12874c5fdSThomas Gleixner // SPDX-License-Identifier: GPL-2.0-or-later 217b085eaSArnaldo Carvalho de Melo /* 317b085eaSArnaldo Carvalho de Melo * tcp_diag.c Module for monitoring TCP transport protocols sockets. 417b085eaSArnaldo Carvalho de Melo * 517b085eaSArnaldo Carvalho de Melo * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru> 617b085eaSArnaldo Carvalho de Melo */ 717b085eaSArnaldo Carvalho de Melo 817b085eaSArnaldo Carvalho de Melo #include <linux/module.h> 9c1e64e29SLorenzo Colitti #include <linux/net.h> 10c1e64e29SLorenzo Colitti #include <linux/sock_diag.h> 1117b085eaSArnaldo Carvalho de Melo #include <linux/inet_diag.h> 1217b085eaSArnaldo Carvalho de Melo 1317b085eaSArnaldo Carvalho de Melo #include <linux/tcp.h> 1417b085eaSArnaldo Carvalho de Melo 15c03fa9bcSIvan Delalande #include <net/netlink.h> 1617b085eaSArnaldo Carvalho de Melo #include <net/tcp.h> 1717b085eaSArnaldo Carvalho de Melo 1817b085eaSArnaldo Carvalho de Melo static void tcp_diag_get_info(struct sock *sk, struct inet_diag_msg *r, 1917b085eaSArnaldo Carvalho de Melo void *_info) 2017b085eaSArnaldo Carvalho de Melo { 2117b085eaSArnaldo Carvalho de Melo struct tcp_info *info = _info; 2217b085eaSArnaldo Carvalho de Melo 23986ffdfdSYafang Shao if (inet_sk_state_load(sk) == TCP_LISTEN) { 2447da8ee6SSridhar Samudrala r->idiag_rqueue = sk->sk_ack_backlog; 255ee3afbaSRick Jones r->idiag_wqueue = sk->sk_max_ack_backlog; 2635ac838aSCraig Gallek } else if (sk->sk_type == SOCK_STREAM) { 2735ac838aSCraig Gallek const struct tcp_sock *tp = tcp_sk(sk); 2835ac838aSCraig Gallek 2949d09007SEric Dumazet r->idiag_rqueue = max_t(int, tp->rcv_nxt - tp->copied_seq, 0); 3017b085eaSArnaldo Carvalho de Melo r->idiag_wqueue = tp->write_seq - tp->snd_una; 315ee3afbaSRick Jones } 3200db4124SIan Morris if (info) 3317b085eaSArnaldo Carvalho de Melo tcp_get_info(sk, info); 3417b085eaSArnaldo Carvalho de Melo } 3517b085eaSArnaldo Carvalho de Melo 36c03fa9bcSIvan Delalande #ifdef CONFIG_TCP_MD5SIG 37c03fa9bcSIvan Delalande static void tcp_diag_md5sig_fill(struct tcp_diag_md5sig *info, 38c03fa9bcSIvan Delalande const struct tcp_md5sig_key *key) 39c03fa9bcSIvan Delalande { 40c03fa9bcSIvan Delalande info->tcpm_family = key->family; 41c03fa9bcSIvan Delalande info->tcpm_prefixlen = key->prefixlen; 42c03fa9bcSIvan Delalande info->tcpm_keylen = key->keylen; 43c03fa9bcSIvan Delalande memcpy(info->tcpm_key, key->key, key->keylen); 44c03fa9bcSIvan Delalande 45c03fa9bcSIvan Delalande if (key->family == AF_INET) 46c03fa9bcSIvan Delalande info->tcpm_addr[0] = key->addr.a4.s_addr; 47c03fa9bcSIvan Delalande #if IS_ENABLED(CONFIG_IPV6) 48c03fa9bcSIvan Delalande else if (key->family == AF_INET6) 49c03fa9bcSIvan Delalande memcpy(&info->tcpm_addr, &key->addr.a6, 50c03fa9bcSIvan Delalande sizeof(info->tcpm_addr)); 51c03fa9bcSIvan Delalande #endif 52c03fa9bcSIvan Delalande } 53c03fa9bcSIvan Delalande 54c03fa9bcSIvan Delalande static int tcp_diag_put_md5sig(struct sk_buff *skb, 55c03fa9bcSIvan Delalande const struct tcp_md5sig_info *md5sig) 56c03fa9bcSIvan Delalande { 57c03fa9bcSIvan Delalande const struct tcp_md5sig_key *key; 58c03fa9bcSIvan Delalande struct tcp_diag_md5sig *info; 59c03fa9bcSIvan Delalande struct