1 | // SPDX-License-Identifier: GPL-2.0-only |
2 | #include <linux/module.h> |
3 | |
4 | #include <linux/inet_diag.h> |
5 | #include <linux/sock_diag.h> |
6 | |
7 | #include <net/inet_sock.h> |
8 | #include <net/raw.h> |
9 | #include <net/rawv6.h> |
10 | |
11 | #ifdef pr_fmt |
12 | # undef pr_fmt |
13 | #endif |
14 | |
15 | #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt |
16 | |
17 | static struct raw_hashinfo * |
18 | raw_get_hashinfo(const struct inet_diag_req_v2 *r) |
19 | { |
20 | if (r->sdiag_family == AF_INET) { |
21 | return &raw_v4_hashinfo; |
22 | #if IS_ENABLED(CONFIG_IPV6) |
23 | } else if (r->sdiag_family == AF_INET6) { |
24 | return &raw_v6_hashinfo; |
25 | #endif |
26 | } else { |
27 | return ERR_PTR(error: -EINVAL); |
28 | } |
29 | } |
30 | |
31 | /* |
32 | * Due to requirement of not breaking user API we can't simply |
33 | * rename @pad field in inet_diag_req_v2 structure, instead |
34 | * use helper to figure it out. |
35 | */ |
36 | |
37 | static bool raw_lookup(struct net *net, const struct sock *sk, |
38 | const struct inet_diag_req_v2 *req) |
39 | { |
40 | struct inet_diag_req_raw *r = (void *)req; |
41 | |
42 | if (r->sdiag_family == AF_INET) |
43 | return raw_v4_match(net, sk, num: r->sdiag_raw_protocol, |
44 | raddr: r->id.idiag_dst[0], |
45 | laddr: r->id.idiag_src[0], |
46 | dif: r->id.idiag_if, sdif: 0); |
47 | #if IS_ENABLED(CONFIG_IPV6) |
48 | else |
49 | return raw_v6_match(net, sk, num: r->sdiag_raw_protocol, |
50 | loc_addr: (const struct in6_addr *)r->id.idiag_src, |
51 | rmt_addr: (const struct in6_addr *)r->id.idiag_dst, |
52 | dif: r->id.idiag_if, sdif: 0); |
53 | #endif |
54 | return false; |
55 | } |
56 | |
57 | static struct sock *raw_sock_get(struct net *net, const struct inet_diag_req_v2 *r) |
58 | { |
59 | struct raw_hashinfo *hashinfo = raw_get_hashinfo(r); |
60 | struct hlist_head *hlist; |
61 | struct sock *sk; |
62 | int slot; |
63 | |
64 | if (IS_ERR(ptr: hashinfo)) |
65 | return ERR_CAST(ptr: hashinfo); |
66 | |
67 | rcu_read_lock(); |
68 | for (slot = 0; slot < RAW_HTABLE_SIZE; slot++) { |
69 | hlist = &hashinfo->ht[slot]; |
70 | sk_for_each_rcu(sk, hlist) { |
71 | if (raw_lookup(net, sk, req: r)) { |
72 | /* |
73 | * Grab it and keep until we fill |
74 | * diag message to be reported, so |
75 | * caller should call sock_put then. |
76 | */ |
77 | if (refcount_inc_not_zero(r: &sk->sk_refcnt)) |
78 | goto out_unlock; |
79 | } |
80 | } |
81 | } |
82 | sk = ERR_PTR(error: -ENOENT); |
83 | out_unlock: |
84 | rcu_read_unlock(); |
85 | |
86 | return sk; |
87 | } |
88 | |
89 | static int raw_diag_dump_one(struct netlink_callback *cb, |
90 | const struct inet_diag_req_v2 *r) |
91 | { |
92 | struct sk_buff *in_skb = cb->skb; |
93 | struct sk_buff *rep; |
94 | struct sock *sk; |
95 | struct net *net; |
96 | int err; |
97 | |
98 | net = sock_net(sk: in_skb->sk); |
99 | sk = raw_sock_get(net, r); |
100 | if (IS_ERR(ptr: sk)) |
101 | return PTR_ERR(ptr: sk); |
102 | |
103 | rep = nlmsg_new(payload: nla_total_size(payload: sizeof(struct inet_diag_msg)) + |
104 | inet_diag_msg_attrs_size() + |
105 | nla_total_size(payload: sizeof(struct inet_diag_meminfo)) + 64, |
106 | GFP_KERNEL); |
107 | if (!rep) { |
108 | sock_put(sk); |
109 | return -ENOMEM; |
110 | } |
111 | |
112 | err = inet_sk_diag_fill(sk, NULL, skb: rep, cb, req: r, nlmsg_flags: 0, |
113 | net_admin: netlink_net_capable(skb: in_skb, CAP_NET_ADMIN)); |
114 | sock_put(sk); |
115 | |
116 | if (err < 0) { |
117 | kfree_skb(skb: rep); |
118 | return err; |
119 | } |
120 | |
121 | err = nlmsg_unicast(sk: net->diag_nlsk, skb: rep, NETLINK_CB(in_skb).portid); |
122 | |
123 | return err; |
124 | } |
125 | |
126 | static int sk_diag_dump(struct sock *sk, struct sk_buff *skb, |
127 | struct netlink_callback *cb, |
128 | const struct inet_diag_req_v2 *r, |
129 | struct nlattr *bc, bool net_admin) |
130 | { |
131 | if (!inet_diag_bc_sk(bc: bc, sk)) |
132 | return 0; |
133 | |
134 | return inet_sk_diag_fill(sk, NULL, skb, cb, req: r, NLM_F_MULTI, net_admin); |
135 | } |
136 | |
137 | static void raw_diag_dump(struct sk_buff *skb, struct netlink_callback *cb, |
