2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
6 * PACKET - implements raw packet sockets.
8 * Version: $Id: af_packet.c,v 1.61 2002/02/08 03:57:19 davem Exp $
10 * Authors: Ross Biro, <bir7@leland.Stanford.Edu>
11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Alan Cox, <gw4pts@gw4pts.ampr.org>
15 * Alan Cox : verify_area() now used correctly
16 * Alan Cox : new skbuff lists, look ma no backlogs!
17 * Alan Cox : tidied skbuff lists.
18 * Alan Cox : Now uses generic datagram routines I
19 * added. Also fixed the peek/read crash
20 * from all old Linux datagram code.
21 * Alan Cox : Uses the improved datagram code.
22 * Alan Cox : Added NULL's for socket options.
23 * Alan Cox : Re-commented the code.
24 * Alan Cox : Use new kernel side addressing
25 * Rob Janssen : Correct MTU usage.
26 * Dave Platt : Counter leaks caused by incorrect
27 * interrupt locking and some slightly
28 * dubious gcc output. Can you read
29 * compiler: it said _VOLATILE_
30 * Richard Kooijman : Timestamp fixes.
31 * Alan Cox : New buffers. Use sk->mac.raw.
32 * Alan Cox : sendmsg/recvmsg support.
33 * Alan Cox : Protocol setting support
34 * Alexey Kuznetsov : Untied from IPv4 stack.
35 * Cyrus Durgin : Fixed kerneld for kmod.
36 * Michal Ostrowski : Module initialization cleanup.
37 * Ulises Alonso : Frame number limit removal and
38 * packet_set_ring memory leak.
40 * This program is free software; you can redistribute it and/or
41 * modify it under the terms of the GNU General Public License
42 * as published by the Free Software Foundation; either version
43 * 2 of the License, or (at your option) any later version.
47 #include <linux/config.h>
48 #include <linux/types.h>
49 #include <linux/sched.h>
51 #include <linux/fcntl.h>
52 #include <linux/socket.h>
54 #include <linux/inet.h>
55 #include <linux/netdevice.h>
56 #include <linux/if_packet.h>
57 #include <linux/wireless.h>
58 #include <linux/kmod.h>
60 #include <net/protocol.h>
61 #include <linux/skbuff.h>
63 #include <linux/errno.h>
64 #include <linux/timer.h>
65 #include <asm/system.h>
66 #include <asm/uaccess.h>
67 #include <asm/ioctls.h>
68 #include <linux/proc_fs.h>
69 #include <linux/seq_file.h>
70 #include <linux/poll.h>
71 #include <linux/module.h>
72 #include <linux/init.h>
73 #include <linux/vs_base.h>
74 #include <linux/vs_context.h>
75 #include <linux/vs_network.h>
78 #include <net/inet_common.h>
81 #define CONFIG_SOCK_PACKET 1
84 Proposed replacement for SIOC{ADD,DEL}MULTI and
85 IFF_PROMISC, IFF_ALLMULTI flags.
87 It is more expensive, but I believe,
88 it is really correct solution: reentereble, safe and fault tolerant.
90 IFF_PROMISC/IFF_ALLMULTI/SIOC{ADD/DEL}MULTI are faked by keeping
91 reference count and global flag, so that real status is
92 (gflag|(count != 0)), so that we can use obsolete faulty interface
93 not harming clever users.
95 #define CONFIG_PACKET_MULTICAST 1
99 - if device has no dev->hard_header routine, it adds and removes ll header
100 inside itself. In this case ll header is invisible outside of device,
101 but higher levels still should reserve dev->hard_header_len.
102 Some devices are enough clever to reallocate skb, when header
103 will not fit to reserved space (tunnel), another ones are silly
105 - packet socket receives packets with pulled ll header,
106 so that SOCK_RAW should push it back.
111 Incoming, dev->hard_header!=NULL
115 Outgoing, dev->hard_header!=NULL
119 Incoming, dev->hard_header==NULL
120 mac.raw -> UNKNOWN position. It is very likely, that it points to ll header.
121 PPP makes it, that is wrong, because introduce assymetry
122 between rx and tx paths.
125 Outgoing, dev->hard_header==NULL
126 mac.raw -> data. ll header is still not built!
130 If dev->hard_header==NULL we are unlikely to restore sensible ll header.
136 dev->hard_header != NULL
140 dev->hard_header == NULL (ll header is added by device, we cannot control it)
144 We should set nh.raw on output to correct posistion,
145 packet classifier depends on it.
