1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * INET An implementation of the TCP/IP protocol suite for the LINUX
4 * operating system. INET is implemented using the BSD Socket
5 * interface as the means of communication with the user level.
7 * Generic socket support routines. Memory allocators, socket lock/release
8 * handler for protocols to use and generic option handler.
11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Florian La Roche, <flla@stud.uni-sb.de>
13 * Alan Cox, <A.Cox@swansea.ac.uk>
16 * Alan Cox : Numerous verify_area() problems
17 * Alan Cox : Connecting on a connecting socket
18 * now returns an error for tcp.
19 * Alan Cox : sock->protocol is set correctly.
20 * and is not sometimes left as 0.
21 * Alan Cox : connect handles icmp errors on a
22 * connect properly. Unfortunately there
23 * is a restart syscall nasty there. I
24 * can't match BSD without hacking the C
25 * library. Ideas urgently sought!
26 * Alan Cox : Disallow bind() to addresses that are
27 * not ours - especially broadcast ones!!
28 * Alan Cox : Socket 1024 _IS_ ok for users. (fencepost)
29 * Alan Cox : sock_wfree/sock_rfree don't destroy sockets,
30 * instead they leave that for the DESTROY timer.
31 * Alan Cox : Clean up error flag in accept
32 * Alan Cox : TCP ack handling is buggy, the DESTROY timer
33 * was buggy. Put a remove_sock() in the handler
34 * for memory when we hit 0. Also altered the timer
35 * code. The ACK stuff can wait and needs major
37 * Alan Cox : Fixed TCP ack bug, removed remove sock
38 * and fixed timer/inet_bh race.
39 * Alan Cox : Added zapped flag for TCP
40 * Alan Cox : Move kfree_skb into skbuff.c and tidied up surplus code
41 * Alan Cox : for new sk_buff allocations wmalloc/rmalloc now call alloc_skb
42 * Alan Cox : kfree_s calls now are kfree_skbmem so we can track skb resources
43 * Alan Cox : Supports socket option broadcast now as does udp. Packet and raw need fixing.
44 * Alan Cox : Added RCVBUF,SNDBUF size setting. It suddenly occurred to me how easy it was so...
45 * Rick Sladkey : Relaxed UDP rules for matching packets.
46 * C.E.Hawkins : IFF_PROMISC/SIOCGHWADDR support
47 * Pauline Middelink : identd support
48 * Alan Cox : Fixed connect() taking signals I think.
49 * Alan Cox : SO_LINGER supported
50 * Alan Cox : Error reporting fixes
51 * Anonymous : inet_create tidied up (sk->reuse setting)
52 * Alan Cox : inet sockets don't set sk->type!
53 * Alan Cox : Split socket option code
54 * Alan Cox : Callbacks
55 * Alan Cox : Nagle flag for Charles & Johannes stuff
56 * Alex : Removed restriction on inet fioctl
57 * Alan Cox : Splitting INET from NET core
58 * Alan Cox : Fixed bogus SO_TYPE handling in getsockopt()
59 * Adam Caldwell : Missing return in SO_DONTROUTE/SO_DEBUG code
60 * Alan Cox : Split IP from generic code
61 * Alan Cox : New kfree_skbmem()
62 * Alan Cox : Make SO_DEBUG superuser only.
63 * Alan Cox : Allow anyone to clear SO_DEBUG
65 * Alan Cox : Added optimistic memory grabbing for AF_UNIX throughput.
66 * Alan Cox : Allocator for a socket is settable.
67 * Alan Cox : SO_ERROR includes soft errors.
68 * Alan Cox : Allow NULL arguments on some SO_ opts
69 * Alan Cox : Generic socket allocation to make hooks
70 * easier (suggested by Craig Metz).
71 * Michael Pall : SO_ERROR returns positive errno again
72 * Steve Whitehouse: Added default destructor to free
73 * protocol private data.
74 * Steve Whitehouse: Added various other default routines
75 * common to several socket families.
76 * Chris Evans : Call suser() check last on F_SETOWN
77 * Jay Schulist : Added SO_ATTACH_FILTER and SO_DETACH_FILTER.
78 * Andi Kleen : Add sock_kmalloc()/sock_kfree_s()
79 * Andi Kleen : Fix write_space callback
80 * Chris Evans : Security fixes - signedness again
81 * Arnaldo C. Melo : cleanups, use skb_queue_purge
86 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
88 #include <asm/unaligned.h>
89 #include <linux/capability.h>
90 #include <linux/errno.h>
91 #include <linux/errqueue.h>
92 #include <linux/types.h>
93 #include <linux/socket.h>
95 #include <linux/kernel.h>
96 #include <linux/module.h>
97 #include <linux/proc_fs.h>
98 #include <linux/seq_file.h>
99 #include <linux/sched.h>
100 #include <linux/sched/mm.h>
101 #include <linux/timer.h>
102 #include <linux/string.h>
103 #include <linux/sockios.h>
104 #include <linux/net.h>
105 #include <linux/mm.h>
106 #include <linux/slab.h>
107 #include <linux/interrupt.h>
108 #include <linux/poll.h>
109 #include <linux/tcp.h>
110 #include <linux/init.h>
111 #include <linux/highmem.h>
112 #include <linux/user_namespace.h>
113 #include <linux/static_key.h>
114 #include <linux/memcontrol.h>
115 #include <linux/prefetch.h>
116 #include <linux/compat.h>
118 #include <linux/uaccess.h>
120 #include <linux/netdevice.h>
121 #include <net/protocol.h>
122 #include <linux/skbuff.h>
123 #include <net/net_namespace.h>
124 #include <net/request_sock.h>
125 #include <net/sock.h>
126 #include <linux/net_tstamp.h>
127 #include <net/xfrm.h>
128 #include <linux/ipsec.h>
129 #include <net/cls_cgroup.h>
130 #include <net/netprio_cgroup.h>
131 #include <linux/sock_diag.h>
133 #include <linux/filter.h>
134 #include <net/sock_reuseport.h>
135 #include <net/bpf_sk_storage.h>
137 #include <trace/events/sock.h>
140 #include <net/busy_poll.h>
142 #include <linux/ethtool.h>
146 static DEFINE_MUTEX(proto_list_mutex);
147 static LIST_HEAD(proto_list);
149 static void sock_def_write_space_wfree(struct sock *sk);
150 static void sock_def_write_space(struct sock *sk);
153 * sk_ns_capable - General socket capability test
154 * @sk: Socket to use a capability on or through
155 * @user_ns: The user namespace of the capability to use
156 * @cap: The capability to use
158 * Test to see if the opener of the socket had when the socket was
159 * created and the current process has the capability @cap in the user
160 * namespace @user_ns.
162 bool sk_ns_capable(const struct sock *sk,
163 struct user_namespace *user_ns, int cap)
165 return file_ns_capable(sk->sk_socket->file, user_ns, cap) &&
166 ns_capable(user_ns, cap);
168 EXPORT_SYMBOL(sk_ns_capable);
171 * sk_capable - Socket global capability test
172 * @sk: Socket to use a capability on or through
173 * @cap: The global capability to use
175 * Test to see if the opener of the socket had when the socket was
176 * created and the current process has the capability @cap in all user
179 bool sk_capable(const struct sock *sk, int cap)
181 return sk_ns_capable(sk, &init_user_ns, cap);
183 EXPORT_SYMBOL(sk_capable);
186 * sk_net_capable - Network namespace socket capability test
187 * @sk: Socket to use a capability on or through
188 * @cap: The capability to use
190 * Test to see if the opener of the socket had when the socket was created
191 * and the current process has the capability @cap over the network namespace
192 * the socket is a member of.
194 bool sk_net_capable(const struct sock *sk, int cap)
196 return sk_ns_capable(sk, sock_net(sk)->user_ns, cap);
198 EXPORT_SYMBOL(sk_net_capable);
201 * Each address family might have different locking rules, so we have
202 * one slock key per address family and separate keys for internal and
205 static struct lock_class_key af_family_keys[AF_MAX];
206 static struct lock_class_key af_family_kern_keys[AF_MAX];
207 static struct lock_class_key af_family_slock_keys[AF_MAX];
208 static struct lock_class_key af_family_kern_slock_keys[AF_MAX];
211 * Make lock validator output more readable. (we pre-construct these
212 * strings build-time, so that runtime initialization of socket
216 #define _sock_locks(x) \
217 x "AF_UNSPEC", x "AF_UNIX" , x "AF_INET" , \
218 x "AF_AX25" , x "AF_IPX" , x "AF_APPLETALK", \
219 x "AF_NETROM", x "AF_BRIDGE" , x "AF_ATMPVC" , \
220 x "AF_X25" , x "AF_INET6" , x "AF_ROSE" , \
221 x "AF_DECnet", x "AF_NETBEUI" , x "AF_SECURITY" , \
222 x "AF_KEY" , x "AF_NETLINK" , x "AF_PACKET" , \
223 x "AF_ASH" , x "AF_ECONET" , x "AF_ATMSVC" , \
224 x "AF_RDS" , x "AF_SNA" , x "AF_IRDA" , \
225 x "AF_PPPOX" , x "AF_WANPIPE" , x "AF_LLC" , \
226 x "27" , x "28" , x "AF_CAN" , \
227 x "AF_TIPC" , x "AF_BLUETOOTH", x "IUCV" , \
228 x "AF_RXRPC" , x "AF_ISDN" , x "AF_PHONET" , \
229 x "AF_IEEE802154", x "AF_CAIF" , x "AF_ALG" , \
230 x "AF_NFC" , x "AF_VSOCK" , x "AF_KCM" , \
231 x "AF_QIPCRTR", x "AF_SMC" , x "AF_XDP" , \
235 static const char *const af_family_key_strings[AF_MAX+1] = {
236 _sock_locks("sk_lock-")
238 static const char *const af_family_slock_key_strings[AF_MAX+1] = {
239 _sock_locks("slock-")
241 static const char *const af_family_clock_key_strings[AF_MAX+1] = {
242 _sock_locks("clock-")
245 static const char *const af_family_kern_key_strings[AF_MAX+1] = {
246 _sock_locks("k-sk_lock-")
248 static const char *const af_family_kern_slock_key_strings[AF_MAX+1] = {
249 _sock_locks("k-slock-")
251 static const char *const af_family_kern_clock_key_strings[AF_MAX+1] = {
252 _sock_locks("k-clock-")
254 static const char *const af_family_rlock_key_strings[AF_MAX+1] = {
255 _sock_locks("rlock-")
257 static const char *const af_family_wlock_key_strings[AF_MAX+1] = {
258 _sock_locks("wlock-")
260 static const char *const af_family_elock_key_strings[AF_MAX+1] = {
261 _sock_locks("elock-")
265 * sk_callback_lock and sk queues locking rules are per-address-family,
266 * so split the lock classes by using a per-AF key:
268 static struct lock_class_key af_callback_keys[AF_MAX];
269 static struct lock_class_key af_rlock_keys[AF_MAX];
270 static struct lock_class_key af_wlock_keys[AF_MAX];
271 static struct lock_class_key af_elock_keys[AF_MAX];
272 static struct lock_class_key af_kern_callback_keys[AF_MAX];
274 /* Run time adjustable parameters. */
275 __u32 sysctl_wmem_max __read_mostly = SK_WMEM_MAX;
276 EXPORT_SYMBOL(sysctl_wmem_max);
277 __u32 sysctl_rmem_max __read_mostly = SK_RMEM_MAX;
278 EXPORT_SYMBOL(sysctl_rmem_max);
279 __u32 sysctl_wmem_default __read_mostly = SK_WMEM_MAX;
280 __u32 sysctl_rmem_default __read_mostly = SK_RMEM_MAX;
282 /* Maximal space eaten by iovec or ancillary data plus some space */
283 int sysctl_optmem_max __read_mostly = sizeof(unsigned long)*(2*UIO_MAXIOV+512);
284 EXPORT_SYMBOL(sysctl_optmem_max);
286 int sysctl_tstamp_allow_data __read_mostly = 1;
288 DEFINE_STATIC_KEY_FALSE(memalloc_socks_key);
289 EXPORT_SYMBOL_GPL(memalloc_socks_key);
292 * sk_set_memalloc - sets %SOCK_MEMALLOC
293 * @sk: socket to set it on
295 * Set %SOCK_MEMALLOC on a socket for access to emergency reserves.
296 * It's the responsibility of the admin to adjust min_free_kbytes
297 * to meet the requirements
299 void sk_set_memalloc(struct sock *sk)
301 sock_set_flag(sk, SOCK_MEMALLOC);
302 sk->sk_allocation |= __GFP_MEMALLOC;
303 static_branch_inc(&memalloc_socks_key);
305 EXPORT_SYMBOL_GPL(sk_set_memalloc);
307 void sk_clear_memalloc(struct sock *sk)
309 sock_reset_flag(sk, SOCK_MEMALLOC);
310 sk->sk_allocation &= ~__GFP_MEMALLOC;
311 static_branch_dec(&memalloc_socks_key);
314 * SOCK_MEMALLOC is allowed to ignore rmem limits to ensure forward
315 * progress of swapping. SOCK_MEMALLOC may be cleared while
316 * it has rmem allocations due to the last swapfile being deactivated
317 * but there is a risk that the socket is unusable due to exceeding
318 * the rmem limits. Reclaim the reserves and obey rmem limits again.
