projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
tcp: Fix out of bounds access to tcpm_vals
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / core / sock.c
CommitLineData
1da177e4
LT		 1/*
2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
5 *
6 * Generic socket support routines. Memory allocators, socket lock/release
7 * handler for protocols to use and generic option handler.
8 *
9 *
02c30a84 10 * Authors: Ross Biro
1da177e4
LT		 11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Florian La Roche, <flla@stud.uni-sb.de>
13 * Alan Cox, <A.Cox@swansea.ac.uk>
14 *
15 * Fixes:
16 * Alan Cox : Numerous verify_area() problems
17 * Alan Cox : Connecting on a connecting socket
18 * now returns an error for tcp.
19 * Alan Cox : sock->protocol is set correctly.
20 * and is not sometimes left as 0.
21 * Alan Cox : connect handles icmp errors on a
22 * connect properly. Unfortunately there
23 * is a restart syscall nasty there. I
24 * can't match BSD without hacking the C
25 * library. Ideas urgently sought!
26 * Alan Cox : Disallow bind() to addresses that are
27 * not ours - especially broadcast ones!!
28 * Alan Cox : Socket 1024 _IS_ ok for users. (fencepost)
29 * Alan Cox : sock_wfree/sock_rfree don't destroy sockets,
30 * instead they leave that for the DESTROY timer.
31 * Alan Cox : Clean up error flag in accept
32 * Alan Cox : TCP ack handling is buggy, the DESTROY timer
33 * was buggy. Put a remove_sock() in the handler
34 * for memory when we hit 0. Also altered the timer
4ec93edb 35 * code. The ACK stuff can wait and needs major
1da177e4
LT		 36 * TCP layer surgery.
37 * Alan Cox : Fixed TCP ack bug, removed remove sock
38 * and fixed timer/inet_bh race.
39 * Alan Cox : Added zapped flag for TCP
40 * Alan Cox : Move kfree_skb into skbuff.c and tidied up surplus code
41 * Alan Cox : for new sk_buff allocations wmalloc/rmalloc now call alloc_skb
42 * Alan Cox : kfree_s calls now are kfree_skbmem so we can track skb resources
43 * Alan Cox : Supports socket option broadcast now as does udp. Packet and raw need fixing.
44 * Alan Cox : Added RCVBUF,SNDBUF size setting. It suddenly occurred to me how easy it was so...
45 * Rick Sladkey : Relaxed UDP rules for matching packets.
46 * C.E.Hawkins : IFF_PROMISC/SIOCGHWADDR support
47 * Pauline Middelink : identd support
48 * Alan Cox : Fixed connect() taking signals I think.
49 * Alan Cox : SO_LINGER supported
50 * Alan Cox : Error reporting fixes
51 * Anonymous : inet_create tidied up (sk->reuse setting)
52 * Alan Cox : inet sockets don't set sk->type!
53 * Alan Cox : Split socket option code
54 * Alan Cox : Callbacks
55 * Alan Cox : Nagle flag for Charles & Johannes stuff
56 * Alex : Removed restriction on inet fioctl
57 * Alan Cox : Splitting INET from NET core
58 * Alan Cox : Fixed bogus SO_TYPE handling in getsockopt()
59 * Adam Caldwell : Missing return in SO_DONTROUTE/SO_DEBUG code
60 * Alan Cox : Split IP from generic code
61 * Alan Cox : New kfree_skbmem()
62 * Alan Cox : Make SO_DEBUG superuser only.
63 * Alan Cox : Allow anyone to clear SO_DEBUG
64 * (compatibility fix)
65 * Alan Cox : Added optimistic memory grabbing for AF_UNIX throughput.
66 * Alan Cox : Allocator for a socket is settable.
67 * Alan Cox : SO_ERROR includes soft errors.
68 * Alan Cox : Allow NULL arguments on some SO_ opts
69 * Alan Cox : Generic socket allocation to make hooks
70 * easier (suggested by Craig Metz).
71 * Michael Pall : SO_ERROR returns positive errno again
72 * Steve Whitehouse: Added default destructor to free
73 * protocol private data.
74 * Steve Whitehouse: Added various other default routines
75 * common to several socket families.
76 * Chris Evans : Call suser() check last on F_SETOWN
77 * Jay Schulist : Added SO_ATTACH_FILTER and SO_DETACH_FILTER.
78 * Andi Kleen : Add sock_kmalloc()/sock_kfree_s()
79 * Andi Kleen : Fix write_space callback
80 * Chris Evans : Security fixes - signedness again
81 * Arnaldo C. Melo : cleanups, use skb_queue_purge
82 *
83 * To Fix:
84 *
85 *
86 * This program is free software; you can redistribute it and/or
87 * modify it under the terms of the GNU General Public License
88 * as published by the Free Software Foundation; either version
89 * 2 of the License, or (at your option) any later version.
90 */
91
e005d193
JP		 92#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
93
4fc268d2 94#include <linux/capability.h>
1da177e4
LT		 95#include <linux/errno.h>
96#include <linux/types.h>
97#include <linux/socket.h>
98#include <linux/in.h>
99#include <linux/kernel.h>
1da177e4
LT		 100#include <linux/module.h>
101#include <linux/proc_fs.h>
102#include <linux/seq_file.h>
103#include <linux/sched.h>
104#include <linux/timer.h>
105#include <linux/string.h>
106#include <linux/sockios.h>
107#include <linux/net.h>
108#include <linux/mm.h>
109#include <linux/slab.h>
110#include <linux/interrupt.h>
111#include <linux/poll.h>
112#include <linux/tcp.h>
113#include <linux/init.h>
a1f8e7f7 114#include <linux/highmem.h>
3f551f94 115#include <linux/user_namespace.h>
c5905afb 116#include <linux/static_key.h>
3969eb38 117#include <linux/memcontrol.h>
8c1ae10d 118#include <linux/prefetch.h>
1da177e4
LT		 119
120#include <asm/uaccess.h>
1da177e4
LT		 121
122#include <linux/netdevice.h>
123#include <net/protocol.h>
124#include <linux/skbuff.h>
457c4cbc 125#include <net/net_namespace.h>
2e6599cb 126#include <net/request_sock.h>
1da177e4 127#include <net/sock.h>
20d49473 128#include <linux/net_tstamp.h>
1da177e4
LT		 129#include <net/xfrm.h>
130#include <linux/ipsec.h>
f8451725 131#include <net/cls_cgroup.h>
5bc1421e 132#include <net/netprio_cgroup.h>
1da177e4
LT		 133
134#include <linux/filter.h>
135
3847ce32
SM		 136#include <trace/events/sock.h>
137
1da177e4
LT		 138#ifdef CONFIG_INET
139#include <net/tcp.h>
140#endif
141
36b77a52 142static DEFINE_MUTEX(proto_list_mutex);
d1a4c0b3
GC		 143static LIST_HEAD(proto_list);
144
145#ifdef CONFIG_CGROUP_MEM_RES_CTLR_KMEM
1d62e436 146int mem_cgroup_sockets_init(struct mem_cgroup *memcg, struct cgroup_subsys *ss)
d1a4c0b3
GC		 147{
148 struct proto *proto;
149 int ret = 0;
150
36b77a52 151 mutex_lock(&proto_list_mutex);
d1a4c0b3
GC		 152 list_for_each_entry(proto, &proto_list, node) {
153 if (proto->init_cgroup) {
1d62e436 154 ret = proto->init_cgroup(memcg, ss);
d1a4c0b3
GC		 155 if (ret)
156 goto out;
157 }
158 }
159
36b77a52 160 mutex_unlock(&proto_list_mutex);
d1a4c0b3
GC		 161 return ret;
162out:
163 list_for_each_entry_continue_reverse(proto, &proto_list, node)
164 if (proto->destroy_cgroup)
1d62e436 165 proto->destroy_cgroup(memcg);
36b77a52 166 mutex_unlock(&proto_list_mutex);
d1a4c0b3
GC		 167 return ret;
168}
169
1d62e436 170void mem_cgroup_sockets_destroy(struct mem_cgroup *memcg)
d1a4c0b3
GC		 171{
172 struct proto *proto;
173
36b77a52 174 mutex_lock(&proto_list_mutex);
d1a4c0b3
GC		 175 list_for_each_entry_reverse(proto, &proto_list, node)
176 if (proto->destroy_cgroup)
1d62e436 177 proto->destroy_cgroup(memcg);
36b77a52 178 mutex_unlock(&proto_list_mutex);
d1a4c0b3
GC		 179}
180#endif
181
da21f24d
IM		 182/*
183 * Each address family might have different locking rules, so we have
184 * one slock key per address family:
185 */
a5b5bb9a
IM		 186static struct lock_class_key af_family_keys[AF_MAX];
187static struct lock_class_key af_family_slock_keys[AF_MAX];
188
c5905afb 189struct static_key memcg_socket_limit_enabled;
e1aab161
GC		 190EXPORT_SYMBOL(memcg_socket_limit_enabled);
191
a5b5bb9a
IM		 192/*
193 * Make lock validator output more readable. (we pre-construct these
194 * strings build-time, so that runtime initialization of socket
195 * locks is fast):
196 */
36cbd3dc 197static const char *const af_family_key_strings[AF_MAX+1] = {
a5b5bb9a
IM		 198 "sk_lock-AF_UNSPEC", "sk_lock-AF_UNIX" , "sk_lock-AF_INET" ,
199 "sk_lock-AF_AX25" , "sk_lock-AF_IPX" , "sk_lock-AF_APPLETALK",
200 "sk_lock-AF_NETROM", "sk_lock-AF_BRIDGE" , "sk_lock-AF_ATMPVC" ,
201 "sk_lock-AF_X25" , "sk_lock-AF_INET6" , "sk_lock-AF_ROSE" ,
202 "sk_lock-AF_DECnet", "sk_lock-AF_NETBEUI" , "sk_lock-AF_SECURITY" ,
203 "sk_lock-AF_KEY" , "sk_lock-AF_NETLINK" , "sk_lock-AF_PACKET" ,
204 "sk_lock-AF_ASH" , "sk_lock-AF_ECONET" , "sk_lock-AF_ATMSVC" ,
cbd151bf 205 "sk_lock-AF_RDS" , "sk_lock-AF_SNA" , "sk_lock-AF_IRDA" ,
a5b5bb9a 206 "sk_lock-AF_PPPOX" , "sk_lock-AF_WANPIPE" , "sk_lock-AF_LLC" ,
cd05acfe 207 "sk_lock-27" , "sk_lock-28" , "sk_lock-AF_CAN" ,
17926a79 208 "sk_lock-AF_TIPC" , "sk_lock-AF_BLUETOOTH", "sk_lock-IUCV" ,
bce7b154 209 "sk_lock-AF_RXRPC" , "sk_lock-AF_ISDN" , "sk_lock-AF_PHONET" ,
6f107b58 210 "sk_lock-AF_IEEE802154", "sk_lock-AF_CAIF" , "sk_lock-AF_ALG" ,
c7fe3b52 211 "sk_lock-AF_NFC" , "sk_lock-AF_MAX"
a5b5bb9a 212};
36cbd3dc 213static const char *const af_family_slock_key_strings[AF_MAX+1] = {
a5b5bb9a
IM		 214 "slock-AF_UNSPEC", "slock-AF_UNIX" , "slock-AF_INET" ,
215 "slock-AF_AX25" , "slock-AF_IPX" , "slock-AF_APPLETALK",
216 "slock-AF_NETROM", "slock-AF_BRIDGE" , "slock-AF_ATMPVC" ,
217 "slock-AF_X25" , "slock-AF_INET6" , "slock-AF_ROSE" ,
218 "slock-AF_DECnet", "slock-AF_NETBEUI" , "slock-AF_SECURITY" ,
219 "slock-AF_KEY" , "slock-AF_NETLINK" , "slock-AF_PACKET" ,
220 "slock-AF_ASH" , "slock-AF_ECONET" , "slock-AF_ATMSVC" ,
cbd151bf 221 "slock-AF_RDS" , "slock-AF_SNA" , "slock-AF_IRDA" ,
a5b5bb9a 222 "slock-AF_PPPOX" , "slock-AF_WANPIPE" , "slock-AF_LLC" ,
cd05acfe 223 "slock-27" , "slock-28" , "slock-AF_CAN" ,
17926a79 224 "slock-AF_TIPC" , "slock-AF_BLUETOOTH", "slock-AF_IUCV" ,
bce7b154 225 "slock-AF_RXRPC" , "slock-AF_ISDN" , "slock-AF_PHONET" ,
6f107b58 226 "slock-AF_IEEE802154", "slock-AF_CAIF" , "slock-AF_ALG" ,
c7fe3b52 227 "slock-AF_NFC" , "slock-AF_MAX"
a5b5bb9a 228};
36cbd3dc 229static const char *const af_family_clock_key_strings[AF_MAX+1] = {
443aef0e
PZ		 230 "clock-AF_UNSPEC", "clock-AF_UNIX" , "clock-AF_INET" ,
231 "clock-AF_AX25" , "clock-AF_IPX" , "clock-AF_APPLETALK",
232 "clock-AF_NETROM", "clock-AF_BRIDGE" , "clock-AF_ATMPVC" ,
233 "clock-AF_X25" , "clock-AF_INET6" , "clock-AF_ROSE" ,
234 "clock-AF_DECnet", "clock-AF_NETBEUI" , "clock-AF_SECURITY" ,
235 "clock-AF_KEY" , "clock-AF_NETLINK" , "clock-AF_PACKET" ,
236 "clock-AF_ASH" , "clock-AF_ECONET" , "clock-AF_ATMSVC" ,
cbd151bf 237 "clock-AF_RDS" , "clock-AF_SNA" , "clock-AF_IRDA" ,
443aef0e 238 "clock-AF_PPPOX" , "clock-AF_WANPIPE" , "clock-AF_LLC" ,
b4942af6 239 "clock-27" , "clock-28" , "clock-AF_CAN" ,
e51f802b 240 "clock-AF_TIPC" , "clock-AF_BLUETOOTH", "clock-AF_IUCV" ,
bce7b154 241 "clock-AF_RXRPC" , "clock-AF_ISDN" , "clock-AF_PHONET" ,
6f107b58 242 "clock-AF_IEEE802154", "clock-AF_CAIF" , "clock-AF_ALG" ,
c7fe3b52 243 "clock-AF_NFC" , "clock-AF_MAX"
443aef0e 244};
da21f24d
IM		 245
246/*
247 * sk_callback_lock locking rules are per-address-family,
248 * so split the lock classes by using a per-AF key:
249 */
250static struct lock_class_key af_callback_keys[AF_MAX];
251
1da177e4
LT		 252/* Take into consideration the size of the struct sk_buff overhead in the
253 * determination of these values, since that is non-constant across
254 * platforms. This makes socket queueing behavior and performance
255 * not depend upon such differences.
