net/unix/diag.c

   1 #include <linux/types.h>
   2 #include <linux/spinlock.h>
   3 #include <linux/sock_diag.h>
   4 #include <linux/unix_diag.h>
   5 #include <linux/skbuff.h>
   6 #include <linux/module.h>
   7 #include <net/netlink.h>
   8 #include <net/af_unix.h>
   9 #include <net/tcp_states.h>
  10
  11 static int sk_diag_dump_name(struct sock *sk, struct sk_buff *nlskb)
  12 {
  13         /* might or might not have unix_table_lock */
  14         struct unix_address *addr = smp_load_acquire(&unix_sk(sk)->addr);
  15
  16         if (!addr)
  17                 return 0;
  18
  19         return nla_put(nlskb, UNIX_DIAG_NAME, addr->len - sizeof(short),
  20                        addr->name->sun_path);
  21 }
  22
  23 static int sk_diag_dump_vfs(struct sock *sk, struct sk_buff *nlskb)
  24 {
  25         struct dentry *dentry = unix_sk(sk)->path.dentry;
  26
  27         if (dentry) {
  28                 struct unix_diag_vfs uv = {
  29                         .udiag_vfs_ino = d_backing_inode(dentry)->i_ino,
  30                         .udiag_vfs_dev = dentry->d_sb->s_dev,
  31                 };
  32
  33                 return nla_put(nlskb, UNIX_DIAG_VFS, sizeof(uv), &uv);
  34         }
  35
  36         return 0;
  37 }
  38
  39 static int sk_diag_dump_peer(struct sock *sk, struct sk_buff *nlskb)
  40 {
  41         struct sock *peer;
  42         int ino;
  43
  44         peer = unix_peer_get(sk);
  45         if (peer) {
  46                 unix_state_lock(peer);
  47                 ino = sock_i_ino(peer);
  48                 unix_state_unlock(peer);
  49                 sock_put(peer);
  50
  51                 return nla_put_u32(nlskb, UNIX_DIAG_PEER, ino);
  52         }
  53
  54         return 0;
  55 }
  56
  57 static int sk_diag_dump_icons(struct sock *sk, struct sk_buff *nlskb)
  58 {
  59         struct sk_buff *skb;
  60         struct nlattr *attr;
  61         u32 *buf;
  62         int i;
  63
  64         if (sk->sk_state == TCP_LISTEN) {
  65                 spin_lock(&sk->sk_receive_queue.lock);
  66
  67                 attr = nla_reserve(nlskb, UNIX_DIAG_ICONS,
  68                                    sk->sk_receive_queue.qlen * sizeof(u32));
  69                 if (!attr)
  70                         goto errout;
  71
  72                 buf = nla_data(attr);
  73                 i = 0;
  74                 skb_queue_walk(&sk->sk_receive_queue, skb) {
  75                         struct sock *req, *peer;
  76
  77                         req = skb->sk;
  78                         /*
  79                          * The state lock is outer for the same sk's
  80                          * queue lock. With the other's queue locked it's
  81                          * OK to lock the state.
