]> git.proxmox.com Git - mirror_ubuntu-kernels.git/blob - net/can/raw.c
projects / mirror_ubuntu-kernels.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
can: raw: add missing refcount for memory leak fix
[mirror_ubuntu-kernels.git] / net / can / raw.c
1 // SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause)
2 /* raw.c - Raw sockets for protocol family CAN
3 *
4 * Copyright (c) 2002-2007 Volkswagen Group Electronic Research
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of Volkswagen nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * Alternatively, provided that this notice is retained in full, this
20 * software may be distributed under the terms of the GNU General
21 * Public License ("GPL") version 2, in which case the provisions of the
22 * GPL apply INSTEAD OF those given above.
23 *
24 * The provided data structures and external interfaces from this code
25 * are not restricted to be used by modules with a GPL compatible license.
26 *
27 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
28 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
29 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
30 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
31 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
32 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
33 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
34 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
35 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
36 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
37 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
38 * DAMAGE.
39 *
40 */
41
42 #include <linux/module.h>
43 #include <linux/init.h>
44 #include <linux/uio.h>
45 #include <linux/net.h>
46 #include <linux/slab.h>
47 #include <linux/netdevice.h>
48 #include <linux/socket.h>
49 #include <linux/if_arp.h>
50 #include <linux/skbuff.h>
51 #include <linux/can.h>
52 #include <linux/can/core.h>
53 #include <linux/can/dev.h> /* for can_is_canxl_dev_mtu() */
54 #include <linux/can/skb.h>
55 #include <linux/can/raw.h>
56 #include <net/sock.h>
57 #include <net/net_namespace.h>
58
59 MODULE_DESCRIPTION("PF_CAN raw protocol");
60 MODULE_LICENSE("Dual BSD/GPL");
61 MODULE_AUTHOR("Urs Thuermann <urs.thuermann@volkswagen.de>");
62 MODULE_ALIAS("can-proto-1");
63
64 #define RAW_MIN_NAMELEN CAN_REQUIRED_SIZE(struct sockaddr_can, can_ifindex)
65
66 #define MASK_ALL 0
67
68 /* A raw socket has a list of can_filters attached to it, each receiving
69 * the CAN frames matching that filter. If the filter list is empty,
70 * no CAN frames will be received by the socket. The default after
71 * opening the socket, is to have one filter which receives all frames.
72 * The filter list is allocated dynamically with the exception of the
73 * list containing only one item. This common case is optimized by
74 * storing the single filter in dfilter, to avoid using dynamic memory.
75 */
76
77 struct uniqframe {
78 int skbcnt;
79 const struct sk_buff *skb;
80 unsigned int join_rx_count;
81 };
82
83 struct raw_sock {
84 struct sock sk;
85 int bound;
86 int ifindex;
87 struct net_device *dev;
88 netdevice_tracker dev_tracker;
89 struct list_head notifier;
90 int loopback;
91 int recv_own_msgs;
92 int fd_frames;
93 int xl_frames;
94 int join_filters;
95 int count; /* number of active filters */
96 struct can_filter dfilter; /* default/single filter */
97 struct can_filter *filter; /* pointer to filter(s) */
98 can_err_mask_t err_mask;
99 struct uniqframe __percpu *uniq;
100 };
101
102 static LIST_HEAD(raw_notifier_list);
103 static DEFINE_SPINLOCK(raw_notifier_lock);
104 static struct raw_sock *raw_busy_notifier;
105
106 /* Return pointer to store the extra msg flags for raw_recvmsg().
107 * We use the space of one unsigned int beyond the 'struct sockaddr_can'
108 * in skb->cb.