256 */
257#define _SK_MEM_PACKETS 256
87fb4b7b 258#define _SK_MEM_OVERHEAD SKB_TRUESIZE(256)
1da177e4
LT		 259#define SK_WMEM_MAX (_SK_MEM_OVERHEAD * _SK_MEM_PACKETS)
260#define SK_RMEM_MAX (_SK_MEM_OVERHEAD * _SK_MEM_PACKETS)
261
262/* Run time adjustable parameters. */
ab32ea5d 263__u32 sysctl_wmem_max __read_mostly = SK_WMEM_MAX;
6d8ebc8a 264EXPORT_SYMBOL(sysctl_wmem_max);
ab32ea5d 265__u32 sysctl_rmem_max __read_mostly = SK_RMEM_MAX;
6d8ebc8a 266EXPORT_SYMBOL(sysctl_rmem_max);
ab32ea5d
BH		 267__u32 sysctl_wmem_default __read_mostly = SK_WMEM_MAX;
268__u32 sysctl_rmem_default __read_mostly = SK_RMEM_MAX;
1da177e4 269
25985edc 270/* Maximal space eaten by iovec or ancillary data plus some space */
ab32ea5d 271int sysctl_optmem_max __read_mostly = sizeof(unsigned long)*(2*UIO_MAXIOV+512);
2a91525c 272EXPORT_SYMBOL(sysctl_optmem_max);
1da177e4 273
5bc1421e
NH		 274#if defined(CONFIG_CGROUPS)
275#if !defined(CONFIG_NET_CLS_CGROUP)
f8451725
HX		 276int net_cls_subsys_id = -1;
277EXPORT_SYMBOL_GPL(net_cls_subsys_id);
278#endif
5bc1421e
NH		 279#if !defined(CONFIG_NETPRIO_CGROUP)
280int net_prio_subsys_id = -1;
281EXPORT_SYMBOL_GPL(net_prio_subsys_id);
282#endif
283#endif
f8451725 284
1da177e4
LT		 285static int sock_set_timeout(long *timeo_p, char __user *optval, int optlen)
286{
287 struct timeval tv;
288
289 if (optlen < sizeof(tv))
290 return -EINVAL;
291 if (copy_from_user(&tv, optval, sizeof(tv)))
292 return -EFAULT;
ba78073e
VA		 293 if (tv.tv_usec < 0 || tv.tv_usec >= USEC_PER_SEC)
294 return -EDOM;
1da177e4 295
ba78073e 296 if (tv.tv_sec < 0) {
6f11df83
AM		 297 static int warned __read_mostly;
298
ba78073e 299 *timeo_p = 0;
50aab54f 300 if (warned < 10 && net_ratelimit()) {
ba78073e 301 warned++;
e005d193
JP		 302 pr_info("%s: `%s' (pid %d) tries to set negative timeout\n",
303 __func__, current->comm, task_pid_nr(current));
50aab54f 304 }
ba78073e
VA		 305 return 0;
306 }
1da177e4
LT		 307 *timeo_p = MAX_SCHEDULE_TIMEOUT;
308 if (tv.tv_sec == 0 && tv.tv_usec == 0)
309 return 0;
310 if (tv.tv_sec < (MAX_SCHEDULE_TIMEOUT/HZ - 1))
311 *timeo_p = tv.tv_sec*HZ + (tv.tv_usec+(1000000/HZ-1))/(1000000/HZ);
312 return 0;
313}
314
315static void sock_warn_obsolete_bsdism(const char *name)
316{
317 static int warned;
318 static char warncomm[TASK_COMM_LEN];
4ec93edb
YH		 319 if (strcmp(warncomm, current->comm) && warned < 5) {
320 strcpy(warncomm, current->comm);
e005d193
JP		 321 pr_warn("process `%s' is using obsolete %s SO_BSDCOMPAT\n",
322 warncomm, name);
1da177e4
LT		 323 warned++;
324 }
325}
326
08e29af3
ED		 327#define SK_FLAGS_TIMESTAMP ((1UL << SOCK_TIMESTAMP) | (1UL << SOCK_TIMESTAMPING_RX_SOFTWARE))
328
329static void sock_disable_timestamp(struct sock *sk, unsigned long flags)
4ec93edb 330{
08e29af3
ED		 331 if (sk->sk_flags & flags) {
332 sk->sk_flags &= ~flags;
333 if (!(sk->sk_flags & SK_FLAGS_TIMESTAMP))
20d49473 334 net_disable_timestamp();
1da177e4
LT		 335 }
336}
337
338
f0088a50
DV		 339int sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
340{
766e9037 341 int err;
f0088a50 342 int skb_len;
3b885787
NH		 343 unsigned long flags;
344 struct sk_buff_head *list = &sk->sk_receive_queue;
f0088a50 345
0fd7bac6 346 if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf) {
766e9037 347 atomic_inc(&sk->sk_drops);
3847ce32 348 trace_sock_rcvqueue_full(sk, skb);
766e9037 349 return -ENOMEM;
f0088a50
DV		 350 }
351
fda9ef5d 352 err = sk_filter(sk, skb);
f0088a50 353 if (err)
766e9037 354 return err;
f0088a50 355
3ab224be 356 if (!sk_rmem_schedule(sk, skb->truesize)) {
766e9037
ED		 357 atomic_inc(&sk->sk_drops);
358 return -ENOBUFS;
3ab224be
HA		 359 }
360
f0088a50
DV		 361 skb->dev = NULL;
362 skb_set_owner_r(skb, sk);
49ad9599 363
f0088a50
DV		 364 /* Cache the SKB length before we tack it onto the receive
365 * queue. Once it is added it no longer belongs to us and
366 * may be freed by other threads of control pulling packets
367 * from the queue.
368 */
369 skb_len = skb->len;
370
7fee226a
ED		 371 /* we escape from rcu protected region, make sure we dont leak
372 * a norefcounted dst
373 */
374 skb_dst_force(skb);
375
3b885787
NH		 376 spin_lock_irqsave(&list->lock, flags);
377 skb->dropcount = atomic_read(&sk->sk_drops);
378 __skb_queue_tail(list, skb);
379 spin_unlock_irqrestore(&list->lock, flags);
f0088a50
DV		 380
381 if (!sock_flag(sk, SOCK_DEAD))
382 sk->sk_data_ready(sk, skb_len);
766e9037 383 return 0;
f0088a50
DV		 384}
385EXPORT_SYMBOL(sock_queue_rcv_skb);
386
58a5a7b9 387int sk_receive_skb(struct sock *sk, struct sk_buff *skb, const int nested)
f0088a50
DV		 388{
389 int rc = NET_RX_SUCCESS;
390
fda9ef5d 391 if (sk_filter(sk, skb))
f0088a50
DV		 392 goto discard_and_relse;
393
394 skb->dev = NULL;
395
f545a38f 396 if (sk_rcvqueues_full(sk, skb, sk->sk_rcvbuf)) {
c377411f
ED		 397 atomic_inc(&sk->sk_drops);
398 goto discard_and_relse;
399 }
58a5a7b9
ACM		 400 if (nested)
401 bh_lock_sock_nested(sk);
402 else
403 bh_lock_sock(sk);
a5b5bb9a
IM		 404 if (!sock_owned_by_user(sk)) {
405 /*
406 * trylock + unlock semantics:
407 */
408 mutex_acquire(&sk->sk_lock.dep_map, 0, 1, _RET_IP_);
409
c57943a1 410 rc = sk_backlog_rcv(sk, skb);
a5b5bb9a
IM		 411
412 mutex_release(&sk->sk_lock.dep_map, 1, _RET_IP_);
f545a38f 413 } else if (sk_add_backlog(sk, skb, sk->sk_rcvbuf)) {
8eae939f
ZY		 414 bh_unlock_sock(sk);
415 atomic_inc(&sk->sk_drops);
416 goto discard_and_relse;
417 }
418
f0088a50
DV		 419 bh_unlock_sock(sk);
420out:
421 sock_put(sk);
422 return rc;
423discard_and_relse:
424 kfree_skb(skb);
425 goto out;
426}
427EXPORT_SYMBOL(sk_receive_skb);
428
ea94ff3b
KK		 429void sk_reset_txq(struct sock *sk)
430{
431 sk_tx_queue_clear(sk);
432}
433EXPORT_SYMBOL(sk_reset_txq);
434
f0088a50
DV		 435struct dst_entry *__sk_dst_check(struct sock *sk, u32 cookie)
436{
b6c6712a 437 struct dst_entry *dst = __sk_dst_get(sk);
f0088a50
DV		 438
439 if (dst && dst->obsolete && dst->ops->check(dst, cookie) == NULL) {
e022f0b4 440 sk_tx_queue_clear(sk);
a9b3cd7f 441 RCU_INIT_POINTER(sk->sk_dst_cache, NULL);
f0088a50
DV		 442 dst_release(dst);
443 return NULL;
444 }
445
446 return dst;
447}
448EXPORT_SYMBOL(__sk_dst_check);
449
450struct dst_entry *sk_dst_check(struct sock *sk, u32 cookie)
451{
452 struct dst_entry *dst = sk_dst_get(sk);
453
454 if (dst && dst->obsolete && dst->ops->check(dst, cookie) == NULL) {
455 sk_dst_reset(sk);
456 dst_release(dst);
457 return NULL;
458 }
459
460 return dst;
461}
462EXPORT_SYMBOL(sk_dst_check);
463
4878809f
DM		 464static int sock_bindtodevice(struct sock *sk, char __user *optval, int optlen)
465{
466 int ret = -ENOPROTOOPT;
467#ifdef CONFIG_NETDEVICES
3b1e0a65 468 struct net *net = sock_net(sk);
4878809f
DM		 469 char devname[IFNAMSIZ];
470 int index;
471
472 /* Sorry... */
473 ret = -EPERM;
474 if (!capable(CAP_NET_RAW))
475 goto out;
476
477 ret = -EINVAL;
478 if (optlen < 0)
479 goto out;
480
481 /* Bind this socket to a particular device like "eth0",
482 * as specified in the passed interface name. If the
483 * name is "" or the option length is zero the socket
484 * is not bound.
485 */
486 if (optlen > IFNAMSIZ - 1)
487 optlen = IFNAMSIZ - 1;
488 memset(devname, 0, sizeof(devname));
489
490 ret = -EFAULT;
491 if (copy_from_user(devname, optval, optlen))
492 goto out;
493
000ba2e4
DM		 494 index = 0;
495 if (devname[0] != '\0') {
bf8e56bf 496 struct net_device *dev;
4878809f 497
bf8e56bf
ED		 498 rcu_read_lock();
499 dev = dev_get_by_name_rcu(net, devname);
500 if (dev)
501 index = dev->ifindex;
502 rcu_read_unlock();
4878809f
DM		 503 ret = -ENODEV;
504 if (!dev)
505 goto out;
4878809f
DM		 506 }
507
508 lock_sock(sk);
509 sk->sk_bound_dev_if = index;
510 sk_dst_reset(sk);
511 release_sock(sk);
512
513 ret = 0;
514
515out:
516#endif
517
518 return ret;
519}
520
c0ef877b
PE		 521static inline void sock_valbool_flag(struct sock *sk, int bit, int valbool)
522{
523 if (valbool)
524 sock_set_flag(sk, bit);
525 else
526 sock_reset_flag(sk, bit);
527}
528
1da177e4
LT		 529/*
530 * This is meant for all protocols to use and covers goings on
531 * at the socket level. Everything here is generic.
532 */
533
534int sock_setsockopt(struct socket *sock, int level, int optname,
b7058842 535 char __user *optval, unsigned int optlen)
1da177e4 536{
2a91525c 537 struct sock *sk = sock->sk;
1da177e4
LT		 538 int val;
539 int valbool;
540 struct linger ling;
541 int ret = 0;
4ec93edb 542
1da177e4
LT		 543 /*
544 * Options without arguments
545 */
546
4878809f
DM		 547 if (optname == SO_BINDTODEVICE)
548 return sock_bindtodevice(sk, optval, optlen);
549
e71a4783
SH		 550 if (optlen < sizeof(int))
551 return -EINVAL;
4ec93edb 552
1da177e4
LT		 553 if (get_user(val, (int __user *)optval))
554 return -EFAULT;
4ec93edb 555
2a91525c 556 valbool = val ? 1 : 0;
1da177e4
LT		 557
558 lock_sock(sk);
559
2a91525c 560 switch (optname) {
e71a4783 561 case SO_DEBUG:
2a91525c 562 if (val && !capable(CAP_NET_ADMIN))
e71a4783 563 ret = -EACCES;
2a91525c 564 else
c0ef877b 565 sock_valbool_flag(sk, SOCK_DBG, valbool);
e71a4783
SH		 566 break;
567 case SO_REUSEADDR:
4a17fd52 568 sk->sk_reuse = (valbool ? SK_CAN_REUSE : SK_NO_REUSE);
e71a4783
SH		 569 break;
570 case SO_TYPE:
49c794e9 571 case SO_PROTOCOL:
0d6038ee 572 case SO_DOMAIN:
e71a4783
SH		 573 case SO_ERROR:
574 ret = -ENOPROTOOPT;
575 break;
576 case SO_DONTROUTE:
c0ef877b 577 sock_valbool_flag(sk, SOCK_LOCALROUTE, valbool);
e71a4783
SH		 578 break;
579 case SO_BROADCAST:
580 sock_valbool_flag(sk, SOCK_BROADCAST, valbool);
581 break;
582 case SO_SNDBUF:
583 /* Don't error on this BSD doesn't and if you think
82981930
ED		 584 * about it this is right. Otherwise apps have to
585 * play 'guess the biggest size' games. RCVBUF/SNDBUF
586 * are treated in BSD as hints
587 */
588 val = min_t(u32, val, sysctl_wmem_max);
b0573dea 589set_sndbuf:
e71a4783 590 sk->sk_userlocks |= SOCK_SNDBUF_LOCK;
82981930
ED		 591 sk->sk_sndbuf = max_t(u32, val * 2, SOCK_MIN_SNDBUF);
592 /* Wake up sending tasks if we upped the value. */
e71a4783
SH		 593 sk->sk_write_space(sk);
594 break;
1da177e4 595
e71a4783
SH		 596 case SO_SNDBUFFORCE:
597 if (!capable(CAP_NET_ADMIN)) {
598 ret = -EPERM;
599 break;
600 }
601 goto set_sndbuf;
b0573dea 602
e71a4783
SH		 603 case SO_RCVBUF:
604 /* Don't error on this BSD doesn't and if you think
82981930
ED		 605 * about it this is right. Otherwise apps have to
606 * play 'guess the biggest size' games. RCVBUF/SNDBUF
607 * are treated in BSD as hints
608 */
609 val = min_t(u32, val, sysctl_rmem_max);
b0573dea 610set_rcvbuf:
e71a4783
SH		 611 sk->sk_userlocks |= SOCK_RCVBUF_LOCK;
612 /*
613 * We double it on the way in to account for
614 * "struct sk_buff" etc. overhead. Applications
615 * assume that the SO_RCVBUF setting they make will
616 * allow that much actual data to be received on that
617 * socket.
618 *
619 * Applications are unaware that "struct sk_buff" and
620 * other overheads allocate from the receive buffer
621 * during socket buffer allocation.
622 *
623 * And after considering the possible alternatives,
624 * returning the value we actually used in getsockopt
625 * is the most desirable behavior.
