Commit | Line | Data |
---|---|---|
2874c5fd | 1 | // SPDX-License-Identifier: GPL-2.0-or-later |
1da177e4 | 2 | /* |
73c1f4a0 | 3 | * inet_diag.c Module for monitoring INET transport protocols sockets. |
1da177e4 | 4 | * |
1da177e4 | 5 | * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru> |
1da177e4 LT |
6 | */ |
7 | ||
172589cc | 8 | #include <linux/kernel.h> |
1da177e4 LT |
9 | #include <linux/module.h> |
10 | #include <linux/types.h> | |
11 | #include <linux/fcntl.h> | |
12 | #include <linux/random.h> | |
5a0e3ad6 | 13 | #include <linux/slab.h> |
1da177e4 LT |
14 | #include <linux/cache.h> |
15 | #include <linux/init.h> | |
16 | #include <linux/time.h> | |
17 | ||
18 | #include <net/icmp.h> | |
19 | #include <net/tcp.h> | |
20 | #include <net/ipv6.h> | |
21 | #include <net/inet_common.h> | |
505cbfc5 ACM |
22 | #include <net/inet_connection_sock.h> |
23 | #include <net/inet_hashtables.h> | |
24 | #include <net/inet_timewait_sock.h> | |
25 | #include <net/inet6_hashtables.h> | |
085c20ca | 26 | #include <net/bpf_sk_storage.h> |
dc5fc579 | 27 | #include <net/netlink.h> |
1da177e4 LT |
28 | |
29 | #include <linux/inet.h> | |
30 | #include <linux/stddef.h> | |
31 | ||
a8c2190e | 32 | #include <linux/inet_diag.h> |
d366477a | 33 | #include <linux/sock_diag.h> |
1da177e4 | 34 | |
4f5736c4 ACM |
35 | static const struct inet_diag_handler **inet_diag_table; |
36 | ||
73c1f4a0 | 37 | struct inet_diag_entry { |
e31c5e0e ED |
38 | const __be32 *saddr; |
39 | const __be32 *daddr; | |
1da177e4 LT |
40 | u16 sport; |
41 | u16 dport; | |
42 | u16 family; | |
43 | u16 userlocks; | |
637c841d | 44 | u32 ifindex; |
a52e95ab | 45 | u32 mark; |
b1f3e43d DY |
46 | #ifdef CONFIG_SOCK_CGROUP_DATA |
47 | u64 cgroup_id; | |
48 | #endif | |
1da177e4 LT |
49 | }; |
50 | ||
d523a328 HX |
51 | static DEFINE_MUTEX(inet_diag_table_mutex); |
52 | ||
f13c95f0 | 53 | static const struct inet_diag_handler *inet_diag_lock_handler(int proto) |
d523a328 | 54 | { |
3f935c75 PA |
55 | if (proto < 0 || proto >= IPPROTO_MAX) { |
56 | mutex_lock(&inet_diag_table_mutex); | |
57 | return ERR_PTR(-ENOENT); | |
58 | } | |
59 | ||
f13c95f0 | 60 | if (!inet_diag_table[proto]) |
bf2ae2e4 | 61 | sock_load_diag_module(AF_INET, proto); |
d523a328 HX |
62 | |
63 | mutex_lock(&inet_diag_table_mutex); | |
f13c95f0 | 64 | if (!inet_diag_table[proto]) |
d523a328 HX |
65 | return ERR_PTR(-ENOENT); |
66 | ||
f13c95f0 | 67 | return inet_diag_table[proto]; |
d523a328 HX |
68 | } |
69 | ||
e31c5e0e | 70 | static void inet_diag_unlock_handler(const struct inet_diag_handler *handler) |
d523a328 HX |
71 | { |
72 | mutex_unlock(&inet_diag_table_mutex); | |
73 | } | |
74 | ||
cb2050a7 | 75 | void inet_diag_msg_common_fill(struct inet_diag_msg *r, struct sock *sk) |
a4458343 ED |
76 | { |
77 | r->idiag_family = sk->sk_family; | |
78 | ||
79 | r->id.idiag_sport = htons(sk->sk_num); | |
80 | r->id.idiag_dport = sk->sk_dport; | |
81 | r->id.idiag_if = sk->sk_bound_dev_if; | |
82 | sock_diag_save_cookie(sk, r->id.idiag_cookie); | |
83 | ||
84 | #if IS_ENABLED(CONFIG_IPV6) | |
85 | if (sk->sk_family == AF_INET6) { | |
86 | *(struct in6_addr *)r->id.idiag_src = sk->sk_v6_rcv_saddr; | |
87 | *(struct in6_addr *)r->id.idiag_dst = sk->sk_v6_daddr; | |
88 | } else | |
89 | #endif | |
90 | { | |
91 | memset(&r->id.idiag_src, 0, sizeof(r->id.idiag_src)); | |
92 | memset(&r->id.idiag_dst, 0, sizeof(r->id.idiag_dst)); | |
93 | ||
94 | r->id.idiag_src[0] = sk->sk_rcv_saddr; | |
95 | r->id.idiag_dst[0] = sk->sk_daddr; | |
96 | } | |
97 | } | |
cb2050a7 | 98 | EXPORT_SYMBOL_GPL(inet_diag_msg_common_fill); |
a4458343 | 99 | |
b37e8840 ID |
100 | static size_t inet_sk_attr_size(struct sock *sk, |
101 | const struct inet_diag_req_v2 *req, | |
102 | bool net_admin) | |
c8e2c80d | 103 | { |
b37e8840 ID |
104 | const struct inet_diag_handler *handler; |
105 | size_t aux = 0; | |
106 | ||
107 | handler = inet_diag_table[req->sdiag_protocol]; | |
108 | if (handler && handler->idiag_get_aux_size) | |
109 | aux = handler->idiag_get_aux_size(sk, net_admin); | |
110 | ||
c8e2c80d | 111 | return nla_total_size(sizeof(struct tcp_info)) |
c8e2c80d | 112 | + nla_total_size(sizeof(struct inet_diag_msg)) |
83f73c5b DY |
113 | + inet_diag_msg_attrs_size() |
114 | + nla_total_size(sizeof(struct inet_diag_meminfo)) | |
c8e2c80d ED |
115 | + nla_total_size(SK_MEMINFO_VARS * sizeof(u32)) |
116 | + nla_total_size(TCP_CA_NAME_MAX) | |
117 | + nla_total_size(sizeof(struct tcpvegas_info)) | |
b37e8840 | 118 | + aux |
c8e2c80d ED |
119 | + 64; |
120 | } | |
121 | ||
cb2050a7 XL |
122 | int inet_diag_msg_attrs_fill(struct sock *sk, struct sk_buff *skb, |
123 | struct inet_diag_msg *r, int ext, | |
d545caca LC |
124 | struct user_namespace *user_ns, |
125 | bool net_admin) | |
cb2050a7 XL |
126 | { |
127 | const struct inet_sock *inet = inet_sk(sk); | |
c1077616 | 128 | struct inet_diag_sockopt inet_sockopt; |
cb2050a7 XL |
129 | |
130 | if (nla_put_u8(skb, INET_DIAG_SHUTDOWN, sk->sk_shutdown)) | |
131 | goto errout; | |
132 | ||
133 | /* IPv6 dual-stack sockets use inet->tos for IPv4 connections, | |
134 | * hence this needs to be included regardless of socket family. | |
135 | */ | |
136 | if (ext & (1 << (INET_DIAG_TOS - 1))) | |
137 | if (nla_put_u8(skb, INET_DIAG_TOS, inet->tos) < 0) | |
138 | goto errout; | |
139 | ||
140 | #if IS_ENABLED(CONFIG_IPV6) | |
141 | if (r->idiag_family == AF_INET6) { | |
142 | if (ext & (1 << (INET_DIAG_TCLASS - 1))) | |
143 | if (nla_put_u8(skb, INET_DIAG_TCLASS, | |
144 | inet6_sk(sk)->tclass) < 0) | |
145 | goto errout; | |
146 | ||
147 | if (((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) && | |
148 | nla_put_u8(skb, INET_DIAG_SKV6ONLY, ipv6_only_sock(sk))) | |
149 | goto errout; | |
150 | } | |
151 | #endif | |
152 | ||
3c5b4d69 | 153 | if (net_admin && nla_put_u32(skb, INET_DIAG_MARK, READ_ONCE(sk->sk_mark))) |
d545caca LC |
154 | goto errout; |
155 | ||
83f73c5b DY |
156 | if (ext & (1 << (INET_DIAG_CLASS_ID - 1)) || |
157 | ext & (1 << (INET_DIAG_TCLASS - 1))) { | |
158 | u32 classid = 0; | |
159 | ||
160 | #ifdef CONFIG_SOCK_CGROUP_DATA | |
161 | classid = sock_cgroup_classid(&sk->sk_cgrp_data); | |
162 | #endif | |
163 | /* Fallback to socket priority if class id isn't set. | |
164 | * Classful qdiscs use it as direct reference to class. | |
165 | * For cgroup2 classid is always zero. | |
166 | */ | |
167 | if (!classid) | |
168 | classid = sk->sk_priority; | |
169 | ||
170 | if (nla_put_u32(skb, INET_DIAG_CLASS_ID, classid)) | |
171 | goto errout; | |
172 | } | |
173 | ||
6e3a401f DY |
174 | #ifdef CONFIG_SOCK_CGROUP_DATA |
175 | if (nla_put_u64_64bit(skb, INET_DIAG_CGROUP_ID, | |
176 | cgroup_id(sock_cgroup_ptr(&sk->sk_cgrp_data)), | |
177 | INET_DIAG_PAD)) | |
178 | goto errout; | |
179 | #endif | |
180 | ||
cb2050a7 XL |
181 | r->idiag_uid = from_kuid_munged(user_ns, sock_i_uid(sk)); |
182 | r->idiag_inode = sock_i_ino(sk); | |