109 */
110 static inline unsigned int *raw_flags(struct sk_buff *skb)
111 {
112 sock_skb_cb_check_size(sizeof(struct sockaddr_can) +
113 sizeof(unsigned int));
114
115 /* return pointer after struct sockaddr_can */
116 return (unsigned int *)(&((struct sockaddr_can *)skb->cb)[1]);
117 }
118
119 static inline struct raw_sock *raw_sk(const struct sock *sk)
120 {
121 return (struct raw_sock *)sk;
122 }
123
124 static void raw_rcv(struct sk_buff *oskb, void *data)
125 {
126 struct sock *sk = (struct sock *)data;
127 struct raw_sock *ro = raw_sk(sk);
128 struct sockaddr_can *addr;
129 struct sk_buff *skb;
130 unsigned int *pflags;
131
132 /* check the received tx sock reference */
133 if (!ro->recv_own_msgs && oskb->sk == sk)
134 return;
135
136 /* make sure to not pass oversized frames to the socket */
137 if ((!ro->fd_frames && can_is_canfd_skb(oskb)) ||
138 (!ro->xl_frames && can_is_canxl_skb(oskb)))
139 return;
140
141 /* eliminate multiple filter matches for the same skb */
142 if (this_cpu_ptr(ro->uniq)->skb == oskb &&
143 this_cpu_ptr(ro->uniq)->skbcnt == can_skb_prv(oskb)->skbcnt) {
144 if (!ro->join_filters)
145 return;
146
147 this_cpu_inc(ro->uniq->join_rx_count);
148 /* drop frame until all enabled filters matched */
149 if (this_cpu_ptr(ro->uniq)->join_rx_count < ro->count)
150 return;
151 } else {
152 this_cpu_ptr(ro->uniq)->skb = oskb;
153 this_cpu_ptr(ro->uniq)->skbcnt = can_skb_prv(oskb)->skbcnt;
154 this_cpu_ptr(ro->uniq)->join_rx_count = 1;
155 /* drop first frame to check all enabled filters? */
156 if (ro->join_filters && ro->count > 1)
157 return;
158 }
159
160 /* clone the given skb to be able to enqueue it into the rcv queue */
161 skb = skb_clone(oskb, GFP_ATOMIC);
162 if (!skb)
163 return;
164
165 /* Put the datagram to the queue so that raw_recvmsg() can get
166 * it from there. We need to pass the interface index to
167 * raw_recvmsg(). We pass a whole struct sockaddr_can in
168 * skb->cb containing the interface index.
169 */
170
171 sock_skb_cb_check_size(sizeof(struct sockaddr_can));
172 addr = (struct sockaddr_can *)skb->cb;
173 memset(addr, 0, sizeof(*addr));
174 addr->can_family = AF_CAN;
175 addr->can_ifindex = skb->dev->ifindex;
176
177 /* add CAN specific message flags for raw_recvmsg() */
178 pflags = raw_flags(skb);
179 *pflags = 0;
180 if (oskb->sk)
181 *pflags |= MSG_DONTROUTE;
182 if (oskb->sk == sk)
183 *pflags |= MSG_CONFIRM;
184
185 if (sock_queue_rcv_skb(sk, skb) < 0)
186 kfree_skb(skb);
187 }
188
189 static int raw_enable_filters(struct net *net, struct net_device *dev,
190 struct sock *sk, struct can_filter *filter,
191 int count)
192 {
193 int err = 0;
194 int i;
195
196 for (i = 0; i < count; i++) {
197 err = can_rx_register(net, dev, filter[i].can_id,
198 filter[i].can_mask,
199 raw_rcv, sk, "raw", sk);
200 if (err) {
201 /* clean up successfully registered filters */
202 while (--i >= 0)
203 can_rx_unregister(net, dev, filter[i].can_id,
204 filter[i].can_mask,
205 raw_rcv, sk);
206 break;
207 }
208 }
209
210 return err;
211 }
212
213 static int raw_enable_errfilter(struct net *net, struct net_device *dev,
214 struct sock *sk, can_err_mask_t err_mask)
