1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55#include <linux/mm.h>
56#include <linux/socket.h>
57#include <linux/file.h>
58#include <linux/net.h>
59#include <linux/interrupt.h>
60#include <linux/thread_info.h>
61#include <linux/rcupdate.h>
62#include <linux/netdevice.h>
63#include <linux/proc_fs.h>
64#include <linux/seq_file.h>
65#include <linux/mutex.h>
66#include <linux/if_bridge.h>
67#include <linux/if_frad.h>
68#include <linux/if_vlan.h>
69#include <linux/ptp_classify.h>
70#include <linux/init.h>
71#include <linux/poll.h>
72#include <linux/cache.h>
73#include <linux/module.h>
74#include <linux/highmem.h>
75#include <linux/mount.h>
76#include <linux/pseudo_fs.h>
77#include <linux/security.h>
78#include <linux/syscalls.h>
79#include <linux/compat.h>
80#include <linux/kmod.h>
81#include <linux/audit.h>
82#include <linux/wireless.h>
83#include <linux/nsproxy.h>
84#include <linux/magic.h>
85#include <linux/slab.h>
86#include <linux/xattr.h>
87#include <linux/nospec.h>
88#include <linux/indirect_call_wrapper.h>
89
90#include <linux/uaccess.h>
91#include <asm/unistd.h>
92
93#include <net/compat.h>
94#include <net/wext.h>
95#include <net/cls_cgroup.h>
96
97#include <net/sock.h>
98#include <linux/netfilter.h>
99
100#include <linux/if_tun.h>
101#include <linux/ipv6_route.h>
102#include <linux/route.h>
103#include <linux/sockios.h>
104#include <net/busy_poll.h>
105#include <linux/errqueue.h>
106
107#ifdef CONFIG_NET_RX_BUSY_POLL
108unsigned int sysctl_net_busy_read __read_mostly;
109unsigned int sysctl_net_busy_poll __read_mostly;
110#endif
111
112static ssize_t sock_read_iter(struct kiocb *iocb, struct iov_iter *to);
113static ssize_t sock_write_iter(struct kiocb *iocb, struct iov_iter *from);
114static int sock_mmap(struct file *file, struct vm_area_struct *vma);
115
116static int sock_close(struct inode *inode, struct file *file);
117static __poll_t sock_poll(struct file *file,
118 struct poll_table_struct *wait);
119static long sock_ioctl(struct file *file, unsigned int cmd, unsigned long arg);
120#ifdef CONFIG_COMPAT
121static long compat_sock_ioctl(struct file *file,
122 unsigned int cmd, unsigned long arg);
123#endif
124static int sock_fasync(int fd, struct file *filp, int on);
125static ssize_t sock_sendpage(struct file *file, struct page *page,
126 int offset, size_t size, loff_t *ppos, int more);
127static ssize_t sock_splice_read(struct file *file, loff_t *ppos,
128 struct pipe_inode_info *pipe, size_t len,
129 unsigned int flags);
130
131
132
133
134
135
136static const struct file_operations socket_file_ops = {
137 .owner = THIS_MODULE,
138 .llseek = no_llseek,
139 .read_iter = sock_read_iter,
140 .write_iter = sock_write_iter,
141 .poll = sock_poll,
142 .unlocked_ioctl = sock_ioctl,
143#ifdef CONFIG_COMPAT
144 .compat_ioctl = compat_sock_ioctl,
145#endif
146 .mmap = sock_mmap,
147 .release = sock_close,
148 .fasync = sock_fasync,
149 .sendpage = sock_sendpage,
150 .splice_write = generic_splice_sendpage,
151 .splice_read = sock_splice_read,
152};
153
154
155
156
157
158static DEFINE_SPINLOCK(net_family_lock);
159static const struct net_proto_family __rcu *net_families[NPROTO] __read_mostly;
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178int move_addr_to_kernel(void __user *uaddr, int ulen, struct sockaddr_storage *kaddr)
179{
180 if (ulen < 0 || ulen > sizeof(struct sockaddr_storage))
181 return -EINVAL;
182 if (ulen == 0)
183 return 0;
184 if (copy_from_user(kaddr, uaddr, ulen))
185 return -EFAULT;
186 return audit_sockaddr(ulen, kaddr);
187}
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206static int move_addr_to_user(struct sockaddr_storage *kaddr, int klen,
207 void __user *uaddr, int __user *ulen)
208{
209 int err;
210 int len;
211
212 BUG_ON(klen > sizeof(struct sockaddr_storage));
213 err = get_user(len, ulen);
214 if (err)
215 return err;
216 if (len > klen)
217 len = klen;
218 if (len < 0)
219 return -EINVAL;
220 if (len) {
221 if (audit_sockaddr(klen, kaddr))
222 return -ENOMEM;
223 if (copy_to_user(uaddr, kaddr, len))
224 return -EFAULT;
225 }
226
227
228
229
230 return __put_user(klen, ulen);
231}
232
233static struct kmem_cache *sock_inode_cachep __ro_after_init;
234
235static struct inode *sock_alloc_inode(struct super_block *sb)
236{
237 struct socket_alloc *ei;
238
239 ei = kmem_cache_alloc(sock_inode_cachep, GFP_KERNEL);
240 if (!ei)
241 return NULL;
242 init_waitqueue_head(&ei->socket.wq.wait);
243 ei->socket.wq.fasync_list = NULL;
244 ei->socket.wq.flags = 0;
245
246 ei->socket.state = SS_UNCONNECTED;
247 ei->socket.flags = 0;
248 ei->socket.ops = NULL;
249 ei->socket.sk = NULL;
250 ei->socket.file = NULL;
251
252 return &ei->vfs_inode;
253}
254
255static void sock_free_inode(struct inode *inode)
256{
257 struct socket_alloc *ei;
258
259 ei = container_of(inode, struct socket_alloc, vfs_inode);
260 kmem_cache_free(sock_inode_cachep, ei);
261}
262
263static void init_once(void *foo)
264{
265 struct socket_alloc *ei = (struct socket_alloc *)foo;
266
267 inode_init_once(&ei->vfs_inode);
268}
269
270static void init_inodecache(void)
271{
272 sock_inode_cachep = kmem_cache_create("sock_inode_cache",
273 sizeof(struct socket_alloc),
274 0,
275 (SLAB_HWCACHE_ALIGN |
276 SLAB_RECLAIM_ACCOUNT |
277 SLAB_MEM_SPREAD | SLAB_ACCOUNT),
278 init_once);
279 BUG_ON(sock_inode_cachep == NULL);
280}
281
282static const struct super_operations sockfs_ops = {
283 .alloc_inode = sock_alloc_inode,
284 .free_inode = sock_free_inode,
285 .statfs = simple_statfs,
286};
287
288
289
290
291static char *sockfs_dname(struct dentry *dentry, char *buffer, int buflen)
292{
293 return dynamic_dname(dentry, buffer, buflen, "socket:[%lu]",
294 d_inode(dentry)->i_ino);
295}
296
297static const struct dentry_operations sockfs_dentry_operations = {
298 .d_dname = sockfs_dname,
299};
300
301static int sockfs_xattr_get(const struct xattr_handler *handler,
302 struct dentry *dentry, struct inode *inode,
303 const char *suffix, void *value, size_t size)
304{
305 if (value) {
306 if (dentry->d_name.len + 1 > size)
307 return -ERANGE;
308 memcpy(value, dentry->d_name.name, dentry->d_name.len + 1);
309 }
310 return dentry->d_name.len + 1;
311}
312
313#define XATTR_SOCKPROTONAME_SUFFIX "sockprotoname"
314#define XATTR_NAME_SOCKPROTONAME (XATTR_SYSTEM_PREFIX XATTR_SOCKPROTONAME_SUFFIX)
315#define XATTR_NAME_SOCKPROTONAME_LEN (sizeof(XATTR_NAME_SOCKPROTONAME)-1)
316
317static const struct xattr_handler sockfs_xattr_handler = {
318 .name = XATTR_NAME_SOCKPROTONAME,
319 .get = sockfs_xattr_get,
320};
321
322static int sockfs_security_xattr_set(const struct xattr_handler *handler,
323 struct dentry *dentry, struct inode *inode,
324 const char *suffix, const void *value,
325 size_t size, int flags)
326{
327
328 return -EAGAIN;
329}
330
331static const struct xattr_handler sockfs_security_xattr_handler = {
332 .prefix = XATTR_SECURITY_PREFIX,
333 .set = sockfs_security_xattr_set,
334};
335
336static const struct xattr_handler *sockfs_xattr_handlers[] = {
337 &sockfs_xattr_handler,
338 &sockfs_security_xattr_handler,
339 NULL
340};
341
342static int sockfs_init_fs_context(struct fs_context *fc)
343{
344 struct pseudo_fs_context *ctx = init_pseudo(fc, SOCKFS_MAGIC);
345 if (!ctx)
346 return -ENOMEM;
347 ctx->ops = &sockfs_ops;
348 ctx->dops = &sockfs_dentry_operations;
349 ctx->xattr = sockfs_xattr_handlers;
350 return 0;
351}
352
353static struct vfsmount *sock_mnt __read_mostly;
354
355static struct file_system_type sock_fs_type = {
356 .name = "sockfs",
357 .init_fs_context = sockfs_init_fs_context,
358 .kill_sb = kill_anon_super,
359};
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390struct file *sock_alloc_file(struct socket *sock, int flags, const char *dname)
391{
392 struct file *file;
393
394 if (!dname)
395 dname = sock->sk ? sock->sk->sk_prot_creator->name : "";
396
397 file = alloc_file_pseudo(SOCK_INODE(sock), sock_mnt, dname,
398 O_RDWR | (flags & O_NONBLOCK),
399 &socket_file_ops);
400 if (IS_ERR(file)) {
401 sock_release(sock);
402 return file;
403 }
404
405 sock->file = file;
406 file->private_data = sock;
407 return file;
408}
409EXPORT_SYMBOL(sock_alloc_file);
410
411static int sock_map_fd(struct socket *sock, int flags)
412{
413 struct file *newfile;
414 int fd = get_unused_fd_flags(flags);
415 if (unlikely(fd < 0)) {
416 sock_release(sock);
417 return fd;
418 }
419
420 newfile = sock_alloc_file(sock, flags, NULL);
421 if (!IS_ERR(newfile)) {
422 fd_install(fd, newfile);
423 return fd;
424 }
425
426 put_unused_fd(fd);
427 return PTR_ERR(newfile);
428}
429
430
431
432
433
434
435
436
437
438struct socket *sock_from_file(struct file *file, int *err)
439{
440 if (file->f_op == &socket_file_ops)
441 return file->private_data;
442
443 *err = -ENOTSOCK;
444 return NULL;
445}
446EXPORT_SYMBOL(sock_from_file);
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461struct socket *sockfd_lookup(int fd, int *err)
462{
463 struct file *file;
464 struct socket *sock;
465
466 file = fget(fd);
467 if (!file) {
468 *err = -EBADF;
469 return NULL;
470 }
471
472 sock = sock_from_file(file, err);
473 if (!sock)
474 fput(file);
475 return sock;
476}
477EXPORT_SYMBOL(sockfd_lookup);
478
479static struct socket *sockfd_lookup_light(int fd, int *err, int *fput_needed)
480{
481 struct fd f = fdget(fd);
482 struct socket *sock;
483
484 *err = -EBADF;
485 if (f.file) {
486 sock = sock_from_file(f.file, err);
487 if (likely(sock)) {
488 *fput_needed = f.flags;
489 return sock;
490 }
491 fdput(f);
492 }
493 return NULL;
494}
495
496static ssize_t sockfs_listxattr(struct dentry *dentry, char *buffer,
497 size_t size)
498{
499 ssize_t len;
500 ssize_t used = 0;
501
502 len = security_inode_listsecurity(d_inode(dentry), buffer, size);
503 if (len < 0)
504 return len;
505 used += len;
506 if (buffer) {
507 if (size < used)
508 return -ERANGE;
509 buffer += len;
510 }
511
512 len = (XATTR_NAME_SOCKPROTONAME_LEN + 1);
513 used += len;
514 if (buffer) {
515 if (size < used)
516 return -ERANGE;
517 memcpy(buffer, XATTR_NAME_SOCKPROTONAME, len);
518 buffer += len;
519 }
520
521 return used;
522}
523
524static int sockfs_setattr(struct dentry *dentry, struct iattr *iattr)
525{
526 int err = simple_setattr(dentry, iattr);
527
528 if (!err && (iattr->ia_valid & ATTR_UID)) {
529 struct socket *sock = SOCKET_I(d_inode(dentry));
530
531 if (sock->sk)
532 sock->sk->sk_uid = iattr->ia_uid;
533 else
534 err = -ENOENT;
535 }
536
537 return err;
538}
539
540static const struct inode_operations sockfs_inode_ops = {
541 .listxattr = sockfs_listxattr,
