xref: /openbmc/linux/net/core/sock.c (revision 545e4006)
1 /*
2  * INET		An implementation of the TCP/IP protocol suite for the LINUX
3  *		operating system.  INET is implemented using the  BSD Socket
4  *		interface as the means of communication with the user level.
5  *
6  *		Generic socket support routines. Memory allocators, socket lock/release
7  *		handler for protocols to use and generic option handler.
8  *
9  *
10  * Authors:	Ross Biro
11  *		Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12  *		Florian La Roche, <flla@stud.uni-sb.de>
13  *		Alan Cox, <A.Cox@swansea.ac.uk>
14  *
15  * Fixes:
16  *		Alan Cox	: 	Numerous verify_area() problems
17  *		Alan Cox	:	Connecting on a connecting socket
18  *					now returns an error for tcp.
19  *		Alan Cox	:	sock->protocol is set correctly.
20  *					and is not sometimes left as 0.
21  *		Alan Cox	:	connect handles icmp errors on a
22  *					connect properly. Unfortunately there
23  *					is a restart syscall nasty there. I
24  *					can't match BSD without hacking the C
25  *					library. Ideas urgently sought!
26  *		Alan Cox	:	Disallow bind() to addresses that are
27  *					not ours - especially broadcast ones!!
28  *		Alan Cox	:	Socket 1024 _IS_ ok for users. (fencepost)
29  *		Alan Cox	:	sock_wfree/sock_rfree don't destroy sockets,
30  *					instead they leave that for the DESTROY timer.
31  *		Alan Cox	:	Clean up error flag in accept
32  *		Alan Cox	:	TCP ack handling is buggy, the DESTROY timer
33  *					was buggy. Put a remove_sock() in the handler
34  *					for memory when we hit 0. Also altered the timer
35  *					code. The ACK stuff can wait and needs major
36  *					TCP layer surgery.
37  *		Alan Cox	:	Fixed TCP ack bug, removed remove sock
38  *					and fixed timer/inet_bh race.
39  *		Alan Cox	:	Added zapped flag for TCP
40  *		Alan Cox	:	Move kfree_skb into skbuff.c and tidied up surplus code
41  *		Alan Cox	:	for new sk_buff allocations wmalloc/rmalloc now call alloc_skb
42  *		Alan Cox	:	kfree_s calls now are kfree_skbmem so we can track skb resources
43  *		Alan Cox	:	Supports socket option broadcast now as does udp. Packet and raw need fixing.
44  *		Alan Cox	:	Added RCVBUF,SNDBUF size setting. It suddenly occurred to me how easy it was so...
45  *		Rick Sladkey	:	Relaxed UDP rules for matching packets.
46  *		C.E.Hawkins	:	IFF_PROMISC/SIOCGHWADDR support
47  *	Pauline Middelink	:	identd support
48  *		Alan Cox	:	Fixed connect() taking signals I think.
49  *		Alan Cox	:	SO_LINGER supported
50  *		Alan Cox	:	Error reporting fixes
51  *		Anonymous	:	inet_create tidied up (sk->reuse setting)
52  *		Alan Cox	:	inet sockets don't set sk->type!
53  *		Alan Cox	:	Split socket option code
54  *		Alan Cox	:	Callbacks
55  *		Alan Cox	:	Nagle flag for Charles & Johannes stuff
56  *		Alex		:	Removed restriction on inet fioctl
57  *		Alan Cox	:	Splitting INET from NET core
58  *		Alan Cox	:	Fixed bogus SO_TYPE handling in getsockopt()
59  *		Adam Caldwell	:	Missing return in SO_DONTROUTE/SO_DEBUG code
60  *		Alan Cox	:	Split IP from generic code
61  *		Alan Cox	:	New kfree_skbmem()
62  *		Alan Cox	:	Make SO_DEBUG superuser only.
63  *		Alan Cox	:	Allow anyone to clear SO_DEBUG
64  *					(compatibility fix)
65  *		Alan Cox	:	Added optimistic memory grabbing for AF_UNIX throughput.
66  *		Alan Cox	:	Allocator for a socket is settable.
67  *		Alan Cox	:	SO_ERROR includes soft errors.
68  *		Alan Cox	:	Allow NULL arguments on some SO_ opts
69  *		Alan Cox	: 	Generic socket allocation to make hooks
70  *					easier (suggested by Craig Metz).
71  *		Michael Pall	:	SO_ERROR returns positive errno again
72  *              Steve Whitehouse:       Added default destructor to free
73  *                                      protocol private data.
74  *              Steve Whitehouse:       Added various other default routines
75  *                                      common to several socket families.
76  *              Chris Evans     :       Call suser() check last on F_SETOWN
77  *		Jay Schulist	:	Added SO_ATTACH_FILTER and SO_DETACH_FILTER.
78  *		Andi Kleen	:	Add sock_kmalloc()/sock_kfree_s()
79  *		Andi Kleen	:	Fix write_space callback
80  *		Chris Evans	:	Security fixes - signedness again
81  *		Arnaldo C. Melo :       cleanups, use skb_queue_purge
82  *
83  * To Fix:
84  *
85  *
86  *		This program is free software; you can redistribute it and/or
87  *		modify it under the terms of the GNU General Public License
88  *		as published by the Free Software Foundation; either version
89  *		2 of the License, or (at your option) any later version.
90  */
91 
92 #include <linux/capability.h>
93 #include <linux/errno.h>
94 #include <linux/types.h>
95 #include <linux/socket.h>
96 #include <linux/in.h>
97 #include <linux/kernel.h>
98 #include <linux/module.h>
99 #include <linux/proc_fs.h>
100 #include <linux/seq_file.h>
101 #include <linux/sched.h>
102 #include <linux/timer.h>
103 #include <linux/string.h>
104 #include <linux/sockios.h>
105 #include <linux/net.h>
106 #include <linux/mm.h>
107 #include <linux/slab.h>
108 #include <linux/interrupt.h>
109 #include <linux/poll.h>
110 #include <linux/tcp.h>
111 #include <linux/init.h>
112 #include <linux/highmem.h>
113 
114 #include <asm/uaccess.h>
115 #include <asm/system.h>
116 
117 #include <linux/netdevice.h>
118 #include <net/protocol.h>
119 #include <linux/skbuff.h>
120 #include <net/net_namespace.h>
121 #include <net/request_sock.h>
122 #include <net/sock.h>
123 #include <net/xfrm.h>
124 #include <linux/ipsec.h>
125 
126 #include <linux/filter.h>
127 
128 #ifdef CONFIG_INET
129 #include <net/tcp.h>
130 #endif
131 
132 /*
133  * Each address family might have different locking rules, so we have
134  * one slock key per address family:
135  */
136 static struct lock_class_key af_family_keys[AF_MAX];
137 static struct lock_class_key af_family_slock_keys[AF_MAX];
138 
139 #ifdef CONFIG_DEBUG_LOCK_ALLOC
140 /*
141  * Make lock validator output more readable. (we pre-construct these
142  * strings build-time, so that runtime initialization of socket
143  * locks is fast):
144  */
145 static const char *af_family_key_strings[AF_MAX+1] = {
146   "sk_lock-AF_UNSPEC", "sk_lock-AF_UNIX"     , "sk_lock-AF_INET"     ,
147   "sk_lock-AF_AX25"  , "sk_lock-AF_IPX"      , "sk_lock-AF_APPLETALK",
148   "sk_lock-AF_NETROM", "sk_lock-AF_BRIDGE"   , "sk_lock-AF_ATMPVC"   ,
149   "sk_lock-AF_X25"   , "sk_lock-AF_INET6"    , "sk_lock-AF_ROSE"     ,
150   "sk_lock-AF_DECnet", "sk_lock-AF_NETBEUI"  , "sk_lock-AF_SECURITY" ,
151   "sk_lock-AF_KEY"   , "sk_lock-AF_NETLINK"  , "sk_lock-AF_PACKET"   ,
152   "sk_lock-AF_ASH"   , "sk_lock-AF_ECONET"   , "sk_lock-AF_ATMSVC"   ,
153   "sk_lock-21"       , "sk_lock-AF_SNA"      , "sk_lock-AF_IRDA"     ,
154   "sk_lock-AF_PPPOX" , "sk_lock-AF_WANPIPE"  , "sk_lock-AF_LLC"      ,
155   "sk_lock-27"       , "sk_lock-28"          , "sk_lock-AF_CAN"      ,
156   "sk_lock-AF_TIPC"  , "sk_lock-AF_BLUETOOTH", "sk_lock-IUCV"        ,
157   "sk_lock-AF_RXRPC" , "sk_lock-AF_MAX"
158 };
159 static const char *af_family_slock_key_strings[AF_MAX+1] = {
160   "slock-AF_UNSPEC", "slock-AF_UNIX"     , "slock-AF_INET"     ,
161   "slock-AF_AX25"  , "slock-AF_IPX"      , "slock-AF_APPLETALK",
162   "slock-AF_NETROM", "slock-AF_BRIDGE"   , "slock-AF_ATMPVC"   ,
163   "slock-AF_X25"   , "slock-AF_INET6"    , "slock-AF_ROSE"     ,
164   "slock-AF_DECnet", "slock-AF_NETBEUI"  , "slock-AF_SECURITY" ,
165   "slock-AF_KEY"   , "slock-AF_NETLINK"  , "slock-AF_PACKET"   ,
166   "slock-AF_ASH"   , "slock-AF_ECONET"   , "slock-AF_ATMSVC"   ,
167   "slock-21"       , "slock-AF_SNA"      , "slock-AF_IRDA"     ,
168   "slock-AF_PPPOX" , "slock-AF_WANPIPE"  , "slock-AF_LLC"      ,
169   "slock-27"       , "slock-28"          , "slock-AF_CAN"      ,
170   "slock-AF_TIPC"  , "slock-AF_BLUETOOTH", "slock-AF_IUCV"     ,
171   "slock-AF_RXRPC" , "slock-AF_MAX"
172 };
173 static const char *af_family_clock_key_strings[AF_MAX+1] = {
174   "clock-AF_UNSPEC", "clock-AF_UNIX"     , "clock-AF_INET"     ,
175   "clock-AF_AX25"  , "clock-AF_IPX"      , "clock-AF_APPLETALK",
176   "clock-AF_NETROM", "clock-AF_BRIDGE"   , "clock-AF_ATMPVC"   ,
177   "clock-AF_X25"   , "clock-AF_INET6"    , "clock-AF_ROSE"     ,
178   "clock-AF_DECnet", "clock-AF_NETBEUI"  , "clock-AF_SECURITY" ,
179   "clock-AF_KEY"   , "clock-AF_NETLINK"  , "clock-AF_PACKET"   ,
180   "clock-AF_ASH"   , "clock-AF_ECONET"   , "clock-AF_ATMSVC"   ,
181   "clock-21"       , "clock-AF_SNA"      , "clock-AF_IRDA"     ,
182   "clock-AF_PPPOX" , "clock-AF_WANPIPE"  , "clock-AF_LLC"      ,
183   "clock-27"       , "clock-28"          , "clock-AF_CAN"      ,
184   "clock-AF_TIPC"  , "clock-AF_BLUETOOTH", "clock-AF_IUCV"     ,
185   "clock-AF_RXRPC" , "clock-AF_MAX"
186 };
187 #endif
188 
189 /*
190  * sk_callback_lock locking rules are per-address-family,
191  * so split the lock classes by using a per-AF key:
192  */
193 static struct lock_class_key af_callback_keys[AF_MAX];
194 
195 /* Take into consideration the size of the struct sk_buff overhead in the
196  * determination of these values, since that is non-constant across
197  * platforms.  This makes socket queueing behavior and performance
198  * not depend upon such differences.