183 | ||
c1077616 | 184 | memset(&inet_sockopt, 0, sizeof(inet_sockopt)); |
6b5f43ea | 185 | inet_sockopt.recverr = inet_test_bit(RECVERR, sk); |
b1c0356a | 186 | inet_sockopt.is_icsk = inet_test_bit(IS_ICSK, sk); |
3f7e7532 | 187 | inet_sockopt.freebind = inet_test_bit(FREEBIND, sk); |
cafbe182 | 188 | inet_sockopt.hdrincl = inet_test_bit(HDRINCL, sk); |
b09bde5c | 189 | inet_sockopt.mc_loop = inet_test_bit(MC_LOOP, sk); |
4bd0623f | 190 | inet_sockopt.transparent = inet_test_bit(TRANSPARENT, sk); |
307b4ac6 | 191 | inet_sockopt.mc_all = inet_test_bit(MC_ALL, sk); |
f04b8d34 | 192 | inet_sockopt.nodefrag = inet_test_bit(NODEFRAG, sk); |
ca571e2e | 193 | inet_sockopt.bind_address_no_port = inet_test_bit(BIND_ADDRESS_NO_PORT, sk); |
8e8cfb11 | 194 | inet_sockopt.recverr_rfc4884 = inet_test_bit(RECVERR_RFC4884, sk); |
08e39c0d | 195 | inet_sockopt.defer_connect = inet_test_bit(DEFER_CONNECT, sk); |
c1077616 WW |
196 | if (nla_put(skb, INET_DIAG_SOCKOPT, sizeof(inet_sockopt), |
197 | &inet_sockopt)) | |
198 | goto errout; | |
199 | ||
cb2050a7 XL |
200 | return 0; |
201 | errout: | |
202 | return 1; | |
203 | } | |
204 | EXPORT_SYMBOL_GPL(inet_diag_msg_attrs_fill); | |
205 | ||
d5e4d0a5 ED |
206 | static int inet_diag_parse_attrs(const struct nlmsghdr *nlh, int hdrlen, |
207 | struct nlattr **req_nlas) | |
3f935c75 PA |
208 | { |
209 | struct nlattr *nla; | |
210 | int remaining; | |
211 | ||
212 | nlmsg_for_each_attr(nla, nlh, hdrlen, remaining) { | |
213 | int type = nla_type(nla); | |
214 | ||
d5e4d0a5 ED |
215 | if (type == INET_DIAG_REQ_PROTOCOL && nla_len(nla) != sizeof(u32)) |
216 | return -EINVAL; | |
217 | ||
3f935c75 PA |
218 | if (type < __INET_DIAG_REQ_MAX) |
219 | req_nlas[type] = nla; | |
220 | } | |
d5e4d0a5 | 221 | return 0; |
3f935c75 PA |
222 | } |
223 | ||
224 | static int inet_diag_get_protocol(const struct inet_diag_req_v2 *req, | |
225 | const struct inet_diag_dump_data *data) | |
226 | { | |
227 | if (data->req_nlas[INET_DIAG_REQ_PROTOCOL]) | |
228 | return nla_get_u32(data->req_nlas[INET_DIAG_REQ_PROTOCOL]); | |
229 | return req->sdiag_protocol; | |
230 | } | |
231 | ||
085c20ca MKL |
232 | #define MAX_DUMP_ALLOC_SIZE (KMALLOC_MAX_SIZE - SKB_DATA_ALIGN(sizeof(struct skb_shared_info))) |
233 | ||
3c4d05c8 | 234 | int inet_sk_diag_fill(struct sock *sk, struct inet_connection_sock *icsk, |
5682d393 MKL |
235 | struct sk_buff *skb, struct netlink_callback *cb, |
236 | const struct inet_diag_req_v2 *req, | |
237 | u16 nlmsg_flags, bool net_admin) | |
1da177e4 | 238 | { |
521f1cf1 | 239 | const struct tcp_congestion_ops *ca_ops; |
e31c5e0e | 240 | const struct inet_diag_handler *handler; |
085c20ca | 241 | struct inet_diag_dump_data *cb_data; |
e31c5e0e | 242 | int ext = req->idiag_ext; |
73c1f4a0 | 243 | struct inet_diag_msg *r; |
1da177e4 | 244 | struct nlmsghdr *nlh; |
6e277ed5 | 245 | struct nlattr *attr; |
4f5736c4 | 246 | void *info = NULL; |
4f5736c4 | 247 | |
085c20ca | 248 | cb_data = cb->data; |
3f935c75 | 249 | handler = inet_diag_table[inet_diag_get_protocol(req, cb_data)]; |
e31c5e0e | 250 | BUG_ON(!handler); |
1da177e4 | 251 | |
5682d393 MKL |
252 | nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq, |
253 | cb->nlh->nlmsg_type, sizeof(*r), nlmsg_flags); | |
6e277ed5 | 254 | if (!nlh) |
d106352d | 255 | return -EMSGSIZE; |
4f5736c4 | 256 | |
d106352d | 257 | r = nlmsg_data(nlh); |
a58917f5 | 258 | BUG_ON(!sk_fullsock(sk)); |
c7d58aab | 259 | |
a4458343 | 260 | inet_diag_msg_common_fill(r, sk); |
73c1f4a0 ACM |
261 | r->idiag_state = sk->sk_state; |
262 | r->idiag_timer = 0; | |
263 | r->idiag_retrans = 0; | |
71ddeac8 | 264 | r->idiag_expires = 0; |
1da177e4 | 265 | |
5682d393 MKL |
266 | if (inet_diag_msg_attrs_fill(sk, skb, r, ext, |
267 | sk_user_ns(NETLINK_CB(cb->skb).sk), | |
268 | net_admin)) | |
e4e541a8 PE |
269 | goto errout; |
270 | ||
6e277ed5 TG |
271 | if (ext & (1 << (INET_DIAG_MEMINFO - 1))) { |
272 | struct inet_diag_meminfo minfo = { | |
273 | .idiag_rmem = sk_rmem_alloc_get(sk), | |
ab4e846a | 274 | .idiag_wmem = READ_ONCE(sk->sk_wmem_queued), |
292e6077 | 275 | .idiag_fmem = sk_forward_alloc_get(sk), |
6e277ed5 TG |
276 | .idiag_tmem = sk_wmem_alloc_get(sk), |
277 | }; | |
278 | ||
279 | if (nla_put(skb, INET_DIAG_MEMINFO, sizeof(minfo), &minfo) < 0) | |
280 | goto errout; | |
3c4d05c8 PE |
281 | } |
282 | ||
c0636faa PE |
283 | if (ext & (1 << (INET_DIAG_SKMEMINFO - 1))) |
284 | if (sock_diag_put_meminfo(sk, skb, INET_DIAG_SKMEMINFO)) | |
6e277ed5 | 285 | goto errout; |
c0636faa | 286 | |
432490f9 CG |
287 | /* |
288 | * RAW sockets might have user-defined protocols assigned, | |
289 | * so report the one supplied on socket creation. | |
290 | */ | |
291 | if (sk->sk_type == SOCK_RAW) { | |
292 | if (nla_put_u8(skb, INET_DIAG_PROTOCOL, sk->sk_protocol)) | |
293 | goto errout; | |
294 | } | |
295 | ||
e31c5e0e | 296 | if (!icsk) { |
62ad6fcd | 297 | handler->idiag_get_info(sk, r, NULL); |
3c4d05c8 PE |
298 | goto out; |
299 | } | |
300 | ||
6ba8a3b1 | 301 | if (icsk->icsk_pending == ICSK_TIME_RETRANS || |
57dde7f7 | 302 | icsk->icsk_pending == ICSK_TIME_REO_TIMEOUT || |
6ba8a3b1 | 303 | icsk->icsk_pending == ICSK_TIME_LOSS_PROBE) { |
73c1f4a0 ACM |
304 | r->idiag_timer = 1; |
305 | r->idiag_retrans = icsk->icsk_retransmits; | |
b7de529c | 306 | r->idiag_expires = |
3828a93f | 307 | jiffies_delta_to_msecs(icsk->icsk_timeout - jiffies); |
463c84b9 | 308 | } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) { |
73c1f4a0 ACM |
309 | r->idiag_timer = 4; |
310 | r->idiag_retrans = icsk->icsk_probes_out; | |
b7de529c | 311 | r->idiag_expires = |
3828a93f | 312 | jiffies_delta_to_msecs(icsk->icsk_timeout - jiffies); |
1da177e4 | 313 | } else if (timer_pending(&sk->sk_timer)) { |
73c1f4a0 ACM |
314 | r->idiag_timer = 2; |
315 | r->idiag_retrans = icsk->icsk_probes_out; | |
b7de529c | 316 | r->idiag_expires = |
3828a93f | 317 | jiffies_delta_to_msecs(sk->sk_timer.expires - jiffies); |
1da177e4 | 318 | } |
540722ff | 319 | |
3fd22af8 | 320 | if ((ext & (1 << (INET_DIAG_INFO - 1))) && handler->idiag_info_size) { |
6ed46d12 ND |
321 | attr = nla_reserve_64bit(skb, INET_DIAG_INFO, |
322 | handler->idiag_info_size, | |
323 | INET_DIAG_PAD); | |
6e277ed5 TG |
324 | if (!attr) |
325 | goto errout; | |
3c4d05c8 | 326 | |
6e277ed5 | 327 | info = nla_data(attr); |
1da177e4 LT |
328 | } |
329 | ||
521f1cf1 ED |
330 | if (ext & (1 << (INET_DIAG_CONG - 1))) { |
331 | int err = 0; | |
332 | ||
333 | rcu_read_lock(); | |
334 | ca_ops = READ_ONCE(icsk->icsk_ca_ops); | |
335 | if (ca_ops) | |
336 | err = nla_put_string(skb, INET_DIAG_CONG, ca_ops->name); | |
337 | rcu_read_unlock(); | |
338 | if (err < 0) | |
6e277ed5 | 339 | goto errout; |
521f1cf1 | 340 | } |
6e277ed5 | 341 | |
4f5736c4 | 342 | handler->idiag_get_info(sk, r, info); |
1da177e4 | 343 | |
b37e8840 ID |
344 | if (ext & (1 << (INET_DIAG_INFO - 1)) && handler->idiag_get_aux) |