322 EXPORT_SYMBOL_GPL(sk_clear_memalloc);
324 int __sk_backlog_rcv(struct sock *sk, struct sk_buff *skb)
327 unsigned int noreclaim_flag;
329 /* these should have been dropped before queueing */
330 BUG_ON(!sock_flag(sk, SOCK_MEMALLOC));
332 noreclaim_flag = memalloc_noreclaim_save();
333 ret = INDIRECT_CALL_INET(sk->sk_backlog_rcv,
337 memalloc_noreclaim_restore(noreclaim_flag);
341 EXPORT_SYMBOL(__sk_backlog_rcv);
343 void sk_error_report(struct sock *sk)
345 sk->sk_error_report(sk);
347 switch (sk->sk_family) {
351 trace_inet_sk_error_report(sk);
357 EXPORT_SYMBOL(sk_error_report);
359 int sock_get_timeout(long timeo, void *optval, bool old_timeval)
361 struct __kernel_sock_timeval tv;
363 if (timeo == MAX_SCHEDULE_TIMEOUT) {
367 tv.tv_sec = timeo / HZ;
368 tv.tv_usec = ((timeo % HZ) * USEC_PER_SEC) / HZ;
371 if (old_timeval && in_compat_syscall() && !COMPAT_USE_64BIT_TIME) {
372 struct old_timeval32 tv32 = { tv.tv_sec, tv.tv_usec };
373 *(struct old_timeval32 *)optval = tv32;
378 struct __kernel_old_timeval old_tv;
379 old_tv.tv_sec = tv.tv_sec;
380 old_tv.tv_usec = tv.tv_usec;
381 *(struct __kernel_old_timeval *)optval = old_tv;
382 return sizeof(old_tv);
385 *(struct __kernel_sock_timeval *)optval = tv;
388 EXPORT_SYMBOL(sock_get_timeout);
390 int sock_copy_user_timeval(struct __kernel_sock_timeval *tv,
391 sockptr_t optval, int optlen, bool old_timeval)
393 if (old_timeval && in_compat_syscall() && !COMPAT_USE_64BIT_TIME) {
394 struct old_timeval32 tv32;
396 if (optlen < sizeof(tv32))
399 if (copy_from_sockptr(&tv32, optval, sizeof(tv32)))
401 tv->tv_sec = tv32.tv_sec;
402 tv->tv_usec = tv32.tv_usec;
403 } else if (old_timeval) {
404 struct __kernel_old_timeval old_tv;
406 if (optlen < sizeof(old_tv))
408 if (copy_from_sockptr(&old_tv, optval, sizeof(old_tv)))
410 tv->tv_sec = old_tv.tv_sec;
411 tv->tv_usec = old_tv.tv_usec;
413 if (optlen < sizeof(*tv))
415 if (copy_from_sockptr(tv, optval, sizeof(*tv)))
421 EXPORT_SYMBOL(sock_copy_user_timeval);
423 static int sock_set_timeout(long *timeo_p, sockptr_t optval, int optlen,
426 struct __kernel_sock_timeval tv;
427 int err = sock_copy_user_timeval(&tv, optval, optlen, old_timeval);
432 if (tv.tv_usec < 0 || tv.tv_usec >= USEC_PER_SEC)
436 static int warned __read_mostly;
439 if (warned < 10 && net_ratelimit()) {
441 pr_info("%s: `%s' (pid %d) tries to set negative timeout\n",
442 __func__, current->comm, task_pid_nr(current));
446 *timeo_p = MAX_SCHEDULE_TIMEOUT;
447 if (tv.tv_sec == 0 && tv.tv_usec == 0)
449 if (tv.tv_sec < (MAX_SCHEDULE_TIMEOUT / HZ - 1))
450 *timeo_p = tv.tv_sec * HZ + DIV_ROUND_UP((unsigned long)tv.tv_usec, USEC_PER_SEC / HZ);
454 static bool sock_needs_netstamp(const struct sock *sk)
456 switch (sk->sk_family) {
465 static void sock_disable_timestamp(struct sock *sk, unsigned long flags)
467 if (sk->sk_flags & flags) {
468 sk->sk_flags &= ~flags;
469 if (sock_needs_netstamp(sk) &&
470 !(sk->sk_flags & SK_FLAGS_TIMESTAMP))
471 net_disable_timestamp();
476 int __sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
479 struct sk_buff_head *list = &sk->sk_receive_queue;
481 if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf) {
482 atomic_inc(&sk->sk_drops);
483 trace_sock_rcvqueue_full(sk, skb);
487 if (!sk_rmem_schedule(sk, skb, skb->truesize)) {
488 atomic_inc(&sk->sk_drops);
493 skb_set_owner_r(skb, sk);
495 /* we escape from rcu protected region, make sure we dont leak
500 spin_lock_irqsave(&list->lock, flags);
501 sock_skb_set_dropcount(sk, skb);
502 __skb_queue_tail(list, skb);
503 spin_unlock_irqrestore(&list->lock, flags);
505 if (!sock_flag(sk, SOCK_DEAD))
506 sk->sk_data_ready(sk);
509 EXPORT_SYMBOL(__sock_queue_rcv_skb);
511 int sock_queue_rcv_skb_reason(struct sock *sk, struct sk_buff *skb,
512 enum skb_drop_reason *reason)
514 enum skb_drop_reason drop_reason;
517 err = sk_filter(sk, skb);
519 drop_reason = SKB_DROP_REASON_SOCKET_FILTER;
522 err = __sock_queue_rcv_skb(sk, skb);
525 drop_reason = SKB_DROP_REASON_SOCKET_RCVBUFF;
528 drop_reason = SKB_DROP_REASON_PROTO_MEM;
531 drop_reason = SKB_NOT_DROPPED_YET;
536 *reason = drop_reason;
539 EXPORT_SYMBOL(sock_queue_rcv_skb_reason);
541 int __sk_receive_skb(struct sock *sk, struct sk_buff *skb,
542 const int nested, unsigned int trim_cap, bool refcounted)
544 int rc = NET_RX_SUCCESS;
546 if (sk_filter_trim_cap(sk, skb, trim_cap))
547 goto discard_and_relse;
551 if (sk_rcvqueues_full(sk, sk->sk_rcvbuf)) {
552 atomic_inc(&sk->sk_drops);
553 goto discard_and_relse;
556 bh_lock_sock_nested(sk);
559 if (!sock_owned_by_user(sk)) {
561 * trylock + unlock semantics:
563 mutex_acquire(&sk->sk_lock.dep_map, 0, 1, _RET_IP_);
565 rc = sk_backlog_rcv(sk, skb);
567 mutex_release(&sk->sk_lock.dep_map, _RET_IP_);
568 } else if (sk_add_backlog(sk, skb, READ_ONCE(sk->sk_rcvbuf))) {
570 atomic_inc(&sk->sk_drops);
571 goto discard_and_relse;
583 EXPORT_SYMBOL(__sk_receive_skb);
585 INDIRECT_CALLABLE_DECLARE(struct dst_entry *ip6_dst_check(struct dst_entry *,
587 INDIRECT_CALLABLE_DECLARE(struct dst_entry *ipv4_dst_check(struct dst_entry *,
589 struct dst_entry *__sk_dst_check(struct sock *sk, u32 cookie)
591 struct dst_entry *dst = __sk_dst_get(sk);
593 if (dst && dst->obsolete &&
594 INDIRECT_CALL_INET(dst->ops->check, ip6_dst_check, ipv4_dst_check,
595 dst, cookie) == NULL) {
596 sk_tx_queue_clear(sk);
597 sk->sk_dst_pending_confirm = 0;
598 RCU_INIT_POINTER(sk->sk_dst_cache, NULL);
605 EXPORT_SYMBOL(__sk_dst_check);
607 struct dst_entry *sk_dst_check(struct sock *sk, u32 cookie)
609 struct dst_entry *dst = sk_dst_get(sk);
611 if (dst && dst->obsolete &&
612 INDIRECT_CALL_INET(dst->ops->check, ip6_dst_check, ipv4_dst_check,
613 dst, cookie) == NULL) {
621 EXPORT_SYMBOL(sk_dst_check);
623 static int sock_bindtoindex_locked(struct sock *sk, int ifindex)
625 int ret = -ENOPROTOOPT;
626 #ifdef CONFIG_NETDEVICES
627 struct net *net = sock_net(sk);
631 if (sk->sk_bound_dev_if && !ns_capable(net->user_ns, CAP_NET_RAW))
638 /* Paired with all READ_ONCE() done locklessly. */
639 WRITE_ONCE(sk->sk_bound_dev_if, ifindex);
641 if (sk->sk_prot->rehash)
642 sk->sk_prot->rehash(sk);
653 int sock_bindtoindex(struct sock *sk, int ifindex, bool lock_sk)
659 ret = sock_bindtoindex_locked(sk, ifindex);
665 EXPORT_SYMBOL(sock_bindtoindex);
667 static int sock_setbindtodevice(struct sock *sk, sockptr_t optval, int optlen)
669 int ret = -ENOPROTOOPT;
670 #ifdef CONFIG_NETDEVICES
671 struct net *net = sock_net(sk);
672 char devname[IFNAMSIZ];
679 /* Bind this socket to a particular device like "eth0",
680 * as specified in the passed interface name. If the
681 * name is "" or the option length is zero the socket
684 if (optlen > IFNAMSIZ - 1)
685 optlen = IFNAMSIZ - 1;
686 memset(devname, 0, sizeof(devname));
689 if (copy_from_sockptr(devname, optval, optlen))
693 if (devname[0] != '\0') {
694 struct net_device *dev;
697 dev = dev_get_by_name_rcu(net, devname);
699 index = dev->ifindex;
706 return sock_bindtoindex(sk, index, true);
713 static int sock_getbindtodevice(struct sock *sk, char __user *optval,
714 int __user *optlen, int len)
716 int ret = -ENOPROTOOPT;
717 #ifdef CONFIG_NETDEVICES
718 int bound_dev_if = READ_ONCE(sk->sk_bound_dev_if);
719 struct net *net = sock_net(sk);
720 char devname[IFNAMSIZ];
722 if (bound_dev_if == 0) {
731 ret = netdev_get_name(net, devname, bound_dev_if);
735 len = strlen(devname) + 1;
738 if (copy_to_user(optval, devname, len))
743 if (put_user(len, optlen))
754 bool sk_mc_loop(struct sock *sk)
756 if (dev_recursion_level())
760 switch (sk->sk_family) {
762 return inet_sk(sk)->mc_loop;
763 #if IS_ENABLED(CONFIG_IPV6)
765 return inet6_sk(sk)->mc_loop;
771 EXPORT_SYMBOL(sk_mc_loop);
773 void sock_set_reuseaddr(struct sock *sk)
776 sk->sk_reuse = SK_CAN_REUSE;
779 EXPORT_SYMBOL(sock_set_reuseaddr);
781 void sock_set_reuseport(struct sock *sk)
784 sk->sk_reuseport = true;
787 EXPORT_SYMBOL(sock_set_reuseport);
789 void sock_no_linger(struct sock *sk)
792 sk->sk_lingertime = 0;
793 sock_set_flag(sk, SOCK_LINGER);
796 EXPORT_SYMBOL(sock_no_linger);
798 void sock_set_priority(struct sock *sk, u32 priority)
801 sk->sk_priority = priority;
804 EXPORT_SYMBOL(sock_set_priority);
806 void sock_set_sndtimeo(struct sock *sk, s64 secs)
809 if (secs && secs < MAX_SCHEDULE_TIMEOUT / HZ - 1)
810 sk->sk_sndtimeo = secs * HZ;
812 sk->sk_sndtimeo = MAX_SCHEDULE_TIMEOUT;
815 EXPORT_SYMBOL(sock_set_sndtimeo);
817 static void __sock_set_timestamps(struct sock *sk, bool val, bool new, bool ns)
820 sock_valbool_flag(sk, SOCK_TSTAMP_NEW, new);
821 sock_valbool_flag(sk, SOCK_RCVTSTAMPNS, ns);
822 sock_set_flag(sk, SOCK_RCVTSTAMP);
823 sock_enable_timestamp(sk, SOCK_TIMESTAMP);
825 sock_reset_flag(sk, SOCK_RCVTSTAMP);
826 sock_reset_flag(sk, SOCK_RCVTSTAMPNS);
830 void sock_enable_timestamps(struct sock *sk)
833 __sock_set_timestamps(sk, true, false, true);
836 EXPORT_SYMBOL(sock_enable_timestamps);
838 void sock_set_timestamp(struct sock *sk, int optname, bool valbool)
841 case SO_TIMESTAMP_OLD:
842 __sock_set_timestamps(sk, valbool, false, false);
844 case SO_TIMESTAMP_NEW:
845 __sock_set_timestamps(sk, valbool, true, false);
847 case SO_TIMESTAMPNS_OLD:
848 __sock_set_timestamps(sk, valbool, false, true);
850 case SO_TIMESTAMPNS_NEW:
851 __sock_set_timestamps(sk, valbool, true, true);
856 static int sock_timestamping_bind_phc(struct sock *sk, int phc_index)
858 struct net *net = sock_net(sk);
859 struct net_device *dev = NULL;
864 if (sk->sk_bound_dev_if)
865 dev = dev_get_by_index(net, sk->sk_bound_dev_if);
868 pr_err("%s: sock not bind to device\n", __func__);
872 num = ethtool_get_phc_vclocks(dev, &vclock_index);
875 for (i = 0; i < num; i++) {
876 if (*(vclock_index + i) == phc_index) {
888 sk->sk_bind_phc = phc_index;
893 int sock_set_timestamping(struct sock *sk, int optname,
894 struct so_timestamping timestamping)
896 int val = timestamping.flags;
899 if (val & ~SOF_TIMESTAMPING_MASK)
902 if (val & SOF_TIMESTAMPING_OPT_ID &&
903 !(sk->sk_tsflags & SOF_TIMESTAMPING_OPT_ID)) {
905 if ((1 << sk->sk_state) &
906 (TCPF_CLOSE | TCPF_LISTEN))
908 atomic_set(&sk->sk_tskey, tcp_sk(sk)->snd_una);
910 atomic_set(&sk->sk_tskey, 0);
914 if (val & SOF_TIMESTAMPING_OPT_STATS &&
915 !(val & SOF_TIMESTAMPING_OPT_TSONLY))
918 if (val & SOF_TIMESTAMPING_BIND_PHC) {
919 ret = sock_timestamping_bind_phc(sk, timestamping.bind_phc);
924 sk->sk_tsflags = val;
925 sock_valbool_flag(sk, SOCK_TSTAMP_NEW, optname == SO_TIMESTAMPING_NEW);
927 if (val & SOF_TIMESTAMPING_RX_SOFTWARE)
928 sock_enable_timestamp(sk,
929 SOCK_TIMESTAMPING_RX_SOFTWARE);
931 sock_disable_timestamp(sk,
932 (1UL << SOCK_TIMESTAMPING_RX_SOFTWARE));
936 void sock_set_keepalive(struct sock *sk)
939 if (sk->sk_prot->keepalive)
940 sk->sk_prot->keepalive(sk, true);
941 sock_valbool_flag(sk, SOCK_KEEPOPEN, true);
944 EXPORT_SYMBOL(sock_set_keepalive);
946 static void __sock_set_rcvbuf(struct sock *sk, int val)
948 /* Ensure val * 2 fits into an int, to prevent max_t() from treating it
949 * as a negative value.
951 val = min_t(int, val, INT_MAX / 2);
952 sk->sk_userlocks |= SOCK_RCVBUF_LOCK;
954 /* We double it on the way in to account for "struct sk_buff" etc.
955 * overhead. Applications assume that the SO_RCVBUF setting they make
956 * will allow that much actual data to be received on that socket.
958 * Applications are unaware that "struct sk_buff" and other overheads
959 * allocate from the receive buffer during socket buffer allocation.
961 * And after considering the possible alternatives, returning the value
962 * we actually used in getsockopt is the most desirable behavior.
