1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * INET An implementation of the TCP/IP protocol suite for the LINUX
4 * operating system. INET is implemented using the BSD Socket
5 * interface as the means of communication with the user level.
6 *
7 * RAW - implementation of IP "raw" sockets.
8 *
9 * Authors: Ross Biro
10 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
11 *
12 * Fixes:
13 * Alan Cox : verify_area() fixed up
14 * Alan Cox : ICMP error handling
15 * Alan Cox : EMSGSIZE if you send too big a packet
16 * Alan Cox : Now uses generic datagrams and shared
17 * skbuff library. No more peek crashes,
18 * no more backlogs
19 * Alan Cox : Checks sk->broadcast.
20 * Alan Cox : Uses skb_free_datagram/skb_copy_datagram
21 * Alan Cox : Raw passes ip options too
22 * Alan Cox : Setsocketopt added
23 * Alan Cox : Fixed error return for broadcasts
24 * Alan Cox : Removed wake_up calls
25 * Alan Cox : Use ttl/tos
26 * Alan Cox : Cleaned up old debugging
27 * Alan Cox : Use new kernel side addresses
28 * Arnt Gulbrandsen : Fixed MSG_DONTROUTE in raw sockets.
29 * Alan Cox : BSD style RAW socket demultiplexing.
30 * Alan Cox : Beginnings of mrouted support.
31 * Alan Cox : Added IP_HDRINCL option.
32 * Alan Cox : Skip broadcast check if BSDism set.
33 * David S. Miller : New socket lookup architecture.
34 */
35
36#include <linux/types.h>
37#include <linux/atomic.h>
38#include <asm/byteorder.h>
39#include <asm/current.h>
40#include <linux/uaccess.h>
41#include <asm/ioctls.h>
42#include <linux/stddef.h>
43#include <linux/slab.h>
44#include <linux/errno.h>
45#include <linux/kernel.h>
46#include <linux/export.h>
47#include <linux/spinlock.h>
48#include <linux/sockios.h>
49#include <linux/socket.h>
50#include <linux/in.h>
51#include <linux/mroute.h>
52#include <linux/netdevice.h>
53#include <linux/in_route.h>
54#include <linux/route.h>
55#include <linux/skbuff.h>
56#include <linux/igmp.h>
57#include <net/net_namespace.h>
58#include <net/dst.h>
59#include <net/sock.h>
60#include <linux/ip.h>
61#include <linux/net.h>
62#include <net/ip.h>
63#include <net/icmp.h>
64#include <net/udp.h>
65#include <net/raw.h>
66#include <net/snmp.h>
67#include <net/tcp_states.h>
68#include <net/inet_common.h>
69#include <net/checksum.h>
70#include <net/xfrm.h>
71#include <linux/rtnetlink.h>
72#include <linux/proc_fs.h>
73#include <linux/seq_file.h>
74#include <linux/netfilter.h>
75#include <linux/netfilter_ipv4.h>
76#include <linux/compat.h>
77#include <linux/uio.h>
78
79struct raw_frag_vec {
80 struct msghdr *msg;
81 union {
82 struct icmphdr icmph;
83 char c[1];
84 } hdr;
85 int hlen;
86};
87
88struct raw_hashinfo raw_v4_hashinfo;
89EXPORT_SYMBOL_GPL(raw_v4_hashinfo);
90
91int raw_hash_sk(struct sock *sk)
92{
93 struct raw_hashinfo *h = sk->sk_prot->h.raw_hash;
94 struct hlist_head *hlist;
95
96 hlist = &h->ht[raw_hashfunc(net: sock_net(sk), inet_sk(sk)->inet_num)];
97
98 spin_lock(lock: &h->lock);
99 sk_add_node_rcu(sk, list: hlist);
100 sock_set_flag(sk, flag: SOCK_RCU_FREE);
101 spin_unlock(lock: &h->lock);
102 sock_prot_inuse_add(net: sock_net(sk), prot: sk->sk_prot, val: 1);
103
104 return 0;
105}
106EXPORT_SYMBOL_GPL(raw_hash_sk);
107
108void raw_unhash_sk(struct sock *sk)
109{
110 struct raw_hashinfo *h = sk->sk_prot->h.raw_hash;
111
112 spin_lock(lock: &h->lock);
113 if (sk_del_node_init_rcu(sk))
114 sock_prot_inuse_add(net: sock_net(sk), prot: sk->sk_prot, val: -1);
115 spin_unlock(lock: &h->lock);
116}
117EXPORT_SYMBOL_GPL(raw_unhash_sk);
118
119bool raw_v4_match(struct net *net, const struct sock *sk, unsigned short num,
120 __be32 raddr, __be32 laddr, int dif, int sdif)
121{
122 const struct inet_sock *inet = inet_sk(sk);
123
124 if (net_eq(net1: sock_net(sk), net2: net) && inet->inet_num == num &&
125 !(inet->inet_daddr && inet->inet_daddr != raddr) &&
126 !(inet->inet_rcv_saddr && inet->inet_rcv_saddr != laddr) &&
127 raw_sk_bound_dev_eq(net, bound_dev_if: sk->sk_bound_dev_if, dif, sdif))
128 return true;
129 return false;
130}
131EXPORT_SYMBOL_GPL(raw_v4_match);
132
133/*
134 * 0 - deliver
135 * 1 - block
136 */
137static int icmp_filter(const struct sock *sk, const struct sk_buff *skb)
138{
139 struct icmphdr _hdr;
140 const struct icmphdr *hdr;
141
142 hdr = skb_header_pointer(skb, offset: skb_transport_offset(skb),
143 len: sizeof(_hdr), buffer: &_hdr);
144 if (!hdr)
145 return 1;
146
147 if (hdr->type < 32) {
148 __u32 data = raw_sk(sk)->filter.data;
149
150 return ((1U << hdr->type) & data) != 0;
151 }
152
153 /* Do not block unknown ICMP types */
154 return 0;
155}
156
157/* IP input processing comes here for RAW socket delivery.