215 {
216 int err = 0;
217
218 if (err_mask)
219 err = can_rx_register(net, dev, 0, err_mask | CAN_ERR_FLAG,
220 raw_rcv, sk, "raw", sk);
221
222 return err;
223 }
224
225 static void raw_disable_filters(struct net *net, struct net_device *dev,
226 struct sock *sk, struct can_filter *filter,
227 int count)
228 {
229 int i;
230
231 for (i = 0; i < count; i++)
232 can_rx_unregister(net, dev, filter[i].can_id,
233 filter[i].can_mask, raw_rcv, sk);
234 }
235
236 static inline void raw_disable_errfilter(struct net *net,
237 struct net_device *dev,
238 struct sock *sk,
239 can_err_mask_t err_mask)
240
241 {
242 if (err_mask)
243 can_rx_unregister(net, dev, 0, err_mask | CAN_ERR_FLAG,
244 raw_rcv, sk);
245 }
246
247 static inline void raw_disable_allfilters(struct net *net,
248 struct net_device *dev,
249 struct sock *sk)
250 {
251 struct raw_sock *ro = raw_sk(sk);
252
253 raw_disable_filters(net, dev, sk, ro->filter, ro->count);
254 raw_disable_errfilter(net, dev, sk, ro->err_mask);
255 }
256
257 static int raw_enable_allfilters(struct net *net, struct net_device *dev,
258 struct sock *sk)
259 {
260 struct raw_sock *ro = raw_sk(sk);
261 int err;
262
263 err = raw_enable_filters(net, dev, sk, ro->filter, ro->count);
264 if (!err) {
265 err = raw_enable_errfilter(net, dev, sk, ro->err_mask);
266 if (err)
267 raw_disable_filters(net, dev, sk, ro->filter,
268 ro->count);
269 }
270
271 return err;
272 }
273
274 static void raw_notify(struct raw_sock *ro, unsigned long msg,
275 struct net_device *dev)
276 {
277 struct sock *sk = &ro->sk;
278
279 if (!net_eq(dev_net(dev), sock_net(sk)))
280 return;
281
282 if (ro->dev != dev)
283 return;
284
285 switch (msg) {
286 case NETDEV_UNREGISTER:
287 lock_sock(sk);
288 /* remove current filters & unregister */
289 if (ro->bound) {
290 raw_disable_allfilters(dev_net(dev), dev, sk);
291 netdev_put(dev, &ro->dev_tracker);
292 }
293
294 if (ro->count > 1)
295 kfree(ro->filter);
296
297 ro->ifindex = 0;
298 ro->bound = 0;
299 ro->dev = NULL;
300 ro->count = 0;
301 release_sock(sk);
302
303 sk->sk_err = ENODEV;
304 if (!sock_flag(sk, SOCK_DEAD))
305 sk_error_report(sk);
306 break;
307
308 case NETDEV_DOWN:
309 sk->sk_err = ENETDOWN;
310 if (!sock_flag(sk, SOCK_DEAD))
311 sk_error_report(sk);
312 break;
313 }
314 }
315
316 static int raw_notifier(struct notifier_block *nb, unsigned long msg,
317 void *ptr)
318 {
319 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
320
321 if (dev->type != ARPHRD_CAN)
322 return NOTIFY_DONE;
323 if (msg != NETDEV_UNREGISTER && msg != NETDEV_DOWN)
324 return NOTIFY_DONE;
325 if (unlikely(raw_busy_notifier)) /* Check for reentrant bug. */
326 return NOTIFY_DONE;
327
328 spin_lock(&raw_notifier_lock);
329 list_for_each_entry(raw_busy_notifier, &raw_notifier_list, notifier) {
330 spin_unlock(&raw_notifier_lock);
331 raw_notify(raw_busy_notifier, msg, dev);
332 spin_lock(&raw_notifier_lock);
333 }
334 raw_busy_notifier = NULL;
335 spin_unlock(&raw_notifier_lock);
336 return NOTIFY_DONE;
337 }
338
339 static int raw_init(struct sock *sk)
340 {
341 struct raw_sock *ro = raw_sk(sk);
342
343 ro->bound = 0;
344 ro->ifindex = 0;
