/net/core/sock.c

http://github.com/mirrors/linux · C · 3627 lines · 2606 code · 537 blank · 484 comment · 441 complexity · 6f71689e654581312f9fd9a8aa4beffa MD5 · raw file

Large files are truncated click here to view the full file

  1. // SPDX-License-Identifier: GPL-2.0-or-later
  2. /*
  3. * INET An implementation of the TCP/IP protocol suite for the LINUX
  4. * operating system. INET is implemented using the BSD Socket
  5. * interface as the means of communication with the user level.
  6. *
  7. * Generic socket support routines. Memory allocators, socket lock/release
  8. * handler for protocols to use and generic option handler.
  9. *
  10. * Authors: Ross Biro
  11. * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
  12. * Florian La Roche, <flla@stud.uni-sb.de>
  13. * Alan Cox, <A.Cox@swansea.ac.uk>
  14. *
  15. * Fixes:
  16. * Alan Cox : Numerous verify_area() problems
  17. * Alan Cox : Connecting on a connecting socket
  18. * now returns an error for tcp.
  19. * Alan Cox : sock->protocol is set correctly.
  20. * and is not sometimes left as 0.
  21. * Alan Cox : connect handles icmp errors on a
  22. * connect properly. Unfortunately there
  23. * is a restart syscall nasty there. I
  24. * can't match BSD without hacking the C
  25. * library. Ideas urgently sought!
  26. * Alan Cox : Disallow bind() to addresses that are
  27. * not ours - especially broadcast ones!!
  28. * Alan Cox : Socket 1024 _IS_ ok for users. (fencepost)
  29. * Alan Cox : sock_wfree/sock_rfree don't destroy sockets,
  30. * instead they leave that for the DESTROY timer.
  31. * Alan Cox : Clean up error flag in accept
  32. * Alan Cox : TCP ack handling is buggy, the DESTROY timer
  33. * was buggy. Put a remove_sock() in the handler
  34. * for memory when we hit 0. Also altered the timer
  35. * code. The ACK stuff can wait and needs major
  36. * TCP layer surgery.
  37. * Alan Cox : Fixed TCP ack bug, removed remove sock
  38. * and fixed timer/inet_bh race.
  39. * Alan Cox : Added zapped flag for TCP
  40. * Alan Cox : Move kfree_skb into skbuff.c and tidied up surplus code
  41. * Alan Cox : for new sk_buff allocations wmalloc/rmalloc now call alloc_skb
  42. * Alan Cox : kfree_s calls now are kfree_skbmem so we can track skb resources
  43. * Alan Cox : Supports socket option broadcast now as does udp. Packet and raw need fixing.
  44. * Alan Cox : Added RCVBUF,SNDBUF size setting. It suddenly occurred to me how easy it was so...
  45. * Rick Sladkey : Relaxed UDP rules for matching packets.
  46. * C.E.Hawkins : IFF_PROMISC/SIOCGHWADDR support
  47. * Pauline Middelink : identd support
  48. * Alan Cox : Fixed connect() taking signals I think.
  49. * Alan Cox : SO_LINGER supported
  50. * Alan Cox : Error reporting fixes
  51. * Anonymous : inet_create tidied up (sk->reuse setting)
  52. * Alan Cox : inet sockets don't set sk->type!
  53. * Alan Cox : Split socket option code
  54. * Alan Cox : Callbacks
  55. * Alan Cox : Nagle flag for Charles & Johannes stuff
  56. * Alex : Removed restriction on inet fioctl
  57. * Alan Cox : Splitting INET from NET core
  58. * Alan Cox : Fixed bogus SO_TYPE handling in getsockopt()
  59. * Adam Caldwell : Missing return in SO_DONTROUTE/SO_DEBUG code
  60. * Alan Cox : Split IP from generic code
  61. * Alan Cox : New kfree_skbmem()
  62. * Alan Cox : Make SO_DEBUG superuser only.
  63. * Alan Cox : Allow anyone to clear SO_DEBUG
  64. * (compatibility fix)
  65. * Alan Cox : Added optimistic memory grabbing for AF_UNIX throughput.
  66. * Alan Cox : Allocator for a socket is settable.
  67. * Alan Cox : SO_ERROR includes soft errors.
  68. * Alan Cox : Allow NULL arguments on some SO_ opts
  69. * Alan Cox : Generic socket allocation to make hooks
  70. * easier (suggested by Craig Metz).
  71. * Michael Pall : SO_ERROR returns positive errno again
  72. * Steve Whitehouse: Added default destructor to free
  73. * protocol private data.
  74. * Steve Whitehouse: Added various other default routines
  75. * common to several socket families.
  76. * Chris Evans : Call suser() check last on F_SETOWN
  77. * Jay Schulist : Added SO_ATTACH_FILTER and SO_DETACH_FILTER.
  78. * Andi Kleen : Add sock_kmalloc()/sock_kfree_s()
  79. * Andi Kleen : Fix write_space callback
  80. * Chris Evans : Security fixes - signedness again
  81. * Arnaldo C. Melo : cleanups, use skb_queue_purge
  82. *
  83. * To Fix:
  84. */
  85. #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
  86. #include <asm/unaligned.h>
  87. #include <linux/capability.h>
  88. #include <linux/errno.h>
  89. #include <linux/errqueue.h>
  90. #include <linux/types.h>
  91. #include <linux/socket.h>
  92. #include <linux/in.h>
  93. #include <linux/kernel.h>
  94. #include <linux/module.h>
  95. #include <linux/proc_fs.h>
  96. #include <linux/seq_file.h>
  97. #include <linux/sched.h>
  98. #include <linux/sched/mm.h>
  99. #include <linux/timer.h>
  100. #include <linux/string.h>
  101. #include <linux/sockios.h>
  102. #include <linux/net.h>
  103. #include <linux/mm.h>
  104. #include <linux/slab.h>
  105. #include <linux/interrupt.h>
  106. #include <linux/poll.h>
  107. #include <linux/tcp.h>
  108. #include <linux/init.h>
  109. #include <linux/highmem.h>
  110. #include <linux/user_namespace.h>
  111. #include <linux/static_key.h>
  112. #include <linux/memcontrol.h>
  113. #include <linux/prefetch.h>
  114. #include <linux/uaccess.h>
  115. #include <linux/netdevice.h>
  116. #include <net/protocol.h>
  117. #include <linux/skbuff.h>
  118. #include <net/net_namespace.h>
  119. #include <net/request_sock.h>
  120. #include <net/sock.h>
  121. #include <linux/net_tstamp.h>
  122. #include <net/xfrm.h>
  123. #include <linux/ipsec.h>
  124. #include <net/cls_cgroup.h>
  125. #include <net/netprio_cgroup.h>
  126. #include <linux/sock_diag.h>
  127. #include <linux/filter.h>
  128. #include <net/sock_reuseport.h>
  129. #include <net/bpf_sk_storage.h>
  130. #include <trace/events/sock.h>
  131. #include <net/tcp.h>
  132. #include <net/busy_poll.h>
  133. static DEFINE_MUTEX(proto_list_mutex);
  134. static LIST_HEAD(proto_list);
  135. static void sock_inuse_add(struct net *net, int val);
  136. /**
  137. * sk_ns_capable - General socket capability test
  138. * @sk: Socket to use a capability on or through
  139. * @user_ns: The user namespace of the capability to use
  140. * @cap: The capability to use
  141. *
  142. * Test to see if the opener of the socket had when the socket was
  143. * created and the current process has the capability @cap in the user
  144. * namespace @user_ns.
  145. */
  146. bool sk_ns_capable(const struct sock *sk,
  147. struct user_namespace *user_ns, int cap)
  148. {
  149. return file_ns_capable(sk->sk_socket->file, user_ns, cap) &&
  150. ns_capable(user_ns, cap);
  151. }
  152. EXPORT_SYMBOL(sk_ns_capable);
  153. /**
  154. * sk_capable - Socket global capability test
  155. * @sk: Socket to use a capability on or through
  156. * @cap: The global capability to use
  157. *
  158. * Test to see if the opener of the socket had when the socket was
  159. * created and the current process has the capability @cap in all user
  160. * namespaces.
  161. */
  162. bool sk_capable(const struct sock *sk, int cap)
  163. {
  164. return sk_ns_capable(sk, &init_user_ns, cap);
  165. }
  166. EXPORT_SYMBOL(sk_capable);
  167. /**
  168. * sk_net_capable - Network namespace socket capability test
  169. * @sk: Socket to use a capability on or through
  170. * @cap: The capability to use
  171. *
  172. * Test to see if the opener of the socket had when the socket was created
  173. * and the current process has the capability @cap over the network namespace
  174. * the socket is a member of.
  175. */
  176. bool sk_net_capable(const struct sock *sk, int cap)
  177. {
  178. return sk_ns_capable(sk, sock_net(sk)->user_ns, cap);
  179. }
  180. EXPORT_SYMBOL(sk_net_capable);
  181. /*
  182. * Each address family might have different locking rules, so we have
  183. * one slock key per address family and separate keys for internal and
  184. * userspace sockets.