138 | const struct inet_diag_req_v2 *r) |
139 | { |
140 | bool net_admin = netlink_net_capable(skb: cb->skb, CAP_NET_ADMIN); |
141 | struct raw_hashinfo *hashinfo = raw_get_hashinfo(r); |
142 | struct net *net = sock_net(sk: skb->sk); |
143 | struct inet_diag_dump_data *cb_data; |
144 | int num, s_num, slot, s_slot; |
145 | struct hlist_head *hlist; |
146 | struct sock *sk = NULL; |
147 | struct nlattr *bc; |
148 | |
149 | if (IS_ERR(ptr: hashinfo)) |
150 | return; |
151 | |
152 | cb_data = cb->data; |
153 | bc = cb_data->inet_diag_nla_bc; |
154 | s_slot = cb->args[0]; |
155 | num = s_num = cb->args[1]; |
156 | |
157 | rcu_read_lock(); |
158 | for (slot = s_slot; slot < RAW_HTABLE_SIZE; s_num = 0, slot++) { |
159 | num = 0; |
160 | |
161 | hlist = &hashinfo->ht[slot]; |
162 | sk_for_each_rcu(sk, hlist) { |
163 | struct inet_sock *inet = inet_sk(sk); |
164 | |
165 | if (!net_eq(net1: sock_net(sk), net2: net)) |
166 | continue; |
167 | if (num < s_num) |
168 | goto next; |
169 | if (sk->sk_family != r->sdiag_family) |
170 | goto next; |
171 | if (r->id.idiag_sport != inet->inet_sport && |
172 | r->id.idiag_sport) |
173 | goto next; |
174 | if (r->id.idiag_dport != inet->inet_dport && |
175 | r->id.idiag_dport) |
176 | goto next; |
177 | if (sk_diag_dump(sk, skb, cb, r, bc, net_admin) < 0) |
178 | goto out_unlock; |
179 | next: |
180 | num++; |
181 | } |
182 | } |
183 | |
184 | out_unlock: |
185 | rcu_read_unlock(); |
186 | |
187 | cb->args[0] = slot; |
188 | cb->args[1] = num; |
189 | } |
190 | |
191 | static void raw_diag_get_info(struct sock *sk, struct inet_diag_msg *r, |
192 | void *info) |
193 | { |
194 | r->idiag_rqueue = sk_rmem_alloc_get(sk); |
195 | r->idiag_wqueue = sk_wmem_alloc_get(sk); |
196 | } |
197 | |
198 | #ifdef CONFIG_INET_DIAG_DESTROY |
199 | static int raw_diag_destroy(struct sk_buff *in_skb, |
200 | const struct inet_diag_req_v2 *r) |
201 | { |
202 | struct net *net = sock_net(sk: in_skb->sk); |
203 | struct sock *sk; |
204 | int err; |
205 | |
206 | sk = raw_sock_get(net, r); |
207 | if (IS_ERR(ptr: sk)) |
208 | return PTR_ERR(ptr: sk); |
209 | err = sock_diag_destroy(sk, ECONNABORTED); |
210 | sock_put(sk); |
211 | return err; |
212 | } |
213 | #endif |
214 | |
215 | static const struct inet_diag_handler raw_diag_handler = { |
216 | .dump = raw_diag_dump, |
217 | .dump_one = raw_diag_dump_one, |
218 | .idiag_get_info = raw_diag_get_info, |
219 | .idiag_type = IPPROTO_RAW, |
220 | .idiag_info_size = 0, |
221 | #ifdef CONFIG_INET_DIAG_DESTROY |
222 | .destroy = raw_diag_destroy, |
223 | #endif |
224 | }; |
225 | |
226 | static void __always_unused __check_inet_diag_req_raw(void) |
227 | { |
228 | /* |
229 | * Make sure the two structures are identical, |
230 | * except the @pad field. |
231 | */ |
232 | #define __offset_mismatch(m1, m2) \ |
233 | (offsetof(struct inet_diag_req_v2, m1) != \ |
234 | offsetof(struct inet_diag_req_raw, m2)) |
235 | |
236 | BUILD_BUG_ON(sizeof(struct inet_diag_req_v2) != |
237 | sizeof(struct inet_diag_req_raw)); |
238 | BUILD_BUG_ON(__offset_mismatch(sdiag_family, sdiag_family)); |
239 | BUILD_BUG_ON(__offset_mismatch(sdiag_protocol, sdiag_protocol)); |
240 | BUILD_BUG_ON(__offset_mismatch(idiag_ext, idiag_ext)); |
241 | BUILD_BUG_ON(__offset_mismatch(pad, sdiag_raw_protocol)); |
242 | BUILD_BUG_ON(__offset_mismatch(idiag_states, idiag_states)); |
243 | BUILD_BUG_ON(__offset_mismatch(id, id)); |
244 | #undef __offset_mismatch |
245 | } |
246 | |
247 | static int __init raw_diag_init(void) |
248 | { |
249 | return inet_diag_register(handler: &raw_diag_handler); |
250 | } |
251 | |
252 | static void __exit raw_diag_exit(void) |
253 | { |
254 | inet_diag_unregister(handler: &raw_diag_handler); |
255 | } |
256 | |
257 | module_init(raw_diag_init); |
258 | module_exit(raw_diag_exit); |
259 | MODULE_LICENSE("GPL" ); |
260 | MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_NETLINK, NETLINK_SOCK_DIAG, 2-255 /* AF_INET - IPPROTO_RAW */); |
261 | MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_NETLINK, NETLINK_SOCK_DIAG, 10-255 /* AF_INET6 - IPPROTO_RAW */); |
262 | |