This source file includes following definitions.
- move_addr_to_kernel
- move_addr_to_user
- sock_alloc_inode
- sock_free_inode
- init_once
- init_inodecache
- sockfs_dname
- sockfs_xattr_get
- sockfs_security_xattr_set
- sockfs_init_fs_context
- sock_alloc_file
- sock_map_fd
- sock_from_file
- sockfd_lookup
- sockfd_lookup_light
- sockfs_listxattr
- sockfs_setattr
- sock_alloc
- __sock_release
- sock_release
- __sock_tx_timestamp
- sock_sendmsg_nosec
- sock_sendmsg
- kernel_sendmsg
- kernel_sendmsg_locked
- skb_is_err_queue
- skb_is_swtx_tstamp
- put_ts_pktinfo
- __sock_recv_timestamp
- __sock_recv_wifi_status
- sock_recv_drops
- __sock_recv_ts_and_drops
- sock_recvmsg_nosec
- sock_recvmsg
- kernel_recvmsg
- sock_sendpage
- sock_splice_read
- sock_read_iter
- sock_write_iter
- brioctl_set
- vlan_ioctl_set
- dlci_ioctl_set
- sock_do_ioctl
- get_net_ns
- sock_ioctl
- sock_create_lite
- sock_poll
- sock_mmap
- sock_close
- sock_fasync
- sock_wake_async
- __sock_create
- sock_create
- sock_create_kern
- __sys_socket
- SYSCALL_DEFINE3
- __sys_socketpair
- SYSCALL_DEFINE4
- __sys_bind
- SYSCALL_DEFINE3
- __sys_listen
- SYSCALL_DEFINE2
- __sys_accept4
- SYSCALL_DEFINE4
- SYSCALL_DEFINE3
- __sys_connect
- SYSCALL_DEFINE3
- __sys_getsockname
- SYSCALL_DEFINE3
- __sys_getpeername
- SYSCALL_DEFINE3
- __sys_sendto
- SYSCALL_DEFINE6
- SYSCALL_DEFINE4
- __sys_recvfrom
- SYSCALL_DEFINE6
- SYSCALL_DEFINE4
- __sys_setsockopt
- SYSCALL_DEFINE5
- __sys_getsockopt
- SYSCALL_DEFINE5
- __sys_shutdown
- SYSCALL_DEFINE2
- copy_msghdr_from_user
- ____sys_sendmsg
- sendmsg_copy_msghdr
- ___sys_sendmsg
- __sys_sendmsg_sock
- __sys_sendmsg
- SYSCALL_DEFINE3
- __sys_sendmmsg
- SYSCALL_DEFINE4
- recvmsg_copy_msghdr
- ____sys_recvmsg
- ___sys_recvmsg
- __sys_recvmsg_sock
- __sys_recvmsg
- SYSCALL_DEFINE3
- do_recvmmsg
- __sys_recvmmsg
- SYSCALL_DEFINE5
- SYSCALL_DEFINE5
- SYSCALL_DEFINE2
- sock_register
- sock_unregister
- sock_is_registered
- sock_init
- socket_seq_show
- compat_dev_ifconf
- ethtool_ioctl
- compat_siocwandev
- compat_ifr_data_ioctl
- compat_ifreq_ioctl
- compat_sioc_ifmap
- routing_ioctl
- old_bridge_ioctl
- compat_sock_ioctl_trans
- compat_sock_ioctl
- kernel_bind
- kernel_listen
- kernel_accept
- kernel_connect
- kernel_getsockname
- kernel_getpeername
- kernel_getsockopt
- kernel_setsockopt
- kernel_sendpage
- kernel_sendpage_locked
- kernel_sock_shutdown
- kernel_sock_ip_overhead
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55 #include <linux/mm.h>
56 #include <linux/socket.h>
57 #include <linux/file.h>
58 #include <linux/net.h>
59 #include <linux/interrupt.h>
60 #include <linux/thread_info.h>
61 #include <linux/rcupdate.h>
62 #include <linux/netdevice.h>
63 #include <linux/proc_fs.h>
64 #include <linux/seq_file.h>
65 #include <linux/mutex.h>
66 #include <linux/if_bridge.h>
67 #include <linux/if_frad.h>
68 #include <linux/if_vlan.h>
69 #include <linux/ptp_classify.h>
70 #include <linux/init.h>
71 #include <linux/poll.h>
72 #include <linux/cache.h>
73 #include <linux/module.h>
74 #include <linux/highmem.h>
75 #include <linux/mount.h>
76 #include <linux/pseudo_fs.h>
77 #include <linux/security.h>
78 #include <linux/syscalls.h>
79 #include <linux/compat.h>
80 #include <linux/kmod.h>
81 #include <linux/audit.h>
82 #include <linux/wireless.h>
83 #include <linux/nsproxy.h>
84 #include <linux/magic.h>
85 #include <linux/slab.h>
86 #include <linux/xattr.h>
87 #include <linux/nospec.h>
88 #include <linux/indirect_call_wrapper.h>
89
90 #include <linux/uaccess.h>
91 #include <asm/unistd.h>
92
93 #include <net/compat.h>
94 #include <net/wext.h>
95 #include <net/cls_cgroup.h>
96
97 #include <net/sock.h>
98 #include <linux/netfilter.h>
99
100 #include <linux/if_tun.h>
101 #include <linux/ipv6_route.h>
102 #include <linux/route.h>
103 #include <linux/sockios.h>
104 #include <net/busy_poll.h>
105 #include <linux/errqueue.h>
106
107 #ifdef CONFIG_NET_RX_BUSY_POLL
108 unsigned int sysctl_net_busy_read __read_mostly;
109 unsigned int sysctl_net_busy_poll __read_mostly;
110 #endif
111
112 static ssize_t sock_read_iter(struct kiocb *iocb, struct iov_iter *to);
113 static ssize_t sock_write_iter(struct kiocb *iocb, struct iov_iter *from);
114 static int sock_mmap(struct file *file, struct vm_area_struct *vma);
115
116 static int sock_close(struct inode *inode, struct file *file);
117 static __poll_t sock_poll(struct file *file,
118 struct poll_table_struct *wait);
119 static long sock_ioctl(struct file *file, unsigned int cmd, unsigned long arg);
120 #ifdef CONFIG_COMPAT
121 static long compat_sock_ioctl(struct file *file,
122 unsigned int cmd, unsigned long arg);
123 #endif
124 static int sock_fasync(int fd, struct file *filp, int on);
125 static ssize_t sock_sendpage(struct file *file, struct page *page,
126 int offset, size_t size, loff_t *ppos, int more);
127 static ssize_t sock_splice_read(struct file *file, loff_t *ppos,
128 struct pipe_inode_info *pipe, size_t len,
129 unsigned int flags);
130
131
132
133
134
135
136 static const struct file_operations socket_file_ops = {
137 .owner = THIS_MODULE,
138 .llseek = no_llseek,
139 .read_iter = sock_read_iter,
140 .write_iter = sock_write_iter,
141 .poll = sock_poll,
142 .unlocked_ioctl = sock_ioctl,
143 #ifdef CONFIG_COMPAT
144 .compat_ioctl = compat_sock_ioctl,
145 #endif
146 .mmap = sock_mmap,
147 .release = sock_close,
148 .fasync = sock_fasync,
149 .sendpage = sock_sendpage,
150 .splice_write = generic_splice_sendpage,
151 .splice_read = sock_splice_read,
152 };
153
154
155
156
157
158 static DEFINE_SPINLOCK(net_family_lock);
159 static const struct net_proto_family __rcu *net_families[NPROTO] __read_mostly;
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178 int move_addr_to_kernel(void __user *uaddr, int ulen, struct sockaddr_storage *kaddr)
179 {
180 if (ulen < 0 || ulen > sizeof(struct sockaddr_storage))
181 return -EINVAL;
182 if (ulen == 0)
183 return 0;
184 if (copy_from_user(kaddr, uaddr, ulen))
185 return -EFAULT;
186 return audit_sockaddr(ulen, kaddr);
187 }
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206 static int move_addr_to_user(struct sockaddr_storage *kaddr, int klen,
207 void __user *uaddr, int __user *ulen)
208 {
209 int err;
210 int len;
211
212 BUG_ON(klen > sizeof(struct sockaddr_storage));
213 err = get_user(len, ulen);
214 if (err)
215 return err;
216 if (len > klen)
217 len = klen;
218 if (len < 0)
219 return -EINVAL;
220 if (len) {
221 if (audit_sockaddr(klen, kaddr))
222 return -ENOMEM;
223 if (copy_to_user(uaddr, kaddr, len))
224 return -EFAULT;
225 }
226
227
228
229
230 return __put_user(klen, ulen);
231 }
232
233 static struct kmem_cache *sock_inode_cachep __ro_after_init;
234
235 static struct inode *sock_alloc_inode(struct super_block *sb)
236 {
237 struct socket_alloc *ei;
238
239 ei = kmem_cache_alloc(sock_inode_cachep, GFP_KERNEL);
240 if (!ei)
241 return NULL;
242 init_waitqueue_head(&ei->socket.wq.wait);
243 ei->socket.wq.fasync_list = NULL;
244 ei->socket.wq.flags = 0;
245
246 ei->socket.state = SS_UNCONNECTED;
247 ei->socket.flags = 0;
248 ei->socket.ops = NULL;
249 ei->socket.sk = NULL;
250 ei->socket.file = NULL;
251
252 return &ei->vfs_inode;
253 }
254
255 static void sock_free_inode(struct inode *inode)
256 {
257 struct socket_alloc *ei;
258
259 ei = container_of(inode, struct socket_alloc, vfs_inode);
260 kmem_cache_free(sock_inode_cachep, ei);
261 }
262
263 static void init_once(void *foo)
264 {
265 struct socket_alloc *ei = (struct socket_alloc *)foo;
266
267 inode_init_once(&ei->vfs_inode);
268 }
269
270 static void init_inodecache(void)
271 {
272 sock_inode_cachep = kmem_cache_create("sock_inode_cache",
273 sizeof(struct socket_alloc),
274 0,
275 (SLAB_HWCACHE_ALIGN |
276 SLAB_RECLAIM_ACCOUNT |
277 SLAB_MEM_SPREAD | SLAB_ACCOUNT),
278 init_once);
279 BUG_ON(sock_inode_cachep == NULL);
280 }
281
282 static const struct super_operations sockfs_ops = {
283 .alloc_inode = sock_alloc_inode,
284 .free_inode = sock_free_inode,
285 .statfs = simple_statfs,
286 };
287
288
289
290
291 static char *sockfs_dname(struct dentry *dentry, char *buffer, int buflen)
292 {
293 return dynamic_dname(dentry, buffer, buflen, "socket:[%lu]",
294 d_inode(dentry)->i_ino);
295 }
296
297 static const struct dentry_operations sockfs_dentry_operations = {
298 .d_dname = sockfs_dname,
299 };
300
301 static int sockfs_xattr_get(const struct xattr_handler *handler,
302 struct dentry *dentry, struct inode *inode,
303 const char *suffix, void *value, size_t size)
304 {
305 if (value) {
306 if (dentry->d_name.len + 1 > size)
307 return -ERANGE;
308 memcpy(value, dentry->d_name.name, dentry->d_name.len + 1);
309 }
310 return dentry->d_name.len + 1;
311 }
312
313 #define XATTR_SOCKPROTONAME_SUFFIX "sockprotoname"
314 #define XATTR_NAME_SOCKPROTONAME (XATTR_SYSTEM_PREFIX XATTR_SOCKPROTONAME_SUFFIX)
315 #define XATTR_NAME_SOCKPROTONAME_LEN (sizeof(XATTR_NAME_SOCKPROTONAME)-1)
316
317 static const struct xattr_handler sockfs_xattr_handler = {
318 .name = XATTR_NAME_SOCKPROTONAME,
319 .get = sockfs_xattr_get,
320 };
321
322 static int sockfs_security_xattr_set(const struct xattr_handler *handler,
323 struct dentry *dentry, struct inode *inode,
324 const char *suffix, const void *value,
325 size_t size, int flags)
326 {
327
328 return -EAGAIN;
329 }
330
331 static const struct xattr_handler sockfs_security_xattr_handler = {
332 .prefix = XATTR_SECURITY_PREFIX,
333 .set = sockfs_security_xattr_set,
334 };
335
336 static const struct xattr_handler *sockfs_xattr_handlers[] = {
337 &sockfs_xattr_handler,
338 &sockfs_security_xattr_handler,
339 NULL
340 };
341
342 static int sockfs_init_fs_context(struct fs_context *fc)
343 {
344 struct pseudo_fs_context *ctx = init_pseudo(fc, SOCKFS_MAGIC);
345 if (!ctx)
346 return -ENOMEM;
347 ctx->ops = &sockfs_ops;
348 ctx->dops = &sockfs_dentry_operations;
349 ctx->xattr = sockfs_xattr_handlers;
350 return 0;
351 }
352
353 static struct vfsmount *sock_mnt __read_mostly;
354
355 static struct file_system_type sock_fs_type = {
356 .name = "sockfs",
357 .init_fs_context = sockfs_init_fs_context,
358 .kill_sb = kill_anon_super,
359 };
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390 struct file *sock_alloc_file(struct socket *sock, int flags, const char *dname)
391 {
392 struct file *file;
393
394 if (!dname)
395 dname = sock->sk ? sock->sk->sk_prot_creator->name : "";
396
397 file = alloc_file_pseudo(SOCK_INODE(sock), sock_mnt, dname,
398 O_RDWR | (flags & O_NONBLOCK),
399 &socket_file_ops);
400 if (IS_ERR(file)) {
401 sock_release(sock);
402 return file;
403 }
404
405 sock->file = file;
406 file->private_data = sock;
407 return file;
408 }
409 EXPORT_SYMBOL(sock_alloc_file);
410
411 static int sock_map_fd(struct socket *sock, int flags)
412 {
413 struct file *newfile;
414 int fd = get_unused_fd_flags(flags);
415 if (unlikely(fd < 0)) {
416 sock_release(sock);
417 return fd;
418 }
419
420 newfile = sock_alloc_file(sock, flags, NULL);
421 if (!IS_ERR(newfile)) {
422 fd_install(fd, newfile);
423 return fd;
424 }
425
426 put_unused_fd(fd);
427 return PTR_ERR(newfile);
428 }
429
430
431
432
433
434
435
436
437
438 struct socket *sock_from_file(struct file *file, int *err)
439 {
