projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
netlink: implement memory mapped recvmsg()
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / netlink / af_netlink.c
CommitLineData
1da177e4
LT		 1/*
2 * NETLINK Kernel-user communication protocol.
3 *
113aa838 4 * Authors: Alan Cox <alan@lxorguk.ukuu.org.uk>
1da177e4
LT		 5 * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
6 *
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version
10 * 2 of the License, or (at your option) any later version.
746fac4d 11 *
1da177e4
LT		 12 * Tue Jun 26 14:36:48 MEST 2001 Herbert "herp" Rosmanith
13 * added netlink_proto_exit
14 * Tue Jan 22 18:32:44 BRST 2002 Arnaldo C. de Melo <acme@conectiva.com.br>
15 * use nlk_sk, as sk->protinfo is on a diet 8)
4fdb3bb7
HW		 16 * Fri Jul 22 19:51:12 MEST 2005 Harald Welte <laforge@gnumonks.org>
17 * - inc module use count of module that owns
18 * the kernel socket in case userspace opens
19 * socket of same protocol
20 * - remove all module support, since netlink is
21 * mandatory if CONFIG_NET=y these days
1da177e4
LT		 22 */
23
1da177e4
LT		 24#include <linux/module.h>
25
4fc268d2 26#include <linux/capability.h>
1da177e4
LT		 27#include <linux/kernel.h>
28#include <linux/init.h>
1da177e4
LT		 29#include <linux/signal.h>
30#include <linux/sched.h>
31#include <linux/errno.h>
32#include <linux/string.h>
33#include <linux/stat.h>
34#include <linux/socket.h>
35#include <linux/un.h>
36#include <linux/fcntl.h>
37#include <linux/termios.h>
38#include <linux/sockios.h>
39#include <linux/net.h>
40#include <linux/fs.h>
41#include <linux/slab.h>
42#include <asm/uaccess.h>
43#include <linux/skbuff.h>
44#include <linux/netdevice.h>
45#include <linux/rtnetlink.h>
46#include <linux/proc_fs.h>
47#include <linux/seq_file.h>
1da177e4
LT		 48#include <linux/notifier.h>
49#include <linux/security.h>
50#include <linux/jhash.h>
51#include <linux/jiffies.h>
52#include <linux/random.h>
53#include <linux/bitops.h>
54#include <linux/mm.h>
55#include <linux/types.h>
54e0f520 56#include <linux/audit.h>
af65bdfc 57#include <linux/mutex.h>
ccdfcc39 58#include <linux/vmalloc.h>
9652e931 59#include <asm/cacheflush.h>
54e0f520 60
457c4cbc 61#include <net/net_namespace.h>
1da177e4
LT		 62#include <net/sock.h>
63#include <net/scm.h>
82ace47a 64#include <net/netlink.h>
1da177e4 65
0f29c768 66#include "af_netlink.h"
1da177e4 67
5c398dc8
ED		 68struct listeners {
69 struct rcu_head rcu;
70 unsigned long masks[0];
6c04bb18
JB		 71};
72
cd967e05
PM		 73/* state bits */
74#define NETLINK_CONGESTED 0x0
75
76/* flags */
77247bbb 77#define NETLINK_KERNEL_SOCKET 0x1
9a4595bc 78#define NETLINK_RECV_PKTINFO 0x2
be0c22a4 79#define NETLINK_BROADCAST_SEND_ERROR 0x4
38938bfe 80#define NETLINK_RECV_NO_ENOBUFS 0x8
77247bbb 81
035c4c16 82static inline int netlink_is_kernel(struct sock *sk)
aed81560
DL		 83{
84 return nlk_sk(sk)->flags & NETLINK_KERNEL_SOCKET;
85}
86
0f29c768
AV		 87struct netlink_table *nl_table;
88EXPORT_SYMBOL_GPL(nl_table);
1da177e4
LT		 89
90static DECLARE_WAIT_QUEUE_HEAD(nl_table_wait);
91
92static int netlink_dump(struct sock *sk);
9652e931 93static void netlink_skb_destructor(struct sk_buff *skb);
1da177e4 94
0f29c768
AV		 95DEFINE_RWLOCK(nl_table_lock);
96EXPORT_SYMBOL_GPL(nl_table_lock);
1da177e4
LT		 97static atomic_t nl_table_users = ATOMIC_INIT(0);
98
6d772ac5
ED		 99#define nl_deref_protected(X) rcu_dereference_protected(X, lockdep_is_held(&nl_table_lock));
100
e041c683 101static ATOMIC_NOTIFIER_HEAD(netlink_chain);
1da177e4 102
b57ef81f 103static inline u32 netlink_group_mask(u32 group)
d629b836
PM		 104{
105 return group ? 1 << (group - 1) : 0;
106}
107
15e47304 108static inline struct hlist_head *nl_portid_hashfn(struct nl_portid_hash *hash, u32 portid)
1da177e4 109{
15e47304 110 return &hash->table[jhash_1word(portid, hash->rnd) & hash->mask];
1da177e4
LT		 111}
112
ccdfcc39 113#ifdef CONFIG_NETLINK_MMAP
9652e931
PM		 114static bool netlink_skb_is_mmaped(const struct sk_buff *skb)
115{
116 return NETLINK_CB(skb).flags & NETLINK_SKB_MMAPED;
117}
118
f9c22888
PM		 119static bool netlink_rx_is_mmaped(struct sock *sk)
120{
121 return nlk_sk(sk)->rx_ring.pg_vec != NULL;
122}
123
5fd96123
PM		 124static bool netlink_tx_is_mmaped(struct sock *sk)
125{
126 return nlk_sk(sk)->tx_ring.pg_vec != NULL;
127}
128
ccdfcc39
PM		 129static __pure struct page *pgvec_to_page(const void *addr)
130{
131 if (is_vmalloc_addr(addr))
132 return vmalloc_to_page(addr);
133 else
134 return virt_to_page(addr);
135}
136
137static void free_pg_vec(void **pg_vec, unsigned int order, unsigned int len)
138{
139 unsigned int i;
140
141 for (i = 0; i < len; i++) {
142 if (pg_vec[i] != NULL) {
143 if (is_vmalloc_addr(pg_vec[i]))
144 vfree(pg_vec[i]);
145 else
146 free_pages((unsigned long)pg_vec[i], order);
147 }
148 }
149 kfree(pg_vec);
150}
151
152static void *alloc_one_pg_vec_page(unsigned long order)
153{
154 void *buffer;
155 gfp_t gfp_flags = GFP_KERNEL | __GFP_COMP | __GFP_ZERO |
156 __GFP_NOWARN | __GFP_NORETRY;
157
158 buffer = (void *)__get_free_pages(gfp_flags, order);
159 if (buffer != NULL)
160 return buffer;
161
162 buffer = vzalloc((1 << order) * PAGE_SIZE);
163 if (buffer != NULL)
164 return buffer;
165
166 gfp_flags &= ~__GFP_NORETRY;
167 return (void *)__get_free_pages(gfp_flags, order);
168}
169
170static void **alloc_pg_vec(struct netlink_sock *nlk,
171 struct nl_mmap_req *req, unsigned int order)
172{
173 unsigned int block_nr = req->nm_block_nr;
174 unsigned int i;
175 void **pg_vec, *ptr;
176
177 pg_vec = kcalloc(block_nr, sizeof(void *), GFP_KERNEL);
178 if (pg_vec == NULL)
179 return NULL;
180
181 for (i = 0; i < block_nr; i++) {
182 pg_vec[i] = ptr = alloc_one_pg_vec_page(order);
183 if (pg_vec[i] == NULL)
184 goto err1;
185 }
186
187 return pg_vec;
188err1:
189 free_pg_vec(pg_vec, order, block_nr);
190 return NULL;
191}
192
193static int netlink_set_ring(struct sock *sk, struct nl_mmap_req *req,
194 bool closing, bool tx_ring)
195{
196 struct netlink_sock *nlk = nlk_sk(sk);
197 struct netlink_ring *ring;
198 struct sk_buff_head *queue;
199 void **pg_vec = NULL;
200 unsigned int order = 0;
201 int err;
202
203 ring = tx_ring ? &nlk->tx_ring : &nlk->rx_ring;
204 queue = tx_ring ? &sk->sk_write_queue : &sk->sk_receive_queue;
205
206 if (!closing) {
207 if (atomic_read(&nlk->mapped))
208 return -EBUSY;
209 if (atomic_read(&ring->pending))
210 return -EBUSY;
211 }
212
213 if (req->nm_block_nr) {
214 if (ring->pg_vec != NULL)
215 return -EBUSY;
216
217 if ((int)req->nm_block_size <= 0)
218 return -EINVAL;
219 if (!IS_ALIGNED(req->nm_block_size, PAGE_SIZE))
220 return -EINVAL;
221 if (req->nm_frame_size < NL_MMAP_HDRLEN)
222 return -EINVAL;
223 if (!IS_ALIGNED(req->nm_frame_size, NL_MMAP_MSG_ALIGNMENT))
224 return -EINVAL;
225
226 ring->frames_per_block = req->nm_block_size /
227 req->nm_frame_size;
228 if (ring->frames_per_block == 0)
229 return -EINVAL;
230 if (ring->frames_per_block * req->nm_block_nr !=
231 req->nm_frame_nr)
232 return -EINVAL;
233
234 order = get_order(req->nm_block_size);
235 pg_vec = alloc_pg_vec(nlk, req, order);
236 if (pg_vec == NULL)
237 return -ENOMEM;
238 } else {
239 if (req->nm_frame_nr)
240 return -EINVAL;
241 }
242
243 err = -EBUSY;
244 mutex_lock(&nlk->pg_vec_lock);
245 if (closing || atomic_read(&nlk->mapped) == 0) {
246 err = 0;
247 spin_lock_bh(&queue->lock);
248
249 ring->frame_max = req->nm_frame_nr - 1;
250 ring->head = 0;
251 ring->frame_size = req->nm_frame_size;
252 ring->pg_vec_pages = req->nm_block_size / PAGE_SIZE;
253
254 swap(ring->pg_vec_len, req->nm_block_nr);
255 swap(ring->pg_vec_order, order);
256 swap(ring->pg_vec, pg_vec);
257
258 __skb_queue_purge(queue);
259 spin_unlock_bh(&queue->lock);
260
261 WARN_ON(atomic_read(&nlk->mapped));
262 }
263 mutex_unlock(&nlk->pg_vec_lock);
264
265 if (pg_vec)
266 free_pg_vec(pg_vec, order, req->nm_block_nr);
267 return err;
268}
269
270static void netlink_mm_open(struct vm_area_struct *vma)
271{
272 struct file *file = vma->vm_file;
273 struct socket *sock = file->private_data;
274 struct sock *sk = sock->sk;
275
276 if (sk)
277 atomic_inc(&nlk_sk(sk)->mapped);
278}
279
280static void netlink_mm_close(struct vm_area_struct *vma)
281{
282 struct file *file = vma->vm_file;
283 struct socket *sock = file->private_data;
284 struct sock *sk = sock->sk;
285
286 if (sk)
287 atomic_dec(&nlk_sk(sk)->mapped);
288}
289
290static const struct vm_operations_struct netlink_mmap_ops = {
291 .open = netlink_mm_open,
292 .close = netlink_mm_close,
293};
294
295static int netlink_mmap(struct file *file, struct socket *sock,
296 struct vm_area_struct *vma)
297{
298 struct sock *sk = sock->sk;
299 struct netlink_sock *nlk = nlk_sk(sk);
300 struct netlink_ring *ring;
301 unsigned long start, size, expected;
302 unsigned int i;
303 int err = -EINVAL;
304
305 if (vma->vm_pgoff)
306 return -EINVAL;
307
308 mutex_lock(&nlk->pg_vec_lock);
309
310 expected = 0;
311 for (ring = &nlk->rx_ring; ring <= &nlk->tx_ring; ring++) {
312 if (ring->pg_vec == NULL)
313 continue;
314 expected += ring->pg_vec_len * ring->pg_vec_pages * PAGE_SIZE;
315 }
316
317 if (expected == 0)
318 goto out;
319
320 size = vma->vm_end - vma->vm_start;
321 if (size != expected)
322 goto out;
323
324 start = vma->vm_start;
325 for (ring = &nlk->rx_ring; ring <= &nlk->tx_ring; ring++) {
326 if (ring->pg_vec == NULL)
327 continue;
328
329 for (i = 0; i < ring->pg_vec_len; i++) {
330 struct page *page;
331 void *kaddr = ring->pg_vec[i];
332 unsigned int pg_num;
333
334 for (pg_num = 0; pg_num < ring->pg_vec_pages; pg_num++) {
335 page = pgvec_to_page(kaddr);
336 err = vm_insert_page(vma, start, page);
337 if (err < 0)
338 goto out;
339 start += PAGE_SIZE;
340 kaddr += PAGE_SIZE;
341 }
342 }
343 }
344
345 atomic_inc(&nlk->mapped);
346 vma->vm_ops = &netlink_mmap_ops;
347 err = 0;
348out:
349 mutex_unlock(&nlk->pg_vec_lock);
350 return 0;
351}
9652e931
PM		 352
353static void netlink_frame_flush_dcache(const struct nl_mmap_hdr *hdr)
354{
355#if ARCH_IMPLEMENTS_FLUSH_DCACHE_PAGE == 1
356 struct page *p_start, *p_end;
357
358 /* First page is flushed through netlink_{get,set}_status */
359 p_start = pgvec_to_page(hdr + PAGE_SIZE);
360 p_end = pgvec_to_page((void *)hdr + NL_MMAP_MSG_HDRLEN + hdr->nm_len - 1);
361 while (p_start <= p_end) {
362 flush_dcache_page(p_start);
363 p_start++;
364 }
365#endif
366}
367
368static enum nl_mmap_status netlink_get_status(const struct nl_mmap_hdr *hdr)
369{
370 smp_rmb();
371 flush_dcache_page(pgvec_to_page(hdr));
372 return hdr->nm_status;
373}
374
375static void netlink_set_status(struct nl_mmap_hdr *hdr,
376 enum nl_mmap_status status)
377{
378 hdr->nm_status = status;
379 flush_dcache_page(pgvec_to_page(hdr));
380 smp_wmb();
381}
382
383static struct nl_mmap_hdr *
384__netlink_lookup_frame(const struct netlink_ring *ring, unsigned int pos)
385{
386 unsigned int pg_vec_pos, frame_off;
387
388 pg_vec_pos = pos / ring->frames_per_block;
389 frame_off = pos % ring->frames_per_block;
390
391 return ring->pg_vec[pg_vec_pos] + (frame_off * ring->frame_size);
392}
393
394static struct nl_mmap_hdr *
395netlink_lookup_frame(const struct netlink_ring *ring, unsigned int pos,
396 enum nl_mmap_status status)
397{
398 struct nl_mmap_hdr *hdr;
399
400 hdr = __netlink_lookup_frame(ring, pos);
401 if (netlink_get_status(hdr) != status)
402 return NULL;
403
404 return hdr;
405}
406
407static struct nl_mmap_hdr *
408netlink_current_frame(const struct netlink_ring *ring,
409 enum nl_mmap_status status)
410{
411 return netlink_lookup_frame(ring, ring->head, status);
412}
413
414static struct nl_mmap_hdr *
415netlink_previous_frame(const struct netlink_ring *ring,
416 enum nl_mmap_status status)
417{
418 unsigned int prev;
419
420 prev = ring->head ? ring->head - 1 : ring->frame_max;
421 return netlink_lookup_frame(ring, prev, status);
422}
423
424static void netlink_increment_head(struct netlink_ring *ring)
425{
426 ring->head = ring->head != ring->frame_max ? ring->head + 1 : 0;
427}
428
429static void netlink_forward_ring(struct netlink_ring *ring)
430{
431 unsigned int head = ring->head, pos = head;
432 const struct nl_mmap_hdr *hdr;
433
434 do {
435 hdr = __netlink_lookup_frame(ring, pos);
436 if (hdr->nm_status == NL_MMAP_STATUS_UNUSED)
437 break;
438 if (hdr->nm_status != NL_MMAP_STATUS_SKIP)
439 break;
440 netlink_increment_head(ring);
441 } while (ring->head != head);
442}
443
444static unsigned int netlink_poll(struct file *file, struct socket *sock,
445 poll_table *wait)
446{
447 struct sock *sk = sock->sk;
448 struct netlink_sock *nlk = nlk_sk(sk);
449 unsigned int mask;
450
5fd96123
PM		 451 if (nlk->cb != NULL && nlk->rx_ring.pg_vec != NULL)
452 netlink_dump(sk);
453
9652e931
PM		 454 mask = datagram_poll(file, sock, wait);
455
456 spin_lock_bh(&sk->sk_receive_queue.lock);
457 if (nlk->rx_ring.pg_vec) {
458 netlink_forward_ring(&nlk->rx_ring);
459 if (!netlink_previous_frame(&nlk->rx_ring, NL_MMAP_STATUS_UNUSED))
460 mask |= POLLIN | POLLRDNORM;
461 }
462 spin_unlock_bh(&sk->sk_receive_queue.lock);
463
464 spin_lock_bh(&sk->sk_write_queue.lock);
465 if (nlk->tx_ring.pg_vec) {
466 if (netlink_current_frame(&nlk->tx_ring, NL_MMAP_STATUS_UNUSED))
467 mask |= POLLOUT | POLLWRNORM;
468 }
469 spin_unlock_bh(&sk->sk_write_queue.lock);
470
471 return mask;
472}
473
474static struct nl_mmap_hdr *netlink_mmap_hdr(struct sk_buff *skb)
475{
476 return (struct nl_mmap_hdr *)(skb->head - NL_MMAP_HDRLEN);
477}
478
479static void netlink_ring_setup_skb(struct sk_buff *skb, struct sock *sk,
480 struct netlink_ring *ring,
481 struct nl_mmap_hdr *hdr)
482{
483 unsigned int size;
484 void *data;
485
486 size = ring->frame_size - NL_MMAP_HDRLEN;
487 data = (void *)hdr + NL_MMAP_HDRLEN;
488
489 skb->head = data;
490 skb->data = data;
491 skb_reset_tail_pointer(skb);
492 skb->end = skb->tail + size;
493 skb->len = 0;
494
495 skb->destructor = netlink_skb_destructor;
496 NETLINK_CB(skb).flags |= NETLINK_SKB_MMAPED;
497 NETLINK_CB(skb).sk = sk;
498}
5fd96123
PM		 499
500static int netlink_mmap_sendmsg(struct sock *sk, struct msghdr *msg,
501 u32 dst_portid, u32 dst_group,
502 struct sock_iocb *siocb)
503{
504 struct netlink_sock *nlk = nlk_sk(sk);
505 struct netlink_ring *ring;
506 struct nl_mmap_hdr *hdr;
507 struct sk_buff *skb;
508 unsigned int maxlen;
509 bool excl = true;
510 int err = 0, len = 0;
511
512 /* Netlink messages are validated by the receiver before processing.