626 */
82981930 627 sk->sk_rcvbuf = max_t(u32, val * 2, SOCK_MIN_RCVBUF);
e71a4783
SH		 628 break;
629
630 case SO_RCVBUFFORCE:
631 if (!capable(CAP_NET_ADMIN)) {
632 ret = -EPERM;
1da177e4 633 break;
e71a4783
SH		 634 }
635 goto set_rcvbuf;
1da177e4 636
e71a4783 637 case SO_KEEPALIVE:
1da177e4 638#ifdef CONFIG_INET
e71a4783
SH		 639 if (sk->sk_protocol == IPPROTO_TCP)
640 tcp_set_keepalive(sk, valbool);
1da177e4 641#endif
e71a4783
SH		 642 sock_valbool_flag(sk, SOCK_KEEPOPEN, valbool);
643 break;
644
645 case SO_OOBINLINE:
646 sock_valbool_flag(sk, SOCK_URGINLINE, valbool);
647 break;
648
649 case SO_NO_CHECK:
650 sk->sk_no_check = valbool;
651 break;
652
653 case SO_PRIORITY:
654 if ((val >= 0 && val <= 6) || capable(CAP_NET_ADMIN))
655 sk->sk_priority = val;
656 else
657 ret = -EPERM;
658 break;
659
660 case SO_LINGER:
661 if (optlen < sizeof(ling)) {
662 ret = -EINVAL; /* 1003.1g */
1da177e4 663 break;
e71a4783 664 }
2a91525c 665 if (copy_from_user(&ling, optval, sizeof(ling))) {
e71a4783 666 ret = -EFAULT;
1da177e4 667 break;
e71a4783
SH		 668 }
669 if (!ling.l_onoff)
670 sock_reset_flag(sk, SOCK_LINGER);
671 else {
1da177e4 672#if (BITS_PER_LONG == 32)
e71a4783
SH		 673 if ((unsigned int)ling.l_linger >= MAX_SCHEDULE_TIMEOUT/HZ)
674 sk->sk_lingertime = MAX_SCHEDULE_TIMEOUT;
1da177e4 675 else
e71a4783
SH		 676#endif
677 sk->sk_lingertime = (unsigned int)ling.l_linger * HZ;
678 sock_set_flag(sk, SOCK_LINGER);
679 }
680 break;
681
682 case SO_BSDCOMPAT:
683 sock_warn_obsolete_bsdism("setsockopt");
684 break;
685
686 case SO_PASSCRED:
687 if (valbool)
688 set_bit(SOCK_PASSCRED, &sock->flags);
689 else
690 clear_bit(SOCK_PASSCRED, &sock->flags);
691 break;
692
693 case SO_TIMESTAMP:
92f37fd2 694 case SO_TIMESTAMPNS:
e71a4783 695 if (valbool) {
92f37fd2
ED		 696 if (optname == SO_TIMESTAMP)
697 sock_reset_flag(sk, SOCK_RCVTSTAMPNS);
698 else
699 sock_set_flag(sk, SOCK_RCVTSTAMPNS);
e71a4783 700 sock_set_flag(sk, SOCK_RCVTSTAMP);
20d49473 701 sock_enable_timestamp(sk, SOCK_TIMESTAMP);
92f37fd2 702 } else {
e71a4783 703 sock_reset_flag(sk, SOCK_RCVTSTAMP);
92f37fd2
ED		 704 sock_reset_flag(sk, SOCK_RCVTSTAMPNS);
705 }
e71a4783
SH		 706 break;
707
20d49473
PO		 708 case SO_TIMESTAMPING:
709 if (val & ~SOF_TIMESTAMPING_MASK) {
f249fb78 710 ret = -EINVAL;
20d49473
PO		 711 break;
712 }
713 sock_valbool_flag(sk, SOCK_TIMESTAMPING_TX_HARDWARE,
714 val & SOF_TIMESTAMPING_TX_HARDWARE);
715 sock_valbool_flag(sk, SOCK_TIMESTAMPING_TX_SOFTWARE,
716 val & SOF_TIMESTAMPING_TX_SOFTWARE);
717 sock_valbool_flag(sk, SOCK_TIMESTAMPING_RX_HARDWARE,
718 val & SOF_TIMESTAMPING_RX_HARDWARE);
719 if (val & SOF_TIMESTAMPING_RX_SOFTWARE)
720 sock_enable_timestamp(sk,
721 SOCK_TIMESTAMPING_RX_SOFTWARE);
722 else
723 sock_disable_timestamp(sk,
08e29af3 724 (1UL << SOCK_TIMESTAMPING_RX_SOFTWARE));
20d49473
PO		 725 sock_valbool_flag(sk, SOCK_TIMESTAMPING_SOFTWARE,
726 val & SOF_TIMESTAMPING_SOFTWARE);
727 sock_valbool_flag(sk, SOCK_TIMESTAMPING_SYS_HARDWARE,
728 val & SOF_TIMESTAMPING_SYS_HARDWARE);
729 sock_valbool_flag(sk, SOCK_TIMESTAMPING_RAW_HARDWARE,
730 val & SOF_TIMESTAMPING_RAW_HARDWARE);
731 break;
732
e71a4783
SH		 733 case SO_RCVLOWAT:
734 if (val < 0)
735 val = INT_MAX;
736 sk->sk_rcvlowat = val ? : 1;
737 break;
738
739 case SO_RCVTIMEO:
740 ret = sock_set_timeout(&sk->sk_rcvtimeo, optval, optlen);
741 break;
742
743 case SO_SNDTIMEO:
744 ret = sock_set_timeout(&sk->sk_sndtimeo, optval, optlen);
745 break;
1da177e4 746
e71a4783
SH		 747 case SO_ATTACH_FILTER:
748 ret = -EINVAL;
749 if (optlen == sizeof(struct sock_fprog)) {
750 struct sock_fprog fprog;
1da177e4 751
e71a4783
SH		 752 ret = -EFAULT;
753 if (copy_from_user(&fprog, optval, sizeof(fprog)))
1da177e4 754 break;
e71a4783
SH		 755
756 ret = sk_attach_filter(&fprog, sk);
757 }
758 break;
759
760 case SO_DETACH_FILTER:
55b33325 761 ret = sk_detach_filter(sk);
e71a4783 762 break;
1da177e4 763
e71a4783
SH		 764 case SO_PASSSEC:
765 if (valbool)
766 set_bit(SOCK_PASSSEC, &sock->flags);
767 else
768 clear_bit(SOCK_PASSSEC, &sock->flags);
769 break;
4a19ec58
LAT		 770 case SO_MARK:
771 if (!capable(CAP_NET_ADMIN))
772 ret = -EPERM;
2a91525c 773 else
4a19ec58 774 sk->sk_mark = val;
4a19ec58 775 break;
877ce7c1 776
1da177e4
LT		 777 /* We implement the SO_SNDLOWAT etc to
778 not be settable (1003.1g 5.3) */
3b885787 779 case SO_RXQ_OVFL:
8083f0fc 780 sock_valbool_flag(sk, SOCK_RXQ_OVFL, valbool);
3b885787 781 break;
6e3e939f
JB		 782
783 case SO_WIFI_STATUS:
784 sock_valbool_flag(sk, SOCK_WIFI_STATUS, valbool);
785 break;
786
ef64a54f
PE		 787 case SO_PEEK_OFF:
788 if (sock->ops->set_peek_off)
789 sock->ops->set_peek_off(sk, val);
790 else
791 ret = -EOPNOTSUPP;
792 break;
3bdc0eba
BG		 793
794 case SO_NOFCS:
795 sock_valbool_flag(sk, SOCK_NOFCS, valbool);
796 break;
797
e71a4783
SH		 798 default:
799 ret = -ENOPROTOOPT;
800 break;
4ec93edb 801 }
1da177e4
LT		 802 release_sock(sk);
803 return ret;
804}
2a91525c 805EXPORT_SYMBOL(sock_setsockopt);
1da177e4
LT		 806
807
3f551f94
EB		 808void cred_to_ucred(struct pid *pid, const struct cred *cred,
809 struct ucred *ucred)
810{
811 ucred->pid = pid_vnr(pid);
812 ucred->uid = ucred->gid = -1;
813 if (cred) {
814 struct user_namespace *current_ns = current_user_ns();
815
76b6db01
EB		 816 ucred->uid = from_kuid(current_ns, cred->euid);
817 ucred->gid = from_kgid(current_ns, cred->egid);
3f551f94
EB		 818 }
819}
3924773a 820EXPORT_SYMBOL_GPL(cred_to_ucred);
3f551f94 821
1da177e4
LT		 822int sock_getsockopt(struct socket *sock, int level, int optname,
823 char __user *optval, int __user *optlen)
824{
825 struct sock *sk = sock->sk;
4ec93edb 826
e71a4783 827 union {
4ec93edb
YH		 828 int val;
829 struct linger ling;
1da177e4
LT		 830 struct timeval tm;
831 } v;
4ec93edb 832
4d0392be 833 int lv = sizeof(int);
1da177e4 834 int len;
4ec93edb 835
e71a4783 836 if (get_user(len, optlen))
4ec93edb 837 return -EFAULT;
e71a4783 838 if (len < 0)
1da177e4 839 return -EINVAL;
4ec93edb 840
50fee1de 841 memset(&v, 0, sizeof(v));
df0bca04 842
2a91525c 843 switch (optname) {
e71a4783
SH		 844 case SO_DEBUG:
845 v.val = sock_flag(sk, SOCK_DBG);
846 break;
847
848 case SO_DONTROUTE:
849 v.val = sock_flag(sk, SOCK_LOCALROUTE);
850 break;
851
852 case SO_BROADCAST:
1b23a5df 853 v.val = sock_flag(sk, SOCK_BROADCAST);
e71a4783
SH		 854 break;
855
856 case SO_SNDBUF:
857 v.val = sk->sk_sndbuf;
858 break;
859
860 case SO_RCVBUF:
861 v.val = sk->sk_rcvbuf;
862 break;
863
864 case SO_REUSEADDR:
865 v.val = sk->sk_reuse;
866 break;
867
868 case SO_KEEPALIVE:
1b23a5df 869 v.val = sock_flag(sk, SOCK_KEEPOPEN);
e71a4783
SH		 870 break;
871
872 case SO_TYPE:
873 v.val = sk->sk_type;
874 break;
875
49c794e9
JE		 876 case SO_PROTOCOL:
877 v.val = sk->sk_protocol;
878 break;
879
0d6038ee
JE		 880 case SO_DOMAIN:
881 v.val = sk->sk_family;
882 break;
883
e71a4783
SH		 884 case SO_ERROR:
885 v.val = -sock_error(sk);
2a91525c 886 if (v.val == 0)
e71a4783
SH		 887 v.val = xchg(&sk->sk_err_soft, 0);
888 break;
889
890 case SO_OOBINLINE:
1b23a5df 891 v.val = sock_flag(sk, SOCK_URGINLINE);
e71a4783
SH		 892 break;
893
894 case SO_NO_CHECK:
895 v.val = sk->sk_no_check;
896 break;
897
898 case SO_PRIORITY:
899 v.val = sk->sk_priority;
900 break;
901
902 case SO_LINGER:
903 lv = sizeof(v.ling);
1b23a5df 904 v.ling.l_onoff = sock_flag(sk, SOCK_LINGER);
e71a4783
SH		 905 v.ling.l_linger = sk->sk_lingertime / HZ;
906 break;
907
908 case SO_BSDCOMPAT:
909 sock_warn_obsolete_bsdism("getsockopt");
910 break;
911
912 case SO_TIMESTAMP:
92f37fd2
ED		 913 v.val = sock_flag(sk, SOCK_RCVTSTAMP) &&
914 !sock_flag(sk, SOCK_RCVTSTAMPNS);
915 break;
916
917 case SO_TIMESTAMPNS:
918 v.val = sock_flag(sk, SOCK_RCVTSTAMPNS);
e71a4783
SH		 919 break;
920
20d49473
PO		 921 case SO_TIMESTAMPING:
922 v.val = 0;
923 if (sock_flag(sk, SOCK_TIMESTAMPING_TX_HARDWARE))
924 v.val |= SOF_TIMESTAMPING_TX_HARDWARE;
925 if (sock_flag(sk, SOCK_TIMESTAMPING_TX_SOFTWARE))
926 v.val |= SOF_TIMESTAMPING_TX_SOFTWARE;
927 if (sock_flag(sk, SOCK_TIMESTAMPING_RX_HARDWARE))
928 v.val |= SOF_TIMESTAMPING_RX_HARDWARE;
929 if (sock_flag(sk, SOCK_TIMESTAMPING_RX_SOFTWARE))
930 v.val |= SOF_TIMESTAMPING_RX_SOFTWARE;
931 if (sock_flag(sk, SOCK_TIMESTAMPING_SOFTWARE))
932 v.val |= SOF_TIMESTAMPING_SOFTWARE;
933 if (sock_flag(sk, SOCK_TIMESTAMPING_SYS_HARDWARE))
934 v.val |= SOF_TIMESTAMPING_SYS_HARDWARE;
935 if (sock_flag(sk, SOCK_TIMESTAMPING_RAW_HARDWARE))
936 v.val |= SOF_TIMESTAMPING_RAW_HARDWARE;
937 break;
938
e71a4783 939 case SO_RCVTIMEO:
2a91525c 940 lv = sizeof(struct timeval);
e71a4783
SH		 941 if (sk->sk_rcvtimeo == MAX_SCHEDULE_TIMEOUT) {
942 v.tm.tv_sec = 0;
943 v.tm.tv_usec = 0;
944 } else {
945 v.tm.tv_sec = sk->sk_rcvtimeo / HZ;
946 v.tm.tv_usec = ((sk->sk_rcvtimeo % HZ) * 1000000) / HZ;
947 }
948 break;
949
950 case SO_SNDTIMEO:
2a91525c 951 lv = sizeof(struct timeval);
e71a4783
SH		 952 if (sk->sk_sndtimeo == MAX_SCHEDULE_TIMEOUT) {
953 v.tm.tv_sec = 0;
954 v.tm.tv_usec = 0;
955 } else {
956 v.tm.tv_sec = sk->sk_sndtimeo / HZ;
957 v.tm.tv_usec = ((sk->sk_sndtimeo % HZ) * 1000000) / HZ;
958 }
959 break;
1da177e4 960
e71a4783
SH		 961 case SO_RCVLOWAT:
962 v.val = sk->sk_rcvlowat;
963 break;
1da177e4 964
e71a4783 965 case SO_SNDLOWAT:
2a91525c 966 v.val = 1;
e71a4783 967 break;
1da177e4 968
e71a4783 969 case SO_PASSCRED:
82981930 970 v.val = !!test_bit(SOCK_PASSCRED, &sock->flags);
e71a4783 971 break;
1da177e4 972
e71a4783 973 case SO_PEERCRED:
109f6e39
EB		 974 {
975 struct ucred peercred;
976 if (len > sizeof(peercred))
977 len = sizeof(peercred);
978 cred_to_ucred(sk->sk_peer_pid, sk->sk_peer_cred, &peercred);
979 if (copy_to_user(optval, &peercred, len))
e71a4783
SH		 980 return -EFAULT;
981 goto lenout;
109f6e39 982 }
1da177e4 983
e71a4783
SH		 984 case SO_PEERNAME:
985 {
986 char address[128];
987
988 if (sock->ops->getname(sock, (struct sockaddr *)address, &lv, 2))
989 return -ENOTCONN;
990 if (lv < len)
991 return -EINVAL;
992 if (copy_to_user(optval, address, len))
993 return -EFAULT;
994 goto lenout;
995 }
1da177e4 996
e71a4783
SH		 997 /* Dubious BSD thing... Probably nobody even uses it, but
998 * the UNIX standard wants it for whatever reason... -DaveM
999 */
1000 case SO_ACCEPTCONN:
1001 v.val = sk->sk_state == TCP_LISTEN;
1002 break;
1da177e4 1003
e71a4783 1004 case SO_PASSSEC:
82981930 1005 v.val = !!test_bit(SOCK_PASSSEC, &sock->flags);
e71a4783 1006 break;
877ce7c1 1007
e71a4783
SH		 1008 case SO_PEERSEC:
1009 return security_socket_getpeersec_stream(sock, optval, optlen, len);
1da177e4 1010
4a19ec58
LAT		 1011 case SO_MARK:
1012 v.val = sk->sk_mark;
1013 break;
1014
3b885787 1015 case SO_RXQ_OVFL:
1b23a5df 1016 v.val = sock_flag(sk, SOCK_RXQ_OVFL);
3b885787
NH		 1017 break;
1018
6e3e939f 1019 case SO_WIFI_STATUS:
1b23a5df 1020 v.val = sock_flag(sk, SOCK_WIFI_STATUS);
6e3e939f
JB		 1021 break;
1022
ef64a54f
PE		 1023 case SO_PEEK_OFF:
1024 if (!sock->ops->set_peek_off)
1025 return -EOPNOTSUPP;
1026
1027 v.val = sk->sk_peek_off;
1028 break;
bc2f7996 1029 case SO_NOFCS:
1b23a5df 1030 v.val = sock_flag(sk, SOCK_NOFCS);
bc2f7996 1031 break;
e71a4783
SH		 1032 default:
1033 return -ENOPROTOOPT;
1da177e4 1034 }
e71a4783 1035
1da177e4
LT		 1036 if (len > lv)
1037 len = lv;
1038 if (copy_to_user(optval, &v, len))
1039 return -EFAULT;
1040lenout:
4ec93edb
YH		 1041 if (put_user(len, optlen))
1042 return -EFAULT;
1043 return 0;
1da177e4
LT		 1044}
1045
a5b5bb9a
IM		 1046/*
1047 * Initialize an sk_lock.