440 if (file->f_op == &socket_file_ops)
441 return file->private_data;
442
443 *err = -ENOTSOCK;
444 return NULL;
445 }
446 EXPORT_SYMBOL(sock_from_file);
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461 struct socket *sockfd_lookup(int fd, int *err)
462 {
463 struct file *file;
464 struct socket *sock;
465
466 file = fget(fd);
467 if (!file) {
468 *err = -EBADF;
469 return NULL;
470 }
471
472 sock = sock_from_file(file, err);
473 if (!sock)
474 fput(file);
475 return sock;
476 }
477 EXPORT_SYMBOL(sockfd_lookup);
478
479 static struct socket *sockfd_lookup_light(int fd, int *err, int *fput_needed)
480 {
481 struct fd f = fdget(fd);
482 struct socket *sock;
483
484 *err = -EBADF;
485 if (f.file) {
486 sock = sock_from_file(f.file, err);
487 if (likely(sock)) {
488 *fput_needed = f.flags;
489 return sock;
490 }
491 fdput(f);
492 }
493 return NULL;
494 }
495
496 static ssize_t sockfs_listxattr(struct dentry *dentry, char *buffer,
497 size_t size)
498 {
499 ssize_t len;
500 ssize_t used = 0;
501
502 len = security_inode_listsecurity(d_inode(dentry), buffer, size);
503 if (len < 0)
504 return len;
505 used += len;
506 if (buffer) {
507 if (size < used)
508 return -ERANGE;
509 buffer += len;
510 }
511
512 len = (XATTR_NAME_SOCKPROTONAME_LEN + 1);
513 used += len;
514 if (buffer) {
515 if (size < used)
516 return -ERANGE;
517 memcpy(buffer, XATTR_NAME_SOCKPROTONAME, len);
518 buffer += len;
519 }
520
521 return used;
522 }
523
524 static int sockfs_setattr(struct dentry *dentry, struct iattr *iattr)
525 {
526 int err = simple_setattr(dentry, iattr);
527
528 if (!err && (iattr->ia_valid & ATTR_UID)) {
529 struct socket *sock = SOCKET_I(d_inode(dentry));
530
531 if (sock->sk)
532 sock->sk->sk_uid = iattr->ia_uid;
533 else
534 err = -ENOENT;
535 }
536
537 return err;
538 }
539
540 static const struct inode_operations sockfs_inode_ops = {
541 .listxattr = sockfs_listxattr,
542 .setattr = sockfs_setattr,
543 };
544
545
546
547
548
549
550
551
552
553 struct socket *sock_alloc(void)
554 {
555 struct inode *inode;
556 struct socket *sock;
557
558 inode = new_inode_pseudo(sock_mnt->mnt_sb);
559 if (!inode)
560 return NULL;
561
562 sock = SOCKET_I(inode);
563
564 inode->i_ino = get_next_ino();
565 inode->i_mode = S_IFSOCK | S_IRWXUGO;
566 inode->i_uid = current_fsuid();
567 inode->i_gid = current_fsgid();
568 inode->i_op = &sockfs_inode_ops;
569
570 return sock;
571 }
572 EXPORT_SYMBOL(sock_alloc);
573
574
575
576
577
578
579
580
581
582
583 static void __sock_release(struct socket *sock, struct inode *inode)
584 {
585 if (sock->ops) {
586 struct module *owner = sock->ops->owner;
587
588 if (inode)
589 inode_lock(inode);
590 sock->ops->release(sock);
591 sock->sk = NULL;
592 if (inode)
593 inode_unlock(inode);
594 sock->ops = NULL;
595 module_put(owner);
596 }
597
598 if (sock->wq.fasync_list)
599 pr_err("%s: fasync list not empty!\n", __func__);
600
601 if (!sock->file) {
602 iput(SOCK_INODE(sock));
603 return;
604 }
605 sock->file = NULL;
606 }
607
608 void sock_release(struct socket *sock)
609 {
610 __sock_release(sock, NULL);
611 }
612 EXPORT_SYMBOL(sock_release);
613
614 void __sock_tx_timestamp(__u16 tsflags, __u8 *tx_flags)
615 {
616 u8 flags = *tx_flags;
617
618 if (tsflags & SOF_TIMESTAMPING_TX_HARDWARE)
619 flags |= SKBTX_HW_TSTAMP;
620
621 if (tsflags & SOF_TIMESTAMPING_TX_SOFTWARE)
622 flags |= SKBTX_SW_TSTAMP;
623
624 if (tsflags & SOF_TIMESTAMPING_TX_SCHED)
625 flags |= SKBTX_SCHED_TSTAMP;
626
627 *tx_flags = flags;
628 }
629 EXPORT_SYMBOL(__sock_tx_timestamp);
630
631 INDIRECT_CALLABLE_DECLARE(int inet_sendmsg(struct socket *, struct msghdr *,
632 size_t));
633 INDIRECT_CALLABLE_DECLARE(int inet6_sendmsg(struct socket *, struct msghdr *,
634 size_t));
635 static inline int sock_sendmsg_nosec(struct socket *sock, struct msghdr *msg)
636 {
637 int ret = INDIRECT_CALL_INET(sock->ops->sendmsg, inet6_sendmsg,
638 inet_sendmsg, sock, msg,
639 msg_data_left(msg));
640 BUG_ON(ret == -EIOCBQUEUED);
641 return ret;
642 }
643
644
645
646
647
648
649
650
651
652 int sock_sendmsg(struct socket *sock, struct msghdr *msg)
653 {
654 int err = security_socket_sendmsg(sock, msg,
655 msg_data_left(msg));
656
657 return err ?: sock_sendmsg_nosec(sock, msg);
658 }
659 EXPORT_SYMBOL(sock_sendmsg);
660
661
662
663
664
665
666
667
668
669
670
671
672
673 int kernel_sendmsg(struct socket *sock, struct msghdr *msg,
674 struct kvec *vec, size_t num, size_t size)
675 {
676 iov_iter_kvec(&msg->msg_iter, WRITE, vec, num, size);
677 return sock_sendmsg(sock, msg);
678 }
679 EXPORT_SYMBOL(kernel_sendmsg);
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694 int kernel_sendmsg_locked(struct sock *sk, struct msghdr *msg,
695 struct kvec *vec, size_t num, size_t size)
696 {
697 struct socket *sock = sk->sk_socket;
698
699 if (!sock->ops->sendmsg_locked)
700 return sock_no_sendmsg_locked(sk, msg, size);
701
702 iov_iter_kvec(&msg->msg_iter, WRITE, vec, num, size);
703
704 return sock->ops->sendmsg_locked(sk, msg, msg_data_left(msg));
705 }
706 EXPORT_SYMBOL(kernel_sendmsg_locked);
707
708 static bool skb_is_err_queue(const struct sk_buff *skb)
709 {
710
711
712
713
714
715 return skb->pkt_type == PACKET_OUTGOING;
716 }
717
718
719
720
721
722
723
724
725
726 static bool skb_is_swtx_tstamp(const struct sk_buff *skb, int false_tstamp)
727 {
728 return skb->tstamp && !false_tstamp && skb_is_err_queue(skb);
729 }
730
731 static void put_ts_pktinfo(struct msghdr *msg, struct sk_buff *skb)
732 {
733 struct scm_ts_pktinfo ts_pktinfo;
734 struct net_device *orig_dev;
735
736 if (!skb_mac_header_was_set(skb))
737 return;
738
739 memset(&ts_pktinfo, 0, sizeof(ts_pktinfo));
740
741 rcu_read_lock();
742 orig_dev = dev_get_by_napi_id(skb_napi_id(skb));
743 if (orig_dev)
744 ts_pktinfo.if_index = orig_dev->ifindex;
745 rcu_read_unlock();
746
747 ts_pktinfo.pkt_length = skb->len - skb_mac_offset(skb);
748 put_cmsg(msg, SOL_SOCKET, SCM_TIMESTAMPING_PKTINFO,
749 sizeof(ts_pktinfo), &ts_pktinfo);
750 }
751
752
753
754
755 void __sock_recv_timestamp(struct msghdr *msg, struct sock *sk,
756 struct sk_buff *skb)
757 {
758 int need_software_tstamp = sock_flag(sk, SOCK_RCVTSTAMP);
759 int new_tstamp = sock_flag(sk, SOCK_TSTAMP_NEW);
760 struct scm_timestamping_internal tss;
761
762 int empty = 1, false_tstamp = 0;
763 struct skb_shared_hwtstamps *shhwtstamps =
764 skb_hwtstamps(skb);
765
766
767
768 if (need_software_tstamp && skb->tstamp == 0) {
769 __net_timestamp(skb);
770 false_tstamp = 1;
771 }
772
773 if (need_software_tstamp) {
774 if (!sock_flag(sk, SOCK_RCVTSTAMPNS)) {
775 if (new_tstamp) {
776 struct __kernel_sock_timeval tv;
777
778 skb_get_new_timestamp(skb, &tv);
779 put_cmsg(msg, SOL_SOCKET, SO_TIMESTAMP_NEW,
780 sizeof(tv), &tv);
781 } else {
782 struct __kernel_old_timeval tv;
783
784 skb_get_timestamp(skb, &tv);
785 put_cmsg(msg, SOL_SOCKET, SO_TIMESTAMP_OLD,
786 sizeof(tv), &tv);
787 }
788 } else {
789 if (new_tstamp) {
790 struct __kernel_timespec ts;
791
792 skb_get_new_timestampns(skb, &ts);
793 put_cmsg(msg, SOL_SOCKET, SO_TIMESTAMPNS_NEW,
794 sizeof(ts), &ts);
795 } else {
796 struct timespec ts;
797
798 skb_get_timestampns(skb, &ts);
799 put_cmsg(msg, SOL_SOCKET, SO_TIMESTAMPNS_OLD,
800 sizeof(ts), &ts);
801 }
802 }
803 }
804
805 memset(&tss, 0, sizeof(tss));
806 if ((sk->sk_tsflags & SOF_TIMESTAMPING_SOFTWARE) &&
807 ktime_to_timespec64_cond(skb->tstamp, tss.ts + 0))
808 empty = 0;
809 if (shhwtstamps &&
810 (sk->sk_tsflags & SOF_TIMESTAMPING_RAW_HARDWARE) &&
811 !skb_is_swtx_tstamp(skb, false_tstamp) &&
812 ktime_to_timespec64_cond(shhwtstamps->hwtstamp, tss.ts + 2)) {
813 empty = 0;
814 if ((sk->sk_tsflags & SOF_TIMESTAMPING_OPT_PKTINFO) &&
815 !skb_is_err_queue(skb))
816 put_ts_pktinfo(msg, skb);
817 }
818 if (!empty) {
819 if (sock_flag(sk, SOCK_TSTAMP_NEW))
820 put_cmsg_scm_timestamping64(msg, &tss);
821 else
822 put_cmsg_scm_timestamping(msg, &tss);
823
824 if (skb_is_err_queue(skb) && skb->len &&
825 SKB_EXT_ERR(skb)->opt_stats)
826 put_cmsg(msg, SOL_SOCKET, SCM_TIMESTAMPING_OPT_STATS,
827 skb->len, skb->data);
828 }
829 }
830 EXPORT_SYMBOL_GPL(__sock_recv_timestamp);
831
832 void __sock_recv_wifi_status(struct msghdr *msg, struct sock *sk,
833 struct sk_buff *skb)
834 {
835 int ack;
836
837 if (!sock_flag(sk, SOCK_WIFI_STATUS))
838 return;
839 if (!skb->wifi_acked_valid)
840 return;
841
842 ack = skb->wifi_acked;
843
844 put_cmsg(msg, SOL_SOCKET, SCM_WIFI_STATUS, sizeof(ack), &ack);
845 }
846 EXPORT_SYMBOL_GPL(__sock_recv_wifi_status);
847
848 static inline void sock_recv_drops(struct msghdr *msg, struct sock *sk,
849 struct sk_buff *skb)
850 {
851 if (sock_flag(sk, SOCK_RXQ_OVFL) && skb && SOCK_SKB_CB(skb)->dropcount)
852 put_cmsg(msg, SOL_SOCKET, SO_RXQ_OVFL,
853 sizeof(__u32), &SOCK_SKB_CB(skb)->dropcount);
854 }
855
856 void __sock_recv_ts_and_drops(struct msghdr *msg, struct sock *sk,
857 struct sk_buff *skb)
858 {
859 sock_recv_timestamp(msg, sk, skb);
860 sock_recv_drops(msg, sk, skb);
861 }
862 EXPORT_SYMBOL_GPL(__sock_recv_ts_and_drops);
863
864 INDIRECT_CALLABLE_DECLARE(int inet_recvmsg(struct socket *, struct msghdr *,
865 size_t, int));
866 INDIRECT_CALLABLE_DECLARE(int inet6_recvmsg(struct socket *, struct msghdr *,
867 size_t, int));
868 static inline int sock_recvmsg_nosec(struct socket *sock, struct msghdr *msg,
869 int flags)
870 {
871 return INDIRECT_CALL_INET(sock->ops->recvmsg, inet6_recvmsg,
872 inet_recvmsg, sock, msg, msg_data_left(msg),
873 flags);
874 }
875
876
877
878
879
880
881
882
883
884
885 int sock_recvmsg(struct socket *sock, struct msghdr *msg, int flags)
886 {
887 int err = security_socket_recvmsg(sock, msg, msg_data_left(msg), flags);
888
889 return err ?: sock_recvmsg_nosec(sock, msg, flags);
890 }
891 EXPORT_SYMBOL(sock_recvmsg);
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909 int kernel_recvmsg(struct socket *sock, struct msghdr *msg,
910 struct kvec *vec, size_t num, size_t size, int flags)
911 {
912 mm_segment_t oldfs = get_fs();
913 int result;
914
915 iov_iter_kvec(&msg->msg_iter, READ, vec, num, size);
916 set_fs(KERNEL_DS);
917 result = sock_recvmsg(sock, msg, flags);
918 set_fs(oldfs);
919 return result;
920 }
921 EXPORT_SYMBOL(kernel_recvmsg);
922
923 static ssize_t sock_sendpage(struct file *file, struct page *page,
924 int offset, size_t size, loff_t *ppos, int more)
925 {
926 struct socket *sock;
927 int flags;
928
929 sock = file->private_data;
930
931 flags = (file->f_flags & O_NONBLOCK) ? MSG_DONTWAIT : 0;
932
933 flags |= more;
934
935 return kernel_sendpage(sock, page, offset, size, flags);
936 }
937
938 static ssize_t sock_splice_read(struct file *file, loff_t *ppos,
939 struct pipe_inode_info *pipe, size_t len,
940 unsigned int flags)
941 {
942 struct socket *sock = file->private_data;
943
944 if (unlikely(!sock->ops->splice_read))
945 return generic_file_splice_read(file, ppos, pipe, len, flags);
946
947 return sock->ops->splice_read(sock, ppos, pipe, len, flags);
948 }
949
950 static ssize_t sock_read_iter(struct kiocb *iocb, struct iov_iter *to)
951 {
952 struct file *file = iocb->ki_filp;
953 struct socket *sock = file->private_data;
954 struct msghdr msg = {.msg_iter = *to,
955 .msg_iocb = iocb};
956 ssize_t res;
