11da177e4SLinus Torvalds /* 21da177e4SLinus Torvalds * NET An implementation of the SOCKET network access protocol. 31da177e4SLinus Torvalds * 41da177e4SLinus Torvalds * Version: @(#)socket.c 1.1.93 18/02/95 51da177e4SLinus Torvalds * 61da177e4SLinus Torvalds * Authors: Orest Zborowski, <obz@Kodak.COM> 702c30a84SJesper Juhl * Ross Biro 81da177e4SLinus Torvalds * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG> 91da177e4SLinus Torvalds * 101da177e4SLinus Torvalds * Fixes: 111da177e4SLinus Torvalds * Anonymous : NOTSOCK/BADF cleanup. Error fix in 121da177e4SLinus Torvalds * shutdown() 131da177e4SLinus Torvalds * Alan Cox : verify_area() fixes 141da177e4SLinus Torvalds * Alan Cox : Removed DDI 151da177e4SLinus Torvalds * Jonathan Kamens : SOCK_DGRAM reconnect bug 161da177e4SLinus Torvalds * Alan Cox : Moved a load of checks to the very 171da177e4SLinus Torvalds * top level. 181da177e4SLinus Torvalds * Alan Cox : Move address structures to/from user 191da177e4SLinus Torvalds * mode above the protocol layers. 201da177e4SLinus Torvalds * Rob Janssen : Allow 0 length sends. 211da177e4SLinus Torvalds * Alan Cox : Asynchronous I/O support (cribbed from the 221da177e4SLinus Torvalds * tty drivers). 231da177e4SLinus Torvalds * Niibe Yutaka : Asynchronous I/O for writes (4.4BSD style) 241da177e4SLinus Torvalds * Jeff Uphoff : Made max number of sockets command-line 251da177e4SLinus Torvalds * configurable. 261da177e4SLinus Torvalds * Matti Aarnio : Made the number of sockets dynamic, 271da177e4SLinus Torvalds * to be allocated when needed, and mr. 281da177e4SLinus Torvalds * Uphoff's max is used as max to be 291da177e4SLinus Torvalds * allowed to allocate. 301da177e4SLinus Torvalds * Linus : Argh. removed all the socket allocation 311da177e4SLinus Torvalds * altogether: it's in the inode now. 321da177e4SLinus Torvalds * Alan Cox : Made sock_alloc()/sock_release() public 331da177e4SLinus Torvalds * for NetROM and future kernel nfsd type 341da177e4SLinus Torvalds * stuff. 351da177e4SLinus Torvalds * Alan Cox : sendmsg/recvmsg basics. 361da177e4SLinus Torvalds * Tom Dyas : Export net symbols. 371da177e4SLinus Torvalds * Marcin Dalecki : Fixed problems with CONFIG_NET="n". 381da177e4SLinus Torvalds * Alan Cox : Added thread locking to sys_* calls 391da177e4SLinus Torvalds * for sockets. May have errors at the 401da177e4SLinus Torvalds * moment. 411da177e4SLinus Torvalds * Kevin Buhr : Fixed the dumb errors in the above. 421da177e4SLinus Torvalds * Andi Kleen : Some small cleanups, optimizations, 431da177e4SLinus Torvalds * and fixed a copy_from_user() bug. 441da177e4SLinus Torvalds * Tigran Aivazian : sys_send(args) calls sys_sendto(args, NULL, 0) 451da177e4SLinus Torvalds * Tigran Aivazian : Made listen(2) backlog sanity checks 461da177e4SLinus Torvalds * protocol-independent 471da177e4SLinus Torvalds * 481da177e4SLinus Torvalds * 491da177e4SLinus Torvalds * This program is free software; you can redistribute it and/or 501da177e4SLinus Torvalds * modify it under the terms of the GNU General Public License 511da177e4SLinus Torvalds * as published by the Free Software Foundation; either version 521da177e4SLinus Torvalds * 2 of the License, or (at your option) any later version. 531da177e4SLinus Torvalds * 541da177e4SLinus Torvalds * 551da177e4SLinus Torvalds * This module is effectively the top level interface to the BSD socket 561da177e4SLinus Torvalds * paradigm. 571da177e4SLinus Torvalds * 581da177e4SLinus Torvalds * Based upon Swansea University Computer Society NET3.039 591da177e4SLinus Torvalds */ 601da177e4SLinus Torvalds 611da177e4SLinus Torvalds #include <linux/config.h> 621da177e4SLinus Torvalds #include <linux/mm.h> 631da177e4SLinus Torvalds #include <linux/smp_lock.h> 641da177e4SLinus Torvalds #include <linux/socket.h> 651da177e4SLinus Torvalds #include <linux/file.h> 661da177e4SLinus Torvalds #include <linux/net.h> 671da177e4SLinus Torvalds #include <linux/interrupt.h> 681da177e4SLinus Torvalds #include <linux/netdevice.h> 691da177e4SLinus Torvalds #include <linux/proc_fs.h> 701da177e4SLinus Torvalds #include <linux/seq_file.h> 714a3e2f71SArjan van de Ven #include <linux/mutex.h> 721da177e4SLinus Torvalds #include <linux/wanrouter.h> 731da177e4SLinus Torvalds #include <linux/if_bridge.h> 7420380731SArnaldo Carvalho de Melo #include <linux/if_frad.h> 7520380731SArnaldo Carvalho de Melo #include <linux/if_vlan.h> 761da177e4SLinus Torvalds #include <linux/init.h> 771da177e4SLinus Torvalds #include <linux/poll.h> 781da177e4SLinus Torvalds #include <linux/cache.h> 791da177e4SLinus Torvalds #include <linux/module.h> 801da177e4SLinus Torvalds #include <linux/highmem.h> 811da177e4SLinus Torvalds #include <linux/divert.h> 821da177e4SLinus Torvalds #include <linux/mount.h> 831da177e4SLinus Torvalds #include <linux/security.h> 841da177e4SLinus Torvalds #include <linux/syscalls.h> 851da177e4SLinus Torvalds #include <linux/compat.h> 861da177e4SLinus Torvalds #include <linux/kmod.h> 873ec3b2fbSDavid Woodhouse #include <linux/audit.h> 88d86b5e0eSAdrian Bunk #include <linux/wireless.h> 891da177e4SLinus Torvalds 901da177e4SLinus Torvalds #include <asm/uaccess.h> 911da177e4SLinus Torvalds #include <asm/unistd.h> 921da177e4SLinus Torvalds 931da177e4SLinus Torvalds #include <net/compat.h> 941da177e4SLinus Torvalds 951da177e4SLinus Torvalds #include <net/sock.h> 961da177e4SLinus Torvalds #include <linux/netfilter.h> 971da177e4SLinus Torvalds 981da177e4SLinus Torvalds static int sock_no_open(struct inode *irrelevant, struct file *dontcare); 991da177e4SLinus Torvalds static ssize_t sock_aio_read(struct kiocb *iocb, char __user *buf, 1001da177e4SLinus Torvalds size_t size, loff_t pos); 1011da177e4SLinus Torvalds static ssize_t sock_aio_write(struct kiocb *iocb, const char __user *buf, 1021da177e4SLinus Torvalds size_t size, loff_t pos); 1031da177e4SLinus Torvalds static int sock_mmap(struct file *file, struct vm_area_struct * vma); 1041da177e4SLinus Torvalds 1051da177e4SLinus Torvalds static int sock_close(struct inode *inode, struct file *file); 1061da177e4SLinus Torvalds static unsigned int sock_poll(struct file *file, 1071da177e4SLinus Torvalds struct poll_table_struct *wait); 1081da177e4SLinus Torvalds static long sock_ioctl(struct file *file, 1091da177e4SLinus Torvalds unsigned int cmd, unsigned long arg); 11089bbfc95SShaun Pereira #ifdef CONFIG_COMPAT 11189bbfc95SShaun Pereira static long compat_sock_ioctl(struct file *file, 11289bbfc95SShaun Pereira unsigned int cmd, unsigned long arg); 11389bbfc95SShaun Pereira #endif 1141da177e4SLinus Torvalds static int sock_fasync(int fd, struct file *filp, int on); 1151da177e4SLinus Torvalds static ssize_t sock_readv(struct file *file, const struct iovec *vector, 1161da177e4SLinus Torvalds unsigned long count, loff_t *ppos); 1171da177e4SLinus Torvalds static ssize_t sock_writev(struct file *file, const struct iovec *vector, 1181da177e4SLinus Torvalds unsigned long count, loff_t *ppos); 1191da177e4SLinus Torvalds static ssize_t sock_sendpage(struct file *file, struct page *page, 1201da177e4SLinus Torvalds int offset, size_t size, loff_t *ppos, int more); 1211da177e4SLinus Torvalds 1221da177e4SLinus Torvalds /* 1231da177e4SLinus Torvalds * Socket files have a set of 'special' operations as well as the generic file ones. These don't appear 1241da177e4SLinus Torvalds * in the operation structures but are done directly via the socketcall() multiplexor. 1251da177e4SLinus Torvalds */ 1261da177e4SLinus Torvalds 1271da177e4SLinus Torvalds static struct file_operations socket_file_ops = { 1281da177e4SLinus Torvalds .owner = THIS_MODULE, 1291da177e4SLinus Torvalds .llseek = no_llseek, 1301da177e4SLinus Torvalds .aio_read = sock_aio_read, 1311da177e4SLinus Torvalds .aio_write = sock_aio_write, 1321da177e4SLinus Torvalds .poll = sock_poll, 1331da177e4SLinus Torvalds .unlocked_ioctl = sock_ioctl, 13489bbfc95SShaun Pereira #ifdef CONFIG_COMPAT 13589bbfc95SShaun Pereira .compat_ioctl = compat_sock_ioctl, 13689bbfc95SShaun Pereira #endif 1371da177e4SLinus Torvalds .mmap = sock_mmap, 1381da177e4SLinus Torvalds .open = sock_no_open, /* special open code to disallow open via /proc */ 1391da177e4SLinus Torvalds .release = sock_close, 1401da177e4SLinus Torvalds .fasync = sock_fasync, 1411da177e4SLinus Torvalds .readv = sock_readv, 1421da177e4SLinus Torvalds .writev = sock_writev, 1435274f052SJens Axboe .sendpage = sock_sendpage, 1445274f052SJens Axboe .splice_write = generic_splice_sendpage, 1451da177e4SLinus Torvalds }; 1461da177e4SLinus Torvalds 1471da177e4SLinus Torvalds /* 1481da177e4SLinus Torvalds * The protocol list. Each protocol is registered in here. 1491da177e4SLinus Torvalds */ 1501da177e4SLinus Torvalds 1511da177e4SLinus Torvalds static struct net_proto_family *net_families[NPROTO]; 1521da177e4SLinus Torvalds 1531da177e4SLinus Torvalds #if defined(CONFIG_SMP) || defined(CONFIG_PREEMPT) 1541da177e4SLinus Torvalds static atomic_t net_family_lockct = ATOMIC_INIT(0); 1551da177e4SLinus Torvalds static DEFINE_SPINLOCK(net_family_lock); 1561da177e4SLinus Torvalds 1571da177e4SLinus Torvalds /* The strategy is: modifications net_family vector are short, do not 1581da177e4SLinus Torvalds sleep and veeery rare, but read access should be free of any exclusive 1591da177e4SLinus Torvalds locks. 1601da177e4SLinus Torvalds */ 1611da177e4SLinus Torvalds 1621da177e4SLinus Torvalds static void net_family_write_lock(void) 1631da177e4SLinus Torvalds { 1641da177e4SLinus Torvalds spin_lock(&net_family_lock); 1651da177e4SLinus Torvalds while (atomic_read(&net_family_lockct) != 0) { 1661da177e4SLinus Torvalds spin_unlock(&net_family_lock); 1671da177e4SLinus Torvalds 1681da177e4SLinus Torvalds yield(); 1691da177e4SLinus Torvalds 1701da177e4SLinus Torvalds spin_lock(&net_family_lock); 1711da177e4SLinus Torvalds } 1721da177e4SLinus Torvalds } 1731da177e4SLinus Torvalds 1741da177e4SLinus Torvalds static __inline__ void net_family_write_unlock(void) 1751da177e4SLinus Torvalds { 1761da177e4SLinus Torvalds spin_unlock(&net_family_lock); 1771da177e4SLinus Torvalds } 1781da177e4SLinus Torvalds 1791da177e4SLinus Torvalds static __inline__ void net_family_read_lock(void) 1801da177e4SLinus Torvalds { 1811da177e4SLinus Torvalds atomic_inc(&net_family_lockct); 1821da177e4SLinus Torvalds spin_unlock_wait(&net_family_lock); 1831da177e4SLinus Torvalds } 1841da177e4SLinus Torvalds 1851da177e4SLinus Torvalds static __inline__ void net_family_read_unlock(void) 1861da177e4SLinus Torvalds { 1871da177e4SLinus Torvalds atomic_dec(&net_family_lockct); 1881da177e4SLinus Torvalds } 1891da177e4SLinus Torvalds 1901da177e4SLinus Torvalds #else 1911da177e4SLinus Torvalds #define net_family_write_lock() do { } while(0) 1921da177e4SLinus Torvalds #define net_family_write_unlock() do { } while(0) 1931da177e4SLinus Torvalds #define net_family_read_lock() do { } while(0) 1941da177e4SLinus Torvalds #define net_family_read_unlock() do { } while(0) 1951da177e4SLinus Torvalds #endif 1961da177e4SLinus Torvalds 1971da177e4SLinus Torvalds 1981da177e4SLinus Torvalds /* 1991da177e4SLinus Torvalds * Statistics counters of the socket lists 2001da177e4SLinus Torvalds */ 2011da177e4SLinus Torvalds 2021da177e4SLinus Torvalds static DEFINE_PER_CPU(int, sockets_in_use) = 0; 2031da177e4SLinus Torvalds 2041da177e4SLinus Torvalds /* 2051da177e4SLinus Torvalds * Support routines. Move socket addresses back and forth across the kernel/user 2061da177e4SLinus Torvalds * divide and look after the messy bits. 2071da177e4SLinus Torvalds */ 2081da177e4SLinus Torvalds 2091da177e4SLinus Torvalds #define MAX_SOCK_ADDR 128 /* 108 for Unix domain - 2101da177e4SLinus Torvalds 16 for IP, 16 for IPX, 2111da177e4SLinus Torvalds 24 for IPv6, 2121da177e4SLinus Torvalds about 80 for AX.25 2131da177e4SLinus Torvalds must be at least one bigger than 2141da177e4SLinus Torvalds the AF_UNIX size (see net/unix/af_unix.c 2151da177e4SLinus Torvalds :unix_mkname()). 2161da177e4SLinus Torvalds */ 2171da177e4SLinus Torvalds 2181da177e4SLinus Torvalds /** 2191da177e4SLinus Torvalds * move_addr_to_kernel - copy a socket address into kernel space 2201da177e4SLinus Torvalds * @uaddr: Address in user space 2211da177e4SLinus Torvalds * @kaddr: Address in kernel space 2221da177e4SLinus Torvalds * @ulen: Length in user space 2231da177e4SLinus Torvalds * 2241da177e4SLinus Torvalds * The address is copied into kernel space. If the provided address is 2251da177e4SLinus Torvalds * too long an error code of -EINVAL is returned. If the copy gives 2261da177e4SLinus Torvalds * invalid addresses -EFAULT is returned. On a success 0 is returned. 2271da177e4SLinus Torvalds */ 2281da177e4SLinus Torvalds 2291da177e4SLinus Torvalds int move_addr_to_kernel(void __user *uaddr, int ulen, void *kaddr) 2301da177e4SLinus Torvalds { 2311da177e4SLinus Torvalds if(ulen<0||ulen>MAX_SOCK_ADDR) 2321da177e4SLinus Torvalds return -EINVAL; 2331da177e4SLinus Torvalds if(ulen==0) 2341da177e4SLinus Torvalds return 0; 2351da177e4SLinus Torvalds if(copy_from_user(kaddr,uaddr,ulen)) 2361da177e4SLinus Torvalds return -EFAULT; 2373ec3b2fbSDavid Woodhouse return audit_sockaddr(ulen, kaddr); 2381da177e4SLinus Torvalds } 2391da177e4SLinus Torvalds 2401da177e4SLinus Torvalds /** 2411da177e4SLinus Torvalds * move_addr_to_user - copy an address to user space 2421da177e4SLinus Torvalds * @kaddr: kernel space address 2431da177e4SLinus Torvalds * @klen: length of address in kernel 2441da177e4SLinus Torvalds * @uaddr: user space address 2451da177e4SLinus Torvalds * @ulen: pointer to user length field 2461da177e4SLinus Torvalds * 2471da177e4SLinus Torvalds * The value pointed to by ulen on entry is the buffer length available. 