xref: /openbmc/linux/net/core/sock.c (revision e23feb16)
1 /*
2  * INET		An implementation of the TCP/IP protocol suite for the LINUX
3  *		operating system.  INET is implemented using the  BSD Socket
4  *		interface as the means of communication with the user level.
5  *
6  *		Generic socket support routines. Memory allocators, socket lock/release
7  *		handler for protocols to use and generic option handler.
8  *
9  *
10  * Authors:	Ross Biro
11  *		Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12  *		Florian La Roche, <flla@stud.uni-sb.de>
13  *		Alan Cox, <A.Cox@swansea.ac.uk>
14  *
15  * Fixes:
16  *		Alan Cox	: 	Numerous verify_area() problems
17  *		Alan Cox	:	Connecting on a connecting socket
18  *					now returns an error for tcp.
19  *		Alan Cox	:	sock->protocol is set correctly.
20  *					and is not sometimes left as 0.
21  *		Alan Cox	:	connect handles icmp errors on a
22  *					connect properly. Unfortunately there
23  *					is a restart syscall nasty there. I
24  *					can't match BSD without hacking the C
25  *					library. Ideas urgently sought!
26  *		Alan Cox	:	Disallow bind() to addresses that are
27  *					not ours - especially broadcast ones!!
28  *		Alan Cox	:	Socket 1024 _IS_ ok for users. (fencepost)
29  *		Alan Cox	:	sock_wfree/sock_rfree don't destroy sockets,
30  *					instead they leave that for the DESTROY timer.
31  *		Alan Cox	:	Clean up error flag in accept
32  *		Alan Cox	:	TCP ack handling is buggy, the DESTROY timer
33  *					was buggy. Put a remove_sock() in the handler
34  *					for memory when we hit 0. Also altered the timer
35  *					code. The ACK stuff can wait and needs major
36  *					TCP layer surgery.
37  *		Alan Cox	:	Fixed TCP ack bug, removed remove sock
38  *					and fixed timer/inet_bh race.
39  *		Alan Cox	:	Added zapped flag for TCP
40  *		Alan Cox	:	Move kfree_skb into skbuff.c and tidied up surplus code
41  *		Alan Cox	:	for new sk_buff allocations wmalloc/rmalloc now call alloc_skb
42  *		Alan Cox	:	kfree_s calls now are kfree_skbmem so we can track skb resources
43  *		Alan Cox	:	Supports socket option broadcast now as does udp. Packet and raw need fixing.
44  *		Alan Cox	:	Added RCVBUF,SNDBUF size setting. It suddenly occurred to me how easy it was so...
45  *		Rick Sladkey	:	Relaxed UDP rules for matching packets.
46  *		C.E.Hawkins	:	IFF_PROMISC/SIOCGHWADDR support
47  *	Pauline Middelink	:	identd support
48  *		Alan Cox	:	Fixed connect() taking signals I think.
49  *		Alan Cox	:	SO_LINGER supported
50  *		Alan Cox	:	Error reporting fixes
51  *		Anonymous	:	inet_create tidied up (sk->reuse setting)
52  *		Alan Cox	:	inet sockets don't set sk->type!
53  *		Alan Cox	:	Split socket option code
54  *		Alan Cox	:	Callbacks
55  *		Alan Cox	:	Nagle flag for Charles & Johannes stuff
56  *		Alex		:	Removed restriction on inet fioctl
57  *		Alan Cox	:	Splitting INET from NET core
58  *		Alan Cox	:	Fixed bogus SO_TYPE handling in getsockopt()
59  *		Adam Caldwell	:	Missing return in SO_DONTROUTE/SO_DEBUG code
60  *		Alan Cox	:	Split IP from generic code
61  *		Alan Cox	:	New kfree_skbmem()
62  *		Alan Cox	:	Make SO_DEBUG superuser only.
63  *		Alan Cox	:	Allow anyone to clear SO_DEBUG
64  *					(compatibility fix)
65  *		Alan Cox	:	Added optimistic memory grabbing for AF_UNIX throughput.
66  *		Alan Cox	:	Allocator for a socket is settable.
67  *		Alan Cox	:	SO_ERROR includes soft errors.
68  *		Alan Cox	:	Allow NULL arguments on some SO_ opts
69  *		Alan Cox	: 	Generic socket allocation to make hooks
70  *					easier (suggested by Craig Metz).
71  *		Michael Pall	:	SO_ERROR returns positive errno again
72  *              Steve Whitehouse:       Added default destructor to free
73  *                                      protocol private data.
74  *              Steve Whitehouse:       Added various other default routines
75  *                                      common to several socket families.
76  *              Chris Evans     :       Call suser() check last on F_SETOWN
77  *		Jay Schulist	:	Added SO_ATTACH_FILTER and SO_DETACH_FILTER.
78  *		Andi Kleen	:	Add sock_kmalloc()/sock_kfree_s()
79  *		Andi Kleen	:	Fix write_space callback
80  *		Chris Evans	:	Security fixes - signedness again
81  *		Arnaldo C. Melo :       cleanups, use skb_queue_purge
82  *
83  * To Fix:
84  *
85  *
86  *		This program is free software; you can redistribute it and/or
87  *		modify it under the terms of the GNU General Public License
88  *		as published by the Free Software Foundation; either version
89  *		2 of the License, or (at your option) any later version.
90  */
91 
92 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
93 
94 #include <linux/capability.h>
95 #include <linux/errno.h>
96 #include <linux/errqueue.h>
97 #include <linux/types.h>
98 #include <linux/socket.h>
99 #include <linux/in.h>
100 #include <linux/kernel.h>
101 #include <linux/module.h>
102 #include <linux/proc_fs.h>
103 #include <linux/seq_file.h>
104 #include <linux/sched.h>
105 #include <linux/timer.h>
106 #include <linux/string.h>
107 #include <linux/sockios.h>
108 #include <linux/net.h>
109 #include <linux/mm.h>
110 #include <linux/slab.h>
111 #include <linux/interrupt.h>
112 #include <linux/poll.h>
113 #include <linux/tcp.h>
114 #include <linux/init.h>
115 #include <linux/highmem.h>
116 #include <linux/user_namespace.h>
117 #include <linux/static_key.h>
118 #include <linux/memcontrol.h>
119 #include <linux/prefetch.h>
120 
121 #include <asm/uaccess.h>
122 
123 #include <linux/netdevice.h>
124 #include <net/protocol.h>
125 #include <linux/skbuff.h>
126 #include <net/net_namespace.h>
127 #include <net/request_sock.h>
128 #include <net/sock.h>
129 #include <linux/net_tstamp.h>
130 #include <net/xfrm.h>
131 #include <linux/ipsec.h>
132 #include <net/cls_cgroup.h>
133 #include <net/netprio_cgroup.h>
134 
135 #include <linux/filter.h>
136 
137 #include <trace/events/sock.h>
138 
139 #ifdef CONFIG_INET
140 #include <net/tcp.h>
141 #endif
142 
143 #include <net/busy_poll.h>
144 
145 static DEFINE_MUTEX(proto_list_mutex);
146 static LIST_HEAD(proto_list);
147 
148 #ifdef CONFIG_MEMCG_KMEM
149 int mem_cgroup_sockets_init(struct mem_cgroup *memcg, struct cgroup_subsys *ss)
150 {
151 	struct proto *proto;
152 	int ret = 0;
153 
154 	mutex_lock(&proto_list_mutex);
155 	list_for_each_entry(proto, &proto_list, node) {
156 		if (proto->init_cgroup) {
157 			ret = proto->init_cgroup(memcg, ss);
158 			if (ret)
159 				goto out;
160 		}
161 	}
162 
163 	mutex_unlock(&proto_list_mutex);
164 	return ret;
165 out:
166 	list_for_each_entry_continue_reverse(proto, &proto_list, node)
167 		if (proto->destroy_cgroup)
168 			proto->destroy_cgroup(memcg);
169 	mutex_unlock(&proto_list_mutex);
170 	return ret;
171 }
172 
173 void mem_cgroup_sockets_destroy(struct mem_cgroup *memcg)
174 {
175 	struct proto *proto;
176 
177 	mutex_lock(&proto_list_mutex);
178 	list_for_each_entry_reverse(proto, &proto_list, node)
179 		if (proto->destroy_cgroup)
180 			proto->destroy_cgroup(memcg);
181 	mutex_unlock(&proto_list_mutex);
182 }
183 #endif
184 
185 /*
186  * Each address family might have different locking rules, so we have
187  * one slock key per address family:
188  */
189 static struct lock_class_key af_family_keys[AF_MAX];
190 static struct lock_class_key af_family_slock_keys[AF_MAX];
191 
192 #if defined(CONFIG_MEMCG_KMEM)
193 struct static_key memcg_socket_limit_enabled;
194 EXPORT_SYMBOL(memcg_socket_limit_enabled);
195 #endif
196 
197 /*
198  * Make lock validator output more readable. (we pre-construct these
199  * strings build-time, so that runtime initialization of socket
200  * locks is fast):
201  */
202 static const char *const af_family_key_strings[AF_MAX+1] = {
203   "sk_lock-AF_UNSPEC", "sk_lock-AF_UNIX"     , "sk_lock-AF_INET"     ,
204   "sk_lock-AF_AX25"  , "sk_lock-AF_IPX"      , "sk_lock-AF_APPLETALK",
205   "sk_lock-AF_NETROM", "sk_lock-AF_BRIDGE"   , "sk_lock-AF_ATMPVC"   ,
206   "sk_lock-AF_X25"   , "sk_lock-AF_INET6"    , "sk_lock-AF_ROSE"     ,
207   "sk_lock-AF_DECnet", "sk_lock-AF_NETBEUI"  , "sk_lock-AF_SECURITY" ,
208   "sk_lock-AF_KEY"   , "sk_lock-AF_NETLINK"  , "sk_lock-AF_PACKET"   ,
209   "sk_lock-AF_ASH"   , "sk_lock-AF_ECONET"   , "sk_lock-AF_ATMSVC"   ,
210   "sk_lock-AF_RDS"   , "sk_lock-AF_SNA"      , "sk_lock-AF_IRDA"     ,
211   "sk_lock-AF_PPPOX" , "sk_lock-AF_WANPIPE"  , "sk_lock-AF_LLC"      ,
212   "sk_lock-27"       , "sk_lock-28"          , "sk_lock-AF_CAN"      ,
213   "sk_lock-AF_TIPC"  , "sk_lock-AF_BLUETOOTH", "sk_lock-IUCV"        ,
214   "sk_lock-AF_RXRPC" , "sk_lock-AF_ISDN"     , "sk_lock-AF_PHONET"   ,
215   "sk_lock-AF_IEEE802154", "sk_lock-AF_CAIF" , "sk_lock-AF_ALG"      ,
216   "sk_lock-AF_NFC"   , "sk_lock-AF_VSOCK"    , "sk_lock-AF_MAX"
217 };
218 static const char *const af_family_slock_key_strings[AF_MAX+1] = {
219   "slock-AF_UNSPEC", "slock-AF_UNIX"     , "slock-AF_INET"     ,
220   "slock-AF_AX25"  , "slock-AF_IPX"      , "slock-AF_APPLETALK",
221   "slock-AF_NETROM", "slock-AF_BRIDGE"   , "slock-AF_ATMPVC"   ,
222   "slock-AF_X25"   , "slock-AF_INET6"    , "slock-AF_ROSE"     ,
223   "slock-AF_DECnet", "slock-AF_NETBEUI"  , "slock-AF_SECURITY" ,
224   "slock-AF_KEY"   , "slock-AF_NETLINK"  , "slock-AF_PACKET"   ,
225   "slock-AF_ASH"   , "slock-AF_ECONET"   , "slock-AF_ATMSVC"   ,
226   "slock-AF_RDS"   , "slock-AF_SNA"      , "slock-AF_IRDA"     ,
227   "slock-AF_PPPOX" , "slock-AF_WANPIPE"  , "slock-AF_LLC"      ,
228   "slock-27"       , "slock-28"          , "slock-AF_CAN"      ,
229   "slock-AF_TIPC"  , "slock-AF_BLUETOOTH", "slock-AF_IUCV"     ,
230   "slock-AF_RXRPC" , "slock-AF_ISDN"     , "slock-AF_PHONET"   ,
231   "slock-AF_IEEE802154", "slock-AF_CAIF" , "slock-AF_ALG"      ,
232   "slock-AF_NFC"   , "slock-AF_VSOCK"    ,"slock-AF_MAX"
233 };
234 static const char *const af_family_clock_key_strings[AF_MAX+1] = {
235   "clock-AF_UNSPEC", "clock-AF_UNIX"     , "clock-AF_INET"     ,
236   "clock-AF_AX25"  , "clock-AF_IPX"      , "clock-AF_APPLETALK",
237   "clock-AF_NETROM", "clock-AF_BRIDGE"   , "clock-AF_ATMPVC"   ,
238   "clock-AF_X25"   , "clock-AF_INET6"    , "clock-AF_ROSE"     ,
239   "clock-AF_DECnet", "clock-AF_NETBEUI"  , "clock-AF_SECURITY" ,
240   "clock-AF_KEY"   , "clock-AF_NETLINK"  , "clock-AF_PACKET"   ,
241   "clock-AF_ASH"   , "clock-AF_ECONET"   , "clock-AF_ATMSVC"   ,
242   "clock-AF_RDS"   , "clock-AF_SNA"      , "clock-AF_IRDA"     ,
243   "clock-AF_PPPOX" , "clock-AF_WANPIPE"  , "clock-AF_LLC"      ,
244   "clock-27"       , "clock-28"          , "clock-AF_CAN"      ,
245   "clock-AF_TIPC"  , "clock-AF_BLUETOOTH", "clock-AF_IUCV"     ,
246   "clock-AF_RXRPC" , "clock-AF_ISDN"     , "clock-AF_PHONET"   ,
247   "clock-AF_IEEE802154", "clock-AF_CAIF" , "clock-AF_ALG"      ,
248   "clock-AF_NFC"   , "clock-AF_VSOCK"    , "clock-AF_MAX"
249 };
250 
251 /*
252  * sk_callback_lock locking rules are per-address-family,
253  * so split the lock classes by using a per-AF key:
254  */
255 static struct lock_class_key af_callback_keys[AF_MAX];
256 
257 /* Take into consideration the size of the struct sk_buff overhead in the
258  * determination of these values, since that is non-constant across
259  * platforms.  This makes socket queueing behavior and performance
260  * not depend upon such differences.