957
958 if (file->f_flags & O_NONBLOCK || (iocb->ki_flags & IOCB_NOWAIT))
959 msg.msg_flags = MSG_DONTWAIT;
960
961 if (iocb->ki_pos != 0)
962 return -ESPIPE;
963
964 if (!iov_iter_count(to))
965 return 0;
966
967 res = sock_recvmsg(sock, &msg, msg.msg_flags);
968 *to = msg.msg_iter;
969 return res;
970 }
971
972 static ssize_t sock_write_iter(struct kiocb *iocb, struct iov_iter *from)
973 {
974 struct file *file = iocb->ki_filp;
975 struct socket *sock = file->private_data;
976 struct msghdr msg = {.msg_iter = *from,
977 .msg_iocb = iocb};
978 ssize_t res;
979
980 if (iocb->ki_pos != 0)
981 return -ESPIPE;
982
983 if (file->f_flags & O_NONBLOCK || (iocb->ki_flags & IOCB_NOWAIT))
984 msg.msg_flags = MSG_DONTWAIT;
985
986 if (sock->type == SOCK_SEQPACKET)
987 msg.msg_flags |= MSG_EOR;
988
989 res = sock_sendmsg(sock, &msg);
990 *from = msg.msg_iter;
991 return res;
992 }
993
994
995
996
997
998
999 static DEFINE_MUTEX(br_ioctl_mutex);
1000 static int (*br_ioctl_hook) (struct net *, unsigned int cmd, void __user *arg);
1001
1002 void brioctl_set(int (*hook) (struct net *, unsigned int, void __user *))
1003 {
1004 mutex_lock(&br_ioctl_mutex);
1005 br_ioctl_hook = hook;
1006 mutex_unlock(&br_ioctl_mutex);
1007 }
1008 EXPORT_SYMBOL(brioctl_set);
1009
1010 static DEFINE_MUTEX(vlan_ioctl_mutex);
1011 static int (*vlan_ioctl_hook) (struct net *, void __user *arg);
1012
1013 void vlan_ioctl_set(int (*hook) (struct net *, void __user *))
1014 {
1015 mutex_lock(&vlan_ioctl_mutex);
1016 vlan_ioctl_hook = hook;
1017 mutex_unlock(&vlan_ioctl_mutex);
1018 }
1019 EXPORT_SYMBOL(vlan_ioctl_set);
1020
1021 static DEFINE_MUTEX(dlci_ioctl_mutex);
1022 static int (*dlci_ioctl_hook) (unsigned int, void __user *);
1023
1024 void dlci_ioctl_set(int (*hook) (unsigned int, void __user *))
1025 {
1026 mutex_lock(&dlci_ioctl_mutex);
1027 dlci_ioctl_hook = hook;
1028 mutex_unlock(&dlci_ioctl_mutex);
1029 }
1030 EXPORT_SYMBOL(dlci_ioctl_set);
1031
1032 static long sock_do_ioctl(struct net *net, struct socket *sock,
1033 unsigned int cmd, unsigned long arg)
1034 {
1035 int err;
1036 void __user *argp = (void __user *)arg;
1037
1038 err = sock->ops->ioctl(sock, cmd, arg);
1039
1040
1041
1042
1043
1044 if (err != -ENOIOCTLCMD)
1045 return err;
1046
1047 if (cmd == SIOCGIFCONF) {
1048 struct ifconf ifc;
1049 if (copy_from_user(&ifc, argp, sizeof(struct ifconf)))
1050 return -EFAULT;
1051 rtnl_lock();
1052 err = dev_ifconf(net, &ifc, sizeof(struct ifreq));
1053 rtnl_unlock();
1054 if (!err && copy_to_user(argp, &ifc, sizeof(struct ifconf)))
1055 err = -EFAULT;
1056 } else {
1057 struct ifreq ifr;
1058 bool need_copyout;
1059 if (copy_from_user(&ifr, argp, sizeof(struct ifreq)))
1060 return -EFAULT;
1061 err = dev_ioctl(net, cmd, &ifr, &need_copyout);
1062 if (!err && need_copyout)
1063 if (copy_to_user(argp, &ifr, sizeof(struct ifreq)))
1064 return -EFAULT;
1065 }
1066 return err;
1067 }
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081 struct ns_common *get_net_ns(struct ns_common *ns)
1082 {
1083 return &get_net(container_of(ns, struct net, ns))->ns;
1084 }
1085 EXPORT_SYMBOL_GPL(get_net_ns);
1086
1087 static long sock_ioctl(struct file *file, unsigned cmd, unsigned long arg)
1088 {
1089 struct socket *sock;
1090 struct sock *sk;
1091 void __user *argp = (void __user *)arg;
1092 int pid, err;
1093 struct net *net;
1094
1095 sock = file->private_data;
1096 sk = sock->sk;
1097 net = sock_net(sk);
1098 if (unlikely(cmd >= SIOCDEVPRIVATE && cmd <= (SIOCDEVPRIVATE + 15))) {
1099 struct ifreq ifr;
1100 bool need_copyout;
1101 if (copy_from_user(&ifr, argp, sizeof(struct ifreq)))
1102 return -EFAULT;
1103 err = dev_ioctl(net, cmd, &ifr, &need_copyout);
1104 if (!err && need_copyout)
1105 if (copy_to_user(argp, &ifr, sizeof(struct ifreq)))
1106 return -EFAULT;
1107 } else
1108 #ifdef CONFIG_WEXT_CORE
1109 if (cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST) {
1110 err = wext_handle_ioctl(net, cmd, argp);
1111 } else
1112 #endif
1113 switch (cmd) {
1114 case FIOSETOWN:
1115 case SIOCSPGRP:
1116 err = -EFAULT;
1117 if (get_user(pid, (int __user *)argp))
1118 break;
1119 err = f_setown(sock->file, pid, 1);
1120 break;
1121 case FIOGETOWN:
1122 case SIOCGPGRP:
1123 err = put_user(f_getown(sock->file),
1124 (int __user *)argp);
1125 break;
1126 case SIOCGIFBR:
1127 case SIOCSIFBR:
1128 case SIOCBRADDBR:
1129 case SIOCBRDELBR:
1130 err = -ENOPKG;
1131 if (!br_ioctl_hook)
1132 request_module("bridge");
1133
1134 mutex_lock(&br_ioctl_mutex);
1135 if (br_ioctl_hook)
1136 err = br_ioctl_hook(net, cmd, argp);
1137 mutex_unlock(&br_ioctl_mutex);
1138 break;
1139 case SIOCGIFVLAN:
1140 case SIOCSIFVLAN:
1141 err = -ENOPKG;
1142 if (!vlan_ioctl_hook)
1143 request_module("8021q");
1144
1145 mutex_lock(&vlan_ioctl_mutex);
1146 if (vlan_ioctl_hook)
1147 err = vlan_ioctl_hook(net, argp);
1148 mutex_unlock(&vlan_ioctl_mutex);
1149 break;
1150 case SIOCADDDLCI:
1151 case SIOCDELDLCI:
1152 err = -ENOPKG;
1153 if (!dlci_ioctl_hook)
1154 request_module("dlci");
1155
1156 mutex_lock(&dlci_ioctl_mutex);
1157 if (dlci_ioctl_hook)
1158 err = dlci_ioctl_hook(cmd, argp);
1159 mutex_unlock(&dlci_ioctl_mutex);
1160 break;
1161 case SIOCGSKNS:
1162 err = -EPERM;
1163 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1164 break;
1165
1166 err = open_related_ns(&net->ns, get_net_ns);
1167 break;
1168 case SIOCGSTAMP_OLD:
1169 case SIOCGSTAMPNS_OLD:
1170 if (!sock->ops->gettstamp) {
1171 err = -ENOIOCTLCMD;
1172 break;
1173 }
1174 err = sock->ops->gettstamp(sock, argp,
1175 cmd == SIOCGSTAMP_OLD,
1176 !IS_ENABLED(CONFIG_64BIT));
1177 break;
1178 case SIOCGSTAMP_NEW:
1179 case SIOCGSTAMPNS_NEW:
1180 if (!sock->ops->gettstamp) {
1181 err = -ENOIOCTLCMD;
1182 break;
1183 }
1184 err = sock->ops->gettstamp(sock, argp,
1185 cmd == SIOCGSTAMP_NEW,
1186 false);
1187 break;
1188 default:
1189 err = sock_do_ioctl(net, sock, cmd, arg);
1190 break;
1191 }
1192 return err;
1193 }
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208 int sock_create_lite(int family, int type, int protocol, struct socket **res)
1209 {
1210 int err;
1211 struct socket *sock = NULL;
1212
1213 err = security_socket_create(family, type, protocol, 1);
1214 if (err)
1215 goto out;
1216
1217 sock = sock_alloc();
1218 if (!sock) {
1219 err = -ENOMEM;
1220 goto out;
1221 }
1222
1223 sock->type = type;
1224 err = security_socket_post_create(sock, family, type, protocol, 1);
1225 if (err)
1226 goto out_release;
1227
1228 out:
1229 *res = sock;
1230 return err;
1231 out_release:
1232 sock_release(sock);
1233 sock = NULL;
1234 goto out;
1235 }
1236 EXPORT_SYMBOL(sock_create_lite);
1237
1238
1239 static __poll_t sock_poll(struct file *file, poll_table *wait)
1240 {
1241 struct socket *sock = file->private_data;
1242 __poll_t events = poll_requested_events(wait), flag = 0;
1243
1244 if (!sock->ops->poll)
1245 return 0;
1246
1247 if (sk_can_busy_loop(sock->sk)) {
1248
1249 if (events & POLL_BUSY_LOOP)
1250 sk_busy_loop(sock->sk, 1);
1251
1252
1253 flag = POLL_BUSY_LOOP;
1254 }
1255
1256 return sock->ops->poll(file, sock, wait) | flag;
1257 }
1258
1259 static int sock_mmap(struct file *file, struct vm_area_struct *vma)
1260 {
1261 struct socket *sock = file->private_data;
1262
1263 return sock->ops->mmap(file, sock, vma);
1264 }
1265
1266 static int sock_close(struct inode *inode, struct file *filp)
1267 {
1268 __sock_release(SOCKET_I(inode), inode);
1269 return 0;
1270 }
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283 static int sock_fasync(int fd, struct file *filp, int on)
1284 {
1285 struct socket *sock = filp->private_data;
1286 struct sock *sk = sock->sk;
1287 struct socket_wq *wq = &sock->wq;
1288
1289 if (sk == NULL)
1290 return -EINVAL;
1291
1292 lock_sock(sk);
1293 fasync_helper(fd, filp, on, &wq->fasync_list);
1294
1295 if (!wq->fasync_list)
1296 sock_reset_flag(sk, SOCK_FASYNC);
1297 else
1298 sock_set_flag(sk, SOCK_FASYNC);
1299
1300 release_sock(sk);
1301 return 0;
1302 }
1303
1304
1305
1306 int sock_wake_async(struct socket_wq *wq, int how, int band)
1307 {
1308 if (!wq || !wq->fasync_list)
1309 return -1;
1310
1311 switch (how) {
1312 case SOCK_WAKE_WAITD:
1313 if (test_bit(SOCKWQ_ASYNC_WAITDATA, &wq->flags))
1314 break;
1315 goto call_kill;
1316 case SOCK_WAKE_SPACE:
1317 if (!test_and_clear_bit(SOCKWQ_ASYNC_NOSPACE, &wq->flags))
1318 break;
1319
1320 case SOCK_WAKE_IO:
1321 call_kill:
1322 kill_fasync(&wq->fasync_list, SIGIO, band);
1323 break;
1324 case SOCK_WAKE_URG:
1325 kill_fasync(&wq->fasync_list, SIGURG, band);
1326 }
1327
1328 return 0;
1329 }
1330 EXPORT_SYMBOL(sock_wake_async);
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347 int __sock_create(struct net *net, int family, int type, int protocol,
1348 struct socket **res, int kern)
1349 {
1350 int err;
1351 struct socket *sock;
1352 const struct net_proto_family *pf;
1353
1354
1355
1356
1357 if (family < 0 || family >= NPROTO)
1358 return -EAFNOSUPPORT;
1359 if (type < 0 || type >= SOCK_MAX)
1360 return -EINVAL;
1361
1362
1363
1364
1365
1366
1367 if (family == PF_INET && type == SOCK_PACKET) {
1368 pr_info_once("%s uses obsolete (PF_INET,SOCK_PACKET)\n",
1369 current->comm);
1370 family = PF_PACKET;
1371 }
1372
1373 err = security_socket_create(family, type, protocol, kern);
1374 if (err)
1375 return err;
1376
1377
1378
1379
1380
1381
1382 sock = sock_alloc();
1383 if (!sock) {
1384 net_warn_ratelimited("socket: no more sockets\n");
1385 return -ENFILE;
1386
1387 }
1388
1389 sock->type = type;
1390
1391 #ifdef CONFIG_MODULES
1392
1393
1394
1395
1396
1397
1398 if (rcu_access_pointer(net_families[family]) == NULL)
1399 request_module("net-pf-%d", family);
1400 #endif
1401
1402 rcu_read_lock();
1403 pf = rcu_dereference(net_families[family]);
1404 err = -EAFNOSUPPORT;
1405 if (!pf)
1406 goto out_release;
1407
1408
1409
1410
1411
1412 if (!try_module_get(pf->owner))
1413 goto out_release;
1414
1415
1416 rcu_read_unlock();
1417
1418 err = pf->create(net, sock, protocol, kern);
1419 if (err < 0)
1420 goto out_module_put;
1421
1422
1423
1424
1425
1426 if (!try_module_get(sock->ops->owner))
1427 goto out_module_busy;
1428
1429
1430
1431
1432
1433 module_put(pf->owner);
1434 err = security_socket_post_create(sock, family, type, protocol, kern);
1435 if (err)
1436 goto out_sock_release;
1437 *res = sock;
1438
1439 return 0;
1440
1441 out_module_busy:
1442 err = -EAFNOSUPPORT;
1443 out_module_put:
1444 sock->ops = NULL;
1445 module_put(pf->owner);
1446 out_sock_release:
1447 sock_release(sock);
1448 return err;
1449
1450 out_release:
1451 rcu_read_unlock();
1452 goto out_sock_release;
1453 }
1454 EXPORT_SYMBOL(__sock_create);
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467 int sock_create(int family, int type, int protocol, struct socket **res)
1468 {
1469 return __sock_create(current->nsproxy->net_ns, family, type, protocol, res, 0);
1470 }
1471 EXPORT_SYMBOL(sock_create);
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485 int sock_create_kern(struct net *net, int family, int type, int protocol, struct socket **res)
1486 {
1487 return __sock_create(net, family, type, protocol, res, 1);
1488 }
1489 EXPORT_SYMBOL(sock_create_kern);
1490
1491 int __sys_socket(int family, int type, int protocol)