1048 *
1049 * (We also register the sk_lock with the lock validator.)
1050 */
b6f99a21 1051static inline void sock_lock_init(struct sock *sk)
a5b5bb9a 1052{
ed07536e
PZ		 1053 sock_lock_init_class_and_name(sk,
1054 af_family_slock_key_strings[sk->sk_family],
1055 af_family_slock_keys + sk->sk_family,
1056 af_family_key_strings[sk->sk_family],
1057 af_family_keys + sk->sk_family);
a5b5bb9a
IM		 1058}
1059
4dc6dc71
ED		 1060/*
1061 * Copy all fields from osk to nsk but nsk->sk_refcnt must not change yet,
1062 * even temporarly, because of RCU lookups. sk_node should also be left as is.
68835aba 1063 * We must not copy fields between sk_dontcopy_begin and sk_dontcopy_end
4dc6dc71 1064 */
f1a6c4da
PE		 1065static void sock_copy(struct sock *nsk, const struct sock *osk)
1066{
1067#ifdef CONFIG_SECURITY_NETWORK
1068 void *sptr = nsk->sk_security;
1069#endif
68835aba
ED		 1070 memcpy(nsk, osk, offsetof(struct sock, sk_dontcopy_begin));
1071
1072 memcpy(&nsk->sk_dontcopy_end, &osk->sk_dontcopy_end,
1073 osk->sk_prot->obj_size - offsetof(struct sock, sk_dontcopy_end));
1074
f1a6c4da
PE		 1075#ifdef CONFIG_SECURITY_NETWORK
1076 nsk->sk_security = sptr;
1077 security_sk_clone(osk, nsk);
1078#endif
1079}
1080
fcbdf09d
OP		 1081/*
1082 * caches using SLAB_DESTROY_BY_RCU should let .next pointer from nulls nodes
1083 * un-modified. Special care is taken when initializing object to zero.
1084 */
1085static inline void sk_prot_clear_nulls(struct sock *sk, int size)
1086{
1087 if (offsetof(struct sock, sk_node.next) != 0)
1088 memset(sk, 0, offsetof(struct sock, sk_node.next));
1089 memset(&sk->sk_node.pprev, 0,
1090 size - offsetof(struct sock, sk_node.pprev));
1091}
1092
1093void sk_prot_clear_portaddr_nulls(struct sock *sk, int size)
1094{
1095 unsigned long nulls1, nulls2;
1096
1097 nulls1 = offsetof(struct sock, __sk_common.skc_node.next);
1098 nulls2 = offsetof(struct sock, __sk_common.skc_portaddr_node.next);
1099 if (nulls1 > nulls2)
1100 swap(nulls1, nulls2);
1101
1102 if (nulls1 != 0)
1103 memset((char *)sk, 0, nulls1);
1104 memset((char *)sk + nulls1 + sizeof(void *), 0,
1105 nulls2 - nulls1 - sizeof(void *));
1106 memset((char *)sk + nulls2 + sizeof(void *), 0,
1107 size - nulls2 - sizeof(void *));
1108}
1109EXPORT_SYMBOL(sk_prot_clear_portaddr_nulls);
1110
2e4afe7b
PE		 1111static struct sock *sk_prot_alloc(struct proto *prot, gfp_t priority,
1112 int family)
c308c1b2
PE		 1113{
1114 struct sock *sk;
1115 struct kmem_cache *slab;
1116
1117 slab = prot->slab;
e912b114
ED		 1118 if (slab != NULL) {
1119 sk = kmem_cache_alloc(slab, priority & ~__GFP_ZERO);
1120 if (!sk)
1121 return sk;
1122 if (priority & __GFP_ZERO) {
fcbdf09d
OP		 1123 if (prot->clear_sk)
1124 prot->clear_sk(sk, prot->obj_size);
1125 else
1126 sk_prot_clear_nulls(sk, prot->obj_size);
e912b114 1127 }
fcbdf09d 1128 } else
c308c1b2
PE		 1129 sk = kmalloc(prot->obj_size, priority);
1130
2e4afe7b 1131 if (sk != NULL) {
a98b65a3
VN		 1132 kmemcheck_annotate_bitfield(sk, flags);
1133
2e4afe7b
PE		 1134 if (security_sk_alloc(sk, family, priority))
1135 goto out_free;
1136
1137 if (!try_module_get(prot->owner))
1138 goto out_free_sec;
e022f0b4 1139 sk_tx_queue_clear(sk);
2e4afe7b
PE		 1140 }
1141
c308c1b2 1142 return sk;
2e4afe7b
PE		 1143
1144out_free_sec:
1145 security_sk_free(sk);
1146out_free:
1147 if (slab != NULL)
1148 kmem_cache_free(slab, sk);
1149 else
1150 kfree(sk);
1151 return NULL;
c308c1b2
PE		 1152}
1153
1154static void sk_prot_free(struct proto *prot, struct sock *sk)
1155{
1156 struct kmem_cache *slab;
2e4afe7b 1157 struct module *owner;
c308c1b2 1158
2e4afe7b 1159 owner = prot->owner;
c308c1b2 1160 slab = prot->slab;
2e4afe7b
PE		 1161
1162 security_sk_free(sk);
c308c1b2
PE		 1163 if (slab != NULL)
1164 kmem_cache_free(slab, sk);
1165 else
1166 kfree(sk);
2e4afe7b 1167 module_put(owner);
c308c1b2
PE		 1168}
1169
f8451725
HX		 1170#ifdef CONFIG_CGROUPS
1171void sock_update_classid(struct sock *sk)
1172{
1144182a 1173 u32 classid;
f8451725 1174
1144182a
PM		 1175 rcu_read_lock(); /* doing current task, which cannot vanish. */
1176 classid = task_cls_classid(current);
1177 rcu_read_unlock();
f8451725
HX		 1178 if (classid && classid != sk->sk_classid)
1179 sk->sk_classid = classid;
1180}
82862742 1181EXPORT_SYMBOL(sock_update_classid);
5bc1421e
NH		 1182
1183void sock_update_netprioidx(struct sock *sk)
1184{
5bc1421e
NH		 1185 if (in_interrupt())
1186 return;
2b73bc65
NH		 1187
1188 sk->sk_cgrp_prioidx = task_netprioidx(current);
5bc1421e
NH		 1189}
1190EXPORT_SYMBOL_GPL(sock_update_netprioidx);
f8451725
HX		 1191#endif
1192
1da177e4
LT		 1193/**
1194 * sk_alloc - All socket objects are allocated here
c4ea43c5 1195 * @net: the applicable net namespace
4dc3b16b
PP		 1196 * @family: protocol family
1197 * @priority: for allocation (%GFP_KERNEL, %GFP_ATOMIC, etc)
1198 * @prot: struct proto associated with this new sock instance
1da177e4 1199 */
1b8d7ae4 1200struct sock *sk_alloc(struct net *net, int family, gfp_t priority,
6257ff21 1201 struct proto *prot)
1da177e4 1202{
c308c1b2 1203 struct sock *sk;
1da177e4 1204
154adbc8 1205 sk = sk_prot_alloc(prot, priority | __GFP_ZERO, family);
1da177e4 1206 if (sk) {
154adbc8
PE		 1207 sk->sk_family = family;
1208 /*
1209 * See comment in struct sock definition to understand
1210 * why we need sk_prot_creator -acme
1211 */
1212 sk->sk_prot = sk->sk_prot_creator = prot;
1213 sock_lock_init(sk);
3b1e0a65 1214 sock_net_set(sk, get_net(net));
d66ee058 1215 atomic_set(&sk->sk_wmem_alloc, 1);
f8451725
HX		 1216
1217 sock_update_classid(sk);
5bc1421e 1218 sock_update_netprioidx(sk);
1da177e4 1219 }
a79af59e 1220
2e4afe7b 1221 return sk;
1da177e4 1222}
2a91525c 1223EXPORT_SYMBOL(sk_alloc);
1da177e4 1224
2b85a34e 1225static void __sk_free(struct sock *sk)
1da177e4
LT		 1226{
1227 struct sk_filter *filter;
1da177e4
LT		 1228
1229 if (sk->sk_destruct)
1230 sk->sk_destruct(sk);
1231
a898def2
PM		 1232 filter = rcu_dereference_check(sk->sk_filter,
1233 atomic_read(&sk->sk_wmem_alloc) == 0);
1da177e4 1234 if (filter) {
309dd5fc 1235 sk_filter_uncharge(sk, filter);
a9b3cd7f 1236 RCU_INIT_POINTER(sk->sk_filter, NULL);
1da177e4
LT		 1237 }
1238
08e29af3 1239 sock_disable_timestamp(sk, SK_FLAGS_TIMESTAMP);
1da177e4
LT		 1240
1241 if (atomic_read(&sk->sk_omem_alloc))
e005d193
JP		 1242 pr_debug("%s: optmem leakage (%d bytes) detected\n",
1243 __func__, atomic_read(&sk->sk_omem_alloc));
1da177e4 1244
109f6e39
EB		 1245 if (sk->sk_peer_cred)
1246 put_cred(sk->sk_peer_cred);
1247 put_pid(sk->sk_peer_pid);
3b1e0a65 1248 put_net(sock_net(sk));
c308c1b2 1249 sk_prot_free(sk->sk_prot_creator, sk);
1da177e4 1250}
2b85a34e
ED		 1251
1252void sk_free(struct sock *sk)
1253{
1254 /*
25985edc 1255 * We subtract one from sk_wmem_alloc and can know if
2b85a34e
ED		 1256 * some packets are still in some tx queue.
1257 * If not null, sock_wfree() will call __sk_free(sk) later
1258 */
1259 if (atomic_dec_and_test(&sk->sk_wmem_alloc))
1260 __sk_free(sk);
1261}
2a91525c 1262EXPORT_SYMBOL(sk_free);
1da177e4 1263
edf02087 1264/*
25985edc
LDM		 1265 * Last sock_put should drop reference to sk->sk_net. It has already
1266 * been dropped in sk_change_net. Taking reference to stopping namespace
edf02087 1267 * is not an option.
25985edc 1268 * Take reference to a socket to remove it from hash _alive_ and after that
edf02087
DL		 1269 * destroy it in the context of init_net.