nlattr *attr; 60c03fa9bcSIvan Delalande int md5sig_count = 0; 61c03fa9bcSIvan Delalande 62c03fa9bcSIvan Delalande hlist_for_each_entry_rcu(key, &md5sig->head, node) 63c03fa9bcSIvan Delalande md5sig_count++; 64c03fa9bcSIvan Delalande if (md5sig_count == 0) 65c03fa9bcSIvan Delalande return 0; 66c03fa9bcSIvan Delalande 67c03fa9bcSIvan Delalande attr = nla_reserve(skb, INET_DIAG_MD5SIG, 68c03fa9bcSIvan Delalande md5sig_count * sizeof(struct tcp_diag_md5sig)); 69c03fa9bcSIvan Delalande if (!attr) 70c03fa9bcSIvan Delalande return -EMSGSIZE; 71c03fa9bcSIvan Delalande 72c03fa9bcSIvan Delalande info = nla_data(attr); 73c03fa9bcSIvan Delalande memset(info, 0, md5sig_count * sizeof(struct tcp_diag_md5sig)); 74c03fa9bcSIvan Delalande hlist_for_each_entry_rcu(key, &md5sig->head, node) { 75c03fa9bcSIvan Delalande tcp_diag_md5sig_fill(info++, key); 76c03fa9bcSIvan Delalande if (--md5sig_count == 0) 77c03fa9bcSIvan Delalande break; 78c03fa9bcSIvan Delalande } 79c03fa9bcSIvan Delalande 80c03fa9bcSIvan Delalande return 0; 81c03fa9bcSIvan Delalande } 82c03fa9bcSIvan Delalande #endif 83c03fa9bcSIvan Delalande 84c03fa9bcSIvan Delalande static int tcp_diag_get_aux(struct sock *sk, bool net_admin, 85c03fa9bcSIvan Delalande struct sk_buff *skb) 86c03fa9bcSIvan Delalande { 87c03fa9bcSIvan Delalande #ifdef CONFIG_TCP_MD5SIG 88c03fa9bcSIvan Delalande if (net_admin) { 89c03fa9bcSIvan Delalande struct tcp_md5sig_info *md5sig; 90c03fa9bcSIvan Delalande int err = 0; 91c03fa9bcSIvan Delalande 92c03fa9bcSIvan Delalande rcu_read_lock(); 93c03fa9bcSIvan Delalande md5sig = rcu_dereference(tcp_sk(sk)->md5sig_info); 94c03fa9bcSIvan Delalande if (md5sig) 95c03fa9bcSIvan Delalande err = tcp_diag_put_md5sig(skb, md5sig); 96c03fa9bcSIvan Delalande rcu_read_unlock(); 97c03fa9bcSIvan Delalande if (err < 0) 98c03fa9bcSIvan Delalande return err; 99c03fa9bcSIvan Delalande } 100c03fa9bcSIvan Delalande #endif 101c03fa9bcSIvan Delalande 102c03fa9bcSIvan Delalande return 0; 103c03fa9bcSIvan Delalande } 104c03fa9bcSIvan Delalande 105c03fa9bcSIvan Delalande static size_t tcp_diag_get_aux_size(struct sock *sk, bool net_admin) 106c03fa9bcSIvan Delalande { 107c03fa9bcSIvan Delalande size_t size = 0; 108c03fa9bcSIvan Delalande 109c03fa9bcSIvan Delalande #ifdef CONFIG_TCP_MD5SIG 110c03fa9bcSIvan Delalande if (net_admin && sk_fullsock(sk)) { 111c03fa9bcSIvan Delalande const struct tcp_md5sig_info *md5sig; 112c03fa9bcSIvan Delalande const struct tcp_md5sig_key *key; 113c03fa9bcSIvan Delalande size_t md5sig_count = 0; 114c03fa9bcSIvan Delalande 115c03fa9bcSIvan Delalande rcu_read_lock(); 116c03fa9bcSIvan Delalande md5sig = rcu_dereference(tcp_sk(sk)->md5sig_info); 117c03fa9bcSIvan Delalande if (md5sig) { 118c03fa9bcSIvan Delalande hlist_for_each_entry_rcu(key, &md5sig->head, node) 119c03fa9bcSIvan Delalande md5sig_count++; 120c03fa9bcSIvan Delalande } 121c03fa9bcSIvan Delalande rcu_read_unlock(); 122c03fa9bcSIvan Delalande size += nla_total_size(md5sig_count * 123c03fa9bcSIvan Delalande sizeof(struct tcp_diag_md5sig)); 124c03fa9bcSIvan Delalande } 125c03fa9bcSIvan Delalande #endif 126c03fa9bcSIvan Delalande 127c03fa9bcSIvan Delalande return size; 128c03fa9bcSIvan Delalande } 129c03fa9bcSIvan Delalande 