964 WRITE_ONCE(sk->sk_rcvbuf, max_t(int, val * 2, SOCK_MIN_RCVBUF));
967 void sock_set_rcvbuf(struct sock *sk, int val)
970 __sock_set_rcvbuf(sk, val);
973 EXPORT_SYMBOL(sock_set_rcvbuf);
975 static void __sock_set_mark(struct sock *sk, u32 val)
977 if (val != sk->sk_mark) {
983 void sock_set_mark(struct sock *sk, u32 val)
986 __sock_set_mark(sk, val);
989 EXPORT_SYMBOL(sock_set_mark);
991 static void sock_release_reserved_memory(struct sock *sk, int bytes)
993 /* Round down bytes to multiple of pages */
994 bytes = round_down(bytes, PAGE_SIZE);
996 WARN_ON(bytes > sk->sk_reserved_mem);
997 sk->sk_reserved_mem -= bytes;
1001 static int sock_reserve_memory(struct sock *sk, int bytes)
1007 if (!mem_cgroup_sockets_enabled || !sk->sk_memcg || !sk_has_account(sk))
1013 pages = sk_mem_pages(bytes);
1015 /* pre-charge to memcg */
1016 charged = mem_cgroup_charge_skmem(sk->sk_memcg, pages,
1017 GFP_KERNEL | __GFP_RETRY_MAYFAIL);
1021 /* pre-charge to forward_alloc */
1022 sk_memory_allocated_add(sk, pages);
1023 allocated = sk_memory_allocated(sk);
1024 /* If the system goes into memory pressure with this
1025 * precharge, give up and return error.
1027 if (allocated > sk_prot_mem_limits(sk, 1)) {
1028 sk_memory_allocated_sub(sk, pages);
1029 mem_cgroup_uncharge_skmem(sk->sk_memcg, pages);
1032 sk->sk_forward_alloc += pages << PAGE_SHIFT;
1034 sk->sk_reserved_mem += pages << PAGE_SHIFT;
1040 * This is meant for all protocols to use and covers goings on
1041 * at the socket level. Everything here is generic.
1044 int sock_setsockopt(struct socket *sock, int level, int optname,
1045 sockptr_t optval, unsigned int optlen)
1047 struct so_timestamping timestamping;
1048 struct sock_txtime sk_txtime;
1049 struct sock *sk = sock->sk;
1056 * Options without arguments
1059 if (optname == SO_BINDTODEVICE)
1060 return sock_setbindtodevice(sk, optval, optlen);
1062 if (optlen < sizeof(int))
1065 if (copy_from_sockptr(&val, optval, sizeof(val)))
1068 valbool = val ? 1 : 0;
1074 if (val && !capable(CAP_NET_ADMIN))
1077 sock_valbool_flag(sk, SOCK_DBG, valbool);
1080 sk->sk_reuse = (valbool ? SK_CAN_REUSE : SK_NO_REUSE);
1083 sk->sk_reuseport = valbool;
1092 sock_valbool_flag(sk, SOCK_LOCALROUTE, valbool);
1096 sock_valbool_flag(sk, SOCK_BROADCAST, valbool);
1099 /* Don't error on this BSD doesn't and if you think
1100 * about it this is right. Otherwise apps have to
1101 * play 'guess the biggest size' games. RCVBUF/SNDBUF
1102 * are treated in BSD as hints
1104 val = min_t(u32, val, READ_ONCE(sysctl_wmem_max));
1106 /* Ensure val * 2 fits into an int, to prevent max_t()
1107 * from treating it as a negative value.
1109 val = min_t(int, val, INT_MAX / 2);
1110 sk->sk_userlocks |= SOCK_SNDBUF_LOCK;
1111 WRITE_ONCE(sk->sk_sndbuf,
1112 max_t(int, val * 2, SOCK_MIN_SNDBUF));
1113 /* Wake up sending tasks if we upped the value. */
1114 sk->sk_write_space(sk);
1117 case SO_SNDBUFFORCE:
1118 if (!capable(CAP_NET_ADMIN)) {
1123 /* No negative values (to prevent underflow, as val will be
1131 /* Don't error on this BSD doesn't and if you think
1132 * about it this is right. Otherwise apps have to
1133 * play 'guess the biggest size' games. RCVBUF/SNDBUF
1134 * are treated in BSD as hints
1136 __sock_set_rcvbuf(sk, min_t(u32, val, READ_ONCE(sysctl_rmem_max)));
1139 case SO_RCVBUFFORCE:
1140 if (!capable(CAP_NET_ADMIN)) {
1145 /* No negative values (to prevent underflow, as val will be
1148 __sock_set_rcvbuf(sk, max(val, 0));
1152 if (sk->sk_prot->keepalive)
1153 sk->sk_prot->keepalive(sk, valbool);
1154 sock_valbool_flag(sk, SOCK_KEEPOPEN, valbool);
1158 sock_valbool_flag(sk, SOCK_URGINLINE, valbool);
1162 sk->sk_no_check_tx = valbool;
1166 if ((val >= 0 && val <= 6) ||
1167 ns_capable(sock_net(sk)->user_ns, CAP_NET_RAW) ||
1168 ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN))
1169 sk->sk_priority = val;
1175 if (optlen < sizeof(ling)) {
1176 ret = -EINVAL; /* 1003.1g */
1179 if (copy_from_sockptr(&ling, optval, sizeof(ling))) {
1184 sock_reset_flag(sk, SOCK_LINGER);
1186 #if (BITS_PER_LONG == 32)
1187 if ((unsigned int)ling.l_linger >= MAX_SCHEDULE_TIMEOUT/HZ)
1188 sk->sk_lingertime = MAX_SCHEDULE_TIMEOUT;
1191 sk->sk_lingertime = (unsigned int)ling.l_linger * HZ;
1192 sock_set_flag(sk, SOCK_LINGER);
1201 set_bit(SOCK_PASSCRED, &sock->flags);
1203 clear_bit(SOCK_PASSCRED, &sock->flags);
1206 case SO_TIMESTAMP_OLD:
1207 case SO_TIMESTAMP_NEW:
1208 case SO_TIMESTAMPNS_OLD:
1209 case SO_TIMESTAMPNS_NEW:
1210 sock_set_timestamp(sk, optname, valbool);
1213 case SO_TIMESTAMPING_NEW:
1214 case SO_TIMESTAMPING_OLD:
1215 if (optlen == sizeof(timestamping)) {
1216 if (copy_from_sockptr(×tamping, optval,
1217 sizeof(timestamping))) {
1222 memset(×tamping, 0, sizeof(timestamping));
1223 timestamping.flags = val;
1225 ret = sock_set_timestamping(sk, optname, timestamping);
1231 if (sock->ops->set_rcvlowat)
1232 ret = sock->ops->set_rcvlowat(sk, val);
1234 WRITE_ONCE(sk->sk_rcvlowat, val ? : 1);
1237 case SO_RCVTIMEO_OLD:
1238 case SO_RCVTIMEO_NEW:
1239 ret = sock_set_timeout(&sk->sk_rcvtimeo, optval,
1240 optlen, optname == SO_RCVTIMEO_OLD);
1243 case SO_SNDTIMEO_OLD:
1244 case SO_SNDTIMEO_NEW:
1245 ret = sock_set_timeout(&sk->sk_sndtimeo, optval,
1246 optlen, optname == SO_SNDTIMEO_OLD);
1249 case SO_ATTACH_FILTER: {
1250 struct sock_fprog fprog;
1252 ret = copy_bpf_fprog_from_user(&fprog, optval, optlen);
1254 ret = sk_attach_filter(&fprog, sk);
1259 if (optlen == sizeof(u32)) {
1263 if (copy_from_sockptr(&ufd, optval, sizeof(ufd)))
1266 ret = sk_attach_bpf(ufd, sk);
1270 case SO_ATTACH_REUSEPORT_CBPF: {
1271 struct sock_fprog fprog;
1273 ret = copy_bpf_fprog_from_user(&fprog, optval, optlen);
1275 ret = sk_reuseport_attach_filter(&fprog, sk);
1278 case SO_ATTACH_REUSEPORT_EBPF:
1280 if (optlen == sizeof(u32)) {
1284 if (copy_from_sockptr(&ufd, optval, sizeof(ufd)))
1287 ret = sk_reuseport_attach_bpf(ufd, sk);
1291 case SO_DETACH_REUSEPORT_BPF:
1292 ret = reuseport_detach_prog(sk);
1295 case SO_DETACH_FILTER:
1296 ret = sk_detach_filter(sk);
1299 case SO_LOCK_FILTER:
1300 if (sock_flag(sk, SOCK_FILTER_LOCKED) && !valbool)
1303 sock_valbool_flag(sk, SOCK_FILTER_LOCKED, valbool);
1308 set_bit(SOCK_PASSSEC, &sock->flags);
1310 clear_bit(SOCK_PASSSEC, &sock->flags);
1313 if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_RAW) &&
1314 !ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) {
1319 __sock_set_mark(sk, val);
1322 if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_RAW) &&
1323 !ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) {
1328 sock_valbool_flag(sk, SOCK_RCVMARK, valbool);
1332 sock_valbool_flag(sk, SOCK_RXQ_OVFL, valbool);
1335 case SO_WIFI_STATUS:
1336 sock_valbool_flag(sk, SOCK_WIFI_STATUS, valbool);
1340 if (sock->ops->set_peek_off)
1341 ret = sock->ops->set_peek_off(sk, val);
1347 sock_valbool_flag(sk, SOCK_NOFCS, valbool);
1350 case SO_SELECT_ERR_QUEUE:
1351 sock_valbool_flag(sk, SOCK_SELECT_ERR_QUEUE, valbool);
1354 #ifdef CONFIG_NET_RX_BUSY_POLL
1356 /* allow unprivileged users to decrease the value */
1357 if ((val > sk->sk_ll_usec) && !capable(CAP_NET_ADMIN))
1363 WRITE_ONCE(sk->sk_ll_usec, val);
1366 case SO_PREFER_BUSY_POLL:
1367 if (valbool && !capable(CAP_NET_ADMIN))
1370 WRITE_ONCE(sk->sk_prefer_busy_poll, valbool);
1372 case SO_BUSY_POLL_BUDGET:
1373 if (val > READ_ONCE(sk->sk_busy_poll_budget) && !capable(CAP_NET_ADMIN)) {
1376 if (val < 0 || val > U16_MAX)
1379 WRITE_ONCE(sk->sk_busy_poll_budget, val);
1384 case SO_MAX_PACING_RATE:
1386 unsigned long ulval = (val == ~0U) ? ~0UL : (unsigned int)val;
1388 if (sizeof(ulval) != sizeof(val) &&
1389 optlen >= sizeof(ulval) &&
1390 copy_from_sockptr(&ulval, optval, sizeof(ulval))) {
1395 cmpxchg(&sk->sk_pacing_status,
1398 sk->sk_max_pacing_rate = ulval;
1399 sk->sk_pacing_rate = min(sk->sk_pacing_rate, ulval);
1402 case SO_INCOMING_CPU:
1403 WRITE_ONCE(sk->sk_incoming_cpu, val);
1408 dst_negative_advice(sk);
1412 if (sk->sk_family == PF_INET || sk->sk_family == PF_INET6) {
1413 if (!(sk_is_tcp(sk) ||
1414 (sk->sk_type == SOCK_DGRAM &&
1415 sk->sk_protocol == IPPROTO_UDP)))
1417 } else if (sk->sk_family != PF_RDS) {
1421 if (val < 0 || val > 1)
1424 sock_valbool_flag(sk, SOCK_ZEROCOPY, valbool);
1429 if (optlen != sizeof(struct sock_txtime)) {
1432 } else if (copy_from_sockptr(&sk_txtime, optval,
1433 sizeof(struct sock_txtime))) {
1436 } else if (sk_txtime.flags & ~SOF_TXTIME_FLAGS_MASK) {
1440 /* CLOCK_MONOTONIC is only used by sch_fq, and this packet
1441 * scheduler has enough safe guards.