148 /* List of all packet sockets. */
149 HLIST_HEAD(packet_sklist);
150 static rwlock_t packet_sklist_lock = RW_LOCK_UNLOCKED;
152 atomic_t packet_socks_nr;
155 /* Private packet socket structures. */
157 #ifdef CONFIG_PACKET_MULTICAST
160 struct packet_mclist *next;
165 unsigned char addr[8];
168 #ifdef CONFIG_PACKET_MMAP
169 static int packet_set_ring(struct sock *sk, struct tpacket_req *req, int closing);
172 static void packet_flush_mclist(struct sock *sk);
176 struct tpacket_stats stats;
177 #ifdef CONFIG_PACKET_MMAP
178 unsigned long *pg_vec;
180 unsigned int frames_per_block;
181 unsigned int frame_size;
182 unsigned int frame_max;
185 struct packet_type prot_hook;
186 spinlock_t bind_lock;
187 char running; /* prot_hook is attached*/
188 int ifindex; /* bound device */
190 #ifdef CONFIG_PACKET_MULTICAST
191 struct packet_mclist *mclist;
193 #ifdef CONFIG_PACKET_MMAP
195 unsigned int pg_vec_order;
196 unsigned int pg_vec_pages;
197 unsigned int pg_vec_len;
201 #ifdef CONFIG_PACKET_MMAP
203 static inline unsigned long packet_lookup_frame(struct packet_opt *po, unsigned int position)
205 unsigned int pg_vec_pos, frame_offset;
208 pg_vec_pos = position / po->frames_per_block;
209 frame_offset = position % po->frames_per_block;
211 frame = (unsigned long) (po->pg_vec[pg_vec_pos] + (frame_offset * po->frame_size));
217 #define pkt_sk(__sk) ((struct packet_opt *)(__sk)->sk_protinfo)
219 void packet_sock_destruct(struct sock *sk)
221 BUG_TRAP(!atomic_read(&sk->sk_rmem_alloc));
222 BUG_TRAP(!atomic_read(&sk->sk_wmem_alloc));
223 BUG_ON(sk->sk_nx_info);
224 BUG_ON(sk->sk_vx_info);
226 if (!sock_flag(sk, SOCK_DEAD)) {
227 printk("Attempt to release alive packet socket: %p\n", sk);
233 atomic_dec(&packet_socks_nr);
234 #ifdef PACKET_REFCNT_DEBUG
235 printk(KERN_DEBUG "PACKET socket %p is free, %d are alive\n", sk, atomic_read(&packet_socks_nr));
240 extern struct proto_ops packet_ops;
242 #ifdef CONFIG_SOCK_PACKET
243 extern struct proto_ops packet_ops_spkt;
245 static int packet_rcv_spkt(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt)
248 struct sockaddr_pkt *spkt;
251 * When we registered the protocol we saved the socket in the data
252 * field for just this event.
255 sk = pt->af_packet_priv;
258 * Yank back the headers [hope the device set this
259 * right or kerboom...]
261 * Incoming packets have ll header pulled,
264 * For outgoing ones skb->data == skb->mac.raw
265 * so that this procedure is noop.
268 if (skb->pkt_type == PACKET_LOOPBACK)
271 if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL)
274 /* drop any routing info */
275 dst_release(skb->dst);
278 spkt = (struct sockaddr_pkt*)skb->cb;
280 skb_push(skb, skb->data-skb->mac.raw);
283 * The SOCK_PACKET socket receives _all_ frames.
286 spkt->spkt_family = dev->type;
287 strlcpy(spkt->spkt_device, dev->name, sizeof(spkt->spkt_device));
288 spkt->spkt_protocol = skb->protocol;
291 * Charge the memory to the socket. This is done specifically
292 * to prevent sockets using all the memory up.
295 if (sock_queue_rcv_skb(sk,skb) == 0)
306 * Output a raw packet to a device layer. This bypasses all the other
307 * protocol layers and you must therefore supply it with a complete frame
310 static int packet_sendmsg_spkt(struct kiocb *iocb, struct socket *sock,
311 struct msghdr *msg, size_t len)
313 struct sock *sk = sock->sk;
314 struct sockaddr_pkt *saddr=(struct sockaddr_pkt *)msg->msg_name;
316 struct net_device *dev;
317 unsigned short proto=0;
321 * Get and verify the address.
326 if (msg->msg_namelen < sizeof(struct sockaddr))
328 if (msg->msg_namelen==sizeof(struct sockaddr_pkt))
329 proto=saddr->spkt_protocol;
332 return(-ENOTCONN); /* SOCK_PACKET must be sent giving an address */
335 * Find the device first to size check it
338 saddr->spkt_device[13] = 0;
339 dev = dev_get_by_name(saddr->spkt_device);
345 * You may not queue a frame bigger than the mtu. This is the lowest level
346 * raw protocol and you must do your own fragmentation at this level.
350 if(len>dev->mtu+dev->hard_header_len)
354 skb = sock_wmalloc(sk, len + LL_RESERVED_SPACE(dev), 0, GFP_KERNEL);
357 * If the write buffer is full, then tough. At this level the user gets to
358 * deal with the problem - do your own algorithmic backoffs. That's far
369 /* FIXME: Save some space for broken drivers that write a
370 * hard header at transmission time by themselves. PPP is the
371 * notable one here. This should really be fixed at the driver level.
373 skb_reserve(skb, LL_RESERVED_SPACE(dev));
374 skb->nh.raw = skb->data;
376 /* Try to align data part correctly */
377 if (dev->hard_header) {
378 skb->data -= dev->hard_header_len;
379 skb->tail -= dev->hard_header_len;
380 if (len < dev->hard_header_len)
381 skb->nh.raw = skb->data;
384 /* Returns -EFAULT on error */
385 err = memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len);
386 skb->protocol = proto;
388 skb->priority = sk->sk_priority;
393 if (!(dev->flags & IFF_UP))
413 static inline unsigned run_filter(struct sk_buff *skb, struct sock *sk, unsigned res)
415 struct sk_filter *filter;
418 filter = sk->sk_filter;
420 * Our caller already checked that filter != NULL but we need to
421 * verify that under bh_lock_sock() to be safe
423 if (likely(filter != NULL))
424 res = sk_run_filter(skb, filter->insns, filter->len);
431 This function makes lazy skb cloning in hope that most of packets
432 are discarded by BPF.
