]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * INET An implementation of the TCP/IP protocol suite for the LINUX | |
3 | * operating system. INET is implemented using the BSD Socket | |
4 | * interface as the means of communication with the user level. | |
5 | * | |
6 | * The User Datagram Protocol (UDP). | |
7 | * | |
8 | * Authors: Ross Biro | |
9 | * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG> | |
10 | * Arnt Gulbrandsen, <agulbra@nvg.unit.no> | |
11 | * Alan Cox, <alan@lxorguk.ukuu.org.uk> | |
12 | * Hirokazu Takahashi, <taka@valinux.co.jp> | |
13 | * | |
14 | * Fixes: | |
15 | * Alan Cox : verify_area() calls | |
16 | * Alan Cox : stopped close while in use off icmp | |
17 | * messages. Not a fix but a botch that | |
18 | * for udp at least is 'valid'. | |
19 | * Alan Cox : Fixed icmp handling properly | |
20 | * Alan Cox : Correct error for oversized datagrams | |
21 | * Alan Cox : Tidied select() semantics. | |
22 | * Alan Cox : udp_err() fixed properly, also now | |
23 | * select and read wake correctly on errors | |
24 | * Alan Cox : udp_send verify_area moved to avoid mem leak | |
25 | * Alan Cox : UDP can count its memory | |
26 | * Alan Cox : send to an unknown connection causes | |
27 | * an ECONNREFUSED off the icmp, but | |
28 | * does NOT close. | |
29 | * Alan Cox : Switched to new sk_buff handlers. No more backlog! | |
30 | * Alan Cox : Using generic datagram code. Even smaller and the PEEK | |
31 | * bug no longer crashes it. | |
32 | * Fred Van Kempen : Net2e support for sk->broadcast. | |
33 | * Alan Cox : Uses skb_free_datagram | |
34 | * Alan Cox : Added get/set sockopt support. | |
35 | * Alan Cox : Broadcasting without option set returns EACCES. | |
36 | * Alan Cox : No wakeup calls. Instead we now use the callbacks. | |
37 | * Alan Cox : Use ip_tos and ip_ttl | |
38 | * Alan Cox : SNMP Mibs | |
39 | * Alan Cox : MSG_DONTROUTE, and 0.0.0.0 support. | |
40 | * Matt Dillon : UDP length checks. | |
41 | * Alan Cox : Smarter af_inet used properly. | |
42 | * Alan Cox : Use new kernel side addressing. | |
43 | * Alan Cox : Incorrect return on truncated datagram receive. | |
44 | * Arnt Gulbrandsen : New udp_send and stuff | |
45 | * Alan Cox : Cache last socket | |
46 | * Alan Cox : Route cache | |
47 | * Jon Peatfield : Minor efficiency fix to sendto(). | |
48 | * Mike Shaver : RFC1122 checks. | |
49 | * Alan Cox : Nonblocking error fix. | |
50 | * Willy Konynenberg : Transparent proxying support. | |
51 | * Mike McLagan : Routing by source | |
52 | * David S. Miller : New socket lookup architecture. | |
53 | * Last socket cache retained as it | |
54 | * does have a high hit rate. | |
55 | * Olaf Kirch : Don't linearise iovec on sendmsg. | |
56 | * Andi Kleen : Some cleanups, cache destination entry | |
57 | * for connect. | |
58 | * Vitaly E. Lavrov : Transparent proxy revived after year coma. | |
59 | * Melvin Smith : Check msg_name not msg_namelen in sendto(), | |
60 | * return ENOTCONN for unconnected sockets (POSIX) | |
61 | * Janos Farkas : don't deliver multi/broadcasts to a different | |
62 | * bound-to-device socket | |
63 | * Hirokazu Takahashi : HW checksumming for outgoing UDP | |
64 | * datagrams. | |
65 | * Hirokazu Takahashi : sendfile() on UDP works now. | |
66 | * Arnaldo C. Melo : convert /proc/net/udp to seq_file | |
67 | * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which | |
68 | * Alexey Kuznetsov: allow both IPv4 and IPv6 sockets to bind | |
69 | * a single port at the same time. | |
70 | * Derek Atkins <derek@ihtfp.com>: Add Encapulation Support | |
71 | * James Chapman : Add L2TP encapsulation type. | |
72 | * | |
73 | * | |
74 | * This program is free software; you can redistribute it and/or | |
75 | * modify it under the terms of the GNU General Public License | |
76 | * as published by the Free Software Foundation; either version | |
77 | * 2 of the License, or (at your option) any later version. | |
78 | */ | |
79 | ||
80 | #define pr_fmt(fmt) "UDP: " fmt | |
81 | ||
82 | #include <asm/uaccess.h> | |
83 | #include <asm/ioctls.h> | |
84 | #include <linux/bootmem.h> | |
85 | #include <linux/highmem.h> | |
86 | #include <linux/swap.h> | |
87 | #include <linux/types.h> | |
88 | #include <linux/fcntl.h> | |
89 | #include <linux/module.h> | |
90 | #include <linux/socket.h> | |
91 | #include <linux/sockios.h> | |
92 | #include <linux/igmp.h> | |
93 | #include <linux/in.h> | |
94 | #include <linux/errno.h> | |
95 | #include <linux/timer.h> | |
96 | #include <linux/mm.h> | |
97 | #include <linux/inet.h> | |
98 | #include <linux/netdevice.h> | |
99 | #include <linux/slab.h> | |
100 | #include <net/tcp_states.h> | |
101 | #include <linux/skbuff.h> | |
102 | #include <linux/proc_fs.h> | |
103 | #include <linux/seq_file.h> | |
104 | #include <net/net_namespace.h> | |
105 | #include <net/icmp.h> | |
106 | #include <net/route.h> | |
107 | #include <net/checksum.h> | |
108 | #include <net/xfrm.h> | |
109 | #include <trace/events/udp.h> | |
110 | #include <linux/static_key.h> | |
111 | #include <trace/events/skb.h> | |
112 | #include "udp_impl.h" | |
113 | ||
114 | struct udp_table udp_table __read_mostly; | |
115 | EXPORT_SYMBOL(udp_table); | |
116 | ||
117 | long sysctl_udp_mem[3] __read_mostly; | |
118 | EXPORT_SYMBOL(sysctl_udp_mem); | |
119 | ||
120 | int sysctl_udp_rmem_min __read_mostly; | |
121 | EXPORT_SYMBOL(sysctl_udp_rmem_min); | |
122 | ||
123 | int sysctl_udp_wmem_min __read_mostly; | |
124 | EXPORT_SYMBOL(sysctl_udp_wmem_min); | |
125 | ||
126 | atomic_long_t udp_memory_allocated; | |
127 | EXPORT_SYMBOL(udp_memory_allocated); | |
128 | ||
129 | #define MAX_UDP_PORTS 65536 | |
130 | #define PORTS_PER_CHAIN (MAX_UDP_PORTS / UDP_HTABLE_SIZE_MIN) | |
131 | ||
132 | static int udp_lib_lport_inuse(struct net *net, __u16 num, | |
133 | const struct udp_hslot *hslot, | |
134 | unsigned long *bitmap, | |
135 | struct sock *sk, | |
136 | int (*saddr_comp)(const struct sock *sk1, | |
137 | const struct sock *sk2), | |
138 | unsigned int log) | |
139 | { | |
140 | struct sock *sk2; | |
141 | struct hlist_nulls_node *node; | |
142 | kuid_t uid = sock_i_uid(sk); | |
143 | ||
144 | sk_nulls_for_each(sk2, node, &hslot->head) | |
145 | if (net_eq(sock_net(sk2), net) && | |
146 | sk2 != sk && | |
147 | (bitmap || udp_sk(sk2)->udp_port_hash == num) && | |
148 | (!sk2->sk_reuse || !sk->sk_reuse) && | |
149 | (!sk2->sk_bound_dev_if || !sk->sk_bound_dev_if || | |
150 | sk2->sk_bound_dev_if == sk->sk_bound_dev_if) && | |
151 | (!sk2->sk_reuseport || !sk->sk_reuseport || | |
152 | !uid_eq(uid, sock_i_uid(sk2))) && | |
153 | (*saddr_comp)(sk, sk2)) { | |
154 | if (bitmap) | |
155 | __set_bit(udp_sk(sk2)->udp_port_hash >> log, | |
156 | bitmap); | |
157 | else | |
158 | return 1; | |
159 | } | |
160 | return 0; | |
161 | } | |
162 | ||
163 | /* | |
164 | * Note: we still hold spinlock of primary hash chain, so no other writer | |
165 | * can insert/delete a socket with local_port == num | |
166 | */ | |
167 | static int udp_lib_lport_inuse2(struct net *net, __u16 num, | |
168 | struct udp_hslot *hslot2, | |
169 | struct sock *sk, | |
170 | int (*saddr_comp)(const struct sock *sk1, | |
171 | const struct sock *sk2)) | |
172 | { | |
173 | struct sock *sk2; | |
174 | struct hlist_nulls_node *node; | |
175 | kuid_t uid = sock_i_uid(sk); | |
176 | int res = 0; | |
177 | ||
178 | spin_lock(&hslot2->lock); | |
179 | udp_portaddr_for_each_entry(sk2, node, &hslot2->head) | |
180 | if (net_eq(sock_net(sk2), net) && | |
181 | sk2 != sk && | |
182 | (udp_sk(sk2)->udp_port_hash == num) && | |
183 | (!sk2->sk_reuse || !sk->sk_reuse) && | |
184 | (!sk2->sk_bound_dev_if || !sk->sk_bound_dev_if || | |
185 | sk2->sk_bound_dev_if == sk->sk_bound_dev_if) && | |
186 | (!sk2->sk_reuseport || !sk->sk_reuseport || | |
187 | !uid_eq(uid, sock_i_uid(sk2))) && | |
188 | (*saddr_comp)(sk, sk2)) { | |
189 | res = 1; | |
190 | break; | |
191 | } | |
192 | spin_unlock(&hslot2->lock); | |
193 | return res; | |
194 | } | |
195 | ||
196 | /** | |
197 | * udp_lib_get_port - UDP/-Lite port lookup for IPv4 and IPv6 | |
198 | * | |
199 | * @sk: socket struct in question | |
200 | * @snum: port number to look up | |
201 | * @saddr_comp: AF-dependent comparison of bound local IP addresses | |
202 | * @hash2_nulladdr: AF-dependent hash value in secondary hash chains, | |
203 | * with NULL address | |
204 | */ | |
205 | int udp_lib_get_port(struct sock *sk, unsigned short snum, | |
206 | int (*saddr_comp)(const struct sock *sk1, | |
207 | const struct sock *sk2), | |
208 | unsigned int hash2_nulladdr) | |
209 | { | |
210 | struct udp_hslot *hslot, *hslot2; | |
211 | struct udp_table *udptable = sk->sk_prot->h.udp_table; | |
212 | int error = 1; | |
213 | struct net *net = sock_net(sk); | |
214 | ||
215 | if (!snum) { | |
216 | int low, high, remaining; | |
217 | unsigned int rand; | |
218 | unsigned short first, last; | |
219 | DECLARE_BITMAP(bitmap, PORTS_PER_CHAIN); | |
220 | ||
221 | inet_get_local_port_range(&low, &high); | |
222 | remaining = (high - low) + 1; | |
223 | ||
224 | rand = net_random(); | |
225 | first = (((u64)rand * remaining) >> 32) + low; | |
226 | /* | |
227 | * force rand to be an odd multiple of UDP_HTABLE_SIZE | |
228 | */ | |
229 | rand = (rand | 1) * (udptable->mask + 1); | |
230 | last = first + udptable->mask + 1; | |
231 | do { | |
232 | hslot = udp_hashslot(udptable, net, first); | |
233 | bitmap_zero(bitmap, PORTS_PER_CHAIN); | |
234 | spin_lock_bh(&hslot->lock); | |
235 | udp_lib_lport_inuse(net, snum, hslot, bitmap, sk, | |
236 | saddr_comp, udptable->log); | |
237 | ||
238 | snum = first; | |
239 | /* | |
240 | * Iterate on all possible values of snum for this hash. | |
241 | * Using steps of an odd multiple of UDP_HTABLE_SIZE | |
242 | * give us randomization and full range coverage. | |
243 | */ | |
244 | do { | |
245 | if (low <= snum && snum <= high && | |
246 | !test_bit(snum >> udptable->log, bitmap) && | |
247 | !inet_is_reserved_local_port(snum)) | |
248 | goto found; | |
249 | snum += rand; | |
250 | } while (snum != first); | |
251 | spin_unlock_bh(&hslot->lock); | |
252 | } while (++first != last); | |
253 | goto fail; | |
254 | } else { | |
255 | hslot = udp_hashslot(udptable, net, snum); | |
256 | spin_lock_bh(&hslot->lock); | |
257 | if (hslot->count > 10) { | |
258 | int exist; | |
259 | unsigned int slot2 = udp_sk(sk)->udp_portaddr_hash ^ snum; | |