2481da177e4SLinus Torvalds * This is overwritten with the buffer space used. -EINVAL is returned 2491da177e4SLinus Torvalds * if an overlong buffer is specified or a negative buffer size. -EFAULT 2501da177e4SLinus Torvalds * is returned if either the buffer or the length field are not 2511da177e4SLinus Torvalds * accessible. 2521da177e4SLinus Torvalds * After copying the data up to the limit the user specifies, the true 2531da177e4SLinus Torvalds * length of the data is written over the length limit the user 2541da177e4SLinus Torvalds * specified. Zero is returned for a success. 2551da177e4SLinus Torvalds */ 2561da177e4SLinus Torvalds 2571da177e4SLinus Torvalds int move_addr_to_user(void *kaddr, int klen, void __user *uaddr, int __user *ulen) 2581da177e4SLinus Torvalds { 2591da177e4SLinus Torvalds int err; 2601da177e4SLinus Torvalds int len; 2611da177e4SLinus Torvalds 2621da177e4SLinus Torvalds if((err=get_user(len, ulen))) 2631da177e4SLinus Torvalds return err; 2641da177e4SLinus Torvalds if(len>klen) 2651da177e4SLinus Torvalds len=klen; 2661da177e4SLinus Torvalds if(len<0 || len> MAX_SOCK_ADDR) 2671da177e4SLinus Torvalds return -EINVAL; 2681da177e4SLinus Torvalds if(len) 2691da177e4SLinus Torvalds { 2701da177e4SLinus Torvalds if(copy_to_user(uaddr,kaddr,len)) 2711da177e4SLinus Torvalds return -EFAULT; 2721da177e4SLinus Torvalds } 2731da177e4SLinus Torvalds /* 2741da177e4SLinus Torvalds * "fromlen shall refer to the value before truncation.." 2751da177e4SLinus Torvalds * 1003.1g 2761da177e4SLinus Torvalds */ 2771da177e4SLinus Torvalds return __put_user(klen, ulen); 2781da177e4SLinus Torvalds } 2791da177e4SLinus Torvalds 2801da177e4SLinus Torvalds #define SOCKFS_MAGIC 0x534F434B 2811da177e4SLinus Torvalds 282ba89966cSEric Dumazet static kmem_cache_t * sock_inode_cachep __read_mostly; 2831da177e4SLinus Torvalds 2841da177e4SLinus Torvalds static struct inode *sock_alloc_inode(struct super_block *sb) 2851da177e4SLinus Torvalds { 2861da177e4SLinus Torvalds struct socket_alloc *ei; 2871da177e4SLinus Torvalds ei = (struct socket_alloc *)kmem_cache_alloc(sock_inode_cachep, SLAB_KERNEL); 2881da177e4SLinus Torvalds if (!ei) 2891da177e4SLinus Torvalds return NULL; 2901da177e4SLinus Torvalds init_waitqueue_head(&ei->socket.wait); 2911da177e4SLinus Torvalds 2921da177e4SLinus Torvalds ei->socket.fasync_list = NULL; 2931da177e4SLinus Torvalds ei->socket.state = SS_UNCONNECTED; 2941da177e4SLinus Torvalds ei->socket.flags = 0; 2951da177e4SLinus Torvalds ei->socket.ops = NULL; 2961da177e4SLinus Torvalds ei->socket.sk = NULL; 2971da177e4SLinus Torvalds ei->socket.file = NULL; 2981da177e4SLinus Torvalds ei->socket.flags = 0; 2991da177e4SLinus Torvalds 3001da177e4SLinus Torvalds return &ei->vfs_inode; 3011da177e4SLinus Torvalds } 3021da177e4SLinus Torvalds 3031da177e4SLinus Torvalds static void sock_destroy_inode(struct inode *inode) 3041da177e4SLinus Torvalds { 3051da177e4SLinus Torvalds kmem_cache_free(sock_inode_cachep, 3061da177e4SLinus Torvalds container_of(inode, struct socket_alloc, vfs_inode)); 3071da177e4SLinus Torvalds } 3081da177e4SLinus Torvalds 3091da177e4SLinus Torvalds static void init_once(void * foo, kmem_cache_t * cachep, unsigned long flags) 3101da177e4SLinus Torvalds { 3111da177e4SLinus Torvalds struct socket_alloc *ei = (struct socket_alloc *) foo; 3121da177e4SLinus Torvalds 3131da177e4SLinus Torvalds if ((flags & (SLAB_CTOR_VERIFY|SLAB_CTOR_CONSTRUCTOR)) == 3141da177e4SLinus Torvalds SLAB_CTOR_CONSTRUCTOR) 3151da177e4SLinus Torvalds inode_init_once(&ei->vfs_inode); 3161da177e4SLinus Torvalds } 3171da177e4SLinus Torvalds 3181da177e4SLinus Torvalds static int init_inodecache(void) 3191da177e4SLinus Torvalds { 3201da177e4SLinus Torvalds sock_inode_cachep = kmem_cache_create("sock_inode_cache", 3211da177e4SLinus Torvalds sizeof(struct socket_alloc), 322fffb60f9SPaul Jackson 0, (SLAB_HWCACHE_ALIGN|SLAB_RECLAIM_ACCOUNT| 323fffb60f9SPaul Jackson SLAB_MEM_SPREAD), 3241da177e4SLinus Torvalds init_once, NULL); 3251da177e4SLinus Torvalds if (sock_inode_cachep == NULL) 3261da177e4SLinus Torvalds return -ENOMEM; 3271da177e4SLinus Torvalds return 0; 3281da177e4SLinus Torvalds } 3291da177e4SLinus Torvalds 3301da177e4SLinus Torvalds static struct super_operations sockfs_ops = { 3311da177e4SLinus Torvalds .alloc_inode = sock_alloc_inode, 3321da177e4SLinus Torvalds .destroy_inode =sock_destroy_inode, 3331da177e4SLinus Torvalds .statfs = simple_statfs, 3341da177e4SLinus Torvalds }; 3351da177e4SLinus Torvalds 3361da177e4SLinus Torvalds static struct super_block *sockfs_get_sb(struct file_system_type *fs_type, 3371da177e4SLinus Torvalds int flags, const char *dev_name, void *data) 3381da177e4SLinus Torvalds { 3391da177e4SLinus Torvalds return get_sb_pseudo(fs_type, "socket:", &sockfs_ops, SOCKFS_MAGIC); 3401da177e4SLinus Torvalds } 3411da177e4SLinus Torvalds 342ba89966cSEric Dumazet static struct vfsmount *sock_mnt __read_mostly; 3431da177e4SLinus Torvalds 3441da177e4SLinus Torvalds static struct file_system_type sock_fs_type = { 3451da177e4SLinus Torvalds .name = "sockfs", 3461da177e4SLinus Torvalds .get_sb = sockfs_get_sb, 3471da177e4SLinus Torvalds .kill_sb = kill_anon_super, 3481da177e4SLinus Torvalds }; 3491da177e4SLinus Torvalds static int sockfs_delete_dentry(struct dentry *dentry) 3501da177e4SLinus Torvalds { 3511da177e4SLinus Torvalds return 1; 3521da177e4SLinus Torvalds } 3531da177e4SLinus Torvalds static struct dentry_operations sockfs_dentry_operations = { 3541da177e4SLinus Torvalds .d_delete = sockfs_delete_dentry, 3551da177e4SLinus Torvalds }; 3561da177e4SLinus Torvalds 3571da177e4SLinus Torvalds /* 3581da177e4SLinus Torvalds * Obtains the first available file descriptor and sets it up for use. 3591da177e4SLinus Torvalds * 36039d8c1b6SDavid S. Miller * These functions create file structures and maps them to fd space 36139d8c1b6SDavid S. Miller * of the current process. On success it returns file descriptor 3621da177e4SLinus Torvalds * and file struct implicitly stored in sock->file. 3631da177e4SLinus Torvalds * Note that another thread may close file descriptor before we return 3641da177e4SLinus Torvalds * from this function. We use the fact that now we do not refer 3651da177e4SLinus Torvalds * to socket after mapping. If one day we will need it, this 3661da177e4SLinus Torvalds * function will increment ref. count on file by 1. 3671da177e4SLinus Torvalds * 3681da177e4SLinus Torvalds * In any case returned fd MAY BE not valid! 3691da177e4SLinus Torvalds * This race condition is unavoidable 3701da177e4SLinus Torvalds * with shared fd spaces, we cannot solve it inside kernel, 3711da177e4SLinus Torvalds * but we take care of internal coherence yet. 3721da177e4SLinus Torvalds */ 3731da177e4SLinus Torvalds 37439d8c1b6SDavid S. Miller static int sock_alloc_fd(struct file **filep) 3751da177e4SLinus Torvalds { 3761da177e4SLinus Torvalds int fd; 3771da177e4SLinus Torvalds 3781da177e4SLinus Torvalds fd = get_unused_fd(); 37939d8c1b6SDavid S. Miller if (likely(fd >= 0)) { 3801da177e4SLinus Torvalds struct file *file = get_empty_filp(); 3811da177e4SLinus Torvalds 38239d8c1b6SDavid S. Miller *filep = file; 38339d8c1b6SDavid S. Miller if (unlikely(!file)) { 3841da177e4SLinus Torvalds put_unused_fd(fd); 38539d8c1b6SDavid S. Miller return -ENFILE; 3861da177e4SLinus Torvalds } 38739d8c1b6SDavid S. Miller } else 38839d8c1b6SDavid S. Miller *filep = NULL; 38939d8c1b6SDavid S. Miller return fd; 39039d8c1b6SDavid S. Miller } 39139d8c1b6SDavid S. Miller 39239d8c1b6SDavid S. Miller static int sock_attach_fd(struct socket *sock, struct file *file) 39339d8c1b6SDavid S. Miller { 39439d8c1b6SDavid S. Miller struct qstr this; 39539d8c1b6SDavid S. Miller char name[32]; 3961da177e4SLinus Torvalds 397f31f5f05SEric Dumazet this.len = sprintf(name, "[%lu]", SOCK_INODE(sock)->i_ino); 3981da177e4SLinus Torvalds this.name = name; 3991da177e4SLinus Torvalds this.hash = SOCK_INODE(sock)->i_ino; 4001da177e4SLinus Torvalds 4011da177e4SLinus Torvalds file->f_dentry = d_alloc(sock_mnt->mnt_sb->s_root, &this); 40239d8c1b6SDavid S. Miller if (unlikely(!file->f_dentry)) 40339d8c1b6SDavid S. Miller return -ENOMEM; 40439d8c1b6SDavid S. Miller 4051da177e4SLinus Torvalds file->f_dentry->d_op = &sockfs_dentry_operations; 4061da177e4SLinus Torvalds d_add(file->f_dentry, SOCK_INODE(sock)); 4071da177e4SLinus Torvalds file->f_vfsmnt = mntget(sock_mnt); 4081da177e4SLinus Torvalds file->f_mapping = file->f_dentry->d_inode->i_mapping; 4091da177e4SLinus Torvalds 4101da177e4SLinus Torvalds sock->file = file; 4111da177e4SLinus Torvalds file->f_op = SOCK_INODE(sock)->i_fop = &socket_file_ops; 4121da177e4SLinus Torvalds file->f_mode = FMODE_READ | FMODE_WRITE; 4131da177e4SLinus Torvalds file->f_flags = O_RDWR; 4141da177e4SLinus Torvalds file->f_pos = 0; 41507dc3f07SBenjamin LaHaise file->private_data = sock; 41639d8c1b6SDavid S. Miller 41739d8c1b6SDavid S. Miller return 0; 4181da177e4SLinus Torvalds } 4191da177e4SLinus Torvalds 42039d8c1b6SDavid S. Miller int sock_map_fd(struct socket *sock) 42139d8c1b6SDavid S. Miller { 42239d8c1b6SDavid S. Miller struct file *newfile; 42339d8c1b6SDavid S. Miller int fd = sock_alloc_fd(&newfile); 42439d8c1b6SDavid S. Miller 42539d8c1b6SDavid S. Miller if (likely(fd >= 0)) { 42639d8c1b6SDavid S. Miller int err = sock_attach_fd(sock, newfile); 42739d8c1b6SDavid S. Miller 42839d8c1b6SDavid S. Miller if (unlikely(err < 0)) { 42939d8c1b6SDavid S. Miller put_filp(newfile); 43039d8c1b6SDavid S. Miller put_unused_fd(fd); 43139d8c1b6SDavid S. Miller return err; 43239d8c1b6SDavid S. Miller } 43339d8c1b6SDavid S. Miller fd_install(fd, newfile); 43439d8c1b6SDavid S. Miller } 4351da177e4SLinus Torvalds return fd; 4361da177e4SLinus Torvalds } 4371da177e4SLinus Torvalds 4386cb153caSBenjamin LaHaise static struct socket *sock_from_file(struct file *file, int *err) 4396cb153caSBenjamin LaHaise { 4406cb153caSBenjamin LaHaise struct inode *inode; 4416cb153caSBenjamin LaHaise struct socket *sock; 4426cb153caSBenjamin LaHaise 4436cb153caSBenjamin LaHaise if (file->f_op == &socket_file_ops) 4446cb153caSBenjamin LaHaise return file->private_data; /* set in sock_map_fd */ 4456cb153caSBenjamin LaHaise 4466cb153caSBenjamin LaHaise inode = file->f_dentry->d_inode; 4476cb153caSBenjamin LaHaise if (!S_ISSOCK(inode->i_mode)) { 4486cb153caSBenjamin LaHaise *err = -ENOTSOCK; 4496cb153caSBenjamin LaHaise return NULL; 4506cb153caSBenjamin LaHaise } 4516cb153caSBenjamin LaHaise 4526cb153caSBenjamin LaHaise sock = SOCKET_I(inode); 4536cb153caSBenjamin LaHaise if (sock->file != file) { 4546cb153caSBenjamin LaHaise printk(KERN_ERR "socki_lookup: socket file changed!\n"); 4556cb153caSBenjamin LaHaise sock->file = file; 4566cb153caSBenjamin LaHaise } 4576cb153caSBenjamin LaHaise return sock; 4586cb153caSBenjamin LaHaise } 4596cb153caSBenjamin LaHaise 4601da177e4SLinus Torvalds /** 4611da177e4SLinus Torvalds * sockfd_lookup - Go from a file number to its socket slot 4621da177e4SLinus Torvalds * @fd: file handle 4631da177e4SLinus Torvalds * @err: pointer to an error code return 4641da177e4SLinus Torvalds * 4651da177e4SLinus Torvalds * The file handle passed in is locked and the socket it is bound 4661da177e4SLinus Torvalds * too is returned. If an error occurs the err pointer is overwritten 4671da177e4SLinus Torvalds * with a negative errno code and NULL is returned. The function checks 4681da177e4SLinus Torvalds * for both invalid handles and passing a handle which is not a socket. 4691da177e4SLinus Torvalds * 4701da177e4SLinus Torvalds * On a success the socket object pointer is returned. 4711da177e4SLinus Torvalds */ 4721da177e4SLinus Torvalds 4731da177e4SLinus Torvalds struct socket *sockfd_lookup(int fd, int *err) 4741da177e4SLinus Torvalds { 4751da177e4SLinus Torvalds struct file *file; 4761da177e4SLinus Torvalds struct socket *sock; 4771da177e4SLinus Torvalds 4786cb153caSBenjamin LaHaise if (!(file = fget(fd))) { 4791da177e4SLinus Torvalds *err = -EBADF; 4801da177e4SLinus Torvalds return NULL; 4811da177e4SLinus Torvalds } 4826cb153caSBenjamin LaHaise sock = sock_from_file(file, err); 4836cb153caSBenjamin LaHaise if (!sock) 4841da177e4SLinus Torvalds fput(file); 4856cb153caSBenjamin LaHaise return sock; 4861da177e4SLinus Torvalds } 4871da177e4SLinus Torvalds 4886cb153caSBenjamin LaHaise static struct socket *sockfd_lookup_light(int fd, int *err, int *fput_needed) 4896cb153caSBenjamin LaHaise { 4906cb153caSBenjamin LaHaise struct file *file; 4916cb153caSBenjamin LaHaise struct socket *sock; 4926cb153caSBenjamin LaHaise 4933672558cSHua Zhong *err = -EBADF; 4946cb153caSBenjamin LaHaise file = fget_light(fd, fput_needed); 4956cb153caSBenjamin LaHaise if (file) { 4966cb153caSBenjamin LaHaise sock = sock_from_file(file, err); 4976cb153caSBenjamin LaHaise if (sock) 4981da177e4SLinus Torvalds return sock; 4996cb153caSBenjamin LaHaise fput_light(file, *fput_needed); 5006cb153caSBenjamin LaHaise } 5016cb153caSBenjamin LaHaise return NULL; 5021da177e4SLinus Torvalds } 5031da177e4SLinus Torvalds 5041da177e4SLinus Torvalds /** 5051da177e4SLinus Torvalds * sock_alloc - allocate a socket 5061da177e4SLinus Torvalds * 5071da177e4SLinus Torvalds * Allocate a new inode and socket object. The two are bound together 5081da177e4SLinus Torvalds * and initialised. The socket is then returned. If we are out of inodes 5091da177e4SLinus Torvalds * NULL is returned. 