  185. */
  186. static struct lock_class_key af_family_keys[AF_MAX];
  187. static struct lock_class_key af_family_kern_keys[AF_MAX];
  188. static struct lock_class_key af_family_slock_keys[AF_MAX];
  189. static struct lock_class_key af_family_kern_slock_keys[AF_MAX];
  190. /*
  191. * Make lock validator output more readable. (we pre-construct these
  192. * strings build-time, so that runtime initialization of socket
  193. * locks is fast):
  194. */
  195. #define _sock_locks(x) \
  196. x "AF_UNSPEC", x "AF_UNIX" , x "AF_INET" , \
  197. x "AF_AX25" , x "AF_IPX" , x "AF_APPLETALK", \
  198. x "AF_NETROM", x "AF_BRIDGE" , x "AF_ATMPVC" , \
  199. x "AF_X25" , x "AF_INET6" , x "AF_ROSE" , \
  200. x "AF_DECnet", x "AF_NETBEUI" , x "AF_SECURITY" , \
  201. x "AF_KEY" , x "AF_NETLINK" , x "AF_PACKET" , \
  202. x "AF_ASH" , x "AF_ECONET" , x "AF_ATMSVC" , \
  203. x "AF_RDS" , x "AF_SNA" , x "AF_IRDA" , \
  204. x "AF_PPPOX" , x "AF_WANPIPE" , x "AF_LLC" , \
  205. x "27" , x "28" , x "AF_CAN" , \
  206. x "AF_TIPC" , x "AF_BLUETOOTH", x "IUCV" , \
  207. x "AF_RXRPC" , x "AF_ISDN" , x "AF_PHONET" , \
  208. x "AF_IEEE802154", x "AF_CAIF" , x "AF_ALG" , \
  209. x "AF_NFC" , x "AF_VSOCK" , x "AF_KCM" , \
  210. x "AF_QIPCRTR", x "AF_SMC" , x "AF_XDP" , \
  211. x "AF_MAX"
  212. static const char *const af_family_key_strings[AF_MAX+1] = {
  213. _sock_locks("sk_lock-")
  214. };
  215. static const char *const af_family_slock_key_strings[AF_MAX+1] = {
  216. _sock_locks("slock-")
  217. };
  218. static const char *const af_family_clock_key_strings[AF_MAX+1] = {
  219. _sock_locks("clock-")
  220. };
  221. static const char *const af_family_kern_key_strings[AF_MAX+1] = {
  222. _sock_locks("k-sk_lock-")
  223. };
  224. static const char *const af_family_kern_slock_key_strings[AF_MAX+1] = {
  225. _sock_locks("k-slock-")
  226. };
  227. static const char *const af_family_kern_clock_key_strings[AF_MAX+1] = {
  228. _sock_locks("k-clock-")
  229. };
  230. static const char *const af_family_rlock_key_strings[AF_MAX+1] = {
  231. _sock_locks("rlock-")
  232. };
  233. static const char *const af_family_wlock_key_strings[AF_MAX+1] = {
  234. _sock_locks("wlock-")
  235. };
  236. static const char *const af_family_elock_key_strings[AF_MAX+1] = {
  237. _sock_locks("elock-")
  238. };
  239. /*
  240. * sk_callback_lock and sk queues locking rules are per-address-family,
  241. * so split the lock classes by using a per-AF key:
  242. */
  243. static struct lock_class_key af_callback_keys[AF_MAX];
  244. static struct lock_class_key af_rlock_keys[AF_MAX];
  245. static struct lock_class_key af_wlock_keys[AF_MAX];
  246. static struct lock_class_key af_elock_keys[AF_MAX];
  247. static struct lock_class_key af_kern_callback_keys[AF_MAX];
  248. /* Run time adjustable parameters. */
  249. __u32 sysctl_wmem_max __read_mostly = SK_WMEM_MAX;
  250. EXPORT_SYMBOL(sysctl_wmem_max);
  251. __u32 sysctl_rmem_max __read_mostly = SK_RMEM_MAX;
  252. EXPORT_SYMBOL(sysctl_rmem_max);
  253. __u32 sysctl_wmem_default __read_mostly = SK_WMEM_MAX;
  254. __u32 sysctl_rmem_default __read_mostly = SK_RMEM_MAX;
  255. /* Maximal space eaten by iovec or ancillary data plus some space */
  256. int sysctl_optmem_max __read_mostly = sizeof(unsigned long)*(2*UIO_MAXIOV+512);
  257. EXPORT_SYMBOL(sysctl_optmem_max);
  258. int sysctl_tstamp_allow_data __read_mostly = 1;
  259. DEFINE_STATIC_KEY_FALSE(memalloc_socks_key);
  260. EXPORT_SYMBOL_GPL(memalloc_socks_key);
  261. /**
  262. * sk_set_memalloc - sets %SOCK_MEMALLOC
  263. * @sk: socket to set it on
  264. *
  265. * Set %SOCK_MEMALLOC on a socket for access to emergency reserves.
  266. * It's the responsibility of the admin to adjust min_free_kbytes
  267. * to meet the requirements
  268. */
  269. void sk_set_memalloc(struct sock *sk)
  270. {
  271. sock_set_flag(sk, SOCK_MEMALLOC);
  272. sk->sk_allocation |= __GFP_MEMALLOC;
  273. static_branch_inc(&memalloc_socks_key);
  274. }
  275. EXPORT_SYMBOL_GPL(sk_set_memalloc);
  276. void sk_clear_memalloc(struct sock *sk)
  277. {
  278. sock_reset_flag(sk, SOCK_MEMALLOC);
  279. sk->sk_allocation &= ~__GFP_MEMALLOC;
  280. static_branch_dec(&memalloc_socks_key);
  281. /*
  282. * SOCK_MEMALLOC is allowed to ignore rmem limits to ensure forward
  283. * progress of swapping. SOCK_MEMALLOC may be cleared while
  284. * it has rmem allocations due to the last swapfile being deactivated
  285. * but there is a risk that the socket is unusable due to exceeding
  286. * the rmem limits. Reclaim the reserves and obey rmem limits again.
  287. */
  288. sk_mem_reclaim(sk);
  289. }
  290. EXPORT_SYMBOL_GPL(sk_clear_memalloc);
  291. int __sk_backlog_rcv(struct sock *sk, struct sk_buff *skb)
  292. {
  293. int ret;
  294. unsigned int noreclaim_flag;
  295. /* these should have been dropped before queueing */
  296. BUG_ON(!sock_flag(sk, SOCK_MEMALLOC));
  297. noreclaim_flag = memalloc_noreclaim_save();
  298. ret = sk->sk_backlog_rcv(sk, skb);
  299. memalloc_noreclaim_restore(noreclaim_flag);
  300. return ret;
  301. }
  302. EXPORT_SYMBOL(__sk_backlog_rcv);
  303. static int sock_get_timeout(long timeo, void *optval, bool old_timeval)
  304. {
  305. struct __kernel_sock_timeval tv;
  306. if (timeo == MAX_SCHEDULE_TIMEOUT) {
  307. tv.tv_sec = 0;
  308. tv.tv_usec = 0;
  309. } else {
  310. tv.tv_sec = timeo / HZ;
  311. tv.tv_usec = ((timeo % HZ) * USEC_PER_SEC) / HZ;
  312. }
  313. if (old_timeval && in_compat_syscall() && !COMPAT_USE_64BIT_TIME) {
  314. struct old_timeval32 tv32 = { tv.tv_sec, tv.tv_usec };
  315. *(struct old_timeval32 *)optval = tv32;
  316. return sizeof(tv32);
  317. }
  318. if (old_timeval) {
  319. struct __kernel_old_timeval old_tv;
  320. old_tv.tv_sec = tv.tv_sec;
  321. old_tv.tv_usec = tv.tv_usec;
  322. *(struct __kernel_old_timeval *)optval = old_tv;
  323. return sizeof(old_tv);
  324. }
  325. *(struct __kernel_sock_timeval *)optval = tv;
  326. return sizeof(tv);
  327. }
  328. static int sock_set_timeout(long *timeo_p, char __user *optval, int optlen, bool old_timeval)
  329. {
  330. struct __kernel_sock_timeval tv;
  331. if (old_timeval && in_compat_syscall() && !COMPAT_USE_64BIT_TIME) {
  332. struct old_timeval32 tv32;
  333. if (optlen < sizeof(tv32))
  334. return -EINVAL;
  335. if (copy_from_user(&tv32, optval, sizeof(tv32)))
  336. return -EFAULT;
  337. tv.tv_sec = tv32.tv_sec;
  338. tv.tv_usec = tv32.tv_usec;
  339. } else if (old_timeval) {
  340. struct __kernel_old_timeval old_tv;
  341. if (optlen < sizeof(old_tv))
  342. return -EINVAL;
  343. if (copy_from_user(&old_tv, optval, sizeof(old_tv)))
  344. return -EFAULT;
  345. tv.tv_sec = old_tv.tv_sec;
  346. tv.tv_usec = old_tv.tv_usec;
  347. } else {
  348. if (optlen < sizeof(tv))
  349. return -EINVAL;
  350. if (copy_from_user(&tv, optval, sizeof(tv)))
  351. return -EFAULT;
  352. }
  353. if (tv.tv_usec < 0 || tv.tv_usec >= USEC_PER_SEC)
  354. return -EDOM;
  355. if (tv.tv_sec < 0) {
  356. static int warned __read_mostly;
  357. *timeo_p = 0;
  358. if (warned < 10 && net_ratelimit()) {
  359. warned++;
  360. pr_info("%s: `%s' (pid %d) tries to set negative timeout\n",
  361. __func__, current->comm, task_pid_nr(current));
  362. }
  363. return 0;
  364. }
  365. *timeo_p = MAX_SCHEDULE_TIMEOUT;
  366. if (tv.tv_sec == 0 && tv.tv_usec == 0)
  367. return 0;
  368. if (tv.tv_sec < (MAX_SCHEDULE_TIMEOUT / HZ - 1))