261  */
262 #define _SK_MEM_PACKETS		256
263 #define _SK_MEM_OVERHEAD	SKB_TRUESIZE(256)
264 #define SK_WMEM_MAX		(_SK_MEM_OVERHEAD * _SK_MEM_PACKETS)
265 #define SK_RMEM_MAX		(_SK_MEM_OVERHEAD * _SK_MEM_PACKETS)
266 
267 /* Run time adjustable parameters. */
268 __u32 sysctl_wmem_max __read_mostly = SK_WMEM_MAX;
269 EXPORT_SYMBOL(sysctl_wmem_max);
270 __u32 sysctl_rmem_max __read_mostly = SK_RMEM_MAX;
271 EXPORT_SYMBOL(sysctl_rmem_max);
272 __u32 sysctl_wmem_default __read_mostly = SK_WMEM_MAX;
273 __u32 sysctl_rmem_default __read_mostly = SK_RMEM_MAX;
274 
275 /* Maximal space eaten by iovec or ancillary data plus some space */
276 int sysctl_optmem_max __read_mostly = sizeof(unsigned long)*(2*UIO_MAXIOV+512);
277 EXPORT_SYMBOL(sysctl_optmem_max);
278 
279 struct static_key memalloc_socks = STATIC_KEY_INIT_FALSE;
280 EXPORT_SYMBOL_GPL(memalloc_socks);
281 
282 /**
283  * sk_set_memalloc - sets %SOCK_MEMALLOC
284  * @sk: socket to set it on
285  *
286  * Set %SOCK_MEMALLOC on a socket for access to emergency reserves.
287  * It's the responsibility of the admin to adjust min_free_kbytes
288  * to meet the requirements
289  */
290 void sk_set_memalloc(struct sock *sk)
291 {
292 	sock_set_flag(sk, SOCK_MEMALLOC);
293 	sk->sk_allocation |= __GFP_MEMALLOC;
294 	static_key_slow_inc(&memalloc_socks);
295 }
296 EXPORT_SYMBOL_GPL(sk_set_memalloc);
297 
298 void sk_clear_memalloc(struct sock *sk)
299 {
300 	sock_reset_flag(sk, SOCK_MEMALLOC);
301 	sk->sk_allocation &= ~__GFP_MEMALLOC;
302 	static_key_slow_dec(&memalloc_socks);
303 
304 	/*
305 	 * SOCK_MEMALLOC is allowed to ignore rmem limits to ensure forward
306 	 * progress of swapping. However, if SOCK_MEMALLOC is cleared while
307 	 * it has rmem allocations there is a risk that the user of the
308 	 * socket cannot make forward progress due to exceeding the rmem
309 	 * limits. By rights, sk_clear_memalloc() should only be called
310 	 * on sockets being torn down but warn and reset the accounting if
311 	 * that assumption breaks.
312 	 */
313 	if (WARN_ON(sk->sk_forward_alloc))
314 		sk_mem_reclaim(sk);
315 }
316 EXPORT_SYMBOL_GPL(sk_clear_memalloc);
317 
318 int __sk_backlog_rcv(struct sock *sk, struct sk_buff *skb)
319 {
320 	int ret;
321 	unsigned long pflags = current->flags;
322 
323 	/* these should have been dropped before queueing */
324 	BUG_ON(!sock_flag(sk, SOCK_MEMALLOC));
325 
326 	current->flags |= PF_MEMALLOC;
327 	ret = sk->sk_backlog_rcv(sk, skb);
328 	tsk_restore_flags(current, pflags, PF_MEMALLOC);
329 
330 	return ret;
331 }
332 EXPORT_SYMBOL(__sk_backlog_rcv);
333 
334 static int sock_set_timeout(long *timeo_p, char __user *optval, int optlen)
335 {
336 	struct timeval tv;
337 
338 	if (optlen < sizeof(tv))
339 		return -EINVAL;
340 	if (copy_from_user(&tv, optval, sizeof(tv)))
341 		return -EFAULT;
342 	if (tv.tv_usec < 0 || tv.tv_usec >= USEC_PER_SEC)
343 		return -EDOM;
344 
345 	if (tv.tv_sec < 0) {
346 		static int warned __read_mostly;
347 
348 		*timeo_p = 0;
349 		if (warned < 10 && net_ratelimit()) {
350 			warned++;
351 			pr_info("%s: `%s' (pid %d) tries to set negative timeout\n",
352 				__func__, current->comm, task_pid_nr(current));
353 		}
354 		return 0;
355 	}
356 	*timeo_p = MAX_SCHEDULE_TIMEOUT;
357 	if (tv.tv_sec == 0 && tv.tv_usec == 0)
358 		return 0;
359 	if (tv.tv_sec < (MAX_SCHEDULE_TIMEOUT/HZ - 1))
360 		*timeo_p = tv.tv_sec*HZ + (tv.tv_usec+(1000000/HZ-1))/(1000000/HZ);
361 	return 0;
362 }
363 
364 static void sock_warn_obsolete_bsdism(const char *name)
365 {
366 	static int warned;
367 	static char warncomm[TASK_COMM_LEN];
368 	if (strcmp(warncomm, current->comm) && warned < 5) {
369 		strcpy(warncomm,  current->comm);
370 		pr_warn("process `%s' is using obsolete %s SO_BSDCOMPAT\n",
371 			warncomm, name);
372 		warned++;
373 	}
374 }
375 
376 #define SK_FLAGS_TIMESTAMP ((1UL << SOCK_TIMESTAMP) | (1UL << SOCK_TIMESTAMPING_RX_SOFTWARE))
377 
378 static void sock_disable_timestamp(struct sock *sk, unsigned long flags)
379 {
380 	if (sk->sk_flags & flags) {
381 		sk->sk_flags &= ~flags;
382 		if (!(sk->sk_flags & SK_FLAGS_TIMESTAMP))
383 			net_disable_timestamp();
384 	}
385 }
386 
387 
388 int sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
389 {
390 	int err;
391 	int skb_len;
392 	unsigned long flags;
393 	struct sk_buff_head *list = &sk->sk_receive_queue;
394 
395 	if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf) {
396 		atomic_inc(&sk->sk_drops);
397 		trace_sock_rcvqueue_full(sk, skb);
398 		return -ENOMEM;
399 	}
400 
401 	err = sk_filter(sk, skb);
402 	if (err)
403 		return err;
404 
405 	if (!sk_rmem_schedule(sk, skb, skb->truesize)) {
406 		atomic_inc(&sk->sk_drops);
407 		return -ENOBUFS;
408 	}
409 
410 	skb->dev = NULL;
411 	skb_set_owner_r(skb, sk);
412 
413 	/* Cache the SKB length before we tack it onto the receive
414 	 * queue.  Once it is added it no longer belongs to us and
415 	 * may be freed by other threads of control pulling packets
416 	 * from the queue.
417 	 */
418 	skb_len = skb->len;
419 
420 	/* we escape from rcu protected region, make sure we dont leak
421 	 * a norefcounted dst
422 	 */
423 	skb_dst_force(skb);
424 
425 	spin_lock_irqsave(&list->lock, flags);
426 	skb->dropcount = atomic_read(&sk->sk_drops);
427 	__skb_queue_tail(list, skb);
428 	spin_unlock_irqrestore(&list->lock, flags);
429 
430 	if (!sock_flag(sk, SOCK_DEAD))
431 		sk->sk_data_ready(sk, skb_len);
432 	return 0;
433 }
434 EXPORT_SYMBOL(sock_queue_rcv_skb);
435 
436 int sk_receive_skb(struct sock *sk, struct sk_buff *skb, const int nested)
437 {
438 	int rc = NET_RX_SUCCESS;
439 
440 	if (sk_filter(sk, skb))
441 		goto discard_and_relse;
442 
443 	skb->dev = NULL;
444 
445 	if (sk_rcvqueues_full(sk, skb, sk->sk_rcvbuf)) {
446 		atomic_inc(&sk->sk_drops);
447 		goto discard_and_relse;
448 	}
449 	if (nested)
450 		bh_lock_sock_nested(sk);
451 	else
452 		bh_lock_sock(sk);
453 	if (!sock_owned_by_user(sk)) {
454 		/*
455 		 * trylock + unlock semantics:
456 		 */
457 		mutex_acquire(&sk->sk_lock.dep_map, 0, 1, _RET_IP_);
458 
459 		rc = sk_backlog_rcv(sk, skb);
460 
461 		mutex_release(&sk->sk_lock.dep_map, 1, _RET_IP_);
462 	} else if (sk_add_backlog(sk, skb, sk->sk_rcvbuf)) {
463 		bh_unlock_sock(sk);
464 		atomic_inc(&sk->sk_drops);
465 		goto discard_and_relse;
466 	}
467 
468 	bh_unlock_sock(sk);
469 out:
470 	sock_put(sk);
471 	return rc;
472 discard_and_relse:
473 	kfree_skb(skb);
474 	goto out;
475 }
476 EXPORT_SYMBOL(sk_receive_skb);
477 
478 void sk_reset_txq(struct sock *sk)
479 {
480 	sk_tx_queue_clear(sk);
481 }
482 EXPORT_SYMBOL(sk_reset_txq);
483 
484 struct dst_entry *__sk_dst_check(struct sock *sk, u32 cookie)
485 {
486 	struct dst_entry *dst = __sk_dst_get(sk);
487 
488 	if (dst && dst->obsolete && dst->ops->check(dst, cookie) == NULL) {
489 		sk_tx_queue_clear(sk);
490 		RCU_INIT_POINTER(sk->sk_dst_cache, NULL);
491 		dst_release(dst);
492 		return NULL;
493 	}
494 
495 	return dst;
496 }
497 EXPORT_SYMBOL(__sk_dst_check);
498 
499 struct dst_entry *sk_dst_check(struct sock *sk, u32 cookie)
500 {
501 	struct dst_entry *dst = sk_dst_get(sk);
502 
503 	if (dst && dst->obsolete && dst->ops->check(dst, cookie) == NULL) {
504 		sk_dst_reset(sk);
505 		dst_release(dst);
506 		return NULL;
507 	}
508 
509 	return dst;
510 }
511 EXPORT_SYMBOL(sk_dst_check);
512 
513 static int sock_setbindtodevice(struct sock *sk, char __user *optval,
514 				int optlen)
515 {
516 	int ret = -ENOPROTOOPT;
517 #ifdef CONFIG_NETDEVICES
518 	struct net *net = sock_net(sk);
519 	char devname[IFNAMSIZ];
520 	int index;
521 
522 	/* Sorry... */
523 	ret = -EPERM;
524 	if (!ns_capable(net->user_ns, CAP_NET_RAW))
525 		goto out;
526 
527 	ret = -EINVAL;
528 	if (optlen < 0)
529 		goto out;
530 
531 	/* Bind this socket to a particular device like "eth0",
532 	 * as specified in the passed interface name. If the
533 	 * name is "" or the option length is zero the socket
534 	 * is not bound.
535 	 */
536 	if (optlen > IFNAMSIZ - 1)
537 		optlen = IFNAMSIZ - 1;
538 	memset(devname, 0, sizeof(devname));
539 
540 	ret = -EFAULT;
541 	if (copy_from_user(devname, optval, optlen))
542 		goto out;
543 
544 	index = 0;
545 	if (devname[0] != '\0') {
546 		struct net_device *dev;
547 
548 		rcu_read_lock();
549 		dev = dev_get_by_name_rcu(net, devname);
550 		if (dev)
551 			index = dev->ifindex;
552 		rcu_read_unlock();
553 		ret = -ENODEV;
554 		if (!dev)
555 			goto out;
556 	}
557 
558 	lock_sock(sk);
559 	sk->sk_bound_dev_if = index;
560 	sk_dst_reset(sk);
561 	release_sock(sk);
562 
563 	ret = 0;
564 
565 out:
566 #endif
567 
568 	return ret;
569 }
570 
571 static int sock_getbindtodevice(struct sock *sk, char __user *optval,
572 				int __user *optlen, int len)
573 {
574 	int ret = -ENOPROTOOPT;
575 #ifdef CONFIG_NETDEVICES
576 	struct net *net = sock_net(sk);
577 	char devname[IFNAMSIZ];
578 
579 	if (sk->sk_bound_dev_if == 0) {
580 		len = 0;
581 		goto zero;
582 	}
583 
584 	ret = -EINVAL;
585 	if (len < IFNAMSIZ)
586 		goto out;
587 
588 	ret = netdev_get_name(net, devname, sk->sk_bound_dev_if);
589 	if (ret)
590 		goto out;
591 
592 	len = strlen(devname) + 1;
593 
594 	ret = -EFAULT;
595 	if (copy_to_user(optval, devname, len))
596 		goto out;
597 
598 zero:
599 	ret = -EFAULT;
600 	if (put_user(len, optlen))
601 		goto out;
602 
603 	ret = 0;
604 
605 out:
606 #endif
607 
608 	return ret;
609 }
610 
611 static inline void sock_valbool_flag(struct sock *sk, int bit, int valbool)
612 {
613 	if (valbool)
614 		sock_set_flag(sk, bit);
615 	else
616 		sock_reset_flag(sk, bit);
617 }
618 
619 /*
620  *	This is meant for all protocols to use and covers goings on
621  *	at the socket level. Everything here is generic.
622  */
623 
624 int sock_setsockopt(struct socket *sock, int level, int optname,
625 		    char __user *optval, unsigned int optlen)
626 {
627 	struct sock *sk = sock->sk;
628 	int val;
629 	int valbool;
630 	struct linger ling;
631 	int ret = 0;
632 
633 	/*
634 	 *	Options without arguments
635 	 */
636 
637 	if (optname == SO_BINDTODEVICE)
638 		return sock_setbindtodevice(sk, optval, optlen);
639 
640 	if (optlen < sizeof(int))
641 		return -EINVAL;
642 
643 	if (get_user(val, (int __user *)optval))
644 		return -EFAULT;
645 
646 	valbool = val ? 1 : 0;
647 
648 	lock_sock(sk);
649 
650 	switch (optname) {
651 	case SO_DEBUG:
652 		if (val && !capable(CAP_NET_ADMIN))
653 			ret = -EACCES;
654 		else
655 			sock_valbool_flag(sk, SOCK_DBG, valbool);
656 		break;
657 	case SO_REUSEADDR:
658 		sk->sk_reuse = (valbool ? SK_CAN_REUSE : SK_NO_REUSE);
659 		break;
660 	case SO_REUSEPORT:
661 		sk->sk_reuseport = valbool;
662 		break;
663 	case SO_TYPE:
664 	case SO_PROTOCOL:
665 	case SO_DOMAIN:
666 	case SO_ERROR:
667 		ret = -ENOPROTOOPT;
668 		break;
669 	case SO_DONTROUTE:
670 		sock_valbool_flag(sk, SOCK_LOCALROUTE, valbool);
671 		break;
672 	case SO_BROADCAST:
673 		sock_valbool_flag(sk, SOCK_BROADCAST, valbool);
674 		break;
675 	case SO_SNDBUF:
676 		/* Don't error on this BSD doesn't and if you think
677 		 * about it this is right. Otherwise apps have to
678 		 * play 'guess the biggest size' games. RCVBUF/SNDBUF
679 		 * are treated in BSD as hints
680 		 */
681 		val = min_t(u32, val, sysctl_wmem_max);
682 set_sndbuf:
683 		sk->sk_userlocks |= SOCK_SNDBUF_LOCK;
684 		sk->sk_sndbuf = max_t(u32, val * 2, SOCK_MIN_SNDBUF);
685 		/* Wake up sending tasks if we upped the value. */
686 		sk->sk_write_space(sk);
687 		break;
688 
689 	case SO_SNDBUFFORCE:
690 		if (!capable(CAP_NET_ADMIN)) {
691 			ret = -EPERM;
692 			break;
693 		}
694 		goto set_sndbuf;
695 
696 	case SO_RCVBUF:
697 		/* Don't error on this BSD doesn't and if you think
698 		 * about it this is right. Otherwise apps have to
699 		 * play 'guess the biggest size' games. RCVBUF/SNDBUF
700 		 * are treated in BSD as hints
701 		 */
702 		val = min_t(u32, val, sysctl_rmem_max);
703 set_rcvbuf:
704 		sk->sk_userlocks |= SOCK_RCVBUF_LOCK;
705 		/*
706 		 * We double it on the way in to account for
707 		 * "struct sk_buff" etc. overhead.   Applications
708 		 * assume that the SO_RCVBUF setting they make will
709 		 * allow that much actual data to be received on that
710 		 * socket.