5101da177e4SLinus Torvalds */ 5111da177e4SLinus Torvalds 5121da177e4SLinus Torvalds static struct socket *sock_alloc(void) 5131da177e4SLinus Torvalds { 5141da177e4SLinus Torvalds struct inode * inode; 5151da177e4SLinus Torvalds struct socket * sock; 5161da177e4SLinus Torvalds 5171da177e4SLinus Torvalds inode = new_inode(sock_mnt->mnt_sb); 5181da177e4SLinus Torvalds if (!inode) 5191da177e4SLinus Torvalds return NULL; 5201da177e4SLinus Torvalds 5211da177e4SLinus Torvalds sock = SOCKET_I(inode); 5221da177e4SLinus Torvalds 5231da177e4SLinus Torvalds inode->i_mode = S_IFSOCK|S_IRWXUGO; 5241da177e4SLinus Torvalds inode->i_uid = current->fsuid; 5251da177e4SLinus Torvalds inode->i_gid = current->fsgid; 5261da177e4SLinus Torvalds 5271da177e4SLinus Torvalds get_cpu_var(sockets_in_use)++; 5281da177e4SLinus Torvalds put_cpu_var(sockets_in_use); 5291da177e4SLinus Torvalds return sock; 5301da177e4SLinus Torvalds } 5311da177e4SLinus Torvalds 5321da177e4SLinus Torvalds /* 5331da177e4SLinus Torvalds * In theory you can't get an open on this inode, but /proc provides 5341da177e4SLinus Torvalds * a back door. Remember to keep it shut otherwise you'll let the 5351da177e4SLinus Torvalds * creepy crawlies in. 5361da177e4SLinus Torvalds */ 5371da177e4SLinus Torvalds 5381da177e4SLinus Torvalds static int sock_no_open(struct inode *irrelevant, struct file *dontcare) 5391da177e4SLinus Torvalds { 5401da177e4SLinus Torvalds return -ENXIO; 5411da177e4SLinus Torvalds } 5421da177e4SLinus Torvalds 5434b6f5d20SArjan van de Ven const struct file_operations bad_sock_fops = { 5441da177e4SLinus Torvalds .owner = THIS_MODULE, 5451da177e4SLinus Torvalds .open = sock_no_open, 5461da177e4SLinus Torvalds }; 5471da177e4SLinus Torvalds 5481da177e4SLinus Torvalds /** 5491da177e4SLinus Torvalds * sock_release - close a socket 5501da177e4SLinus Torvalds * @sock: socket to close 5511da177e4SLinus Torvalds * 5521da177e4SLinus Torvalds * The socket is released from the protocol stack if it has a release 5531da177e4SLinus Torvalds * callback, and the inode is then released if the socket is bound to 5541da177e4SLinus Torvalds * an inode not a file. 5551da177e4SLinus Torvalds */ 5561da177e4SLinus Torvalds 5571da177e4SLinus Torvalds void sock_release(struct socket *sock) 5581da177e4SLinus Torvalds { 5591da177e4SLinus Torvalds if (sock->ops) { 5601da177e4SLinus Torvalds struct module *owner = sock->ops->owner; 5611da177e4SLinus Torvalds 5621da177e4SLinus Torvalds sock->ops->release(sock); 5631da177e4SLinus Torvalds sock->ops = NULL; 5641da177e4SLinus Torvalds module_put(owner); 5651da177e4SLinus Torvalds } 5661da177e4SLinus Torvalds 5671da177e4SLinus Torvalds if (sock->fasync_list) 5681da177e4SLinus Torvalds printk(KERN_ERR "sock_release: fasync list not empty!\n"); 5691da177e4SLinus Torvalds 5701da177e4SLinus Torvalds get_cpu_var(sockets_in_use)--; 5711da177e4SLinus Torvalds put_cpu_var(sockets_in_use); 5721da177e4SLinus Torvalds if (!sock->file) { 5731da177e4SLinus Torvalds iput(SOCK_INODE(sock)); 5741da177e4SLinus Torvalds return; 5751da177e4SLinus Torvalds } 5761da177e4SLinus Torvalds sock->file=NULL; 5771da177e4SLinus Torvalds } 5781da177e4SLinus Torvalds 5791da177e4SLinus Torvalds static inline int __sock_sendmsg(struct kiocb *iocb, struct socket *sock, 5801da177e4SLinus Torvalds struct msghdr *msg, size_t size) 5811da177e4SLinus Torvalds { 5821da177e4SLinus Torvalds struct sock_iocb *si = kiocb_to_siocb(iocb); 5831da177e4SLinus Torvalds int err; 5841da177e4SLinus Torvalds 5851da177e4SLinus Torvalds si->sock = sock; 5861da177e4SLinus Torvalds si->scm = NULL; 5871da177e4SLinus Torvalds si->msg = msg; 5881da177e4SLinus Torvalds si->size = size; 5891da177e4SLinus Torvalds 5901da177e4SLinus Torvalds err = security_socket_sendmsg(sock, msg, size); 5911da177e4SLinus Torvalds if (err) 5921da177e4SLinus Torvalds return err; 5931da177e4SLinus Torvalds 5941da177e4SLinus Torvalds return sock->ops->sendmsg(iocb, sock, msg, size); 5951da177e4SLinus Torvalds } 5961da177e4SLinus Torvalds 5971da177e4SLinus Torvalds int sock_sendmsg(struct socket *sock, struct msghdr *msg, size_t size) 5981da177e4SLinus Torvalds { 5991da177e4SLinus Torvalds struct kiocb iocb; 6001da177e4SLinus Torvalds struct sock_iocb siocb; 6011da177e4SLinus Torvalds int ret; 6021da177e4SLinus Torvalds 6031da177e4SLinus Torvalds init_sync_kiocb(&iocb, NULL); 6041da177e4SLinus Torvalds iocb.private = &siocb; 6051da177e4SLinus Torvalds ret = __sock_sendmsg(&iocb, sock, msg, size); 6061da177e4SLinus Torvalds if (-EIOCBQUEUED == ret) 6071da177e4SLinus Torvalds ret = wait_on_sync_kiocb(&iocb); 6081da177e4SLinus Torvalds return ret; 6091da177e4SLinus Torvalds } 6101da177e4SLinus Torvalds 6111da177e4SLinus Torvalds int kernel_sendmsg(struct socket *sock, struct msghdr *msg, 6121da177e4SLinus Torvalds struct kvec *vec, size_t num, size_t size) 6131da177e4SLinus Torvalds { 6141da177e4SLinus Torvalds mm_segment_t oldfs = get_fs(); 6151da177e4SLinus Torvalds int result; 6161da177e4SLinus Torvalds 6171da177e4SLinus Torvalds set_fs(KERNEL_DS); 6181da177e4SLinus Torvalds /* 6191da177e4SLinus Torvalds * the following is safe, since for compiler definitions of kvec and 6201da177e4SLinus Torvalds * iovec are identical, yielding the same in-core layout and alignment 6211da177e4SLinus Torvalds */ 6221da177e4SLinus Torvalds msg->msg_iov = (struct iovec *)vec, 6231da177e4SLinus Torvalds msg->msg_iovlen = num; 6241da177e4SLinus Torvalds result = sock_sendmsg(sock, msg, size); 6251da177e4SLinus Torvalds set_fs(oldfs); 6261da177e4SLinus Torvalds return result; 6271da177e4SLinus Torvalds } 6281da177e4SLinus Torvalds 6291da177e4SLinus Torvalds static inline int __sock_recvmsg(struct kiocb *iocb, struct socket *sock, 6301da177e4SLinus Torvalds struct msghdr *msg, size_t size, int flags) 6311da177e4SLinus Torvalds { 6321da177e4SLinus Torvalds int err; 6331da177e4SLinus Torvalds struct sock_iocb *si = kiocb_to_siocb(iocb); 6341da177e4SLinus Torvalds 6351da177e4SLinus Torvalds si->sock = sock; 6361da177e4SLinus Torvalds si->scm = NULL; 6371da177e4SLinus Torvalds si->msg = msg; 6381da177e4SLinus Torvalds si->size = size; 6391da177e4SLinus Torvalds si->flags = flags; 6401da177e4SLinus Torvalds 6411da177e4SLinus Torvalds err = security_socket_recvmsg(sock, msg, size, flags); 6421da177e4SLinus Torvalds if (err) 6431da177e4SLinus Torvalds return err; 6441da177e4SLinus Torvalds 6451da177e4SLinus Torvalds return sock->ops->recvmsg(iocb, sock, msg, size, flags); 6461da177e4SLinus Torvalds } 6471da177e4SLinus Torvalds 6481da177e4SLinus Torvalds int sock_recvmsg(struct socket *sock, struct msghdr *msg, 6491da177e4SLinus Torvalds size_t size, int flags) 6501da177e4SLinus Torvalds { 6511da177e4SLinus Torvalds struct kiocb iocb; 6521da177e4SLinus Torvalds struct sock_iocb siocb; 6531da177e4SLinus Torvalds int ret; 6541da177e4SLinus Torvalds 6551da177e4SLinus Torvalds init_sync_kiocb(&iocb, NULL); 6561da177e4SLinus Torvalds iocb.private = &siocb; 6571da177e4SLinus Torvalds ret = __sock_recvmsg(&iocb, sock, msg, size, flags); 6581da177e4SLinus Torvalds if (-EIOCBQUEUED == ret) 6591da177e4SLinus Torvalds ret = wait_on_sync_kiocb(&iocb); 6601da177e4SLinus Torvalds return ret; 6611da177e4SLinus Torvalds } 6621da177e4SLinus Torvalds 6631da177e4SLinus Torvalds int kernel_recvmsg(struct socket *sock, struct msghdr *msg, 6641da177e4SLinus Torvalds struct kvec *vec, size_t num, 6651da177e4SLinus Torvalds size_t size, int flags) 6661da177e4SLinus Torvalds { 6671da177e4SLinus Torvalds mm_segment_t oldfs = get_fs(); 6681da177e4SLinus Torvalds int result; 6691da177e4SLinus Torvalds 6701da177e4SLinus Torvalds set_fs(KERNEL_DS); 6711da177e4SLinus Torvalds /* 6721da177e4SLinus Torvalds * the following is safe, since for compiler definitions of kvec and 6731da177e4SLinus Torvalds * iovec are identical, yielding the same in-core layout and alignment 6741da177e4SLinus Torvalds */ 6751da177e4SLinus Torvalds msg->msg_iov = (struct iovec *)vec, 6761da177e4SLinus Torvalds msg->msg_iovlen = num; 6771da177e4SLinus Torvalds result = sock_recvmsg(sock, msg, size, flags); 6781da177e4SLinus Torvalds set_fs(oldfs); 6791da177e4SLinus Torvalds return result; 6801da177e4SLinus Torvalds } 6811da177e4SLinus Torvalds 6821da177e4SLinus Torvalds static void sock_aio_dtor(struct kiocb *iocb) 6831da177e4SLinus Torvalds { 6841da177e4SLinus Torvalds kfree(iocb->private); 6851da177e4SLinus Torvalds } 6861da177e4SLinus Torvalds 68720380731SArnaldo Carvalho de Melo static ssize_t sock_sendpage(struct file *file, struct page *page, 6881da177e4SLinus Torvalds int offset, size_t size, loff_t *ppos, int more) 6891da177e4SLinus Torvalds { 6901da177e4SLinus Torvalds struct socket *sock; 6911da177e4SLinus Torvalds int flags; 6921da177e4SLinus Torvalds 693b69aee04SEric Dumazet sock = file->private_data; 6941da177e4SLinus Torvalds 6951da177e4SLinus Torvalds flags = !(file->f_flags & O_NONBLOCK) ? 0 : MSG_DONTWAIT; 6961da177e4SLinus Torvalds if (more) 6971da177e4SLinus Torvalds flags |= MSG_MORE; 6981da177e4SLinus Torvalds 6991da177e4SLinus Torvalds return sock->ops->sendpage(sock, page, offset, size, flags); 7001da177e4SLinus Torvalds } 7011da177e4SLinus Torvalds 702ce1d4d3eSChristoph Hellwig static struct sock_iocb *alloc_sock_iocb(struct kiocb *iocb, 703ce1d4d3eSChristoph Hellwig char __user *ubuf, size_t size, struct sock_iocb *siocb) 704ce1d4d3eSChristoph Hellwig { 705ce1d4d3eSChristoph Hellwig if (!is_sync_kiocb(iocb)) { 706ce1d4d3eSChristoph Hellwig siocb = kmalloc(sizeof(*siocb), GFP_KERNEL); 707ce1d4d3eSChristoph Hellwig if (!siocb) 708ce1d4d3eSChristoph Hellwig return NULL; 709ce1d4d3eSChristoph Hellwig iocb->ki_dtor = sock_aio_dtor; 710ce1d4d3eSChristoph Hellwig } 711ce1d4d3eSChristoph Hellwig 712ce1d4d3eSChristoph Hellwig siocb->kiocb = iocb; 713ce1d4d3eSChristoph Hellwig siocb->async_iov.iov_base = ubuf; 714ce1d4d3eSChristoph Hellwig siocb->async_iov.iov_len = size; 715ce1d4d3eSChristoph Hellwig 716ce1d4d3eSChristoph Hellwig iocb->private = siocb; 717ce1d4d3eSChristoph Hellwig return siocb; 718ce1d4d3eSChristoph Hellwig } 719ce1d4d3eSChristoph Hellwig 720ce1d4d3eSChristoph Hellwig static ssize_t do_sock_read(struct msghdr *msg, struct kiocb *iocb, 721ce1d4d3eSChristoph Hellwig struct file *file, struct iovec *iov, unsigned long nr_segs) 722ce1d4d3eSChristoph Hellwig { 723ce1d4d3eSChristoph Hellwig struct socket *sock = file->private_data; 724ce1d4d3eSChristoph Hellwig size_t size = 0; 725ce1d4d3eSChristoph Hellwig int i; 726ce1d4d3eSChristoph Hellwig 727ce1d4d3eSChristoph Hellwig for (i = 0 ; i < nr_segs ; i++) 728ce1d4d3eSChristoph Hellwig size += iov[i].iov_len; 729ce1d4d3eSChristoph Hellwig 730ce1d4d3eSChristoph Hellwig msg->msg_name = NULL; 731ce1d4d3eSChristoph Hellwig msg->msg_namelen = 0; 732ce1d4d3eSChristoph Hellwig msg->msg_control = NULL; 733ce1d4d3eSChristoph Hellwig msg->msg_controllen = 0; 734ce1d4d3eSChristoph Hellwig msg->msg_iov = (struct iovec *) iov; 735ce1d4d3eSChristoph Hellwig msg->msg_iovlen = nr_segs; 736ce1d4d3eSChristoph Hellwig msg->msg_flags = (file->f_flags & O_NONBLOCK) ? MSG_DONTWAIT : 0; 737ce1d4d3eSChristoph Hellwig 738ce1d4d3eSChristoph Hellwig return __sock_recvmsg(iocb, sock, msg, size, msg->msg_flags); 739ce1d4d3eSChristoph Hellwig } 740ce1d4d3eSChristoph Hellwig 741ce1d4d3eSChristoph Hellwig static ssize_t sock_readv(struct file *file, const struct iovec *iov, 742ce1d4d3eSChristoph Hellwig unsigned long nr_segs, loff_t *ppos) 743ce1d4d3eSChristoph Hellwig { 744ce1d4d3eSChristoph Hellwig struct kiocb iocb; 745ce1d4d3eSChristoph Hellwig struct sock_iocb siocb; 746ce1d4d3eSChristoph Hellwig struct msghdr msg; 747ce1d4d3eSChristoph Hellwig int ret; 748ce1d4d3eSChristoph Hellwig 749ce1d4d3eSChristoph Hellwig init_sync_kiocb(&iocb, NULL); 750ce1d4d3eSChristoph Hellwig iocb.private = &siocb; 751ce1d4d3eSChristoph Hellwig 752ce1d4d3eSChristoph Hellwig ret = do_sock_read(&msg, &iocb, file, (struct iovec *)iov, nr_segs); 753ce1d4d3eSChristoph Hellwig if (-EIOCBQUEUED == ret) 754ce1d4d3eSChristoph Hellwig ret = wait_on_sync_kiocb(&iocb); 755ce1d4d3eSChristoph Hellwig return ret; 756ce1d4d3eSChristoph Hellwig } 757ce1d4d3eSChristoph Hellwig 758ce1d4d3eSChristoph Hellwig static ssize_t sock_aio_read(struct kiocb *iocb, char __user *ubuf, 759ce1d4d3eSChristoph Hellwig size_t count, loff_t pos) 760ce1d4d3eSChristoph Hellwig { 761ce1d4d3eSChristoph Hellwig struct sock_iocb siocb, *x; 762ce1d4d3eSChristoph Hellwig 763ce1d4d3eSChristoph Hellwig if (pos != 0) 764ce1d4d3eSChristoph Hellwig return -ESPIPE; 765ce1d4d3eSChristoph Hellwig if (count == 0) /* Match SYS5 behaviour */ 766ce1d4d3eSChristoph Hellwig return 0; 767ce1d4d3eSChristoph Hellwig 768ce1d4d3eSChristoph Hellwig x = alloc_sock_iocb(iocb, ubuf, count, &siocb); 769ce1d4d3eSChristoph Hellwig if (!x) 770ce1d4d3eSChristoph Hellwig return -ENOMEM; 771ce1d4d3eSChristoph Hellwig return do_sock_read(&x->async_msg, iocb, iocb->ki_filp, 772ce1d4d3eSChristoph Hellwig &x->async_iov, 1); 773ce1d4d3eSChristoph Hellwig } 774ce1d4d3eSChristoph Hellwig 775ce1d4d3eSChristoph Hellwig static ssize_t do_sock_write(struct msghdr *msg, struct kiocb *iocb, 776ce1d4d3eSChristoph Hellwig struct file *file, struct iovec *iov, unsigned long nr_segs) 777ce1d4d3eSChristoph Hellwig { 778ce1d4d3eSChristoph Hellwig struct socket *sock = file->private_data; 779ce1d4d3eSChristoph Hellwig size_t size = 0; 780ce1d4d3eSChristoph Hellwig int i; 781ce1d4d3eSChristoph Hellwig 782ce1d4d3eSChristoph Hellwig for (i = 0 ; i < nr_segs ; i++) 783ce1d4d3eSChristoph Hellwig size += iov[i].iov_len; 784ce1d4d3eSChristoph Hellwig 785ce1d4d3eSChristoph Hellwig msg->msg_name = NULL; 786ce1d4d3eSChristoph Hellwig msg->msg_namelen = 0; 787ce1d4d3eSChristoph Hellwig msg->msg_control = NULL; 788ce1d4d3eSChristoph Hellwig msg->msg_controllen = 0; 789ce1d4d3eSChristoph Hellwig msg->msg_iov = (struct iovec *) iov; 790ce1d4d3eSChristoph Hellwig msg->msg_iovlen = nr_segs; 791ce1d4d3eSChristoph Hellwig msg->msg_flags = (file->f_flags & O_NONBLOCK) ? MSG_DONTWAIT : 0; 792ce1d4d3eSChristoph Hellwig if (sock->type == SOCK_SEQPACKET) 793ce1d4d3eSChristoph Hellwig msg->msg_flags |= MSG_EOR; 794ce1d4d3eSChristoph Hellwig 795ce1d4d3eSChristoph Hellwig return __sock_sendmsg(iocb, sock, msg, size); 796ce1d4d3eSChristoph Hellwig } 797ce1d4d3eSChristoph Hellwig 798ce1d4d3eSChristoph Hellwig static ssize_t sock_writev(struct file *file, const struct iovec *iov, 799ce1d4d3eSChristoph Hellwig unsigned long nr_segs, loff_t *ppos) 8001da177e4SLinus Torvalds { 8011da177e4SLinus Torvalds struct msghdr msg; 802ce1d4d3eSChristoph Hellwig struct kiocb iocb; 803ce1d4d3eSChristoph Hellwig struct sock_iocb siocb; 804ce1d4d3eSChristoph Hellwig int ret; 8051da177e4SLinus Torvalds 806ce1d4d3eSChristoph Hellwig init_sync_kiocb(&iocb, NULL); 807ce1d4d3eSChristoph Hellwig iocb.private = &siocb; 8081da177e4SLinus Torvalds 809ce1d4d3eSChristoph Hellwig ret = do_sock_write(&msg, &iocb, file, (struct iovec *)iov, nr_segs); 810ce1d4d3eSChristoph Hellwig if (-EIOCBQUEUED == ret) 811ce1d4d3eSChristoph Hellwig ret = wait_on_sync_kiocb(&iocb); 812ce1d4d3eSChristoph Hellwig return ret; 8131da177e4SLinus Torvalds } 8141da177e4SLinus Torvalds 815ce1d4d3eSChristoph Hellwig static ssize_t sock_aio_write(struct kiocb *iocb, const char __user *ubuf, 816ce1d4d3eSChristoph Hellwig size_t count, loff_t pos) 8171da177e4SLinus Torvalds { 818ce1d4d3eSChristoph Hellwig struct sock_iocb siocb, *x; 8191da177e4SLinus Torvalds 820ce1d4d3eSChristoph Hellwig if (pos != 0) 821ce1d4d3eSChristoph Hellwig return -ESPIPE; 822ce1d4d3eSChristoph Hellwig if (count == 0) /* Match SYS5 behaviour */ 823ce1d4d3eSChristoph Hellwig return 0; 824ce1d4d3eSChristoph Hellwig 825ce1d4d3eSChristoph Hellwig x = alloc_sock_iocb(iocb, (void __user *)ubuf, count, &siocb); 826ce1d4d3eSChristoph Hellwig if (!x) 827ce1d4d3eSChristoph Hellwig return -ENOMEM; 828ce1d4d3eSChristoph Hellwig 829ce1d4d3eSChristoph Hellwig return do_sock_write(&x->async_msg, iocb, iocb->ki_filp, 830ce1d4d3eSChristoph Hellwig &x->async_iov, 1); 8311da177e4SLinus Torvalds } 8321da177e4SLinus Torvalds 8331da177e4SLinus Torvalds 8341da177e4SLinus Torvalds /* 8351da177e4SLinus Torvalds * Atomic setting of ioctl hooks to avoid race 8361da177e4SLinus Torvalds * with module unload. 