Gitiles
Code Review Sign In
review.evervolv.com / android_kernel_oneplus_msm8996 / 53e173f62c318e65e6ae13524b04c5cf38c1bc3c / . / net / packet / af_packet.c
blob: 64acea0adaaea6c31aa55a734dcc5263890644ba [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1/*
2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
5 *
6 * PACKET - implements raw packet sockets.
7 *
8 * Version: $Id: af_packet.c,v 1.61 2002/02/08 03:57:19 davem Exp $
9 *
10 * Authors: Ross Biro, <bir7@leland.Stanford.Edu>
11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Alan Cox, <gw4pts@gw4pts.ampr.org>
13 *
14 * Fixes:
15 * Alan Cox : verify_area() now used correctly
16 * Alan Cox : new skbuff lists, look ma no backlogs!
17 * Alan Cox : tidied skbuff lists.
18 * Alan Cox : Now uses generic datagram routines I
19 * added. Also fixed the peek/read crash
20 * from all old Linux datagram code.
21 * Alan Cox : Uses the improved datagram code.
22 * Alan Cox : Added NULL's for socket options.
23 * Alan Cox : Re-commented the code.
24 * Alan Cox : Use new kernel side addressing
25 * Rob Janssen : Correct MTU usage.
26 * Dave Platt : Counter leaks caused by incorrect
27 * interrupt locking and some slightly
28 * dubious gcc output. Can you read
29 * compiler: it said _VOLATILE_
30 * Richard Kooijman : Timestamp fixes.
31 * Alan Cox : New buffers. Use sk->mac.raw.
32 * Alan Cox : sendmsg/recvmsg support.
33 * Alan Cox : Protocol setting support
34 * Alexey Kuznetsov : Untied from IPv4 stack.
35 * Cyrus Durgin : Fixed kerneld for kmod.
36 * Michal Ostrowski : Module initialization cleanup.
37 * Ulises Alonso : Frame number limit removal and
38 * packet_set_ring memory leak.
39 *
40 * This program is free software; you can redistribute it and/or
41 * modify it under the terms of the GNU General Public License
42 * as published by the Free Software Foundation; either version
43 * 2 of the License, or (at your option) any later version.
44 *
45 */
46
47#include <linux/config.h>
48#include <linux/types.h>
49#include <linux/sched.h>
50#include <linux/mm.h>
51#include <linux/fcntl.h>
52#include <linux/socket.h>
53#include <linux/in.h>
54#include <linux/inet.h>
55#include <linux/netdevice.h>
56#include <linux/if_packet.h>
57#include <linux/wireless.h>
58#include <linux/kmod.h>
59#include <net/ip.h>
60#include <net/protocol.h>
61#include <linux/skbuff.h>
62#include <net/sock.h>
63#include <linux/errno.h>
64#include <linux/timer.h>
65#include <asm/system.h>
66#include <asm/uaccess.h>
67#include <asm/ioctls.h>
68#include <asm/page.h>
69#include <asm/io.h>
70#include <linux/proc_fs.h>
71#include <linux/seq_file.h>
72#include <linux/poll.h>
73#include <linux/module.h>
74#include <linux/init.h>
75
76#ifdef CONFIG_INET
77#include <net/inet_common.h>
78#endif
79
80#define CONFIG_SOCK_PACKET 1
81
82/*
83 Proposed replacement for SIOC{ADD,DEL}MULTI and
84 IFF_PROMISC, IFF_ALLMULTI flags.
85
86 It is more expensive, but I believe,
87 it is really correct solution: reentereble, safe and fault tolerant.
88
89 IFF_PROMISC/IFF_ALLMULTI/SIOC{ADD/DEL}MULTI are faked by keeping
90 reference count and global flag, so that real status is
91 (gflag|(count != 0)), so that we can use obsolete faulty interface
92 not harming clever users.
93 */
94#define CONFIG_PACKET_MULTICAST 1
95
96/*
97 Assumptions:
98 - if device has no dev->hard_header routine, it adds and removes ll header
99 inside itself. In this case ll header is invisible outside of device,
100 but higher levels still should reserve dev->hard_header_len.
101 Some devices are enough clever to reallocate skb, when header
102 will not fit to reserved space (tunnel), another ones are silly
103 (PPP).
104 - packet socket receives packets with pulled ll header,
105 so that SOCK_RAW should push it back.
106
107On receive:
108-----------
109
110Incoming, dev->hard_header!=NULL
111 mac.raw -> ll header
112 data -> data
113
114Outgoing, dev->hard_header!=NULL
115 mac.raw -> ll header
116 data -> ll header
117
118Incoming, dev->hard_header==NULL
119 mac.raw -> UNKNOWN position. It is very likely, that it points to ll header.
120 PPP makes it, that is wrong, because introduce assymetry
121 between rx and tx paths.
122 data -> data
123
124Outgoing, dev->hard_header==NULL
125 mac.raw -> data. ll header is still not built!
126 data -> data
127
128Resume
129 If dev->hard_header==NULL we are unlikely to restore sensible ll header.
130
131
132On transmit:
133------------
134
135dev->hard_header != NULL
136 mac.raw -> ll header
137 data -> ll header
138
139dev->hard_header == NULL (ll header is added by device, we cannot control it)
140 mac.raw -> data
141 data -> data
142
143 We should set nh.raw on output to correct posistion,
144 packet classifier depends on it.
145 */
146
147/* List of all packet sockets. */
148static HLIST_HEAD(packet_sklist);
149static DEFINE_RWLOCK(packet_sklist_lock);
150
151static atomic_t packet_socks_nr;
152
153
154/* Private packet socket structures. */
155
156#ifdef CONFIG_PACKET_MULTICAST
157struct packet_mclist
158{
159 struct packet_mclist *next;
160 int ifindex;
161 int count;
162 unsigned short type;
163 unsigned short alen;
164 unsigned char addr[8];
165};
166#endif
167#ifdef CONFIG_PACKET_MMAP
168static int packet_set_ring(struct sock *sk, struct tpacket_req *req, int closing);
169#endif
170
171static void packet_flush_mclist(struct sock *sk);
172
173struct packet_sock {
174 /* struct sock has to be the first member of packet_sock */
175 struct sock sk;
176 struct tpacket_stats stats;
177#ifdef CONFIG_PACKET_MMAP
178 char * *pg_vec;
179 unsigned int head;
180 unsigned int frames_per_block;
181 unsigned int frame_size;
182 unsigned int frame_max;
183 int copy_thresh;
184#endif
185 struct packet_type prot_hook;
186 spinlock_t bind_lock;
187 char running; /* prot_hook is attached*/
188 int ifindex; /* bound device */
189 unsigned short num;
190#ifdef CONFIG_PACKET_MULTICAST
191 struct packet_mclist *mclist;
192#endif
193#ifdef CONFIG_PACKET_MMAP
194 atomic_t mapped;
195 unsigned int pg_vec_order;
196 unsigned int pg_vec_pages;
197 unsigned int pg_vec_len;
198#endif
199};
200
201#ifdef CONFIG_PACKET_MMAP
202
203static inline char *packet_lookup_frame(struct packet_sock *po, unsigned int position)
204{
205 unsigned int pg_vec_pos, frame_offset;
206 char *frame;
207
208 pg_vec_pos = position / po->frames_per_block;
209 frame_offset = position % po->frames_per_block;
210
211 frame = po->pg_vec[pg_vec_pos] + (frame_offset * po->frame_size);
212
213 return frame;
214}
215#endif
216
217static inline struct packet_sock *pkt_sk(struct sock *sk)
218{
219 return (struct packet_sock *)sk;
220}
221
222static void packet_sock_destruct(struct sock *sk)
223{
224 BUG_TRAP(!atomic_read(&sk->sk_rmem_alloc));
225 BUG_TRAP(!atomic_read(&sk->sk_wmem_alloc));
226
227 if (!sock_flag(sk, SOCK_DEAD)) {
228 printk("Attempt to release alive packet socket: %p\n", sk);
229 return;
230 }
231
232 atomic_dec(&packet_socks_nr);
233#ifdef PACKET_REFCNT_DEBUG
234 printk(KERN_DEBUG "PACKET socket %p is free, %d are alive\n", sk, atomic_read(&packet_socks_nr));
235#endif
236}
237
238
239static struct proto_ops packet_ops;
240
241#ifdef CONFIG_SOCK_PACKET
242static struct proto_ops packet_ops_spkt;
243
244static int packet_rcv_spkt(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt)
245{
246 struct sock *sk;
247 struct sockaddr_pkt *spkt;
248
249 /*
250 * When we registered the protocol we saved the socket in the data
251 * field for just this event.