434 Note tricky part: we DO mangle shared skb! skb->data, skb->len
435 and skb->cb are mangled. It works because (and until) packets
436 falling here are owned by current CPU. Output packets are cloned
437 by dev_queue_xmit_nit(), input packets are processed by net_bh
438 sequencially, so that if we return skb to original state on exit,
439 we will not harm anyone.
442 static int packet_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt)
445 struct sockaddr_ll *sll;
446 struct packet_opt *po;
447 u8 * skb_head = skb->data;
448 int skb_len = skb->len;
451 if (skb->pkt_type == PACKET_LOOPBACK)
454 sk = pt->af_packet_priv;
457 if (sk->sk_xid && sk->sk_xid != skb->xid)
462 if (dev->hard_header) {
463 /* The device has an explicit notion of ll header,
464 exported to higher levels.
466 Otherwise, the device hides datails of it frame
467 structure, so that corresponding packet head
468 never delivered to user.
470 if (sk->sk_type != SOCK_DGRAM)
471 skb_push(skb, skb->data - skb->mac.raw);
472 else if (skb->pkt_type == PACKET_OUTGOING) {
473 /* Special case: outgoing packets have ll header at head */
474 skb_pull(skb, skb->nh.raw - skb->data);
481 unsigned res = run_filter(skb, sk, snaplen);
488 if (atomic_read(&sk->sk_rmem_alloc) + skb->truesize >=
489 (unsigned)sk->sk_rcvbuf)
492 if (skb_shared(skb)) {
493 struct sk_buff *nskb = skb_clone(skb, GFP_ATOMIC);
497 if (skb_head != skb->data) {
498 skb->data = skb_head;
505 sll = (struct sockaddr_ll*)skb->cb;
506 sll->sll_family = AF_PACKET;
507 sll->sll_hatype = dev->type;
508 sll->sll_protocol = skb->protocol;
509 sll->sll_pkttype = skb->pkt_type;
510 sll->sll_ifindex = dev->ifindex;
513 if (dev->hard_header_parse)
514 sll->sll_halen = dev->hard_header_parse(skb, sll->sll_addr);
516 if (pskb_trim(skb, snaplen))
519 skb_set_owner_r(skb, sk);
521 dst_release(skb->dst);
524 spin_lock(&sk->sk_receive_queue.lock);
525 po->stats.tp_packets++;
526 __skb_queue_tail(&sk->sk_receive_queue, skb);
527 spin_unlock(&sk->sk_receive_queue.lock);
528 sk->sk_data_ready(sk, skb->len);
532 spin_lock(&sk->sk_receive_queue.lock);
533 po->stats.tp_drops++;
534 spin_unlock(&sk->sk_receive_queue.lock);
537 if (skb_head != skb->data && skb_shared(skb)) {
538 skb->data = skb_head;
546 #ifdef CONFIG_PACKET_MMAP
547 static int tpacket_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt)
550 struct packet_opt *po;
551 struct sockaddr_ll *sll;
552 struct tpacket_hdr *h;
553 u8 * skb_head = skb->data;
554 int skb_len = skb->len;
556 unsigned long status = TP_STATUS_LOSING|TP_STATUS_USER;
557 unsigned short macoff, netoff;
558 struct sk_buff *copy_skb = NULL;
560 if (skb->pkt_type == PACKET_LOOPBACK)
563 sk = pt->af_packet_priv;
566 if (dev->hard_header) {
567 if (sk->sk_type != SOCK_DGRAM)
568 skb_push(skb, skb->data - skb->mac.raw);
569 else if (skb->pkt_type == PACKET_OUTGOING) {
570 /* Special case: outgoing packets have ll header at head */
571 skb_pull(skb, skb->nh.raw - skb->data);
572 if (skb->ip_summed == CHECKSUM_HW)
573 status |= TP_STATUS_CSUMNOTREADY;
580 unsigned res = run_filter(skb, sk, snaplen);
587 if (sk->sk_type == SOCK_DGRAM) {
588 macoff = netoff = TPACKET_ALIGN(TPACKET_HDRLEN) + 16;
590 unsigned maclen = skb->nh.raw - skb->data;
591 netoff = TPACKET_ALIGN(TPACKET_HDRLEN + (maclen < 16 ? 16 : maclen));
592 macoff = netoff - maclen;
595 if (macoff + snaplen > po->frame_size) {
596 if (po->copy_thresh &&
597 atomic_read(&sk->sk_rmem_alloc) + skb->truesize <
598 (unsigned)sk->sk_rcvbuf) {
599 if (skb_shared(skb)) {
600 copy_skb = skb_clone(skb, GFP_ATOMIC);
602 copy_skb = skb_get(skb);
603 skb_head = skb->data;
606 skb_set_owner_r(copy_skb, sk);
608 snaplen = po->frame_size - macoff;
609 if ((int)snaplen < 0)
612 if (snaplen > skb->len-skb->data_len)
613 snaplen = skb->len-skb->data_len;
