2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
6 * PACKET - implements raw packet sockets.
8 * Version: $Id: af_packet.c,v 1.61 2002/02/08 03:57:19 davem Exp $
11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Alan Cox, <gw4pts@gw4pts.ampr.org>
15 * Alan Cox : verify_area() now used correctly
16 * Alan Cox : new skbuff lists, look ma no backlogs!
17 * Alan Cox : tidied skbuff lists.
18 * Alan Cox : Now uses generic datagram routines I
19 * added. Also fixed the peek/read crash
20 * from all old Linux datagram code.
21 * Alan Cox : Uses the improved datagram code.
22 * Alan Cox : Added NULL's for socket options.
23 * Alan Cox : Re-commented the code.
24 * Alan Cox : Use new kernel side addressing
25 * Rob Janssen : Correct MTU usage.
26 * Dave Platt : Counter leaks caused by incorrect
27 * interrupt locking and some slightly
28 * dubious gcc output. Can you read
29 * compiler: it said _VOLATILE_
30 * Richard Kooijman : Timestamp fixes.
31 * Alan Cox : New buffers. Use sk->mac.raw.
32 * Alan Cox : sendmsg/recvmsg support.
33 * Alan Cox : Protocol setting support
34 * Alexey Kuznetsov : Untied from IPv4 stack.
35 * Cyrus Durgin : Fixed kerneld for kmod.
36 * Michal Ostrowski : Module initialization cleanup.
37 * Ulises Alonso : Frame number limit removal and
38 * packet_set_ring memory leak.
40 * This program is free software; you can redistribute it and/or
41 * modify it under the terms of the GNU General Public License
42 * as published by the Free Software Foundation; either version
43 * 2 of the License, or (at your option) any later version.
47 #include <linux/config.h>
48 #include <linux/types.h>
49 #include <linux/sched.h>
51 #include <linux/fcntl.h>
52 #include <linux/socket.h>
54 #include <linux/inet.h>
55 #include <linux/netdevice.h>
56 #include <linux/if_packet.h>
57 #include <linux/wireless.h>
58 #include <linux/kmod.h>
60 #include <net/protocol.h>
61 #include <linux/skbuff.h>
63 #include <linux/errno.h>
64 #include <linux/timer.h>
65 #include <asm/system.h>
66 #include <asm/uaccess.h>
67 #include <asm/ioctls.h>
70 #include <linux/proc_fs.h>
71 #include <linux/seq_file.h>
72 #include <linux/poll.h>
73 #include <linux/module.h>
74 #include <linux/init.h>
77 #include <net/inet_common.h>
80 #define CONFIG_SOCK_PACKET 1
83 Proposed replacement for SIOC{ADD,DEL}MULTI and
84 IFF_PROMISC, IFF_ALLMULTI flags.
86 It is more expensive, but I believe,
87 it is really correct solution: reentereble, safe and fault tolerant.
89 IFF_PROMISC/IFF_ALLMULTI/SIOC{ADD/DEL}MULTI are faked by keeping
90 reference count and global flag, so that real status is
91 (gflag|(count != 0)), so that we can use obsolete faulty interface
92 not harming clever users.
94 #define CONFIG_PACKET_MULTICAST 1
98 - if device has no dev->hard_header routine, it adds and removes ll header
99 inside itself. In this case ll header is invisible outside of device,
100 but higher levels still should reserve dev->hard_header_len.
101 Some devices are enough clever to reallocate skb, when header
102 will not fit to reserved space (tunnel), another ones are silly
104 - packet socket receives packets with pulled ll header,
105 so that SOCK_RAW should push it back.
110 Incoming, dev->hard_header!=NULL
114 Outgoing, dev->hard_header!=NULL
118 Incoming, dev->hard_header==NULL
119 mac.raw -> UNKNOWN position. It is very likely, that it points to ll header.
120 PPP makes it, that is wrong, because introduce assymetry
121 between rx and tx paths.
124 Outgoing, dev->hard_header==NULL
125 mac.raw -> data. ll header is still not built!
129 If dev->hard_header==NULL we are unlikely to restore sensible ll header.
135 dev->hard_header != NULL
139 dev->hard_header == NULL (ll header is added by device, we cannot control it)
143 We should set nh.raw on output to correct posistion,
144 packet classifier depends on it.
147 /* List of all packet sockets. */
148 static HLIST_HEAD(packet_sklist);
149 static DEFINE_RWLOCK(packet_sklist_lock);
151 static atomic_t packet_socks_nr;
154 /* Private packet socket structures. */
156 #ifdef CONFIG_PACKET_MULTICAST
159 struct packet_mclist *next;
164 unsigned char addr[8];
167 #ifdef CONFIG_PACKET_MMAP
168 static int packet_set_ring(struct sock *sk, struct tpacket_req *req, int closing);
171 static void packet_flush_mclist(struct sock *sk);
174 /* struct sock has to be the first member of packet_sock */
176 struct tpacket_stats stats;
177 #ifdef CONFIG_PACKET_MMAP
180 unsigned int frames_per_block;
181 unsigned int frame_size;
182 unsigned int frame_max;
185 struct packet_type prot_hook;
186 spinlock_t bind_lock;
187 char running; /* prot_hook is attached*/
188 int ifindex; /* bound device */
190 #ifdef CONFIG_PACKET_MULTICAST
191 struct packet_mclist *mclist;
193 #ifdef CONFIG_PACKET_MMAP
195 unsigned int pg_vec_order;
196 unsigned int pg_vec_pages;
197 unsigned int pg_vec_len;
201 #ifdef CONFIG_PACKET_MMAP
203 static inline char *packet_lookup_frame(struct packet_sock *po, unsigned int position)
205 unsigned int pg_vec_pos, frame_offset;
208 pg_vec_pos = position / po->frames_per_block;
209 frame_offset = position % po->frames_per_block;
211 frame = po->pg_vec[pg_vec_pos] + (frame_offset * po->frame_size);
217 static inline struct packet_sock *pkt_sk(struct sock *sk)
219 return (struct packet_sock *)sk;
222 static void packet_sock_destruct(struct sock *sk)
224 BUG_TRAP(!atomic_read(&sk->sk_rmem_alloc));
225 BUG_TRAP(!atomic_read(&sk->sk_wmem_alloc));
227 if (!sock_flag(sk, SOCK_DEAD)) {
228 printk("Attempt to release alive packet socket: %p\n", sk);
232 atomic_dec(&packet_socks_nr);
233 #ifdef PACKET_REFCNT_DEBUG
234 printk(KERN_DEBUG "PACKET socket %p is free, %d are alive\n", sk, atomic_read(&packet_socks_nr));
239 static struct proto_ops packet_ops;
241 #ifdef CONFIG_SOCK_PACKET
242 static struct proto_ops packet_ops_spkt;
244 static int packet_rcv_spkt(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt)
247 struct sockaddr_pkt *spkt;
250 * When we registered the protocol we saved the socket in the data
251 * field for just this event.