711 		 *
712 		 * Applications are unaware that "struct sk_buff" and
713 		 * other overheads allocate from the receive buffer
714 		 * during socket buffer allocation.
715 		 *
716 		 * And after considering the possible alternatives,
717 		 * returning the value we actually used in getsockopt
718 		 * is the most desirable behavior.
719 		 */
720 		sk->sk_rcvbuf = max_t(u32, val * 2, SOCK_MIN_RCVBUF);
721 		break;
722 
723 	case SO_RCVBUFFORCE:
724 		if (!capable(CAP_NET_ADMIN)) {
725 			ret = -EPERM;
726 			break;
727 		}
728 		goto set_rcvbuf;
729 
730 	case SO_KEEPALIVE:
731 #ifdef CONFIG_INET
732 		if (sk->sk_protocol == IPPROTO_TCP &&
733 		    sk->sk_type == SOCK_STREAM)
734 			tcp_set_keepalive(sk, valbool);
735 #endif
736 		sock_valbool_flag(sk, SOCK_KEEPOPEN, valbool);
737 		break;
738 
739 	case SO_OOBINLINE:
740 		sock_valbool_flag(sk, SOCK_URGINLINE, valbool);
741 		break;
742 
743 	case SO_NO_CHECK:
744 		sk->sk_no_check = valbool;
745 		break;
746 
747 	case SO_PRIORITY:
748 		if ((val >= 0 && val <= 6) ||
749 		    ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN))
750 			sk->sk_priority = val;
751 		else
752 			ret = -EPERM;
753 		break;
754 
755 	case SO_LINGER:
756 		if (optlen < sizeof(ling)) {
757 			ret = -EINVAL;	/* 1003.1g */
758 			break;
759 		}
760 		if (copy_from_user(&ling, optval, sizeof(ling))) {
761 			ret = -EFAULT;
762 			break;
763 		}
764 		if (!ling.l_onoff)
765 			sock_reset_flag(sk, SOCK_LINGER);
766 		else {
767 #if (BITS_PER_LONG == 32)
768 			if ((unsigned int)ling.l_linger >= MAX_SCHEDULE_TIMEOUT/HZ)
769 				sk->sk_lingertime = MAX_SCHEDULE_TIMEOUT;
770 			else
771 #endif
772 				sk->sk_lingertime = (unsigned int)ling.l_linger * HZ;
773 			sock_set_flag(sk, SOCK_LINGER);
774 		}
775 		break;
776 
777 	case SO_BSDCOMPAT:
778 		sock_warn_obsolete_bsdism("setsockopt");
779 		break;
780 
781 	case SO_PASSCRED:
782 		if (valbool)
783 			set_bit(SOCK_PASSCRED, &sock->flags);
784 		else
785 			clear_bit(SOCK_PASSCRED, &sock->flags);
786 		break;
787 
788 	case SO_TIMESTAMP:
789 	case SO_TIMESTAMPNS:
790 		if (valbool)  {
791 			if (optname == SO_TIMESTAMP)
792 				sock_reset_flag(sk, SOCK_RCVTSTAMPNS);
793 			else
794 				sock_set_flag(sk, SOCK_RCVTSTAMPNS);
795 			sock_set_flag(sk, SOCK_RCVTSTAMP);
796 			sock_enable_timestamp(sk, SOCK_TIMESTAMP);
797 		} else {
798 			sock_reset_flag(sk, SOCK_RCVTSTAMP);
799 			sock_reset_flag(sk, SOCK_RCVTSTAMPNS);
800 		}
801 		break;
802 
803 	case SO_TIMESTAMPING:
804 		if (val & ~SOF_TIMESTAMPING_MASK) {
805 			ret = -EINVAL;
806 			break;
807 		}
808 		sock_valbool_flag(sk, SOCK_TIMESTAMPING_TX_HARDWARE,
809 				  val & SOF_TIMESTAMPING_TX_HARDWARE);
810 		sock_valbool_flag(sk, SOCK_TIMESTAMPING_TX_SOFTWARE,
811 				  val & SOF_TIMESTAMPING_TX_SOFTWARE);
812 		sock_valbool_flag(sk, SOCK_TIMESTAMPING_RX_HARDWARE,
813 				  val & SOF_TIMESTAMPING_RX_HARDWARE);
814 		if (val & SOF_TIMESTAMPING_RX_SOFTWARE)
815 			sock_enable_timestamp(sk,
816 					      SOCK_TIMESTAMPING_RX_SOFTWARE);
817 		else
818 			sock_disable_timestamp(sk,
819 					       (1UL << SOCK_TIMESTAMPING_RX_SOFTWARE));
820 		sock_valbool_flag(sk, SOCK_TIMESTAMPING_SOFTWARE,
821 				  val & SOF_TIMESTAMPING_SOFTWARE);
822 		sock_valbool_flag(sk, SOCK_TIMESTAMPING_SYS_HARDWARE,
823 				  val & SOF_TIMESTAMPING_SYS_HARDWARE);
824 		sock_valbool_flag(sk, SOCK_TIMESTAMPING_RAW_HARDWARE,
825 				  val & SOF_TIMESTAMPING_RAW_HARDWARE);
826 		break;
827 
828 	case SO_RCVLOWAT:
829 		if (val < 0)
830 			val = INT_MAX;
831 		sk->sk_rcvlowat = val ? : 1;
832 		break;
833 
834 	case SO_RCVTIMEO:
835 		ret = sock_set_timeout(&sk->sk_rcvtimeo, optval, optlen);
836 		break;
837 
838 	case SO_SNDTIMEO:
839 		ret = sock_set_timeout(&sk->sk_sndtimeo, optval, optlen);
840 		break;
841 
842 	case SO_ATTACH_FILTER:
843 		ret = -EINVAL;
844 		if (optlen == sizeof(struct sock_fprog)) {
845 			struct sock_fprog fprog;
846 
847 			ret = -EFAULT;
848 			if (copy_from_user(&fprog, optval, sizeof(fprog)))
849 				break;
850 
851 			ret = sk_attach_filter(&fprog, sk);
852 		}
853 		break;
854 
855 	case SO_DETACH_FILTER:
856 		ret = sk_detach_filter(sk);
857 		break;
858 
859 	case SO_LOCK_FILTER:
860 		if (sock_flag(sk, SOCK_FILTER_LOCKED) && !valbool)
861 			ret = -EPERM;
862 		else
863 			sock_valbool_flag(sk, SOCK_FILTER_LOCKED, valbool);
864 		break;
865 
866 	case SO_PASSSEC:
867 		if (valbool)
868 			set_bit(SOCK_PASSSEC, &sock->flags);
869 		else
870 			clear_bit(SOCK_PASSSEC, &sock->flags);
871 		break;
872 	case SO_MARK:
873 		if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN))
874 			ret = -EPERM;
875 		else
876 			sk->sk_mark = val;
877 		break;
878 
879 		/* We implement the SO_SNDLOWAT etc to
880 		   not be settable (1003.1g 5.3) */
881 	case SO_RXQ_OVFL:
882 		sock_valbool_flag(sk, SOCK_RXQ_OVFL, valbool);
883 		break;
884 
885 	case SO_WIFI_STATUS:
886 		sock_valbool_flag(sk, SOCK_WIFI_STATUS, valbool);
887 		break;
888 
889 	case SO_PEEK_OFF:
890 		if (sock->ops->set_peek_off)
891 			sock->ops->set_peek_off(sk, val);
892 		else
893 			ret = -EOPNOTSUPP;
894 		break;
895 
896 	case SO_NOFCS:
897 		sock_valbool_flag(sk, SOCK_NOFCS, valbool);
898 		break;
899 
900 	case SO_SELECT_ERR_QUEUE:
901 		sock_valbool_flag(sk, SOCK_SELECT_ERR_QUEUE, valbool);
902 		break;
903 
904 #ifdef CONFIG_NET_RX_BUSY_POLL
905 	case SO_BUSY_POLL:
906 		/* allow unprivileged users to decrease the value */
907 		if ((val > sk->sk_ll_usec) && !capable(CAP_NET_ADMIN))
908 			ret = -EPERM;
909 		else {
910 			if (val < 0)
911 				ret = -EINVAL;
912 			else
913 				sk->sk_ll_usec = val;
914 		}
915 		break;
916 #endif
917 	default:
918 		ret = -ENOPROTOOPT;
919 		break;
920 	}
921 	release_sock(sk);
922 	return ret;
923 }
924 EXPORT_SYMBOL(sock_setsockopt);
925 
926 
927 void cred_to_ucred(struct pid *pid, const struct cred *cred,
928 		   struct ucred *ucred)
929 {
930 	ucred->pid = pid_vnr(pid);
931 	ucred->uid = ucred->gid = -1;
932 	if (cred) {
933 		struct user_namespace *current_ns = current_user_ns();
934 
935 		ucred->uid = from_kuid_munged(current_ns, cred->euid);
936 		ucred->gid = from_kgid_munged(current_ns, cred->egid);
937 	}
938 }
939 EXPORT_SYMBOL_GPL(cred_to_ucred);
940 
941 int sock_getsockopt(struct socket *sock, int level, int optname,
942 		    char __user *optval, int __user *optlen)
943 {
944 	struct sock *sk = sock->sk;
945 
946 	union {
947 		int val;
948 		struct linger ling;
949 		struct timeval tm;
950 	} v;
951 
952 	int lv = sizeof(int);
953 	int len;
954 
955 	if (get_user(len, optlen))
956 		return -EFAULT;
957 	if (len < 0)
958 		return -EINVAL;
959 
960 	memset(&v, 0, sizeof(v));
961 
962 	switch (optname) {
963 	case SO_DEBUG:
964 		v.val = sock_flag(sk, SOCK_DBG);
965 		break;
966 
967 	case SO_DONTROUTE:
968 		v.val = sock_flag(sk, SOCK_LOCALROUTE);
969 		break;
970 
971 	case SO_BROADCAST:
972 		v.val = sock_flag(sk, SOCK_BROADCAST);
973 		break;
974 
975 	case SO_SNDBUF:
976 		v.val = sk->sk_sndbuf;
977 		break;
978 
979 	case SO_RCVBUF:
980 		v.val = sk->sk_rcvbuf;
981 		break;
982 
983 	case SO_REUSEADDR:
984 		v.val = sk->sk_reuse;
985 		break;
986 
987 	case SO_REUSEPORT:
988 		v.val = sk->sk_reuseport;
989 		break;
990 
991 	case SO_KEEPALIVE:
992 		v.val = sock_flag(sk, SOCK_KEEPOPEN);
993 		break;
994 
995 	case SO_TYPE:
996 		v.val = sk->sk_type;
997 		break;
998 
999 	case SO_PROTOCOL:
1000 		v.val = sk->sk_protocol;
1001 		break;
1002 
1003 	case SO_DOMAIN:
1004 		v.val = sk->sk_family;
1005 		break;
1006 
1007 	case SO_ERROR:
1008 		v.val = -sock_error(sk);
1009 		if (v.val == 0)
1010 			v.val = xchg(&sk->sk_err_soft, 0);
1011 		break;
1012 
1013 	case SO_OOBINLINE:
1014 		v.val = sock_flag(sk, SOCK_URGINLINE);
1015 		break;
1016 
1017 	case SO_NO_CHECK:
1018 		v.val = sk->sk_no_check;
1019 		break;
1020 
1021 	case SO_PRIORITY:
1022 		v.val = sk->sk_priority;
1023 		break;
1024 
1025 	case SO_LINGER:
1026 		lv		= sizeof(v.ling);
1027 		v.ling.l_onoff	= sock_flag(sk, SOCK_LINGER);
1028 		v.ling.l_linger	= sk->sk_lingertime / HZ;
1029 		break;
1030 
1031 	case SO_BSDCOMPAT:
1032 		sock_warn_obsolete_bsdism("getsockopt");
1033 		break;
1034 
1035 	case SO_TIMESTAMP:
1036 		v.val = sock_flag(sk, SOCK_RCVTSTAMP) &&
1037 				!sock_flag(sk, SOCK_RCVTSTAMPNS);
1038 		break;
1039 
1040 	case SO_TIMESTAMPNS:
1041 		v.val = sock_flag(sk, SOCK_RCVTSTAMPNS);
1042 		break;
1043 
1044 	case SO_TIMESTAMPING:
1045 		v.val = 0;
1046 		if (sock_flag(sk, SOCK_TIMESTAMPING_TX_HARDWARE))
1047 			v.val |= SOF_TIMESTAMPING_TX_HARDWARE;
1048 		if (sock_flag(sk, SOCK_TIMESTAMPING_TX_SOFTWARE))
1049 			v.val |= SOF_TIMESTAMPING_TX_SOFTWARE;
1050 		if (sock_flag(sk, SOCK_TIMESTAMPING_RX_HARDWARE))
1051 			v.val |= SOF_TIMESTAMPING_RX_HARDWARE;
1052 		if (sock_flag(sk, SOCK_TIMESTAMPING_RX_SOFTWARE))
1053 			v.val |= SOF_TIMESTAMPING_RX_SOFTWARE;
1054 		if (sock_flag(sk, SOCK_TIMESTAMPING_SOFTWARE))
1055 			v.val |= SOF_TIMESTAMPING_SOFTWARE;
1056 		if (sock_flag(sk, SOCK_TIMESTAMPING_SYS_HARDWARE))
1057 			v.val |= SOF_TIMESTAMPING_SYS_HARDWARE;
1058 		if (sock_flag(sk, SOCK_TIMESTAMPING_RAW_HARDWARE))
1059 			v.val |= SOF_TIMESTAMPING_RAW_HARDWARE;
1060 		break;
1061 
1062 	case SO_RCVTIMEO:
1063 		lv = sizeof(struct timeval);
1064 		if (sk->sk_rcvtimeo == MAX_SCHEDULE_TIMEOUT) {
1065 			v.tm.tv_sec = 0;