542 .setattr = sockfs_setattr,
543};
544
545
546
547
548
549
550
551
552
553struct socket *sock_alloc(void)
554{
555 struct inode *inode;
556 struct socket *sock;
557
558 inode = new_inode_pseudo(sock_mnt->mnt_sb);
559 if (!inode)
560 return NULL;
561
562 sock = SOCKET_I(inode);
563
564 inode->i_ino = get_next_ino();
565 inode->i_mode = S_IFSOCK | S_IRWXUGO;
566 inode->i_uid = current_fsuid();
567 inode->i_gid = current_fsgid();
568 inode->i_op = &sockfs_inode_ops;
569
570 return sock;
571}
572EXPORT_SYMBOL(sock_alloc);
573
574
575
576
577
578
579
580
581
582
583static void __sock_release(struct socket *sock, struct inode *inode)
584{
585 if (sock->ops) {
586 struct module *owner = sock->ops->owner;
587
588 if (inode)
589 inode_lock(inode);
590 sock->ops->release(sock);
591 sock->sk = NULL;
592 if (inode)
593 inode_unlock(inode);
594 sock->ops = NULL;
595 module_put(owner);
596 }
597
598 if (sock->wq.fasync_list)
599 pr_err("%s: fasync list not empty!\n", __func__);
600
601 if (!sock->file) {
602 iput(SOCK_INODE(sock));
603 return;
604 }
605 sock->file = NULL;
606}
607
608void sock_release(struct socket *sock)
609{
610 __sock_release(sock, NULL);
611}
612EXPORT_SYMBOL(sock_release);
613
614void __sock_tx_timestamp(__u16 tsflags, __u8 *tx_flags)
615{
616 u8 flags = *tx_flags;
617
618 if (tsflags & SOF_TIMESTAMPING_TX_HARDWARE)
619 flags |= SKBTX_HW_TSTAMP;
620
621 if (tsflags & SOF_TIMESTAMPING_TX_SOFTWARE)
622 flags |= SKBTX_SW_TSTAMP;
623
624 if (tsflags & SOF_TIMESTAMPING_TX_SCHED)
625 flags |= SKBTX_SCHED_TSTAMP;
626
627 *tx_flags = flags;
628}
629EXPORT_SYMBOL(__sock_tx_timestamp);
630
631INDIRECT_CALLABLE_DECLARE(int inet_sendmsg(struct socket *, struct msghdr *,
632 size_t));
633INDIRECT_CALLABLE_DECLARE(int inet6_sendmsg(struct socket *, struct msghdr *,
634 size_t));
635static inline int sock_sendmsg_nosec(struct socket *sock, struct msghdr *msg)
636{
637 int ret = INDIRECT_CALL_INET(sock->ops->sendmsg, inet6_sendmsg,
638 inet_sendmsg, sock, msg,
639 msg_data_left(msg));
640 BUG_ON(ret == -EIOCBQUEUED);
641 return ret;
642}
643
644
645
646
647
648
649
650
651
652int sock_sendmsg(struct socket *sock, struct msghdr *msg)
653{
654 int err = security_socket_sendmsg(sock, msg,
655 msg_data_left(msg));
656
657 return err ?: sock_sendmsg_nosec(sock, msg);
658}
659EXPORT_SYMBOL(sock_sendmsg);
660
661
662
663
664
665
666
667
668
669
670
671
672
673int kernel_sendmsg(struct socket *sock, struct msghdr *msg,
674 struct kvec *vec, size_t num, size_t size)
675{
676 iov_iter_kvec(&msg->msg_iter, WRITE, vec, num, size);
677 return sock_sendmsg(sock, msg);
678}
679EXPORT_SYMBOL(kernel_sendmsg);
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694int kernel_sendmsg_locked(struct sock *sk, struct msghdr *msg,
695 struct kvec *vec, size_t num, size_t size)
696{
697 struct socket *sock = sk->sk_socket;
698
699 if (!sock->ops->sendmsg_locked)
700 return sock_no_sendmsg_locked(sk, msg, size);
701
702 iov_iter_kvec(&msg->msg_iter, WRITE, vec, num, size);
703
704 return sock->ops->sendmsg_locked(sk, msg, msg_data_left(msg));
705}
706EXPORT_SYMBOL(kernel_sendmsg_locked);
707
708static bool skb_is_err_queue(const struct sk_buff *skb)
709{
710
711
712
713
714
715 return skb->pkt_type == PACKET_OUTGOING;
716}
717
718
719
720
721
722
723
724
725
726static bool skb_is_swtx_tstamp(const struct sk_buff *skb, int false_tstamp)
727{
728 return skb->tstamp && !false_tstamp && skb_is_err_queue(skb);
729}
730
731static void put_ts_pktinfo(struct msghdr *msg, struct sk_buff *skb)
732{
733 struct scm_ts_pktinfo ts_pktinfo;
734 struct net_device *orig_dev;
735
736 if (!skb_mac_header_was_set(skb))
737 return;
738
739 memset(&ts_pktinfo, 0, sizeof(ts_pktinfo));
740
741 rcu_read_lock();
742 orig_dev = dev_get_by_napi_id(skb_napi_id(skb));
743 if (orig_dev)
744 ts_pktinfo.if_index = orig_dev->ifindex;
745 rcu_read_unlock();
746
747 ts_pktinfo.pkt_length = skb->len - skb_mac_offset(skb);
748 put_cmsg(msg, SOL_SOCKET, SCM_TIMESTAMPING_PKTINFO,
749 sizeof(ts_pktinfo), &ts_pktinfo);
750}
751
752
753
754
755void __sock_recv_timestamp(struct msghdr *msg, struct sock *sk,
756 struct sk_buff *skb)
757{
758 int need_software_tstamp = sock_flag(sk, SOCK_RCVTSTAMP);
759 int new_tstamp = sock_flag(sk, SOCK_TSTAMP_NEW);
760 struct scm_timestamping_internal tss;
761
762 int empty = 1, false_tstamp = 0;
763 struct skb_shared_hwtstamps *shhwtstamps =
764 skb_hwtstamps(skb);
765
766
767
768 if (need_software_tstamp && skb->tstamp == 0) {
769 __net_timestamp(skb);
770 false_tstamp = 1;
771 }
772
773 if (need_software_tstamp) {
774 if (!sock_flag(sk, SOCK_RCVTSTAMPNS)) {
775 if (new_tstamp) {
776 struct __kernel_sock_timeval tv;
777
778 skb_get_new_timestamp(skb, &tv);
779 put_cmsg(msg, SOL_SOCKET, SO_TIMESTAMP_NEW,
780 sizeof(tv), &tv);
781 } else {
782 struct __kernel_old_timeval tv;
783
784 skb_get_timestamp(skb, &tv);
785 put_cmsg(msg, SOL_SOCKET, SO_TIMESTAMP_OLD,
786 sizeof(tv), &tv);
787 }
788 } else {
789 if (new_tstamp) {
790 struct __kernel_timespec ts;
791
792 skb_get_new_timestampns(skb, &ts);
793 put_cmsg(msg, SOL_SOCKET, SO_TIMESTAMPNS_NEW,
794 sizeof(ts), &ts);
795 } else {
796 struct timespec ts;
797
798 skb_get_timestampns(skb, &ts);
799 put_cmsg(msg, SOL_SOCKET, SO_TIMESTAMPNS_OLD,
800 sizeof(ts), &ts);
801 }
802 }
803 }
804
805 memset(&tss, 0, sizeof(tss));
806 if ((sk->sk_tsflags & SOF_TIMESTAMPING_SOFTWARE) &&
807 ktime_to_timespec64_cond(skb->tstamp, tss.ts + 0))
808 empty = 0;
809 if (shhwtstamps &&
810 (sk->sk_tsflags & SOF_TIMESTAMPING_RAW_HARDWARE) &&
811 !skb_is_swtx_tstamp(skb, false_tstamp) &&
812 ktime_to_timespec64_cond(shhwtstamps->hwtstamp, tss.ts + 2)) {
813 empty = 0;
814 if ((sk->sk_tsflags & SOF_TIMESTAMPING_OPT_PKTINFO) &&
815 !skb_is_err_queue(skb))
816 put_ts_pktinfo(msg, skb);
817 }
818 if (!empty) {
819 if (sock_flag(sk, SOCK_TSTAMP_NEW))
820 put_cmsg_scm_timestamping64(msg, &tss);
821 else
822 put_cmsg_scm_timestamping(msg, &tss);
823
824 if (skb_is_err_queue(skb) && skb->len &&
825 SKB_EXT_ERR(skb)->opt_stats)
826 put_cmsg(msg, SOL_SOCKET, SCM_TIMESTAMPING_OPT_STATS,
827 skb->len, skb->data);
828 }
829}
830EXPORT_SYMBOL_GPL(__sock_recv_timestamp);
831
832void __sock_recv_wifi_status(struct msghdr *msg, struct sock *sk,
833 struct sk_buff *skb)
834{
835 int ack;
836
837 if (!sock_flag(sk, SOCK_WIFI_STATUS))
838 return;
839 if (!skb->wifi_acked_valid)
840 return;
841
842 ack = skb->wifi_acked;
843
844 put_cmsg(msg, SOL_SOCKET, SCM_WIFI_STATUS, sizeof(ack), &ack);
845}
846EXPORT_SYMBOL_GPL(__sock_recv_wifi_status);
847
848static inline void sock_recv_drops(struct msghdr *msg, struct sock *sk,
849 struct sk_buff *skb)
850{
851 if (sock_flag(sk, SOCK_RXQ_OVFL) && skb && SOCK_SKB_CB(skb)->dropcount)
852 put_cmsg(msg, SOL_SOCKET, SO_RXQ_OVFL,
853 sizeof(__u32), &SOCK_SKB_CB(skb)->dropcount);
854}
855
856void __sock_recv_ts_and_drops(struct msghdr *msg, struct sock *sk,
857 struct sk_buff *skb)
858{
859 sock_recv_timestamp(msg, sk, skb);
860 sock_recv_drops(msg, sk, skb);
861}
862EXPORT_SYMBOL_GPL(__sock_recv_ts_and_drops);
863
864INDIRECT_CALLABLE_DECLARE(int inet_recvmsg(struct socket *, struct msghdr *,
865 size_t, int));
866INDIRECT_CALLABLE_DECLARE(int inet6_recvmsg(struct socket *, struct msghdr *,
867 size_t, int));
868static inline int sock_recvmsg_nosec(struct socket *sock, struct msghdr *msg,
869 int flags)
870{
871 return INDIRECT_CALL_INET(sock->ops->recvmsg, inet6_recvmsg,
872 inet_recvmsg, sock, msg, msg_data_left(msg),
873 flags);
874}
875
876
877
878
879
880
881
882
883
884
885int sock_recvmsg(struct socket *sock, struct msghdr *msg, int flags)
886{
887 int err = security_socket_recvmsg(sock, msg, msg_data_left(msg), flags);
888
889 return err ?: sock_recvmsg_nosec(sock, msg, flags);
890}
891EXPORT_SYMBOL(sock_recvmsg);
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909int kernel_recvmsg(struct socket *sock, struct msghdr *msg,
910 struct kvec *vec, size_t num, size_t size, int flags)
911{
912 mm_segment_t oldfs = get_fs();
913 int result;
914
915 iov_iter_kvec(&msg->msg_iter, READ, vec, num, size);
916 set_fs(KERNEL_DS);
917 result = sock_recvmsg(sock, msg, flags);
918 set_fs(oldfs);
919 return result;
920}
921EXPORT_SYMBOL(kernel_recvmsg);
922
923static ssize_t sock_sendpage(struct file *file, struct page *page,
924 int offset, size_t size, loff_t *ppos, int more)
925{
926 struct socket *sock;
927 int flags;
928
929 sock = file->private_data;
930
931 flags = (file->f_flags & O_NONBLOCK) ? MSG_DONTWAIT : 0;
932
933 flags |= more;
934
935 return kernel_sendpage(sock, page, offset, size, flags);
936}
937
938static ssize_t sock_splice_read(struct file *file, loff_t *ppos,
939 struct pipe_inode_info *pipe, size_t len,
940 unsigned int flags)
941{
942 struct socket *sock = file->private_data;
943
944 if (unlikely(!sock->ops->splice_read))
945 return generic_file_splice_read(file, ppos, pipe, len, flags);
946
947 return sock->ops->splice_read(sock, ppos, pipe, len, flags);
948}
949
950static ssize_t sock_read_iter(struct kiocb *iocb, struct iov_iter *to)
951{
952 struct file *file = iocb->ki_filp;
953 struct socket *sock = file->private_data;
954 struct msghdr msg = {.msg_iter = *to,
955 .msg_iocb = iocb};
956 ssize_t res;
957
958 if (file->f_flags & O_NONBLOCK)
959 msg.msg_flags = MSG_DONTWAIT;
960
961 if (iocb->ki_pos != 0)
962 return -ESPIPE;
963
964 if (!iov_iter_count(to))
965 return 0;
966
967 res = sock_recvmsg(sock, &msg, msg.msg_flags);
968 *to = msg.msg_iter;
969 return res;
970}
971
972static ssize_t sock_write_iter(struct kiocb *iocb, struct iov_iter *from)
973{
974 struct file *file = iocb->ki_filp;
975 struct socket *sock = file->private_data;
976 struct msghdr msg = {.msg_iter = *from,
977 .msg_iocb = iocb};
978 ssize_t res;
979
980 if (iocb->ki_pos != 0)
981 return -ESPIPE;
982
983 if (file->f_flags & O_NONBLOCK)
984 msg.msg_flags = MSG_DONTWAIT;
985
986 if (sock->type == SOCK_SEQPACKET)
987 msg.msg_flags |= MSG_EOR;
988
989 res = sock_sendmsg(sock, &msg);
990 *from = msg.msg_iter;
991 return res;
992}
993
994
995
996
997
998
999static DEFINE_MUTEX(br_ioctl_mutex);
1000static int (*br_ioctl_hook) (struct net *, unsigned int cmd, void __user *arg);
1001
1002void brioctl_set(int (*hook) (struct net *, unsigned int, void __user *))
1003{
1004 mutex_lock(&br_ioctl_mutex);
1005 br_ioctl_hook = hook;
1006 mutex_unlock(&br_ioctl_mutex);
1007}
1008EXPORT_SYMBOL(brioctl_set);
1009
1010static DEFINE_MUTEX(vlan_ioctl_mutex);
1011static int (*vlan_ioctl_hook) (struct net *, void __user *arg);
1012
1013void vlan_ioctl_set(int (*hook) (struct net *, void __user *))
