memcg, amt))
2129 goto suppress_allocation;
2130
2131 /* Under limit. */
2132 if (allocated <= sk_prot_mem_limits(sk, 0)) {
2133 sk_leave_memory_pressure(sk);
2134 return 1;
2135 }
2136
2137 /* Under pressure. */
2138 if (allocated > sk_prot_mem_limits(sk, 1))
2139 sk_enter_memory_pressure(sk);
2140
2141 /* Over hard limit. */
2142 if (allocated > sk_prot_mem_limits(sk, 2))
2143 goto suppress_allocation;
2144
2145 /* guarantee minimum buffer size under pressure */
2146 if (kind == SK_MEM_RECV) {
2147 if (atomic_read(&sk->sk_rmem_alloc) < prot->sysctl_rmem[0])
2148 return 1;
2149
2150 } else { /* SK_MEM_SEND */
2151 if (sk->sk_type == SOCK_STREAM) {
2152 if (sk->sk_wmem_queued < prot->sysctl_wmem[0])
2153 return 1;
2154 } else if (atomic_read(&sk->sk_wmem_alloc) <
2155 prot->sysctl_wmem[0])
2156 return 1;
2157 }
2158
2159 if (sk_has_memory_pressure(sk)) {
2160 int alloc;
2161
2162 if (!sk_under_memory_pressure(sk))
2163 return 1;
2164 alloc = sk_sockets_allocated_read_positive(sk);
2165 if (sk_prot_mem_limits(sk, 2) > alloc *
2166 sk_mem_pages(sk->sk_wmem_queued +
2167 atomic_read(&sk->sk_rmem_alloc) +
2168 sk->sk_forward_alloc))
2169 return 1;
2170 }
2171
2172suppress_allocation:
2173
2174 if (kind == SK_MEM_SEND && sk->sk_type == SOCK_STREAM) {
2175 sk_stream_moderate_sndbuf(sk);
2176
2177 /* Fail only if socket is _under_ its sndbuf.
2178 * In this case we cannot block, so that we have to fail.
2179 */
2180 if (sk->sk_wmem_queued + size >= sk->sk_sndbuf)
2181 return 1;
2182 }
2183
2184 trace_sock_exceed_buf_limit(sk, prot, allocated);
2185
2186 sk_memory_allocated_sub(sk, amt);
2187
2188 if (mem_cgroup_sockets_enabled && sk->sk_memcg)
2189 mem_cgroup_uncharge_skmem(sk->sk_memcg, amt);
2190
2191 return 0;
2192}
2193EXPORT_SYMBOL(__sk_mem_raise_allocated);
2194
2195/**
2196 * __sk_mem_schedule - increase sk_forward_alloc and memory_allocated
2197 * @sk: socket
2198 * @size: memory size to allocate
2199 * @kind: allocation type
2200 *
2201 * If kind is SK_MEM_SEND, it means wmem allocation. Otherwise it means
2202 * rmem allocation. This function assumes that protocols which have
2203 * memory_pressure use sk_wmem_queued as write buffer accounting.
2204 */
2205int __sk_mem_schedule(struct sock *sk, int size, int kind)
2206{
2207 int ret, amt = sk_mem_pages(size);
2208
2209 sk->sk_forward_alloc += amt << SK_MEM_QUANTUM_SHIFT;
2210 ret = __sk_mem_raise_allocated(sk, size, amt, kind);
2211 if (!ret)
2212 sk->sk_forward_alloc -= amt << SK_MEM_QUANTUM_SHIFT;
2213 return ret;
2214}
2215EXPORT_SYMBOL(__sk_mem_schedule);
2216
2217/**
2218 * __sk_mem_reduce_allocated - reclaim memory_allocated
2219 * @sk: socket
2220 * @amount: number of quanta
2221 *
2222 * Similar to __sk_mem_reclaim(), but does not update sk_forward_alloc
2223 */
2224void __sk_mem_reduce_allocated(struct sock *sk, int amount)
2225{
2226 sk_memory_allocated_sub(sk, amount);
2227
2228 if (mem_cgroup_sockets_enabled && sk->sk_memcg)
2229 mem_cgroup_uncharge_skmem(sk->sk_memcg, amount);
2230
2231 if (sk_under_memory_pressure(sk) &&
2232 (sk_memory_allocated(sk) < sk_prot_mem_limits(sk, 0)))
2233 sk_leave_memory_pressure(sk);
2234}
2235EXPORT_SYMBOL(__sk_mem_reduce_allocated);
2236
2237/**
2238 * __sk_mem_reclaim - reclaim sk_forward_alloc and memory_allocated
2239 * @sk: socket
2240 * @amount: number of bytes (rounded down to a SK_MEM_QUANTUM multiple)
2241 */
2242void __sk_mem_reclaim(struct sock *sk, int amount)
2243{
2244 amount >>= SK_MEM_QUANTUM_SHIFT;
2245 sk->sk_forward_alloc -= amount << SK_MEM_QUANTUM_SHIFT;
2246 __sk_mem_reduce_allocated(sk, amount);
2247}
2248EXPORT_SYMBOL(__sk_mem_reclaim);
2249
2250int sk_set_peek_off(struct sock *sk, int val)
2251{
2252 if (val < 0)
2253 return -EINVAL;
2254
2255 sk->sk_peek_off = val;
2256 return 0;
2257}
2258EXPORT_SYMBOL_GPL(sk_set_peek_off);
2259
2260/*
2261 * Set of default routines for initialising struct proto_ops when
2262 * the protocol does not support a particular function. In certain
2263 * cases where it makes no sense for a protocol to have a "do nothing"
2264 * function, some default processing is provided.