1066 			v.tm.tv_usec = 0;
1067 		} else {
1068 			v.tm.tv_sec = sk->sk_rcvtimeo / HZ;
1069 			v.tm.tv_usec = ((sk->sk_rcvtimeo % HZ) * 1000000) / HZ;
1070 		}
1071 		break;
1072 
1073 	case SO_SNDTIMEO:
1074 		lv = sizeof(struct timeval);
1075 		if (sk->sk_sndtimeo == MAX_SCHEDULE_TIMEOUT) {
1076 			v.tm.tv_sec = 0;
1077 			v.tm.tv_usec = 0;
1078 		} else {
1079 			v.tm.tv_sec = sk->sk_sndtimeo / HZ;
1080 			v.tm.tv_usec = ((sk->sk_sndtimeo % HZ) * 1000000) / HZ;
1081 		}
1082 		break;
1083 
1084 	case SO_RCVLOWAT:
1085 		v.val = sk->sk_rcvlowat;
1086 		break;
1087 
1088 	case SO_SNDLOWAT:
1089 		v.val = 1;
1090 		break;
1091 
1092 	case SO_PASSCRED:
1093 		v.val = !!test_bit(SOCK_PASSCRED, &sock->flags);
1094 		break;
1095 
1096 	case SO_PEERCRED:
1097 	{
1098 		struct ucred peercred;
1099 		if (len > sizeof(peercred))
1100 			len = sizeof(peercred);
1101 		cred_to_ucred(sk->sk_peer_pid, sk->sk_peer_cred, &peercred);
1102 		if (copy_to_user(optval, &peercred, len))
1103 			return -EFAULT;
1104 		goto lenout;
1105 	}
1106 
1107 	case SO_PEERNAME:
1108 	{
1109 		char address[128];
1110 
1111 		if (sock->ops->getname(sock, (struct sockaddr *)address, &lv, 2))
1112 			return -ENOTCONN;
1113 		if (lv < len)
1114 			return -EINVAL;
1115 		if (copy_to_user(optval, address, len))
1116 			return -EFAULT;
1117 		goto lenout;
1118 	}
1119 
1120 	/* Dubious BSD thing... Probably nobody even uses it, but
1121 	 * the UNIX standard wants it for whatever reason... -DaveM
1122 	 */
1123 	case SO_ACCEPTCONN:
1124 		v.val = sk->sk_state == TCP_LISTEN;
1125 		break;
1126 
1127 	case SO_PASSSEC:
1128 		v.val = !!test_bit(SOCK_PASSSEC, &sock->flags);
1129 		break;
1130 
1131 	case SO_PEERSEC:
1132 		return security_socket_getpeersec_stream(sock, optval, optlen, len);
1133 
1134 	case SO_MARK:
1135 		v.val = sk->sk_mark;
1136 		break;
1137 
1138 	case SO_RXQ_OVFL:
1139 		v.val = sock_flag(sk, SOCK_RXQ_OVFL);
1140 		break;
1141 
1142 	case SO_WIFI_STATUS:
1143 		v.val = sock_flag(sk, SOCK_WIFI_STATUS);
1144 		break;
1145 
1146 	case SO_PEEK_OFF:
1147 		if (!sock->ops->set_peek_off)
1148 			return -EOPNOTSUPP;
1149 
1150 		v.val = sk->sk_peek_off;
1151 		break;
1152 	case SO_NOFCS:
1153 		v.val = sock_flag(sk, SOCK_NOFCS);
1154 		break;
1155 
1156 	case SO_BINDTODEVICE:
1157 		return sock_getbindtodevice(sk, optval, optlen, len);
1158 
1159 	case SO_GET_FILTER:
1160 		len = sk_get_filter(sk, (struct sock_filter __user *)optval, len);
1161 		if (len < 0)
1162 			return len;
1163 
1164 		goto lenout;
1165 
1166 	case SO_LOCK_FILTER:
1167 		v.val = sock_flag(sk, SOCK_FILTER_LOCKED);
1168 		break;
1169 
1170 	case SO_SELECT_ERR_QUEUE:
1171 		v.val = sock_flag(sk, SOCK_SELECT_ERR_QUEUE);
1172 		break;
1173 
1174 #ifdef CONFIG_NET_RX_BUSY_POLL
1175 	case SO_BUSY_POLL:
1176 		v.val = sk->sk_ll_usec;
1177 		break;
1178 #endif
1179 
1180 	default:
1181 		return -ENOPROTOOPT;
1182 	}
1183 
1184 	if (len > lv)
1185 		len = lv;
1186 	if (copy_to_user(optval, &v, len))
1187 		return -EFAULT;
1188 lenout:
1189 	if (put_user(len, optlen))
1190 		return -EFAULT;
1191 	return 0;
1192 }
1193 
1194 /*
1195  * Initialize an sk_lock.
1196  *
1197  * (We also register the sk_lock with the lock validator.)
1198  */
1199 static inline void sock_lock_init(struct sock *sk)
1200 {
1201 	sock_lock_init_class_and_name(sk,
1202 			af_family_slock_key_strings[sk->sk_family],
1203 			af_family_slock_keys + sk->sk_family,
1204 			af_family_key_strings[sk->sk_family],
1205 			af_family_keys + sk->sk_family);
1206 }
1207 
1208 /*
1209  * Copy all fields from osk to nsk but nsk->sk_refcnt must not change yet,
1210  * even temporarly, because of RCU lookups. sk_node should also be left as is.
1211  * We must not copy fields between sk_dontcopy_begin and sk_dontcopy_end
1212  */
1213 static void sock_copy(struct sock *nsk, const struct sock *osk)
1214 {
1215 #ifdef CONFIG_SECURITY_NETWORK
1216 	void *sptr = nsk->sk_security;
1217 #endif
1218 	memcpy(nsk, osk, offsetof(struct sock, sk_dontcopy_begin));
1219 
1220 	memcpy(&nsk->sk_dontcopy_end, &osk->sk_dontcopy_end,
1221 	       osk->sk_prot->obj_size - offsetof(struct sock, sk_dontcopy_end));
1222 
1223 #ifdef CONFIG_SECURITY_NETWORK
1224 	nsk->sk_security = sptr;
1225 	security_sk_clone(osk, nsk);
1226 #endif
1227 }
1228 
1229 void sk_prot_clear_portaddr_nulls(struct sock *sk, int size)
1230 {
1231 	unsigned long nulls1, nulls2;
1232 
1233 	nulls1 = offsetof(struct sock, __sk_common.skc_node.next);
1234 	nulls2 = offsetof(struct sock, __sk_common.skc_portaddr_node.next);
1235 	if (nulls1 > nulls2)
1236 		swap(nulls1, nulls2);
1237 
1238 	if (nulls1 != 0)
1239 		memset((char *)sk, 0, nulls1);
1240 	memset((char *)sk + nulls1 + sizeof(void *), 0,
1241 	       nulls2 - nulls1 - sizeof(void *));
1242 	memset((char *)sk + nulls2 + sizeof(void *), 0,
1243 	       size - nulls2 - sizeof(void *));
1244 }
1245 EXPORT_SYMBOL(sk_prot_clear_portaddr_nulls);
1246 
1247 static struct sock *sk_prot_alloc(struct proto *prot, gfp_t priority,
1248 		int family)
1249 {
1250 	struct sock *sk;
1251 	struct kmem_cache *slab;
1252 
1253 	slab = prot->slab;
1254 	if (slab != NULL) {
1255 		sk = kmem_cache_alloc(slab, priority & ~__GFP_ZERO);
1256 		if (!sk)
1257 			return sk;
1258 		if (priority & __GFP_ZERO) {
1259 			if (prot->clear_sk)
1260 				prot->clear_sk(sk, prot->obj_size);
1261 			else
1262 				sk_prot_clear_nulls(sk, prot->obj_size);
1263 		}
1264 	} else
1265 		sk = kmalloc(prot->obj_size, priority);
1266 
1267 	if (sk != NULL) {
1268 		kmemcheck_annotate_bitfield(sk, flags);
1269 
1270 		if (security_sk_alloc(sk, family, priority))
1271 			goto out_free;
1272 
1273 		if (!try_module_get(prot->owner))
1274 			goto out_free_sec;
1275 		sk_tx_queue_clear(sk);
1276 	}
1277 
1278 	return sk;
1279 
1280 out_free_sec:
1281 	security_sk_free(sk);
1282 out_free:
1283 	if (slab != NULL)
1284 		kmem_cache_free(slab, sk);
1285 	else
1286 		kfree(sk);
1287 	return NULL;
1288 }
1289 
1290 static void sk_prot_free(struct proto *prot, struct sock *sk)
1291 {
1292 	struct kmem_cache *slab;
1293 	struct module *owner;
1294 
1295 	owner = prot->owner;
1296 	slab = prot->slab;
1297 
1298 	security_sk_free(sk);
1299 	if (slab != NULL)
1300 		kmem_cache_free(slab, sk);
1301 	else
1302 		kfree(sk);
1303 	module_put(owner);
1304 }
1305 
1306 #if IS_ENABLED(CONFIG_NET_CLS_CGROUP)
1307 void sock_update_classid(struct sock *sk)
1308 {
1309 	u32 classid;
1310 
1311 	classid = task_cls_classid(current);
1312 	if (classid != sk->sk_classid)
1313 		sk->sk_classid = classid;
1314 }
1315 EXPORT_SYMBOL(sock_update_classid);
1316 #endif
1317 
1318 #if IS_ENABLED(CONFIG_NETPRIO_CGROUP)
1319 void sock_update_netprioidx(struct sock *sk)
1320 {
1321 	if (in_interrupt())
1322 		return;
1323 
1324 	sk->sk_cgrp_prioidx = task_netprioidx(current);
1325 }
1326 EXPORT_SYMBOL_GPL(sock_update_netprioidx);
1327 #endif
1328 
1329 /**
1330  *	sk_alloc - All socket objects are allocated here
1331  *	@net: the applicable net namespace
1332  *	@family: protocol family
1333  *	@priority: for allocation (%GFP_KERNEL, %GFP_ATOMIC, etc)
1334  *	@prot: struct proto associated with this new sock instance
1335  */
1336 struct sock *sk_alloc(struct net *net, int family, gfp_t priority,
1337 		      struct proto *prot)
1338 {
1339 	struct sock *sk;
1340 
1341 	sk = sk_prot_alloc(prot, priority | __GFP_ZERO, family);
1342 	if (sk) {
1343 		sk->sk_family = family;
1344 		/*
1345 		 * See comment in struct sock definition to understand
1346 		 * why we need sk_prot_creator -acme
1347 		 */
1348 		sk->sk_prot = sk->sk_prot_creator = prot;
1349 		sock_lock_init(sk);
1350 		sock_net_set(sk, get_net(net));
1351 		atomic_set(&sk->sk_wmem_alloc, 1);
1352 
1353 		sock_update_classid(sk);
1354 		sock_update_netprioidx(sk);
1355 	}
1356 
1357 	return sk;
1358 }
1359 EXPORT_SYMBOL(sk_alloc);
1360 
1361 static void __sk_free(struct sock *sk)
1362 {
1363 	struct sk_filter *filter;
1364 
1365 	if (sk->sk_destruct)
1366 		sk->sk_destruct(sk);
1367 
1368 	filter = rcu_dereference_check(sk->sk_filter,
1369 				       atomic_read(&sk->sk_wmem_alloc) == 0);
1370 	if (filter) {
1371 		sk_filter_uncharge(sk, filter);
1372 		RCU_INIT_POINTER(sk->sk_filter, NULL);
1373 	}
1374 
1375 	sock_disable_timestamp(sk, SK_FLAGS_TIMESTAMP);
1376 
1377 	if (atomic_read(&sk->sk_omem_alloc))
1378 		pr_debug("%s: optmem leakage (%d bytes) detected\n",
1379 			 __func__, atomic_read(&sk->sk_omem_alloc));
1380 
1381 	if (sk->sk_peer_cred)
1382 		put_cred(sk->sk_peer_cred);
1383 	put_pid(sk->sk_peer_pid);
1384 	put_net(sock_net(sk));
1385 	sk_prot_free(sk->sk_prot_creator, sk);
1386 }
1387 
1388 void sk_free(struct sock *sk)
1389 {
1390 	/*
1391 	 * We subtract one from sk_wmem_alloc and can know if
1392 	 * some packets are still in some tx queue.
1393 	 * If not null, sock_wfree() will call __sk_free(sk) later
1394 	 */
1395 	if (atomic_dec_and_test(&sk->sk_wmem_alloc))
1396 		__sk_free(sk);
1397 }
1398 EXPORT_SYMBOL(sk_free);
1399 
1400 /*
1401  * Last sock_put should drop reference to sk->sk_net. It has already
1402  * been dropped in sk_change_net. Taking reference to stopping namespace
1403  * is not an option.
1404  * Take reference to a socket to remove it from hash _alive_ and after that
1405  * destroy it in the context of init_net.