1014{
1015 mutex_lock(&vlan_ioctl_mutex);
1016 vlan_ioctl_hook = hook;
1017 mutex_unlock(&vlan_ioctl_mutex);
1018}
1019EXPORT_SYMBOL(vlan_ioctl_set);
1020
1021static DEFINE_MUTEX(dlci_ioctl_mutex);
1022static int (*dlci_ioctl_hook) (unsigned int, void __user *);
1023
1024void dlci_ioctl_set(int (*hook) (unsigned int, void __user *))
1025{
1026 mutex_lock(&dlci_ioctl_mutex);
1027 dlci_ioctl_hook = hook;
1028 mutex_unlock(&dlci_ioctl_mutex);
1029}
1030EXPORT_SYMBOL(dlci_ioctl_set);
1031
1032static long sock_do_ioctl(struct net *net, struct socket *sock,
1033 unsigned int cmd, unsigned long arg)
1034{
1035 int err;
1036 void __user *argp = (void __user *)arg;
1037
1038 err = sock->ops->ioctl(sock, cmd, arg);
1039
1040
1041
1042
1043
1044 if (err != -ENOIOCTLCMD)
1045 return err;
1046
1047 if (cmd == SIOCGIFCONF) {
1048 struct ifconf ifc;
1049 if (copy_from_user(&ifc, argp, sizeof(struct ifconf)))
1050 return -EFAULT;
1051 rtnl_lock();
1052 err = dev_ifconf(net, &ifc, sizeof(struct ifreq));
1053 rtnl_unlock();
1054 if (!err && copy_to_user(argp, &ifc, sizeof(struct ifconf)))
1055 err = -EFAULT;
1056 } else {
1057 struct ifreq ifr;
1058 bool need_copyout;
1059 if (copy_from_user(&ifr, argp, sizeof(struct ifreq)))
1060 return -EFAULT;
1061 err = dev_ioctl(net, cmd, &ifr, &need_copyout);
1062 if (!err && need_copyout)
1063 if (copy_to_user(argp, &ifr, sizeof(struct ifreq)))
1064 return -EFAULT;
1065 }
1066 return err;
1067}
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081struct ns_common *get_net_ns(struct ns_common *ns)
1082{
1083 return &get_net(container_of(ns, struct net, ns))->ns;
1084}
1085EXPORT_SYMBOL_GPL(get_net_ns);
1086
1087static long sock_ioctl(struct file *file, unsigned cmd, unsigned long arg)
1088{
1089 struct socket *sock;
1090 struct sock *sk;
1091 void __user *argp = (void __user *)arg;
1092 int pid, err;
1093 struct net *net;
1094
1095 sock = file->private_data;
1096 sk = sock->sk;
1097 net = sock_net(sk);
1098 if (unlikely(cmd >= SIOCDEVPRIVATE && cmd <= (SIOCDEVPRIVATE + 15))) {
1099 struct ifreq ifr;
1100 bool need_copyout;
1101 if (copy_from_user(&ifr, argp, sizeof(struct ifreq)))
1102 return -EFAULT;
1103 err = dev_ioctl(net, cmd, &ifr, &need_copyout);
1104 if (!err && need_copyout)
1105 if (copy_to_user(argp, &ifr, sizeof(struct ifreq)))
1106 return -EFAULT;
1107 } else
1108#ifdef CONFIG_WEXT_CORE
1109 if (cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST) {
1110 err = wext_handle_ioctl(net, cmd, argp);
1111 } else
1112#endif
1113 switch (cmd) {
1114 case FIOSETOWN:
1115 case SIOCSPGRP:
1116 err = -EFAULT;
1117 if (get_user(pid, (int __user *)argp))
1118 break;
1119 err = f_setown(sock->file, pid, 1);
1120 break;
1121 case FIOGETOWN:
1122 case SIOCGPGRP:
1123 err = put_user(f_getown(sock->file),
1124 (int __user *)argp);
1125 break;
1126 case SIOCGIFBR:
1127 case SIOCSIFBR:
1128 case SIOCBRADDBR:
1129 case SIOCBRDELBR:
1130 err = -ENOPKG;
1131 if (!br_ioctl_hook)
1132 request_module("bridge");
1133
1134 mutex_lock(&br_ioctl_mutex);
1135 if (br_ioctl_hook)
1136 err = br_ioctl_hook(net, cmd, argp);
1137 mutex_unlock(&br_ioctl_mutex);
1138 break;
1139 case SIOCGIFVLAN:
1140 case SIOCSIFVLAN:
1141 err = -ENOPKG;
1142 if (!vlan_ioctl_hook)
1143 request_module("8021q");
1144
1145 mutex_lock(&vlan_ioctl_mutex);
1146 if (vlan_ioctl_hook)
1147 err = vlan_ioctl_hook(net, argp);
1148 mutex_unlock(&vlan_ioctl_mutex);
1149 break;
1150 case SIOCADDDLCI:
1151 case SIOCDELDLCI:
1152 err = -ENOPKG;
1153 if (!dlci_ioctl_hook)
1154 request_module("dlci");
1155
1156 mutex_lock(&dlci_ioctl_mutex);
1157 if (dlci_ioctl_hook)
1158 err = dlci_ioctl_hook(cmd, argp);
1159 mutex_unlock(&dlci_ioctl_mutex);
1160 break;
1161 case SIOCGSKNS:
1162 err = -EPERM;
1163 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1164 break;
1165
1166 err = open_related_ns(&net->ns, get_net_ns);
1167 break;
1168 case SIOCGSTAMP_OLD:
1169 case SIOCGSTAMPNS_OLD:
1170 if (!sock->ops->gettstamp) {
1171 err = -ENOIOCTLCMD;
1172 break;
1173 }
1174 err = sock->ops->gettstamp(sock, argp,
1175 cmd == SIOCGSTAMP_OLD,
1176 !IS_ENABLED(CONFIG_64BIT));
1177 break;
1178 case SIOCGSTAMP_NEW:
1179 case SIOCGSTAMPNS_NEW:
1180 if (!sock->ops->gettstamp) {
1181 err = -ENOIOCTLCMD;
1182 break;
1183 }
1184 err = sock->ops->gettstamp(sock, argp,
1185 cmd == SIOCGSTAMP_NEW,
1186 false);
1187 break;
1188 default:
1189 err = sock_do_ioctl(net, sock, cmd, arg);
1190 break;
1191 }
1192 return err;
1193}
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208int sock_create_lite(int family, int type, int protocol, struct socket **res)
1209{
1210 int err;
1211 struct socket *sock = NULL;
1212
1213 err = security_socket_create(family, type, protocol, 1);
1214 if (err)
1215 goto out;
1216
1217 sock = sock_alloc();
1218 if (!sock) {
1219 err = -ENOMEM;
1220 goto out;
1221 }
1222
1223 sock->type = type;
1224 err = security_socket_post_create(sock, family, type, protocol, 1);
1225 if (err)
1226 goto out_release;
1227
1228out:
1229 *res = sock;
1230 return err;
1231out_release:
1232 sock_release(sock);
1233 sock = NULL;
1234 goto out;
1235}
1236EXPORT_SYMBOL(sock_create_lite);
1237
1238
1239static __poll_t sock_poll(struct file *file, poll_table *wait)
1240{
1241 struct socket *sock = file->private_data;
1242 __poll_t events = poll_requested_events(wait), flag = 0;
1243
1244 if (!sock->ops->poll)
1245 return 0;
1246
1247 if (sk_can_busy_loop(sock->sk)) {
1248
1249 if (events & POLL_BUSY_LOOP)
1250 sk_busy_loop(sock->sk, 1);
1251
1252
1253 flag = POLL_BUSY_LOOP;
1254 }
1255
1256 return sock->ops->poll(file, sock, wait) | flag;
1257}
1258
1259static int sock_mmap(struct file *file, struct vm_area_struct *vma)
1260{
1261 struct socket *sock = file->private_data;
1262
1263 return sock->ops->mmap(file, sock, vma);
1264}
1265
1266static int sock_close(struct inode *inode, struct file *filp)
1267{
1268 __sock_release(SOCKET_I(inode), inode);
1269 return 0;
1270}
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283static int sock_fasync(int fd, struct file *filp, int on)
1284{
1285 struct socket *sock = filp->private_data;
1286 struct sock *sk = sock->sk;
1287 struct socket_wq *wq = &sock->wq;
1288
1289 if (sk == NULL)
1290 return -EINVAL;
1291
1292 lock_sock(sk);
1293 fasync_helper(fd, filp, on, &wq->fasync_list);
1294
1295 if (!wq->fasync_list)
1296 sock_reset_flag(sk, SOCK_FASYNC);
1297 else
1298 sock_set_flag(sk, SOCK_FASYNC);
1299
1300 release_sock(sk);
1301 return 0;
1302}
1303
1304
1305
1306int sock_wake_async(struct socket_wq *wq, int how, int band)
1307{
1308 if (!wq || !wq->fasync_list)
1309 return -1;
1310
1311 switch (how) {
1312 case SOCK_WAKE_WAITD:
1313 if (test_bit(SOCKWQ_ASYNC_WAITDATA, &wq->flags))
1314 break;
1315 goto call_kill;
1316 case SOCK_WAKE_SPACE:
1317 if (!test_and_clear_bit(SOCKWQ_ASYNC_NOSPACE, &wq->flags))
1318 break;
1319
1320 case SOCK_WAKE_IO:
1321call_kill:
1322 kill_fasync(&wq->fasync_list, SIGIO, band);
1323 break;
1324 case SOCK_WAKE_URG:
1325 kill_fasync(&wq->fasync_list, SIGURG, band);
1326 }
1327
1328 return 0;
1329}
1330EXPORT_SYMBOL(sock_wake_async);
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347int __sock_create(struct net *net, int family, int type, int protocol,
1348 struct socket **res, int kern)
1349{
1350 int err;
1351 struct socket *sock;
1352 const struct net_proto_family *pf;
1353
1354
1355
1356
1357 if (family < 0 || family >= NPROTO)
1358 return -EAFNOSUPPORT;
1359 if (type < 0 || type >= SOCK_MAX)
1360 return -EINVAL;
1361
1362
1363
1364
1365
1366
1367 if (family == PF_INET && type == SOCK_PACKET) {
1368 pr_info_once("%s uses obsolete (PF_INET,SOCK_PACKET)\n",
1369 current->comm);
1370 family = PF_PACKET;
1371 }
1372
1373 err = security_socket_create(family, type, protocol, kern);
1374 if (err)
1375 return err;
1376
1377
1378
1379
1380
1381
1382 sock = sock_alloc();
1383 if (!sock) {
1384 net_warn_ratelimited("socket: no more sockets\n");
1385 return -ENFILE;
1386
1387 }
1388
1389 sock->type = type;
1390
1391#ifdef CONFIG_MODULES
1392
1393
1394
1395
1396
1397
1398 if (rcu_access_pointer(net_families[family]) == NULL)
1399 request_module("net-pf-%d", family);
1400#endif
1401
1402 rcu_read_lock();
1403 pf = rcu_dereference(net_families[family]);
1404 err = -EAFNOSUPPORT;
1405 if (!pf)
1406 goto out_release;
1407
1408
1409
1410
1411
1412 if (!try_module_get(pf->owner))
1413 goto out_release;
1414
1415
1416 rcu_read_unlock();
1417
1418 err = pf->create(net, sock, protocol, kern);
1419 if (err < 0)
1420 goto out_module_put;
1421
1422
1423
1424
1425
1426 if (!try_module_get(sock->ops->owner))
1427 goto out_module_busy;
1428
1429
1430
1431
1432
1433 module_put(pf->owner);
1434 err = security_socket_post_create(sock, family, type, protocol, kern);
1435 if (err)
1436 goto out_sock_release;
1437 *res = sock;
1438
1439 return 0;
1440
1441out_module_busy:
1442 err = -EAFNOSUPPORT;
1443out_module_put:
1444 sock->ops = NULL;
1445 module_put(pf->owner);
1446out_sock_release:
1447 sock_release(sock);
1448 return err;
1449
1450out_release:
1451 rcu_read_unlock();
1452 goto out_sock_release;
1453}
1454EXPORT_SYMBOL(__sock_create);
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467int sock_create(int family, int type, int protocol, struct socket **res)
1468{
1469 return __sock_create(current->nsproxy->net_ns, family, type, protocol, res, 0);
1470}
1471EXPORT_SYMBOL(sock_create);
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485int sock_create_kern(struct net *net, int family, int type, int protocol, struct socket **res)
1486{
1487 return __sock_create(net, family, type, protocol, res, 1);
1488}
1489EXPORT_SYMBOL(sock_create_kern);
1490
1491int __sys_socket(int family, int type, int protocol)
1492{
1493 int retval;
1494 struct socket *sock;
1495 int flags;
1496
1497
1498 BUILD_BUG_ON(SOCK_CLOEXEC != O_CLOEXEC);
1499 BUILD_BUG_ON((SOCK_MAX | SOCK_TYPE_MASK) != SOCK_TYPE_MASK);
1500 BUILD_BUG_ON(SOCK_CLOEXEC & SOCK_TYPE_MASK);
1501 BUILD_BUG_ON(SOCK_NONBLOCK & SOCK_TYPE_MASK);
1502
1503 flags = type & ~SOCK_TYPE_MASK;
1504 if (flags & ~(SOCK_CLOEXEC | SOCK_NONBLOCK))
1505 return -EINVAL;
1506 type &= SOCK_TYPE_MASK;
1507
1508 if (SOCK_NONBLOCK != O_NONBLOCK && (flags & SOCK_NONBLOCK))
1509 flags = (flags & ~SOCK_NONBLOCK) | O_NONBLOCK;
1510
1511 retval = sock_create(family, type, protocol, &sock);
1512 if (retval < 0)
1513 return retval;
1514
1515 return sock_map_fd(sock, flags & (O_CLOEXEC | O_NONBLOCK));
1516}
1517
1518SYSCALL_DEFINE3(socket, int, family, int, type, int, protocol)
1519{