615 spin_lock(&sk->sk_receive_queue.lock);
616 h = (struct tpacket_hdr *)packet_lookup_frame(po, po->head);
620 po->head = po->head != po->frame_max ? po->head+1 : 0;
621 po->stats.tp_packets++;
623 status |= TP_STATUS_COPY;
624 __skb_queue_tail(&sk->sk_receive_queue, copy_skb);
626 if (!po->stats.tp_drops)
627 status &= ~TP_STATUS_LOSING;
628 spin_unlock(&sk->sk_receive_queue.lock);
630 memcpy((u8*)h + macoff, skb->data, snaplen);
632 h->tp_len = skb->len;
633 h->tp_snaplen = snaplen;
636 if (skb->stamp.tv_sec == 0) {
637 do_gettimeofday(&skb->stamp);
638 sock_enable_timestamp(sk);
640 h->tp_sec = skb->stamp.tv_sec;
641 h->tp_usec = skb->stamp.tv_usec;
643 sll = (struct sockaddr_ll*)((u8*)h + TPACKET_ALIGN(sizeof(*h)));
645 if (dev->hard_header_parse)
646 sll->sll_halen = dev->hard_header_parse(skb, sll->sll_addr);
647 sll->sll_family = AF_PACKET;
648 sll->sll_hatype = dev->type;
649 sll->sll_protocol = skb->protocol;
650 sll->sll_pkttype = skb->pkt_type;
651 sll->sll_ifindex = dev->ifindex;
653 h->tp_status = status;
657 struct page *p_start, *p_end;
658 u8 *h_end = (u8 *)h + macoff + snaplen - 1;
660 p_start = virt_to_page(h);
661 p_end = virt_to_page(h_end);
662 while (p_start <= p_end) {
663 flush_dcache_page(p_start);
668 sk->sk_data_ready(sk, 0);
671 if (skb_head != skb->data && skb_shared(skb)) {
672 skb->data = skb_head;
680 po->stats.tp_drops++;
681 spin_unlock(&sk->sk_receive_queue.lock);
683 sk->sk_data_ready(sk, 0);
692 static int packet_sendmsg(struct kiocb *iocb, struct socket *sock,
693 struct msghdr *msg, size_t len)
695 struct sock *sk = sock->sk;
696 struct sockaddr_ll *saddr=(struct sockaddr_ll *)msg->msg_name;
698 struct net_device *dev;
699 unsigned short proto;
701 int ifindex, err, reserve = 0;
704 * Get and verify the address.
708 struct packet_opt *po = pkt_sk(sk);
710 ifindex = po->ifindex;
715 if (msg->msg_namelen < sizeof(struct sockaddr_ll))
717 ifindex = saddr->sll_ifindex;
718 proto = saddr->sll_protocol;
719 addr = saddr->sll_addr;
723 dev = dev_get_by_index(ifindex);
727 if (sock->type == SOCK_RAW)
728 reserve = dev->hard_header_len;
731 if (len > dev->mtu+reserve)
734 skb = sock_alloc_send_skb(sk, len + LL_RESERVED_SPACE(dev),
735 msg->msg_flags & MSG_DONTWAIT, &err);
739 skb_reserve(skb, LL_RESERVED_SPACE(dev));
740 skb->nh.raw = skb->data;
742 if (dev->hard_header) {
745 res = dev->hard_header(skb, dev, ntohs(proto), addr, NULL, len);
746 if (sock->type != SOCK_DGRAM) {
747 skb->tail = skb->data;
753 /* Returns -EFAULT on error */
754 err = memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len);
758 skb->protocol = proto;
760 skb->priority = sk->sk_priority;
763 if (!(dev->flags & IFF_UP))
770 err = dev_queue_xmit(skb);
771 if (err > 0 && (err = net_xmit_errno(err)) != 0)
788 * Close a PACKET socket. This is fairly simple. We immediately go
789 * to 'closed' state and remove our protocol entry in the device list.
792 static int packet_release(struct socket *sock)
794 struct sock *sk = sock->sk;
795 struct packet_opt *po = pkt_sk(sk);
800 write_lock_bh(&packet_sklist_lock);
801 sk_del_node_init(sk);
802 write_unlock_bh(&packet_sklist_lock);
805 * Unhook packet receive handler.
810 * Remove the protocol hook
812 dev_remove_pack(&po->prot_hook);
818 #ifdef CONFIG_PACKET_MULTICAST
819 packet_flush_mclist(sk);
822 #ifdef CONFIG_PACKET_MMAP
824 struct tpacket_req req;
825 memset(&req, 0, sizeof(req));
826 packet_set_ring(sk, &req, 1);
830 clr_vx_info(&sk->sk_vx_info);
831 clr_nx_info(&sk->sk_nx_info);
834 * Now the socket is dead. No more input will appear.
842 skb_queue_purge(&sk->sk_receive_queue);
849 * Attach a packet hook.
852 static int packet_do_bind(struct sock *sk, struct net_device *dev, int protocol)
854 struct packet_opt *po = pkt_sk(sk);
856 * Detach an existing hook if present.