2265 */
2266
2267int sock_no_bind(struct socket *sock, struct sockaddr *saddr, int len)
2268{
2269 return -EOPNOTSUPP;
2270}
2271EXPORT_SYMBOL(sock_no_bind);
2272
2273int sock_no_connect(struct socket *sock, struct sockaddr *saddr,
2274 int len, int flags)
2275{
2276 return -EOPNOTSUPP;
2277}
2278EXPORT_SYMBOL(sock_no_connect);
2279
2280int sock_no_socketpair(struct socket *sock1, struct socket *sock2)
2281{
2282 return -EOPNOTSUPP;
2283}
2284EXPORT_SYMBOL(sock_no_socketpair);
2285
2286int sock_no_accept(struct socket *sock, struct socket *newsock, int flags)
2287{
2288 return -EOPNOTSUPP;
2289}
2290EXPORT_SYMBOL(sock_no_accept);
2291
2292int sock_no_getname(struct socket *sock, struct sockaddr *saddr,
2293 int *len, int peer)
2294{
2295 return -EOPNOTSUPP;
2296}
2297EXPORT_SYMBOL(sock_no_getname);
2298
2299unsigned int sock_no_poll(struct file *file, struct socket *sock, poll_table *pt)
2300{
2301 return 0;
2302}
2303EXPORT_SYMBOL(sock_no_poll);
2304
2305int sock_no_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
2306{
2307 return -EOPNOTSUPP;
2308}
2309EXPORT_SYMBOL(sock_no_ioctl);
2310
2311int sock_no_listen(struct socket *sock, int backlog)
2312{
2313 return -EOPNOTSUPP;
2314}
2315EXPORT_SYMBOL(sock_no_listen);
2316
2317int sock_no_shutdown(struct socket *sock, int how)
2318{
2319 return -EOPNOTSUPP;
2320}
2321EXPORT_SYMBOL(sock_no_shutdown);
2322
2323int sock_no_setsockopt(struct socket *sock, int level, int optname,
2324 char __user *optval, unsigned int optlen)
2325{
2326 return -EOPNOTSUPP;
2327}
2328EXPORT_SYMBOL(sock_no_setsockopt);
2329
2330int sock_no_getsockopt(struct socket *sock, int level, int optname,
2331 char __user *optval, int __user *optlen)
2332{
2333 return -EOPNOTSUPP;
2334}
2335EXPORT_SYMBOL(sock_no_getsockopt);
2336
2337int sock_no_sendmsg(struct socket *sock, struct msghdr *m, size_t len)
2338{
2339 return -EOPNOTSUPP;
2340}
2341EXPORT_SYMBOL(sock_no_sendmsg);
2342
2343int sock_no_recvmsg(struct socket *sock, struct msghdr *m, size_t len,
2344 int flags)
2345{
2346 return -EOPNOTSUPP;
2347}
2348EXPORT_SYMBOL(sock_no_recvmsg);
2349
2350int sock_no_mmap(struct file *file, struct socket *sock, struct vm_area_struct *vma)
2351{
2352 /* Mirror missing mmap method error code */
2353 return -ENODEV;
2354}
2355EXPORT_SYMBOL(sock_no_mmap);
2356
2357ssize_t sock_no_sendpage(struct socket *sock, struct page *page, int offset, size_t size, int flags)
2358{
2359 ssize_t res;
2360 struct msghdr msg = {.msg_flags = flags};
2361 struct kvec iov;
2362 char *kaddr = kmap(page);
2363 iov.iov_base = kaddr + offset;
2364 iov.iov_len = size;
2365 res = kernel_sendmsg(sock, &msg, &iov, 1, size);
2366 kunmap(page);
2367 return res;
2368}
2369EXPORT_SYMBOL(sock_no_sendpage);
2370
2371/*
2372 * Default Socket Callbacks
2373 */
2374
2375static void sock_def_wakeup(struct sock *sk)
2376{
2377 struct socket_wq *wq;
2378
2379 rcu_read_lock();
2380 wq = rcu_dereference(sk->sk_wq);
2381 if (skwq_has_sleeper(wq))
2382 wake_up_interruptible_all(&wq->wait);
2383 rcu_read_unlock();
2384}
2385
2386static void sock_def_error_report(struct sock *sk)
2387{
2388 struct socket_wq *wq;
2389
2390 rcu_read_lock();
2391 wq = rcu_dereference(sk->sk_wq);