513 * In order to avoid userspace changing the contents of the message
514 * after validation, the socket and the ring may only be used by a
515 * single process, otherwise we fall back to copying.
516 */
517 if (atomic_long_read(&sk->sk_socket->file->f_count) > 2 ||
518 atomic_read(&nlk->mapped) > 1)
519 excl = false;
520
521 mutex_lock(&nlk->pg_vec_lock);
522
523 ring = &nlk->tx_ring;
524 maxlen = ring->frame_size - NL_MMAP_HDRLEN;
525
526 do {
527 hdr = netlink_current_frame(ring, NL_MMAP_STATUS_VALID);
528 if (hdr == NULL) {
529 if (!(msg->msg_flags & MSG_DONTWAIT) &&
530 atomic_read(&nlk->tx_ring.pending))
531 schedule();
532 continue;
533 }
534 if (hdr->nm_len > maxlen) {
535 err = -EINVAL;
536 goto out;
537 }
538
539 netlink_frame_flush_dcache(hdr);
540
541 if (likely(dst_portid == 0 && dst_group == 0 && excl)) {
542 skb = alloc_skb_head(GFP_KERNEL);
543 if (skb == NULL) {
544 err = -ENOBUFS;
545 goto out;
546 }
547 sock_hold(sk);
548 netlink_ring_setup_skb(skb, sk, ring, hdr);
549 NETLINK_CB(skb).flags |= NETLINK_SKB_TX;
550 __skb_put(skb, hdr->nm_len);
551 netlink_set_status(hdr, NL_MMAP_STATUS_RESERVED);
552 atomic_inc(&ring->pending);
553 } else {
554 skb = alloc_skb(hdr->nm_len, GFP_KERNEL);
555 if (skb == NULL) {
556 err = -ENOBUFS;
557 goto out;
558 }
559 __skb_put(skb, hdr->nm_len);
560 memcpy(skb->data, (void *)hdr + NL_MMAP_HDRLEN, hdr->nm_len);
561 netlink_set_status(hdr, NL_MMAP_STATUS_UNUSED);
562 }
563
564 netlink_increment_head(ring);
565
566 NETLINK_CB(skb).portid = nlk->portid;
567 NETLINK_CB(skb).dst_group = dst_group;
568 NETLINK_CB(skb).creds = siocb->scm->creds;
569
570 err = security_netlink_send(sk, skb);
571 if (err) {
572 kfree_skb(skb);
573 goto out;
574 }
575
576 if (unlikely(dst_group)) {
577 atomic_inc(&skb->users);
578 netlink_broadcast(sk, skb, dst_portid, dst_group,
579 GFP_KERNEL);
580 }
581 err = netlink_unicast(sk, skb, dst_portid,
582 msg->msg_flags & MSG_DONTWAIT);
583 if (err < 0)
584 goto out;
585 len += err;
586
587 } while (hdr != NULL ||
588 (!(msg->msg_flags & MSG_DONTWAIT) &&
589 atomic_read(&nlk->tx_ring.pending)));
590
591 if (len > 0)
592 err = len;
593out:
594 mutex_unlock(&nlk->pg_vec_lock);
595 return err;
596}
f9c22888
PM		 597
598static void netlink_queue_mmaped_skb(struct sock *sk, struct sk_buff *skb)
599{
600 struct nl_mmap_hdr *hdr;
601
602 hdr = netlink_mmap_hdr(skb);
603 hdr->nm_len = skb->len;
604 hdr->nm_group = NETLINK_CB(skb).dst_group;
605 hdr->nm_pid = NETLINK_CB(skb).creds.pid;
606 hdr->nm_uid = NETLINK_CB(skb).creds.uid;
607 hdr->nm_gid = NETLINK_CB(skb).creds.gid;
608 netlink_frame_flush_dcache(hdr);
609 netlink_set_status(hdr, NL_MMAP_STATUS_VALID);
610
611 NETLINK_CB(skb).flags |= NETLINK_SKB_DELIVERED;
612 kfree_skb(skb);
613}
614
615static void netlink_ring_set_copied(struct sock *sk, struct sk_buff *skb)
616{
617 struct netlink_sock *nlk = nlk_sk(sk);
618 struct netlink_ring *ring = &nlk->rx_ring;
619 struct nl_mmap_hdr *hdr;
620
621 spin_lock_bh(&sk->sk_receive_queue.lock);
622 hdr = netlink_current_frame(ring, NL_MMAP_STATUS_UNUSED);
623 if (hdr == NULL) {
624 spin_unlock_bh(&sk->sk_receive_queue.lock);
625 kfree_skb(skb);
626 sk->sk_err = ENOBUFS;
627 sk->sk_error_report(sk);
628 return;
629 }
630 netlink_increment_head(ring);
631 __skb_queue_tail(&sk->sk_receive_queue, skb);
632 spin_unlock_bh(&sk->sk_receive_queue.lock);
633
634 hdr->nm_len = skb->len;
635 hdr->nm_group = NETLINK_CB(skb).dst_group;
636 hdr->nm_pid = NETLINK_CB(skb).creds.pid;
637 hdr->nm_uid = NETLINK_CB(skb).creds.uid;
638 hdr->nm_gid = NETLINK_CB(skb).creds.gid;
639 netlink_set_status(hdr, NL_MMAP_STATUS_COPY);
640}
641
ccdfcc39 642#else /* CONFIG_NETLINK_MMAP */
9652e931 643#define netlink_skb_is_mmaped(skb) false
f9c22888 644#define netlink_rx_is_mmaped(sk) false
5fd96123 645#define netlink_tx_is_mmaped(sk) false
ccdfcc39 646#define netlink_mmap sock_no_mmap
9652e931 647#define netlink_poll datagram_poll
5fd96123 648#define netlink_mmap_sendmsg(sk, msg, dst_portid, dst_group, siocb) 0
ccdfcc39
PM		 649#endif /* CONFIG_NETLINK_MMAP */
650
658cb354
ED		 651static void netlink_destroy_callback(struct netlink_callback *cb)
652{
653 kfree_skb(cb->skb);
654 kfree(cb);
655}
656
bfb253c9
ED		 657static void netlink_consume_callback(struct netlink_callback *cb)
658{
659 consume_skb(cb->skb);
660 kfree(cb);
661}
662
cf0a018a
PM		 663static void netlink_skb_destructor(struct sk_buff *skb)
664{
9652e931
PM		 665#ifdef CONFIG_NETLINK_MMAP
666 struct nl_mmap_hdr *hdr;
667 struct netlink_ring *ring;
668 struct sock *sk;
669
670 /* If a packet from the kernel to userspace was freed because of an
671 * error without being delivered to userspace, the kernel must reset
672 * the status. In the direction userspace to kernel, the status is
673 * always reset here after the packet was processed and freed.
674 */
675 if (netlink_skb_is_mmaped(skb)) {
676 hdr = netlink_mmap_hdr(skb);
677 sk = NETLINK_CB(skb).sk;
678
5fd96123
PM		 679 if (NETLINK_CB(skb).flags & NETLINK_SKB_TX) {
680 netlink_set_status(hdr, NL_MMAP_STATUS_UNUSED);
681 ring = &nlk_sk(sk)->tx_ring;
682 } else {
683 if (!(NETLINK_CB(skb).flags & NETLINK_SKB_DELIVERED)) {
684 hdr->nm_len = 0;
685 netlink_set_status(hdr, NL_MMAP_STATUS_VALID);
686 }
687 ring = &nlk_sk(sk)->rx_ring;
9652e931 688 }
9652e931
PM		 689
690 WARN_ON(atomic_read(&ring->pending) == 0);
691 atomic_dec(&ring->pending);
692 sock_put(sk);
693
694 skb->data = NULL;
695 }
696#endif
697 if (skb->sk != NULL)
698 sock_rfree(skb);
cf0a018a
PM		 699}
700
701static void netlink_skb_set_owner_r(struct sk_buff *skb, struct sock *sk)
702{
703 WARN_ON(skb->sk != NULL);
704 skb->sk = sk;
705 skb->destructor = netlink_skb_destructor;
706 atomic_add(skb->truesize, &sk->sk_rmem_alloc);
707 sk_mem_charge(sk, skb->truesize);
708}
709
1da177e4
LT		 710static void netlink_sock_destruct(struct sock *sk)
711{
3f660d66
HX		 712 struct netlink_sock *nlk = nlk_sk(sk);
713
3f660d66
HX		 714 if (nlk->cb) {
715 if (nlk->cb->done)
716 nlk->cb->done(nlk->cb);
6dc878a8
G		 717
718 module_put(nlk->cb->module);
3f660d66
HX		 719 netlink_destroy_callback(nlk->cb);
720 }
721
1da177e4 722 skb_queue_purge(&sk->sk_receive_queue);
ccdfcc39
PM		 723#ifdef CONFIG_NETLINK_MMAP
724 if (1) {
725 struct nl_mmap_req req;
726
727 memset(&req, 0, sizeof(req));
728 if (nlk->rx_ring.pg_vec)
729 netlink_set_ring(sk, &req, true, false);
730 memset(&req, 0, sizeof(req));
731 if (nlk->tx_ring.pg_vec)
732 netlink_set_ring(sk, &req, true, true);
733 }
734#endif /* CONFIG_NETLINK_MMAP */
1da177e4
LT		 735
736 if (!sock_flag(sk, SOCK_DEAD)) {
6ac552fd 737 printk(KERN_ERR "Freeing alive netlink socket %p\n", sk);
1da177e4
LT		 738 return;
739 }
547b792c
IJ		 740
741 WARN_ON(atomic_read(&sk->sk_rmem_alloc));
742 WARN_ON(atomic_read(&sk->sk_wmem_alloc));
743 WARN_ON(nlk_sk(sk)->groups);
1da177e4
LT		 744}
745
6ac552fd
PM		 746/* This lock without WQ_FLAG_EXCLUSIVE is good on UP and it is _very_ bad on
747 * SMP. Look, when several writers sleep and reader wakes them up, all but one
1da177e4
LT		 748 * immediately hit write lock and grab all the cpus. Exclusive sleep solves
749 * this, _but_ remember, it adds useless work on UP machines.