861 spin_lock(&po->bind_lock);
866 spin_unlock(&po->bind_lock);
867 dev_remove_pack(&po->prot_hook);
868 spin_lock(&po->bind_lock);
872 po->prot_hook.type = protocol;
873 po->prot_hook.dev = dev;
875 po->ifindex = dev ? dev->ifindex : 0;
881 if (dev->flags&IFF_UP) {
882 dev_add_pack(&po->prot_hook);
886 sk->sk_err = ENETDOWN;
887 if (!sock_flag(sk, SOCK_DEAD))
888 sk->sk_error_report(sk);
891 dev_add_pack(&po->prot_hook);
897 spin_unlock(&po->bind_lock);
903 * Bind a packet socket to a device
906 #ifdef CONFIG_SOCK_PACKET
908 static int packet_bind_spkt(struct socket *sock, struct sockaddr *uaddr, int addr_len)
910 struct sock *sk=sock->sk;
912 struct net_device *dev;
919 if(addr_len!=sizeof(struct sockaddr))
921 strlcpy(name,uaddr->sa_data,sizeof(name));
923 dev = dev_get_by_name(name);
925 err = packet_do_bind(sk, dev, pkt_sk(sk)->num);
932 static int packet_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
934 struct sockaddr_ll *sll = (struct sockaddr_ll*)uaddr;
935 struct sock *sk=sock->sk;
936 struct net_device *dev = NULL;
944 if (addr_len < sizeof(struct sockaddr_ll))
946 if (sll->sll_family != AF_PACKET)
949 if (sll->sll_ifindex) {
951 dev = dev_get_by_index(sll->sll_ifindex);
955 err = packet_do_bind(sk, dev, sll->sll_protocol ? : pkt_sk(sk)->num);
965 * Create a packet of type SOCK_PACKET.
968 static int packet_create(struct socket *sock, int protocol)
971 struct packet_opt *po;
974 if (!capable(CAP_NET_RAW))
976 if (sock->type != SOCK_DGRAM && sock->type != SOCK_RAW
977 #ifdef CONFIG_SOCK_PACKET
978 && sock->type != SOCK_PACKET
981 return -ESOCKTNOSUPPORT;
983 sock->state = SS_UNCONNECTED;
986 sk = sk_alloc(PF_PACKET, GFP_KERNEL, 1, NULL);
990 sock->ops = &packet_ops;
991 #ifdef CONFIG_SOCK_PACKET
992 if (sock->type == SOCK_PACKET)
993 sock->ops = &packet_ops_spkt;
995 sock_init_data(sock,sk);
996 sk_set_owner(sk, THIS_MODULE);
998 po = sk->sk_protinfo = kmalloc(sizeof(*po), GFP_KERNEL);
1001 memset(po, 0, sizeof(*po));
1002 sk->sk_family = PF_PACKET;
1005 sk->sk_destruct = packet_sock_destruct;
1006 atomic_inc(&packet_socks_nr);
1008 set_vx_info(&sk->sk_vx_info, current->vx_info);
1009 sk->sk_xid = vx_current_xid();
1010 set_nx_info(&sk->sk_nx_info, current->nx_info);
1011 sk->sk_nid = nx_current_nid();
1014 * Attach a protocol block
1017 spin_lock_init(&po->bind_lock);
1018 po->prot_hook.func = packet_rcv;
1019 #ifdef CONFIG_SOCK_PACKET
1020 if (sock->type == SOCK_PACKET)
1021 po->prot_hook.func = packet_rcv_spkt;
1023 po->prot_hook.af_packet_priv = sk;
1026 po->prot_hook.type = protocol;
1027 dev_add_pack(&po->prot_hook);
1032 write_lock_bh(&packet_sklist_lock);
1033 sk_add_node(sk, &packet_sklist);
1034 write_unlock_bh(&packet_sklist_lock);
1044 * Pull a packet from our receive queue and hand it to the user.
1045 * If necessary we block.
1048 static int packet_recvmsg(struct kiocb *iocb, struct socket *sock,
1049 struct msghdr *msg, size_t len, int flags)
1051 struct sock *sk = sock->sk;
1052 struct sk_buff *skb;
1056 if (flags & ~(MSG_PEEK|MSG_DONTWAIT|MSG_TRUNC|MSG_CMSG_COMPAT))
1060 /* What error should we return now? EUNATTACH? */
1061 if (pkt_sk(sk)->ifindex < 0)
1066 * If the address length field is there to be filled in, we fill
1070 if (sock->type == SOCK_PACKET)
1071 msg->msg_namelen = sizeof(struct sockaddr_pkt);
1073 msg->msg_namelen = sizeof(struct sockaddr_ll);
1076 * Call the generic datagram receiver. This handles all sorts
1077 * of horrible races and re-entrancy so we can forget about it
1078 * in the protocol layers.
1080 * Now it will return ENETDOWN, if device have just gone down,
1081 * but then it will block.
1084 skb=skb_recv_datagram(sk,flags,flags&MSG_DONTWAIT,&err);
1087 * An error occurred so return it. Because skb_recv_datagram()
1088 * handles the blocking we don't see and worry about blocking
1096 * You lose any data beyond the buffer you gave. If it worries a
1097 * user program they can ask the device for its MTU anyway.
1104 msg->msg_flags|=MSG_TRUNC;
1107 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
1111 sock_recv_timestamp(msg, sk, skb);
1114 memcpy(msg->msg_name, skb->cb, msg->msg_namelen);
1117 * Free or return the buffer as appropriate. Again this
1118 * hides all the races and re-entrancy issues from us.