  369. *timeo_p = tv.tv_sec * HZ + DIV_ROUND_UP((unsigned long)tv.tv_usec, USEC_PER_SEC / HZ);
  370. return 0;
  371. }
  372. static void sock_warn_obsolete_bsdism(const char *name)
  373. {
  374. static int warned;
  375. static char warncomm[TASK_COMM_LEN];
  376. if (strcmp(warncomm, current->comm) && warned < 5) {
  377. strcpy(warncomm, current->comm);
  378. pr_warn("process `%s' is using obsolete %s SO_BSDCOMPAT\n",
  379. warncomm, name);
  380. warned++;
  381. }
  382. }
  383. static bool sock_needs_netstamp(const struct sock *sk)
  384. {
  385. switch (sk->sk_family) {
  386. case AF_UNSPEC:
  387. case AF_UNIX:
  388. return false;
  389. default:
  390. return true;
  391. }
  392. }
  393. static void sock_disable_timestamp(struct sock *sk, unsigned long flags)
  394. {
  395. if (sk->sk_flags & flags) {
  396. sk->sk_flags &= ~flags;
  397. if (sock_needs_netstamp(sk) &&
  398. !(sk->sk_flags & SK_FLAGS_TIMESTAMP))
  399. net_disable_timestamp();
  400. }
  401. }
  402. int __sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
  403. {
  404. unsigned long flags;
  405. struct sk_buff_head *list = &sk->sk_receive_queue;
  406. if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf) {
  407. atomic_inc(&sk->sk_drops);
  408. trace_sock_rcvqueue_full(sk, skb);
  409. return -ENOMEM;
  410. }
  411. if (!sk_rmem_schedule(sk, skb, skb->truesize)) {
  412. atomic_inc(&sk->sk_drops);
  413. return -ENOBUFS;
  414. }
  415. skb->dev = NULL;
  416. skb_set_owner_r(skb, sk);
  417. /* we escape from rcu protected region, make sure we dont leak
  418. * a norefcounted dst
  419. */
  420. skb_dst_force(skb);
  421. spin_lock_irqsave(&list->lock, flags);
  422. sock_skb_set_dropcount(sk, skb);
  423. __skb_queue_tail(list, skb);
  424. spin_unlock_irqrestore(&list->lock, flags);
  425. if (!sock_flag(sk, SOCK_DEAD))
  426. sk->sk_data_ready(sk);
  427. return 0;
  428. }
  429. EXPORT_SYMBOL(__sock_queue_rcv_skb);
  430. int sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
  431. {
  432. int err;
  433. err = sk_filter(sk, skb);
  434. if (err)
  435. return err;
  436. return __sock_queue_rcv_skb(sk, skb);
  437. }
  438. EXPORT_SYMBOL(sock_queue_rcv_skb);
  439. int __sk_receive_skb(struct sock *sk, struct sk_buff *skb,
  440. const int nested, unsigned int trim_cap, bool refcounted)
  441. {
  442. int rc = NET_RX_SUCCESS;
  443. if (sk_filter_trim_cap(sk, skb, trim_cap))
  444. goto discard_and_relse;
  445. skb->dev = NULL;
  446. if (sk_rcvqueues_full(sk, sk->sk_rcvbuf)) {
  447. atomic_inc(&sk->sk_drops);
  448. goto discard_and_relse;
  449. }
  450. if (nested)
  451. bh_lock_sock_nested(sk);
  452. else
  453. bh_lock_sock(sk);
  454. if (!sock_owned_by_user(sk)) {
  455. /*
  456. * trylock + unlock semantics:
  457. */
  458. mutex_acquire(&sk->sk_lock.dep_map, 0, 1, _RET_IP_);
  459. rc = sk_backlog_rcv(sk, skb);
  460. mutex_release(&sk->sk_lock.dep_map, _RET_IP_);
  461. } else if (sk_add_backlog(sk, skb, READ_ONCE(sk->sk_rcvbuf))) {
  462. bh_unlock_sock(sk);
  463. atomic_inc(&sk->sk_drops);
  464. goto discard_and_relse;
  465. }
  466. bh_unlock_sock(sk);
  467. out:
  468. if (refcounted)
  469. sock_put(sk);
  470. return rc;
  471. discard_and_relse:
  472. kfree_skb(skb);
  473. goto out;
  474. }
  475. EXPORT_SYMBOL(__sk_receive_skb);
  476. struct dst_entry *__sk_dst_check(struct sock *sk, u32 cookie)
  477. {
  478. struct dst_entry *dst = __sk_dst_get(sk);
  479. if (dst && dst->obsolete && dst->ops->check(dst, cookie) == NULL) {
  480. sk_tx_queue_clear(sk);
  481. sk->sk_dst_pending_confirm = 0;
  482. RCU_INIT_POINTER(sk->sk_dst_cache, NULL);
  483. dst_release(dst);
  484. return NULL;
  485. }
  486. return dst;
  487. }
  488. EXPORT_SYMBOL(__sk_dst_check);
  489. struct dst_entry *sk_dst_check(struct sock *sk, u32 cookie)
  490. {
  491. struct dst_entry *dst = sk_dst_get(sk);
  492. if (dst && dst->obsolete && dst->ops->check(dst, cookie) == NULL) {
  493. sk_dst_reset(sk);
  494. dst_release(dst);
  495. return NULL;
  496. }
  497. return dst;
  498. }
  499. EXPORT_SYMBOL(sk_dst_check);
  500. static int sock_setbindtodevice_locked(struct sock *sk, int ifindex)
  501. {
  502. int ret = -ENOPROTOOPT;
  503. #ifdef CONFIG_NETDEVICES
  504. struct net *net = sock_net(sk);
  505. /* Sorry... */
  506. ret = -EPERM;
  507. if (sk->sk_bound_dev_if && !ns_capable(net->user_ns, CAP_NET_RAW))
  508. goto out;
  509. ret = -EINVAL;
  510. if (ifindex < 0)
  511. goto out;
  512. sk->sk_bound_dev_if = ifindex;
  513. if (sk->sk_prot->rehash)
  514. sk->sk_prot->rehash(sk);
  515. sk_dst_reset(sk);
  516. ret = 0;
  517. out:
  518. #endif
  519. return ret;
  520. }
  521. static int sock_setbindtodevice(struct sock *sk, char __user *optval,
  522. int optlen)
  523. {
  524. int ret = -ENOPROTOOPT;
  525. #ifdef CONFIG_NETDEVICES
  526. struct net *net = sock_net(sk);
  527. char devname[IFNAMSIZ];
  528. int index;
  529. ret = -EINVAL;
  530. if (optlen < 0)
  531. goto out;
  532. /* Bind this socket to a particular device like "eth0",
  533. * as specified in the passed interface name. If the
  534. * name is "" or the option length is zero the socket
  535. * is not bound.
  536. */
  537. if (optlen > IFNAMSIZ - 1)
  538. optlen = IFNAMSIZ - 1;
  539. memset(devname, 0, sizeof(devname));
  540. ret = -EFAULT;
  541. if (copy_from_user(devname, optval, optlen))
  542. goto out;
  543. index = 0;
  544. if (devname[0] != '\0') {
  545. struct net_device *dev;
  546. rcu_read_lock();
  547. dev = dev_get_by_name_rcu(net, devname);
  548. if (dev)
  549. index = dev->ifindex;
  550. rcu_read_unlock();
  551. ret = -ENODEV;
  552. if (!dev)
  553. goto out;
  554. }
  555. lock_sock(sk);
  556. ret = sock_setbindtodevice_locked(sk, index);
  557. release_sock(sk);
  558. out:
  559. #endif
  560. return ret;
  561. }
  562. static int sock_getbindtodevice(struct sock *sk, char __user *optval,
  563. int __user *optlen, int len)
  564. {
  565. int ret = -ENOPROTOOPT;
  566. #ifdef CONFIG_NETDEVICES
  567. struct net *net = sock_net(sk);
  568. char devname[IFNAMSIZ];
  569. if (sk->sk_bound_dev_if == 0) {
  570. len = 0;
  571. goto zero;
  572. }
  573. ret = -EINVAL;
  574. if (len < IFNAMSIZ)
  575. goto out;
  576. ret = netdev_get_name(net, devname, sk->sk_bound_dev_if);
  577. if (ret)
  578. goto out;
  579. len = strlen(devname) + 1;
  580. ret = -EFAULT;
  581. if (copy_to_user(optval, devname, len))
  582. goto out;
  583. zero:
  584. ret = -EFAULT;
  585. if (put_user(len, optlen))
  586. goto out;
  587. ret = 0;
  588. out:
  589. #endif
  590. return ret;
  591. }
  592. static inline void sock_valbool_flag(struct sock *sk, enum sock_flags bit,
  593. int valbool)
  594. {
  595. if (valbool)
  596. sock_set_flag(sk, bit);
  597. else
  598. sock_reset_flag(sk, bit);
  599. }
  600. bool sk_mc_loop(struct sock *sk)
  601. {
  602. if (dev_recursion_level())
  603. return false;
  604. if (!sk)
  605. return true;
  606. switch (sk->sk_family) {
  607. case AF_INET:
  608. return inet_sk(sk)->mc_loop;
  609. #if IS_ENABLED(CONFIG_IPV6)
  610. case AF_INET6:
  611. return inet6_sk(sk)->mc_loop;
  612. #endif
  613. }
  614. WARN_ON(1);
  615. return true;
  616. }
  617. EXPORT_SYMBOL(sk_mc_loop);
  618. /*
  619. * This is meant for all protocols to use and covers goings on
  620. * at the socket level. Everything here is generic.