750 */
751
d136f1bd 752void netlink_table_grab(void)
9a429c49 753 __acquires(nl_table_lock)
1da177e4 754{
d136f1bd
JB		 755 might_sleep();
756
6abd219c 757 write_lock_irq(&nl_table_lock);
1da177e4
LT		 758
759 if (atomic_read(&nl_table_users)) {
760 DECLARE_WAITQUEUE(wait, current);
761
762 add_wait_queue_exclusive(&nl_table_wait, &wait);
6ac552fd 763 for (;;) {
1da177e4
LT		 764 set_current_state(TASK_UNINTERRUPTIBLE);
765 if (atomic_read(&nl_table_users) == 0)
766 break;
6abd219c 767 write_unlock_irq(&nl_table_lock);
1da177e4 768 schedule();
6abd219c 769 write_lock_irq(&nl_table_lock);
1da177e4
LT		 770 }
771
772 __set_current_state(TASK_RUNNING);
773 remove_wait_queue(&nl_table_wait, &wait);
774 }
775}
776
d136f1bd 777void netlink_table_ungrab(void)
9a429c49 778 __releases(nl_table_lock)
1da177e4 779{
6abd219c 780 write_unlock_irq(&nl_table_lock);
1da177e4
LT		 781 wake_up(&nl_table_wait);
782}
783
6ac552fd 784static inline void
1da177e4
LT		 785netlink_lock_table(void)
786{
787 /* read_lock() synchronizes us to netlink_table_grab */
788
789 read_lock(&nl_table_lock);
790 atomic_inc(&nl_table_users);
791 read_unlock(&nl_table_lock);
792}
793
6ac552fd 794static inline void
1da177e4
LT		 795netlink_unlock_table(void)
796{
797 if (atomic_dec_and_test(&nl_table_users))
798 wake_up(&nl_table_wait);
799}
800
15e47304 801static struct sock *netlink_lookup(struct net *net, int protocol, u32 portid)
1da177e4 802{
15e47304 803 struct nl_portid_hash *hash = &nl_table[protocol].hash;
1da177e4
LT		 804 struct hlist_head *head;
805 struct sock *sk;
1da177e4
LT		 806
807 read_lock(&nl_table_lock);
15e47304 808 head = nl_portid_hashfn(hash, portid);
b67bfe0d 809 sk_for_each(sk, head) {
15e47304 810 if (net_eq(sock_net(sk), net) && (nlk_sk(sk)->portid == portid)) {
1da177e4
LT		 811 sock_hold(sk);
812 goto found;
813 }
814 }
815 sk = NULL;
816found:
817 read_unlock(&nl_table_lock);
818 return sk;
819}
820
15e47304 821static struct hlist_head *nl_portid_hash_zalloc(size_t size)
1da177e4
LT		 822{
823 if (size <= PAGE_SIZE)
ea72912c 824 return kzalloc(size, GFP_ATOMIC);
1da177e4
LT		 825 else
826 return (struct hlist_head *)
ea72912c
ED		 827 __get_free_pages(GFP_ATOMIC | __GFP_ZERO,
828 get_order(size));
1da177e4
LT		 829}
830
15e47304 831static void nl_portid_hash_free(struct hlist_head *table, size_t size)
1da177e4
LT		 832{
833 if (size <= PAGE_SIZE)
834 kfree(table);
835 else
836 free_pages((unsigned long)table, get_order(size));
837}
838
15e47304 839static int nl_portid_hash_rehash(struct nl_portid_hash *hash, int grow)
1da177e4
LT		 840{
841 unsigned int omask, mask, shift;
842 size_t osize, size;
843 struct hlist_head *otable, *table;
844 int i;
845
846 omask = mask = hash->mask;
847 osize = size = (mask + 1) * sizeof(*table);
848 shift = hash->shift;
849
850 if (grow) {
851 if (++shift > hash->max_shift)
852 return 0;
853 mask = mask * 2 + 1;
854 size *= 2;
855 }
856
15e47304 857 table = nl_portid_hash_zalloc(size);
1da177e4
LT		 858 if (!table)
859 return 0;
860
1da177e4
LT		 861 otable = hash->table;
862 hash->table = table;
863 hash->mask = mask;
864 hash->shift = shift;
865 get_random_bytes(&hash->rnd, sizeof(hash->rnd));
866
867 for (i = 0; i <= omask; i++) {
868 struct sock *sk;
b67bfe0d 869 struct hlist_node *tmp;
1da177e4 870
b67bfe0d 871 sk_for_each_safe(sk, tmp, &otable[i])
15e47304 872 __sk_add_node(sk, nl_portid_hashfn(hash, nlk_sk(sk)->portid));
1da177e4
LT		 873 }
874
15e47304 875 nl_portid_hash_free(otable, osize);
1da177e4
LT		 876 hash->rehash_time = jiffies + 10 * 60 * HZ;
877 return 1;
878}
879
15e47304 880static inline int nl_portid_hash_dilute(struct nl_portid_hash *hash, int len)
1da177e4
LT		 881{
882 int avg = hash->entries >> hash->shift;
883
15e47304 884 if (unlikely(avg > 1) && nl_portid_hash_rehash(hash, 1))
1da177e4
LT		 885 return 1;
886
887 if (unlikely(len > avg) && time_after(jiffies, hash->rehash_time)) {
15e47304 888 nl_portid_hash_rehash(hash, 0);
1da177e4
LT		 889 return 1;
890 }
891
892 return 0;
893}
894
90ddc4f0 895static const struct proto_ops netlink_ops;
1da177e4 896
4277a083
PM		 897static void
898netlink_update_listeners(struct sock *sk)
899{
900 struct netlink_table *tbl = &nl_table[sk->sk_protocol];
4277a083
PM		 901 unsigned long mask;
902 unsigned int i;
6d772ac5
ED		 903 struct listeners *listeners;
904
905 listeners = nl_deref_protected(tbl->listeners);
906 if (!listeners)
907 return;
4277a083 908
b4ff4f04 909 for (i = 0; i < NLGRPLONGS(tbl->groups); i++) {
4277a083 910 mask = 0;
b67bfe0d 911 sk_for_each_bound(sk, &tbl->mc_list) {
b4ff4f04
JB		 912 if (i < NLGRPLONGS(nlk_sk(sk)->ngroups))
913 mask |= nlk_sk(sk)->groups[i];
914 }
6d772ac5 915 listeners->masks[i] = mask;
4277a083
PM		 916 }
917 /* this function is only called with the netlink table "grabbed", which
918 * makes sure updates are visible before bind or setsockopt return. */
919}
920
15e47304 921static int netlink_insert(struct sock *sk, struct net *net, u32 portid)
1da177e4 922{
15e47304 923 struct nl_portid_hash *hash = &nl_table[sk->sk_protocol].hash;
1da177e4
LT		 924 struct hlist_head *head;
925 int err = -EADDRINUSE;
926 struct sock *osk;
1da177e4
LT		 927 int len;
928
929 netlink_table_grab();
15e47304 930 head = nl_portid_hashfn(hash, portid);
1da177e4 931 len = 0;
b67bfe0d 932 sk_for_each(osk, head) {
15e47304 933 if (net_eq(sock_net(osk), net) && (nlk_sk(osk)->portid == portid))
1da177e4
LT		 934 break;
935 len++;
936 }
b67bfe0d 937 if (osk)
1da177e4
LT		 938 goto err;
939
940 err = -EBUSY;
15e47304 941 if (nlk_sk(sk)->portid)
1da177e4
LT		 942 goto err;
943
944 err = -ENOMEM;
945 if (BITS_PER_LONG > 32 && unlikely(hash->entries >= UINT_MAX))
946 goto err;
947
15e47304
EB		 948 if (len && nl_portid_hash_dilute(hash, len))
949 head = nl_portid_hashfn(hash, portid);
1da177e4 950 hash->entries++;
15e47304 951 nlk_sk(sk)->portid = portid;
1da177e4
LT		 952 sk_add_node(sk, head);
953 err = 0;
954
955err:
956 netlink_table_ungrab();
957 return err;
958}
959
960static void netlink_remove(struct sock *sk)
961{
962 netlink_table_grab();
d470e3b4
DM		 963 if (sk_del_node_init(sk))
964 nl_table[sk->sk_protocol].hash.entries--;
f7fa9b10 965 if (nlk_sk(sk)->subscriptions)
1da177e4
LT		 966 __sk_del_bind_node(sk);
967 netlink_table_ungrab();
968}
969
970static struct proto netlink_proto = {
971 .name = "NETLINK",
972 .owner = THIS_MODULE,
973 .obj_size = sizeof(struct netlink_sock),
974};
975
1b8d7ae4
EB		 976static int __netlink_create(struct net *net, struct socket *sock,
977 struct mutex *cb_mutex, int protocol)
1da177e4
LT		 978{
979 struct sock *sk;
980 struct netlink_sock *nlk;
ab33a171
PM		 981
982 sock->ops = &netlink_ops;
983
6257ff21 984 sk = sk_alloc(net, PF_NETLINK, GFP_KERNEL, &netlink_proto);
ab33a171
PM		 985 if (!sk)
986 return -ENOMEM;
987
988 sock_init_data(sock, sk);
989
990 nlk = nlk_sk(sk);
658cb354 991 if (cb_mutex) {
ffa4d721 992 nlk->cb_mutex = cb_mutex;
658cb354 993 } else {
ffa4d721
PM		 994 nlk->cb_mutex = &nlk->cb_def_mutex;
995 mutex_init(nlk->cb_mutex);
996 }
ab33a171 997 init_waitqueue_head(&nlk->wait);
ccdfcc39
PM		 998#ifdef CONFIG_NETLINK_MMAP
999 mutex_init(&nlk->pg_vec_lock);
1000#endif
ab33a171
PM		 1001
1002 sk->sk_destruct = netlink_sock_destruct;
1003 sk->sk_protocol = protocol;
1004 return 0;
1005}
1006
3f378b68
EP		 1007static int netlink_create(struct net *net, struct socket *sock, int protocol,
1008 int kern)
ab33a171
PM		 1009{
1010 struct module *module = NULL;
af65bdfc 1011 struct mutex *cb_mutex;
f7fa9b10 1012 struct netlink_sock *nlk;
03292745 1013 void (*bind)(int group);
ab33a171 1014 int err = 0;
1da177e4
LT		 1015
1016 sock->state = SS_UNCONNECTED;
1017
1018 if (sock->type != SOCK_RAW && sock->type != SOCK_DGRAM)
1019 return -ESOCKTNOSUPPORT;
1020
6ac552fd 1021 if (protocol < 0 || protocol >= MAX_LINKS)
1da177e4
LT		 1022 return -EPROTONOSUPPORT;
1023
77247bbb 1024 netlink_lock_table();
95a5afca 1025#ifdef CONFIG_MODULES
ab33a171 1026 if (!nl_table[protocol].registered) {
77247bbb 1027 netlink_unlock_table();
4fdb3bb7 1028 request_module("net-pf-%d-proto-%d", PF_NETLINK, protocol);
77247bbb 1029 netlink_lock_table();
4fdb3bb7 1030 }
ab33a171
PM		 1031#endif
1032 if (nl_table[protocol].registered &&
1033 try_module_get(nl_table[protocol].module))
1034 module = nl_table[protocol].module;
974c37e9
AD		 1035 else
1036 err = -EPROTONOSUPPORT;
af65bdfc 1037 cb_mutex = nl_table[protocol].cb_mutex;
03292745 1038 bind = nl_table[protocol].bind;
77247bbb 1039 netlink_unlock_table();
4fdb3bb7 1040
974c37e9
AD		 1041 if (err < 0)
1042 goto out;
1043
6ac552fd
PM		 1044 err = __netlink_create(net, sock, cb_mutex, protocol);
1045 if (err < 0)
f7fa9b10
PM		 1046 goto out_module;
1047
6f756a8c 1048 local_bh_disable();
c1fd3b94 1049 sock_prot_inuse_add(net, &netlink_proto, 1);
6f756a8c
DM		 1050 local_bh_enable();
1051
f7fa9b10 1052 nlk = nlk_sk(sock->sk);
f7fa9b10 1053 nlk->module = module;
03292745 1054 nlk->netlink_bind = bind;
ab33a171
PM		 1055out:
1056 return err;
1da177e4 1057
ab33a171
PM		 1058out_module:
1059 module_put(module);
1060 goto out;
1da177e4
LT		 1061}
1062
1063static int netlink_release(struct socket *sock)
1064{
1065 struct sock *sk = sock->sk;
1066 struct netlink_sock *nlk;
1067
1068 if (!sk)
1069 return 0;
1070
1071 netlink_remove(sk);
ac57b3a9 1072 sock_orphan(sk);
1da177e4
LT		 1073 nlk = nlk_sk(sk);
1074
3f660d66
HX		 1075 /*
1076 * OK. Socket is unlinked, any packets that arrive now
1077 * will be purged.
1078 */
1da177e4 1079
1da177e4
LT		 1080 sock->sk = NULL;
1081 wake_up_interruptible_all(&nlk->wait);
1082
1083 skb_queue_purge(&sk->sk_write_queue);
1084
15e47304 1085 if (nlk->portid) {
1da177e4 1086 struct netlink_notify n = {
3b1e0a65 1087 .net = sock_net(sk),
1da177e4 1088 .protocol = sk->sk_protocol,
15e47304 1089 .portid = nlk->portid,
1da177e4 1090 };
e041c683
AS		 1091 atomic_notifier_call_chain(&netlink_chain,
1092 NETLINK_URELEASE, &n);
746fac4d 1093 }
4fdb3bb7 1094
5e7c001c 1095 module_put(nlk->module);
4fdb3bb7 1096
4277a083 1097 netlink_table_grab();
aed81560 1098 if (netlink_is_kernel(sk)) {
869e58f8
DL		 1099 BUG_ON(nl_table[sk->sk_protocol].registered == 0);
1100 if (--nl_table[sk->sk_protocol].registered == 0) {
6d772ac5
ED		 1101 struct listeners *old;
1102
1103 old = nl_deref_protected(nl_table[sk->sk_protocol].listeners);
1104 RCU_INIT_POINTER(nl_table[sk->sk_protocol].listeners, NULL);
1105 kfree_rcu(old, rcu);
869e58f8 1106 nl_table[sk->sk_protocol].module = NULL;
9785e10a
PNA		 1107 nl_table[sk->sk_protocol].bind = NULL;
1108 nl_table[sk->sk_protocol].flags = 0;
869e58f8
DL		 1109 nl_table[sk->sk_protocol].registered = 0;
1110 }
658cb354 1111 } else if (nlk->subscriptions) {
4277a083 1112 netlink_update_listeners(sk);
658cb354 1113 }
4277a083 1114 netlink_table_ungrab();
77247bbb 1115
f7fa9b10
PM		 1116 kfree(nlk->groups);
1117 nlk->groups = NULL;
1118
3755810c 1119 local_bh_disable();
c1fd3b94 1120 sock_prot_inuse_add(sock_net(sk), &netlink_proto, -1);
3755810c 1121 local_bh_enable();
1da177e4
LT		 1122 sock_put(sk);
1123 return 0;
1124}
1125
1126static int netlink_autobind(struct socket *sock)
1127{
1128 struct sock *sk = sock->sk;
3b1e0a65 1129 struct net *net = sock_net(sk);
15e47304 1130 struct nl_portid_hash *hash = &nl_table[sk->sk_protocol].hash;
1da177e4
LT		 1131 struct hlist_head *head;
1132 struct sock *osk;
15e47304 1133 s32 portid = task_tgid_vnr(current);
1da177e4
LT		 1134 int err;
1135 static s32 rover = -4097;
1136
1137retry:
1138 cond_resched();
1139 netlink_table_grab();
15e47304 1140 head = nl_portid_hashfn(hash, portid);
b67bfe0d 1141 sk_for_each(osk, head) {
878628fb 1142 if (!net_eq(sock_net(osk), net))
b4b51029 1143 continue;
15e47304
EB		 1144 if (nlk_sk(osk)->portid == portid) {
1145 /* Bind collision, search negative portid values. */
1146 portid = rover--;
1da177e4
LT		 1147 if (rover > -4097)
1148 rover = -4097;
1149 netlink_table_ungrab();
1150 goto retry;
1151 }
1152 }
1153 netlink_table_ungrab();
1154
15e47304 1155 err = netlink_insert(sk, net, portid);
1da177e4
LT		 1156 if (err == -EADDRINUSE)
1157 goto retry;
d470e3b4
DM		 1158
1159 /* If 2 threads race to autobind, that is fine. */
1160 if (err == -EBUSY)
1161 err = 0;
1162
1163 return err;
1da177e4
LT		 1164}
1165
b57ef81f 1166static inline int netlink_capable(const struct socket *sock, unsigned int flag)
746fac4d 1167{
9785e10a 1168 return (nl_table[sock->sk->sk_protocol].flags & flag) ||
df008c91 1169 ns_capable(sock_net(sock->sk)->user_ns, CAP_NET_ADMIN);
746fac4d 1170}
1da177e4 1171
f7fa9b10
PM		 1172static void
1173netlink_update_subscriptions(struct sock *sk, unsigned int subscriptions)
1174{
1175 struct netlink_sock *nlk = nlk_sk(sk);
1176
1177 if (nlk->subscriptions && !subscriptions)
1178 __sk_del_bind_node(sk);
1179 else if (!nlk->subscriptions && subscriptions)
1180 sk_add_bind_node(sk, &nl_table[sk->sk_protocol].mc_list);
1181 nlk->subscriptions = subscriptions;
1182}
1183
b4ff4f04 1184static int netlink_realloc_groups(struct sock *sk)
513c2500
PM		 1185{
1186 struct netlink_sock *nlk = nlk_sk(sk);
1187 unsigned int groups;
b4ff4f04 1188 unsigned long *new_groups;
513c2500
PM		 1189 int err = 0;
1190
b4ff4f04
JB		 1191 netlink_table_grab();
1192
513c2500 1193 groups = nl_table[sk->sk_protocol].groups;
b4ff4f04 1194 if (!nl_table[sk->sk_protocol].registered) {
513c2500 1195 err = -ENOENT;
b4ff4f04
JB		 1196 goto out_unlock;
1197 }
513c2500 1198
b4ff4f04
JB		 1199 if (nlk->ngroups >= groups)
1200 goto out_unlock;
513c2500 1201
b4ff4f04
JB		 1202 new_groups = krealloc(nlk->groups, NLGRPSZ(groups), GFP_ATOMIC);
1203 if (new_groups == NULL) {
1204 err = -ENOMEM;
1205 goto out_unlock;
1206 }
6ac552fd 1207 memset((char *)new_groups + NLGRPSZ(nlk->ngroups), 0,
b4ff4f04
JB		 1208 NLGRPSZ(groups) - NLGRPSZ(nlk->ngroups));
1209
1210 nlk->groups = new_groups;
513c2500 1211 nlk->ngroups = groups;
b4ff4f04
JB		 1212 out_unlock:
1213 netlink_table_ungrab();
1214 return err;
513c2500
PM		 1215}
1216
6ac552fd
PM		 1217static int netlink_bind(struct socket *sock, struct sockaddr *addr,
1218 int addr_len)
1da177e4
LT		 1219{
1220 struct sock *sk = sock->sk;
3b1e0a65 1221 struct net *net = sock_net(sk);
1da177e4
LT		 1222 struct netlink_sock *nlk = nlk_sk(sk);
1223 struct sockaddr_nl *nladdr = (struct sockaddr_nl *)addr;
1224 int err;
746fac4d 1225
4e4b5376
HFS		 1226 if (addr_len < sizeof(struct sockaddr_nl))
1227 return -EINVAL;
1228
1da177e4
LT		 1229 if (nladdr->nl_family != AF_NETLINK)
1230 return -EINVAL;
1231
1232 /* Only superuser is allowed to listen multicasts */
513c2500 1233 if (nladdr->nl_groups) {
9785e10a 1234 if (!netlink_capable(sock, NL_CFG_F_NONROOT_RECV))
513c2500 1235 return -EPERM;
b4ff4f04
JB		 1236 err = netlink_realloc_groups(sk);
1237 if (err)
1238 return err;
513c2500 1239 }
1da177e4 1240
15e47304
EB		 1241 if (nlk->portid) {
1242 if (nladdr->nl_pid != nlk->portid)
1da177e4
LT		 1243 return -EINVAL;
1244 } else {
1245 err = nladdr->nl_pid ?