8371da177e4SLinus Torvalds */ 8381da177e4SLinus Torvalds 8394a3e2f71SArjan van de Ven static DEFINE_MUTEX(br_ioctl_mutex); 8401da177e4SLinus Torvalds static int (*br_ioctl_hook)(unsigned int cmd, void __user *arg) = NULL; 8411da177e4SLinus Torvalds 8421da177e4SLinus Torvalds void brioctl_set(int (*hook)(unsigned int, void __user *)) 8431da177e4SLinus Torvalds { 8444a3e2f71SArjan van de Ven mutex_lock(&br_ioctl_mutex); 8451da177e4SLinus Torvalds br_ioctl_hook = hook; 8464a3e2f71SArjan van de Ven mutex_unlock(&br_ioctl_mutex); 8471da177e4SLinus Torvalds } 8481da177e4SLinus Torvalds EXPORT_SYMBOL(brioctl_set); 8491da177e4SLinus Torvalds 8504a3e2f71SArjan van de Ven static DEFINE_MUTEX(vlan_ioctl_mutex); 8511da177e4SLinus Torvalds static int (*vlan_ioctl_hook)(void __user *arg); 8521da177e4SLinus Torvalds 8531da177e4SLinus Torvalds void vlan_ioctl_set(int (*hook)(void __user *)) 8541da177e4SLinus Torvalds { 8554a3e2f71SArjan van de Ven mutex_lock(&vlan_ioctl_mutex); 8561da177e4SLinus Torvalds vlan_ioctl_hook = hook; 8574a3e2f71SArjan van de Ven mutex_unlock(&vlan_ioctl_mutex); 8581da177e4SLinus Torvalds } 8591da177e4SLinus Torvalds EXPORT_SYMBOL(vlan_ioctl_set); 8601da177e4SLinus Torvalds 8614a3e2f71SArjan van de Ven static DEFINE_MUTEX(dlci_ioctl_mutex); 8621da177e4SLinus Torvalds static int (*dlci_ioctl_hook)(unsigned int, void __user *); 8631da177e4SLinus Torvalds 8641da177e4SLinus Torvalds void dlci_ioctl_set(int (*hook)(unsigned int, void __user *)) 8651da177e4SLinus Torvalds { 8664a3e2f71SArjan van de Ven mutex_lock(&dlci_ioctl_mutex); 8671da177e4SLinus Torvalds dlci_ioctl_hook = hook; 8684a3e2f71SArjan van de Ven mutex_unlock(&dlci_ioctl_mutex); 8691da177e4SLinus Torvalds } 8701da177e4SLinus Torvalds EXPORT_SYMBOL(dlci_ioctl_set); 8711da177e4SLinus Torvalds 8721da177e4SLinus Torvalds /* 8731da177e4SLinus Torvalds * With an ioctl, arg may well be a user mode pointer, but we don't know 8741da177e4SLinus Torvalds * what to do with it - that's up to the protocol still. 8751da177e4SLinus Torvalds */ 8761da177e4SLinus Torvalds 8771da177e4SLinus Torvalds static long sock_ioctl(struct file *file, unsigned cmd, unsigned long arg) 8781da177e4SLinus Torvalds { 8791da177e4SLinus Torvalds struct socket *sock; 8801da177e4SLinus Torvalds void __user *argp = (void __user *)arg; 8811da177e4SLinus Torvalds int pid, err; 8821da177e4SLinus Torvalds 883b69aee04SEric Dumazet sock = file->private_data; 8841da177e4SLinus Torvalds if (cmd >= SIOCDEVPRIVATE && cmd <= (SIOCDEVPRIVATE + 15)) { 8851da177e4SLinus Torvalds err = dev_ioctl(cmd, argp); 8861da177e4SLinus Torvalds } else 887d86b5e0eSAdrian Bunk #ifdef CONFIG_WIRELESS_EXT 8881da177e4SLinus Torvalds if (cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST) { 8891da177e4SLinus Torvalds err = dev_ioctl(cmd, argp); 8901da177e4SLinus Torvalds } else 891d86b5e0eSAdrian Bunk #endif /* CONFIG_WIRELESS_EXT */ 8921da177e4SLinus Torvalds switch (cmd) { 8931da177e4SLinus Torvalds case FIOSETOWN: 8941da177e4SLinus Torvalds case SIOCSPGRP: 8951da177e4SLinus Torvalds err = -EFAULT; 8961da177e4SLinus Torvalds if (get_user(pid, (int __user *)argp)) 8971da177e4SLinus Torvalds break; 8981da177e4SLinus Torvalds err = f_setown(sock->file, pid, 1); 8991da177e4SLinus Torvalds break; 9001da177e4SLinus Torvalds case FIOGETOWN: 9011da177e4SLinus Torvalds case SIOCGPGRP: 9021da177e4SLinus Torvalds err = put_user(sock->file->f_owner.pid, (int __user *)argp); 9031da177e4SLinus Torvalds break; 9041da177e4SLinus Torvalds case SIOCGIFBR: 9051da177e4SLinus Torvalds case SIOCSIFBR: 9061da177e4SLinus Torvalds case SIOCBRADDBR: 9071da177e4SLinus Torvalds case SIOCBRDELBR: 9081da177e4SLinus Torvalds err = -ENOPKG; 9091da177e4SLinus Torvalds if (!br_ioctl_hook) 9101da177e4SLinus Torvalds request_module("bridge"); 9111da177e4SLinus Torvalds 9124a3e2f71SArjan van de Ven mutex_lock(&br_ioctl_mutex); 9131da177e4SLinus Torvalds if (br_ioctl_hook) 9141da177e4SLinus Torvalds err = br_ioctl_hook(cmd, argp); 9154a3e2f71SArjan van de Ven mutex_unlock(&br_ioctl_mutex); 9161da177e4SLinus Torvalds break; 9171da177e4SLinus Torvalds case SIOCGIFVLAN: 9181da177e4SLinus Torvalds case SIOCSIFVLAN: 9191da177e4SLinus Torvalds err = -ENOPKG; 9201da177e4SLinus Torvalds if (!vlan_ioctl_hook) 9211da177e4SLinus Torvalds request_module("8021q"); 9221da177e4SLinus Torvalds 9234a3e2f71SArjan van de Ven mutex_lock(&vlan_ioctl_mutex); 9241da177e4SLinus Torvalds if (vlan_ioctl_hook) 9251da177e4SLinus Torvalds err = vlan_ioctl_hook(argp); 9264a3e2f71SArjan van de Ven mutex_unlock(&vlan_ioctl_mutex); 9271da177e4SLinus Torvalds break; 9281da177e4SLinus Torvalds case SIOCGIFDIVERT: 9291da177e4SLinus Torvalds case SIOCSIFDIVERT: 9301da177e4SLinus Torvalds /* Convert this to call through a hook */ 9311da177e4SLinus Torvalds err = divert_ioctl(cmd, argp); 9321da177e4SLinus Torvalds break; 9331da177e4SLinus Torvalds case SIOCADDDLCI: 9341da177e4SLinus Torvalds case SIOCDELDLCI: 9351da177e4SLinus Torvalds err = -ENOPKG; 9361da177e4SLinus Torvalds if (!dlci_ioctl_hook) 9371da177e4SLinus Torvalds request_module("dlci"); 9381da177e4SLinus Torvalds 9391da177e4SLinus Torvalds if (dlci_ioctl_hook) { 9404a3e2f71SArjan van de Ven mutex_lock(&dlci_ioctl_mutex); 9411da177e4SLinus Torvalds err = dlci_ioctl_hook(cmd, argp); 9424a3e2f71SArjan van de Ven mutex_unlock(&dlci_ioctl_mutex); 9431da177e4SLinus Torvalds } 9441da177e4SLinus Torvalds break; 9451da177e4SLinus Torvalds default: 9461da177e4SLinus Torvalds err = sock->ops->ioctl(sock, cmd, arg); 947b5e5fa5eSChristoph Hellwig 948b5e5fa5eSChristoph Hellwig /* 949b5e5fa5eSChristoph Hellwig * If this ioctl is unknown try to hand it down 950b5e5fa5eSChristoph Hellwig * to the NIC driver. 951b5e5fa5eSChristoph Hellwig */ 952b5e5fa5eSChristoph Hellwig if (err == -ENOIOCTLCMD) 953b5e5fa5eSChristoph Hellwig err = dev_ioctl(cmd, argp); 9541da177e4SLinus Torvalds break; 9551da177e4SLinus Torvalds } 9561da177e4SLinus Torvalds return err; 9571da177e4SLinus Torvalds } 9581da177e4SLinus Torvalds 9591da177e4SLinus Torvalds int sock_create_lite(int family, int type, int protocol, struct socket **res) 9601da177e4SLinus Torvalds { 9611da177e4SLinus Torvalds int err; 9621da177e4SLinus Torvalds struct socket *sock = NULL; 9631da177e4SLinus Torvalds 9641da177e4SLinus Torvalds err = security_socket_create(family, type, protocol, 1); 9651da177e4SLinus Torvalds if (err) 9661da177e4SLinus Torvalds goto out; 9671da177e4SLinus Torvalds 9681da177e4SLinus Torvalds sock = sock_alloc(); 9691da177e4SLinus Torvalds if (!sock) { 9701da177e4SLinus Torvalds err = -ENOMEM; 9711da177e4SLinus Torvalds goto out; 9721da177e4SLinus Torvalds } 9731da177e4SLinus Torvalds 9741da177e4SLinus Torvalds security_socket_post_create(sock, family, type, protocol, 1); 9751da177e4SLinus Torvalds sock->type = type; 9761da177e4SLinus Torvalds out: 9771da177e4SLinus Torvalds *res = sock; 9781da177e4SLinus Torvalds return err; 9791da177e4SLinus Torvalds } 9801da177e4SLinus Torvalds 9811da177e4SLinus Torvalds /* No kernel lock held - perfect */ 9821da177e4SLinus Torvalds static unsigned int sock_poll(struct file *file, poll_table * wait) 9831da177e4SLinus Torvalds { 9841da177e4SLinus Torvalds struct socket *sock; 9851da177e4SLinus Torvalds 9861da177e4SLinus Torvalds /* 9871da177e4SLinus Torvalds * We can't return errors to poll, so it's either yes or no. 9881da177e4SLinus Torvalds */ 989b69aee04SEric Dumazet sock = file->private_data; 9901da177e4SLinus Torvalds return sock->ops->poll(file, sock, wait); 9911da177e4SLinus Torvalds } 9921da177e4SLinus Torvalds 9931da177e4SLinus Torvalds static int sock_mmap(struct file * file, struct vm_area_struct * vma) 9941da177e4SLinus Torvalds { 995b69aee04SEric Dumazet struct socket *sock = file->private_data; 9961da177e4SLinus Torvalds 9971da177e4SLinus Torvalds return sock->ops->mmap(file, sock, vma); 9981da177e4SLinus Torvalds } 9991da177e4SLinus Torvalds 100020380731SArnaldo Carvalho de Melo static int sock_close(struct inode *inode, struct file *filp) 10011da177e4SLinus Torvalds { 10021da177e4SLinus Torvalds /* 10031da177e4SLinus Torvalds * It was possible the inode is NULL we were 10041da177e4SLinus Torvalds * closing an unfinished socket. 10051da177e4SLinus Torvalds */ 10061da177e4SLinus Torvalds 10071da177e4SLinus Torvalds if (!inode) 10081da177e4SLinus Torvalds { 10091da177e4SLinus Torvalds printk(KERN_DEBUG "sock_close: NULL inode\n"); 10101da177e4SLinus Torvalds return 0; 10111da177e4SLinus Torvalds } 10121da177e4SLinus Torvalds sock_fasync(-1, filp, 0); 10131da177e4SLinus Torvalds sock_release(SOCKET_I(inode)); 10141da177e4SLinus Torvalds return 0; 10151da177e4SLinus Torvalds } 10161da177e4SLinus Torvalds 10171da177e4SLinus Torvalds /* 10181da177e4SLinus Torvalds * Update the socket async list 10191da177e4SLinus Torvalds * 10201da177e4SLinus Torvalds * Fasync_list locking strategy. 10211da177e4SLinus Torvalds * 10221da177e4SLinus Torvalds * 1. fasync_list is modified only under process context socket lock 10231da177e4SLinus Torvalds * i.e. under semaphore. 10241da177e4SLinus Torvalds * 2. fasync_list is used under read_lock(&sk->sk_callback_lock) 10251da177e4SLinus Torvalds * or under socket lock. 10261da177e4SLinus Torvalds * 3. fasync_list can be used from softirq context, so that 10271da177e4SLinus Torvalds * modification under socket lock have to be enhanced with 10281da177e4SLinus Torvalds * write_lock_bh(&sk->sk_callback_lock). 10291da177e4SLinus Torvalds * --ANK (990710) 10301da177e4SLinus Torvalds */ 10311da177e4SLinus Torvalds 10321da177e4SLinus Torvalds static int sock_fasync(int fd, struct file *filp, int on) 10331da177e4SLinus Torvalds { 10341da177e4SLinus Torvalds struct fasync_struct *fa, *fna=NULL, **prev; 10351da177e4SLinus Torvalds struct socket *sock; 10361da177e4SLinus Torvalds struct sock *sk; 10371da177e4SLinus Torvalds 10381da177e4SLinus Torvalds if (on) 10391da177e4SLinus Torvalds { 10408b3a7005SKris Katterjohn fna = kmalloc(sizeof(struct fasync_struct), GFP_KERNEL); 10411da177e4SLinus Torvalds if(fna==NULL) 10421da177e4SLinus Torvalds return -ENOMEM; 10431da177e4SLinus Torvalds } 10441da177e4SLinus Torvalds 1045b69aee04SEric Dumazet sock = filp->private_data; 10461da177e4SLinus Torvalds 10471da177e4SLinus Torvalds if ((sk=sock->sk) == NULL) { 10481da177e4SLinus Torvalds kfree(fna); 10491da177e4SLinus Torvalds return -EINVAL; 10501da177e4SLinus Torvalds } 10511da177e4SLinus Torvalds 10521da177e4SLinus Torvalds lock_sock(sk); 10531da177e4SLinus Torvalds 10541da177e4SLinus Torvalds prev=&(sock->fasync_list); 10551da177e4SLinus Torvalds 10561da177e4SLinus Torvalds for (fa=*prev; fa!=NULL; prev=&fa->fa_next,fa=*prev) 10571da177e4SLinus Torvalds if (fa->fa_file==filp) 10581da177e4SLinus Torvalds break; 10591da177e4SLinus Torvalds 10601da177e4SLinus Torvalds if(on) 10611da177e4SLinus Torvalds { 10621da177e4SLinus Torvalds if(fa!=NULL) 10631da177e4SLinus Torvalds { 10641da177e4SLinus Torvalds write_lock_bh(&sk->sk_callback_lock); 10651da177e4SLinus Torvalds fa->fa_fd=fd; 10661da177e4SLinus Torvalds write_unlock_bh(&sk->sk_callback_lock); 10671da177e4SLinus Torvalds 10681da177e4SLinus Torvalds kfree(fna); 10691da177e4SLinus Torvalds goto out; 10701da177e4SLinus Torvalds } 10711da177e4SLinus Torvalds fna->fa_file=filp; 10721da177e4SLinus Torvalds fna->fa_fd=fd; 10731da177e4SLinus Torvalds fna->magic=FASYNC_MAGIC; 10741da177e4SLinus Torvalds fna->fa_next=sock->fasync_list; 10751da177e4SLinus Torvalds write_lock_bh(&sk->sk_callback_lock); 10761da177e4SLinus Torvalds sock->fasync_list=fna; 10771da177e4SLinus Torvalds write_unlock_bh(&sk->sk_callback_lock); 10781da177e4SLinus Torvalds } 10791da177e4SLinus Torvalds else 10801da177e4SLinus Torvalds { 10811da177e4SLinus Torvalds if (fa!