260 | ||
261 | slot2 &= udptable->mask; | |
262 | hash2_nulladdr &= udptable->mask; | |
263 | ||
264 | hslot2 = udp_hashslot2(udptable, slot2); | |
265 | if (hslot->count < hslot2->count) | |
266 | goto scan_primary_hash; | |
267 | ||
268 | exist = udp_lib_lport_inuse2(net, snum, hslot2, | |
269 | sk, saddr_comp); | |
270 | if (!exist && (hash2_nulladdr != slot2)) { | |
271 | hslot2 = udp_hashslot2(udptable, hash2_nulladdr); | |
272 | exist = udp_lib_lport_inuse2(net, snum, hslot2, | |
273 | sk, saddr_comp); | |
274 | } | |
275 | if (exist) | |
276 | goto fail_unlock; | |
277 | else | |
278 | goto found; | |
279 | } | |
280 | scan_primary_hash: | |
281 | if (udp_lib_lport_inuse(net, snum, hslot, NULL, sk, | |
282 | saddr_comp, 0)) | |
283 | goto fail_unlock; | |
284 | } | |
285 | found: | |
286 | inet_sk(sk)->inet_num = snum; | |
287 | udp_sk(sk)->udp_port_hash = snum; | |
288 | udp_sk(sk)->udp_portaddr_hash ^= snum; | |
289 | if (sk_unhashed(sk)) { | |
290 | sk_nulls_add_node_rcu(sk, &hslot->head); | |
291 | hslot->count++; | |
292 | sock_prot_inuse_add(sock_net(sk), sk->sk_prot, 1); | |
293 | ||
294 | hslot2 = udp_hashslot2(udptable, udp_sk(sk)->udp_portaddr_hash); | |
295 | spin_lock(&hslot2->lock); | |
296 | hlist_nulls_add_head_rcu(&udp_sk(sk)->udp_portaddr_node, | |
297 | &hslot2->head); | |
298 | hslot2->count++; | |
299 | spin_unlock(&hslot2->lock); | |
300 | } | |
301 | error = 0; | |
302 | fail_unlock: | |
303 | spin_unlock_bh(&hslot->lock); | |
304 | fail: | |
305 | return error; | |
306 | } | |
307 | EXPORT_SYMBOL(udp_lib_get_port); | |
308 | ||
309 | static int ipv4_rcv_saddr_equal(const struct sock *sk1, const struct sock *sk2) | |
310 | { | |
311 | struct inet_sock *inet1 = inet_sk(sk1), *inet2 = inet_sk(sk2); | |
312 | ||
313 | return (!ipv6_only_sock(sk2) && | |
314 | (!inet1->inet_rcv_saddr || !inet2->inet_rcv_saddr || | |
315 | inet1->inet_rcv_saddr == inet2->inet_rcv_saddr)); | |
316 | } | |
317 | ||
318 | static unsigned int udp4_portaddr_hash(struct net *net, __be32 saddr, | |
319 | unsigned int port) | |
320 | { | |
321 | return jhash_1word((__force u32)saddr, net_hash_mix(net)) ^ port; | |
322 | } | |
323 | ||
324 | int udp_v4_get_port(struct sock *sk, unsigned short snum) | |
325 | { | |
326 | unsigned int hash2_nulladdr = | |
327 | udp4_portaddr_hash(sock_net(sk), htonl(INADDR_ANY), snum); | |
328 | unsigned int hash2_partial = | |
329 | udp4_portaddr_hash(sock_net(sk), inet_sk(sk)->inet_rcv_saddr, 0); | |
330 | ||
331 | /* precompute partial secondary hash */ | |
332 | udp_sk(sk)->udp_portaddr_hash = hash2_partial; | |
333 | return udp_lib_get_port(sk, snum, ipv4_rcv_saddr_equal, hash2_nulladdr); | |
334 | } | |
335 | ||
336 | static inline int compute_score(struct sock *sk, struct net *net, __be32 saddr, | |
337 | unsigned short hnum, | |
338 | __be16 sport, __be32 daddr, __be16 dport, int dif) | |
339 | { | |
340 | int score = -1; | |
341 | ||
342 | if (net_eq(sock_net(sk), net) && udp_sk(sk)->udp_port_hash == hnum && | |
343 | !ipv6_only_sock(sk)) { | |
344 | struct inet_sock *inet = inet_sk(sk); | |
345 | ||
346 | score = (sk->sk_family == PF_INET ? 2 : 1); | |
347 | if (inet->inet_rcv_saddr) { | |
348 | if (inet->inet_rcv_saddr != daddr) | |
349 | return -1; | |
350 | score += 4; | |
351 | } | |
352 | if (inet->inet_daddr) { | |
353 | if (inet->inet_daddr != saddr) | |
354 | return -1; | |
355 | score += 4; | |
356 | } | |
357 | if (inet->inet_dport) { | |
358 | if (inet->inet_dport != sport) | |
359 | return -1; | |
360 | score += 4; | |
361 | } | |
362 | if (sk->sk_bound_dev_if) { | |
363 | if (sk->sk_bound_dev_if != dif) | |
364 | return -1; | |
365 | score += 4; | |
366 | } | |
367 | } | |
368 | return score; | |
369 | } | |
370 | ||
371 | /* | |
372 | * In this second variant, we check (daddr, dport) matches (inet_rcv_sadd, inet_num) | |
373 | */ | |
374 | static inline int compute_score2(struct sock *sk, struct net *net, | |
375 | __be32 saddr, __be16 sport, | |
376 | __be32 daddr, unsigned int hnum, int dif) | |
377 | { | |
378 | int score = -1; | |
379 | ||
380 | if (net_eq(sock_net(sk), net) && !ipv6_only_sock(sk)) { | |
381 | struct inet_sock *inet = inet_sk(sk); | |
382 | ||
383 | if (inet->inet_rcv_saddr != daddr) | |
384 | return -1; | |
385 | if (inet->inet_num != hnum) | |
386 | return -1; | |
387 | ||
388 | score = (sk->sk_family == PF_INET ? 2 : 1); | |
389 | if (inet->inet_daddr) { | |
390 | if (inet->inet_daddr != saddr) | |
391 | return -1; | |
392 | score += 4; | |
393 | } | |
394 | if (inet->inet_dport) { | |
395 | if (inet->inet_dport != sport) | |
396 | return -1; | |
397 | score += 4; | |
398 | } | |
399 | if (sk->sk_bound_dev_if) { | |
400 | if (sk->sk_bound_dev_if != dif) | |
401 | return -1; | |
402 | score += 4; | |
403 | } | |
404 | } | |
405 | return score; | |
406 | } | |
407 | ||
408 | ||
409 | /* called with read_rcu_lock() */ | |
410 | static struct sock *udp4_lib_lookup2(struct net *net, | |
411 | __be32 saddr, __be16 sport, | |
412 | __be32 daddr, unsigned int hnum, int dif, | |
413 | struct udp_hslot *hslot2, unsigned int slot2) | |
414 | { | |
415 | struct sock *sk, *result; | |
416 | struct hlist_nulls_node *node; | |
417 | int score, badness, matches = 0, reuseport = 0; | |
418 | u32 hash = 0; | |
419 | ||
420 | begin: | |
421 | result = NULL; | |
422 | badness = 0; | |
423 | udp_portaddr_for_each_entry_rcu(sk, node, &hslot2->head) { | |
424 | score = compute_score2(sk, net, saddr, sport, | |
425 | daddr, hnum, dif); | |
426 | if (score > badness) { | |
427 | result = sk; | |
428 | badness = score; | |
429 | reuseport = sk->sk_reuseport; | |
430 | if (reuseport) { | |
431 | hash = inet_ehashfn(net, daddr, hnum, | |
432 | saddr, htons(sport)); | |
433 | matches = 1; | |
434 | } | |
435 | } else if (score == badness && reuseport) { | |
436 | matches++; | |
437 | if (((u64)hash * matches) >> 32 == 0) | |
438 | result = sk; | |
439 | hash = next_pseudo_random32(hash); | |
440 | } | |
441 | } | |
442 | /* | |
443 | * if the nulls value we got at the end of this lookup is | |
444 | * not the expected one, we must restart lookup. | |
445 | * We probably met an item that was moved to another chain. | |
446 | */ | |
447 | if (get_nulls_value(node) != slot2) | |
448 | goto begin; | |
449 | if (result) { | |
450 | if (unlikely(!atomic_inc_not_zero_hint(&result->sk_refcnt, 2))) | |
451 | result = NULL; | |
452 | else if (unlikely(compute_score2(result, net, saddr, sport, | |
453 | daddr, hnum, dif) < badness)) { | |
454 | sock_put(result); | |
455 | goto begin; | |
456 | } | |
457 | } | |
458 | return result; | |
459 | } | |
460 | ||
461 | /* UDP is nearly always wildcards out the wazoo, it makes no sense to try | |
462 | * harder than this. -DaveM | |
463 | */ | |
464 | struct sock *__udp4_lib_lookup(struct net *net, __be32 saddr, | |
465 | __be16 sport, __be32 daddr, __be16 dport, | |
466 | int dif, struct udp_table *udptable) | |
467 | { | |
468 | struct sock *sk, *result; | |
469 | struct hlist_nulls_node *node; | |
470 | unsigned short hnum = ntohs(dport); | |
471 | unsigned int hash2, slot2, slot = udp_hashfn(net, hnum, udptable->mask); | |
472 | struct udp_hslot *hslot2, *hslot = &udptable->hash[slot]; | |
473 | int score, badness, matches = 0, reuseport = 0; | |
474 | u32 hash = 0; | |
475 | ||
476 | rcu_read_lock(); | |
477 | if (hslot->count > 10) { | |
478 | hash2 = udp4_portaddr_hash(net, daddr, hnum); | |
479 | slot2 = hash2 & udptable->mask; | |
480 | hslot2 = &udptable->hash2[slot2]; | |
481 | if (hslot->count < hslot2->count) | |
482 | goto begin; | |
483 | ||
484 | result = udp4_lib_lookup2(net, saddr, sport, | |
485 | daddr, hnum, dif, | |
486 | hslot2, slot2); | |
487 | if (!result) { | |
488 | hash2 = udp4_portaddr_hash(net, htonl(INADDR_ANY), hnum); | |
489 | slot2 = hash2 & udptable->mask; | |
490 | hslot2 = &udptable->hash2[slot2]; | |
491 | if (hslot->count < hslot2->count) | |
492 | goto begin; | |
493 | ||
494 | result = udp4_lib_lookup2(net, saddr, sport, | |
495 | htonl(INADDR_ANY), hnum, dif, | |
496 | hslot2, slot2); | |
497 | } | |
498 | rcu_read_unlock(); | |
499 | return result; | |
500 | } | |
501 | begin: | |
502 | result = NULL; | |
503 | badness = 0; | |
504 | sk_nulls_for_each_rcu(sk, node, &hslot->head) { | |
505 | score = compute_score(sk, net, saddr, hnum, sport, | |
506 | daddr, dport, dif); | |
507 | if (score > badness) { | |
508 | result = sk; | |
509 | badness = score; | |
510 | reuseport = sk->sk_reuseport; | |
511 | if (reuseport) { | |
512 | hash = inet_ehashfn(net, daddr, hnum, | |
513 | saddr, htons(sport)); | |
514 | matches = 1; | |
515 | } | |
516 | } else if (score == badness && reuseport) { | |
517 | matches++; | |
518 | if (((u64)hash * matches) >> 32 == 0) | |
519 | result = sk; | |
520 | hash = next_pseudo_random32(hash); | |
521 | } | |
522 | } | |
523 | /* | |
524 | * if the nulls value we got at the end of this lookup is | |
525 | * not the expected one, we must restart lookup. | |
526 | * We probably met an item that was moved to another chain. | |
527 | */ | |
528 | if (get_nulls_value(node) != slot) | |
529 | goto begin; | |
530 | ||
531 | if (result) { | |
532 | if (unlikely(!atomic_inc_not_zero_hint(&result->sk_refcnt, 2))) | |
533 | result = NULL; | |
534 | else if (unlikely(compute_score(result, net, saddr, hnum, sport, | |
535 | daddr, dport, dif) < badness)) { | |
536 | sock_put(result); | |
537 | goto begin; | |
538 | } | |
539 | } | |
540 | rcu_read_unlock(); | |
541 | return result; | |
542 | } | |
543 | EXPORT_SYMBOL_GPL(__udp4_lib_lookup); | |
544 | ||
545 | static inline struct sock *__udp4_lib_lookup_skb(struct sk_buff *skb, | |
546 | __be16 sport, __be16 dport, | |
547 | struct udp_table *udptable) | |
548 | { | |
549 | struct sock *sk; | |
550 | const struct iphdr *iph = ip_hdr(skb); | |
551 | ||
552 | if (unlikely(sk = skb_steal_sock(skb))) | |
553 | return sk; | |
554 | else | |
555 | return __udp4_lib_lookup(dev_net(skb_dst(skb)->dev), iph->saddr, sport, | |
556 | iph->daddr, dport, inet_iif(skb), | |
557 | udptable); | |
558 | } | |
559 | ||
560 | struct sock *udp4_lib_lookup(struct net *net, __be32 saddr, __be16 sport, | |
561 | __be32 daddr, __be16 dport, int dif) | |
562 | { | |
563 | return __udp4_lib_lookup(net, saddr, sport, daddr, dport, dif, &udp_table); | |
564 | } | |
565 | EXPORT_SYMBOL_GPL(udp4_lib_lookup); | |