345 | if (handler->idiag_get_aux(sk, net_admin, skb) < 0) | |
346 | goto errout; | |
347 | ||
521f1cf1 | 348 | if (sk->sk_state < TCP_TIME_WAIT) { |
64f40ff5 ED |
349 | union tcp_cc_info info; |
350 | size_t sz = 0; | |
351 | int attr; | |
521f1cf1 ED |
352 | |
353 | rcu_read_lock(); | |
354 | ca_ops = READ_ONCE(icsk->icsk_ca_ops); | |
355 | if (ca_ops && ca_ops->get_info) | |
64f40ff5 | 356 | sz = ca_ops->get_info(sk, ext, &attr, &info); |
521f1cf1 | 357 | rcu_read_unlock(); |
64f40ff5 | 358 | if (sz && nla_put(skb, attr, sz, &info) < 0) |
521f1cf1 ED |
359 | goto errout; |
360 | } | |
1da177e4 | 361 | |
085c20ca MKL |
362 | /* Keep it at the end for potential retry with a larger skb, |
363 | * or else do best-effort fitting, which is only done for the | |
364 | * first_nlmsg. | |
365 | */ | |
366 | if (cb_data->bpf_stg_diag) { | |
367 | bool first_nlmsg = ((unsigned char *)nlh == skb->data); | |
368 | unsigned int prev_min_dump_alloc; | |
369 | unsigned int total_nla_size = 0; | |
370 | unsigned int msg_len; | |
371 | int err; | |
372 | ||
373 | msg_len = skb_tail_pointer(skb) - (unsigned char *)nlh; | |
374 | err = bpf_sk_storage_diag_put(cb_data->bpf_stg_diag, sk, skb, | |
375 | INET_DIAG_SK_BPF_STORAGES, | |
376 | &total_nla_size); | |
377 | ||
378 | if (!err) | |
379 | goto out; | |
380 | ||
381 | total_nla_size += msg_len; | |
382 | prev_min_dump_alloc = cb->min_dump_alloc; | |
383 | if (total_nla_size > prev_min_dump_alloc) | |
384 | cb->min_dump_alloc = min_t(u32, total_nla_size, | |
385 | MAX_DUMP_ALLOC_SIZE); | |
386 | ||
387 | if (!first_nlmsg) | |
388 | goto errout; | |
389 | ||
390 | if (cb->min_dump_alloc > prev_min_dump_alloc) | |
391 | /* Retry with pskb_expand_head() with | |
392 | * __GFP_DIRECT_RECLAIM | |
393 | */ | |
394 | goto errout; | |
395 | ||
396 | WARN_ON_ONCE(total_nla_size <= prev_min_dump_alloc); | |
397 | ||
398 | /* Send what we have for this sk | |
399 | * and move on to the next sk in the following | |
400 | * dump() | |
401 | */ | |
402 | } | |
403 | ||
3c4d05c8 | 404 | out: |
053c095a JB |
405 | nlmsg_end(skb, nlh); |
406 | return 0; | |
1da177e4 | 407 | |
6e277ed5 TG |
408 | errout: |
409 | nlmsg_cancel(skb, nlh); | |
26932566 | 410 | return -EMSGSIZE; |
1da177e4 | 411 | } |
3c4d05c8 PE |
412 | EXPORT_SYMBOL_GPL(inet_sk_diag_fill); |
413 | ||
33cf7c90 | 414 | static int inet_twsk_diag_fill(struct sock *sk, |
e31c5e0e | 415 | struct sk_buff *skb, |
5682d393 | 416 | struct netlink_callback *cb, |
1b3fc771 | 417 | u16 nlmsg_flags, bool net_admin) |
c7d58aab | 418 | { |
33cf7c90 | 419 | struct inet_timewait_sock *tw = inet_twsk(sk); |
c7d58aab | 420 | struct inet_diag_msg *r; |
6e277ed5 | 421 | struct nlmsghdr *nlh; |
789f558c | 422 | long tmo; |
d106352d | 423 | |
5682d393 MKL |
424 | nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, |
425 | cb->nlh->nlmsg_seq, cb->nlh->nlmsg_type, | |
426 | sizeof(*r), nlmsg_flags); | |
6e277ed5 | 427 | if (!nlh) |
d106352d | 428 | return -EMSGSIZE; |
c7d58aab | 429 | |
d106352d | 430 | r = nlmsg_data(nlh); |
c7d58aab ACM |
431 | BUG_ON(tw->tw_state != TCP_TIME_WAIT); |
432 | ||
a4458343 | 433 | inet_diag_msg_common_fill(r, sk); |
c7d58aab | 434 | r->idiag_retrans = 0; |
b1aac815 | 435 | |
c7d58aab ACM |
436 | r->idiag_state = tw->tw_substate; |
437 | r->idiag_timer = 3; | |
3828a93f ED |
438 | tmo = tw->tw_timer.expires - jiffies; |
439 | r->idiag_expires = jiffies_delta_to_msecs(tmo); | |
c7d58aab ACM |
440 | r->idiag_rqueue = 0; |
441 | r->idiag_wqueue = 0; | |
442 | r->idiag_uid = 0; | |
443 | r->idiag_inode = 0; | |
6e277ed5 | 444 | |
1b3fc771 MŻ |
445 | if (net_admin && nla_put_u32(skb, INET_DIAG_MARK, |
446 | tw->tw_mark)) { | |
447 | nlmsg_cancel(skb, nlh); | |
448 | return -EMSGSIZE; | |
449 | } | |
450 | ||
053c095a JB |
451 | nlmsg_end(skb, nlh); |
452 | return 0; | |
c7d58aab ACM |
453 | } |
454 | ||
a58917f5 | 455 | static int inet_req_diag_fill(struct sock *sk, struct sk_buff *skb, |
5682d393 MKL |
456 | struct netlink_callback *cb, |
457 | u16 nlmsg_flags, bool net_admin) | |
a58917f5 | 458 | { |
d545caca | 459 | struct request_sock *reqsk = inet_reqsk(sk); |
a58917f5 ED |
460 | struct inet_diag_msg *r; |
461 | struct nlmsghdr *nlh; | |
462 | long tmo; | |
463 | ||
5682d393 MKL |
464 | nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq, |
465 | cb->nlh->nlmsg_type, sizeof(*r), nlmsg_flags); | |
a58917f5 ED |
466 | if (!nlh) |
467 | return -EMSGSIZE; | |
468 | ||
469 | r = nlmsg_data(nlh); | |
470 | inet_diag_msg_common_fill(r, sk); | |
471 | r->idiag_state = TCP_SYN_RECV; | |
472 | r->idiag_timer = 1; | |
d545caca | 473 | r->idiag_retrans = reqsk->num_retrans; |
a58917f5 ED |
474 | |
475 | BUILD_BUG_ON(offsetof(struct inet_request_sock, ir_cookie) != | |
476 | offsetof(struct sock, sk_cookie)); | |
477 | ||
fa76ce73 | 478 | tmo = inet_reqsk(sk)->rsk_timer.expires - jiffies; |
3828a93f | 479 | r->idiag_expires = jiffies_delta_to_msecs(tmo); |
a58917f5 ED |
480 | r->idiag_rqueue = 0; |
481 | r->idiag_wqueue = 0; | |
482 | r->idiag_uid = 0; | |
483 | r->idiag_inode = 0; | |
484 | ||
d545caca | 485 | if (net_admin && nla_put_u32(skb, INET_DIAG_MARK, |
e33de7c5 WH |
486 | inet_rsk(reqsk)->ir_mark)) { |
487 | nlmsg_cancel(skb, nlh); | |
d545caca | 488 | return -EMSGSIZE; |
e33de7c5 | 489 | } |
d545caca | 490 | |
a58917f5 ED |
491 | nlmsg_end(skb, nlh); |
492 | return 0; | |
493 | } | |
494 | ||
dff2c035 | 495 | static int sk_diag_fill(struct sock *sk, struct sk_buff *skb, |
5682d393 | 496 | struct netlink_callback *cb, |
34160ea3 | 497 | const struct inet_diag_req_v2 *r, |
5682d393 | 498 | u16 nlmsg_flags, bool net_admin) |
dff2c035 ACM |
499 | { |
500 | if (sk->sk_state == TCP_TIME_WAIT) | |
1b3fc771 | 501 | return inet_twsk_diag_fill(sk, skb, cb, nlmsg_flags, net_admin); |
efe4208f | 502 | |
a58917f5 | 503 | if (sk->sk_state == TCP_NEW_SYN_RECV) |
5682d393 | 504 | return inet_req_diag_fill(sk, skb, cb, nlmsg_flags, net_admin); |
a58917f5 | 505 | |
5682d393 MKL |
506 | return inet_sk_diag_fill(sk, inet_csk(sk), skb, cb, r, nlmsg_flags, |
507 | net_admin); | |
dff2c035 ACM |
508 | } |
509 | ||
b613f56e LC |
510 | struct sock *inet_diag_find_one_icsk(struct net *net, |
511 | struct inet_hashinfo *hashinfo, | |
512 | const struct inet_diag_req_v2 *req) | |
1da177e4 | 513 | { |
e31c5e0e | 514 | struct sock *sk; |
d523a328 | 515 | |
2d331915 | 516 | rcu_read_lock(); |
e31c5e0e | 517 | if (req->sdiag_family == AF_INET) |
a583636a | 518 | sk = inet_lookup(net, hashinfo, NULL, 0, req->id.idiag_dst[0], |
73c1f4a0 ACM |
519 | req->id.idiag_dport, req->id.idiag_src[0], |
520 | req->id.idiag_sport, req->id.idiag_if); | |
dfd56b8b | 521 | #if IS_ENABLED(CONFIG_IPV6) |
7c130672 ED |
522 | else if (req->sdiag_family == AF_INET6) { |
523 | if (ipv6_addr_v4mapped((struct in6_addr *)req->id.idiag_dst) && | |
524 | ipv6_addr_v4mapped((struct in6_addr *)req->id.idiag_src)) | |