2392 if (skwq_has_sleeper(wq))
2393 wake_up_interruptible_poll(&wq->wait, POLLERR);
2394 sk_wake_async(sk, SOCK_WAKE_IO, POLL_ERR);
2395 rcu_read_unlock();
2396}
2397
2398static void sock_def_readable(struct sock *sk)
2399{
2400 struct socket_wq *wq;
2401
2402 rcu_read_lock();
2403 wq = rcu_dereference(sk->sk_wq);
2404 if (skwq_has_sleeper(wq))
2405 wake_up_interruptible_sync_poll(&wq->wait, POLLIN | POLLPRI |
2406 POLLRDNORM | POLLRDBAND);
2407 sk_wake_async(sk, SOCK_WAKE_WAITD, POLL_IN);
2408 rcu_read_unlock();
2409}
2410
2411static void sock_def_write_space(struct sock *sk)
2412{
2413 struct socket_wq *wq;
2414
2415 rcu_read_lock();
2416
2417 /* Do not wake up a writer until he can make "significant"
2418 * progress. --DaveM
2419 */
2420 if ((atomic_read(&sk->sk_wmem_alloc) << 1) <= sk->sk_sndbuf) {
2421 wq = rcu_dereference(sk->sk_wq);
2422 if (skwq_has_sleeper(wq))
2423 wake_up_interruptible_sync_poll(&wq->wait, POLLOUT |
2424 POLLWRNORM | POLLWRBAND);
2425
2426 /* Should agree with poll, otherwise some programs break */
2427 if (sock_writeable(sk))
2428 sk_wake_async(sk, SOCK_WAKE_SPACE, POLL_OUT);
2429 }
2430
2431 rcu_read_unlock();
2432}
2433
2434static void sock_def_destruct(struct sock *sk)
2435{
2436}
2437
2438void sk_send_sigurg(struct sock *sk)
2439{
2440 if (sk->sk_socket && sk->sk_socket->file)
2441 if (send_sigurg(&sk->sk_socket->file->f_owner))
2442 sk_wake_async(sk, SOCK_WAKE_URG, POLL_PRI);
2443}
2444EXPORT_SYMBOL(sk_send_sigurg);
2445
2446void sk_reset_timer(struct sock *sk, struct timer_list* timer,
2447 unsigned long expires)
2448{
2449 if (!mod_timer(timer, expires))
2450 sock_hold(sk);
2451}
2452EXPORT_SYMBOL(sk_reset_timer);
2453
2454void sk_stop_timer(struct sock *sk, struct timer_list* timer)
2455{
2456 if (del_timer(timer))
2457 __sock_put(sk);
2458}
2459EXPORT_SYMBOL(sk_stop_timer);
2460
2461void sock_init_data(struct socket *sock, struct sock *sk)
2462{
2463 skb_queue_head_init(&sk->sk_receive_queue);
2464 skb_queue_head_init(&sk->sk_write_queue);
2465 skb_queue_head_init(&sk->sk_error_queue);
2466
2467 sk->sk_send_head = NULL;
2468
2469 init_timer(&sk->sk_timer);
2470
2471 sk->sk_allocation = GFP_KERNEL;
2472 sk->sk_rcvbuf = sysctl_rmem_default;
2473 sk->sk_sndbuf = sysctl_wmem_default;
2474 sk->sk_state = TCP_CLOSE;
2475 sk_set_socket(sk, sock);
2476
2477 sock_set_flag(sk, SOCK_ZAPPED);
2478
2479 if (sock) {
2480 sk->sk_type = sock->type;
2481 sk->sk_wq = sock->wq;
2482 sock->sk = sk;
2483 sk->sk_uid = SOCK_INODE(sock)->i_uid;
2484 } else {
2485 sk->sk_wq = NULL;
2486 sk->sk_uid = make_kuid(sock_net(sk)->user_ns, 0);
2487 }
2488
2489 rwlock_init(&sk->sk_callback_lock);
2490 lockdep_set_class_and_name(&sk->sk_callback_lock,
2491 af_callback_keys + sk->sk_family,
2492 af_family_clock_key_strings[sk->sk_family]);
2493
2494 sk->sk_state_change = sock_def_wakeup;
2495 sk->sk_data_ready = sock_def_readable;
2496 sk->sk_write_space = sock_def_write_space;
2497 sk->sk_error_report = sock_def_error_report;
2498 sk->sk_destruct = sock_def_destruct;
2499
2500 sk->sk_frag.page = NULL;
2501 sk->sk_frag.offset = 0;
2502 sk->sk_peek_off = -1;
2503
2504 sk->sk_peer_pid = NULL;
2505 sk->sk_peer_cred = NULL;