b4b51029 1246 netlink_insert(sk, net, nladdr->nl_pid) :
1da177e4
LT		 1247 netlink_autobind(sock);
1248 if (err)
1249 return err;
1250 }
1251
513c2500 1252 if (!nladdr->nl_groups && (nlk->groups == NULL || !(u32)nlk->groups[0]))
1da177e4
LT		 1253 return 0;
1254
1255 netlink_table_grab();
f7fa9b10 1256 netlink_update_subscriptions(sk, nlk->subscriptions +
746fac4d
YH		 1257 hweight32(nladdr->nl_groups) -
1258 hweight32(nlk->groups[0]));
1259 nlk->groups[0] = (nlk->groups[0] & ~0xffffffffUL) | nladdr->nl_groups;
4277a083 1260 netlink_update_listeners(sk);
1da177e4
LT		 1261 netlink_table_ungrab();
1262
03292745
PNA		 1263 if (nlk->netlink_bind && nlk->groups[0]) {
1264 int i;
1265
1266 for (i=0; i<nlk->ngroups; i++) {
1267 if (test_bit(i, nlk->groups))
1268 nlk->netlink_bind(i);
1269 }
1270 }
1271
1da177e4
LT		 1272 return 0;
1273}
1274
1275static int netlink_connect(struct socket *sock, struct sockaddr *addr,
1276 int alen, int flags)
1277{
1278 int err = 0;
1279 struct sock *sk = sock->sk;
1280 struct netlink_sock *nlk = nlk_sk(sk);
6ac552fd 1281 struct sockaddr_nl *nladdr = (struct sockaddr_nl *)addr;
1da177e4 1282
6503d961
CG		 1283 if (alen < sizeof(addr->sa_family))
1284 return -EINVAL;
1285
1da177e4
LT		 1286 if (addr->sa_family == AF_UNSPEC) {
1287 sk->sk_state = NETLINK_UNCONNECTED;
15e47304 1288 nlk->dst_portid = 0;
d629b836 1289 nlk->dst_group = 0;
1da177e4
LT		 1290 return 0;
1291 }
1292 if (addr->sa_family != AF_NETLINK)
1293 return -EINVAL;
1294
1295 /* Only superuser is allowed to send multicasts */
9785e10a 1296 if (nladdr->nl_groups && !netlink_capable(sock, NL_CFG_F_NONROOT_SEND))
1da177e4
LT		 1297 return -EPERM;
1298
15e47304 1299 if (!nlk->portid)
1da177e4
LT		 1300 err = netlink_autobind(sock);
1301
1302 if (err == 0) {
1303 sk->sk_state = NETLINK_CONNECTED;
15e47304 1304 nlk->dst_portid = nladdr->nl_pid;
d629b836 1305 nlk->dst_group = ffs(nladdr->nl_groups);
1da177e4
LT		 1306 }
1307
1308 return err;
1309}
1310
6ac552fd
PM		 1311static int netlink_getname(struct socket *sock, struct sockaddr *addr,
1312 int *addr_len, int peer)
1da177e4
LT		 1313{
1314 struct sock *sk = sock->sk;
1315 struct netlink_sock *nlk = nlk_sk(sk);
13cfa97b 1316 DECLARE_SOCKADDR(struct sockaddr_nl *, nladdr, addr);
746fac4d 1317
1da177e4
LT		 1318 nladdr->nl_family = AF_NETLINK;
1319 nladdr->nl_pad = 0;
1320 *addr_len = sizeof(*nladdr);
1321
1322 if (peer) {
15e47304 1323 nladdr->nl_pid = nlk->dst_portid;
d629b836 1324 nladdr->nl_groups = netlink_group_mask(nlk->dst_group);
1da177e4 1325 } else {
15e47304 1326 nladdr->nl_pid = nlk->portid;
513c2500 1327 nladdr->nl_groups = nlk->groups ? nlk->groups[0] : 0;
1da177e4
LT		 1328 }
1329 return 0;
1330}
1331
1332static void netlink_overrun(struct sock *sk)
1333{
38938bfe
PNA		 1334 struct netlink_sock *nlk = nlk_sk(sk);
1335
1336 if (!(nlk->flags & NETLINK_RECV_NO_ENOBUFS)) {
cd967e05 1337 if (!test_and_set_bit(NETLINK_CONGESTED, &nlk_sk(sk)->state)) {
38938bfe
PNA		 1338 sk->sk_err = ENOBUFS;
1339 sk->sk_error_report(sk);
1340 }
1da177e4 1341 }
38938bfe 1342 atomic_inc(&sk->sk_drops);
1da177e4
LT		 1343}
1344
15e47304 1345static struct sock *netlink_getsockbyportid(struct sock *ssk, u32 portid)
1da177e4 1346{
1da177e4
LT		 1347 struct sock *sock;
1348 struct netlink_sock *nlk;
1349
15e47304 1350 sock = netlink_lookup(sock_net(ssk), ssk->sk_protocol, portid);
1da177e4
LT		 1351 if (!sock)
1352 return ERR_PTR(-ECONNREFUSED);
1353
1354 /* Don't bother queuing skb if kernel socket has no input function */
1355 nlk = nlk_sk(sock);
cd40b7d3 1356 if (sock->sk_state == NETLINK_CONNECTED &&
15e47304 1357 nlk->dst_portid != nlk_sk(ssk)->portid) {
1da177e4
LT		 1358 sock_put(sock);
1359 return ERR_PTR(-ECONNREFUSED);
1360 }
1361 return sock;
1362}
1363
1364struct sock *netlink_getsockbyfilp(struct file *filp)
1365{
496ad9aa 1366 struct inode *inode = file_inode(filp);
1da177e4
LT		 1367 struct sock *sock;
1368
1369 if (!S_ISSOCK(inode->i_mode))
1370 return ERR_PTR(-ENOTSOCK);
1371
1372 sock = SOCKET_I(inode)->sk;
1373 if (sock->sk_family != AF_NETLINK)
1374 return ERR_PTR(-EINVAL);
1375
1376 sock_hold(sock);
1377 return sock;
1378}
1379
1380/*
1381 * Attach a skb to a netlink socket.
1382 * The caller must hold a reference to the destination socket. On error, the
1383 * reference is dropped. The skb is not send to the destination, just all
1384 * all error checks are performed and memory in the queue is reserved.
1385 * Return values:
1386 * < 0: error. skb freed, reference to sock dropped.
1387 * 0: continue
1388 * 1: repeat lookup - reference dropped while waiting for socket memory.
1389 */
9457afee 1390int netlink_attachskb(struct sock *sk, struct sk_buff *skb,
c3d8d1e3 1391 long *timeo, struct sock *ssk)
1da177e4
LT		 1392{
1393 struct netlink_sock *nlk;
1394
1395 nlk = nlk_sk(sk);
1396
5fd96123
PM		 1397 if ((atomic_read(&sk->sk_rmem_alloc) > sk->sk_rcvbuf ||
1398 test_bit(NETLINK_CONGESTED, &nlk->state)) &&
1399 !netlink_skb_is_mmaped(skb)) {
1da177e4 1400 DECLARE_WAITQUEUE(wait, current);
c3d8d1e3 1401 if (!*timeo) {
aed81560 1402 if (!ssk || netlink_is_kernel(ssk))
1da177e4
LT		 1403 netlink_overrun(sk);
1404 sock_put(sk);
1405 kfree_skb(skb);
1406 return -EAGAIN;
1407 }
1408
1409 __set_current_state(TASK_INTERRUPTIBLE);
1410 add_wait_queue(&nlk->wait, &wait);
1411
1412 if ((atomic_read(&sk->sk_rmem_alloc) > sk->sk_rcvbuf ||
cd967e05 1413 test_bit(NETLINK_CONGESTED, &nlk->state)) &&
1da177e4 1414 !sock_flag(sk, SOCK_DEAD))
c3d8d1e3 1415 *timeo = schedule_timeout(*timeo);
1da177e4
LT		 1416
1417 __set_current_state(TASK_RUNNING);
1418 remove_wait_queue(&nlk->wait, &wait);
1419 sock_put(sk);
1420
1421 if (signal_pending(current)) {
1422 kfree_skb(skb);
c3d8d1e3 1423 return sock_intr_errno(*timeo);
1da177e4
LT		 1424 }
1425 return 1;
1426 }
cf0a018a 1427 netlink_skb_set_owner_r(skb, sk);
1da177e4
LT		 1428 return 0;
1429}
1430
4a7e7c2a 1431static int __netlink_sendskb(struct sock *sk, struct sk_buff *skb)
1da177e4 1432{
1da177e4
LT		 1433 int len = skb->len;
1434
f9c22888
PM		 1435#ifdef CONFIG_NETLINK_MMAP
1436 if (netlink_skb_is_mmaped(skb))
1437 netlink_queue_mmaped_skb(sk, skb);
1438 else if (netlink_rx_is_mmaped(sk))
1439 netlink_ring_set_copied(sk, skb);
1440 else
1441#endif /* CONFIG_NETLINK_MMAP */
1442 skb_queue_tail(&sk->sk_receive_queue, skb);
1da177e4 1443 sk->sk_data_ready(sk, len);
4a7e7c2a
ED		 1444 return len;
1445}
1446
1447int netlink_sendskb(struct sock *sk, struct sk_buff *skb)
1448{
1449 int len = __netlink_sendskb(sk, skb);
1450
1da177e4
LT		 1451 sock_put(sk);
1452 return len;
1453}
1454
1455void netlink_detachskb(struct sock *sk, struct sk_buff *skb)
1456{
1457 kfree_skb(skb);
1458 sock_put(sk);
1459}
1460
b57ef81f 1461static struct sk_buff *netlink_trim(struct sk_buff *skb, gfp_t allocation)
1da177e4
LT		 1462{
1463 int delta;
1464
1298ca46 1465 WARN_ON(skb->sk != NULL);
5fd96123
PM		 1466 if (netlink_skb_is_mmaped(skb))
1467 return skb;
1da177e4 1468
4305b541 1469 delta = skb->end - skb->tail;
1da177e4
LT		 1470 if (delta * 2 < skb->truesize)
1471 return skb;
1472
1473 if (skb_shared(skb)) {
1474 struct sk_buff *nskb = skb_clone(skb, allocation);
1475 if (!nskb)
1476 return skb;
8460c00f 1477 consume_skb(skb);
1da177e4
LT		 1478 skb = nskb;
1479 }
1480
1481 if (!pskb_expand_head(skb, 0, -delta, allocation))
1482 skb->truesize -= delta;
1483
1484 return skb;
1485}
1486
b57ef81f 1487static void netlink_rcv_wake(struct sock *sk)
cd40b7d3
DL		 1488{
1489 struct netlink_sock *nlk = nlk_sk(sk);
1490
1491 if (skb_queue_empty(&sk->sk_receive_queue))
cd967e05
PM		 1492 clear_bit(NETLINK_CONGESTED, &nlk->state);
1493 if (!test_bit(NETLINK_CONGESTED, &nlk->state))
cd40b7d3
DL		 1494 wake_up_interruptible(&nlk->wait);
1495}
1496
3fbc2905
EB		 1497static int netlink_unicast_kernel(struct sock *sk, struct sk_buff *skb,
1498 struct sock *ssk)
cd40b7d3
DL		 1499{
1500 int ret;
1501 struct netlink_sock *nlk = nlk_sk(sk);
1502
1503 ret = -ECONNREFUSED;
1504 if (nlk->netlink_rcv != NULL) {
1505 ret = skb->len;
cf0a018a 1506 netlink_skb_set_owner_r(skb, sk);
e32123e5 1507 NETLINK_CB(skb).sk = ssk;
cd40b7d3 1508 nlk->netlink_rcv(skb);
bfb253c9
ED		 1509 consume_skb(skb);
1510 } else {
1511 kfree_skb(skb);
cd40b7d3 1512 }
cd40b7d3
DL		 1513 sock_put(sk);
1514 return ret;
1515}
1516
1517int netlink_unicast(struct sock *ssk, struct sk_buff *skb,
15e47304 1518 u32 portid, int nonblock)
1da177e4
LT		 1519{
1520 struct sock *sk;
1521 int err;
1522 long timeo;
1523
1524 skb = netlink_trim(skb, gfp_any());
1525
1526 timeo = sock_sndtimeo(ssk, nonblock);
1527retry:
15e47304 1528 sk = netlink_getsockbyportid(ssk, portid);
1da177e4
LT		 1529 if (IS_ERR(sk)) {
1530 kfree_skb(skb);
1531 return PTR_ERR(sk);
1532 }
cd40b7d3 1533 if (netlink_is_kernel(sk))
3fbc2905 1534 return netlink_unicast_kernel(sk, skb, ssk);