1443 if (sk_txtime.clockid != CLOCK_MONOTONIC &&
1444 !ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) {
1448 sock_valbool_flag(sk, SOCK_TXTIME, true);
1449 sk->sk_clockid = sk_txtime.clockid;
1450 sk->sk_txtime_deadline_mode =
1451 !!(sk_txtime.flags & SOF_TXTIME_DEADLINE_MODE);
1452 sk->sk_txtime_report_errors =
1453 !!(sk_txtime.flags & SOF_TXTIME_REPORT_ERRORS);
1456 case SO_BINDTOIFINDEX:
1457 ret = sock_bindtoindex_locked(sk, val);
1461 if (val & ~SOCK_BUF_LOCK_MASK) {
1465 sk->sk_userlocks = val | (sk->sk_userlocks &
1466 ~SOCK_BUF_LOCK_MASK);
1469 case SO_RESERVE_MEM:
1478 delta = val - sk->sk_reserved_mem;
1480 sock_release_reserved_memory(sk, -delta);
1482 ret = sock_reserve_memory(sk, delta);
1487 if (val < -1 || val > 1) {
1491 /* Paired with READ_ONCE() in tcp_rtx_synack() */
1492 WRITE_ONCE(sk->sk_txrehash, (u8)val);
1502 EXPORT_SYMBOL(sock_setsockopt);
1504 static const struct cred *sk_get_peer_cred(struct sock *sk)
1506 const struct cred *cred;
1508 spin_lock(&sk->sk_peer_lock);
1509 cred = get_cred(sk->sk_peer_cred);
1510 spin_unlock(&sk->sk_peer_lock);
1515 static void cred_to_ucred(struct pid *pid, const struct cred *cred,
1516 struct ucred *ucred)
1518 ucred->pid = pid_vnr(pid);
1519 ucred->uid = ucred->gid = -1;
1521 struct user_namespace *current_ns = current_user_ns();
1523 ucred->uid = from_kuid_munged(current_ns, cred->euid);
1524 ucred->gid = from_kgid_munged(current_ns, cred->egid);
1528 static int groups_to_user(gid_t __user *dst, const struct group_info *src)
1530 struct user_namespace *user_ns = current_user_ns();
1533 for (i = 0; i < src->ngroups; i++)
1534 if (put_user(from_kgid_munged(user_ns, src->gid[i]), dst + i))
1540 int sock_getsockopt(struct socket *sock, int level, int optname,
1541 char __user *optval, int __user *optlen)
1543 struct sock *sk = sock->sk;
1548 unsigned long ulval;
1550 struct old_timeval32 tm32;
1551 struct __kernel_old_timeval tm;
1552 struct __kernel_sock_timeval stm;
1553 struct sock_txtime txtime;
1554 struct so_timestamping timestamping;
1557 int lv = sizeof(int);
1560 if (get_user(len, optlen))
1565 memset(&v, 0, sizeof(v));
1569 v.val = sock_flag(sk, SOCK_DBG);
1573 v.val = sock_flag(sk, SOCK_LOCALROUTE);
1577 v.val = sock_flag(sk, SOCK_BROADCAST);
1581 v.val = sk->sk_sndbuf;
1585 v.val = sk->sk_rcvbuf;
1589 v.val = sk->sk_reuse;
1593 v.val = sk->sk_reuseport;
1597 v.val = sock_flag(sk, SOCK_KEEPOPEN);
1601 v.val = sk->sk_type;
1605 v.val = sk->sk_protocol;
1609 v.val = sk->sk_family;
1613 v.val = -sock_error(sk);
1615 v.val = xchg(&sk->sk_err_soft, 0);
1619 v.val = sock_flag(sk, SOCK_URGINLINE);
1623 v.val = sk->sk_no_check_tx;
1627 v.val = sk->sk_priority;
1631 lv = sizeof(v.ling);
1632 v.ling.l_onoff = sock_flag(sk, SOCK_LINGER);
1633 v.ling.l_linger = sk->sk_lingertime / HZ;
1639 case SO_TIMESTAMP_OLD:
1640 v.val = sock_flag(sk, SOCK_RCVTSTAMP) &&
1641 !sock_flag(sk, SOCK_TSTAMP_NEW) &&
1642 !sock_flag(sk, SOCK_RCVTSTAMPNS);
1645 case SO_TIMESTAMPNS_OLD:
1646 v.val = sock_flag(sk, SOCK_RCVTSTAMPNS) && !sock_flag(sk, SOCK_TSTAMP_NEW);
1649 case SO_TIMESTAMP_NEW:
1650 v.val = sock_flag(sk, SOCK_RCVTSTAMP) && sock_flag(sk, SOCK_TSTAMP_NEW);
1653 case SO_TIMESTAMPNS_NEW:
1654 v.val = sock_flag(sk, SOCK_RCVTSTAMPNS) && sock_flag(sk, SOCK_TSTAMP_NEW);
1657 case SO_TIMESTAMPING_OLD:
1658 lv = sizeof(v.timestamping);
1659 v.timestamping.flags = sk->sk_tsflags;
1660 v.timestamping.bind_phc = sk->sk_bind_phc;
1663 case SO_RCVTIMEO_OLD:
1664 case SO_RCVTIMEO_NEW:
1665 lv = sock_get_timeout(sk->sk_rcvtimeo, &v, SO_RCVTIMEO_OLD == optname);
1668 case SO_SNDTIMEO_OLD:
1669 case SO_SNDTIMEO_NEW:
1670 lv = sock_get_timeout(sk->sk_sndtimeo, &v, SO_SNDTIMEO_OLD == optname);
1674 v.val = sk->sk_rcvlowat;
1682 v.val = !!test_bit(SOCK_PASSCRED, &sock->flags);
1687 struct ucred peercred;
1688 if (len > sizeof(peercred))
1689 len = sizeof(peercred);
1691 spin_lock(&sk->sk_peer_lock);
1692 cred_to_ucred(sk->sk_peer_pid, sk->sk_peer_cred, &peercred);
1693 spin_unlock(&sk->sk_peer_lock);
1695 if (copy_to_user(optval, &peercred, len))
1702 const struct cred *cred;
1705 cred = sk_get_peer_cred(sk);
1709 n = cred->group_info->ngroups;
1710 if (len < n * sizeof(gid_t)) {
1711 len = n * sizeof(gid_t);
1713 return put_user(len, optlen) ? -EFAULT : -ERANGE;
1715 len = n * sizeof(gid_t);
1717 ret = groups_to_user((gid_t __user *)optval, cred->group_info);
1728 lv = sock->ops->getname(sock, (struct sockaddr *)address, 2);
1733 if (copy_to_user(optval, address, len))
1738 /* Dubious BSD thing... Probably nobody even uses it, but
1739 * the UNIX standard wants it for whatever reason... -DaveM
1742 v.val = sk->sk_state == TCP_LISTEN;
1746 v.val = !!test_bit(SOCK_PASSSEC, &sock->flags);
1750 return security_socket_getpeersec_stream(sock, optval, optlen, len);
1753 v.val = sk->sk_mark;
1757 v.val = sock_flag(sk, SOCK_RCVMARK);
1761 v.val = sock_flag(sk, SOCK_RXQ_OVFL);
1764 case SO_WIFI_STATUS:
1765 v.val = sock_flag(sk, SOCK_WIFI_STATUS);
1769 if (!sock->ops->set_peek_off)
1772 v.val = sk->sk_peek_off;
1775 v.val = sock_flag(sk, SOCK_NOFCS);
1778 case SO_BINDTODEVICE:
1779 return sock_getbindtodevice(sk, optval, optlen, len);
1782 len = sk_get_filter(sk, (struct sock_filter __user *)optval, len);
1788 case SO_LOCK_FILTER:
1789 v.val = sock_flag(sk, SOCK_FILTER_LOCKED);
1792 case SO_BPF_EXTENSIONS:
1793 v.val = bpf_tell_extensions();
1796 case SO_SELECT_ERR_QUEUE:
1797 v.val = sock_flag(sk, SOCK_SELECT_ERR_QUEUE);
1800 #ifdef CONFIG_NET_RX_BUSY_POLL
1802 v.val = sk->sk_ll_usec;
1804 case SO_PREFER_BUSY_POLL:
1805 v.val = READ_ONCE(sk->sk_prefer_busy_poll);
1809 case SO_MAX_PACING_RATE:
1810 if (sizeof(v.ulval) != sizeof(v.val) && len >= sizeof(v.ulval)) {
1811 lv = sizeof(v.ulval);
1812 v.ulval = sk->sk_max_pacing_rate;
1815 v.val = min_t(unsigned long, sk->sk_max_pacing_rate, ~0U);
1819 case SO_INCOMING_CPU:
1820 v.val = READ_ONCE(sk->sk_incoming_cpu);
1825 u32 meminfo[SK_MEMINFO_VARS];
1827 sk_get_meminfo(sk, meminfo);
1829 len = min_t(unsigned int, len, sizeof(meminfo));
1830 if (copy_to_user(optval, &meminfo, len))
1836 #ifdef CONFIG_NET_RX_BUSY_POLL
1837 case SO_INCOMING_NAPI_ID:
1838 v.val = READ_ONCE(sk->sk_napi_id);
1840 /* aggregate non-NAPI IDs down to 0 */
1841 if (v.val < MIN_NAPI_ID)
1851 v.val64 = sock_gen_cookie(sk);
1855 v.val = sock_flag(sk, SOCK_ZEROCOPY);
1859 lv = sizeof(v.txtime);
1860 v.txtime.clockid = sk->sk_clockid;
1861 v.txtime.flags |= sk->sk_txtime_deadline_mode ?
1862 SOF_TXTIME_DEADLINE_MODE : 0;
1863 v.txtime.flags |= sk->sk_txtime_report_errors ?
1864 SOF_TXTIME_REPORT_ERRORS : 0;
1867 case SO_BINDTOIFINDEX:
1868 v.val = READ_ONCE(sk->sk_bound_dev_if);
1871 case SO_NETNS_COOKIE:
1875 v.val64 = sock_net(sk)->net_cookie;
1879 v.val = sk->sk_userlocks & SOCK_BUF_LOCK_MASK;
1882 case SO_RESERVE_MEM:
1883 v.val = sk->sk_reserved_mem;
1887 v.val = sk->sk_txrehash;
1891 /* We implement the SO_SNDLOWAT etc to not be settable
1894 return -ENOPROTOOPT;
1899 if (copy_to_user(optval, &v, len))
1902 if (put_user(len, optlen))
1908 * Initialize an sk_lock.
1910 * (We also register the sk_lock with the lock validator.)
1912 static inline void sock_lock_init(struct sock *sk)
1914 if (sk->sk_kern_sock)
1915 sock_lock_init_class_and_name(
1917 af_family_kern_slock_key_strings[sk->sk_family],
1918 af_family_kern_slock_keys + sk->sk_family,
1919 af_family_kern_key_strings[sk->sk_family],
1920 af_family_kern_keys + sk->sk_family);
1922 sock_lock_init_class_and_name(
1924 af_family_slock_key_strings[sk->sk_family],
1925 af_family_slock_keys + sk->sk_family,
1926 af_family_key_strings[sk->sk_family],
1927 af_family_keys + sk->sk_family);
1931 * Copy all fields from osk to nsk but nsk->sk_refcnt must not change yet,
1932 * even temporarly, because of RCU lookups. sk_node should also be left as is.
1933 * We must not copy fields between sk_dontcopy_begin and sk_dontcopy_end
1935 static void sock_copy(struct sock *nsk, const struct sock *osk)
1937 const struct proto *prot = READ_ONCE(osk->sk_prot);
1938 #ifdef CONFIG_SECURITY_NETWORK
1939 void *sptr = nsk->sk_security;
1942 /* If we move sk_tx_queue_mapping out of the private section,
1943 * we must check if sk_tx_queue_clear() is called after
1944 * sock_copy() in sk_clone_lock().
1946 BUILD_BUG_ON(offsetof(struct sock, sk_tx_queue_mapping) <
1947 offsetof(struct sock, sk_dontcopy_begin) ||
1948 offsetof(struct sock, sk_tx_queue_mapping) >=
1949 offsetof(struct sock, sk_dontcopy_end));
1951 memcpy(nsk, osk, offsetof(struct sock, sk_dontcopy_begin));
1953 memcpy(&nsk->sk_dontcopy_end, &osk->sk_dontcopy_end,
1954 prot->obj_size - offsetof(struct sock, sk_dontcopy_end));
1956 #ifdef CONFIG_SECURITY_NETWORK
1957 nsk->sk_security = sptr;
1958 security_sk_clone(osk, nsk);
1962 static struct sock *sk_prot_alloc(struct proto *prot, gfp_t priority,
1966 struct kmem_cache *slab;
1970 sk = kmem_cache_alloc(slab, priority & ~__GFP_ZERO);
1973 if (want_init_on_alloc(priority))
1974 sk_prot_clear_nulls(sk, prot->obj_size);
1976 sk = kmalloc(prot->obj_size, priority);
1979 if (security_sk_alloc(sk, family, priority))
1982 if (!try_module_get(prot->owner))
1989 security_sk_free(sk);
1992 kmem_cache_free(slab, sk);
1998 static void sk_prot_free(struct proto *prot, struct sock *sk)
2000 struct kmem_cache *slab;
2001 struct module *owner;
2003 owner = prot->owner;
2006 cgroup_sk_free(&sk->sk_cgrp_data);
2007 mem_cgroup_sk_free(sk);
2008 security_sk_free(sk);
2010 kmem_cache_free(slab, sk);
2017 * sk_alloc - All socket objects are allocated here
2018 * @net: the applicable net namespace
2019 * @family: protocol family
2020 * @priority: for allocation (%GFP_KERNEL, %GFP_ATOMIC, etc)
2021 * @prot: struct proto associated with this new sock instance
2022 * @kern: is this to be a kernel socket?
2024 struct sock *sk_alloc(struct net *net, int family, gfp_t priority,
2025 struct proto *prot, int kern)
2029 sk = sk_prot_alloc(prot, priority | __GFP_ZERO, family);
2031 sk->sk_family = family;
2033 * See comment in struct sock definition to understand
2034 * why we need sk_prot_creator -acme
2036 sk->sk_prot = sk->sk_prot_creator = prot;
2037 sk->sk_kern_sock = kern;
2039 sk->sk_net_refcnt = kern ? 0 : 1;
2040 if (likely(sk->sk_net_refcnt)) {
2041 get_net_track(net, &sk->ns_tracker, priority);
2042 sock_inuse_add(net, 1);
2045 sock_net_set(sk, net);
2046 refcount_set(&sk->sk_wmem_alloc, 1);
2048 mem_cgroup_sk_alloc(sk);
2049 cgroup_sk_alloc(&sk->sk_cgrp_data);
2050 sock_update_classid(&sk->sk_cgrp_data);
2051 sock_update_netprioidx(&sk->sk_cgrp_data);
2052 sk_tx_queue_clear(sk);
2057 EXPORT_SYMBOL(sk_alloc);
2059 /* Sockets having SOCK_RCU_FREE will call this function after one RCU
2060 * grace period. This is the case for UDP sockets and TCP listeners.
2062 static void __sk_destruct(struct rcu_head *head)
2064 struct sock *sk = container_of(head, struct sock, sk_rcu);
2065 struct sk_filter *filter;
2067 if (sk->sk_destruct)
2068 sk->sk_destruct(sk);
2070 filter = rcu_dereference_check(sk->sk_filter,
2071 refcount_read(&sk->sk_wmem_alloc) == 0);
2073 sk_filter_uncharge(sk, filter);
2074 RCU_INIT_POINTER(sk->sk_filter, NULL);
2077 sock_disable_timestamp(sk, SK_FLAGS_TIMESTAMP);
2079 #ifdef CONFIG_BPF_SYSCALL
2080 bpf_sk_storage_free(sk);
2083 if (atomic_read(&sk->sk_omem_alloc))
2084 pr_debug("%s: optmem leakage (%d bytes) detected\n",
2085 __func__, atomic_read(&sk->sk_omem_alloc));
2087 if (sk->sk_frag.page) {
2088 put_page(sk->sk_frag.page);
2089 sk->sk_frag.page = NULL;
2092 /* We do not need to acquire sk->sk_peer_lock, we are the last user. */
2093 put_cred(sk->sk_peer_cred);
2094 put_pid(sk->sk_peer_pid);
2096 if (likely(sk->sk_net_refcnt))
2097 put_net_track(sock_net(sk), &sk->ns_tracker);
2098 sk_prot_free(sk->sk_prot_creator, sk);
2101 void sk_destruct(struct sock *sk)
2103 bool use_call_rcu = sock_flag(sk, SOCK_RCU_FREE);
2105 if (rcu_access_pointer(sk->sk_reuseport_cb)) {
2106 reuseport_detach_sock(sk);
2107 use_call_rcu = true;
2111 call_rcu(&sk->sk_rcu, __sk_destruct);
2113 __sk_destruct(&sk->sk_rcu);
2116 static void __sk_free(struct sock *sk)
2118 if (likely(sk->sk_net_refcnt))
2119 sock_inuse_add(sock_net(sk), -1);
2121 if (unlikely(sk->sk_net_refcnt && sock_diag_has_destroy_listeners(sk)))
2122 sock_diag_broadcast_destroy(sk);
2127 void sk_free(struct sock *sk)
2130 * We subtract one from sk_wmem_alloc and can know if
2131 * some packets are still in some tx queue.