252 */
253
254 sk = pt->af_packet_priv;
255
256 /*
257 * Yank back the headers [hope the device set this
258 * right or kerboom...]
259 *
260 * Incoming packets have ll header pulled,
261 * push it back.
262 *
263 * For outgoing ones skb->data == skb->mac.raw
264 * so that this procedure is noop.
265 */
266
267 if (skb->pkt_type == PACKET_LOOPBACK)
268 goto out;
269
270 if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL)
271 goto oom;
272
273 /* drop any routing info */
274 dst_release(skb->dst);
275 skb->dst = NULL;
276
277 spkt = (struct sockaddr_pkt*)skb->cb;
278
279 skb_push(skb, skb->data-skb->mac.raw);
280
281 /*
282 * The SOCK_PACKET socket receives _all_ frames.
283 */
284
285 spkt->spkt_family = dev->type;
286 strlcpy(spkt->spkt_device, dev->name, sizeof(spkt->spkt_device));
287 spkt->spkt_protocol = skb->protocol;
288
289 /*
290 * Charge the memory to the socket. This is done specifically
291 * to prevent sockets using all the memory up.
292 */
293
294 if (sock_queue_rcv_skb(sk,skb) == 0)
295 return 0;
296
297out:
298 kfree_skb(skb);
299oom:
300 return 0;
301}
302
303
304/*
305 * Output a raw packet to a device layer. This bypasses all the other
306 * protocol layers and you must therefore supply it with a complete frame
307 */
308
309static int packet_sendmsg_spkt(struct kiocb *iocb, struct socket *sock,
310 struct msghdr *msg, size_t len)
311{
312 struct sock *sk = sock->sk;
313 struct sockaddr_pkt *saddr=(struct sockaddr_pkt *)msg->msg_name;
314 struct sk_buff *skb;
315 struct net_device *dev;
316 unsigned short proto=0;
317 int err;
318
319 /*
320 * Get and verify the address.
321 */
322
323 if (saddr)
324 {
325 if (msg->msg_namelen < sizeof(struct sockaddr))
326 return(-EINVAL);
327 if (msg->msg_namelen==sizeof(struct sockaddr_pkt))
328 proto=saddr->spkt_protocol;
329 }
330 else
331 return(-ENOTCONN); /* SOCK_PACKET must be sent giving an address */
332
333 /*
334 * Find the device first to size check it
335 */
336
337 saddr->spkt_device[13] = 0;
338 dev = dev_get_by_name(saddr->spkt_device);
339 err = -ENODEV;
340 if (dev == NULL)
341 goto out_unlock;
342
343 /*
344 * You may not queue a frame bigger than the mtu. This is the lowest level
345 * raw protocol and you must do your own fragmentation at this level.
346 */
347
348 err = -EMSGSIZE;
349 if(len>dev->mtu+dev->hard_header_len)
350 goto out_unlock;
351
352 err = -ENOBUFS;
353 skb = sock_wmalloc(sk, len + LL_RESERVED_SPACE(dev), 0, GFP_KERNEL);
354
355 /*
356 * If the write buffer is full, then tough. At this level the user gets to
357 * deal with the problem - do your own algorithmic backoffs. That's far
358 * more flexible.
359 */
360
361 if (skb == NULL)
362 goto out_unlock;
363
364 /*
365 * Fill it in
366 */
367
368 /* FIXME: Save some space for broken drivers that write a
369 * hard header at transmission time by themselves. PPP is the
370 * notable one here. This should really be fixed at the driver level.
371 */
372 skb_reserve(skb, LL_RESERVED_SPACE(dev));
373 skb->nh.raw = skb->data;
374
375 /* Try to align data part correctly */
376 if (dev->hard_header) {
377 skb->data -= dev->hard_header_len;
378 skb->tail -= dev->hard_header_len;
379 if (len < dev->hard_header_len)
380 skb->nh.raw = skb->data;
381 }
382
383 /* Returns -EFAULT on error */
384 err = memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len);
385 skb->protocol = proto;
386 skb->dev = dev;
387 skb->priority = sk->sk_priority;
388 if (err)
389 goto out_free;
390
391 err = -ENETDOWN;
392 if (!(dev->flags & IFF_UP))
393 goto out_free;
394
395 /*
396 * Now send it
397 */
398
399 dev_queue_xmit(skb);
400 dev_put(dev);
401 return(len);
402
403out_free:
404 kfree_skb(skb);
405out_unlock:
406 if (dev)
407 dev_put(dev);
408 return err;
409}
410#endif
411
412static inline unsigned run_filter(struct sk_buff *skb, struct sock *sk, unsigned res)
413{
414 struct sk_filter *filter;
415
416 bh_lock_sock(sk);
417 filter = sk->sk_filter;
418 /*
419 * Our caller already checked that filter != NULL but we need to
420 * verify that under bh_lock_sock() to be safe
421 */
422 if (likely(filter != NULL))
423 res = sk_run_filter(skb, filter->insns, filter->len);
424 bh_unlock_sock(sk);
425
426 return res;
427}
428
429/*
430 This function makes lazy skb cloning in hope that most of packets
431 are discarded by BPF.
432
433 Note tricky part: we DO mangle shared skb! skb->data, skb->len
434 and skb->cb are mangled. It works because (and until) packets
435 falling here are owned by current CPU. Output packets are cloned
436 by dev_queue_xmit_nit(), input packets are processed by net_bh
437 sequencially, so that if we return skb to original state on exit,
438 we will not harm anyone.
439 */
440
441static int packet_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt)
442{
443 struct sock *sk;
444 struct sockaddr_ll *sll;
445 struct packet_sock *po;
446 u8 * skb_head = skb->data;
447 int skb_len = skb->len;
448 unsigned snaplen;
449
450 if (skb->pkt_type == PACKET_LOOPBACK)
451 goto drop;
452
453 sk = pt->af_packet_priv;
454 po = pkt_sk(sk);
455
456 skb->dev = dev;
457
458 if (dev->hard_header) {
459 /* The device has an explicit notion of ll header,
460 exported to higher levels.
461
462 Otherwise, the device hides datails of it frame
463 structure, so that corresponding packet head
464 never delivered to user.