2506 sk->sk_write_pending = 0;
2507 sk->sk_rcvlowat = 1;
2508 sk->sk_rcvtimeo = MAX_SCHEDULE_TIMEOUT;
2509 sk->sk_sndtimeo = MAX_SCHEDULE_TIMEOUT;
2510
2511 sk->sk_stamp = ktime_set(-1L, 0);
2512
2513#ifdef CONFIG_NET_RX_BUSY_POLL
2514 sk->sk_napi_id = 0;
2515 sk->sk_ll_usec = sysctl_net_busy_read;
2516#endif
2517
2518 sk->sk_max_pacing_rate = ~0U;
2519 sk->sk_pacing_rate = ~0U;
2520 sk->sk_incoming_cpu = -1;
2521 /*
2522 * Before updating sk_refcnt, we must commit prior changes to memory
2523 * (Documentation/RCU/rculist_nulls.txt for details)
2524 */
2525 smp_wmb();
2526 atomic_set(&sk->sk_refcnt, 1);
2527 atomic_set(&sk->sk_drops, 0);
2528}
2529EXPORT_SYMBOL(sock_init_data);
2530
2531void lock_sock_nested(struct sock *sk, int subclass)
2532{
2533 might_sleep();
2534 spin_lock_bh(&sk->sk_lock.slock);
2535 if (sk->sk_lock.owned)
2536 __lock_sock(sk);
2537 sk->sk_lock.owned = 1;
2538 spin_unlock(&sk->sk_lock.slock);
2539 /*
2540 * The sk_lock has mutex_lock() semantics here:
2541 */
2542 mutex_acquire(&sk->sk_lock.dep_map, subclass, 0, _RET_IP_);
2543 local_bh_enable();
2544}
2545EXPORT_SYMBOL(lock_sock_nested);
2546
2547void release_sock(struct sock *sk)
2548{
2549 spin_lock_bh(&sk->sk_lock.slock);
2550 if (sk->sk_backlog.tail)
2551 __release_sock(sk);
2552
2553 /* Warning : release_cb() might need to release sk ownership,
2554 * ie call sock_release_ownership(sk) before us.
2555 */
2556 if (sk->sk_prot->release_cb)
2557 sk->sk_prot->release_cb(sk);
2558
2559 sock_release_ownership(sk);
2560 if (waitqueue_active(&sk->sk_lock.wq))
2561 wake_up(&sk->sk_lock.wq);
2562 spin_unlock_bh(&sk->sk_lock.slock);
2563}
2564EXPORT_SYMBOL(release_sock);
2565
2566/**
2567 * lock_sock_fast - fast version of lock_sock
2568 * @sk: socket
2569 *
2570 * This version should be used for very small section, where process wont block
2571 * return false if fast path is taken
2572 * sk_lock.slock locked, owned = 0, BH disabled
2573 * return true if slow path is taken
2574 * sk_lock.slock unlocked, owned = 1, BH enabled
2575 */
2576bool lock_sock_fast(struct sock *sk)
2577{
2578 might_sleep();
2579 spin_lock_bh(&sk->sk_lock.slock);
2580
2581 if (!sk->sk_lock.owned)
2582 /*
2583 * Note : We must disable BH
2584 */
2585 return false;
2586
2587 __lock_sock(sk);
2588 sk->sk_lock.owned = 1;
2589 spin_unlock(&sk->sk_lock.slock);
2590 /*
2591 * The sk_lock has mutex_lock() semantics here:
2592 */
2593 mutex_acquire(&sk->sk_lock.dep_map, 0, 0, _RET_IP_);
2594 local_bh_enable();
2595 return true;
2596}
2597EXPORT_SYMBOL(lock_sock_fast);
2598
2599int sock_get_timestamp(struct sock *sk, struct timeval __user *userstamp)
2600{
2601 struct timeval tv;
2602 if (!sock_flag(sk, SOCK_TIMESTAMP))
2603 sock_enable_timestamp(sk, SOCK_TIMESTAMP);
2604 tv = ktime_to_timeval(sk->sk_stamp);
2605 if (tv.tv_sec == -1)
2606 return -ENOENT;
2607 if (tv.tv_sec == 0) {
2608 sk->sk_stamp = ktime_get_real();
2609 tv = ktime_to_timeval(sk->sk_stamp);
2610 }
2611 return copy_to_user(userstamp, &tv, sizeof(tv)) ? -EFAULT : 0;
2612}
2613EXPORT_SYMBOL(sock_get_timestamp);
2614
2615int sock_get_timestampns(struct sock *sk, struct timespec __user *userstamp)
2616{
2617 struct timespec ts;