1406  */
1407 void sk_release_kernel(struct sock *sk)
1408 {
1409 	if (sk == NULL || sk->sk_socket == NULL)
1410 		return;
1411 
1412 	sock_hold(sk);
1413 	sock_release(sk->sk_socket);
1414 	release_net(sock_net(sk));
1415 	sock_net_set(sk, get_net(&init_net));
1416 	sock_put(sk);
1417 }
1418 EXPORT_SYMBOL(sk_release_kernel);
1419 
1420 static void sk_update_clone(const struct sock *sk, struct sock *newsk)
1421 {
1422 	if (mem_cgroup_sockets_enabled && sk->sk_cgrp)
1423 		sock_update_memcg(newsk);
1424 }
1425 
1426 /**
1427  *	sk_clone_lock - clone a socket, and lock its clone
1428  *	@sk: the socket to clone
1429  *	@priority: for allocation (%GFP_KERNEL, %GFP_ATOMIC, etc)
1430  *
1431  *	Caller must unlock socket even in error path (bh_unlock_sock(newsk))
1432  */
1433 struct sock *sk_clone_lock(const struct sock *sk, const gfp_t priority)
1434 {
1435 	struct sock *newsk;
1436 
1437 	newsk = sk_prot_alloc(sk->sk_prot, priority, sk->sk_family);
1438 	if (newsk != NULL) {
1439 		struct sk_filter *filter;
1440 
1441 		sock_copy(newsk, sk);
1442 
1443 		/* SANITY */
1444 		get_net(sock_net(newsk));
1445 		sk_node_init(&newsk->sk_node);
1446 		sock_lock_init(newsk);
1447 		bh_lock_sock(newsk);
1448 		newsk->sk_backlog.head	= newsk->sk_backlog.tail = NULL;
1449 		newsk->sk_backlog.len = 0;
1450 
1451 		atomic_set(&newsk->sk_rmem_alloc, 0);
1452 		/*
1453 		 * sk_wmem_alloc set to one (see sk_free() and sock_wfree())
1454 		 */
1455 		atomic_set(&newsk->sk_wmem_alloc, 1);
1456 		atomic_set(&newsk->sk_omem_alloc, 0);
1457 		skb_queue_head_init(&newsk->sk_receive_queue);
1458 		skb_queue_head_init(&newsk->sk_write_queue);
1459 #ifdef CONFIG_NET_DMA
1460 		skb_queue_head_init(&newsk->sk_async_wait_queue);
1461 #endif
1462 
1463 		spin_lock_init(&newsk->sk_dst_lock);
1464 		rwlock_init(&newsk->sk_callback_lock);
1465 		lockdep_set_class_and_name(&newsk->sk_callback_lock,
1466 				af_callback_keys + newsk->sk_family,
1467 				af_family_clock_key_strings[newsk->sk_family]);
1468 
1469 		newsk->sk_dst_cache	= NULL;
1470 		newsk->sk_wmem_queued	= 0;
1471 		newsk->sk_forward_alloc = 0;
1472 		newsk->sk_send_head	= NULL;
1473 		newsk->sk_userlocks	= sk->sk_userlocks & ~SOCK_BINDPORT_LOCK;
1474 
1475 		sock_reset_flag(newsk, SOCK_DONE);
1476 		skb_queue_head_init(&newsk->sk_error_queue);
1477 
1478 		filter = rcu_dereference_protected(newsk->sk_filter, 1);
1479 		if (filter != NULL)
1480 			sk_filter_charge(newsk, filter);
1481 
1482 		if (unlikely(xfrm_sk_clone_policy(newsk))) {
1483 			/* It is still raw copy of parent, so invalidate
1484 			 * destructor and make plain sk_free() */
1485 			newsk->sk_destruct = NULL;
1486 			bh_unlock_sock(newsk);
1487 			sk_free(newsk);
1488 			newsk = NULL;
1489 			goto out;
1490 		}
1491 
1492 		newsk->sk_err	   = 0;
1493 		newsk->sk_priority = 0;
1494 		/*
1495 		 * Before updating sk_refcnt, we must commit prior changes to memory
1496 		 * (Documentation/RCU/rculist_nulls.txt for details)
1497 		 */
1498 		smp_wmb();
1499 		atomic_set(&newsk->sk_refcnt, 2);
1500 
1501 		/*
1502 		 * Increment the counter in the same struct proto as the master
1503 		 * sock (sk_refcnt_debug_inc uses newsk->sk_prot->socks, that
1504 		 * is the same as sk->sk_prot->socks, as this field was copied
1505 		 * with memcpy).
1506 		 *
1507 		 * This _changes_ the previous behaviour, where
1508 		 * tcp_create_openreq_child always was incrementing the
1509 		 * equivalent to tcp_prot->socks (inet_sock_nr), so this have
1510 		 * to be taken into account in all callers. -acme
1511 		 */
1512 		sk_refcnt_debug_inc(newsk);
1513 		sk_set_socket(newsk, NULL);
1514 		newsk->sk_wq = NULL;
1515 
1516 		sk_update_clone(sk, newsk);
1517 
1518 		if (newsk->sk_prot->sockets_allocated)
1519 			sk_sockets_allocated_inc(newsk);
1520 
1521 		if (newsk->sk_flags & SK_FLAGS_TIMESTAMP)
1522 			net_enable_timestamp();
1523 	}
1524 out:
1525 	return newsk;
1526 }
1527 EXPORT_SYMBOL_GPL(sk_clone_lock);
1528 
1529 void sk_setup_caps(struct sock *sk, struct dst_entry *dst)
1530 {
1531 	__sk_dst_set(sk, dst);
1532 	sk->sk_route_caps = dst->dev->features;
1533 	if (sk->sk_route_caps & NETIF_F_GSO)
1534 		sk->sk_route_caps |= NETIF_F_GSO_SOFTWARE;
1535 	sk->sk_route_caps &= ~sk->sk_route_nocaps;
1536 	if (sk_can_gso(sk)) {
1537 		if (dst->header_len) {
1538 			sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
1539 		} else {
1540 			sk->sk_route_caps |= NETIF_F_SG | NETIF_F_HW_CSUM;
1541 			sk->sk_gso_max_size = dst->dev->gso_max_size;
1542 			sk->sk_gso_max_segs = dst->dev->gso_max_segs;
1543 		}
1544 	}
1545 }
1546 EXPORT_SYMBOL_GPL(sk_setup_caps);
1547 
1548 /*
1549  *	Simple resource managers for sockets.
1550  */
1551 
1552 
1553 /*
1554  * Write buffer destructor automatically called from kfree_skb.
1555  */
1556 void sock_wfree(struct sk_buff *skb)
1557 {
1558 	struct sock *sk = skb->sk;
1559 	unsigned int len = skb->truesize;
1560 
1561 	if (!sock_flag(sk, SOCK_USE_WRITE_QUEUE)) {
1562 		/*
1563 		 * Keep a reference on sk_wmem_alloc, this will be released
1564 		 * after sk_write_space() call
1565 		 */
1566 		atomic_sub(len - 1, &sk->sk_wmem_alloc);
1567 		sk->sk_write_space(sk);
1568 		len = 1;
1569 	}
1570 	/*
1571 	 * if sk_wmem_alloc reaches 0, we must finish what sk_free()
1572 	 * could not do because of in-flight packets
1573 	 */
1574 	if (atomic_sub_and_test(len, &sk->sk_wmem_alloc))
1575 		__sk_free(sk);
1576 }
1577 EXPORT_SYMBOL(sock_wfree);
1578 
1579 void skb_orphan_partial(struct sk_buff *skb)
1580 {
1581 	/* TCP stack sets skb->ooo_okay based on sk_wmem_alloc,
1582 	 * so we do not completely orphan skb, but transfert all
1583 	 * accounted bytes but one, to avoid unexpected reorders.
1584 	 */
1585 	if (skb->destructor == sock_wfree
1586 #ifdef CONFIG_INET
1587 	    || skb->destructor == tcp_wfree
1588 #endif
1589 		) {
1590 		atomic_sub(skb->truesize - 1, &skb->sk->sk_wmem_alloc);
1591 		skb->truesize = 1;
1592 	} else {
1593 		skb_orphan(skb);
1594 	}
1595 }
1596 EXPORT_SYMBOL(skb_orphan_partial);
1597 
1598 /*
1599  * Read buffer destructor automatically called from kfree_skb.
1600  */
1601 void sock_rfree(struct sk_buff *skb)
1602 {
1603 	struct sock *sk = skb->sk;
1604 	unsigned int len = skb->truesize;
1605 
1606 	atomic_sub(len, &sk->sk_rmem_alloc);
1607 	sk_mem_uncharge(sk, len);
1608 }
1609 EXPORT_SYMBOL(sock_rfree);
1610 
1611 void sock_edemux(struct sk_buff *skb)
1612 {
1613 	struct sock *sk = skb->sk;
1614 
1615 #ifdef CONFIG_INET
1616 	if (sk->sk_state == TCP_TIME_WAIT)
1617 		inet_twsk_put(inet_twsk(sk));
1618 	else
1619 #endif
1620 		sock_put(sk);
1621 }
1622 EXPORT_SYMBOL(sock_edemux);
1623 
1624 kuid_t sock_i_uid(struct sock *sk)
1625 {
1626 	kuid_t uid;
1627 
1628 	read_lock_bh(&sk->sk_callback_lock);
1629 	uid = sk->sk_socket ? SOCK_INODE(sk->sk_socket)->i_uid : GLOBAL_ROOT_UID;
1630 	read_unlock_bh(&sk->sk_callback_lock);
1631 	return uid;
1632 }
1633 EXPORT_SYMBOL(sock_i_uid);
1634 
1635 unsigned long sock_i_ino(struct sock *sk)
1636 {
1637 	unsigned long ino;
1638 
1639 	read_lock_bh(&sk->sk_callback_lock);
1640 	ino = sk->sk_socket ? SOCK_INODE(sk->sk_socket)->i_ino : 0;
1641 	read_unlock_bh(&sk->sk_callback_lock);
1642 	return ino;
1643 }
1644 EXPORT_SYMBOL(sock_i_ino);
1645 
1646 /*
1647  * Allocate a skb from the socket's send buffer.
1648  */
1649 struct sk_buff *sock_wmalloc(struct sock *sk, unsigned long size, int force,
1650 			     gfp_t priority)
1651 {
1652 	if (force || atomic_read(&sk->sk_wmem_alloc) < sk->sk_sndbuf) {
1653 		struct sk_buff *skb = alloc_skb(size, priority);
1654 		if (skb) {
1655 			skb_set_owner_w(skb, sk);
1656 			return skb;
1657 		}
1658 	}
1659 	return NULL;
1660 }
1661 EXPORT_SYMBOL(sock_wmalloc);
1662 
1663 /*
1664  * Allocate a skb from the socket's receive buffer.
1665  */
1666 struct sk_buff *sock_rmalloc(struct sock *sk, unsigned long size, int force,
1667 			     gfp_t priority)
1668 {
1669 	if (force || atomic_read(&sk->sk_rmem_alloc) < sk->sk_rcvbuf) {
1670 		struct sk_buff *skb = alloc_skb(size, priority);
1671 		if (skb) {
1672 			skb_set_owner_r(skb, sk);
1673 			return skb;
1674 		}
1675 	}
1676 	return NULL;
1677 }
1678 
1679 /*
1680  * Allocate a memory block from the socket's option memory buffer.
1681  */
1682 void *sock_kmalloc(struct sock *sk, int size, gfp_t priority)
1683 {
1684 	if ((unsigned int)size <= sysctl_optmem_max &&
1685 	    atomic_read(&sk->sk_omem_alloc) + size < sysctl_optmem_max) {
1686 		void *mem;
1687 		/* First do the add, to avoid the race if kmalloc
1688 		 * might sleep.
1689 		 */
1690 		atomic_add(size, &sk->sk_omem_alloc);
1691 		mem = kmalloc(size, priority);
1692 		if (mem)
1693 			return mem;
1694 		atomic_sub(size, &sk->sk_omem_alloc);
1695 	}
1696 	return NULL;
1697 }
1698 EXPORT_SYMBOL(sock_kmalloc);
1699 
1700 /*
1701  * Free an option memory block.
1702  */
1703 void sock_kfree_s(struct sock *sk, void *mem, int size)
1704 {
1705 	kfree(mem);
1706 	atomic_sub(size, &sk->sk_omem_alloc);
1707 }
1708 EXPORT_SYMBOL(sock_kfree_s);
1709 
1710 /* It is almost wait_for_tcp_memory minus release_sock/lock_sock.
1711    I think, these locks should be removed for datagram sockets.
1712  */
1713 static long sock_wait_for_wmem(struct sock *sk, long timeo)
1714 {
1715 	DEFINE_WAIT(wait);
1716 
1717 	clear_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags);
1718 	for (;;) {
1719 		if (!timeo)
1720 			break;
1721 		if (signal_pending(current))
1722 			break;
1723 		set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
1724 		prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1725 		if (atomic_read(&sk->sk_wmem_alloc) < sk->sk_sndbuf)
1726 			break;
1727 		if (sk->sk_shutdown & SEND_SHUTDOWN)
1728 			break;
1729 		if (sk->sk_err)
1730 			break;
1731 		timeo = schedule_timeout(timeo);
1732 	}
1733 	finish_wait(sk_sleep(sk), &wait);
1734 	return timeo;
1735 }
1736 
1737 
1738 /*
1739  *	Generic send/receive buffer handlers
1740  */
1741 
1742 struct sk_buff *sock_alloc_send_pskb(struct sock *sk, unsigned long header_len,
1743 				     unsigned long data_len, int noblock,
1744 				     int *errcode, int max_page_order)
1745 {
1746 	struct sk_buff *skb = NULL;
1747 	unsigned long chunk;
1748 	gfp_t gfp_mask;
1749 	long timeo;
1750 	int err;
1751 	int npages = (data_len + (PAGE_SIZE - 1)) >> PAGE_SHIFT;
1752 	struct page *page;
1753 	int i;
1754 
1755 	err = -EMSGSIZE;
1756 	if (npages > MAX_SKB_FRAGS)
1757 		goto failure;
1758 
1759 	timeo = sock_sndtimeo(sk, noblock);
1760 	while (!skb) {
1761 		err = sock_error(sk);
1762 		if (err != 0)
1763 			goto failure;
1764 
1765 		err = -EPIPE;
1766 		if (sk->sk_shutdown & SEND_SHUTDOWN)
1767 			goto failure;
1768 
1769 		if (atomic_read(&sk->sk_wmem_alloc) >= sk->sk_sndbuf) {
1770 			set_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags);
1771 			set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
1772 			err = -EAGAIN;
1773 			if (!timeo)
1774 				goto failure;
1775 			if (signal_pending(current))
1776 				goto interrupted;
1777 			timeo = sock_wait_for_wmem(sk, timeo);
1778 			continue;
1779 		}
1780 
1781 		err = -ENOBUFS;
1782 		gfp_mask = sk->sk_allocation;
1783 		if (gfp_mask & __GFP_WAIT)
1784 			gfp_mask |= __GFP_REPEAT;
1785 
1786 		skb = alloc_skb(header_len, gfp_mask);
1787 		if (!skb)
1788 			goto failure;
1789 
1790 		skb->truesize += data_len;
1791 
1792 		for (i = 0; npages > 0; i++) {
1793 			int order = max_page_order;
1794 
1795 			while (order) {
1796 				if (npages >= 1 << order) {
1797 					page = alloc_pages(sk->sk_allocation |
1798 							   __GFP_COMP | __GFP_NOWARN,
1799 							   order);
1800 					if (page)
1801 						goto fill_page;
1802 				}
1803 				order--;
1804 			}
1805 			page = alloc_page(sk->sk_allocation);
1806 			if (!page)
1807 				goto failure;
1808 fill_page:
1809 			chunk = min_t(unsigned long, data_len,
1810 				      PAGE_SIZE << order);
1811 			skb_fill_page_desc(skb, i, page, 0, chunk);
1812 			data_len -= chunk;
1813 			npages -= 1 << order;
1814 		}
1815 	}
1816 
1817 	skb_set_owner_w(skb, sk);
1818 	return skb;
1819 
1820 interrupted:
1821 	err = sock_intr_errno(timeo);
1822 failure:
1823 	kfree_skb(skb);
1824 	*errcode = err;
1825 	return NULL;
1826 }
1827 EXPORT_SYMBOL(sock_alloc_send_pskb);
1828 
1829 struct sk_buff *sock_alloc_send_skb(struct sock *sk, unsigned long size,
1830 				    int noblock, int *errcode)
1831 {
1832 	return sock_alloc_send_pskb(sk, size, 0, noblock, errcode, 0);
1833 }
1834 EXPORT_SYMBOL(sock_alloc_send_skb);
1835 
1836 /* On 32bit arches, an skb frag is limited to 2^15 */
1837 #define SKB_FRAG_PAGE_ORDER	get_order(32768)
1838 
1839 bool sk_page_frag_refill(struct sock *sk, struct page_frag *pfrag)
1840 {
1841 	int order;
1842 
1843 	if (pfrag->page) {
1844 		if (atomic_read(&pfrag->page->_count) == 1) {
1845 			pfrag->offset = 0;
1846 			return true;
1847 		}
1848 		if (pfrag->offset < pfrag->size)
1849 			return true;
1850 		put_page(pfrag->page);
1851 	}
1852 
1853 	/* We restrict high order allocations to users that can afford to wait */
1854 	order = (sk->sk_allocation & __GFP_WAIT) ? SKB_FRAG_PAGE_ORDER : 0;
1855 
1856 	do {
1857 		gfp_t gfp = sk->sk_allocation;
1858 
1859 		if (order)
1860 			gfp |= __GFP_COMP | __GFP_NOWARN;
1861 		pfrag->page = alloc_pages(gfp, order);
1862 		if (likely(pfrag->page)) {
1863 			pfrag->offset = 0;
1864 			pfrag->size = PAGE_SIZE << order;
1865 			return true;
1866 		}
1867 	} while (--order >= 0);
1868 
1869 	sk_enter_memory_pressure(sk);
1870 	sk_stream_moderate_sndbuf(sk);
1871 	return false;
1872 }
1873 EXPORT_SYMBOL(sk_page_frag_refill);
1874 
1875 static void __lock_sock(struct sock *sk)
1876 	__releases(&sk->sk_lock.slock)
1877 	__acquires(&sk->sk_lock.slock)
1878 {
1879 	DEFINE_WAIT(wait);
1880 
1881 	for (;;) {
1882 		prepare_to_wait_exclusive(&sk->sk_lock.wq, &wait,
1883 					TASK_UNINTERRUPTIBLE);
1884 		spin_unlock_bh(&sk->sk_lock.slock);
1885 		schedule();
1886 		spin_lock_bh(&sk->sk_lock.slock);
1887 		if (!sock_owned_by_user(sk))
1888 			break;
1889 	}
1890 	finish_wait(&sk->sk_lock.wq, &wait);
1891 }
1892 
1893 static void __release_sock(struct sock *sk)
1894 	__releases(&sk->sk_lock.slock)
1895 	__acquires(&sk->sk_lock.slock)
1896 {
1897 	struct sk_buff *skb = sk->sk_backlog.head;
1898 
1899 	do {
1900 		sk->sk_backlog.head = sk->sk_backlog.tail = NULL;
1901 		bh_unlock_sock(sk);
1902 
1903 		do {
1904 			struct sk_buff *next = skb->next;
1905 
1906 			prefetch(next);
1907 			WARN_ON_ONCE(skb_dst_is_noref(skb));
1908 			skb->next = NULL;
1909 			sk_backlog_rcv(sk, skb);
1910 
1911 			/*
1912 			 * We are in process context here with softirqs
1913 			 * disabled, use cond_resched_softirq() to preempt.