254 sk = pt->af_packet_priv;
257 * Yank back the headers [hope the device set this
258 * right or kerboom...]
260 * Incoming packets have ll header pulled,
263 * For outgoing ones skb->data == skb->mac.raw
264 * so that this procedure is noop.
267 if (skb->pkt_type == PACKET_LOOPBACK)
270 if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL)
273 /* drop any routing info */
274 dst_release(skb->dst);
277 /* drop conntrack reference */
280 spkt = (struct sockaddr_pkt*)skb->cb;
282 skb_push(skb, skb->data-skb->mac.raw);
285 * The SOCK_PACKET socket receives _all_ frames.
288 spkt->spkt_family = dev->type;
289 strlcpy(spkt->spkt_device, dev->name, sizeof(spkt->spkt_device));
290 spkt->spkt_protocol = skb->protocol;
293 * Charge the memory to the socket. This is done specifically
294 * to prevent sockets using all the memory up.
297 if (sock_queue_rcv_skb(sk,skb) == 0)
308 * Output a raw packet to a device layer. This bypasses all the other
309 * protocol layers and you must therefore supply it with a complete frame
312 static int packet_sendmsg_spkt(struct kiocb *iocb, struct socket *sock,
313 struct msghdr *msg, size_t len)
315 struct sock *sk = sock->sk;
316 struct sockaddr_pkt *saddr=(struct sockaddr_pkt *)msg->msg_name;
318 struct net_device *dev;
319 unsigned short proto=0;
323 * Get and verify the address.
328 if (msg->msg_namelen < sizeof(struct sockaddr))
330 if (msg->msg_namelen==sizeof(struct sockaddr_pkt))
331 proto=saddr->spkt_protocol;
334 return(-ENOTCONN); /* SOCK_PACKET must be sent giving an address */
337 * Find the device first to size check it
340 saddr->spkt_device[13] = 0;
341 dev = dev_get_by_name(saddr->spkt_device);
347 * You may not queue a frame bigger than the mtu. This is the lowest level
348 * raw protocol and you must do your own fragmentation at this level.
352 if(len>dev->mtu+dev->hard_header_len)
356 skb = sock_wmalloc(sk, len + LL_RESERVED_SPACE(dev), 0, GFP_KERNEL);
359 * If the write buffer is full, then tough. At this level the user gets to
360 * deal with the problem - do your own algorithmic backoffs. That's far
371 /* FIXME: Save some space for broken drivers that write a
372 * hard header at transmission time by themselves. PPP is the
373 * notable one here. This should really be fixed at the driver level.
375 skb_reserve(skb, LL_RESERVED_SPACE(dev));
376 skb->nh.raw = skb->data;
378 /* Try to align data part correctly */
379 if (dev->hard_header) {
380 skb->data -= dev->hard_header_len;
381 skb->tail -= dev->hard_header_len;
382 if (len < dev->hard_header_len)
383 skb->nh.raw = skb->data;
386 /* Returns -EFAULT on error */
387 err = memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len);
388 skb->protocol = proto;
390 skb->priority = sk->sk_priority;
395 if (!(dev->flags & IFF_UP))
415 static inline unsigned run_filter(struct sk_buff *skb, struct sock *sk, unsigned res)
417 struct sk_filter *filter;
420 filter = sk->sk_filter;
422 * Our caller already checked that filter != NULL but we need to
423 * verify that under bh_lock_sock() to be safe
425 if (likely(filter != NULL))
426 res = sk_run_filter(skb, filter->insns, filter->len);
433 This function makes lazy skb cloning in hope that most of packets
434 are discarded by BPF.
436 Note tricky part: we DO mangle shared skb! skb->data, skb->len
437 and skb->cb are mangled. It works because (and until) packets
438 falling here are owned by current CPU. Output packets are cloned
439 by dev_queue_xmit_nit(), input packets are processed by net_bh
440 sequencially, so that if we return skb to original state on exit,
441 we will not harm anyone.
444 static int packet_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt)
447 struct sockaddr_ll *sll;
448 struct packet_sock *po;
449 u8 * skb_head = skb->data;
450 int skb_len = skb->len;
453 if (skb->pkt_type == PACKET_LOOPBACK)
456 sk = pt->af_packet_priv;
459 #if defined(CONFIG_VNET) || defined(CONFIG_VNET_MODULE)
461 (int) sk->sk_xid > 0 && sk->sk_xid != skb->xid)
467 if (dev->hard_header) {
468 /* The device has an explicit notion of ll header,
469 exported to higher levels.
471 Otherwise, the device hides datails of it frame
472 structure, so that corresponding packet head
473 never delivered to user.