566 | ||
567 | static inline struct sock *udp_v4_mcast_next(struct net *net, struct sock *sk, | |
568 | __be16 loc_port, __be32 loc_addr, | |
569 | __be16 rmt_port, __be32 rmt_addr, | |
570 | int dif) | |
571 | { | |
572 | struct hlist_nulls_node *node; | |
573 | struct sock *s = sk; | |
574 | unsigned short hnum = ntohs(loc_port); | |
575 | ||
576 | sk_nulls_for_each_from(s, node) { | |
577 | struct inet_sock *inet = inet_sk(s); | |
578 | ||
579 | if (!net_eq(sock_net(s), net) || | |
580 | udp_sk(s)->udp_port_hash != hnum || | |
581 | (inet->inet_daddr && inet->inet_daddr != rmt_addr) || | |
582 | (inet->inet_dport != rmt_port && inet->inet_dport) || | |
583 | (inet->inet_rcv_saddr && | |
584 | inet->inet_rcv_saddr != loc_addr) || | |
585 | ipv6_only_sock(s) || | |
586 | (s->sk_bound_dev_if && s->sk_bound_dev_if != dif)) | |
587 | continue; | |
588 | if (!ip_mc_sf_allow(s, loc_addr, rmt_addr, dif)) | |
589 | continue; | |
590 | goto found; | |
591 | } | |
592 | s = NULL; | |
593 | found: | |
594 | return s; | |
595 | } | |
596 | ||
597 | /* | |
598 | * This routine is called by the ICMP module when it gets some | |
599 | * sort of error condition. If err < 0 then the socket should | |
600 | * be closed and the error returned to the user. If err > 0 | |
601 | * it's just the icmp type << 8 | icmp code. | |
602 | * Header points to the ip header of the error packet. We move | |
603 | * on past this. Then (as it used to claim before adjustment) | |
604 | * header points to the first 8 bytes of the udp header. We need | |
605 | * to find the appropriate port. | |
606 | */ | |
607 | ||
608 | void __udp4_lib_err(struct sk_buff *skb, u32 info, struct udp_table *udptable) | |
609 | { | |
610 | struct inet_sock *inet; | |
611 | const struct iphdr *iph = (const struct iphdr *)skb->data; | |
612 | struct udphdr *uh = (struct udphdr *)(skb->data+(iph->ihl<<2)); | |
613 | const int type = icmp_hdr(skb)->type; | |
614 | const int code = icmp_hdr(skb)->code; | |
615 | struct sock *sk; | |
616 | int harderr; | |
617 | int err; | |
618 | struct net *net = dev_net(skb->dev); | |
619 | ||
620 | sk = __udp4_lib_lookup(net, iph->daddr, uh->dest, | |
621 | iph->saddr, uh->source, skb->dev->ifindex, udptable); | |
622 | if (sk == NULL) { | |
623 | ICMP_INC_STATS_BH(net, ICMP_MIB_INERRORS); | |
624 | return; /* No socket for error */ | |
625 | } | |
626 | ||
627 | err = 0; | |
628 | harderr = 0; | |
629 | inet = inet_sk(sk); | |
630 | ||
631 | switch (type) { | |
632 | default: | |
633 | case ICMP_TIME_EXCEEDED: | |
634 | err = EHOSTUNREACH; | |
635 | break; | |
636 | case ICMP_SOURCE_QUENCH: | |
637 | goto out; | |
638 | case ICMP_PARAMETERPROB: | |
639 | err = EPROTO; | |
640 | harderr = 1; | |
641 | break; | |
642 | case ICMP_DEST_UNREACH: | |
643 | if (code == ICMP_FRAG_NEEDED) { /* Path MTU discovery */ | |
644 | ipv4_sk_update_pmtu(skb, sk, info); | |
645 | if (inet->pmtudisc != IP_PMTUDISC_DONT) { | |
646 | err = EMSGSIZE; | |
647 | harderr = 1; | |
648 | break; | |
649 | } | |
650 | goto out; | |
651 | } | |
652 | err = EHOSTUNREACH; | |
653 | if (code <= NR_ICMP_UNREACH) { | |
654 | harderr = icmp_err_convert[code].fatal; | |
655 | err = icmp_err_convert[code].errno; | |
656 | } | |
657 | break; | |
658 | case ICMP_REDIRECT: | |
659 | ipv4_sk_redirect(skb, sk); | |
660 | break; | |
661 | } | |
662 | ||
663 | /* | |
664 | * RFC1122: OK. Passes ICMP errors back to application, as per | |
665 | * 4.1.3.3. | |
666 | */ | |
667 | if (!inet->recverr) { | |
668 | if (!harderr || sk->sk_state != TCP_ESTABLISHED) | |
669 | goto out; | |
670 | } else | |
671 | ip_icmp_error(sk, skb, err, uh->dest, info, (u8 *)(uh+1)); | |
672 | ||
673 | sk->sk_err = err; | |
674 | sk->sk_error_report(sk); | |
675 | out: | |
676 | sock_put(sk); | |
677 | } | |
678 | ||
679 | void udp_err(struct sk_buff *skb, u32 info) | |
680 | { | |
681 | __udp4_lib_err(skb, info, &udp_table); | |
682 | } | |
683 | ||
684 | /* | |
685 | * Throw away all pending data and cancel the corking. Socket is locked. | |
686 | */ | |
687 | void udp_flush_pending_frames(struct sock *sk) | |
688 | { | |
689 | struct udp_sock *up = udp_sk(sk); | |
690 | ||
691 | if (up->pending) { | |
692 | up->len = 0; | |
693 | up->pending = 0; | |
694 | ip_flush_pending_frames(sk); | |
695 | } | |
696 | } | |
697 | EXPORT_SYMBOL(udp_flush_pending_frames); | |
698 | ||
699 | /** | |
700 | * udp4_hwcsum - handle outgoing HW checksumming | |
701 | * @skb: sk_buff containing the filled-in UDP header | |
702 | * (checksum field must be zeroed out) | |
703 | * @src: source IP address | |
704 | * @dst: destination IP address | |
705 | */ | |
706 | static void udp4_hwcsum(struct sk_buff *skb, __be32 src, __be32 dst) | |
707 | { | |
708 | struct udphdr *uh = udp_hdr(skb); | |
709 | struct sk_buff *frags = skb_shinfo(skb)->frag_list; | |
710 | int offset = skb_transport_offset(skb); | |
711 | int len = skb->len - offset; | |
712 | int hlen = len; | |
713 | __wsum csum = 0; | |
714 | ||
715 | if (!frags) { | |
716 | /* | |
717 | * Only one fragment on the socket. | |
718 | */ | |
719 | skb->csum_start = skb_transport_header(skb) - skb->head; | |
720 | skb->csum_offset = offsetof(struct udphdr, check); | |
721 | uh->check = ~csum_tcpudp_magic(src, dst, len, | |
722 | IPPROTO_UDP, 0); | |
723 | } else { | |
724 | /* | |
725 | * HW-checksum won't work as there are two or more | |
726 | * fragments on the socket so that all csums of sk_buffs | |
727 | * should be together | |
728 | */ | |
729 | do { | |
730 | csum = csum_add(csum, frags->csum); | |
731 | hlen -= frags->len; | |
732 | } while ((frags = frags->next)); | |
733 | ||
734 | csum = skb_checksum(skb, offset, hlen, csum); | |
735 | skb->ip_summed = CHECKSUM_NONE; | |
736 | ||
737 | uh->check = csum_tcpudp_magic(src, dst, len, IPPROTO_UDP, csum); | |
738 | if (uh->check == 0) | |
739 | uh->check = CSUM_MANGLED_0; | |
740 | } | |
741 | } | |
742 | ||
743 | static int udp_send_skb(struct sk_buff *skb, struct flowi4 *fl4) | |
744 | { | |
745 | struct sock *sk = skb->sk; | |
746 | struct inet_sock *inet = inet_sk(sk); | |
747 | struct udphdr *uh; | |
748 | int err = 0; | |
749 | int is_udplite = IS_UDPLITE(sk); | |
750 | int offset = skb_transport_offset(skb); | |
751 | int len = skb->len - offset; | |
752 | __wsum csum = 0; | |
753 | ||
754 | /* | |
755 | * Create a UDP header | |
756 | */ | |
757 | uh = udp_hdr(skb); | |
758 | uh->source = inet->inet_sport; | |
759 | uh->dest = fl4->fl4_dport; | |
760 | uh->len = htons(len); | |
761 | uh->check = 0; | |
762 | ||
763 | if (is_udplite) /* UDP-Lite */ | |
764 | csum = udplite_csum(skb); | |
765 | ||
766 | else if (sk->sk_no_check == UDP_CSUM_NOXMIT) { /* UDP csum disabled */ | |
767 | ||
768 | skb->ip_summed = CHECKSUM_NONE; | |
769 | goto send; | |
770 | ||
771 | } else if (skb->ip_summed == CHECKSUM_PARTIAL) { /* UDP hardware csum */ | |
772 | ||
773 | udp4_hwcsum(skb, fl4->saddr, fl4->daddr); | |
774 | goto send; | |
775 | ||
776 | } else | |
777 | csum = udp_csum(skb); | |
778 | ||
779 | /* add protocol-dependent pseudo-header */ | |
780 | uh->check = csum_tcpudp_magic(fl4->saddr, fl4->daddr, len, | |
781 | sk->sk_protocol, csum); | |
782 | if (uh->check == 0) | |
783 | uh->check = CSUM_MANGLED_0; | |
784 | ||
785 | send: | |
786 | err = ip_send_skb(sock_net(sk), skb); | |
787 | if (err) { | |
788 | if (err == -ENOBUFS && !inet->recverr) { | |
789 | UDP_INC_STATS_USER(sock_net(sk), | |
790 | UDP_MIB_SNDBUFERRORS, is_udplite); | |
791 | err = 0; | |
792 | } | |
793 | } else | |
794 | UDP_INC_STATS_USER(sock_net(sk), | |
795 | UDP_MIB_OUTDATAGRAMS, is_udplite); | |
796 | return err; | |
797 | } | |
798 | ||
799 | /* | |
800 | * Push out all pending data as one UDP datagram. Socket is locked. | |
801 | */ | |
802 | static int udp_push_pending_frames(struct sock *sk) | |
803 | { | |
804 | struct udp_sock *up = udp_sk(sk); | |
805 | struct inet_sock *inet = inet_sk(sk); | |
806 | struct flowi4 *fl4 = &inet->cork.fl.u.ip4; | |
807 | struct sk_buff *skb; | |
808 | int err = 0; | |
809 | ||
810 | skb = ip_finish_skb(sk, fl4); | |
811 | if (!skb) | |
812 | goto out; | |
813 | ||
814 | err = udp_send_skb(skb, fl4); | |
815 | ||
816 | out: | |
817 | up->len = 0; | |
818 | up->pending = 0; | |
819 | return err; | |
820 | } | |
821 | ||
822 | int udp_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, | |
823 | size_t len) | |
824 | { | |
825 | struct inet_sock *inet = inet_sk(sk); | |
826 | struct udp_sock *up = udp_sk(sk); | |
827 | struct flowi4 fl4_stack; | |
828 | struct flowi4 *fl4; | |
829 | int ulen = len; | |
830 | struct ipcm_cookie ipc; | |
831 | struct rtable *rt = NULL; | |
832 | int free = 0; | |
833 | int connected = 0; | |
834 | __be32 daddr, faddr, saddr; | |
835 | __be16 dport; | |
836 | u8 tos; | |
837 | int err, is_udplite = IS_UDPLITE(sk); | |
838 | int corkreq = up->corkflag || msg->msg_flags&MSG_MORE; | |
839 | int (*getfrag)(void *, char *, int, int, int, struct sk_buff *); | |
840 | struct sk_buff *skb; | |
841 | struct ip_options_data opt_copy; | |
842 | ||
843 | if (len > 0xFFFF) | |
844 | return -EMSGSIZE; | |
845 | ||
846 | /* | |
847 | * Check the flags. | |
848 | */ | |
849 | ||
850 | if (msg->msg_flags & MSG_OOB) /* Mirror BSD error message compatibility */ | |
851 | return -EOPNOTSUPP; | |
852 | ||
853 | ipc.opt = NULL; | |
854 | ipc.tx_flags = 0; | |
855 | ||
856 | getfrag = is_udplite ? udplite_getfrag : ip_generic_getfrag; | |
857 | ||
858 | fl4 = &inet->cork.fl.u.ip4; | |
859 | if (up->pending) { | |
860 | /* | |
861 | * There are pending frames. | |
862 | * The socket lock must be held while it's corked. | |
863 | */ | |
864 | lock_sock(sk); | |
865 | if (likely(up->pending)) { | |
866 | if (unlikely(up->pending != AF_INET)) { | |
867 | release_sock(sk); | |
868 | return -EINVAL; | |
869 | } | |
870 | goto do_append_data; | |
871 | } | |
872 | release_sock(sk); | |
873 | } | |
874 | ulen += sizeof(struct udphdr); | |
875 | ||
876 | /* | |
877 | * Get and verify the address. | |
878 | */ | |
879 | if (msg->msg_name) { | |
880 | struct sockaddr_in *usin = (struct sockaddr_in *)msg->msg_name; | |
881 | if (msg->msg_namelen < sizeof(*usin)) | |
882 | return -EINVAL; | |
883 | if (usin->sin_family != AF_INET) { | |
884 | if (usin->sin_family != AF_UNSPEC) | |
885 | return -EAFNOSUPPORT; | |
886 | } | |
887 | ||