158 * Caller owns SKB, so we must make clones.
159 *
160 * RFC 1122: SHOULD pass TOS value up to the transport layer.
161 * -> It does. And not only TOS, but all IP header.
162 */
163static int raw_v4_input(struct net *net, struct sk_buff *skb,
164 const struct iphdr *iph, int hash)
165{
166 int sdif = inet_sdif(skb);
167 struct hlist_head *hlist;
168 int dif = inet_iif(skb);
169 int delivered = 0;
170 struct sock *sk;
171
172 hlist = &raw_v4_hashinfo.ht[hash];
173 rcu_read_lock();
174 sk_for_each_rcu(sk, hlist) {
175 if (!raw_v4_match(net, sk, iph->protocol,
176 iph->saddr, iph->daddr, dif, sdif))
177 continue;
178
179 if (atomic_read(v: &sk->sk_rmem_alloc) >=
180 READ_ONCE(sk->sk_rcvbuf)) {
181 atomic_inc(v: &sk->sk_drops);
182 continue;
183 }
184
185 delivered = 1;
186 if ((iph->protocol != IPPROTO_ICMP || !icmp_filter(sk, skb)) &&
187 ip_mc_sf_allow(sk, local: iph->daddr, rmt: iph->saddr,
188 dif: skb->dev->ifindex, sdif)) {
189 struct sk_buff *clone = skb_clone(skb, GFP_ATOMIC);
190
191 /* Not releasing hash table! */
192 if (clone)
193 raw_rcv(sk, clone);
194 }
195 }
196 rcu_read_unlock();
197 return delivered;
198}
199
200int raw_local_deliver(struct sk_buff *skb, int protocol)
201{
202 struct net *net = dev_net(dev: skb->dev);
203
204 return raw_v4_input(net, skb, iph: ip_hdr(skb),
205 hash: raw_hashfunc(net, proto: protocol));
206}
207
208static void raw_err(struct sock *sk, struct sk_buff *skb, u32 info)
209{
210 struct inet_sock *inet = inet_sk(sk);
211 const int type = icmp_hdr(skb)->type;
212 const int code = icmp_hdr(skb)->code;
213 int harderr = 0;
214 bool recverr;
215 int err = 0;
216
217 if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED)
218 ipv4_sk_update_pmtu(skb, sk, mtu: info);
219 else if (type == ICMP_REDIRECT) {
220 ipv4_sk_redirect(skb, sk);
221 return;
222 }
223
224 /* Report error on raw socket, if:
225 1. User requested ip_recverr.
226 2. Socket is connected (otherwise the error indication
227 is useless without ip_recverr and error is hard.
228 */
229 recverr = inet_test_bit(RECVERR, sk);
230 if (!recverr && sk->sk_state != TCP_ESTABLISHED)
231 return;
232
233 switch (type) {
234 default:
235 case ICMP_TIME_EXCEEDED:
236 err = EHOSTUNREACH;
237 break;
238 case ICMP_SOURCE_QUENCH:
239 return;
240 case ICMP_PARAMETERPROB:
241 err = EPROTO;
242 harderr = 1;
243 break;
244 case ICMP_DEST_UNREACH:
245 err = EHOSTUNREACH;
246 if (code > NR_ICMP_UNREACH)
247 break;
248 if (code == ICMP_FRAG_NEEDED) {
249 harderr = READ_ONCE(inet->pmtudisc) != IP_PMTUDISC_DONT;
250 err = EMSGSIZE;
251 } else {
252 err = icmp_err_convert[code].errno;
253 harderr = icmp_err_convert[code].fatal;
254 }
255 }
256
257 if (recverr) {
258 const struct iphdr *iph = (const struct iphdr *)skb->data;
259 u8 *payload = skb->data + (iph->ihl << 2);
260
261 if (inet_test_bit(HDRINCL, sk))
262 payload = skb->data;
263 ip_icmp_error(sk, skb, err, port: 0, info, payload);
264 }
265
266 if (recverr || harderr) {
267 sk->sk_err = err;
268 sk_error_report(sk);
269 }
270}
271
272void raw_icmp_error(struct sk_buff *skb, int protocol, u32 info)
273{
274 struct net *net = dev_net(dev: skb->dev);
275 int dif = skb->dev->ifindex;
276 int sdif = inet_sdif(skb);
277 struct hlist_head *hlist;
278 const struct iphdr *iph;
279 struct sock *sk;
280 int hash;
281
282 hash = raw_hashfunc(net, proto: protocol);
283 hlist = &raw_v4_hashinfo.ht[hash];
284
285 rcu_read_lock();
286 sk_for_each_rcu(sk, hlist) {
287 iph = (const struct iphdr *)skb->data;
288 if (!raw_v4_match(net, sk, iph->protocol,
289 iph->daddr, iph->saddr, dif, sdif))
290 continue;