345 ro->dev = NULL;
346
347 /* set default filter to single entry dfilter */
348 ro->dfilter.can_id = 0;
349 ro->dfilter.can_mask = MASK_ALL;
350 ro->filter = &ro->dfilter;
351 ro->count = 1;
352
353 /* set default loopback behaviour */
354 ro->loopback = 1;
355 ro->recv_own_msgs = 0;
356 ro->fd_frames = 0;
357 ro->xl_frames = 0;
358 ro->join_filters = 0;
359
360 /* alloc_percpu provides zero'ed memory */
361 ro->uniq = alloc_percpu(struct uniqframe);
362 if (unlikely(!ro->uniq))
363 return -ENOMEM;
364
365 /* set notifier */
366 spin_lock(&raw_notifier_lock);
367 list_add_tail(&ro->notifier, &raw_notifier_list);
368 spin_unlock(&raw_notifier_lock);
369
370 return 0;
371 }
372
373 static int raw_release(struct socket *sock)
374 {
375 struct sock *sk = sock->sk;
376 struct raw_sock *ro;
377
378 if (!sk)
379 return 0;
380
381 ro = raw_sk(sk);
382
383 spin_lock(&raw_notifier_lock);
384 while (raw_busy_notifier == ro) {
385 spin_unlock(&raw_notifier_lock);
386 schedule_timeout_uninterruptible(1);
387 spin_lock(&raw_notifier_lock);
388 }
389 list_del(&ro->notifier);
390 spin_unlock(&raw_notifier_lock);
391
392 rtnl_lock();
393 lock_sock(sk);
394
395 /* remove current filters & unregister */
396 if (ro->bound) {
397 if (ro->dev) {
398 raw_disable_allfilters(dev_net(ro->dev), ro->dev, sk);
399 netdev_put(ro->dev, &ro->dev_tracker);
400 } else {
401 raw_disable_allfilters(sock_net(sk), NULL, sk);
402 }
403 }
404
405 if (ro->count > 1)
406 kfree(ro->filter);
407
408 ro->ifindex = 0;
409 ro->bound = 0;
410 ro->dev = NULL;
411 ro->count = 0;
412 free_percpu(ro->uniq);
413
414 sock_orphan(sk);
415 sock->sk = NULL;
416
417 release_sock(sk);
418 rtnl_unlock();
419
420 sock_put(sk);
421
422 return 0;
423 }
424
425 static int raw_bind(struct socket *sock, struct sockaddr *uaddr, int len)
426 {
427 struct sockaddr_can *addr = (struct sockaddr_can *)uaddr;
428 struct sock *sk = sock->sk;
429 struct raw_sock *ro = raw_sk(sk);
430 struct net_device *dev = NULL;
431 int ifindex;
432 int err = 0;
433 int notify_enetdown = 0;
434
435 if (len < RAW_MIN_NAMELEN)
436 return -EINVAL;
437 if (addr->can_family != AF_CAN)
438 return -EINVAL;
439
440 rtnl_lock();
441 lock_sock(sk);
442
443 if (ro->bound && addr->can_ifindex == ro->ifindex)
444 goto out;
445
446 if (addr->can_ifindex) {
447 dev = dev_get_by_index(sock_net(sk), addr->can_ifindex);
448 if (!dev) {
449 err = -ENODEV;
450 goto out;
451 }
452 if (dev->type != ARPHRD_CAN) {
453 err = -ENODEV;
454 goto out_put_dev;
455 }
456
457 if (!(dev->flags & IFF_UP))
458 notify_enetdown = 1;
459
460 ifindex = dev->ifindex;
461
462 /* filters set by default/setsockopt */
463 err = raw_enable_allfilters(sock_net(sk), dev, sk);
464 if (err)
465 goto out_put_dev;
466
467 } else {
468 ifindex = 0;
469
470 /* filters set by default/setsockopt */
471 err = raw_enable_allfilters(sock_net(sk), NULL, sk);
472 }
473
474 if (!err) {
475 if (ro->bound) {
476 /* unregister old filters */
477 if (ro->dev) {
478 raw_disable_allfilters(dev_net(ro->dev),
479 ro->dev, sk);
480 /* drop reference to old ro->dev */
481 netdev_put(ro->dev, &ro->dev_tracker);
482 } else {