888 | daddr = usin->sin_addr.s_addr; | |
889 | dport = usin->sin_port; | |
890 | if (dport == 0) | |
891 | return -EINVAL; | |
892 | } else { | |
893 | if (sk->sk_state != TCP_ESTABLISHED) | |
894 | return -EDESTADDRREQ; | |
895 | daddr = inet->inet_daddr; | |
896 | dport = inet->inet_dport; | |
897 | /* Open fast path for connected socket. | |
898 | Route will not be used, if at least one option is set. | |
899 | */ | |
900 | connected = 1; | |
901 | } | |
902 | ipc.addr = inet->inet_saddr; | |
903 | ||
904 | ipc.oif = sk->sk_bound_dev_if; | |
905 | ||
906 | sock_tx_timestamp(sk, &ipc.tx_flags); | |
907 | ||
908 | if (msg->msg_controllen) { | |
909 | err = ip_cmsg_send(sock_net(sk), msg, &ipc); | |
910 | if (err) | |
911 | return err; | |
912 | if (ipc.opt) | |
913 | free = 1; | |
914 | connected = 0; | |
915 | } | |
916 | if (!ipc.opt) { | |
917 | struct ip_options_rcu *inet_opt; | |
918 | ||
919 | rcu_read_lock(); | |
920 | inet_opt = rcu_dereference(inet->inet_opt); | |
921 | if (inet_opt) { | |
922 | memcpy(&opt_copy, inet_opt, | |
923 | sizeof(*inet_opt) + inet_opt->opt.optlen); | |
924 | ipc.opt = &opt_copy.opt; | |
925 | } | |
926 | rcu_read_unlock(); | |
927 | } | |
928 | ||
929 | saddr = ipc.addr; | |
930 | ipc.addr = faddr = daddr; | |
931 | ||
932 | if (ipc.opt && ipc.opt->opt.srr) { | |
933 | if (!daddr) | |
934 | return -EINVAL; | |
935 | faddr = ipc.opt->opt.faddr; | |
936 | connected = 0; | |
937 | } | |
938 | tos = RT_TOS(inet->tos); | |
939 | if (sock_flag(sk, SOCK_LOCALROUTE) || | |
940 | (msg->msg_flags & MSG_DONTROUTE) || | |
941 | (ipc.opt && ipc.opt->opt.is_strictroute)) { | |
942 | tos |= RTO_ONLINK; | |
943 | connected = 0; | |
944 | } | |
945 | ||
946 | if (ipv4_is_multicast(daddr)) { | |
947 | if (!ipc.oif) | |
948 | ipc.oif = inet->mc_index; | |
949 | if (!saddr) | |
950 | saddr = inet->mc_addr; | |
951 | connected = 0; | |
952 | } else if (!ipc.oif) | |
953 | ipc.oif = inet->uc_index; | |
954 | ||
955 | if (connected) | |
956 | rt = (struct rtable *)sk_dst_check(sk, 0); | |
957 | ||
958 | if (rt == NULL) { | |
959 | struct net *net = sock_net(sk); | |
960 | ||
961 | fl4 = &fl4_stack; | |
962 | flowi4_init_output(fl4, ipc.oif, sk->sk_mark, tos, | |
963 | RT_SCOPE_UNIVERSE, sk->sk_protocol, | |
964 | inet_sk_flowi_flags(sk)|FLOWI_FLAG_CAN_SLEEP, | |
965 | faddr, saddr, dport, inet->inet_sport); | |
966 | ||
967 | security_sk_classify_flow(sk, flowi4_to_flowi(fl4)); | |
968 | rt = ip_route_output_flow(net, fl4, sk); | |
969 | if (IS_ERR(rt)) { | |
970 | err = PTR_ERR(rt); | |
971 | rt = NULL; | |
972 | if (err == -ENETUNREACH) | |
973 | IP_INC_STATS_BH(net, IPSTATS_MIB_OUTNOROUTES); | |
974 | goto out; | |
975 | } | |
976 | ||
977 | err = -EACCES; | |
978 | if ((rt->rt_flags & RTCF_BROADCAST) && | |
979 | !sock_flag(sk, SOCK_BROADCAST)) | |
980 | goto out; | |
981 | if (connected) | |
982 | sk_dst_set(sk, dst_clone(&rt->dst)); | |
983 | } | |
984 | ||
985 | if (msg->msg_flags&MSG_CONFIRM) | |
986 | goto do_confirm; | |
987 | back_from_confirm: | |
988 | ||
989 | saddr = fl4->saddr; | |
990 | if (!ipc.addr) | |
991 | daddr = ipc.addr = fl4->daddr; | |
992 | ||
993 | /* Lockless fast path for the non-corking case. */ | |
994 | if (!corkreq) { | |
995 | skb = ip_make_skb(sk, fl4, getfrag, msg->msg_iov, ulen, | |
996 | sizeof(struct udphdr), &ipc, &rt, | |
997 | msg->msg_flags); | |
998 | err = PTR_ERR(skb); | |
999 | if (!IS_ERR_OR_NULL(skb)) | |
1000 | err = udp_send_skb(skb, fl4); | |
1001 | goto out; | |
1002 | } | |
1003 | ||
1004 | lock_sock(sk); | |
1005 | if (unlikely(up->pending)) { | |
1006 | /* The socket is already corked while preparing it. */ | |
1007 | /* ... which is an evident application bug. --ANK */ | |
1008 | release_sock(sk); | |
1009 | ||
1010 | LIMIT_NETDEBUG(KERN_DEBUG pr_fmt("cork app bug 2\n")); | |
1011 | err = -EINVAL; | |
1012 | goto out; | |
1013 | } | |
1014 | /* | |
1015 | * Now cork the socket to pend data. | |
1016 | */ | |
1017 | fl4 = &inet->cork.fl.u.ip4; | |
1018 | fl4->daddr = daddr; | |
1019 | fl4->saddr = saddr; | |
1020 | fl4->fl4_dport = dport; | |
1021 | fl4->fl4_sport = inet->inet_sport; | |
1022 | up->pending = AF_INET; | |
1023 | ||
1024 | do_append_data: | |
1025 | up->len += ulen; | |
1026 | err = ip_append_data(sk, fl4, getfrag, msg->msg_iov, ulen, | |
1027 | sizeof(struct udphdr), &ipc, &rt, | |
1028 | corkreq ? msg->msg_flags|MSG_MORE : msg->msg_flags); | |
1029 | if (err) | |
1030 | udp_flush_pending_frames(sk); | |
1031 | else if (!corkreq) | |
1032 | err = udp_push_pending_frames(sk); | |
1033 | else if (unlikely(skb_queue_empty(&sk->sk_write_queue))) | |
1034 | up->pending = 0; | |
1035 | release_sock(sk); | |
1036 | ||
1037 | out: | |
1038 | ip_rt_put(rt); | |
1039 | if (free) | |
1040 | kfree(ipc.opt); | |
1041 | if (!err) | |
1042 | return len; | |
1043 | /* | |
1044 | * ENOBUFS = no kernel mem, SOCK_NOSPACE = no sndbuf space. Reporting | |
1045 | * ENOBUFS might not be good (it's not tunable per se), but otherwise | |
1046 | * we don't have a good statistic (IpOutDiscards but it can be too many | |
1047 | * things). We could add another new stat but at least for now that | |
1048 | * seems like overkill. | |
1049 | */ | |
1050 | if (err == -ENOBUFS || test_bit(SOCK_NOSPACE, &sk->sk_socket->flags)) { | |
1051 | UDP_INC_STATS_USER(sock_net(sk), | |
1052 | UDP_MIB_SNDBUFERRORS, is_udplite); | |
1053 | } | |
1054 | return err; | |
1055 | ||
1056 | do_confirm: | |
1057 | dst_confirm(&rt->dst); | |
1058 | if (!(msg->msg_flags&MSG_PROBE) || len) | |
1059 | goto back_from_confirm; | |
1060 | err = 0; | |
1061 | goto out; | |
1062 | } | |
1063 | EXPORT_SYMBOL(udp_sendmsg); | |
1064 | ||
1065 | int udp_sendpage(struct sock *sk, struct page *page, int offset, | |
1066 | size_t size, int flags) | |
1067 | { | |
1068 | struct inet_sock *inet = inet_sk(sk); | |
1069 | struct udp_sock *up = udp_sk(sk); | |
1070 | int ret; | |
1071 | ||
1072 | if (!up->pending) { | |
1073 | struct msghdr msg = { .msg_flags = flags|MSG_MORE }; | |
1074 | ||
1075 | /* Call udp_sendmsg to specify destination address which | |
1076 | * sendpage interface can't pass. | |
1077 | * This will succeed only when the socket is connected. | |
1078 | */ | |
1079 | ret = udp_sendmsg(NULL, sk, &msg, 0); | |
1080 | if (ret < 0) | |
1081 | return ret; | |
1082 | } | |
1083 | ||
1084 | lock_sock(sk); | |
1085 | ||
1086 | if (unlikely(!up->pending)) { | |
1087 | release_sock(sk); | |
1088 | ||
1089 | LIMIT_NETDEBUG(KERN_DEBUG pr_fmt("udp cork app bug 3\n")); | |
1090 | return -EINVAL; | |
1091 | } | |
1092 | ||
1093 | ret = ip_append_page(sk, &inet->cork.fl.u.ip4, | |
1094 | page, offset, size, flags); | |
1095 | if (ret == -EOPNOTSUPP) { | |
1096 | release_sock(sk); | |
1097 | return sock_no_sendpage(sk->sk_socket, page, offset, | |
1098 | size, flags); | |
1099 | } | |
1100 | if (ret < 0) { | |
1101 | udp_flush_pending_frames(sk); | |
1102 | goto out; | |
1103 | } | |
1104 | ||
1105 | up->len += size; | |
1106 | if (!(up->corkflag || (flags&MSG_MORE))) | |
1107 | ret = udp_push_pending_frames(sk); | |
1108 | if (!ret) | |
1109 | ret = size; | |
1110 | out: | |
1111 | release_sock(sk); | |
1112 | return ret; | |
1113 | } | |
1114 | ||
1115 | ||
1116 | /** | |
1117 | * first_packet_length - return length of first packet in receive queue | |
1118 | * @sk: socket | |
1119 | * | |
1120 | * Drops all bad checksum frames, until a valid one is found. | |
1121 | * Returns the length of found skb, or 0 if none is found. | |
1122 | */ | |
1123 | static unsigned int first_packet_length(struct sock *sk) | |
1124 | { | |
1125 | struct sk_buff_head list_kill, *rcvq = &sk->sk_receive_queue; | |
1126 | struct sk_buff *skb; | |
1127 | unsigned int res; | |
1128 | ||
1129 | __skb_queue_head_init(&list_kill); | |
1130 | ||
1131 | spin_lock_bh(&rcvq->lock); | |
1132 | while ((skb = skb_peek(rcvq)) != NULL && | |
1133 | udp_lib_checksum_complete(skb)) { | |
1134 | UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_CSUMERRORS, | |
1135 | IS_UDPLITE(sk)); | |
1136 | UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, | |
1137 | IS_UDPLITE(sk)); | |
1138 | atomic_inc(&sk->sk_drops); | |
1139 | __skb_unlink(skb, rcvq); | |
1140 | __skb_queue_tail(&list_kill, skb); | |
1141 | } | |
1142 | res = skb ? skb->len : 0; | |
1143 | spin_unlock_bh(&rcvq->lock); | |
1144 | ||
1145 | if (!skb_queue_empty(&list_kill)) { | |
1146 | bool slow = lock_sock_fast(sk); | |
1147 | ||
1148 | __skb_queue_purge(&list_kill); | |
1149 | sk_mem_reclaim_partial(sk); | |
1150 | unlock_sock_fast(sk, slow); | |
1151 | } | |
1152 | return res; | |
1153 | } | |
1154 | ||
1155 | /* | |
1156 | * IOCTL requests applicable to the UDP protocol | |
1157 | */ | |
1158 | ||
1159 | int udp_ioctl(struct sock *sk, int cmd, unsigned long arg) | |
1160 | { | |
1161 | switch (cmd) { | |
1162 | case SIOCOUTQ: | |
1163 | { | |
1164 | int amount = sk_wmem_alloc_get(sk); | |
1165 | ||
1166 | return put_user(amount, (int __user *)arg); | |
1167 | } | |
1168 | ||
1169 | case SIOCINQ: | |
1170 | { | |
1171 | unsigned int amount = first_packet_length(sk); | |
1172 | ||
1173 | if (amount) | |
1174 | /* | |
1175 | * We will only return the amount | |
1176 | * of this packet since that is all | |
1177 | * that will be read. | |
1178 | */ | |
1179 | amount -= sizeof(struct udphdr); | |
1180 | ||
1181 | return put_user(amount, (int __user *)arg); | |
1182 | } | |
1183 | ||
1184 | default: | |
1185 | return -ENOIOCTLCMD; | |
1186 | } | |
1187 | ||
1188 | return 0; | |
1189 | } | |
1190 | EXPORT_SYMBOL(udp_ioctl); | |
1191 | ||
1192 | /* | |
1193 | * This should be easy, if there is something there we | |
1194 | * return it, otherwise we block. | |
1195 | */ | |
1196 | ||
1197 | int udp_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, | |
1198 | size_t len, int noblock, int flags, int *addr_len) | |
1199 | { | |
1200 | struct inet_sock *inet = inet_sk(sk); | |
1201 | struct sockaddr_in *sin = (struct sockaddr_in *)msg->msg_name; | |
1202 | struct sk_buff *skb; | |
1203 | unsigned int ulen, copied; | |
1204 | int peeked, off = 0; | |
1205 | int err; | |
1206 | int is_udplite = IS_UDPLITE(sk); | |
1207 | bool slow; | |
1208 | ||
1209 | /* | |
1210 | * Check any passed addresses | |
1211 | */ | |
1212 | if (addr_len) | |
1213 | *addr_len = sizeof(*sin); | |
1214 | ||
1215 | if (flags & MSG_ERRQUEUE) | |
1216 | return ip_recv_error(sk, msg, len); | |