291 raw_err(sk, skb, info);
292 }
293 rcu_read_unlock();
294}
295
296static int raw_rcv_skb(struct sock *sk, struct sk_buff *skb)
297{
298 enum skb_drop_reason reason;
299
300 /* Charge it to the socket. */
301
302 ipv4_pktinfo_prepare(sk, skb, drop_dst: true);
303 if (sock_queue_rcv_skb_reason(sk, skb, reason: &reason) < 0) {
304 kfree_skb_reason(skb, reason);
305 return NET_RX_DROP;
306 }
307
308 return NET_RX_SUCCESS;
309}
310
311int raw_rcv(struct sock *sk, struct sk_buff *skb)
312{
313 if (!xfrm4_policy_check(sk, dir: XFRM_POLICY_IN, skb)) {
314 atomic_inc(v: &sk->sk_drops);
315 kfree_skb_reason(skb, reason: SKB_DROP_REASON_XFRM_POLICY);
316 return NET_RX_DROP;
317 }
318 nf_reset_ct(skb);
319
320 skb_push(skb, len: -skb_network_offset(skb));
321
322 raw_rcv_skb(sk, skb);
323 return 0;
324}
325
326static int raw_send_hdrinc(struct sock *sk, struct flowi4 *fl4,
327 struct msghdr *msg, size_t length,
328 struct rtable **rtp, unsigned int flags,
329 const struct sockcm_cookie *sockc)
330{
331 struct inet_sock *inet = inet_sk(sk);
332 struct net *net = sock_net(sk);
333 struct iphdr *iph;
334 struct sk_buff *skb;
335 unsigned int iphlen;
336 int err;
337 struct rtable *rt = *rtp;
338 int hlen, tlen;
339
340 if (length > rt->dst.dev->mtu) {
341 ip_local_error(sk, EMSGSIZE, daddr: fl4->daddr, dport: inet->inet_dport,
342 info: rt->dst.dev->mtu);
343 return -EMSGSIZE;
344 }
345 if (length < sizeof(struct iphdr))
346 return -EINVAL;
347
348 if (flags&MSG_PROBE)
349 goto out;
350
351 hlen = LL_RESERVED_SPACE(rt->dst.dev);
352 tlen = rt->dst.dev->needed_tailroom;
353 skb = sock_alloc_send_skb(sk,
354 size: length + hlen + tlen + 15,
355 noblock: flags & MSG_DONTWAIT, errcode: &err);
356 if (!skb)
357 goto error;
358 skb_reserve(skb, len: hlen);
359
360 skb->protocol = htons(ETH_P_IP);
361 skb->priority = READ_ONCE(sk->sk_priority);
362 skb->mark = sockc->mark;
363 skb->tstamp = sockc->transmit_time;
364 skb_dst_set(skb, dst: &rt->dst);
365 *rtp = NULL;
366
367 skb_reset_network_header(skb);
368 iph = ip_hdr(skb);
369 skb_put(skb, len: length);
370
371 skb->ip_summed = CHECKSUM_NONE;
372
373 skb_setup_tx_timestamp(skb, tsflags: sockc->tsflags);
374
375 if (flags & MSG_CONFIRM)
376 skb_set_dst_pending_confirm(skb, val: 1);
377
378 skb->transport_header = skb->network_header;
379 err = -EFAULT;
380 if (memcpy_from_msg(data: iph, msg, len: length))
381 goto error_free;
382
383 iphlen = iph->ihl * 4;
384
385 /*
386 * We don't want to modify the ip header, but we do need to
387 * be sure that it won't cause problems later along the network
388 * stack. Specifically we want to make sure that iph->ihl is a
389 * sane value. If ihl points beyond the length of the buffer passed
390 * in, reject the frame as invalid
391 */
392 err = -EINVAL;
393 if (iphlen > length)
394 goto error_free;
395
396 if (iphlen >= sizeof(*iph)) {
397 if (!iph->saddr)
398 iph->saddr = fl4->saddr;
399 iph->check = 0;
400 iph->tot_len = htons(length);
401 if (!iph->id)
402 ip_select_ident(net, skb, NULL);
403
404 iph->check = ip_fast_csum(iph: (unsigned char *)iph, ihl: iph->ihl);
405 skb->transport_header += iphlen;
406 if (iph->protocol == IPPROTO_ICMP &&
407 length >= iphlen + sizeof(struct icmphdr))
408 icmp_out_count(net, type: ((struct icmphdr *)
409 skb_transport_header(skb))->type);
410 }
411
412 err = NF_HOOK(pf: NFPROTO_IPV4, hook: NF_INET_LOCAL_OUT,
413 net, sk, skb, NULL, out: rt->dst.dev,
414 okfn: dst_output);
415 if (err > 0)
416 err = net_xmit_errno(err);
417 if (err)
418 goto error;
419out:
420 return 0;
421
422error_free:
423 kfree_skb(skb);