  621. */
  622. int sock_setsockopt(struct socket *sock, int level, int optname,
  623. char __user *optval, unsigned int optlen)
  624. {
  625. struct sock_txtime sk_txtime;
  626. struct sock *sk = sock->sk;
  627. int val;
  628. int valbool;
  629. struct linger ling;
  630. int ret = 0;
  631. /*
  632. * Options without arguments
  633. */
  634. if (optname == SO_BINDTODEVICE)
  635. return sock_setbindtodevice(sk, optval, optlen);
  636. if (optlen < sizeof(int))
  637. return -EINVAL;
  638. if (get_user(val, (int __user *)optval))
  639. return -EFAULT;
  640. valbool = val ? 1 : 0;
  641. lock_sock(sk);
  642. switch (optname) {
  643. case SO_DEBUG:
  644. if (val && !capable(CAP_NET_ADMIN))
  645. ret = -EACCES;
  646. else
  647. sock_valbool_flag(sk, SOCK_DBG, valbool);
  648. break;
  649. case SO_REUSEADDR:
  650. sk->sk_reuse = (valbool ? SK_CAN_REUSE : SK_NO_REUSE);
  651. break;
  652. case SO_REUSEPORT:
  653. sk->sk_reuseport = valbool;
  654. break;
  655. case SO_TYPE:
  656. case SO_PROTOCOL:
  657. case SO_DOMAIN:
  658. case SO_ERROR:
  659. ret = -ENOPROTOOPT;
  660. break;
  661. case SO_DONTROUTE:
  662. sock_valbool_flag(sk, SOCK_LOCALROUTE, valbool);
  663. sk_dst_reset(sk);
  664. break;
  665. case SO_BROADCAST:
  666. sock_valbool_flag(sk, SOCK_BROADCAST, valbool);
  667. break;
  668. case SO_SNDBUF:
  669. /* Don't error on this BSD doesn't and if you think
  670. * about it this is right. Otherwise apps have to
  671. * play 'guess the biggest size' games. RCVBUF/SNDBUF
  672. * are treated in BSD as hints
  673. */
  674. val = min_t(u32, val, sysctl_wmem_max);
  675. set_sndbuf:
  676. /* Ensure val * 2 fits into an int, to prevent max_t()
  677. * from treating it as a negative value.
  678. */
  679. val = min_t(int, val, INT_MAX / 2);
  680. sk->sk_userlocks |= SOCK_SNDBUF_LOCK;
  681. WRITE_ONCE(sk->sk_sndbuf,
  682. max_t(int, val * 2, SOCK_MIN_SNDBUF));
  683. /* Wake up sending tasks if we upped the value. */
  684. sk->sk_write_space(sk);
  685. break;
  686. case SO_SNDBUFFORCE:
  687. if (!capable(CAP_NET_ADMIN)) {
  688. ret = -EPERM;
  689. break;
  690. }
  691. /* No negative values (to prevent underflow, as val will be
  692. * multiplied by 2).
  693. */
  694. if (val < 0)
  695. val = 0;
  696. goto set_sndbuf;
  697. case SO_RCVBUF:
  698. /* Don't error on this BSD doesn't and if you think
  699. * about it this is right. Otherwise apps have to
  700. * play 'guess the biggest size' games. RCVBUF/SNDBUF
  701. * are treated in BSD as hints
  702. */
  703. val = min_t(u32, val, sysctl_rmem_max);
  704. set_rcvbuf:
  705. /* Ensure val * 2 fits into an int, to prevent max_t()
  706. * from treating it as a negative value.
  707. */
  708. val = min_t(int, val, INT_MAX / 2);
  709. sk->sk_userlocks |= SOCK_RCVBUF_LOCK;
  710. /*
  711. * We double it on the way in to account for
  712. * "struct sk_buff" etc. overhead. Applications
  713. * assume that the SO_RCVBUF setting they make will
  714. * allow that much actual data to be received on that
  715. * socket.
  716. *
  717. * Applications are unaware that "struct sk_buff" and
  718. * other overheads allocate from the receive buffer
  719. * during socket buffer allocation.
  720. *
  721. * And after considering the possible alternatives,
  722. * returning the value we actually used in getsockopt
  723. * is the most desirable behavior.
  724. */
  725. WRITE_ONCE(sk->sk_rcvbuf,
  726. max_t(int, val * 2, SOCK_MIN_RCVBUF));
  727. break;
  728. case SO_RCVBUFFORCE:
  729. if (!capable(CAP_NET_ADMIN)) {
  730. ret = -EPERM;
  731. break;
  732. }
  733. /* No negative values (to prevent underflow, as val will be
  734. * multiplied by 2).
  735. */
  736. if (val < 0)
  737. val = 0;
  738. goto set_rcvbuf;
  739. case SO_KEEPALIVE:
  740. if (sk->sk_prot->keepalive)
  741. sk->sk_prot->keepalive(sk, valbool);
  742. sock_valbool_flag(sk, SOCK_KEEPOPEN, valbool);
  743. break;
  744. case SO_OOBINLINE:
  745. sock_valbool_flag(sk, SOCK_URGINLINE, valbool);
  746. break;
  747. case SO_NO_CHECK:
  748. sk->sk_no_check_tx = valbool;
  749. break;
  750. case SO_PRIORITY:
  751. if ((val >= 0 && val <= 6) ||
  752. ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN))
  753. sk->sk_priority = val;
  754. else
  755. ret = -EPERM;
  756. break;
  757. case SO_LINGER:
  758. if (optlen < sizeof(ling)) {
  759. ret = -EINVAL; /* 1003.1g */
  760. break;
  761. }
  762. if (copy_from_user(&ling, optval, sizeof(ling))) {
  763. ret = -EFAULT;
  764. break;
  765. }
  766. if (!ling.l_onoff)
  767. sock_reset_flag(sk, SOCK_LINGER);
  768. else {
  769. #if (BITS_PER_LONG == 32)
  770. if ((unsigned int)ling.l_linger >= MAX_SCHEDULE_TIMEOUT/HZ)
  771. sk->sk_lingertime = MAX_SCHEDULE_TIMEOUT;
  772. else
  773. #endif
  774. sk->sk_lingertime = (unsigned int)ling.l_linger * HZ;
  775. sock_set_flag(sk, SOCK_LINGER);
  776. }
  777. break;
  778. case SO_BSDCOMPAT:
  779. sock_warn_obsolete_bsdism("setsockopt");
  780. break;
  781. case SO_PASSCRED:
  782. if (valbool)
  783. set_bit(SOCK_PASSCRED, &sock->flags);
  784. else
  785. clear_bit(SOCK_PASSCRED, &sock->flags);
  786. break;
  787. case SO_TIMESTAMP_OLD:
  788. case SO_TIMESTAMP_NEW:
  789. case SO_TIMESTAMPNS_OLD:
  790. case SO_TIMESTAMPNS_NEW:
  791. if (valbool) {
  792. if (optname == SO_TIMESTAMP_NEW || optname == SO_TIMESTAMPNS_NEW)
  793. sock_set_flag(sk, SOCK_TSTAMP_NEW);
  794. else
  795. sock_reset_flag(sk, SOCK_TSTAMP_NEW);
  796. if (optname == SO_TIMESTAMP_OLD || optname == SO_TIMESTAMP_NEW)
  797. sock_reset_flag(sk, SOCK_RCVTSTAMPNS);
  798. else
  799. sock_set_flag(sk, SOCK_RCVTSTAMPNS);
  800. sock_set_flag(sk, SOCK_RCVTSTAMP);
  801. sock_enable_timestamp(sk, SOCK_TIMESTAMP);
  802. } else {
  803. sock_reset_flag(sk, SOCK_RCVTSTAMP);
  804. sock_reset_flag(sk, SOCK_RCVTSTAMPNS);
  805. sock_reset_flag(sk, SOCK_TSTAMP_NEW);
  806. }
  807. break;
  808. case SO_TIMESTAMPING_NEW:
  809. sock_set_flag(sk, SOCK_TSTAMP_NEW);
  810. /* fall through */
  811. case SO_TIMESTAMPING_OLD:
  812. if (val & ~SOF_TIMESTAMPING_MASK) {
  813. ret = -EINVAL;
  814. break;
  815. }
  816. if (val & SOF_TIMESTAMPING_OPT_ID &&
  817. !(sk->sk_tsflags & SOF_TIMESTAMPING_OPT_ID)) {
  818. if (sk->sk_protocol == IPPROTO_TCP &&
  819. sk->sk_type == SOCK_STREAM) {
  820. if ((1 << sk->sk_state) &
  821. (TCPF_CLOSE | TCPF_LISTEN)) {
  822. ret = -EINVAL;
  823. break;
  824. }
  825. sk->sk_tskey = tcp_sk(sk)->snd_una;
  826. } else {
  827. sk->sk_tskey = 0;
  828. }
  829. }
  830. if (val & SOF_TIMESTAMPING_OPT_STATS &&
  831. !(val & SOF_TIMESTAMPING_OPT_TSONLY)) {
  832. ret = -EINVAL;
  833. break;
  834. }
  835. sk->sk_tsflags = val;
  836. if (val & SOF_TIMESTAMPING_RX_SOFTWARE)
  837. sock_enable_timestamp(sk,
  838. SOCK_TIMESTAMPING_RX_SOFTWARE);
  839. else {
  840. if (optname == SO_TIMESTAMPING_NEW)
  841. sock_reset_flag(sk, SOCK_TSTAMP_NEW);
  842. sock_disable_timestamp(sk,
  843. (1UL << SOCK_TIMESTAMPING_RX_SOFTWARE));
  844. }
  845. break;
  846. case SO_RCVLOWAT:
  847. if (val < 0)
  848. val = INT_MAX;