1301942c518SPavel Emelyanov static void tcp_diag_dump(struct sk_buff *skb, struct netlink_callback *cb, 13134160ea3SEric Dumazet const struct inet_diag_req_v2 *r, struct nlattr *bc) 1321942c518SPavel Emelyanov { 1331942c518SPavel Emelyanov inet_diag_dump_icsk(&tcp_hashinfo, skb, cb, r, bc); 1341942c518SPavel Emelyanov } 1351942c518SPavel Emelyanov 1361942c518SPavel Emelyanov static int tcp_diag_dump_one(struct sk_buff *in_skb, const struct nlmsghdr *nlh, 13734160ea3SEric Dumazet const struct inet_diag_req_v2 *req) 1381942c518SPavel Emelyanov { 1391942c518SPavel Emelyanov return inet_diag_dump_one_icsk(&tcp_hashinfo, in_skb, nlh, req); 1401942c518SPavel Emelyanov } 1411942c518SPavel Emelyanov 142c1e64e29SLorenzo Colitti #ifdef CONFIG_INET_DIAG_DESTROY 143c1e64e29SLorenzo Colitti static int tcp_diag_destroy(struct sk_buff *in_skb, 144c1e64e29SLorenzo Colitti const struct inet_diag_req_v2 *req) 145c1e64e29SLorenzo Colitti { 146c1e64e29SLorenzo Colitti struct net *net = sock_net(in_skb->sk); 147c1e64e29SLorenzo Colitti struct sock *sk = inet_diag_find_one_icsk(net, &tcp_hashinfo, req); 148d7226c7aSDavid Ahern int err; 149c1e64e29SLorenzo Colitti 150c1e64e29SLorenzo Colitti if (IS_ERR(sk)) 151c1e64e29SLorenzo Colitti return PTR_ERR(sk); 152c1e64e29SLorenzo Colitti 153d7226c7aSDavid Ahern err = sock_diag_destroy(sk, ECONNABORTED); 154d7226c7aSDavid Ahern 155d7226c7aSDavid Ahern sock_gen_put(sk); 156d7226c7aSDavid Ahern 157d7226c7aSDavid Ahern return err; 158c1e64e29SLorenzo Colitti } 159c1e64e29SLorenzo Colitti #endif 160c1e64e29SLorenzo Colitti 161a7a0d6a8SEric Dumazet static const struct inet_diag_handler tcp_diag_handler = { 1621942c518SPavel Emelyanov .dump = tcp_diag_dump, 1631942c518SPavel Emelyanov .dump_one = tcp_diag_dump_one, 16417b085eaSArnaldo Carvalho de Melo .idiag_get_info = tcp_diag_get_info, 165c03fa9bcSIvan Delalande .idiag_get_aux = tcp_diag_get_aux, 166c03fa9bcSIvan Delalande .idiag_get_aux_size = tcp_diag_get_aux_size, 167f13c95f0SPavel Emelyanov .idiag_type = IPPROTO_TCP, 1683fd22af8SCraig Gallek .idiag_info_size = sizeof(struct tcp_info), 169c1e64e29SLorenzo Colitti #ifdef CONFIG_INET_DIAG_DESTROY 170c1e64e29SLorenzo Colitti .destroy = tcp_diag_destroy, 171c1e64e29SLorenzo Colitti #endif 17217b085eaSArnaldo Carvalho de Melo }; 17317b085eaSArnaldo Carvalho de Melo 17417b085eaSArnaldo Carvalho de Melo static int __init tcp_diag_init(void) 17517b085eaSArnaldo Carvalho de Melo { 17617b085eaSArnaldo Carvalho de Melo return inet_diag_register(&tcp_diag_handler); 17717b085eaSArnaldo Carvalho de Melo } 17817b085eaSArnaldo Carvalho de Melo 17917b085eaSArnaldo Carvalho de Melo static void __exit tcp_diag_exit(void) 18017b085eaSArnaldo Carvalho de Melo { 18117b085eaSArnaldo Carvalho de Melo inet_diag_unregister(&tcp_diag_handler); 18217b085eaSArnaldo Carvalho de Melo } 18317b085eaSArnaldo Carvalho de Melo 18417b085eaSArnaldo Carvalho de Melo module_init(tcp_diag_init); 18517b085eaSArnaldo Carvalho de Melo module_exit(tcp_diag_exit); 18617b085eaSArnaldo Carvalho de Melo MODULE_LICENSE("GPL"); 187aec8dc62SPavel Emelyanov MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_NETLINK, NETLINK_SOCK_DIAG, 2-6 /* AF_INET - IPPROTO_TCP */); 188