1217 | ||
1218 | try_again: | |
1219 | skb = __skb_recv_datagram(sk, flags | (noblock ? MSG_DONTWAIT : 0), | |
1220 | &peeked, &off, &err); | |
1221 | if (!skb) | |
1222 | goto out; | |
1223 | ||
1224 | ulen = skb->len - sizeof(struct udphdr); | |
1225 | copied = len; | |
1226 | if (copied > ulen) | |
1227 | copied = ulen; | |
1228 | else if (copied < ulen) | |
1229 | msg->msg_flags |= MSG_TRUNC; | |
1230 | ||
1231 | /* | |
1232 | * If checksum is needed at all, try to do it while copying the | |
1233 | * data. If the data is truncated, or if we only want a partial | |
1234 | * coverage checksum (UDP-Lite), do it before the copy. | |
1235 | */ | |
1236 | ||
1237 | if (copied < ulen || UDP_SKB_CB(skb)->partial_cov) { | |
1238 | if (udp_lib_checksum_complete(skb)) | |
1239 | goto csum_copy_err; | |
1240 | } | |
1241 | ||
1242 | if (skb_csum_unnecessary(skb)) | |
1243 | err = skb_copy_datagram_iovec(skb, sizeof(struct udphdr), | |
1244 | msg->msg_iov, copied); | |
1245 | else { | |
1246 | err = skb_copy_and_csum_datagram_iovec(skb, | |
1247 | sizeof(struct udphdr), | |
1248 | msg->msg_iov); | |
1249 | ||
1250 | if (err == -EINVAL) | |
1251 | goto csum_copy_err; | |
1252 | } | |
1253 | ||
1254 | if (unlikely(err)) { | |
1255 | trace_kfree_skb(skb, udp_recvmsg); | |
1256 | if (!peeked) { | |
1257 | atomic_inc(&sk->sk_drops); | |
1258 | UDP_INC_STATS_USER(sock_net(sk), | |
1259 | UDP_MIB_INERRORS, is_udplite); | |
1260 | } | |
1261 | goto out_free; | |
1262 | } | |
1263 | ||
1264 | if (!peeked) | |
1265 | UDP_INC_STATS_USER(sock_net(sk), | |
1266 | UDP_MIB_INDATAGRAMS, is_udplite); | |
1267 | ||
1268 | sock_recv_ts_and_drops(msg, sk, skb); | |
1269 | ||
1270 | /* Copy the address. */ | |
1271 | if (sin) { | |
1272 | sin->sin_family = AF_INET; | |
1273 | sin->sin_port = udp_hdr(skb)->source; | |
1274 | sin->sin_addr.s_addr = ip_hdr(skb)->saddr; | |
1275 | memset(sin->sin_zero, 0, sizeof(sin->sin_zero)); | |
1276 | } | |
1277 | if (inet->cmsg_flags) | |
1278 | ip_cmsg_recv(msg, skb); | |
1279 | ||
1280 | err = copied; | |
1281 | if (flags & MSG_TRUNC) | |
1282 | err = ulen; | |
1283 | ||
1284 | out_free: | |
1285 | skb_free_datagram_locked(sk, skb); | |
1286 | out: | |
1287 | return err; | |
1288 | ||
1289 | csum_copy_err: | |
1290 | slow = lock_sock_fast(sk); | |
1291 | if (!skb_kill_datagram(sk, skb, flags)) { | |
1292 | UDP_INC_STATS_USER(sock_net(sk), UDP_MIB_CSUMERRORS, is_udplite); | |
1293 | UDP_INC_STATS_USER(sock_net(sk), UDP_MIB_INERRORS, is_udplite); | |
1294 | } | |
1295 | unlock_sock_fast(sk, slow); | |
1296 | ||
1297 | if (noblock) | |
1298 | return -EAGAIN; | |
1299 | ||
1300 | /* starting over for a new packet */ | |
1301 | msg->msg_flags &= ~MSG_TRUNC; | |
1302 | goto try_again; | |
1303 | } | |
1304 | ||
1305 | ||
1306 | int udp_disconnect(struct sock *sk, int flags) | |
1307 | { | |
1308 | struct inet_sock *inet = inet_sk(sk); | |
1309 | /* | |
1310 | * 1003.1g - break association. | |
1311 | */ | |
1312 | ||
1313 | sk->sk_state = TCP_CLOSE; | |
1314 | inet->inet_daddr = 0; | |
1315 | inet->inet_dport = 0; | |
1316 | sock_rps_reset_rxhash(sk); | |
1317 | sk->sk_bound_dev_if = 0; | |
1318 | if (!(sk->sk_userlocks & SOCK_BINDADDR_LOCK)) | |
1319 | inet_reset_saddr(sk); | |
1320 | ||
1321 | if (!(sk->sk_userlocks & SOCK_BINDPORT_LOCK)) { | |
1322 | sk->sk_prot->unhash(sk); | |
1323 | inet->inet_sport = 0; | |
1324 | } | |
1325 | sk_dst_reset(sk); | |
1326 | return 0; | |
1327 | } | |
1328 | EXPORT_SYMBOL(udp_disconnect); | |
1329 | ||
1330 | void udp_lib_unhash(struct sock *sk) | |
1331 | { | |
1332 | if (sk_hashed(sk)) { | |
1333 | struct udp_table *udptable = sk->sk_prot->h.udp_table; | |
1334 | struct udp_hslot *hslot, *hslot2; | |
1335 | ||
1336 | hslot = udp_hashslot(udptable, sock_net(sk), | |
1337 | udp_sk(sk)->udp_port_hash); | |
1338 | hslot2 = udp_hashslot2(udptable, udp_sk(sk)->udp_portaddr_hash); | |
1339 | ||
1340 | spin_lock_bh(&hslot->lock); | |
1341 | if (sk_nulls_del_node_init_rcu(sk)) { | |
1342 | hslot->count--; | |
1343 | inet_sk(sk)->inet_num = 0; | |
1344 | sock_prot_inuse_add(sock_net(sk), sk->sk_prot, -1); | |
1345 | ||
1346 | spin_lock(&hslot2->lock); | |
1347 | hlist_nulls_del_init_rcu(&udp_sk(sk)->udp_portaddr_node); | |
1348 | hslot2->count--; | |
1349 | spin_unlock(&hslot2->lock); | |
1350 | } | |
1351 | spin_unlock_bh(&hslot->lock); | |
1352 | } | |
1353 | } | |
1354 | EXPORT_SYMBOL(udp_lib_unhash); | |
1355 | ||
1356 | /* | |
1357 | * inet_rcv_saddr was changed, we must rehash secondary hash | |
1358 | */ | |
1359 | void udp_lib_rehash(struct sock *sk, u16 newhash) | |
1360 | { | |
1361 | if (sk_hashed(sk)) { | |
1362 | struct udp_table *udptable = sk->sk_prot->h.udp_table; | |
1363 | struct udp_hslot *hslot, *hslot2, *nhslot2; | |
1364 | ||
1365 | hslot2 = udp_hashslot2(udptable, udp_sk(sk)->udp_portaddr_hash); | |
1366 | nhslot2 = udp_hashslot2(udptable, newhash); | |
1367 | udp_sk(sk)->udp_portaddr_hash = newhash; | |
1368 | if (hslot2 != nhslot2) { | |
1369 | hslot = udp_hashslot(udptable, sock_net(sk), | |
1370 | udp_sk(sk)->udp_port_hash); | |
1371 | /* we must lock primary chain too */ | |
1372 | spin_lock_bh(&hslot->lock); | |
1373 | ||
1374 | spin_lock(&hslot2->lock); | |
1375 | hlist_nulls_del_init_rcu(&udp_sk(sk)->udp_portaddr_node); | |
1376 | hslot2->count--; | |
1377 | spin_unlock(&hslot2->lock); | |
1378 | ||
1379 | spin_lock(&nhslot2->lock); | |
1380 | hlist_nulls_add_head_rcu(&udp_sk(sk)->udp_portaddr_node, | |
1381 | &nhslot2->head); | |
1382 | nhslot2->count++; | |
1383 | spin_unlock(&nhslot2->lock); | |
1384 | ||
1385 | spin_unlock_bh(&hslot->lock); | |
1386 | } | |
1387 | } | |
1388 | } | |
1389 | EXPORT_SYMBOL(udp_lib_rehash); | |
1390 | ||
1391 | static void udp_v4_rehash(struct sock *sk) | |
1392 | { | |
1393 | u16 new_hash = udp4_portaddr_hash(sock_net(sk), | |
1394 | inet_sk(sk)->inet_rcv_saddr, | |
1395 | inet_sk(sk)->inet_num); | |
1396 | udp_lib_rehash(sk, new_hash); | |
1397 | } | |
1398 | ||
1399 | static int __udp_queue_rcv_skb(struct sock *sk, struct sk_buff *skb) | |
1400 | { | |
1401 | int rc; | |
1402 | ||
1403 | if (inet_sk(sk)->inet_daddr) | |
1404 | sock_rps_save_rxhash(sk, skb); | |
1405 | ||
1406 | rc = sock_queue_rcv_skb(sk, skb); | |
1407 | if (rc < 0) { | |
1408 | int is_udplite = IS_UDPLITE(sk); | |
1409 | ||
1410 | /* Note that an ENOMEM error is charged twice */ | |
1411 | if (rc == -ENOMEM) | |
1412 | UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_RCVBUFERRORS, | |
1413 | is_udplite); | |
1414 | UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, is_udplite); | |
1415 | kfree_skb(skb); | |
1416 | trace_udp_fail_queue_rcv_skb(rc, sk); | |
1417 | return -1; | |
1418 | } | |
1419 | ||
1420 | return 0; | |
1421 | ||
1422 | } | |
1423 | ||
1424 | static struct static_key udp_encap_needed __read_mostly; | |
1425 | void udp_encap_enable(void) | |
1426 | { | |
1427 | if (!static_key_enabled(&udp_encap_needed)) | |
1428 | static_key_slow_inc(&udp_encap_needed); | |
1429 | } | |
1430 | EXPORT_SYMBOL(udp_encap_enable); | |
1431 | ||
1432 | /* returns: | |
1433 | * -1: error | |
1434 | * 0: success | |
1435 | * >0: "udp encap" protocol resubmission | |
1436 | * | |
1437 | * Note that in the success and error cases, the skb is assumed to | |
1438 | * have either been requeued or freed. | |
1439 | */ | |
1440 | int udp_queue_rcv_skb(struct sock *sk, struct sk_buff *skb) | |
1441 | { | |
1442 | struct udp_sock *up = udp_sk(sk); | |
1443 | int rc; | |
1444 | int is_udplite = IS_UDPLITE(sk); | |
1445 | ||
1446 | /* | |
1447 | * Charge it to the socket, dropping if the queue is full. | |
1448 | */ | |
1449 | if (!xfrm4_policy_check(sk, XFRM_POLICY_IN, skb)) | |
1450 | goto drop; | |
1451 | nf_reset(skb); | |
1452 | ||
1453 | if (static_key_false(&udp_encap_needed) && up->encap_type) { | |
1454 | int (*encap_rcv)(struct sock *sk, struct sk_buff *skb); | |
1455 | ||
1456 | /* | |
1457 | * This is an encapsulation socket so pass the skb to | |
1458 | * the socket's udp_encap_rcv() hook. Otherwise, just | |
1459 | * fall through and pass this up the UDP socket. | |
1460 | * up->encap_rcv() returns the following value: | |
1461 | * =0 if skb was successfully passed to the encap | |
1462 | * handler or was discarded by it. | |
1463 | * >0 if skb should be passed on to UDP. | |
1464 | * <0 if skb should be resubmitted as proto -N | |
1465 | */ | |
1466 | ||
1467 | /* if we're overly short, let UDP handle it */ | |
1468 | encap_rcv = ACCESS_ONCE(up->encap_rcv); | |
1469 | if (skb->len > sizeof(struct udphdr) && encap_rcv != NULL) { | |
1470 | int ret; | |
1471 | ||
1472 | ret = encap_rcv(sk, skb); | |
1473 | if (ret <= 0) { | |
1474 | UDP_INC_STATS_BH(sock_net(sk), | |
1475 | UDP_MIB_INDATAGRAMS, | |
1476 | is_udplite); | |
1477 | return -ret; | |
1478 | } | |
1479 | } | |
1480 | ||
1481 | /* FALLTHROUGH -- it's a UDP Packet */ | |
1482 | } | |
1483 | ||
1484 | /* | |
1485 | * UDP-Lite specific tests, ignored on UDP sockets | |
1486 | */ | |
1487 | if ((is_udplite & UDPLITE_RECV_CC) && UDP_SKB_CB(skb)->partial_cov) { | |
1488 | ||
1489 | /* | |
1490 | * MIB statistics other than incrementing the error count are | |
1491 | * disabled for the following two types of errors: these depend | |
1492 | * on the application settings, not on the functioning of the | |
1493 | * protocol stack as such. | |
1494 | * | |
1495 | * RFC 3828 here recommends (sec 3.3): "There should also be a | |
1496 | * way ... to ... at least let the receiving application block | |
1497 | * delivery of packets with coverage values less than a value | |
1498 | * provided by the application." | |
1499 | */ | |
1500 | if (up->pcrlen == 0) { /* full coverage was set */ | |
1501 | LIMIT_NETDEBUG(KERN_WARNING "UDPLite: partial coverage %d while full coverage %d requested\n", | |
1502 | UDP_SKB_CB(skb)->cscov, skb->len); | |
1503 | goto drop; | |
1504 | } | |
1505 | /* The next case involves violating the min. coverage requested | |
1506 | * by the receiver. This is subtle: if receiver wants x and x is | |
1507 | * greater than the buffersize/MTU then receiver will complain | |
1508 | * that it wants x while sender emits packets of smaller size y. | |
1509 | * Therefore the above ...()->partial_cov statement is essential. | |
1510 | */ | |
1511 | if (UDP_SKB_CB(skb)->cscov < up->pcrlen) { | |