1492 {
1493 int retval;
1494 struct socket *sock;
1495 int flags;
1496
1497
1498 BUILD_BUG_ON(SOCK_CLOEXEC != O_CLOEXEC);
1499 BUILD_BUG_ON((SOCK_MAX | SOCK_TYPE_MASK) != SOCK_TYPE_MASK);
1500 BUILD_BUG_ON(SOCK_CLOEXEC & SOCK_TYPE_MASK);
1501 BUILD_BUG_ON(SOCK_NONBLOCK & SOCK_TYPE_MASK);
1502
1503 flags = type & ~SOCK_TYPE_MASK;
1504 if (flags & ~(SOCK_CLOEXEC | SOCK_NONBLOCK))
1505 return -EINVAL;
1506 type &= SOCK_TYPE_MASK;
1507
1508 if (SOCK_NONBLOCK != O_NONBLOCK && (flags & SOCK_NONBLOCK))
1509 flags = (flags & ~SOCK_NONBLOCK) | O_NONBLOCK;
1510
1511 retval = sock_create(family, type, protocol, &sock);
1512 if (retval < 0)
1513 return retval;
1514
1515 return sock_map_fd(sock, flags & (O_CLOEXEC | O_NONBLOCK));
1516 }
1517
1518 SYSCALL_DEFINE3(socket, int, family, int, type, int, protocol)
1519 {
1520 return __sys_socket(family, type, protocol);
1521 }
1522
1523
1524
1525
1526
1527 int __sys_socketpair(int family, int type, int protocol, int __user *usockvec)
1528 {
1529 struct socket *sock1, *sock2;
1530 int fd1, fd2, err;
1531 struct file *newfile1, *newfile2;
1532 int flags;
1533
1534 flags = type & ~SOCK_TYPE_MASK;
1535 if (flags & ~(SOCK_CLOEXEC | SOCK_NONBLOCK))
1536 return -EINVAL;
1537 type &= SOCK_TYPE_MASK;
1538
1539 if (SOCK_NONBLOCK != O_NONBLOCK && (flags & SOCK_NONBLOCK))
1540 flags = (flags & ~SOCK_NONBLOCK) | O_NONBLOCK;
1541
1542
1543
1544
1545
1546 fd1 = get_unused_fd_flags(flags);
1547 if (unlikely(fd1 < 0))
1548 return fd1;
1549
1550 fd2 = get_unused_fd_flags(flags);
1551 if (unlikely(fd2 < 0)) {
1552 put_unused_fd(fd1);
1553 return fd2;
1554 }
1555
1556 err = put_user(fd1, &usockvec[0]);
1557 if (err)
1558 goto out;
1559
1560 err = put_user(fd2, &usockvec[1]);
1561 if (err)
1562 goto out;
1563
1564
1565
1566
1567
1568
1569 err = sock_create(family, type, protocol, &sock1);
1570 if (unlikely(err < 0))
1571 goto out;
1572
1573 err = sock_create(family, type, protocol, &sock2);
1574 if (unlikely(err < 0)) {
1575 sock_release(sock1);
1576 goto out;
1577 }
1578
1579 err = security_socket_socketpair(sock1, sock2);
1580 if (unlikely(err)) {
1581 sock_release(sock2);
1582 sock_release(sock1);
1583 goto out;
1584 }
1585
1586 err = sock1->ops->socketpair(sock1, sock2);
1587 if (unlikely(err < 0)) {
1588 sock_release(sock2);
1589 sock_release(sock1);
1590 goto out;
1591 }
1592
1593 newfile1 = sock_alloc_file(sock1, flags, NULL);
1594 if (IS_ERR(newfile1)) {
1595 err = PTR_ERR(newfile1);
1596 sock_release(sock2);
1597 goto out;
1598 }
1599
1600 newfile2 = sock_alloc_file(sock2, flags, NULL);
1601 if (IS_ERR(newfile2)) {
1602 err = PTR_ERR(newfile2);
1603 fput(newfile1);
1604 goto out;
1605 }
1606
1607 audit_fd_pair(fd1, fd2);
1608
1609 fd_install(fd1, newfile1);
1610 fd_install(fd2, newfile2);
1611 return 0;
1612
1613 out:
1614 put_unused_fd(fd2);
1615 put_unused_fd(fd1);
1616 return err;
1617 }
1618
1619 SYSCALL_DEFINE4(socketpair, int, family, int, type, int, protocol,
1620 int __user *, usockvec)
1621 {
1622 return __sys_socketpair(family, type, protocol, usockvec);
1623 }
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633 int __sys_bind(int fd, struct sockaddr __user *umyaddr, int addrlen)
1634 {
1635 struct socket *sock;
1636 struct sockaddr_storage address;
1637 int err, fput_needed;
1638
1639 sock = sockfd_lookup_light(fd, &err, &fput_needed);
1640 if (sock) {
1641 err = move_addr_to_kernel(umyaddr, addrlen, &address);
1642 if (!err) {
1643 err = security_socket_bind(sock,
1644 (struct sockaddr *)&address,
1645 addrlen);
1646 if (!err)
1647 err = sock->ops->bind(sock,
1648 (struct sockaddr *)
1649 &address, addrlen);
1650 }
1651 fput_light(sock->file, fput_needed);
1652 }
1653 return err;
1654 }
1655
1656 SYSCALL_DEFINE3(bind, int, fd, struct sockaddr __user *, umyaddr, int, addrlen)
1657 {
1658 return __sys_bind(fd, umyaddr, addrlen);
1659 }
1660
1661
1662
1663
1664
1665
1666
1667 int __sys_listen(int fd, int backlog)
1668 {
1669 struct socket *sock;
1670 int err, fput_needed;
1671 int somaxconn;
1672
1673 sock = sockfd_lookup_light(fd, &err, &fput_needed);
1674 if (sock) {
1675 somaxconn = sock_net(sock->sk)->core.sysctl_somaxconn;
1676 if ((unsigned int)backlog > somaxconn)
1677 backlog = somaxconn;
1678
1679 err = security_socket_listen(sock, backlog);
1680 if (!err)
1681 err = sock->ops->listen(sock, backlog);
1682
1683 fput_light(sock->file, fput_needed);
1684 }
1685 return err;
1686 }
1687
1688 SYSCALL_DEFINE2(listen, int, fd, int, backlog)
1689 {
1690 return __sys_listen(fd, backlog);
1691 }
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705 int __sys_accept4(int fd, struct sockaddr __user *upeer_sockaddr,
1706 int __user *upeer_addrlen, int flags)
1707 {
1708 struct socket *sock, *newsock;
1709 struct file *newfile;
1710 int err, len, newfd, fput_needed;
1711 struct sockaddr_storage address;
1712
1713 if (flags & ~(SOCK_CLOEXEC | SOCK_NONBLOCK))
1714 return -EINVAL;
1715
1716 if (SOCK_NONBLOCK != O_NONBLOCK && (flags & SOCK_NONBLOCK))
1717 flags = (flags & ~SOCK_NONBLOCK) | O_NONBLOCK;
1718
1719 sock = sockfd_lookup_light(fd, &err, &fput_needed);
1720 if (!sock)
1721 goto out;
1722
1723 err = -ENFILE;
1724 newsock = sock_alloc();
1725 if (!newsock)
1726 goto out_put;
1727
1728 newsock->type = sock->type;
1729 newsock->ops = sock->ops;
1730
1731
1732
1733
1734
1735 __module_get(newsock->ops->owner);
1736
1737 newfd = get_unused_fd_flags(flags);
1738 if (unlikely(newfd < 0)) {
1739 err = newfd;
1740 sock_release(newsock);
1741 goto out_put;
1742 }
1743 newfile = sock_alloc_file(newsock, flags, sock->sk->sk_prot_creator->name);
1744 if (IS_ERR(newfile)) {
1745 err = PTR_ERR(newfile);
1746 put_unused_fd(newfd);
1747 goto out_put;
1748 }
1749
1750 err = security_socket_accept(sock, newsock);
1751 if (err)
1752 goto out_fd;
1753
1754 err = sock->ops->accept(sock, newsock, sock->file->f_flags, false);
1755 if (err < 0)
1756 goto out_fd;
1757
1758 if (upeer_sockaddr) {
1759 len = newsock->ops->getname(newsock,
1760 (struct sockaddr *)&address, 2);
1761 if (len < 0) {
1762 err = -ECONNABORTED;
1763 goto out_fd;
1764 }
1765 err = move_addr_to_user(&address,
1766 len, upeer_sockaddr, upeer_addrlen);
1767 if (err < 0)
1768 goto out_fd;
1769 }
1770
1771
1772
1773 fd_install(newfd, newfile);
1774 err = newfd;
1775
1776 out_put:
1777 fput_light(sock->file, fput_needed);
1778 out:
1779 return err;
1780 out_fd:
1781 fput(newfile);
1782 put_unused_fd(newfd);
1783 goto out_put;
1784 }
1785
1786 SYSCALL_DEFINE4(accept4, int, fd, struct sockaddr __user *, upeer_sockaddr,
1787 int __user *, upeer_addrlen, int, flags)
1788 {
1789 return __sys_accept4(fd, upeer_sockaddr, upeer_addrlen, flags);
1790 }
1791
1792 SYSCALL_DEFINE3(accept, int, fd, struct sockaddr __user *, upeer_sockaddr,
1793 int __user *, upeer_addrlen)
1794 {
1795 return __sys_accept4(fd, upeer_sockaddr, upeer_addrlen, 0);
1796 }
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810 int __sys_connect(int fd, struct sockaddr __user *uservaddr, int addrlen)
1811 {
1812 struct socket *sock;
1813 struct sockaddr_storage address;
1814 int err, fput_needed;
1815
1816 sock = sockfd_lookup_light(fd, &err, &fput_needed);
1817 if (!sock)
1818 goto out;
1819 err = move_addr_to_kernel(uservaddr, addrlen, &address);
1820 if (err < 0)
1821 goto out_put;
1822
1823 err =
1824 security_socket_connect(sock, (struct sockaddr *)&address, addrlen);
1825 if (err)
1826 goto out_put;
1827
1828 err = sock->ops->connect(sock, (struct sockaddr *)&address, addrlen,
1829 sock->file->f_flags);
1830 out_put:
1831 fput_light(sock->file, fput_needed);
1832 out:
1833 return err;
1834 }
1835
1836 SYSCALL_DEFINE3(connect, int, fd, struct sockaddr __user *, uservaddr,
1837 int, addrlen)
1838 {
1839 return __sys_connect(fd, uservaddr, addrlen);
1840 }
1841
1842
1843
1844
1845
1846
1847 int __sys_getsockname(int fd, struct sockaddr __user *usockaddr,
1848 int __user *usockaddr_len)
1849 {
1850 struct socket *sock;
1851 struct sockaddr_storage address;
1852 int err, fput_needed;
1853
1854 sock = sockfd_lookup_light(fd, &err, &fput_needed);
1855 if (!sock)
1856 goto out;
1857
1858 err = security_socket_getsockname(sock);
1859 if (err)
1860 goto out_put;
1861
1862 err = sock->ops->getname(sock, (struct sockaddr *)&address, 0);
1863 if (err < 0)
1864 goto out_put;
1865
1866 err = move_addr_to_user(&address, err, usockaddr, usockaddr_len);
1867
1868 out_put:
1869 fput_light(sock->file, fput_needed);
1870 out:
1871 return err;
1872 }
1873
1874 SYSCALL_DEFINE3(getsockname, int, fd, struct sockaddr __user *, usockaddr,
1875 int __user *, usockaddr_len)
1876 {
1877 return __sys_getsockname(fd, usockaddr, usockaddr_len);
1878 }
1879
1880
1881
1882
1883
1884
1885 int __sys_getpeername(int fd, struct sockaddr __user *usockaddr,
1886 int __user *usockaddr_len)
1887 {
1888 struct socket *sock;
1889 struct sockaddr_storage address;
1890 int err, fput_needed;
1891
1892 sock = sockfd_lookup_light(fd, &err, &fput_needed);
1893 if (sock != NULL) {
1894 err = security_socket_getpeername(sock);
1895 if (err) {
1896 fput_light(sock->file, fput_needed);
1897 return err;
1898 }
1899
1900 err = sock->ops->getname(sock, (struct sockaddr *)&address, 1);
1901 if (err >= 0)
1902
1903 err = move_addr_to_user(&address, err, usockaddr,
1904 usockaddr_len);
1905 fput_light(sock->file, fput_needed);
1906 }
1907 return err;
1908 }
1909
1910 SYSCALL_DEFINE3(getpeername, int, fd, struct sockaddr __user *, usockaddr,
1911 int __user *, usockaddr_len)
1912 {
1913 return __sys_getpeername(fd, usockaddr, usockaddr_len);
1914 }
1915
1916
1917
1918
1919
1920
1921 int __sys_sendto(int fd, void __user *buff, size_t len, unsigned int flags,
1922 struct sockaddr __user *addr, int addr_len)
1923 {
1924 struct socket *sock;
1925 struct sockaddr_storage address;
1926 int err;
1927 struct msghdr msg;
1928 struct iovec iov;
1929 int fput_needed;
1930
1931 err = import_single_range(WRITE, buff, len, &iov, &msg.msg_iter);
1932 if (unlikely(err))
1933 return err;
1934 sock = sockfd_lookup_light(fd, &err, &fput_needed);
1935 if (!sock)
1936 goto out;
1937
1938 msg.msg_name = NULL;
1939 msg.msg_control = NULL;
1940 msg.msg_controllen = 0;
1941 msg.msg_namelen = 0;
1942 if (addr) {
1943 err = move_addr_to_kernel(addr, addr_len, &address);
1944 if (err < 0)
1945 goto out_put;
1946 msg.msg_name = (struct sockaddr *)&address;
1947 msg.msg_namelen = addr_len;
1948 }
1949 if (sock->file->f_flags & O_NONBLOCK)
1950 flags |= MSG_DONTWAIT;
1951 msg.msg_flags = flags;
1952 err = sock_sendmsg(sock, &msg);
1953
1954 out_put:
1955 fput_light(sock->file, fput_needed);
1956 out:
1957 return err;
1958 }
1959
1960 SYSCALL_DEFINE6(sendto, int, fd, void __user *, buff, size_t, len,
1961 unsigned int, flags, struct sockaddr __user *, addr,
1962 int, addr_len)
1963 {
1964 return __sys_sendto(fd, buff, len, flags, addr, addr_len);
1965 }
1966
1967
1968
1969
1970
1971 SYSCALL_DEFINE4(send, int, fd, void __user *, buff, size_t, len,
1972 unsigned int, flags)
1973 {
1974 return __sys_sendto(fd, buff, len, flags, NULL, 0);
1975 }
1976
1977
1978
1979
1980
1981
1982 int __sys_recvfrom(int fd, void __user *ubuf, size_t size, unsigned int flags,
1983 struct sockaddr __user *addr, int __user *addr_len)