  82                          */
  83                         unix_state_lock_nested(req);
  84                         peer = unix_sk(req)->peer;
  85                         buf[i++] = (peer ? sock_i_ino(peer) : 0);
  86                         unix_state_unlock(req);
  87                 }
  88                 spin_unlock(&sk->sk_receive_queue.lock);
  89         }
  90
  91         return 0;
  92
  93 errout:
  94         spin_unlock(&sk->sk_receive_queue.lock);
  95         return -EMSGSIZE;
  96 }
  97
  98 static int sk_diag_show_rqlen(struct sock *sk, struct sk_buff *nlskb)
  99 {
 100         struct unix_diag_rqlen rql;
 101
 102         if (sk->sk_state == TCP_LISTEN) {
 103                 rql.udiag_rqueue = sk->sk_receive_queue.qlen;
 104                 rql.udiag_wqueue = sk->sk_max_ack_backlog;
 105         } else {
 106                 rql.udiag_rqueue = (u32) unix_inq_len(sk);
 107                 rql.udiag_wqueue = (u32) unix_outq_len(sk);
 108         }
 109
 110         return nla_put(nlskb, UNIX_DIAG_RQLEN, sizeof(rql), &rql);
 111 }
 112
 113 static int sk_diag_fill(struct sock *sk, struct sk_buff *skb, struct unix_diag_req *req,
 114                 u32 portid, u32 seq, u32 flags, int sk_ino)
 115 {
 116         struct nlmsghdr *nlh;
 117         struct unix_diag_msg *rep;
 118
 119         nlh = nlmsg_put(skb, portid, seq, SOCK_DIAG_BY_FAMILY, sizeof(*rep),
 120                         flags);
 121         if (!nlh)
 122                 return -EMSGSIZE;
 123
 124         rep = nlmsg_data(nlh);
 125         rep->udiag_family = AF_UNIX;
 126         rep->udiag_type = sk->sk_type;
 127         rep->udiag_state = sk->sk_state;
 128         rep->pad = 0;
 129         rep->udiag_ino = sk_ino;
 130         sock_diag_save_cookie(sk, rep->udiag_cookie);
 131
 132         if ((req->udiag_show & UDIAG_SHOW_NAME) &&
 133             sk_diag_dump_name(sk, skb))
 134                 goto out_nlmsg_trim;
 135
 136         if ((req->udiag_show & UDIAG_SHOW_VFS) &&
 137             sk_diag_dump_vfs(sk, skb))
 138                 goto out_nlmsg_trim;
 139
 140         if ((req->udiag_show & UDIAG_SHOW_PEER) &&
 141             sk_diag_dump_peer(sk, skb))
 142                 goto out_nlmsg_trim;
 143
 144         if ((req->udiag_show & UDIAG_SHOW_ICONS) &&
 145             sk_diag_dump_icons(sk, skb))
 146                 goto out_nlmsg_trim;
 147
 148         if ((req->udiag_show & UDIAG_SHOW_RQLEN) &&
 149             sk_diag_show_rqlen(sk, skb))
 150                 goto out_nlmsg_trim;
 151
 152         if ((req->udiag_show & UDIAG_SHOW_MEMINFO) &&
 153             sock_diag_put_meminfo(sk, skb, UNIX_DIAG_MEMINFO))
 154                 goto out_nlmsg_trim;
 155
 156         if (nla_put_u8(skb, UNIX_DIAG_SHUTDOWN, sk->sk_shutdown))
 157                 goto out_nlmsg_trim;
 158
 159         nlmsg_end(skb, nlh);
 160         return 0;
 161
 162 out_nlmsg_trim:
 163         nlmsg_cancel(skb, nlh);
 164         return -EMSGSIZE;
 165 }
 166
 167 static int sk_diag_dump(struct sock *sk, struct sk_buff *skb, struct unix_diag_req *req,
 168                 u32 portid, u32 seq, u32 flags)
 169 {
 170         int sk_ino;
 171
 172         unix_state_lock(sk);
 173         sk_ino = sock_i_ino(sk);
 174         unix_state_unlock(sk);
 175
 176         if (!sk_ino)
 177                 return 0;
 178
 179         return sk_diag_fill(sk, skb, req, portid, seq, flags, sk_ino);
 180 }
 181
 182 static int unix_diag_dump(struct sk_buff *skb, struct netlink_callback *cb)
 183 {
 184         struct unix_diag_req *req;
 185         int num, s_num, slot, s_slot;
 186         struct net *net = sock_net(skb->sk);
 187
 188         req = nlmsg_data(cb->nlh);
 189
 190         s_slot = cb->args[0];
 191         num = s_num = cb->args[1];
 192
 193         spin_lock(&unix_table_lock);
 194         for (slot = s_slot;
 195              slot < ARRAY_SIZE(unix_socket_table);
 196              s_num = 0, slot++) {
 197                 struct sock *sk;
 198
 199                 num = 0;
 200                 sk_for_each(sk, &unix_socket_table[slot]) {
 201                         if (!net_eq(sock_net(sk), net))
 202                                 continue;
 203                         if (num < s_num)
 204                                 goto next;