1512 | LIMIT_NETDEBUG(KERN_WARNING "UDPLite: coverage %d too small, need min %d\n", | |
1513 | UDP_SKB_CB(skb)->cscov, up->pcrlen); | |
1514 | goto drop; | |
1515 | } | |
1516 | } | |
1517 | ||
1518 | if (rcu_access_pointer(sk->sk_filter) && | |
1519 | udp_lib_checksum_complete(skb)) | |
1520 | goto csum_error; | |
1521 | ||
1522 | ||
1523 | if (sk_rcvqueues_full(sk, skb, sk->sk_rcvbuf)) | |
1524 | goto drop; | |
1525 | ||
1526 | rc = 0; | |
1527 | ||
1528 | ipv4_pktinfo_prepare(skb); | |
1529 | bh_lock_sock(sk); | |
1530 | if (!sock_owned_by_user(sk)) | |
1531 | rc = __udp_queue_rcv_skb(sk, skb); | |
1532 | else if (sk_add_backlog(sk, skb, sk->sk_rcvbuf)) { | |
1533 | bh_unlock_sock(sk); | |
1534 | goto drop; | |
1535 | } | |
1536 | bh_unlock_sock(sk); | |
1537 | ||
1538 | return rc; | |
1539 | ||
1540 | csum_error: | |
1541 | UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_CSUMERRORS, is_udplite); | |
1542 | drop: | |
1543 | UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, is_udplite); | |
1544 | atomic_inc(&sk->sk_drops); | |
1545 | kfree_skb(skb); | |
1546 | return -1; | |
1547 | } | |
1548 | ||
1549 | ||
1550 | static void flush_stack(struct sock **stack, unsigned int count, | |
1551 | struct sk_buff *skb, unsigned int final) | |
1552 | { | |
1553 | unsigned int i; | |
1554 | struct sk_buff *skb1 = NULL; | |
1555 | struct sock *sk; | |
1556 | ||
1557 | for (i = 0; i < count; i++) { | |
1558 | sk = stack[i]; | |
1559 | if (likely(skb1 == NULL)) | |
1560 | skb1 = (i == final) ? skb : skb_clone(skb, GFP_ATOMIC); | |
1561 | ||
1562 | if (!skb1) { | |
1563 | atomic_inc(&sk->sk_drops); | |
1564 | UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_RCVBUFERRORS, | |
1565 | IS_UDPLITE(sk)); | |
1566 | UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, | |
1567 | IS_UDPLITE(sk)); | |
1568 | } | |
1569 | ||
1570 | if (skb1 && udp_queue_rcv_skb(sk, skb1) <= 0) | |
1571 | skb1 = NULL; | |
1572 | } | |
1573 | if (unlikely(skb1)) | |
1574 | kfree_skb(skb1); | |
1575 | } | |
1576 | ||
1577 | /* | |
1578 | * Multicasts and broadcasts go to each listener. | |
1579 | * | |
1580 | * Note: called only from the BH handler context. | |
1581 | */ | |
1582 | static int __udp4_lib_mcast_deliver(struct net *net, struct sk_buff *skb, | |
1583 | struct udphdr *uh, | |
1584 | __be32 saddr, __be32 daddr, | |
1585 | struct udp_table *udptable) | |
1586 | { | |
1587 | struct sock *sk, *stack[256 / sizeof(struct sock *)]; | |
1588 | struct udp_hslot *hslot = udp_hashslot(udptable, net, ntohs(uh->dest)); | |
1589 | int dif; | |
1590 | unsigned int i, count = 0; | |
1591 | ||
1592 | spin_lock(&hslot->lock); | |
1593 | sk = sk_nulls_head(&hslot->head); | |
1594 | dif = skb->dev->ifindex; | |
1595 | sk = udp_v4_mcast_next(net, sk, uh->dest, daddr, uh->source, saddr, dif); | |
1596 | while (sk) { | |
1597 | stack[count++] = sk; | |
1598 | sk = udp_v4_mcast_next(net, sk_nulls_next(sk), uh->dest, | |
1599 | daddr, uh->source, saddr, dif); | |
1600 | if (unlikely(count == ARRAY_SIZE(stack))) { | |
1601 | if (!sk) | |
1602 | break; | |
1603 | flush_stack(stack, count, skb, ~0); | |
1604 | count = 0; | |
1605 | } | |
1606 | } | |
1607 | /* | |
1608 | * before releasing chain lock, we must take a reference on sockets | |
1609 | */ | |
1610 | for (i = 0; i < count; i++) | |
1611 | sock_hold(stack[i]); | |
1612 | ||
1613 | spin_unlock(&hslot->lock); | |
1614 | ||
1615 | /* | |
1616 | * do the slow work with no lock held | |
1617 | */ | |
1618 | if (count) { | |
1619 | flush_stack(stack, count, skb, count - 1); | |
1620 | ||
1621 | for (i = 0; i < count; i++) | |
1622 | sock_put(stack[i]); | |
1623 | } else { | |
1624 | kfree_skb(skb); | |
1625 | } | |
1626 | return 0; | |
1627 | } | |
1628 | ||
1629 | /* Initialize UDP checksum. If exited with zero value (success), | |
1630 | * CHECKSUM_UNNECESSARY means, that no more checks are required. | |
1631 | * Otherwise, csum completion requires chacksumming packet body, | |
1632 | * including udp header and folding it to skb->csum. | |
1633 | */ | |
1634 | static inline int udp4_csum_init(struct sk_buff *skb, struct udphdr *uh, | |
1635 | int proto) | |
1636 | { | |
1637 | const struct iphdr *iph; | |
1638 | int err; | |
1639 | ||
1640 | UDP_SKB_CB(skb)->partial_cov = 0; | |
1641 | UDP_SKB_CB(skb)->cscov = skb->len; | |
1642 | ||
1643 | if (proto == IPPROTO_UDPLITE) { | |
1644 | err = udplite_checksum_init(skb, uh); | |
1645 | if (err) | |
1646 | return err; | |
1647 | } | |
1648 | ||
1649 | iph = ip_hdr(skb); | |
1650 | if (uh->check == 0) { | |
1651 | skb->ip_summed = CHECKSUM_UNNECESSARY; | |
1652 | } else if (skb->ip_summed == CHECKSUM_COMPLETE) { | |
1653 | if (!csum_tcpudp_magic(iph->saddr, iph->daddr, skb->len, | |
1654 | proto, skb->csum)) | |
1655 | skb->ip_summed = CHECKSUM_UNNECESSARY; | |
1656 | } | |
1657 | if (!skb_csum_unnecessary(skb)) | |
1658 | skb->csum = csum_tcpudp_nofold(iph->saddr, iph->daddr, | |
1659 | skb->len, proto, 0); | |
1660 | /* Probably, we should checksum udp header (it should be in cache | |
1661 | * in any case) and data in tiny packets (< rx copybreak). | |
1662 | */ | |
1663 | ||
1664 | return 0; | |
1665 | } | |
1666 | ||
1667 | /* | |
1668 | * All we need to do is get the socket, and then do a checksum. | |
1669 | */ | |
1670 | ||
1671 | int __udp4_lib_rcv(struct sk_buff *skb, struct udp_table *udptable, | |
1672 | int proto) | |
1673 | { | |
1674 | struct sock *sk; | |
1675 | struct udphdr *uh; | |
1676 | unsigned short ulen; | |
1677 | struct rtable *rt = skb_rtable(skb); | |
1678 | __be32 saddr, daddr; | |
1679 | struct net *net = dev_net(skb->dev); | |
1680 | ||
1681 | /* | |
1682 | * Validate the packet. | |
1683 | */ | |
1684 | if (!pskb_may_pull(skb, sizeof(struct udphdr))) | |
1685 | goto drop; /* No space for header. */ | |
1686 | ||
1687 | uh = udp_hdr(skb); | |
1688 | ulen = ntohs(uh->len); | |
1689 | saddr = ip_hdr(skb)->saddr; | |
1690 | daddr = ip_hdr(skb)->daddr; | |
1691 | ||
1692 | if (ulen > skb->len) | |
1693 | goto short_packet; | |
1694 | ||
1695 | if (proto == IPPROTO_UDP) { | |
1696 | /* UDP validates ulen. */ | |
1697 | if (ulen < sizeof(*uh) || pskb_trim_rcsum(skb, ulen)) | |
1698 | goto short_packet; | |
1699 | uh = udp_hdr(skb); | |
1700 | } | |
1701 | ||
1702 | if (udp4_csum_init(skb, uh, proto)) | |
1703 | goto csum_error; | |
1704 | ||
1705 | if (rt->rt_flags & (RTCF_BROADCAST|RTCF_MULTICAST)) | |
1706 | return __udp4_lib_mcast_deliver(net, skb, uh, | |
1707 | saddr, daddr, udptable); | |
1708 | ||
1709 | sk = __udp4_lib_lookup_skb(skb, uh->source, uh->dest, udptable); | |
1710 | ||
1711 | if (sk != NULL) { | |
1712 | int ret = udp_queue_rcv_skb(sk, skb); | |
1713 | sock_put(sk); | |
1714 | ||
1715 | /* a return value > 0 means to resubmit the input, but | |
1716 | * it wants the return to be -protocol, or 0 | |
1717 | */ | |
1718 | if (ret > 0) | |
1719 | return -ret; | |
1720 | return 0; | |
1721 | } | |
1722 | ||
1723 | if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb)) | |
1724 | goto drop; | |
1725 | nf_reset(skb); | |
1726 | ||
1727 | /* No socket. Drop packet silently, if checksum is wrong */ | |
1728 | if (udp_lib_checksum_complete(skb)) | |
1729 | goto csum_error; | |
1730 | ||
1731 | UDP_INC_STATS_BH(net, UDP_MIB_NOPORTS, proto == IPPROTO_UDPLITE); | |
1732 | icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0); | |
1733 | ||
1734 | /* | |
1735 | * Hmm. We got an UDP packet to a port to which we | |
1736 | * don't wanna listen. Ignore it. | |
1737 | */ | |
1738 | kfree_skb(skb); | |
1739 | return 0; | |
1740 | ||
1741 | short_packet: | |
1742 | LIMIT_NETDEBUG(KERN_DEBUG "UDP%s: short packet: From %pI4:%u %d/%d to %pI4:%u\n", | |
1743 | proto == IPPROTO_UDPLITE ? "Lite" : "", | |
1744 | &saddr, ntohs(uh->source), | |
1745 | ulen, skb->len, | |
1746 | &daddr, ntohs(uh->dest)); | |
1747 | goto drop; | |
1748 | ||
1749 | csum_error: | |
1750 | /* | |
1751 | * RFC1122: OK. Discards the bad packet silently (as far as | |
1752 | * the network is concerned, anyway) as per 4.1.3.4 (MUST). | |
1753 | */ | |
1754 | LIMIT_NETDEBUG(KERN_DEBUG "UDP%s: bad checksum. From %pI4:%u to %pI4:%u ulen %d\n", | |
1755 | proto == IPPROTO_UDPLITE ? "Lite" : "", | |
1756 | &saddr, ntohs(uh->source), &daddr, ntohs(uh->dest), | |
1757 | ulen); | |
1758 | UDP_INC_STATS_BH(net, UDP_MIB_CSUMERRORS, proto == IPPROTO_UDPLITE); | |
1759 | drop: | |
1760 | UDP_INC_STATS_BH(net, UDP_MIB_INERRORS, proto == IPPROTO_UDPLITE); | |
1761 | kfree_skb(skb); | |
1762 | return 0; | |
1763 | } | |
1764 | ||
1765 | int udp_rcv(struct sk_buff *skb) | |
1766 | { | |
1767 | return __udp4_lib_rcv(skb, &udp_table, IPPROTO_UDP); | |
1768 | } | |
1769 | ||
1770 | void udp_destroy_sock(struct sock *sk) | |
1771 | { | |
1772 | struct udp_sock *up = udp_sk(sk); | |
1773 | bool slow = lock_sock_fast(sk); | |
1774 | udp_flush_pending_frames(sk); | |
1775 | unlock_sock_fast(sk, slow); | |
1776 | if (static_key_false(&udp_encap_needed) && up->encap_type) { | |
1777 | void (*encap_destroy)(struct sock *sk); | |
1778 | encap_destroy = ACCESS_ONCE(up->encap_destroy); | |
1779 | if (encap_destroy) | |
1780 | encap_destroy(sk); | |
1781 | } | |
1782 | } | |
1783 | ||
1784 | /* | |
1785 | * Socket option code for UDP | |
1786 | */ | |
1787 | int udp_lib_setsockopt(struct sock *sk, int level, int optname, | |
1788 | char __user *optval, unsigned int optlen, | |
1789 | int (*push_pending_frames)(struct sock *)) | |
1790 | { | |
1791 | struct udp_sock *up = udp_sk(sk); | |
1792 | int val; | |
1793 | int err = 0; | |
1794 | int is_udplite = IS_UDPLITE(sk); | |
1795 | ||
1796 | if (optlen < sizeof(int)) | |
1797 | return -EINVAL; | |
1798 | ||
1799 | if (get_user(val, (int __user *)optval)) | |
1800 | return -EFAULT; | |
1801 | ||
1802 | switch (optname) { | |
1803 | case UDP_CORK: | |
1804 | if (val != 0) { | |
1805 | up->corkflag = 1; | |
1806 | } else { | |
1807 | up->corkflag = 0; | |
1808 | lock_sock(sk); | |
1809 | (*push_pending_frames)(sk); | |
1810 | release_sock(sk); | |
1811 | } | |
1812 | break; | |
1813 | ||
1814 | case UDP_ENCAP: | |
1815 | switch (val) { | |
1816 | case 0: | |
1817 | case UDP_ENCAP_ESPINUDP: | |
1818 | case UDP_ENCAP_ESPINUDP_NON_IKE: | |
1819 | up->encap_rcv = xfrm4_udp_encap_rcv; | |
1820 | /* FALLTHROUGH */ | |
1821 | case UDP_ENCAP_L2TPINUDP: | |
1822 | up->encap_type = val; | |
1823 | udp_encap_enable(); | |
1824 | break; | |