1914 			 * This is safe to do because we've taken the backlog
1915 			 * queue private:
1916 			 */
1917 			cond_resched_softirq();
1918 
1919 			skb = next;
1920 		} while (skb != NULL);
1921 
1922 		bh_lock_sock(sk);
1923 	} while ((skb = sk->sk_backlog.head) != NULL);
1924 
1925 	/*
1926 	 * Doing the zeroing here guarantee we can not loop forever
1927 	 * while a wild producer attempts to flood us.
1928 	 */
1929 	sk->sk_backlog.len = 0;
1930 }
1931 
1932 /**
1933  * sk_wait_data - wait for data to arrive at sk_receive_queue
1934  * @sk:    sock to wait on
1935  * @timeo: for how long
1936  *
1937  * Now socket state including sk->sk_err is changed only under lock,
1938  * hence we may omit checks after joining wait queue.
1939  * We check receive queue before schedule() only as optimization;
1940  * it is very likely that release_sock() added new data.
1941  */
1942 int sk_wait_data(struct sock *sk, long *timeo)
1943 {
1944 	int rc;
1945 	DEFINE_WAIT(wait);
1946 
1947 	prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1948 	set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
1949 	rc = sk_wait_event(sk, timeo, !skb_queue_empty(&sk->sk_receive_queue));
1950 	clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
1951 	finish_wait(sk_sleep(sk), &wait);
1952 	return rc;
1953 }
1954 EXPORT_SYMBOL(sk_wait_data);
1955 
1956 /**
1957  *	__sk_mem_schedule - increase sk_forward_alloc and memory_allocated
1958  *	@sk: socket
1959  *	@size: memory size to allocate
1960  *	@kind: allocation type
1961  *
1962  *	If kind is SK_MEM_SEND, it means wmem allocation. Otherwise it means
1963  *	rmem allocation. This function assumes that protocols which have
1964  *	memory_pressure use sk_wmem_queued as write buffer accounting.
1965  */
1966 int __sk_mem_schedule(struct sock *sk, int size, int kind)
1967 {
1968 	struct proto *prot = sk->sk_prot;
1969 	int amt = sk_mem_pages(size);
1970 	long allocated;
1971 	int parent_status = UNDER_LIMIT;
1972 
1973 	sk->sk_forward_alloc += amt * SK_MEM_QUANTUM;
1974 
1975 	allocated = sk_memory_allocated_add(sk, amt, &parent_status);
1976 
1977 	/* Under limit. */
1978 	if (parent_status == UNDER_LIMIT &&
1979 			allocated <= sk_prot_mem_limits(sk, 0)) {
1980 		sk_leave_memory_pressure(sk);
1981 		return 1;
1982 	}
1983 
1984 	/* Under pressure. (we or our parents) */
1985 	if ((parent_status > SOFT_LIMIT) ||
1986 			allocated > sk_prot_mem_limits(sk, 1))
1987 		sk_enter_memory_pressure(sk);
1988 
1989 	/* Over hard limit (we or our parents) */
1990 	if ((parent_status == OVER_LIMIT) ||
1991 			(allocated > sk_prot_mem_limits(sk, 2)))
1992 		goto suppress_allocation;
1993 
1994 	/* guarantee minimum buffer size under pressure */
1995 	if (kind == SK_MEM_RECV) {
1996 		if (atomic_read(&sk->sk_rmem_alloc) < prot->sysctl_rmem[0])
1997 			return 1;
1998 
1999 	} else { /* SK_MEM_SEND */
2000 		if (sk->sk_type == SOCK_STREAM) {
2001 			if (sk->sk_wmem_queued < prot->sysctl_wmem[0])
2002 				return 1;
2003 		} else if (atomic_read(&sk->sk_wmem_alloc) <
2004 			   prot->sysctl_wmem[0])
2005 				return 1;
2006 	}
2007 
2008 	if (sk_has_memory_pressure(sk)) {
2009 		int alloc;
2010 
2011 		if (!sk_under_memory_pressure(sk))
2012 			return 1;
2013 		alloc = sk_sockets_allocated_read_positive(sk);
2014 		if (sk_prot_mem_limits(sk, 2) > alloc *
2015 		    sk_mem_pages(sk->sk_wmem_queued +
2016 				 atomic_read(&sk->sk_rmem_alloc) +
2017 				 sk->sk_forward_alloc))
2018 			return 1;
2019 	}
2020 
2021 suppress_allocation:
2022 
2023 	if (kind == SK_MEM_SEND && sk->sk_type == SOCK_STREAM) {
2024 		sk_stream_moderate_sndbuf(sk);
2025 
2026 		/* Fail only if socket is _under_ its sndbuf.
2027 		 * In this case we cannot block, so that we have to fail.
2028 		 */
2029 		if (sk->sk_wmem_queued + size >= sk->sk_sndbuf)
2030 			return 1;
2031 	}
2032 
2033 	trace_sock_exceed_buf_limit(sk, prot, allocated);
2034 
2035 	/* Alas. Undo changes. */
2036 	sk->sk_forward_alloc -= amt * SK_MEM_QUANTUM;
2037 
2038 	sk_memory_allocated_sub(sk, amt);
2039 
2040 	return 0;
2041 }
2042 EXPORT_SYMBOL(__sk_mem_schedule);
2043 
2044 /**
2045  *	__sk_reclaim - reclaim memory_allocated
2046  *	@sk: socket
2047  */
2048 void __sk_mem_reclaim(struct sock *sk)
2049 {
2050 	sk_memory_allocated_sub(sk,
2051 				sk->sk_forward_alloc >> SK_MEM_QUANTUM_SHIFT);
2052 	sk->sk_forward_alloc &= SK_MEM_QUANTUM - 1;
2053 
2054 	if (sk_under_memory_pressure(sk) &&
2055 	    (sk_memory_allocated(sk) < sk_prot_mem_limits(sk, 0)))
2056 		sk_leave_memory_pressure(sk);
2057 }
2058 EXPORT_SYMBOL(__sk_mem_reclaim);
2059 
2060 
2061 /*
2062  * Set of default routines for initialising struct proto_ops when
2063  * the protocol does not support a particular function. In certain
2064  * cases where it makes no sense for a protocol to have a "do nothing"
2065  * function, some default processing is provided.
2066  */
2067 
2068 int sock_no_bind(struct socket *sock, struct sockaddr *saddr, int len)
2069 {
2070 	return -EOPNOTSUPP;
2071 }
2072 EXPORT_SYMBOL(sock_no_bind);
2073 
2074 int sock_no_connect(struct socket *sock, struct sockaddr *saddr,
2075 		    int len, int flags)
2076 {
2077 	return -EOPNOTSUPP;
2078 }
2079 EXPORT_SYMBOL(sock_no_connect);
2080 
2081 int sock_no_socketpair(struct socket *sock1, struct socket *sock2)
2082 {
2083 	return -EOPNOTSUPP;
2084 }
2085 EXPORT_SYMBOL(sock_no_socketpair);
2086 
2087 int sock_no_accept(struct socket *sock, struct socket *newsock, int flags)
2088 {
2089 	return -EOPNOTSUPP;
2090 }
2091 EXPORT_SYMBOL(sock_no_accept);
2092 
2093 int sock_no_getname(struct socket *sock, struct sockaddr *saddr,
2094 		    int *len, int peer)
2095 {
2096 	return -EOPNOTSUPP;
2097 }
2098 EXPORT_SYMBOL(sock_no_getname);
2099 
2100 unsigned int sock_no_poll(struct file *file, struct socket *sock, poll_table *pt)
2101 {
2102 	return 0;
2103 }
2104 EXPORT_SYMBOL(sock_no_poll);
2105 
2106 int sock_no_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
2107 {
2108 	return -EOPNOTSUPP;
2109 }
2110 EXPORT_SYMBOL(sock_no_ioctl);
2111 
2112 int sock_no_listen(struct socket *sock, int backlog)
2113 {
2114 	return -EOPNOTSUPP;
2115 }
2116 EXPORT_SYMBOL(sock_no_listen);
2117 
2118 int sock_no_shutdown(struct socket *sock, int how)
2119 {
2120 	return -EOPNOTSUPP;
2121 }
2122 EXPORT_SYMBOL(sock_no_shutdown);
2123 
2124 int sock_no_setsockopt(struct socket *sock, int level, int optname,
2125 		    char __user *optval, unsigned int optlen)
2126 {
2127 	return -EOPNOTSUPP;
2128 }
2129 EXPORT_SYMBOL(sock_no_setsockopt);
2130 
2131 int sock_no_getsockopt(struct socket *sock, int level, int optname,
2132 		    char __user *optval, int __user *optlen)
2133 {
2134 	return -EOPNOTSUPP;
2135 }
2136 EXPORT_SYMBOL(sock_no_getsockopt);
2137 
2138 int sock_no_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *m,
2139 		    size_t len)
2140 {
2141 	return -EOPNOTSUPP;
2142 }
2143 EXPORT_SYMBOL(sock_no_sendmsg);
2144 
2145 int sock_no_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *m,
2146 		    size_t len, int flags)
2147 {
2148 	return -EOPNOTSUPP;
2149 }
2150 EXPORT_SYMBOL(sock_no_recvmsg);
2151 
2152 int sock_no_mmap(struct file *file, struct socket *sock, struct vm_area_struct *vma)
2153 {
2154 	/* Mirror missing mmap method error code */
2155 	return -ENODEV;
2156 }
2157 EXPORT_SYMBOL(sock_no_mmap);
2158 
2159 ssize_t sock_no_sendpage(struct socket *sock, struct page *page, int offset, size_t size, int flags)
2160 {
2161 	ssize_t res;
2162 	struct msghdr msg = {.msg_flags = flags};
2163 	struct kvec iov;
2164 	char *kaddr = kmap(page);
2165 	iov.iov_base = kaddr + offset;
2166 	iov.iov_len = size;
2167 	res = kernel_sendmsg(sock, &msg, &iov, 1, size);
2168 	kunmap(page);
2169 	return res;
2170 }
2171 EXPORT_SYMBOL(sock_no_sendpage);
2172 
2173 /*
2174  *	Default Socket Callbacks
2175  */
2176 
2177 static void sock_def_wakeup(struct sock *sk)
2178 {
2179 	struct socket_wq *wq;
2180 
2181 	rcu_read_lock();
2182 	wq = rcu_dereference(sk->sk_wq);
2183 	if (wq_has_sleeper(wq))
2184 		wake_up_interruptible_all(&wq->wait);
2185 	rcu_read_unlock();
2186 }
2187 
2188 static void sock_def_error_report(struct sock *sk)
2189 {
2190 	struct socket_wq *wq;
2191 
2192 	rcu_read_lock();
2193 	wq = rcu_dereference(sk->sk_wq);
2194 	if (wq_has_sleeper(wq))
2195 		wake_up_interruptible_poll(&wq->wait, POLLERR);
2196 	sk_wake_async(sk, SOCK_WAKE_IO, POLL_ERR);
2197 	rcu_read_unlock();
2198 }
2199 
2200 static void sock_def_readable(struct sock *sk, int len)
2201 {
2202 	struct socket_wq *wq;
2203 
2204 	rcu_read_lock();
2205 	wq = rcu_dereference(sk->sk_wq);
2206 	if (wq_has_sleeper(wq))
2207 		wake_up_interruptible_sync_poll(&wq->wait, POLLIN | POLLPRI |
2208 						POLLRDNORM | POLLRDBAND);
2209 	sk_wake_async(sk, SOCK_WAKE_WAITD, POLL_IN);
2210 	rcu_read_unlock();
2211 }
2212 
2213 static void sock_def_write_space(struct sock *sk)
2214 {
2215 	struct socket_wq *wq;
2216 
2217 	rcu_read_lock();
2218 
2219 	/* Do not wake up a writer until he can make "significant"
2220 	 * progress.  --DaveM
2221 	 */
2222 	if ((atomic_read(&sk->sk_wmem_alloc) << 1) <= sk->sk_sndbuf) {
2223 		wq = rcu_dereference(sk->sk_wq);
2224 		if (wq_has_sleeper(wq))
2225 			wake_up_interruptible_sync_poll(&wq->wait, POLLOUT |
2226 						POLLWRNORM | POLLWRBAND);
2227 
2228 		/* Should agree with poll, otherwise some programs break */
2229 		if (sock_writeable(sk))
2230 			sk_wake_async(sk, SOCK_WAKE_SPACE, POLL_OUT);
2231 	}
2232 
2233 	rcu_read_unlock();
2234 }
2235 
2236 static void sock_def_destruct(struct sock *sk)
2237 {
2238 	kfree(sk->sk_protinfo);
2239 }
2240 
2241 void sk_send_sigurg(struct sock *sk)
2242 {
2243 	if (sk->sk_socket && sk->sk_socket->file)
2244 		if (send_sigurg(&sk->sk_socket->file->f_owner))
2245 			sk_wake_async(sk, SOCK_WAKE_URG, POLL_PRI);
2246 }
2247 EXPORT_SYMBOL(sk_send_sigurg);
2248 