475 if (sk->sk_type != SOCK_DGRAM)
476 skb_push(skb, skb->data - skb->mac.raw);
477 else if (skb->pkt_type == PACKET_OUTGOING) {
478 /* Special case: outgoing packets have ll header at head */
479 skb_pull(skb, skb->nh.raw - skb->data);
486 unsigned res = run_filter(skb, sk, snaplen);
493 if (atomic_read(&sk->sk_rmem_alloc) + skb->truesize >=
494 (unsigned)sk->sk_rcvbuf)
497 if (skb_shared(skb)) {
498 struct sk_buff *nskb = skb_clone(skb, GFP_ATOMIC);
502 if (skb_head != skb->data) {
503 skb->data = skb_head;
510 sll = (struct sockaddr_ll*)skb->cb;
511 sll->sll_family = AF_PACKET;
512 sll->sll_hatype = dev->type;
513 sll->sll_protocol = skb->protocol;
514 sll->sll_pkttype = skb->pkt_type;
515 sll->sll_ifindex = dev->ifindex;
518 if (dev->hard_header_parse)
519 sll->sll_halen = dev->hard_header_parse(skb, sll->sll_addr);
521 if (pskb_trim(skb, snaplen))
524 skb_set_owner_r(skb, sk);
526 dst_release(skb->dst);
529 /* drop conntrack reference */
532 spin_lock(&sk->sk_receive_queue.lock);
533 po->stats.tp_packets++;
534 __skb_queue_tail(&sk->sk_receive_queue, skb);
535 spin_unlock(&sk->sk_receive_queue.lock);
536 sk->sk_data_ready(sk, skb->len);
540 spin_lock(&sk->sk_receive_queue.lock);
541 po->stats.tp_drops++;
542 spin_unlock(&sk->sk_receive_queue.lock);
545 if (skb_head != skb->data && skb_shared(skb)) {
546 skb->data = skb_head;
554 #ifdef CONFIG_PACKET_MMAP
555 static int tpacket_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt)
558 struct packet_sock *po;
559 struct sockaddr_ll *sll;
560 struct tpacket_hdr *h;
561 u8 * skb_head = skb->data;
562 int skb_len = skb->len;
564 unsigned long status = TP_STATUS_LOSING|TP_STATUS_USER;
565 unsigned short macoff, netoff;
566 struct sk_buff *copy_skb = NULL;
568 if (skb->pkt_type == PACKET_LOOPBACK)
571 sk = pt->af_packet_priv;
574 if (dev->hard_header) {
575 if (sk->sk_type != SOCK_DGRAM)
576 skb_push(skb, skb->data - skb->mac.raw);
577 else if (skb->pkt_type == PACKET_OUTGOING) {
578 /* Special case: outgoing packets have ll header at head */
579 skb_pull(skb, skb->nh.raw - skb->data);
580 if (skb->ip_summed == CHECKSUM_HW)
581 status |= TP_STATUS_CSUMNOTREADY;
588 unsigned res = run_filter(skb, sk, snaplen);
595 if (sk->sk_type == SOCK_DGRAM) {
596 macoff = netoff = TPACKET_ALIGN(TPACKET_HDRLEN) + 16;
598 unsigned maclen = skb->nh.raw - skb->data;
599 netoff = TPACKET_ALIGN(TPACKET_HDRLEN + (maclen < 16 ? 16 : maclen));
600 macoff = netoff - maclen;
603 if (macoff + snaplen > po->frame_size) {
604 if (po->copy_thresh &&
605 atomic_read(&sk->sk_rmem_alloc) + skb->truesize <
606 (unsigned)sk->sk_rcvbuf) {
607 if (skb_shared(skb)) {
608 copy_skb = skb_clone(skb, GFP_ATOMIC);
610 copy_skb = skb_get(skb);
611 skb_head = skb->data;
614 skb_set_owner_r(copy_skb, sk);
616 snaplen = po->frame_size - macoff;
617 if ((int)snaplen < 0)
620 if (snaplen > skb->len-skb->data_len)
621 snaplen = skb->len-skb->data_len;
623 spin_lock(&sk->sk_receive_queue.lock);
624 h = (struct tpacket_hdr *)packet_lookup_frame(po, po->head);
628 po->head = po->head != po->frame_max ? po->head+1 : 0;
629 po->stats.tp_packets++;
631 status |= TP_STATUS_COPY;
632 __skb_queue_tail(&sk->sk_receive_queue, copy_skb);
634 if (!po->stats.tp_drops)
635 status &= ~TP_STATUS_LOSING;
636 spin_unlock(&sk->sk_receive_queue.lock);
638 memcpy((u8*)h + macoff, skb->data, snaplen);
640 h->tp_len = skb->len;
641 h->tp_snaplen = snaplen;
644 if (skb->stamp.tv_sec == 0) {
645 do_gettimeofday(&skb->stamp);
646 sock_enable_timestamp(sk);
648 h->tp_sec = skb->stamp.tv_sec;
649 h->tp_usec = skb->stamp.tv_usec;
651 sll = (struct sockaddr_ll*)((u8*)h + TPACKET_ALIGN(sizeof(*h)));
653 if (dev->hard_header_parse)
654 sll->sll_halen = dev->hard_header_parse(skb, sll->sll_addr);
655 sll->sll_family = AF_PACKET;
656 sll->sll_hatype = dev->type;
657 sll->sll_protocol = skb->protocol;
658 sll->sll_pkttype = skb->pkt_type;
659 sll->sll_ifindex = dev->ifindex;
661 h->tp_status = status;
665 struct page *p_start, *p_end;
666 u8 *h_end = (u8 *)h + macoff + snaplen - 1;
668 p_start = virt_to_page(h);
669 p_end = virt_to_page(h_end);
670 while (p_start <= p_end) {
671 flush_dcache_page(p_start);
676 sk->sk_data_ready(sk, 0);
679 if (skb_head != skb->data && skb_shared(skb)) {
680 skb->data = skb_head;
688 po->stats.tp_drops++;
689 spin_unlock(&sk->sk_receive_queue.lock);
691 sk->sk_data_ready(sk, 0);
700 static int packet_sendmsg(struct kiocb *iocb, struct socket *sock,
701 struct msghdr *msg, size_t len)
703 struct sock *sk = sock->sk;
704 struct sockaddr_ll *saddr=(struct sockaddr_ll *)msg->msg_name;
706 struct net_device *dev;
707 unsigned short proto;
709 int ifindex, err, reserve = 0;
712 * Get and verify the address.