1984 {
1985 struct socket *sock;
1986 struct iovec iov;
1987 struct msghdr msg;
1988 struct sockaddr_storage address;
1989 int err, err2;
1990 int fput_needed;
1991
1992 err = import_single_range(READ, ubuf, size, &iov, &msg.msg_iter);
1993 if (unlikely(err))
1994 return err;
1995 sock = sockfd_lookup_light(fd, &err, &fput_needed);
1996 if (!sock)
1997 goto out;
1998
1999 msg.msg_control = NULL;
2000 msg.msg_controllen = 0;
2001
2002 msg.msg_name = addr ? (struct sockaddr *)&address : NULL;
2003
2004 msg.msg_namelen = 0;
2005 msg.msg_iocb = NULL;
2006 msg.msg_flags = 0;
2007 if (sock->file->f_flags & O_NONBLOCK)
2008 flags |= MSG_DONTWAIT;
2009 err = sock_recvmsg(sock, &msg, flags);
2010
2011 if (err >= 0 && addr != NULL) {
2012 err2 = move_addr_to_user(&address,
2013 msg.msg_namelen, addr, addr_len);
2014 if (err2 < 0)
2015 err = err2;
2016 }
2017
2018 fput_light(sock->file, fput_needed);
2019 out:
2020 return err;
2021 }
2022
2023 SYSCALL_DEFINE6(recvfrom, int, fd, void __user *, ubuf, size_t, size,
2024 unsigned int, flags, struct sockaddr __user *, addr,
2025 int __user *, addr_len)
2026 {
2027 return __sys_recvfrom(fd, ubuf, size, flags, addr, addr_len);
2028 }
2029
2030
2031
2032
2033
2034 SYSCALL_DEFINE4(recv, int, fd, void __user *, ubuf, size_t, size,
2035 unsigned int, flags)
2036 {
2037 return __sys_recvfrom(fd, ubuf, size, flags, NULL, NULL);
2038 }
2039
2040
2041
2042
2043
2044
2045 static int __sys_setsockopt(int fd, int level, int optname,
2046 char __user *optval, int optlen)
2047 {
2048 mm_segment_t oldfs = get_fs();
2049 char *kernel_optval = NULL;
2050 int err, fput_needed;
2051 struct socket *sock;
2052
2053 if (optlen < 0)
2054 return -EINVAL;
2055
2056 sock = sockfd_lookup_light(fd, &err, &fput_needed);
2057 if (sock != NULL) {
2058 err = security_socket_setsockopt(sock, level, optname);
2059 if (err)
2060 goto out_put;
2061
2062 err = BPF_CGROUP_RUN_PROG_SETSOCKOPT(sock->sk, &level,
2063 &optname, optval, &optlen,
2064 &kernel_optval);
2065
2066 if (err < 0) {
2067 goto out_put;
2068 } else if (err > 0) {
2069 err = 0;
2070 goto out_put;
2071 }
2072
2073 if (kernel_optval) {
2074 set_fs(KERNEL_DS);
2075 optval = (char __user __force *)kernel_optval;
2076 }
2077
2078 if (level == SOL_SOCKET)
2079 err =
2080 sock_setsockopt(sock, level, optname, optval,
2081 optlen);
2082 else
2083 err =
2084 sock->ops->setsockopt(sock, level, optname, optval,
2085 optlen);
2086
2087 if (kernel_optval) {
2088 set_fs(oldfs);
2089 kfree(kernel_optval);
2090 }
2091 out_put:
2092 fput_light(sock->file, fput_needed);
2093 }
2094 return err;
2095 }
2096
2097 SYSCALL_DEFINE5(setsockopt, int, fd, int, level, int, optname,
2098 char __user *, optval, int, optlen)
2099 {
2100 return __sys_setsockopt(fd, level, optname, optval, optlen);
2101 }
2102
2103
2104
2105
2106
2107
2108 static int __sys_getsockopt(int fd, int level, int optname,
2109 char __user *optval, int __user *optlen)
2110 {
2111 int err, fput_needed;
2112 struct socket *sock;
2113 int max_optlen;
2114
2115 sock = sockfd_lookup_light(fd, &err, &fput_needed);
2116 if (sock != NULL) {
2117 err = security_socket_getsockopt(sock, level, optname);
2118 if (err)
2119 goto out_put;
2120
2121 max_optlen = BPF_CGROUP_GETSOCKOPT_MAX_OPTLEN(optlen);
2122
2123 if (level == SOL_SOCKET)
2124 err =
2125 sock_getsockopt(sock, level, optname, optval,
2126 optlen);
2127 else
2128 err =
2129 sock->ops->getsockopt(sock, level, optname, optval,
2130 optlen);
2131
2132 err = BPF_CGROUP_RUN_PROG_GETSOCKOPT(sock->sk, level, optname,
2133 optval, optlen,
2134 max_optlen, err);
2135 out_put:
2136 fput_light(sock->file, fput_needed);
2137 }
2138 return err;
2139 }
2140
2141 SYSCALL_DEFINE5(getsockopt, int, fd, int, level, int, optname,
2142 char __user *, optval, int __user *, optlen)
2143 {
2144 return __sys_getsockopt(fd, level, optname, optval, optlen);
2145 }
2146
2147
2148
2149
2150
2151 int __sys_shutdown(int fd, int how)
2152 {
2153 int err, fput_needed;
2154 struct socket *sock;
2155
2156 sock = sockfd_lookup_light(fd, &err, &fput_needed);
2157 if (sock != NULL) {
2158 err = security_socket_shutdown(sock, how);
2159 if (!err)
2160 err = sock->ops->shutdown(sock, how);
2161 fput_light(sock->file, fput_needed);
2162 }
2163 return err;
2164 }
2165
2166 SYSCALL_DEFINE2(shutdown, int, fd, int, how)
2167 {
2168 return __sys_shutdown(fd, how);
2169 }
2170
2171
2172
2173
2174 #define COMPAT_MSG(msg, member) ((MSG_CMSG_COMPAT & flags) ? &msg##_compat->member : &msg->member)
2175 #define COMPAT_NAMELEN(msg) COMPAT_MSG(msg, msg_namelen)
2176 #define COMPAT_FLAGS(msg) COMPAT_MSG(msg, msg_flags)
2177
2178 struct used_address {
2179 struct sockaddr_storage name;
2180 unsigned int name_len;
2181 };
2182
2183 static int copy_msghdr_from_user(struct msghdr *kmsg,
2184 struct user_msghdr __user *umsg,
2185 struct sockaddr __user **save_addr,
2186 struct iovec **iov)
2187 {
2188 struct user_msghdr msg;
2189 ssize_t err;
2190
2191 if (copy_from_user(&msg, umsg, sizeof(*umsg)))
2192 return -EFAULT;
2193
2194 kmsg->msg_control = (void __force *)msg.msg_control;
2195 kmsg->msg_controllen = msg.msg_controllen;
2196 kmsg->msg_flags = msg.msg_flags;
2197
2198 kmsg->msg_namelen = msg.msg_namelen;
2199 if (!msg.msg_name)
2200 kmsg->msg_namelen = 0;
2201
2202 if (kmsg->msg_namelen < 0)
2203 return -EINVAL;
2204
2205 if (kmsg->msg_namelen > sizeof(struct sockaddr_storage))
2206 kmsg->msg_namelen = sizeof(struct sockaddr_storage);
2207
2208 if (save_addr)
2209 *save_addr = msg.msg_name;
2210
2211 if (msg.msg_name && kmsg->msg_namelen) {
2212 if (!save_addr) {
2213 err = move_addr_to_kernel(msg.msg_name,
2214 kmsg->msg_namelen,
2215 kmsg->msg_name);
2216 if (err < 0)
2217 return err;
2218 }
2219 } else {
2220 kmsg->msg_name = NULL;
2221 kmsg->msg_namelen = 0;
2222 }
2223
2224 if (msg.msg_iovlen > UIO_MAXIOV)
2225 return -EMSGSIZE;
2226
2227 kmsg->msg_iocb = NULL;
2228
2229 err = import_iovec(save_addr ? READ : WRITE,
2230 msg.msg_iov, msg.msg_iovlen,
2231 UIO_FASTIOV, iov, &kmsg->msg_iter);
2232 return err < 0 ? err : 0;
2233 }
2234
2235 static int ____sys_sendmsg(struct socket *sock, struct msghdr *msg_sys,
2236 unsigned int flags, struct used_address *used_address,
2237 unsigned int allowed_msghdr_flags)
2238 {
2239 unsigned char ctl[sizeof(struct cmsghdr) + 20]
2240 __aligned(sizeof(__kernel_size_t));
2241
2242 unsigned char *ctl_buf = ctl;
2243 int ctl_len;
2244 ssize_t err;
2245
2246 err = -ENOBUFS;
2247
2248 if (msg_sys->msg_controllen > INT_MAX)
2249 goto out;
2250 flags |= (msg_sys->msg_flags & allowed_msghdr_flags);
2251 ctl_len = msg_sys->msg_controllen;
2252 if ((MSG_CMSG_COMPAT & flags) && ctl_len) {
2253 err =
2254 cmsghdr_from_user_compat_to_kern(msg_sys, sock->sk, ctl,
2255 sizeof(ctl));
2256 if (err)
2257 goto out;
2258 ctl_buf = msg_sys->msg_control;
2259 ctl_len = msg_sys->msg_controllen;
2260 } else if (ctl_len) {
2261 BUILD_BUG_ON(sizeof(struct cmsghdr) !=
2262 CMSG_ALIGN(sizeof(struct cmsghdr)));
2263 if (ctl_len > sizeof(ctl)) {
2264 ctl_buf = sock_kmalloc(sock->sk, ctl_len, GFP_KERNEL);
2265 if (ctl_buf == NULL)
2266 goto out;
2267 }
2268 err = -EFAULT;
2269
2270
2271
2272
2273
2274 if (copy_from_user(ctl_buf,
2275 (void __user __force *)msg_sys->msg_control,
2276 ctl_len))
2277 goto out_freectl;
2278 msg_sys->msg_control = ctl_buf;
2279 }
2280 msg_sys->msg_flags = flags;
2281
2282 if (sock->file->f_flags & O_NONBLOCK)
2283 msg_sys->msg_flags |= MSG_DONTWAIT;
2284
2285
2286
2287
2288
2289
2290 if (used_address && msg_sys->msg_name &&
2291 used_address->name_len == msg_sys->msg_namelen &&
2292 !memcmp(&used_address->name, msg_sys->msg_name,
2293 used_address->name_len)) {
2294 err = sock_sendmsg_nosec(sock, msg_sys);
2295 goto out_freectl;
2296 }
2297 err = sock_sendmsg(sock, msg_sys);
2298
2299
2300
2301
2302 if (used_address && err >= 0) {
2303 used_address->name_len = msg_sys->msg_namelen;
2304 if (msg_sys->msg_name)
2305 memcpy(&used_address->name, msg_sys->msg_name,
2306 used_address->name_len);
2307 }
2308
2309 out_freectl:
2310 if (ctl_buf != ctl)
2311 sock_kfree_s(sock->sk, ctl_buf, ctl_len);
2312 out:
2313 return err;
2314 }
2315
2316 static int sendmsg_copy_msghdr(struct msghdr *msg,
2317 struct user_msghdr __user *umsg, unsigned flags,
2318 struct iovec **iov)
2319 {
2320 int err;
2321
2322 if (flags & MSG_CMSG_COMPAT) {
2323 struct compat_msghdr __user *msg_compat;
2324
2325 msg_compat = (struct compat_msghdr __user *) umsg;
2326 err = get_compat_msghdr(msg, msg_compat, NULL, iov);
2327 } else {
2328 err = copy_msghdr_from_user(msg, umsg, NULL, iov);
2329 }
2330 if (err < 0)
2331 return err;
2332
2333 return 0;
2334 }
2335
2336 static int ___sys_sendmsg(struct socket *sock, struct user_msghdr __user *msg,
2337 struct msghdr *msg_sys, unsigned int flags,
2338 struct used_address *used_address,
2339 unsigned int allowed_msghdr_flags)
2340 {
2341 struct sockaddr_storage address;
2342 struct iovec iovstack[UIO_FASTIOV], *iov = iovstack;
2343 ssize_t err;
2344
2345 msg_sys->msg_name = &address;
2346
2347 err = sendmsg_copy_msghdr(msg_sys, msg, flags, &iov);
2348 if (err < 0)
2349 return err;
2350
2351 err = ____sys_sendmsg(sock, msg_sys, flags, used_address,
2352 allowed_msghdr_flags);
2353 kfree(iov);
2354 return err;
2355 }
2356
2357
2358
2359
2360 long __sys_sendmsg_sock(struct socket *sock, struct user_msghdr __user *umsg,
2361 unsigned int flags)
2362 {
2363 struct iovec iovstack[UIO_FASTIOV], *iov = iovstack;
2364 struct sockaddr_storage address;
2365 struct msghdr msg = { .msg_name = &address };
2366 ssize_t err;
2367
2368 err = sendmsg_copy_msghdr(&msg, umsg, flags, &iov);
2369 if (err)
2370 return err;
2371
2372 if (msg.msg_control || msg.msg_controllen) {
2373 err = -EINVAL;
2374 goto out;
2375 }
2376
2377 err = ____sys_sendmsg(sock, &msg, flags, NULL, 0);
2378 out:
2379 kfree(iov);
2380 return err;
2381 }
2382
2383 long __sys_sendmsg(int fd, struct user_msghdr __user *msg, unsigned int flags,
2384 bool forbid_cmsg_compat)
2385 {
2386 int fput_needed, err;
2387 struct msghdr msg_sys;
2388 struct socket *sock;
2389
2390 if (forbid_cmsg_compat && (flags & MSG_CMSG_COMPAT))
2391 return -EINVAL;
2392
2393 sock = sockfd_lookup_light(fd, &err, &fput_needed);
2394 if (!sock)
2395 goto out;
2396
2397 err = ___sys_sendmsg(sock, msg, &msg_sys, flags, NULL, 0);
2398
2399 fput_light(sock->file, fput_needed);
2400 out:
2401 return err;
2402 }
2403
2404 SYSCALL_DEFINE3(sendmsg, int, fd, struct user_msghdr __user *, msg, unsigned int, flags)
2405 {
2406 return __sys_sendmsg(fd, msg, flags, true);
2407 }
2408
2409
2410
2411
2412
2413 int __sys_sendmmsg(int fd, struct mmsghdr __user *mmsg, unsigned int vlen,
2414 unsigned int flags, bool forbid_cmsg_compat)
2415 {
2416 int fput_needed, err, datagrams;
2417 struct socket *sock;
2418 struct mmsghdr __user *entry;
2419 struct compat_mmsghdr __user *compat_entry;
2420 struct msghdr msg_sys;
2421 struct used_address used_address;
2422 unsigned int oflags = flags;
2423
2424 if (forbid_cmsg_compat && (flags & MSG_CMSG_COMPAT))
2425 return -EINVAL;
2426
2427 if (vlen > UIO_MAXIOV)
2428 vlen = UIO_MAXIOV;
2429
2430 datagrams = 0;
2431
2432 sock = sockfd_lookup_light(fd, &err, &fput_needed);