=NULL) 10821da177e4SLinus Torvalds { 10831da177e4SLinus Torvalds write_lock_bh(&sk->sk_callback_lock); 10841da177e4SLinus Torvalds *prev=fa->fa_next; 10851da177e4SLinus Torvalds write_unlock_bh(&sk->sk_callback_lock); 10861da177e4SLinus Torvalds kfree(fa); 10871da177e4SLinus Torvalds } 10881da177e4SLinus Torvalds } 10891da177e4SLinus Torvalds 10901da177e4SLinus Torvalds out: 10911da177e4SLinus Torvalds release_sock(sock->sk); 10921da177e4SLinus Torvalds return 0; 10931da177e4SLinus Torvalds } 10941da177e4SLinus Torvalds 10951da177e4SLinus Torvalds /* This function may be called only under socket lock or callback_lock */ 10961da177e4SLinus Torvalds 10971da177e4SLinus Torvalds int sock_wake_async(struct socket *sock, int how, int band) 10981da177e4SLinus Torvalds { 10991da177e4SLinus Torvalds if (!sock || !sock->fasync_list) 11001da177e4SLinus Torvalds return -1; 11011da177e4SLinus Torvalds switch (how) 11021da177e4SLinus Torvalds { 11031da177e4SLinus Torvalds case 1: 11041da177e4SLinus Torvalds 11051da177e4SLinus Torvalds if (test_bit(SOCK_ASYNC_WAITDATA, &sock->flags)) 11061da177e4SLinus Torvalds break; 11071da177e4SLinus Torvalds goto call_kill; 11081da177e4SLinus Torvalds case 2: 11091da177e4SLinus Torvalds if (!test_and_clear_bit(SOCK_ASYNC_NOSPACE, &sock->flags)) 11101da177e4SLinus Torvalds break; 11111da177e4SLinus Torvalds /* fall through */ 11121da177e4SLinus Torvalds case 0: 11131da177e4SLinus Torvalds call_kill: 11141da177e4SLinus Torvalds __kill_fasync(sock->fasync_list, SIGIO, band); 11151da177e4SLinus Torvalds break; 11161da177e4SLinus Torvalds case 3: 11171da177e4SLinus Torvalds __kill_fasync(sock->fasync_list, SIGURG, band); 11181da177e4SLinus Torvalds } 11191da177e4SLinus Torvalds return 0; 11201da177e4SLinus Torvalds } 11211da177e4SLinus Torvalds 11221da177e4SLinus Torvalds static int __sock_create(int family, int type, int protocol, struct socket **res, int kern) 11231da177e4SLinus Torvalds { 11241da177e4SLinus Torvalds int err; 11251da177e4SLinus Torvalds struct socket *sock; 11261da177e4SLinus Torvalds 11271da177e4SLinus Torvalds /* 11281da177e4SLinus Torvalds * Check protocol is in range 11291da177e4SLinus Torvalds */ 11301da177e4SLinus Torvalds if (family < 0 || family >= NPROTO) 11311da177e4SLinus Torvalds return -EAFNOSUPPORT; 11321da177e4SLinus Torvalds if (type < 0 || type >= SOCK_MAX) 11331da177e4SLinus Torvalds return -EINVAL; 11341da177e4SLinus Torvalds 11351da177e4SLinus Torvalds /* Compatibility. 11361da177e4SLinus Torvalds 11371da177e4SLinus Torvalds This uglymoron is moved from INET layer to here to avoid 11381da177e4SLinus Torvalds deadlock in module load. 11391da177e4SLinus Torvalds */ 11401da177e4SLinus Torvalds if (family == PF_INET && type == SOCK_PACKET) { 11411da177e4SLinus Torvalds static int warned; 11421da177e4SLinus Torvalds if (!warned) { 11431da177e4SLinus Torvalds warned = 1; 11441da177e4SLinus Torvalds printk(KERN_INFO "%s uses obsolete (PF_INET,SOCK_PACKET)\n", current->comm); 11451da177e4SLinus Torvalds } 11461da177e4SLinus Torvalds family = PF_PACKET; 11471da177e4SLinus Torvalds } 11481da177e4SLinus Torvalds 11491da177e4SLinus Torvalds err = security_socket_create(family, type, protocol, kern); 11501da177e4SLinus Torvalds if (err) 11511da177e4SLinus Torvalds return err; 11521da177e4SLinus Torvalds 11531da177e4SLinus Torvalds #if defined(CONFIG_KMOD) 11541da177e4SLinus Torvalds /* Attempt to load a protocol module if the find failed. 11551da177e4SLinus Torvalds * 11561da177e4SLinus Torvalds * 12/09/1996 Marcin: But! this makes REALLY only sense, if the user 11571da177e4SLinus Torvalds * requested real, full-featured networking support upon configuration. 11581da177e4SLinus Torvalds * Otherwise module support will break! 11591da177e4SLinus Torvalds */ 11601da177e4SLinus Torvalds if (net_families[family]==NULL) 11611da177e4SLinus Torvalds { 11621da177e4SLinus Torvalds request_module("net-pf-%d",family); 11631da177e4SLinus Torvalds } 11641da177e4SLinus Torvalds #endif 11651da177e4SLinus Torvalds 11661da177e4SLinus Torvalds net_family_read_lock(); 11671da177e4SLinus Torvalds if (net_families[family] == NULL) { 11681da177e4SLinus Torvalds err = -EAFNOSUPPORT; 11691da177e4SLinus Torvalds goto out; 11701da177e4SLinus Torvalds } 11711da177e4SLinus Torvalds 11721da177e4SLinus Torvalds /* 11731da177e4SLinus Torvalds * Allocate the socket and allow the family to set things up. if 11741da177e4SLinus Torvalds * the protocol is 0, the family is instructed to select an appropriate 11751da177e4SLinus Torvalds * default. 11761da177e4SLinus Torvalds */ 11771da177e4SLinus Torvalds 11781da177e4SLinus Torvalds if (!(sock = sock_alloc())) { 11791da177e4SLinus Torvalds printk(KERN_WARNING "socket: no more sockets\n"); 11801da177e4SLinus Torvalds err = -ENFILE; /* Not exactly a match, but its the 11811da177e4SLinus Torvalds closest posix thing */ 11821da177e4SLinus Torvalds goto out; 11831da177e4SLinus Torvalds } 11841da177e4SLinus Torvalds 11851da177e4SLinus Torvalds sock->type = type; 11861da177e4SLinus Torvalds 11871da177e4SLinus Torvalds /* 11881da177e4SLinus Torvalds * We will call the ->create function, that possibly is in a loadable 11891da177e4SLinus Torvalds * module, so we have to bump that loadable module refcnt first. 11901da177e4SLinus Torvalds */ 11911da177e4SLinus Torvalds err = -EAFNOSUPPORT; 11921da177e4SLinus Torvalds if (!try_module_get(net_families[family]->owner)) 11931da177e4SLinus Torvalds goto out_release; 11941da177e4SLinus Torvalds 1195a79af59eSFrank Filz if ((err = net_families[family]->create(sock, protocol)) < 0) { 1196a79af59eSFrank Filz sock->ops = NULL; 11971da177e4SLinus Torvalds goto out_module_put; 1198a79af59eSFrank Filz } 1199a79af59eSFrank Filz 12001da177e4SLinus Torvalds /* 12011da177e4SLinus Torvalds * Now to bump the refcnt of the [loadable] module that owns this 12021da177e4SLinus Torvalds * socket at sock_release time we decrement its refcnt. 12031da177e4SLinus Torvalds */ 12041da177e4SLinus Torvalds if (!try_module_get(sock->ops->owner)) { 12051da177e4SLinus Torvalds sock->ops = NULL; 12061da177e4SLinus Torvalds goto out_module_put; 12071da177e4SLinus Torvalds } 12081da177e4SLinus Torvalds /* 12091da177e4SLinus Torvalds * Now that we're done with the ->create function, the [loadable] 12101da177e4SLinus Torvalds * module can have its refcnt decremented 12111da177e4SLinus Torvalds */ 12121da177e4SLinus Torvalds module_put(net_families[family]->owner); 12131da177e4SLinus Torvalds *res = sock; 12141da177e4SLinus Torvalds security_socket_post_create(sock, family, type, protocol, kern); 12151da177e4SLinus Torvalds 12161da177e4SLinus Torvalds out: 12171da177e4SLinus Torvalds net_family_read_unlock(); 12181da177e4SLinus Torvalds return err; 12191da177e4SLinus Torvalds out_module_put: 12201da177e4SLinus Torvalds module_put(net_families[family]->owner); 12211da177e4SLinus Torvalds out_release: 12221da177e4SLinus Torvalds sock_release(sock); 12231da177e4SLinus Torvalds goto out; 12241da177e4SLinus Torvalds } 12251da177e4SLinus Torvalds 12261da177e4SLinus Torvalds int sock_create(int family, int type, int protocol, struct socket **res) 12271da177e4SLinus Torvalds { 12281da177e4SLinus Torvalds return __sock_create(family, type, protocol, res, 0); 12291da177e4SLinus Torvalds } 12301da177e4SLinus Torvalds 12311da177e4SLinus Torvalds int sock_create_kern(int family, int type, int protocol, struct socket **res) 12321da177e4SLinus Torvalds { 12331da177e4SLinus Torvalds return __sock_create(family, type, protocol, res, 1); 12341da177e4SLinus Torvalds } 12351da177e4SLinus Torvalds 12361da177e4SLinus Torvalds asmlinkage long sys_socket(int family, int type, int protocol) 12371da177e4SLinus Torvalds { 12381da177e4SLinus Torvalds int retval; 12391da177e4SLinus Torvalds struct socket *sock; 12401da177e4SLinus Torvalds 12411da177e4SLinus Torvalds retval = sock_create(family, type, protocol, &sock); 12421da177e4SLinus Torvalds if (retval < 0) 12431da177e4SLinus Torvalds goto out; 12441da177e4SLinus Torvalds 12451da177e4SLinus Torvalds retval = sock_map_fd(sock); 12461da177e4SLinus Torvalds if (retval < 0) 12471da177e4SLinus Torvalds goto out_release; 12481da177e4SLinus Torvalds 12491da177e4SLinus Torvalds out: 12501da177e4SLinus Torvalds /* It may be already another descriptor 8) Not kernel problem. */ 12511da177e4SLinus Torvalds return retval; 12521da177e4SLinus Torvalds 12531da177e4SLinus Torvalds out_release: 12541da177e4SLinus Torvalds sock_release(sock); 12551da177e4SLinus Torvalds return retval; 12561da177e4SLinus Torvalds } 12571da177e4SLinus Torvalds 12581da177e4SLinus Torvalds /* 12591da177e4SLinus Torvalds * Create a pair of connected sockets. 12601da177e4SLinus Torvalds */ 12611da177e4SLinus Torvalds 12621da177e4SLinus Torvalds asmlinkage long sys_socketpair(int family, int type, int protocol, int __user *usockvec) 12631da177e4SLinus Torvalds { 12641da177e4SLinus Torvalds struct socket *sock1, *sock2; 12651da177e4SLinus Torvalds int fd1, fd2, err; 12661da177e4SLinus Torvalds 12671da177e4SLinus Torvalds /* 12681da177e4SLinus Torvalds * Obtain the first socket and check if the underlying protocol 12691da177e4SLinus Torvalds * supports the socketpair call. 12701da177e4SLinus Torvalds */ 12711da177e4SLinus Torvalds 12721da177e4SLinus Torvalds err = sock_create(family, type, protocol, &sock1); 12731da177e4SLinus Torvalds if (err < 0) 12741da177e4SLinus Torvalds goto out; 12751da177e4SLinus Torvalds 12761da177e4SLinus Torvalds err = sock_create(family, type, protocol, &sock2); 12771da177e4SLinus Torvalds if (err < 0) 12781da177e4SLinus Torvalds goto out_release_1; 12791da177e4SLinus Torvalds 12801da177e4SLinus Torvalds err = sock1->ops->socketpair(sock1, sock2); 12811da177e4SLinus Torvalds if (err < 0) 12821da177e4SLinus Torvalds goto out_release_both; 12831da177e4SLinus Torvalds 12841da177e4SLinus Torvalds fd1 = fd2 = -1; 12851da177e4SLinus Torvalds 12861da177e4SLinus Torvalds err = sock_map_fd(sock1); 12871da177e4SLinus Torvalds if (err < 0) 12881da177e4SLinus Torvalds goto out_release_both; 12891da177e4SLinus Torvalds fd1 = err; 12901da177e4SLinus Torvalds 12911da177e4SLinus Torvalds err = sock_map_fd(sock2); 12921da177e4SLinus Torvalds if (err < 0) 12931da177e4SLinus Torvalds goto out_close_1; 12941da177e4SLinus Torvalds fd2 = err; 12951da177e4SLinus Torvalds 12961da177e4SLinus Torvalds /* fd1 and fd2 may be already another descriptors. 12971da177e4SLinus Torvalds * Not kernel problem. 12981da177e4SLinus Torvalds */ 12991da177e4SLinus Torvalds 13001da177e4SLinus Torvalds err = put_user(fd1, &usockvec[0]); 13011da177e4SLinus Torvalds if (!err) 13021da177e4SLinus Torvalds err = put_user(fd2, &usockvec[1]); 13031da177e4SLinus Torvalds if (!err) 13041da177e4SLinus Torvalds return 0; 13051da177e4SLinus Torvalds 13061da177e4SLinus Torvalds sys_close(fd2); 13071da177e4SLinus Torvalds sys_close(fd1); 13081da177e4SLinus Torvalds return err; 13091da177e4SLinus Torvalds 13101da177e4SLinus Torvalds out_close_1: 13111da177e4SLinus Torvalds sock_release(sock2); 13121da177e4SLinus Torvalds sys_close(fd1); 13131da177e4SLinus Torvalds return err; 13141da177e4SLinus Torvalds 13151da177e4SLinus Torvalds out_release_both: 13161da177e4SLinus Torvalds sock_release(sock2); 13171da177e4SLinus Torvalds out_release_1: 13181da177e4SLinus Torvalds sock_release(sock1); 13191da177e4SLinus Torvalds out: 13201da177e4SLinus Torvalds return err; 13211da177e4SLinus Torvalds } 13221da177e4SLinus Torvalds 13231da177e4SLinus Torvalds 13241da177e4SLinus Torvalds /* 13251da177e4SLinus Torvalds * Bind a name to a socket. Nothing much to do here since it's 13261da177e4SLinus Torvalds * the protocol's responsibility to handle the local address. 13271da177e4SLinus Torvalds * 13281da177e4SLinus Torvalds * We move the socket address to kernel space before we call 13291da177e4SLinus Torvalds * the protocol layer (having also checked the address is ok). 13301da177e4SLinus Torvalds */ 13311da177e4SLinus Torvalds 13321da177e4SLinus Torvalds asmlinkage long sys_bind(int fd, struct sockaddr __user *umyaddr, int addrlen) 13331da177e4SLinus Torvalds { 13341da177e4SLinus Torvalds struct socket *sock; 13351da177e4SLinus Torvalds char address[MAX_SOCK_ADDR]; 13366cb153caSBenjamin LaHaise int err, fput_needed; 13371da177e4SLinus Torvalds 13386cb153caSBenjamin LaHaise if((sock = sockfd_lookup_light(fd, &err, &fput_needed))!=NULL) 13391da177e4SLinus Torvalds { 13401da177e4SLinus Torvalds if((err=move_addr_to_kernel(umyaddr,addrlen,address))>=0) { 13411da177e4SLinus Torvalds err = security_socket_bind(sock, (struct sockaddr *)address, addrlen); 13426cb153caSBenjamin LaHaise if (!err) 13436cb153caSBenjamin LaHaise err = sock->ops->bind(sock, 13446cb153caSBenjamin LaHaise (struct sockaddr *)address, addrlen); 13451da177e4SLinus Torvalds } 13466cb153caSBenjamin LaHaise fput_light(sock->file, fput_needed); 13471da177e4SLinus Torvalds } 13481da177e4SLinus Torvalds return err; 13491da177e4SLinus Torvalds } 13501da177e4SLinus Torvalds 13511da177e4SLinus Torvalds 13521da177e4SLinus Torvalds /* 13531da177e4SLinus Torvalds * Perform a listen. Basically, we allow the protocol to do anything 13541da177e4SLinus Torvalds * necessary for a listen, and if that works, we mark the socket as 13551da177e4SLinus Torvalds * ready for listening. 