  849. if (sock->ops->set_rcvlowat)
  850. ret = sock->ops->set_rcvlowat(sk, val);
  851. else
  852. WRITE_ONCE(sk->sk_rcvlowat, val ? : 1);
  853. break;
  854. case SO_RCVTIMEO_OLD:
  855. case SO_RCVTIMEO_NEW:
  856. ret = sock_set_timeout(&sk->sk_rcvtimeo, optval, optlen, optname == SO_RCVTIMEO_OLD);
  857. break;
  858. case SO_SNDTIMEO_OLD:
  859. case SO_SNDTIMEO_NEW:
  860. ret = sock_set_timeout(&sk->sk_sndtimeo, optval, optlen, optname == SO_SNDTIMEO_OLD);
  861. break;
  862. case SO_ATTACH_FILTER:
  863. ret = -EINVAL;
  864. if (optlen == sizeof(struct sock_fprog)) {
  865. struct sock_fprog fprog;
  866. ret = -EFAULT;
  867. if (copy_from_user(&fprog, optval, sizeof(fprog)))
  868. break;
  869. ret = sk_attach_filter(&fprog, sk);
  870. }
  871. break;
  872. case SO_ATTACH_BPF:
  873. ret = -EINVAL;
  874. if (optlen == sizeof(u32)) {
  875. u32 ufd;
  876. ret = -EFAULT;
  877. if (copy_from_user(&ufd, optval, sizeof(ufd)))
  878. break;
  879. ret = sk_attach_bpf(ufd, sk);
  880. }
  881. break;
  882. case SO_ATTACH_REUSEPORT_CBPF:
  883. ret = -EINVAL;
  884. if (optlen == sizeof(struct sock_fprog)) {
  885. struct sock_fprog fprog;
  886. ret = -EFAULT;
  887. if (copy_from_user(&fprog, optval, sizeof(fprog)))
  888. break;
  889. ret = sk_reuseport_attach_filter(&fprog, sk);
  890. }
  891. break;
  892. case SO_ATTACH_REUSEPORT_EBPF:
  893. ret = -EINVAL;
  894. if (optlen == sizeof(u32)) {
  895. u32 ufd;
  896. ret = -EFAULT;
  897. if (copy_from_user(&ufd, optval, sizeof(ufd)))
  898. break;
  899. ret = sk_reuseport_attach_bpf(ufd, sk);
  900. }
  901. break;
  902. case SO_DETACH_REUSEPORT_BPF:
  903. ret = reuseport_detach_prog(sk);
  904. break;
  905. case SO_DETACH_FILTER:
  906. ret = sk_detach_filter(sk);
  907. break;
  908. case SO_LOCK_FILTER:
  909. if (sock_flag(sk, SOCK_FILTER_LOCKED) && !valbool)
  910. ret = -EPERM;
  911. else
  912. sock_valbool_flag(sk, SOCK_FILTER_LOCKED, valbool);
  913. break;
  914. case SO_PASSSEC:
  915. if (valbool)
  916. set_bit(SOCK_PASSSEC, &sock->flags);
  917. else
  918. clear_bit(SOCK_PASSSEC, &sock->flags);
  919. break;
  920. case SO_MARK:
  921. if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) {
  922. ret = -EPERM;
  923. } else if (val != sk->sk_mark) {
  924. sk->sk_mark = val;
  925. sk_dst_reset(sk);
  926. }
  927. break;
  928. case SO_RXQ_OVFL:
  929. sock_valbool_flag(sk, SOCK_RXQ_OVFL, valbool);
  930. break;
  931. case SO_WIFI_STATUS:
  932. sock_valbool_flag(sk, SOCK_WIFI_STATUS, valbool);
  933. break;
  934. case SO_PEEK_OFF:
  935. if (sock->ops->set_peek_off)
  936. ret = sock->ops->set_peek_off(sk, val);
  937. else
  938. ret = -EOPNOTSUPP;
  939. break;
  940. case SO_NOFCS:
  941. sock_valbool_flag(sk, SOCK_NOFCS, valbool);
  942. break;
  943. case SO_SELECT_ERR_QUEUE:
  944. sock_valbool_flag(sk, SOCK_SELECT_ERR_QUEUE, valbool);
  945. break;
  946. #ifdef CONFIG_NET_RX_BUSY_POLL
  947. case SO_BUSY_POLL:
  948. /* allow unprivileged users to decrease the value */
  949. if ((val > sk->sk_ll_usec) && !capable(CAP_NET_ADMIN))
  950. ret = -EPERM;
  951. else {
  952. if (val < 0)
  953. ret = -EINVAL;
  954. else
  955. sk->sk_ll_usec = val;
  956. }
  957. break;
  958. #endif
  959. case SO_MAX_PACING_RATE:
  960. {
  961. unsigned long ulval = (val == ~0U) ? ~0UL : val;
  962. if (sizeof(ulval) != sizeof(val) &&
  963. optlen >= sizeof(ulval) &&
  964. get_user(ulval, (unsigned long __user *)optval)) {
  965. ret = -EFAULT;
  966. break;
  967. }
  968. if (ulval != ~0UL)
  969. cmpxchg(&sk->sk_pacing_status,
  970. SK_PACING_NONE,
  971. SK_PACING_NEEDED);
  972. sk->sk_max_pacing_rate = ulval;
  973. sk->sk_pacing_rate = min(sk->sk_pacing_rate, ulval);
  974. break;
  975. }
  976. case SO_INCOMING_CPU:
  977. WRITE_ONCE(sk->sk_incoming_cpu, val);
  978. break;
  979. case SO_CNX_ADVICE:
  980. if (val == 1)
  981. dst_negative_advice(sk);
  982. break;
  983. case SO_ZEROCOPY:
  984. if (sk->sk_family == PF_INET || sk->sk_family == PF_INET6) {
  985. if (!((sk->sk_type == SOCK_STREAM &&
  986. sk->sk_protocol == IPPROTO_TCP) ||
  987. (sk->sk_type == SOCK_DGRAM &&
  988. sk->sk_protocol == IPPROTO_UDP)))
  989. ret = -ENOTSUPP;
  990. } else if (sk->sk_family != PF_RDS) {
  991. ret = -ENOTSUPP;
  992. }
  993. if (!ret) {
  994. if (val < 0 || val > 1)
  995. ret = -EINVAL;
  996. else
  997. sock_valbool_flag(sk, SOCK_ZEROCOPY, valbool);
  998. }
  999. break;
  1000. case SO_TXTIME:
  1001. if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) {
  1002. ret = -EPERM;
  1003. } else if (optlen != sizeof(struct sock_txtime)) {
  1004. ret = -EINVAL;
  1005. } else if (copy_from_user(&sk_txtime, optval,
  1006. sizeof(struct sock_txtime))) {
  1007. ret = -EFAULT;
  1008. } else if (sk_txtime.flags & ~SOF_TXTIME_FLAGS_MASK) {
  1009. ret = -EINVAL;
  1010. } else {
  1011. sock_valbool_flag(sk, SOCK_TXTIME, true);
  1012. sk->sk_clockid = sk_txtime.clockid;
  1013. sk->sk_txtime_deadline_mode =
  1014. !!(sk_txtime.flags & SOF_TXTIME_DEADLINE_MODE);
  1015. sk->sk_txtime_report_errors =
  1016. !!(sk_txtime.flags & SOF_TXTIME_REPORT_ERRORS);
  1017. }
  1018. break;
  1019. case SO_BINDTOIFINDEX:
  1020. ret = sock_setbindtodevice_locked(sk, val);
  1021. break;
  1022. default:
  1023. ret = -ENOPROTOOPT;
  1024. break;
  1025. }
  1026. release_sock(sk);
  1027. return ret;
  1028. }
  1029. EXPORT_SYMBOL(sock_setsockopt);
  1030. static void cred_to_ucred(struct pid *pid, const struct cred *cred,
  1031. struct ucred *ucred)
  1032. {
  1033. ucred->pid = pid_vnr(pid);
  1034. ucred->uid = ucred->gid = -1;
  1035. if (cred) {
  1036. struct user_namespace *current_ns = current_user_ns();
  1037. ucred->uid = from_kuid_munged(current_ns, cred->euid);
  1038. ucred->gid = from_kgid_munged(current_ns, cred->egid);
  1039. }
  1040. }
  1041. static int groups_to_user(gid_t __user *dst, const struct group_info *src)
  1042. {
  1043. struct user_namespace *user_ns = current_user_ns();
  1044. int i;
  1045. for (i = 0; i < src->ngroups; i++)
  1046. if (put_user(from_kgid_munged(user_ns, src->gid[i]), dst + i))
  1047. return -EFAULT;
  1048. return 0;
  1049. }
  1050. int sock_getsockopt(struct socket *sock, int level, int optname,
  1051. char __user *optval, int __user *optlen)
  1052. {
  1053. struct sock *sk = sock->sk;
  1054. union {
  1055. int val;
  1056. u64 val64;
  1057. unsigned long ulval;
  1058. struct linger ling;
  1059. struct old_timeval32 tm32;
  1060. struct __kernel_old_timeval tm;
  1061. struct __kernel_sock_timeval stm;
  1062. struct sock_txtime txtime;
  1063. } v;
  1064. int lv = sizeof(int);
  1065. int len;
  1066. if (get_user(len, optlen))
  1067. return -EFAULT;
  1068. if (len < 0)
  1069. return -EINVAL;
  1070. memset(&v, 0, sizeof(v));
  1071. switch (optname) {
  1072. case SO_DEBUG:
  1073. v.val = sock_flag(sk, SOCK_DBG);
  1074. break;
  1075. case SO_DONTROUTE:
  1076. v.val = sock_flag(sk, SOCK_LOCALROUTE);
  1077. break;
  1078. case SO_BROADCAST:
  1079. v.val = sock_flag(sk, SOCK_BROADCAST);
  1080. break;
  1081. case SO_SNDBUF:
  1082. v.val = sk->sk_sndbuf;
  1083. break;
  1084. case SO_RCVBUF:
  1085. v.val = sk->sk_rcvbuf;
  1086. break;
  1087. case SO_REUSEADDR:
  1088. v.val = sk->sk_reuse;
  1089. break;
  1090. case SO_REUSEPORT:
  1091. v.val = sk->sk_reuseport;
  1092. break;
  1093. case SO_KEEPALIVE:
  1094. v.val = sock_flag(sk, SOCK_KEEPOPEN);
  1095. break;
  1096. case SO_TYPE:
  1097. v.val = sk->sk_type;
  1098. break;
  1099. case SO_PROTOCOL:
  1100. v.val = sk->sk_protocol;
  1101. break;
  1102. case SO_DOMAIN:
  1103. v.val = sk->sk_family;
  1104. break;
  1105. case SO_ERROR:
  1106. v.val = -sock_error(sk);
  1107. if (v.val == 0)
  1108. v.val = xchg(&sk->sk_err_soft, 0);
  1109. break;
  1110. case SO_OOBINLINE:
  1111. v.val = sock_flag(sk, SOCK_URGINLINE);
  1112. break;
  1113. case SO_NO_CHECK:
  1114. v.val = sk->sk_no_check_tx;
  1115. break;
  1116. case SO_PRIORITY:
  1117. v.val = sk->sk_priority;
  1118. break;
  1119. case SO_LINGER:
  1120. lv = sizeof(v.ling);
  1121. v.ling.l_onoff = sock_flag(sk, SOCK_LINGER);
  1122. v.ling.l_linger = sk->sk_lingertime / HZ;
  1123. break;
  1124. case SO_BSDCOMPAT:
  1125. sock_warn_obsolete_bsdism("getsockopt");
  1126. break;
  1127. case SO_TIMESTAMP_OLD:
  1128. v.val = sock_flag(sk, SOCK_RCVTSTAMP) &&
  1129. !sock_flag(sk, SOCK_TSTAMP_NEW) &&
  1130. !sock_flag(sk, SOCK_RCVTSTAMPNS);
  1131. break;
  1132. case SO_TIMESTAMPNS_OLD:
  1133. v.val = sock_flag(sk, SOCK_RCVTSTAMPNS) && !sock_flag(sk, SOCK_TSTAMP_NEW);
  1134. break;
  1135. case SO_TIMESTAMP_NEW:
  1136. v.val = sock_flag(sk, SOCK_RCVTSTAMP) && sock_flag(sk, SOCK_TSTAMP_NEW);
  1137. break;
  1138. case SO_TIMESTAMPNS_NEW:
  1139. v.val = sock_flag(sk, SOCK_RCVTSTAMPNS) && sock_flag(sk, SOCK_TSTAMP_NEW);
  1140. break;
  1141. case SO_TIMESTAMPING_OLD:
  1142. v.val = sk->sk_tsflags;
  1143. break;
  1144. case SO_RCVTIMEO_OLD:
  1145. case SO_RCVTIMEO_NEW:
  1146. lv = sock_get_timeout(sk->sk_rcvtimeo, &v, SO_RCVTIMEO_OLD == optname);
  1147. break;
  1148. case SO_SNDTIMEO_OLD:
  1149. case SO_SNDTIMEO_NEW:
  1150. lv = sock_get_timeout(sk->sk_sndtimeo, &v, SO_SNDTIMEO_OLD == optname);
  1151. break;
  1152. case SO_RCVLOWAT:
  1153. v.val = sk->sk_rcvlowat;
  1154. break;
  1155. case SO_SNDLOWAT:
  1156. v.val = 1;
  1157. break;
  1158. case SO_PASSCRED:
  1159. v.val = !!test_bit(SOCK_PASSCRED, &sock->flags);
  1160. break;
  1161. case SO_PEERCRED:
  1162. {
  1163. struct ucred peercred;
  1164. if (len > sizeof(peercred))
  1165. len = sizeof(peercred);
  1166. cred_to_ucred(sk->sk_peer_pid, sk->sk_peer_cred, &peercred);
  1167. if (copy_to_user(optval, &peercred, len))
  1168. return -EFAULT;
  1169. goto lenout;
  1170. }
  1171. case SO_PEERGROUPS:
  1172. {
  1173. int ret, n;
  1174. if (!sk->sk_peer_cred)
  1175. return -ENODATA;
  1176. n = sk->sk_peer_cred->group_info->ngroups;
  1177. if (len < n * sizeof(gid_t)) {
  1178. len = n * sizeof(gid_t);
  1179. return put_user(len, optlen) ? -EFAULT : -ERANGE;
  1180. }
  1181. len = n * sizeof(gid_t);
  1182. ret = groups_to_user((gid_t __user *)optval,
  1183. sk->sk_peer_cred->group_info);
  1184. if (ret)
  1185. return ret;
  1186. goto lenout;
  1187. }
  1188. case SO_PEERNAME:
  1189. {
  1190. char address[128];
  1191. lv = sock->ops->getname(sock, (struct sockaddr *)address, 2);
  1192. if (lv < 0)
  1193. return -ENOTCONN;
  1194. if (lv < len)
  1195. return -EINVAL;
  1196. if (copy_to_user(optval, address, len))
  1197. return -EFAULT;
  1198. goto lenout;
  1199. }
  1200. /* Dubious BSD thing... Probably nobody even uses it, but
  1201. * the UNIX standard wants it for whatever reason... -DaveM
  1202. */
  1203. case SO_ACCEPTCONN:
  1204. v.val = sk->sk_state == TCP_LISTEN;
  1205. break;
  1206. case SO_PASSSEC:
  1207. v.val = !!test_bit(SOCK_PASSSEC, &sock->flags);
  1208. break;
  1209. case SO_PEERSEC:
  1210. return security_socket_getpeersec_stream(sock, optval, optlen, len);
  1211. case SO_MARK:
  1212. v.val = sk->sk_mark;
  1213. break;
  1214. case SO_RXQ_OVFL:
  1215. v.val = sock_flag(sk, SOCK_RXQ_OVFL);
  1216. break;
  1217. case SO_WIFI_STATUS:
  1218. v.val = sock_flag(sk, SOCK_WIFI_STATUS);
  1219. break;
  1220. case SO_PEEK_OFF:
  1221. if (!sock->ops->set_peek_off)
  1222. return -EOPNOTSUPP;
  1223. v.val = sk->sk_peek_off;
  1224. break;
  1225. case SO_NOFCS:
  1226. v.val = sock_flag(sk, SOCK_NOFCS);
  1227. break;
  1228. case SO_BINDTODEVICE:
  1229. return sock_getbindtodevice(sk, optval, optlen, len);
  1230. case SO_GET_FILTER:
  1231. len = sk_get_filter(sk, (struct sock_filter __user *)optval, len);
  1232. if (len < 0)
  1233. return len;
  1234. goto lenout;
  1235. case SO_LOCK_FILTER:
  1236. v.val = sock_flag(sk, SOCK_FILTER_LOCKED);
  1237. break;
  1238. case SO_BPF_EXTENSIONS:
  1239. v.val = bpf_tell_extensions();
  1240. break;
  1241. case SO_SELECT_ERR_QUEUE:
  1242. v.val = sock_flag(sk, SOCK_SELECT_ERR_QUEUE);
  1243. break;
  1244. #ifdef CONFIG_NET_RX_BUSY_POLL
  1245. case SO_BUSY_POLL:
  1246. v.val = sk->sk_ll_usec;
  1247. break;
  1248. #endif
  1249. case SO_MAX_PACING_RATE:
  1250. if (sizeof(v.ulval) != sizeof(v.val) && len >= sizeof(v.ulval)) {
  1251. lv = sizeof(v.ulval);
  1252. v.ulval = sk->sk_max_pacing_rate;
  1253. } else {
  1254. /* 32bit version */
  1255. v.val = min_t(unsigned long, sk->sk_max_pacing_rate, ~0U);
  1256. }
  1257. break;
  1258. case SO_INCOMING_CPU:
  1259. v.val = READ_ONCE(sk->sk_incoming_cpu);
  1260. break;
  1261. case SO_MEMINFO:
  1262. {
  1263. u32 meminfo[SK_MEMINFO_VARS];
  1264. sk_get_meminfo(sk, meminfo);
  1265. len = min_t(unsigned int, len, sizeof(meminfo));
  1266. if (copy_to_user(optval, &meminfo, len))
  1267. return -EFAULT;
  1268. goto lenout;
  1269. }
  1270. #ifdef CONFIG_NET_RX_BUSY_POLL
  1271. case SO_INCOMING_NAPI_ID:
  1272. v.val = READ_ONCE(sk->sk_napi_id);
  1273. /* aggregate non-NAPI IDs down to 0 */
  1274. if (v.val < MIN_NAPI_ID)
  1275. v.val = 0;
  1276. break;
  1277. #endif
  1278. case SO_COOKIE:
  1279. lv = sizeof(u64);
  1280. if (len < lv)
  1281. return -EINVAL;
  1282. v.val64 = sock_gen_cookie(sk);
  1283. break;
  1284. case SO_ZEROCOPY:
  1285. v.val = sock_flag(sk, SOCK_ZEROCOPY);
  1286. break;
  1287. case SO_TXTIME:
  1288. lv = sizeof(v.txtime);
  1289. v.txtime.clockid = sk->sk_clockid;
  1290. v.txtime.flags |= sk->sk_txtime_deadline_mode ?
  1291. SOF_TXTIME_DEADLINE_MODE : 0;
  1292. v.txtime.flags |= sk->sk_txtime_report_errors ?
  1293. SOF_TXTIME_REPORT_ERRORS : 0;
  1294. break;
  1295. case SO_BINDTOIFINDEX:
  1296. v.val = sk->sk_bound_dev_if;
  1297. break;
  1298. default:
  1299. /* We implement the SO_SNDLOWAT etc to not be settable
  1300. * (1003.1g 7).
  1301. */
  1302. return -ENOPROTOOPT;
  1303. }
  1304. if (len > lv)
  1305. len = lv;
  1306. if (copy_to_user(optval, &v, len))
  1307. return -EFAULT;
  1308. lenout:
  1309. if (put_user(len, optlen))
  1310. return -EFAULT;
  1311. return 0;
  1312. }
  1313. /*
  1314. * Initialize an sk_lock.
  1315. *
  1316. * (We also register the sk_lock with the lock validator.)