1520 return __sys_socket(family, type, protocol);
1521}
1522
1523
1524
1525
1526
1527int __sys_socketpair(int family, int type, int protocol, int __user *usockvec)
1528{
1529 struct socket *sock1, *sock2;
1530 int fd1, fd2, err;
1531 struct file *newfile1, *newfile2;
1532 int flags;
1533
1534 flags = type & ~SOCK_TYPE_MASK;
1535 if (flags & ~(SOCK_CLOEXEC | SOCK_NONBLOCK))
1536 return -EINVAL;
1537 type &= SOCK_TYPE_MASK;
1538
1539 if (SOCK_NONBLOCK != O_NONBLOCK && (flags & SOCK_NONBLOCK))
1540 flags = (flags & ~SOCK_NONBLOCK) | O_NONBLOCK;
1541
1542
1543
1544
1545
1546 fd1 = get_unused_fd_flags(flags);
1547 if (unlikely(fd1 < 0))
1548 return fd1;
1549
1550 fd2 = get_unused_fd_flags(flags);
1551 if (unlikely(fd2 < 0)) {
1552 put_unused_fd(fd1);
1553 return fd2;
1554 }
1555
1556 err = put_user(fd1, &usockvec[0]);
1557 if (err)
1558 goto out;
1559
1560 err = put_user(fd2, &usockvec[1]);
1561 if (err)
1562 goto out;
1563
1564
1565
1566
1567
1568
1569 err = sock_create(family, type, protocol, &sock1);
1570 if (unlikely(err < 0))
1571 goto out;
1572
1573 err = sock_create(family, type, protocol, &sock2);
1574 if (unlikely(err < 0)) {
1575 sock_release(sock1);
1576 goto out;
1577 }
1578
1579 err = security_socket_socketpair(sock1, sock2);
1580 if (unlikely(err)) {
1581 sock_release(sock2);
1582 sock_release(sock1);
1583 goto out;
1584 }
1585
1586 err = sock1->ops->socketpair(sock1, sock2);
1587 if (unlikely(err < 0)) {
1588 sock_release(sock2);
1589 sock_release(sock1);
1590 goto out;
1591 }
1592
1593 newfile1 = sock_alloc_file(sock1, flags, NULL);
1594 if (IS_ERR(newfile1)) {
1595 err = PTR_ERR(newfile1);
1596 sock_release(sock2);
1597 goto out;
1598 }
1599
1600 newfile2 = sock_alloc_file(sock2, flags, NULL);
1601 if (IS_ERR(newfile2)) {
1602 err = PTR_ERR(newfile2);
1603 fput(newfile1);
1604 goto out;
1605 }
1606
1607 audit_fd_pair(fd1, fd2);
1608
1609 fd_install(fd1, newfile1);
1610 fd_install(fd2, newfile2);
1611 return 0;
1612
1613out:
1614 put_unused_fd(fd2);
1615 put_unused_fd(fd1);
1616 return err;
1617}
1618
1619SYSCALL_DEFINE4(socketpair, int, family, int, type, int, protocol,
1620 int __user *, usockvec)
1621{
1622 return __sys_socketpair(family, type, protocol, usockvec);
1623}
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633int __sys_bind(int fd, struct sockaddr __user *umyaddr, int addrlen)
1634{
1635 struct socket *sock;
1636 struct sockaddr_storage address;
1637 int err, fput_needed;
1638
1639 sock = sockfd_lookup_light(fd, &err, &fput_needed);
1640 if (sock) {
1641 err = move_addr_to_kernel(umyaddr, addrlen, &address);
1642 if (!err) {
1643 err = security_socket_bind(sock,
1644 (struct sockaddr *)&address,
1645 addrlen);
1646 if (!err)
1647 err = sock->ops->bind(sock,
1648 (struct sockaddr *)
1649 &address, addrlen);
1650 }
1651 fput_light(sock->file, fput_needed);
1652 }
1653 return err;
1654}
1655
1656SYSCALL_DEFINE3(bind, int, fd, struct sockaddr __user *, umyaddr, int, addrlen)
1657{
1658 return __sys_bind(fd, umyaddr, addrlen);
1659}
1660
1661
1662
1663
1664
1665
1666
1667int __sys_listen(int fd, int backlog)
1668{
1669 struct socket *sock;
1670 int err, fput_needed;
1671 int somaxconn;
1672
1673 sock = sockfd_lookup_light(fd, &err, &fput_needed);
1674 if (sock) {
1675 somaxconn = sock_net(sock->sk)->core.sysctl_somaxconn;
1676 if ((unsigned int)backlog > somaxconn)
1677 backlog = somaxconn;
1678
1679 err = security_socket_listen(sock, backlog);
1680 if (!err)
1681 err = sock->ops->listen(sock, backlog);
1682
1683 fput_light(sock->file, fput_needed);
1684 }
1685 return err;
1686}
1687
1688SYSCALL_DEFINE2(listen, int, fd, int, backlog)
1689{
1690 return __sys_listen(fd, backlog);
1691}
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705int __sys_accept4(int fd, struct sockaddr __user *upeer_sockaddr,
1706 int __user *upeer_addrlen, int flags)
1707{
1708 struct socket *sock, *newsock;
1709 struct file *newfile;
1710 int err, len, newfd, fput_needed;
1711 struct sockaddr_storage address;
1712
1713 if (flags & ~(SOCK_CLOEXEC | SOCK_NONBLOCK))
1714 return -EINVAL;
1715
1716 if (SOCK_NONBLOCK != O_NONBLOCK && (flags & SOCK_NONBLOCK))
1717 flags = (flags & ~SOCK_NONBLOCK) | O_NONBLOCK;
1718
1719 sock = sockfd_lookup_light(fd, &err, &fput_needed);
1720 if (!sock)
1721 goto out;
1722
1723 err = -ENFILE;
1724 newsock = sock_alloc();
1725 if (!newsock)
1726 goto out_put;
1727
1728 newsock->type = sock->type;
1729 newsock->ops = sock->ops;
1730
1731
1732
1733
1734
1735 __module_get(newsock->ops->owner);
1736
1737 newfd = get_unused_fd_flags(flags);
1738 if (unlikely(newfd < 0)) {
1739 err = newfd;
1740 sock_release(newsock);
1741 goto out_put;
1742 }
1743 newfile = sock_alloc_file(newsock, flags, sock->sk->sk_prot_creator->name);
1744 if (IS_ERR(newfile)) {
1745 err = PTR_ERR(newfile);
1746 put_unused_fd(newfd);
1747 goto out_put;
1748 }
1749
1750 err = security_socket_accept(sock, newsock);
1751 if (err)
1752 goto out_fd;
1753
1754 err = sock->ops->accept(sock, newsock, sock->file->f_flags, false);
1755 if (err < 0)
1756 goto out_fd;
1757
1758 if (upeer_sockaddr) {
1759 len = newsock->ops->getname(newsock,
1760 (struct sockaddr *)&address, 2);
1761 if (len < 0) {
1762 err = -ECONNABORTED;
1763 goto out_fd;
1764 }
1765 err = move_addr_to_user(&address,
1766 len, upeer_sockaddr, upeer_addrlen);
1767 if (err < 0)
1768 goto out_fd;
1769 }
1770
1771
1772
1773 fd_install(newfd, newfile);
1774 err = newfd;
1775
1776out_put:
1777 fput_light(sock->file, fput_needed);
1778out:
1779 return err;
1780out_fd:
1781 fput(newfile);
1782 put_unused_fd(newfd);
1783 goto out_put;
1784}
1785
1786SYSCALL_DEFINE4(accept4, int, fd, struct sockaddr __user *, upeer_sockaddr,
1787 int __user *, upeer_addrlen, int, flags)
1788{
1789 return __sys_accept4(fd, upeer_sockaddr, upeer_addrlen, flags);
1790}
1791
1792SYSCALL_DEFINE3(accept, int, fd, struct sockaddr __user *, upeer_sockaddr,
1793 int __user *, upeer_addrlen)
1794{
1795 return __sys_accept4(fd, upeer_sockaddr, upeer_addrlen, 0);
1796}
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810int __sys_connect(int fd, struct sockaddr __user *uservaddr, int addrlen)
1811{
1812 struct socket *sock;
1813 struct sockaddr_storage address;
1814 int err, fput_needed;
1815
1816 sock = sockfd_lookup_light(fd, &err, &fput_needed);
1817 if (!sock)
1818 goto out;
1819 err = move_addr_to_kernel(uservaddr, addrlen, &address);
1820 if (err < 0)
1821 goto out_put;
1822
1823 err =
1824 security_socket_connect(sock, (struct sockaddr *)&address, addrlen);
1825 if (err)
1826 goto out_put;
1827
1828 err = sock->ops->connect(sock, (struct sockaddr *)&address, addrlen,
1829 sock->file->f_flags);
1830out_put:
1831 fput_light(sock->file, fput_needed);
1832out:
1833 return err;
1834}
1835
1836SYSCALL_DEFINE3(connect, int, fd, struct sockaddr __user *, uservaddr,
1837 int, addrlen)
1838{
1839 return __sys_connect(fd, uservaddr, addrlen);
1840}
1841
1842
1843
1844
1845
1846
1847int __sys_getsockname(int fd, struct sockaddr __user *usockaddr,
1848 int __user *usockaddr_len)
1849{
1850 struct socket *sock;
1851 struct sockaddr_storage address;
1852 int err, fput_needed;
1853
1854 sock = sockfd_lookup_light(fd, &err, &fput_needed);
1855 if (!sock)
1856 goto out;
1857
1858 err = security_socket_getsockname(sock);
1859 if (err)
1860 goto out_put;
1861
1862 err = sock->ops->getname(sock, (struct sockaddr *)&address, 0);
1863 if (err < 0)
1864 goto out_put;
1865
1866 err = move_addr_to_user(&address, err, usockaddr, usockaddr_len);
1867
1868out_put:
1869 fput_light(sock->file, fput_needed);
1870out:
1871 return err;
1872}
1873
1874SYSCALL_DEFINE3(getsockname, int, fd, struct sockaddr __user *, usockaddr,
1875 int __user *, usockaddr_len)
1876{
1877 return __sys_getsockname(fd, usockaddr, usockaddr_len);
1878}
1879
1880
1881
1882
1883
1884
1885int __sys_getpeername(int fd, struct sockaddr __user *usockaddr,
1886 int __user *usockaddr_len)
1887{
1888 struct socket *sock;
1889 struct sockaddr_storage address;
1890 int err, fput_needed;
1891
1892 sock = sockfd_lookup_light(fd, &err, &fput_needed);
1893 if (sock != NULL) {
1894 err = security_socket_getpeername(sock);
1895 if (err) {
1896 fput_light(sock->file, fput_needed);
1897 return err;
1898 }
1899
1900 err = sock->ops->getname(sock, (struct sockaddr *)&address, 1);
1901 if (err >= 0)
1902
1903 err = move_addr_to_user(&address, err, usockaddr,
1904 usockaddr_len);
1905 fput_light(sock->file, fput_needed);
1906 }
1907 return err;
1908}
1909
1910SYSCALL_DEFINE3(getpeername, int, fd, struct sockaddr __user *, usockaddr,
1911 int __user *, usockaddr_len)
1912{
1913 return __sys_getpeername(fd, usockaddr, usockaddr_len);
1914}
1915
1916
1917
1918
1919
1920
1921int __sys_sendto(int fd, void __user *buff, size_t len, unsigned int flags,
1922 struct sockaddr __user *addr, int addr_len)
1923{
1924 struct socket *sock;
1925 struct sockaddr_storage address;
1926 int err;
1927 struct msghdr msg;
1928 struct iovec iov;
1929 int fput_needed;
1930
1931 err = import_single_range(WRITE, buff, len, &iov, &msg.msg_iter);
1932 if (unlikely(err))
1933 return err;
1934 sock = sockfd_lookup_light(fd, &err, &fput_needed);
1935 if (!sock)
1936 goto out;
1937
1938 msg.msg_name = NULL;
1939 msg.msg_control = NULL;
1940 msg.msg_controllen = 0;
1941 msg.msg_namelen = 0;
1942 if (addr) {
1943 err = move_addr_to_kernel(addr, addr_len, &address);
1944 if (err < 0)
1945 goto out_put;
1946 msg.msg_name = (struct sockaddr *)&address;
1947 msg.msg_namelen = addr_len;
1948 }
1949 if (sock->file->f_flags & O_NONBLOCK)
1950 flags |= MSG_DONTWAIT;
1951 msg.msg_flags = flags;
1952 err = sock_sendmsg(sock, &msg);
1953
1954out_put:
1955 fput_light(sock->file, fput_needed);
1956out:
1957 return err;
1958}
1959
1960SYSCALL_DEFINE6(sendto, int, fd, void __user *, buff, size_t, len,
1961 unsigned int, flags, struct sockaddr __user *, addr,
1962 int, addr_len)
1963{
1964 return __sys_sendto(fd, buff, len, flags, addr, addr_len);
1965}
1966
1967
1968
1969
1970
1971SYSCALL_DEFINE4(send, int, fd, void __user *, buff, size_t, len,
1972 unsigned int, flags)
1973{
1974 return __sys_sendto(fd, buff, len, flags, NULL, 0);
1975}
1976
1977
1978
1979
1980
1981
1982int __sys_recvfrom(int fd, void __user *ubuf, size_t size, unsigned int flags,
1983 struct sockaddr __user *addr, int __user *addr_len)
1984{
1985 struct socket *sock;
1986 struct iovec iov;
1987 struct msghdr msg;
1988 struct sockaddr_storage address;
1989 int err, err2;
1990 int fput_needed;
1991
1992 err = import_single_range(READ, ubuf, size, &iov, &msg.msg_iter);
1993 if (unlikely(err))