2433 if (!sock)
2434 return err;
2435
2436 used_address.name_len = UINT_MAX;
2437 entry = mmsg;
2438 compat_entry = (struct compat_mmsghdr __user *)mmsg;
2439 err = 0;
2440 flags |= MSG_BATCH;
2441
2442 while (datagrams < vlen) {
2443 if (datagrams == vlen - 1)
2444 flags = oflags;
2445
2446 if (MSG_CMSG_COMPAT & flags) {
2447 err = ___sys_sendmsg(sock, (struct user_msghdr __user *)compat_entry,
2448 &msg_sys, flags, &used_address, MSG_EOR);
2449 if (err < 0)
2450 break;
2451 err = __put_user(err, &compat_entry->msg_len);
2452 ++compat_entry;
2453 } else {
2454 err = ___sys_sendmsg(sock,
2455 (struct user_msghdr __user *)entry,
2456 &msg_sys, flags, &used_address, MSG_EOR);
2457 if (err < 0)
2458 break;
2459 err = put_user(err, &entry->msg_len);
2460 ++entry;
2461 }
2462
2463 if (err)
2464 break;
2465 ++datagrams;
2466 if (msg_data_left(&msg_sys))
2467 break;
2468 cond_resched();
2469 }
2470
2471 fput_light(sock->file, fput_needed);
2472
2473
2474 if (datagrams != 0)
2475 return datagrams;
2476
2477 return err;
2478 }
2479
2480 SYSCALL_DEFINE4(sendmmsg, int, fd, struct mmsghdr __user *, mmsg,
2481 unsigned int, vlen, unsigned int, flags)
2482 {
2483 return __sys_sendmmsg(fd, mmsg, vlen, flags, true);
2484 }
2485
2486 static int recvmsg_copy_msghdr(struct msghdr *msg,
2487 struct user_msghdr __user *umsg, unsigned flags,
2488 struct sockaddr __user **uaddr,
2489 struct iovec **iov)
2490 {
2491 ssize_t err;
2492
2493 if (MSG_CMSG_COMPAT & flags) {
2494 struct compat_msghdr __user *msg_compat;
2495
2496 msg_compat = (struct compat_msghdr __user *) umsg;
2497 err = get_compat_msghdr(msg, msg_compat, uaddr, iov);
2498 } else {
2499 err = copy_msghdr_from_user(msg, umsg, uaddr, iov);
2500 }
2501 if (err < 0)
2502 return err;
2503
2504 return 0;
2505 }
2506
2507 static int ____sys_recvmsg(struct socket *sock, struct msghdr *msg_sys,
2508 struct user_msghdr __user *msg,
2509 struct sockaddr __user *uaddr,
2510 unsigned int flags, int nosec)
2511 {
2512 struct compat_msghdr __user *msg_compat =
2513 (struct compat_msghdr __user *) msg;
2514 int __user *uaddr_len = COMPAT_NAMELEN(msg);
2515 struct sockaddr_storage addr;
2516 unsigned long cmsg_ptr;
2517 int len;
2518 ssize_t err;
2519
2520 msg_sys->msg_name = &addr;
2521 cmsg_ptr = (unsigned long)msg_sys->msg_control;
2522 msg_sys->msg_flags = flags & (MSG_CMSG_CLOEXEC|MSG_CMSG_COMPAT);
2523
2524
2525 msg_sys->msg_namelen = 0;
2526
2527 if (sock->file->f_flags & O_NONBLOCK)
2528 flags |= MSG_DONTWAIT;
2529 err = (nosec ? sock_recvmsg_nosec : sock_recvmsg)(sock, msg_sys, flags);
2530 if (err < 0)
2531 goto out;
2532 len = err;
2533
2534 if (uaddr != NULL) {
2535 err = move_addr_to_user(&addr,
2536 msg_sys->msg_namelen, uaddr,
2537 uaddr_len);
2538 if (err < 0)
2539 goto out;
2540 }
2541 err = __put_user((msg_sys->msg_flags & ~MSG_CMSG_COMPAT),
2542 COMPAT_FLAGS(msg));
2543 if (err)
2544 goto out;
2545 if (MSG_CMSG_COMPAT & flags)
2546 err = __put_user((unsigned long)msg_sys->msg_control - cmsg_ptr,
2547 &msg_compat->msg_controllen);
2548 else
2549 err = __put_user((unsigned long)msg_sys->msg_control - cmsg_ptr,
2550 &msg->msg_controllen);
2551 if (err)
2552 goto out;
2553 err = len;
2554 out:
2555 return err;
2556 }
2557
2558 static int ___sys_recvmsg(struct socket *sock, struct user_msghdr __user *msg,
2559 struct msghdr *msg_sys, unsigned int flags, int nosec)
2560 {
2561 struct iovec iovstack[UIO_FASTIOV], *iov = iovstack;
2562
2563 struct sockaddr __user *uaddr;
2564 ssize_t err;
2565
2566 err = recvmsg_copy_msghdr(msg_sys, msg, flags, &uaddr, &iov);
2567 if (err < 0)
2568 return err;
2569
2570 err = ____sys_recvmsg(sock, msg_sys, msg, uaddr, flags, nosec);
2571 kfree(iov);
2572 return err;
2573 }
2574
2575
2576
2577
2578
2579 long __sys_recvmsg_sock(struct socket *sock, struct user_msghdr __user *umsg,
2580 unsigned int flags)
2581 {
2582 struct iovec iovstack[UIO_FASTIOV], *iov = iovstack;
2583 struct sockaddr_storage address;
2584 struct msghdr msg = { .msg_name = &address };
2585 struct sockaddr __user *uaddr;
2586 ssize_t err;
2587
2588 err = recvmsg_copy_msghdr(&msg, umsg, flags, &uaddr, &iov);
2589 if (err)
2590 return err;
2591
2592 if (msg.msg_control || msg.msg_controllen) {
2593 err = -EINVAL;
2594 goto out;
2595 }
2596
2597 err = ____sys_recvmsg(sock, &msg, umsg, uaddr, flags, 0);
2598 out:
2599 kfree(iov);
2600 return err;
2601 }
2602
2603 long __sys_recvmsg(int fd, struct user_msghdr __user *msg, unsigned int flags,
2604 bool forbid_cmsg_compat)
2605 {
2606 int fput_needed, err;
2607 struct msghdr msg_sys;
2608 struct socket *sock;
2609
2610 if (forbid_cmsg_compat && (flags & MSG_CMSG_COMPAT))
2611 return -EINVAL;
2612
2613 sock = sockfd_lookup_light(fd, &err, &fput_needed);
2614 if (!sock)
2615 goto out;
2616
2617 err = ___sys_recvmsg(sock, msg, &msg_sys, flags, 0);
2618
2619 fput_light(sock->file, fput_needed);
2620 out:
2621 return err;
2622 }
2623
2624 SYSCALL_DEFINE3(recvmsg, int, fd, struct user_msghdr __user *, msg,
2625 unsigned int, flags)
2626 {
2627 return __sys_recvmsg(fd, msg, flags, true);
2628 }
2629
2630
2631
2632
2633
2634 static int do_recvmmsg(int fd, struct mmsghdr __user *mmsg,
2635 unsigned int vlen, unsigned int flags,
2636 struct timespec64 *timeout)
2637 {
2638 int fput_needed, err, datagrams;
2639 struct socket *sock;
2640 struct mmsghdr __user *entry;
2641 struct compat_mmsghdr __user *compat_entry;
2642 struct msghdr msg_sys;
2643 struct timespec64 end_time;
2644 struct timespec64 timeout64;
2645
2646 if (timeout &&
2647 poll_select_set_timeout(&end_time, timeout->tv_sec,
2648 timeout->tv_nsec))
2649 return -EINVAL;
2650
2651 datagrams = 0;
2652
2653 sock = sockfd_lookup_light(fd, &err, &fput_needed);
2654 if (!sock)
2655 return err;
2656
2657 if (likely(!(flags & MSG_ERRQUEUE))) {
2658 err = sock_error(sock->sk);
2659 if (err) {
2660 datagrams = err;
2661 goto out_put;
2662 }
2663 }
2664
2665 entry = mmsg;
2666 compat_entry = (struct compat_mmsghdr __user *)mmsg;
2667
2668 while (datagrams < vlen) {
2669
2670
2671
2672 if (MSG_CMSG_COMPAT & flags) {
2673 err = ___sys_recvmsg(sock, (struct user_msghdr __user *)compat_entry,
2674 &msg_sys, flags & ~MSG_WAITFORONE,
2675 datagrams);
2676 if (err < 0)
2677 break;
2678 err = __put_user(err, &compat_entry->msg_len);
2679 ++compat_entry;
2680 } else {
2681 err = ___sys_recvmsg(sock,
2682 (struct user_msghdr __user *)entry,
2683 &msg_sys, flags & ~MSG_WAITFORONE,
2684 datagrams);
2685 if (err < 0)
2686 break;
2687 err = put_user(err, &entry->msg_len);
2688 ++entry;
2689 }
2690
2691 if (err)
2692 break;
2693 ++datagrams;
2694
2695
2696 if (flags & MSG_WAITFORONE)
2697 flags |= MSG_DONTWAIT;
2698
2699 if (timeout) {
2700 ktime_get_ts64(&timeout64);
2701 *timeout = timespec64_sub(end_time, timeout64);
2702 if (timeout->tv_sec < 0) {
2703 timeout->tv_sec = timeout->tv_nsec = 0;
2704 break;
2705 }
2706
2707
2708 if (timeout->tv_nsec == 0 && timeout->tv_sec == 0)
2709 break;
2710 }
2711
2712
2713 if (msg_sys.msg_flags & MSG_OOB)
2714 break;
2715 cond_resched();
2716 }
2717
2718 if (err == 0)
2719 goto out_put;
2720
2721 if (datagrams == 0) {
2722 datagrams = err;
2723 goto out_put;
2724 }
2725
2726
2727
2728
2729
2730 if (err != -EAGAIN) {
2731
2732
2733
2734
2735
2736
2737 sock->sk->sk_err = -err;
2738 }
2739 out_put:
2740 fput_light(sock->file, fput_needed);
2741
2742 return datagrams;
2743 }
2744
2745 int __sys_recvmmsg(int fd, struct mmsghdr __user *mmsg,
2746 unsigned int vlen, unsigned int flags,
2747 struct __kernel_timespec __user *timeout,
2748 struct old_timespec32 __user *timeout32)
2749 {
2750 int datagrams;
2751 struct timespec64 timeout_sys;
2752
2753 if (timeout && get_timespec64(&timeout_sys, timeout))
2754 return -EFAULT;
2755
2756 if (timeout32 && get_old_timespec32(&timeout_sys, timeout32))
2757 return -EFAULT;
2758
2759 if (!timeout && !timeout32)
2760 return do_recvmmsg(fd, mmsg, vlen, flags, NULL);
2761
2762 datagrams = do_recvmmsg(fd, mmsg, vlen, flags, &timeout_sys);
2763
2764 if (datagrams <= 0)
2765 return datagrams;
2766
2767 if (timeout && put_timespec64(&timeout_sys, timeout))
2768 datagrams = -EFAULT;
2769
2770 if (timeout32 && put_old_timespec32(&timeout_sys, timeout32))
2771 datagrams = -EFAULT;
2772
2773 return datagrams;
2774 }
2775
2776 SYSCALL_DEFINE5(recvmmsg, int, fd, struct mmsghdr __user *, mmsg,
2777 unsigned int, vlen, unsigned int, flags,
2778 struct __kernel_timespec __user *, timeout)
2779 {
2780 if (flags & MSG_CMSG_COMPAT)
2781 return -EINVAL;
2782
2783 return __sys_recvmmsg(fd, mmsg, vlen, flags, timeout, NULL);
2784 }
2785
2786 #ifdef CONFIG_COMPAT_32BIT_TIME
2787 SYSCALL_DEFINE5(recvmmsg_time32, int, fd, struct mmsghdr __user *, mmsg,
2788 unsigned int, vlen, unsigned int, flags,
2789 struct old_timespec32 __user *, timeout)
2790 {
2791 if (flags & MSG_CMSG_COMPAT)
2792 return -EINVAL;
2793
2794 return __sys_recvmmsg(fd, mmsg, vlen, flags, NULL, timeout);
2795 }
2796 #endif
2797
2798 #ifdef __ARCH_WANT_SYS_SOCKETCALL
2799
2800 #define AL(x) ((x) * sizeof(unsigned long))
2801 static const unsigned char nargs[21] = {
2802 AL(0), AL(3), AL(3), AL(3), AL(2), AL(3),
2803 AL(3), AL(3), AL(4), AL(4), AL(4), AL(6),
2804 AL(6), AL(2), AL(5), AL(5), AL(3), AL(3),
2805 AL(4), AL(5), AL(4)
2806 };
2807
2808 #undef AL
2809
2810
2811
2812
2813
2814
2815
2816
2817
2818 SYSCALL_DEFINE2(socketcall, int, call, unsigned long __user *, args)
2819 {
2820 unsigned long a[AUDITSC_ARGS];
2821 unsigned long a0, a1;
2822 int err;
2823 unsigned int len;
2824
2825 if (call < 1 || call > SYS_SENDMMSG)
2826 return -EINVAL;
2827 call = array_index_nospec(call, SYS_SENDMMSG + 1);
2828
2829 len = nargs[call];
2830 if (len > sizeof(a))
2831 return -EINVAL;
2832
2833
2834 if (copy_from_user(a, args, len))
2835 return -EFAULT;
2836
2837 err = audit_socketcall(nargs[call] / sizeof(unsigned long), a);
2838 if (err)
2839 return err;
2840
2841 a0 = a[0];
2842 a1 = a[1];
2843
2844 switch (call) {
2845 case SYS_SOCKET:
2846 err = __sys_socket(a0, a1, a[2]);
2847 break;
2848 case SYS_BIND:
2849 err = __sys_bind(a0, (struct sockaddr __user *)a1, a[2]);
2850 break;
2851 case SYS_CONNECT:
2852 err = __sys_connect(a0, (struct sockaddr __user *)a1, a[2]);
2853 break;
2854 case SYS_LISTEN:
2855 err = __sys_listen(a0, a1);
2856 break;
2857 case SYS_ACCEPT:
2858 err = __sys_accept4(a0, (struct sockaddr __user *)a1,
2859 (int __user *)a[2], 0);
2860 break;
2861 case SYS_GETSOCKNAME:
2862 err =
2863 __sys_getsockname(a0, (struct sockaddr __user *)a1,
2864 (int __user *)a[2]);
2865 break;
2866 case SYS_GETPEERNAME:
2867 err =
2868 __sys_getpeername(a0, (struct sockaddr __user *)a1,
2869 (int __user *)a[2]);
2870 break;
2871 case SYS_SOCKETPAIR:
2872 err = __sys_socketpair(a0, a1, a[2], (int __user *)a[3]);
2873 break;
2874 case SYS_SEND:
2875 err = __sys_sendto(a0, (void __user *)a1, a[2], a[3],
2876 NULL, 0);
2877 break;
2878 case SYS_SENDTO:
2879 err = __sys_sendto(a0, (void __user *)a1, a[2], a[3],
2880 (struct sockaddr __user *)a[4], a[5]);
2881 break;
2882 case SYS_RECV:
2883 err = __sys_recvfrom(a0, (void __user *)a1, a[2], a[3],
2884 NULL, NULL);
2885 break;
2886 case SYS_RECVFROM:
2887 err = __sys_recvfrom(a0, (void __user *)a1, a[2], a[3],