465 */
466 if (sk->sk_type != SOCK_DGRAM)
467 skb_push(skb, skb->data - skb->mac.raw);
468 else if (skb->pkt_type == PACKET_OUTGOING) {
469 /* Special case: outgoing packets have ll header at head */
470 skb_pull(skb, skb->nh.raw - skb->data);
471 }
472 }
473
474 snaplen = skb->len;
475
476 if (sk->sk_filter) {
477 unsigned res = run_filter(skb, sk, snaplen);
478 if (res == 0)
479 goto drop_n_restore;
480 if (snaplen > res)
481 snaplen = res;
482 }
483
484 if (atomic_read(&sk->sk_rmem_alloc) + skb->truesize >=
485 (unsigned)sk->sk_rcvbuf)
486 goto drop_n_acct;
487
488 if (skb_shared(skb)) {
489 struct sk_buff *nskb = skb_clone(skb, GFP_ATOMIC);
490 if (nskb == NULL)
491 goto drop_n_acct;
492
493 if (skb_head != skb->data) {
494 skb->data = skb_head;
495 skb->len = skb_len;
496 }
497 kfree_skb(skb);
498 skb = nskb;
499 }
500
501 sll = (struct sockaddr_ll*)skb->cb;
502 sll->sll_family = AF_PACKET;
503 sll->sll_hatype = dev->type;
504 sll->sll_protocol = skb->protocol;
505 sll->sll_pkttype = skb->pkt_type;
506 sll->sll_ifindex = dev->ifindex;
507 sll->sll_halen = 0;
508
509 if (dev->hard_header_parse)
510 sll->sll_halen = dev->hard_header_parse(skb, sll->sll_addr);
511
512 if (pskb_trim(skb, snaplen))
513 goto drop_n_acct;
514
515 skb_set_owner_r(skb, sk);
516 skb->dev = NULL;
517 dst_release(skb->dst);
518 skb->dst = NULL;
519
520 spin_lock(&sk->sk_receive_queue.lock);
521 po->stats.tp_packets++;
522 __skb_queue_tail(&sk->sk_receive_queue, skb);
523 spin_unlock(&sk->sk_receive_queue.lock);
524 sk->sk_data_ready(sk, skb->len);
525 return 0;
526
527drop_n_acct:
528 spin_lock(&sk->sk_receive_queue.lock);
529 po->stats.tp_drops++;
530 spin_unlock(&sk->sk_receive_queue.lock);
531
532drop_n_restore:
533 if (skb_head != skb->data && skb_shared(skb)) {
534 skb->data = skb_head;
535 skb->len = skb_len;
536 }
537drop:
538 kfree_skb(skb);
539 return 0;
540}
541
542#ifdef CONFIG_PACKET_MMAP
543static int tpacket_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt)
544{
545 struct sock *sk;
546 struct packet_sock *po;
547 struct sockaddr_ll *sll;
548 struct tpacket_hdr *h;
549 u8 * skb_head = skb->data;
550 int skb_len = skb->len;
551 unsigned snaplen;
552 unsigned long status = TP_STATUS_LOSING|TP_STATUS_USER;
553 unsigned short macoff, netoff;
554 struct sk_buff *copy_skb = NULL;
555
556 if (skb->pkt_type == PACKET_LOOPBACK)
557 goto drop;
558
559 sk = pt->af_packet_priv;
560 po = pkt_sk(sk);
561
562 if (dev->hard_header) {
563 if (sk->sk_type != SOCK_DGRAM)
564 skb_push(skb, skb->data - skb->mac.raw);
565 else if (skb->pkt_type == PACKET_OUTGOING) {
566 /* Special case: outgoing packets have ll header at head */
567 skb_pull(skb, skb->nh.raw - skb->data);
568 if (skb->ip_summed == CHECKSUM_HW)
569 status |= TP_STATUS_CSUMNOTREADY;
570 }
571 }
572
573 snaplen = skb->len;
574
575 if (sk->sk_filter) {
576 unsigned res = run_filter(skb, sk, snaplen);
577 if (res == 0)
578 goto drop_n_restore;
579 if (snaplen > res)
580 snaplen = res;
581 }
582
583 if (sk->sk_type == SOCK_DGRAM) {
584 macoff = netoff = TPACKET_ALIGN(TPACKET_HDRLEN) + 16;
585 } else {
586 unsigned maclen = skb->nh.raw - skb->data;
587 netoff = TPACKET_ALIGN(TPACKET_HDRLEN + (maclen < 16 ? 16 : maclen));
588 macoff = netoff - maclen;
589 }
590
591 if (macoff + snaplen > po->frame_size) {
592 if (po->copy_thresh &&
593 atomic_read(&sk->sk_rmem_alloc) + skb->truesize <
594 (unsigned)sk->sk_rcvbuf) {
595 if (skb_shared(skb)) {
596 copy_skb = skb_clone(skb, GFP_ATOMIC);
597 } else {
598 copy_skb = skb_get(skb);
599 skb_head = skb->data;
600 }
601 if (copy_skb)
602 skb_set_owner_r(copy_skb, sk);
603 }
604 snaplen = po->frame_size - macoff;
605 if ((int)snaplen < 0)
606 snaplen = 0;
607 }
608 if (snaplen > skb->len-skb->data_len)
609 snaplen = skb->len-skb->data_len;
610
611 spin_lock(&sk->sk_receive_queue.lock);
612 h = (struct tpacket_hdr *)packet_lookup_frame(po, po->head);
613
614 if (h->tp_status)
615 goto ring_is_full;
616 po->head = po->head != po->frame_max ? po->head+1 : 0;
617 po->stats.tp_packets++;
618 if (copy_skb) {
619 status |= TP_STATUS_COPY;
620 __skb_queue_tail(&sk->sk_receive_queue, copy_skb);
621 }
622 if (!po->stats.tp_drops)
623 status &= ~TP_STATUS_LOSING;
624 spin_unlock(&sk->sk_receive_queue.lock);
625
626 memcpy((u8*)h + macoff, skb->data, snaplen);
627
628 h->tp_len = skb->len;
629 h->tp_snaplen = snaplen;
630 h->tp_mac = macoff;
631 h->tp_net = netoff;
632 if (skb->stamp.tv_sec == 0) {
633 do_gettimeofday(&skb->stamp);
634 sock_enable_timestamp(sk);
635 }
636 h->tp_sec = skb->stamp.tv_sec;
637 h->tp_usec = skb->stamp.tv_usec;
638
639 sll = (struct sockaddr_ll*)((u8*)h + TPACKET_ALIGN(sizeof(*h)));
640 sll->sll_halen = 0;
641 if (dev->hard_header_parse)
642 sll->sll_halen = dev->hard_header_parse(skb, sll->sll_addr);
643 sll->sll_family = AF_PACKET;
644 sll->sll_hatype = dev->type;
645 sll->sll_protocol = skb->protocol;
646 sll->sll_pkttype = skb->pkt_type;
647 sll->sll_ifindex = dev->ifindex;
648
649 h->tp_status = status;
650 mb();
651
652 {
653 struct page *p_start, *p_end;
654 u8 *h_end = (u8 *)h + macoff + snaplen - 1;
655
656 p_start = virt_to_page(h);
657 p_end = virt_to_page(h_end);
658 while (p_start <= p_end) {
659 flush_dcache_page(p_start);
660 p_start++;
661 }
662 }
663
664 sk->sk_data_ready(sk, 0);
665
666drop_n_restore:
667 if (skb_head != skb->data && skb_shared(skb)) {
668 skb->data = skb_head;
669 skb->len = skb_len;
670 }
671drop:
672 kfree_skb(skb);
673 return 0;
674
675ring_is_full:
676 po->stats.tp_drops++;
677 spin_unlock(&sk->sk_receive_queue.lock);
678
679 sk->sk_data_ready(sk, 0);
680 if (copy_skb)
681 kfree_skb(copy_skb);
682 goto drop_n_restore;
683}
684
685#endif
686
687
688static int packet_sendmsg(struct kiocb *iocb, struct socket *sock,
689 struct msghdr *msg, size_t len)
690{
691 struct sock *sk = sock->sk;
692 struct sockaddr_ll *saddr=(struct sockaddr_ll *)msg->msg_name;
693 struct sk_buff *skb;
694 struct net_device *dev;
695 unsigned short proto;
696 unsigned char *addr;
697 int ifindex, err, reserve = 0;
698
699 /*
700 * Get and verify the address.