1994 return err;
1995 sock = sockfd_lookup_light(fd, &err, &fput_needed);
1996 if (!sock)
1997 goto out;
1998
1999 msg.msg_control = NULL;
2000 msg.msg_controllen = 0;
2001
2002 msg.msg_name = addr ? (struct sockaddr *)&address : NULL;
2003
2004 msg.msg_namelen = 0;
2005 msg.msg_iocb = NULL;
2006 msg.msg_flags = 0;
2007 if (sock->file->f_flags & O_NONBLOCK)
2008 flags |= MSG_DONTWAIT;
2009 err = sock_recvmsg(sock, &msg, flags);
2010
2011 if (err >= 0 && addr != NULL) {
2012 err2 = move_addr_to_user(&address,
2013 msg.msg_namelen, addr, addr_len);
2014 if (err2 < 0)
2015 err = err2;
2016 }
2017
2018 fput_light(sock->file, fput_needed);
2019out:
2020 return err;
2021}
2022
2023SYSCALL_DEFINE6(recvfrom, int, fd, void __user *, ubuf, size_t, size,
2024 unsigned int, flags, struct sockaddr __user *, addr,
2025 int __user *, addr_len)
2026{
2027 return __sys_recvfrom(fd, ubuf, size, flags, addr, addr_len);
2028}
2029
2030
2031
2032
2033
2034SYSCALL_DEFINE4(recv, int, fd, void __user *, ubuf, size_t, size,
2035 unsigned int, flags)
2036{
2037 return __sys_recvfrom(fd, ubuf, size, flags, NULL, NULL);
2038}
2039
2040
2041
2042
2043
2044
2045static int __sys_setsockopt(int fd, int level, int optname,
2046 char __user *optval, int optlen)
2047{
2048 mm_segment_t oldfs = get_fs();
2049 char *kernel_optval = NULL;
2050 int err, fput_needed;
2051 struct socket *sock;
2052
2053 if (optlen < 0)
2054 return -EINVAL;
2055
2056 sock = sockfd_lookup_light(fd, &err, &fput_needed);
2057 if (sock != NULL) {
2058 err = security_socket_setsockopt(sock, level, optname);
2059 if (err)
2060 goto out_put;
2061
2062 err = BPF_CGROUP_RUN_PROG_SETSOCKOPT(sock->sk, &level,
2063 &optname, optval, &optlen,
2064 &kernel_optval);
2065
2066 if (err < 0) {
2067 goto out_put;
2068 } else if (err > 0) {
2069 err = 0;
2070 goto out_put;
2071 }
2072
2073 if (kernel_optval) {
2074 set_fs(KERNEL_DS);
2075 optval = (char __user __force *)kernel_optval;
2076 }
2077
2078 if (level == SOL_SOCKET)
2079 err =
2080 sock_setsockopt(sock, level, optname, optval,
2081 optlen);
2082 else
2083 err =
2084 sock->ops->setsockopt(sock, level, optname, optval,
2085 optlen);
2086
2087 if (kernel_optval) {
2088 set_fs(oldfs);
2089 kfree(kernel_optval);
2090 }
2091out_put:
2092 fput_light(sock->file, fput_needed);
2093 }
2094 return err;
2095}
2096
2097SYSCALL_DEFINE5(setsockopt, int, fd, int, level, int, optname,
2098 char __user *, optval, int, optlen)
2099{
2100 return __sys_setsockopt(fd, level, optname, optval, optlen);
2101}
2102
2103
2104
2105
2106
2107
2108static int __sys_getsockopt(int fd, int level, int optname,
2109 char __user *optval, int __user *optlen)
2110{
2111 int err, fput_needed;
2112 struct socket *sock;
2113 int max_optlen;
2114
2115 sock = sockfd_lookup_light(fd, &err, &fput_needed);
2116 if (sock != NULL) {
2117 err = security_socket_getsockopt(sock, level, optname);
2118 if (err)
2119 goto out_put;
2120
2121 max_optlen = BPF_CGROUP_GETSOCKOPT_MAX_OPTLEN(optlen);
2122
2123 if (level == SOL_SOCKET)
2124 err =
2125 sock_getsockopt(sock, level, optname, optval,
2126 optlen);
2127 else
2128 err =
2129 sock->ops->getsockopt(sock, level, optname, optval,
2130 optlen);
2131
2132 err = BPF_CGROUP_RUN_PROG_GETSOCKOPT(sock->sk, level, optname,
2133 optval, optlen,
2134 max_optlen, err);
2135out_put:
2136 fput_light(sock->file, fput_needed);
2137 }
2138 return err;
2139}
2140
2141SYSCALL_DEFINE5(getsockopt, int, fd, int, level, int, optname,
2142 char __user *, optval, int __user *, optlen)
2143{
2144 return __sys_getsockopt(fd, level, optname, optval, optlen);
2145}
2146
2147
2148
2149
2150
2151int __sys_shutdown(int fd, int how)
2152{
2153 int err, fput_needed;
2154 struct socket *sock;
2155
2156 sock = sockfd_lookup_light(fd, &err, &fput_needed);
2157 if (sock != NULL) {
2158 err = security_socket_shutdown(sock, how);
2159 if (!err)
2160 err = sock->ops->shutdown(sock, how);
2161 fput_light(sock->file, fput_needed);
2162 }
2163 return err;
2164}
2165
2166SYSCALL_DEFINE2(shutdown, int, fd, int, how)
2167{
2168 return __sys_shutdown(fd, how);
2169}
2170
2171
2172
2173
2174#define COMPAT_MSG(msg, member) ((MSG_CMSG_COMPAT & flags) ? &msg##_compat->member : &msg->member)
2175#define COMPAT_NAMELEN(msg) COMPAT_MSG(msg, msg_namelen)
2176#define COMPAT_FLAGS(msg) COMPAT_MSG(msg, msg_flags)
2177
2178struct used_address {
2179 struct sockaddr_storage name;
2180 unsigned int name_len;
2181};
2182
2183static int copy_msghdr_from_user(struct msghdr *kmsg,
2184 struct user_msghdr __user *umsg,
2185 struct sockaddr __user **save_addr,
2186 struct iovec **iov)
2187{
2188 struct user_msghdr msg;
2189 ssize_t err;
2190
2191 if (copy_from_user(&msg, umsg, sizeof(*umsg)))
2192 return -EFAULT;
2193
2194 kmsg->msg_control = (void __force *)msg.msg_control;
2195 kmsg->msg_controllen = msg.msg_controllen;
2196 kmsg->msg_flags = msg.msg_flags;
2197
2198 kmsg->msg_namelen = msg.msg_namelen;
2199 if (!msg.msg_name)
2200 kmsg->msg_namelen = 0;
2201
2202 if (kmsg->msg_namelen < 0)
2203 return -EINVAL;
2204
2205 if (kmsg->msg_namelen > sizeof(struct sockaddr_storage))
2206 kmsg->msg_namelen = sizeof(struct sockaddr_storage);
2207
2208 if (save_addr)
2209 *save_addr = msg.msg_name;
2210
2211 if (msg.msg_name && kmsg->msg_namelen) {
2212 if (!save_addr) {
2213 err = move_addr_to_kernel(msg.msg_name,
2214 kmsg->msg_namelen,
2215 kmsg->msg_name);
2216 if (err < 0)
2217 return err;
2218 }
2219 } else {
2220 kmsg->msg_name = NULL;
2221 kmsg->msg_namelen = 0;
2222 }
2223
2224 if (msg.msg_iovlen > UIO_MAXIOV)
2225 return -EMSGSIZE;
2226
2227 kmsg->msg_iocb = NULL;
2228
2229 err = import_iovec(save_addr ? READ : WRITE,
2230 msg.msg_iov, msg.msg_iovlen,
2231 UIO_FASTIOV, iov, &kmsg->msg_iter);
2232 return err < 0 ? err : 0;
2233}
2234
2235static int ___sys_sendmsg(struct socket *sock, struct user_msghdr __user *msg,
2236 struct msghdr *msg_sys, unsigned int flags,
2237 struct used_address *used_address,
2238 unsigned int allowed_msghdr_flags)
2239{
2240 struct compat_msghdr __user *msg_compat =
2241 (struct compat_msghdr __user *)msg;
2242 struct sockaddr_storage address;
2243 struct iovec iovstack[UIO_FASTIOV], *iov = iovstack;
2244 unsigned char ctl[sizeof(struct cmsghdr) + 20]
2245 __aligned(sizeof(__kernel_size_t));
2246
2247 unsigned char *ctl_buf = ctl;
2248 int ctl_len;
2249 ssize_t err;
2250
2251 msg_sys->msg_name = &address;
2252
2253 if (MSG_CMSG_COMPAT & flags)
2254 err = get_compat_msghdr(msg_sys, msg_compat, NULL, &iov);
2255 else
2256 err = copy_msghdr_from_user(msg_sys, msg, NULL, &iov);
2257 if (err < 0)
2258 return err;
2259
2260 err = -ENOBUFS;
2261
2262 if (msg_sys->msg_controllen > INT_MAX)
2263 goto out_freeiov;
2264 flags |= (msg_sys->msg_flags & allowed_msghdr_flags);
2265 ctl_len = msg_sys->msg_controllen;
2266 if ((MSG_CMSG_COMPAT & flags) && ctl_len) {
2267 err =
2268 cmsghdr_from_user_compat_to_kern(msg_sys, sock->sk, ctl,
2269 sizeof(ctl));
2270 if (err)
2271 goto out_freeiov;
2272 ctl_buf = msg_sys->msg_control;
2273 ctl_len = msg_sys->msg_controllen;
2274 } else if (ctl_len) {
2275 BUILD_BUG_ON(sizeof(struct cmsghdr) !=
2276 CMSG_ALIGN(sizeof(struct cmsghdr)));
2277 if (ctl_len > sizeof(ctl)) {
2278 ctl_buf = sock_kmalloc(sock->sk, ctl_len, GFP_KERNEL);
2279 if (ctl_buf == NULL)
2280 goto out_freeiov;
2281 }
2282 err = -EFAULT;
2283
2284
2285
2286
2287
2288 if (copy_from_user(ctl_buf,
2289 (void __user __force *)msg_sys->msg_control,
2290 ctl_len))
2291 goto out_freectl;
2292 msg_sys->msg_control = ctl_buf;
2293 }
2294 msg_sys->msg_flags = flags;
2295
2296 if (sock->file->f_flags & O_NONBLOCK)
2297 msg_sys->msg_flags |= MSG_DONTWAIT;
2298
2299
2300
2301
2302
2303
2304 if (used_address && msg_sys->msg_name &&
2305 used_address->name_len == msg_sys->msg_namelen &&
2306 !memcmp(&used_address->name, msg_sys->msg_name,
2307 used_address->name_len)) {
2308 err = sock_sendmsg_nosec(sock, msg_sys);
2309 goto out_freectl;
2310 }
2311 err = sock_sendmsg(sock, msg_sys);
2312
2313
2314
2315
2316 if (used_address && err >= 0) {
2317 used_address->name_len = msg_sys->msg_namelen;
2318 if (msg_sys->msg_name)
2319 memcpy(&used_address->name, msg_sys->msg_name,
2320 used_address->name_len);
2321 }
2322
2323out_freectl:
2324 if (ctl_buf != ctl)
2325 sock_kfree_s(sock->sk, ctl_buf, ctl_len);
2326out_freeiov:
2327 kfree(iov);
2328 return err;
2329}
2330
2331
2332
2333
2334long __sys_sendmsg_sock(struct socket *sock, struct user_msghdr __user *msg,
2335 unsigned int flags)
2336{
2337 struct msghdr msg_sys;
2338
2339 return ___sys_sendmsg(sock, msg, &msg_sys, flags, NULL, 0);
2340}
2341
2342long __sys_sendmsg(int fd, struct user_msghdr __user *msg, unsigned int flags,
2343 bool forbid_cmsg_compat)
2344{
2345 int fput_needed, err;
2346 struct msghdr msg_sys;
2347 struct socket *sock;
2348
2349 if (forbid_cmsg_compat && (flags & MSG_CMSG_COMPAT))
2350 return -EINVAL;
2351
2352 sock = sockfd_lookup_light(fd, &err, &fput_needed);
2353 if (!sock)
2354 goto out;
2355
2356 err = ___sys_sendmsg(sock, msg, &msg_sys, flags, NULL, 0);
2357
2358 fput_light(sock->file, fput_needed);
2359out:
2360 return err;
2361}
2362
2363SYSCALL_DEFINE3(sendmsg, int, fd, struct user_msghdr __user *, msg, unsigned int, flags)
2364{
2365 return __sys_sendmsg(fd, msg, flags, true);
2366}
2367
2368
2369
2370
2371
2372int __sys_sendmmsg(int fd, struct mmsghdr __user *mmsg, unsigned int vlen,
2373 unsigned int flags, bool forbid_cmsg_compat)
2374{
2375 int fput_needed, err, datagrams;
2376 struct socket *sock;
2377 struct mmsghdr __user *entry;
2378 struct compat_mmsghdr __user *compat_entry;
2379 struct msghdr msg_sys;
2380 struct used_address used_address;
2381 unsigned int oflags = flags;
2382
2383 if (forbid_cmsg_compat && (flags & MSG_CMSG_COMPAT))
2384 return -EINVAL;
2385
2386 if (vlen > UIO_MAXIOV)
2387 vlen = UIO_MAXIOV;
2388
2389 datagrams = 0;
2390
2391 sock = sockfd_lookup_light(fd, &err, &fput_needed);
2392 if (!sock)
2393 return err;
2394
2395 used_address.name_len = UINT_MAX;
2396 entry = mmsg;
2397 compat_entry = (struct compat_mmsghdr __user *)mmsg;
2398 err = 0;
2399 flags |= MSG_BATCH;
2400
2401 while (datagrams < vlen) {
2402 if (datagrams == vlen - 1)
2403 flags = oflags;
2404
2405 if (MSG_CMSG_COMPAT & flags) {
2406 err = ___sys_sendmsg(sock, (struct user_msghdr __user *)compat_entry,
2407 &msg_sys, flags, &used_address, MSG_EOR);
2408 if (err < 0)
2409 break;
2410 err = __put_user(err, &compat_entry->msg_len);
2411 ++compat_entry;
2412 } else {
2413 err = ___sys_sendmsg(sock,
2414 (struct user_msghdr __user *)entry,