483 raw_disable_allfilters(sock_net(sk), NULL, sk);
484 }
485 }
486 ro->ifindex = ifindex;
487 ro->bound = 1;
488 /* bind() ok -> hold a reference for new ro->dev */
489 ro->dev = dev;
490 if (ro->dev)
491 netdev_hold(ro->dev, &ro->dev_tracker, GFP_KERNEL);
492 }
493
494 out_put_dev:
495 /* remove potential reference from dev_get_by_index() */
496 if (dev)
497 dev_put(dev);
498 out:
499 release_sock(sk);
500 rtnl_unlock();
501
502 if (notify_enetdown) {
503 sk->sk_err = ENETDOWN;
504 if (!sock_flag(sk, SOCK_DEAD))
505 sk_error_report(sk);
506 }
507
508 return err;
509 }
510
511 static int raw_getname(struct socket *sock, struct sockaddr *uaddr,
512 int peer)
513 {
514 struct sockaddr_can *addr = (struct sockaddr_can *)uaddr;
515 struct sock *sk = sock->sk;
516 struct raw_sock *ro = raw_sk(sk);
517
518 if (peer)
519 return -EOPNOTSUPP;
520
521 memset(addr, 0, RAW_MIN_NAMELEN);
522 addr->can_family = AF_CAN;
523 addr->can_ifindex = ro->ifindex;
524
525 return RAW_MIN_NAMELEN;
526 }
527
528 static int raw_setsockopt(struct socket *sock, int level, int optname,
529 sockptr_t optval, unsigned int optlen)
530 {
531 struct sock *sk = sock->sk;
532 struct raw_sock *ro = raw_sk(sk);
533 struct can_filter *filter = NULL; /* dyn. alloc'ed filters */
534 struct can_filter sfilter; /* single filter */
535 struct net_device *dev = NULL;
536 can_err_mask_t err_mask = 0;
537 int fd_frames;
538 int count = 0;
539 int err = 0;
540
541 if (level != SOL_CAN_RAW)
542 return -EINVAL;
543
544 switch (optname) {
545 case CAN_RAW_FILTER:
546 if (optlen % sizeof(struct can_filter) != 0)
547 return -EINVAL;
548
549 if (optlen > CAN_RAW_FILTER_MAX * sizeof(struct can_filter))
550 return -EINVAL;
551
552 count = optlen / sizeof(struct can_filter);
553
554 if (count > 1) {
555 /* filter does not fit into dfilter => alloc space */
556 filter = memdup_sockptr(optval, optlen);
557 if (IS_ERR(filter))
558 return PTR_ERR(filter);
559 } else if (count == 1) {
560 if (copy_from_sockptr(&sfilter, optval, sizeof(sfilter)))
561 return -EFAULT;
562 }
563
564 rtnl_lock();
565 lock_sock(sk);
566
567 dev = ro->dev;
568 if (ro->bound && dev) {
569 if (dev->reg_state != NETREG_REGISTERED) {
570 if (count > 1)
571 kfree(filter);
572 err = -ENODEV;
573 goto out_fil;
574 }
575 }
576
577 if (ro->bound) {
578 /* (try to) register the new filters */
579 if (count == 1)
580 err = raw_enable_filters(sock_net(sk), dev, sk,
581 &sfilter, 1);
582 else
583 err = raw_enable_filters(sock_net(sk), dev, sk,
584 filter, count);
585 if (err) {
586 if (count > 1)
587 kfree(filter);
588 goto out_fil;
589 }
590
591 /* remove old filter registrations */
592 raw_disable_filters(sock_net(sk), dev, sk, ro->filter,
593 ro->count);
594 }
595
596 /* remove old filter space */
597 if (ro->count > 1)
598 kfree(ro->filter);
599
600 /* link new filters to the socket */
601 if (count == 1) {
602 /* copy filter data for single filter */
603 ro->dfilter = sfilter;
604 filter = &ro->dfilter;
605 }
606 ro->filter = filter;
607 ro->count = count;
608
609 out_fil:
610 release_sock(sk);
611 rtnl_unlock();
612
613 break;
614
615 case CAN_RAW_ERR_FILTER:
616 if (optlen != sizeof(err_mask))