2618 if (!sock_flag(sk, SOCK_TIMESTAMP))
2619 sock_enable_timestamp(sk, SOCK_TIMESTAMP);
2620 ts = ktime_to_timespec(sk->sk_stamp);
2621 if (ts.tv_sec == -1)
2622 return -ENOENT;
2623 if (ts.tv_sec == 0) {
2624 sk->sk_stamp = ktime_get_real();
2625 ts = ktime_to_timespec(sk->sk_stamp);
2626 }
2627 return copy_to_user(userstamp, &ts, sizeof(ts)) ? -EFAULT : 0;
2628}
2629EXPORT_SYMBOL(sock_get_timestampns);
2630
2631void sock_enable_timestamp(struct sock *sk, int flag)
2632{
2633 if (!sock_flag(sk, flag)) {
2634 unsigned long previous_flags = sk->sk_flags;
2635
2636 sock_set_flag(sk, flag);
2637 /*
2638 * we just set one of the two flags which require net
2639 * time stamping, but time stamping might have been on
2640 * already because of the other one
2641 */
2642 if (sock_needs_netstamp(sk) &&
2643 !(previous_flags & SK_FLAGS_TIMESTAMP))
2644 net_enable_timestamp();
2645 }
2646}
2647
2648int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len,
2649 int level, int type)
2650{
2651 struct sock_exterr_skb *serr;
2652 struct sk_buff *skb;
2653 int copied, err;
2654
2655 err = -EAGAIN;
2656 skb = sock_dequeue_err_skb(sk);
2657 if (skb == NULL)
2658 goto out;
2659
2660 copied = skb->len;
2661 if (copied > len) {
2662 msg->msg_flags |= MSG_TRUNC;
2663 copied = len;
2664 }
2665 err = skb_copy_datagram_msg(skb, 0, msg, copied);
2666 if (err)
2667 goto out_free_skb;
2668
2669 sock_recv_timestamp(msg, sk, skb);
2670
2671 serr = SKB_EXT_ERR(skb);
2672 put_cmsg(msg, level, type, sizeof(serr->ee), &serr->ee);
2673
2674 msg->msg_flags |= MSG_ERRQUEUE;
2675 err = copied;
2676
2677out_free_skb:
2678 kfree_skb(skb);
2679out:
2680 return err;
2681}
2682EXPORT_SYMBOL(sock_recv_errqueue);
2683
2684/*
2685 * Get a socket option on an socket.
2686 *
2687 * FIX: POSIX 1003.1g is very ambiguous here. It states that
2688 * asynchronous errors should be reported by getsockopt. We assume
2689 * this means if you specify SO_ERROR (otherwise whats the point of it).
2690 */
2691int sock_common_getsockopt(struct socket *sock, int level, int optname,
2692 char __user *optval, int __user *optlen)
2693{
2694 struct sock *sk = sock->sk;
2695
2696 return sk->sk_prot->getsockopt(sk, level, optname, optval, optlen);
2697}
2698EXPORT_SYMBOL(sock_common_getsockopt);
2699
2700#ifdef CONFIG_COMPAT
2701int compat_sock_common_getsockopt(struct socket *sock, int level, int optname,
2702 char __user *optval, int __user *optlen)
2703{
2704 struct sock *sk = sock->sk;
2705
2706 if (sk->sk_prot->compat_getsockopt != NULL)
2707 return sk->sk_prot->compat_getsockopt(sk, level, optname,
2708 optval, optlen);
2709 return sk->sk_prot->getsockopt(sk, level, optname, optval, optlen);
2710}
2711EXPORT_SYMBOL(compat_sock_common_getsockopt);
2712#endif
2713
2714int sock_common_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,
2715 int flags)
2716{
2717 struct sock *sk = sock->sk;
2718 int addr_len = 0;
2719 int err;
2720
2721 err = sk->sk_prot->recvmsg(sk, msg, size, flags & MSG_DONTWAIT,
2722 flags & ~MSG_DONTWAIT, &addr_len);
2723 if (err >= 0)
2724 msg->msg_namelen = addr_len;
2725 return err;
2726}
2727EXPORT_SYMBOL(sock_common_recvmsg);
2728
2729/*
2730 * Set socket options on an inet socket.