701 */
702
703 if (saddr == NULL) {
704 struct packet_sock *po = pkt_sk(sk);
705
706 ifindex = po->ifindex;
707 proto = po->num;
708 addr = NULL;
709 } else {
710 err = -EINVAL;
711 if (msg->msg_namelen < sizeof(struct sockaddr_ll))
712 goto out;
713 ifindex = saddr->sll_ifindex;
714 proto = saddr->sll_protocol;
715 addr = saddr->sll_addr;
716 }
717
718
719 dev = dev_get_by_index(ifindex);
720 err = -ENXIO;
721 if (dev == NULL)
722 goto out_unlock;
723 if (sock->type == SOCK_RAW)
724 reserve = dev->hard_header_len;
725
726 err = -EMSGSIZE;
727 if (len > dev->mtu+reserve)
728 goto out_unlock;
729
730 skb = sock_alloc_send_skb(sk, len + LL_RESERVED_SPACE(dev),
731 msg->msg_flags & MSG_DONTWAIT, &err);
732 if (skb==NULL)
733 goto out_unlock;
734
735 skb_reserve(skb, LL_RESERVED_SPACE(dev));
736 skb->nh.raw = skb->data;
737
738 if (dev->hard_header) {
739 int res;
740 err = -EINVAL;
741 res = dev->hard_header(skb, dev, ntohs(proto), addr, NULL, len);
742 if (sock->type != SOCK_DGRAM) {
743 skb->tail = skb->data;
744 skb->len = 0;
745 } else if (res < 0)
746 goto out_free;
747 }
748
749 /* Returns -EFAULT on error */
750 err = memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len);
751 if (err)
752 goto out_free;
753
754 skb->protocol = proto;
755 skb->dev = dev;
756 skb->priority = sk->sk_priority;
757
758 err = -ENETDOWN;
759 if (!(dev->flags & IFF_UP))
760 goto out_free;
761
762 /*
763 * Now send it
764 */
765
766 err = dev_queue_xmit(skb);
767 if (err > 0 && (err = net_xmit_errno(err)) != 0)
768 goto out_unlock;
769
770 dev_put(dev);
771
772 return(len);
773
774out_free:
775 kfree_skb(skb);
776out_unlock:
777 if (dev)
778 dev_put(dev);
779out:
780 return err;
781}
782
783/*
784 * Close a PACKET socket. This is fairly simple. We immediately go
785 * to 'closed' state and remove our protocol entry in the device list.
786 */
787
788static int packet_release(struct socket *sock)
789{
790 struct sock *sk = sock->sk;
791 struct packet_sock *po;
792
793 if (!sk)
794 return 0;
795
796 po = pkt_sk(sk);
797
798 write_lock_bh(&packet_sklist_lock);
799 sk_del_node_init(sk);
800 write_unlock_bh(&packet_sklist_lock);
801
802 /*
803 * Unhook packet receive handler.
804 */
805
806 if (po->running) {
807 /*
808 * Remove the protocol hook
809 */
810 dev_remove_pack(&po->prot_hook);
811 po->running = 0;
812 po->num = 0;
813 __sock_put(sk);
814 }
815
816#ifdef CONFIG_PACKET_MULTICAST
817 packet_flush_mclist(sk);
818#endif
819
820#ifdef CONFIG_PACKET_MMAP
821 if (po->pg_vec) {
822 struct tpacket_req req;
823 memset(&req, 0, sizeof(req));
824 packet_set_ring(sk, &req, 1);
825 }
826#endif
827
828 /*
829 * Now the socket is dead. No more input will appear.
830 */
831
832 sock_orphan(sk);
833 sock->sk = NULL;
834
835 /* Purge queues */
836
837 skb_queue_purge(&sk->sk_receive_queue);
838
839 sock_put(sk);
840 return 0;
841}
842
843/*
844 * Attach a packet hook.
845 */
846
847static int packet_do_bind(struct sock *sk, struct net_device *dev, int protocol)
848{
849 struct packet_sock *po = pkt_sk(sk);
850 /*
851 * Detach an existing hook if present.
852 */
853
854 lock_sock(sk);
855
856 spin_lock(&po->bind_lock);
857 if (po->running) {
858 __sock_put(sk);
859 po->running = 0;
860 po->num = 0;
861 spin_unlock(&po->bind_lock);
862 dev_remove_pack(&po->prot_hook);
863 spin_lock(&po->bind_lock);
864 }
865
866 po->num = protocol;
867 po->prot_hook.type = protocol;
868 po->prot_hook.dev = dev;
869
870 po->ifindex = dev ? dev->ifindex : 0;
871
872 if (protocol == 0)
873 goto out_unlock;
874
875 if (dev) {
876 if (dev->flags&IFF_UP) {
877 dev_add_pack(&po->prot_hook);
878 sock_hold(sk);
879 po->running = 1;
880 } else {
881 sk->sk_err = ENETDOWN;
882 if (!sock_flag(sk, SOCK_DEAD))
883 sk->sk_error_report(sk);
884 }
885 } else {
886 dev_add_pack(&po->prot_hook);
887 sock_hold(sk);
888 po->running = 1;
889 }
890
891out_unlock:
892 spin_unlock(&po->bind_lock);
893 release_sock(sk);
894 return 0;
895}
896
897/*
898 * Bind a packet socket to a device
899 */
900
901#ifdef CONFIG_SOCK_PACKET
902
903static int packet_bind_spkt(struct socket *sock, struct sockaddr *uaddr, int addr_len)
904{
905 struct sock *sk=sock->sk;
906 char name[15];
907 struct net_device *dev;
908 int err = -ENODEV;
909
910 /*
911 * Check legality
912 */
913
914 if(addr_len!=sizeof(struct sockaddr))
915 return -EINVAL;
916 strlcpy(name,uaddr->sa_data,sizeof(name));
917
918 dev = dev_get_by_name(name);
919 if (dev) {
920 err = packet_do_bind(sk, dev, pkt_sk(sk)->num);
921 dev_put(dev);
922 }
923 return err;
924}
925#endif
926
927static int packet_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
928{
929 struct sockaddr_ll *sll = (struct sockaddr_ll*)uaddr;
930 struct sock *sk=sock->sk;
931 struct net_device *dev = NULL;
932 int err;
933
934
935 /*
936 * Check legality
937 */
938
939 if (addr_len < sizeof(struct sockaddr_ll))
940 return -EINVAL;
941 if (sll->sll_family != AF_PACKET)
942 return -EINVAL;
943
944 if (sll->sll_ifindex) {
945 err = -ENODEV;
946 dev = dev_get_by_index(sll->sll_ifindex);
947 if (dev == NULL)
948 goto out;
949 }
950 err = packet_do_bind(sk, dev, sll->sll_protocol ? : pkt_sk(sk)->num);
951 if (dev)
952 dev_put(dev);
953
954out:
955 return err;
956}
957
958static struct proto packet_proto = {
959 .name = "PACKET",
960 .owner = THIS_MODULE,
961 .obj_size = sizeof(struct packet_sock),
962};
963
964/*
965 * Create a packet of type SOCK_PACKET.