2415 &msg_sys, flags, &used_address, MSG_EOR);
2416 if (err < 0)
2417 break;
2418 err = put_user(err, &entry->msg_len);
2419 ++entry;
2420 }
2421
2422 if (err)
2423 break;
2424 ++datagrams;
2425 if (msg_data_left(&msg_sys))
2426 break;
2427 cond_resched();
2428 }
2429
2430 fput_light(sock->file, fput_needed);
2431
2432
2433 if (datagrams != 0)
2434 return datagrams;
2435
2436 return err;
2437}
2438
2439SYSCALL_DEFINE4(sendmmsg, int, fd, struct mmsghdr __user *, mmsg,
2440 unsigned int, vlen, unsigned int, flags)
2441{
2442 return __sys_sendmmsg(fd, mmsg, vlen, flags, true);
2443}
2444
2445static int ___sys_recvmsg(struct socket *sock, struct user_msghdr __user *msg,
2446 struct msghdr *msg_sys, unsigned int flags, int nosec)
2447{
2448 struct compat_msghdr __user *msg_compat =
2449 (struct compat_msghdr __user *)msg;
2450 struct iovec iovstack[UIO_FASTIOV];
2451 struct iovec *iov = iovstack;
2452 unsigned long cmsg_ptr;
2453 int len;
2454 ssize_t err;
2455
2456
2457 struct sockaddr_storage addr;
2458
2459
2460 struct sockaddr __user *uaddr;
2461 int __user *uaddr_len = COMPAT_NAMELEN(msg);
2462
2463 msg_sys->msg_name = &addr;
2464
2465 if (MSG_CMSG_COMPAT & flags)
2466 err = get_compat_msghdr(msg_sys, msg_compat, &uaddr, &iov);
2467 else
2468 err = copy_msghdr_from_user(msg_sys, msg, &uaddr, &iov);
2469 if (err < 0)
2470 return err;
2471
2472 cmsg_ptr = (unsigned long)msg_sys->msg_control;
2473 msg_sys->msg_flags = flags & (MSG_CMSG_CLOEXEC|MSG_CMSG_COMPAT);
2474
2475
2476 msg_sys->msg_namelen = 0;
2477
2478 if (sock->file->f_flags & O_NONBLOCK)
2479 flags |= MSG_DONTWAIT;
2480 err = (nosec ? sock_recvmsg_nosec : sock_recvmsg)(sock, msg_sys, flags);
2481 if (err < 0)
2482 goto out_freeiov;
2483 len = err;
2484
2485 if (uaddr != NULL) {
2486 err = move_addr_to_user(&addr,
2487 msg_sys->msg_namelen, uaddr,
2488 uaddr_len);
2489 if (err < 0)
2490 goto out_freeiov;
2491 }
2492 err = __put_user((msg_sys->msg_flags & ~MSG_CMSG_COMPAT),
2493 COMPAT_FLAGS(msg));
2494 if (err)
2495 goto out_freeiov;
2496 if (MSG_CMSG_COMPAT & flags)
2497 err = __put_user((unsigned long)msg_sys->msg_control - cmsg_ptr,
2498 &msg_compat->msg_controllen);
2499 else
2500 err = __put_user((unsigned long)msg_sys->msg_control - cmsg_ptr,
2501 &msg->msg_controllen);
2502 if (err)
2503 goto out_freeiov;
2504 err = len;
2505
2506out_freeiov:
2507 kfree(iov);
2508 return err;
2509}
2510
2511
2512
2513
2514
2515long __sys_recvmsg_sock(struct socket *sock, struct user_msghdr __user *msg,
2516 unsigned int flags)
2517{
2518 struct msghdr msg_sys;
2519
2520 return ___sys_recvmsg(sock, msg, &msg_sys, flags, 0);
2521}
2522
2523long __sys_recvmsg(int fd, struct user_msghdr __user *msg, unsigned int flags,
2524 bool forbid_cmsg_compat)
2525{
2526 int fput_needed, err;
2527 struct msghdr msg_sys;
2528 struct socket *sock;
2529
2530 if (forbid_cmsg_compat && (flags & MSG_CMSG_COMPAT))
2531 return -EINVAL;
2532
2533 sock = sockfd_lookup_light(fd, &err, &fput_needed);
2534 if (!sock)
2535 goto out;
2536
2537 err = ___sys_recvmsg(sock, msg, &msg_sys, flags, 0);
2538
2539 fput_light(sock->file, fput_needed);
2540out:
2541 return err;
2542}
2543
2544SYSCALL_DEFINE3(recvmsg, int, fd, struct user_msghdr __user *, msg,
2545 unsigned int, flags)
2546{
2547 return __sys_recvmsg(fd, msg, flags, true);
2548}
2549
2550
2551
2552
2553
2554static int do_recvmmsg(int fd, struct mmsghdr __user *mmsg,
2555 unsigned int vlen, unsigned int flags,
2556 struct timespec64 *timeout)
2557{
2558 int fput_needed, err, datagrams;
2559 struct socket *sock;
2560 struct mmsghdr __user *entry;
2561 struct compat_mmsghdr __user *compat_entry;
2562 struct msghdr msg_sys;
2563 struct timespec64 end_time;
2564 struct timespec64 timeout64;
2565
2566 if (timeout &&
2567 poll_select_set_timeout(&end_time, timeout->tv_sec,
2568 timeout->tv_nsec))
2569 return -EINVAL;
2570
2571 datagrams = 0;
2572
2573 sock = sockfd_lookup_light(fd, &err, &fput_needed);
2574 if (!sock)
2575 return err;
2576
2577 if (likely(!(flags & MSG_ERRQUEUE))) {
2578 err = sock_error(sock->sk);
2579 if (err) {
2580 datagrams = err;
2581 goto out_put;
2582 }
2583 }
2584
2585 entry = mmsg;
2586 compat_entry = (struct compat_mmsghdr __user *)mmsg;
2587
2588 while (datagrams < vlen) {
2589
2590
2591
2592 if (MSG_CMSG_COMPAT & flags) {
2593 err = ___sys_recvmsg(sock, (struct user_msghdr __user *)compat_entry,
2594 &msg_sys, flags & ~MSG_WAITFORONE,
2595 datagrams);
2596 if (err < 0)
2597 break;
2598 err = __put_user(err, &compat_entry->msg_len);
2599 ++compat_entry;
2600 } else {
2601 err = ___sys_recvmsg(sock,
2602 (struct user_msghdr __user *)entry,
2603 &msg_sys, flags & ~MSG_WAITFORONE,
2604 datagrams);
2605 if (err < 0)
2606 break;
2607 err = put_user(err, &entry->msg_len);
2608 ++entry;
2609 }
2610
2611 if (err)
2612 break;
2613 ++datagrams;
2614
2615
2616 if (flags & MSG_WAITFORONE)
2617 flags |= MSG_DONTWAIT;
2618
2619 if (timeout) {
2620 ktime_get_ts64(&timeout64);
2621 *timeout = timespec64_sub(end_time, timeout64);
2622 if (timeout->tv_sec < 0) {
2623 timeout->tv_sec = timeout->tv_nsec = 0;
2624 break;
2625 }
2626
2627
2628 if (timeout->tv_nsec == 0 && timeout->tv_sec == 0)
2629 break;
2630 }
2631
2632
2633 if (msg_sys.msg_flags & MSG_OOB)
2634 break;
2635 cond_resched();
2636 }
2637
2638 if (err == 0)
2639 goto out_put;
2640
2641 if (datagrams == 0) {
2642 datagrams = err;
2643 goto out_put;
2644 }
2645
2646
2647
2648
2649
2650 if (err != -EAGAIN) {
2651
2652
2653
2654
2655
2656
2657 sock->sk->sk_err = -err;
2658 }
2659out_put:
2660 fput_light(sock->file, fput_needed);
2661
2662 return datagrams;
2663}
2664
2665int __sys_recvmmsg(int fd, struct mmsghdr __user *mmsg,
2666 unsigned int vlen, unsigned int flags,
2667 struct __kernel_timespec __user *timeout,
2668 struct old_timespec32 __user *timeout32)
2669{
2670 int datagrams;
2671 struct timespec64 timeout_sys;
2672
2673 if (timeout && get_timespec64(&timeout_sys, timeout))
2674 return -EFAULT;
2675
2676 if (timeout32 && get_old_timespec32(&timeout_sys, timeout32))
2677 return -EFAULT;
2678
2679 if (!timeout && !timeout32)
2680 return do_recvmmsg(fd, mmsg, vlen, flags, NULL);
2681
2682 datagrams = do_recvmmsg(fd, mmsg, vlen, flags, &timeout_sys);
2683
2684 if (datagrams <= 0)
2685 return datagrams;
2686
2687 if (timeout && put_timespec64(&timeout_sys, timeout))
2688 datagrams = -EFAULT;
2689
2690 if (timeout32 && put_old_timespec32(&timeout_sys, timeout32))
2691 datagrams = -EFAULT;
2692
2693 return datagrams;
2694}
2695
2696SYSCALL_DEFINE5(recvmmsg, int, fd, struct mmsghdr __user *, mmsg,
2697 unsigned int, vlen, unsigned int, flags,
2698 struct __kernel_timespec __user *, timeout)
2699{
2700 if (flags & MSG_CMSG_COMPAT)
2701 return -EINVAL;
2702
2703 return __sys_recvmmsg(fd, mmsg, vlen, flags, timeout, NULL);
2704}
2705
2706#ifdef CONFIG_COMPAT_32BIT_TIME
2707SYSCALL_DEFINE5(recvmmsg_time32, int, fd, struct mmsghdr __user *, mmsg,
2708 unsigned int, vlen, unsigned int, flags,
2709 struct old_timespec32 __user *, timeout)
2710{
2711 if (flags & MSG_CMSG_COMPAT)
2712 return -EINVAL;
2713
2714 return __sys_recvmmsg(fd, mmsg, vlen, flags, NULL, timeout);
2715}
2716#endif
2717
2718#ifdef __ARCH_WANT_SYS_SOCKETCALL
2719
2720#define AL(x) ((x) * sizeof(unsigned long))
2721static const unsigned char nargs[21] = {
2722 AL(0), AL(3), AL(3), AL(3), AL(2), AL(3),
2723 AL(3), AL(3), AL(4), AL(4), AL(4), AL(6),
2724 AL(6), AL(2), AL(5), AL(5), AL(3), AL(3),
2725 AL(4), AL(5), AL(4)
2726};
2727
2728#undef AL
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738SYSCALL_DEFINE2(socketcall, int, call, unsigned long __user *, args)
2739{
2740 unsigned long a[AUDITSC_ARGS];
2741 unsigned long a0, a1;
2742 int err;
2743 unsigned int len;
2744
2745 if (call < 1 || call > SYS_SENDMMSG)
2746 return -EINVAL;
2747 call = array_index_nospec(call, SYS_SENDMMSG + 1);
2748
2749 len = nargs[call];
2750 if (len > sizeof(a))
2751 return -EINVAL;
2752
2753
2754 if (copy_from_user(a, args, len))
2755 return -EFAULT;
2756
2757 err = audit_socketcall(nargs[call] / sizeof(unsigned long), a);
2758 if (err)
2759 return err;
2760
2761 a0 = a[0];
2762 a1 = a[1];
2763
2764 switch (call) {
2765 case SYS_SOCKET:
2766 err = __sys_socket(a0, a1, a[2]);
2767 break;
2768 case SYS_BIND:
2769 err = __sys_bind(a0, (struct sockaddr __user *)a1, a[2]);
2770 break;
2771 case SYS_CONNECT:
2772 err = __sys_connect(a0, (struct sockaddr __user *)a1, a[2]);
2773 break;
2774 case SYS_LISTEN:
2775 err = __sys_listen(a0, a1);
2776 break;
2777 case SYS_ACCEPT:
2778 err = __sys_accept4(a0, (struct sockaddr __user *)a1,
2779 (int __user *)a[2], 0);
2780 break;
2781 case SYS_GETSOCKNAME:
2782 err =
2783 __sys_getsockname(a0, (struct sockaddr __user *)a1,
2784 (int __user *)a[2]);
2785 break;
2786 case SYS_GETPEERNAME:
2787 err =
2788 __sys_getpeername(a0, (struct sockaddr __user *)a1,
2789 (int __user *)a[2]);
2790 break;
2791 case SYS_SOCKETPAIR:
2792 err = __sys_socketpair(a0, a1, a[2], (int __user *)a[3]);
2793 break;
2794 case SYS_SEND:
2795 err = __sys_sendto(a0, (void __user *)a1, a[2], a[3],
2796 NULL, 0);
2797 break;
2798 case SYS_SENDTO:
2799 err = __sys_sendto(a0, (void __user *)a1, a[2], a[3],
2800 (struct sockaddr __user *)a[4], a[5]);
2801 break;
2802 case SYS_RECV:
2803 err = __sys_recvfrom(a0, (void __user *)a1, a[2], a[3],
2804 NULL, NULL);
2805 break;
2806 case SYS_RECVFROM:
2807 err = __sys_recvfrom(a0, (void __user *)a1, a[2], a[3],
2808 (struct sockaddr __user *)a[4],
2809 (int __user *)a[5]);
2810 break;
2811 case SYS_SHUTDOWN:
2812 err = __sys_shutdown(a0, a1);
2813 break;
2814 case SYS_SETSOCKOPT:
2815 err = __sys_setsockopt(a0, a1, a[2], (char __user *)a[3],
2816 a[4]);
2817 break;
2818 case SYS_GETSOCKOPT:
2819 err =
2820 __sys_getsockopt(a0, a1, a[2], (char __user *)a[3],
2821 (int __user *)a[4]);
2822 break;
2823 case SYS_SENDMSG:
2824 err = __sys_sendmsg(a0, (struct user_msghdr __user *)a1,
2825 a[2], true);
2826 break;
2827 case SYS_SENDMMSG:
2828 err = __sys_sendmmsg(a0, (struct mmsghdr __user *)a1, a[2],
2829 a[3], true);
2830 break;
2831 case SYS_RECVMSG:
2832 err = __sys_recvmsg(a0, (struct user_msghdr __user *)a1,
2833 a[2], true);
2834 break;
2835 case SYS_RECVMMSG:
2836 if (IS_ENABLED(CONFIG_64BIT) || !IS_ENABLED(CONFIG_64BIT_TIME))
2837 err = __sys_recvmmsg(a0, (struct mmsghdr __user *)a1,
2838 a[2], a[3],
2839 (struct __kernel_timespec __user *)a[4],
2840 NULL);
2841 else
2842 err = __sys_recvmmsg(a0, (struct mmsghdr __user *)a1,
2843 a[2], a[3], NULL,
2844 (struct old_timespec32 __user *)a[4]);
2845 break;
2846 case SYS_ACCEPT4:
2847 err = __sys_accept4(a0, (struct sockaddr __user *)a1,
2848 (int __user *)a[2], a[3]);
2849 break;
2850 default:
2851 err = -EINVAL;
2852 break;
2853 }
2854 return err;
2855}
2856
2857#endif
2858
2859
2860
2861
2862
2863
2864
2865
2866
2867
2868int sock_register(const struct net_proto_family *ops)
2869{
2870 int err;
2871
2872 if (ops->family >= NPROTO) {
2873 pr_crit("protocol %d >= NPROTO(%d)\n", ops->family, NPROTO);
2874 return -ENOBUFS;
2875 }
2876
2877 spin_lock(&net_family_lock);
2878 if (rcu_dereference_protected(net_families[ops->family],
2879 lockdep_is_held(&net_family_lock)))
2880 err = -EEXIST;
2881 else {
2882 rcu_assign_pointer(net_families[ops->family], ops);
2883 err = 0;
2884 }
2885 spin_unlock(&net_family_lock);
2886
2887 pr_info("NET: Registered protocol family %d\n", ops->family);
2888 return err;
2889}
2890EXPORT_SYMBOL(sock_register);
2891
2892
2893
2894
2895
2896
2897
2898
2899
2900
2901
2902
2903
2904
2905void sock_unregister(int family)
2906{
2907 BUG_ON(family < 0 || family >= NPROTO);
2908
2909 spin_lock(&net_family_lock);
2910 RCU_INIT_POINTER(net_families[family], NULL);
2911 spin_unlock(&net_family_lock);
2912
2913 synchronize_rcu();
2914
2915 pr_info("NET: Unregistered protocol family %d\n", family);
2916}
2917EXPORT_SYMBOL(sock_unregister);
2918
2919bool sock_is_registered(int family)
2920{
2921 return family < NPROTO && rcu_access_pointer(net_families[family]);
2922}
2923
2924static int __init sock_init(void)
2925{
2926 int err;
2927
2928
2929
2930 err = net_sysctl_init();
2931 if (err)
2932 goto out;
2933
2934
2935
2936
2937 skb_init();
2938
2939
2940
2941
2942
2943 init_inodecache();
2944
2945 err = register_filesystem(&sock_fs_type);
2946 if (err)
2947 goto out_fs;
2948 sock_mnt = kern_mount(&sock_fs_type);
2949 if (IS_ERR(sock_mnt)) {
2950 err = PTR_ERR(sock_mnt);
2951 goto out_mount;
2952 }
2953
2954
2955
2956
2957#ifdef CONFIG_NETFILTER
2958 err = netfilter_init();
2959 if (err)
2960 goto out;
2961#endif
2962
2963 ptp_classifier_init();
2964
2965out:
2966 return err;
2967
2968out_mount:
2969 unregister_filesystem(&sock_fs_type);
2970out_fs:
2971 goto out;
2972}
2973
2974core_initcall(sock_init);
2975
2976#ifdef CONFIG_PROC_FS
2977void socket_seq_show(struct seq_file *seq)
2978{
2979 seq_printf(seq, "sockets: used %d\n",
2980 sock_inuse_get(seq->private));
2981}
2982#endif
2983
2984#ifdef CONFIG_COMPAT
2985static int compat_dev_ifconf(struct net *net, struct compat_ifconf __user *uifc32)
2986{
2987 struct compat_ifconf ifc32;
2988 struct ifconf ifc;
2989 int err;
2990
2991 if (copy_from_user(&ifc32, uifc32, sizeof(struct compat_ifconf)))
2992 return -EFAULT;
2993
2994 ifc.ifc_len = ifc32.ifc_len;
2995 ifc.ifc_req = compat_ptr(ifc32.ifcbuf);
2996
2997 rtnl_lock();
2998 err = dev_ifconf(net, &ifc, sizeof(struct compat_ifreq));
2999 rtnl_unlock();
3000 if (err)
3001 return err;
3002
3003 ifc32.ifc_len = ifc.ifc_len;
3004 if (copy_to_user(uifc32, &ifc32, sizeof(struct compat_ifconf)))
3005 return -EFAULT;
3006
3007 return 0;
3008}
3009
3010static int ethtool_ioctl(struct net *net, struct compat_ifreq __user *ifr32)
3011{
3012 struct compat_ethtool_rxnfc __user *compat_rxnfc;
3013 bool convert_in = false, convert_out = false;
3014 size_t buf_size = 0;
3015 struct ethtool_rxnfc __user *rxnfc = NULL;
3016 struct ifreq ifr;
3017 u32 rule_cnt = 0, actual_rule_cnt;
3018 u32 ethcmd;
3019 u32 data;
3020 int ret;
3021
3022 if (get_user(data, &ifr32->ifr_ifru.ifru_data))
3023 return -EFAULT;
3024
3025 compat_rxnfc = compat_ptr(data);
3026
3027 if (get_user(ethcmd, &compat_rxnfc->cmd))
3028 return -EFAULT;
3029
3030
3031
3032
3033 switch (ethcmd) {
3034 default:
3035 break;
3036 case ETHTOOL_GRXCLSRLALL:
3037
3038 if (get_user(rule_cnt, &compat_rxnfc->rule_cnt))
3039 return -EFAULT;
3040 if (rule_cnt > KMALLOC_MAX_SIZE / sizeof(u32))
3041 return -ENOMEM;
3042 buf_size += rule_cnt * sizeof(u32);
3043
3044 case ETHTOOL_GRXRINGS:
3045 case ETHTOOL_GRXCLSRLCNT:
3046 case ETHTOOL_GRXCLSRULE:
3047 case ETHTOOL_SRXCLSRLINS:
3048 convert_out = true;
3049
3050 case ETHTOOL_SRXCLSRLDEL:
3051 buf_size += sizeof(struct ethtool_rxnfc);
3052 convert_in = true;
3053 rxnfc = compat_alloc_user_space(buf_size);
3054 break;
3055 }
3056
3057 if (copy_from_user(&ifr.ifr_name, &ifr32->ifr_name, IFNAMSIZ))
3058 return -EFAULT;
3059
3060 ifr.ifr_data = convert_in ? rxnfc : (void __user *)compat_rxnfc;
3061
3062 if (convert_in) {
3063
3064
3065
3066 BUILD_BUG_ON(offsetof(struct compat_ethtool_rxnfc, fs.m_ext) +
3067 sizeof(compat_rxnfc->fs.m_ext) !=
3068 offsetof(struct ethtool_rxnfc, fs.m_ext) +
3069 sizeof(rxnfc->fs.m_ext));
3070 BUILD_BUG_ON(
3071 offsetof(struct compat_ethtool_rxnfc, fs.location) -
3072 offsetof(struct compat_ethtool_rxnfc, fs.ring_cookie) !=
3073 offsetof(struct ethtool_rxnfc, fs.location) -
3074 offsetof(struct ethtool_rxnfc, fs.ring_cookie));
3075
3076 if (copy_in_user(rxnfc, compat_rxnfc,
3077 (void __user *)(&rxnfc->fs.m_ext + 1) -
3078 (void __user *)rxnfc) ||
3079 copy_in_user(&rxnfc->fs.ring_cookie,
3080 &compat_rxnfc->fs.ring_cookie,
3081 (void __user *)(&rxnfc->fs.location + 1) -
3082 (void __user *)&rxnfc->fs.ring_cookie))
3083 return -EFAULT;
3084 if (ethcmd == ETHTOOL_GRXCLSRLALL) {
3085 if (put_user(rule_cnt, &rxnfc->rule_cnt))
3086 return -EFAULT;
3087 } else if (copy_in_user(&rxnfc->rule_cnt,
3088 &compat_rxnfc->rule_cnt,
3089 sizeof(rxnfc->rule_cnt)))
3090 return -EFAULT;
3091 }
3092
3093 ret = dev_ioctl(net, SIOCETHTOOL, &ifr, NULL);
3094 if (ret)
3095 return ret;
3096
3097 if (convert_out) {
3098 if (copy_in_user(compat_rxnfc, rxnfc,
3099 (const void __user *)(&rxnfc->fs.m_ext + 1) -
3100 (const void __user *)rxnfc) ||
3101 copy_in_user(&compat_rxnfc->fs.ring_cookie,
3102 &rxnfc->fs.ring_cookie,
3103 (const void __user *)(&rxnfc->fs.location + 1) -
3104 (const void __user *)&rxnfc->fs.ring_cookie) ||
3105 copy_in_user(&compat_rxnfc->rule_cnt, &rxnfc->rule_cnt,
3106 sizeof(rxnfc->rule_cnt)))
3107 return -EFAULT;
3108
3109 if (ethcmd == ETHTOOL_GRXCLSRLALL) {
3110
3111
3112
3113
3114
3115
3116
3117
3118 if (get_user(actual_rule_cnt, &rxnfc->rule_cnt))
3119 return -EFAULT;
3120 if (actual_rule_cnt < rule_cnt)
3121 rule_cnt = actual_rule_cnt;
3122 if (copy_in_user(&compat_rxnfc->rule_locs[0],
3123 &rxnfc->rule_locs[0],
3124 rule_cnt * sizeof(u32)))
3125 return -EFAULT;
3126 }
3127 }
3128
3129 return 0;
3130}
3131
3132static int compat_siocwandev(struct net *net, struct compat_ifreq __user *uifr32)
3133{
3134 compat_uptr_t uptr32;
3135 struct ifreq ifr;
3136 void __user *saved;
3137 int err;
3138
3139 if (copy_from_user(&ifr, uifr32, sizeof(struct compat_ifreq)))
3140 return -EFAULT;
3141
3142 if (get_user(uptr32, &uifr32->ifr_settings.ifs_ifsu))
3143 return -EFAULT;
3144
3145 saved = ifr.ifr_settings.ifs_ifsu.raw_hdlc;
3146 ifr.ifr_settings.ifs_ifsu.raw_hdlc = compat_ptr(uptr32);
3147
3148 err = dev_ioctl(net, SIOCWANDEV, &ifr, NULL);
3149 if (!err) {
3150 ifr.ifr_settings.ifs_ifsu.raw_hdlc = saved;
3151 if (copy_to_user(uifr32, &ifr, sizeof(struct compat_ifreq)))
3152 err = -EFAULT;
3153 }
3154 return err;
3155}
3156
3157
3158static int compat_ifr_data_ioctl(struct net *net, unsigned int cmd,
3159 struct compat_ifreq __user *u_ifreq32)
3160{
3161 struct ifreq ifreq;
3162 u32 data32;
3163
3164 if (copy_from_user(ifreq.ifr_name, u_ifreq32->ifr_name, IFNAMSIZ))
3165 return -EFAULT;
3166 if (get_user(data32, &u_ifreq32->ifr_data))
3167 return -EFAULT;
3168 ifreq.ifr_data = compat_ptr(data32);
3169
3170 return dev_ioctl(net, cmd, &ifreq, NULL);
3171}
3172
3173static int compat_ifreq_ioctl(struct net *net, struct socket *sock,
3174 unsigned int cmd,
3175 struct compat_ifreq __user *uifr32)
3176{
3177 struct ifreq __user *uifr;
3178 int err;
3179
3180
3181
3182
3183
3184
3185
3186
3187
3188
3189
3190 uifr = compat_alloc_user_space(sizeof(*uifr));
3191 if (copy_in_user(uifr, uifr32, sizeof(*uifr32)))
3192 return -EFAULT;
3193
3194 err = sock_do_ioctl(net, sock, cmd, (unsigned long)uifr);
3195
3196 if (!err) {
3197 switch (cmd) {
3198 case SIOCGIFFLAGS:
3199 case SIOCGIFMETRIC:
3200 case SIOCGIFMTU:
3201 case SIOCGIFMEM:
3202 case SIOCGIFHWADDR:
3203 case SIOCGIFINDEX:
3204 case SIOCGIFADDR:
3205 case SIOCGIFBRDADDR:
3206 case SIOCGIFDSTADDR:
3207 case SIOCGIFNETMASK:
3208 case SIOCGIFPFLAGS:
3209 case SIOCGIFTXQLEN:
3210 case SIOCGMIIPHY:
3211 case SIOCGMIIREG:
3212 case SIOCGIFNAME:
3213 if (copy_in_user(uifr32, uifr, sizeof(*uifr32)))
3214 err = -EFAULT;
3215 break;
3216 }
3217 }
3218 return err;
3219}
3220
3221static int compat_sioc_ifmap(struct net *net, unsigned int cmd,
3222 struct compat_ifreq __user *uifr32)
3223{
3224 struct ifreq ifr;
3225 struct compat_ifmap __user *uifmap32;
3226 int err;
3227
3228 uifmap32 = &uifr32->ifr_ifru.ifru_map;
3229 err = copy_from_user(&ifr, uifr32, sizeof(ifr.ifr_name));
3230 err |= get_user(ifr.ifr_map.mem_start, &uifmap32->mem_start);
3231 err |= get_user(ifr.ifr_map.mem_end, &uifmap32->mem_end);
3232 err |= get_user(ifr.ifr_map.base_addr, &uifmap32->base_addr);
3233 err |= get_user(ifr.ifr_map.irq, &uifmap32->irq);
3234 err |= get_user(ifr.ifr_map.dma, &uifmap32->dma);
3235 err |= get_user(ifr.ifr_map.port, &uifmap32->port);
3236 if (err)
3237 return -EFAULT;
3238
3239 err = dev_ioctl(net, cmd, &ifr, NULL);
3240
3241 if (cmd == SIOCGIFMAP && !err) {
3242 err = copy_to_user(uifr32, &ifr, sizeof(ifr.ifr_name));
3243 err |= put_user(ifr.ifr_map.mem_start, &uifmap32->mem_start);
3244 err |= put_user(ifr.ifr_map.mem_end, &uifmap32->mem_end);
3245 err |= put_user(ifr.ifr_map.base_addr, &uifmap32->base_addr);
3246 err |= put_user(ifr.ifr_map.irq, &uifmap32->irq);
3247 err |= put_user(ifr.ifr_map.dma, &uifmap32->dma);
3248 err |= put_user(ifr.ifr_map.port, &uifmap32->port);
3249 if (err)
3250 err = -EFAULT;
3251 }
3252 return err;
3253}
3254
3255struct rtentry32 {
3256 u32 rt_pad1;
3257 struct sockaddr rt_dst;
3258 struct sockaddr rt_gateway;
3259 struct sockaddr rt_genmask;
3260 unsigned short rt_flags;
3261 short rt_pad2;
3262 u32 rt_pad3;
3263 unsigned char rt_tos;
3264 unsigned char rt_class;
3265 short rt_pad4;
3266 short rt_metric;
3267 u32 rt_dev;
3268 u32 rt_mtu;
3269 u32 rt_window;
3270 unsigned short rt_irtt;
3271};
3272
3273struct in6_rtmsg32 {
3274 struct in6_addr rtmsg_dst;
3275 struct in6_addr rtmsg_src;
3276 struct in6_addr rtmsg_gateway;
3277 u32 rtmsg_type;
3278 u16 rtmsg_dst_len;
3279 u16 rtmsg_src_len;
3280 u32 rtmsg_metric;
3281 u32 rtmsg_info;
3282 u32 rtmsg_flags;
3283 s32 rtmsg_ifindex;
3284};
3285
3286static int routing_ioctl(struct net *net, struct socket *sock,