2731 */
2732int sock_common_setsockopt(struct socket *sock, int level, int optname,
2733 char __user *optval, unsigned int optlen)
2734{
2735 struct sock *sk = sock->sk;
2736
2737 return sk->sk_prot->setsockopt(sk, level, optname, optval, optlen);
2738}
2739EXPORT_SYMBOL(sock_common_setsockopt);
2740
2741#ifdef CONFIG_COMPAT
2742int compat_sock_common_setsockopt(struct socket *sock, int level, int optname,
2743 char __user *optval, unsigned int optlen)
2744{
2745 struct sock *sk = sock->sk;
2746
2747 if (sk->sk_prot->compat_setsockopt != NULL)
2748 return sk->sk_prot->compat_setsockopt(sk, level, optname,
2749 optval, optlen);
2750 return sk->sk_prot->setsockopt(sk, level, optname, optval, optlen);
2751}
2752EXPORT_SYMBOL(compat_sock_common_setsockopt);
2753#endif
2754
2755void sk_common_release(struct sock *sk)
2756{
2757 if (sk->sk_prot->destroy)
2758 sk->sk_prot->destroy(sk);
2759
2760 /*
2761 * Observation: when sock_common_release is called, processes have
2762 * no access to socket. But net still has.
2763 * Step one, detach it from networking:
2764 *
2765 * A. Remove from hash tables.
2766 */
2767
2768 sk->sk_prot->unhash(sk);
2769
2770 /*
2771 * In this point socket cannot receive new packets, but it is possible
2772 * that some packets are in flight because some CPU runs receiver and
2773 * did hash table lookup before we unhashed socket. They will achieve
2774 * receive queue and will be purged by socket destructor.
2775 *
2776 * Also we still have packets pending on receive queue and probably,
2777 * our own packets waiting in device queues. sock_destroy will drain
2778 * receive queue, but transmitted packets will delay socket destruction
2779 * until the last reference will be released.
2780 */
2781
2782 sock_orphan(sk);
2783
2784 xfrm_sk_free_policy(sk);
2785
2786 sk_refcnt_debug_release(sk);
2787
2788 sock_put(sk);
2789}
2790EXPORT_SYMBOL(sk_common_release);
2791
2792#ifdef CONFIG_PROC_FS
2793#define PROTO_INUSE_NR 64 /* should be enough for the first time */
2794struct prot_inuse {
2795 int val[PROTO_INUSE_NR];
2796};
2797
2798static DECLARE_BITMAP(proto_inuse_idx, PROTO_INUSE_NR);
2799
2800#ifdef CONFIG_NET_NS
2801void sock_prot_inuse_add(struct net *net, struct proto *prot, int val)
2802{
2803 __this_cpu_add(net->core.inuse->val[prot->inuse_idx], val);
2804}
2805EXPORT_SYMBOL_GPL(sock_prot_inuse_add);
2806
2807int sock_prot_inuse_get(struct net *net, struct proto *prot)
2808{
2809 int cpu, idx = prot->inuse_idx;
2810 int res = 0;
2811
2812 for_each_possible_cpu(cpu)
2813 res += per_cpu_ptr(net->core.inuse, cpu)->val[idx];
2814
2815 return res >= 0 ? res : 0;
2816}
2817EXPORT_SYMBOL_GPL(sock_prot_inuse_get);
2818
2819static int __net_init sock_inuse_init_net(struct net *net)
2820{
2821 net->core.inuse = alloc_percpu(struct prot_inuse);
2822 return net->core.inuse ? 0 : -ENOMEM;
2823}
2824
2825static void __net_exit sock_inuse_exit_net(struct net *net)
2826{
2827 free_percpu(net->core.inuse);
2828}
2829
2830static struct pernet_operations net_inuse_ops = {
2831 .init = sock_inuse_init_net,
2832 .exit = sock_inuse_exit_net,
2833};
2834
2835static __init int net_inuse_init(void)
2836{
2837 if (register_pernet_subsys(&net_inuse_ops))
2838 panic("Cannot initialize net inuse counters");
2839
2840 return 0;
2841}
2842
2843core_initcall(net_inuse_init);
2844#else
2845static DEFINE_PER_CPU(struct prot_inuse, prot_inuse);
2846
2847void sock_prot_inuse_add(struct net *net, struct proto *prot, int val)
2848{
2849 __this_cpu_add(prot_inuse.val[prot->inuse_idx], val);
2850}
2851EXPORT_SYMBOL_GPL(sock_prot_inuse_add);
2852
2853int sock_prot_inuse_get(struct net *net, struct proto *prot)
2854{
2855 int cpu, idx = prot->inuse_idx;
2856 int res = 0;
2857
2858 for_each_possible_cpu(cpu)
2859 res += per_cpu(prot_inuse, cpu).val[idx];
2860
2861 return res >= 0 ? res : 0;
2862}
2863EXPORT_SYMBOL_GPL(sock_prot_inuse_get);
2864#endif
2865
2866static void assign_proto_idx(struct proto *prot)
2867{
2868 prot->inuse_idx = find_first_zero_bit(proto_inuse_idx, PROTO_INUSE_NR);
2869
2870 if (unlikely(prot->inuse_idx == PROTO_INUSE_NR - 1)) {
2871 pr_err("PROTO_INUSE_NR exhausted\n");