199  */
200 #define _SK_MEM_PACKETS		256
201 #define _SK_MEM_OVERHEAD	(sizeof(struct sk_buff) + 256)
202 #define SK_WMEM_MAX		(_SK_MEM_OVERHEAD * _SK_MEM_PACKETS)
203 #define SK_RMEM_MAX		(_SK_MEM_OVERHEAD * _SK_MEM_PACKETS)
204 
205 /* Run time adjustable parameters. */
206 __u32 sysctl_wmem_max __read_mostly = SK_WMEM_MAX;
207 __u32 sysctl_rmem_max __read_mostly = SK_RMEM_MAX;
208 __u32 sysctl_wmem_default __read_mostly = SK_WMEM_MAX;
209 __u32 sysctl_rmem_default __read_mostly = SK_RMEM_MAX;
210 
211 /* Maximal space eaten by iovec or ancilliary data plus some space */
212 int sysctl_optmem_max __read_mostly = sizeof(unsigned long)*(2*UIO_MAXIOV+512);
213 
214 static int sock_set_timeout(long *timeo_p, char __user *optval, int optlen)
215 {
216 	struct timeval tv;
217 
218 	if (optlen < sizeof(tv))
219 		return -EINVAL;
220 	if (copy_from_user(&tv, optval, sizeof(tv)))
221 		return -EFAULT;
222 	if (tv.tv_usec < 0 || tv.tv_usec >= USEC_PER_SEC)
223 		return -EDOM;
224 
225 	if (tv.tv_sec < 0) {
226 		static int warned __read_mostly;
227 
228 		*timeo_p = 0;
229 		if (warned < 10 && net_ratelimit()) {
230 			warned++;
231 			printk(KERN_INFO "sock_set_timeout: `%s' (pid %d) "
232 			       "tries to set negative timeout\n",
233 				current->comm, task_pid_nr(current));
234 		}
235 		return 0;
236 	}
237 	*timeo_p = MAX_SCHEDULE_TIMEOUT;
238 	if (tv.tv_sec == 0 && tv.tv_usec == 0)
239 		return 0;
240 	if (tv.tv_sec < (MAX_SCHEDULE_TIMEOUT/HZ - 1))
241 		*timeo_p = tv.tv_sec*HZ + (tv.tv_usec+(1000000/HZ-1))/(1000000/HZ);
242 	return 0;
243 }
244 
245 static void sock_warn_obsolete_bsdism(const char *name)
246 {
247 	static int warned;
248 	static char warncomm[TASK_COMM_LEN];
249 	if (strcmp(warncomm, current->comm) && warned < 5) {
250 		strcpy(warncomm,  current->comm);
251 		printk(KERN_WARNING "process `%s' is using obsolete "
252 		       "%s SO_BSDCOMPAT\n", warncomm, name);
253 		warned++;
254 	}
255 }
256 
257 static void sock_disable_timestamp(struct sock *sk)
258 {
259 	if (sock_flag(sk, SOCK_TIMESTAMP)) {
260 		sock_reset_flag(sk, SOCK_TIMESTAMP);
261 		net_disable_timestamp();
262 	}
263 }
264 
265 
266 int sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
267 {
268 	int err = 0;
269 	int skb_len;
270 
271 	/* Cast sk->rcvbuf to unsigned... It's pointless, but reduces
272 	   number of warnings when compiling with -W --ANK
273 	 */
274 	if (atomic_read(&sk->sk_rmem_alloc) + skb->truesize >=
275 	    (unsigned)sk->sk_rcvbuf) {
276 		err = -ENOMEM;
277 		goto out;
278 	}
279 
280 	err = sk_filter(sk, skb);
281 	if (err)
282 		goto out;
283 
284 	if (!sk_rmem_schedule(sk, skb->truesize)) {
285 		err = -ENOBUFS;
286 		goto out;
287 	}
288 
289 	skb->dev = NULL;
290 	skb_set_owner_r(skb, sk);
291 
292 	/* Cache the SKB length before we tack it onto the receive
293 	 * queue.  Once it is added it no longer belongs to us and
294 	 * may be freed by other threads of control pulling packets
295 	 * from the queue.
296 	 */
297 	skb_len = skb->len;
298 
299 	skb_queue_tail(&sk->sk_receive_queue, skb);
300 
301 	if (!sock_flag(sk, SOCK_DEAD))
302 		sk->sk_data_ready(sk, skb_len);
303 out:
304 	return err;
305 }
306 EXPORT_SYMBOL(sock_queue_rcv_skb);
307 
308 int sk_receive_skb(struct sock *sk, struct sk_buff *skb, const int nested)
309 {
310 	int rc = NET_RX_SUCCESS;
311 
312 	if (sk_filter(sk, skb))
313 		goto discard_and_relse;
314 
315 	skb->dev = NULL;
316 
317 	if (nested)
318 		bh_lock_sock_nested(sk);
319 	else
320 		bh_lock_sock(sk);
321 	if (!sock_owned_by_user(sk)) {
322 		/*
323 		 * trylock + unlock semantics:
324 		 */
325 		mutex_acquire(&sk->sk_lock.dep_map, 0, 1, _RET_IP_);
326 
327 		rc = sk->sk_backlog_rcv(sk, skb);
328 
329 		mutex_release(&sk->sk_lock.dep_map, 1, _RET_IP_);
330 	} else
331 		sk_add_backlog(sk, skb);
332 	bh_unlock_sock(sk);
333 out:
334 	sock_put(sk);
335 	return rc;
336 discard_and_relse:
337 	kfree_skb(skb);
338 	goto out;
339 }
340 EXPORT_SYMBOL(sk_receive_skb);
341 
342 struct dst_entry *__sk_dst_check(struct sock *sk, u32 cookie)
343 {
344 	struct dst_entry *dst = sk->sk_dst_cache;
345 
346 	if (dst && dst->obsolete && dst->ops->check(dst, cookie) == NULL) {
347 		sk->sk_dst_cache = NULL;
348 		dst_release(dst);
349 		return NULL;
350 	}
351 
352 	return dst;
353 }
354 EXPORT_SYMBOL(__sk_dst_check);
355 
356 struct dst_entry *sk_dst_check(struct sock *sk, u32 cookie)
357 {
358 	struct dst_entry *dst = sk_dst_get(sk);
359 
360 	if (dst && dst->obsolete && dst->ops->check(dst, cookie) == NULL) {
361 		sk_dst_reset(sk);
362 		dst_release(dst);
363 		return NULL;
364 	}
365 
366 	return dst;
367 }
368 EXPORT_SYMBOL(sk_dst_check);
369 
370 static int sock_bindtodevice(struct sock *sk, char __user *optval, int optlen)
371 {
372 	int ret = -ENOPROTOOPT;
373 #ifdef CONFIG_NETDEVICES
374 	struct net *net = sock_net(sk);
375 	char devname[IFNAMSIZ];
376 	int index;
377 
378 	/* Sorry... */
379 	ret = -EPERM;
380 	if (!capable(CAP_NET_RAW))
381 		goto out;
382 
383 	ret = -EINVAL;
384 	if (optlen < 0)
385 		goto out;
386 
387 	/* Bind this socket to a particular device like "eth0",
388 	 * as specified in the passed interface name. If the
389 	 * name is "" or the option length is zero the socket
390 	 * is not bound.
391 	 */
392 	if (optlen > IFNAMSIZ - 1)
393 		optlen = IFNAMSIZ - 1;
394 	memset(devname, 0, sizeof(devname));
395 
396 	ret = -EFAULT;
397 	if (copy_from_user(devname, optval, optlen))
398 		goto out;
399 
400 	if (devname[0] == '\0') {
401 		index = 0;
402 	} else {
403 		struct net_device *dev = dev_get_by_name(net, devname);
404 
405 		ret = -ENODEV;
406 		if (!dev)
407 			goto out;
408 
409 		index = dev->ifindex;
410 		dev_put(dev);
411 	}
412 
413 	lock_sock(sk);
414 	sk->sk_bound_dev_if = index;
415 	sk_dst_reset(sk);
416 	release_sock(sk);
417 
418 	ret = 0;
419 
420 out:
421 #endif
422 
423 	return ret;
424 }
425 
426 static inline void sock_valbool_flag(struct sock *sk, int bit, int valbool)
427 {
428 	if (valbool)
429 		sock_set_flag(sk, bit);
430 	else
431 		sock_reset_flag(sk, bit);
432 }
433 
434 /*
435  *	This is meant for all protocols to use and covers goings on
436  *	at the socket level. Everything here is generic.
437  */
438 
439 int sock_setsockopt(struct socket *sock, int level, int optname,
440 		    char __user *optval, int optlen)
441 {
442 	struct sock *sk=sock->sk;
443 	int val;
444 	int valbool;
445 	struct linger ling;
446 	int ret = 0;
447 
448 	/*
449 	 *	Options without arguments
450 	 */
451 
452 	if (optname == SO_BINDTODEVICE)
453 		return sock_bindtodevice(sk, optval, optlen);
454 
455 	if (optlen < sizeof(int))
456 		return -EINVAL;
457 
458 	if (get_user(val, (int __user *)optval))
459 		return -EFAULT;
460 
461 	valbool = val?1:0;
462 
463 	lock_sock(sk);
464 
465 	switch(optname) {
466 	case SO_DEBUG:
467 		if (val && !capable(CAP_NET_ADMIN)) {
468 			ret = -EACCES;
469 		} else
470 			sock_valbool_flag(sk, SOCK_DBG, valbool);
471 		break;
472 	case SO_REUSEADDR:
473 		sk->sk_reuse = valbool;
474 		break;
475 	case SO_TYPE:
476 	case SO_ERROR:
477 		ret = -ENOPROTOOPT;
478 		break;
479 	case SO_DONTROUTE:
480 		sock_valbool_flag(sk, SOCK_LOCALROUTE, valbool);
481 		break;
482 	case SO_BROADCAST:
483 		sock_valbool_flag(sk, SOCK_BROADCAST, valbool);
484 		break;
485 	case SO_SNDBUF:
486 		/* Don't error on this BSD doesn't and if you think
487 		   about it this is right. Otherwise apps have to
488 		   play 'guess the biggest size' games. RCVBUF/SNDBUF
489 		   are treated in BSD as hints */
490 
491 		if (val > sysctl_wmem_max)
492 			val = sysctl_wmem_max;
493 set_sndbuf:
494 		sk->sk_userlocks |= SOCK_SNDBUF_LOCK;
495 		if ((val * 2) < SOCK_MIN_SNDBUF)
496 			sk->sk_sndbuf = SOCK_MIN_SNDBUF;
497 		else
498 			sk->sk_sndbuf = val * 2;
499 
500 		/*
501 		 *	Wake up sending tasks if we
502 		 *	upped the value.