2132 * If not null, sock_wfree() will call __sk_free(sk) later
2134 if (refcount_dec_and_test(&sk->sk_wmem_alloc))
2137 EXPORT_SYMBOL(sk_free);
2139 static void sk_init_common(struct sock *sk)
2141 skb_queue_head_init(&sk->sk_receive_queue);
2142 skb_queue_head_init(&sk->sk_write_queue);
2143 skb_queue_head_init(&sk->sk_error_queue);
2145 rwlock_init(&sk->sk_callback_lock);
2146 lockdep_set_class_and_name(&sk->sk_receive_queue.lock,
2147 af_rlock_keys + sk->sk_family,
2148 af_family_rlock_key_strings[sk->sk_family]);
2149 lockdep_set_class_and_name(&sk->sk_write_queue.lock,
2150 af_wlock_keys + sk->sk_family,
2151 af_family_wlock_key_strings[sk->sk_family]);
2152 lockdep_set_class_and_name(&sk->sk_error_queue.lock,
2153 af_elock_keys + sk->sk_family,
2154 af_family_elock_key_strings[sk->sk_family]);
2155 lockdep_set_class_and_name(&sk->sk_callback_lock,
2156 af_callback_keys + sk->sk_family,
2157 af_family_clock_key_strings[sk->sk_family]);
2161 * sk_clone_lock - clone a socket, and lock its clone
2162 * @sk: the socket to clone
2163 * @priority: for allocation (%GFP_KERNEL, %GFP_ATOMIC, etc)
2165 * Caller must unlock socket even in error path (bh_unlock_sock(newsk))
2167 struct sock *sk_clone_lock(const struct sock *sk, const gfp_t priority)
2169 struct proto *prot = READ_ONCE(sk->sk_prot);
2170 struct sk_filter *filter;
2171 bool is_charged = true;
2174 newsk = sk_prot_alloc(prot, priority, sk->sk_family);
2178 sock_copy(newsk, sk);
2180 newsk->sk_prot_creator = prot;
2183 if (likely(newsk->sk_net_refcnt)) {
2184 get_net_track(sock_net(newsk), &newsk->ns_tracker, priority);
2185 sock_inuse_add(sock_net(newsk), 1);
2187 sk_node_init(&newsk->sk_node);
2188 sock_lock_init(newsk);
2189 bh_lock_sock(newsk);
2190 newsk->sk_backlog.head = newsk->sk_backlog.tail = NULL;
2191 newsk->sk_backlog.len = 0;
2193 atomic_set(&newsk->sk_rmem_alloc, 0);
2195 /* sk_wmem_alloc set to one (see sk_free() and sock_wfree()) */
2196 refcount_set(&newsk->sk_wmem_alloc, 1);
2198 atomic_set(&newsk->sk_omem_alloc, 0);
2199 sk_init_common(newsk);
2201 newsk->sk_dst_cache = NULL;
2202 newsk->sk_dst_pending_confirm = 0;
2203 newsk->sk_wmem_queued = 0;
2204 newsk->sk_forward_alloc = 0;
2205 newsk->sk_reserved_mem = 0;
2206 atomic_set(&newsk->sk_drops, 0);
2207 newsk->sk_send_head = NULL;
2208 newsk->sk_userlocks = sk->sk_userlocks & ~SOCK_BINDPORT_LOCK;
2209 atomic_set(&newsk->sk_zckey, 0);
2211 sock_reset_flag(newsk, SOCK_DONE);
2213 /* sk->sk_memcg will be populated at accept() time */
2214 newsk->sk_memcg = NULL;
2216 cgroup_sk_clone(&newsk->sk_cgrp_data);
2219 filter = rcu_dereference(sk->sk_filter);
2221 /* though it's an empty new sock, the charging may fail
2222 * if sysctl_optmem_max was changed between creation of
2223 * original socket and cloning
2225 is_charged = sk_filter_charge(newsk, filter);
2226 RCU_INIT_POINTER(newsk->sk_filter, filter);
2229 if (unlikely(!is_charged || xfrm_sk_clone_policy(newsk, sk))) {
2230 /* We need to make sure that we don't uncharge the new
2231 * socket if we couldn't charge it in the first place
2232 * as otherwise we uncharge the parent's filter.
2235 RCU_INIT_POINTER(newsk->sk_filter, NULL);
2236 sk_free_unlock_clone(newsk);
2240 RCU_INIT_POINTER(newsk->sk_reuseport_cb, NULL);
2242 if (bpf_sk_storage_clone(sk, newsk)) {
2243 sk_free_unlock_clone(newsk);
2248 /* Clear sk_user_data if parent had the pointer tagged
2249 * as not suitable for copying when cloning.
2251 if (sk_user_data_is_nocopy(newsk))
2252 newsk->sk_user_data = NULL;
2255 newsk->sk_err_soft = 0;
2256 newsk->sk_priority = 0;
2257 newsk->sk_incoming_cpu = raw_smp_processor_id();
2259 /* Before updating sk_refcnt, we must commit prior changes to memory
2260 * (Documentation/RCU/rculist_nulls.rst for details)
2263 refcount_set(&newsk->sk_refcnt, 2);
2265 /* Increment the counter in the same struct proto as the master
2266 * sock (sk_refcnt_debug_inc uses newsk->sk_prot->socks, that
2267 * is the same as sk->sk_prot->socks, as this field was copied
2270 * This _changes_ the previous behaviour, where
2271 * tcp_create_openreq_child always was incrementing the
2272 * equivalent to tcp_prot->socks (inet_sock_nr), so this have
2273 * to be taken into account in all callers. -acme
2275 sk_refcnt_debug_inc(newsk);
2276 sk_set_socket(newsk, NULL);
2277 sk_tx_queue_clear(newsk);
2278 RCU_INIT_POINTER(newsk->sk_wq, NULL);
2280 if (newsk->sk_prot->sockets_allocated)
2281 sk_sockets_allocated_inc(newsk);
2283 if (sock_needs_netstamp(sk) && newsk->sk_flags & SK_FLAGS_TIMESTAMP)
2284 net_enable_timestamp();
2288 EXPORT_SYMBOL_GPL(sk_clone_lock);
2290 void sk_free_unlock_clone(struct sock *sk)
2292 /* It is still raw copy of parent, so invalidate
2293 * destructor and make plain sk_free() */
2294 sk->sk_destruct = NULL;
2298 EXPORT_SYMBOL_GPL(sk_free_unlock_clone);
2300 static void sk_trim_gso_size(struct sock *sk)
2302 if (sk->sk_gso_max_size <= GSO_LEGACY_MAX_SIZE)
2304 #if IS_ENABLED(CONFIG_IPV6)
2305 if (sk->sk_family == AF_INET6 &&
2307 !ipv6_addr_v4mapped(&sk->sk_v6_rcv_saddr))
2310 sk->sk_gso_max_size = GSO_LEGACY_MAX_SIZE;
2313 void sk_setup_caps(struct sock *sk, struct dst_entry *dst)
2317 sk_dst_set(sk, dst);
2318 sk->sk_route_caps = dst->dev->features;
2320 sk->sk_route_caps |= NETIF_F_GSO;
2321 if (sk->sk_route_caps & NETIF_F_GSO)
2322 sk->sk_route_caps |= NETIF_F_GSO_SOFTWARE;
2323 if (unlikely(sk->sk_gso_disabled))
2324 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
2325 if (sk_can_gso(sk)) {
2326 if (dst->header_len && !xfrm_dst_offload_ok(dst)) {
2327 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
2329 sk->sk_route_caps |= NETIF_F_SG | NETIF_F_HW_CSUM;
2330 /* pairs with the WRITE_ONCE() in netif_set_gso_max_size() */
2331 sk->sk_gso_max_size = READ_ONCE(dst->dev->gso_max_size);
2332 sk_trim_gso_size(sk);
2333 sk->sk_gso_max_size -= (MAX_TCP_HEADER + 1);
2334 /* pairs with the WRITE_ONCE() in netif_set_gso_max_segs() */
2335 max_segs = max_t(u32, READ_ONCE(dst->dev->gso_max_segs), 1);
2338 sk->sk_gso_max_segs = max_segs;
2340 EXPORT_SYMBOL_GPL(sk_setup_caps);
2343 * Simple resource managers for sockets.
2348 * Write buffer destructor automatically called from kfree_skb.
2350 void sock_wfree(struct sk_buff *skb)
2352 struct sock *sk = skb->sk;
2353 unsigned int len = skb->truesize;
2356 if (!sock_flag(sk, SOCK_USE_WRITE_QUEUE)) {
2357 if (sock_flag(sk, SOCK_RCU_FREE) &&
2358 sk->sk_write_space == sock_def_write_space) {
2360 free = refcount_sub_and_test(len, &sk->sk_wmem_alloc);
2361 sock_def_write_space_wfree(sk);
2369 * Keep a reference on sk_wmem_alloc, this will be released
2370 * after sk_write_space() call
2372 WARN_ON(refcount_sub_and_test(len - 1, &sk->sk_wmem_alloc));
2373 sk->sk_write_space(sk);
2377 * if sk_wmem_alloc reaches 0, we must finish what sk_free()
2378 * could not do because of in-flight packets
2380 if (refcount_sub_and_test(len, &sk->sk_wmem_alloc))
2383 EXPORT_SYMBOL(sock_wfree);
2385 /* This variant of sock_wfree() is used by TCP,
2386 * since it sets SOCK_USE_WRITE_QUEUE.
2388 void __sock_wfree(struct sk_buff *skb)
2390 struct sock *sk = skb->sk;
2392 if (refcount_sub_and_test(skb->truesize, &sk->sk_wmem_alloc))
2396 void skb_set_owner_w(struct sk_buff *skb, struct sock *sk)
2401 if (unlikely(!sk_fullsock(sk))) {
2402 skb->destructor = sock_edemux;
2407 skb->destructor = sock_wfree;
2408 skb_set_hash_from_sk(skb, sk);
2410 * We used to take a refcount on sk, but following operation
2411 * is enough to guarantee sk_free() wont free this sock until
2412 * all in-flight packets are completed
2414 refcount_add(skb->truesize, &sk->sk_wmem_alloc);
2416 EXPORT_SYMBOL(skb_set_owner_w);
2418 static bool can_skb_orphan_partial(const struct sk_buff *skb)
2420 #ifdef CONFIG_TLS_DEVICE
2421 /* Drivers depend on in-order delivery for crypto offload,
2422 * partial orphan breaks out-of-order-OK logic.
2427 return (skb->destructor == sock_wfree ||
2428 (IS_ENABLED(CONFIG_INET) && skb->destructor == tcp_wfree));
2431 /* This helper is used by netem, as it can hold packets in its
2432 * delay queue. We want to allow the owner socket to send more
2433 * packets, as if they were already TX completed by a typical driver.
2434 * But we also want to keep skb->sk set because some packet schedulers
2435 * rely on it (sch_fq for example).
2437 void skb_orphan_partial(struct sk_buff *skb)
2439 if (skb_is_tcp_pure_ack(skb))
2442 if (can_skb_orphan_partial(skb) && skb_set_owner_sk_safe(skb, skb->sk))
2447 EXPORT_SYMBOL(skb_orphan_partial);
2450 * Read buffer destructor automatically called from kfree_skb.
2452 void sock_rfree(struct sk_buff *skb)
2454 struct sock *sk = skb->sk;
2455 unsigned int len = skb->truesize;
2457 atomic_sub(len, &sk->sk_rmem_alloc);
2458 sk_mem_uncharge(sk, len);
2460 EXPORT_SYMBOL(sock_rfree);
2463 * Buffer destructor for skbs that are not used directly in read or write
2464 * path, e.g. for error handler skbs. Automatically called from kfree_skb.
2466 void sock_efree(struct sk_buff *skb)
2470 EXPORT_SYMBOL(sock_efree);
2472 /* Buffer destructor for prefetch/receive path where reference count may
2473 * not be held, e.g. for listen sockets.
2476 void sock_pfree(struct sk_buff *skb)
2478 if (sk_is_refcounted(skb->sk))
2479 sock_gen_put(skb->sk);
2481 EXPORT_SYMBOL(sock_pfree);
2482 #endif /* CONFIG_INET */
2484 kuid_t sock_i_uid(struct sock *sk)
2488 read_lock_bh(&sk->sk_callback_lock);
2489 uid = sk->sk_socket ? SOCK_INODE(sk->sk_socket)->i_uid : GLOBAL_ROOT_UID;
2490 read_unlock_bh(&sk->sk_callback_lock);
2493 EXPORT_SYMBOL(sock_i_uid);
2495 unsigned long sock_i_ino(struct sock *sk)
2499 read_lock_bh(&sk->sk_callback_lock);
2500 ino = sk->sk_socket ? SOCK_INODE(sk->sk_socket)->i_ino : 0;
2501 read_unlock_bh(&sk->sk_callback_lock);
2504 EXPORT_SYMBOL(sock_i_ino);
2507 * Allocate a skb from the socket's send buffer.
2509 struct sk_buff *sock_wmalloc(struct sock *sk, unsigned long size, int force,
2513 refcount_read(&sk->sk_wmem_alloc) < READ_ONCE(sk->sk_sndbuf)) {
2514 struct sk_buff *skb = alloc_skb(size, priority);
2517 skb_set_owner_w(skb, sk);
2523 EXPORT_SYMBOL(sock_wmalloc);
2525 static void sock_ofree(struct sk_buff *skb)
2527 struct sock *sk = skb->sk;
2529 atomic_sub(skb->truesize, &sk->sk_omem_alloc);
2532 struct sk_buff *sock_omalloc(struct sock *sk, unsigned long size,
2535 struct sk_buff *skb;
2537 /* small safe race: SKB_TRUESIZE may differ from final skb->truesize */
2538 if (atomic_read(&sk->sk_omem_alloc) + SKB_TRUESIZE(size) >
2539 READ_ONCE(sysctl_optmem_max))
2542 skb = alloc_skb(size, priority);
2546 atomic_add(skb->truesize, &sk->sk_omem_alloc);
2548 skb->destructor = sock_ofree;
2553 * Allocate a memory block from the socket's option memory buffer.
2555 void *sock_kmalloc(struct sock *sk, int size, gfp_t priority)
2557 int optmem_max = READ_ONCE(sysctl_optmem_max);
2559 if ((unsigned int)size <= optmem_max &&
2560 atomic_read(&sk->sk_omem_alloc) + size < optmem_max) {
2562 /* First do the add, to avoid the race if kmalloc
2565 atomic_add(size, &sk->sk_omem_alloc);
2566 mem = kmalloc(size, priority);
2569 atomic_sub(size, &sk->sk_omem_alloc);
2573 EXPORT_SYMBOL(sock_kmalloc);
2575 /* Free an option memory block. Note, we actually want the inline
2576 * here as this allows gcc to detect the nullify and fold away the
2577 * condition entirely.