1270 */
1271void sk_release_kernel(struct sock *sk)
1272{
1273 if (sk == NULL || sk->sk_socket == NULL)
1274 return;
1275
1276 sock_hold(sk);
1277 sock_release(sk->sk_socket);
65a18ec5 1278 release_net(sock_net(sk));
3b1e0a65 1279 sock_net_set(sk, get_net(&init_net));
edf02087
DL		 1280 sock_put(sk);
1281}
45af1754 1282EXPORT_SYMBOL(sk_release_kernel);
edf02087 1283
475f1b52
SR		 1284static void sk_update_clone(const struct sock *sk, struct sock *newsk)
1285{
1286 if (mem_cgroup_sockets_enabled && sk->sk_cgrp)
1287 sock_update_memcg(newsk);
1288}
1289
e56c57d0
ED		 1290/**
1291 * sk_clone_lock - clone a socket, and lock its clone
1292 * @sk: the socket to clone
1293 * @priority: for allocation (%GFP_KERNEL, %GFP_ATOMIC, etc)
1294 *
1295 * Caller must unlock socket even in error path (bh_unlock_sock(newsk))
1296 */
1297struct sock *sk_clone_lock(const struct sock *sk, const gfp_t priority)
87d11ceb 1298{
8fd1d178 1299 struct sock *newsk;
87d11ceb 1300
8fd1d178 1301 newsk = sk_prot_alloc(sk->sk_prot, priority, sk->sk_family);
87d11ceb
ACM		 1302 if (newsk != NULL) {
1303 struct sk_filter *filter;
1304
892c141e 1305 sock_copy(newsk, sk);
87d11ceb
ACM		 1306
1307 /* SANITY */
3b1e0a65 1308 get_net(sock_net(newsk));
87d11ceb
ACM		 1309 sk_node_init(&newsk->sk_node);
1310 sock_lock_init(newsk);
1311 bh_lock_sock(newsk);
fa438ccf 1312 newsk->sk_backlog.head = newsk->sk_backlog.tail = NULL;
8eae939f 1313 newsk->sk_backlog.len = 0;
87d11ceb
ACM		 1314
1315 atomic_set(&newsk->sk_rmem_alloc, 0);
2b85a34e
ED		 1316 /*
1317 * sk_wmem_alloc set to one (see sk_free() and sock_wfree())
1318 */
1319 atomic_set(&newsk->sk_wmem_alloc, 1);
87d11ceb
ACM		 1320 atomic_set(&newsk->sk_omem_alloc, 0);
1321 skb_queue_head_init(&newsk->sk_receive_queue);
1322 skb_queue_head_init(&newsk->sk_write_queue);
97fc2f08
CL		 1323#ifdef CONFIG_NET_DMA
1324 skb_queue_head_init(&newsk->sk_async_wait_queue);
1325#endif
87d11ceb 1326
b6c6712a 1327 spin_lock_init(&newsk->sk_dst_lock);
87d11ceb 1328 rwlock_init(&newsk->sk_callback_lock);
443aef0e
PZ		 1329 lockdep_set_class_and_name(&newsk->sk_callback_lock,
1330 af_callback_keys + newsk->sk_family,
1331 af_family_clock_key_strings[newsk->sk_family]);
87d11ceb
ACM		 1332
1333 newsk->sk_dst_cache = NULL;
1334 newsk->sk_wmem_queued = 0;
1335 newsk->sk_forward_alloc = 0;
1336 newsk->sk_send_head = NULL;
87d11ceb
ACM		 1337 newsk->sk_userlocks = sk->sk_userlocks & ~SOCK_BINDPORT_LOCK;
1338
1339 sock_reset_flag(newsk, SOCK_DONE);
1340 skb_queue_head_init(&newsk->sk_error_queue);
1341
0d7da9dd 1342 filter = rcu_dereference_protected(newsk->sk_filter, 1);
87d11ceb
ACM		 1343 if (filter != NULL)
1344 sk_filter_charge(newsk, filter);
1345
1346 if (unlikely(xfrm_sk_clone_policy(newsk))) {
1347 /* It is still raw copy of parent, so invalidate
1348 * destructor and make plain sk_free() */
1349 newsk->sk_destruct = NULL;
b0691c8e 1350 bh_unlock_sock(newsk);
87d11ceb
ACM		 1351 sk_free(newsk);
1352 newsk = NULL;
1353 goto out;
1354 }
1355
1356 newsk->sk_err = 0;
1357 newsk->sk_priority = 0;
4dc6dc71
ED		 1358 /*
1359 * Before updating sk_refcnt, we must commit prior changes to memory
1360 * (Documentation/RCU/rculist_nulls.txt for details)
1361 */
1362 smp_wmb();
87d11ceb
ACM		 1363 atomic_set(&newsk->sk_refcnt, 2);
1364
1365 /*
1366 * Increment the counter in the same struct proto as the master
1367 * sock (sk_refcnt_debug_inc uses newsk->sk_prot->socks, that
1368 * is the same as sk->sk_prot->socks, as this field was copied
1369 * with memcpy).
1370 *
1371 * This _changes_ the previous behaviour, where
1372 * tcp_create_openreq_child always was incrementing the
1373 * equivalent to tcp_prot->socks (inet_sock_nr), so this have
1374 * to be taken into account in all callers. -acme
1375 */
1376 sk_refcnt_debug_inc(newsk);
972692e0 1377 sk_set_socket(newsk, NULL);
43815482 1378 newsk->sk_wq = NULL;
87d11ceb 1379
f3f511e1
GC		 1380 sk_update_clone(sk, newsk);
1381
87d11ceb 1382 if (newsk->sk_prot->sockets_allocated)
180d8cd9 1383 sk_sockets_allocated_inc(newsk);
704da560 1384
08e29af3 1385 if (newsk->sk_flags & SK_FLAGS_TIMESTAMP)
704da560 1386 net_enable_timestamp();
87d11ceb
ACM		 1387 }
1388out:
1389 return newsk;
1390}
e56c57d0 1391EXPORT_SYMBOL_GPL(sk_clone_lock);
87d11ceb 1392
9958089a
AK		 1393void sk_setup_caps(struct sock *sk, struct dst_entry *dst)
1394{
1395 __sk_dst_set(sk, dst);
1396 sk->sk_route_caps = dst->dev->features;
1397 if (sk->sk_route_caps & NETIF_F_GSO)
4fcd6b99 1398 sk->sk_route_caps |= NETIF_F_GSO_SOFTWARE;
a465419b 1399 sk->sk_route_caps &= ~sk->sk_route_nocaps;
9958089a 1400 if (sk_can_gso(sk)) {
82cc1a7a 1401 if (dst->header_len) {
9958089a 1402 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
82cc1a7a 1403 } else {
9958089a 1404 sk->sk_route_caps |= NETIF_F_SG | NETIF_F_HW_CSUM;
82cc1a7a
PWJ		 1405 sk->sk_gso_max_size = dst->dev->gso_max_size;
1406 }
9958089a
AK		 1407 }
1408}
1409EXPORT_SYMBOL_GPL(sk_setup_caps);
1410
1da177e4
LT		 1411void __init sk_init(void)
1412{
4481374c 1413 if (totalram_pages <= 4096) {
1da177e4
LT		 1414 sysctl_wmem_max = 32767;
1415 sysctl_rmem_max = 32767;
1416 sysctl_wmem_default = 32767;
1417 sysctl_rmem_default = 32767;
4481374c 1418 } else if (totalram_pages >= 131072) {
1da177e4
LT		 1419 sysctl_wmem_max = 131071;
1420 sysctl_rmem_max = 131071;
1421 }
1422}
1423
1424/*
1425 * Simple resource managers for sockets.
1426 */
1427
1428
4ec93edb
YH		 1429/*
1430 * Write buffer destructor automatically called from kfree_skb.
1da177e4
LT		 1431 */
1432void sock_wfree(struct sk_buff *skb)
1433{
1434 struct sock *sk = skb->sk;
d99927f4 1435 unsigned int len = skb->truesize;
1da177e4 1436
d99927f4
ED		 1437 if (!sock_flag(sk, SOCK_USE_WRITE_QUEUE)) {
1438 /*
1439 * Keep a reference on sk_wmem_alloc, this will be released
1440 * after sk_write_space() call
1441 */
1442 atomic_sub(len - 1, &sk->sk_wmem_alloc);
1da177e4 1443 sk->sk_write_space(sk);
d99927f4
ED		 1444 len = 1;
1445 }
2b85a34e 1446 /*
d99927f4
ED		 1447 * if sk_wmem_alloc reaches 0, we must finish what sk_free()
1448 * could not do because of in-flight packets
2b85a34e 1449 */
d99927f4 1450 if (atomic_sub_and_test(len, &sk->sk_wmem_alloc))
2b85a34e 1451 __sk_free(sk);
1da177e4 1452}
2a91525c 1453EXPORT_SYMBOL(sock_wfree);
1da177e4 1454
4ec93edb
YH		 1455/*
1456 * Read buffer destructor automatically called from kfree_skb.
1da177e4
LT		 1457 */
1458void sock_rfree(struct sk_buff *skb)
1459{
1460 struct sock *sk = skb->sk;
d361fd59 1461 unsigned int len = skb->truesize;
1da177e4 1462
d361fd59
ED		 1463 atomic_sub(len, &sk->sk_rmem_alloc);
1464 sk_mem_uncharge(sk, len);
1da177e4 1465}
2a91525c 1466EXPORT_SYMBOL(sock_rfree);
1da177e4 1467
41063e9d
DM		 1468void sock_edemux(struct sk_buff *skb)
1469{
1470 sock_put(skb->sk);
1471}
1472EXPORT_SYMBOL(sock_edemux);
1da177e4
LT		 1473
1474int sock_i_uid(struct sock *sk)
1475{
1476 int uid;
1477
f064af1e 1478 read_lock_bh(&sk->sk_callback_lock);
1da177e4 1479 uid = sk->sk_socket ? SOCK_INODE(sk->sk_socket)->i_uid : 0;
f064af1e 1480 read_unlock_bh(&sk->sk_callback_lock);
1da177e4
LT		 1481 return uid;
1482}
2a91525c 1483EXPORT_SYMBOL(sock_i_uid);
1da177e4
LT		 1484
1485unsigned long sock_i_ino(struct sock *sk)
1486{
1487 unsigned long ino;
1488
f064af1e 1489 read_lock_bh(&sk->sk_callback_lock);
1da177e4 1490 ino = sk->sk_socket ? SOCK_INODE(sk->sk_socket)->i_ino : 0;
f064af1e 1491 read_unlock_bh(&sk->sk_callback_lock);
1da177e4
LT		 1492 return ino;
1493}
2a91525c 1494EXPORT_SYMBOL(sock_i_ino);
1da177e4
LT		 1495
1496/*
1497 * Allocate a skb from the socket's send buffer.
1498 */
86a76caf 1499struct sk_buff *sock_wmalloc(struct sock *sk, unsigned long size, int force,
dd0fc66f 1500 gfp_t priority)
1da177e4
LT		 1501{
1502 if (force || atomic_read(&sk->sk_wmem_alloc) < sk->sk_sndbuf) {
2a91525c 1503 struct sk_buff *skb = alloc_skb(size, priority);
1da177e4
LT		 1504 if (skb) {
1505 skb_set_owner_w(skb, sk);
1506 return skb;
1507 }
1508 }
1509 return NULL;
1510}
2a91525c 1511EXPORT_SYMBOL(sock_wmalloc);
1da177e4
LT		 1512
1513/*
1514 * Allocate a skb from the socket's receive buffer.
4ec93edb 1515 */
86a76caf 1516struct sk_buff *sock_rmalloc(struct sock *sk, unsigned long size, int force,
dd0fc66f 1517 gfp_t priority)
1da177e4
LT		 1518{
1519 if (force || atomic_read(&sk->sk_rmem_alloc) < sk->sk_rcvbuf) {
1520 struct sk_buff *skb = alloc_skb(size, priority);
1521 if (skb) {
1522 skb_set_owner_r(skb, sk);
1523 return skb;
1524 }
1525 }
1526 return NULL;
1527}
1528
4ec93edb 1529/*
1da177e4 1530 * Allocate a memory block from the socket's option memory buffer.
4ec93edb 1531 */
dd0fc66f 1532void *sock_kmalloc(struct sock *sk, int size, gfp_t priority)
1da177e4 1533{
95c96174 1534 if ((unsigned int)size <= sysctl_optmem_max &&
1da177e4
LT		 1535 atomic_read(&sk->sk_omem_alloc) + size < sysctl_optmem_max) {
1536 void *mem;
1537 /* First do the add, to avoid the race if kmalloc
4ec93edb 1538 * might sleep.
1da177e4
LT		 1539 */
1540 atomic_add(size, &sk->sk_omem_alloc);
1541 mem = kmalloc(size, priority);
1542 if (mem)
1543 return mem;
1544 atomic_sub(size, &sk->sk_omem_alloc);
1545 }
1546 return NULL;
1547}
2a91525c 1548EXPORT_SYMBOL(sock_kmalloc);
1da177e4
LT		 1549
1550/*
1551 * Free an option memory block.
1552 */
1553void sock_kfree_s(struct sock *sk, void *mem, int size)
1554{
1555 kfree(mem);
1556 atomic_sub(size, &sk->sk_omem_alloc);
1557}
2a91525c 1558EXPORT_SYMBOL(sock_kfree_s);
1da177e4
LT		 1559
1560/* It is almost wait_for_tcp_memory minus release_sock/lock_sock.
1561 I think, these locks should be removed for datagram sockets.
1562 */
2a91525c 1563static long sock_wait_for_wmem(struct sock *sk, long timeo)
1da177e4
LT		 1564{
1565 DEFINE_WAIT(wait);
1566
1567 clear_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags);
1568 for (;;) {
1569 if (!timeo)
1570 break;
1571 if (signal_pending(current))
1572 break;
1573 set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
aa395145 1574 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1da177e4
LT		 1575 if (atomic_read(&sk->sk_wmem_alloc) < sk->sk_sndbuf)
1576 break;
1577 if (sk->sk_shutdown & SEND_SHUTDOWN)
1578 break;
1579 if (sk->sk_err)
1580 break;
1581 timeo = schedule_timeout(timeo);
1582 }
aa395145 1583 finish_wait(sk_sleep(sk), &wait);
1da177e4
LT		 1584 return timeo;
1585}
1586
1587
1588/*
1589 * Generic send/receive buffer handlers
1590 */
1591
4cc7f68d
HX		 1592struct sk_buff *sock_alloc_send_pskb(struct sock *sk, unsigned long header_len,
1593 unsigned long data_len, int noblock,
1594 int *errcode)
1da177e4
LT		 1595{
1596 struct sk_buff *skb;
7d877f3b 1597 gfp_t gfp_mask;
1da177e4
LT		 1598 long timeo;
1599 int err;
cc9b17ad
JW		 1600 int npages = (data_len + (PAGE_SIZE - 1)) >> PAGE_SHIFT;
1601
1602 err = -EMSGSIZE;
1603 if (npages > MAX_SKB_FRAGS)
1604 goto failure;
1da177e4
LT		 1605
1606 gfp_mask = sk->sk_allocation;
1607 if (gfp_mask & __GFP_WAIT)
1608 gfp_mask |= __GFP_REPEAT;
1609
1610 timeo = sock_sndtimeo(sk, noblock);
1611 while (1) {
1612 err = sock_error(sk);
1613 if (err != 0)
1614 goto failure;
1615
1616 err = -EPIPE;
1617 if (sk->sk_shutdown & SEND_SHUTDOWN)
1618 goto failure;
1619
1620 if (atomic_read(&sk->sk_wmem_alloc) < sk->sk_sndbuf) {
db38c179 1621 skb = alloc_skb(header_len, gfp_mask);
1da177e4 1622 if (skb) {
1da177e4
LT		 1623 int i;
1624
1625 /* No pages, we're done... */
1626 if (!data_len)
1627 break;
1628
1da177e4
LT		 1629 skb->truesize += data_len;
1630 skb_shinfo(skb)->nr_frags = npages;
1631 for (i = 0; i < npages; i++) {
1632 struct page *page;
1da177e4
LT		 1633
1634 page = alloc_pages(sk->sk_allocation, 0);
1635 if (!page) {
1636 err = -ENOBUFS;
1637 skb_shinfo(skb)->nr_frags = i;
1638 kfree_skb(skb);
1639 goto failure;
1640 }
1641
ea2ab693
IC		 1642 __skb_fill_page_desc(skb, i,
1643 page, 0,
1644 (data_len >= PAGE_SIZE ?