  1317. */
  1318. static inline void sock_lock_init(struct sock *sk)
  1319. {
  1320. if (sk->sk_kern_sock)
  1321. sock_lock_init_class_and_name(
  1322. sk,
  1323. af_family_kern_slock_key_strings[sk->sk_family],
  1324. af_family_kern_slock_keys + sk->sk_family,
  1325. af_family_kern_key_strings[sk->sk_family],
  1326. af_family_kern_keys + sk->sk_family);
  1327. else
  1328. sock_lock_init_class_and_name(
  1329. sk,
  1330. af_family_slock_key_strings[sk->sk_family],
  1331. af_family_slock_keys + sk->sk_family,
  1332. af_family_key_strings[sk->sk_family],
  1333. af_family_keys + sk->sk_family);
  1334. }
  1335. /*
  1336. * Copy all fields from osk to nsk but nsk->sk_refcnt must not change yet,
  1337. * even temporarly, because of RCU lookups. sk_node should also be left as is.
  1338. * We must not copy fields between sk_dontcopy_begin and sk_dontcopy_end
  1339. */
  1340. static void sock_copy(struct sock *nsk, const struct sock *osk)
  1341. {
  1342. const struct proto *prot = READ_ONCE(osk->sk_prot);
  1343. #ifdef CONFIG_SECURITY_NETWORK
  1344. void *sptr = nsk->sk_security;
  1345. #endif
  1346. memcpy(nsk, osk, offsetof(struct sock, sk_dontcopy_begin));
  1347. memcpy(&nsk->sk_dontcopy_end, &osk->sk_dontcopy_end,
  1348. prot->obj_size - offsetof(struct sock, sk_dontcopy_end));
  1349. #ifdef CONFIG_SECURITY_NETWORK
  1350. nsk->sk_security = sptr;
  1351. security_sk_clone(osk, nsk);
  1352. #endif
  1353. }
  1354. static struct sock *sk_prot_alloc(struct proto *prot, gfp_t priority,
  1355. int family)
  1356. {
  1357. struct sock *sk;
  1358. struct kmem_cache *slab;
  1359. slab = prot->slab;
  1360. if (slab != NULL) {
  1361. sk = kmem_cache_alloc(slab, priority & ~__GFP_ZERO);
  1362. if (!sk)
  1363. return sk;
  1364. if (want_init_on_alloc(priority))
  1365. sk_prot_clear_nulls(sk, prot->obj_size);
  1366. } else
  1367. sk = kmalloc(prot->obj_size, priority);
  1368. if (sk != NULL) {
  1369. if (security_sk_alloc(sk, family, priority))
  1370. goto out_free;
  1371. if (!try_module_get(prot->owner))
  1372. goto out_free_sec;
  1373. sk_tx_queue_clear(sk);
  1374. }
  1375. return sk;
  1376. out_free_sec:
  1377. security_sk_free(sk);
  1378. out_free:
  1379. if (slab != NULL)
  1380. kmem_cache_free(slab, sk);
  1381. else
  1382. kfree(sk);
  1383. return NULL;
  1384. }
  1385. static void sk_prot_free(struct proto *prot, struct sock *sk)
  1386. {
  1387. struct kmem_cache *slab;
  1388. struct module *owner;
  1389. owner = prot->owner;
  1390. slab = prot->slab;
  1391. cgroup_sk_free(&sk->sk_cgrp_data);
  1392. mem_cgroup_sk_free(sk);
  1393. security_sk_free(sk);
  1394. if (slab != NULL)
  1395. kmem_cache_free(slab, sk);
  1396. else
  1397. kfree(sk);
  1398. module_put(owner);
  1399. }
  1400. /**
  1401. * sk_alloc - All socket objects are allocated here
  1402. * @net: the applicable net namespace
  1403. * @family: protocol family
  1404. * @priority: for allocation (%GFP_KERNEL, %GFP_ATOMIC, etc)
  1405. * @prot: struct proto associated with this new sock instance
  1406. * @kern: is this to be a kernel socket?
  1407. */
  1408. struct sock *sk_alloc(struct net *net, int family, gfp_t priority,
  1409. struct proto *prot, int kern)
  1410. {
  1411. struct sock *sk;
  1412. sk = sk_prot_alloc(prot, priority | __GFP_ZERO, family);
  1413. if (sk) {
  1414. sk->sk_family = family;
  1415. /*
  1416. * See comment in struct sock definition to understand
  1417. * why we need sk_prot_creator -acme
  1418. */
  1419. sk->sk_prot = sk->sk_prot_creator = prot;
  1420. sk->sk_kern_sock = kern;
  1421. sock_lock_init(sk);
  1422. sk->sk_net_refcnt = kern ? 0 : 1;
  1423. if (likely(sk->sk_net_refcnt)) {
  1424. get_net(net);
  1425. sock_inuse_add(net, 1);
  1426. }
  1427. sock_net_set(sk, net);
  1428. refcount_set(&sk->sk_wmem_alloc, 1);
  1429. mem_cgroup_sk_alloc(sk);
  1430. cgroup_sk_alloc(&sk->sk_cgrp_data);
  1431. sock_update_classid(&sk->sk_cgrp_data);
  1432. sock_update_netprioidx(&sk->sk_cgrp_data);
  1433. }
  1434. return sk;
  1435. }
  1436. EXPORT_SYMBOL(sk_alloc);
  1437. /* Sockets having SOCK_RCU_FREE will call this function after one RCU
  1438. * grace period. This is the case for UDP sockets and TCP listeners.
  1439. */
  1440. static void __sk_destruct(struct rcu_head *head)
  1441. {
  1442. struct sock *sk = container_of(head, struct sock, sk_rcu);
  1443. struct sk_filter *filter;
  1444. if (sk->sk_destruct)
  1445. sk->sk_destruct(sk);
  1446. filter = rcu_dereference_check(sk->sk_filter,
  1447. refcount_read(&sk->sk_wmem_alloc) == 0);
  1448. if (filter) {
  1449. sk_filter_uncharge(sk, filter);
  1450. RCU_INIT_POINTER(sk->sk_filter, NULL);
  1451. }
  1452. sock_disable_timestamp(sk, SK_FLAGS_TIMESTAMP);
  1453. #ifdef CONFIG_BPF_SYSCALL
  1454. bpf_sk_storage_free(sk);
  1455. #endif
  1456. if (atomic_read(&sk->sk_omem_alloc))
  1457. pr_debug("%s: optmem leakage (%d bytes) detected\n",
  1458. __func__, atomic_read(&sk->sk_omem_alloc));
  1459. if (sk->sk_frag.page) {
  1460. put_page(sk->sk_frag.page);
  1461. sk->sk_frag.page = NULL;
  1462. }
  1463. if (sk->sk_peer_cred)
  1464. put_cred(sk->sk_peer_cred);
  1465. put_pid(sk->sk_peer_pid);
  1466. if (likely(sk->sk_net_refcnt))
  1467. put_net(sock_net(sk));
  1468. sk_prot_free(sk->sk_prot_creator, sk);
  1469. }
  1470. void sk_destruct(struct sock *sk)
  1471. {
  1472. bool use_call_rcu = sock_flag(sk, SOCK_RCU_FREE);
  1473. if (rcu_access_pointer(sk->sk_reuseport_cb)) {
  1474. reuseport_detach_sock(sk);
  1475. use_call_rcu = true;
  1476. }
  1477. if (use_call_rcu)
  1478. call_rcu(&sk->sk_rcu, __sk_destruct);
  1479. else
  1480. __sk_destruct(&sk->sk_rcu);
  1481. }
  1482. static void __sk_free(struct sock *sk)
  1483. {
  1484. if (likely(sk->sk_net_refcnt))
  1485. sock_inuse_add(sock_net(sk), -1);
  1486. if (unlikely(sk->sk_net_refcnt && sock_diag_has_destroy_listeners(sk)))
  1487. sock_diag_broadcast_destroy(sk);
  1488. else
  1489. sk_destruct(sk);
  1490. }
  1491. void sk_free(struct sock *sk)
  1492. {
  1493. /*
  1494. * We subtract one from sk_wmem_alloc and can know if
  1495. * some packets are still in some tx queue.