2249 void sk_reset_timer(struct sock *sk, struct timer_list* timer,
2250 		    unsigned long expires)
2251 {
2252 	if (!mod_timer(timer, expires))
2253 		sock_hold(sk);
2254 }
2255 EXPORT_SYMBOL(sk_reset_timer);
2256 
2257 void sk_stop_timer(struct sock *sk, struct timer_list* timer)
2258 {
2259 	if (del_timer(timer))
2260 		__sock_put(sk);
2261 }
2262 EXPORT_SYMBOL(sk_stop_timer);
2263 
2264 void sock_init_data(struct socket *sock, struct sock *sk)
2265 {
2266 	skb_queue_head_init(&sk->sk_receive_queue);
2267 	skb_queue_head_init(&sk->sk_write_queue);
2268 	skb_queue_head_init(&sk->sk_error_queue);
2269 #ifdef CONFIG_NET_DMA
2270 	skb_queue_head_init(&sk->sk_async_wait_queue);
2271 #endif
2272 
2273 	sk->sk_send_head	=	NULL;
2274 
2275 	init_timer(&sk->sk_timer);
2276 
2277 	sk->sk_allocation	=	GFP_KERNEL;
2278 	sk->sk_rcvbuf		=	sysctl_rmem_default;
2279 	sk->sk_sndbuf		=	sysctl_wmem_default;
2280 	sk->sk_state		=	TCP_CLOSE;
2281 	sk_set_socket(sk, sock);
2282 
2283 	sock_set_flag(sk, SOCK_ZAPPED);
2284 
2285 	if (sock) {
2286 		sk->sk_type	=	sock->type;
2287 		sk->sk_wq	=	sock->wq;
2288 		sock->sk	=	sk;
2289 	} else
2290 		sk->sk_wq	=	NULL;
2291 
2292 	spin_lock_init(&sk->sk_dst_lock);
2293 	rwlock_init(&sk->sk_callback_lock);
2294 	lockdep_set_class_and_name(&sk->sk_callback_lock,
2295 			af_callback_keys + sk->sk_family,
2296 			af_family_clock_key_strings[sk->sk_family]);
2297 
2298 	sk->sk_state_change	=	sock_def_wakeup;
2299 	sk->sk_data_ready	=	sock_def_readable;
2300 	sk->sk_write_space	=	sock_def_write_space;
2301 	sk->sk_error_report	=	sock_def_error_report;
2302 	sk->sk_destruct		=	sock_def_destruct;
2303 
2304 	sk->sk_frag.page	=	NULL;
2305 	sk->sk_frag.offset	=	0;
2306 	sk->sk_peek_off		=	-1;
2307 
2308 	sk->sk_peer_pid 	=	NULL;
2309 	sk->sk_peer_cred	=	NULL;
2310 	sk->sk_write_pending	=	0;
2311 	sk->sk_rcvlowat		=	1;
2312 	sk->sk_rcvtimeo		=	MAX_SCHEDULE_TIMEOUT;
2313 	sk->sk_sndtimeo		=	MAX_SCHEDULE_TIMEOUT;
2314 
2315 	sk->sk_stamp = ktime_set(-1L, 0);
2316 
2317 #ifdef CONFIG_NET_RX_BUSY_POLL
2318 	sk->sk_napi_id		=	0;
2319 	sk->sk_ll_usec		=	sysctl_net_busy_read;
2320 #endif
2321 
2322 	/*
2323 	 * Before updating sk_refcnt, we must commit prior changes to memory
2324 	 * (Documentation/RCU/rculist_nulls.txt for details)
2325 	 */
2326 	smp_wmb();
2327 	atomic_set(&sk->sk_refcnt, 1);
2328 	atomic_set(&sk->sk_drops, 0);
2329 }
2330 EXPORT_SYMBOL(sock_init_data);
2331 
2332 void lock_sock_nested(struct sock *sk, int subclass)
2333 {
2334 	might_sleep();
2335 	spin_lock_bh(&sk->sk_lock.slock);
2336 	if (sk->sk_lock.owned)
2337 		__lock_sock(sk);
2338 	sk->sk_lock.owned = 1;
2339 	spin_unlock(&sk->sk_lock.slock);
2340 	/*
2341 	 * The sk_lock has mutex_lock() semantics here:
2342 	 */
2343 	mutex_acquire(&sk->sk_lock.dep_map, subclass, 0, _RET_IP_);
2344 	local_bh_enable();
2345 }
2346 EXPORT_SYMBOL(lock_sock_nested);
2347 
2348 void release_sock(struct sock *sk)
2349 {
2350 	/*
2351 	 * The sk_lock has mutex_unlock() semantics:
2352 	 */
2353 	mutex_release(&sk->sk_lock.dep_map, 1, _RET_IP_);
2354 
2355 	spin_lock_bh(&sk->sk_lock.slock);
2356 	if (sk->sk_backlog.tail)
2357 		__release_sock(sk);
2358 
2359 	if (sk->sk_prot->release_cb)
2360 		sk->sk_prot->release_cb(sk);
2361 
2362 	sk->sk_lock.owned = 0;
2363 	if (waitqueue_active(&sk->sk_lock.wq))
2364 		wake_up(&sk->sk_lock.wq);
2365 	spin_unlock_bh(&sk->sk_lock.slock);
2366 }
2367 EXPORT_SYMBOL(release_sock);
2368 
2369 /**
2370  * lock_sock_fast - fast version of lock_sock
2371  * @sk: socket
2372  *
2373  * This version should be used for very small section, where process wont block
2374  * return false if fast path is taken
2375  *   sk_lock.slock locked, owned = 0, BH disabled
2376  * return true if slow path is taken
2377  *   sk_lock.slock unlocked, owned = 1, BH enabled
2378  */
2379 bool lock_sock_fast(struct sock *sk)
2380 {
2381 	might_sleep();
2382 	spin_lock_bh(&sk->sk_lock.slock);
2383 
2384 	if (!sk->sk_lock.owned)
2385 		/*
2386 		 * Note : We must disable BH
2387 		 */
2388 		return false;
2389 
2390 	__lock_sock(sk);
2391 	sk->sk_lock.owned = 1;
2392 	spin_unlock(&sk->sk_lock.slock);
2393 	/*
2394 	 * The sk_lock has mutex_lock() semantics here:
2395 	 */
2396 	mutex_acquire(&sk->sk_lock.dep_map, 0, 0, _RET_IP_);
2397 	local_bh_enable();
2398 	return true;
2399 }
2400 EXPORT_SYMBOL(lock_sock_fast);
2401 
2402 int sock_get_timestamp(struct sock *sk, struct timeval __user *userstamp)
2403 {
2404 	struct timeval tv;
2405 	if (!sock_flag(sk, SOCK_TIMESTAMP))
2406 		sock_enable_timestamp(sk, SOCK_TIMESTAMP);
2407 	tv = ktime_to_timeval(sk->sk_stamp);
2408 	if (tv.tv_sec == -1)
2409 		return -ENOENT;
2410 	if (tv.tv_sec == 0) {
2411 		sk->sk_stamp = ktime_get_real();
2412 		tv = ktime_to_timeval(sk->sk_stamp);
2413 	}
2414 	return copy_to_user(userstamp, &tv, sizeof(tv)) ? -EFAULT : 0;
2415 }
2416 EXPORT_SYMBOL(sock_get_timestamp);
2417 
2418 int sock_get_timestampns(struct sock *sk, struct timespec __user *userstamp)
2419 {
2420 	struct timespec ts;
2421 	if (!sock_flag(sk, SOCK_TIMESTAMP))
2422 		sock_enable_timestamp(sk, SOCK_TIMESTAMP);
2423 	ts = ktime_to_timespec(sk->sk_stamp);
2424 	if (ts.tv_sec == -1)
2425 		return -ENOENT;
2426 	if (ts.tv_sec == 0) {
2427 		sk->sk_stamp = ktime_get_real();
2428 		ts = ktime_to_timespec(sk->sk_stamp);
2429 	}
2430 	return copy_to_user(userstamp, &ts, sizeof(ts)) ? -EFAULT : 0;
2431 }
2432 EXPORT_SYMBOL(sock_get_timestampns);
2433 
2434 void sock_enable_timestamp(struct sock *sk, int flag)
2435 {
2436 	if (!sock_flag(sk, flag)) {
2437 		unsigned long previous_flags = sk->sk_flags;
2438 
2439 		sock_set_flag(sk, flag);
2440 		/*
2441 		 * we just set one of the two flags which require net
2442 		 * time stamping, but time stamping might have been on
2443 		 * already because of the other one
2444 		 */
2445 		if (!(previous_flags & SK_FLAGS_TIMESTAMP))
2446 			net_enable_timestamp();
2447 	}
2448 }
2449 
2450 int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len,
2451 		       int level, int type)
2452 {
2453 	struct sock_exterr_skb *serr;
2454 	struct sk_buff *skb, *skb2;
2455 	int copied, err;
2456 
2457 	err = -EAGAIN;
2458 	skb = skb_dequeue(&sk->sk_error_queue);
2459 	if (skb == NULL)
2460 		goto out;
2461 
2462 	copied = skb->len;
2463 	if (copied > len) {
2464 		msg->msg_flags |= MSG_TRUNC;
2465 		copied = len;
2466 	}
2467 	err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
2468 	if (err)
2469 		goto out_free_skb;
2470 
2471 	sock_recv_timestamp(msg, sk, skb);
2472 
2473 	serr = SKB_EXT_ERR(skb);
2474 	put_cmsg(msg, level, type, sizeof(serr->ee), &serr->ee);
2475 
2476 	msg->msg_flags |= MSG_ERRQUEUE;
2477 	err = copied;
2478 
2479 	/* Reset and regenerate socket error */
2480 	spin_lock_bh(&sk->sk_error_queue.lock);
2481 	sk->sk_err = 0;
2482 	if ((skb2 = skb_peek(&sk->sk_error_queue)) != NULL) {
2483 		sk->sk_err = SKB_EXT_ERR(skb2)->ee.ee_errno;
2484 		spin_unlock_bh(&sk->sk_error_queue.lock);
2485 		sk->sk_error_report(sk);
2486 	} else
2487 		spin_unlock_bh(&sk->sk_error_queue.lock);
2488 
2489 out_free_skb:
2490 	kfree_skb(skb);
2491 out:
2492 	return err;
2493 }
2494 EXPORT_SYMBOL(sock_recv_errqueue);
2495 
2496 /*
2497  *	Get a socket option on an socket.
2498  *
2499  *	FIX: POSIX 1003.1g is very ambiguous here. It states that
2500  *	asynchronous errors should be reported by getsockopt. We assume
2501  *	this means if you specify SO_ERROR (otherwise whats the point of it).
2502  */
2503 int sock_common_getsockopt(struct socket *sock, int level, int optname,
2504 			   char __user *optval, int __user *optlen)
2505 {
2506 	struct sock *sk = sock->sk;
2507 
2508 	return sk->sk_prot->getsockopt(sk, level, optname, optval, optlen);
2509 }
2510 EXPORT_SYMBOL(sock_common_getsockopt);
2511 
2512 #ifdef CONFIG_COMPAT
2513 int compat_sock_common_getsockopt(struct socket *sock, int level, int optname,
2514 				  char __user *optval, int __user *optlen)
2515 {
2516 	struct sock *sk = sock->sk;
2517 
2518 	if (sk->sk_prot->compat_getsockopt != NULL)
2519 		return sk->sk_prot->compat_getsockopt(sk, level, optname,
2520 						      optval, optlen);
2521 	return sk->sk_prot->getsockopt(sk, level, optname, optval, optlen);
2522 }
2523 EXPORT_SYMBOL(compat_sock_common_getsockopt);
2524 #endif
2525 
2526 int sock_common_recvmsg(struct kiocb *iocb, struct socket *sock,
2527 			struct msghdr *msg, size_t size, int flags)
2528 {
2529 	struct sock *sk = sock->sk;
2530 	int addr_len = 0;
2531 	int err;
2532 
2533 	err = sk->sk_prot->recvmsg(iocb, sk, msg, size, flags & MSG_DONTWAIT,
2534 				   flags & ~MSG_DONTWAIT, &addr_len);
2535 	if (err >= 0)
2536 		msg->msg_namelen = addr_len;
2537 	return err;
2538 }
2539 EXPORT_SYMBOL(sock_common_recvmsg);
2540 
2541 /*
2542  *	Set socket options on an inet socket.
2543  */
2544 int sock_common_setsockopt(struct socket *sock, int level, int optname,
2545 			   char __user *optval, unsigned int optlen)
2546 {
2547 	struct sock *sk = sock->sk;
2548 
2549 	return sk->sk_prot->setsockopt(sk, level, optname, optval, optlen);
2550 }
2551 EXPORT_SYMBOL(sock_common_setsockopt);
2552 
2553 #ifdef CONFIG_COMPAT
2554 int compat_sock_common_setsockopt(struct socket *sock, int level, int optname,
2555 				  char __user *optval, unsigned int optlen)
2556 {
2557 	struct sock *sk = sock->sk;
2558 
2559 	if (sk->sk_prot->compat_setsockopt != NULL)
2560 		return sk->sk_prot->compat_setsockopt(sk, level, optname,
2561 						      optval, optlen);
2562 	return sk->sk_prot->setsockopt(sk, level, optname, optval, optlen);
2563 }
2564 EXPORT_SYMBOL(compat_sock_common_setsockopt);
2565 #endif
2566 
2567 void sk_common_release(struct sock *sk)
2568 {
2569 	if (sk->sk_prot->destroy)
2570 		sk->sk_prot->destroy(sk);
2571 
2572 	/*
2573 	 * Observation: when sock_common_release is called, processes have
2574 	 * no access to socket. But net still has.