1825 | default: | |
1826 | err = -ENOPROTOOPT; | |
1827 | break; | |
1828 | } | |
1829 | break; | |
1830 | ||
1831 | /* | |
1832 | * UDP-Lite's partial checksum coverage (RFC 3828). | |
1833 | */ | |
1834 | /* The sender sets actual checksum coverage length via this option. | |
1835 | * The case coverage > packet length is handled by send module. */ | |
1836 | case UDPLITE_SEND_CSCOV: | |
1837 | if (!is_udplite) /* Disable the option on UDP sockets */ | |
1838 | return -ENOPROTOOPT; | |
1839 | if (val != 0 && val < 8) /* Illegal coverage: use default (8) */ | |
1840 | val = 8; | |
1841 | else if (val > USHRT_MAX) | |
1842 | val = USHRT_MAX; | |
1843 | up->pcslen = val; | |
1844 | up->pcflag |= UDPLITE_SEND_CC; | |
1845 | break; | |
1846 | ||
1847 | /* The receiver specifies a minimum checksum coverage value. To make | |
1848 | * sense, this should be set to at least 8 (as done below). If zero is | |
1849 | * used, this again means full checksum coverage. */ | |
1850 | case UDPLITE_RECV_CSCOV: | |
1851 | if (!is_udplite) /* Disable the option on UDP sockets */ | |
1852 | return -ENOPROTOOPT; | |
1853 | if (val != 0 && val < 8) /* Avoid silly minimal values. */ | |
1854 | val = 8; | |
1855 | else if (val > USHRT_MAX) | |
1856 | val = USHRT_MAX; | |
1857 | up->pcrlen = val; | |
1858 | up->pcflag |= UDPLITE_RECV_CC; | |
1859 | break; | |
1860 | ||
1861 | default: | |
1862 | err = -ENOPROTOOPT; | |
1863 | break; | |
1864 | } | |
1865 | ||
1866 | return err; | |
1867 | } | |
1868 | EXPORT_SYMBOL(udp_lib_setsockopt); | |
1869 | ||
1870 | int udp_setsockopt(struct sock *sk, int level, int optname, | |
1871 | char __user *optval, unsigned int optlen) | |
1872 | { | |
1873 | if (level == SOL_UDP || level == SOL_UDPLITE) | |
1874 | return udp_lib_setsockopt(sk, level, optname, optval, optlen, | |
1875 | udp_push_pending_frames); | |
1876 | return ip_setsockopt(sk, level, optname, optval, optlen); | |
1877 | } | |
1878 | ||
1879 | #ifdef CONFIG_COMPAT | |
1880 | int compat_udp_setsockopt(struct sock *sk, int level, int optname, | |
1881 | char __user *optval, unsigned int optlen) | |
1882 | { | |
1883 | if (level == SOL_UDP || level == SOL_UDPLITE) | |
1884 | return udp_lib_setsockopt(sk, level, optname, optval, optlen, | |
1885 | udp_push_pending_frames); | |
1886 | return compat_ip_setsockopt(sk, level, optname, optval, optlen); | |
1887 | } | |
1888 | #endif | |
1889 | ||
1890 | int udp_lib_getsockopt(struct sock *sk, int level, int optname, | |
1891 | char __user *optval, int __user *optlen) | |
1892 | { | |
1893 | struct udp_sock *up = udp_sk(sk); | |
1894 | int val, len; | |
1895 | ||
1896 | if (get_user(len, optlen)) | |
1897 | return -EFAULT; | |
1898 | ||
1899 | len = min_t(unsigned int, len, sizeof(int)); | |
1900 | ||
1901 | if (len < 0) | |
1902 | return -EINVAL; | |
1903 | ||
1904 | switch (optname) { | |
1905 | case UDP_CORK: | |
1906 | val = up->corkflag; | |
1907 | break; | |
1908 | ||
1909 | case UDP_ENCAP: | |
1910 | val = up->encap_type; | |
1911 | break; | |
1912 | ||
1913 | /* The following two cannot be changed on UDP sockets, the return is | |
1914 | * always 0 (which corresponds to the full checksum coverage of UDP). */ | |
1915 | case UDPLITE_SEND_CSCOV: | |
1916 | val = up->pcslen; | |
1917 | break; | |
1918 | ||
1919 | case UDPLITE_RECV_CSCOV: | |
1920 | val = up->pcrlen; | |
1921 | break; | |
1922 | ||
1923 | default: | |
1924 | return -ENOPROTOOPT; | |
1925 | } | |
1926 | ||
1927 | if (put_user(len, optlen)) | |
1928 | return -EFAULT; | |
1929 | if (copy_to_user(optval, &val, len)) | |
1930 | return -EFAULT; | |
1931 | return 0; | |
1932 | } | |
1933 | EXPORT_SYMBOL(udp_lib_getsockopt); | |
1934 | ||
1935 | int udp_getsockopt(struct sock *sk, int level, int optname, | |
1936 | char __user *optval, int __user *optlen) | |
1937 | { | |
1938 | if (level == SOL_UDP || level == SOL_UDPLITE) | |
1939 | return udp_lib_getsockopt(sk, level, optname, optval, optlen); | |
1940 | return ip_getsockopt(sk, level, optname, optval, optlen); | |
1941 | } | |
1942 | ||
1943 | #ifdef CONFIG_COMPAT | |
1944 | int compat_udp_getsockopt(struct sock *sk, int level, int optname, | |
1945 | char __user *optval, int __user *optlen) | |
1946 | { | |
1947 | if (level == SOL_UDP || level == SOL_UDPLITE) | |
1948 | return udp_lib_getsockopt(sk, level, optname, optval, optlen); | |
1949 | return compat_ip_getsockopt(sk, level, optname, optval, optlen); | |
1950 | } | |
1951 | #endif | |
1952 | /** | |
1953 | * udp_poll - wait for a UDP event. | |
1954 | * @file - file struct | |
1955 | * @sock - socket | |
1956 | * @wait - poll table | |
1957 | * | |
1958 | * This is same as datagram poll, except for the special case of | |
1959 | * blocking sockets. If application is using a blocking fd | |
1960 | * and a packet with checksum error is in the queue; | |
1961 | * then it could get return from select indicating data available | |
1962 | * but then block when reading it. Add special case code | |
1963 | * to work around these arguably broken applications. | |
1964 | */ | |
1965 | unsigned int udp_poll(struct file *file, struct socket *sock, poll_table *wait) | |
1966 | { | |
1967 | unsigned int mask = datagram_poll(file, sock, wait); | |
1968 | struct sock *sk = sock->sk; | |
1969 | ||
1970 | /* Check for false positives due to checksum errors */ | |
1971 | if ((mask & POLLRDNORM) && !(file->f_flags & O_NONBLOCK) && | |
1972 | !(sk->sk_shutdown & RCV_SHUTDOWN) && !first_packet_length(sk)) | |
1973 | mask &= ~(POLLIN | POLLRDNORM); | |
1974 | ||
1975 | return mask; | |
1976 | ||
1977 | } | |
1978 | EXPORT_SYMBOL(udp_poll); | |
1979 | ||
1980 | struct proto udp_prot = { | |
1981 | .name = "UDP", | |
1982 | .owner = THIS_MODULE, | |
1983 | .close = udp_lib_close, | |
1984 | .connect = ip4_datagram_connect, | |
1985 | .disconnect = udp_disconnect, | |
1986 | .ioctl = udp_ioctl, | |
1987 | .destroy = udp_destroy_sock, | |
1988 | .setsockopt = udp_setsockopt, | |
1989 | .getsockopt = udp_getsockopt, | |
1990 | .sendmsg = udp_sendmsg, | |
1991 | .recvmsg = udp_recvmsg, | |
1992 | .sendpage = udp_sendpage, | |
1993 | .backlog_rcv = __udp_queue_rcv_skb, | |
1994 | .release_cb = ip4_datagram_release_cb, | |
1995 | .hash = udp_lib_hash, | |
1996 | .unhash = udp_lib_unhash, | |
1997 | .rehash = udp_v4_rehash, | |
1998 | .get_port = udp_v4_get_port, | |
1999 | .memory_allocated = &udp_memory_allocated, | |
2000 | .sysctl_mem = sysctl_udp_mem, | |
2001 | .sysctl_wmem = &sysctl_udp_wmem_min, | |
2002 | .sysctl_rmem = &sysctl_udp_rmem_min, | |
2003 | .obj_size = sizeof(struct udp_sock), | |
2004 | .slab_flags = SLAB_DESTROY_BY_RCU, | |
2005 | .h.udp_table = &udp_table, | |
2006 | #ifdef CONFIG_COMPAT | |
2007 | .compat_setsockopt = compat_udp_setsockopt, | |
2008 | .compat_getsockopt = compat_udp_getsockopt, | |
2009 | #endif | |
2010 | .clear_sk = sk_prot_clear_portaddr_nulls, | |
2011 | }; | |
2012 | EXPORT_SYMBOL(udp_prot); | |
2013 | ||
2014 | /* ------------------------------------------------------------------------ */ | |
2015 | #ifdef CONFIG_PROC_FS | |
2016 | ||
2017 | static struct sock *udp_get_first(struct seq_file *seq, int start) | |
2018 | { | |
2019 | struct sock *sk; | |
2020 | struct udp_iter_state *state = seq->private; | |
2021 | struct net *net = seq_file_net(seq); | |
2022 | ||
2023 | for (state->bucket = start; state->bucket <= state->udp_table->mask; | |
2024 | ++state->bucket) { | |
2025 | struct hlist_nulls_node *node; | |
2026 | struct udp_hslot *hslot = &state->udp_table->hash[state->bucket]; | |
2027 | ||
2028 | if (hlist_nulls_empty(&hslot->head)) | |
2029 | continue; | |
2030 | ||
2031 | spin_lock_bh(&hslot->lock); | |
2032 | sk_nulls_for_each(sk, node, &hslot->head) { | |
2033 | if (!net_eq(sock_net(sk), net)) | |
2034 | continue; | |
2035 | if (sk->sk_family == state->family) | |
2036 | goto found; | |
2037 | } | |
2038 | spin_unlock_bh(&hslot->lock); | |
2039 | } | |
2040 | sk = NULL; | |
2041 | found: | |
2042 | return sk; | |
2043 | } | |
2044 | ||
2045 | static struct sock *udp_get_next(struct seq_file *seq, struct sock *sk) | |
2046 | { | |
2047 | struct udp_iter_state *state = seq->private; | |
2048 | struct net *net = seq_file_net(seq); | |
2049 | ||
2050 | do { | |
2051 | sk = sk_nulls_next(sk); | |
2052 | } while (sk && (!net_eq(sock_net(sk), net) || sk->sk_family != state->family)); | |
2053 | ||
2054 | if (!sk) { | |
2055 | if (state->bucket <= state->udp_table->mask) | |
2056 | spin_unlock_bh(&state->udp_table->hash[state->bucket].lock); | |
2057 | return udp_get_first(seq, state->bucket + 1); | |
2058 | } | |
2059 | return sk; | |
2060 | } | |
2061 | ||
2062 | static struct sock *udp_get_idx(struct seq_file *seq, loff_t pos) | |
2063 | { | |
2064 | struct sock *sk = udp_get_first(seq, 0); | |
2065 | ||
2066 | if (sk) | |
2067 | while (pos && (sk = udp_get_next(seq, sk)) != NULL) | |
2068 | --pos; | |
2069 | return pos ? NULL : sk; | |
2070 | } | |
2071 | ||
2072 | static void *udp_seq_start(struct seq_file *seq, loff_t *pos) | |
2073 | { | |
2074 | struct udp_iter_state *state = seq->private; | |
2075 | state->bucket = MAX_UDP_PORTS; | |
2076 | ||
2077 | return *pos ? udp_get_idx(seq, *pos-1) : SEQ_START_TOKEN; | |
2078 | } | |
2079 | ||
2080 | static void *udp_seq_next(struct seq_file *seq, void *v, loff_t *pos) | |
2081 | { | |
2082 | struct sock *sk; | |
2083 | ||
2084 | if (v == SEQ_START_TOKEN) | |
2085 | sk = udp_get_idx(seq, 0); | |
2086 | else | |
2087 | sk = udp_get_next(seq, v); | |
2088 | ||
2089 | ++*pos; | |
2090 | return sk; | |
2091 | } | |
2092 | ||
2093 | static void udp_seq_stop(struct seq_file *seq, void *v) | |
2094 | { | |
2095 | struct udp_iter_state *state = seq->private; | |
2096 | ||
2097 | if (state->bucket <= state->udp_table->mask) | |
2098 | spin_unlock_bh(&state->udp_table->hash[state->bucket].lock); | |
2099 | } | |
2100 | ||
2101 | int udp_seq_open(struct inode *inode, struct file *file) | |
2102 | { | |
2103 | struct udp_seq_afinfo *afinfo = PDE(inode)->data; | |
2104 | struct udp_iter_state *s; | |
2105 | int err; | |
2106 | ||
2107 | err = seq_open_net(inode, file, &afinfo->seq_ops, | |
2108 | sizeof(struct udp_iter_state)); | |
2109 | if (err < 0) | |
2110 | return err; | |
2111 | ||
2112 | s = ((struct seq_file *)file->private_data)->private; | |
2113 | s->family = afinfo->family; | |
2114 | s->udp_table = afinfo->udp_table; | |