1645 PAGE_SIZE :
1646 data_len));
1da177e4
LT		 1647 data_len -= PAGE_SIZE;
1648 }
1649
1650 /* Full success... */
1651 break;
1652 }
1653 err = -ENOBUFS;
1654 goto failure;
1655 }
1656 set_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags);
1657 set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
1658 err = -EAGAIN;
1659 if (!timeo)
1660 goto failure;
1661 if (signal_pending(current))
1662 goto interrupted;
1663 timeo = sock_wait_for_wmem(sk, timeo);
1664 }
1665
1666 skb_set_owner_w(skb, sk);
1667 return skb;
1668
1669interrupted:
1670 err = sock_intr_errno(timeo);
1671failure:
1672 *errcode = err;
1673 return NULL;
1674}
4cc7f68d 1675EXPORT_SYMBOL(sock_alloc_send_pskb);
1da177e4 1676
4ec93edb 1677struct sk_buff *sock_alloc_send_skb(struct sock *sk, unsigned long size,
1da177e4
LT		 1678 int noblock, int *errcode)
1679{
1680 return sock_alloc_send_pskb(sk, size, 0, noblock, errcode);
1681}
2a91525c 1682EXPORT_SYMBOL(sock_alloc_send_skb);
1da177e4
LT		 1683
1684static void __lock_sock(struct sock *sk)
f39234d6
NK		 1685 __releases(&sk->sk_lock.slock)
1686 __acquires(&sk->sk_lock.slock)
1da177e4
LT		 1687{
1688 DEFINE_WAIT(wait);
1689
e71a4783 1690 for (;;) {
1da177e4
LT		 1691 prepare_to_wait_exclusive(&sk->sk_lock.wq, &wait,
1692 TASK_UNINTERRUPTIBLE);
1693 spin_unlock_bh(&sk->sk_lock.slock);
1694 schedule();
1695 spin_lock_bh(&sk->sk_lock.slock);
e71a4783 1696 if (!sock_owned_by_user(sk))
1da177e4
LT		 1697 break;
1698 }
1699 finish_wait(&sk->sk_lock.wq, &wait);
1700}
1701
1702static void __release_sock(struct sock *sk)
f39234d6
NK		 1703 __releases(&sk->sk_lock.slock)
1704 __acquires(&sk->sk_lock.slock)
1da177e4
LT		 1705{
1706 struct sk_buff *skb = sk->sk_backlog.head;
1707
1708 do {
1709 sk->sk_backlog.head = sk->sk_backlog.tail = NULL;
1710 bh_unlock_sock(sk);
1711
1712 do {
1713 struct sk_buff *next = skb->next;
1714
e4cbb02a 1715 prefetch(next);
7fee226a 1716 WARN_ON_ONCE(skb_dst_is_noref(skb));
1da177e4 1717 skb->next = NULL;
c57943a1 1718 sk_backlog_rcv(sk, skb);
1da177e4
LT		 1719
1720 /*
1721 * We are in process context here with softirqs
1722 * disabled, use cond_resched_softirq() to preempt.
1723 * This is safe to do because we've taken the backlog
1724 * queue private:
1725 */
1726 cond_resched_softirq();
1727
1728 skb = next;
1729 } while (skb != NULL);
1730
1731 bh_lock_sock(sk);
e71a4783 1732 } while ((skb = sk->sk_backlog.head) != NULL);
8eae939f
ZY		 1733
1734 /*
1735 * Doing the zeroing here guarantee we can not loop forever
1736 * while a wild producer attempts to flood us.
1737 */
1738 sk->sk_backlog.len = 0;
1da177e4
LT		 1739}
1740
1741/**
1742 * sk_wait_data - wait for data to arrive at sk_receive_queue
4dc3b16b
PP		 1743 * @sk: sock to wait on
1744 * @timeo: for how long
1da177e4
LT		 1745 *
1746 * Now socket state including sk->sk_err is changed only under lock,
1747 * hence we may omit checks after joining wait queue.
1748 * We check receive queue before schedule() only as optimization;
1749 * it is very likely that release_sock() added new data.
1750 */
1751int sk_wait_data(struct sock *sk, long *timeo)
1752{
1753 int rc;
1754 DEFINE_WAIT(wait);
1755
aa395145 1756 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1da177e4
LT		 1757 set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
1758 rc = sk_wait_event(sk, timeo, !skb_queue_empty(&sk->sk_receive_queue));
1759 clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
aa395145 1760 finish_wait(sk_sleep(sk), &wait);
1da177e4
LT		 1761 return rc;
1762}
1da177e4
LT		 1763EXPORT_SYMBOL(sk_wait_data);
1764
3ab224be
HA		 1765/**
1766 * __sk_mem_schedule - increase sk_forward_alloc and memory_allocated
1767 * @sk: socket
1768 * @size: memory size to allocate
1769 * @kind: allocation type
1770 *
1771 * If kind is SK_MEM_SEND, it means wmem allocation. Otherwise it means
1772 * rmem allocation. This function assumes that protocols which have
1773 * memory_pressure use sk_wmem_queued as write buffer accounting.
1774 */
1775int __sk_mem_schedule(struct sock *sk, int size, int kind)
1776{
1777 struct proto *prot = sk->sk_prot;
1778 int amt = sk_mem_pages(size);
8d987e5c 1779 long allocated;
e1aab161 1780 int parent_status = UNDER_LIMIT;
3ab224be
HA		 1781
1782 sk->sk_forward_alloc += amt * SK_MEM_QUANTUM;
180d8cd9 1783
e1aab161 1784 allocated = sk_memory_allocated_add(sk, amt, &parent_status);
3ab224be
HA		 1785
1786 /* Under limit. */
e1aab161
GC		 1787 if (parent_status == UNDER_LIMIT &&
1788 allocated <= sk_prot_mem_limits(sk, 0)) {
180d8cd9 1789 sk_leave_memory_pressure(sk);
3ab224be
HA		 1790 return 1;
1791 }
1792
e1aab161
GC		 1793 /* Under pressure. (we or our parents) */
1794 if ((parent_status > SOFT_LIMIT) ||
1795 allocated > sk_prot_mem_limits(sk, 1))
180d8cd9 1796 sk_enter_memory_pressure(sk);
3ab224be 1797
e1aab161
GC		 1798 /* Over hard limit (we or our parents) */
1799 if ((parent_status == OVER_LIMIT) ||
1800 (allocated > sk_prot_mem_limits(sk, 2)))
3ab224be
HA		 1801 goto suppress_allocation;
1802
1803 /* guarantee minimum buffer size under pressure */
1804 if (kind == SK_MEM_RECV) {
1805 if (atomic_read(&sk->sk_rmem_alloc) < prot->sysctl_rmem[0])
1806 return 1;
180d8cd9 1807
3ab224be
HA		 1808 } else { /* SK_MEM_SEND */
1809 if (sk->sk_type == SOCK_STREAM) {
1810 if (sk->sk_wmem_queued < prot->sysctl_wmem[0])
1811 return 1;
1812 } else if (atomic_read(&sk->sk_wmem_alloc) <
1813 prot->sysctl_wmem[0])
1814 return 1;
1815 }
1816
180d8cd9 1817 if (sk_has_memory_pressure(sk)) {
1748376b
ED		 1818 int alloc;
1819
180d8cd9 1820 if (!sk_under_memory_pressure(sk))
1748376b 1821 return 1;
180d8cd9
GC		 1822 alloc = sk_sockets_allocated_read_positive(sk);
1823 if (sk_prot_mem_limits(sk, 2) > alloc *
3ab224be
HA		 1824 sk_mem_pages(sk->sk_wmem_queued +
1825 atomic_read(&sk->sk_rmem_alloc) +
1826 sk->sk_forward_alloc))
1827 return 1;
1828 }
1829
1830suppress_allocation:
1831
1832 if (kind == SK_MEM_SEND && sk->sk_type == SOCK_STREAM) {
1833 sk_stream_moderate_sndbuf(sk);
1834
1835 /* Fail only if socket is _under_ its sndbuf.
1836 * In this case we cannot block, so that we have to fail.
1837 */
1838 if (sk->sk_wmem_queued + size >= sk->sk_sndbuf)
1839 return 1;
1840 }
1841
3847ce32
SM		 1842 trace_sock_exceed_buf_limit(sk, prot, allocated);
1843
3ab224be
HA		 1844 /* Alas. Undo changes. */
1845 sk->sk_forward_alloc -= amt * SK_MEM_QUANTUM;
180d8cd9 1846
0e90b31f 1847 sk_memory_allocated_sub(sk, amt);
180d8cd9 1848
3ab224be
HA		 1849 return 0;
1850}
3ab224be
HA		 1851EXPORT_SYMBOL(__sk_mem_schedule);
1852
1853/**
1854 * __sk_reclaim - reclaim memory_allocated
1855 * @sk: socket
1856 */
1857void __sk_mem_reclaim(struct sock *sk)
1858{
180d8cd9 1859 sk_memory_allocated_sub(sk,
0e90b31f 1860 sk->sk_forward_alloc >> SK_MEM_QUANTUM_SHIFT);
3ab224be
HA		 1861 sk->sk_forward_alloc &= SK_MEM_QUANTUM - 1;
1862
180d8cd9
GC		 1863 if (sk_under_memory_pressure(sk) &&
1864 (sk_memory_allocated(sk) < sk_prot_mem_limits(sk, 0)))
1865 sk_leave_memory_pressure(sk);
3ab224be 1866}
3ab224be
HA		 1867EXPORT_SYMBOL(__sk_mem_reclaim);
1868
1869
1da177e4
LT		 1870/*
1871 * Set of default routines for initialising struct proto_ops when
1872 * the protocol does not support a particular function. In certain
1873 * cases where it makes no sense for a protocol to have a "do nothing"
1874 * function, some default processing is provided.
1875 */
1876
1877int sock_no_bind(struct socket *sock, struct sockaddr *saddr, int len)
1878{
1879 return -EOPNOTSUPP;
1880}
2a91525c 1881EXPORT_SYMBOL(sock_no_bind);
1da177e4 1882
4ec93edb 1883int sock_no_connect(struct socket *sock, struct sockaddr *saddr,
1da177e4
LT		 1884 int len, int flags)
1885{
1886 return -EOPNOTSUPP;
1887}
2a91525c 1888EXPORT_SYMBOL(sock_no_connect);
1da177e4
LT		 1889
1890int sock_no_socketpair(struct socket *sock1, struct socket *sock2)
1891{
1892 return -EOPNOTSUPP;
1893}
2a91525c 1894EXPORT_SYMBOL(sock_no_socketpair);
1da177e4
LT		 1895
1896int sock_no_accept(struct socket *sock, struct socket *newsock, int flags)
1897{
1898 return -EOPNOTSUPP;
1899}
2a91525c 1900EXPORT_SYMBOL(sock_no_accept);
1da177e4 1901
4ec93edb 1902int sock_no_getname(struct socket *sock, struct sockaddr *saddr,
1da177e4
LT		 1903 int *len, int peer)
1904{
1905 return -EOPNOTSUPP;
1906}
2a91525c 1907EXPORT_SYMBOL(sock_no_getname);
1da177e4 1908
2a91525c 1909unsigned int sock_no_poll(struct file *file, struct socket *sock, poll_table *pt)
1da177e4
LT		 1910{
1911 return 0;
1912}
2a91525c 1913EXPORT_SYMBOL(sock_no_poll);
1da177e4
LT		 1914
1915int sock_no_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1916{
1917 return -EOPNOTSUPP;
1918}
2a91525c 1919EXPORT_SYMBOL(sock_no_ioctl);
1da177e4
LT		 1920
1921int sock_no_listen(struct socket *sock, int backlog)
1922{
1923 return -EOPNOTSUPP;
1924}
2a91525c 1925EXPORT_SYMBOL(sock_no_listen);
1da177e4
LT		 1926
1927int sock_no_shutdown(struct socket *sock, int how)
1928{
1929 return -EOPNOTSUPP;
1930}
2a91525c 1931EXPORT_SYMBOL(sock_no_shutdown);
1da177e4
LT		 1932
1933int sock_no_setsockopt(struct socket *sock, int level, int optname,
b7058842 1934 char __user *optval, unsigned int optlen)
1da177e4
LT		 1935{
1936 return -EOPNOTSUPP;
1937}
2a91525c 1938EXPORT_SYMBOL(sock_no_setsockopt);
1da177e4
LT		 1939
1940int sock_no_getsockopt(struct socket *sock, int level, int optname,
1941 char __user *optval, int __user *optlen)
1942{
1943 return -EOPNOTSUPP;
1944}
2a91525c 1945EXPORT_SYMBOL(sock_no_getsockopt);
1da177e4
LT		 1946
1947int sock_no_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *m,
1948 size_t len)
1949{
1950 return -EOPNOTSUPP;
1951}
2a91525c 1952EXPORT_SYMBOL(sock_no_sendmsg);
1da177e4
LT		 1953
1954int sock_no_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *m,
1955 size_t len, int flags)
1956{
1957 return -EOPNOTSUPP;
1958}
2a91525c 1959EXPORT_SYMBOL(sock_no_recvmsg);
1da177e4
LT		 1960
1961int sock_no_mmap(struct file *file, struct socket *sock, struct vm_area_struct *vma)
1962{
1963 /* Mirror missing mmap method error code */
1964 return -ENODEV;
1965}
2a91525c 1966EXPORT_SYMBOL(sock_no_mmap);
1da177e4
LT		 1967
1968ssize_t sock_no_sendpage(struct socket *sock, struct page *page, int offset, size_t size, int flags)
1969{
1970 ssize_t res;
1971 struct msghdr msg = {.msg_flags = flags};
1972 struct kvec iov;
1973 char *kaddr = kmap(page);
1974 iov.iov_base = kaddr + offset;
1975 iov.iov_len = size;
1976 res = kernel_sendmsg(sock, &msg, &iov, 1, size);
1977 kunmap(page);
1978 return res;
1979}
2a91525c 1980EXPORT_SYMBOL(sock_no_sendpage);
1da177e4
LT		 1981
1982/*
1983 * Default Socket Callbacks
1984 */
1985
1986static void sock_def_wakeup(struct sock *sk)
1987{
43815482
ED		 1988 struct socket_wq *wq;
1989
1990 rcu_read_lock();
1991 wq = rcu_dereference(sk->sk_wq);
1992 if (wq_has_sleeper(wq))
1993 wake_up_interruptible_all(&wq->wait);
1994 rcu_read_unlock();
1da177e4
LT		 1995}
1996
1997static void sock_def_error_report(struct sock *sk)
1998{
43815482
ED		 1999 struct socket_wq *wq;
2000
2001 rcu_read_lock();
2002 wq = rcu_dereference(sk->sk_wq);
2003 if (wq_has_sleeper(wq))
2004 wake_up_interruptible_poll(&wq->wait, POLLERR);
8d8ad9d7 2005 sk_wake_async(sk, SOCK_WAKE_IO, POLL_ERR);
43815482 2006 rcu_read_unlock();
1da177e4
LT		 2007}
2008
2009static void sock_def_readable(struct sock *sk, int len)
2010{
43815482