cd40b7d3 1535
b1153f29 1536 if (sk_filter(sk, skb)) {
84874607 1537 err = skb->len;
b1153f29
SH		 1538 kfree_skb(skb);
1539 sock_put(sk);
1540 return err;
1541 }
1542
9457afee 1543 err = netlink_attachskb(sk, skb, &timeo, ssk);
1da177e4
LT		 1544 if (err == 1)
1545 goto retry;
1546 if (err)
1547 return err;
1548
7ee015e0 1549 return netlink_sendskb(sk, skb);
1da177e4 1550}
6ac552fd 1551EXPORT_SYMBOL(netlink_unicast);
1da177e4 1552
f9c22888
PM		 1553struct sk_buff *netlink_alloc_skb(struct sock *ssk, unsigned int size,
1554 u32 dst_portid, gfp_t gfp_mask)
1555{
1556#ifdef CONFIG_NETLINK_MMAP
1557 struct sock *sk = NULL;
1558 struct sk_buff *skb;
1559 struct netlink_ring *ring;
1560 struct nl_mmap_hdr *hdr;
1561 unsigned int maxlen;
1562
1563 sk = netlink_getsockbyportid(ssk, dst_portid);
1564 if (IS_ERR(sk))
1565 goto out;
1566
1567 ring = &nlk_sk(sk)->rx_ring;
1568 /* fast-path without atomic ops for common case: non-mmaped receiver */
1569 if (ring->pg_vec == NULL)
1570 goto out_put;
1571
1572 skb = alloc_skb_head(gfp_mask);
1573 if (skb == NULL)
1574 goto err1;
1575
1576 spin_lock_bh(&sk->sk_receive_queue.lock);
1577 /* check again under lock */
1578 if (ring->pg_vec == NULL)
1579 goto out_free;
1580
1581 maxlen = ring->frame_size - NL_MMAP_HDRLEN;
1582 if (maxlen < size)
1583 goto out_free;
1584
1585 netlink_forward_ring(ring);
1586 hdr = netlink_current_frame(ring, NL_MMAP_STATUS_UNUSED);
1587 if (hdr == NULL)
1588 goto err2;
1589 netlink_ring_setup_skb(skb, sk, ring, hdr);
1590 netlink_set_status(hdr, NL_MMAP_STATUS_RESERVED);
1591 atomic_inc(&ring->pending);
1592 netlink_increment_head(ring);
1593
1594 spin_unlock_bh(&sk->sk_receive_queue.lock);
1595 return skb;
1596
1597err2:
1598 kfree_skb(skb);
1599 spin_unlock_bh(&sk->sk_receive_queue.lock);
1600err1:
1601 sock_put(sk);
1602 return NULL;
1603
1604out_free:
1605 kfree_skb(skb);
1606 spin_unlock_bh(&sk->sk_receive_queue.lock);
1607out_put:
1608 sock_put(sk);
1609out:
1610#endif
1611 return alloc_skb(size, gfp_mask);
1612}
1613EXPORT_SYMBOL_GPL(netlink_alloc_skb);
1614
4277a083
PM		 1615int netlink_has_listeners(struct sock *sk, unsigned int group)
1616{
1617 int res = 0;
5c398dc8 1618 struct listeners *listeners;
4277a083 1619
aed81560 1620 BUG_ON(!netlink_is_kernel(sk));
b4ff4f04
JB		 1621
1622 rcu_read_lock();
1623 listeners = rcu_dereference(nl_table[sk->sk_protocol].listeners);
1624
6d772ac5 1625 if (listeners && group - 1 < nl_table[sk->sk_protocol].groups)
5c398dc8 1626 res = test_bit(group - 1, listeners->masks);
b4ff4f04
JB		 1627
1628 rcu_read_unlock();
1629
4277a083
PM		 1630 return res;
1631}
1632EXPORT_SYMBOL_GPL(netlink_has_listeners);
1633
b57ef81f 1634static int netlink_broadcast_deliver(struct sock *sk, struct sk_buff *skb)
1da177e4
LT		 1635{
1636 struct netlink_sock *nlk = nlk_sk(sk);
1637
1638 if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf &&
cd967e05 1639 !test_bit(NETLINK_CONGESTED, &nlk->state)) {
cf0a018a 1640 netlink_skb_set_owner_r(skb, sk);
4a7e7c2a 1641 __netlink_sendskb(sk, skb);
2c645800 1642 return atomic_read(&sk->sk_rmem_alloc) > (sk->sk_rcvbuf >> 1);
1da177e4
LT		 1643 }
1644 return -1;
1645}
1646
1647struct netlink_broadcast_data {
1648 struct sock *exclude_sk;
b4b51029 1649 struct net *net;
15e47304 1650 u32 portid;
1da177e4
LT		 1651 u32 group;
1652 int failure;
ff491a73 1653 int delivery_failure;
1da177e4
LT		 1654 int congested;
1655 int delivered;
7d877f3b 1656 gfp_t allocation;
1da177e4 1657 struct sk_buff *skb, *skb2;
910a7e90
EB		 1658 int (*tx_filter)(struct sock *dsk, struct sk_buff *skb, void *data);
1659 void *tx_data;
1da177e4
LT		 1660};
1661
b57ef81f 1662static int do_one_broadcast(struct sock *sk,
1da177e4
LT		 1663 struct netlink_broadcast_data *p)
1664{
1665 struct netlink_sock *nlk = nlk_sk(sk);
1666 int val;
1667
1668 if (p->exclude_sk == sk)
1669 goto out;
1670
15e47304 1671 if (nlk->portid == p->portid || p->group - 1 >= nlk->ngroups ||
f7fa9b10 1672 !test_bit(p->group - 1, nlk->groups))
1da177e4
LT		 1673 goto out;
1674
878628fb 1675 if (!net_eq(sock_net(sk), p->net))
b4b51029
EB		 1676 goto out;
1677
1da177e4
LT		 1678 if (p->failure) {
1679 netlink_overrun(sk);
1680 goto out;
1681 }
1682
1683 sock_hold(sk);
1684 if (p->skb2 == NULL) {
68acc024 1685 if (skb_shared(p->skb)) {
1da177e4
LT		 1686 p->skb2 = skb_clone(p->skb, p->allocation);
1687 } else {
68acc024
TC		 1688 p->skb2 = skb_get(p->skb);
1689 /*
1690 * skb ownership may have been set when
1691 * delivered to a previous socket.
1692 */
1693 skb_orphan(p->skb2);
1da177e4
LT		 1694 }
1695 }
1696 if (p->skb2 == NULL) {
1697 netlink_overrun(sk);
1698 /* Clone failed. Notify ALL listeners. */
1699 p->failure = 1;
be0c22a4
PNA		 1700 if (nlk->flags & NETLINK_BROADCAST_SEND_ERROR)
1701 p->delivery_failure = 1;
910a7e90
EB		 1702 } else if (p->tx_filter && p->tx_filter(sk, p->skb2, p->tx_data)) {
1703 kfree_skb(p->skb2);
1704 p->skb2 = NULL;
b1153f29
SH		 1705 } else if (sk_filter(sk, p->skb2)) {
1706 kfree_skb(p->skb2);
1707 p->skb2 = NULL;
1da177e4
LT		 1708 } else if ((val = netlink_broadcast_deliver(sk, p->skb2)) < 0) {
1709 netlink_overrun(sk);
be0c22a4
PNA		 1710 if (nlk->flags & NETLINK_BROADCAST_SEND_ERROR)
1711 p->delivery_failure = 1;
1da177e4
LT		 1712 } else {
1713 p->congested |= val;
1714 p->delivered = 1;
1715 p->skb2 = NULL;
1716 }
1717 sock_put(sk);
1718
1719out:
1720 return 0;
1721}
1722
15e47304 1723int netlink_broadcast_filtered(struct sock *ssk, struct sk_buff *skb, u32 portid,
910a7e90
EB		 1724 u32 group, gfp_t allocation,
1725 int (*filter)(struct sock *dsk, struct sk_buff *skb, void *data),
1726 void *filter_data)
1da177e4 1727{
3b1e0a65 1728 struct net *net = sock_net(ssk);
1da177e4 1729 struct netlink_broadcast_data info;
1da177e4
LT		 1730 struct sock *sk;
1731
1732 skb = netlink_trim(skb, allocation);
1733
1734 info.exclude_sk = ssk;
b4b51029 1735 info.net = net;
15e47304 1736 info.portid = portid;
1da177e4
LT		 1737 info.group = group;
1738 info.failure = 0;
ff491a73 1739 info.delivery_failure = 0;
1da177e4
LT		 1740 info.congested = 0;
1741 info.delivered = 0;
1742 info.allocation = allocation;
1743 info.skb = skb;
1744 info.skb2 = NULL;
910a7e90
EB		 1745 info.tx_filter = filter;
1746 info.tx_data = filter_data;
1da177e4
LT		 1747
1748 /* While we sleep in clone, do not allow to change socket list */
1749
1750 netlink_lock_table();
1751
b67bfe0d 1752 sk_for_each_bound(sk, &nl_table[ssk->sk_protocol].mc_list)
1da177e4
LT		 1753 do_one_broadcast(sk, &info);
1754
70d4bf6d 1755 consume_skb(skb);
aa1c6a6f 1756
1da177e4
LT		 1757 netlink_unlock_table();
1758
70d4bf6d
NH		 1759 if (info.delivery_failure) {
1760 kfree_skb(info.skb2);
ff491a73 1761 return -ENOBUFS;
658cb354
ED		 1762 }
1763 consume_skb(info.skb2);
ff491a73 1764
1da177e4
LT		 1765 if (info.delivered) {
1766 if (info.congested && (allocation & __GFP_WAIT))
1767 yield();
1768 return 0;
1769 }
1da177e4
LT		 1770 return -ESRCH;
1771}
910a7e90
EB		 1772EXPORT_SYMBOL(netlink_broadcast_filtered);
1773
15e47304 1774int netlink_broadcast(struct sock *ssk, struct sk_buff *skb, u32 portid,
910a7e90
EB		 1775 u32 group, gfp_t allocation)
1776{
15e47304 1777 return netlink_broadcast_filtered(ssk, skb, portid, group, allocation,
910a7e90
EB		 1778 NULL, NULL);
1779}
6ac552fd 1780EXPORT_SYMBOL(netlink_broadcast);
1da177e4
LT		 1781
1782struct netlink_set_err_data {
1783 struct sock *exclude_sk;
15e47304 1784 u32 portid;
1da177e4
LT		 1785 u32 group;
1786 int code;
1787};
1788
b57ef81f 1789static int do_one_set_err(struct sock *sk, struct netlink_set_err_data *p)
1da177e4
LT		 1790{
1791 struct netlink_sock *nlk = nlk_sk(sk);
1a50307b 1792 int ret = 0;
1da177e4
LT		 1793
1794 if (sk == p->exclude_sk)
1795 goto out;
1796
09ad9bc7 1797 if (!net_eq(sock_net(sk), sock_net(p->exclude_sk)))
b4b51029
EB		 1798 goto out;
1799
15e47304 1800 if (nlk->portid == p->portid || p->group - 1 >= nlk->ngroups ||
f7fa9b10 1801 !test_bit(p->group - 1, nlk->groups))
1da177e4
LT		 1802 goto out;
1803
1a50307b
PNA		 1804 if (p->code == ENOBUFS && nlk->flags & NETLINK_RECV_NO_ENOBUFS) {
1805 ret = 1;
1806 goto out;
1807 }
1808
1da177e4
LT		 1809 sk->sk_err = p->code;
1810 sk->sk_error_report(sk);
1811out:
1a50307b 1812 return ret;
1da177e4
LT		 1813}
1814
4843b93c
PNA		 1815/**
1816 * netlink_set_err - report error to broadcast listeners
1817 * @ssk: the kernel netlink socket, as returned by netlink_kernel_create()
15e47304 1818 * @portid: the PORTID of a process that we want to skip (if any)
4843b93c
PNA		 1819 * @groups: the broadcast group that will notice the error
1820 * @code: error code, must be negative (as usual in kernelspace)
1a50307b
PNA		 1821 *
1822 * This function returns the number of broadcast listeners that have set the
1823 * NETLINK_RECV_NO_ENOBUFS socket option.