503 		 */
504 		sk->sk_write_space(sk);
505 		break;
506 
507 	case SO_SNDBUFFORCE:
508 		if (!capable(CAP_NET_ADMIN)) {
509 			ret = -EPERM;
510 			break;
511 		}
512 		goto set_sndbuf;
513 
514 	case SO_RCVBUF:
515 		/* Don't error on this BSD doesn't and if you think
516 		   about it this is right. Otherwise apps have to
517 		   play 'guess the biggest size' games. RCVBUF/SNDBUF
518 		   are treated in BSD as hints */
519 
520 		if (val > sysctl_rmem_max)
521 			val = sysctl_rmem_max;
522 set_rcvbuf:
523 		sk->sk_userlocks |= SOCK_RCVBUF_LOCK;
524 		/*
525 		 * We double it on the way in to account for
526 		 * "struct sk_buff" etc. overhead.   Applications
527 		 * assume that the SO_RCVBUF setting they make will
528 		 * allow that much actual data to be received on that
529 		 * socket.
530 		 *
531 		 * Applications are unaware that "struct sk_buff" and
532 		 * other overheads allocate from the receive buffer
533 		 * during socket buffer allocation.
534 		 *
535 		 * And after considering the possible alternatives,
536 		 * returning the value we actually used in getsockopt
537 		 * is the most desirable behavior.
538 		 */
539 		if ((val * 2) < SOCK_MIN_RCVBUF)
540 			sk->sk_rcvbuf = SOCK_MIN_RCVBUF;
541 		else
542 			sk->sk_rcvbuf = val * 2;
543 		break;
544 
545 	case SO_RCVBUFFORCE:
546 		if (!capable(CAP_NET_ADMIN)) {
547 			ret = -EPERM;
548 			break;
549 		}
550 		goto set_rcvbuf;
551 
552 	case SO_KEEPALIVE:
553 #ifdef CONFIG_INET
554 		if (sk->sk_protocol == IPPROTO_TCP)
555 			tcp_set_keepalive(sk, valbool);
556 #endif
557 		sock_valbool_flag(sk, SOCK_KEEPOPEN, valbool);
558 		break;
559 
560 	case SO_OOBINLINE:
561 		sock_valbool_flag(sk, SOCK_URGINLINE, valbool);
562 		break;
563 
564 	case SO_NO_CHECK:
565 		sk->sk_no_check = valbool;
566 		break;
567 
568 	case SO_PRIORITY:
569 		if ((val >= 0 && val <= 6) || capable(CAP_NET_ADMIN))
570 			sk->sk_priority = val;
571 		else
572 			ret = -EPERM;
573 		break;
574 
575 	case SO_LINGER:
576 		if (optlen < sizeof(ling)) {
577 			ret = -EINVAL;	/* 1003.1g */
578 			break;
579 		}
580 		if (copy_from_user(&ling,optval,sizeof(ling))) {
581 			ret = -EFAULT;
582 			break;
583 		}
584 		if (!ling.l_onoff)
585 			sock_reset_flag(sk, SOCK_LINGER);
586 		else {
587 #if (BITS_PER_LONG == 32)
588 			if ((unsigned int)ling.l_linger >= MAX_SCHEDULE_TIMEOUT/HZ)
589 				sk->sk_lingertime = MAX_SCHEDULE_TIMEOUT;
590 			else
591 #endif
592 				sk->sk_lingertime = (unsigned int)ling.l_linger * HZ;
593 			sock_set_flag(sk, SOCK_LINGER);
594 		}
595 		break;
596 
597 	case SO_BSDCOMPAT:
598 		sock_warn_obsolete_bsdism("setsockopt");
599 		break;
600 
601 	case SO_PASSCRED:
602 		if (valbool)
603 			set_bit(SOCK_PASSCRED, &sock->flags);
604 		else
605 			clear_bit(SOCK_PASSCRED, &sock->flags);
606 		break;
607 
608 	case SO_TIMESTAMP:
609 	case SO_TIMESTAMPNS:
610 		if (valbool)  {
611 			if (optname == SO_TIMESTAMP)
612 				sock_reset_flag(sk, SOCK_RCVTSTAMPNS);
613 			else
614 				sock_set_flag(sk, SOCK_RCVTSTAMPNS);
615 			sock_set_flag(sk, SOCK_RCVTSTAMP);
616 			sock_enable_timestamp(sk);
617 		} else {
618 			sock_reset_flag(sk, SOCK_RCVTSTAMP);
619 			sock_reset_flag(sk, SOCK_RCVTSTAMPNS);
620 		}
621 		break;
622 
623 	case SO_RCVLOWAT:
624 		if (val < 0)
625 			val = INT_MAX;
626 		sk->sk_rcvlowat = val ? : 1;
627 		break;
628 
629 	case SO_RCVTIMEO:
630 		ret = sock_set_timeout(&sk->sk_rcvtimeo, optval, optlen);
631 		break;
632 
633 	case SO_SNDTIMEO:
634 		ret = sock_set_timeout(&sk->sk_sndtimeo, optval, optlen);
635 		break;
636 
637 	case SO_ATTACH_FILTER:
638 		ret = -EINVAL;
639 		if (optlen == sizeof(struct sock_fprog)) {
640 			struct sock_fprog fprog;
641 
642 			ret = -EFAULT;
643 			if (copy_from_user(&fprog, optval, sizeof(fprog)))
644 				break;
645 
646 			ret = sk_attach_filter(&fprog, sk);
647 		}
648 		break;
649 
650 	case SO_DETACH_FILTER:
651 		ret = sk_detach_filter(sk);
652 		break;
653 
654 	case SO_PASSSEC:
655 		if (valbool)
656 			set_bit(SOCK_PASSSEC, &sock->flags);
657 		else
658 			clear_bit(SOCK_PASSSEC, &sock->flags);
659 		break;
660 	case SO_MARK:
661 		if (!capable(CAP_NET_ADMIN))
662 			ret = -EPERM;
663 		else {
664 			sk->sk_mark = val;
665 		}
666 		break;
667 
668 		/* We implement the SO_SNDLOWAT etc to
669 		   not be settable (1003.1g 5.3) */
670 	default:
671 		ret = -ENOPROTOOPT;
672 		break;
673 	}
674 	release_sock(sk);
675 	return ret;
676 }
677 
678 
679 int sock_getsockopt(struct socket *sock, int level, int optname,
680 		    char __user *optval, int __user *optlen)
681 {
682 	struct sock *sk = sock->sk;
683 
684 	union {
685 		int val;
686 		struct linger ling;
687 		struct timeval tm;
688 	} v;
689 
690 	unsigned int lv = sizeof(int);
691 	int len;
692 
693 	if (get_user(len, optlen))
694 		return -EFAULT;
695 	if (len < 0)
696 		return -EINVAL;
697 
698 	switch(optname) {
699 	case SO_DEBUG:
700 		v.val = sock_flag(sk, SOCK_DBG);
701 		break;
702 
703 	case SO_DONTROUTE:
704 		v.val = sock_flag(sk, SOCK_LOCALROUTE);
705 		break;
706 
707 	case SO_BROADCAST:
708 		v.val = !!sock_flag(sk, SOCK_BROADCAST);
709 		break;
710 
711 	case SO_SNDBUF:
712 		v.val = sk->sk_sndbuf;
713 		break;
714 
715 	case SO_RCVBUF:
716 		v.val = sk->sk_rcvbuf;
717 		break;
718 
719 	case SO_REUSEADDR:
720 		v.val = sk->sk_reuse;
721 		break;
722 
723 	case SO_KEEPALIVE:
724 		v.val = !!sock_flag(sk, SOCK_KEEPOPEN);
725 		break;
726 
727 	case SO_TYPE:
728 		v.val = sk->sk_type;
729 		break;
730 
731 	case SO_ERROR:
732 		v.val = -sock_error(sk);
733 		if (v.val==0)
734 			v.val = xchg(&sk->sk_err_soft, 0);
735 		break;
736 
737 	case SO_OOBINLINE:
738 		v.val = !!sock_flag(sk, SOCK_URGINLINE);
739 		break;
740 
741 	case SO_NO_CHECK:
742 		v.val = sk->sk_no_check;
743 		break;
744 
745 	case SO_PRIORITY:
746 		v.val = sk->sk_priority;
747 		break;
748 
749 	case SO_LINGER:
750 		lv		= sizeof(v.ling);
751 		v.ling.l_onoff	= !!sock_flag(sk, SOCK_LINGER);
752 		v.ling.l_linger	= sk->sk_lingertime / HZ;
753 		break;
754 
755 	case SO_BSDCOMPAT:
756 		sock_warn_obsolete_bsdism("getsockopt");
757 		break;
758 
759 	case SO_TIMESTAMP:
760 		v.val = sock_flag(sk, SOCK_RCVTSTAMP) &&
761 				!sock_flag(sk, SOCK_RCVTSTAMPNS);
762 		break;
763 
764 	case SO_TIMESTAMPNS:
765 		v.val = sock_flag(sk, SOCK_RCVTSTAMPNS);
766 		break;
767 
768 	case SO_RCVTIMEO:
769 		lv=sizeof(struct timeval);
770 		if (sk->sk_rcvtimeo == MAX_SCHEDULE_TIMEOUT) {
771 			v.tm.tv_sec = 0;
772 			v.tm.tv_usec = 0;
773 		} else {
774 			v.tm.tv_sec = sk->sk_rcvtimeo / HZ;
775 			v.tm.tv_usec = ((sk->sk_rcvtimeo % HZ) * 1000000) / HZ;
776 		}
777 		break;
778 
779 	case SO_SNDTIMEO:
780 		lv=sizeof(struct timeval);
781 		if (sk->sk_sndtimeo == MAX_SCHEDULE_TIMEOUT) {
782 			v.tm.tv_sec = 0;
783 			v.tm.tv_usec = 0;
784 		} else {
785 			v.tm.tv_sec = sk->sk_sndtimeo / HZ;
786 			v.tm.tv_usec = ((sk->sk_sndtimeo % HZ) * 1000000) / HZ;
787 		}
788 		break;
789 
790 	case SO_RCVLOWAT:
791 		v.val = sk->sk_rcvlowat;
792 		break;
793 
794 	case SO_SNDLOWAT:
795 		v.val=1;
796 		break;
797 
798 	case SO_PASSCRED:
799 		v.val = test_bit(SOCK_PASSCRED, &sock->flags) ? 1 : 0;
800 		break;
801 
802 	case SO_PEERCRED:
803 		if (len > sizeof(sk->sk_peercred))
804 			len = sizeof(sk->sk_peercred);
805 		if (copy_to_user(optval, &sk->sk_peercred, len))
806 			return -EFAULT;
807 		goto lenout;
808 
809 	case SO_PEERNAME:
810 	{
811 		char address[128];
812 
813 		if (sock->ops->getname(sock, (struct sockaddr *)address, &lv, 2))
814 			return -ENOTCONN;
815 		if (lv < len)
816 			return -EINVAL;
817 		if (copy_to_user(optval, address, len))
818 			return -EFAULT;
819 		goto lenout;
820 	}
821 
822 	/* Dubious BSD thing... Probably nobody even uses it, but
823 	 * the UNIX standard wants it for whatever reason... -DaveM
824 	 */
825 	case SO_ACCEPTCONN:
826 		v.val = sk->sk_state == TCP_LISTEN;
827 		break;
828 
829 	case SO_PASSSEC:
830 		v.val = test_bit(SOCK_PASSSEC, &sock->flags) ? 1 : 0;
831 		break;
832 
833 	case SO_PEERSEC:
834 		return security_socket_getpeersec_stream(sock, optval, optlen, len);
835 
836 	case SO_MARK:
837 		v.val = sk->sk_mark;
838 		break;
839 
840 	default:
841 		return -ENOPROTOOPT;
842 	}
843 
844 	if (len > lv)
845 		len = lv;
846 	if (copy_to_user(optval, &v, len))
847 		return -EFAULT;
848 lenout:
849 	if (put_user(len, optlen))
850 		return -EFAULT;
851 	return 0;
852 }
853 
854 /*
855  * Initialize an sk_lock.