966 */
967
968static int packet_create(struct socket *sock, int protocol)
969{
970 struct sock *sk;
971 struct packet_sock *po;
972 int err;
973
974 if (!capable(CAP_NET_RAW))
975 return -EPERM;
976 if (sock->type != SOCK_DGRAM && sock->type != SOCK_RAW
977#ifdef CONFIG_SOCK_PACKET
978 && sock->type != SOCK_PACKET
979#endif
980 )
981 return -ESOCKTNOSUPPORT;
982
983 sock->state = SS_UNCONNECTED;
984
985 err = -ENOBUFS;
986 sk = sk_alloc(PF_PACKET, GFP_KERNEL, &packet_proto, 1);
987 if (sk == NULL)
988 goto out;
989
990 sock->ops = &packet_ops;
991#ifdef CONFIG_SOCK_PACKET
992 if (sock->type == SOCK_PACKET)
993 sock->ops = &packet_ops_spkt;
994#endif
995 sock_init_data(sock, sk);
996
997 po = pkt_sk(sk);
998 sk->sk_family = PF_PACKET;
999 po->num = protocol;
1000
1001 sk->sk_destruct = packet_sock_destruct;
1002 atomic_inc(&packet_socks_nr);
1003
1004 /*
1005 * Attach a protocol block
1006 */
1007
1008 spin_lock_init(&po->bind_lock);
1009 po->prot_hook.func = packet_rcv;
1010#ifdef CONFIG_SOCK_PACKET
1011 if (sock->type == SOCK_PACKET)
1012 po->prot_hook.func = packet_rcv_spkt;
1013#endif
1014 po->prot_hook.af_packet_priv = sk;
1015
1016 if (protocol) {
1017 po->prot_hook.type = protocol;
1018 dev_add_pack(&po->prot_hook);
1019 sock_hold(sk);
1020 po->running = 1;
1021 }
1022
1023 write_lock_bh(&packet_sklist_lock);
1024 sk_add_node(sk, &packet_sklist);
1025 write_unlock_bh(&packet_sklist_lock);
1026 return(0);
1027out:
1028 return err;
1029}
1030
1031/*
1032 * Pull a packet from our receive queue and hand it to the user.
1033 * If necessary we block.
1034 */
1035
1036static int packet_recvmsg(struct kiocb *iocb, struct socket *sock,
1037 struct msghdr *msg, size_t len, int flags)
1038{
1039 struct sock *sk = sock->sk;
1040 struct sk_buff *skb;
1041 int copied, err;
1042
1043 err = -EINVAL;
1044 if (flags & ~(MSG_PEEK|MSG_DONTWAIT|MSG_TRUNC|MSG_CMSG_COMPAT))
1045 goto out;
1046
1047#if 0
1048 /* What error should we return now? EUNATTACH? */
1049 if (pkt_sk(sk)->ifindex < 0)
1050 return -ENODEV;
1051#endif
1052
1053 /*
1054 * If the address length field is there to be filled in, we fill
1055 * it in now.
1056 */
1057
1058 if (sock->type == SOCK_PACKET)
1059 msg->msg_namelen = sizeof(struct sockaddr_pkt);
1060 else
1061 msg->msg_namelen = sizeof(struct sockaddr_ll);
1062
1063 /*
1064 * Call the generic datagram receiver. This handles all sorts
1065 * of horrible races and re-entrancy so we can forget about it
1066 * in the protocol layers.
1067 *
1068 * Now it will return ENETDOWN, if device have just gone down,
1069 * but then it will block.
1070 */
1071
1072 skb=skb_recv_datagram(sk,flags,flags&MSG_DONTWAIT,&err);
1073
1074 /*
1075 * An error occurred so return it. Because skb_recv_datagram()
1076 * handles the blocking we don't see and worry about blocking
1077 * retries.
1078 */
1079
1080 if(skb==NULL)
1081 goto out;
1082
1083 /*
1084 * You lose any data beyond the buffer you gave. If it worries a
1085 * user program they can ask the device for its MTU anyway.
1086 */
1087
1088 copied = skb->len;
1089 if (copied > len)
1090 {
1091 copied=len;
1092 msg->msg_flags|=MSG_TRUNC;
1093 }
1094
1095 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
1096 if (err)
1097 goto out_free;
1098
1099 sock_recv_timestamp(msg, sk, skb);
1100
1101 if (msg->msg_name)
1102 memcpy(msg->msg_name, skb->cb, msg->msg_namelen);
1103
1104 /*
1105 * Free or return the buffer as appropriate. Again this
1106 * hides all the races and re-entrancy issues from us.
1107 */
1108 err = (flags&MSG_TRUNC) ? skb->len : copied;
1109
1110out_free:
1111 skb_free_datagram(sk, skb);
1112out:
1113 return err;
1114}
1115
1116#ifdef CONFIG_SOCK_PACKET
1117static int packet_getname_spkt(struct socket *sock, struct sockaddr *uaddr,
1118 int *uaddr_len, int peer)
1119{
1120 struct net_device *dev;
1121 struct sock *sk = sock->sk;
1122
1123 if (peer)
1124 return -EOPNOTSUPP;
1125
1126 uaddr->sa_family = AF_PACKET;
1127 dev = dev_get_by_index(pkt_sk(sk)->ifindex);
1128 if (dev) {
1129 strlcpy(uaddr->sa_data, dev->name, 15);
1130 dev_put(dev);
1131 } else
1132 memset(uaddr->sa_data, 0, 14);
1133 *uaddr_len = sizeof(*uaddr);
1134
1135 return 0;
1136}
1137#endif
1138
1139static int packet_getname(struct socket *sock, struct sockaddr *uaddr,
1140 int *uaddr_len, int peer)
1141{
1142 struct net_device *dev;
1143 struct sock *sk = sock->sk;
1144 struct packet_sock *po = pkt_sk(sk);
1145 struct sockaddr_ll *sll = (struct sockaddr_ll*)uaddr;
1146
1147 if (peer)
1148 return -EOPNOTSUPP;
1149
1150 sll->sll_family = AF_PACKET;
1151 sll->sll_ifindex = po->ifindex;
1152 sll->sll_protocol = po->num;
1153 dev = dev_get_by_index(po->ifindex);
1154 if (dev) {
1155 sll->sll_hatype = dev->type;
1156 sll->sll_halen = dev->addr_len;
1157 memcpy(sll->sll_addr, dev->dev_addr, dev->addr_len);
1158 dev_put(dev);
1159 } else {
1160 sll->sll_hatype = 0; /* Bad: we have no ARPHRD_UNSPEC */
1161 sll->sll_halen = 0;
1162 }
1163 *uaddr_len = sizeof(*sll);
1164
1165 return 0;
1166}
1167
1168#ifdef CONFIG_PACKET_MULTICAST
1169static void packet_dev_mc(struct net_device *dev, struct packet_mclist *i, int what)
1170{
1171 switch (i->type) {
1172 case PACKET_MR_MULTICAST:
1173 if (what > 0)
1174 dev_mc_add(dev, i->addr, i->alen, 0);
1175 else
1176 dev_mc_delete(dev, i->addr, i->alen, 0);
1177 break;
1178 case PACKET_MR_PROMISC:
1179 dev_set_promiscuity(dev, what);
1180 break;
1181 case PACKET_MR_ALLMULTI:
1182 dev_set_allmulti(dev, what);
1183 break;
1184 default:;
1185 }
1186}
1187
1188static void packet_dev_mclist(struct net_device *dev, struct packet_mclist *i, int what)
1189{
1190 for ( ; i; i=i->next) {
1191 if (i->ifindex == dev->ifindex)
1192 packet_dev_mc(dev, i, what);
1193 }
1194}
1195
1196static int packet_mc_add(struct sock *sk, struct packet_mreq *mreq)
1197{
1198 struct packet_sock *po = pkt_sk(sk);
1199 struct packet_mclist *ml, *i;
1200 struct net_device *dev;
1201 int err;
1202
1203 rtnl_lock();
1204
1205 err = -ENODEV;
1206 dev = __dev_get_by_index(mreq->mr_ifindex);
1207 if (!dev)
1208 goto done;
1209
1210 err = -EINVAL;
1211 if (mreq->mr_alen > dev->addr_len)
1212 goto done;
1213
1214 err = -ENOBUFS;
1215 i = (struct packet_mclist *)kmalloc(sizeof(*i), GFP_KERNEL);
1216 if (i == NULL)
1217 goto done;
1218
1219 err = 0;
1220 for (ml = po->mclist; ml; ml = ml->next) {
1221 if (ml->ifindex == mreq->mr_ifindex &&
1222 ml->type == mreq->mr_type &&
1223 ml->alen == mreq->mr_alen &&
1224 memcmp(ml->addr, mreq->mr_address, ml->alen) == 0) {
1225 ml->count++;
1226 /* Free the new element ... */
1227 kfree(i);
1228 goto done;
1229 }
1230 }
1231
1232 i->type = mreq->mr_type;
1233 i->ifindex = mreq->mr_ifindex;
1234 i->alen = mreq->mr_alen;
1235 memcpy(i->addr, mreq->mr_address, i->alen);
1236 i->count = 1;
1237 i->next = po->mclist;
1238 po->mclist = i;
1239 packet_dev_mc(dev, i, +1);