2579 static inline void __sock_kfree_s(struct sock *sk, void *mem, int size,
2582 if (WARN_ON_ONCE(!mem))
2585 kfree_sensitive(mem);
2588 atomic_sub(size, &sk->sk_omem_alloc);
2591 void sock_kfree_s(struct sock *sk, void *mem, int size)
2593 __sock_kfree_s(sk, mem, size, false);
2595 EXPORT_SYMBOL(sock_kfree_s);
2597 void sock_kzfree_s(struct sock *sk, void *mem, int size)
2599 __sock_kfree_s(sk, mem, size, true);
2601 EXPORT_SYMBOL(sock_kzfree_s);
2603 /* It is almost wait_for_tcp_memory minus release_sock/lock_sock.
2604 I think, these locks should be removed for datagram sockets.
2606 static long sock_wait_for_wmem(struct sock *sk, long timeo)
2610 sk_clear_bit(SOCKWQ_ASYNC_NOSPACE, sk);
2614 if (signal_pending(current))
2616 set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
2617 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
2618 if (refcount_read(&sk->sk_wmem_alloc) < READ_ONCE(sk->sk_sndbuf))
2620 if (sk->sk_shutdown & SEND_SHUTDOWN)
2624 timeo = schedule_timeout(timeo);
2626 finish_wait(sk_sleep(sk), &wait);
2632 * Generic send/receive buffer handlers
2635 struct sk_buff *sock_alloc_send_pskb(struct sock *sk, unsigned long header_len,
2636 unsigned long data_len, int noblock,
2637 int *errcode, int max_page_order)
2639 struct sk_buff *skb;
2643 timeo = sock_sndtimeo(sk, noblock);
2645 err = sock_error(sk);
2650 if (sk->sk_shutdown & SEND_SHUTDOWN)
2653 if (sk_wmem_alloc_get(sk) < READ_ONCE(sk->sk_sndbuf))
2656 sk_set_bit(SOCKWQ_ASYNC_NOSPACE, sk);
2657 set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
2661 if (signal_pending(current))
2663 timeo = sock_wait_for_wmem(sk, timeo);
2665 skb = alloc_skb_with_frags(header_len, data_len, max_page_order,
2666 errcode, sk->sk_allocation);
2668 skb_set_owner_w(skb, sk);
2672 err = sock_intr_errno(timeo);
2677 EXPORT_SYMBOL(sock_alloc_send_pskb);
2679 int __sock_cmsg_send(struct sock *sk, struct msghdr *msg, struct cmsghdr *cmsg,
2680 struct sockcm_cookie *sockc)
2684 switch (cmsg->cmsg_type) {
2686 if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_RAW) &&
2687 !ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN))
2689 if (cmsg->cmsg_len != CMSG_LEN(sizeof(u32)))
2691 sockc->mark = *(u32 *)CMSG_DATA(cmsg);
2693 case SO_TIMESTAMPING_OLD:
2694 if (cmsg->cmsg_len != CMSG_LEN(sizeof(u32)))
2697 tsflags = *(u32 *)CMSG_DATA(cmsg);
2698 if (tsflags & ~SOF_TIMESTAMPING_TX_RECORD_MASK)
2701 sockc->tsflags &= ~SOF_TIMESTAMPING_TX_RECORD_MASK;
2702 sockc->tsflags |= tsflags;
2705 if (!sock_flag(sk, SOCK_TXTIME))
2707 if (cmsg->cmsg_len != CMSG_LEN(sizeof(u64)))
2709 sockc->transmit_time = get_unaligned((u64 *)CMSG_DATA(cmsg));
2711 /* SCM_RIGHTS and SCM_CREDENTIALS are semantically in SOL_UNIX. */
2713 case SCM_CREDENTIALS:
2720 EXPORT_SYMBOL(__sock_cmsg_send);
2722 int sock_cmsg_send(struct sock *sk, struct msghdr *msg,
2723 struct sockcm_cookie *sockc)
2725 struct cmsghdr *cmsg;
2728 for_each_cmsghdr(cmsg, msg) {
2729 if (!CMSG_OK(msg, cmsg))
2731 if (cmsg->cmsg_level != SOL_SOCKET)
2733 ret = __sock_cmsg_send(sk, msg, cmsg, sockc);
2739 EXPORT_SYMBOL(sock_cmsg_send);
2741 static void sk_enter_memory_pressure(struct sock *sk)
2743 if (!sk->sk_prot->enter_memory_pressure)
2746 sk->sk_prot->enter_memory_pressure(sk);
2749 static void sk_leave_memory_pressure(struct sock *sk)
2751 if (sk->sk_prot->leave_memory_pressure) {
2752 sk->sk_prot->leave_memory_pressure(sk);
2754 unsigned long *memory_pressure = sk->sk_prot->memory_pressure;
2756 if (memory_pressure && READ_ONCE(*memory_pressure))
2757 WRITE_ONCE(*memory_pressure, 0);
2761 DEFINE_STATIC_KEY_FALSE(net_high_order_alloc_disable_key);
2764 * skb_page_frag_refill - check that a page_frag contains enough room
2765 * @sz: minimum size of the fragment we want to get
2766 * @pfrag: pointer to page_frag
2767 * @gfp: priority for memory allocation
2769 * Note: While this allocator tries to use high order pages, there is
2770 * no guarantee that allocations succeed. Therefore, @sz MUST be
2771 * less or equal than PAGE_SIZE.
2773 bool skb_page_frag_refill(unsigned int sz, struct page_frag *pfrag, gfp_t gfp)
2776 if (page_ref_count(pfrag->page) == 1) {
2780 if (pfrag->offset + sz <= pfrag->size)
2782 put_page(pfrag->page);
2786 if (SKB_FRAG_PAGE_ORDER &&
2787 !static_branch_unlikely(&net_high_order_alloc_disable_key)) {
2788 /* Avoid direct reclaim but allow kswapd to wake */
2789 pfrag->page = alloc_pages((gfp & ~__GFP_DIRECT_RECLAIM) |
2790 __GFP_COMP | __GFP_NOWARN |
2792 SKB_FRAG_PAGE_ORDER);
2793 if (likely(pfrag->page)) {
2794 pfrag->size = PAGE_SIZE << SKB_FRAG_PAGE_ORDER;
2798 pfrag->page = alloc_page(gfp);
2799 if (likely(pfrag->page)) {
2800 pfrag->size = PAGE_SIZE;
2805 EXPORT_SYMBOL(skb_page_frag_refill);
2807 bool sk_page_frag_refill(struct sock *sk, struct page_frag *pfrag)
2809 if (likely(skb_page_frag_refill(32U, pfrag, sk->sk_allocation)))
2812 sk_enter_memory_pressure(sk);
2813 sk_stream_moderate_sndbuf(sk);
2816 EXPORT_SYMBOL(sk_page_frag_refill);
2818 void __lock_sock(struct sock *sk)
2819 __releases(&sk->sk_lock.slock)
2820 __acquires(&sk->sk_lock.slock)
2825 prepare_to_wait_exclusive(&sk->sk_lock.wq, &wait,
2826 TASK_UNINTERRUPTIBLE);
2827 spin_unlock_bh(&sk->sk_lock.slock);
2829 spin_lock_bh(&sk->sk_lock.slock);
2830 if (!sock_owned_by_user(sk))
2833 finish_wait(&sk->sk_lock.wq, &wait);
2836 void __release_sock(struct sock *sk)
2837 __releases(&sk->sk_lock.slock)
2838 __acquires(&sk->sk_lock.slock)
2840 struct sk_buff *skb, *next;
2842 while ((skb = sk->sk_backlog.head) != NULL) {
2843 sk->sk_backlog.head = sk->sk_backlog.tail = NULL;
2845 spin_unlock_bh(&sk->sk_lock.slock);
2850 DEBUG_NET_WARN_ON_ONCE(skb_dst_is_noref(skb));
2851 skb_mark_not_on_list(skb);
2852 sk_backlog_rcv(sk, skb);
2857 } while (skb != NULL);
2859 spin_lock_bh(&sk->sk_lock.slock);
2863 * Doing the zeroing here guarantee we can not loop forever
2864 * while a wild producer attempts to flood us.
2866 sk->sk_backlog.len = 0;
2869 void __sk_flush_backlog(struct sock *sk)
2871 spin_lock_bh(&sk->sk_lock.slock);
2873 spin_unlock_bh(&sk->sk_lock.slock);
2875 EXPORT_SYMBOL_GPL(__sk_flush_backlog);
2878 * sk_wait_data - wait for data to arrive at sk_receive_queue
2879 * @sk: sock to wait on
2880 * @timeo: for how long
2881 * @skb: last skb seen on sk_receive_queue
2883 * Now socket state including sk->sk_err is changed only under lock,
2884 * hence we may omit checks after joining wait queue.
2885 * We check receive queue before schedule() only as optimization;
2886 * it is very likely that release_sock() added new data.
2888 int sk_wait_data(struct sock *sk, long *timeo, const struct sk_buff *skb)
2890 DEFINE_WAIT_FUNC(wait, woken_wake_function);
2893 add_wait_queue(sk_sleep(sk), &wait);
2894 sk_set_bit(SOCKWQ_ASYNC_WAITDATA, sk);
2895 rc = sk_wait_event(sk, timeo, skb_peek_tail(&sk->sk_receive_queue) != skb, &wait);
2896 sk_clear_bit(SOCKWQ_ASYNC_WAITDATA, sk);
2897 remove_wait_queue(sk_sleep(sk), &wait);
2900 EXPORT_SYMBOL(sk_wait_data);
2903 * __sk_mem_raise_allocated - increase memory_allocated
2905 * @size: memory size to allocate
2906 * @amt: pages to allocate
2907 * @kind: allocation type
2909 * Similar to __sk_mem_schedule(), but does not update sk_forward_alloc
2911 int __sk_mem_raise_allocated(struct sock *sk, int size, int amt, int kind)
2913 bool memcg_charge = mem_cgroup_sockets_enabled && sk->sk_memcg;
2914 struct proto *prot = sk->sk_prot;
2915 bool charged = true;
2918 sk_memory_allocated_add(sk, amt);
2919 allocated = sk_memory_allocated(sk);
2921 !(charged = mem_cgroup_charge_skmem(sk->sk_memcg, amt,
2922 gfp_memcg_charge())))
2923 goto suppress_allocation;
2926 if (allocated <= sk_prot_mem_limits(sk, 0)) {
2927 sk_leave_memory_pressure(sk);
2931 /* Under pressure. */
2932 if (allocated > sk_prot_mem_limits(sk, 1))
2933 sk_enter_memory_pressure(sk);
2935 /* Over hard limit. */
2936 if (allocated > sk_prot_mem_limits(sk, 2))
2937 goto suppress_allocation;
2939 /* guarantee minimum buffer size under pressure */
2940 if (kind == SK_MEM_RECV) {
2941 if (atomic_read(&sk->sk_rmem_alloc) < sk_get_rmem0(sk, prot))
2944 } else { /* SK_MEM_SEND */
2945 int wmem0 = sk_get_wmem0(sk, prot);
2947 if (sk->sk_type == SOCK_STREAM) {
2948 if (sk->sk_wmem_queued < wmem0)
2950 } else if (refcount_read(&sk->sk_wmem_alloc) < wmem0) {
2955 if (sk_has_memory_pressure(sk)) {
2958 if (!sk_under_memory_pressure(sk))
2960 alloc = sk_sockets_allocated_read_positive(sk);
2961 if (sk_prot_mem_limits(sk, 2) > alloc *
2962 sk_mem_pages(sk->sk_wmem_queued +
2963 atomic_read(&sk->sk_rmem_alloc) +
2964 sk->sk_forward_alloc))
2968 suppress_allocation:
2970 if (kind == SK_MEM_SEND && sk->sk_type == SOCK_STREAM) {
2971 sk_stream_moderate_sndbuf(sk);
2973 /* Fail only if socket is _under_ its sndbuf.
2974 * In this case we cannot block, so that we have to fail.
2976 if (sk->sk_wmem_queued + size >= sk->sk_sndbuf) {
2977 /* Force charge with __GFP_NOFAIL */
2978 if (memcg_charge && !charged) {
2979 mem_cgroup_charge_skmem(sk->sk_memcg, amt,
2980 gfp_memcg_charge() | __GFP_NOFAIL);
2986 if (kind == SK_MEM_SEND || (kind == SK_MEM_RECV && charged))
2987 trace_sock_exceed_buf_limit(sk, prot, allocated, kind);
2989 sk_memory_allocated_sub(sk, amt);
2991 if (memcg_charge && charged)
2992 mem_cgroup_uncharge_skmem(sk->sk_memcg, amt);
2998 * __sk_mem_schedule - increase sk_forward_alloc and memory_allocated
3000 * @size: memory size to allocate
3001 * @kind: allocation type
3003 * If kind is SK_MEM_SEND, it means wmem allocation. Otherwise it means
3004 * rmem allocation. This function assumes that protocols which have
3005 * memory_pressure use sk_wmem_queued as write buffer accounting.
3007 int __sk_mem_schedule(struct sock *sk, int size, int kind)
3009 int ret, amt = sk_mem_pages(size);
3011 sk->sk_forward_alloc += amt << PAGE_SHIFT;
3012 ret = __sk_mem_raise_allocated(sk, size, amt, kind);
3014 sk->sk_forward_alloc -= amt << PAGE_SHIFT;
3017 EXPORT_SYMBOL(__sk_mem_schedule);
3020 * __sk_mem_reduce_allocated - reclaim memory_allocated
3022 * @amount: number of quanta
3024 * Similar to __sk_mem_reclaim(), but does not update sk_forward_alloc
3026 void __sk_mem_reduce_allocated(struct sock *sk, int amount)
3028 sk_memory_allocated_sub(sk, amount);
3030 if (mem_cgroup_sockets_enabled && sk->sk_memcg)
3031 mem_cgroup_uncharge_skmem(sk->sk_memcg, amount);
3033 if (sk_under_memory_pressure(sk) &&
3034 (sk_memory_allocated(sk) < sk_prot_mem_limits(sk, 0)))
3035 sk_leave_memory_pressure(sk);
3039 * __sk_mem_reclaim - reclaim sk_forward_alloc and memory_allocated
3041 * @amount: number of bytes (rounded down to a PAGE_SIZE multiple)
3043 void __sk_mem_reclaim(struct sock *sk, int amount)
3045 amount >>= PAGE_SHIFT;
3046 sk->sk_forward_alloc -= amount << PAGE_SHIFT;
3047 __sk_mem_reduce_allocated(sk, amount);
3049 EXPORT_SYMBOL(__sk_mem_reclaim);
3051 int sk_set_peek_off(struct sock *sk, int val)
3053 sk->sk_peek_off = val;
3056 EXPORT_SYMBOL_GPL(sk_set_peek_off);
3059 * Set of default routines for initialising struct proto_ops when
3060 * the protocol does not support a particular function. In certain
3061 * cases where it makes no sense for a protocol to have a "do nothing"
3062 * function, some default processing is provided.