a583636a | 525 | sk = inet_lookup(net, hashinfo, NULL, 0, req->id.idiag_dst[3], |
7c130672 ED |
526 | req->id.idiag_dport, req->id.idiag_src[3], |
527 | req->id.idiag_sport, req->id.idiag_if); | |
528 | else | |
a583636a | 529 | sk = inet6_lookup(net, hashinfo, NULL, 0, |
7c130672 ED |
530 | (struct in6_addr *)req->id.idiag_dst, |
531 | req->id.idiag_dport, | |
532 | (struct in6_addr *)req->id.idiag_src, | |
533 | req->id.idiag_sport, | |
534 | req->id.idiag_if); | |
535 | } | |
1da177e4 | 536 | #endif |
2d331915 ED |
537 | else { |
538 | rcu_read_unlock(); | |
b613f56e | 539 | return ERR_PTR(-EINVAL); |
2d331915 ED |
540 | } |
541 | rcu_read_unlock(); | |
e31c5e0e | 542 | if (!sk) |
b613f56e | 543 | return ERR_PTR(-ENOENT); |
1da177e4 | 544 | |
b613f56e LC |
545 | if (sock_diag_check_cookie(sk, req->id.idiag_cookie)) { |
546 | sock_gen_put(sk); | |
547 | return ERR_PTR(-ENOENT); | |
548 | } | |
549 | ||
550 | return sk; | |
551 | } | |
552 | EXPORT_SYMBOL_GPL(inet_diag_find_one_icsk); | |
553 | ||
554 | int inet_diag_dump_one_icsk(struct inet_hashinfo *hashinfo, | |
5682d393 | 555 | struct netlink_callback *cb, |
b613f56e LC |
556 | const struct inet_diag_req_v2 *req) |
557 | { | |
5682d393 | 558 | struct sk_buff *in_skb = cb->skb; |
b37e8840 | 559 | bool net_admin = netlink_net_capable(in_skb, CAP_NET_ADMIN); |
b613f56e LC |
560 | struct net *net = sock_net(in_skb->sk); |
561 | struct sk_buff *rep; | |
562 | struct sock *sk; | |
563 | int err; | |
564 | ||
565 | sk = inet_diag_find_one_icsk(net, hashinfo, req); | |
566 | if (IS_ERR(sk)) | |
567 | return PTR_ERR(sk); | |
1da177e4 | 568 | |
b37e8840 | 569 | rep = nlmsg_new(inet_sk_attr_size(sk, req, net_admin), GFP_KERNEL); |
6e277ed5 TG |
570 | if (!rep) { |
571 | err = -ENOMEM; | |
1da177e4 | 572 | goto out; |
6e277ed5 | 573 | } |
1da177e4 | 574 | |
5682d393 | 575 | err = sk_diag_fill(sk, rep, cb, req, 0, net_admin); |
26932566 PM |
576 | if (err < 0) { |
577 | WARN_ON(err == -EMSGSIZE); | |
6e277ed5 | 578 | nlmsg_free(rep); |
26932566 PM |
579 | goto out; |
580 | } | |
01757f53 | 581 | err = nlmsg_unicast(net->diag_nlsk, rep, NETLINK_CB(in_skb).portid); |
1da177e4 LT |
582 | |
583 | out: | |
c1d607cc ED |
584 | if (sk) |
585 | sock_gen_put(sk); | |
586 | ||
476f7dbf PE |
587 | return err; |
588 | } | |
1942c518 | 589 | EXPORT_SYMBOL_GPL(inet_diag_dump_one_icsk); |
476f7dbf | 590 | |
6eb5d2e0 | 591 | static int inet_diag_cmd_exact(int cmd, struct sk_buff *in_skb, |
476f7dbf | 592 | const struct nlmsghdr *nlh, |
3f935c75 | 593 | int hdrlen, |
34160ea3 | 594 | const struct inet_diag_req_v2 *req) |
476f7dbf PE |
595 | { |
596 | const struct inet_diag_handler *handler; | |
3f935c75 PA |
597 | struct inet_diag_dump_data dump_data; |
598 | int err, protocol; | |
599 | ||
600 | memset(&dump_data, 0, sizeof(dump_data)); | |
d5e4d0a5 ED |
601 | err = inet_diag_parse_attrs(nlh, hdrlen, dump_data.req_nlas); |
602 | if (err) | |
603 | return err; | |
604 | ||
3f935c75 | 605 | protocol = inet_diag_get_protocol(req, &dump_data); |
476f7dbf | 606 | |
3f935c75 | 607 | handler = inet_diag_lock_handler(protocol); |
5682d393 | 608 | if (IS_ERR(handler)) { |
476f7dbf | 609 | err = PTR_ERR(handler); |
5682d393 MKL |
610 | } else if (cmd == SOCK_DIAG_BY_FAMILY) { |
611 | struct netlink_callback cb = { | |
612 | .nlh = nlh, | |
613 | .skb = in_skb, | |
3f935c75 | 614 | .data = &dump_data, |
5682d393 MKL |
615 | }; |
616 | err = handler->dump_one(&cb, req); | |
617 | } else if (cmd == SOCK_DESTROY && handler->destroy) { | |
6eb5d2e0 | 618 | err = handler->destroy(in_skb, req); |
5682d393 | 619 | } else { |
6eb5d2e0 | 620 | err = -EOPNOTSUPP; |
5682d393 | 621 | } |
d523a328 | 622 | inet_diag_unlock_handler(handler); |
476f7dbf | 623 | |
1da177e4 LT |
624 | return err; |
625 | } | |
626 | ||
9f855299 | 627 | static int bitstring_match(const __be32 *a1, const __be32 *a2, int bits) |
1da177e4 LT |
628 | { |
629 | int words = bits >> 5; | |
630 | ||
631 | bits &= 0x1f; | |
632 | ||
633 | if (words) { | |
634 | if (memcmp(a1, a2, words << 2)) | |
635 | return 0; | |
636 | } | |
637 | if (bits) { | |
9f855299 AV |
638 | __be32 w1, w2; |
639 | __be32 mask; | |
1da177e4 LT |
640 | |
641 | w1 = a1[words]; | |
642 | w2 = a2[words]; | |
643 | ||
644 | mask = htonl((0xffffffff) << (32 - bits)); | |
645 | ||
646 | if ((w1 ^ w2) & mask) | |
647 | return 0; | |
648 | } | |
649 | ||
650 | return 1; | |
651 | } | |
652 | ||
87c22ea5 | 653 | static int inet_diag_bc_run(const struct nlattr *_bc, |
e31c5e0e | 654 | const struct inet_diag_entry *entry) |
1da177e4 | 655 | { |
87c22ea5 PE |
656 | const void *bc = nla_data(_bc); |
657 | int len = nla_len(_bc); | |
658 | ||
1da177e4 LT |
659 | while (len > 0) { |
660 | int yes = 1; | |
73c1f4a0 | 661 | const struct inet_diag_bc_op *op = bc; |
1da177e4 LT |
662 | |
663 | switch (op->code) { | |
73c1f4a0 | 664 | case INET_DIAG_BC_NOP: |
1da177e4 | 665 | break; |
73c1f4a0 | 666 | case INET_DIAG_BC_JMP: |
1da177e4 LT |
667 | yes = 0; |
668 | break; | |
bbb6189d KE |
669 | case INET_DIAG_BC_S_EQ: |
670 | yes = entry->sport == op[1].no; | |
671 | break; | |
73c1f4a0 | 672 | case INET_DIAG_BC_S_GE: |
1da177e4 LT |
673 | yes = entry->sport >= op[1].no; |
674 | break; | |
73c1f4a0 | 675 | case INET_DIAG_BC_S_LE: |
b4ced2b7 | 676 | yes = entry->sport <= op[1].no; |
1da177e4 | 677 | break; |
bbb6189d KE |
678 | case INET_DIAG_BC_D_EQ: |
679 | yes = entry->dport == op[1].no; | |
680 | break; | |
73c1f4a0 | 681 | case INET_DIAG_BC_D_GE: |
1da177e4 LT |
682 | yes = entry->dport >= op[1].no; |
683 | break; | |
73c1f4a0 | 684 | case INET_DIAG_BC_D_LE: |
1da177e4 LT |
685 | yes = entry->dport <= op[1].no; |
686 | break; | |
73c1f4a0 | 687 | case INET_DIAG_BC_AUTO: |
1da177e4 LT |
688 | yes = !(entry->userlocks & SOCK_BINDPORT_LOCK); |
689 | break; | |
73c1f4a0 | 690 | case INET_DIAG_BC_S_COND: |
a8c2190e | 691 | case INET_DIAG_BC_D_COND: { |
e31c5e0e ED |
692 | const struct inet_diag_hostcond *cond; |
693 | const __be32 *addr; | |
1da177e4 | 694 | |
e31c5e0e | 695 | cond = (const struct inet_diag_hostcond *)(op + 1); |
1da177e4 | 696 | if (cond->port != -1 && |
73c1f4a0 | 697 | cond->port != (op->code == INET_DIAG_BC_S_COND ? |
1da177e4 LT |
698 | entry->sport : entry->dport)) { |
699 | yes = 0; | |
700 | break; | |
701 | } | |
4e852c02 | 702 | |
73c1f4a0 | 703 | if (op->code == INET_DIAG_BC_S_COND) |
1da177e4 LT |
704 | addr = entry->saddr; |
705 | else | |
706 | addr = entry->daddr; | |
707 | ||
f67caec9 NC |
708 | if (cond->family != AF_UNSPEC && |
709 | cond->family != entry->family) { | |
710 | if (entry->family == AF_INET6 && | |
711 | cond->family == AF_INET) { | |
712 | if (addr[0] == 0 && addr[1] == 0 && | |
713 | addr[2] == htonl(0xffff) && | |
714 | bitstring_match(addr + 3, | |
715 | cond->addr, | |
716 | cond->prefix_len)) | |
717 | break; | |
718 | } | |
719 | yes = 0; | |
720 | break; | |
721 | } | |
722 | ||
723 | if (cond->prefix_len == 0) | |
724 | break; | |