856  *
857  * (We also register the sk_lock with the lock validator.)
858  */
859 static inline void sock_lock_init(struct sock *sk)
860 {
861 	sock_lock_init_class_and_name(sk,
862 			af_family_slock_key_strings[sk->sk_family],
863 			af_family_slock_keys + sk->sk_family,
864 			af_family_key_strings[sk->sk_family],
865 			af_family_keys + sk->sk_family);
866 }
867 
868 static void sock_copy(struct sock *nsk, const struct sock *osk)
869 {
870 #ifdef CONFIG_SECURITY_NETWORK
871 	void *sptr = nsk->sk_security;
872 #endif
873 
874 	memcpy(nsk, osk, osk->sk_prot->obj_size);
875 #ifdef CONFIG_SECURITY_NETWORK
876 	nsk->sk_security = sptr;
877 	security_sk_clone(osk, nsk);
878 #endif
879 }
880 
881 static struct sock *sk_prot_alloc(struct proto *prot, gfp_t priority,
882 		int family)
883 {
884 	struct sock *sk;
885 	struct kmem_cache *slab;
886 
887 	slab = prot->slab;
888 	if (slab != NULL)
889 		sk = kmem_cache_alloc(slab, priority);
890 	else
891 		sk = kmalloc(prot->obj_size, priority);
892 
893 	if (sk != NULL) {
894 		if (security_sk_alloc(sk, family, priority))
895 			goto out_free;
896 
897 		if (!try_module_get(prot->owner))
898 			goto out_free_sec;
899 	}
900 
901 	return sk;
902 
903 out_free_sec:
904 	security_sk_free(sk);
905 out_free:
906 	if (slab != NULL)
907 		kmem_cache_free(slab, sk);
908 	else
909 		kfree(sk);
910 	return NULL;
911 }
912 
913 static void sk_prot_free(struct proto *prot, struct sock *sk)
914 {
915 	struct kmem_cache *slab;
916 	struct module *owner;
917 
918 	owner = prot->owner;
919 	slab = prot->slab;
920 
921 	security_sk_free(sk);
922 	if (slab != NULL)
923 		kmem_cache_free(slab, sk);
924 	else
925 		kfree(sk);
926 	module_put(owner);
927 }
928 
929 /**
930  *	sk_alloc - All socket objects are allocated here
931  *	@net: the applicable net namespace
932  *	@family: protocol family
933  *	@priority: for allocation (%GFP_KERNEL, %GFP_ATOMIC, etc)
934  *	@prot: struct proto associated with this new sock instance
935  */
936 struct sock *sk_alloc(struct net *net, int family, gfp_t priority,
937 		      struct proto *prot)
938 {
939 	struct sock *sk;
940 
941 	sk = sk_prot_alloc(prot, priority | __GFP_ZERO, family);
942 	if (sk) {
943 		sk->sk_family = family;
944 		/*
945 		 * See comment in struct sock definition to understand
946 		 * why we need sk_prot_creator -acme
947 		 */
948 		sk->sk_prot = sk->sk_prot_creator = prot;
949 		sock_lock_init(sk);
950 		sock_net_set(sk, get_net(net));
951 	}
952 
953 	return sk;
954 }
955 
956 void sk_free(struct sock *sk)
957 {
958 	struct sk_filter *filter;
959 
960 	if (sk->sk_destruct)
961 		sk->sk_destruct(sk);
962 
963 	filter = rcu_dereference(sk->sk_filter);
964 	if (filter) {
965 		sk_filter_uncharge(sk, filter);
966 		rcu_assign_pointer(sk->sk_filter, NULL);
967 	}
968 
969 	sock_disable_timestamp(sk);
970 
971 	if (atomic_read(&sk->sk_omem_alloc))
972 		printk(KERN_DEBUG "%s: optmem leakage (%d bytes) detected.\n",
973 		       __func__, atomic_read(&sk->sk_omem_alloc));
974 
975 	put_net(sock_net(sk));
976 	sk_prot_free(sk->sk_prot_creator, sk);
977 }
978 
979 /*
980  * Last sock_put should drop referrence to sk->sk_net. It has already
981  * been dropped in sk_change_net. Taking referrence to stopping namespace
982  * is not an option.
983  * Take referrence to a socket to remove it from hash _alive_ and after that
984  * destroy it in the context of init_net.
985  */
986 void sk_release_kernel(struct sock *sk)
987 {
988 	if (sk == NULL || sk->sk_socket == NULL)
989 		return;
990 
991 	sock_hold(sk);
992 	sock_release(sk->sk_socket);
993 	release_net(sock_net(sk));
994 	sock_net_set(sk, get_net(&init_net));
995 	sock_put(sk);
996 }
997 EXPORT_SYMBOL(sk_release_kernel);
998 
999 struct sock *sk_clone(const struct sock *sk, const gfp_t priority)
1000 {
1001 	struct sock *newsk;
1002 
1003 	newsk = sk_prot_alloc(sk->sk_prot, priority, sk->sk_family);
1004 	if (newsk != NULL) {
1005 		struct sk_filter *filter;
1006 
1007 		sock_copy(newsk, sk);
1008 
1009 		/* SANITY */
1010 		get_net(sock_net(newsk));
1011 		sk_node_init(&newsk->sk_node);
1012 		sock_lock_init(newsk);
1013 		bh_lock_sock(newsk);
1014 		newsk->sk_backlog.head	= newsk->sk_backlog.tail = NULL;
1015 
1016 		atomic_set(&newsk->sk_rmem_alloc, 0);
1017 		atomic_set(&newsk->sk_wmem_alloc, 0);
1018 		atomic_set(&newsk->sk_omem_alloc, 0);
1019 		skb_queue_head_init(&newsk->sk_receive_queue);
1020 		skb_queue_head_init(&newsk->sk_write_queue);
1021 #ifdef CONFIG_NET_DMA
1022 		skb_queue_head_init(&newsk->sk_async_wait_queue);
1023 #endif
1024 
1025 		rwlock_init(&newsk->sk_dst_lock);
1026 		rwlock_init(&newsk->sk_callback_lock);
1027 		lockdep_set_class_and_name(&newsk->sk_callback_lock,
1028 				af_callback_keys + newsk->sk_family,
1029 				af_family_clock_key_strings[newsk->sk_family]);
1030 
1031 		newsk->sk_dst_cache	= NULL;
1032 		newsk->sk_wmem_queued	= 0;
1033 		newsk->sk_forward_alloc = 0;
1034 		newsk->sk_send_head	= NULL;
1035 		newsk->sk_userlocks	= sk->sk_userlocks & ~SOCK_BINDPORT_LOCK;
1036 
1037 		sock_reset_flag(newsk, SOCK_DONE);
1038 		skb_queue_head_init(&newsk->sk_error_queue);
1039 
1040 		filter = newsk->sk_filter;
1041 		if (filter != NULL)
1042 			sk_filter_charge(newsk, filter);
1043 
1044 		if (unlikely(xfrm_sk_clone_policy(newsk))) {
1045 			/* It is still raw copy of parent, so invalidate
1046 			 * destructor and make plain sk_free() */
1047 			newsk->sk_destruct = NULL;
1048 			sk_free(newsk);
1049 			newsk = NULL;
1050 			goto out;
1051 		}
1052 
1053 		newsk->sk_err	   = 0;
1054 		newsk->sk_priority = 0;
1055 		atomic_set(&newsk->sk_refcnt, 2);
1056 
1057 		/*
1058 		 * Increment the counter in the same struct proto as the master
1059 		 * sock (sk_refcnt_debug_inc uses newsk->sk_prot->socks, that
1060 		 * is the same as sk->sk_prot->socks, as this field was copied
1061 		 * with memcpy).
1062 		 *
1063 		 * This _changes_ the previous behaviour, where
1064 		 * tcp_create_openreq_child always was incrementing the
1065 		 * equivalent to tcp_prot->socks (inet_sock_nr), so this have
1066 		 * to be taken into account in all callers. -acme
1067 		 */
1068 		sk_refcnt_debug_inc(newsk);
1069 		sk_set_socket(newsk, NULL);
1070 		newsk->sk_sleep	 = NULL;
1071 
1072 		if (newsk->sk_prot->sockets_allocated)
1073 			atomic_inc(newsk->sk_prot->sockets_allocated);
1074 	}
1075 out:
1076 	return newsk;
1077 }
1078 
1079 EXPORT_SYMBOL_GPL(sk_clone);
1080 
1081 void sk_setup_caps(struct sock *sk, struct dst_entry *dst)
1082 {
1083 	__sk_dst_set(sk, dst);
1084 	sk->sk_route_caps = dst->dev->features;
1085 	if (sk->sk_route_caps & NETIF_F_GSO)
1086 		sk->sk_route_caps |= NETIF_F_GSO_SOFTWARE;
1087 	if (sk_can_gso(sk)) {
1088 		if (dst->header_len) {
1089 			sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
1090 		} else {
1091 			sk->sk_route_caps |= NETIF_F_SG | NETIF_F_HW_CSUM;
1092 			sk->sk_gso_max_size = dst->dev->gso_max_size;
1093 		}
1094 	}
1095 }
1096 EXPORT_SYMBOL_GPL(sk_setup_caps);
1097 
1098 void __init sk_init(void)
1099 {
1100 	if (num_physpages <= 4096) {
1101 		sysctl_wmem_max = 32767;
1102 		sysctl_rmem_max = 32767;
1103 		sysctl_wmem_default = 32767;
1104 		sysctl_rmem_default = 32767;
1105 	} else if (num_physpages >= 131072) {
1106 		sysctl_wmem_max = 131071;
1107 		sysctl_rmem_max = 131071;
1108 	}
1109 }
1110 
1111 /*
1112  *	Simple resource managers for sockets.
1113  */
1114 
1115 
1116 /*
1117  * Write buffer destructor automatically called from kfree_skb.
1118  */
1119 void sock_wfree(struct sk_buff *skb)
1120 {
1121 	struct sock *sk = skb->sk;
1122 
1123 	/* In case it might be waiting for more memory. */
1124 	atomic_sub(skb->truesize, &sk->sk_wmem_alloc);
1125 	if (!sock_flag(sk, SOCK_USE_WRITE_QUEUE))
1126 		sk->sk_write_space(sk);
1127 	sock_put(sk);
1128 }
1129 
1130 /*
1131  * Read buffer destructor automatically called from kfree_skb.