4843b93c 1824 */
15e47304 1825int netlink_set_err(struct sock *ssk, u32 portid, u32 group, int code)
1da177e4
LT		 1826{
1827 struct netlink_set_err_data info;
1da177e4 1828 struct sock *sk;
1a50307b 1829 int ret = 0;
1da177e4
LT		 1830
1831 info.exclude_sk = ssk;
15e47304 1832 info.portid = portid;
1da177e4 1833 info.group = group;
4843b93c
PNA		 1834 /* sk->sk_err wants a positive error value */
1835 info.code = -code;
1da177e4
LT		 1836
1837 read_lock(&nl_table_lock);
1838
b67bfe0d 1839 sk_for_each_bound(sk, &nl_table[ssk->sk_protocol].mc_list)
1a50307b 1840 ret += do_one_set_err(sk, &info);
1da177e4
LT		 1841
1842 read_unlock(&nl_table_lock);
1a50307b 1843 return ret;
1da177e4 1844}
dd5b6ce6 1845EXPORT_SYMBOL(netlink_set_err);
1da177e4 1846
84659eb5
JB		 1847/* must be called with netlink table grabbed */
1848static void netlink_update_socket_mc(struct netlink_sock *nlk,
1849 unsigned int group,
1850 int is_new)
1851{
1852 int old, new = !!is_new, subscriptions;
1853
1854 old = test_bit(group - 1, nlk->groups);
1855 subscriptions = nlk->subscriptions - old + new;
1856 if (new)
1857 __set_bit(group - 1, nlk->groups);
1858 else
1859 __clear_bit(group - 1, nlk->groups);
1860 netlink_update_subscriptions(&nlk->sk, subscriptions);
1861 netlink_update_listeners(&nlk->sk);
1862}
1863
9a4595bc 1864static int netlink_setsockopt(struct socket *sock, int level, int optname,
b7058842 1865 char __user *optval, unsigned int optlen)
9a4595bc
PM		 1866{
1867 struct sock *sk = sock->sk;
1868 struct netlink_sock *nlk = nlk_sk(sk);
eb496534
JB		 1869 unsigned int val = 0;
1870 int err;
9a4595bc
PM		 1871
1872 if (level != SOL_NETLINK)
1873 return -ENOPROTOOPT;
1874
ccdfcc39
PM		 1875 if (optname != NETLINK_RX_RING && optname != NETLINK_TX_RING &&
1876 optlen >= sizeof(int) &&
eb496534 1877 get_user(val, (unsigned int __user *)optval))
9a4595bc
PM		 1878 return -EFAULT;
1879
1880 switch (optname) {
1881 case NETLINK_PKTINFO:
1882 if (val)
1883 nlk->flags |= NETLINK_RECV_PKTINFO;
1884 else
1885 nlk->flags &= ~NETLINK_RECV_PKTINFO;
1886 err = 0;
1887 break;
1888 case NETLINK_ADD_MEMBERSHIP:
1889 case NETLINK_DROP_MEMBERSHIP: {
9785e10a 1890 if (!netlink_capable(sock, NL_CFG_F_NONROOT_RECV))
9a4595bc 1891 return -EPERM;
b4ff4f04
JB		 1892 err = netlink_realloc_groups(sk);
1893 if (err)
1894 return err;
9a4595bc
PM		 1895 if (!val || val - 1 >= nlk->ngroups)
1896 return -EINVAL;
1897 netlink_table_grab();
84659eb5
JB		 1898 netlink_update_socket_mc(nlk, val,
1899 optname == NETLINK_ADD_MEMBERSHIP);
9a4595bc 1900 netlink_table_ungrab();
03292745
PNA		 1901
1902 if (nlk->netlink_bind)
1903 nlk->netlink_bind(val);
1904
9a4595bc
PM		 1905 err = 0;
1906 break;
1907 }
be0c22a4
PNA		 1908 case NETLINK_BROADCAST_ERROR:
1909 if (val)
1910 nlk->flags |= NETLINK_BROADCAST_SEND_ERROR;
1911 else
1912 nlk->flags &= ~NETLINK_BROADCAST_SEND_ERROR;
1913 err = 0;
1914 break;
38938bfe
PNA		 1915 case NETLINK_NO_ENOBUFS:
1916 if (val) {
1917 nlk->flags |= NETLINK_RECV_NO_ENOBUFS;
cd967e05 1918 clear_bit(NETLINK_CONGESTED, &nlk->state);
38938bfe 1919 wake_up_interruptible(&nlk->wait);
658cb354 1920 } else {
38938bfe 1921 nlk->flags &= ~NETLINK_RECV_NO_ENOBUFS;
658cb354 1922 }
38938bfe
PNA		 1923 err = 0;
1924 break;
ccdfcc39
PM		 1925#ifdef CONFIG_NETLINK_MMAP
1926 case NETLINK_RX_RING:
1927 case NETLINK_TX_RING: {
1928 struct nl_mmap_req req;
1929
1930 /* Rings might consume more memory than queue limits, require
1931 * CAP_NET_ADMIN.
1932 */
1933 if (!capable(CAP_NET_ADMIN))
1934 return -EPERM;
1935 if (optlen < sizeof(req))
1936 return -EINVAL;
1937 if (copy_from_user(&req, optval, sizeof(req)))
1938 return -EFAULT;
1939 err = netlink_set_ring(sk, &req, false,
1940 optname == NETLINK_TX_RING);
1941 break;
1942 }
1943#endif /* CONFIG_NETLINK_MMAP */
9a4595bc
PM		 1944 default:
1945 err = -ENOPROTOOPT;
1946 }
1947 return err;
1948}
1949
1950static int netlink_getsockopt(struct socket *sock, int level, int optname,
746fac4d 1951 char __user *optval, int __user *optlen)
9a4595bc
PM		 1952{
1953 struct sock *sk = sock->sk;
1954 struct netlink_sock *nlk = nlk_sk(sk);
1955 int len, val, err;
1956
1957 if (level != SOL_NETLINK)
1958 return -ENOPROTOOPT;
1959
1960 if (get_user(len, optlen))
1961 return -EFAULT;
1962 if (len < 0)
1963 return -EINVAL;
1964
1965 switch (optname) {
1966 case NETLINK_PKTINFO:
1967 if (len < sizeof(int))
1968 return -EINVAL;
1969 len = sizeof(int);
1970 val = nlk->flags & NETLINK_RECV_PKTINFO ? 1 : 0;
a27b58fe
HC		 1971 if (put_user(len, optlen) ||
1972 put_user(val, optval))
1973 return -EFAULT;
9a4595bc
PM		 1974 err = 0;
1975 break;
be0c22a4
PNA		 1976 case NETLINK_BROADCAST_ERROR:
1977 if (len < sizeof(int))
1978 return -EINVAL;
1979 len = sizeof(int);
1980 val = nlk->flags & NETLINK_BROADCAST_SEND_ERROR ? 1 : 0;
1981 if (put_user(len, optlen) ||
1982 put_user(val, optval))
1983 return -EFAULT;
1984 err = 0;
1985 break;
38938bfe
PNA		 1986 case NETLINK_NO_ENOBUFS:
1987 if (len < sizeof(int))
1988 return -EINVAL;
1989 len = sizeof(int);
1990 val = nlk->flags & NETLINK_RECV_NO_ENOBUFS ? 1 : 0;
1991 if (put_user(len, optlen) ||
1992 put_user(val, optval))
1993 return -EFAULT;
1994 err = 0;
1995 break;
9a4595bc
PM		 1996 default:
1997 err = -ENOPROTOOPT;
1998 }
1999 return err;
2000}
2001
2002static void netlink_cmsg_recv_pktinfo(struct msghdr *msg, struct sk_buff *skb)
2003{
2004 struct nl_pktinfo info;
2005
2006 info.group = NETLINK_CB(skb).dst_group;
2007 put_cmsg(msg, SOL_NETLINK, NETLINK_PKTINFO, sizeof(info), &info);
2008}
2009
1da177e4
LT		 2010static int netlink_sendmsg(struct kiocb *kiocb, struct socket *sock,
2011 struct msghdr *msg, size_t len)
2012{
2013 struct sock_iocb *siocb = kiocb_to_siocb(kiocb);
2014 struct sock *sk = sock->sk;
2015 struct netlink_sock *nlk = nlk_sk(sk);
6ac552fd 2016 struct sockaddr_nl *addr = msg->msg_name;
15e47304 2017 u32 dst_portid;
d629b836 2018 u32 dst_group;
1da177e4
LT		 2019 struct sk_buff *skb;
2020 int err;
2021 struct scm_cookie scm;
2022
2023 if (msg->msg_flags&MSG_OOB)
2024 return -EOPNOTSUPP;
2025
16e57262 2026 if (NULL == siocb->scm)
1da177e4 2027 siocb->scm = &scm;
16e57262 2028
e0e3cea4 2029 err = scm_send(sock, msg, siocb->scm, true);
1da177e4
LT		 2030 if (err < 0)
2031 return err;
2032
2033 if (msg->msg_namelen) {
b47030c7 2034 err = -EINVAL;
1da177e4 2035 if (addr->nl_family != AF_NETLINK)
b47030c7 2036 goto out;
15e47304 2037 dst_portid = addr->nl_pid;
d629b836 2038 dst_group = ffs(addr->nl_groups);
b47030c7 2039 err = -EPERM;
15e47304 2040 if ((dst_group || dst_portid) &&
9785e10a 2041 !netlink_capable(sock, NL_CFG_F_NONROOT_SEND))
b47030c7 2042 goto out;
1da177e4 2043 } else {
15e47304 2044 dst_portid = nlk->dst_portid;
d629b836 2045 dst_group = nlk->dst_group;
1da177e4
LT		 2046 }
2047
15e47304 2048 if (!nlk->portid) {
1da177e4
LT		 2049 err = netlink_autobind(sock);
2050 if (err)
2051 goto out;
2052 }
2053
5fd96123
PM		 2054 if (netlink_tx_is_mmaped(sk) &&
2055 msg->msg_iov->iov_base == NULL) {
2056 err = netlink_mmap_sendmsg(sk, msg, dst_portid, dst_group,
2057 siocb);
2058 goto out;
2059 }
2060
1da177e4
LT		 2061 err = -EMSGSIZE;
2062 if (len > sk->sk_sndbuf - 32)
2063 goto out;
2064 err = -ENOBUFS;
339bf98f 2065 skb = alloc_skb(len, GFP_KERNEL);
6ac552fd 2066 if (skb == NULL)
1da177e4
LT		 2067 goto out;
2068
15e47304 2069 NETLINK_CB(skb).portid = nlk->portid;
d629b836 2070 NETLINK_CB(skb).dst_group = dst_group;
dbe9a417 2071 NETLINK_CB(skb).creds = siocb->scm->creds;
1da177e4 2072
1da177e4 2073 err = -EFAULT;
6ac552fd 2074 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) {
1da177e4
LT		 2075 kfree_skb(skb);
2076 goto out;
2077 }
2078
2079 err = security_netlink_send(sk, skb);
2080 if (err) {
2081 kfree_skb(skb);
2082 goto out;
2083 }
2084
d629b836 2085 if (dst_group) {
1da177e4 2086 atomic_inc(&skb->users);
15e47304 2087 netlink_broadcast(sk, skb, dst_portid, dst_group, GFP_KERNEL);
1da177e4 2088 }
15e47304 2089 err = netlink_unicast(sk, skb, dst_portid, msg->msg_flags&MSG_DONTWAIT);
1da177e4
LT		 2090
2091out:
b47030c7 2092 scm_destroy(siocb->scm);
1da177e4
LT		 2093 return err;
2094}
2095
2096static int netlink_recvmsg(struct kiocb *kiocb, struct socket *sock,
2097 struct msghdr *msg, size_t len,
2098 int flags)
2099{
2100 struct sock_iocb *siocb = kiocb_to_siocb(kiocb);
2101 struct scm_cookie scm;
2102 struct sock *sk = sock->sk;
2103 struct netlink_sock *nlk = nlk_sk(sk);
2104 int noblock = flags&MSG_DONTWAIT;
2105 size_t copied;
68d6ac6d 2106 struct sk_buff *skb, *data_skb;
b44d211e 2107 int err, ret;
1da177e4
LT		 2108
2109 if (flags&MSG_OOB)
2110 return -EOPNOTSUPP;
2111
2112 copied = 0;
2113
6ac552fd
PM		 2114 skb = skb_recv_datagram(sk, flags, noblock, &err);
2115 if (skb == NULL)
1da177e4
LT		 2116 goto out;
2117
68d6ac6d
JB		 2118 data_skb = skb;
2119
1dacc76d
JB		 2120#ifdef CONFIG_COMPAT_NETLINK_MESSAGES
2121 if (unlikely(skb_shinfo(skb)->frag_list)) {
1dacc76d 2122 /*
68d6ac6d
JB		 2123 * If this skb has a frag_list, then here that means that we
2124 * will have to use the frag_list skb's data for compat tasks
2125 * and the regular skb's data for normal (non-compat) tasks.
1dacc76d 2126 *
68d6ac6d
JB		 2127 * If we need to send the compat skb, assign it to the
2128 * 'data_skb' variable so that it will be used below for data
2129 * copying. We keep 'skb' for everything else, including
2130 * freeing both later.
1dacc76d 2131 */
68d6ac6d
JB		 2132 if (flags & MSG_CMSG_COMPAT)
2133 data_skb = skb_shinfo(skb)->frag_list;
1dacc76d
JB		 2134 }
2135#endif
2136
1da177e4
LT		 2137 msg->msg_namelen = 0;
2138
68d6ac6d 2139 copied = data_skb->len;
1da177e4
LT		 2140 if (len < copied) {
2141 msg->msg_flags |= MSG_TRUNC;
2142 copied = len;
2143 }
2144
68d6ac6d
JB		 2145 skb_reset_transport_header(data_skb);
2146 err = skb_copy_datagram_iovec(data_skb, 0, msg->msg_iov, copied);
1da177e4
LT		 2147
2148 if (msg->msg_name) {
6ac552fd 2149 struct sockaddr_nl *addr = (struct sockaddr_nl *)msg->msg_name;
1da177e4
LT		 2150 addr->nl_family = AF_NETLINK;
2151 addr->nl_pad = 0;
15e47304 2152 addr->nl_pid = NETLINK_CB(skb).portid;
d629b836 2153 addr->nl_groups = netlink_group_mask(NETLINK_CB(skb).dst_group);
1da177e4
LT		 2154 msg->msg_namelen = sizeof(*addr);
2155 }
2156
cc9a06cd
PM		 2157 if (nlk->flags & NETLINK_RECV_PKTINFO)
2158 netlink_cmsg_recv_pktinfo(msg, skb);
2159
1da177e4
LT		 2160 if (NULL == siocb->scm) {
2161 memset(&scm, 0, sizeof(scm));
2162 siocb->scm = &scm;
2163 }
2164 siocb->scm->creds = *NETLINK_CREDS(skb);
188ccb55 2165 if (flags & MSG_TRUNC)
68d6ac6d 2166 copied = data_skb->len;
daa3766e 2167
1da177e4
LT		 2168 skb_free_datagram(sk, skb);
2169
b44d211e
AV		 2170 if (nlk->cb && atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf / 2) {
2171 ret = netlink_dump(sk);
2172 if (ret) {
2173 sk->sk_err = ret;
2174 sk->sk_error_report(sk);
2175 }
2176 }
1da177e4
LT		 2177
2178 scm_recv(sock, msg, siocb->scm, flags);
1da177e4
LT		 2179out:
2180 netlink_rcv_wake(sk);
2181 return err ? : copied;
2182}
2183
2184static void netlink_data_ready(struct sock *sk, int len)
2185{
cd40b7d3 2186 BUG();
1da177e4
LT		 2187}
2188
2189/*
746fac4d 2190 * We export these functions to other modules. They provide a
1da177e4
LT		 2191 * complete set of kernel non-blocking support for message
2192 * queueing.
2193 */
2194
2195struct sock *
9f00d977
PNA		 2196__netlink_kernel_create(struct net *net, int unit, struct module *module,
2197 struct netlink_kernel_cfg *cfg)
1da177e4
LT		 2198{
2199 struct socket *sock;
2200 struct sock *sk;
77247bbb 2201 struct netlink_sock *nlk;
5c398dc8 2202 struct listeners *listeners = NULL;
a31f2d17
PNA		 2203 struct mutex *cb_mutex = cfg ? cfg->cb_mutex : NULL;
2204 unsigned int groups;
1da177e4 2205
fab2caf6 2206 BUG_ON(!nl_table);
1da177e4 2207
6ac552fd 2208 if (unit < 0 || unit >= MAX_LINKS)
1da177e4
LT		 2209 return NULL;
2210
2211 if (sock_create_lite(PF_NETLINK, SOCK_DGRAM, unit, &sock))
2212 return NULL;
2213
23fe1866
PE		 2214 /*
2215 * We have to just have a reference on the net from sk, but don't
2216 * get_net it. Besides, we cannot get and then put the net here.
2217 * So we create one inside init_net and the move it to net.