2888 (struct sockaddr __user *)a[4],
2889 (int __user *)a[5]);
2890 break;
2891 case SYS_SHUTDOWN:
2892 err = __sys_shutdown(a0, a1);
2893 break;
2894 case SYS_SETSOCKOPT:
2895 err = __sys_setsockopt(a0, a1, a[2], (char __user *)a[3],
2896 a[4]);
2897 break;
2898 case SYS_GETSOCKOPT:
2899 err =
2900 __sys_getsockopt(a0, a1, a[2], (char __user *)a[3],
2901 (int __user *)a[4]);
2902 break;
2903 case SYS_SENDMSG:
2904 err = __sys_sendmsg(a0, (struct user_msghdr __user *)a1,
2905 a[2], true);
2906 break;
2907 case SYS_SENDMMSG:
2908 err = __sys_sendmmsg(a0, (struct mmsghdr __user *)a1, a[2],
2909 a[3], true);
2910 break;
2911 case SYS_RECVMSG:
2912 err = __sys_recvmsg(a0, (struct user_msghdr __user *)a1,
2913 a[2], true);
2914 break;
2915 case SYS_RECVMMSG:
2916 if (IS_ENABLED(CONFIG_64BIT) || !IS_ENABLED(CONFIG_64BIT_TIME))
2917 err = __sys_recvmmsg(a0, (struct mmsghdr __user *)a1,
2918 a[2], a[3],
2919 (struct __kernel_timespec __user *)a[4],
2920 NULL);
2921 else
2922 err = __sys_recvmmsg(a0, (struct mmsghdr __user *)a1,
2923 a[2], a[3], NULL,
2924 (struct old_timespec32 __user *)a[4]);
2925 break;
2926 case SYS_ACCEPT4:
2927 err = __sys_accept4(a0, (struct sockaddr __user *)a1,
2928 (int __user *)a[2], a[3]);
2929 break;
2930 default:
2931 err = -EINVAL;
2932 break;
2933 }
2934 return err;
2935 }
2936
2937 #endif
2938
2939
2940
2941
2942
2943
2944
2945
2946
2947
2948 int sock_register(const struct net_proto_family *ops)
2949 {
2950 int err;
2951
2952 if (ops->family >= NPROTO) {
2953 pr_crit("protocol %d >= NPROTO(%d)\n", ops->family, NPROTO);
2954 return -ENOBUFS;
2955 }
2956
2957 spin_lock(&net_family_lock);
2958 if (rcu_dereference_protected(net_families[ops->family],
2959 lockdep_is_held(&net_family_lock)))
2960 err = -EEXIST;
2961 else {
2962 rcu_assign_pointer(net_families[ops->family], ops);
2963 err = 0;
2964 }
2965 spin_unlock(&net_family_lock);
2966
2967 pr_info("NET: Registered protocol family %d\n", ops->family);
2968 return err;
2969 }
2970 EXPORT_SYMBOL(sock_register);
2971
2972
2973
2974
2975
2976
2977
2978
2979
2980
2981
2982
2983
2984
2985 void sock_unregister(int family)
2986 {
2987 BUG_ON(family < 0 || family >= NPROTO);
2988
2989 spin_lock(&net_family_lock);
2990 RCU_INIT_POINTER(net_families[family], NULL);
2991 spin_unlock(&net_family_lock);
2992
2993 synchronize_rcu();
2994
2995 pr_info("NET: Unregistered protocol family %d\n", family);
2996 }
2997 EXPORT_SYMBOL(sock_unregister);
2998
2999 bool sock_is_registered(int family)
3000 {
3001 return family < NPROTO && rcu_access_pointer(net_families[family]);
3002 }
3003
3004 static int __init sock_init(void)
3005 {
3006 int err;
3007
3008
3009
3010 err = net_sysctl_init();
3011 if (err)
3012 goto out;
3013
3014
3015
3016
3017 skb_init();
3018
3019
3020
3021
3022
3023 init_inodecache();
3024
3025 err = register_filesystem(&sock_fs_type);
3026 if (err)
3027 goto out_fs;
3028 sock_mnt = kern_mount(&sock_fs_type);
3029 if (IS_ERR(sock_mnt)) {
3030 err = PTR_ERR(sock_mnt);
3031 goto out_mount;
3032 }
3033
3034
3035
3036
3037 #ifdef CONFIG_NETFILTER
3038 err = netfilter_init();
3039 if (err)
3040 goto out;
3041 #endif
3042
3043 ptp_classifier_init();
3044
3045 out:
3046 return err;
3047
3048 out_mount:
3049 unregister_filesystem(&sock_fs_type);
3050 out_fs:
3051 goto out;
3052 }
3053
3054 core_initcall(sock_init);
3055
3056 #ifdef CONFIG_PROC_FS
3057 void socket_seq_show(struct seq_file *seq)
3058 {
3059 seq_printf(seq, "sockets: used %d\n",
3060 sock_inuse_get(seq->private));
3061 }
3062 #endif
3063
3064 #ifdef CONFIG_COMPAT
3065 static int compat_dev_ifconf(struct net *net, struct compat_ifconf __user *uifc32)
3066 {
3067 struct compat_ifconf ifc32;
3068 struct ifconf ifc;
3069 int err;
3070
3071 if (copy_from_user(&ifc32, uifc32, sizeof(struct compat_ifconf)))
3072 return -EFAULT;
3073
3074 ifc.ifc_len = ifc32.ifc_len;
3075 ifc.ifc_req = compat_ptr(ifc32.ifcbuf);
3076
3077 rtnl_lock();
3078 err = dev_ifconf(net, &ifc, sizeof(struct compat_ifreq));
3079 rtnl_unlock();
3080 if (err)
3081 return err;
3082
3083 ifc32.ifc_len = ifc.ifc_len;
3084 if (copy_to_user(uifc32, &ifc32, sizeof(struct compat_ifconf)))
3085 return -EFAULT;
3086
3087 return 0;
3088 }
3089
3090 static int ethtool_ioctl(struct net *net, struct compat_ifreq __user *ifr32)
3091 {
3092 struct compat_ethtool_rxnfc __user *compat_rxnfc;
3093 bool convert_in = false, convert_out = false;
3094 size_t buf_size = 0;
3095 struct ethtool_rxnfc __user *rxnfc = NULL;
3096 struct ifreq ifr;
3097 u32 rule_cnt = 0, actual_rule_cnt;
3098 u32 ethcmd;
3099 u32 data;
3100 int ret;
3101
3102 if (get_user(data, &ifr32->ifr_ifru.ifru_data))
3103 return -EFAULT;
3104
3105 compat_rxnfc = compat_ptr(data);
3106
3107 if (get_user(ethcmd, &compat_rxnfc->cmd))
3108 return -EFAULT;
3109
3110
3111
3112
3113 switch (ethcmd) {
3114 default:
3115 break;
3116 case ETHTOOL_GRXCLSRLALL:
3117
3118 if (get_user(rule_cnt, &compat_rxnfc->rule_cnt))
3119 return -EFAULT;
3120 if (rule_cnt > KMALLOC_MAX_SIZE / sizeof(u32))
3121 return -ENOMEM;
3122 buf_size += rule_cnt * sizeof(u32);
3123
3124 case ETHTOOL_GRXRINGS:
3125 case ETHTOOL_GRXCLSRLCNT:
3126 case ETHTOOL_GRXCLSRULE:
3127 case ETHTOOL_SRXCLSRLINS:
3128 convert_out = true;
3129
3130 case ETHTOOL_SRXCLSRLDEL:
3131 buf_size += sizeof(struct ethtool_rxnfc);
3132 convert_in = true;
3133 rxnfc = compat_alloc_user_space(buf_size);
3134 break;
3135 }
3136
3137 if (copy_from_user(&ifr.ifr_name, &ifr32->ifr_name, IFNAMSIZ))
3138 return -EFAULT;
3139
3140 ifr.ifr_data = convert_in ? rxnfc : (void __user *)compat_rxnfc;
3141
3142 if (convert_in) {
3143
3144
3145
3146 BUILD_BUG_ON(offsetof(struct compat_ethtool_rxnfc, fs.m_ext) +
3147 sizeof(compat_rxnfc->fs.m_ext) !=
3148 offsetof(struct ethtool_rxnfc, fs.m_ext) +
3149 sizeof(rxnfc->fs.m_ext));
3150 BUILD_BUG_ON(
3151 offsetof(struct compat_ethtool_rxnfc, fs.location) -
3152 offsetof(struct compat_ethtool_rxnfc, fs.ring_cookie) !=
3153 offsetof(struct ethtool_rxnfc, fs.location) -
3154 offsetof(struct ethtool_rxnfc, fs.ring_cookie));
3155
3156 if (copy_in_user(rxnfc, compat_rxnfc,
3157 (void __user *)(&rxnfc->fs.m_ext + 1) -
3158 (void __user *)rxnfc) ||
3159 copy_in_user(&rxnfc->fs.ring_cookie,
3160 &compat_rxnfc->fs.ring_cookie,
3161 (void __user *)(&rxnfc->fs.location + 1) -
3162 (void __user *)&rxnfc->fs.ring_cookie))
3163 return -EFAULT;
3164 if (ethcmd == ETHTOOL_GRXCLSRLALL) {
3165 if (put_user(rule_cnt, &rxnfc->rule_cnt))
3166 return -EFAULT;
3167 } else if (copy_in_user(&rxnfc->rule_cnt,
3168 &compat_rxnfc->rule_cnt,
3169 sizeof(rxnfc->rule_cnt)))
3170 return -EFAULT;
3171 }
3172
3173 ret = dev_ioctl(net, SIOCETHTOOL, &ifr, NULL);
3174 if (ret)
3175 return ret;
3176
3177 if (convert_out) {
3178 if (copy_in_user(compat_rxnfc, rxnfc,
3179 (const void __user *)(&rxnfc->fs.m_ext + 1) -
3180 (const void __user *)rxnfc) ||
3181 copy_in_user(&compat_rxnfc->fs.ring_cookie,
3182 &rxnfc->fs.ring_cookie,
3183 (const void __user *)(&rxnfc->fs.location + 1) -
3184 (const void __user *)&rxnfc->fs.ring_cookie) ||
3185 copy_in_user(&compat_rxnfc->rule_cnt, &rxnfc->rule_cnt,
3186 sizeof(rxnfc->rule_cnt)))
3187 return -EFAULT;
3188
3189 if (ethcmd == ETHTOOL_GRXCLSRLALL) {
3190
3191
3192
3193
3194
3195
3196
3197
3198 if (get_user(actual_rule_cnt, &rxnfc->rule_cnt))
3199 return -EFAULT;
3200 if (actual_rule_cnt < rule_cnt)
3201 rule_cnt = actual_rule_cnt;
3202 if (copy_in_user(&compat_rxnfc->rule_locs[0],
3203 &rxnfc->rule_locs[0],
3204 rule_cnt * sizeof(u32)))
3205 return -EFAULT;
3206 }
3207 }
3208
3209 return 0;
3210 }
3211
3212 static int compat_siocwandev(struct net *net, struct compat_ifreq __user *uifr32)
3213 {
3214 compat_uptr_t uptr32;
3215 struct ifreq ifr;
3216 void __user *saved;
3217 int err;
3218
3219 if (copy_from_user(&ifr, uifr32, sizeof(struct compat_ifreq)))
3220 return -EFAULT;
3221
3222 if (get_user(uptr32, &uifr32->ifr_settings.ifs_ifsu))
3223 return -EFAULT;
3224
3225 saved = ifr.ifr_settings.ifs_ifsu.raw_hdlc;
3226 ifr.ifr_settings.ifs_ifsu.raw_hdlc = compat_ptr(uptr32);
3227
3228 err = dev_ioctl(net, SIOCWANDEV, &ifr, NULL);
3229 if (!err) {
3230 ifr.ifr_settings.ifs_ifsu.raw_hdlc = saved;
3231 if (copy_to_user(uifr32, &ifr, sizeof(struct compat_ifreq)))
3232 err = -EFAULT;
3233 }
3234 return err;
3235 }
3236
3237
3238 static int compat_ifr_data_ioctl(struct net *net, unsigned int cmd,
3239 struct compat_ifreq __user *u_ifreq32)
3240 {
3241 struct ifreq ifreq;
3242 u32 data32;
3243
3244 if (copy_from_user(ifreq.ifr_name, u_ifreq32->ifr_name, IFNAMSIZ))
3245 return -EFAULT;
3246 if (get_user(data32, &u_ifreq32->ifr_data))
3247 return -EFAULT;
3248 ifreq.ifr_data = compat_ptr(data32);
3249
3250 return dev_ioctl(net, cmd, &ifreq, NULL);
3251 }
3252
3253 static int compat_ifreq_ioctl(struct net *net, struct socket *sock,
3254 unsigned int cmd,
3255 struct compat_ifreq __user *uifr32)
3256 {
3257 struct ifreq __user *uifr;
3258 int err;
3259
3260
3261
3262
3263
3264
3265
3266
3267
3268
3269
3270 uifr = compat_alloc_user_space(sizeof(*uifr));
3271 if (copy_in_user(uifr, uifr32, sizeof(*uifr32)))
3272 return -EFAULT;
3273
3274 err = sock_do_ioctl(net, sock, cmd, (unsigned long)uifr);
3275
3276 if (!err) {
3277 switch (cmd) {
3278 case SIOCGIFFLAGS:
3279 case SIOCGIFMETRIC:
3280 case SIOCGIFMTU:
3281 case SIOCGIFMEM:
3282 case SIOCGIFHWADDR:
3283 case SIOCGIFINDEX:
3284 case SIOCGIFADDR:
3285 case SIOCGIFBRDADDR:
3286 case SIOCGIFDSTADDR:
3287 case SIOCGIFNETMASK:
3288 case SIOCGIFPFLAGS:
3289 case SIOCGIFTXQLEN:
3290 case SIOCGMIIPHY:
3291 case SIOCGMIIREG:
3292 case SIOCGIFNAME:
3293 if (copy_in_user(uifr32, uifr, sizeof(*uifr32)))
3294 err = -EFAULT;
3295 break;
3296 }
3297 }
3298 return err;
3299 }
3300
3301 static int compat_sioc_ifmap(struct net *net, unsigned int cmd,
3302 struct compat_ifreq __user *uifr32)
3303 {
3304 struct ifreq ifr;
3305 struct compat_ifmap __user *uifmap32;
3306 int err;
3307
3308 uifmap32 = &uifr32->ifr_ifru.ifru_map;
3309 err = copy_from_user(&ifr, uifr32, sizeof(ifr.ifr_name));
3310 err |= get_user(ifr.ifr_map.mem_start, &uifmap32->mem_start);
3311 err |= get_user(ifr.ifr_map.mem_end, &uifmap32->mem_end);
3312 err |= get_user(ifr.ifr_map.base_addr, &uifmap32->base_addr);
3313 err |= get_user(ifr.ifr_map.irq, &uifmap32->irq);
3314 err |= get_user(ifr.ifr_map.dma, &uifmap32->dma);
3315 err |= get_user(ifr.ifr_map.port, &uifmap32->port);
3316 if (err)
3317 return -EFAULT;
3318
3319 err = dev_ioctl(net, cmd, &ifr, NULL);
3320
3321 if (cmd == SIOCGIFMAP && !err) {
3322 err = copy_to_user(uifr32, &ifr, sizeof(ifr.ifr_name));
3323 err |= put_user(ifr.ifr_map.mem_start, &uifmap32->mem_start);
3324 err |= put_user(ifr.ifr_map.mem_end, &uifmap32->mem_end);
3325 err |= put_user(ifr.ifr_map.base_addr, &uifmap32->base_addr);
3326 err |= put_user(ifr.ifr_map.irq, &uifmap32->irq);
3327 err |= put_user(ifr.ifr_map.dma, &uifmap32->dma);
3328 err |= put_user(ifr.ifr_map.port, &uifmap32->port);
3329 if (err)
3330 err = -EFAULT;
3331 }
3332 return err;
3333 }
3334
3335 struct rtentry32 {
3336 u32 rt_pad1;
3337 struct sockaddr rt_dst;
3338 struct sockaddr rt_gateway;
3339 struct sockaddr rt_genmask;
3340 unsigned short rt_flags;
3341 short rt_pad2;