4e852c02 ACM |
725 | if (bitstring_match(addr, cond->addr, |
726 | cond->prefix_len)) | |
1da177e4 | 727 | break; |
1da177e4 LT |
728 | yes = 0; |
729 | break; | |
730 | } | |
637c841d DA |
731 | case INET_DIAG_BC_DEV_COND: { |
732 | u32 ifindex; | |
733 | ||
734 | ifindex = *((const u32 *)(op + 1)); | |
735 | if (ifindex != entry->ifindex) | |
736 | yes = 0; | |
737 | break; | |
738 | } | |
a52e95ab LC |
739 | case INET_DIAG_BC_MARK_COND: { |
740 | struct inet_diag_markcond *cond; | |
741 | ||
742 | cond = (struct inet_diag_markcond *)(op + 1); | |
743 | if ((entry->mark & cond->mask) != cond->mark) | |
744 | yes = 0; | |
745 | break; | |
746 | } | |
b1f3e43d DY |
747 | #ifdef CONFIG_SOCK_CGROUP_DATA |
748 | case INET_DIAG_BC_CGROUP_COND: { | |
749 | u64 cgroup_id; | |
750 | ||
751 | cgroup_id = get_unaligned((const u64 *)(op + 1)); | |
752 | if (cgroup_id != entry->cgroup_id) | |
753 | yes = 0; | |
754 | break; | |
755 | } | |
756 | #endif | |
1da177e4 LT |
757 | } |
758 | ||
4e852c02 | 759 | if (yes) { |
1da177e4 LT |
760 | len -= op->yes; |
761 | bc += op->yes; | |
762 | } else { | |
763 | len -= op->no; | |
764 | bc += op->no; | |
765 | } | |
766 | } | |
a02cec21 | 767 | return len == 0; |
1da177e4 LT |
768 | } |
769 | ||
a4458343 ED |
770 | /* This helper is available for all sockets (ESTABLISH, TIMEWAIT, SYN_RECV) |
771 | */ | |
772 | static void entry_fill_addrs(struct inet_diag_entry *entry, | |
773 | const struct sock *sk) | |
774 | { | |
775 | #if IS_ENABLED(CONFIG_IPV6) | |
776 | if (sk->sk_family == AF_INET6) { | |
777 | entry->saddr = sk->sk_v6_rcv_saddr.s6_addr32; | |
778 | entry->daddr = sk->sk_v6_daddr.s6_addr32; | |
779 | } else | |
780 | #endif | |
781 | { | |
782 | entry->saddr = &sk->sk_rcv_saddr; | |
783 | entry->daddr = &sk->sk_daddr; | |
784 | } | |
785 | } | |
786 | ||
8d07d151 PE |
787 | int inet_diag_bc_sk(const struct nlattr *bc, struct sock *sk) |
788 | { | |
8d07d151 | 789 | struct inet_sock *inet = inet_sk(sk); |
e31c5e0e | 790 | struct inet_diag_entry entry; |
8d07d151 | 791 | |
e31c5e0e | 792 | if (!bc) |
8d07d151 PE |
793 | return 1; |
794 | ||
795 | entry.family = sk->sk_family; | |
a4458343 | 796 | entry_fill_addrs(&entry, sk); |
8d07d151 PE |
797 | entry.sport = inet->inet_num; |
798 | entry.dport = ntohs(inet->inet_dport); | |
637c841d | 799 | entry.ifindex = sk->sk_bound_dev_if; |
a58917f5 | 800 | entry.userlocks = sk_fullsock(sk) ? sk->sk_userlocks : 0; |
a52e95ab | 801 | if (sk_fullsock(sk)) |
3c5b4d69 | 802 | entry.mark = READ_ONCE(sk->sk_mark); |
a52e95ab LC |
803 | else if (sk->sk_state == TCP_NEW_SYN_RECV) |
804 | entry.mark = inet_rsk(inet_reqsk(sk))->ir_mark; | |
1b3fc771 MŻ |
805 | else if (sk->sk_state == TCP_TIME_WAIT) |
806 | entry.mark = inet_twsk(sk)->tw_mark; | |
a52e95ab LC |
807 | else |
808 | entry.mark = 0; | |
b1f3e43d | 809 | #ifdef CONFIG_SOCK_CGROUP_DATA |
ee1bd483 DY |
810 | entry.cgroup_id = sk_fullsock(sk) ? |
811 | cgroup_id(sock_cgroup_ptr(&sk->sk_cgrp_data)) : 0; | |
b1f3e43d | 812 | #endif |
8d07d151 PE |
813 | |
814 | return inet_diag_bc_run(bc, &entry); | |
815 | } | |
816 | EXPORT_SYMBOL_GPL(inet_diag_bc_sk); | |
817 | ||
1da177e4 LT |
818 | static int valid_cc(const void *bc, int len, int cc) |
819 | { | |
820 | while (len >= 0) { | |
73c1f4a0 | 821 | const struct inet_diag_bc_op *op = bc; |
1da177e4 LT |
822 | |
823 | if (cc > len) | |
824 | return 0; | |
825 | if (cc == len) | |
826 | return 1; | |
eeb14972 | 827 | if (op->yes < 4 || op->yes & 3) |
1da177e4 LT |
828 | return 0; |
829 | len -= op->yes; | |
830 | bc += op->yes; | |
831 | } | |
832 | return 0; | |
833 | } | |
834 | ||
637c841d DA |
835 | /* data is u32 ifindex */ |
836 | static bool valid_devcond(const struct inet_diag_bc_op *op, int len, | |
837 | int *min_len) | |
838 | { | |
839 | /* Check ifindex space. */ | |
840 | *min_len += sizeof(u32); | |
841 | if (len < *min_len) | |
842 | return false; | |
843 | ||
844 | return true; | |
845 | } | |
405c0059 NC |
846 | /* Validate an inet_diag_hostcond. */ |
847 | static bool valid_hostcond(const struct inet_diag_bc_op *op, int len, | |
848 | int *min_len) | |
849 | { | |
405c0059 | 850 | struct inet_diag_hostcond *cond; |
e31c5e0e | 851 | int addr_len; |
405c0059 NC |
852 | |
853 | /* Check hostcond space. */ | |
854 | *min_len += sizeof(struct inet_diag_hostcond); | |
855 | if (len < *min_len) | |
856 | return false; | |
857 | cond = (struct inet_diag_hostcond *)(op + 1); | |
858 | ||
859 | /* Check address family and address length. */ | |
860 | switch (cond->family) { | |
861 | case AF_UNSPEC: | |
862 | addr_len = 0; | |
863 | break; | |
864 | case AF_INET: | |
865 | addr_len = sizeof(struct in_addr); | |
866 | break; | |
867 | case AF_INET6: | |
868 | addr_len = sizeof(struct in6_addr); | |
869 | break; | |
870 | default: | |
871 | return false; | |
872 | } | |
873 | *min_len += addr_len; | |
874 | if (len < *min_len) | |
875 | return false; | |
876 | ||
877 | /* Check prefix length (in bits) vs address length (in bytes). */ | |
878 | if (cond->prefix_len > 8 * addr_len) | |
879 | return false; | |
880 | ||
881 | return true; | |
882 | } | |
883 | ||
5e1f5420 | 884 | /* Validate a port comparison operator. */ |
e31c5e0e ED |
885 | static bool valid_port_comparison(const struct inet_diag_bc_op *op, |
886 | int len, int *min_len) | |
5e1f5420 NC |
887 | { |
888 | /* Port comparisons put the port in a follow-on inet_diag_bc_op. */ | |
889 | *min_len += sizeof(struct inet_diag_bc_op); | |
890 | if (len < *min_len) | |
891 | return false; | |
892 | return true; | |
893 | } | |
894 | ||
a52e95ab LC |
895 | static bool valid_markcond(const struct inet_diag_bc_op *op, int len, |
896 | int *min_len) | |
1da177e4 | 897 | { |
a52e95ab LC |
898 | *min_len += sizeof(struct inet_diag_markcond); |
899 | return len >= *min_len; | |
900 | } | |
901 | ||
b1f3e43d DY |
902 | #ifdef CONFIG_SOCK_CGROUP_DATA |
903 | static bool valid_cgroupcond(const struct inet_diag_bc_op *op, int len, | |
904 | int *min_len) | |
905 | { | |
906 | *min_len += sizeof(u64); | |
907 | return len >= *min_len; | |
908 | } | |
909 | #endif | |
910 | ||
a52e95ab LC |
911 | static int inet_diag_bc_audit(const struct nlattr *attr, |
912 | const struct sk_buff *skb) | |
913 | { | |
914 | bool net_admin = netlink_net_capable(skb, CAP_NET_ADMIN); | |
627cc4ad LC |
915 | const void *bytecode, *bc; |
916 | int bytecode_len, len; | |
917 | ||
918 | if (!attr || nla_len(attr) < sizeof(struct inet_diag_bc_op)) | |
919 | return -EINVAL; | |
920 | ||
921 | bytecode = bc = nla_data(attr); | |
922 | len = bytecode_len = nla_len(attr); | |
1da177e4 LT |
923 | |
924 | while (len > 0) { | |
405c0059 | 925 | int min_len = sizeof(struct inet_diag_bc_op); |
e31c5e0e | 926 | const struct inet_diag_bc_op *op = bc; |
1da177e4 | 927 | |
1da177e4 | 928 | switch (op->code) { |
73c1f4a0 ACM |
929 | case INET_DIAG_BC_S_COND: |
930 | case INET_DIAG_BC_D_COND: | |