13561da177e4SLinus Torvalds */ 13571da177e4SLinus Torvalds 13581da177e4SLinus Torvalds int sysctl_somaxconn = SOMAXCONN; 13591da177e4SLinus Torvalds 13601da177e4SLinus Torvalds asmlinkage long sys_listen(int fd, int backlog) 13611da177e4SLinus Torvalds { 13621da177e4SLinus Torvalds struct socket *sock; 13636cb153caSBenjamin LaHaise int err, fput_needed; 13641da177e4SLinus Torvalds 13656cb153caSBenjamin LaHaise if ((sock = sockfd_lookup_light(fd, &err, &fput_needed)) != NULL) { 13661da177e4SLinus Torvalds if ((unsigned) backlog > sysctl_somaxconn) 13671da177e4SLinus Torvalds backlog = sysctl_somaxconn; 13681da177e4SLinus Torvalds 13691da177e4SLinus Torvalds err = security_socket_listen(sock, backlog); 13706cb153caSBenjamin LaHaise if (!err) 13711da177e4SLinus Torvalds err = sock->ops->listen(sock, backlog); 13726cb153caSBenjamin LaHaise 13736cb153caSBenjamin LaHaise fput_light(sock->file, fput_needed); 13741da177e4SLinus Torvalds } 13751da177e4SLinus Torvalds return err; 13761da177e4SLinus Torvalds } 13771da177e4SLinus Torvalds 13781da177e4SLinus Torvalds 13791da177e4SLinus Torvalds /* 13801da177e4SLinus Torvalds * For accept, we attempt to create a new socket, set up the link 13811da177e4SLinus Torvalds * with the client, wake up the client, then return the new 13821da177e4SLinus Torvalds * connected fd. We collect the address of the connector in kernel 13831da177e4SLinus Torvalds * space and move it to user at the very end. This is unclean because 13841da177e4SLinus Torvalds * we open the socket then return an error. 13851da177e4SLinus Torvalds * 13861da177e4SLinus Torvalds * 1003.1g adds the ability to recvmsg() to query connection pending 13871da177e4SLinus Torvalds * status to recvmsg. We need to add that support in a way thats 13881da177e4SLinus Torvalds * clean when we restucture accept also. 13891da177e4SLinus Torvalds */ 13901da177e4SLinus Torvalds 13911da177e4SLinus Torvalds asmlinkage long sys_accept(int fd, struct sockaddr __user *upeer_sockaddr, int __user *upeer_addrlen) 13921da177e4SLinus Torvalds { 13931da177e4SLinus Torvalds struct socket *sock, *newsock; 139439d8c1b6SDavid S. Miller struct file *newfile; 13956cb153caSBenjamin LaHaise int err, len, newfd, fput_needed; 13961da177e4SLinus Torvalds char address[MAX_SOCK_ADDR]; 13971da177e4SLinus Torvalds 13986cb153caSBenjamin LaHaise sock = sockfd_lookup_light(fd, &err, &fput_needed); 13991da177e4SLinus Torvalds if (!sock) 14001da177e4SLinus Torvalds goto out; 14011da177e4SLinus Torvalds 14021da177e4SLinus Torvalds err = -ENFILE; 14031da177e4SLinus Torvalds if (!(newsock = sock_alloc())) 14041da177e4SLinus Torvalds goto out_put; 14051da177e4SLinus Torvalds 14061da177e4SLinus Torvalds newsock->type = sock->type; 14071da177e4SLinus Torvalds newsock->ops = sock->ops; 14081da177e4SLinus Torvalds 14091da177e4SLinus Torvalds /* 14101da177e4SLinus Torvalds * We don't need try_module_get here, as the listening socket (sock) 14111da177e4SLinus Torvalds * has the protocol module (sock->ops->owner) held. 14121da177e4SLinus Torvalds */ 14131da177e4SLinus Torvalds __module_get(newsock->ops->owner); 14141da177e4SLinus Torvalds 141539d8c1b6SDavid S. Miller newfd = sock_alloc_fd(&newfile); 141639d8c1b6SDavid S. Miller if (unlikely(newfd < 0)) { 141739d8c1b6SDavid S. Miller err = newfd; 14189a1875e6SDavid S. Miller sock_release(newsock); 14199a1875e6SDavid S. Miller goto out_put; 142039d8c1b6SDavid S. Miller } 142139d8c1b6SDavid S. Miller 142239d8c1b6SDavid S. Miller err = sock_attach_fd(newsock, newfile); 142339d8c1b6SDavid S. Miller if (err < 0) 142439d8c1b6SDavid S. Miller goto out_fd; 142539d8c1b6SDavid S. Miller 1426a79af59eSFrank Filz err = security_socket_accept(sock, newsock); 1427a79af59eSFrank Filz if (err) 142839d8c1b6SDavid S. Miller goto out_fd; 1429a79af59eSFrank Filz 14301da177e4SLinus Torvalds err = sock->ops->accept(sock, newsock, sock->file->f_flags); 14311da177e4SLinus Torvalds if (err < 0) 143239d8c1b6SDavid S. Miller goto out_fd; 14331da177e4SLinus Torvalds 14341da177e4SLinus Torvalds if (upeer_sockaddr) { 14351da177e4SLinus Torvalds if(newsock->ops->getname(newsock, (struct sockaddr *)address, &len, 2)<0) { 14361da177e4SLinus Torvalds err = -ECONNABORTED; 143739d8c1b6SDavid S. Miller goto out_fd; 14381da177e4SLinus Torvalds } 14391da177e4SLinus Torvalds err = move_addr_to_user(address, len, upeer_sockaddr, upeer_addrlen); 14401da177e4SLinus Torvalds if (err < 0) 144139d8c1b6SDavid S. Miller goto out_fd; 14421da177e4SLinus Torvalds } 14431da177e4SLinus Torvalds 14441da177e4SLinus Torvalds /* File flags are not inherited via accept() unlike another OSes. */ 14451da177e4SLinus Torvalds 144639d8c1b6SDavid S. Miller fd_install(newfd, newfile); 144739d8c1b6SDavid S. Miller err = newfd; 14481da177e4SLinus Torvalds 14491da177e4SLinus Torvalds security_socket_post_accept(sock, newsock); 14501da177e4SLinus Torvalds 14511da177e4SLinus Torvalds out_put: 14526cb153caSBenjamin LaHaise fput_light(sock->file, fput_needed); 14531da177e4SLinus Torvalds out: 14541da177e4SLinus Torvalds return err; 145539d8c1b6SDavid S. Miller out_fd: 14569606a216SDavid S. Miller fput(newfile); 145739d8c1b6SDavid S. Miller put_unused_fd(newfd); 14581da177e4SLinus Torvalds goto out_put; 14591da177e4SLinus Torvalds } 14601da177e4SLinus Torvalds 14611da177e4SLinus Torvalds 14621da177e4SLinus Torvalds /* 14631da177e4SLinus Torvalds * Attempt to connect to a socket with the server address. The address 14641da177e4SLinus Torvalds * is in user space so we verify it is OK and move it to kernel space. 14651da177e4SLinus Torvalds * 14661da177e4SLinus Torvalds * For 1003.1g we need to add clean support for a bind to AF_UNSPEC to 14671da177e4SLinus Torvalds * break bindings 14681da177e4SLinus Torvalds * 14691da177e4SLinus Torvalds * NOTE: 1003.1g draft 6.3 is broken with respect to AX.25/NetROM and 14701da177e4SLinus Torvalds * other SEQPACKET protocols that take time to connect() as it doesn't 14711da177e4SLinus Torvalds * include the -EINPROGRESS status for such sockets. 14721da177e4SLinus Torvalds */ 14731da177e4SLinus Torvalds 14741da177e4SLinus Torvalds asmlinkage long sys_connect(int fd, struct sockaddr __user *uservaddr, int addrlen) 14751da177e4SLinus Torvalds { 14761da177e4SLinus Torvalds struct socket *sock; 14771da177e4SLinus Torvalds char address[MAX_SOCK_ADDR]; 14786cb153caSBenjamin LaHaise int err, fput_needed; 14791da177e4SLinus Torvalds 14806cb153caSBenjamin LaHaise sock = sockfd_lookup_light(fd, &err, &fput_needed); 14811da177e4SLinus Torvalds if (!sock) 14821da177e4SLinus Torvalds goto out; 14831da177e4SLinus Torvalds err = move_addr_to_kernel(uservaddr, addrlen, address); 14841da177e4SLinus Torvalds if (err < 0) 14851da177e4SLinus Torvalds goto out_put; 14861da177e4SLinus Torvalds 14871da177e4SLinus Torvalds err = security_socket_connect(sock, (struct sockaddr *)address, addrlen); 14881da177e4SLinus Torvalds if (err) 14891da177e4SLinus Torvalds goto out_put; 14901da177e4SLinus Torvalds 14911da177e4SLinus Torvalds err = sock->ops->connect(sock, (struct sockaddr *) address, addrlen, 14921da177e4SLinus Torvalds sock->file->f_flags); 14931da177e4SLinus Torvalds out_put: 14946cb153caSBenjamin LaHaise fput_light(sock->file, fput_needed); 14951da177e4SLinus Torvalds out: 14961da177e4SLinus Torvalds return err; 14971da177e4SLinus Torvalds } 14981da177e4SLinus Torvalds 14991da177e4SLinus Torvalds /* 15001da177e4SLinus Torvalds * Get the local address ('name') of a socket object. Move the obtained 15011da177e4SLinus Torvalds * name to user space. 15021da177e4SLinus Torvalds */ 15031da177e4SLinus Torvalds 15041da177e4SLinus Torvalds asmlinkage long sys_getsockname(int fd, struct sockaddr __user *usockaddr, int __user *usockaddr_len) 15051da177e4SLinus Torvalds { 15061da177e4SLinus Torvalds struct socket *sock; 15071da177e4SLinus Torvalds char address[MAX_SOCK_ADDR]; 15086cb153caSBenjamin LaHaise int len, err, fput_needed; 15091da177e4SLinus Torvalds 15106cb153caSBenjamin LaHaise sock = sockfd_lookup_light(fd, &err, &fput_needed); 15111da177e4SLinus Torvalds if (!sock) 15121da177e4SLinus Torvalds goto out; 15131da177e4SLinus Torvalds 15141da177e4SLinus Torvalds err = security_socket_getsockname(sock); 15151da177e4SLinus Torvalds if (err) 15161da177e4SLinus Torvalds goto out_put; 15171da177e4SLinus Torvalds 15181da177e4SLinus Torvalds err = sock->ops->getname(sock, (struct sockaddr *)address, &len, 0); 15191da177e4SLinus Torvalds if (err) 15201da177e4SLinus Torvalds goto out_put; 15211da177e4SLinus Torvalds err = move_addr_to_user(address, len, usockaddr, usockaddr_len); 15221da177e4SLinus Torvalds 15231da177e4SLinus Torvalds out_put: 15246cb153caSBenjamin LaHaise fput_light(sock->file, fput_needed); 15251da177e4SLinus Torvalds out: 15261da177e4SLinus Torvalds return err; 15271da177e4SLinus Torvalds } 15281da177e4SLinus Torvalds 15291da177e4SLinus Torvalds /* 15301da177e4SLinus Torvalds * Get the remote address ('name') of a socket object. Move the obtained 15311da177e4SLinus Torvalds * name to user space. 15321da177e4SLinus Torvalds */ 15331da177e4SLinus Torvalds 15341da177e4SLinus Torvalds asmlinkage long sys_getpeername(int fd, struct sockaddr __user *usockaddr, int __user *usockaddr_len) 15351da177e4SLinus Torvalds { 15361da177e4SLinus Torvalds struct socket *sock; 15371da177e4SLinus Torvalds char address[MAX_SOCK_ADDR]; 15386cb153caSBenjamin LaHaise int len, err, fput_needed; 15391da177e4SLinus Torvalds 15406cb153caSBenjamin LaHaise if ((sock = sockfd_lookup_light(fd, &err, &fput_needed)) != NULL) { 15411da177e4SLinus Torvalds err = security_socket_getpeername(sock); 15421da177e4SLinus Torvalds if (err) { 15436cb153caSBenjamin LaHaise fput_light(sock->file, fput_needed); 15441da177e4SLinus Torvalds return err; 15451da177e4SLinus Torvalds } 15461da177e4SLinus Torvalds 15471da177e4SLinus Torvalds err = sock->ops->getname(sock, (struct sockaddr *)address, &len, 1); 15481da177e4SLinus Torvalds if (!err) 15491da177e4SLinus Torvalds err=move_addr_to_user(address,len, usockaddr, usockaddr_len); 15506cb153caSBenjamin LaHaise fput_light(sock->file, fput_needed); 15511da177e4SLinus Torvalds } 15521da177e4SLinus Torvalds return err; 15531da177e4SLinus Torvalds } 15541da177e4SLinus Torvalds 15551da177e4SLinus Torvalds /* 15561da177e4SLinus Torvalds * Send a datagram to a given address. We move the address into kernel 15571da177e4SLinus Torvalds * space and check the user space data area is readable before invoking 15581da177e4SLinus Torvalds * the protocol. 15591da177e4SLinus Torvalds */ 15601da177e4SLinus Torvalds 15611da177e4SLinus Torvalds asmlinkage long sys_sendto(int fd, void __user * buff, size_t len, unsigned flags, 15621da177e4SLinus Torvalds struct sockaddr __user *addr, int addr_len) 15631da177e4SLinus Torvalds { 15641da177e4SLinus Torvalds struct socket *sock; 15651da177e4SLinus Torvalds char address[MAX_SOCK_ADDR]; 15661da177e4SLinus Torvalds int err; 15671da177e4SLinus Torvalds struct msghdr msg; 15681da177e4SLinus Torvalds struct iovec iov; 15696cb153caSBenjamin LaHaise int fput_needed; 15706cb153caSBenjamin LaHaise struct file *sock_file; 15711da177e4SLinus Torvalds 15726cb153caSBenjamin LaHaise sock_file = fget_light(fd, &fput_needed); 15736cb153caSBenjamin LaHaise if (!sock_file) 15746cb153caSBenjamin LaHaise return -EBADF; 15756cb153caSBenjamin LaHaise 15766cb153caSBenjamin LaHaise sock = sock_from_file(sock_file, &err); 15771da177e4SLinus Torvalds if (!sock) 15786cb153caSBenjamin LaHaise goto out_put; 15791da177e4SLinus Torvalds iov.iov_base=buff; 15801da177e4SLinus Torvalds iov.iov_len=len; 15811da177e4SLinus Torvalds msg.msg_name=NULL; 15821da177e4SLinus Torvalds msg.msg_iov=&iov; 15831da177e4SLinus Torvalds msg.msg_iovlen=1; 15841da177e4SLinus Torvalds msg.msg_control=NULL; 15851da177e4SLinus Torvalds msg.msg_controllen=0; 15861da177e4SLinus Torvalds msg.msg_namelen=0; 15876cb153caSBenjamin LaHaise if (addr) { 15881da177e4SLinus Torvalds err = move_addr_to_kernel(addr, addr_len, address); 15891da177e4SLinus Torvalds if (err < 0) 15901da177e4SLinus Torvalds goto out_put; 15911da177e4SLinus Torvalds msg.msg_name=address; 15921da177e4SLinus Torvalds msg.msg_namelen=addr_len; 15931da177e4SLinus Torvalds } 15941da177e4SLinus Torvalds if (sock->file->f_flags & O_NONBLOCK) 15951da177e4SLinus Torvalds flags |= MSG_DONTWAIT; 15961da177e4SLinus Torvalds msg.msg_flags = flags; 15971da177e4SLinus Torvalds err = sock_sendmsg(sock, &msg, len); 15981da177e4SLinus Torvalds 15991da177e4SLinus Torvalds out_put: 16006cb153caSBenjamin LaHaise fput_light(sock_file, fput_needed); 16011da177e4SLinus Torvalds return err; 16021da177e4SLinus Torvalds } 16031da177e4SLinus Torvalds 16041da177e4SLinus Torvalds /* 16051da177e4SLinus Torvalds * Send a datagram down a socket. 16061da177e4SLinus Torvalds */ 16071da177e4SLinus Torvalds 16081da177e4SLinus Torvalds asmlinkage long sys_send(int fd, void __user * buff, size_t len, unsigned flags) 16091da177e4SLinus Torvalds { 16101da177e4SLinus Torvalds return sys_sendto(fd, buff, len, flags, NULL, 0); 16111da177e4SLinus Torvalds } 16121da177e4SLinus Torvalds 16131da177e4SLinus Torvalds /* 16141da177e4SLinus Torvalds * Receive a frame from the socket and optionally record the address of the 16151da177e4SLinus Torvalds * sender. We verify the buffers are writable and if needed move the 16161da177e4SLinus Torvalds * sender address from kernel to user space. 