424error:
425 IP_INC_STATS(net, IPSTATS_MIB_OUTDISCARDS);
426 if (err == -ENOBUFS && !inet_test_bit(RECVERR, sk))
427 err = 0;
428 return err;
429}
430
431static int raw_probe_proto_opt(struct raw_frag_vec *rfv, struct flowi4 *fl4)
432{
433 int err;
434
435 if (fl4->flowi4_proto != IPPROTO_ICMP)
436 return 0;
437
438 /* We only need the first two bytes. */
439 rfv->hlen = 2;
440
441 err = memcpy_from_msg(data: rfv->hdr.c, msg: rfv->msg, len: rfv->hlen);
442 if (err)
443 return err;
444
445 fl4->fl4_icmp_type = rfv->hdr.icmph.type;
446 fl4->fl4_icmp_code = rfv->hdr.icmph.code;
447
448 return 0;
449}
450
451static int raw_getfrag(void *from, char *to, int offset, int len, int odd,
452 struct sk_buff *skb)
453{
454 struct raw_frag_vec *rfv = from;
455
456 if (offset < rfv->hlen) {
457 int copy = min(rfv->hlen - offset, len);
458
459 if (skb->ip_summed == CHECKSUM_PARTIAL)
460 memcpy(to, rfv->hdr.c + offset, copy);
461 else
462 skb->csum = csum_block_add(
463 csum: skb->csum,
464 csum2: csum_partial_copy_nocheck(src: rfv->hdr.c + offset,
465 dst: to, len: copy),
466 offset: odd);
467
468 odd = 0;
469 offset += copy;
470 to += copy;
471 len -= copy;
472
473 if (!len)
474 return 0;
475 }
476
477 offset -= rfv->hlen;
478
479 return ip_generic_getfrag(from: rfv->msg, to, offset, len, odd, skb);
480}
481
482static int raw_sendmsg(struct sock *sk, struct msghdr *msg, size_t len)
483{
484 struct inet_sock *inet = inet_sk(sk);
485 struct net *net = sock_net(sk);
486 struct ipcm_cookie ipc;
487 struct rtable *rt = NULL;
488 struct flowi4 fl4;
489 u8 tos, scope;
490 int free = 0;
491 __be32 daddr;
492 __be32 saddr;
493 int uc_index, err;
494 struct ip_options_data opt_copy;
495 struct raw_frag_vec rfv;
496 int hdrincl;
497
498 err = -EMSGSIZE;
499 if (len > 0xFFFF)
500 goto out;
501
502 hdrincl = inet_test_bit(HDRINCL, sk);
503
504 /*
505 * Check the flags.
506 */
507
508 err = -EOPNOTSUPP;
509 if (msg->msg_flags & MSG_OOB) /* Mirror BSD error message */
510 goto out; /* compatibility */
511
512 /*
513 * Get and verify the address.
514 */
515
516 if (msg->msg_namelen) {
517 DECLARE_SOCKADDR(struct sockaddr_in *, usin, msg->msg_name);
518 err = -EINVAL;
519 if (msg->msg_namelen < sizeof(*usin))
520 goto out;
521 if (usin->sin_family != AF_INET) {
522 pr_info_once("%s: %s forgot to set AF_INET. Fix it!\n",
523 __func__, current->comm);
524 err = -EAFNOSUPPORT;
525 if (usin->sin_family)
526 goto out;
527 }
528 daddr = usin->sin_addr.s_addr;
529 /* ANK: I did not forget to get protocol from port field.
530 * I just do not know, who uses this weirdness.
531 * IP_HDRINCL is much more convenient.
532 */
533 } else {
534 err = -EDESTADDRREQ;
535 if (sk->sk_state != TCP_ESTABLISHED)
536 goto out;
537 daddr = inet->inet_daddr;
538 }
539
540 ipcm_init_sk(ipcm: &ipc, inet);
541 /* Keep backward compat */
542 if (hdrincl)
543 ipc.protocol = IPPROTO_RAW;
544
545 if (msg->msg_controllen) {
546 err = ip_cmsg_send(sk, msg, ipc: &ipc, allow_ipv6: false);
547 if (unlikely(err)) {
548 kfree(objp: ipc.opt);
549 goto out;
550 }
551 if (ipc.opt)
552 free = 1;
553 }
554
555 saddr = ipc.addr;
556 ipc.addr = daddr;
557
558 if (!ipc.opt) {
559 struct ip_options_rcu *inet_opt;
560
561 rcu_read_lock();
562 inet_opt = rcu_dereference(inet->inet_opt);
563 if (inet_opt) {
564 memcpy(&opt_copy, inet_opt,
565 sizeof(*inet_opt) + inet_opt->opt.optlen);
566 ipc.opt = &opt_copy.opt;
567 }
568 rcu_read_unlock();
569 }
570
571 if (ipc.opt) {
572 err = -EINVAL;
573 /* Linux does not mangle headers on raw sockets,
574 * so that IP options + IP_HDRINCL is non-sense.