2115 | return err; | |
2116 | } | |
2117 | EXPORT_SYMBOL(udp_seq_open); | |
2118 | ||
2119 | /* ------------------------------------------------------------------------ */ | |
2120 | int udp_proc_register(struct net *net, struct udp_seq_afinfo *afinfo) | |
2121 | { | |
2122 | struct proc_dir_entry *p; | |
2123 | int rc = 0; | |
2124 | ||
2125 | afinfo->seq_ops.start = udp_seq_start; | |
2126 | afinfo->seq_ops.next = udp_seq_next; | |
2127 | afinfo->seq_ops.stop = udp_seq_stop; | |
2128 | ||
2129 | p = proc_create_data(afinfo->name, S_IRUGO, net->proc_net, | |
2130 | afinfo->seq_fops, afinfo); | |
2131 | if (!p) | |
2132 | rc = -ENOMEM; | |
2133 | return rc; | |
2134 | } | |
2135 | EXPORT_SYMBOL(udp_proc_register); | |
2136 | ||
2137 | void udp_proc_unregister(struct net *net, struct udp_seq_afinfo *afinfo) | |
2138 | { | |
2139 | remove_proc_entry(afinfo->name, net->proc_net); | |
2140 | } | |
2141 | EXPORT_SYMBOL(udp_proc_unregister); | |
2142 | ||
2143 | /* ------------------------------------------------------------------------ */ | |
2144 | static void udp4_format_sock(struct sock *sp, struct seq_file *f, | |
2145 | int bucket, int *len) | |
2146 | { | |
2147 | struct inet_sock *inet = inet_sk(sp); | |
2148 | __be32 dest = inet->inet_daddr; | |
2149 | __be32 src = inet->inet_rcv_saddr; | |
2150 | __u16 destp = ntohs(inet->inet_dport); | |
2151 | __u16 srcp = ntohs(inet->inet_sport); | |
2152 | ||
2153 | seq_printf(f, "%5d: %08X:%04X %08X:%04X" | |
2154 | " %02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %pK %d%n", | |
2155 | bucket, src, srcp, dest, destp, sp->sk_state, | |
2156 | sk_wmem_alloc_get(sp), | |
2157 | sk_rmem_alloc_get(sp), | |
2158 | 0, 0L, 0, | |
2159 | from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)), | |
2160 | 0, sock_i_ino(sp), | |
2161 | atomic_read(&sp->sk_refcnt), sp, | |
2162 | atomic_read(&sp->sk_drops), len); | |
2163 | } | |
2164 | ||
2165 | int udp4_seq_show(struct seq_file *seq, void *v) | |
2166 | { | |
2167 | if (v == SEQ_START_TOKEN) | |
2168 | seq_printf(seq, "%-127s\n", | |
2169 | " sl local_address rem_address st tx_queue " | |
2170 | "rx_queue tr tm->when retrnsmt uid timeout " | |
2171 | "inode ref pointer drops"); | |
2172 | else { | |
2173 | struct udp_iter_state *state = seq->private; | |
2174 | int len; | |
2175 | ||
2176 | udp4_format_sock(v, seq, state->bucket, &len); | |
2177 | seq_printf(seq, "%*s\n", 127 - len, ""); | |
2178 | } | |
2179 | return 0; | |
2180 | } | |
2181 | ||
2182 | static const struct file_operations udp_afinfo_seq_fops = { | |
2183 | .owner = THIS_MODULE, | |
2184 | .open = udp_seq_open, | |
2185 | .read = seq_read, | |
2186 | .llseek = seq_lseek, | |
2187 | .release = seq_release_net | |
2188 | }; | |
2189 | ||
2190 | /* ------------------------------------------------------------------------ */ | |
2191 | static struct udp_seq_afinfo udp4_seq_afinfo = { | |
2192 | .name = "udp", | |
2193 | .family = AF_INET, | |
2194 | .udp_table = &udp_table, | |
2195 | .seq_fops = &udp_afinfo_seq_fops, | |
2196 | .seq_ops = { | |
2197 | .show = udp4_seq_show, | |
2198 | }, | |
2199 | }; | |
2200 | ||
2201 | static int __net_init udp4_proc_init_net(struct net *net) | |
2202 | { | |
2203 | return udp_proc_register(net, &udp4_seq_afinfo); | |
2204 | } | |
2205 | ||
2206 | static void __net_exit udp4_proc_exit_net(struct net *net) | |
2207 | { | |
2208 | udp_proc_unregister(net, &udp4_seq_afinfo); | |
2209 | } | |
2210 | ||
2211 | static struct pernet_operations udp4_net_ops = { | |
2212 | .init = udp4_proc_init_net, | |
2213 | .exit = udp4_proc_exit_net, | |
2214 | }; | |
2215 | ||
2216 | int __init udp4_proc_init(void) | |
2217 | { | |
2218 | return register_pernet_subsys(&udp4_net_ops); | |
2219 | } | |
2220 | ||
2221 | void udp4_proc_exit(void) | |
2222 | { | |
2223 | unregister_pernet_subsys(&udp4_net_ops); | |
2224 | } | |
2225 | #endif /* CONFIG_PROC_FS */ | |
2226 | ||
2227 | static __initdata unsigned long uhash_entries; | |
2228 | static int __init set_uhash_entries(char *str) | |
2229 | { | |
2230 | ssize_t ret; | |
2231 | ||
2232 | if (!str) | |
2233 | return 0; | |
2234 | ||
2235 | ret = kstrtoul(str, 0, &uhash_entries); | |
2236 | if (ret) | |
2237 | return 0; | |
2238 | ||
2239 | if (uhash_entries && uhash_entries < UDP_HTABLE_SIZE_MIN) | |
2240 | uhash_entries = UDP_HTABLE_SIZE_MIN; | |
2241 | return 1; | |
2242 | } | |
2243 | __setup("uhash_entries=", set_uhash_entries); | |
2244 | ||
2245 | void __init udp_table_init(struct udp_table *table, const char *name) | |
2246 | { | |
2247 | unsigned int i; | |
2248 | ||
2249 | table->hash = alloc_large_system_hash(name, | |
2250 | 2 * sizeof(struct udp_hslot), | |
2251 | uhash_entries, | |
2252 | 21, /* one slot per 2 MB */ | |
2253 | 0, | |
2254 | &table->log, | |
2255 | &table->mask, | |
2256 | UDP_HTABLE_SIZE_MIN, | |
2257 | 64 * 1024); | |
2258 | ||
2259 | table->hash2 = table->hash + (table->mask + 1); | |
2260 | for (i = 0; i <= table->mask; i++) { | |
2261 | INIT_HLIST_NULLS_HEAD(&table->hash[i].head, i); | |
2262 | table->hash[i].count = 0; | |
2263 | spin_lock_init(&table->hash[i].lock); | |
2264 | } | |
2265 | for (i = 0; i <= table->mask; i++) { | |
2266 | INIT_HLIST_NULLS_HEAD(&table->hash2[i].head, i); | |
2267 | table->hash2[i].count = 0; | |
2268 | spin_lock_init(&table->hash2[i].lock); | |
2269 | } | |
2270 | } | |
2271 | ||
2272 | void __init udp_init(void) | |
2273 | { | |
2274 | unsigned long limit; | |
2275 | ||
2276 | udp_table_init(&udp_table, "UDP"); | |
2277 | limit = nr_free_buffer_pages() / 8; | |
2278 | limit = max(limit, 128UL); | |
2279 | sysctl_udp_mem[0] = limit / 4 * 3; | |
2280 | sysctl_udp_mem[1] = limit; | |
2281 | sysctl_udp_mem[2] = sysctl_udp_mem[0] * 2; | |
2282 | ||
2283 | sysctl_udp_rmem_min = SK_MEM_QUANTUM; | |
2284 | sysctl_udp_wmem_min = SK_MEM_QUANTUM; | |
2285 | } | |
2286 | ||
2287 | int udp4_ufo_send_check(struct sk_buff *skb) | |
2288 | { | |
2289 | if (!pskb_may_pull(skb, sizeof(struct udphdr))) | |
2290 | return -EINVAL; | |
2291 | ||
2292 | if (likely(!skb->encapsulation)) { | |
2293 | const struct iphdr *iph; | |
2294 | struct udphdr *uh; | |
2295 | ||
2296 | iph = ip_hdr(skb); | |
2297 | uh = udp_hdr(skb); | |
2298 | ||
2299 | uh->check = ~csum_tcpudp_magic(iph->saddr, iph->daddr, skb->len, | |
2300 | IPPROTO_UDP, 0); | |
2301 | skb->csum_start = skb_transport_header(skb) - skb->head; | |
2302 | skb->csum_offset = offsetof(struct udphdr, check); | |
2303 | skb->ip_summed = CHECKSUM_PARTIAL; | |
2304 | } | |
2305 | return 0; | |
2306 | } | |
2307 | ||
2308 | static struct sk_buff *skb_udp_tunnel_segment(struct sk_buff *skb, | |
2309 | netdev_features_t features) | |
2310 | { | |
2311 | struct sk_buff *segs = ERR_PTR(-EINVAL); | |
2312 | int mac_len = skb->mac_len; | |
2313 | int tnl_hlen = skb_inner_mac_header(skb) - skb_transport_header(skb); | |
2314 | int outer_hlen; | |
2315 | netdev_features_t enc_features; | |
2316 | ||
2317 | if (unlikely(!pskb_may_pull(skb, tnl_hlen))) | |
2318 | goto out; | |
2319 | ||
2320 | skb->encapsulation = 0; | |
2321 | __skb_pull(skb, tnl_hlen); | |
2322 | skb_reset_mac_header(skb); | |
2323 | skb_set_network_header(skb, skb_inner_network_offset(skb)); | |
2324 | skb->mac_len = skb_inner_network_offset(skb); | |
2325 | ||
2326 | /* segment inner packet. */ | |
2327 | enc_features = skb->dev->hw_enc_features & netif_skb_features(skb); | |
2328 | segs = skb_mac_gso_segment(skb, enc_features); | |
2329 | if (!segs || IS_ERR(segs)) | |
2330 | goto out; | |
2331 | ||
2332 | outer_hlen = skb_tnl_header_len(skb); | |
2333 | skb = segs; | |
2334 | do { | |
2335 | struct udphdr *uh; | |
2336 | int udp_offset = outer_hlen - tnl_hlen; | |
2337 | ||
2338 | skb->mac_len = mac_len; | |
2339 | ||
2340 | skb_push(skb, outer_hlen); | |
2341 | skb_reset_mac_header(skb); | |
2342 | skb_set_network_header(skb, mac_len); | |
2343 | skb_set_transport_header(skb, udp_offset); | |
2344 | uh = udp_hdr(skb); | |
2345 | uh->len = htons(skb->len - udp_offset); | |
2346 | ||
2347 | /* csum segment if tunnel sets skb with csum. */ | |
2348 | if (unlikely(uh->check)) { | |
2349 | struct iphdr *iph = ip_hdr(skb); | |
2350 | ||
2351 | uh->check = ~csum_tcpudp_magic(iph->saddr, iph->daddr, | |
2352 | skb->len - udp_offset, | |
2353 | IPPROTO_UDP, 0); | |
2354 | uh->check = csum_fold(skb_checksum(skb, udp_offset, | |
2355 | skb->len - udp_offset, 0)); | |
2356 | if (uh->check == 0) | |
2357 | uh->check = CSUM_MANGLED_0; | |
2358 | ||
2359 | } | |
2360 | skb->ip_summed = CHECKSUM_NONE; | |
2361 | } while ((skb = skb->next)); | |
2362 | out: | |
2363 | return segs; | |
2364 | } | |
2365 | ||
2366 | struct sk_buff *udp4_ufo_fragment(struct sk_buff *skb, | |
2367 | netdev_features_t features) | |
2368 | { | |
2369 | struct sk_buff *segs = ERR_PTR(-EINVAL); | |
2370 | unsigned int mss; | |
2371 | mss = skb_shinfo(skb)->gso_size; | |
2372 | if (unlikely(skb->len <= mss)) | |
2373 | goto out; | |
2374 | ||
2375 | if (skb_gso_ok(skb, features | NETIF_F_GSO_ROBUST)) { | |
2376 | /* Packet is from an untrusted source, reset gso_segs. */ | |
2377 | int type = skb_shinfo(skb)->gso_type; | |
2378 | ||
2379 | if (unlikely(type & ~(SKB_GSO_UDP | SKB_GSO_DODGY | | |
2380 | SKB_GSO_UDP_TUNNEL | | |
2381 | SKB_GSO_GRE) || | |
2382 | !(type & (SKB_GSO_UDP)))) | |
2383 | goto out; | |
2384 | ||
2385 | skb_shinfo(skb)->gso_segs = DIV_ROUND_UP(skb->len, mss); | |
2386 | ||
2387 | segs = NULL; | |
2388 | goto out; | |
2389 | } | |
2390 | ||
2391 | /* Fragment the skb. IP headers of the fragments are updated in | |
2392 | * inet_gso_segment() | |
2393 | */ | |
2394 | if (skb->encapsulation && skb_shinfo(skb)->gso_type & SKB_GSO_UDP_TUNNEL) | |
2395 | segs = skb_udp_tunnel_segment(skb, features); | |
2396 | else { | |
2397 | int offset; | |
2398 | __wsum csum; | |
2399 | ||
2400 | /* Do software UFO. Complete and fill in the UDP checksum as | |
2401 | * HW cannot do checksum of UDP packets sent as multiple | |
2402 | * IP fragments. | |
2403 | */ | |
2404 | offset = skb_checksum_start_offset(skb); | |
2405 | csum = skb_checksum(skb, offset, skb->len - offset, 0); | |
2406 | offset += skb->csum_offset; | |
2407 | *(__sum16 *)(skb->data + offset) = csum_fold(csum); | |
2408 | skb->ip_summed = CHECKSUM_NONE; | |
2409 | ||
2410 | segs = skb_segment(skb, features); | |
2411 | } | |
2412 | out: | |
2413 | return segs; | |
2414 | } |