16171da177e4SLinus Torvalds */ 16181da177e4SLinus Torvalds 16191da177e4SLinus Torvalds asmlinkage long sys_recvfrom(int fd, void __user * ubuf, size_t size, unsigned flags, 16201da177e4SLinus Torvalds struct sockaddr __user *addr, int __user *addr_len) 16211da177e4SLinus Torvalds { 16221da177e4SLinus Torvalds struct socket *sock; 16231da177e4SLinus Torvalds struct iovec iov; 16241da177e4SLinus Torvalds struct msghdr msg; 16251da177e4SLinus Torvalds char address[MAX_SOCK_ADDR]; 16261da177e4SLinus Torvalds int err,err2; 16276cb153caSBenjamin LaHaise struct file *sock_file; 16286cb153caSBenjamin LaHaise int fput_needed; 16291da177e4SLinus Torvalds 16306cb153caSBenjamin LaHaise sock_file = fget_light(fd, &fput_needed); 16316cb153caSBenjamin LaHaise if (!sock_file) 16326cb153caSBenjamin LaHaise return -EBADF; 16336cb153caSBenjamin LaHaise 16346cb153caSBenjamin LaHaise sock = sock_from_file(sock_file, &err); 16351da177e4SLinus Torvalds if (!sock) 16361da177e4SLinus Torvalds goto out; 16371da177e4SLinus Torvalds 16381da177e4SLinus Torvalds msg.msg_control=NULL; 16391da177e4SLinus Torvalds msg.msg_controllen=0; 16401da177e4SLinus Torvalds msg.msg_iovlen=1; 16411da177e4SLinus Torvalds msg.msg_iov=&iov; 16421da177e4SLinus Torvalds iov.iov_len=size; 16431da177e4SLinus Torvalds iov.iov_base=ubuf; 16441da177e4SLinus Torvalds msg.msg_name=address; 16451da177e4SLinus Torvalds msg.msg_namelen=MAX_SOCK_ADDR; 16461da177e4SLinus Torvalds if (sock->file->f_flags & O_NONBLOCK) 16471da177e4SLinus Torvalds flags |= MSG_DONTWAIT; 16481da177e4SLinus Torvalds err=sock_recvmsg(sock, &msg, size, flags); 16491da177e4SLinus Torvalds 16501da177e4SLinus Torvalds if(err >= 0 && addr != NULL) 16511da177e4SLinus Torvalds { 16521da177e4SLinus Torvalds err2=move_addr_to_user(address, msg.msg_namelen, addr, addr_len); 16531da177e4SLinus Torvalds if(err2<0) 16541da177e4SLinus Torvalds err=err2; 16551da177e4SLinus Torvalds } 16561da177e4SLinus Torvalds out: 16576cb153caSBenjamin LaHaise fput_light(sock_file, fput_needed); 16581da177e4SLinus Torvalds return err; 16591da177e4SLinus Torvalds } 16601da177e4SLinus Torvalds 16611da177e4SLinus Torvalds /* 16621da177e4SLinus Torvalds * Receive a datagram from a socket. 16631da177e4SLinus Torvalds */ 16641da177e4SLinus Torvalds 16651da177e4SLinus Torvalds asmlinkage long sys_recv(int fd, void __user * ubuf, size_t size, unsigned flags) 16661da177e4SLinus Torvalds { 16671da177e4SLinus Torvalds return sys_recvfrom(fd, ubuf, size, flags, NULL, NULL); 16681da177e4SLinus Torvalds } 16691da177e4SLinus Torvalds 16701da177e4SLinus Torvalds /* 16711da177e4SLinus Torvalds * Set a socket option. Because we don't know the option lengths we have 16721da177e4SLinus Torvalds * to pass the user mode parameter for the protocols to sort out. 16731da177e4SLinus Torvalds */ 16741da177e4SLinus Torvalds 16751da177e4SLinus Torvalds asmlinkage long sys_setsockopt(int fd, int level, int optname, char __user *optval, int optlen) 16761da177e4SLinus Torvalds { 16776cb153caSBenjamin LaHaise int err, fput_needed; 16781da177e4SLinus Torvalds struct socket *sock; 16791da177e4SLinus Torvalds 16801da177e4SLinus Torvalds if (optlen < 0) 16811da177e4SLinus Torvalds return -EINVAL; 16821da177e4SLinus Torvalds 16836cb153caSBenjamin LaHaise if ((sock = sockfd_lookup_light(fd, &err, &fput_needed)) != NULL) 16841da177e4SLinus Torvalds { 16851da177e4SLinus Torvalds err = security_socket_setsockopt(sock,level,optname); 16866cb153caSBenjamin LaHaise if (err) 16876cb153caSBenjamin LaHaise goto out_put; 16881da177e4SLinus Torvalds 16891da177e4SLinus Torvalds if (level == SOL_SOCKET) 16901da177e4SLinus Torvalds err=sock_setsockopt(sock,level,optname,optval,optlen); 16911da177e4SLinus Torvalds else 16921da177e4SLinus Torvalds err=sock->ops->setsockopt(sock, level, optname, optval, optlen); 16936cb153caSBenjamin LaHaise out_put: 16946cb153caSBenjamin LaHaise fput_light(sock->file, fput_needed); 16951da177e4SLinus Torvalds } 16961da177e4SLinus Torvalds return err; 16971da177e4SLinus Torvalds } 16981da177e4SLinus Torvalds 16991da177e4SLinus Torvalds /* 17001da177e4SLinus Torvalds * Get a socket option. Because we don't know the option lengths we have 17011da177e4SLinus Torvalds * to pass a user mode parameter for the protocols to sort out. 17021da177e4SLinus Torvalds */ 17031da177e4SLinus Torvalds 17041da177e4SLinus Torvalds asmlinkage long sys_getsockopt(int fd, int level, int optname, char __user *optval, int __user *optlen) 17051da177e4SLinus Torvalds { 17066cb153caSBenjamin LaHaise int err, fput_needed; 17071da177e4SLinus Torvalds struct socket *sock; 17081da177e4SLinus Torvalds 17096cb153caSBenjamin LaHaise if ((sock = sockfd_lookup_light(fd, &err, &fput_needed)) != NULL) { 17106cb153caSBenjamin LaHaise err = security_socket_getsockopt(sock, level, optname); 17116cb153caSBenjamin LaHaise if (err) 17126cb153caSBenjamin LaHaise goto out_put; 17131da177e4SLinus Torvalds 17141da177e4SLinus Torvalds if (level == SOL_SOCKET) 17151da177e4SLinus Torvalds err=sock_getsockopt(sock,level,optname,optval,optlen); 17161da177e4SLinus Torvalds else 17171da177e4SLinus Torvalds err=sock->ops->getsockopt(sock, level, optname, optval, optlen); 17186cb153caSBenjamin LaHaise out_put: 17196cb153caSBenjamin LaHaise fput_light(sock->file, fput_needed); 17201da177e4SLinus Torvalds } 17211da177e4SLinus Torvalds return err; 17221da177e4SLinus Torvalds } 17231da177e4SLinus Torvalds 17241da177e4SLinus Torvalds 17251da177e4SLinus Torvalds /* 17261da177e4SLinus Torvalds * Shutdown a socket. 17271da177e4SLinus Torvalds */ 17281da177e4SLinus Torvalds 17291da177e4SLinus Torvalds asmlinkage long sys_shutdown(int fd, int how) 17301da177e4SLinus Torvalds { 17316cb153caSBenjamin LaHaise int err, fput_needed; 17321da177e4SLinus Torvalds struct socket *sock; 17331da177e4SLinus Torvalds 17346cb153caSBenjamin LaHaise if ((sock = sockfd_lookup_light(fd, &err, &fput_needed))!=NULL) 17351da177e4SLinus Torvalds { 17361da177e4SLinus Torvalds err = security_socket_shutdown(sock, how); 17376cb153caSBenjamin LaHaise if (!err) 17381da177e4SLinus Torvalds err = sock->ops->shutdown(sock, how); 17396cb153caSBenjamin LaHaise fput_light(sock->file, fput_needed); 17401da177e4SLinus Torvalds } 17411da177e4SLinus Torvalds return err; 17421da177e4SLinus Torvalds } 17431da177e4SLinus Torvalds 17441da177e4SLinus Torvalds /* A couple of helpful macros for getting the address of the 32/64 bit 17451da177e4SLinus Torvalds * fields which are the same type (int / unsigned) on our platforms. 17461da177e4SLinus Torvalds */ 17471da177e4SLinus Torvalds #define COMPAT_MSG(msg, member) ((MSG_CMSG_COMPAT & flags) ? &msg##_compat->member : &msg->member) 17481da177e4SLinus Torvalds #define COMPAT_NAMELEN(msg) COMPAT_MSG(msg, msg_namelen) 17491da177e4SLinus Torvalds #define COMPAT_FLAGS(msg) COMPAT_MSG(msg, msg_flags) 17501da177e4SLinus Torvalds 17511da177e4SLinus Torvalds 17521da177e4SLinus Torvalds /* 17531da177e4SLinus Torvalds * BSD sendmsg interface 17541da177e4SLinus Torvalds */ 17551da177e4SLinus Torvalds 17561da177e4SLinus Torvalds asmlinkage long sys_sendmsg(int fd, struct msghdr __user *msg, unsigned flags) 17571da177e4SLinus Torvalds { 17581da177e4SLinus Torvalds struct compat_msghdr __user *msg_compat = (struct compat_msghdr __user *)msg; 17591da177e4SLinus Torvalds struct socket *sock; 17601da177e4SLinus Torvalds char address[MAX_SOCK_ADDR]; 17611da177e4SLinus Torvalds struct iovec iovstack[UIO_FASTIOV], *iov = iovstack; 1762b9d717a7SAlex Williamson unsigned char ctl[sizeof(struct cmsghdr) + 20] 1763b9d717a7SAlex Williamson __attribute__ ((aligned (sizeof(__kernel_size_t)))); 1764b9d717a7SAlex Williamson /* 20 is size of ipv6_pktinfo */ 17651da177e4SLinus Torvalds unsigned char *ctl_buf = ctl; 17661da177e4SLinus Torvalds struct msghdr msg_sys; 17671da177e4SLinus Torvalds int err, ctl_len, iov_size, total_len; 17686cb153caSBenjamin LaHaise int fput_needed; 17691da177e4SLinus Torvalds 17701da177e4SLinus Torvalds err = -EFAULT; 17711da177e4SLinus Torvalds if (MSG_CMSG_COMPAT & flags) { 17721da177e4SLinus Torvalds if (get_compat_msghdr(&msg_sys, msg_compat)) 17731da177e4SLinus Torvalds return -EFAULT; 17741da177e4SLinus Torvalds } else if (copy_from_user(&msg_sys, msg, sizeof(struct msghdr))) 17751da177e4SLinus Torvalds return -EFAULT; 17761da177e4SLinus Torvalds 17776cb153caSBenjamin LaHaise sock = sockfd_lookup_light(fd, &err, &fput_needed); 17781da177e4SLinus Torvalds if (!sock) 17791da177e4SLinus Torvalds goto out; 17801da177e4SLinus Torvalds 17811da177e4SLinus Torvalds /* do not move before msg_sys is valid */ 17821da177e4SLinus Torvalds err = -EMSGSIZE; 17831da177e4SLinus Torvalds if (msg_sys.msg_iovlen > UIO_MAXIOV) 17841da177e4SLinus Torvalds goto out_put; 17851da177e4SLinus Torvalds 17861da177e4SLinus Torvalds /* Check whether to allocate the iovec area*/ 17871da177e4SLinus Torvalds err = -ENOMEM; 17881da177e4SLinus Torvalds iov_size = msg_sys.msg_iovlen * sizeof(struct iovec); 17891da177e4SLinus Torvalds if (msg_sys.msg_iovlen > UIO_FASTIOV) { 17901da177e4SLinus Torvalds iov = sock_kmalloc(sock->sk, iov_size, GFP_KERNEL); 17911da177e4SLinus Torvalds if (!iov) 17921da177e4SLinus Torvalds goto out_put; 17931da177e4SLinus Torvalds } 17941da177e4SLinus Torvalds 17951da177e4SLinus Torvalds /* This will also move the address data into kernel space */ 17961da177e4SLinus Torvalds if (MSG_CMSG_COMPAT & flags) { 17971da177e4SLinus Torvalds err = verify_compat_iovec(&msg_sys, iov, address, VERIFY_READ); 17981da177e4SLinus Torvalds } else 17991da177e4SLinus Torvalds err = verify_iovec(&msg_sys, iov, address, VERIFY_READ); 18001da177e4SLinus Torvalds if (err < 0) 18011da177e4SLinus Torvalds goto out_freeiov; 18021da177e4SLinus Torvalds total_len = err; 18031da177e4SLinus Torvalds 18041da177e4SLinus Torvalds err = -ENOBUFS; 18051da177e4SLinus Torvalds 18061da177e4SLinus Torvalds if (msg_sys.msg_controllen > INT_MAX) 18071da177e4SLinus Torvalds goto out_freeiov; 18081da177e4SLinus Torvalds ctl_len = msg_sys.msg_controllen; 18091da177e4SLinus Torvalds if ((MSG_CMSG_COMPAT & flags) && ctl_len) { 18108920e8f9SAl Viro err = cmsghdr_from_user_compat_to_kern(&msg_sys, sock->sk, ctl, sizeof(ctl)); 18111da177e4SLinus Torvalds if (err) 18121da177e4SLinus Torvalds goto out_freeiov; 18131da177e4SLinus Torvalds ctl_buf = msg_sys.msg_control; 18148920e8f9SAl Viro ctl_len = msg_sys.msg_controllen; 18151da177e4SLinus Torvalds } else if (ctl_len) { 18161da177e4SLinus Torvalds if (ctl_len > sizeof(ctl)) 18171da177e4SLinus Torvalds { 18181da177e4SLinus Torvalds ctl_buf = sock_kmalloc(sock->sk, ctl_len, GFP_KERNEL); 18191da177e4SLinus Torvalds if (ctl_buf == NULL) 18201da177e4SLinus Torvalds goto out_freeiov; 18211da177e4SLinus Torvalds } 18221da177e4SLinus Torvalds err = -EFAULT; 18231da177e4SLinus Torvalds /* 18241da177e4SLinus Torvalds * Careful! Before this, msg_sys.msg_control contains a user pointer. 18251da177e4SLinus Torvalds * Afterwards, it will be a kernel pointer. Thus the compiler-assisted 18261da177e4SLinus Torvalds * checking falls down on this. 18271da177e4SLinus Torvalds */ 18281da177e4SLinus Torvalds if (copy_from_user(ctl_buf, (void __user *) msg_sys.msg_control, ctl_len)) 18291da177e4SLinus Torvalds goto out_freectl; 18301da177e4SLinus Torvalds msg_sys.msg_control = ctl_buf; 18311da177e4SLinus Torvalds } 18321da177e4SLinus Torvalds msg_sys.msg_flags = flags; 18331da177e4SLinus Torvalds 18341da177e4SLinus Torvalds if (sock->file->f_flags & O_NONBLOCK) 18351da177e4SLinus Torvalds msg_sys.msg_flags |= MSG_DONTWAIT; 18361da177e4SLinus Torvalds err = sock_sendmsg(sock, &msg_sys, total_len); 18371da177e4SLinus Torvalds 18381da177e4SLinus Torvalds out_freectl: 18391da177e4SLinus Torvalds if (ctl_buf != ctl) 18401da177e4SLinus Torvalds sock_kfree_s(sock->sk, ctl_buf, ctl_len); 18411da177e4SLinus Torvalds out_freeiov: 18421da177e4SLinus Torvalds if (iov != iovstack) 18431da177e4SLinus Torvalds sock_kfree_s(sock->sk, iov, iov_size); 18441da177e4SLinus Torvalds out_put: 18456cb153caSBenjamin LaHaise fput_light(sock->file, fput_needed); 18461da177e4SLinus Torvalds out: 18471da177e4SLinus Torvalds return err; 18481da177e4SLinus Torvalds } 18491da177e4SLinus Torvalds 18501da177e4SLinus Torvalds /* 18511da177e4SLinus Torvalds * BSD recvmsg interface 18521da177e4SLinus Torvalds */ 18531da177e4SLinus Torvalds 18541da177e4SLinus Torvalds asmlinkage long sys_recvmsg(int fd, struct msghdr __user *msg, unsigned int flags) 18551da177e4SLinus Torvalds { 18561da177e4SLinus Torvalds struct compat_msghdr __user *msg_compat = (struct compat_msghdr __user *)msg; 18571da177e4SLinus Torvalds struct socket *sock; 18581da177e4SLinus Torvalds struct iovec iovstack[UIO_FASTIOV]; 18591da177e4SLinus Torvalds struct iovec *iov=iovstack; 18601da177e4SLinus Torvalds struct msghdr msg_sys; 18611da177e4SLinus Torvalds unsigned long cmsg_ptr; 18621da177e4SLinus Torvalds int err, iov_size, total_len, len; 18636cb153caSBenjamin LaHaise int fput_needed; 18641da177e4SLinus Torvalds 18651da177e4SLinus Torvalds /* kernel mode address */ 18661da177e4SLinus Torvalds char addr[MAX_SOCK_ADDR]; 18671da177e4SLinus Torvalds 18681da177e4SLinus Torvalds /* user mode address pointers */ 18691da177e4SLinus Torvalds struct sockaddr __user *uaddr; 18701da177e4SLinus Torvalds int __user *uaddr_len; 18711da177e4SLinus Torvalds 18721da177e4SLinus Torvalds if (MSG_CMSG_COMPAT & flags) { 18731da177e4SLinus Torvalds if (get_compat_msghdr(&msg_sys, msg_compat)) 18741da177e4SLinus Torvalds return -EFAULT; 18751da177e4SLinus Torvalds } else 18761da177e4SLinus Torvalds if (copy_from_user(&msg_sys,msg,sizeof(struct msghdr))) 18771da177e4SLinus Torvalds return -EFAULT; 18781da177e4SLinus Torvalds 18796cb153caSBenjamin LaHaise sock = sockfd_lookup_light(fd, &err, &fput_needed); 18801da177e4SLinus Torvalds if (!sock) 18811da177e4SLinus Torvalds goto out; 18821da177e4SLinus Torvalds 18831da177e4SLinus Torvalds err = -EMSGSIZE; 18841da177e4SLinus Torvalds if (msg_sys.msg_iovlen > UIO_MAXIOV) 18851da177e4SLinus Torvalds goto out_put; 18861da177e4SLinus Torvalds 18871da177e4SLinus Torvalds /* Check whether to allocate the iovec area*/ 18881da177e4SLinus Torvalds err = -ENOMEM; 18891da177e4SLinus Torvalds iov_size = msg_sys.msg_iovlen * sizeof(struct iovec); 18901da177e4SLinus Torvalds if (msg_sys.msg_iovlen > UIO_FASTIOV) { 18911da177e4SLinus Torvalds iov = sock_kmalloc(sock->sk, iov_size, GFP_KERNEL); 18921da177e4SLinus Torvalds if (!iov) 18931da177e4SLinus Torvalds goto out_put; 18941da177e4SLinus Torvalds } 18951da177e4SLinus Torvalds 18961da177e4SLinus Torvalds /* 18971da177e4SLinus Torvalds * Save the user-mode address (verify_iovec will change the 18981da177e4SLinus Torvalds * kernel msghdr to use the kernel address space) 18991da177e4SLinus Torvalds */ 19001da177e4SLinus