ED		 2011 struct socket_wq *wq;
2012
2013 rcu_read_lock();
2014 wq = rcu_dereference(sk->sk_wq);
2015 if (wq_has_sleeper(wq))
2c6607c6 2016 wake_up_interruptible_sync_poll(&wq->wait, POLLIN | POLLPRI |
37e5540b 2017 POLLRDNORM | POLLRDBAND);
8d8ad9d7 2018 sk_wake_async(sk, SOCK_WAKE_WAITD, POLL_IN);
43815482 2019 rcu_read_unlock();
1da177e4
LT		 2020}
2021
2022static void sock_def_write_space(struct sock *sk)
2023{
43815482
ED		 2024 struct socket_wq *wq;
2025
2026 rcu_read_lock();
1da177e4
LT		 2027
2028 /* Do not wake up a writer until he can make "significant"
2029 * progress. --DaveM
2030 */
e71a4783 2031 if ((atomic_read(&sk->sk_wmem_alloc) << 1) <= sk->sk_sndbuf) {
43815482
ED		 2032 wq = rcu_dereference(sk->sk_wq);
2033 if (wq_has_sleeper(wq))
2034 wake_up_interruptible_sync_poll(&wq->wait, POLLOUT |
37e5540b 2035 POLLWRNORM | POLLWRBAND);
1da177e4
LT		 2036
2037 /* Should agree with poll, otherwise some programs break */
2038 if (sock_writeable(sk))
8d8ad9d7 2039 sk_wake_async(sk, SOCK_WAKE_SPACE, POLL_OUT);
1da177e4
LT		 2040 }
2041
43815482 2042 rcu_read_unlock();
1da177e4
LT		 2043}
2044
2045static void sock_def_destruct(struct sock *sk)
2046{
a51482bd 2047 kfree(sk->sk_protinfo);
1da177e4
LT		 2048}
2049
2050void sk_send_sigurg(struct sock *sk)
2051{
2052 if (sk->sk_socket && sk->sk_socket->file)
2053 if (send_sigurg(&sk->sk_socket->file->f_owner))
8d8ad9d7 2054 sk_wake_async(sk, SOCK_WAKE_URG, POLL_PRI);
1da177e4 2055}
2a91525c 2056EXPORT_SYMBOL(sk_send_sigurg);
1da177e4
LT		 2057
2058void sk_reset_timer(struct sock *sk, struct timer_list* timer,
2059 unsigned long expires)
2060{
2061 if (!mod_timer(timer, expires))
2062 sock_hold(sk);
2063}
1da177e4
LT		 2064EXPORT_SYMBOL(sk_reset_timer);
2065
2066void sk_stop_timer(struct sock *sk, struct timer_list* timer)
2067{
2068 if (timer_pending(timer) && del_timer(timer))
2069 __sock_put(sk);
2070}
1da177e4
LT		 2071EXPORT_SYMBOL(sk_stop_timer);
2072
2073void sock_init_data(struct socket *sock, struct sock *sk)
2074{
2075 skb_queue_head_init(&sk->sk_receive_queue);
2076 skb_queue_head_init(&sk->sk_write_queue);
2077 skb_queue_head_init(&sk->sk_error_queue);
97fc2f08
CL		 2078#ifdef CONFIG_NET_DMA
2079 skb_queue_head_init(&sk->sk_async_wait_queue);
2080#endif
1da177e4
LT		 2081
2082 sk->sk_send_head = NULL;
2083
2084 init_timer(&sk->sk_timer);
4ec93edb 2085
1da177e4
LT		 2086 sk->sk_allocation = GFP_KERNEL;
2087 sk->sk_rcvbuf = sysctl_rmem_default;
2088 sk->sk_sndbuf = sysctl_wmem_default;
2089 sk->sk_state = TCP_CLOSE;
972692e0 2090 sk_set_socket(sk, sock);
1da177e4
LT		 2091
2092 sock_set_flag(sk, SOCK_ZAPPED);
2093
e71a4783 2094 if (sock) {
1da177e4 2095 sk->sk_type = sock->type;
43815482 2096 sk->sk_wq = sock->wq;
1da177e4
LT		 2097 sock->sk = sk;
2098 } else
43815482 2099 sk->sk_wq = NULL;
1da177e4 2100
b6c6712a 2101 spin_lock_init(&sk->sk_dst_lock);
1da177e4 2102 rwlock_init(&sk->sk_callback_lock);
443aef0e
PZ		 2103 lockdep_set_class_and_name(&sk->sk_callback_lock,
2104 af_callback_keys + sk->sk_family,
2105 af_family_clock_key_strings[sk->sk_family]);
1da177e4
LT		 2106
2107 sk->sk_state_change = sock_def_wakeup;
2108 sk->sk_data_ready = sock_def_readable;
2109 sk->sk_write_space = sock_def_write_space;
2110 sk->sk_error_report = sock_def_error_report;
2111 sk->sk_destruct = sock_def_destruct;
2112
2113 sk->sk_sndmsg_page = NULL;
2114 sk->sk_sndmsg_off = 0;
ef64a54f 2115 sk->sk_peek_off = -1;
1da177e4 2116
109f6e39
EB		 2117 sk->sk_peer_pid = NULL;
2118 sk->sk_peer_cred = NULL;
1da177e4
LT		 2119 sk->sk_write_pending = 0;
2120 sk->sk_rcvlowat = 1;
2121 sk->sk_rcvtimeo = MAX_SCHEDULE_TIMEOUT;
2122 sk->sk_sndtimeo = MAX_SCHEDULE_TIMEOUT;
2123
f37f0afb 2124 sk->sk_stamp = ktime_set(-1L, 0);
1da177e4 2125
4dc6dc71
ED		 2126 /*
2127 * Before updating sk_refcnt, we must commit prior changes to memory
2128 * (Documentation/RCU/rculist_nulls.txt for details)
2129 */
2130 smp_wmb();
1da177e4 2131 atomic_set(&sk->sk_refcnt, 1);
33c732c3 2132 atomic_set(&sk->sk_drops, 0);
1da177e4 2133}
2a91525c 2134EXPORT_SYMBOL(sock_init_data);
1da177e4 2135
b5606c2d 2136void lock_sock_nested(struct sock *sk, int subclass)
1da177e4
LT		 2137{
2138 might_sleep();
a5b5bb9a 2139 spin_lock_bh(&sk->sk_lock.slock);
d2e9117c 2140 if (sk->sk_lock.owned)
1da177e4 2141 __lock_sock(sk);
d2e9117c 2142 sk->sk_lock.owned = 1;
a5b5bb9a
IM		 2143 spin_unlock(&sk->sk_lock.slock);
2144 /*
2145 * The sk_lock has mutex_lock() semantics here:
2146 */
fcc70d5f 2147 mutex_acquire(&sk->sk_lock.dep_map, subclass, 0, _RET_IP_);
a5b5bb9a 2148 local_bh_enable();
1da177e4 2149}
fcc70d5f 2150EXPORT_SYMBOL(lock_sock_nested);
1da177e4 2151
b5606c2d 2152void release_sock(struct sock *sk)
1da177e4 2153{
a5b5bb9a
IM		 2154 /*
2155 * The sk_lock has mutex_unlock() semantics:
2156 */
2157 mutex_release(&sk->sk_lock.dep_map, 1, _RET_IP_);
2158
2159 spin_lock_bh(&sk->sk_lock.slock);
1da177e4
LT		 2160 if (sk->sk_backlog.tail)
2161 __release_sock(sk);
d2e9117c 2162 sk->sk_lock.owned = 0;
a5b5bb9a
IM		 2163 if (waitqueue_active(&sk->sk_lock.wq))
2164 wake_up(&sk->sk_lock.wq);
2165 spin_unlock_bh(&sk->sk_lock.slock);
1da177e4
LT		 2166}
2167EXPORT_SYMBOL(release_sock);
2168
8a74ad60
ED		 2169/**
2170 * lock_sock_fast - fast version of lock_sock
2171 * @sk: socket
2172 *
2173 * This version should be used for very small section, where process wont block
2174 * return false if fast path is taken
2175 * sk_lock.slock locked, owned = 0, BH disabled
2176 * return true if slow path is taken
2177 * sk_lock.slock unlocked, owned = 1, BH enabled
2178 */
2179bool lock_sock_fast(struct sock *sk)
2180{
2181 might_sleep();
2182 spin_lock_bh(&sk->sk_lock.slock);
2183
2184 if (!sk->sk_lock.owned)
2185 /*
2186 * Note : We must disable BH
2187 */
2188 return false;
2189
2190 __lock_sock(sk);
2191 sk->sk_lock.owned = 1;
2192 spin_unlock(&sk->sk_lock.slock);
2193 /*
2194 * The sk_lock has mutex_lock() semantics here:
2195 */
2196 mutex_acquire(&sk->sk_lock.dep_map, 0, 0, _RET_IP_);
2197 local_bh_enable();
2198 return true;
2199}
2200EXPORT_SYMBOL(lock_sock_fast);
2201
1da177e4 2202int sock_get_timestamp(struct sock *sk, struct timeval __user *userstamp)
4ec93edb 2203{
b7aa0bf7 2204 struct timeval tv;
1da177e4 2205 if (!sock_flag(sk, SOCK_TIMESTAMP))
20d49473 2206 sock_enable_timestamp(sk, SOCK_TIMESTAMP);
b7aa0bf7
ED		 2207 tv = ktime_to_timeval(sk->sk_stamp);
2208 if (tv.tv_sec == -1)
1da177e4 2209 return -ENOENT;
b7aa0bf7
ED		 2210 if (tv.tv_sec == 0) {
2211 sk->sk_stamp = ktime_get_real();
2212 tv = ktime_to_timeval(sk->sk_stamp);
2213 }
2214 return copy_to_user(userstamp, &tv, sizeof(tv)) ? -EFAULT : 0;
4ec93edb 2215}
1da177e4
LT		 2216EXPORT_SYMBOL(sock_get_timestamp);
2217
ae40eb1e
ED		 2218int sock_get_timestampns(struct sock *sk, struct timespec __user *userstamp)
2219{
2220 struct timespec ts;
2221 if (!sock_flag(sk, SOCK_TIMESTAMP))
20d49473 2222 sock_enable_timestamp(sk, SOCK_TIMESTAMP);
ae40eb1e
ED		 2223 ts = ktime_to_timespec(sk->sk_stamp);
2224 if (ts.tv_sec == -1)
2225 return -ENOENT;
2226 if (ts.tv_sec == 0) {
2227 sk->sk_stamp = ktime_get_real();
2228 ts = ktime_to_timespec(sk->sk_stamp);
2229 }
2230 return copy_to_user(userstamp, &ts, sizeof(ts)) ? -EFAULT : 0;
2231}
2232EXPORT_SYMBOL(sock_get_timestampns);
2233
20d49473 2234void sock_enable_timestamp(struct sock *sk, int flag)
4ec93edb 2235{
20d49473 2236 if (!sock_flag(sk, flag)) {
08e29af3
ED		 2237 unsigned long previous_flags = sk->sk_flags;
2238
20d49473
PO		 2239 sock_set_flag(sk, flag);
2240 /*
2241 * we just set one of the two flags which require net
2242 * time stamping, but time stamping might have been on
2243 * already because of the other one
2244 */
08e29af3 2245 if (!(previous_flags & SK_FLAGS_TIMESTAMP))
20d49473 2246 net_enable_timestamp();
1da177e4
LT		 2247 }
2248}
1da177e4
LT		 2249
2250/*
2251 * Get a socket option on an socket.
2252 *
2253 * FIX: POSIX 1003.1g is very ambiguous here. It states that
2254 * asynchronous errors should be reported by getsockopt. We assume
2255 * this means if you specify SO_ERROR (otherwise whats the point of it).
2256 */
2257int sock_common_getsockopt(struct socket *sock, int level, int optname,
2258 char __user *optval, int __user *optlen)
2259{
2260 struct sock *sk = sock->sk;
2261
2262 return sk->sk_prot->getsockopt(sk, level, optname, optval, optlen);
2263}
1da177e4
LT		 2264EXPORT_SYMBOL(sock_common_getsockopt);
2265
3fdadf7d 2266#ifdef CONFIG_COMPAT
543d9cfe
ACM		 2267int compat_sock_common_getsockopt(struct socket *sock, int level, int optname,
2268 char __user *optval, int __user *optlen)
3fdadf7d
DM		 2269{
2270 struct sock *sk = sock->sk;
2271
1e51f951 2272 if (sk->sk_prot->compat_getsockopt != NULL)
543d9cfe
ACM		 2273 return sk->sk_prot->compat_getsockopt(sk, level, optname,
2274 optval, optlen);
3fdadf7d
DM		 2275 return sk->sk_prot->getsockopt(sk, level, optname, optval, optlen);
2276}
2277EXPORT_SYMBOL(compat_sock_common_getsockopt);
2278#endif
2279
1da177e4
LT		 2280int sock_common_recvmsg(struct kiocb *iocb, struct socket *sock,
2281 struct msghdr *msg, size_t size, int flags)
2282{
2283 struct sock *sk = sock->sk;
2284 int addr_len = 0;
2285 int err;
2286
2287 err = sk->sk_prot->recvmsg(iocb, sk, msg, size, flags & MSG_DONTWAIT,
2288 flags & ~MSG_DONTWAIT, &addr_len);
2289 if (err >= 0)
2290 msg->msg_namelen = addr_len;
2291 return err;
2292}
1da177e4
LT		 2293EXPORT_SYMBOL(sock_common_recvmsg);
2294
2295/*
2296 * Set socket options on an inet socket.
2297 */
2298int sock_common_setsockopt(struct socket *sock, int level, int optname,
b7058842 2299 char __user *optval, unsigned int optlen)
1da177e4
LT		 2300{
2301 struct sock *sk = sock->sk;
2302
2303 return sk->sk_prot->setsockopt(sk, level, optname, optval, optlen);
2304}
1da177e4
LT		 2305EXPORT_SYMBOL(sock_common_setsockopt);
2306
3fdadf7d 2307#ifdef CONFIG_COMPAT
543d9cfe 2308int compat_sock_common_setsockopt(struct socket *sock, int level, int optname,
b7058842 2309 char __user *optval, unsigned int optlen)
3fdadf7d
DM		 2310{
2311 struct sock *sk = sock->sk;
2312
543d9cfe
ACM		 2313 if (sk->sk_prot->compat_setsockopt != NULL)
2314 return sk->sk_prot->compat_setsockopt(sk, level, optname,
2315 optval, optlen);
3fdadf7d
DM		 2316 return sk->sk_prot->setsockopt(sk, level, optname, optval, optlen);
2317}
2318EXPORT_SYMBOL(compat_sock_common_setsockopt);
2319#endif
2320
1da177e4
LT		 2321void sk_common_release(struct sock *sk)
2322{
2323 if (sk->sk_prot->destroy)
2324 sk->sk_prot->destroy(sk);
2325
2326 /*
2327 * Observation: when sock_common_release is called, processes have
2328 * no access to socket. But net still has.
2329 * Step one, detach it from networking:
2330 *
2331 * A. Remove from hash tables.
2332 */
2333
2334 sk->sk_prot->unhash(sk);
2335
2336 /*
2337 * In this point socket cannot receive new packets, but it is possible
2338 * that some packets are in flight because some CPU runs receiver and
2339 * did hash table lookup before we unhashed socket. They will achieve
2340 * receive queue and will be purged by socket destructor.
2341 *
2342 * Also we still have packets pending on receive queue and probably,
2343 * our own packets waiting in device queues. sock_destroy will drain
2344 * receive queue, but transmitted packets will delay socket destruction
2345 * until the last reference will be released.