 205                         if (!(req->udiag_states & (1 << sk->sk_state)))
 206                                 goto next;
 207                         if (sk_diag_dump(sk, skb, req,
 208                                          NETLINK_CB(cb->skb).portid,
 209                                          cb->nlh->nlmsg_seq,
 210                                          NLM_F_MULTI) < 0)
 211                                 goto done;
 212 next:
 213                         num++;
 214                 }
 215         }
 216 done:
 217         spin_unlock(&unix_table_lock);
 218         cb->args[0] = slot;
 219         cb->args[1] = num;
 220
 221         return skb->len;
 222 }
 223
 224 static struct sock *unix_lookup_by_ino(unsigned int ino)
 225 {
 226         int i;
 227         struct sock *sk;
 228
 229         spin_lock(&unix_table_lock);
 230         for (i = 0; i < ARRAY_SIZE(unix_socket_table); i++) {
 231                 sk_for_each(sk, &unix_socket_table[i])
 232                         if (ino == sock_i_ino(sk)) {
 233                                 sock_hold(sk);
 234                                 spin_unlock(&unix_table_lock);
 235
 236                                 return sk;
 237                         }
 238         }
 239
 240         spin_unlock(&unix_table_lock);
 241         return NULL;
 242 }
 243
 244 static int unix_diag_get_exact(struct sk_buff *in_skb,
 245                                const struct nlmsghdr *nlh,
 246                                struct unix_diag_req *req)
 247 {
 248         int err = -EINVAL;
 249         struct sock *sk;
 250         struct sk_buff *rep;
 251         unsigned int extra_len;
 252         struct net *net = sock_net(in_skb->sk);
 253
 254         if (req->udiag_ino == 0)
 255                 goto out_nosk;
 256
 257         sk = unix_lookup_by_ino(req->udiag_ino);
 258         err = -ENOENT;
 259         if (sk == NULL)
 260                 goto out_nosk;
 261         if (!net_eq(sock_net(sk), net))
 262                 goto out;
 263
 264         err = sock_diag_check_cookie(sk, req->udiag_cookie);
 265         if (err)
 266                 goto out;
 267
 268         extra_len = 256;
 269 again:
 270         err = -ENOMEM;
 271         rep = nlmsg_new(sizeof(struct unix_diag_msg) + extra_len, GFP_KERNEL);
 272         if (!rep)
 273                 goto out;
 274
 275         err = sk_diag_fill(sk, rep, req, NETLINK_CB(in_skb).portid,
 276                            nlh->nlmsg_seq, 0, req->udiag_ino);
 277         if (err < 0) {
 278                 nlmsg_free(rep);
 279                 extra_len += 256;
 280                 if (extra_len >= PAGE_SIZE)
 281                         goto out;
 282
 283                 goto again;
 284         }
 285         err = netlink_unicast(net->diag_nlsk, rep, NETLINK_CB(in_skb).portid,
 286                               MSG_DONTWAIT);
 287         if (err > 0)
 288                 err = 0;
 289 out:
 290         if (sk)
 291                 sock_put(sk);
 292 out_nosk:
 293         return err;
 294 }
 295
 296 static int unix_diag_handler_dump(struct sk_buff *skb, struct nlmsghdr *h)
 297 {
 298         int hdrlen = sizeof(struct unix_diag_req);
 299         struct net *net = sock_net(skb->sk);
 300
 301         if (nlmsg_len(h) < hdrlen)
 302                 return -EINVAL;
 303
 304         if (h->nlmsg_flags & NLM_F_DUMP) {
 305                 struct netlink_dump_control c = {
 306                         .dump = unix_diag_dump,
 307                 };
 308                 return netlink_dump_start(net->diag_nlsk, skb, h, &c);
 309         } else
 310                 return unix_diag_get_exact(skb, h, nlmsg_data(h));
 311 }
 312
 313 static const struct sock_diag_handler unix_diag_handler = {
 314         .family = AF_UNIX,
 315         .dump = unix_diag_handler_dump,
 316 };
 317
 318 static int __init unix_diag_init(void)
 319 {
 320         return sock_diag_register(&unix_diag_handler);
 321 }
 322
 323 static void __exit unix_diag_exit(void)
 324 {
 325         sock_diag_unregister(&unix_diag_handler);
 326 }
 327
 328 module_init(unix_diag_init);
 329 module_exit(unix_diag_exit);
 330 MODULE_LICENSE("GPL");
 331 MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_NETLINK, NETLINK_SOCK_DIAG, 1 /* AF_LOCAL */);