1120 err = (flags&MSG_TRUNC) ? skb->len : copied;
1123 skb_free_datagram(sk, skb);
1128 #ifdef CONFIG_SOCK_PACKET
1129 static int packet_getname_spkt(struct socket *sock, struct sockaddr *uaddr,
1130 int *uaddr_len, int peer)
1132 struct net_device *dev;
1133 struct sock *sk = sock->sk;
1138 uaddr->sa_family = AF_PACKET;
1139 dev = dev_get_by_index(pkt_sk(sk)->ifindex);
1141 strlcpy(uaddr->sa_data, dev->name, 15);
1144 memset(uaddr->sa_data, 0, 14);
1145 *uaddr_len = sizeof(*uaddr);
1151 static int packet_getname(struct socket *sock, struct sockaddr *uaddr,
1152 int *uaddr_len, int peer)
1154 struct net_device *dev;
1155 struct sock *sk = sock->sk;
1156 struct packet_opt *po = pkt_sk(sk);
1157 struct sockaddr_ll *sll = (struct sockaddr_ll*)uaddr;
1162 sll->sll_family = AF_PACKET;
1163 sll->sll_ifindex = po->ifindex;
1164 sll->sll_protocol = po->num;
1165 dev = dev_get_by_index(po->ifindex);
1167 sll->sll_hatype = dev->type;
1168 sll->sll_halen = dev->addr_len;
1169 memcpy(sll->sll_addr, dev->dev_addr, dev->addr_len);
1172 sll->sll_hatype = 0; /* Bad: we have no ARPHRD_UNSPEC */
1175 *uaddr_len = sizeof(*sll);
1180 #ifdef CONFIG_PACKET_MULTICAST
1181 static void packet_dev_mc(struct net_device *dev, struct packet_mclist *i, int what)
1184 case PACKET_MR_MULTICAST:
1186 dev_mc_add(dev, i->addr, i->alen, 0);
1188 dev_mc_delete(dev, i->addr, i->alen, 0);
1190 case PACKET_MR_PROMISC:
1191 dev_set_promiscuity(dev, what);
1193 case PACKET_MR_ALLMULTI:
1194 dev_set_allmulti(dev, what);
1200 static void packet_dev_mclist(struct net_device *dev, struct packet_mclist *i, int what)
1202 for ( ; i; i=i->next) {
1203 if (i->ifindex == dev->ifindex)
1204 packet_dev_mc(dev, i, what);
1208 static int packet_mc_add(struct sock *sk, struct packet_mreq *mreq)
1210 struct packet_opt *po = pkt_sk(sk);
1211 struct packet_mclist *ml, *i;
1212 struct net_device *dev;
1218 dev = __dev_get_by_index(mreq->mr_ifindex);
1223 if (mreq->mr_alen > dev->addr_len)
1227 i = (struct packet_mclist *)kmalloc(sizeof(*i), GFP_KERNEL);
1232 for (ml = po->mclist; ml; ml = ml->next) {
1233 if (ml->ifindex == mreq->mr_ifindex &&
1234 ml->type == mreq->mr_type &&
1235 ml->alen == mreq->mr_alen &&
1236 memcmp(ml->addr, mreq->mr_address, ml->alen) == 0) {
1238 /* Free the new element ... */
1244 i->type = mreq->mr_type;
1245 i->ifindex = mreq->mr_ifindex;
1246 i->alen = mreq->mr_alen;
1247 memcpy(i->addr, mreq->mr_address, i->alen);
1249 i->next = po->mclist;
1251 packet_dev_mc(dev, i, +1);
1258 static int packet_mc_drop(struct sock *sk, struct packet_mreq *mreq)
1260 struct packet_mclist *ml, **mlp;
1264 for (mlp = &pkt_sk(sk)->mclist; (ml = *mlp) != NULL; mlp = &ml->next) {
1265 if (ml->ifindex == mreq->mr_ifindex &&
1266 ml->type == mreq->mr_type &&
1267 ml->alen == mreq->mr_alen &&
1268 memcmp(ml->addr, mreq->mr_address, ml->alen) == 0) {
1269 if (--ml->count == 0) {
1270 struct net_device *dev;
1272 dev = dev_get_by_index(ml->ifindex);
1274 packet_dev_mc(dev, ml, -1);
1284 return -EADDRNOTAVAIL;
1287 static void packet_flush_mclist(struct sock *sk)
1289 struct packet_opt *po = pkt_sk(sk);
1290 struct packet_mclist *ml;
1296 while ((ml = po->mclist) != NULL) {
1297 struct net_device *dev;
1299 po->mclist = ml->next;
1300 if ((dev = dev_get_by_index(ml->ifindex)) != NULL) {
1301 packet_dev_mc(dev, ml, -1);
1311 packet_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int optlen)
1313 struct sock *sk = sock->sk;
1316 if (level != SOL_PACKET)
1317 return -ENOPROTOOPT;
1320 #ifdef CONFIG_PACKET_MULTICAST
1321 case PACKET_ADD_MEMBERSHIP:
1322 case PACKET_DROP_MEMBERSHIP:
1324 struct packet_mreq mreq;
1325 if (optlen<sizeof(mreq))
1327 if (copy_from_user(&mreq,optval,sizeof(mreq)))
1329 if (optname == PACKET_ADD_MEMBERSHIP)
1330 ret = packet_mc_add(sk, &mreq);
1332 ret = packet_mc_drop(sk, &mreq);