2346 */
2347
2348 sock_orphan(sk);
2349
2350 xfrm_sk_free_policy(sk);
2351
e6848976 2352 sk_refcnt_debug_release(sk);
1da177e4
LT		 2353 sock_put(sk);
2354}
1da177e4
LT		 2355EXPORT_SYMBOL(sk_common_release);
2356
13ff3d6f
PE		 2357#ifdef CONFIG_PROC_FS
2358#define PROTO_INUSE_NR 64 /* should be enough for the first time */
1338d466
PE		 2359struct prot_inuse {
2360 int val[PROTO_INUSE_NR];
2361};
13ff3d6f
PE		 2362
2363static DECLARE_BITMAP(proto_inuse_idx, PROTO_INUSE_NR);
70ee1159
PE		 2364
2365#ifdef CONFIG_NET_NS
2366void sock_prot_inuse_add(struct net *net, struct proto *prot, int val)
2367{
d6d9ca0f 2368 __this_cpu_add(net->core.inuse->val[prot->inuse_idx], val);
70ee1159
PE		 2369}
2370EXPORT_SYMBOL_GPL(sock_prot_inuse_add);
2371
2372int sock_prot_inuse_get(struct net *net, struct proto *prot)
2373{
2374 int cpu, idx = prot->inuse_idx;
2375 int res = 0;
2376
2377 for_each_possible_cpu(cpu)
2378 res += per_cpu_ptr(net->core.inuse, cpu)->val[idx];
2379
2380 return res >= 0 ? res : 0;
2381}
2382EXPORT_SYMBOL_GPL(sock_prot_inuse_get);
2383
2c8c1e72 2384static int __net_init sock_inuse_init_net(struct net *net)
70ee1159
PE		 2385{
2386 net->core.inuse = alloc_percpu(struct prot_inuse);
2387 return net->core.inuse ? 0 : -ENOMEM;
2388}
2389
2c8c1e72 2390static void __net_exit sock_inuse_exit_net(struct net *net)
70ee1159
PE		 2391{
2392 free_percpu(net->core.inuse);
2393}
2394
2395static struct pernet_operations net_inuse_ops = {
2396 .init = sock_inuse_init_net,
2397 .exit = sock_inuse_exit_net,
2398};
2399
2400static __init int net_inuse_init(void)
2401{
2402 if (register_pernet_subsys(&net_inuse_ops))
2403 panic("Cannot initialize net inuse counters");
2404
2405 return 0;
2406}
2407
2408core_initcall(net_inuse_init);
2409#else
1338d466
PE		 2410static DEFINE_PER_CPU(struct prot_inuse, prot_inuse);
2411
c29a0bc4 2412void sock_prot_inuse_add(struct net *net, struct proto *prot, int val)
1338d466 2413{
d6d9ca0f 2414 __this_cpu_add(prot_inuse.val[prot->inuse_idx], val);
1338d466
PE		 2415}
2416EXPORT_SYMBOL_GPL(sock_prot_inuse_add);
2417
c29a0bc4 2418int sock_prot_inuse_get(struct net *net, struct proto *prot)
1338d466
PE		 2419{
2420 int cpu, idx = prot->inuse_idx;
2421 int res = 0;
2422
2423 for_each_possible_cpu(cpu)
2424 res += per_cpu(prot_inuse, cpu).val[idx];
2425
2426 return res >= 0 ? res : 0;
2427}
2428EXPORT_SYMBOL_GPL(sock_prot_inuse_get);
70ee1159 2429#endif
13ff3d6f
PE		 2430
2431static void assign_proto_idx(struct proto *prot)
2432{
2433 prot->inuse_idx = find_first_zero_bit(proto_inuse_idx, PROTO_INUSE_NR);
2434
2435 if (unlikely(prot->inuse_idx == PROTO_INUSE_NR - 1)) {
e005d193 2436 pr_err("PROTO_INUSE_NR exhausted\n");
13ff3d6f
PE		 2437 return;
2438 }
2439
2440 set_bit(prot->inuse_idx, proto_inuse_idx);
2441}
2442
2443static void release_proto_idx(struct proto *prot)
2444{
2445 if (prot->inuse_idx != PROTO_INUSE_NR - 1)
2446 clear_bit(prot->inuse_idx, proto_inuse_idx);
2447}
2448#else
2449static inline void assign_proto_idx(struct proto *prot)
2450{
2451}
2452
2453static inline void release_proto_idx(struct proto *prot)
2454{
2455}
2456#endif
2457
b733c007
PE		 2458int proto_register(struct proto *prot, int alloc_slab)
2459{
1da177e4
LT		 2460 if (alloc_slab) {
2461 prot->slab = kmem_cache_create(prot->name, prot->obj_size, 0,
271b72c7
ED		 2462 SLAB_HWCACHE_ALIGN | prot->slab_flags,
2463 NULL);
1da177e4
LT		 2464
2465 if (prot->slab == NULL) {
e005d193
JP		 2466 pr_crit("%s: Can't create sock SLAB cache!\n",
2467 prot->name);
60e7663d 2468 goto out;
1da177e4 2469 }
2e6599cb
ACM		 2470
2471 if (prot->rsk_prot != NULL) {
faf23422 2472 prot->rsk_prot->slab_name = kasprintf(GFP_KERNEL, "request_sock_%s", prot->name);
7e56b5d6 2473 if (prot->rsk_prot->slab_name == NULL)
2e6599cb
ACM		 2474 goto out_free_sock_slab;
2475
7e56b5d6 2476 prot->rsk_prot->slab = kmem_cache_create(prot->rsk_prot->slab_name,
2e6599cb 2477 prot->rsk_prot->obj_size, 0,
20c2df83 2478 SLAB_HWCACHE_ALIGN, NULL);
2e6599cb
ACM		 2479
2480 if (prot->rsk_prot->slab == NULL) {
e005d193
JP		 2481 pr_crit("%s: Can't create request sock SLAB cache!\n",
2482 prot->name);
2e6599cb
ACM		 2483 goto out_free_request_sock_slab_name;
2484 }
2485 }
8feaf0c0 2486
6d6ee43e 2487 if (prot->twsk_prot != NULL) {
faf23422 2488 prot->twsk_prot->twsk_slab_name = kasprintf(GFP_KERNEL, "tw_sock_%s", prot->name);
8feaf0c0 2489
7e56b5d6 2490 if (prot->twsk_prot->twsk_slab_name == NULL)
8feaf0c0
ACM		 2491 goto out_free_request_sock_slab;
2492
6d6ee43e 2493 prot->twsk_prot->twsk_slab =
7e56b5d6 2494 kmem_cache_create(prot->twsk_prot->twsk_slab_name,
6d6ee43e 2495 prot->twsk_prot->twsk_obj_size,
3ab5aee7
ED		 2496 0,
2497 SLAB_HWCACHE_ALIGN |
2498 prot->slab_flags,
20c2df83 2499 NULL);
6d6ee43e 2500 if (prot->twsk_prot->twsk_slab == NULL)
8feaf0c0
ACM		 2501 goto out_free_timewait_sock_slab_name;
2502 }
1da177e4
LT		 2503 }
2504
36b77a52 2505 mutex_lock(&proto_list_mutex);
1da177e4 2506 list_add(&prot->node, &proto_list);
13ff3d6f 2507 assign_proto_idx(prot);
36b77a52 2508 mutex_unlock(&proto_list_mutex);
b733c007
PE		 2509 return 0;
2510
8feaf0c0 2511out_free_timewait_sock_slab_name:
7e56b5d6 2512 kfree(prot->twsk_prot->twsk_slab_name);
8feaf0c0
ACM		 2513out_free_request_sock_slab:
2514 if (prot->rsk_prot && prot->rsk_prot->slab) {
2515 kmem_cache_destroy(prot->rsk_prot->slab);
2516 prot->rsk_prot->slab = NULL;
2517 }
2e6599cb 2518out_free_request_sock_slab_name:
72150e9b
DC		 2519 if (prot->rsk_prot)
2520 kfree(prot->rsk_prot->slab_name);
2e6599cb
ACM		 2521out_free_sock_slab:
2522 kmem_cache_destroy(prot->slab);
2523 prot->slab = NULL;
b733c007
PE		 2524out:
2525 return -ENOBUFS;
1da177e4 2526}
1da177e4
LT		 2527EXPORT_SYMBOL(proto_register);
2528
2529void proto_unregister(struct proto *prot)
2530{
36b77a52 2531 mutex_lock(&proto_list_mutex);
13ff3d6f 2532 release_proto_idx(prot);
0a3f4358 2533 list_del(&prot->node);
36b77a52 2534 mutex_unlock(&proto_list_mutex);
1da177e4
LT		 2535
2536 if (prot->slab != NULL) {
2537 kmem_cache_destroy(prot->slab);
2538 prot->slab = NULL;
2539 }
2540
2e6599cb 2541 if (prot->rsk_prot != NULL && prot->rsk_prot->slab != NULL) {
2e6599cb 2542 kmem_cache_destroy(prot->rsk_prot->slab);
7e56b5d6 2543 kfree(prot->rsk_prot->slab_name);
2e6599cb
ACM		 2544 prot->rsk_prot->slab = NULL;
2545 }
2546
6d6ee43e 2547 if (prot->twsk_prot != NULL && prot->twsk_prot->twsk_slab != NULL) {
6d6ee43e 2548 kmem_cache_destroy(prot->twsk_prot->twsk_slab);
7e56b5d6 2549 kfree(prot->twsk_prot->twsk_slab_name);
6d6ee43e 2550 prot->twsk_prot->twsk_slab = NULL;
8feaf0c0 2551 }
1da177e4 2552}
1da177e4
LT		 2553EXPORT_SYMBOL(proto_unregister);
2554
2555#ifdef CONFIG_PROC_FS
1da177e4 2556static void *proto_seq_start(struct seq_file *seq, loff_t *pos)
36b77a52 2557 __acquires(proto_list_mutex)
1da177e4 2558{
36b77a52 2559 mutex_lock(&proto_list_mutex);
60f0438a 2560 return seq_list_start_head(&proto_list, *pos);
1da177e4
LT		 2561}
2562
2563static void *proto_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2564{
60f0438a 2565 return seq_list_next(v, &proto_list, pos);
1da177e4
LT		 2566}
2567
2568static void proto_seq_stop(struct seq_file *seq, void *v)
36b77a52 2569 __releases(proto_list_mutex)
1da177e4 2570{
36b77a52 2571 mutex_unlock(&proto_list_mutex);
1da177e4
LT		 2572}
2573
2574static char proto_method_implemented(const void *method)
2575{
2576 return method == NULL ? 'n' : 'y';
2577}
180d8cd9
GC		 2578static long sock_prot_memory_allocated(struct proto *proto)
2579{
cb75a36c 2580 return proto->memory_allocated != NULL ? proto_memory_allocated(proto) : -1L;
180d8cd9
GC		 2581}
2582
2583static char *sock_prot_memory_pressure(struct proto *proto)
2584{
2585 return proto->memory_pressure != NULL ?
2586 proto_memory_pressure(proto) ? "yes" : "no" : "NI";
2587}
1da177e4
LT		 2588
2589static void proto_seq_printf(struct seq_file *seq, struct proto *proto)
2590{
180d8cd9 2591
8d987e5c 2592 seq_printf(seq, "%-9s %4u %6d %6ld %-3s %6u %-3s %-10s "
1da177e4
LT		 2593 "%2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c\n",
2594 proto->name,
2595 proto->obj_size,
14e943db 2596 sock_prot_inuse_get(seq_file_net(seq), proto),
180d8cd9
GC		 2597 sock_prot_memory_allocated(proto),
2598 sock_prot_memory_pressure(proto),
1da177e4
LT		 2599 proto->max_header,
2600 proto->slab == NULL ? "no" : "yes",
2601 module_name(proto->owner),
2602 proto_method_implemented(proto->close),
2603 proto_method_implemented(proto->connect),
2604 proto_method_implemented(proto->disconnect),
2605 proto_method_implemented(proto->accept),
2606 proto_method_implemented(proto->ioctl),
2607 proto_method_implemented(proto->init),
2608 proto_method_implemented(proto->destroy),
2609 proto_method_implemented(proto->shutdown),
2610 proto_method_implemented(proto->setsockopt),
2611 proto_method_implemented(proto->getsockopt),
2612 proto_method_implemented(proto->sendmsg),
2613 proto_method_implemented(proto->recvmsg),
2614 proto_method_implemented(proto->sendpage),
2615 proto_method_implemented(proto->bind),
2616 proto_method_implemented(proto->backlog_rcv),
2617 proto_method_implemented(proto->hash),
2618 proto_method_implemented(proto->unhash),
2619 proto_method_implemented(proto->get_port),
2620 proto_method_implemented(proto->enter_memory_pressure));
2621}
2622
2623static int proto_seq_show(struct seq_file *seq, void *v)
2624{
60f0438a 2625 if (v == &proto_list)
1da177e4
LT		 2626 seq_printf(seq, "%-9s %-4s %-8s %-6s %-5s %-7s %-4s %-10s %s",
2627 "protocol",
2628 "size",
2629 "sockets",
2630 "memory",
2631 "press",
2632 "maxhdr",
2633 "slab",
2634 "module",
2635 "cl co di ac io in de sh ss gs se re sp bi br ha uh gp em\n");
2636 else
60f0438a 2637 proto_seq_printf(seq, list_entry(v, struct proto, node));
1da177e4
LT		 2638 return 0;
2639}
2640
f690808e 2641static const struct seq_operations proto_seq_ops = {
1da177e4
LT		 2642 .start = proto_seq_start,
2643 .next = proto_seq_next,
2644 .stop = proto_seq_stop,
2645 .show = proto_seq_show,
2646};
2647
2648static int proto_seq_open(struct inode *inode, struct file *file)
2649{
14e943db
ED		 2650 return seq_open_net(inode, file, &proto_seq_ops,
2651 sizeof(struct seq_net_private));
1da177e4
LT		 2652}
2653
9a32144e 2654static const struct file_operations proto_seq_fops = {
1da177e4
LT		 2655 .owner = THIS_MODULE,
2656 .open = proto_seq_open,
2657 .read = seq_read,
2658 .llseek = seq_lseek,
14e943db
ED		 2659 .release = seq_release_net,
2660};
2661
2662static __net_init int proto_init_net(struct net *net)
2663{
2664 if (!proc_net_fops_create(net, "protocols", S_IRUGO, &proto_seq_fops))
2665 return -ENOMEM;
2666
2667 return 0;
2668}
2669
2670static __net_exit void proto_exit_net(struct net *net)
2671{
2672 proc_net_remove(net, "protocols");
2673}
2674
2675
2676static __net_initdata struct pernet_operations proto_net_ops = {
2677 .init = proto_init_net,
2678 .exit = proto_exit_net,
1da177e4
LT		 2679};
2680
2681static int __init proto_init(void)
2682{
14e943db 2683 return register_pernet_subsys(&proto_net_ops);
1da177e4
LT		 2684}
2685
2686subsys_initcall(proto_init);
2687
2688#endif /* PROC_FS */
kernel source for telekom puls (alcatel/mediatek)