1132  */
1133 void sock_rfree(struct sk_buff *skb)
1134 {
1135 	struct sock *sk = skb->sk;
1136 
1137 	skb_truesize_check(skb);
1138 	atomic_sub(skb->truesize, &sk->sk_rmem_alloc);
1139 	sk_mem_uncharge(skb->sk, skb->truesize);
1140 }
1141 
1142 
1143 int sock_i_uid(struct sock *sk)
1144 {
1145 	int uid;
1146 
1147 	read_lock(&sk->sk_callback_lock);
1148 	uid = sk->sk_socket ? SOCK_INODE(sk->sk_socket)->i_uid : 0;
1149 	read_unlock(&sk->sk_callback_lock);
1150 	return uid;
1151 }
1152 
1153 unsigned long sock_i_ino(struct sock *sk)
1154 {
1155 	unsigned long ino;
1156 
1157 	read_lock(&sk->sk_callback_lock);
1158 	ino = sk->sk_socket ? SOCK_INODE(sk->sk_socket)->i_ino : 0;
1159 	read_unlock(&sk->sk_callback_lock);
1160 	return ino;
1161 }
1162 
1163 /*
1164  * Allocate a skb from the socket's send buffer.
1165  */
1166 struct sk_buff *sock_wmalloc(struct sock *sk, unsigned long size, int force,
1167 			     gfp_t priority)
1168 {
1169 	if (force || atomic_read(&sk->sk_wmem_alloc) < sk->sk_sndbuf) {
1170 		struct sk_buff * skb = alloc_skb(size, priority);
1171 		if (skb) {
1172 			skb_set_owner_w(skb, sk);
1173 			return skb;
1174 		}
1175 	}
1176 	return NULL;
1177 }
1178 
1179 /*
1180  * Allocate a skb from the socket's receive buffer.
1181  */
1182 struct sk_buff *sock_rmalloc(struct sock *sk, unsigned long size, int force,
1183 			     gfp_t priority)
1184 {
1185 	if (force || atomic_read(&sk->sk_rmem_alloc) < sk->sk_rcvbuf) {
1186 		struct sk_buff *skb = alloc_skb(size, priority);
1187 		if (skb) {
1188 			skb_set_owner_r(skb, sk);
1189 			return skb;
1190 		}
1191 	}
1192 	return NULL;
1193 }
1194 
1195 /*
1196  * Allocate a memory block from the socket's option memory buffer.
1197  */
1198 void *sock_kmalloc(struct sock *sk, int size, gfp_t priority)
1199 {
1200 	if ((unsigned)size <= sysctl_optmem_max &&
1201 	    atomic_read(&sk->sk_omem_alloc) + size < sysctl_optmem_max) {
1202 		void *mem;
1203 		/* First do the add, to avoid the race if kmalloc
1204 		 * might sleep.
1205 		 */
1206 		atomic_add(size, &sk->sk_omem_alloc);
1207 		mem = kmalloc(size, priority);
1208 		if (mem)
1209 			return mem;
1210 		atomic_sub(size, &sk->sk_omem_alloc);
1211 	}
1212 	return NULL;
1213 }
1214 
1215 /*
1216  * Free an option memory block.
1217  */
1218 void sock_kfree_s(struct sock *sk, void *mem, int size)
1219 {
1220 	kfree(mem);
1221 	atomic_sub(size, &sk->sk_omem_alloc);
1222 }
1223 
1224 /* It is almost wait_for_tcp_memory minus release_sock/lock_sock.
1225    I think, these locks should be removed for datagram sockets.
1226  */
1227 static long sock_wait_for_wmem(struct sock * sk, long timeo)
1228 {
1229 	DEFINE_WAIT(wait);
1230 
1231 	clear_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags);
1232 	for (;;) {
1233 		if (!timeo)
1234 			break;
1235 		if (signal_pending(current))
1236 			break;
1237 		set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
1238 		prepare_to_wait(sk->sk_sleep, &wait, TASK_INTERRUPTIBLE);
1239 		if (atomic_read(&sk->sk_wmem_alloc) < sk->sk_sndbuf)
1240 			break;
1241 		if (sk->sk_shutdown & SEND_SHUTDOWN)
1242 			break;
1243 		if (sk->sk_err)
1244 			break;
1245 		timeo = schedule_timeout(timeo);
1246 	}
1247 	finish_wait(sk->sk_sleep, &wait);
1248 	return timeo;
1249 }
1250 
1251 
1252 /*
1253  *	Generic send/receive buffer handlers
1254  */
1255 
1256 static struct sk_buff *sock_alloc_send_pskb(struct sock *sk,
1257 					    unsigned long header_len,
1258 					    unsigned long data_len,
1259 					    int noblock, int *errcode)
1260 {
1261 	struct sk_buff *skb;
1262 	gfp_t gfp_mask;
1263 	long timeo;
1264 	int err;
1265 
1266 	gfp_mask = sk->sk_allocation;
1267 	if (gfp_mask & __GFP_WAIT)
1268 		gfp_mask |= __GFP_REPEAT;
1269 
1270 	timeo = sock_sndtimeo(sk, noblock);
1271 	while (1) {
1272 		err = sock_error(sk);
1273 		if (err != 0)
1274 			goto failure;
1275 
1276 		err = -EPIPE;
1277 		if (sk->sk_shutdown & SEND_SHUTDOWN)
1278 			goto failure;
1279 
1280 		if (atomic_read(&sk->sk_wmem_alloc) < sk->sk_sndbuf) {
1281 			skb = alloc_skb(header_len, gfp_mask);
1282 			if (skb) {
1283 				int npages;
1284 				int i;
1285 
1286 				/* No pages, we're done... */
1287 				if (!data_len)
1288 					break;
1289 
1290 				npages = (data_len + (PAGE_SIZE - 1)) >> PAGE_SHIFT;
1291 				skb->truesize += data_len;
1292 				skb_shinfo(skb)->nr_frags = npages;
1293 				for (i = 0; i < npages; i++) {
1294 					struct page *page;
1295 					skb_frag_t *frag;
1296 
1297 					page = alloc_pages(sk->sk_allocation, 0);
1298 					if (!page) {
1299 						err = -ENOBUFS;
1300 						skb_shinfo(skb)->nr_frags = i;
1301 						kfree_skb(skb);
1302 						goto failure;
1303 					}
1304 
1305 					frag = &skb_shinfo(skb)->frags[i];
1306 					frag->page = page;
1307 					frag->page_offset = 0;
1308 					frag->size = (data_len >= PAGE_SIZE ?
1309 						      PAGE_SIZE :
1310 						      data_len);
1311 					data_len -= PAGE_SIZE;
1312 				}
1313 
1314 				/* Full success... */
1315 				break;
1316 			}
1317 			err = -ENOBUFS;
1318 			goto failure;
1319 		}
1320 		set_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags);
1321 		set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
1322 		err = -EAGAIN;
1323 		if (!timeo)
1324 			goto failure;
1325 		if (signal_pending(current))
1326 			goto interrupted;
1327 		timeo = sock_wait_for_wmem(sk, timeo);
1328 	}
1329 
1330 	skb_set_owner_w(skb, sk);
1331 	return skb;
1332 
1333 interrupted:
1334 	err = sock_intr_errno(timeo);
1335 failure:
1336 	*errcode = err;
1337 	return NULL;
1338 }
1339 
1340 struct sk_buff *sock_alloc_send_skb(struct sock *sk, unsigned long size,
1341 				    int noblock, int *errcode)
1342 {
1343 	return sock_alloc_send_pskb(sk, size, 0, noblock, errcode);
1344 }
1345 
1346 static void __lock_sock(struct sock *sk)
1347 {
1348 	DEFINE_WAIT(wait);
1349 
1350 	for (;;) {
1351 		prepare_to_wait_exclusive(&sk->sk_lock.wq, &wait,
1352 					TASK_UNINTERRUPTIBLE);
1353 		spin_unlock_bh(&sk->sk_lock.slock);
1354 		schedule();
1355 		spin_lock_bh(&sk->sk_lock.slock);
1356 		if (!sock_owned_by_user(sk))
1357 			break;
1358 	}
1359 	finish_wait(&sk->sk_lock.wq, &wait);
1360 }
1361 
1362 static void __release_sock(struct sock *sk)
1363 {
1364 	struct sk_buff *skb = sk->sk_backlog.head;
1365 
1366 	do {
1367 		sk->sk_backlog.head = sk->sk_backlog.tail = NULL;
1368 		bh_unlock_sock(sk);
1369 
1370 		do {
1371 			struct sk_buff *next = skb->next;
1372 
1373 			skb->next = NULL;
1374 			sk->sk_backlog_rcv(sk, skb);
1375 
1376 			/*
1377 			 * We are in process context here with softirqs
1378 			 * disabled, use cond_resched_softirq() to preempt.
1379 			 * This is safe to do because we've taken the backlog
1380 			 * queue private:
1381 			 */
1382 			cond_resched_softirq();
1383 
1384 			skb = next;
1385 		} while (skb != NULL);
1386 
1387 		bh_lock_sock(sk);
1388 	} while ((skb = sk->sk_backlog.head) != NULL);
1389 }
1390 
1391 /**
1392  * sk_wait_data - wait for data to arrive at sk_receive_queue
1393  * @sk:    sock to wait on
1394  * @timeo: for how long
1395  *
1396  * Now socket state including sk->sk_err is changed only under lock,
1397  * hence we may omit checks after joining wait queue.
1398  * We check receive queue before schedule() only as optimization;
1399  * it is very likely that release_sock() added new data.
1400  */
1401 int sk_wait_data(struct sock *sk, long *timeo)
1402 {
1403 	int rc;
1404 	DEFINE_WAIT(wait);
1405 
1406 	prepare_to_wait(sk->sk_sleep, &wait, TASK_INTERRUPTIBLE);
1407 	set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
1408 	rc = sk_wait_event(sk, timeo, !skb_queue_empty(&sk->sk_receive_queue));
1409 	clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
1410 	finish_wait(sk->sk_sleep, &wait);
1411 	return rc;
1412 }
1413 
1414 EXPORT_SYMBOL(sk_wait_data);
1415 
1416 /**
1417  *	__sk_mem_schedule - increase sk_forward_alloc and memory_allocated
1418  *	@sk: socket
1419  *	@size: memory size to allocate
1420  *	@kind: allocation type
1421  *
1422  *	If kind is SK_MEM_SEND, it means wmem allocation. Otherwise it means
1423  *	rmem allocation. This function assumes that protocols which have
1424  *	memory_pressure use sk_wmem_queued as write buffer accounting.
1425  */
1426 int __sk_mem_schedule(struct sock *sk, int size, int kind)
1427 {
1428 	struct proto *prot = sk->sk_prot;
1429 	int amt = sk_mem_pages(size);
1430 	int allocated;
1431 
1432 	sk->sk_forward_alloc += amt * SK_MEM_QUANTUM;
1433 	allocated = atomic_add_return(amt, prot->memory_allocated);
1434 
1435 	/* Under limit. */
1436 	if (allocated <= prot->sysctl_mem[0]) {
1437 		if (prot->memory_pressure && *prot->memory_pressure)
1438 			*prot->memory_pressure = 0;
1439 		return 1;
1440 	}
1441 
1442 	/* Under pressure. */
1443 	if (allocated > prot->sysctl_mem[1])
1444 		if (prot->enter_memory_pressure)
1445 			prot->enter_memory_pressure(sk);
1446 
1447 	/* Over hard limit. */
1448 	if (allocated > prot->sysctl_mem[2])
1449 		goto suppress_allocation;
1450 
1451 	/* guarantee minimum buffer size under pressure */
1452 	if (kind == SK_MEM_RECV) {
1453 		if (atomic_read(&sk->sk_rmem_alloc) < prot->sysctl_rmem[0])
1454 			return 1;
1455 	} else { /* SK_MEM_SEND */
1456 		if (sk->sk_type == SOCK_STREAM) {
1457 			if (sk->sk_wmem_queued < prot->sysctl_wmem[0])
1458 				return 1;
1459 		} else if (atomic_read(&sk->sk_wmem_alloc) <
1460 			   prot->sysctl_wmem[0])
1461 				return 1;
1462 	}
1463 
1464 	if (prot->memory_pressure) {
1465 		if (!*prot->memory_pressure ||
1466 		    prot->sysctl_mem[2] > atomic_read(prot->sockets_allocated) *
1467 		    sk_mem_pages(sk->sk_wmem_queued +
1468 				 atomic_read(&sk->sk_rmem_alloc) +
1469 				 sk->sk_forward_alloc))
1470 			return 1;
1471 	}
1472 
1473 suppress_allocation:
1474 
1475 	if (kind == SK_MEM_SEND && sk->sk_type == SOCK_STREAM) {
1476 		sk_stream_moderate_sndbuf(sk);
1477 
1478 		/* Fail only if socket is _under_ its sndbuf.