1240
1241done:
1242 rtnl_unlock();
1243 return err;
1244}
1245
1246static int packet_mc_drop(struct sock *sk, struct packet_mreq *mreq)
1247{
1248 struct packet_mclist *ml, **mlp;
1249
1250 rtnl_lock();
1251
1252 for (mlp = &pkt_sk(sk)->mclist; (ml = *mlp) != NULL; mlp = &ml->next) {
1253 if (ml->ifindex == mreq->mr_ifindex &&
1254 ml->type == mreq->mr_type &&
1255 ml->alen == mreq->mr_alen &&
1256 memcmp(ml->addr, mreq->mr_address, ml->alen) == 0) {
1257 if (--ml->count == 0) {
1258 struct net_device *dev;
1259 *mlp = ml->next;
1260 dev = dev_get_by_index(ml->ifindex);
1261 if (dev) {
1262 packet_dev_mc(dev, ml, -1);
1263 dev_put(dev);
1264 }
1265 kfree(ml);
1266 }
1267 rtnl_unlock();
1268 return 0;
1269 }
1270 }
1271 rtnl_unlock();
1272 return -EADDRNOTAVAIL;
1273}
1274
1275static void packet_flush_mclist(struct sock *sk)
1276{
1277 struct packet_sock *po = pkt_sk(sk);
1278 struct packet_mclist *ml;
1279
1280 if (!po->mclist)
1281 return;
1282
1283 rtnl_lock();
1284 while ((ml = po->mclist) != NULL) {
1285 struct net_device *dev;
1286
1287 po->mclist = ml->next;
1288 if ((dev = dev_get_by_index(ml->ifindex)) != NULL) {
1289 packet_dev_mc(dev, ml, -1);
1290 dev_put(dev);
1291 }
1292 kfree(ml);
1293 }
1294 rtnl_unlock();
1295}
1296#endif
1297
1298static int
1299packet_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int optlen)
1300{
1301 struct sock *sk = sock->sk;
1302 int ret;
1303
1304 if (level != SOL_PACKET)
1305 return -ENOPROTOOPT;
1306
1307 switch(optname) {
1308#ifdef CONFIG_PACKET_MULTICAST
1309 case PACKET_ADD_MEMBERSHIP:
1310 case PACKET_DROP_MEMBERSHIP:
1311 {
1312 struct packet_mreq mreq;
1313 if (optlen<sizeof(mreq))
1314 return -EINVAL;
1315 if (copy_from_user(&mreq,optval,sizeof(mreq)))
1316 return -EFAULT;
1317 if (optname == PACKET_ADD_MEMBERSHIP)
1318 ret = packet_mc_add(sk, &mreq);
1319 else
1320 ret = packet_mc_drop(sk, &mreq);
1321 return ret;
1322 }
1323#endif
1324#ifdef CONFIG_PACKET_MMAP
1325 case PACKET_RX_RING:
1326 {
1327 struct tpacket_req req;
1328
1329 if (optlen<sizeof(req))
1330 return -EINVAL;
1331 if (copy_from_user(&req,optval,sizeof(req)))
1332 return -EFAULT;
1333 return packet_set_ring(sk, &req, 0);
1334 }
1335 case PACKET_COPY_THRESH:
1336 {
1337 int val;
1338
1339 if (optlen!=sizeof(val))
1340 return -EINVAL;
1341 if (copy_from_user(&val,optval,sizeof(val)))
1342 return -EFAULT;
1343
1344 pkt_sk(sk)->copy_thresh = val;
1345 return 0;
1346 }
1347#endif
1348 default:
1349 return -ENOPROTOOPT;
1350 }
1351}
1352
1353static int packet_getsockopt(struct socket *sock, int level, int optname,
1354 char __user *optval, int __user *optlen)
1355{
1356 int len;
1357 struct sock *sk = sock->sk;
1358 struct packet_sock *po = pkt_sk(sk);
1359
1360 if (level != SOL_PACKET)
1361 return -ENOPROTOOPT;
1362
1363 if (get_user(len,optlen))
1364 return -EFAULT;
1365
1366 if (len < 0)
1367 return -EINVAL;
1368
1369 switch(optname) {
1370 case PACKET_STATISTICS:
1371 {
1372 struct tpacket_stats st;
1373
1374 if (len > sizeof(struct tpacket_stats))
1375 len = sizeof(struct tpacket_stats);
1376 spin_lock_bh(&sk->sk_receive_queue.lock);
1377 st = po->stats;
1378 memset(&po->stats, 0, sizeof(st));
1379 spin_unlock_bh(&sk->sk_receive_queue.lock);
1380 st.tp_packets += st.tp_drops;
1381
1382 if (copy_to_user(optval, &st, len))
1383 return -EFAULT;
1384 break;
1385 }
1386 default:
1387 return -ENOPROTOOPT;
1388 }
1389
1390 if (put_user(len, optlen))
1391 return -EFAULT;
1392 return 0;
1393}
1394
1395
1396static int packet_notifier(struct notifier_block *this, unsigned long msg, void *data)
1397{
1398 struct sock *sk;
1399 struct hlist_node *node;
1400 struct net_device *dev = (struct net_device*)data;
1401
1402 read_lock(&packet_sklist_lock);
1403 sk_for_each(sk, node, &packet_sklist) {
1404 struct packet_sock *po = pkt_sk(sk);
1405
1406 switch (msg) {
1407 case NETDEV_UNREGISTER:
1408#ifdef CONFIG_PACKET_MULTICAST
1409 if (po->mclist)
1410 packet_dev_mclist(dev, po->mclist, -1);
1411 // fallthrough
1412#endif
1413 case NETDEV_DOWN:
1414 if (dev->ifindex == po->ifindex) {
1415 spin_lock(&po->bind_lock);
1416 if (po->running) {
1417 __dev_remove_pack(&po->prot_hook);
1418 __sock_put(sk);
1419 po->running = 0;
1420 sk->sk_err = ENETDOWN;
1421 if (!sock_flag(sk, SOCK_DEAD))
1422 sk->sk_error_report(sk);
1423 }
1424 if (msg == NETDEV_UNREGISTER) {
1425 po->ifindex = -1;
1426 po->prot_hook.dev = NULL;
1427 }
1428 spin_unlock(&po->bind_lock);
1429 }
1430 break;
1431 case NETDEV_UP:
1432 spin_lock(&po->bind_lock);
1433 if (dev->ifindex == po->ifindex && po->num &&
1434 !po->running) {
1435 dev_add_pack(&po->prot_hook);
1436 sock_hold(sk);
1437 po->running = 1;
1438 }
1439 spin_unlock(&po->bind_lock);
1440 break;
1441 }
1442 }
1443 read_unlock(&packet_sklist_lock);
1444 return NOTIFY_DONE;
1445}
1446
1447
1448static int packet_ioctl(struct socket *sock, unsigned int cmd,
1449 unsigned long arg)
1450{
1451 struct sock *sk = sock->sk;
1452
1453 switch(cmd) {
1454 case SIOCOUTQ:
1455 {
1456 int amount = atomic_read(&sk->sk_wmem_alloc);
1457 return put_user(amount, (int __user *)arg);
1458 }
1459 case SIOCINQ:
1460 {
1461 struct sk_buff *skb;
1462 int amount = 0;
1463
1464 spin_lock_bh(&sk->sk_receive_queue.lock);
1465 skb = skb_peek(&sk->sk_receive_queue);
1466 if (skb)
1467 amount = skb->len;
1468 spin_unlock_bh(&sk->sk_receive_queue.lock);
1469 return put_user(amount, (int __user *)arg);
1470 }
1471 case SIOCGSTAMP:
1472 return sock_get_timestamp(sk, (struct timeval __user *)arg);
1473
1474#ifdef CONFIG_INET
1475 case SIOCADDRT:
1476 case SIOCDELRT:
1477 case SIOCDARP:
1478 case SIOCGARP:
1479 case SIOCSARP:
1480 case SIOCGIFADDR:
1481 case SIOCSIFADDR:
1482 case SIOCGIFBRDADDR:
1483 case SIOCSIFBRDADDR:
1484 case SIOCGIFNETMASK:
1485 case SIOCSIFNETMASK:
1486 case SIOCGIFDSTADDR:
1487 case SIOCSIFDSTADDR:
1488 case SIOCSIFFLAGS:
1489 return inet_dgram_ops.ioctl(sock, cmd, arg);
1490#endif
1491
1492 default:
1493 return dev_ioctl(cmd, (void __user *)arg);
1494 }
1495 return 0;
1496}
1497
1498#ifndef CONFIG_PACKET_MMAP
1499#define packet_mmap sock_no_mmap
1500#define packet_poll datagram_poll
1501#else
1502
1503static unsigned int packet_poll(struct file * file, struct socket *sock,
1504 poll_table *wait)
1505{
1506 struct sock *sk = sock->sk;
1507 struct packet_sock *po = pkt_sk(sk);
1508 unsigned int mask = datagram_poll(file, sock, wait);
1509
1510 spin_lock_bh(&sk->sk_receive_queue.lock);
1511 if (po->pg_vec) {
1512 unsigned last = po->head ? po->head-1 : po->frame_max;
1513 struct tpacket_hdr *h;
1514
1515 h = (struct tpacket_hdr *)packet_lookup_frame(po, last);
1516
1517 if (h->tp_status)
1518 mask |= POLLIN | POLLRDNORM;
1519 }
1520 spin_unlock_bh(&sk->sk_receive_queue.lock);
1521 return mask;
1522}
1523
1524
1525/* Dirty? Well, I still did not learn better way to account
1526 * for user mmaps.