405c0059 NC |
931 | if (!valid_hostcond(bc, len, &min_len)) |
932 | return -EINVAL; | |
5e1f5420 | 933 | break; |
637c841d DA |
934 | case INET_DIAG_BC_DEV_COND: |
935 | if (!valid_devcond(bc, len, &min_len)) | |
936 | return -EINVAL; | |
937 | break; | |
bbb6189d | 938 | case INET_DIAG_BC_S_EQ: |
73c1f4a0 ACM |
939 | case INET_DIAG_BC_S_GE: |
940 | case INET_DIAG_BC_S_LE: | |
bbb6189d | 941 | case INET_DIAG_BC_D_EQ: |
73c1f4a0 ACM |
942 | case INET_DIAG_BC_D_GE: |
943 | case INET_DIAG_BC_D_LE: | |
5e1f5420 | 944 | if (!valid_port_comparison(bc, len, &min_len)) |
1da177e4 LT |
945 | return -EINVAL; |
946 | break; | |
a52e95ab LC |
947 | case INET_DIAG_BC_MARK_COND: |
948 | if (!net_admin) | |
949 | return -EPERM; | |
950 | if (!valid_markcond(bc, len, &min_len)) | |
951 | return -EINVAL; | |
952 | break; | |
b1f3e43d DY |
953 | #ifdef CONFIG_SOCK_CGROUP_DATA |
954 | case INET_DIAG_BC_CGROUP_COND: | |
955 | if (!valid_cgroupcond(bc, len, &min_len)) | |
956 | return -EINVAL; | |
957 | break; | |
958 | #endif | |
5e1f5420 NC |
959 | case INET_DIAG_BC_AUTO: |
960 | case INET_DIAG_BC_JMP: | |
73c1f4a0 | 961 | case INET_DIAG_BC_NOP: |
1da177e4 LT |
962 | break; |
963 | default: | |
964 | return -EINVAL; | |
965 | } | |
5e1f5420 NC |
966 | |
967 | if (op->code != INET_DIAG_BC_NOP) { | |
968 | if (op->no < min_len || op->no > len + 4 || op->no & 3) | |
969 | return -EINVAL; | |
970 | if (op->no < len && | |
971 | !valid_cc(bytecode, bytecode_len, len - op->no)) | |
972 | return -EINVAL; | |
973 | } | |
974 | ||
405c0059 | 975 | if (op->yes < min_len || op->yes > len + 4 || op->yes & 3) |
eeb14972 | 976 | return -EINVAL; |
4e852c02 | 977 | bc += op->yes; |
1da177e4 LT |
978 | len -= op->yes; |
979 | } | |
980 | return len == 0 ? 0 : -EINVAL; | |
981 | } | |
982 | ||
49612729 ED |
983 | static void twsk_build_assert(void) |
984 | { | |
985 | BUILD_BUG_ON(offsetof(struct inet_timewait_sock, tw_family) != | |
986 | offsetof(struct sock, sk_family)); | |
987 | ||
988 | BUILD_BUG_ON(offsetof(struct inet_timewait_sock, tw_num) != | |
989 | offsetof(struct inet_sock, inet_num)); | |
990 | ||
991 | BUILD_BUG_ON(offsetof(struct inet_timewait_sock, tw_dport) != | |
992 | offsetof(struct inet_sock, inet_dport)); | |
993 | ||
994 | BUILD_BUG_ON(offsetof(struct inet_timewait_sock, tw_rcv_saddr) != | |
995 | offsetof(struct inet_sock, inet_rcv_saddr)); | |
996 | ||
997 | BUILD_BUG_ON(offsetof(struct inet_timewait_sock, tw_daddr) != | |
998 | offsetof(struct inet_sock, inet_daddr)); | |
999 | ||
1000 | #if IS_ENABLED(CONFIG_IPV6) | |
1001 | BUILD_BUG_ON(offsetof(struct inet_timewait_sock, tw_v6_rcv_saddr) != | |
1002 | offsetof(struct sock, sk_v6_rcv_saddr)); | |
1003 | ||
1004 | BUILD_BUG_ON(offsetof(struct inet_timewait_sock, tw_v6_daddr) != | |
1005 | offsetof(struct sock, sk_v6_daddr)); | |
1006 | #endif | |
1007 | } | |
1008 | ||
1942c518 | 1009 | void inet_diag_dump_icsk(struct inet_hashinfo *hashinfo, struct sk_buff *skb, |
e31c5e0e | 1010 | struct netlink_callback *cb, |
0df6d328 | 1011 | const struct inet_diag_req_v2 *r) |
1da177e4 | 1012 | { |
67db3e4b | 1013 | bool net_admin = netlink_net_capable(cb->skb, CAP_NET_ADMIN); |
0df6d328 | 1014 | struct inet_diag_dump_data *cb_data = cb->data; |
51d7cccf | 1015 | struct net *net = sock_net(skb->sk); |
079096f1 | 1016 | u32 idiag_states = r->idiag_states; |
67db3e4b | 1017 | int i, num, s_i, s_num; |
0df6d328 | 1018 | struct nlattr *bc; |
67db3e4b | 1019 | struct sock *sk; |
4e852c02 | 1020 | |
0df6d328 | 1021 | bc = cb_data->inet_diag_nla_bc; |
079096f1 ED |
1022 | if (idiag_states & TCPF_SYN_RECV) |
1023 | idiag_states |= TCPF_NEW_SYN_RECV; | |
1da177e4 LT |
1024 | s_i = cb->args[1]; |
1025 | s_num = num = cb->args[2]; | |
4f5736c4 | 1026 | |
1da177e4 | 1027 | if (cb->args[0] == 0) { |
9652dc2e | 1028 | if (!(idiag_states & TCPF_LISTEN) || r->id.idiag_dport) |
1da177e4 | 1029 | goto skip_listen_ht; |
540722ff | 1030 | |
cae3873c | 1031 | for (i = s_i; i <= hashinfo->lhash2_mask; i++) { |
5caea4ea | 1032 | struct inet_listen_hashbucket *ilb; |
8dbd76e7 | 1033 | struct hlist_nulls_node *node; |
1da177e4 LT |
1034 | |
1035 | num = 0; | |
cae3873c MKL |
1036 | ilb = &hashinfo->lhash2[i]; |
1037 | ||
9652dc2e | 1038 | spin_lock(&ilb->lock); |
8dbd76e7 | 1039 | sk_nulls_for_each(sk, node, &ilb->nulls_head) { |
1da177e4 LT |
1040 | struct inet_sock *inet = inet_sk(sk); |
1041 | ||
51d7cccf AV |
1042 | if (!net_eq(sock_net(sk), net)) |
1043 | continue; | |
1044 | ||
1da177e4 LT |
1045 | if (num < s_num) { |
1046 | num++; | |
1047 | continue; | |
1048 | } | |
1049 | ||
d23deaa0 | 1050 | if (r->sdiag_family != AF_UNSPEC && |
e31c5e0e | 1051 | sk->sk_family != r->sdiag_family) |
d23deaa0 PE |
1052 | goto next_listen; |
1053 | ||
c720c7e8 | 1054 | if (r->id.idiag_sport != inet->inet_sport && |
73c1f4a0 | 1055 | r->id.idiag_sport) |
1da177e4 LT |
1056 | goto next_listen; |
1057 | ||
5682d393 MKL |
1058 | if (!inet_diag_bc_sk(bc, sk)) |
1059 | goto next_listen; | |
1060 | ||
1061 | if (inet_sk_diag_fill(sk, inet_csk(sk), skb, | |
1062 | cb, r, NLM_F_MULTI, | |
1063 | net_admin) < 0) { | |
9652dc2e | 1064 | spin_unlock(&ilb->lock); |
1da177e4 LT |
1065 | goto done; |
1066 | } | |
1067 | ||
1068 | next_listen: | |
1da177e4 LT |
1069 | ++num; |
1070 | } | |
9652dc2e | 1071 | spin_unlock(&ilb->lock); |
1da177e4 LT |
1072 | |
1073 | s_num = 0; | |
1da177e4 | 1074 | } |
1da177e4 LT |
1075 | skip_listen_ht: |
1076 | cb->args[0] = 1; | |
1077 | s_i = num = s_num = 0; | |
1078 | } | |
1079 | ||
079096f1 | 1080 | if (!(idiag_states & ~TCPF_LISTEN)) |
efb3cb42 | 1081 | goto out; |
1da177e4 | 1082 | |
67db3e4b | 1083 | #define SKARR_SZ 16 |
f373b53b | 1084 | for (i = s_i; i <= hashinfo->ehash_mask; i++) { |
540722ff | 1085 | struct inet_ehash_bucket *head = &hashinfo->ehash[i]; |
7e3aab4a | 1086 | spinlock_t *lock = inet_ehash_lockp(hashinfo, i); |
3ab5aee7 | 1087 | struct hlist_nulls_node *node; |
67db3e4b ED |
1088 | struct sock *sk_arr[SKARR_SZ]; |
1089 | int num_arr[SKARR_SZ]; | |
1090 | int idx, accum, res; | |
6be547a6 | 1091 | |
05dbc7b5 | 1092 | if (hlist_nulls_empty(&head->chain)) |
6be547a6 AK |
1093 | continue; |
1094 | ||
1da177e4 LT |
1095 | if (i > s_i) |
1096 | s_num = 0; | |
1097 | ||
67db3e4b ED |
1098 | next_chunk: |
1099 | num = 0; | |
1100 | accum = 0; | |
7e3aab4a | 1101 | spin_lock_bh(lock); |
3ab5aee7 | 1102 | sk_nulls_for_each(sk, node, &head->chain) { |
67db3e4b | 1103 | int state; |
1da177e4 | 1104 | |
51d7cccf AV |
1105 | if (!net_eq(sock_net(sk), net)) |
1106 | continue; | |
1da177e4 LT |
1107 | if (num < s_num) |
1108 | goto next_normal; | |
70315d22 NC |
1109 | state = (sk->sk_state == TCP_TIME_WAIT) ? |
1110 | inet_twsk(sk)->tw_substate : sk->sk_state; | |
079096f1 | 1111 | if (!(idiag_states & (1 << state))) |
1da177e4 | 1112 | goto next_normal; |
d23deaa0 | 1113 | if (r->sdiag_family != AF_UNSPEC && |
05dbc7b5 | 1114 | sk->sk_family != r->sdiag_family) |