1479 		 * In this case we cannot block, so that we have to fail.
1480 		 */
1481 		if (sk->sk_wmem_queued + size >= sk->sk_sndbuf)
1482 			return 1;
1483 	}
1484 
1485 	/* Alas. Undo changes. */
1486 	sk->sk_forward_alloc -= amt * SK_MEM_QUANTUM;
1487 	atomic_sub(amt, prot->memory_allocated);
1488 	return 0;
1489 }
1490 
1491 EXPORT_SYMBOL(__sk_mem_schedule);
1492 
1493 /**
1494  *	__sk_reclaim - reclaim memory_allocated
1495  *	@sk: socket
1496  */
1497 void __sk_mem_reclaim(struct sock *sk)
1498 {
1499 	struct proto *prot = sk->sk_prot;
1500 
1501 	atomic_sub(sk->sk_forward_alloc >> SK_MEM_QUANTUM_SHIFT,
1502 		   prot->memory_allocated);
1503 	sk->sk_forward_alloc &= SK_MEM_QUANTUM - 1;
1504 
1505 	if (prot->memory_pressure && *prot->memory_pressure &&
1506 	    (atomic_read(prot->memory_allocated) < prot->sysctl_mem[0]))
1507 		*prot->memory_pressure = 0;
1508 }
1509 
1510 EXPORT_SYMBOL(__sk_mem_reclaim);
1511 
1512 
1513 /*
1514  * Set of default routines for initialising struct proto_ops when
1515  * the protocol does not support a particular function. In certain
1516  * cases where it makes no sense for a protocol to have a "do nothing"
1517  * function, some default processing is provided.
1518  */
1519 
1520 int sock_no_bind(struct socket *sock, struct sockaddr *saddr, int len)
1521 {
1522 	return -EOPNOTSUPP;
1523 }
1524 
1525 int sock_no_connect(struct socket *sock, struct sockaddr *saddr,
1526 		    int len, int flags)
1527 {
1528 	return -EOPNOTSUPP;
1529 }
1530 
1531 int sock_no_socketpair(struct socket *sock1, struct socket *sock2)
1532 {
1533 	return -EOPNOTSUPP;
1534 }
1535 
1536 int sock_no_accept(struct socket *sock, struct socket *newsock, int flags)
1537 {
1538 	return -EOPNOTSUPP;
1539 }
1540 
1541 int sock_no_getname(struct socket *sock, struct sockaddr *saddr,
1542 		    int *len, int peer)
1543 {
1544 	return -EOPNOTSUPP;
1545 }
1546 
1547 unsigned int sock_no_poll(struct file * file, struct socket *sock, poll_table *pt)
1548 {
1549 	return 0;
1550 }
1551 
1552 int sock_no_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1553 {
1554 	return -EOPNOTSUPP;
1555 }
1556 
1557 int sock_no_listen(struct socket *sock, int backlog)
1558 {
1559 	return -EOPNOTSUPP;
1560 }
1561 
1562 int sock_no_shutdown(struct socket *sock, int how)
1563 {
1564 	return -EOPNOTSUPP;
1565 }
1566 
1567 int sock_no_setsockopt(struct socket *sock, int level, int optname,
1568 		    char __user *optval, int optlen)
1569 {
1570 	return -EOPNOTSUPP;
1571 }
1572 
1573 int sock_no_getsockopt(struct socket *sock, int level, int optname,
1574 		    char __user *optval, int __user *optlen)
1575 {
1576 	return -EOPNOTSUPP;
1577 }
1578 
1579 int sock_no_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *m,
1580 		    size_t len)
1581 {
1582 	return -EOPNOTSUPP;
1583 }
1584 
1585 int sock_no_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *m,
1586 		    size_t len, int flags)
1587 {
1588 	return -EOPNOTSUPP;
1589 }
1590 
1591 int sock_no_mmap(struct file *file, struct socket *sock, struct vm_area_struct *vma)
1592 {
1593 	/* Mirror missing mmap method error code */
1594 	return -ENODEV;
1595 }
1596 
1597 ssize_t sock_no_sendpage(struct socket *sock, struct page *page, int offset, size_t size, int flags)
1598 {
1599 	ssize_t res;
1600 	struct msghdr msg = {.msg_flags = flags};
1601 	struct kvec iov;
1602 	char *kaddr = kmap(page);
1603 	iov.iov_base = kaddr + offset;
1604 	iov.iov_len = size;
1605 	res = kernel_sendmsg(sock, &msg, &iov, 1, size);
1606 	kunmap(page);
1607 	return res;
1608 }
1609 
1610 /*
1611  *	Default Socket Callbacks
1612  */
1613 
1614 static void sock_def_wakeup(struct sock *sk)
1615 {
1616 	read_lock(&sk->sk_callback_lock);
1617 	if (sk->sk_sleep && waitqueue_active(sk->sk_sleep))
1618 		wake_up_interruptible_all(sk->sk_sleep);
1619 	read_unlock(&sk->sk_callback_lock);
1620 }
1621 
1622 static void sock_def_error_report(struct sock *sk)
1623 {
1624 	read_lock(&sk->sk_callback_lock);
1625 	if (sk->sk_sleep && waitqueue_active(sk->sk_sleep))
1626 		wake_up_interruptible(sk->sk_sleep);
1627 	sk_wake_async(sk, SOCK_WAKE_IO, POLL_ERR);
1628 	read_unlock(&sk->sk_callback_lock);
1629 }
1630 
1631 static void sock_def_readable(struct sock *sk, int len)
1632 {
1633 	read_lock(&sk->sk_callback_lock);
1634 	if (sk->sk_sleep && waitqueue_active(sk->sk_sleep))
1635 		wake_up_interruptible_sync(sk->sk_sleep);
1636 	sk_wake_async(sk, SOCK_WAKE_WAITD, POLL_IN);
1637 	read_unlock(&sk->sk_callback_lock);
1638 }
1639 
1640 static void sock_def_write_space(struct sock *sk)
1641 {
1642 	read_lock(&sk->sk_callback_lock);
1643 
1644 	/* Do not wake up a writer until he can make "significant"
1645 	 * progress.  --DaveM
1646 	 */
1647 	if ((atomic_read(&sk->sk_wmem_alloc) << 1) <= sk->sk_sndbuf) {
1648 		if (sk->sk_sleep && waitqueue_active(sk->sk_sleep))
1649 			wake_up_interruptible_sync(sk->sk_sleep);
1650 
1651 		/* Should agree with poll, otherwise some programs break */
1652 		if (sock_writeable(sk))
1653 			sk_wake_async(sk, SOCK_WAKE_SPACE, POLL_OUT);
1654 	}
1655 
1656 	read_unlock(&sk->sk_callback_lock);
1657 }
1658 
1659 static void sock_def_destruct(struct sock *sk)
1660 {
1661 	kfree(sk->sk_protinfo);
1662 }
1663 
1664 void sk_send_sigurg(struct sock *sk)
1665 {
1666 	if (sk->sk_socket && sk->sk_socket->file)
1667 		if (send_sigurg(&sk->sk_socket->file->f_owner))
1668 			sk_wake_async(sk, SOCK_WAKE_URG, POLL_PRI);
1669 }
1670 
1671 void sk_reset_timer(struct sock *sk, struct timer_list* timer,
1672 		    unsigned long expires)
1673 {
1674 	if (!mod_timer(timer, expires))
1675 		sock_hold(sk);
1676 }
1677 
1678 EXPORT_SYMBOL(sk_reset_timer);
1679 
1680 void sk_stop_timer(struct sock *sk, struct timer_list* timer)
1681 {
1682 	if (timer_pending(timer) && del_timer(timer))
1683 		__sock_put(sk);
1684 }
1685 
1686 EXPORT_SYMBOL(sk_stop_timer);
1687 
1688 void sock_init_data(struct socket *sock, struct sock *sk)
1689 {
1690 	skb_queue_head_init(&sk->sk_receive_queue);
1691 	skb_queue_head_init(&sk->sk_write_queue);
1692 	skb_queue_head_init(&sk->sk_error_queue);
1693 #ifdef CONFIG_NET_DMA
1694 	skb_queue_head_init(&sk->sk_async_wait_queue);
1695 #endif
1696 
1697 	sk->sk_send_head	=	NULL;
1698 
1699 	init_timer(&sk->sk_timer);
1700 
1701 	sk->sk_allocation	=	GFP_KERNEL;
1702 	sk->sk_rcvbuf		=	sysctl_rmem_default;
1703 	sk->sk_sndbuf		=	sysctl_wmem_default;
1704 	sk->sk_state		=	TCP_CLOSE;
1705 	sk_set_socket(sk, sock);
1706 
1707 	sock_set_flag(sk, SOCK_ZAPPED);
1708 
1709 	if (sock) {
1710 		sk->sk_type	=	sock->type;
1711 		sk->sk_sleep	=	&sock->wait;
1712 		sock->sk	=	sk;
1713 	} else
1714 		sk->sk_sleep	=	NULL;
1715 
1716 	rwlock_init(&sk->sk_dst_lock);
1717 	rwlock_init(&sk->sk_callback_lock);
1718 	lockdep_set_class_and_name(&sk->sk_callback_lock,
1719 			af_callback_keys + sk->sk_family,
1720 			af_family_clock_key_strings[sk->sk_family]);
1721 
1722 	sk->sk_state_change	=	sock_def_wakeup;
1723 	sk->sk_data_ready	=	sock_def_readable;
1724 	sk->sk_write_space	=	sock_def_write_space;
1725 	sk->sk_error_report	=	sock_def_error_report;
1726 	sk->sk_destruct		=	sock_def_destruct;
1727 
1728 	sk->sk_sndmsg_page	=	NULL;
1729 	sk->sk_sndmsg_off	=	0;
1730 
1731 	sk->sk_peercred.pid 	=	0;
1732 	sk->sk_peercred.uid	=	-1;
1733 	sk->sk_peercred.gid	=	-1;
1734 	sk->sk_write_pending	=	0;
1735 	sk->sk_rcvlowat		=	1;
1736 	sk->sk_rcvtimeo		=	MAX_SCHEDULE_TIMEOUT;
1737 	sk->sk_sndtimeo		=	MAX_SCHEDULE_TIMEOUT;
1738 
1739 	sk->sk_stamp = ktime_set(-1L, 0);
1740 
1741 	atomic_set(&sk->sk_refcnt, 1);
1742 	atomic_set(&sk->sk_drops, 0);
1743 }
1744 
1745 void lock_sock_nested(struct sock *sk, int subclass)
1746 {
1747 	might_sleep();
1748 	spin_lock_bh(&sk->sk_lock.slock);
1749 	if (sk->sk_lock.owned)
1750 		__lock_sock(sk);
1751 	sk->sk_lock.owned = 1;
1752 	spin_unlock(&sk->sk_lock.slock);
1753 	/*
1754 	 * The sk_lock has mutex_lock() semantics here:
1755 	 */
1756 	mutex_acquire(&sk->sk_lock.dep_map, subclass, 0, _RET_IP_);
1757 	local_bh_enable();
1758 }
1759 
1760 EXPORT_SYMBOL(lock_sock_nested);
1761 
1762 void release_sock(struct sock *sk)
1763 {
1764 	/*