1336 #ifdef CONFIG_PACKET_MMAP
1337 case PACKET_RX_RING:
1339 struct tpacket_req req;
1341 if (optlen<sizeof(req))
1343 if (copy_from_user(&req,optval,sizeof(req)))
1345 return packet_set_ring(sk, &req, 0);
1347 case PACKET_COPY_THRESH:
1351 if (optlen!=sizeof(val))
1353 if (copy_from_user(&val,optval,sizeof(val)))
1356 pkt_sk(sk)->copy_thresh = val;
1361 return -ENOPROTOOPT;
1365 int packet_getsockopt(struct socket *sock, int level, int optname,
1366 char __user *optval, int __user *optlen)
1369 struct sock *sk = sock->sk;
1370 struct packet_opt *po = pkt_sk(sk);
1372 if (level != SOL_PACKET)
1373 return -ENOPROTOOPT;
1375 if (get_user(len,optlen))
1382 case PACKET_STATISTICS:
1384 struct tpacket_stats st;
1386 if (len > sizeof(struct tpacket_stats))
1387 len = sizeof(struct tpacket_stats);
1388 spin_lock_bh(&sk->sk_receive_queue.lock);
1390 memset(&po->stats, 0, sizeof(st));
1391 spin_unlock_bh(&sk->sk_receive_queue.lock);
1392 st.tp_packets += st.tp_drops;
1394 if (copy_to_user(optval, &st, len))
1399 return -ENOPROTOOPT;
1402 if (put_user(len, optlen))
1408 static int packet_notifier(struct notifier_block *this, unsigned long msg, void *data)
1411 struct hlist_node *node;
1412 struct net_device *dev = (struct net_device*)data;
1414 read_lock(&packet_sklist_lock);
1415 sk_for_each(sk, node, &packet_sklist) {
1416 struct packet_opt *po = pkt_sk(sk);
1419 case NETDEV_UNREGISTER:
1420 #ifdef CONFIG_PACKET_MULTICAST
1422 packet_dev_mclist(dev, po->mclist, -1);
1426 if (dev->ifindex == po->ifindex) {
1427 spin_lock(&po->bind_lock);
1429 __dev_remove_pack(&po->prot_hook);
1432 sk->sk_err = ENETDOWN;
1433 if (!sock_flag(sk, SOCK_DEAD))
1434 sk->sk_error_report(sk);
1436 if (msg == NETDEV_UNREGISTER) {
1438 po->prot_hook.dev = NULL;
1440 spin_unlock(&po->bind_lock);
1444 spin_lock(&po->bind_lock);
1445 if (dev->ifindex == po->ifindex && po->num &&
1447 dev_add_pack(&po->prot_hook);
1451 spin_unlock(&po->bind_lock);
1455 read_unlock(&packet_sklist_lock);
1460 static int packet_ioctl(struct socket *sock, unsigned int cmd,
1463 struct sock *sk = sock->sk;
1468 int amount = atomic_read(&sk->sk_wmem_alloc);
1469 return put_user(amount, (int __user *)arg);
1473 struct sk_buff *skb;
1476 spin_lock_bh(&sk->sk_receive_queue.lock);
1477 skb = skb_peek(&sk->sk_receive_queue);
1480 spin_unlock_bh(&sk->sk_receive_queue.lock);
1481 return put_user(amount, (int __user *)arg);
1484 return sock_get_timestamp(sk, (struct timeval __user *)arg);
1494 case SIOCGIFBRDADDR:
1495 case SIOCSIFBRDADDR:
1496 case SIOCGIFNETMASK:
1497 case SIOCSIFNETMASK:
1498 case SIOCGIFDSTADDR:
1499 case SIOCSIFDSTADDR:
1501 return inet_dgram_ops.ioctl(sock, cmd, arg);
1505 return dev_ioctl(cmd, (void __user *)arg);
1510 #ifndef CONFIG_PACKET_MMAP
1511 #define packet_mmap sock_no_mmap
1512 #define packet_poll datagram_poll
1515 unsigned int packet_poll(struct file * file, struct socket *sock, poll_table *wait)
1517 struct sock *sk = sock->sk;
1518 struct packet_opt *po = pkt_sk(sk);
1519 unsigned int mask = datagram_poll(file, sock, wait);
1521 spin_lock_bh(&sk->sk_receive_queue.lock);
1523 unsigned last = po->head ? po->head-1 : po->frame_max;
1524 struct tpacket_hdr *h;
1526 h = (struct tpacket_hdr *)packet_lookup_frame(po, last);
1529 mask |= POLLIN | POLLRDNORM;
1531 spin_unlock_bh(&sk->sk_receive_queue.lock);
1536 /* Dirty? Well, I still did not learn better way to account
1540 static void packet_mm_open(struct vm_area_struct *vma)
1542 struct file *file = vma->vm_file;
1543 struct inode *inode = file->f_dentry->d_inode;
1544 struct socket * sock = SOCKET_I(inode);
1545 struct sock *sk = sock->sk;
1548 atomic_inc(&pkt_sk(sk)->mapped);
1551 static void packet_mm_close(struct vm_area_struct *vma)
1553 struct file *file = vma->vm_file;
1554 struct inode *inode = file->f_dentry->d_inode;