575 */
576 if (hdrincl)
577 goto done;
578 if (ipc.opt->opt.srr) {
579 if (!daddr)
580 goto done;
581 daddr = ipc.opt->opt.faddr;
582 }
583 }
584 tos = get_rttos(ipc: &ipc, inet);
585 scope = ip_sendmsg_scope(inet, ipc: &ipc, msg);
586
587 uc_index = READ_ONCE(inet->uc_index);
588 if (ipv4_is_multicast(addr: daddr)) {
589 if (!ipc.oif || netif_index_is_l3_master(net: sock_net(sk), ifindex: ipc.oif))
590 ipc.oif = READ_ONCE(inet->mc_index);
591 if (!saddr)
592 saddr = READ_ONCE(inet->mc_addr);
593 } else if (!ipc.oif) {
594 ipc.oif = uc_index;
595 } else if (ipv4_is_lbcast(addr: daddr) && uc_index) {
596 /* oif is set, packet is to local broadcast
597 * and uc_index is set. oif is most likely set
598 * by sk_bound_dev_if. If uc_index != oif check if the
599 * oif is an L3 master and uc_index is an L3 slave.
600 * If so, we want to allow the send using the uc_index.
601 */
602 if (ipc.oif != uc_index &&
603 ipc.oif == l3mdev_master_ifindex_by_index(net: sock_net(sk),
604 ifindex: uc_index)) {
605 ipc.oif = uc_index;
606 }
607 }
608
609 flowi4_init_output(fl4: &fl4, oif: ipc.oif, mark: ipc.sockc.mark, tos, scope,
610 proto: hdrincl ? ipc.protocol : sk->sk_protocol,
611 flags: inet_sk_flowi_flags(sk) |
612 (hdrincl ? FLOWI_FLAG_KNOWN_NH : 0),
613 daddr, saddr, dport: 0, sport: 0, uid: sk->sk_uid);
614
615 if (!hdrincl) {
616 rfv.msg = msg;
617 rfv.hlen = 0;
618
619 err = raw_probe_proto_opt(rfv: &rfv, fl4: &fl4);
620 if (err)
621 goto done;
622 }
623
624 security_sk_classify_flow(sk, flic: flowi4_to_flowi_common(fl4: &fl4));
625 rt = ip_route_output_flow(net, flp: &fl4, sk);
626 if (IS_ERR(ptr: rt)) {
627 err = PTR_ERR(ptr: rt);
628 rt = NULL;
629 goto done;
630 }
631
632 err = -EACCES;
633 if (rt->rt_flags & RTCF_BROADCAST && !sock_flag(sk, flag: SOCK_BROADCAST))
634 goto done;
635
636 if (msg->msg_flags & MSG_CONFIRM)
637 goto do_confirm;
638back_from_confirm:
639
640 if (hdrincl)
641 err = raw_send_hdrinc(sk, fl4: &fl4, msg, length: len,
642 rtp: &rt, flags: msg->msg_flags, sockc: &ipc.sockc);
643
644 else {
645 if (!ipc.addr)
646 ipc.addr = fl4.daddr;
647 lock_sock(sk);
648 err = ip_append_data(sk, fl4: &fl4, getfrag: raw_getfrag,
649 from: &rfv, len, protolen: 0,
650 ipc: &ipc, rt: &rt, flags: msg->msg_flags);
651 if (err)
652 ip_flush_pending_frames(sk);
653 else if (!(msg->msg_flags & MSG_MORE)) {
654 err = ip_push_pending_frames(sk, fl4: &fl4);
655 if (err == -ENOBUFS && !inet_test_bit(RECVERR, sk))
656 err = 0;
657 }
658 release_sock(sk);
659 }
660done:
661 if (free)
662 kfree(objp: ipc.opt);
663 ip_rt_put(rt);
664
665out:
666 if (err < 0)
667 return err;
668 return len;
669
670do_confirm:
671 if (msg->msg_flags & MSG_PROBE)
672 dst_confirm_neigh(dst: &rt->dst, daddr: &fl4.daddr);
673 if (!(msg->msg_flags & MSG_PROBE) || len)
674 goto back_from_confirm;
675 err = 0;
676 goto done;
677}
678
679static void raw_close(struct sock *sk, long timeout)
680{
681 /*
682 * Raw sockets may have direct kernel references. Kill them.