716 struct packet_sock *po = pkt_sk(sk);
718 ifindex = po->ifindex;
723 if (msg->msg_namelen < sizeof(struct sockaddr_ll))
725 ifindex = saddr->sll_ifindex;
726 proto = saddr->sll_protocol;
727 addr = saddr->sll_addr;
731 dev = dev_get_by_index(ifindex);
735 if (sock->type == SOCK_RAW)
736 reserve = dev->hard_header_len;
739 if (len > dev->mtu+reserve)
742 skb = sock_alloc_send_skb(sk, len + LL_RESERVED_SPACE(dev),
743 msg->msg_flags & MSG_DONTWAIT, &err);
747 skb_reserve(skb, LL_RESERVED_SPACE(dev));
748 skb->nh.raw = skb->data;
750 if (dev->hard_header) {
753 res = dev->hard_header(skb, dev, ntohs(proto), addr, NULL, len);
754 if (sock->type != SOCK_DGRAM) {
755 skb->tail = skb->data;
761 /* Returns -EFAULT on error */
762 err = memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len);
766 skb->protocol = proto;
768 skb->priority = sk->sk_priority;
771 if (!(dev->flags & IFF_UP))
778 err = dev_queue_xmit(skb);
779 if (err > 0 && (err = net_xmit_errno(err)) != 0)
796 * Close a PACKET socket. This is fairly simple. We immediately go
797 * to 'closed' state and remove our protocol entry in the device list.
800 static int packet_release(struct socket *sock)
802 struct sock *sk = sock->sk;
803 struct packet_sock *po;
810 write_lock_bh(&packet_sklist_lock);
811 sk_del_node_init(sk);
812 write_unlock_bh(&packet_sklist_lock);
815 * Unhook packet receive handler.
820 * Remove the protocol hook
822 dev_remove_pack(&po->prot_hook);
828 #ifdef CONFIG_PACKET_MULTICAST
829 packet_flush_mclist(sk);
832 #ifdef CONFIG_PACKET_MMAP
834 struct tpacket_req req;
835 memset(&req, 0, sizeof(req));
836 packet_set_ring(sk, &req, 1);
841 * Now the socket is dead. No more input will appear.
849 skb_queue_purge(&sk->sk_receive_queue);
856 * Attach a packet hook.
859 static int packet_do_bind(struct sock *sk, struct net_device *dev, int protocol)
861 struct packet_sock *po = pkt_sk(sk);
863 * Detach an existing hook if present.
868 spin_lock(&po->bind_lock);
873 spin_unlock(&po->bind_lock);
874 dev_remove_pack(&po->prot_hook);
875 spin_lock(&po->bind_lock);
879 po->prot_hook.type = protocol;
880 po->prot_hook.dev = dev;
882 po->ifindex = dev ? dev->ifindex : 0;
888 if (dev->flags&IFF_UP) {
889 dev_add_pack(&po->prot_hook);
893 sk->sk_err = ENETDOWN;
894 if (!sock_flag(sk, SOCK_DEAD))
895 sk->sk_error_report(sk);
898 dev_add_pack(&po->prot_hook);
904 spin_unlock(&po->bind_lock);
910 * Bind a packet socket to a device
913 #ifdef CONFIG_SOCK_PACKET
915 static int packet_bind_spkt(struct socket *sock, struct sockaddr *uaddr, int addr_len)
917 struct sock *sk=sock->sk;
919 struct net_device *dev;
926 if(addr_len!=sizeof(struct sockaddr))
928 strlcpy(name,uaddr->sa_data,sizeof(name));
930 dev = dev_get_by_name(name);
932 err = packet_do_bind(sk, dev, pkt_sk(sk)->num);
939 static int packet_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
941 struct sockaddr_ll *sll = (struct sockaddr_ll*)uaddr;
942 struct sock *sk=sock->sk;
943 struct net_device *dev = NULL;
951 if (addr_len < sizeof(struct sockaddr_ll))
953 if (sll->sll_family != AF_PACKET)
956 if (sll->sll_ifindex) {
958 dev = dev_get_by_index(sll->sll_ifindex);
962 err = packet_do_bind(sk, dev, sll->sll_protocol ? : pkt_sk(sk)->num);
970 static struct proto packet_proto = {
972 .owner = THIS_MODULE,
973 .obj_size = sizeof(struct packet_sock),
977 * Create a packet of type SOCK_PACKET.
