search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
drm/tests: hdmi: Fix memory leaks in drm_display_mode_from_cea_vic()
[drm/drm-misc.git] / net / unix / diag.c
blob9138af8b465e0e533f584ab92b7e75dfdedcaee3
1 // SPDX-License-Identifier: GPL-2.0-only
2 #include <linux/types.h>
3 #include <linux/spinlock.h>
4 #include <linux/sock_diag.h>
5 #include <linux/unix_diag.h>
6 #include <linux/skbuff.h>
7 #include <linux/module.h>
8 #include <linux/uidgid.h>
9 #include <net/netlink.h>
10 #include <net/af_unix.h>
11 #include <net/tcp_states.h>
12 #include <net/sock.h>
13
14 static int sk_diag_dump_name(struct sock *sk, struct sk_buff *nlskb)
15 {
16 /* might or might not have a hash table lock */
17 struct unix_address *addr = smp_load_acquire(&unix_sk(sk)->addr);
18
19 if (!addr)
20 return 0;
21
22 return nla_put(nlskb, UNIX_DIAG_NAME,
23 addr->len - offsetof(struct sockaddr_un, sun_path),
24 addr->name->sun_path);
25 }
26
27 static int sk_diag_dump_vfs(struct sock *sk, struct sk_buff *nlskb)
28 {
29 struct dentry *dentry = unix_sk(sk)->path.dentry;
30
31 if (dentry) {
32 struct unix_diag_vfs uv = {
33 .udiag_vfs_ino = d_backing_inode(dentry)->i_ino,
34 .udiag_vfs_dev = dentry->d_sb->s_dev,
35 };
36
37 return nla_put(nlskb, UNIX_DIAG_VFS, sizeof(uv), &uv);
38 }
39
40 return 0;
41 }
42
43 static int sk_diag_dump_peer(struct sock *sk, struct sk_buff *nlskb)
44 {
45 struct sock *peer;
46 int ino;
47
48 peer = unix_peer_get(sk);
49 if (peer) {
50 ino = sock_i_ino(peer);
51 sock_put(peer);
52
53 return nla_put_u32(nlskb, UNIX_DIAG_PEER, ino);
54 }
55
56 return 0;
57 }
58
59 static int sk_diag_dump_icons(struct sock *sk, struct sk_buff *nlskb)
60 {
61 struct sk_buff *skb;
62 struct nlattr *attr;
63 u32 *buf;
64 int i;
65
66 if (READ_ONCE(sk->sk_state) == TCP_LISTEN) {
67 spin_lock(&sk->sk_receive_queue.lock);
68
69 attr = nla_reserve(nlskb, UNIX_DIAG_ICONS,
70 sk->sk_receive_queue.qlen * sizeof(u32));
71 if (!attr)
72 goto errout;
73
74 buf = nla_data(attr);
75 i = 0;
76 skb_queue_walk(&sk->sk_receive_queue, skb)
77 buf[i++] = sock_i_ino(unix_peer(skb->sk));
78
79 spin_unlock(&sk->sk_receive_queue.lock);
80 }
81
82 return 0;
83
84 errout:
85 spin_unlock(&sk->sk_receive_queue.lock);
86 return -EMSGSIZE;
87 }
88
89 static int sk_diag_show_rqlen(struct sock *sk, struct sk_buff *nlskb)
90 {
91 struct unix_diag_rqlen rql;
92
93 if (READ_ONCE(sk->sk_state) == TCP_LISTEN) {
94 rql.udiag_rqueue = skb_queue_len_lockless(&sk->sk_receive_queue);
95 rql.udiag_wqueue = sk->sk_max_ack_backlog;
96 } else {
97 rql.udiag_rqueue = (u32) unix_inq_len(sk);
98 rql.udiag_wqueue = (u32) unix_outq_len(sk);
99 }
100
101 return nla_put(nlskb, UNIX_DIAG_RQLEN, sizeof(rql), &rql);
102 }
103
104 static int sk_diag_dump_uid(struct sock *sk, struct sk_buff *nlskb,
105 struct user_namespace *user_ns)