1765 	 * The sk_lock has mutex_unlock() semantics:
1766 	 */
1767 	mutex_release(&sk->sk_lock.dep_map, 1, _RET_IP_);
1768 
1769 	spin_lock_bh(&sk->sk_lock.slock);
1770 	if (sk->sk_backlog.tail)
1771 		__release_sock(sk);
1772 	sk->sk_lock.owned = 0;
1773 	if (waitqueue_active(&sk->sk_lock.wq))
1774 		wake_up(&sk->sk_lock.wq);
1775 	spin_unlock_bh(&sk->sk_lock.slock);
1776 }
1777 EXPORT_SYMBOL(release_sock);
1778 
1779 int sock_get_timestamp(struct sock *sk, struct timeval __user *userstamp)
1780 {
1781 	struct timeval tv;
1782 	if (!sock_flag(sk, SOCK_TIMESTAMP))
1783 		sock_enable_timestamp(sk);
1784 	tv = ktime_to_timeval(sk->sk_stamp);
1785 	if (tv.tv_sec == -1)
1786 		return -ENOENT;
1787 	if (tv.tv_sec == 0) {
1788 		sk->sk_stamp = ktime_get_real();
1789 		tv = ktime_to_timeval(sk->sk_stamp);
1790 	}
1791 	return copy_to_user(userstamp, &tv, sizeof(tv)) ? -EFAULT : 0;
1792 }
1793 EXPORT_SYMBOL(sock_get_timestamp);
1794 
1795 int sock_get_timestampns(struct sock *sk, struct timespec __user *userstamp)
1796 {
1797 	struct timespec ts;
1798 	if (!sock_flag(sk, SOCK_TIMESTAMP))
1799 		sock_enable_timestamp(sk);
1800 	ts = ktime_to_timespec(sk->sk_stamp);
1801 	if (ts.tv_sec == -1)
1802 		return -ENOENT;
1803 	if (ts.tv_sec == 0) {
1804 		sk->sk_stamp = ktime_get_real();
1805 		ts = ktime_to_timespec(sk->sk_stamp);
1806 	}
1807 	return copy_to_user(userstamp, &ts, sizeof(ts)) ? -EFAULT : 0;
1808 }
1809 EXPORT_SYMBOL(sock_get_timestampns);
1810 
1811 void sock_enable_timestamp(struct sock *sk)
1812 {
1813 	if (!sock_flag(sk, SOCK_TIMESTAMP)) {
1814 		sock_set_flag(sk, SOCK_TIMESTAMP);
1815 		net_enable_timestamp();
1816 	}
1817 }
1818 
1819 /*
1820  *	Get a socket option on an socket.
1821  *
1822  *	FIX: POSIX 1003.1g is very ambiguous here. It states that
1823  *	asynchronous errors should be reported by getsockopt. We assume
1824  *	this means if you specify SO_ERROR (otherwise whats the point of it).
1825  */
1826 int sock_common_getsockopt(struct socket *sock, int level, int optname,
1827 			   char __user *optval, int __user *optlen)
1828 {
1829 	struct sock *sk = sock->sk;
1830 
1831 	return sk->sk_prot->getsockopt(sk, level, optname, optval, optlen);
1832 }
1833 
1834 EXPORT_SYMBOL(sock_common_getsockopt);
1835 
1836 #ifdef CONFIG_COMPAT
1837 int compat_sock_common_getsockopt(struct socket *sock, int level, int optname,
1838 				  char __user *optval, int __user *optlen)
1839 {
1840 	struct sock *sk = sock->sk;
1841 
1842 	if (sk->sk_prot->compat_getsockopt != NULL)
1843 		return sk->sk_prot->compat_getsockopt(sk, level, optname,
1844 						      optval, optlen);
1845 	return sk->sk_prot->getsockopt(sk, level, optname, optval, optlen);
1846 }
1847 EXPORT_SYMBOL(compat_sock_common_getsockopt);
1848 #endif
1849 
1850 int sock_common_recvmsg(struct kiocb *iocb, struct socket *sock,
1851 			struct msghdr *msg, size_t size, int flags)
1852 {
1853 	struct sock *sk = sock->sk;
1854 	int addr_len = 0;
1855 	int err;
1856 
1857 	err = sk->sk_prot->recvmsg(iocb, sk, msg, size, flags & MSG_DONTWAIT,
1858 				   flags & ~MSG_DONTWAIT, &addr_len);
1859 	if (err >= 0)
1860 		msg->msg_namelen = addr_len;
1861 	return err;
1862 }
1863 
1864 EXPORT_SYMBOL(sock_common_recvmsg);
1865 
1866 /*
1867  *	Set socket options on an inet socket.
1868  */
1869 int sock_common_setsockopt(struct socket *sock, int level, int optname,
1870 			   char __user *optval, int optlen)
1871 {
1872 	struct sock *sk = sock->sk;
1873 
1874 	return sk->sk_prot->setsockopt(sk, level, optname, optval, optlen);
1875 }
1876 
1877 EXPORT_SYMBOL(sock_common_setsockopt);
1878 
1879 #ifdef CONFIG_COMPAT
1880 int compat_sock_common_setsockopt(struct socket *sock, int level, int optname,
1881 				  char __user *optval, int optlen)
1882 {
1883 	struct sock *sk = sock->sk;
1884 
1885 	if (sk->sk_prot->compat_setsockopt != NULL)
1886 		return sk->sk_prot->compat_setsockopt(sk, level, optname,
1887 						      optval, optlen);
1888 	return sk->sk_prot->setsockopt(sk, level, optname, optval, optlen);
1889 }
1890 EXPORT_SYMBOL(compat_sock_common_setsockopt);
1891 #endif
1892 
1893 void sk_common_release(struct sock *sk)
1894 {
1895 	if (sk->sk_prot->destroy)
1896 		sk->sk_prot->destroy(sk);
1897 
1898 	/*
1899 	 * Observation: when sock_common_release is called, processes have
1900 	 * no access to socket. But net still has.
1901 	 * Step one, detach it from networking:
1902 	 *
1903 	 * A. Remove from hash tables.
1904 	 */
1905 
1906 	sk->sk_prot->unhash(sk);
1907 
1908 	/*
1909 	 * In this point socket cannot receive new packets, but it is possible
1910 	 * that some packets are in flight because some CPU runs receiver and
1911 	 * did hash table lookup before we unhashed socket. They will achieve
1912 	 * receive queue and will be purged by socket destructor.
1913 	 *
1914 	 * Also we still have packets pending on receive queue and probably,
1915 	 * our own packets waiting in device queues. sock_destroy will drain
1916 	 * receive queue, but transmitted packets will delay socket destruction
1917 	 * until the last reference will be released.
1918 	 */
1919 
1920 	sock_orphan(sk);
1921 
1922 	xfrm_sk_free_policy(sk);
1923 
1924 	sk_refcnt_debug_release(sk);
1925 	sock_put(sk);
1926 }
1927 
1928 EXPORT_SYMBOL(sk_common_release);
1929 
1930 static DEFINE_RWLOCK(proto_list_lock);
1931 static LIST_HEAD(proto_list);
1932 
1933 #ifdef CONFIG_PROC_FS
1934 #define PROTO_INUSE_NR	64	/* should be enough for the first time */
1935 struct prot_inuse {
1936 	int val[PROTO_INUSE_NR];
1937 };
1938 
1939 static DECLARE_BITMAP(proto_inuse_idx, PROTO_INUSE_NR);
1940 
1941 #ifdef CONFIG_NET_NS
1942 void sock_prot_inuse_add(struct net *net, struct proto *prot, int val)
1943 {
1944 	int cpu = smp_processor_id();
1945 	per_cpu_ptr(net->core.inuse, cpu)->val[prot->inuse_idx] += val;
1946 }
1947 EXPORT_SYMBOL_GPL(sock_prot_inuse_add);
1948 
1949 int sock_prot_inuse_get(struct net *net, struct proto *prot)
1950 {
1951 	int cpu, idx = prot->inuse_idx;
1952 	int res = 0;
1953 
1954 	for_each_possible_cpu(cpu)
1955 		res += per_cpu_ptr(net->core.inuse, cpu)->val[idx];
1956 
1957 	return res >= 0 ? res : 0;
1958 }
1959 EXPORT_SYMBOL_GPL(sock_prot_inuse_get);
1960 
1961 static int sock_inuse_init_net(struct net *net)
1962 {
1963 	net->core.inuse = alloc_percpu(struct prot_inuse);
1964 	return net->core.inuse ? 0 : -ENOMEM;
1965 }
1966 
1967 static void sock_inuse_exit_net(struct net *net)
1968 {
1969 	free_percpu(net->core.inuse);
1970 }
1971 
1972 static struct pernet_operations net_inuse_ops = {
1973 	.init = sock_inuse_init_net,
1974 	.exit = sock_inuse_exit_net,
1975 };
1976 
1977 static __init int net_inuse_init(void)
1978 {
1979 	if (register_pernet_subsys(&net_inuse_ops))
1980 		panic("Cannot initialize net inuse counters");
1981 
1982 	return 0;
1983 }
1984 
1985 core_initcall(net_inuse_init);
1986 #else
1987 static DEFINE_PER_CPU(struct prot_inuse, prot_inuse);
1988 
1989 void sock_prot_inuse_add(struct net *net, struct proto *prot, int val)
1990 {
1991 	__get_cpu_var(prot_inuse).val[prot->inuse_idx] += val;
1992 }
1993 EXPORT_SYMBOL_GPL(sock_prot_inuse_add);
1994 
1995 int sock_prot_inuse_get(struct net *net, struct proto *prot)
1996 {
1997 	int cpu, idx = prot->inuse_idx;
1998 	int res = 0;
1999 
2000 	for_each_possible_cpu(cpu)
2001 		res += per_cpu(prot_inuse, cpu).val[idx];
2002 
2003 	return res >= 0 ? res : 0;
2004 }
2005 EXPORT_SYMBOL_GPL(sock_prot_inuse_get);
2006 #endif
2007 
2008 static void assign_proto_idx(struct proto *prot)
2009 {
2010 	prot->inuse_idx = find_first_zero_bit(proto_inuse_idx, PROTO_INUSE_NR);
2011 
2012 	if (unlikely(prot->inuse_idx == PROTO_INUSE_NR - 1)) {
2013 		printk(KERN_ERR "PROTO_INUSE_NR exhausted\n");
2014 		return;
2015 	}
2016 
2017 	set_bit(prot->inuse_idx, proto_inuse_idx);
2018 }
2019 
2020 static void release_proto_idx(struct proto *prot)
2021 {
2022 	if (prot->inuse_idx != PROTO_INUSE_NR - 1)
2023 		clear_bit(prot->inuse_idx, proto_inuse_idx);
2024 }
2025 #else
2026 static inline void assign_proto_idx(struct proto *prot)
2027 {
2028 }
2029 
2030 static inline void release_proto_idx(struct proto *prot)
2031 {
2032 }