  1496. * If not null, sock_wfree() will call __sk_free(sk) later
  1497. */
  1498. if (refcount_dec_and_test(&sk->sk_wmem_alloc))
  1499. __sk_free(sk);
  1500. }
  1501. EXPORT_SYMBOL(sk_free);
  1502. static void sk_init_common(struct sock *sk)
  1503. {
  1504. skb_queue_head_init(&sk->sk_receive_queue);
  1505. skb_queue_head_init(&sk->sk_write_queue);
  1506. skb_queue_head_init(&sk->sk_error_queue);
  1507. rwlock_init(&sk->sk_callback_lock);
  1508. lockdep_set_class_and_name(&sk->sk_receive_queue.lock,
  1509. af_rlock_keys + sk->sk_family,
  1510. af_family_rlock_key_strings[sk->sk_family]);
  1511. lockdep_set_class_and_name(&sk->sk_write_queue.lock,
  1512. af_wlock_keys + sk->sk_family,
  1513. af_family_wlock_key_strings[sk->sk_family]);
  1514. lockdep_set_class_and_name(&sk->sk_error_queue.lock,
  1515. af_elock_keys + sk->sk_family,
  1516. af_family_elock_key_strings[sk->sk_family]);
  1517. lockdep_set_class_and_name(&sk->sk_callback_lock,
  1518. af_callback_keys + sk->sk_family,
  1519. af_family_clock_key_strings[sk->sk_family]);
  1520. }
  1521. /**
  1522. * sk_clone_lock - clone a socket, and lock its clone
  1523. * @sk: the socket to clone
  1524. * @priority: for allocation (%GFP_KERNEL, %GFP_ATOMIC, etc)
  1525. *
  1526. * Caller must unlock socket even in error path (bh_unlock_sock(newsk))
  1527. */
  1528. struct sock *sk_clone_lock(const struct sock *sk, const gfp_t priority)
  1529. {
  1530. struct proto *prot = READ_ONCE(sk->sk_prot);
  1531. struct sock *newsk;
  1532. bool is_charged = true;
  1533. newsk = sk_prot_alloc(prot, priority, sk->sk_family);
  1534. if (newsk != NULL) {
  1535. struct sk_filter *filter;
  1536. sock_copy(newsk, sk);
  1537. newsk->sk_prot_creator = prot;
  1538. /* SANITY */
  1539. if (likely(newsk->sk_net_refcnt))
  1540. get_net(sock_net(newsk));
  1541. sk_node_init(&newsk->sk_node);
  1542. sock_lock_init(newsk);
  1543. bh_lock_sock(newsk);
  1544. newsk->sk_backlog.head = newsk->sk_backlog.tail = NULL;
  1545. newsk->sk_backlog.len = 0;
  1546. atomic_set(&newsk->sk_rmem_alloc, 0);
  1547. /*
  1548. * sk_wmem_alloc set to one (see sk_free() and sock_wfree())
  1549. */
  1550. refcount_set(&newsk->sk_wmem_alloc, 1);
  1551. atomic_set(&newsk->sk_omem_alloc, 0);
  1552. sk_init_common(newsk);
  1553. newsk->sk_dst_cache = NULL;
  1554. newsk->sk_dst_pending_confirm = 0;
  1555. newsk->sk_wmem_queued = 0;
  1556. newsk->sk_forward_alloc = 0;
  1557. atomic_set(&newsk->sk_drops, 0);
  1558. newsk->sk_send_head = NULL;
  1559. newsk->sk_userlocks = sk->sk_userlocks & ~SOCK_BINDPORT_LOCK;
  1560. atomic_set(&newsk->sk_zckey, 0);
  1561. sock_reset_flag(newsk, SOCK_DONE);
  1562. /* sk->sk_memcg will be populated at accept() time */
  1563. newsk->sk_memcg = NULL;
  1564. cgroup_sk_alloc(&newsk->sk_cgrp_data);
  1565. rcu_read_lock();
  1566. filter = rcu_dereference(sk->sk_filter);
  1567. if (filter != NULL)
  1568. /* though it's an empty new sock, the charging may fail
  1569. * if sysctl_optmem_max was changed between creation of
  1570. * original socket and cloning
  1571. */
  1572. is_charged = sk_filter_charge(newsk, filter);
  1573. RCU_INIT_POINTER(newsk->sk_filter, filter);
  1574. rcu_read_unlock();
  1575. if (unlikely(!is_charged || xfrm_sk_clone_policy(newsk, sk))) {
  1576. /* We need to make sure that we don't uncharge the new
  1577. * socket if we couldn't charge it in the first place
  1578. * as otherwise we uncharge the parent's filter.
  1579. */
  1580. if (!is_charged)
  1581. RCU_INIT_POINTER(newsk->sk_filter, NULL);
  1582. sk_free_unlock_clone(newsk);
  1583. newsk = NULL;
  1584. goto out;
  1585. }
  1586. RCU_INIT_POINTER(newsk->sk_reuseport_cb, NULL);
  1587. if (bpf_sk_storage_clone(sk, newsk)) {
  1588. sk_free_unlock_clone(newsk);
  1589. newsk = NULL;
  1590. goto out;
  1591. }
  1592. /* Clear sk_user_data if parent had the pointer tagged
  1593. * as not suitable for copying when cloning.
  1594. */
  1595. if (sk_user_data_is_nocopy(newsk))
  1596. newsk->sk_user_data = NULL;
  1597. newsk->sk_err = 0;
  1598. newsk->sk_err_soft = 0;
  1599. newsk->sk_priority = 0;
  1600. newsk->sk_incoming_cpu = raw_smp_processor_id();
  1601. if (likely(newsk->sk_net_refcnt))
  1602. sock_inuse_add(sock_net(newsk), 1);
  1603. /*
  1604. * Before updating sk_refcnt, we must commit prior changes to memory
  1605. * (Documentation/RCU/rculist_nulls.txt for details)
  1606. */
  1607. smp_wmb();
  1608. refcount_set(&newsk->sk_refcnt, 2);
  1609. /*
  1610. * Increment the counter in the same struct proto as the master
  1611. * sock (sk_refcnt_debug_inc uses newsk->sk_prot->socks, that
  1612. * is the same as sk->sk_prot->socks, as this field was copied
  1613. * with memcpy).
  1614. *
  1615. * This _changes_ the previous behaviour, where
  1616. * tcp_create_openreq_child always was incrementing the
  1617. * equivalent to tcp_prot->socks (inet_sock_nr), so this have
  1618. * to be taken into account in all callers. -acme
  1619. */
  1620. sk_refcnt_debug_inc(newsk);
  1621. sk_set_socket(newsk, NULL);
  1622. RCU_INIT_POINTER(newsk->sk_wq, NULL);
  1623. if (newsk->sk_prot->sockets_allocated)
  1624. sk_sockets_allocated_inc(newsk);
  1625. if (sock_needs_netstamp(sk) &&
  1626. newsk->sk_flags & SK_FLAGS_TIMESTAMP)
  1627. net_enable_timestamp();
  1628. }
  1629. out:
  1630. return newsk;
  1631. }
  1632. EXPORT_SYMBOL_GPL(sk_clone_lock);
  1633. void sk_free_unlock_clone(struct sock *sk)
  1634. {
  1635. /* It is still raw copy of parent, so invalidate
  1636. * destructor and make plain sk_free() */
  1637. sk->sk_destruct = NULL;
  1638. bh_unlock_sock(sk);
  1639. sk_free(sk);
  1640. }
  1641. EXPORT_SYMBOL_GPL(sk_free_unlock_clone);
  1642. void sk_setup_caps(struct sock *sk, struct dst_entry *dst)
  1643. {
  1644. u32 max_segs = 1;
  1645. sk_dst_set(sk, dst);
  1646. sk->sk_route_caps = dst->dev->features | sk->sk_route_forced_caps;
  1647. if (sk->sk_route_caps & NETIF_F_GSO)
  1648. sk->sk_route_caps |= NETIF_F_GSO_SOFTWARE;
  1649. sk->sk_route_caps &= ~sk->sk_route_nocaps;
  1650. if (sk_can_gso(sk)) {
  1651. if (dst->header_len && !xfrm_dst_offload_ok(dst)) {
  1652. sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
  1653. } else {
  1654. sk->sk_route_caps |= NETIF_F_SG | NETIF_F_HW_CSUM;
  1655. sk->sk_gso_max_size = dst->dev->gso_max_size;
  1656. max_segs = max_t(u32, dst->dev->gso_max_segs, 1);
  1657. }
  1658. }
  1659. sk->sk_gso_max_segs = max_segs;
  1660. }
  1661. EXPORT_SYMBOL_GPL(sk_setup_caps);
  1662. /*
  1663. * Simple resource managers for sockets.
  1664. */
  1665. /*
  1666. * Write buffer destructor automatically called from kfree_skb.
  1667. */
  1668. void sock_wfree(struct sk_buff *skb)
  1669. {
  1670. struct sock *sk = skb->sk;
  1671. unsigned int len = skb->truesize;
  1672. if (!sock_flag(sk, SOCK_USE_WRITE_QUEUE)) {
  1673. /*
  1674. * Keep a reference on sk_wmem_alloc, this will be released
  1675. * after sk_write_space() call
  1676. */
  1677. WARN_ON(refcount_sub_and_test(len - 1, &sk->sk_wmem_alloc));
  1678. sk->sk_write_space(sk);
  1679. len = 1;
  1680. }
  1681. /*
  1682. * if sk_wmem_alloc reaches 0, we must finish what sk_free()
  1683. * could not do because of in-flight packets
  1684. */
  1685. if (refcount_sub_and_test(len, &sk->sk_wmem_alloc))
  1686. __sk_free(sk);
  1687. }
  1688. EXPORT_SYMBOL(sock_wfree);
  1689. /* This variant of sock_wfree() is used by TCP,
  1690. * since it sets SOCK_USE_WRITE_QUEUE.
  1691. */
  1692. void __sock_wfree(struct sk_buff *skb)
  1693. {
  1694. struct sock *sk = skb->sk;
  1695. if (refcount_sub_and_test(skb->truesize, &sk->sk_wmem_alloc))
  1696. __sk_free(sk);
  1697. }
  1698. void skb_set_owner_w(struct sk_buff *skb, struct sock *sk)
  1699. {
  1700. skb_orphan(skb);
  1701. skb->sk = sk;
  1702. #ifdef CONFIG_INET
  1703. if (unlikely(!sk_fullsock(sk))) {
  1704. skb->destructor = sock_edemux;
  1705. sock_hold(sk);
  1706. return;
  1707. }
  1708. #endif
  1709. skb->destructor = sock_wfree;
  1710. skb_set_hash_from_sk(skb, sk);
  1711. /*
  1712. * We used to take a refcount on sk, but following operation
  1713. * is enough to guarantee sk_free() wont free this sock until
  1714. * all in-flight packets are completed
  1715. */
  1716. refcount_add(skb->truesize, &sk->sk_wmem_alloc);
  1717. }
  1718. EXPORT_SYMBOL(skb_set_owner_w);
  1719. static bool can_skb_orphan_partial(const struct sk_buff *skb)
  1720. {
  1721. #ifdef CONFIG_TLS_DEVICE
  1722. /* Drivers depend on in-order delivery for crypto offload,
  1723. * partial orphan breaks out-of-order-OK logic.
  1724. */
  1725. if (skb->decrypted)
  1726. return false;
  1727. #endif
  1728. return (skb->destructor == sock_wfree ||
  1729. (IS_ENABLED(CONFIG_INET) && skb->destructor == tcp_wfree));
  1730. }
  1731. /* This helper is used by netem, as it can hold packets i…