2872 return;
2873 }
2874
2875 set_bit(prot->inuse_idx, proto_inuse_idx);
2876}
2877
2878static void release_proto_idx(struct proto *prot)
2879{
2880 if (prot->inuse_idx != PROTO_INUSE_NR - 1)
2881 clear_bit(prot->inuse_idx, proto_inuse_idx);
2882}
2883#else
2884static inline void assign_proto_idx(struct proto *prot)
2885{
2886}
2887
2888static inline void release_proto_idx(struct proto *prot)
2889{
2890}
2891#endif
2892
2893static void req_prot_cleanup(struct request_sock_ops *rsk_prot)
2894{
2895 if (!rsk_prot)
2896 return;
2897 kfree(rsk_prot->slab_name);
2898 rsk_prot->slab_name = NULL;
2899 kmem_cache_destroy(rsk_prot->slab);
2900 rsk_prot->slab = NULL;
2901}
2902
2903static int req_prot_init(const struct proto *prot)
2904{
2905 struct request_sock_ops *rsk_prot = prot->rsk_prot;
2906
2907 if (!rsk_prot)
2908 return 0;
2909
2910 rsk_prot->slab_name = kasprintf(GFP_KERNEL, "request_sock_%s",
2911 prot->name);
2912 if (!rsk_prot->slab_name)
2913 return -ENOMEM;
2914
2915 rsk_prot->slab = kmem_cache_create(rsk_prot->slab_name,
2916 rsk_prot->obj_size, 0,
2917 prot->slab_flags, NULL);
2918
2919 if (!rsk_prot->slab) {
2920 pr_crit("%s: Can't create request sock SLAB cache!\n",
2921 prot->name);
2922 return -ENOMEM;
2923 }
2924 return 0;
2925}
2926
2927int proto_register(struct proto *prot, int alloc_slab)
2928{
2929 if (alloc_slab) {
2930 prot->slab = kmem_cache_create(prot->name, prot->obj_size, 0,
2931 SLAB_HWCACHE_ALIGN | prot->slab_flags,
2932 NULL);
2933
2934 if (prot->slab == NULL) {
2935 pr_crit("%s: Can't create sock SLAB cache!\n",
2936 prot->name);
2937 goto out;
2938 }
2939
2940 if (req_prot_init(prot))
2941 goto out_free_request_sock_slab;
2942
2943 if (prot->twsk_prot != NULL) {
2944 prot->twsk_prot->twsk_slab_name = kasprintf(GFP_KERNEL, "tw_sock_%s", prot->name);
2945
2946 if (prot->twsk_prot->twsk_slab_name == NULL)
2947 goto out_free_request_sock_slab;
2948
2949 prot->twsk_prot->twsk_slab =
2950 kmem_cache_create(prot->twsk_prot->twsk_slab_name,
2951 prot->twsk_prot->twsk_obj_size,
2952 0,
2953 prot->slab_flags,
2954 NULL);
2955 if (prot->twsk_prot->twsk_slab == NULL)
2956 goto out_free_timewait_sock_slab_name;
2957 }
2958 }
2959
2960 mutex_lock(&proto_list_mutex);
2961 list_add(&prot->node, &proto_list);
2962 assign_proto_idx(prot);
2963 mutex_unlock(&proto_list_mutex);
2964 return 0;
2965
2966out_free_timewait_sock_slab_name:
2967 kfree(prot->twsk_prot->twsk_slab_name);
2968out_free_request_sock_slab:
2969 req_prot_cleanup(prot->rsk_prot);
2970
2971 kmem_cache_destroy(prot->slab);
2972 prot->slab = NULL;
2973out:
2974 return -ENOBUFS;
2975}
2976EXPORT_SYMBOL(proto_register);
2977
2978void proto_unregister(struct proto *prot)
2979{
2980 mutex_lock(&proto_list_mutex);
2981 release_proto_idx(prot);
2982 list_del(&prot->node);
2983 mutex_unlock(&proto_list_mutex);
2984
2985 kmem_cache_destroy(prot->slab);
2986 prot->slab = NULL;
2987
2988 req_prot_cleanup(prot->rsk_prot);
2989
2990 if (prot->twsk_prot != NULL && prot->twsk_prot->twsk_slab != NULL) {
2991 kmem_cache_destroy(prot->twsk_prot->twsk_slab);
2992 kfree(prot->twsk_prot->twsk_slab_name);
2993 prot->twsk_prot->twsk_slab = NULL;
2994 }
2995}
2996EXPORT_SYMBOL(proto_unregister);
2997
2998#ifdef CONFIG_PROC_FS
2999static void *proto_seq_start(struct seq_file *seq, loff_t *pos)
3000 __acquires(proto_list_mutex)
3001{
3002 mutex_lock(&proto_list_mutex);
3003 return seq_list_start_head(&proto_list, *pos);
3004}
3005
3006static void *proto_seq_next(struct seq_file *seq, void *v, loff_t *pos)
3007{
3008 return seq_list_next(v, &proto_list, pos);
3009}
3010
3011static void proto_seq_stop(struct seq_file *seq, void *v)
3012 __releases(proto_list_mutex)
3013{
3014 mutex_unlock(&proto_list_mutex);
3015}
3016
3017static char proto_method_implemented(const void *method)
3018{
3019 return method == NULL ? 'n' : 'y';
3020}
3021static long sock_prot_memory_allocated(struct proto *proto)
3022{
3023 return proto->memory_allocated != NULL ? proto_memory_allocated(proto) : -1L;
3024}
3025
3026static char *sock_prot_memory_pressure(struct proto *proto)
3027{
3028 return proto->memory_pressure != NULL ?