980 static int packet_create(struct socket *sock, int protocol)
983 struct packet_sock *po;
986 if (!capable(CAP_NET_RAW))
988 if (sock->type != SOCK_DGRAM && sock->type != SOCK_RAW
989 #ifdef CONFIG_SOCK_PACKET
990 && sock->type != SOCK_PACKET
993 return -ESOCKTNOSUPPORT;
995 sock->state = SS_UNCONNECTED;
998 sk = sk_alloc(PF_PACKET, GFP_KERNEL, &packet_proto, 1);
1002 sock->ops = &packet_ops;
1003 #ifdef CONFIG_SOCK_PACKET
1004 if (sock->type == SOCK_PACKET)
1005 sock->ops = &packet_ops_spkt;
1007 sock_init_data(sock, sk);
1010 sk->sk_family = PF_PACKET;
1013 sk->sk_destruct = packet_sock_destruct;
1014 atomic_inc(&packet_socks_nr);
1017 * Attach a protocol block
1020 spin_lock_init(&po->bind_lock);
1021 po->prot_hook.func = packet_rcv;
1022 #ifdef CONFIG_SOCK_PACKET
1023 if (sock->type == SOCK_PACKET)
1024 po->prot_hook.func = packet_rcv_spkt;
1026 po->prot_hook.af_packet_priv = sk;
1029 po->prot_hook.type = protocol;
1030 dev_add_pack(&po->prot_hook);
1035 write_lock_bh(&packet_sklist_lock);
1036 sk_add_node(sk, &packet_sklist);
1037 write_unlock_bh(&packet_sklist_lock);
1044 * Pull a packet from our receive queue and hand it to the user.
1045 * If necessary we block.
1048 static int packet_recvmsg(struct kiocb *iocb, struct socket *sock,
1049 struct msghdr *msg, size_t len, int flags)
1051 struct sock *sk = sock->sk;
1052 struct sk_buff *skb;
1056 if (flags & ~(MSG_PEEK|MSG_DONTWAIT|MSG_TRUNC|MSG_CMSG_COMPAT))
1060 /* What error should we return now? EUNATTACH? */
1061 if (pkt_sk(sk)->ifindex < 0)
1066 * If the address length field is there to be filled in, we fill
1070 if (sock->type == SOCK_PACKET)
1071 msg->msg_namelen = sizeof(struct sockaddr_pkt);
1073 msg->msg_namelen = sizeof(struct sockaddr_ll);
1076 * Call the generic datagram receiver. This handles all sorts
1077 * of horrible races and re-entrancy so we can forget about it
1078 * in the protocol layers.
1080 * Now it will return ENETDOWN, if device have just gone down,
1081 * but then it will block.
1084 skb=skb_recv_datagram(sk,flags,flags&MSG_DONTWAIT,&err);
1087 * An error occurred so return it. Because skb_recv_datagram()
1088 * handles the blocking we don't see and worry about blocking
1096 * You lose any data beyond the buffer you gave. If it worries a
1097 * user program they can ask the device for its MTU anyway.
1104 msg->msg_flags|=MSG_TRUNC;
1107 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
1111 sock_recv_timestamp(msg, sk, skb);
1114 memcpy(msg->msg_name, skb->cb, msg->msg_namelen);
1117 * Free or return the buffer as appropriate. Again this
1118 * hides all the races and re-entrancy issues from us.
1120 err = (flags&MSG_TRUNC) ? skb->len : copied;
1123 skb_free_datagram(sk, skb);
1128 #ifdef CONFIG_SOCK_PACKET
1129 static int packet_getname_spkt(struct socket *sock, struct sockaddr *uaddr,
1130 int *uaddr_len, int peer)
1132 struct net_device *dev;
1133 struct sock *sk = sock->sk;
1138 uaddr->sa_family = AF_PACKET;
1139 dev = dev_get_by_index(pkt_sk(sk)->ifindex);
1141 strlcpy(uaddr->sa_data, dev->name, 15);
1144 memset(uaddr->sa_data, 0, 14);
1145 *uaddr_len = sizeof(*uaddr);
1151 static int packet_getname(struct socket *sock, struct sockaddr *uaddr,
1152 int *uaddr_len, int peer)
1154 struct net_device *dev;
1155 struct sock *sk = sock->sk;
1156 struct packet_sock *po = pkt_sk(sk);
1157 struct sockaddr_ll *sll = (struct sockaddr_ll*)uaddr;
1162 sll->sll_family = AF_PACKET;
1163 sll->sll_ifindex = po->ifindex;
1164 sll->sll_protocol = po->num;
1165 dev = dev_get_by_index(po->ifindex);
1167 sll->sll_hatype = dev->type;
1168 sll->sll_halen = dev->addr_len;
1169 memcpy(sll->sll_addr, dev->dev_addr, dev->addr_len);
1172 sll->sll_hatype = 0; /* Bad: we have no ARPHRD_UNSPEC */
1175 *uaddr_len = sizeof(*sll);
1180 #ifdef CONFIG_PACKET_MULTICAST
1181 static void packet_dev_mc(struct net_device *dev, struct packet_mclist *i, int what)
1184 case PACKET_MR_MULTICAST:
1186 dev_mc_add(dev, i->addr, i->alen, 0);
1188 dev_mc_delete(dev, i->addr, i->alen, 0);
1190 case PACKET_MR_PROMISC:
1191 dev_set_promiscuity(dev, what);
1193 case PACKET_MR_ALLMULTI:
1194 dev_set_allmulti(dev, what);
1200 static void packet_dev_mclist(struct net_device *dev, struct packet_mclist *i, int what)
1202 for ( ; i; i=i->next) {
1203 if (i->ifindex == dev->ifindex)
1204 packet_dev_mc(dev, i, what);
1208 static int packet_mc_add(struct sock *sk, struct packet_mreq *mreq)
1210 struct packet_sock *po = pkt_sk(sk);