1527 */
1528
1529static void packet_mm_open(struct vm_area_struct *vma)
1530{
1531 struct file *file = vma->vm_file;
1532 struct inode *inode = file->f_dentry->d_inode;
1533 struct socket * sock = SOCKET_I(inode);
1534 struct sock *sk = sock->sk;
1535
1536 if (sk)
1537 atomic_inc(&pkt_sk(sk)->mapped);
1538}
1539
1540static void packet_mm_close(struct vm_area_struct *vma)
1541{
1542 struct file *file = vma->vm_file;
1543 struct inode *inode = file->f_dentry->d_inode;
1544 struct socket * sock = SOCKET_I(inode);
1545 struct sock *sk = sock->sk;
1546
1547 if (sk)
1548 atomic_dec(&pkt_sk(sk)->mapped);
1549}
1550
1551static struct vm_operations_struct packet_mmap_ops = {
1552 .open = packet_mm_open,
1553 .close =packet_mm_close,
1554};
1555
1556static inline struct page *pg_vec_endpage(char *one_pg_vec, unsigned int order)
1557{
1558 return virt_to_page(one_pg_vec + (PAGE_SIZE << order) - 1);
1559}
1560
1561static void free_pg_vec(char **pg_vec, unsigned order, unsigned len)
1562{
1563 int i;
1564
1565 for (i=0; i<len; i++) {
1566 if (pg_vec[i]) {
1567 struct page *page, *pend;
1568
1569 pend = pg_vec_endpage(pg_vec[i], order);
1570 for (page = virt_to_page(pg_vec[i]); page <= pend; page++)
1571 ClearPageReserved(page);
1572 free_pages((unsigned long)pg_vec[i], order);
1573 }
1574 }
1575 kfree(pg_vec);
1576}
1577
1578
1579static int packet_set_ring(struct sock *sk, struct tpacket_req *req, int closing)
1580{
1581 char **pg_vec = NULL;
1582 struct packet_sock *po = pkt_sk(sk);
1583 int was_running, num, order = 0;
1584 int err = 0;
1585
1586 if (req->tp_block_nr) {
1587 int i, l;
1588
1589 /* Sanity tests and some calculations */
1590
1591 if (po->pg_vec)
1592 return -EBUSY;
1593
1594 if ((int)req->tp_block_size <= 0)
1595 return -EINVAL;
1596 if (req->tp_block_size&(PAGE_SIZE-1))
1597 return -EINVAL;
1598 if (req->tp_frame_size < TPACKET_HDRLEN)
1599 return -EINVAL;
1600 if (req->tp_frame_size&(TPACKET_ALIGNMENT-1))
1601 return -EINVAL;
1602
1603 po->frames_per_block = req->tp_block_size/req->tp_frame_size;
1604 if (po->frames_per_block <= 0)
1605 return -EINVAL;
1606 if (po->frames_per_block*req->tp_block_nr != req->tp_frame_nr)
1607 return -EINVAL;
1608 /* OK! */
1609
1610 /* Allocate page vector */
1611 while ((PAGE_SIZE<<order) < req->tp_block_size)
1612 order++;
1613
1614 err = -ENOMEM;
1615
1616 pg_vec = kmalloc(req->tp_block_nr*sizeof(char *), GFP_KERNEL);
1617 if (pg_vec == NULL)
1618 goto out;
1619 memset(pg_vec, 0, req->tp_block_nr*sizeof(char **));
1620
1621 for (i=0; i<req->tp_block_nr; i++) {
1622 struct page *page, *pend;
1623 pg_vec[i] = (char *)__get_free_pages(GFP_KERNEL, order);
1624 if (!pg_vec[i])
1625 goto out_free_pgvec;
1626
1627 pend = pg_vec_endpage(pg_vec[i], order);
1628 for (page = virt_to_page(pg_vec[i]); page <= pend; page++)
1629 SetPageReserved(page);
1630 }
1631 /* Page vector is allocated */
1632
1633 l = 0;
1634 for (i=0; i<req->tp_block_nr; i++) {
1635 char *ptr = pg_vec[i];
1636 struct tpacket_hdr *header;
1637 int k;
1638
1639 for (k=0; k<po->frames_per_block; k++) {
1640
1641 header = (struct tpacket_hdr*)ptr;
1642 header->tp_status = TP_STATUS_KERNEL;
1643 ptr += req->tp_frame_size;
1644 }
1645 }
1646 /* Done */
1647 } else {
1648 if (req->tp_frame_nr)
1649 return -EINVAL;
1650 }
1651
1652 lock_sock(sk);
1653
1654 /* Detach socket from network */
1655 spin_lock(&po->bind_lock);
1656 was_running = po->running;
1657 num = po->num;
1658 if (was_running) {
1659 __dev_remove_pack(&po->prot_hook);
1660 po->num = 0;
1661 po->running = 0;
1662 __sock_put(sk);
1663 }
1664 spin_unlock(&po->bind_lock);
1665
1666 synchronize_net();
1667
1668 err = -EBUSY;
1669 if (closing || atomic_read(&po->mapped) == 0) {
1670 err = 0;
1671#define XC(a, b) ({ __typeof__ ((a)) __t; __t = (a); (a) = (b); __t; })
1672
1673 spin_lock_bh(&sk->sk_receive_queue.lock);
1674 pg_vec = XC(po->pg_vec, pg_vec);
1675 po->frame_max = req->tp_frame_nr-1;
1676 po->head = 0;
1677 po->frame_size = req->tp_frame_size;
1678 spin_unlock_bh(&sk->sk_receive_queue.lock);
1679
1680 order = XC(po->pg_vec_order, order);
1681 req->tp_block_nr = XC(po->pg_vec_len, req->tp_block_nr);
1682
1683 po->pg_vec_pages = req->tp_block_size/PAGE_SIZE;
1684 po->prot_hook.func = po->pg_vec ? tpacket_rcv : packet_rcv;
1685 skb_queue_purge(&sk->sk_receive_queue);
1686#undef XC
1687 if (atomic_read(&po->mapped))
1688 printk(KERN_DEBUG "packet_mmap: vma is busy: %d\n", atomic_read(&po->mapped));
1689 }
1690
1691 spin_lock(&po->bind_lock);
1692 if (was_running && !po->running) {
1693 sock_hold(sk);
1694 po->running = 1;
1695 po->num = num;
1696 dev_add_pack(&po->prot_hook);
1697 }
1698 spin_unlock(&po->bind_lock);
1699
1700 release_sock(sk);
1701
1702out_free_pgvec:
1703 if (pg_vec)
1704 free_pg_vec(pg_vec, order, req->tp_block_nr);
1705out:
1706 return err;
1707}
1708
1709static int packet_mmap(struct file *file, struct socket *sock, struct vm_area_struct *vma)
1710{
1711 struct sock *sk = sock->sk;