617 return -EINVAL;
618
619 if (copy_from_sockptr(&err_mask, optval, optlen))
620 return -EFAULT;
621
622 err_mask &= CAN_ERR_MASK;
623
624 rtnl_lock();
625 lock_sock(sk);
626
627 dev = ro->dev;
628 if (ro->bound && dev) {
629 if (dev->reg_state != NETREG_REGISTERED) {
630 err = -ENODEV;
631 goto out_err;
632 }
633 }
634
635 /* remove current error mask */
636 if (ro->bound) {
637 /* (try to) register the new err_mask */
638 err = raw_enable_errfilter(sock_net(sk), dev, sk,
639 err_mask);
640
641 if (err)
642 goto out_err;
643
644 /* remove old err_mask registration */
645 raw_disable_errfilter(sock_net(sk), dev, sk,
646 ro->err_mask);
647 }
648
649 /* link new err_mask to the socket */
650 ro->err_mask = err_mask;
651
652 out_err:
653 release_sock(sk);
654 rtnl_unlock();
655
656 break;
657
658 case CAN_RAW_LOOPBACK:
659 if (optlen != sizeof(ro->loopback))
660 return -EINVAL;
661
662 if (copy_from_sockptr(&ro->loopback, optval, optlen))
663 return -EFAULT;
664
665 break;
666
667 case CAN_RAW_RECV_OWN_MSGS:
668 if (optlen != sizeof(ro->recv_own_msgs))
669 return -EINVAL;
670
671 if (copy_from_sockptr(&ro->recv_own_msgs, optval, optlen))
672 return -EFAULT;
673
674 break;
675
676 case CAN_RAW_FD_FRAMES:
677 if (optlen != sizeof(fd_frames))
678 return -EINVAL;
679
680 if (copy_from_sockptr(&fd_frames, optval, optlen))
681 return -EFAULT;
682
683 /* Enabling CAN XL includes CAN FD */
684 if (ro->xl_frames && !fd_frames)
685 return -EINVAL;
686
687 ro->fd_frames = fd_frames;
688 break;
689
690 case CAN_RAW_XL_FRAMES:
691 if (optlen != sizeof(ro->xl_frames))
692 return -EINVAL;
693
694 if (copy_from_sockptr(&ro->xl_frames, optval, optlen))
695 return -EFAULT;
696
697 /* Enabling CAN XL includes CAN FD */
698 if (ro->xl_frames)
699 ro->fd_frames = ro->xl_frames;
700 break;
701
702 case CAN_RAW_JOIN_FILTERS:
703 if (optlen != sizeof(ro->join_filters))
704 return -EINVAL;
705
706 if (copy_from_sockptr(&ro->join_filters, optval, optlen))
707 return -EFAULT;
708
709 break;
710
711 default:
712 return -ENOPROTOOPT;
713 }
714 return err;
715 }
716
717 static int raw_getsockopt(struct socket *sock, int level, int optname,
718 char __user *optval, int __user *optlen)
719 {
720 struct sock *sk = sock->sk;
721 struct raw_sock *ro = raw_sk(sk);
722 int len;
723 void *val;
724 int err = 0;
725
726 if (level != SOL_CAN_RAW)
727 return -EINVAL;
728 if (get_user(len, optlen))
729 return -EFAULT;
730 if (len < 0)
731 return -EINVAL;
732
733 switch (optname) {
734 case CAN_RAW_FILTER:
735 lock_sock(sk);
736 if (ro->count > 0) {
737 int fsize = ro->count * sizeof(struct can_filter);
738
739 /* user space buffer to small for filter list? */
740 if (len < fsize) {
741 /* return -ERANGE and needed space in optlen */
742 err = -ERANGE;
743 if (put_user(fsize, optlen))
744 err = -EFAULT;
745 } else {
746 if (len > fsize)
747 len = fsize;
748 if (copy_to_user(optval, ro->filter, len))
749 err = -EFAULT;
750 }
751 } else {
752 len = 0;
753 }
754 release_sock(sk);
755
756 if (!err)
757 err = put_user(len, optlen);
758 return err;
759
760 case CAN_RAW_ERR_FILTER:
761 if (len > sizeof(can_err_mask_t))