2575 	 * Step one, detach it from networking:
2576 	 *
2577 	 * A. Remove from hash tables.
2578 	 */
2579 
2580 	sk->sk_prot->unhash(sk);
2581 
2582 	/*
2583 	 * In this point socket cannot receive new packets, but it is possible
2584 	 * that some packets are in flight because some CPU runs receiver and
2585 	 * did hash table lookup before we unhashed socket. They will achieve
2586 	 * receive queue and will be purged by socket destructor.
2587 	 *
2588 	 * Also we still have packets pending on receive queue and probably,
2589 	 * our own packets waiting in device queues. sock_destroy will drain
2590 	 * receive queue, but transmitted packets will delay socket destruction
2591 	 * until the last reference will be released.
2592 	 */
2593 
2594 	sock_orphan(sk);
2595 
2596 	xfrm_sk_free_policy(sk);
2597 
2598 	sk_refcnt_debug_release(sk);
2599 
2600 	if (sk->sk_frag.page) {
2601 		put_page(sk->sk_frag.page);
2602 		sk->sk_frag.page = NULL;
2603 	}
2604 
2605 	sock_put(sk);
2606 }
2607 EXPORT_SYMBOL(sk_common_release);
2608 
2609 #ifdef CONFIG_PROC_FS
2610 #define PROTO_INUSE_NR	64	/* should be enough for the first time */
2611 struct prot_inuse {
2612 	int val[PROTO_INUSE_NR];
2613 };
2614 
2615 static DECLARE_BITMAP(proto_inuse_idx, PROTO_INUSE_NR);
2616 
2617 #ifdef CONFIG_NET_NS
2618 void sock_prot_inuse_add(struct net *net, struct proto *prot, int val)
2619 {
2620 	__this_cpu_add(net->core.inuse->val[prot->inuse_idx], val);
2621 }
2622 EXPORT_SYMBOL_GPL(sock_prot_inuse_add);
2623 
2624 int sock_prot_inuse_get(struct net *net, struct proto *prot)
2625 {
2626 	int cpu, idx = prot->inuse_idx;
2627 	int res = 0;
2628 
2629 	for_each_possible_cpu(cpu)
2630 		res += per_cpu_ptr(net->core.inuse, cpu)->val[idx];
2631 
2632 	return res >= 0 ? res : 0;
2633 }
2634 EXPORT_SYMBOL_GPL(sock_prot_inuse_get);
2635 
2636 static int __net_init sock_inuse_init_net(struct net *net)
2637 {
2638 	net->core.inuse = alloc_percpu(struct prot_inuse);
2639 	return net->core.inuse ? 0 : -ENOMEM;
2640 }
2641 
2642 static void __net_exit sock_inuse_exit_net(struct net *net)
2643 {
2644 	free_percpu(net->core.inuse);
2645 }
2646 
2647 static struct pernet_operations net_inuse_ops = {
2648 	.init = sock_inuse_init_net,
2649 	.exit = sock_inuse_exit_net,
2650 };
2651 
2652 static __init int net_inuse_init(void)
2653 {
2654 	if (register_pernet_subsys(&net_inuse_ops))
2655 		panic("Cannot initialize net inuse counters");
2656 
2657 	return 0;
2658 }
2659 
2660 core_initcall(net_inuse_init);
2661 #else
2662 static DEFINE_PER_CPU(struct prot_inuse, prot_inuse);
2663 
2664 void sock_prot_inuse_add(struct net *net, struct proto *prot, int val)
2665 {
2666 	__this_cpu_add(prot_inuse.val[prot->inuse_idx], val);
2667 }
2668 EXPORT_SYMBOL_GPL(sock_prot_inuse_add);
2669 
2670 int sock_prot_inuse_get(struct net *net, struct proto *prot)
2671 {
2672 	int cpu, idx = prot->inuse_idx;
2673 	int res = 0;
2674 
2675 	for_each_possible_cpu(cpu)
2676 		res += per_cpu(prot_inuse, cpu).val[idx];
2677 
2678 	return res >= 0 ? res : 0;
2679 }
2680 EXPORT_SYMBOL_GPL(sock_prot_inuse_get);
2681 #endif
2682 
2683 static void assign_proto_idx(struct proto *prot)
2684 {
2685 	prot->inuse_idx = find_first_zero_bit(proto_inuse_idx, PROTO_INUSE_NR);
2686 
2687 	if (unlikely(prot->inuse_idx == PROTO_INUSE_NR - 1)) {
2688 		pr_err("PROTO_INUSE_NR exhausted\n");
2689 		return;
2690 	}
2691 
2692 	set_bit(prot->inuse_idx, proto_inuse_idx);
2693 }
2694 
2695 static void release_proto_idx(struct proto *prot)
2696 {
2697 	if (prot->inuse_idx != PROTO_INUSE_NR - 1)
2698 		clear_bit(prot->inuse_idx, proto_inuse_idx);
2699 }
2700 #else
2701 static inline void assign_proto_idx(struct proto *prot)
2702 {
2703 }
2704 
2705 static inline void release_proto_idx(struct proto *prot)
2706 {
2707 }
2708 #endif
2709 
2710 int proto_register(struct proto *prot, int alloc_slab)
2711 {
2712 	if (alloc_slab) {
2713 		prot->slab = kmem_cache_create(prot->name, prot->obj_size, 0,
2714 					SLAB_HWCACHE_ALIGN | prot->slab_flags,
2715 					NULL);
2716 
2717 		if (prot->slab == NULL) {
2718 			pr_crit("%s: Can't create sock SLAB cache!\n",
2719 				prot->name);
2720 			goto out;
2721 		}
2722 
2723 		if (prot->rsk_prot != NULL) {
2724 			prot->rsk_prot->slab_name = kasprintf(GFP_KERNEL, "request_sock_%s", prot->name);
2725 			if (prot->rsk_prot->slab_name == NULL)
2726 				goto out_free_sock_slab;
2727 
2728 			prot->rsk_prot->slab = kmem_cache_create(prot->rsk_prot->slab_name,
2729 								 prot->rsk_prot->obj_size, 0,
2730 								 SLAB_HWCACHE_ALIGN, NULL);
2731 
2732 			if (prot->rsk_prot->slab == NULL) {
2733 				pr_crit("%s: Can't create request sock SLAB cache!\n",
2734 					prot->name);
2735 				goto out_free_request_sock_slab_name;
2736 			}
2737 		}
2738 
2739 		if (prot->twsk_prot != NULL) {
2740 			prot->twsk_prot->twsk_slab_name = kasprintf(GFP_KERNEL, "tw_sock_%s", prot->name);
2741 
2742 			if (prot->twsk_prot->twsk_slab_name == NULL)
2743 				goto out_free_request_sock_slab;
2744 
2745 			prot->twsk_prot->twsk_slab =
2746 				kmem_cache_create(prot->twsk_prot->twsk_slab_name,
2747 						  prot->twsk_prot->twsk_obj_size,
2748 						  0,
2749 						  SLAB_HWCACHE_ALIGN |
2750 							prot->slab_flags,
2751 						  NULL);
2752 			if (prot->twsk_prot->twsk_slab == NULL)
2753 				goto out_free_timewait_sock_slab_name;
2754 		}
2755 	}
2756 
2757 	mutex_lock(&proto_list_mutex);
2758 	list_add(&prot->node, &proto_list);
2759 	assign_proto_idx(prot);
2760 	mutex_unlock(&proto_list_mutex);
2761 	return 0;
2762 
2763 out_free_timewait_sock_slab_name:
2764 	kfree(prot->twsk_prot->twsk_slab_name);
2765 out_free_request_sock_slab:
2766 	if (prot->rsk_prot && prot->rsk_prot->slab) {
2767 		kmem_cache_destroy(prot->rsk_prot->slab);
2768 		prot->rsk_prot->slab = NULL;
2769 	}
2770 out_free_request_sock_slab_name:
2771 	if (prot->rsk_prot)
2772 		kfree(prot->rsk_prot->slab_name);
2773 out_free_sock_slab:
2774 	kmem_cache_destroy(prot->slab);
2775 	prot->slab = NULL;
2776 out:
2777 	return -ENOBUFS;
2778 }
2779 EXPORT_SYMBOL(proto_register);
2780 
2781 void proto_unregister(struct proto *prot)
2782 {
2783 	mutex_lock(&proto_list_mutex);
2784 	release_proto_idx(prot);
2785 	list_del(&prot->node);
2786 	mutex_unlock(&proto_list_mutex);
2787 
2788 	if (prot->slab != NULL) {
2789 		kmem_cache_destroy(prot->slab);
2790 		prot->slab = NULL;
2791 	}
2792 
2793 	if (prot->rsk_prot != NULL && prot->rsk_prot->slab != NULL) {
2794 		kmem_cache_destroy(prot->rsk_prot->slab);
2795 		kfree(prot->rsk_prot->slab_name);
2796 		prot->rsk_prot->slab = NULL;
2797 	}
2798 
2799 	if (prot->twsk_prot != NULL && prot->twsk_prot->twsk_slab != NULL) {
2800 		kmem_cache_destroy(prot->twsk_prot->twsk_slab);
2801 		kfree(prot->twsk_prot->twsk_slab_name);
2802 		prot->twsk_prot->twsk_slab = NULL;
2803 	}
2804 }
2805 EXPORT_SYMBOL(proto_unregister);
2806 
2807 #ifdef CONFIG_PROC_FS
2808 static void *proto_seq_start(struct seq_file *seq, loff_t *pos)
2809 	__acquires(proto_list_mutex)
2810 {
2811 	mutex_lock(&proto_list_mutex);
2812 	return seq_list_start_head(&proto_list, *pos);
2813 }
2814 
2815 static void *proto_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2816 {
2817 	return seq_list_next(v, &proto_list, pos);
2818 }
2819 
2820 static void proto_seq_stop(struct seq_file *seq, void *v)
2821 	__releases(proto_list_mutex)
2822 {
2823 	mutex_unlock(&proto_list_mutex);
2824 }
2825 
2826 static char proto_method_implemented(const void *method)
2827 {
2828 	return method == NULL ? 'n' : 'y';
2829 }
2830 static long sock_prot_memory_allocated(struct proto *proto)
2831 {
2832 	return proto->memory_allocated != NULL ? proto_memory_allocated(proto) : -1L;
2833 }
2834 
2835 static char *sock_prot_memory_pressure(struct proto *proto)
2836 {
2837 	return proto->memory_pressure != NULL ?
2838 	proto_memory_pressure(proto) ? "yes" : "no" : "NI";
2839 }
2840 
2841 static void proto_seq_printf(struct seq_file *seq, struct proto *proto)
2842 {
2843 
2844 	seq_printf(seq, "%-9s %4u %6d  %6ld   %-3s %6u   %-3s  %-10s "
2845 			"%2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c\n",
2846 		   proto->name,
2847 		   proto->obj_size,
2848 		   sock_prot_inuse_get(seq_file_net(seq), proto),
2849 		   sock_prot_memory_allocated(proto),
2850 		   sock_prot_memory_pressure(proto),
2851 		   proto->max_header,
2852 		   proto->slab == NULL ? "no" : "yes",
2853 		   module_name(proto->owner),
2854 		   proto_method_implemented(proto->close),
2855 		   proto_method_implemented(proto->connect),
2856 		   proto_method_implemented(proto->disconnect),
2857 		   proto_method_implemented(proto->accept),
2858 		   proto_method_implemented(proto->ioctl),
2859 		   proto_method_implemented(proto->init),
2860 		   proto_method_implemented(proto->destroy),
2861 		   proto_method_implemented(proto->shutdown),
2862 		   proto_method_implemented(proto->setsockopt),
2863 		   proto_method_implemented(proto->getsockopt),
2864 		   proto_method_implemented(proto->sendmsg),
2865 		   proto_method_implemented(proto->recvmsg),
2866 		   proto_method_implemented(proto->sendpage),
2867 		   proto_method_implemented(proto->bind),
2868 		   proto_method_implemented(proto->backlog_rcv),
2869 		   proto_method_implemented(proto->hash),
2870 		   proto_method_implemented(proto->unhash),
2871 		   proto_method_implemented(proto->get_port),
2872 		   proto_method_implemented(proto->enter_memory_pressure));
2873 }
2874 
2875 static int proto_seq_show(struct seq_file *seq, void *v)
2876 {
2877 	if (v == &proto_list)
2878 		seq_printf(seq, "%-9s %-4s %-8s %-6s %-5s %-7s %-4s %-10s %s",
2879 			   "protocol",
2880 			   "size",
2881 			   "sockets",
2882 			   "memory",
2883 			   "press",
2884 			   "maxhdr",
2885 			   "slab",
2886 			   "module",
2887 			   "cl co di ac io in de sh ss gs se re sp bi br ha uh gp em\n");
2888 	else
2889 		proto_seq_printf(seq, list_entry(v, struct proto, node));
2890 	return 0;
2891 }
2892 
2893 static const struct seq_operations proto_seq_ops = {
2894 	.start  = proto_seq_start,
2895 	.next   = proto_seq_next,
2896 	.stop   = proto_seq_stop,
2897 	.show   = proto_seq_show,
2898 };
2899 
2900 static int proto_seq_open(struct inode *inode, struct file *file)
2901 {
2902 	return seq_open_net(inode, file, &proto_seq_ops,
2903 			    sizeof(struct seq_net_private));
2904 }
2905 
2906 static const struct file_operations proto_seq_fops = {
2907 	.owner		= THIS_MODULE,
2908 	.open		= proto_seq_open,
2909 	.read		= seq_read,
2910 	.llseek		= seq_lseek,
2911 	.release	= seq_release_net,
2912 };
2913 
2914 static __net_init int proto_init_net(struct net *net)
2915 {
2916 	if (!proc_create("protocols", S_IRUGO, net->proc_net, &proto_seq_fops))
2917 		return -ENOMEM;
2918 
2919 	return 0;
2920 }
2921 
2922 static __net_exit void proto_exit_net(struct net *net)
2923 {
2924 	remove_proc_entry("protocols", net->proc_net);
2925 }
2926 
2927 
2928 static __net_initdata struct pernet_operations proto_net_ops = {
2929 	.init = proto_init_net,
2930 	.exit = proto_exit_net,
2931 };
2932 
2933 static int __init proto_init(void)
2934 {
2935 	return register_pernet_subsys(&proto_net_ops);
2936 }
2937 
2938 subsys_initcall(proto_init);
2939 
2940 #endif /* PROC_FS */
2941