1211 struct packet_mclist *ml, *i;
1212 struct net_device *dev;
1218 dev = __dev_get_by_index(mreq->mr_ifindex);
1223 if (mreq->mr_alen > dev->addr_len)
1227 i = (struct packet_mclist *)kmalloc(sizeof(*i), GFP_KERNEL);
1232 for (ml = po->mclist; ml; ml = ml->next) {
1233 if (ml->ifindex == mreq->mr_ifindex &&
1234 ml->type == mreq->mr_type &&
1235 ml->alen == mreq->mr_alen &&
1236 memcmp(ml->addr, mreq->mr_address, ml->alen) == 0) {
1238 /* Free the new element ... */
1244 i->type = mreq->mr_type;
1245 i->ifindex = mreq->mr_ifindex;
1246 i->alen = mreq->mr_alen;
1247 memcpy(i->addr, mreq->mr_address, i->alen);
1249 i->next = po->mclist;
1251 packet_dev_mc(dev, i, +1);
1258 static int packet_mc_drop(struct sock *sk, struct packet_mreq *mreq)
1260 struct packet_mclist *ml, **mlp;
1264 for (mlp = &pkt_sk(sk)->mclist; (ml = *mlp) != NULL; mlp = &ml->next) {
1265 if (ml->ifindex == mreq->mr_ifindex &&
1266 ml->type == mreq->mr_type &&
1267 ml->alen == mreq->mr_alen &&
1268 memcmp(ml->addr, mreq->mr_address, ml->alen) == 0) {
1269 if (--ml->count == 0) {
1270 struct net_device *dev;
1272 dev = dev_get_by_index(ml->ifindex);
1274 packet_dev_mc(dev, ml, -1);
1284 return -EADDRNOTAVAIL;
1287 static void packet_flush_mclist(struct sock *sk)
1289 struct packet_sock *po = pkt_sk(sk);
1290 struct packet_mclist *ml;
1296 while ((ml = po->mclist) != NULL) {
1297 struct net_device *dev;
1299 po->mclist = ml->next;
1300 if ((dev = dev_get_by_index(ml->ifindex)) != NULL) {
1301 packet_dev_mc(dev, ml, -1);
1311 packet_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int optlen)
1313 struct sock *sk = sock->sk;
1316 if (level != SOL_PACKET)
1317 return -ENOPROTOOPT;
1320 #ifdef CONFIG_PACKET_MULTICAST
1321 case PACKET_ADD_MEMBERSHIP:
1322 case PACKET_DROP_MEMBERSHIP:
1324 struct packet_mreq mreq;
1325 if (optlen<sizeof(mreq))
1327 if (copy_from_user(&mreq,optval,sizeof(mreq)))
1329 if (optname == PACKET_ADD_MEMBERSHIP)
1330 ret = packet_mc_add(sk, &mreq);
1332 ret = packet_mc_drop(sk, &mreq);
1336 #ifdef CONFIG_PACKET_MMAP
1337 case PACKET_RX_RING:
1339 struct tpacket_req req;
1341 if (optlen<sizeof(req))
1343 if (copy_from_user(&req,optval,sizeof(req)))
1345 return packet_set_ring(sk, &req, 0);
1347 case PACKET_COPY_THRESH:
1351 if (optlen!=sizeof(val))
1353 if (copy_from_user(&val,optval,sizeof(val)))
1356 pkt_sk(sk)->copy_thresh = val;
1361 return -ENOPROTOOPT;
1365 static int packet_getsockopt(struct socket *sock, int level, int optname,
1366 char __user *optval, int __user *optlen)
1369 struct sock *sk = sock->sk;
1370 struct packet_sock *po = pkt_sk(sk);
1372 if (level != SOL_PACKET)
1373 return -ENOPROTOOPT;
1375 if (get_user(len,optlen))
1382 case PACKET_STATISTICS:
1384 struct tpacket_stats st;
1386 if (len > sizeof(struct tpacket_stats))
1387 len = sizeof(struct tpacket_stats);
1388 spin_lock_bh(&sk->sk_receive_queue.lock);
1390 memset(&po->stats, 0, sizeof(st));
1391 spin_unlock_bh(&sk->sk_receive_queue.lock);
1392 st.tp_packets += st.tp_drops;
1394 if (copy_to_user(optval, &st, len))
1399 return -ENOPROTOOPT;
1402 if (put_user(len, optlen))
1408 static int packet_notifier(struct notifier_block *this, unsigned long msg, void *data)
1411 struct hlist_node *node;
1412 struct net_device *dev = (struct net_device*)data;
1414 read_lock(&packet_sklist_lock);
1415 sk_for_each(sk, node, &packet_sklist) {
1416 struct packet_sock *po = pkt_sk(sk);
1419 case NETDEV_UNREGISTER:
1420 #ifdef CONFIG_PACKET_MULTICAST
1422 packet_dev_mclist(dev, po->mclist, -1);
1426 if (dev->ifindex == po->ifindex) {
1427 spin_lock(&po->bind_lock);
1429 __dev_remove_pack(&po->prot_hook);
1432 sk->sk_err = ENETDOWN;
1433 if (!sock_flag(sk, SOCK_DEAD))
1434 sk->sk_error_report(sk);
1436 if (msg == NETDEV_UNREGISTER) {
1438 po->prot_hook.dev = NULL;
1440 spin_unlock(&po->bind_lock);
1444 spin_lock(&po->bind_lock);
1445 if (dev->ifindex == po->ifindex && po->num &&
1447 dev_add_pack(&po->prot_hook);
1451 spin_unlock(&po->bind_lock);
1455 read_unlock(&packet_sklist_lock);
1460 static int packet_ioctl(struct socket *sock, unsigned int cmd,
1463 struct sock *sk = sock->sk;
1468 int amount = atomic_read(&sk->sk_wmem_alloc);
1469 return put_user(amount, (int __user *)arg);
1473 struct sk_buff *skb;
1476 spin_lock_bh(&sk->sk_receive_queue.lock);
1477 skb = skb_peek(&sk->sk_receive_queue);
1480 spin_unlock_bh(&sk->sk_receive_queue.lock);
1481 return put_user(amount, (int __user *)arg);
1484 return sock_get_timestamp(sk, (struct timeval __user *)arg);