762 len = sizeof(can_err_mask_t);
763 val = &ro->err_mask;
764 break;
765
766 case CAN_RAW_LOOPBACK:
767 if (len > sizeof(int))
768 len = sizeof(int);
769 val = &ro->loopback;
770 break;
771
772 case CAN_RAW_RECV_OWN_MSGS:
773 if (len > sizeof(int))
774 len = sizeof(int);
775 val = &ro->recv_own_msgs;
776 break;
777
778 case CAN_RAW_FD_FRAMES:
779 if (len > sizeof(int))
780 len = sizeof(int);
781 val = &ro->fd_frames;
782 break;
783
784 case CAN_RAW_XL_FRAMES:
785 if (len > sizeof(int))
786 len = sizeof(int);
787 val = &ro->xl_frames;
788 break;
789
790 case CAN_RAW_JOIN_FILTERS:
791 if (len > sizeof(int))
792 len = sizeof(int);
793 val = &ro->join_filters;
794 break;
795
796 default:
797 return -ENOPROTOOPT;
798 }
799
800 if (put_user(len, optlen))
801 return -EFAULT;
802 if (copy_to_user(optval, val, len))
803 return -EFAULT;
804 return 0;
805 }
806
807 static bool raw_bad_txframe(struct raw_sock *ro, struct sk_buff *skb, int mtu)
808 {
809 /* Classical CAN -> no checks for flags and device capabilities */
810 if (can_is_can_skb(skb))
811 return false;
812
813 /* CAN FD -> needs to be enabled and a CAN FD or CAN XL device */
814 if (ro->fd_frames && can_is_canfd_skb(skb) &&
815 (mtu == CANFD_MTU || can_is_canxl_dev_mtu(mtu)))
816 return false;
817
818 /* CAN XL -> needs to be enabled and a CAN XL device */
819 if (ro->xl_frames && can_is_canxl_skb(skb) &&
820 can_is_canxl_dev_mtu(mtu))
821 return false;
822
823 return true;
824 }
825
826 static int raw_sendmsg(struct socket *sock, struct msghdr *msg, size_t size)
827 {
828 struct sock *sk = sock->sk;
829 struct raw_sock *ro = raw_sk(sk);
830 struct sockcm_cookie sockc;
831 struct sk_buff *skb;
832 struct net_device *dev;
833 int ifindex;
834 int err = -EINVAL;
835
836 /* check for valid CAN frame sizes */
837 if (size < CANXL_HDR_SIZE + CANXL_MIN_DLEN || size > CANXL_MTU)
838 return -EINVAL;
839
840 if (msg->msg_name) {
841 DECLARE_SOCKADDR(struct sockaddr_can *, addr, msg->msg_name);
842
843 if (msg->msg_namelen < RAW_MIN_NAMELEN)
844 return -EINVAL;
845
846 if (addr->can_family != AF_CAN)
847 return -EINVAL;
848
849 ifindex = addr->can_ifindex;
850 } else {
851 ifindex = ro->ifindex;
852 }
853
854 dev = dev_get_by_index(sock_net(sk), ifindex);
855 if (!dev)
856 return -ENXIO;
857
858 skb = sock_alloc_send_skb(sk, size + sizeof(struct can_skb_priv),
859 msg->msg_flags & MSG_DONTWAIT, &err);
860 if (!skb)
861 goto put_dev;
862
863 can_skb_reserve(skb);
864 can_skb_prv(skb)->ifindex = dev->ifindex;
865 can_skb_prv(skb)->skbcnt = 0;
866
867 /* fill the skb before testing for valid CAN frames */
868 err = memcpy_from_msg(skb_put(skb, size), msg, size);
869 if (err < 0)
870 goto free_skb;
871
872 err = -EINVAL;
873 if (raw_bad_txframe(ro, skb, dev->mtu))
874 goto free_skb;
875
876 sockcm_init(&sockc, sk);
877 if (msg->msg_controllen) {
878 err = sock_cmsg_send(sk, msg, &sockc);
879 if (unlikely(err))
880 goto free_skb;
881 }
882
883 skb->dev = dev;
884 skb->priority = sk->sk_priority;
885 skb->mark = READ_ONCE(sk->sk_mark);
886 skb->tstamp = sockc.transmit_time;
887
888 skb_setup_tx_timestamp(skb, sockc.tsflags);
889
890 err = can_send(skb, ro->loopback);