d23deaa0 | 1115 | goto next_normal; |
05dbc7b5 | 1116 | if (r->id.idiag_sport != htons(sk->sk_num) && |
73c1f4a0 | 1117 | r->id.idiag_sport) |
1da177e4 | 1118 | goto next_normal; |
05dbc7b5 | 1119 | if (r->id.idiag_dport != sk->sk_dport && |
4e852c02 | 1120 | r->id.idiag_dport) |
1da177e4 | 1121 | goto next_normal; |
a58917f5 ED |
1122 | twsk_build_assert(); |
1123 | ||
1124 | if (!inet_diag_bc_sk(bc, sk)) | |
1125 | goto next_normal; | |
1126 | ||
f0c928d8 ED |
1127 | if (!refcount_inc_not_zero(&sk->sk_refcnt)) |
1128 | goto next_normal; | |
1129 | ||
67db3e4b ED |
1130 | num_arr[accum] = num; |
1131 | sk_arr[accum] = sk; | |
1132 | if (++accum == SKARR_SZ) | |
1133 | break; | |
1134 | next_normal: | |
1135 | ++num; | |
1136 | } | |
1137 | spin_unlock_bh(lock); | |
1138 | res = 0; | |
1139 | for (idx = 0; idx < accum; idx++) { | |
1140 | if (res >= 0) { | |
5682d393 MKL |
1141 | res = sk_diag_fill(sk_arr[idx], skb, cb, r, |
1142 | NLM_F_MULTI, net_admin); | |
67db3e4b ED |
1143 | if (res < 0) |
1144 | num = num_arr[idx]; | |
1da177e4 | 1145 | } |
67db3e4b | 1146 | sock_gen_put(sk_arr[idx]); |
1da177e4 | 1147 | } |
67db3e4b ED |
1148 | if (res < 0) |
1149 | break; | |
acffb584 | 1150 | cond_resched(); |
67db3e4b ED |
1151 | if (accum == SKARR_SZ) { |
1152 | s_num = num + 1; | |
1153 | goto next_chunk; | |
1154 | } | |
1da177e4 LT |
1155 | } |
1156 | ||
1157 | done: | |
1158 | cb->args[1] = i; | |
1159 | cb->args[2] = num; | |
efb3cb42 PE |
1160 | out: |
1161 | ; | |
1162 | } | |
1942c518 | 1163 | EXPORT_SYMBOL_GPL(inet_diag_dump_icsk); |
efb3cb42 PE |
1164 | |
1165 | static int __inet_diag_dump(struct sk_buff *skb, struct netlink_callback *cb, | |
0df6d328 | 1166 | const struct inet_diag_req_v2 *r) |
efb3cb42 | 1167 | { |
3f935c75 | 1168 | struct inet_diag_dump_data *cb_data = cb->data; |
efb3cb42 | 1169 | const struct inet_diag_handler *handler; |
085c20ca | 1170 | u32 prev_min_dump_alloc; |
3f935c75 PA |
1171 | int protocol, err = 0; |
1172 | ||
1173 | protocol = inet_diag_get_protocol(r, cb_data); | |
efb3cb42 | 1174 | |
085c20ca MKL |
1175 | again: |
1176 | prev_min_dump_alloc = cb->min_dump_alloc; | |
3f935c75 | 1177 | handler = inet_diag_lock_handler(protocol); |
efb3cb42 | 1178 | if (!IS_ERR(handler)) |
0df6d328 | 1179 | handler->dump(skb, cb, r); |
cacb6ba0 CG |
1180 | else |
1181 | err = PTR_ERR(handler); | |
d523a328 | 1182 | inet_diag_unlock_handler(handler); |
efb3cb42 | 1183 | |
085c20ca MKL |
1184 | /* The skb is not large enough to fit one sk info and |
1185 | * inet_sk_diag_fill() has requested for a larger skb. | |
1186 | */ | |
1187 | if (!skb->len && cb->min_dump_alloc > prev_min_dump_alloc) { | |
1188 | err = pskb_expand_head(skb, 0, cb->min_dump_alloc, GFP_KERNEL); | |
1189 | if (!err) | |
1190 | goto again; | |
1191 | } | |
1192 | ||
cacb6ba0 | 1193 | return err ? : skb->len; |
1da177e4 LT |
1194 | } |
1195 | ||
25c4cd2b PE |
1196 | static int inet_diag_dump(struct sk_buff *skb, struct netlink_callback *cb) |
1197 | { | |
0df6d328 MKL |
1198 | return __inet_diag_dump(skb, cb, nlmsg_data(cb->nlh)); |
1199 | } | |
1200 | ||
1201 | static int __inet_diag_dump_start(struct netlink_callback *cb, int hdrlen) | |
1202 | { | |
1203 | const struct nlmsghdr *nlh = cb->nlh; | |
1204 | struct inet_diag_dump_data *cb_data; | |
1205 | struct sk_buff *skb = cb->skb; | |
1206 | struct nlattr *nla; | |
3f935c75 | 1207 | int err; |
0df6d328 MKL |
1208 | |
1209 | cb_data = kzalloc(sizeof(*cb_data), GFP_KERNEL); | |
1210 | if (!cb_data) | |
1211 | return -ENOMEM; | |
1212 | ||
d5e4d0a5 ED |
1213 | err = inet_diag_parse_attrs(nlh, hdrlen, cb_data->req_nlas); |
1214 | if (err) { | |
1215 | kfree(cb_data); | |
1216 | return err; | |
1217 | } | |
0df6d328 MKL |
1218 | nla = cb_data->inet_diag_nla_bc; |
1219 | if (nla) { | |
1220 | err = inet_diag_bc_audit(nla, skb); | |
1221 | if (err) { | |
1222 | kfree(cb_data); | |
1223 | return err; | |
1224 | } | |
1225 | } | |
25c4cd2b | 1226 | |
085c20ca MKL |
1227 | nla = cb_data->inet_diag_nla_bpf_stgs; |
1228 | if (nla) { | |
1229 | struct bpf_sk_storage_diag *bpf_stg_diag; | |
1230 | ||
1231 | bpf_stg_diag = bpf_sk_storage_diag_alloc(nla); | |
1232 | if (IS_ERR(bpf_stg_diag)) { | |
1233 | kfree(cb_data); | |
1234 | return PTR_ERR(bpf_stg_diag); | |
1235 | } | |
1236 | cb_data->bpf_stg_diag = bpf_stg_diag; | |
1237 | } | |
1238 | ||
0df6d328 MKL |
1239 | cb->data = cb_data; |
1240 | return 0; | |
1241 | } | |
25c4cd2b | 1242 | |
0df6d328 MKL |
1243 | static int inet_diag_dump_start(struct netlink_callback *cb) |
1244 | { | |
1245 | return __inet_diag_dump_start(cb, sizeof(struct inet_diag_req_v2)); | |
1246 | } | |
1247 | ||
1248 | static int inet_diag_dump_start_compat(struct netlink_callback *cb) | |
1249 | { | |
1250 | return __inet_diag_dump_start(cb, sizeof(struct inet_diag_req)); | |
1251 | } | |
1252 | ||
1253 | static int inet_diag_dump_done(struct netlink_callback *cb) | |
1254 | { | |
085c20ca MKL |
1255 | struct inet_diag_dump_data *cb_data = cb->data; |
1256 | ||
1257 | bpf_sk_storage_diag_free(cb_data->bpf_stg_diag); | |
0df6d328 MKL |
1258 | kfree(cb->data); |
1259 | ||
1260 | return 0; | |
25c4cd2b PE |
1261 | } |
1262 | ||
e31c5e0e | 1263 | static int inet_diag_type2proto(int type) |
a029fe26 PE |
1264 | { |
1265 | switch (type) { | |
1266 | case TCPDIAG_GETSOCK: | |
1267 | return IPPROTO_TCP; | |
1268 | case DCCPDIAG_GETSOCK: | |
1269 | return IPPROTO_DCCP; | |
1270 | default: | |
1271 | return 0; | |
1272 | } | |
1273 | } | |
1274 | ||
e31c5e0e ED |
1275 | static int inet_diag_dump_compat(struct sk_buff *skb, |
1276 | struct netlink_callback *cb) | |
25c4cd2b | 1277 | { |
d106352d | 1278 | struct inet_diag_req *rc = nlmsg_data(cb->nlh); |
c8991362 | 1279 | struct inet_diag_req_v2 req; |
25c4cd2b | 1280 | |
d23deaa0 | 1281 | req.sdiag_family = AF_UNSPEC; /* compatibility */ |
25c4cd2b PE |
1282 | req.sdiag_protocol = inet_diag_type2proto(cb->nlh->nlmsg_type); |
1283 | req.idiag_ext = rc->idiag_ext; | |
1284 | req.idiag_states = rc->idiag_states; | |
1285 | req.id = rc->id; | |
1286 | ||
0df6d328 | 1287 | return __inet_diag_dump(skb, cb, &req); |
25c4cd2b PE |
1288 | } |
1289 | ||
fe50ce28 | 1290 | static int inet_diag_get_exact_compat(struct sk_buff *in_skb, |
e31c5e0e | 1291 | const struct nlmsghdr *nlh) |
fe50ce28 | 1292 | { |
d106352d | 1293 | struct inet_diag_req *rc = nlmsg_data(nlh); |
c8991362 | 1294 | struct inet_diag_req_v2 req; |
fe50ce28 PE |
1295 | |
1296 | req.sdiag_family = rc->idiag_family; | |
1297 | req.sdiag_protocol = inet_diag_type2proto(nlh->nlmsg_type); | |
1298 | req.idiag_ext = rc->idiag_ext; | |
1299 | req.idiag_states = rc->idiag_states; | |
1300 | req.id = rc->id; | |
1301 | ||
3f935c75 PA |
1302 | return inet_diag_cmd_exact(SOCK_DIAG_BY_FAMILY, in_skb, nlh, |
1303 | sizeof(struct inet_diag_req), &req); | |
fe50ce28 PE |
1304 | } |
1305 | ||