683 */
684 ip_ra_control(sk, on: 0, NULL);
685
686 sk_common_release(sk);
687}
688
689static void raw_destroy(struct sock *sk)
690{
691 lock_sock(sk);
692 ip_flush_pending_frames(sk);
693 release_sock(sk);
694}
695
696/* This gets rid of all the nasties in af_inet. -DaveM */
697static int raw_bind(struct sock *sk, struct sockaddr *uaddr, int addr_len)
698{
699 struct inet_sock *inet = inet_sk(sk);
700 struct sockaddr_in *addr = (struct sockaddr_in *) uaddr;
701 struct net *net = sock_net(sk);
702 u32 tb_id = RT_TABLE_LOCAL;
703 int ret = -EINVAL;
704 int chk_addr_ret;
705
706 lock_sock(sk);
707 if (sk->sk_state != TCP_CLOSE || addr_len < sizeof(struct sockaddr_in))
708 goto out;
709
710 if (sk->sk_bound_dev_if)
711 tb_id = l3mdev_fib_table_by_index(net,
712 ifindex: sk->sk_bound_dev_if) ? : tb_id;
713
714 chk_addr_ret = inet_addr_type_table(net, addr: addr->sin_addr.s_addr, tb_id);
715
716 ret = -EADDRNOTAVAIL;
717 if (!inet_addr_valid_or_nonlocal(net, inet, addr: addr->sin_addr.s_addr,
718 addr_type: chk_addr_ret))
719 goto out;
720
721 inet->inet_rcv_saddr = inet->inet_saddr = addr->sin_addr.s_addr;
722 if (chk_addr_ret == RTN_MULTICAST || chk_addr_ret == RTN_BROADCAST)
723 inet->inet_saddr = 0; /* Use device */
724 sk_dst_reset(sk);
725 ret = 0;
726out:
727 release_sock(sk);
728 return ret;
729}
730
731/*
732 * This should be easy, if there is something there
733 * we return it, otherwise we block.
734 */
735
736static int raw_recvmsg(struct sock *sk, struct msghdr *msg, size_t len,
737 int flags, int *addr_len)
738{
739 struct inet_sock *inet = inet_sk(sk);
740 size_t copied = 0;
741 int err = -EOPNOTSUPP;
742 DECLARE_SOCKADDR(struct sockaddr_in *, sin, msg->msg_name);
743 struct sk_buff *skb;
744
745 if (flags & MSG_OOB)
746 goto out;
747
748 if (flags & MSG_ERRQUEUE) {
749 err = ip_recv_error(sk, msg, len, addr_len);
750 goto out;
751 }
752
753 skb = skb_recv_datagram(sk, flags, err: &err);
754 if (!skb)
755 goto out;
756
757 copied = skb->len;
758 if (len < copied) {
759 msg->msg_flags |= MSG_TRUNC;
760 copied = len;
761 }
762
763 err = skb_copy_datagram_msg(from: skb, offset: 0, msg, size: copied);
764 if (err)
765 goto done;
766
767 sock_recv_cmsgs(msg, sk, skb);
768
769 /* Copy the address. */
770 if (sin) {
771 sin->sin_family = AF_INET;
772 sin->sin_addr.s_addr = ip_hdr(skb)->saddr;
773 sin->sin_port = 0;
774 memset(&sin->sin_zero, 0, sizeof(sin->sin_zero));
775 *addr_len = sizeof(*sin);
776 }
777 if (inet_cmsg_flags(inet))
778 ip_cmsg_recv(msg, skb);
779 if (flags & MSG_TRUNC)
780 copied = skb->len;
781done:
782 skb_free_datagram(sk, skb);
783out:
784 if (err)
785 return err;
786 return copied;
787}
788
789static int raw_sk_init(struct sock *sk)
790{
791 struct raw_sock *rp = raw_sk(sk);
792
793 if (inet_sk(sk)->inet_num == IPPROTO_ICMP)
794 memset(&rp->filter, 0, sizeof(rp->filter));
795 return 0;
796}
797
798static int raw_seticmpfilter(struct sock *sk, sockptr_t optval, int optlen)
799{
800 if (optlen > sizeof(struct icmp_filter))
801 optlen = sizeof(struct icmp_filter);
802 if (copy_from_sockptr(dst: &raw_sk(sk)->filter, src: optval, size: optlen))
803 return -EFAULT;
804 return 0;
805}
806
807static int raw_geticmpfilter(struct sock *sk, char __user *optval, int __user *optlen)
808{
809 int len, ret = -EFAULT;
810
811 if (get_user(len, optlen))
812 goto out;
813 ret = -EINVAL;
814 if (len < 0)
815 goto out;
816 if (len > sizeof(struct icmp_filter))
817 len = sizeof(struct icmp_filter);
818 ret = -EFAULT;
819 if (put_user(len, optlen) ||
820 copy_to_user(to: optval, from: &raw_sk(sk)->filter, n: len))
821 goto out;
822 ret = 0;
823out: return ret;
824}
825
826static int do_raw_setsockopt(struct sock *sk, int optname,
827 sockptr_t optval, unsigned int optlen)
828{
829 if (optname == ICMP_FILTER) {
830 if (inet_sk(sk)->inet_num != IPPROTO_ICMP)