1494 case SIOCGIFBRDADDR:
1495 case SIOCSIFBRDADDR:
1496 case SIOCGIFNETMASK:
1497 case SIOCSIFNETMASK:
1498 case SIOCGIFDSTADDR:
1499 case SIOCSIFDSTADDR:
1501 return inet_dgram_ops.ioctl(sock, cmd, arg);
1505 return dev_ioctl(cmd, (void __user *)arg);
1510 #ifndef CONFIG_PACKET_MMAP
1511 #define packet_mmap sock_no_mmap
1512 #define packet_poll datagram_poll
1515 static unsigned int packet_poll(struct file * file, struct socket *sock,
1518 struct sock *sk = sock->sk;
1519 struct packet_sock *po = pkt_sk(sk);
1520 unsigned int mask = datagram_poll(file, sock, wait);
1522 spin_lock_bh(&sk->sk_receive_queue.lock);
1524 unsigned last = po->head ? po->head-1 : po->frame_max;
1525 struct tpacket_hdr *h;
1527 h = (struct tpacket_hdr *)packet_lookup_frame(po, last);
1530 mask |= POLLIN | POLLRDNORM;
1532 spin_unlock_bh(&sk->sk_receive_queue.lock);
1537 /* Dirty? Well, I still did not learn better way to account
1541 static void packet_mm_open(struct vm_area_struct *vma)
1543 struct file *file = vma->vm_file;
1544 struct inode *inode = file->f_dentry->d_inode;
1545 struct socket * sock = SOCKET_I(inode);
1546 struct sock *sk = sock->sk;
1549 atomic_inc(&pkt_sk(sk)->mapped);
1552 static void packet_mm_close(struct vm_area_struct *vma)
1554 struct file *file = vma->vm_file;
1555 struct inode *inode = file->f_dentry->d_inode;
1556 struct socket * sock = SOCKET_I(inode);
1557 struct sock *sk = sock->sk;
1560 atomic_dec(&pkt_sk(sk)->mapped);
1563 static struct vm_operations_struct packet_mmap_ops = {
1564 .open = packet_mm_open,
1565 .close =packet_mm_close,
1568 static inline struct page *pg_vec_endpage(char *one_pg_vec, unsigned int order)
1570 return virt_to_page(one_pg_vec + (PAGE_SIZE << order) - 1);
1573 static void free_pg_vec(char **pg_vec, unsigned order, unsigned len)
1577 for (i=0; i<len; i++) {
1579 struct page *page, *pend;
1581 pend = pg_vec_endpage(pg_vec[i], order);
1582 for (page = virt_to_page(pg_vec[i]); page <= pend; page++)
1583 ClearPageReserved(page);
1584 free_pages((unsigned long)pg_vec[i], order);
1591 static int packet_set_ring(struct sock *sk, struct tpacket_req *req, int closing)
1593 char **pg_vec = NULL;
1594 struct packet_sock *po = pkt_sk(sk);
1595 int was_running, num, order = 0;
1598 if (req->tp_block_nr) {
1601 /* Sanity tests and some calculations */
1606 if ((int)req->tp_block_size <= 0)
1608 if (req->tp_block_size&(PAGE_SIZE-1))
1610 if (req->tp_frame_size < TPACKET_HDRLEN)
1612 if (req->tp_frame_size&(TPACKET_ALIGNMENT-1))
1615 po->frames_per_block = req->tp_block_size/req->tp_frame_size;
1616 if (po->frames_per_block <= 0)
1618 if (po->frames_per_block*req->tp_block_nr != req->tp_frame_nr)
1622 /* Allocate page vector */
1623 while ((PAGE_SIZE<<order) < req->tp_block_size)
1628 pg_vec = kmalloc(req->tp_block_nr*sizeof(char *), GFP_KERNEL);
1631 memset(pg_vec, 0, req->tp_block_nr*sizeof(char **));
1633 for (i=0; i<req->tp_block_nr; i++) {
1634 struct page *page, *pend;
1635 pg_vec[i] = (char *)__get_free_pages(GFP_KERNEL, order);
1637 goto out_free_pgvec;
1639 pend = pg_vec_endpage(pg_vec[i], order);
1640 for (page = virt_to_page(pg_vec[i]); page <= pend; page++)
1641 SetPageReserved(page);
1643 /* Page vector is allocated */
1646 for (i=0; i<req->tp_block_nr; i++) {
1647 char *ptr = pg_vec[i];
1648 struct tpacket_hdr *header;
1651 for (k=0; k<po->frames_per_block; k++) {
1653 header = (struct tpacket_hdr*)ptr;
1654 header->tp_status = TP_STATUS_KERNEL;
1655 ptr += req->tp_frame_size;
1660 if (req->tp_frame_nr)
1666 /* Detach socket from network */
1667 spin_lock(&po->bind_lock);
1668 was_running = po->running;
1671 __dev_remove_pack(&po->prot_hook);
1676 spin_unlock(&po->bind_lock);
1681 if (closing || atomic_read(&po->mapped) == 0) {
1683 #define XC(a, b) ({ __typeof__ ((a)) __t; __t = (a); (a) = (b); __t; })
1685 spin_lock_bh(&sk->sk_receive_queue.lock);
1686 pg_vec = XC(po->pg_vec, pg_vec);
1687 po->frame_max = req->tp_frame_nr-1;
1689 po->frame_size = req->tp_frame_size;
1690 spin_unlock_bh(&sk->sk_receive_queue.lock);
1692 order = XC(po->pg_vec_order, order);
1693 req->tp_block_nr = XC(po->pg_vec_len, req->tp_block_nr);
1695 po->pg_vec_pages = req->tp_block_size/PAGE_SIZE;
1696 po->prot_hook.func = po->pg_vec ? tpacket_rcv : packet_rcv;
1697 skb_queue_purge(&sk->sk_receive_queue);
1699 if (atomic_read(&po->mapped))
1700 printk(KERN_DEBUG "packet_mmap: vma is busy: %d\n", atomic_read(&po->mapped));
1703 spin_lock(&po->bind_lock);