8d34172d | 1306 | static int inet_diag_rcv_msg_compat(struct sk_buff *skb, struct nlmsghdr *nlh) |
1da177e4 | 1307 | { |
3b09c84c | 1308 | int hdrlen = sizeof(struct inet_diag_req); |
51d7cccf | 1309 | struct net *net = sock_net(skb->sk); |
1da177e4 | 1310 | |
ead592ba TG |
1311 | if (nlh->nlmsg_type >= INET_DIAG_GETSOCK_MAX || |
1312 | nlmsg_len(nlh) < hdrlen) | |
1313 | return -EINVAL; | |
1da177e4 | 1314 | |
b8f3ab42 | 1315 | if (nlh->nlmsg_flags & NLM_F_DUMP) { |
0df6d328 MKL |
1316 | struct netlink_dump_control c = { |
1317 | .start = inet_diag_dump_start_compat, | |
1318 | .done = inet_diag_dump_done, | |
1319 | .dump = inet_diag_dump_compat, | |
1320 | }; | |
1321 | return netlink_dump_start(net->diag_nlsk, skb, nlh, &c); | |
1da177e4 | 1322 | } |
ead592ba | 1323 | |
fe50ce28 | 1324 | return inet_diag_get_exact_compat(skb, nlh); |
1da177e4 LT |
1325 | } |
1326 | ||
6eb5d2e0 | 1327 | static int inet_diag_handler_cmd(struct sk_buff *skb, struct nlmsghdr *h) |
d366477a | 1328 | { |
c8991362 | 1329 | int hdrlen = sizeof(struct inet_diag_req_v2); |
51d7cccf | 1330 | struct net *net = sock_net(skb->sk); |
d366477a PE |
1331 | |
1332 | if (nlmsg_len(h) < hdrlen) | |
1333 | return -EINVAL; | |
1334 | ||
6eb5d2e0 LC |
1335 | if (h->nlmsg_type == SOCK_DIAG_BY_FAMILY && |
1336 | h->nlmsg_flags & NLM_F_DUMP) { | |
0df6d328 MKL |
1337 | struct netlink_dump_control c = { |
1338 | .start = inet_diag_dump_start, | |
1339 | .done = inet_diag_dump_done, | |
1340 | .dump = inet_diag_dump, | |
1341 | }; | |
1342 | return netlink_dump_start(net->diag_nlsk, skb, h, &c); | |
d366477a PE |
1343 | } |
1344 | ||
3f935c75 PA |
1345 | return inet_diag_cmd_exact(h->nlmsg_type, skb, h, hdrlen, |
1346 | nlmsg_data(h)); | |
d366477a PE |
1347 | } |
1348 | ||
35ac838a CG |
1349 | static |
1350 | int inet_diag_handler_get_info(struct sk_buff *skb, struct sock *sk) | |
1351 | { | |
1352 | const struct inet_diag_handler *handler; | |
1353 | struct nlmsghdr *nlh; | |
1354 | struct nlattr *attr; | |
1355 | struct inet_diag_msg *r; | |
1356 | void *info = NULL; | |
1357 | int err = 0; | |
1358 | ||
1359 | nlh = nlmsg_put(skb, 0, 0, SOCK_DIAG_BY_FAMILY, sizeof(*r), 0); | |
1360 | if (!nlh) | |
1361 | return -ENOMEM; | |
1362 | ||
1363 | r = nlmsg_data(nlh); | |
1364 | memset(r, 0, sizeof(*r)); | |
1365 | inet_diag_msg_common_fill(r, sk); | |
e0df02e0 CG |
1366 | if (sk->sk_type == SOCK_DGRAM || sk->sk_type == SOCK_STREAM) |
1367 | r->id.idiag_sport = inet_sk(sk)->inet_sport; | |
35ac838a CG |
1368 | r->idiag_state = sk->sk_state; |
1369 | ||
1370 | if ((err = nla_put_u8(skb, INET_DIAG_PROTOCOL, sk->sk_protocol))) { | |
1371 | nlmsg_cancel(skb, nlh); | |
1372 | return err; | |
1373 | } | |
1374 | ||
1375 | handler = inet_diag_lock_handler(sk->sk_protocol); | |
1376 | if (IS_ERR(handler)) { | |
1377 | inet_diag_unlock_handler(handler); | |
1378 | nlmsg_cancel(skb, nlh); | |
1379 | return PTR_ERR(handler); | |
1380 | } | |
1381 | ||
1382 | attr = handler->idiag_info_size | |
6ed46d12 ND |
1383 | ? nla_reserve_64bit(skb, INET_DIAG_INFO, |
1384 | handler->idiag_info_size, | |
1385 | INET_DIAG_PAD) | |
35ac838a CG |
1386 | : NULL; |
1387 | if (attr) | |
1388 | info = nla_data(attr); | |
1389 | ||
1390 | handler->idiag_get_info(sk, r, info); | |
1391 | inet_diag_unlock_handler(handler); | |
1392 | ||
1393 | nlmsg_end(skb, nlh); | |
1394 | return 0; | |
1395 | } | |
1396 | ||
8dcf01fc | 1397 | static const struct sock_diag_handler inet_diag_handler = { |
d366477a | 1398 | .family = AF_INET, |
6eb5d2e0 | 1399 | .dump = inet_diag_handler_cmd, |
35ac838a | 1400 | .get_info = inet_diag_handler_get_info, |
6eb5d2e0 | 1401 | .destroy = inet_diag_handler_cmd, |
d366477a PE |
1402 | }; |
1403 | ||
8dcf01fc | 1404 | static const struct sock_diag_handler inet6_diag_handler = { |
d366477a | 1405 | .family = AF_INET6, |
6eb5d2e0 | 1406 | .dump = inet_diag_handler_cmd, |
35ac838a | 1407 | .get_info = inet_diag_handler_get_info, |
6eb5d2e0 | 1408 | .destroy = inet_diag_handler_cmd, |
d366477a PE |
1409 | }; |
1410 | ||
4f5736c4 ACM |
1411 | int inet_diag_register(const struct inet_diag_handler *h) |
1412 | { | |
1413 | const __u16 type = h->idiag_type; | |
1414 | int err = -EINVAL; | |
1415 | ||
f13c95f0 | 1416 | if (type >= IPPROTO_MAX) |
4f5736c4 ACM |
1417 | goto out; |
1418 | ||
d523a328 | 1419 | mutex_lock(&inet_diag_table_mutex); |
4f5736c4 | 1420 | err = -EEXIST; |
e31c5e0e | 1421 | if (!inet_diag_table[type]) { |
4f5736c4 ACM |
1422 | inet_diag_table[type] = h; |
1423 | err = 0; | |
1424 | } | |
d523a328 | 1425 | mutex_unlock(&inet_diag_table_mutex); |
4f5736c4 ACM |
1426 | out: |
1427 | return err; | |
1428 | } | |
1429 | EXPORT_SYMBOL_GPL(inet_diag_register); | |
1430 | ||
1431 | void inet_diag_unregister(const struct inet_diag_handler *h) | |
1432 | { | |
1433 | const __u16 type = h->idiag_type; | |
1434 | ||
f13c95f0 | 1435 | if (type >= IPPROTO_MAX) |
4f5736c4 ACM |
1436 | return; |
1437 | ||
d523a328 | 1438 | mutex_lock(&inet_diag_table_mutex); |
4f5736c4 | 1439 | inet_diag_table[type] = NULL; |
d523a328 | 1440 | mutex_unlock(&inet_diag_table_mutex); |
4f5736c4 ACM |
1441 | } |
1442 | EXPORT_SYMBOL_GPL(inet_diag_unregister); | |
1443 | ||
73c1f4a0 | 1444 | static int __init inet_diag_init(void) |
1da177e4 | 1445 | { |
f13c95f0 | 1446 | const int inet_diag_table_size = (IPPROTO_MAX * |
4f5736c4 ACM |
1447 | sizeof(struct inet_diag_handler *)); |
1448 | int err = -ENOMEM; | |
1449 | ||
0da974f4 | 1450 | inet_diag_table = kzalloc(inet_diag_table_size, GFP_KERNEL); |
4f5736c4 ACM |
1451 | if (!inet_diag_table) |
1452 | goto out; | |
1453 | ||
d366477a PE |
1454 | err = sock_diag_register(&inet_diag_handler); |
1455 | if (err) | |
1456 | goto out_free_nl; | |
1457 | ||
1458 | err = sock_diag_register(&inet6_diag_handler); | |
1459 | if (err) | |
1460 | goto out_free_inet; | |
1461 | ||
8ef874bf | 1462 | sock_diag_register_inet_compat(inet_diag_rcv_msg_compat); |
4f5736c4 ACM |
1463 | out: |
1464 | return err; | |
d366477a PE |
1465 | |
1466 | out_free_inet: | |
1467 | sock_diag_unregister(&inet_diag_handler); | |
1468 | out_free_nl: | |
4f5736c4 ACM |
1469 | kfree(inet_diag_table); |
1470 | goto out; | |
1da177e4 LT |
1471 | } |
1472 | ||
73c1f4a0 | 1473 | static void __exit inet_diag_exit(void) |
1da177e4 | 1474 | { |
d366477a PE |
1475 | sock_diag_unregister(&inet6_diag_handler); |
1476 | sock_diag_unregister(&inet_diag_handler); | |
8ef874bf | 1477 | sock_diag_unregister_inet_compat(inet_diag_rcv_msg_compat); |
4f5736c4 | 1478 | kfree(inet_diag_table); |
1da177e4 LT |
1479 | } |
1480 | ||
73c1f4a0 ACM |
1481 | module_init(inet_diag_init); |
1482 | module_exit(inet_diag_exit); | |
1da177e4 | 1483 | MODULE_LICENSE("GPL"); |
aec8dc62 PE |
1484 | MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_NETLINK, NETLINK_SOCK_DIAG, 2 /* AF_INET */); |
1485 | MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_NETLINK, NETLINK_SOCK_DIAG, 10 /* AF_INET6 */); |