2033 #endif
2034 
2035 int proto_register(struct proto *prot, int alloc_slab)
2036 {
2037 	char *request_sock_slab_name = NULL;
2038 	char *timewait_sock_slab_name;
2039 
2040 	if (alloc_slab) {
2041 		prot->slab = kmem_cache_create(prot->name, prot->obj_size, 0,
2042 					       SLAB_HWCACHE_ALIGN, NULL);
2043 
2044 		if (prot->slab == NULL) {
2045 			printk(KERN_CRIT "%s: Can't create sock SLAB cache!\n",
2046 			       prot->name);
2047 			goto out;
2048 		}
2049 
2050 		if (prot->rsk_prot != NULL) {
2051 			static const char mask[] = "request_sock_%s";
2052 
2053 			request_sock_slab_name = kmalloc(strlen(prot->name) + sizeof(mask) - 1, GFP_KERNEL);
2054 			if (request_sock_slab_name == NULL)
2055 				goto out_free_sock_slab;
2056 
2057 			sprintf(request_sock_slab_name, mask, prot->name);
2058 			prot->rsk_prot->slab = kmem_cache_create(request_sock_slab_name,
2059 								 prot->rsk_prot->obj_size, 0,
2060 								 SLAB_HWCACHE_ALIGN, NULL);
2061 
2062 			if (prot->rsk_prot->slab == NULL) {
2063 				printk(KERN_CRIT "%s: Can't create request sock SLAB cache!\n",
2064 				       prot->name);
2065 				goto out_free_request_sock_slab_name;
2066 			}
2067 		}
2068 
2069 		if (prot->twsk_prot != NULL) {
2070 			static const char mask[] = "tw_sock_%s";
2071 
2072 			timewait_sock_slab_name = kmalloc(strlen(prot->name) + sizeof(mask) - 1, GFP_KERNEL);
2073 
2074 			if (timewait_sock_slab_name == NULL)
2075 				goto out_free_request_sock_slab;
2076 
2077 			sprintf(timewait_sock_slab_name, mask, prot->name);
2078 			prot->twsk_prot->twsk_slab =
2079 				kmem_cache_create(timewait_sock_slab_name,
2080 						  prot->twsk_prot->twsk_obj_size,
2081 						  0, SLAB_HWCACHE_ALIGN,
2082 						  NULL);
2083 			if (prot->twsk_prot->twsk_slab == NULL)
2084 				goto out_free_timewait_sock_slab_name;
2085 		}
2086 	}
2087 
2088 	write_lock(&proto_list_lock);
2089 	list_add(&prot->node, &proto_list);
2090 	assign_proto_idx(prot);
2091 	write_unlock(&proto_list_lock);
2092 	return 0;
2093 
2094 out_free_timewait_sock_slab_name:
2095 	kfree(timewait_sock_slab_name);
2096 out_free_request_sock_slab:
2097 	if (prot->rsk_prot && prot->rsk_prot->slab) {
2098 		kmem_cache_destroy(prot->rsk_prot->slab);
2099 		prot->rsk_prot->slab = NULL;
2100 	}
2101 out_free_request_sock_slab_name:
2102 	kfree(request_sock_slab_name);
2103 out_free_sock_slab:
2104 	kmem_cache_destroy(prot->slab);
2105 	prot->slab = NULL;
2106 out:
2107 	return -ENOBUFS;
2108 }
2109 
2110 EXPORT_SYMBOL(proto_register);
2111 
2112 void proto_unregister(struct proto *prot)
2113 {
2114 	write_lock(&proto_list_lock);
2115 	release_proto_idx(prot);
2116 	list_del(&prot->node);
2117 	write_unlock(&proto_list_lock);
2118 
2119 	if (prot->slab != NULL) {
2120 		kmem_cache_destroy(prot->slab);
2121 		prot->slab = NULL;
2122 	}
2123 
2124 	if (prot->rsk_prot != NULL && prot->rsk_prot->slab != NULL) {
2125 		const char *name = kmem_cache_name(prot->rsk_prot->slab);
2126 
2127 		kmem_cache_destroy(prot->rsk_prot->slab);
2128 		kfree(name);
2129 		prot->rsk_prot->slab = NULL;
2130 	}
2131 
2132 	if (prot->twsk_prot != NULL && prot->twsk_prot->twsk_slab != NULL) {
2133 		const char *name = kmem_cache_name(prot->twsk_prot->twsk_slab);
2134 
2135 		kmem_cache_destroy(prot->twsk_prot->twsk_slab);
2136 		kfree(name);
2137 		prot->twsk_prot->twsk_slab = NULL;
2138 	}
2139 }
2140 
2141 EXPORT_SYMBOL(proto_unregister);
2142 
2143 #ifdef CONFIG_PROC_FS
2144 static void *proto_seq_start(struct seq_file *seq, loff_t *pos)
2145 	__acquires(proto_list_lock)
2146 {
2147 	read_lock(&proto_list_lock);
2148 	return seq_list_start_head(&proto_list, *pos);
2149 }
2150 
2151 static void *proto_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2152 {
2153 	return seq_list_next(v, &proto_list, pos);
2154 }
2155 
2156 static void proto_seq_stop(struct seq_file *seq, void *v)
2157 	__releases(proto_list_lock)
2158 {
2159 	read_unlock(&proto_list_lock);
2160 }
2161 
2162 static char proto_method_implemented(const void *method)
2163 {
2164 	return method == NULL ? 'n' : 'y';
2165 }
2166 
2167 static void proto_seq_printf(struct seq_file *seq, struct proto *proto)
2168 {
2169 	seq_printf(seq, "%-9s %4u %6d  %6d   %-3s %6u   %-3s  %-10s "
2170 			"%2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c\n",
2171 		   proto->name,
2172 		   proto->obj_size,
2173 		   proto->sockets_allocated != NULL ? atomic_read(proto->sockets_allocated) : -1,
2174 		   proto->memory_allocated != NULL ? atomic_read(proto->memory_allocated) : -1,
2175 		   proto->memory_pressure != NULL ? *proto->memory_pressure ? "yes" : "no" : "NI",
2176 		   proto->max_header,
2177 		   proto->slab == NULL ? "no" : "yes",
2178 		   module_name(proto->owner),
2179 		   proto_method_implemented(proto->close),
2180 		   proto_method_implemented(proto->connect),
2181 		   proto_method_implemented(proto->disconnect),
2182 		   proto_method_implemented(proto->accept),
2183 		   proto_method_implemented(proto->ioctl),
2184 		   proto_method_implemented(proto->init),
2185 		   proto_method_implemented(proto->destroy),
2186 		   proto_method_implemented(proto->shutdown),
2187 		   proto_method_implemented(proto->setsockopt),
2188 		   proto_method_implemented(proto->getsockopt),
2189 		   proto_method_implemented(proto->sendmsg),
2190 		   proto_method_implemented(proto->recvmsg),
2191 		   proto_method_implemented(proto->sendpage),
2192 		   proto_method_implemented(proto->bind),
2193 		   proto_method_implemented(proto->backlog_rcv),
2194 		   proto_method_implemented(proto->hash),
2195 		   proto_method_implemented(proto->unhash),
2196 		   proto_method_implemented(proto->get_port),
2197 		   proto_method_implemented(proto->enter_memory_pressure));
2198 }
2199 
2200 static int proto_seq_show(struct seq_file *seq, void *v)
2201 {
2202 	if (v == &proto_list)
2203 		seq_printf(seq, "%-9s %-4s %-8s %-6s %-5s %-7s %-4s %-10s %s",
2204 			   "protocol",
2205 			   "size",
2206 			   "sockets",
2207 			   "memory",
2208 			   "press",
2209 			   "maxhdr",
2210 			   "slab",
2211 			   "module",
2212 			   "cl co di ac io in de sh ss gs se re sp bi br ha uh gp em\n");
2213 	else
2214 		proto_seq_printf(seq, list_entry(v, struct proto, node));
2215 	return 0;
2216 }
2217 
2218 static const struct seq_operations proto_seq_ops = {
2219 	.start  = proto_seq_start,
2220 	.next   = proto_seq_next,
2221 	.stop   = proto_seq_stop,
2222 	.show   = proto_seq_show,
2223 };
2224 
2225 static int proto_seq_open(struct inode *inode, struct file *file)
2226 {
2227 	return seq_open(file, &proto_seq_ops);
2228 }
2229 
2230 static const struct file_operations proto_seq_fops = {
2231 	.owner		= THIS_MODULE,
2232 	.open		= proto_seq_open,
2233 	.read		= seq_read,
2234 	.llseek		= seq_lseek,
2235 	.release	= seq_release,
2236 };
2237 
2238 static int __init proto_init(void)
2239 {
2240 	/* register /proc/net/protocols */
2241 	return proc_net_fops_create(&init_net, "protocols", S_IRUGO, &proto_seq_fops) == NULL ? -ENOBUFS : 0;
2242 }
2243 
2244 subsys_initcall(proto_init);
2245 
2246 #endif /* PROC_FS */
2247 
2248 EXPORT_SYMBOL(sk_alloc);
2249 EXPORT_SYMBOL(sk_free);
2250 EXPORT_SYMBOL(sk_send_sigurg);
2251 EXPORT_SYMBOL(sock_alloc_send_skb);
2252 EXPORT_SYMBOL(sock_init_data);
2253 EXPORT_SYMBOL(sock_kfree_s);
2254 EXPORT_SYMBOL(sock_kmalloc);
2255 EXPORT_SYMBOL(sock_no_accept);
2256 EXPORT_SYMBOL(sock_no_bind);
2257 EXPORT_SYMBOL(sock_no_connect);
2258 EXPORT_SYMBOL(sock_no_getname);
2259 EXPORT_SYMBOL(sock_no_getsockopt);
2260 EXPORT_SYMBOL(sock_no_ioctl);
2261 EXPORT_SYMBOL(sock_no_listen);
2262 EXPORT_SYMBOL(sock_no_mmap);
2263 EXPORT_SYMBOL(sock_no_poll);
2264 EXPORT_SYMBOL(sock_no_recvmsg);
2265 EXPORT_SYMBOL(sock_no_sendmsg);
2266 EXPORT_SYMBOL(sock_no_sendpage);
2267 EXPORT_SYMBOL(sock_no_setsockopt);
2268 EXPORT_SYMBOL(sock_no_shutdown);
2269 EXPORT_SYMBOL(sock_no_socketpair);
2270 EXPORT_SYMBOL(sock_rfree);
2271 EXPORT_SYMBOL(sock_setsockopt);
2272 EXPORT_SYMBOL(sock_wfree);
2273 EXPORT_SYMBOL(sock_wmalloc);
2274 EXPORT_SYMBOL(sock_i_uid);
2275 EXPORT_SYMBOL(sock_i_ino);
2276 EXPORT_SYMBOL(sysctl_optmem_max);
2277