831 return -EOPNOTSUPP;
832 else
833 return raw_seticmpfilter(sk, optval, optlen);
834 }
835 return -ENOPROTOOPT;
836}
837
838static int raw_setsockopt(struct sock *sk, int level, int optname,
839 sockptr_t optval, unsigned int optlen)
840{
841 if (level != SOL_RAW)
842 return ip_setsockopt(sk, level, optname, optval, optlen);
843 return do_raw_setsockopt(sk, optname, optval, optlen);
844}
845
846static int do_raw_getsockopt(struct sock *sk, int optname,
847 char __user *optval, int __user *optlen)
848{
849 if (optname == ICMP_FILTER) {
850 if (inet_sk(sk)->inet_num != IPPROTO_ICMP)
851 return -EOPNOTSUPP;
852 else
853 return raw_geticmpfilter(sk, optval, optlen);
854 }
855 return -ENOPROTOOPT;
856}
857
858static int raw_getsockopt(struct sock *sk, int level, int optname,
859 char __user *optval, int __user *optlen)
860{
861 if (level != SOL_RAW)
862 return ip_getsockopt(sk, level, optname, optval, optlen);
863 return do_raw_getsockopt(sk, optname, optval, optlen);
864}
865
866static int raw_ioctl(struct sock *sk, int cmd, int *karg)
867{
868 switch (cmd) {
869 case SIOCOUTQ: {
870 *karg = sk_wmem_alloc_get(sk);
871 return 0;
872 }
873 case SIOCINQ: {
874 struct sk_buff *skb;
875
876 spin_lock_bh(lock: &sk->sk_receive_queue.lock);
877 skb = skb_peek(list_: &sk->sk_receive_queue);
878 if (skb)
879 *karg = skb->len;
880 else
881 *karg = 0;
882 spin_unlock_bh(lock: &sk->sk_receive_queue.lock);
883 return 0;
884 }
885
886 default:
887#ifdef CONFIG_IP_MROUTE
888 return ipmr_ioctl(sk, cmd, arg: karg);
889#else
890 return -ENOIOCTLCMD;
891#endif
892 }
893}
894
895#ifdef CONFIG_COMPAT
896static int compat_raw_ioctl(struct sock *sk, unsigned int cmd, unsigned long arg)
897{
898 switch (cmd) {
899 case SIOCOUTQ:
900 case SIOCINQ:
901 return -ENOIOCTLCMD;
902 default:
903#ifdef CONFIG_IP_MROUTE
904 return ipmr_compat_ioctl(sk, cmd, arg: compat_ptr(uptr: arg));
905#else
906 return -ENOIOCTLCMD;
907#endif
908 }
909}
910#endif
911
912int raw_abort(struct sock *sk, int err)
913{
914 lock_sock(sk);
915
916 sk->sk_err = err;
917 sk_error_report(sk);
918 __udp_disconnect(sk, flags: 0);
919
920 release_sock(sk);
921
922 return 0;
923}
924EXPORT_SYMBOL_GPL(raw_abort);
925
926struct proto raw_prot = {
927 .name = "RAW",
928 .owner = THIS_MODULE,
929 .close = raw_close,
930 .destroy = raw_destroy,
931 .connect = ip4_datagram_connect,
932 .disconnect = __udp_disconnect,
933 .ioctl = raw_ioctl,
934 .init = raw_sk_init,
935 .setsockopt = raw_setsockopt,
936 .getsockopt = raw_getsockopt,
937 .sendmsg = raw_sendmsg,
938 .recvmsg = raw_recvmsg,
939 .bind = raw_bind,
940 .backlog_rcv = raw_rcv_skb,
941 .release_cb = ip4_datagram_release_cb,
942 .hash = raw_hash_sk,
943 .unhash = raw_unhash_sk,
944 .obj_size = sizeof(struct raw_sock),
945 .useroffset = offsetof(struct raw_sock, filter),
946 .usersize = sizeof_field(struct raw_sock, filter),
947 .h.raw_hash = &raw_v4_hashinfo,
948#ifdef CONFIG_COMPAT
949 .compat_ioctl = compat_raw_ioctl,
950#endif
951 .diag_destroy = raw_abort,
952};
953
954#ifdef CONFIG_PROC_FS
955static struct sock *raw_get_first(struct seq_file *seq, int bucket)
956{
957 struct raw_hashinfo *h = pde_data(inode: file_inode(f: seq->file));
958 struct raw_iter_state *state = raw_seq_private(seq);
959 struct hlist_head *hlist;
960 struct sock *sk;
961
962 for (state->bucket = bucket; state->bucket < RAW_HTABLE_SIZE;
963 ++state->bucket) {
964 hlist = &h->ht[state->bucket];
965 sk_for_each(sk, hlist) {
966 if (sock_net(sk) == seq_file_net(seq))
967 return sk;
968 }
969 }
970 return NULL;
971}
972
973static struct sock *raw_get_next(struct seq_file *seq, struct sock *sk)
974{
975 struct raw_iter_state *state = raw_seq_private(seq);
976
977 do {
978 sk = sk_next(sk);
979 } while (sk && sock_net(sk) != seq_file_net(seq));
980
981 if (!sk)