3287 unsigned int cmd, void __user *argp)
3288{
3289 int ret;
3290 void *r = NULL;
3291 struct in6_rtmsg r6;
3292 struct rtentry r4;
3293 char devname[16];
3294 u32 rtdev;
3295 mm_segment_t old_fs = get_fs();
3296
3297 if (sock && sock->sk && sock->sk->sk_family == AF_INET6) {
3298 struct in6_rtmsg32 __user *ur6 = argp;
3299 ret = copy_from_user(&r6.rtmsg_dst, &(ur6->rtmsg_dst),
3300 3 * sizeof(struct in6_addr));
3301 ret |= get_user(r6.rtmsg_type, &(ur6->rtmsg_type));
3302 ret |= get_user(r6.rtmsg_dst_len, &(ur6->rtmsg_dst_len));
3303 ret |= get_user(r6.rtmsg_src_len, &(ur6->rtmsg_src_len));
3304 ret |= get_user(r6.rtmsg_metric, &(ur6->rtmsg_metric));
3305 ret |= get_user(r6.rtmsg_info, &(ur6->rtmsg_info));
3306 ret |= get_user(r6.rtmsg_flags, &(ur6->rtmsg_flags));
3307 ret |= get_user(r6.rtmsg_ifindex, &(ur6->rtmsg_ifindex));
3308
3309 r = (void *) &r6;
3310 } else {
3311 struct rtentry32 __user *ur4 = argp;
3312 ret = copy_from_user(&r4.rt_dst, &(ur4->rt_dst),
3313 3 * sizeof(struct sockaddr));
3314 ret |= get_user(r4.rt_flags, &(ur4->rt_flags));
3315 ret |= get_user(r4.rt_metric, &(ur4->rt_metric));
3316 ret |= get_user(r4.rt_mtu, &(ur4->rt_mtu));
3317 ret |= get_user(r4.rt_window, &(ur4->rt_window));
3318 ret |= get_user(r4.rt_irtt, &(ur4->rt_irtt));
3319 ret |= get_user(rtdev, &(ur4->rt_dev));
3320 if (rtdev) {
3321 ret |= copy_from_user(devname, compat_ptr(rtdev), 15);
3322 r4.rt_dev = (char __user __force *)devname;
3323 devname[15] = 0;
3324 } else
3325 r4.rt_dev = NULL;
3326
3327 r = (void *) &r4;
3328 }
3329
3330 if (ret) {
3331 ret = -EFAULT;
3332 goto out;
3333 }
3334
3335 set_fs(KERNEL_DS);
3336 ret = sock_do_ioctl(net, sock, cmd, (unsigned long) r);
3337 set_fs(old_fs);
3338
3339out:
3340 return ret;
3341}
3342
3343
3344
3345
3346
3347static int old_bridge_ioctl(compat_ulong_t __user *argp)
3348{
3349 compat_ulong_t tmp;
3350
3351 if (get_user(tmp, argp))
3352 return -EFAULT;
3353 if (tmp == BRCTL_GET_VERSION)
3354 return BRCTL_VERSION + 1;
3355 return -EINVAL;
3356}
3357
3358static int compat_sock_ioctl_trans(struct file *file, struct socket *sock,
3359 unsigned int cmd, unsigned long arg)
3360{
3361 void __user *argp = compat_ptr(arg);
3362 struct sock *sk = sock->sk;
3363 struct net *net = sock_net(sk);
3364
3365 if (cmd >= SIOCDEVPRIVATE && cmd <= (SIOCDEVPRIVATE + 15))
3366 return compat_ifr_data_ioctl(net, cmd, argp);
3367
3368 switch (cmd) {
3369 case SIOCSIFBR:
3370 case SIOCGIFBR:
3371 return old_bridge_ioctl(argp);
3372 case SIOCGIFCONF:
3373 return compat_dev_ifconf(net, argp);
3374 case SIOCETHTOOL:
3375 return ethtool_ioctl(net, argp);
3376 case SIOCWANDEV:
3377 return compat_siocwandev(net, argp);
3378 case SIOCGIFMAP:
3379 case SIOCSIFMAP:
3380 return compat_sioc_ifmap(net, cmd, argp);
3381 case SIOCADDRT:
3382 case SIOCDELRT:
3383 return routing_ioctl(net, sock, cmd, argp);
3384 case SIOCGSTAMP_OLD:
3385 case SIOCGSTAMPNS_OLD:
3386 if (!sock->ops->gettstamp)
3387 return -ENOIOCTLCMD;
3388 return sock->ops->gettstamp(sock, argp, cmd == SIOCGSTAMP_OLD,
3389 !COMPAT_USE_64BIT_TIME);
3390
3391 case SIOCBONDSLAVEINFOQUERY:
3392 case SIOCBONDINFOQUERY:
3393 case SIOCSHWTSTAMP:
3394 case SIOCGHWTSTAMP:
3395 return compat_ifr_data_ioctl(net, cmd, argp);
3396
3397 case FIOSETOWN:
3398 case SIOCSPGRP:
3399 case FIOGETOWN:
3400 case SIOCGPGRP:
3401 case SIOCBRADDBR:
3402 case SIOCBRDELBR:
3403 case SIOCGIFVLAN:
3404 case SIOCSIFVLAN:
3405 case SIOCADDDLCI:
3406 case SIOCDELDLCI:
3407 case SIOCGSKNS:
3408 case SIOCGSTAMP_NEW:
3409 case SIOCGSTAMPNS_NEW:
3410 return sock_ioctl(file, cmd, arg);
3411
3412 case SIOCGIFFLAGS:
3413 case SIOCSIFFLAGS:
3414 case SIOCGIFMETRIC:
3415 case SIOCSIFMETRIC:
3416 case SIOCGIFMTU:
3417 case SIOCSIFMTU:
3418 case SIOCGIFMEM:
3419 case SIOCSIFMEM:
3420 case SIOCGIFHWADDR:
3421 case SIOCSIFHWADDR:
3422 case SIOCADDMULTI:
3423 case SIOCDELMULTI:
3424 case SIOCGIFINDEX:
3425 case SIOCGIFADDR:
3426 case SIOCSIFADDR:
3427 case SIOCSIFHWBROADCAST:
3428 case SIOCDIFADDR:
3429 case SIOCGIFBRDADDR:
3430 case SIOCSIFBRDADDR:
3431 case SIOCGIFDSTADDR:
3432 case SIOCSIFDSTADDR:
3433 case SIOCGIFNETMASK:
3434 case SIOCSIFNETMASK:
3435 case SIOCSIFPFLAGS:
3436 case SIOCGIFPFLAGS:
3437 case SIOCGIFTXQLEN:
3438 case SIOCSIFTXQLEN:
3439 case SIOCBRADDIF:
3440 case SIOCBRDELIF:
3441 case SIOCGIFNAME:
3442 case SIOCSIFNAME:
3443 case SIOCGMIIPHY:
3444 case SIOCGMIIREG:
3445 case SIOCSMIIREG:
3446 case SIOCBONDENSLAVE:
3447 case SIOCBONDRELEASE:
3448 case SIOCBONDSETHWADDR:
3449 case SIOCBONDCHANGEACTIVE:
3450 return compat_ifreq_ioctl(net, sock, cmd, argp);
3451
3452 case SIOCSARP:
3453 case SIOCGARP:
3454 case SIOCDARP:
3455 case SIOCATMARK:
3456 return sock_do_ioctl(net, sock, cmd, arg);
3457 }
3458
3459 return -ENOIOCTLCMD;
3460}
3461
3462static long compat_sock_ioctl(struct file *file, unsigned int cmd,
3463 unsigned long arg)
3464{
3465 struct socket *sock = file->private_data;
3466 int ret = -ENOIOCTLCMD;
3467 struct sock *sk;
3468 struct net *net;
3469
3470 sk = sock->sk;
3471 net = sock_net(sk);
3472
3473 if (sock->ops->compat_ioctl)
3474 ret = sock->ops->compat_ioctl(sock, cmd, arg);
3475
3476 if (ret == -ENOIOCTLCMD &&
3477 (cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST))
3478 ret = compat_wext_handle_ioctl(net, cmd, arg);
3479
3480 if (ret == -ENOIOCTLCMD)
3481 ret = compat_sock_ioctl_trans(file, sock, cmd, arg);
3482
3483 return ret;
3484}
3485#endif
3486
3487
3488
3489
3490
3491
3492
3493
3494
3495
3496int kernel_bind(struct socket *sock, struct sockaddr *addr, int addrlen)
3497{
3498 return sock->ops->bind(sock, addr, addrlen);
3499}
3500EXPORT_SYMBOL(kernel_bind);
3501
3502
3503
3504
3505
3506
3507
3508
3509
3510int kernel_listen(struct socket *sock, int backlog)
3511{
3512 return sock->ops->listen(sock, backlog);
3513}
3514EXPORT_SYMBOL(kernel_listen);
3515
3516
3517
3518
3519
3520
3521
3522
3523
3524
3525
3526
3527int kernel_accept(struct socket *sock, struct socket **newsock, int flags)
3528{
3529 struct sock *sk = sock->sk;
3530 int err;
3531
3532 err = sock_create_lite(sk->sk_family, sk->sk_type, sk->sk_protocol,
3533 newsock);
3534 if (err < 0)
3535 goto done;
3536
3537 err = sock->ops->accept(sock, *newsock, flags, true);
3538 if (err < 0) {
3539 sock_release(*newsock);
3540 *newsock = NULL;
3541 goto done;
3542 }
3543
3544 (*newsock)->ops = sock->ops;
3545 __module_get((*newsock)->ops->owner);
3546
3547done:
3548 return err;
3549}
3550EXPORT_SYMBOL(kernel_accept);
3551
3552
3553
3554
3555
3556
3557
3558
3559
3560
3561
3562
3563
3564
3565int kernel_connect(struct socket *sock, struct sockaddr *addr, int addrlen,
3566 int flags)
3567{
3568 return sock->ops->connect(sock, addr, addrlen, flags);
3569}
3570EXPORT_SYMBOL(kernel_connect);
3571
3572
3573
3574
3575
3576
3577
3578
3579
3580
3581int kernel_getsockname(struct socket *sock, struct sockaddr *addr)
3582{
3583 return sock->ops->getname(sock, addr, 0);
3584}
3585EXPORT_SYMBOL(kernel_getsockname);
3586
3587
3588
3589
3590
3591
3592
3593
3594
3595
3596int kernel_getpeername(struct socket *sock, struct sockaddr *addr)
3597{
3598 return sock->ops->getname(sock, addr, 1);
3599}
3600EXPORT_SYMBOL(kernel_getpeername);
3601
3602
3603
3604
3605
3606
3607
3608
3609
3610
3611
3612
3613
3614int kernel_getsockopt(struct socket *sock, int level, int optname,
3615 char *optval, int *optlen)
3616{
3617 mm_segment_t oldfs = get_fs();
3618 char __user *uoptval;
3619 int __user *uoptlen;
3620 int err;
3621
3622 uoptval = (char __user __force *) optval;
3623 uoptlen = (int __user __force *) optlen;
3624
3625 set_fs(KERNEL_DS);
3626 if (level == SOL_SOCKET)
3627 err = sock_getsockopt(sock, level, optname, uoptval, uoptlen);
3628 else
3629 err = sock->ops->getsockopt(sock, level, optname, uoptval,
3630 uoptlen);
3631 set_fs(oldfs);
3632 return err;
3633}
3634EXPORT_SYMBOL(kernel_getsockopt);
3635
3636
3637
3638
3639
3640
3641
3642
3643
3644
3645
3646
3647int kernel_setsockopt(struct socket *sock, int level, int optname,
3648 char *optval, unsigned int optlen)
3649{
3650 mm_segment_t oldfs = get_fs();
3651 char __user *uoptval;
3652 int err;
3653
3654 uoptval = (char __user __force *) optval;
3655
3656 set_fs(KERNEL_DS);
3657 if (level == SOL_SOCKET)
3658 err = sock_setsockopt(sock, level, optname, uoptval, optlen);
3659 else
3660 err = sock->ops->setsockopt(sock, level, optname, uoptval,
3661 optlen);
3662 set_fs(oldfs);
3663 return err;
3664}
3665EXPORT_SYMBOL(kernel_setsockopt);
3666
3667
3668
3669
3670
3671
3672
3673
3674
3675
3676
3677
3678int kernel_sendpage(struct socket *sock, struct page *page, int offset,
3679 size_t size, int flags)
3680{
3681 if (sock->ops->sendpage)
3682 return sock->ops->sendpage(sock, page, offset, size, flags);
3683
3684 return sock_no_sendpage(sock, page, offset, size, flags);
3685}
3686EXPORT_SYMBOL(kernel_sendpage);
3687
3688
3689
3690
3691
3692
3693
3694
3695
3696
3697
3698
3699
3700int kernel_sendpage_locked(struct sock *sk, struct page *page, int offset,
3701 size_t size, int flags)
3702{
3703 struct socket *sock = sk->sk_socket;
3704
3705 if (sock->ops->sendpage_locked)
3706 return sock->ops->sendpage_locked(sk, page, offset, size,
3707 flags);
3708
3709 return sock_no_sendpage_locked(sk, page, offset, size, flags);
3710}
3711EXPORT_SYMBOL(kernel_sendpage_locked);
3712
3713
3714
3715
3716
3717
3718
3719
3720
3721int kernel_sock_shutdown(struct socket *sock, enum sock_shutdown_cmd how)
3722{
3723 return sock->ops->shutdown(sock, how);
3724}
3725EXPORT_SYMBOL(kernel_sock_shutdown);
3726
3727
3728
3729
3730
3731
3732
3733
3734
3735
3736
3737u32 kernel_sock_ip_overhead(struct sock *sk)
3738{
3739 struct inet_sock *inet;
3740 struct ip_options_rcu *opt;
3741 u32 overhead = 0;
3742#if IS_ENABLED(CONFIG_IPV6)
3743 struct ipv6_pinfo *np;
3744 struct ipv6_txoptions *optv6 = NULL;
3745#endif
3746
3747 if (!sk)
3748 return overhead;
3749
3750 switch (sk->sk_family) {
3751 case AF_INET:
3752 inet = inet_sk(sk);
3753 overhead += sizeof(struct iphdr);
3754 opt = rcu_dereference_protected(inet->inet_opt,
3755 sock_owned_by_user(sk));
3756 if (opt)
3757 overhead += opt->opt.optlen;
3758 return overhead;
3759#if IS_ENABLED(CONFIG_IPV6)
3760 case AF_INET6:
3761 np = inet6_sk(sk);
3762 overhead += sizeof(struct ipv6hdr);
3763 if (np)
3764 optv6 = rcu_dereference_protected(np->opt,
3765 sock_owned_by_user(sk));
3766 if (optv6)
3767 overhead += (optv6->opt_flen + optv6->opt_nflen);
3768 return overhead;
3769#endif
3770 default:
3771 return overhead;
3772 }
3773}
3774EXPORT_SYMBOL(kernel_sock_ip_overhead);
3775