2218 */
2219
2220 if (__netlink_create(&init_net, sock, cb_mutex, unit) < 0)
2221 goto out_sock_release_nosk;
2222
2223 sk = sock->sk;
edf02087 2224 sk_change_net(sk, net);
4fdb3bb7 2225
a31f2d17 2226 if (!cfg || cfg->groups < 32)
4277a083 2227 groups = 32;
a31f2d17
PNA		 2228 else
2229 groups = cfg->groups;
4277a083 2230
5c398dc8 2231 listeners = kzalloc(sizeof(*listeners) + NLGRPSZ(groups), GFP_KERNEL);
4277a083
PM		 2232 if (!listeners)
2233 goto out_sock_release;
2234
1da177e4 2235 sk->sk_data_ready = netlink_data_ready;
a31f2d17
PNA		 2236 if (cfg && cfg->input)
2237 nlk_sk(sk)->netlink_rcv = cfg->input;
1da177e4 2238
b4b51029 2239 if (netlink_insert(sk, net, 0))
77247bbb 2240 goto out_sock_release;
4fdb3bb7 2241
77247bbb
PM		 2242 nlk = nlk_sk(sk);
2243 nlk->flags |= NETLINK_KERNEL_SOCKET;
4fdb3bb7 2244
4fdb3bb7 2245 netlink_table_grab();
b4b51029
EB		 2246 if (!nl_table[unit].registered) {
2247 nl_table[unit].groups = groups;
5c398dc8 2248 rcu_assign_pointer(nl_table[unit].listeners, listeners);
b4b51029
EB		 2249 nl_table[unit].cb_mutex = cb_mutex;
2250 nl_table[unit].module = module;
9785e10a
PNA		 2251 if (cfg) {
2252 nl_table[unit].bind = cfg->bind;
2253 nl_table[unit].flags = cfg->flags;
2254 }
b4b51029 2255 nl_table[unit].registered = 1;
f937f1f4
JJ		 2256 } else {
2257 kfree(listeners);
869e58f8 2258 nl_table[unit].registered++;
b4b51029 2259 }
4fdb3bb7 2260 netlink_table_ungrab();
77247bbb
PM		 2261 return sk;
2262
4fdb3bb7 2263out_sock_release:
4277a083 2264 kfree(listeners);
9dfbec1f 2265 netlink_kernel_release(sk);
23fe1866
PE		 2266 return NULL;
2267
2268out_sock_release_nosk:
4fdb3bb7 2269 sock_release(sock);
77247bbb 2270 return NULL;
1da177e4 2271}
9f00d977 2272EXPORT_SYMBOL(__netlink_kernel_create);
b7c6ba6e
DL		 2273
2274void
2275netlink_kernel_release(struct sock *sk)
2276{
edf02087 2277 sk_release_kernel(sk);
b7c6ba6e
DL		 2278}
2279EXPORT_SYMBOL(netlink_kernel_release);
2280
d136f1bd 2281int __netlink_change_ngroups(struct sock *sk, unsigned int groups)
b4ff4f04 2282{
5c398dc8 2283 struct listeners *new, *old;
b4ff4f04 2284 struct netlink_table *tbl = &nl_table[sk->sk_protocol];
b4ff4f04
JB		 2285
2286 if (groups < 32)
2287 groups = 32;
2288
b4ff4f04 2289 if (NLGRPSZ(tbl->groups) < NLGRPSZ(groups)) {
5c398dc8
ED		 2290 new = kzalloc(sizeof(*new) + NLGRPSZ(groups), GFP_ATOMIC);
2291 if (!new)
d136f1bd 2292 return -ENOMEM;
6d772ac5 2293 old = nl_deref_protected(tbl->listeners);
5c398dc8
ED		 2294 memcpy(new->masks, old->masks, NLGRPSZ(tbl->groups));
2295 rcu_assign_pointer(tbl->listeners, new);
2296
37b6b935 2297 kfree_rcu(old, rcu);
b4ff4f04
JB		 2298 }
2299 tbl->groups = groups;
2300
d136f1bd
JB		 2301 return 0;
2302}
2303
2304/**
2305 * netlink_change_ngroups - change number of multicast groups
2306 *
2307 * This changes the number of multicast groups that are available
2308 * on a certain netlink family. Note that it is not possible to
2309 * change the number of groups to below 32. Also note that it does
2310 * not implicitly call netlink_clear_multicast_users() when the
2311 * number of groups is reduced.
2312 *
2313 * @sk: The kernel netlink socket, as returned by netlink_kernel_create().
2314 * @groups: The new number of groups.
2315 */
2316int netlink_change_ngroups(struct sock *sk, unsigned int groups)
2317{
2318 int err;
2319
2320 netlink_table_grab();
2321 err = __netlink_change_ngroups(sk, groups);
b4ff4f04 2322 netlink_table_ungrab();
d136f1bd 2323
b4ff4f04
JB		 2324 return err;
2325}
b4ff4f04 2326
b8273570
JB		 2327void __netlink_clear_multicast_users(struct sock *ksk, unsigned int group)
2328{
2329 struct sock *sk;
b8273570
JB		 2330 struct netlink_table *tbl = &nl_table[ksk->sk_protocol];
2331
b67bfe0d 2332 sk_for_each_bound(sk, &tbl->mc_list)
b8273570
JB		 2333 netlink_update_socket_mc(nlk_sk(sk), group, 0);
2334}
2335
84659eb5
JB		 2336/**
2337 * netlink_clear_multicast_users - kick off multicast listeners
2338 *
2339 * This function removes all listeners from the given group.
2340 * @ksk: The kernel netlink socket, as returned by
2341 * netlink_kernel_create().
2342 * @group: The multicast group to clear.
2343 */
2344void netlink_clear_multicast_users(struct sock *ksk, unsigned int group)
2345{
84659eb5 2346 netlink_table_grab();
b8273570 2347 __netlink_clear_multicast_users(ksk, group);
84659eb5
JB		 2348 netlink_table_ungrab();
2349}
84659eb5 2350
a46621a3 2351struct nlmsghdr *
15e47304 2352__nlmsg_put(struct sk_buff *skb, u32 portid, u32 seq, int type, int len, int flags)
a46621a3
DV		 2353{
2354 struct nlmsghdr *nlh;
573ce260 2355 int size = nlmsg_msg_size(len);
a46621a3
DV		 2356
2357 nlh = (struct nlmsghdr*)skb_put(skb, NLMSG_ALIGN(size));
2358 nlh->nlmsg_type = type;
2359 nlh->nlmsg_len = size;
2360 nlh->nlmsg_flags = flags;
15e47304 2361 nlh->nlmsg_pid = portid;
a46621a3
DV		 2362 nlh->nlmsg_seq = seq;
2363 if (!__builtin_constant_p(size) || NLMSG_ALIGN(size) - size != 0)
573ce260 2364 memset(nlmsg_data(nlh) + len, 0, NLMSG_ALIGN(size) - size);
a46621a3
DV		 2365 return nlh;
2366}
2367EXPORT_SYMBOL(__nlmsg_put);
2368
1da177e4
LT		 2369/*
2370 * It looks a bit ugly.
2371 * It would be better to create kernel thread.
2372 */
2373
2374static int netlink_dump(struct sock *sk)
2375{
2376 struct netlink_sock *nlk = nlk_sk(sk);
2377 struct netlink_callback *cb;
c7ac8679 2378 struct sk_buff *skb = NULL;
1da177e4 2379 struct nlmsghdr *nlh;
bf8b79e4 2380 int len, err = -ENOBUFS;
c7ac8679 2381 int alloc_size;
1da177e4 2382
af65bdfc 2383 mutex_lock(nlk->cb_mutex);
1da177e4
LT		 2384
2385 cb = nlk->cb;
2386 if (cb == NULL) {
bf8b79e4
TG		 2387 err = -EINVAL;
2388 goto errout_skb;
1da177e4
LT		 2389 }
2390
c7ac8679
GR		 2391 alloc_size = max_t(int, cb->min_dump_alloc, NLMSG_GOODSIZE);
2392
f9c22888
PM		 2393 if (!netlink_rx_is_mmaped(sk) &&
2394 atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf)
2395 goto errout_skb;
2396 skb = netlink_alloc_skb(sk, alloc_size, nlk->portid, GFP_KERNEL);
c7ac8679 2397 if (!skb)
c63d6ea3 2398 goto errout_skb;
f9c22888 2399 netlink_skb_set_owner_r(skb, sk);
c7ac8679 2400
1da177e4
LT		 2401 len = cb->dump(skb, cb);
2402
2403 if (len > 0) {
af65bdfc 2404 mutex_unlock(nlk->cb_mutex);
b1153f29
SH		 2405
2406 if (sk_filter(sk, skb))
2407 kfree_skb(skb);
4a7e7c2a
ED		 2408 else
2409 __netlink_sendskb(sk, skb);
1da177e4
LT		 2410 return 0;
2411 }
2412
bf8b79e4
TG		 2413 nlh = nlmsg_put_answer(skb, cb, NLMSG_DONE, sizeof(len), NLM_F_MULTI);
2414 if (!nlh)
2415 goto errout_skb;
2416
670dc283
JB		 2417 nl_dump_check_consistent(cb, nlh);
2418
bf8b79e4
TG		 2419 memcpy(nlmsg_data(nlh), &len, sizeof(len));
2420
b1153f29
SH		 2421 if (sk_filter(sk, skb))
2422 kfree_skb(skb);
4a7e7c2a
ED		 2423 else
2424 __netlink_sendskb(sk, skb);
1da177e4 2425
a8f74b22
TG		 2426 if (cb->done)
2427 cb->done(cb);
1da177e4 2428 nlk->cb = NULL;
af65bdfc 2429 mutex_unlock(nlk->cb_mutex);
1da177e4 2430
6dc878a8 2431 module_put(cb->module);
bfb253c9 2432 netlink_consume_callback(cb);
1da177e4 2433 return 0;
1797754e 2434
bf8b79e4 2435errout_skb:
af65bdfc 2436 mutex_unlock(nlk->cb_mutex);
bf8b79e4 2437 kfree_skb(skb);
bf8b79e4 2438 return err;
1da177e4
LT		 2439}
2440
6dc878a8
G		 2441int __netlink_dump_start(struct sock *ssk, struct sk_buff *skb,
2442 const struct nlmsghdr *nlh,
2443 struct netlink_dump_control *control)
1da177e4
LT		 2444{
2445 struct netlink_callback *cb;
2446 struct sock *sk;
2447 struct netlink_sock *nlk;
b44d211e 2448 int ret;
1da177e4 2449
0da974f4 2450 cb = kzalloc(sizeof(*cb), GFP_KERNEL);
1da177e4
LT		 2451 if (cb == NULL)
2452 return -ENOBUFS;
2453
f9c22888
PM		 2454 /* Memory mapped dump requests need to be copied to avoid looping
2455 * on the pending state in netlink_mmap_sendmsg() while the CB hold
2456 * a reference to the skb.
2457 */
2458 if (netlink_skb_is_mmaped(skb)) {
2459 skb = skb_copy(skb, GFP_KERNEL);
2460 if (skb == NULL) {
2461 kfree(cb);
2462 return -ENOBUFS;
2463 }
2464 } else
2465 atomic_inc(&skb->users);
2466
80d326fa
PNA		 2467 cb->dump = control->dump;
2468 cb->done = control->done;
1da177e4 2469 cb->nlh = nlh;
7175c883 2470 cb->data = control->data;
6dc878a8 2471 cb->module = control->module;
80d326fa 2472 cb->min_dump_alloc = control->min_dump_alloc;
1da177e4
LT		 2473 atomic_inc(&skb->users);
2474 cb->skb = skb;
2475
15e47304 2476 sk = netlink_lookup(sock_net(ssk), ssk->sk_protocol, NETLINK_CB(skb).portid);
1da177e4
LT		 2477 if (sk == NULL) {
2478 netlink_destroy_callback(cb);
2479 return -ECONNREFUSED;
2480 }
2481 nlk = nlk_sk(sk);
6dc878a8 2482
af65bdfc 2483 mutex_lock(nlk->cb_mutex);
6dc878a8 2484 /* A dump is in progress... */
3f660d66 2485 if (nlk->cb) {
af65bdfc 2486 mutex_unlock(nlk->cb_mutex);
1da177e4 2487 netlink_destroy_callback(cb);
6dc878a8
G		 2488 ret = -EBUSY;
2489 goto out;
1da177e4 2490 }
6dc878a8
G		 2491 /* add reference of module which cb->dump belongs to */
2492 if (!try_module_get(cb->module)) {
2493 mutex_unlock(nlk->cb_mutex);
2494 netlink_destroy_callback(cb);
2495 ret = -EPROTONOSUPPORT;
2496 goto out;
2497 }
2498
1da177e4 2499 nlk->cb = cb;
af65bdfc 2500 mutex_unlock(nlk->cb_mutex);
1da177e4 2501
b44d211e 2502 ret = netlink_dump(sk);
6dc878a8 2503out:
1da177e4 2504 sock_put(sk);
5c58298c 2505
b44d211e
AV		 2506 if (ret)
2507 return ret;
2508
5c58298c
DL		 2509 /* We successfully started a dump, by returning -EINTR we
2510 * signal not to send ACK even if it was requested.