1704 if (was_running && !po->running) {
1708 dev_add_pack(&po->prot_hook);
1710 spin_unlock(&po->bind_lock);
1716 free_pg_vec(pg_vec, order, req->tp_block_nr);
1721 static int packet_mmap(struct file *file, struct socket *sock, struct vm_area_struct *vma)
1723 struct sock *sk = sock->sk;
1724 struct packet_sock *po = pkt_sk(sk);
1726 unsigned long start;
1733 size = vma->vm_end - vma->vm_start;
1736 if (po->pg_vec == NULL)
1738 if (size != po->pg_vec_len*po->pg_vec_pages*PAGE_SIZE)
1741 atomic_inc(&po->mapped);
1742 start = vma->vm_start;
1744 for (i=0; i<po->pg_vec_len; i++) {
1745 if (remap_pfn_range(vma, start,
1746 __pa(po->pg_vec[i]) >> PAGE_SHIFT,
1747 po->pg_vec_pages*PAGE_SIZE,
1750 start += po->pg_vec_pages*PAGE_SIZE;
1752 vma->vm_ops = &packet_mmap_ops;
1762 #ifdef CONFIG_SOCK_PACKET
1763 static struct proto_ops packet_ops_spkt = {
1764 .family = PF_PACKET,
1765 .owner = THIS_MODULE,
1766 .release = packet_release,
1767 .bind = packet_bind_spkt,
1768 .connect = sock_no_connect,
1769 .socketpair = sock_no_socketpair,
1770 .accept = sock_no_accept,
1771 .getname = packet_getname_spkt,
1772 .poll = datagram_poll,
1773 .ioctl = packet_ioctl,
1774 .listen = sock_no_listen,
1775 .shutdown = sock_no_shutdown,
1776 .setsockopt = sock_no_setsockopt,
1777 .getsockopt = sock_no_getsockopt,
1778 .sendmsg = packet_sendmsg_spkt,
1779 .recvmsg = packet_recvmsg,
1780 .mmap = sock_no_mmap,
1781 .sendpage = sock_no_sendpage,
1785 static struct proto_ops packet_ops = {
1786 .family = PF_PACKET,
1787 .owner = THIS_MODULE,
1788 .release = packet_release,
1789 .bind = packet_bind,
1790 .connect = sock_no_connect,
1791 .socketpair = sock_no_socketpair,
1792 .accept = sock_no_accept,
1793 .getname = packet_getname,
1794 .poll = packet_poll,
1795 .ioctl = packet_ioctl,
1796 .listen = sock_no_listen,
1797 .shutdown = sock_no_shutdown,
1798 .setsockopt = packet_setsockopt,
1799 .getsockopt = packet_getsockopt,
1800 .sendmsg = packet_sendmsg,
1801 .recvmsg = packet_recvmsg,
1802 .mmap = packet_mmap,
1803 .sendpage = sock_no_sendpage,
1806 #if defined(CONFIG_VNET) || defined(CONFIG_VNET_MODULE)
1807 EXPORT_SYMBOL(packet_ops);
1808 struct net_proto_family packet_family_ops;
1809 EXPORT_SYMBOL(packet_family_ops);
1813 struct net_proto_family packet_family_ops = {
1814 .family = PF_PACKET,
1815 .create = packet_create,
1816 .owner = THIS_MODULE,
1819 static struct notifier_block packet_netdev_notifier = {
1820 .notifier_call =packet_notifier,
1823 #ifdef CONFIG_PROC_FS
1824 static inline struct sock *packet_seq_idx(loff_t off)
1827 struct hlist_node *node;
1829 sk_for_each(s, node, &packet_sklist) {
1836 static void *packet_seq_start(struct seq_file *seq, loff_t *pos)
1838 read_lock(&packet_sklist_lock);
1839 return *pos ? packet_seq_idx(*pos - 1) : SEQ_START_TOKEN;
1842 static void *packet_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1845 return (v == SEQ_START_TOKEN)
1846 ? sk_head(&packet_sklist)
1847 : sk_next((struct sock*)v) ;
1850 static void packet_seq_stop(struct seq_file *seq, void *v)
1852 read_unlock(&packet_sklist_lock);
1855 static int packet_seq_show(struct seq_file *seq, void *v)
1857 if (v == SEQ_START_TOKEN)
1858 seq_puts(seq, "sk RefCnt Type Proto Iface R Rmem User Inode\n");
1861 const struct packet_sock *po = pkt_sk(s);
1864 "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n",
1866 atomic_read(&s->sk_refcnt),
1871 atomic_read(&s->sk_rmem_alloc),
1879 static struct seq_operations packet_seq_ops = {
1880 .start = packet_seq_start,
1881 .next = packet_seq_next,
1882 .stop = packet_seq_stop,
1883 .show = packet_seq_show,
1886 static int packet_seq_open(struct inode *inode, struct file *file)
1888 return seq_open(file, &packet_seq_ops);
1891 static struct file_operations packet_seq_fops = {
1892 .owner = THIS_MODULE,
1893 .open = packet_seq_open,
1895 .llseek = seq_lseek,
1896 .release = seq_release,
1901 static void __exit packet_exit(void)
1903 proc_net_remove("packet");
1904 unregister_netdevice_notifier(&packet_netdev_notifier);
1905 sock_unregister(PF_PACKET);
1906 proto_unregister(&packet_proto);
1909 static int __init packet_init(void)
1911 int rc = proto_register(&packet_proto, 0);
1916 sock_register(&packet_family_ops);
1917 register_netdevice_notifier(&packet_netdev_notifier);
1918 proc_net_fops_create("packet", 0, &packet_seq_fops);
1923 module_init(packet_init);
1924 module_exit(packet_exit);
1925 MODULE_LICENSE("GPL");
1926 MODULE_ALIAS_NETPROTO(PF_PACKET);