982 return raw_get_first(seq, bucket: state->bucket + 1);
983 return sk;
984}
985
986static struct sock *raw_get_idx(struct seq_file *seq, loff_t pos)
987{
988 struct sock *sk = raw_get_first(seq, bucket: 0);
989
990 if (sk)
991 while (pos && (sk = raw_get_next(seq, sk)) != NULL)
992 --pos;
993 return pos ? NULL : sk;
994}
995
996void *raw_seq_start(struct seq_file *seq, loff_t *pos)
997 __acquires(&h->lock)
998{
999 struct raw_hashinfo *h = pde_data(inode: file_inode(f: seq->file));
1000
1001 spin_lock(lock: &h->lock);
1002
1003 return *pos ? raw_get_idx(seq, pos: *pos - 1) : SEQ_START_TOKEN;
1004}
1005EXPORT_SYMBOL_GPL(raw_seq_start);
1006
1007void *raw_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1008{
1009 struct sock *sk;
1010
1011 if (v == SEQ_START_TOKEN)
1012 sk = raw_get_first(seq, bucket: 0);
1013 else
1014 sk = raw_get_next(seq, sk: v);
1015 ++*pos;
1016 return sk;
1017}
1018EXPORT_SYMBOL_GPL(raw_seq_next);
1019
1020void raw_seq_stop(struct seq_file *seq, void *v)
1021 __releases(&h->lock)
1022{
1023 struct raw_hashinfo *h = pde_data(inode: file_inode(f: seq->file));
1024
1025 spin_unlock(lock: &h->lock);
1026}
1027EXPORT_SYMBOL_GPL(raw_seq_stop);
1028
1029static void raw_sock_seq_show(struct seq_file *seq, struct sock *sp, int i)
1030{
1031 struct inet_sock *inet = inet_sk(sp);
1032 __be32 dest = inet->inet_daddr,
1033 src = inet->inet_rcv_saddr;
1034 __u16 destp = 0,
1035 srcp = inet->inet_num;
1036
1037 seq_printf(m: seq, fmt: "%4d: %08X:%04X %08X:%04X"
1038 " %02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %u\n",
1039 i, src, srcp, dest, destp, sp->sk_state,
1040 sk_wmem_alloc_get(sk: sp),
1041 sk_rmem_alloc_get(sk: sp),
1042 0, 0L, 0,
1043 from_kuid_munged(to: seq_user_ns(seq), uid: sock_i_uid(sk: sp)),
1044 0, sock_i_ino(sk: sp),
1045 refcount_read(r: &sp->sk_refcnt), sp, atomic_read(v: &sp->sk_drops));
1046}
1047
1048static int raw_seq_show(struct seq_file *seq, void *v)
1049{
1050 if (v == SEQ_START_TOKEN)
1051 seq_printf(m: seq, fmt: " sl local_address rem_address st tx_queue "
1052 "rx_queue tr tm->when retrnsmt uid timeout "
1053 "inode ref pointer drops\n");
1054 else
1055 raw_sock_seq_show(seq, sp: v, i: raw_seq_private(seq)->bucket);
1056 return 0;
1057}
1058
1059static const struct seq_operations raw_seq_ops = {
1060 .start = raw_seq_start,
1061 .next = raw_seq_next,
1062 .stop = raw_seq_stop,
1063 .show = raw_seq_show,
1064};
1065
1066static __net_init int raw_init_net(struct net *net)
1067{
1068 if (!proc_create_net_data(name: "raw", mode: 0444, parent: net->proc_net, ops: &raw_seq_ops,
1069 state_size: sizeof(struct raw_iter_state), data: &raw_v4_hashinfo))
1070 return -ENOMEM;
1071
1072 return 0;
1073}
1074
1075static __net_exit void raw_exit_net(struct net *net)
1076{
1077 remove_proc_entry("raw", net->proc_net);
1078}
1079
1080static __net_initdata struct pernet_operations raw_net_ops = {
1081 .init = raw_init_net,
1082 .exit = raw_exit_net,
1083};
1084
1085int __init raw_proc_init(void)
1086{
1087
1088 return register_pernet_subsys(&raw_net_ops);
1089}
1090
1091void __init raw_proc_exit(void)
1092{
1093 unregister_pernet_subsys(&raw_net_ops);
1094}
1095#endif /* CONFIG_PROC_FS */
1096
1097static void raw_sysctl_init_net(struct net *net)
1098{
1099#ifdef CONFIG_NET_L3_MASTER_DEV
1100 net->ipv4.sysctl_raw_l3mdev_accept = 1;
1101#endif
1102}
1103
1104static int __net_init raw_sysctl_init(struct net *net)
1105{
1106 raw_sysctl_init_net(net);
1107 return 0;
1108}
1109
1110static struct pernet_operations __net_initdata raw_sysctl_ops = {
1111 .init = raw_sysctl_init,
1112};
1113
1114void __init raw_init(void)
1115{
1116 raw_sysctl_init_net(net: &init_net);
1117 if (register_pernet_subsys(&raw_sysctl_ops))
1118 panic(fmt: "RAW: failed to init sysctl parameters.\n");
1119}
1120

source code of linux/net/ipv4/raw.c