3342 u32 rt_pad3;
3343 unsigned char rt_tos;
3344 unsigned char rt_class;
3345 short rt_pad4;
3346 short rt_metric;
3347 u32 rt_dev;
3348 u32 rt_mtu;
3349 u32 rt_window;
3350 unsigned short rt_irtt;
3351 };
3352
3353 struct in6_rtmsg32 {
3354 struct in6_addr rtmsg_dst;
3355 struct in6_addr rtmsg_src;
3356 struct in6_addr rtmsg_gateway;
3357 u32 rtmsg_type;
3358 u16 rtmsg_dst_len;
3359 u16 rtmsg_src_len;
3360 u32 rtmsg_metric;
3361 u32 rtmsg_info;
3362 u32 rtmsg_flags;
3363 s32 rtmsg_ifindex;
3364 };
3365
3366 static int routing_ioctl(struct net *net, struct socket *sock,
3367 unsigned int cmd, void __user *argp)
3368 {
3369 int ret;
3370 void *r = NULL;
3371 struct in6_rtmsg r6;
3372 struct rtentry r4;
3373 char devname[16];
3374 u32 rtdev;
3375 mm_segment_t old_fs = get_fs();
3376
3377 if (sock && sock->sk && sock->sk->sk_family == AF_INET6) {
3378 struct in6_rtmsg32 __user *ur6 = argp;
3379 ret = copy_from_user(&r6.rtmsg_dst, &(ur6->rtmsg_dst),
3380 3 * sizeof(struct in6_addr));
3381 ret |= get_user(r6.rtmsg_type, &(ur6->rtmsg_type));
3382 ret |= get_user(r6.rtmsg_dst_len, &(ur6->rtmsg_dst_len));
3383 ret |= get_user(r6.rtmsg_src_len, &(ur6->rtmsg_src_len));
3384 ret |= get_user(r6.rtmsg_metric, &(ur6->rtmsg_metric));
3385 ret |= get_user(r6.rtmsg_info, &(ur6->rtmsg_info));
3386 ret |= get_user(r6.rtmsg_flags, &(ur6->rtmsg_flags));
3387 ret |= get_user(r6.rtmsg_ifindex, &(ur6->rtmsg_ifindex));
3388
3389 r = (void *) &r6;
3390 } else {
3391 struct rtentry32 __user *ur4 = argp;
3392 ret = copy_from_user(&r4.rt_dst, &(ur4->rt_dst),
3393 3 * sizeof(struct sockaddr));
3394 ret |= get_user(r4.rt_flags, &(ur4->rt_flags));
3395 ret |= get_user(r4.rt_metric, &(ur4->rt_metric));
3396 ret |= get_user(r4.rt_mtu, &(ur4->rt_mtu));
3397 ret |= get_user(r4.rt_window, &(ur4->rt_window));
3398 ret |= get_user(r4.rt_irtt, &(ur4->rt_irtt));
3399 ret |= get_user(rtdev, &(ur4->rt_dev));
3400 if (rtdev) {
3401 ret |= copy_from_user(devname, compat_ptr(rtdev), 15);
3402 r4.rt_dev = (char __user __force *)devname;
3403 devname[15] = 0;
3404 } else
3405 r4.rt_dev = NULL;
3406
3407 r = (void *) &r4;
3408 }
3409
3410 if (ret) {
3411 ret = -EFAULT;
3412 goto out;
3413 }
3414
3415 set_fs(KERNEL_DS);
3416 ret = sock_do_ioctl(net, sock, cmd, (unsigned long) r);
3417 set_fs(old_fs);
3418
3419 out:
3420 return ret;
3421 }
3422
3423
3424
3425
3426
3427 static int old_bridge_ioctl(compat_ulong_t __user *argp)
3428 {
3429 compat_ulong_t tmp;
3430
3431 if (get_user(tmp, argp))
3432 return -EFAULT;
3433 if (tmp == BRCTL_GET_VERSION)
3434 return BRCTL_VERSION + 1;
3435 return -EINVAL;
3436 }
3437
3438 static int compat_sock_ioctl_trans(struct file *file, struct socket *sock,
3439 unsigned int cmd, unsigned long arg)
3440 {
3441 void __user *argp = compat_ptr(arg);
3442 struct sock *sk = sock->sk;
3443 struct net *net = sock_net(sk);
3444
3445 if (cmd >= SIOCDEVPRIVATE && cmd <= (SIOCDEVPRIVATE + 15))
3446 return compat_ifr_data_ioctl(net, cmd, argp);
3447
3448 switch (cmd) {
3449 case SIOCSIFBR:
3450 case SIOCGIFBR:
3451 return old_bridge_ioctl(argp);
3452 case SIOCGIFCONF:
3453 return compat_dev_ifconf(net, argp);
3454 case SIOCETHTOOL:
3455 return ethtool_ioctl(net, argp);
3456 case SIOCWANDEV:
3457 return compat_siocwandev(net, argp);
3458 case SIOCGIFMAP:
3459 case SIOCSIFMAP:
3460 return compat_sioc_ifmap(net, cmd, argp);
3461 case SIOCADDRT:
3462 case SIOCDELRT:
3463 return routing_ioctl(net, sock, cmd, argp);
3464 case SIOCGSTAMP_OLD:
3465 case SIOCGSTAMPNS_OLD:
3466 if (!sock->ops->gettstamp)
3467 return -ENOIOCTLCMD;
3468 return sock->ops->gettstamp(sock, argp, cmd == SIOCGSTAMP_OLD,
3469 !COMPAT_USE_64BIT_TIME);
3470
3471 case SIOCBONDSLAVEINFOQUERY:
3472 case SIOCBONDINFOQUERY:
3473 case SIOCSHWTSTAMP:
3474 case SIOCGHWTSTAMP:
3475 return compat_ifr_data_ioctl(net, cmd, argp);
3476
3477 case FIOSETOWN:
3478 case SIOCSPGRP:
3479 case FIOGETOWN:
3480 case SIOCGPGRP:
3481 case SIOCBRADDBR:
3482 case SIOCBRDELBR:
3483 case SIOCGIFVLAN:
3484 case SIOCSIFVLAN:
3485 case SIOCADDDLCI:
3486 case SIOCDELDLCI:
3487 case SIOCGSKNS:
3488 case SIOCGSTAMP_NEW:
3489 case SIOCGSTAMPNS_NEW:
3490 return sock_ioctl(file, cmd, arg);
3491
3492 case SIOCGIFFLAGS:
3493 case SIOCSIFFLAGS:
3494 case SIOCGIFMETRIC:
3495 case SIOCSIFMETRIC:
3496 case SIOCGIFMTU:
3497 case SIOCSIFMTU:
3498 case SIOCGIFMEM:
3499 case SIOCSIFMEM:
3500 case SIOCGIFHWADDR:
3501 case SIOCSIFHWADDR:
3502 case SIOCADDMULTI:
3503 case SIOCDELMULTI:
3504 case SIOCGIFINDEX:
3505 case SIOCGIFADDR:
3506 case SIOCSIFADDR:
3507 case SIOCSIFHWBROADCAST:
3508 case SIOCDIFADDR:
3509 case SIOCGIFBRDADDR:
3510 case SIOCSIFBRDADDR:
3511 case SIOCGIFDSTADDR:
3512 case SIOCSIFDSTADDR:
3513 case SIOCGIFNETMASK:
3514 case SIOCSIFNETMASK:
3515 case SIOCSIFPFLAGS:
3516 case SIOCGIFPFLAGS:
3517 case SIOCGIFTXQLEN:
3518 case SIOCSIFTXQLEN:
3519 case SIOCBRADDIF:
3520 case SIOCBRDELIF:
3521 case SIOCGIFNAME:
3522 case SIOCSIFNAME:
3523 case SIOCGMIIPHY:
3524 case SIOCGMIIREG:
3525 case SIOCSMIIREG:
3526 case SIOCBONDENSLAVE:
3527 case SIOCBONDRELEASE:
3528 case SIOCBONDSETHWADDR:
3529 case SIOCBONDCHANGEACTIVE:
3530 return compat_ifreq_ioctl(net, sock, cmd, argp);
3531
3532 case SIOCSARP:
3533 case SIOCGARP:
3534 case SIOCDARP:
3535 case SIOCOUTQNSD:
3536 case SIOCATMARK:
3537 return sock_do_ioctl(net, sock, cmd, arg);
3538 }
3539
3540 return -ENOIOCTLCMD;
3541 }
3542
3543 static long compat_sock_ioctl(struct file *file, unsigned int cmd,
3544 unsigned long arg)
3545 {
3546 struct socket *sock = file->private_data;
3547 int ret = -ENOIOCTLCMD;
3548 struct sock *sk;
3549 struct net *net;
3550
3551 sk = sock->sk;
3552 net = sock_net(sk);
3553
3554 if (sock->ops->compat_ioctl)
3555 ret = sock->ops->compat_ioctl(sock, cmd, arg);
3556
3557 if (ret == -ENOIOCTLCMD &&
3558 (cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST))
3559 ret = compat_wext_handle_ioctl(net, cmd, arg);
3560
3561 if (ret == -ENOIOCTLCMD)
3562 ret = compat_sock_ioctl_trans(file, sock, cmd, arg);
3563
3564 return ret;
3565 }
3566 #endif
3567
3568
3569
3570
3571
3572
3573
3574
3575
3576
3577 int kernel_bind(struct socket *sock, struct sockaddr *addr, int addrlen)
3578 {
3579 return sock->ops->bind(sock, addr, addrlen);
3580 }
3581 EXPORT_SYMBOL(kernel_bind);
3582
3583
3584
3585
3586
3587
3588
3589
3590
3591 int kernel_listen(struct socket *sock, int backlog)
3592 {
3593 return sock->ops->listen(sock, backlog);
3594 }
3595 EXPORT_SYMBOL(kernel_listen);
3596
3597
3598
3599
3600
3601
3602
3603
3604
3605
3606
3607
3608 int kernel_accept(struct socket *sock, struct socket **newsock, int flags)
3609 {
3610 struct sock *sk = sock->sk;
3611 int err;
3612
3613 err = sock_create_lite(sk->sk_family, sk->sk_type, sk->sk_protocol,
3614 newsock);
3615 if (err < 0)
3616 goto done;
3617
3618 err = sock->ops->accept(sock, *newsock, flags, true);
3619 if (err < 0) {
3620 sock_release(*newsock);
3621 *newsock = NULL;
3622 goto done;
3623 }
3624
3625 (*newsock)->ops = sock->ops;
3626 __module_get((*newsock)->ops->owner);
3627
3628 done:
3629 return err;
3630 }
3631 EXPORT_SYMBOL(kernel_accept);
3632
3633
3634
3635
3636
3637
3638
3639
3640
3641
3642
3643
3644
3645
3646 int kernel_connect(struct socket *sock, struct sockaddr *addr, int addrlen,
3647 int flags)
3648 {
3649 return sock->ops->connect(sock, addr, addrlen, flags);
3650 }
3651 EXPORT_SYMBOL(kernel_connect);
3652
3653
3654
3655
3656
3657
3658
3659
3660
3661
3662 int kernel_getsockname(struct socket *sock, struct sockaddr *addr)
3663 {
3664 return sock->ops->getname(sock, addr, 0);
3665 }
3666 EXPORT_SYMBOL(kernel_getsockname);
3667
3668
3669
3670
3671
3672
3673
3674
3675
3676
3677 int kernel_getpeername(struct socket *sock, struct sockaddr *addr)
3678 {
3679 return sock->ops->getname(sock, addr, 1);
3680 }
3681 EXPORT_SYMBOL(kernel_getpeername);
3682
3683
3684
3685
3686
3687
3688
3689
3690
3691
3692
3693
3694
3695 int kernel_getsockopt(struct socket *sock, int level, int optname,
3696 char *optval, int *optlen)
3697 {
3698 mm_segment_t oldfs = get_fs();
3699 char __user *uoptval;
3700 int __user *uoptlen;
3701 int err;
3702
3703 uoptval = (char __user __force *) optval;
3704 uoptlen = (int __user __force *) optlen;
3705
3706 set_fs(KERNEL_DS);
3707 if (level == SOL_SOCKET)
3708 err = sock_getsockopt(sock, level, optname, uoptval, uoptlen);
3709 else
3710 err = sock->ops->getsockopt(sock, level, optname, uoptval,
3711 uoptlen);
3712 set_fs(oldfs);
3713 return err;
3714 }
3715 EXPORT_SYMBOL(kernel_getsockopt);
3716
3717
3718
3719
3720
3721
3722
3723
3724
3725
3726
3727
3728 int kernel_setsockopt(struct socket *sock, int level, int optname,
3729 char *optval, unsigned int optlen)
3730 {
3731 mm_segment_t oldfs = get_fs();
3732 char __user *uoptval;
3733 int err;
3734
3735 uoptval = (char __user __force *) optval;
3736
3737 set_fs(KERNEL_DS);
3738 if (level == SOL_SOCKET)
3739 err = sock_setsockopt(sock, level, optname, uoptval, optlen);
3740 else
3741 err = sock->ops->setsockopt(sock, level, optname, uoptval,
3742 optlen);
3743 set_fs(oldfs);
3744 return err;
3745 }
3746 EXPORT_SYMBOL(kernel_setsockopt);
3747
3748
3749
3750
3751
3752
3753
3754
3755
3756
3757
3758
3759 int kernel_sendpage(struct socket *sock, struct page *page, int offset,
3760 size_t size, int flags)
3761 {
3762 if (sock->ops->sendpage)
3763 return sock->ops->sendpage(sock, page, offset, size, flags);
3764
3765 return sock_no_sendpage(sock, page, offset, size, flags);
3766 }
3767 EXPORT_SYMBOL(kernel_sendpage);
3768
3769
3770
3771
3772
3773
3774
3775
3776
3777
3778
3779
3780
3781 int kernel_sendpage_locked(struct sock *sk, struct page *page, int offset,
3782 size_t size, int flags)
3783 {
3784 struct socket *sock = sk->sk_socket;
3785
3786 if (sock->ops->sendpage_locked)
3787 return sock->ops->sendpage_locked(sk, page, offset, size,
3788 flags);
3789
3790 return sock_no_sendpage_locked(sk, page, offset, size, flags);
3791 }
3792 EXPORT_SYMBOL(kernel_sendpage_locked);
3793
3794
3795
3796
3797
3798
3799
3800
3801
3802 int kernel_sock_shutdown(struct socket *sock, enum sock_shutdown_cmd how)
3803 {
3804 return sock->ops->shutdown(sock, how);
3805 }
3806 EXPORT_SYMBOL(kernel_sock_shutdown);
3807
3808
3809
3810
3811
3812
3813
3814
3815
3816
3817
3818 u32 kernel_sock_ip_overhead(struct sock *sk)
3819 {
3820 struct inet_sock *inet;
3821 struct ip_options_rcu *opt;
3822 u32 overhead = 0;
3823 #if IS_ENABLED(CONFIG_IPV6)
3824 struct ipv6_pinfo *np;
3825 struct ipv6_txoptions *optv6 = NULL;
3826 #endif
3827
3828 if (!sk)
3829 return overhead;
3830
3831 switch (sk->sk_family) {
3832 case AF_INET:
3833 inet = inet_sk(sk);
3834 overhead += sizeof(struct iphdr);
3835 opt = rcu_dereference_protected(inet->inet_opt,
3836 sock_owned_by_user(sk));
3837 if (opt)
3838 overhead += opt->opt.optlen;
3839 return overhead;
3840 #if IS_ENABLED(CONFIG_IPV6)
3841 case AF_INET6:
3842 np = inet6_sk(sk);
3843 overhead += sizeof(struct ipv6hdr);
3844 if (np)
3845 optv6 = rcu_dereference_protected(np->opt,
3846 sock_owned_by_user(sk));
3847 if (optv6)
3848 overhead += (optv6->opt_flen + optv6->opt_nflen);
3849 return overhead;
3850 #endif
3851 default:
3852 return overhead;
3853 }
3854 }
3855 EXPORT_SYMBOL(kernel_sock_ip_overhead);