3029 proto_memory_pressure(proto) ? "yes" : "no" : "NI";
3030}
3031
3032static void proto_seq_printf(struct seq_file *seq, struct proto *proto)
3033{
3034
3035 seq_printf(seq, "%-9s %4u %6d %6ld %-3s %6u %-3s %-10s "
3036 "%2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c\n",
3037 proto->name,
3038 proto->obj_size,
3039 sock_prot_inuse_get(seq_file_net(seq), proto),
3040 sock_prot_memory_allocated(proto),
3041 sock_prot_memory_pressure(proto),
3042 proto->max_header,
3043 proto->slab == NULL ? "no" : "yes",
3044 module_name(proto->owner),
3045 proto_method_implemented(proto->close),
3046 proto_method_implemented(proto->connect),
3047 proto_method_implemented(proto->disconnect),
3048 proto_method_implemented(proto->accept),
3049 proto_method_implemented(proto->ioctl),
3050 proto_method_implemented(proto->init),
3051 proto_method_implemented(proto->destroy),
3052 proto_method_implemented(proto->shutdown),
3053 proto_method_implemented(proto->setsockopt),
3054 proto_method_implemented(proto->getsockopt),
3055 proto_method_implemented(proto->sendmsg),
3056 proto_method_implemented(proto->recvmsg),
3057 proto_method_implemented(proto->sendpage),
3058 proto_method_implemented(proto->bind),
3059 proto_method_implemented(proto->backlog_rcv),
3060 proto_method_implemented(proto->hash),
3061 proto_method_implemented(proto->unhash),
3062 proto_method_implemented(proto->get_port),
3063 proto_method_implemented(proto->enter_memory_pressure));
3064}
3065
3066static int proto_seq_show(struct seq_file *seq, void *v)
3067{
3068 if (v == &proto_list)
3069 seq_printf(seq, "%-9s %-4s %-8s %-6s %-5s %-7s %-4s %-10s %s",
3070 "protocol",
3071 "size",
3072 "sockets",
3073 "memory",
3074 "press",
3075 "maxhdr",
3076 "slab",
3077 "module",
3078 "cl co di ac io in de sh ss gs se re sp bi br ha uh gp em\n");
3079 else
3080 proto_seq_printf(seq, list_entry(v, struct proto, node));
3081 return 0;
3082}
3083
3084static const struct seq_operations proto_seq_ops = {
3085 .start = proto_seq_start,
3086 .next = proto_seq_next,
3087 .stop = proto_seq_stop,
3088 .show = proto_seq_show,
3089};
3090
3091static int proto_seq_open(struct inode *inode, struct file *file)
3092{
3093 return seq_open_net(inode, file, &proto_seq_ops,
3094 sizeof(struct seq_net_private));
3095}
3096
3097static const struct file_operations proto_seq_fops = {
3098 .owner = THIS_MODULE,
3099 .open = proto_seq_open,
3100 .read = seq_read,
3101 .llseek = seq_lseek,
3102 .release = seq_release_net,
3103};
3104
3105static __net_init int proto_init_net(struct net *net)
3106{
3107 if (!proc_create("protocols", S_IRUGO, net->proc_net, &proto_seq_fops))
3108 return -ENOMEM;
3109
3110 return 0;
3111}
3112
3113static __net_exit void proto_exit_net(struct net *net)
3114{
3115 remove_proc_entry("protocols", net->proc_net);
3116}
3117
3118
3119static __net_initdata struct pernet_operations proto_net_ops = {
3120 .init = proto_init_net,
3121 .exit = proto_exit_net,
3122};
3123
3124static int __init proto_init(void)
3125{
3126 return register_pernet_subsys(&proto_net_ops);
3127}
3128
3129subsys_initcall(proto_init);
3130
3131#endif /* PROC_FS */