1712 struct packet_sock *po = pkt_sk(sk);
1713 unsigned long size;
1714 unsigned long start;
1715 int err = -EINVAL;
1716 int i;
1717
1718 if (vma->vm_pgoff)
1719 return -EINVAL;
1720
1721 size = vma->vm_end - vma->vm_start;
1722
1723 lock_sock(sk);
1724 if (po->pg_vec == NULL)
1725 goto out;
1726 if (size != po->pg_vec_len*po->pg_vec_pages*PAGE_SIZE)
1727 goto out;
1728
1729 atomic_inc(&po->mapped);
1730 start = vma->vm_start;
1731 err = -EAGAIN;
1732 for (i=0; i<po->pg_vec_len; i++) {
1733 if (remap_pfn_range(vma, start,
1734 __pa(po->pg_vec[i]) >> PAGE_SHIFT,
1735 po->pg_vec_pages*PAGE_SIZE,
1736 vma->vm_page_prot))
1737 goto out;
1738 start += po->pg_vec_pages*PAGE_SIZE;
1739 }
1740 vma->vm_ops = &packet_mmap_ops;
1741 err = 0;
1742
1743out:
1744 release_sock(sk);
1745 return err;
1746}
1747#endif
1748
1749
1750#ifdef CONFIG_SOCK_PACKET
1751static struct proto_ops packet_ops_spkt = {
1752 .family = PF_PACKET,
1753 .owner = THIS_MODULE,
1754 .release = packet_release,
1755 .bind = packet_bind_spkt,
1756 .connect = sock_no_connect,
1757 .socketpair = sock_no_socketpair,
1758 .accept = sock_no_accept,
1759 .getname = packet_getname_spkt,
1760 .poll = datagram_poll,
1761 .ioctl = packet_ioctl,
1762 .listen = sock_no_listen,
1763 .shutdown = sock_no_shutdown,
1764 .setsockopt = sock_no_setsockopt,
1765 .getsockopt = sock_no_getsockopt,
1766 .sendmsg = packet_sendmsg_spkt,
1767 .recvmsg = packet_recvmsg,
1768 .mmap = sock_no_mmap,
1769 .sendpage = sock_no_sendpage,
1770};
1771#endif
1772
1773static struct proto_ops packet_ops = {
1774 .family = PF_PACKET,
1775 .owner = THIS_MODULE,
1776 .release = packet_release,
1777 .bind = packet_bind,
1778 .connect = sock_no_connect,
1779 .socketpair = sock_no_socketpair,
1780 .accept = sock_no_accept,
1781 .getname = packet_getname,
1782 .poll = packet_poll,
1783 .ioctl = packet_ioctl,
1784 .listen = sock_no_listen,
1785 .shutdown = sock_no_shutdown,
1786 .setsockopt = packet_setsockopt,
1787 .getsockopt = packet_getsockopt,
1788 .sendmsg = packet_sendmsg,
1789 .recvmsg = packet_recvmsg,
1790 .mmap = packet_mmap,
1791 .sendpage = sock_no_sendpage,
1792};
1793
1794static struct net_proto_family packet_family_ops = {
1795 .family = PF_PACKET,
1796 .create = packet_create,
1797 .owner = THIS_MODULE,
1798};
1799
1800static struct notifier_block packet_netdev_notifier = {
1801 .notifier_call =packet_notifier,
1802};
1803
1804#ifdef CONFIG_PROC_FS
1805static inline struct sock *packet_seq_idx(loff_t off)
1806{
1807 struct sock *s;
1808 struct hlist_node *node;
1809
1810 sk_for_each(s, node, &packet_sklist) {
1811 if (!off--)
1812 return s;
1813 }
1814 return NULL;
1815}
1816
1817static void *packet_seq_start(struct seq_file *seq, loff_t *pos)
1818{
1819 read_lock(&packet_sklist_lock);
1820 return *pos ? packet_seq_idx(*pos - 1) : SEQ_START_TOKEN;
1821}
1822
1823static void *packet_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1824{
1825 ++*pos;
1826 return (v == SEQ_START_TOKEN)
1827 ? sk_head(&packet_sklist)
1828 : sk_next((struct sock*)v) ;
1829}
1830
1831static void packet_seq_stop(struct seq_file *seq, void *v)
1832{
1833 read_unlock(&packet_sklist_lock);
1834}
1835
1836static int packet_seq_show(struct seq_file *seq, void *v)
1837{
1838 if (v == SEQ_START_TOKEN)
1839 seq_puts(seq, "sk RefCnt Type Proto Iface R Rmem User Inode\n");
1840 else {
1841 struct sock *s = v;
1842 const struct packet_sock *po = pkt_sk(s);
1843
1844 seq_printf(seq,
1845 "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n",
1846 s,
1847 atomic_read(&s->sk_refcnt),
1848 s->sk_type,
1849 ntohs(po->num),
1850 po->ifindex,
1851 po->running,
1852 atomic_read(&s->sk_rmem_alloc),
1853 sock_i_uid(s),
1854 sock_i_ino(s) );
1855 }
1856
1857 return 0;
1858}
1859
1860static struct seq_operations packet_seq_ops = {
1861 .start = packet_seq_start,
1862 .next = packet_seq_next,
1863 .stop = packet_seq_stop,
1864 .show = packet_seq_show,
1865};
1866
1867static int packet_seq_open(struct inode *inode, struct file *file)
1868{
1869 return seq_open(file, &packet_seq_ops);
1870}
1871
1872static struct file_operations packet_seq_fops = {
1873 .owner = THIS_MODULE,
1874 .open = packet_seq_open,
1875 .read = seq_read,
1876 .llseek = seq_lseek,
1877 .release = seq_release,
1878};
1879
1880#endif
1881
1882static void __exit packet_exit(void)
1883{
1884 proc_net_remove("packet");
1885 unregister_netdevice_notifier(&packet_netdev_notifier);
1886 sock_unregister(PF_PACKET);
1887 proto_unregister(&packet_proto);
1888}
1889
1890static int __init packet_init(void)
1891{
1892 int rc = proto_register(&packet_proto, 0);
1893
1894 if (rc != 0)
1895 goto out;
1896
1897 sock_register(&packet_family_ops);
1898 register_netdevice_notifier(&packet_netdev_notifier);
1899 proc_net_fops_create("packet", 0, &packet_seq_fops);
1900out:
1901 return rc;
1902}
1903
1904module_init(packet_init);
1905module_exit(packet_exit);
1906MODULE_LICENSE("GPL");
1907MODULE_ALIAS_NETPROTO(PF_PACKET);