891
892 dev_put(dev);
893
894 if (err)
895 goto send_failed;
896
897 return size;
898
899 free_skb:
900 kfree_skb(skb);
901 put_dev:
902 dev_put(dev);
903 send_failed:
904 return err;
905 }
906
907 static int raw_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,
908 int flags)
909 {
910 struct sock *sk = sock->sk;
911 struct sk_buff *skb;
912 int err = 0;
913
914 if (flags & MSG_ERRQUEUE)
915 return sock_recv_errqueue(sk, msg, size,
916 SOL_CAN_RAW, SCM_CAN_RAW_ERRQUEUE);
917
918 skb = skb_recv_datagram(sk, flags, &err);
919 if (!skb)
920 return err;
921
922 if (size < skb->len)
923 msg->msg_flags |= MSG_TRUNC;
924 else
925 size = skb->len;
926
927 err = memcpy_to_msg(msg, skb->data, size);
928 if (err < 0) {
929 skb_free_datagram(sk, skb);
930 return err;
931 }
932
933 sock_recv_cmsgs(msg, sk, skb);
934
935 if (msg->msg_name) {
936 __sockaddr_check_size(RAW_MIN_NAMELEN);
937 msg->msg_namelen = RAW_MIN_NAMELEN;
938 memcpy(msg->msg_name, skb->cb, msg->msg_namelen);
939 }
940
941 /* assign the flags that have been recorded in raw_rcv() */
942 msg->msg_flags |= *(raw_flags(skb));
943
944 skb_free_datagram(sk, skb);
945
946 return size;
947 }
948
949 static int raw_sock_no_ioctlcmd(struct socket *sock, unsigned int cmd,
950 unsigned long arg)
951 {
952 /* no ioctls for socket layer -> hand it down to NIC layer */
953 return -ENOIOCTLCMD;
954 }
955
956 static const struct proto_ops raw_ops = {
957 .family = PF_CAN,
958 .release = raw_release,
959 .bind = raw_bind,
960 .connect = sock_no_connect,
961 .socketpair = sock_no_socketpair,
962 .accept = sock_no_accept,
963 .getname = raw_getname,
964 .poll = datagram_poll,
965 .ioctl = raw_sock_no_ioctlcmd,
966 .gettstamp = sock_gettstamp,
967 .listen = sock_no_listen,
968 .shutdown = sock_no_shutdown,
969 .setsockopt = raw_setsockopt,
970 .getsockopt = raw_getsockopt,
971 .sendmsg = raw_sendmsg,
972 .recvmsg = raw_recvmsg,
973 .mmap = sock_no_mmap,
974 };
975
976 static struct proto raw_proto __read_mostly = {
977 .name = "CAN_RAW",
978 .owner = THIS_MODULE,
979 .obj_size = sizeof(struct raw_sock),
980 .init = raw_init,
981 };
982
983 static const struct can_proto raw_can_proto = {
984 .type = SOCK_RAW,
985 .protocol = CAN_RAW,
986 .ops = &raw_ops,
987 .prot = &raw_proto,
988 };
989
990 static struct notifier_block canraw_notifier = {
991 .notifier_call = raw_notifier
992 };
993
994 static __init int raw_module_init(void)
995 {
996 int err;
997
998 pr_info("can: raw protocol\n");
999
1000 err = register_netdevice_notifier(&canraw_notifier);
1001 if (err)
1002 return err;
1003
1004 err = can_proto_register(&raw_can_proto);
1005 if (err < 0) {
1006 pr_err("can: registration of raw protocol failed\n");
1007 goto register_proto_failed;
1008 }
1009
1010 return 0;
1011
1012 register_proto_failed:
1013 unregister_netdevice_notifier(&canraw_notifier);
1014 return err;
1015 }
1016
1017 static __exit void raw_module_exit(void)
1018 {
1019 can_proto_unregister(&raw_can_proto);
1020 unregister_netdevice_notifier(&canraw_notifier);
1021 }
1022
1023 module_init(raw_module_init);
1024 module_exit(raw_module_exit);
Ubuntu combined Linux kernel mirror