2511 */
2512 return -EINTR;
1da177e4 2513}
6dc878a8 2514EXPORT_SYMBOL(__netlink_dump_start);
1da177e4
LT		 2515
2516void netlink_ack(struct sk_buff *in_skb, struct nlmsghdr *nlh, int err)
2517{
2518 struct sk_buff *skb;
2519 struct nlmsghdr *rep;
2520 struct nlmsgerr *errmsg;
339bf98f 2521 size_t payload = sizeof(*errmsg);
1da177e4 2522
339bf98f
TG		 2523 /* error messages get the original request appened */
2524 if (err)
2525 payload += nlmsg_len(nlh);
1da177e4 2526
f9c22888
PM		 2527 skb = netlink_alloc_skb(in_skb->sk, nlmsg_total_size(payload),
2528 NETLINK_CB(in_skb).portid, GFP_KERNEL);
1da177e4
LT		 2529 if (!skb) {
2530 struct sock *sk;
2531
3b1e0a65 2532 sk = netlink_lookup(sock_net(in_skb->sk),
b4b51029 2533 in_skb->sk->sk_protocol,
15e47304 2534 NETLINK_CB(in_skb).portid);
1da177e4
LT		 2535 if (sk) {
2536 sk->sk_err = ENOBUFS;
2537 sk->sk_error_report(sk);
2538 sock_put(sk);
2539 }
2540 return;
2541 }
2542
15e47304 2543 rep = __nlmsg_put(skb, NETLINK_CB(in_skb).portid, nlh->nlmsg_seq,
5dba93ae 2544 NLMSG_ERROR, payload, 0);
bf8b79e4 2545 errmsg = nlmsg_data(rep);
1da177e4 2546 errmsg->error = err;
bf8b79e4 2547 memcpy(&errmsg->msg, nlh, err ? nlh->nlmsg_len : sizeof(*nlh));
15e47304 2548 netlink_unicast(in_skb->sk, skb, NETLINK_CB(in_skb).portid, MSG_DONTWAIT);
1da177e4 2549}
6ac552fd 2550EXPORT_SYMBOL(netlink_ack);
1da177e4 2551
cd40b7d3 2552int netlink_rcv_skb(struct sk_buff *skb, int (*cb)(struct sk_buff *,
1d00a4eb 2553 struct nlmsghdr *))
82ace47a 2554{
82ace47a
TG		 2555 struct nlmsghdr *nlh;
2556 int err;
2557
2558 while (skb->len >= nlmsg_total_size(0)) {
cd40b7d3
DL		 2559 int msglen;
2560
b529ccf2 2561 nlh = nlmsg_hdr(skb);
d35b6856 2562 err = 0;
82ace47a 2563
ad8e4b75 2564 if (nlh->nlmsg_len < NLMSG_HDRLEN || skb->len < nlh->nlmsg_len)
82ace47a
TG		 2565 return 0;
2566
d35b6856
TG		 2567 /* Only requests are handled by the kernel */
2568 if (!(nlh->nlmsg_flags & NLM_F_REQUEST))
5c58298c 2569 goto ack;
45e7ae7f
TG		 2570
2571 /* Skip control messages */
2572 if (nlh->nlmsg_type < NLMSG_MIN_TYPE)
5c58298c 2573 goto ack;
d35b6856 2574
1d00a4eb 2575 err = cb(skb, nlh);
5c58298c
DL		 2576 if (err == -EINTR)
2577 goto skip;
2578
2579ack:
d35b6856 2580 if (nlh->nlmsg_flags & NLM_F_ACK || err)
82ace47a 2581 netlink_ack(skb, nlh, err);
82ace47a 2582
5c58298c 2583skip:
6ac552fd 2584 msglen = NLMSG_ALIGN(nlh->nlmsg_len);
cd40b7d3
DL		 2585 if (msglen > skb->len)
2586 msglen = skb->len;
2587 skb_pull(skb, msglen);
82ace47a
TG		 2588 }
2589
2590 return 0;
2591}
6ac552fd 2592EXPORT_SYMBOL(netlink_rcv_skb);
82ace47a 2593
d387f6ad
TG		 2594/**
2595 * nlmsg_notify - send a notification netlink message
2596 * @sk: netlink socket to use
2597 * @skb: notification message
15e47304 2598 * @portid: destination netlink portid for reports or 0
d387f6ad
TG		 2599 * @group: destination multicast group or 0
2600 * @report: 1 to report back, 0 to disable
2601 * @flags: allocation flags
2602 */
15e47304 2603int nlmsg_notify(struct sock *sk, struct sk_buff *skb, u32 portid,
d387f6ad
TG		 2604 unsigned int group, int report, gfp_t flags)
2605{
2606 int err = 0;
2607
2608 if (group) {
15e47304 2609 int exclude_portid = 0;
d387f6ad
TG		 2610
2611 if (report) {
2612 atomic_inc(&skb->users);
15e47304 2613 exclude_portid = portid;
d387f6ad
TG		 2614 }
2615
1ce85fe4
PNA		 2616 /* errors reported via destination sk->sk_err, but propagate
2617 * delivery errors if NETLINK_BROADCAST_ERROR flag is set */
15e47304 2618 err = nlmsg_multicast(sk, skb, exclude_portid, group, flags);
d387f6ad
TG		 2619 }
2620
1ce85fe4
PNA		 2621 if (report) {
2622 int err2;
2623
15e47304 2624 err2 = nlmsg_unicast(sk, skb, portid);
1ce85fe4
PNA		 2625 if (!err || err == -ESRCH)
2626 err = err2;
2627 }
d387f6ad
TG		 2628
2629 return err;
2630}
6ac552fd 2631EXPORT_SYMBOL(nlmsg_notify);
d387f6ad 2632
1da177e4
LT		 2633#ifdef CONFIG_PROC_FS
2634struct nl_seq_iter {
e372c414 2635 struct seq_net_private p;
1da177e4
LT		 2636 int link;
2637 int hash_idx;
2638};
2639
2640static struct sock *netlink_seq_socket_idx(struct seq_file *seq, loff_t pos)
2641{
2642 struct nl_seq_iter *iter = seq->private;
2643 int i, j;
2644 struct sock *s;
1da177e4
LT		 2645 loff_t off = 0;
2646
6ac552fd 2647 for (i = 0; i < MAX_LINKS; i++) {
15e47304 2648 struct nl_portid_hash *hash = &nl_table[i].hash;
1da177e4
LT		 2649
2650 for (j = 0; j <= hash->mask; j++) {
b67bfe0d 2651 sk_for_each(s, &hash->table[j]) {
1218854a 2652 if (sock_net(s) != seq_file_net(seq))
b4b51029 2653 continue;
1da177e4
LT		 2654 if (off == pos) {
2655 iter->link = i;
2656 iter->hash_idx = j;
2657 return s;
2658 }
2659 ++off;
2660 }
2661 }
2662 }
2663 return NULL;
2664}
2665
2666static void *netlink_seq_start(struct seq_file *seq, loff_t *pos)
9a429c49 2667 __acquires(nl_table_lock)
1da177e4
LT		 2668{
2669 read_lock(&nl_table_lock);
2670 return *pos ? netlink_seq_socket_idx(seq, *pos - 1) : SEQ_START_TOKEN;
2671}
2672
2673static void *netlink_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2674{
2675 struct sock *s;
2676 struct nl_seq_iter *iter;
2677 int i, j;
2678
2679 ++*pos;
2680
2681 if (v == SEQ_START_TOKEN)
2682 return netlink_seq_socket_idx(seq, 0);
746fac4d 2683
b4b51029
EB		 2684 iter = seq->private;
2685 s = v;
2686 do {
2687 s = sk_next(s);
1218854a 2688 } while (s && sock_net(s) != seq_file_net(seq));
1da177e4
LT		 2689 if (s)
2690 return s;
2691
1da177e4
LT		 2692 i = iter->link;
2693 j = iter->hash_idx + 1;
2694
2695 do {
15e47304 2696 struct nl_portid_hash *hash = &nl_table[i].hash;
1da177e4
LT		 2697
2698 for (; j <= hash->mask; j++) {
2699 s = sk_head(&hash->table[j]);
1218854a 2700 while (s && sock_net(s) != seq_file_net(seq))
b4b51029 2701 s = sk_next(s);
1da177e4
LT		 2702 if (s) {
2703 iter->link = i;
2704 iter->hash_idx = j;
2705 return s;
2706 }
2707 }
2708
2709 j = 0;
2710 } while (++i < MAX_LINKS);
2711
2712 return NULL;
2713}
2714
2715static void netlink_seq_stop(struct seq_file *seq, void *v)
9a429c49 2716 __releases(nl_table_lock)
1da177e4
LT		 2717{
2718 read_unlock(&nl_table_lock);
2719}
2720
2721
2722static int netlink_seq_show(struct seq_file *seq, void *v)
2723{
658cb354 2724 if (v == SEQ_START_TOKEN) {
1da177e4
LT		 2725 seq_puts(seq,
2726 "sk Eth Pid Groups "
cf0aa4e0 2727 "Rmem Wmem Dump Locks Drops Inode\n");
658cb354 2728 } else {
1da177e4
LT		 2729 struct sock *s = v;
2730 struct netlink_sock *nlk = nlk_sk(s);
2731
9f1e0ad0 2732 seq_printf(seq, "%pK %-3d %-6u %08x %-8d %-8d %pK %-8d %-8d %-8lu\n",
1da177e4
LT		 2733 s,
2734 s->sk_protocol,
15e47304 2735 nlk->portid,
513c2500 2736 nlk->groups ? (u32)nlk->groups[0] : 0,
31e6d363
ED		 2737 sk_rmem_alloc_get(s),
2738 sk_wmem_alloc_get(s),
1da177e4 2739 nlk->cb,
38938bfe 2740 atomic_read(&s->sk_refcnt),
cf0aa4e0
MY		 2741 atomic_read(&s->sk_drops),
2742 sock_i_ino(s)
1da177e4
LT		 2743 );
2744
2745 }
2746 return 0;
2747}
2748
56b3d975 2749static const struct seq_operations netlink_seq_ops = {
1da177e4
LT		 2750 .start = netlink_seq_start,
2751 .next = netlink_seq_next,
2752 .stop = netlink_seq_stop,
2753 .show = netlink_seq_show,
2754};
2755
2756
2757static int netlink_seq_open(struct inode *inode, struct file *file)
2758{
e372c414
DL		 2759 return seq_open_net(inode, file, &netlink_seq_ops,
2760 sizeof(struct nl_seq_iter));
b4b51029
EB		 2761}
2762
da7071d7 2763static const struct file_operations netlink_seq_fops = {
1da177e4
LT		 2764 .owner = THIS_MODULE,
2765 .open = netlink_seq_open,
2766 .read = seq_read,
2767 .llseek = seq_lseek,
e372c414 2768 .release = seq_release_net,
1da177e4
LT		 2769};
2770
2771#endif
2772
2773int netlink_register_notifier(struct notifier_block *nb)
2774{
e041c683 2775 return atomic_notifier_chain_register(&netlink_chain, nb);
1da177e4 2776}
6ac552fd 2777EXPORT_SYMBOL(netlink_register_notifier);
1da177e4
LT		 2778
2779int netlink_unregister_notifier(struct notifier_block *nb)
2780{
e041c683 2781 return atomic_notifier_chain_unregister(&netlink_chain, nb);
1da177e4 2782}
6ac552fd 2783EXPORT_SYMBOL(netlink_unregister_notifier);
746fac4d 2784
90ddc4f0 2785static const struct proto_ops netlink_ops = {
1da177e4
LT		 2786 .family = PF_NETLINK,
2787 .owner = THIS_MODULE,
2788 .release = netlink_release,
2789 .bind = netlink_bind,
2790 .connect = netlink_connect,
2791 .socketpair = sock_no_socketpair,
2792 .accept = sock_no_accept,
2793 .getname = netlink_getname,
9652e931 2794 .poll = netlink_poll,
1da177e4
LT		 2795 .ioctl = sock_no_ioctl,
2796 .listen = sock_no_listen,
2797 .shutdown = sock_no_shutdown,
9a4595bc
PM		 2798 .setsockopt = netlink_setsockopt,
2799 .getsockopt = netlink_getsockopt,
1da177e4
LT		 2800 .sendmsg = netlink_sendmsg,
2801 .recvmsg = netlink_recvmsg,
ccdfcc39 2802 .mmap = netlink_mmap,
1da177e4
LT		 2803 .sendpage = sock_no_sendpage,
2804};
2805
ec1b4cf7 2806static const struct net_proto_family netlink_family_ops = {
1da177e4
LT		 2807 .family = PF_NETLINK,
2808 .create = netlink_create,
2809 .owner = THIS_MODULE, /* for consistency 8) */
2810};
2811
4665079c 2812static int __net_init netlink_net_init(struct net *net)
b4b51029
EB		 2813{
2814#ifdef CONFIG_PROC_FS
d4beaa66 2815 if (!proc_create("netlink", 0, net->proc_net, &netlink_seq_fops))
b4b51029
EB		 2816 return -ENOMEM;
2817#endif
2818 return 0;
2819}
2820
4665079c 2821static void __net_exit netlink_net_exit(struct net *net)
b4b51029
EB		 2822{
2823#ifdef CONFIG_PROC_FS
ece31ffd 2824 remove_proc_entry("netlink", net->proc_net);
b4b51029
EB		 2825#endif
2826}
2827
b963ea89
DM		 2828static void __init netlink_add_usersock_entry(void)
2829{
5c398dc8 2830 struct listeners *listeners;
b963ea89
DM		 2831 int groups = 32;
2832
5c398dc8 2833 listeners = kzalloc(sizeof(*listeners) + NLGRPSZ(groups), GFP_KERNEL);
b963ea89 2834 if (!listeners)
5c398dc8 2835 panic("netlink_add_usersock_entry: Cannot allocate listeners\n");
b963ea89
DM		 2836
2837 netlink_table_grab();
2838
2839 nl_table[NETLINK_USERSOCK].groups = groups;
5c398dc8 2840 rcu_assign_pointer(nl_table[NETLINK_USERSOCK].listeners, listeners);
b963ea89
DM		 2841 nl_table[NETLINK_USERSOCK].module = THIS_MODULE;
2842 nl_table[NETLINK_USERSOCK].registered = 1;
9785e10a 2843 nl_table[NETLINK_USERSOCK].flags = NL_CFG_F_NONROOT_SEND;
b963ea89
DM		 2844
2845 netlink_table_ungrab();
2846}
2847
022cbae6 2848static struct pernet_operations __net_initdata netlink_net_ops = {
b4b51029
EB		 2849 .init = netlink_net_init,
2850 .exit = netlink_net_exit,
2851};
2852
1da177e4
LT		 2853static int __init netlink_proto_init(void)
2854{
1da177e4 2855 int i;
26ff5ddc 2856 unsigned long limit;
1da177e4
LT		 2857 unsigned int order;
2858 int err = proto_register(&netlink_proto, 0);
2859
2860 if (err != 0)
2861 goto out;
2862
fab25745 2863 BUILD_BUG_ON(sizeof(struct netlink_skb_parms) > FIELD_SIZEOF(struct sk_buff, cb));
1da177e4 2864
0da974f4 2865 nl_table = kcalloc(MAX_LINKS, sizeof(*nl_table), GFP_KERNEL);
fab2caf6
AM		 2866 if (!nl_table)
2867 goto panic;
1da177e4 2868
4481374c
JB		 2869 if (totalram_pages >= (128 * 1024))
2870 limit = totalram_pages >> (21 - PAGE_SHIFT);
1da177e4 2871 else
4481374c 2872 limit = totalram_pages >> (23 - PAGE_SHIFT);
1da177e4 2873
26ff5ddc
DC		 2874 order = get_bitmask_order(limit) - 1 + PAGE_SHIFT;
2875 limit = (1UL << order) / sizeof(struct hlist_head);
2876 order = get_bitmask_order(min(limit, (unsigned long)UINT_MAX)) - 1;
1da177e4
LT		 2877
2878 for (i = 0; i < MAX_LINKS; i++) {
15e47304 2879 struct nl_portid_hash *hash = &nl_table[i].hash;
1da177e4 2880
15e47304 2881 hash->table = nl_portid_hash_zalloc(1 * sizeof(*hash->table));
1da177e4
LT		 2882 if (!hash->table) {
2883 while (i-- > 0)
15e47304 2884 nl_portid_hash_free(nl_table[i].hash.table,
1da177e4
LT		 2885 1 * sizeof(*hash->table));
2886 kfree(nl_table);
fab2caf6 2887 goto panic;
1da177e4 2888 }
1da177e4
LT		 2889 hash->max_shift = order;
2890 hash->shift = 0;
2891 hash->mask = 0;
2892 hash->rehash_time = jiffies;
2893 }
2894
b963ea89
DM		 2895 netlink_add_usersock_entry();
2896
1da177e4 2897 sock_register(&netlink_family_ops);
b4b51029 2898 register_pernet_subsys(&netlink_net_ops);
746fac4d 2899 /* The netlink device handler may be needed early. */
1da177e4
LT		 2900 rtnetlink_init();
2901out:
2902 return err;
fab2caf6
AM		 2903panic:
2904 panic("netlink_init: Cannot allocate nl_table\n");
1da177e4
LT		 2905}
2906
1da177e4 2907core_initcall(netlink_proto_init);
kernel source for telekom puls (alcatel/mediatek)