3065 int sock_no_bind(struct socket *sock, struct sockaddr *saddr, int len)
3069 EXPORT_SYMBOL(sock_no_bind);
3071 int sock_no_connect(struct socket *sock, struct sockaddr *saddr,
3076 EXPORT_SYMBOL(sock_no_connect);
3078 int sock_no_socketpair(struct socket *sock1, struct socket *sock2)
3082 EXPORT_SYMBOL(sock_no_socketpair);
3084 int sock_no_accept(struct socket *sock, struct socket *newsock, int flags,
3089 EXPORT_SYMBOL(sock_no_accept);
3091 int sock_no_getname(struct socket *sock, struct sockaddr *saddr,
3096 EXPORT_SYMBOL(sock_no_getname);
3098 int sock_no_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
3102 EXPORT_SYMBOL(sock_no_ioctl);
3104 int sock_no_listen(struct socket *sock, int backlog)
3108 EXPORT_SYMBOL(sock_no_listen);
3110 int sock_no_shutdown(struct socket *sock, int how)
3114 EXPORT_SYMBOL(sock_no_shutdown);
3116 int sock_no_sendmsg(struct socket *sock, struct msghdr *m, size_t len)
3120 EXPORT_SYMBOL(sock_no_sendmsg);
3122 int sock_no_sendmsg_locked(struct sock *sk, struct msghdr *m, size_t len)
3126 EXPORT_SYMBOL(sock_no_sendmsg_locked);
3128 int sock_no_recvmsg(struct socket *sock, struct msghdr *m, size_t len,
3133 EXPORT_SYMBOL(sock_no_recvmsg);
3135 int sock_no_mmap(struct file *file, struct socket *sock, struct vm_area_struct *vma)
3137 /* Mirror missing mmap method error code */
3140 EXPORT_SYMBOL(sock_no_mmap);
3143 * When a file is received (via SCM_RIGHTS, etc), we must bump the
3144 * various sock-based usage counts.
3146 void __receive_sock(struct file *file)
3148 struct socket *sock;
3150 sock = sock_from_file(file);
3152 sock_update_netprioidx(&sock->sk->sk_cgrp_data);
3153 sock_update_classid(&sock->sk->sk_cgrp_data);
3157 ssize_t sock_no_sendpage(struct socket *sock, struct page *page, int offset, size_t size, int flags)
3160 struct msghdr msg = {.msg_flags = flags};
3162 char *kaddr = kmap(page);
3163 iov.iov_base = kaddr + offset;
3165 res = kernel_sendmsg(sock, &msg, &iov, 1, size);
3169 EXPORT_SYMBOL(sock_no_sendpage);
3171 ssize_t sock_no_sendpage_locked(struct sock *sk, struct page *page,
3172 int offset, size_t size, int flags)
3175 struct msghdr msg = {.msg_flags = flags};
3177 char *kaddr = kmap(page);
3179 iov.iov_base = kaddr + offset;
3181 res = kernel_sendmsg_locked(sk, &msg, &iov, 1, size);
3185 EXPORT_SYMBOL(sock_no_sendpage_locked);
3188 * Default Socket Callbacks
3191 static void sock_def_wakeup(struct sock *sk)
3193 struct socket_wq *wq;
3196 wq = rcu_dereference(sk->sk_wq);
3197 if (skwq_has_sleeper(wq))
3198 wake_up_interruptible_all(&wq->wait);
3202 static void sock_def_error_report(struct sock *sk)
3204 struct socket_wq *wq;
3207 wq = rcu_dereference(sk->sk_wq);
3208 if (skwq_has_sleeper(wq))
3209 wake_up_interruptible_poll(&wq->wait, EPOLLERR);
3210 sk_wake_async(sk, SOCK_WAKE_IO, POLL_ERR);
3214 void sock_def_readable(struct sock *sk)
3216 struct socket_wq *wq;
3219 wq = rcu_dereference(sk->sk_wq);
3220 if (skwq_has_sleeper(wq))
3221 wake_up_interruptible_sync_poll(&wq->wait, EPOLLIN | EPOLLPRI |
3222 EPOLLRDNORM | EPOLLRDBAND);
3223 sk_wake_async(sk, SOCK_WAKE_WAITD, POLL_IN);
3227 static void sock_def_write_space(struct sock *sk)
3229 struct socket_wq *wq;
3233 /* Do not wake up a writer until he can make "significant"
3236 if (sock_writeable(sk)) {
3237 wq = rcu_dereference(sk->sk_wq);
3238 if (skwq_has_sleeper(wq))
3239 wake_up_interruptible_sync_poll(&wq->wait, EPOLLOUT |
3240 EPOLLWRNORM | EPOLLWRBAND);
3242 /* Should agree with poll, otherwise some programs break */
3243 sk_wake_async(sk, SOCK_WAKE_SPACE, POLL_OUT);
3249 /* An optimised version of sock_def_write_space(), should only be called
3250 * for SOCK_RCU_FREE sockets under RCU read section and after putting
3253 static void sock_def_write_space_wfree(struct sock *sk)
3255 /* Do not wake up a writer until he can make "significant"
3258 if (sock_writeable(sk)) {
3259 struct socket_wq *wq = rcu_dereference(sk->sk_wq);
3261 /* rely on refcount_sub from sock_wfree() */
3262 smp_mb__after_atomic();
3263 if (wq && waitqueue_active(&wq->wait))
3264 wake_up_interruptible_sync_poll(&wq->wait, EPOLLOUT |
3265 EPOLLWRNORM | EPOLLWRBAND);
3267 /* Should agree with poll, otherwise some programs break */
3268 sk_wake_async(sk, SOCK_WAKE_SPACE, POLL_OUT);
3272 static void sock_def_destruct(struct sock *sk)
3276 void sk_send_sigurg(struct sock *sk)
3278 if (sk->sk_socket && sk->sk_socket->file)
3279 if (send_sigurg(&sk->sk_socket->file->f_owner))
3280 sk_wake_async(sk, SOCK_WAKE_URG, POLL_PRI);
3282 EXPORT_SYMBOL(sk_send_sigurg);
3284 void sk_reset_timer(struct sock *sk, struct timer_list* timer,
3285 unsigned long expires)
3287 if (!mod_timer(timer, expires))
3290 EXPORT_SYMBOL(sk_reset_timer);
3292 void sk_stop_timer(struct sock *sk, struct timer_list* timer)
3294 if (del_timer(timer))
3297 EXPORT_SYMBOL(sk_stop_timer);
3299 void sk_stop_timer_sync(struct sock *sk, struct timer_list *timer)
3301 if (del_timer_sync(timer))
3304 EXPORT_SYMBOL(sk_stop_timer_sync);
3306 void sock_init_data(struct socket *sock, struct sock *sk)
3309 sk->sk_send_head = NULL;
3311 timer_setup(&sk->sk_timer, NULL, 0);
3313 sk->sk_allocation = GFP_KERNEL;
3314 sk->sk_rcvbuf = READ_ONCE(sysctl_rmem_default);
3315 sk->sk_sndbuf = READ_ONCE(sysctl_wmem_default);
3316 sk->sk_state = TCP_CLOSE;
3317 sk_set_socket(sk, sock);
3319 sock_set_flag(sk, SOCK_ZAPPED);
3322 sk->sk_type = sock->type;
3323 RCU_INIT_POINTER(sk->sk_wq, &sock->wq);
3325 sk->sk_uid = SOCK_INODE(sock)->i_uid;
3327 RCU_INIT_POINTER(sk->sk_wq, NULL);
3328 sk->sk_uid = make_kuid(sock_net(sk)->user_ns, 0);
3331 rwlock_init(&sk->sk_callback_lock);
3332 if (sk->sk_kern_sock)
3333 lockdep_set_class_and_name(
3334 &sk->sk_callback_lock,
3335 af_kern_callback_keys + sk->sk_family,
3336 af_family_kern_clock_key_strings[sk->sk_family]);
3338 lockdep_set_class_and_name(
3339 &sk->sk_callback_lock,
3340 af_callback_keys + sk->sk_family,
3341 af_family_clock_key_strings[sk->sk_family]);
3343 sk->sk_state_change = sock_def_wakeup;
3344 sk->sk_data_ready = sock_def_readable;
3345 sk->sk_write_space = sock_def_write_space;
3346 sk->sk_error_report = sock_def_error_report;
3347 sk->sk_destruct = sock_def_destruct;
3349 sk->sk_frag.page = NULL;
3350 sk->sk_frag.offset = 0;
3351 sk->sk_peek_off = -1;
3353 sk->sk_peer_pid = NULL;
3354 sk->sk_peer_cred = NULL;
3355 spin_lock_init(&sk->sk_peer_lock);
3357 sk->sk_write_pending = 0;
3358 sk->sk_rcvlowat = 1;
3359 sk->sk_rcvtimeo = MAX_SCHEDULE_TIMEOUT;
3360 sk->sk_sndtimeo = MAX_SCHEDULE_TIMEOUT;
3362 sk->sk_stamp = SK_DEFAULT_STAMP;
3363 #if BITS_PER_LONG==32
3364 seqlock_init(&sk->sk_stamp_seq);
3366 atomic_set(&sk->sk_zckey, 0);
3368 #ifdef CONFIG_NET_RX_BUSY_POLL
3370 sk->sk_ll_usec = READ_ONCE(sysctl_net_busy_read);
3373 sk->sk_max_pacing_rate = ~0UL;
3374 sk->sk_pacing_rate = ~0UL;
3375 WRITE_ONCE(sk->sk_pacing_shift, 10);
3376 sk->sk_incoming_cpu = -1;
3377 sk->sk_txrehash = SOCK_TXREHASH_DEFAULT;
3379 sk_rx_queue_clear(sk);
3381 * Before updating sk_refcnt, we must commit prior changes to memory
3382 * (Documentation/RCU/rculist_nulls.rst for details)
3385 refcount_set(&sk->sk_refcnt, 1);
3386 atomic_set(&sk->sk_drops, 0);
3388 EXPORT_SYMBOL(sock_init_data);
3390 void lock_sock_nested(struct sock *sk, int subclass)
3392 /* The sk_lock has mutex_lock() semantics here. */
3393 mutex_acquire(&sk->sk_lock.dep_map, subclass, 0, _RET_IP_);
3396 spin_lock_bh(&sk->sk_lock.slock);
3397 if (sock_owned_by_user_nocheck(sk))
3399 sk->sk_lock.owned = 1;
3400 spin_unlock_bh(&sk->sk_lock.slock);
3402 EXPORT_SYMBOL(lock_sock_nested);
3404 void release_sock(struct sock *sk)
3406 spin_lock_bh(&sk->sk_lock.slock);
3407 if (sk->sk_backlog.tail)
3410 /* Warning : release_cb() might need to release sk ownership,
3411 * ie call sock_release_ownership(sk) before us.
3413 if (sk->sk_prot->release_cb)
3414 sk->sk_prot->release_cb(sk);
3416 sock_release_ownership(sk);
3417 if (waitqueue_active(&sk->sk_lock.wq))
3418 wake_up(&sk->sk_lock.wq);
3419 spin_unlock_bh(&sk->sk_lock.slock);
3421 EXPORT_SYMBOL(release_sock);
3423 bool __lock_sock_fast(struct sock *sk) __acquires(&sk->sk_lock.slock)
3426 spin_lock_bh(&sk->sk_lock.slock);
3428 if (!sock_owned_by_user_nocheck(sk)) {
3430 * Fast path return with bottom halves disabled and
3431 * sock::sk_lock.slock held.
3433 * The 'mutex' is not contended and holding
3434 * sock::sk_lock.slock prevents all other lockers to
3435 * proceed so the corresponding unlock_sock_fast() can
3436 * avoid the slow path of release_sock() completely and
3437 * just release slock.
3439 * From a semantical POV this is equivalent to 'acquiring'
3440 * the 'mutex', hence the corresponding lockdep
3441 * mutex_release() has to happen in the fast path of
3442 * unlock_sock_fast().
3448 sk->sk_lock.owned = 1;
3449 __acquire(&sk->sk_lock.slock);
3450 spin_unlock_bh(&sk->sk_lock.slock);
3453 EXPORT_SYMBOL(__lock_sock_fast);
3455 int sock_gettstamp(struct socket *sock, void __user *userstamp,
3456 bool timeval, bool time32)
3458 struct sock *sk = sock->sk;
3459 struct timespec64 ts;
3461 sock_enable_timestamp(sk, SOCK_TIMESTAMP);
3462 ts = ktime_to_timespec64(sock_read_timestamp(sk));
3463 if (ts.tv_sec == -1)
3465 if (ts.tv_sec == 0) {
3466 ktime_t kt = ktime_get_real();
3467 sock_write_timestamp(sk, kt);
3468 ts = ktime_to_timespec64(kt);
3474 #ifdef CONFIG_COMPAT_32BIT_TIME
3476 return put_old_timespec32(&ts, userstamp);
3478 #ifdef CONFIG_SPARC64
3479 /* beware of padding in sparc64 timeval */
3480 if (timeval && !in_compat_syscall()) {
3481 struct __kernel_old_timeval __user tv = {
3482 .tv_sec = ts.tv_sec,
3483 .tv_usec = ts.tv_nsec,
3485 if (copy_to_user(userstamp, &tv, sizeof(tv)))
3490 return put_timespec64(&ts, userstamp);
3492 EXPORT_SYMBOL(sock_gettstamp);
3494 void sock_enable_timestamp(struct sock *sk, enum sock_flags flag)
3496 if (!sock_flag(sk, flag)) {
3497 unsigned long previous_flags = sk->sk_flags;
3499 sock_set_flag(sk, flag);
3501 * we just set one of the two flags which require net
3502 * time stamping, but time stamping might have been on
3503 * already because of the other one
3505 if (sock_needs_netstamp(sk) &&
3506 !(previous_flags & SK_FLAGS_TIMESTAMP))
3507 net_enable_timestamp();
3511 int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len,
3512 int level, int type)
3514 struct sock_exterr_skb *serr;
3515 struct sk_buff *skb;
3519 skb = sock_dequeue_err_skb(sk);
3525 msg->msg_flags |= MSG_TRUNC;
3528 err = skb_copy_datagram_msg(skb, 0, msg, copied);
3532 sock_recv_timestamp(msg, sk, skb);
3534 serr = SKB_EXT_ERR(skb);
3535 put_cmsg(msg, level, type, sizeof(serr->ee), &serr->ee);
3537 msg->msg_flags |= MSG_ERRQUEUE;
3545 EXPORT_SYMBOL(sock_recv_errqueue);
3548 * Get a socket option on an socket.