Torvalds 19011da177e4SLinus Torvalds uaddr = (void __user *) msg_sys.msg_name; 19021da177e4SLinus Torvalds uaddr_len = COMPAT_NAMELEN(msg); 19031da177e4SLinus Torvalds if (MSG_CMSG_COMPAT & flags) { 19041da177e4SLinus Torvalds err = verify_compat_iovec(&msg_sys, iov, addr, VERIFY_WRITE); 19051da177e4SLinus Torvalds } else 19061da177e4SLinus Torvalds err = verify_iovec(&msg_sys, iov, addr, VERIFY_WRITE); 19071da177e4SLinus Torvalds if (err < 0) 19081da177e4SLinus Torvalds goto out_freeiov; 19091da177e4SLinus Torvalds total_len=err; 19101da177e4SLinus Torvalds 19111da177e4SLinus Torvalds cmsg_ptr = (unsigned long)msg_sys.msg_control; 19121da177e4SLinus Torvalds msg_sys.msg_flags = 0; 19131da177e4SLinus Torvalds if (MSG_CMSG_COMPAT & flags) 19141da177e4SLinus Torvalds msg_sys.msg_flags = MSG_CMSG_COMPAT; 19151da177e4SLinus Torvalds 19161da177e4SLinus Torvalds if (sock->file->f_flags & O_NONBLOCK) 19171da177e4SLinus Torvalds flags |= MSG_DONTWAIT; 19181da177e4SLinus Torvalds err = sock_recvmsg(sock, &msg_sys, total_len, flags); 19191da177e4SLinus Torvalds if (err < 0) 19201da177e4SLinus Torvalds goto out_freeiov; 19211da177e4SLinus Torvalds len = err; 19221da177e4SLinus Torvalds 19231da177e4SLinus Torvalds if (uaddr != NULL) { 19241da177e4SLinus Torvalds err = move_addr_to_user(addr, msg_sys.msg_namelen, uaddr, uaddr_len); 19251da177e4SLinus Torvalds if (err < 0) 19261da177e4SLinus Torvalds goto out_freeiov; 19271da177e4SLinus Torvalds } 192837f7f421SDavid S. Miller err = __put_user((msg_sys.msg_flags & ~MSG_CMSG_COMPAT), 192937f7f421SDavid S. Miller COMPAT_FLAGS(msg)); 19301da177e4SLinus Torvalds if (err) 19311da177e4SLinus Torvalds goto out_freeiov; 19321da177e4SLinus Torvalds if (MSG_CMSG_COMPAT & flags) 19331da177e4SLinus Torvalds err = __put_user((unsigned long)msg_sys.msg_control-cmsg_ptr, 19341da177e4SLinus Torvalds &msg_compat->msg_controllen); 19351da177e4SLinus Torvalds else 19361da177e4SLinus Torvalds err = __put_user((unsigned long)msg_sys.msg_control-cmsg_ptr, 19371da177e4SLinus Torvalds &msg->msg_controllen); 19381da177e4SLinus Torvalds if (err) 19391da177e4SLinus Torvalds goto out_freeiov; 19401da177e4SLinus Torvalds err = len; 19411da177e4SLinus Torvalds 19421da177e4SLinus Torvalds out_freeiov: 19431da177e4SLinus Torvalds if (iov != iovstack) 19441da177e4SLinus Torvalds sock_kfree_s(sock->sk, iov, iov_size); 19451da177e4SLinus Torvalds out_put: 19466cb153caSBenjamin LaHaise fput_light(sock->file, fput_needed); 19471da177e4SLinus Torvalds out: 19481da177e4SLinus Torvalds return err; 19491da177e4SLinus Torvalds } 19501da177e4SLinus Torvalds 19511da177e4SLinus Torvalds #ifdef __ARCH_WANT_SYS_SOCKETCALL 19521da177e4SLinus Torvalds 19531da177e4SLinus Torvalds /* Argument list sizes for sys_socketcall */ 19541da177e4SLinus Torvalds #define AL(x) ((x) * sizeof(unsigned long)) 19551da177e4SLinus Torvalds static unsigned char nargs[18]={AL(0),AL(3),AL(3),AL(3),AL(2),AL(3), 19561da177e4SLinus Torvalds AL(3),AL(3),AL(4),AL(4),AL(4),AL(6), 19571da177e4SLinus Torvalds AL(6),AL(2),AL(5),AL(5),AL(3),AL(3)}; 19581da177e4SLinus Torvalds #undef AL 19591da177e4SLinus Torvalds 19601da177e4SLinus Torvalds /* 19611da177e4SLinus Torvalds * System call vectors. 19621da177e4SLinus Torvalds * 19631da177e4SLinus Torvalds * Argument checking cleaned up. Saved 20% in size. 19641da177e4SLinus Torvalds * This function doesn't need to set the kernel lock because 19651da177e4SLinus Torvalds * it is set by the callees. 19661da177e4SLinus Torvalds */ 19671da177e4SLinus Torvalds 19681da177e4SLinus Torvalds asmlinkage long sys_socketcall(int call, unsigned long __user *args) 19691da177e4SLinus Torvalds { 19701da177e4SLinus Torvalds unsigned long a[6]; 19711da177e4SLinus Torvalds unsigned long a0,a1; 19721da177e4SLinus Torvalds int err; 19731da177e4SLinus Torvalds 19741da177e4SLinus Torvalds if(call<1||call>SYS_RECVMSG) 19751da177e4SLinus Torvalds return -EINVAL; 19761da177e4SLinus Torvalds 19771da177e4SLinus Torvalds /* copy_from_user should be SMP safe. */ 19781da177e4SLinus Torvalds if (copy_from_user(a, args, nargs[call])) 19791da177e4SLinus Torvalds return -EFAULT; 19801da177e4SLinus Torvalds 19814bcff1b3SDavid Woodhouse err = audit_socketcall(nargs[call]/sizeof(unsigned long), a); 19823ec3b2fbSDavid Woodhouse if (err) 19833ec3b2fbSDavid Woodhouse return err; 19843ec3b2fbSDavid Woodhouse 19851da177e4SLinus Torvalds a0=a[0]; 19861da177e4SLinus Torvalds a1=a[1]; 19871da177e4SLinus Torvalds 19881da177e4SLinus Torvalds switch(call) 19891da177e4SLinus Torvalds { 19901da177e4SLinus Torvalds case SYS_SOCKET: 19911da177e4SLinus Torvalds err = sys_socket(a0,a1,a[2]); 19921da177e4SLinus Torvalds break; 19931da177e4SLinus Torvalds case SYS_BIND: 19941da177e4SLinus Torvalds err = sys_bind(a0,(struct sockaddr __user *)a1, a[2]); 19951da177e4SLinus Torvalds break; 19961da177e4SLinus Torvalds case SYS_CONNECT: 19971da177e4SLinus Torvalds err = sys_connect(a0, (struct sockaddr __user *)a1, a[2]); 19981da177e4SLinus Torvalds break; 19991da177e4SLinus Torvalds case SYS_LISTEN: 20001da177e4SLinus Torvalds err = sys_listen(a0,a1); 20011da177e4SLinus Torvalds break; 20021da177e4SLinus Torvalds case SYS_ACCEPT: 20031da177e4SLinus Torvalds err = sys_accept(a0,(struct sockaddr __user *)a1, (int __user *)a[2]); 20041da177e4SLinus Torvalds break; 20051da177e4SLinus Torvalds case SYS_GETSOCKNAME: 20061da177e4SLinus Torvalds err = sys_getsockname(a0,(struct sockaddr __user *)a1, (int __user *)a[2]); 20071da177e4SLinus Torvalds break; 20081da177e4SLinus Torvalds case SYS_GETPEERNAME: 20091da177e4SLinus Torvalds err = sys_getpeername(a0, (struct sockaddr __user *)a1, (int __user *)a[2]); 20101da177e4SLinus Torvalds break; 20111da177e4SLinus Torvalds case SYS_SOCKETPAIR: 20121da177e4SLinus Torvalds err = sys_socketpair(a0,a1, a[2], (int __user *)a[3]); 20131da177e4SLinus Torvalds break; 20141da177e4SLinus Torvalds case SYS_SEND: 20151da177e4SLinus Torvalds err = sys_send(a0, (void __user *)a1, a[2], a[3]); 20161da177e4SLinus Torvalds break; 20171da177e4SLinus Torvalds case SYS_SENDTO: 20181da177e4SLinus Torvalds err = sys_sendto(a0,(void __user *)a1, a[2], a[3], 20191da177e4SLinus Torvalds (struct sockaddr __user *)a[4], a[5]); 20201da177e4SLinus Torvalds break; 20211da177e4SLinus Torvalds case SYS_RECV: 20221da177e4SLinus Torvalds err = sys_recv(a0, (void __user *)a1, a[2], a[3]); 20231da177e4SLinus Torvalds break; 20241da177e4SLinus Torvalds case SYS_RECVFROM: 20251da177e4SLinus Torvalds err = sys_recvfrom(a0, (void __user *)a1, a[2], a[3], 20261da177e4SLinus Torvalds (struct sockaddr __user *)a[4], (int __user *)a[5]); 20271da177e4SLinus Torvalds break; 20281da177e4SLinus Torvalds case SYS_SHUTDOWN: 20291da177e4SLinus Torvalds err = sys_shutdown(a0,a1); 20301da177e4SLinus Torvalds break; 20311da177e4SLinus Torvalds case SYS_SETSOCKOPT: 20321da177e4SLinus Torvalds err = sys_setsockopt(a0, a1, a[2], (char __user *)a[3], a[4]); 20331da177e4SLinus Torvalds break; 20341da177e4SLinus Torvalds case SYS_GETSOCKOPT: 20351da177e4SLinus Torvalds err = sys_getsockopt(a0, a1, a[2], (char __user *)a[3], (int __user *)a[4]); 20361da177e4SLinus Torvalds break; 20371da177e4SLinus Torvalds case SYS_SENDMSG: 20381da177e4SLinus Torvalds err = sys_sendmsg(a0, (struct msghdr __user *) a1, a[2]); 20391da177e4SLinus Torvalds break; 20401da177e4SLinus Torvalds case SYS_RECVMSG: 20411da177e4SLinus Torvalds err = sys_recvmsg(a0, (struct msghdr __user *) a1, a[2]); 20421da177e4SLinus Torvalds break; 20431da177e4SLinus Torvalds default: 20441da177e4SLinus Torvalds err = -EINVAL; 20451da177e4SLinus Torvalds break; 20461da177e4SLinus Torvalds } 20471da177e4SLinus Torvalds return err; 20481da177e4SLinus Torvalds } 20491da177e4SLinus Torvalds 20501da177e4SLinus Torvalds #endif /* __ARCH_WANT_SYS_SOCKETCALL */ 20511da177e4SLinus Torvalds 20521da177e4SLinus Torvalds /* 20531da177e4SLinus Torvalds * This function is called by a protocol handler that wants to 20541da177e4SLinus Torvalds * advertise its address family, and have it linked into the 20551da177e4SLinus Torvalds * SOCKET module. 20561da177e4SLinus Torvalds */ 20571da177e4SLinus Torvalds 20581da177e4SLinus Torvalds int sock_register(struct net_proto_family *ops) 20591da177e4SLinus Torvalds { 20601da177e4SLinus Torvalds int err; 20611da177e4SLinus Torvalds 20621da177e4SLinus Torvalds if (ops->family >= NPROTO) { 20631da177e4SLinus Torvalds printk(KERN_CRIT "protocol %d >= NPROTO(%d)\n", ops->family, NPROTO); 20641da177e4SLinus Torvalds return -ENOBUFS; 20651da177e4SLinus Torvalds } 20661da177e4SLinus Torvalds net_family_write_lock(); 20671da177e4SLinus Torvalds err = -EEXIST; 20681da177e4SLinus Torvalds if (net_families[ops->family] == NULL) { 20691da177e4SLinus Torvalds net_families[ops->family]=ops; 20701da177e4SLinus Torvalds err = 0; 20711da177e4SLinus Torvalds } 20721da177e4SLinus Torvalds net_family_write_unlock(); 20731da177e4SLinus Torvalds printk(KERN_INFO "NET: Registered protocol family %d\n", 20741da177e4SLinus Torvalds ops->family); 20751da177e4SLinus Torvalds return err; 20761da177e4SLinus Torvalds } 20771da177e4SLinus Torvalds 20781da177e4SLinus Torvalds /* 20791da177e4SLinus Torvalds * This function is called by a protocol handler that wants to 20801da177e4SLinus Torvalds * remove its address family, and have it unlinked from the 20811da177e4SLinus Torvalds * SOCKET module. 20821da177e4SLinus Torvalds */ 20831da177e4SLinus Torvalds 20841da177e4SLinus Torvalds int sock_unregister(int family) 20851da177e4SLinus Torvalds { 20861da177e4SLinus Torvalds if (family < 0 || family >= NPROTO) 20871da177e4SLinus Torvalds return -1; 20881da177e4SLinus Torvalds 20891da177e4SLinus Torvalds net_family_write_lock(); 20901da177e4SLinus Torvalds net_families[family]=NULL; 20911da177e4SLinus Torvalds net_family_write_unlock(); 20921da177e4SLinus Torvalds printk(KERN_INFO "NET: Unregistered protocol family %d\n", 20931da177e4SLinus Torvalds family); 20941da177e4SLinus Torvalds return 0; 20951da177e4SLinus Torvalds } 20961da177e4SLinus Torvalds 209777d76ea3SAndi Kleen static int __init sock_init(void) 20981da177e4SLinus Torvalds { 20991da177e4SLinus Torvalds /* 21001da177e4SLinus Torvalds * Initialize sock SLAB cache. 21011da177e4SLinus Torvalds */ 21021da177e4SLinus Torvalds 21031da177e4SLinus Torvalds sk_init(); 21041da177e4SLinus Torvalds 21051da177e4SLinus Torvalds /* 21061da177e4SLinus Torvalds * Initialize skbuff SLAB cache 21071da177e4SLinus Torvalds */ 21081da177e4SLinus Torvalds skb_init(); 21091da177e4SLinus Torvalds 21101da177e4SLinus Torvalds /* 21111da177e4SLinus Torvalds * Initialize the protocols module. 21121da177e4SLinus Torvalds */ 21131da177e4SLinus Torvalds 21141da177e4SLinus Torvalds init_inodecache(); 21151da177e4SLinus Torvalds register_filesystem(&sock_fs_type); 21161da177e4SLinus Torvalds sock_mnt = kern_mount(&sock_fs_type); 211777d76ea3SAndi Kleen 211877d76ea3SAndi Kleen /* The real protocol initialization is performed in later initcalls. 21191da177e4SLinus Torvalds */ 21201da177e4SLinus Torvalds 21211da177e4SLinus Torvalds #ifdef CONFIG_NETFILTER 21221da177e4SLinus Torvalds netfilter_init(); 21231da177e4SLinus Torvalds #endif 2124cbeb321aSDavid S. Miller 2125cbeb321aSDavid S. Miller return 0; 21261da177e4SLinus Torvalds } 21271da177e4SLinus Torvalds 212877d76ea3SAndi Kleen core_initcall(sock_init); /* early initcall */ 212977d76ea3SAndi Kleen 21301da177e4SLinus Torvalds #ifdef CONFIG_PROC_FS 21311da177e4SLinus Torvalds void socket_seq_show(struct seq_file *seq) 21321da177e4SLinus Torvalds { 21331da177e4SLinus Torvalds int cpu; 21341da177e4SLinus Torvalds int counter = 0; 21351da177e4SLinus Torvalds 21366f912042SKAMEZAWA Hiroyuki for_each_possible_cpu(cpu) 21371da177e4SLinus Torvalds counter += per_cpu(sockets_in_use, cpu); 21381da177e4SLinus Torvalds 21391da177e4SLinus Torvalds /* It can be negative, by the way. 8) */ 21401da177e4SLinus Torvalds if (counter < 0) 21411da177e4SLinus Torvalds counter = 0; 21421da177e4SLinus Torvalds 21431da177e4SLinus Torvalds seq_printf(seq, "sockets: used %d\n", counter); 21441da177e4SLinus Torvalds } 21451da177e4SLinus Torvalds #endif /* CONFIG_PROC_FS */ 21461da177e4SLinus Torvalds 214789bbfc95SShaun Pereira #ifdef CONFIG_COMPAT 214889bbfc95SShaun Pereira static long compat_sock_ioctl(struct file *file, unsigned cmd, 214989bbfc95SShaun Pereira unsigned long arg) 215089bbfc95SShaun Pereira { 215189bbfc95SShaun Pereira struct socket *sock = file->private_data; 215289bbfc95SShaun Pereira int ret = -ENOIOCTLCMD; 215389bbfc95SShaun Pereira 215489bbfc95SShaun Pereira if (sock->ops->compat_ioctl) 215589bbfc95SShaun Pereira ret = sock->ops->compat_ioctl(sock, cmd, arg); 215689bbfc95SShaun Pereira 215789bbfc95SShaun Pereira return ret; 215889bbfc95SShaun Pereira } 215989bbfc95SShaun Pereira #endif 216089bbfc95SShaun Pereira 21611da177e4SLinus Torvalds /* ABI emulation layers need these two */ 21621da177e4SLinus Torvalds EXPORT_SYMBOL(move_addr_to_kernel); 21631da177e4SLinus Torvalds EXPORT_SYMBOL(move_addr_to_user); 21641da177e4SLinus Torvalds EXPORT_SYMBOL(sock_create); 21651da177e4SLinus Torvalds EXPORT_SYMBOL(sock_create_kern); 21661da177e4SLinus Torvalds EXPORT_SYMBOL(sock_create_lite); 21671da177e4SLinus Torvalds EXPORT_SYMBOL(sock_map_fd); 21681da177e4SLinus Torvalds EXPORT_SYMBOL(sock_recvmsg); 21691da177e4SLinus Torvalds EXPORT_SYMBOL(sock_register); 21701da177e4SLinus Torvalds EXPORT_SYMBOL(sock_release); 21711da177e4SLinus Torvalds EXPORT_SYMBOL(sock_sendmsg); 21721da177e4SLinus Torvalds EXPORT_SYMBOL(sock_unregister); 21731da177e4SLinus Torvalds EXPORT_SYMBOL(sock_wake_async); 21741da177e4SLinus Torvalds EXPORT_SYMBOL(sockfd_lookup); 21751da177e4SLinus Torvalds EXPORT_SYMBOL(kernel_sendmsg); 21761da177e4SLinus Torvalds EXPORT_SYMBOL(kernel_recvmsg); 2177