106 {
107 uid_t uid = from_kuid_munged(user_ns, sock_i_uid(sk));
108 return nla_put(nlskb, UNIX_DIAG_UID, sizeof(uid_t), &uid);
109 }
110
111 static int sk_diag_fill(struct sock *sk, struct sk_buff *skb, struct unix_diag_req *req,
112 struct user_namespace *user_ns,
113 u32 portid, u32 seq, u32 flags, int sk_ino)
114 {
115 struct nlmsghdr *nlh;
116 struct unix_diag_msg *rep;
117
118 nlh = nlmsg_put(skb, portid, seq, SOCK_DIAG_BY_FAMILY, sizeof(*rep),
119 flags);
120 if (!nlh)
121 return -EMSGSIZE;
122
123 rep = nlmsg_data(nlh);
124 rep->udiag_family = AF_UNIX;
125 rep->udiag_type = sk->sk_type;
126 rep->udiag_state = READ_ONCE(sk->sk_state);
127 rep->pad = 0;
128 rep->udiag_ino = sk_ino;
129 sock_diag_save_cookie(sk, rep->udiag_cookie);
130
131 if ((req->udiag_show & UDIAG_SHOW_NAME) &&
132 sk_diag_dump_name(sk, skb))
133 goto out_nlmsg_trim;
134
135 if ((req->udiag_show & UDIAG_SHOW_VFS) &&
136 sk_diag_dump_vfs(sk, skb))
137 goto out_nlmsg_trim;
138
139 if ((req->udiag_show & UDIAG_SHOW_PEER) &&
140 sk_diag_dump_peer(sk, skb))
141 goto out_nlmsg_trim;
142
143 if ((req->udiag_show & UDIAG_SHOW_ICONS) &&
144 sk_diag_dump_icons(sk, skb))
145 goto out_nlmsg_trim;
146
147 if ((req->udiag_show & UDIAG_SHOW_RQLEN) &&
148 sk_diag_show_rqlen(sk, skb))
149 goto out_nlmsg_trim;
150
151 if ((req->udiag_show & UDIAG_SHOW_MEMINFO) &&
152 sock_diag_put_meminfo(sk, skb, UNIX_DIAG_MEMINFO))
153 goto out_nlmsg_trim;
154
155 if (nla_put_u8(skb, UNIX_DIAG_SHUTDOWN, READ_ONCE(sk->sk_shutdown)))
156 goto out_nlmsg_trim;
157
158 if ((req->udiag_show & UDIAG_SHOW_UID) &&
159 sk_diag_dump_uid(sk, skb, user_ns))
160 goto out_nlmsg_trim;
161
162 nlmsg_end(skb, nlh);
163 return 0;
164
165 out_nlmsg_trim:
166 nlmsg_cancel(skb, nlh);
167 return -EMSGSIZE;
168 }
169
170 static int unix_diag_dump(struct sk_buff *skb, struct netlink_callback *cb)
171 {
172 struct net *net = sock_net(skb->sk);
173 int num, s_num, slot, s_slot;
174 struct unix_diag_req *req;
175
176 req = nlmsg_data(cb->nlh);
177
178 s_slot = cb->args[0];
179 num = s_num = cb->args[1];
180
181 for (slot = s_slot; slot < UNIX_HASH_SIZE; s_num = 0, slot++) {
182 struct sock *sk;
183
184 num = 0;
185 spin_lock(&net->unx.table.locks[slot]);
186 sk_for_each(sk, &net->unx.table.buckets[slot]) {
187 int sk_ino;
188
189 if (num < s_num)
190 goto next;
191
192 if (!(req->udiag_states & (1 << READ_ONCE(sk->sk_state))))
193 goto next;
194
195 sk_ino = sock_i_ino(sk);
196 if (!sk_ino)
197 goto next;
198
199 if (sk_diag_fill(sk, skb, req, sk_user_ns(skb->sk),
200 NETLINK_CB(cb->skb).portid,
201 cb->nlh->nlmsg_seq,
202 NLM_F_MULTI, sk_ino) < 0) {
203 spin_unlock(&net->unx.table.locks[slot]);
204 goto done;
205 }
206 next:
207 num++;
208 }
209 spin_unlock(&net->unx.table.locks[slot]);
210 }
211 done:
212 cb->args[0] = slot;
213 cb->args[1] = num;
214
215 return skb->len;
216 }
217
218 static struct sock *unix_lookup_by_ino(struct net *net, unsigned int ino)
219 {
220 struct sock *sk;
221 int i;
222
223 for (i = 0; i < UNIX_HASH_SIZE; i++) {
224 spin_lock(&net->unx.table.locks[i]);
225 sk_for_each(sk, &net->unx.table.buckets[i]) {
226 if (ino == sock_i_ino(sk)) {
227 sock_hold(sk);
228 spin_unlock(&net->unx.table.locks[i]);
229 return sk;
230 }
231 }
232 spin_unlock(&net->unx.table.locks[i]);
233 }
234 return NULL;
235 }
236
237 static int unix_diag_get_exact(struct sk_buff *in_skb,
238 const struct nlmsghdr *nlh,
239 struct unix_diag_req *req)
240 {
241 struct net *net = sock_net(in_skb->sk);
242 unsigned int extra_len;
243 struct sk_buff *rep;
244 struct sock *sk;
245 int err;
246
247 err = -EINVAL;
248 if (req->udiag_ino == 0)
249 goto out_nosk;
250
251 sk = unix_lookup_by_ino(net, req->udiag_ino);
252 err = -ENOENT;
253 if (sk == NULL)
254 goto out_nosk;
255
256 err = sock_diag_check_cookie(sk, req->udiag_cookie);
257 if (err)
258 goto out;
259
260 extra_len = 256;
261 again:
262 err = -ENOMEM;
263 rep = nlmsg_new(sizeof(struct unix_diag_msg) + extra_len, GFP_KERNEL);
264 if (!rep)
265 goto out;
266
267 err = sk_diag_fill(sk, rep, req, sk_user_ns(NETLINK_CB(in_skb).sk),
268 NETLINK_CB(in_skb).portid,
269 nlh->nlmsg_seq, 0, req->udiag_ino);
270 if (err < 0) {
271 nlmsg_free(rep);
272 extra_len += 256;
273 if (extra_len >= PAGE_SIZE)
274 goto out;
275
276 goto again;
277 }
278 err = nlmsg_unicast(net->diag_nlsk, rep, NETLINK_CB(in_skb).portid);
279
280 out:
281 if (sk)
282 sock_put(sk);
283 out_nosk:
284 return err;
285 }
286
287 static int unix_diag_handler_dump(struct sk_buff *skb, struct nlmsghdr *h)
288 {
289 int hdrlen = sizeof(struct unix_diag_req);
290
291 if (nlmsg_len(h) < hdrlen)
292 return -EINVAL;
293
294 if (h->nlmsg_flags & NLM_F_DUMP) {
295 struct netlink_dump_control c = {
296 .dump = unix_diag_dump,
297 };
298 return netlink_dump_start(sock_net(skb->sk)->diag_nlsk, skb, h, &c);
299 } else
300 return unix_diag_get_exact(skb, h, nlmsg_data(h));
301 }
302
303 static const struct sock_diag_handler unix_diag_handler = {
304 .owner = THIS_MODULE,
305 .family = AF_UNIX,
306 .dump = unix_diag_handler_dump,
307 };
308
309 static int __init unix_diag_init(void)
310 {
311 return sock_diag_register(&unix_diag_handler);
312 }
313
314 static void __exit unix_diag_exit(void)
315 {
316 sock_diag_unregister(&unix_diag_handler);
317 }
318
319 module_init(unix_diag_init);
320 module_exit(unix_diag_exit);
321 MODULE_LICENSE("GPL");
322 MODULE_DESCRIPTION("UNIX socket monitoring via SOCK_DIAG");
323 MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_NETLINK, NETLINK_SOCK_DIAG, 1 /* AF_LOCAL */);
Kernel DRM miscellaneous fixes and cross-tree changes