3550 * FIX: POSIX 1003.1g is very ambiguous here. It states that
3551 * asynchronous errors should be reported by getsockopt. We assume
3552 * this means if you specify SO_ERROR (otherwise whats the point of it).
3554 int sock_common_getsockopt(struct socket *sock, int level, int optname,
3555 char __user *optval, int __user *optlen)
3557 struct sock *sk = sock->sk;
3559 return sk->sk_prot->getsockopt(sk, level, optname, optval, optlen);
3561 EXPORT_SYMBOL(sock_common_getsockopt);
3563 int sock_common_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,
3566 struct sock *sk = sock->sk;
3570 err = sk->sk_prot->recvmsg(sk, msg, size, flags, &addr_len);
3572 msg->msg_namelen = addr_len;
3575 EXPORT_SYMBOL(sock_common_recvmsg);
3578 * Set socket options on an inet socket.
3580 int sock_common_setsockopt(struct socket *sock, int level, int optname,
3581 sockptr_t optval, unsigned int optlen)
3583 struct sock *sk = sock->sk;
3585 return sk->sk_prot->setsockopt(sk, level, optname, optval, optlen);
3587 EXPORT_SYMBOL(sock_common_setsockopt);
3589 void sk_common_release(struct sock *sk)
3591 if (sk->sk_prot->destroy)
3592 sk->sk_prot->destroy(sk);
3595 * Observation: when sk_common_release is called, processes have
3596 * no access to socket. But net still has.
3597 * Step one, detach it from networking:
3599 * A. Remove from hash tables.
3602 sk->sk_prot->unhash(sk);
3605 * In this point socket cannot receive new packets, but it is possible
3606 * that some packets are in flight because some CPU runs receiver and
3607 * did hash table lookup before we unhashed socket. They will achieve
3608 * receive queue and will be purged by socket destructor.
3610 * Also we still have packets pending on receive queue and probably,
3611 * our own packets waiting in device queues. sock_destroy will drain
3612 * receive queue, but transmitted packets will delay socket destruction
3613 * until the last reference will be released.
3618 xfrm_sk_free_policy(sk);
3620 sk_refcnt_debug_release(sk);
3624 EXPORT_SYMBOL(sk_common_release);
3626 void sk_get_meminfo(const struct sock *sk, u32 *mem)
3628 memset(mem, 0, sizeof(*mem) * SK_MEMINFO_VARS);
3630 mem[SK_MEMINFO_RMEM_ALLOC] = sk_rmem_alloc_get(sk);
3631 mem[SK_MEMINFO_RCVBUF] = READ_ONCE(sk->sk_rcvbuf);
3632 mem[SK_MEMINFO_WMEM_ALLOC] = sk_wmem_alloc_get(sk);
3633 mem[SK_MEMINFO_SNDBUF] = READ_ONCE(sk->sk_sndbuf);
3634 mem[SK_MEMINFO_FWD_ALLOC] = sk->sk_forward_alloc;
3635 mem[SK_MEMINFO_WMEM_QUEUED] = READ_ONCE(sk->sk_wmem_queued);
3636 mem[SK_MEMINFO_OPTMEM] = atomic_read(&sk->sk_omem_alloc);
3637 mem[SK_MEMINFO_BACKLOG] = READ_ONCE(sk->sk_backlog.len);
3638 mem[SK_MEMINFO_DROPS] = atomic_read(&sk->sk_drops);
3641 #ifdef CONFIG_PROC_FS
3642 static DECLARE_BITMAP(proto_inuse_idx, PROTO_INUSE_NR);
3644 int sock_prot_inuse_get(struct net *net, struct proto *prot)
3646 int cpu, idx = prot->inuse_idx;
3649 for_each_possible_cpu(cpu)
3650 res += per_cpu_ptr(net->core.prot_inuse, cpu)->val[idx];
3652 return res >= 0 ? res : 0;
3654 EXPORT_SYMBOL_GPL(sock_prot_inuse_get);
3656 int sock_inuse_get(struct net *net)
3660 for_each_possible_cpu(cpu)
3661 res += per_cpu_ptr(net->core.prot_inuse, cpu)->all;
3666 EXPORT_SYMBOL_GPL(sock_inuse_get);
3668 static int __net_init sock_inuse_init_net(struct net *net)
3670 net->core.prot_inuse = alloc_percpu(struct prot_inuse);
3671 if (net->core.prot_inuse == NULL)
3676 static void __net_exit sock_inuse_exit_net(struct net *net)
3678 free_percpu(net->core.prot_inuse);
3681 static struct pernet_operations net_inuse_ops = {
3682 .init = sock_inuse_init_net,
3683 .exit = sock_inuse_exit_net,
3686 static __init int net_inuse_init(void)
3688 if (register_pernet_subsys(&net_inuse_ops))
3689 panic("Cannot initialize net inuse counters");
3694 core_initcall(net_inuse_init);
3696 static int assign_proto_idx(struct proto *prot)
3698 prot->inuse_idx = find_first_zero_bit(proto_inuse_idx, PROTO_INUSE_NR);
3700 if (unlikely(prot->inuse_idx == PROTO_INUSE_NR - 1)) {
3701 pr_err("PROTO_INUSE_NR exhausted\n");
3705 set_bit(prot->inuse_idx, proto_inuse_idx);
3709 static void release_proto_idx(struct proto *prot)
3711 if (prot->inuse_idx != PROTO_INUSE_NR - 1)
3712 clear_bit(prot->inuse_idx, proto_inuse_idx);
3715 static inline int assign_proto_idx(struct proto *prot)
3720 static inline void release_proto_idx(struct proto *prot)
3726 static void tw_prot_cleanup(struct timewait_sock_ops *twsk_prot)
3730 kfree(twsk_prot->twsk_slab_name);
3731 twsk_prot->twsk_slab_name = NULL;
3732 kmem_cache_destroy(twsk_prot->twsk_slab);
3733 twsk_prot->twsk_slab = NULL;
3736 static int tw_prot_init(const struct proto *prot)
3738 struct timewait_sock_ops *twsk_prot = prot->twsk_prot;
3743 twsk_prot->twsk_slab_name = kasprintf(GFP_KERNEL, "tw_sock_%s",
3745 if (!twsk_prot->twsk_slab_name)
3748 twsk_prot->twsk_slab =
3749 kmem_cache_create(twsk_prot->twsk_slab_name,
3750 twsk_prot->twsk_obj_size, 0,
3751 SLAB_ACCOUNT | prot->slab_flags,
3753 if (!twsk_prot->twsk_slab) {
3754 pr_crit("%s: Can't create timewait sock SLAB cache!\n",
3762 static void req_prot_cleanup(struct request_sock_ops *rsk_prot)
3766 kfree(rsk_prot->slab_name);
3767 rsk_prot->slab_name = NULL;
3768 kmem_cache_destroy(rsk_prot->slab);
3769 rsk_prot->slab = NULL;
3772 static int req_prot_init(const struct proto *prot)
3774 struct request_sock_ops *rsk_prot = prot->rsk_prot;
3779 rsk_prot->slab_name = kasprintf(GFP_KERNEL, "request_sock_%s",
3781 if (!rsk_prot->slab_name)
3784 rsk_prot->slab = kmem_cache_create(rsk_prot->slab_name,
3785 rsk_prot->obj_size, 0,
3786 SLAB_ACCOUNT | prot->slab_flags,
3789 if (!rsk_prot->slab) {
3790 pr_crit("%s: Can't create request sock SLAB cache!\n",
3797 int proto_register(struct proto *prot, int alloc_slab)
3801 if (prot->memory_allocated && !prot->sysctl_mem) {
3802 pr_err("%s: missing sysctl_mem\n", prot->name);
3805 if (prot->memory_allocated && !prot->per_cpu_fw_alloc) {
3806 pr_err("%s: missing per_cpu_fw_alloc\n", prot->name);
3810 prot->slab = kmem_cache_create_usercopy(prot->name,
3812 SLAB_HWCACHE_ALIGN | SLAB_ACCOUNT |
3814 prot->useroffset, prot->usersize,
3817 if (prot->slab == NULL) {
3818 pr_crit("%s: Can't create sock SLAB cache!\n",
3823 if (req_prot_init(prot))
3824 goto out_free_request_sock_slab;
3826 if (tw_prot_init(prot))
3827 goto out_free_timewait_sock_slab;
3830 mutex_lock(&proto_list_mutex);
3831 ret = assign_proto_idx(prot);
3833 mutex_unlock(&proto_list_mutex);
3834 goto out_free_timewait_sock_slab;
3836 list_add(&prot->node, &proto_list);
3837 mutex_unlock(&proto_list_mutex);
3840 out_free_timewait_sock_slab:
3842 tw_prot_cleanup(prot->twsk_prot);
3843 out_free_request_sock_slab:
3845 req_prot_cleanup(prot->rsk_prot);
3847 kmem_cache_destroy(prot->slab);
3853 EXPORT_SYMBOL(proto_register);
3855 void proto_unregister(struct proto *prot)
3857 mutex_lock(&proto_list_mutex);
3858 release_proto_idx(prot);
3859 list_del(&prot->node);
3860 mutex_unlock(&proto_list_mutex);
3862 kmem_cache_destroy(prot->slab);
3865 req_prot_cleanup(prot->rsk_prot);
3866 tw_prot_cleanup(prot->twsk_prot);
3868 EXPORT_SYMBOL(proto_unregister);
3870 int sock_load_diag_module(int family, int protocol)
3873 if (!sock_is_registered(family))
3876 return request_module("net-pf-%d-proto-%d-type-%d", PF_NETLINK,
3877 NETLINK_SOCK_DIAG, family);
3881 if (family == AF_INET &&
3882 protocol != IPPROTO_RAW &&
3883 protocol < MAX_INET_PROTOS &&
3884 !rcu_access_pointer(inet_protos[protocol]))
3888 return request_module("net-pf-%d-proto-%d-type-%d-%d", PF_NETLINK,
3889 NETLINK_SOCK_DIAG, family, protocol);
3891 EXPORT_SYMBOL(sock_load_diag_module);
3893 #ifdef CONFIG_PROC_FS
3894 static void *proto_seq_start(struct seq_file *seq, loff_t *pos)
3895 __acquires(proto_list_mutex)
3897 mutex_lock(&proto_list_mutex);
3898 return seq_list_start_head(&proto_list, *pos);
3901 static void *proto_seq_next(struct seq_file *seq, void *v, loff_t *pos)
3903 return seq_list_next(v, &proto_list, pos);
3906 static void proto_seq_stop(struct seq_file *seq, void *v)
3907 __releases(proto_list_mutex)
3909 mutex_unlock(&proto_list_mutex);
3912 static char proto_method_implemented(const void *method)
3914 return method == NULL ? 'n' : 'y';
3916 static long sock_prot_memory_allocated(struct proto *proto)
3918 return proto->memory_allocated != NULL ? proto_memory_allocated(proto) : -1L;
3921 static const char *sock_prot_memory_pressure(struct proto *proto)
3923 return proto->memory_pressure != NULL ?
3924 proto_memory_pressure(proto) ? "yes" : "no" : "NI";
3927 static void proto_seq_printf(struct seq_file *seq, struct proto *proto)
3930 seq_printf(seq, "%-9s %4u %6d %6ld %-3s %6u %-3s %-10s "
3931 "%2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c\n",
3934 sock_prot_inuse_get(seq_file_net(seq), proto),
3935 sock_prot_memory_allocated(proto),
3936 sock_prot_memory_pressure(proto),
3938 proto->slab == NULL ? "no" : "yes",
3939 module_name(proto->owner),
3940 proto_method_implemented(proto->close),
3941 proto_method_implemented(proto->connect),
3942 proto_method_implemented(proto->disconnect),
3943 proto_method_implemented(proto->accept),
3944 proto_method_implemented(proto->ioctl),
3945 proto_method_implemented(proto->init),
3946 proto_method_implemented(proto->destroy),
3947 proto_method_implemented(proto->shutdown),
3948 proto_method_implemented(proto->setsockopt),
3949 proto_method_implemented(proto->getsockopt),
3950 proto_method_implemented(proto->sendmsg),
3951 proto_method_implemented(proto->recvmsg),
3952 proto_method_implemented(proto->sendpage),
3953 proto_method_implemented(proto->bind),
3954 proto_method_implemented(proto->backlog_rcv),
3955 proto_method_implemented(proto->hash),
3956 proto_method_implemented(proto->unhash),
3957 proto_method_implemented(proto->get_port),
3958 proto_method_implemented(proto->enter_memory_pressure));
3961 static int proto_seq_show(struct seq_file *seq, void *v)
3963 if (v == &proto_list)
3964 seq_printf(seq, "%-9s %-4s %-8s %-6s %-5s %-7s %-4s %-10s %s",
3973 "cl co di ac io in de sh ss gs se re sp bi br ha uh gp em\n");
3975 proto_seq_printf(seq, list_entry(v, struct proto, node));
3979 static const struct seq_operations proto_seq_ops = {
3980 .start = proto_seq_start,
3981 .next = proto_seq_next,
3982 .stop = proto_seq_stop,
3983 .show = proto_seq_show,
3986 static __net_init int proto_init_net(struct net *net)
3988 if (!proc_create_net("protocols", 0444, net->proc_net, &proto_seq_ops,
3989 sizeof(struct seq_net_private)))
3995 static __net_exit void proto_exit_net(struct net *net)
3997 remove_proc_entry("protocols", net->proc_net);
4001 static __net_initdata struct pernet_operations proto_net_ops = {
4002 .init = proto_init_net,
4003 .exit = proto_exit_net,
4006 static int __init proto_init(void)
4008 return register_pernet_subsys(&proto_net_ops);
4011 subsys_initcall(proto_init);
4013 #endif /* PROC_FS */
4015 #ifdef CONFIG_NET_RX_BUSY_POLL
4016 bool sk_busy_loop_end(void *p, unsigned long start_time)
4018 struct sock *sk = p;
4020 return !skb_queue_empty_lockless(&sk->sk_receive_queue) ||
4021 sk_busy_loop_timeout(sk, start_time);
4023 EXPORT_SYMBOL(sk_busy_loop_end);
4024 #endif /* CONFIG_NET_RX_BUSY_POLL */
4026 int sock_bind_add(struct sock *sk, struct sockaddr *addr, int addr_len)
4028 if (!sk->sk_prot->bind_add)
4030 return sk->sk_prot->bind_add(sk, addr, addr_len);
4032 EXPORT_SYMBOL(sock_bind_add);