1555 struct socket * sock = SOCKET_I(inode);
1556 struct sock *sk = sock->sk;
1559 atomic_dec(&pkt_sk(sk)->mapped);
1562 static struct vm_operations_struct packet_mmap_ops = {
1563 .open = packet_mm_open,
1564 .close =packet_mm_close,
1567 static void free_pg_vec(unsigned long *pg_vec, unsigned order, unsigned len)
1571 for (i=0; i<len; i++) {
1573 struct page *page, *pend;
1575 pend = virt_to_page(pg_vec[i] + (PAGE_SIZE << order) - 1);
1576 for (page = virt_to_page(pg_vec[i]); page <= pend; page++)
1577 ClearPageReserved(page);
1578 free_pages(pg_vec[i], order);
1585 static int packet_set_ring(struct sock *sk, struct tpacket_req *req, int closing)
1587 unsigned long *pg_vec = NULL;
1588 struct packet_opt *po = pkt_sk(sk);
1589 int was_running, num, order = 0;
1592 if (req->tp_block_nr) {
1595 /* Sanity tests and some calculations */
1600 if ((int)req->tp_block_size <= 0)
1602 if (req->tp_block_size&(PAGE_SIZE-1))
1604 if (req->tp_frame_size < TPACKET_HDRLEN)
1606 if (req->tp_frame_size&(TPACKET_ALIGNMENT-1))
1609 po->frames_per_block = req->tp_block_size/req->tp_frame_size;
1610 if (po->frames_per_block <= 0)
1612 if (po->frames_per_block*req->tp_block_nr != req->tp_frame_nr)
1616 /* Allocate page vector */
1617 while ((PAGE_SIZE<<order) < req->tp_block_size)
1622 pg_vec = kmalloc(req->tp_block_nr*sizeof(unsigned long*), GFP_KERNEL);
1625 memset(pg_vec, 0, req->tp_block_nr*sizeof(unsigned long*));
1627 for (i=0; i<req->tp_block_nr; i++) {
1628 struct page *page, *pend;
1629 pg_vec[i] = __get_free_pages(GFP_KERNEL, order);
1631 goto out_free_pgvec;
1633 pend = virt_to_page(pg_vec[i] + (PAGE_SIZE << order) - 1);
1634 for (page = virt_to_page(pg_vec[i]); page <= pend; page++)
1635 SetPageReserved(page);
1637 /* Page vector is allocated */
1640 for (i=0; i<req->tp_block_nr; i++) {
1641 unsigned long ptr = pg_vec[i];
1642 struct tpacket_hdr *header;
1645 for (k=0; k<po->frames_per_block; k++) {
1647 header = (struct tpacket_hdr*)ptr;
1648 header->tp_status = TP_STATUS_KERNEL;
1649 ptr += req->tp_frame_size;
1654 if (req->tp_frame_nr)
1660 /* Detach socket from network */
1661 spin_lock(&po->bind_lock);
1662 was_running = po->running;
1665 __dev_remove_pack(&po->prot_hook);
1670 spin_unlock(&po->bind_lock);
1675 if (closing || atomic_read(&po->mapped) == 0) {
1677 #define XC(a, b) ({ __typeof__ ((a)) __t; __t = (a); (a) = (b); __t; })
1679 spin_lock_bh(&sk->sk_receive_queue.lock);
1680 pg_vec = XC(po->pg_vec, pg_vec);
1681 po->frame_max = req->tp_frame_nr-1;
1683 po->frame_size = req->tp_frame_size;
1684 spin_unlock_bh(&sk->sk_receive_queue.lock);
1686 order = XC(po->pg_vec_order, order);
1687 req->tp_block_nr = XC(po->pg_vec_len, req->tp_block_nr);
1689 po->pg_vec_pages = req->tp_block_size/PAGE_SIZE;
1690 po->prot_hook.func = po->pg_vec ? tpacket_rcv : packet_rcv;
1691 skb_queue_purge(&sk->sk_receive_queue);
1693 if (atomic_read(&po->mapped))
1694 printk(KERN_DEBUG "packet_mmap: vma is busy: %d\n", atomic_read(&po->mapped));
1697 spin_lock(&po->bind_lock);
1698 if (was_running && !po->running) {
1702 dev_add_pack(&po->prot_hook);
1704 spin_unlock(&po->bind_lock);
1710 free_pg_vec(pg_vec, order, req->tp_block_nr);
1715 static int packet_mmap(struct file *file, struct socket *sock, struct vm_area_struct *vma)
1717 struct sock *sk = sock->sk;
1718 struct packet_opt *po = pkt_sk(sk);
1720 unsigned long start;
1727 size = vma->vm_end - vma->vm_start;
1730 if (po->pg_vec == NULL)
1732 if (size != po->pg_vec_len*po->pg_vec_pages*PAGE_SIZE)
1735 atomic_inc(&po->mapped);
1736 start = vma->vm_start;
1738 for (i=0; i<po->pg_vec_len; i++) {
1739 if (remap_page_range(vma, start, __pa(po->pg_vec[i]),
1740 po->pg_vec_pages*PAGE_SIZE,
1743 start += po->pg_vec_pages*PAGE_SIZE;
1745 vma->vm_ops = &packet_mmap_ops;
1755 #ifdef CONFIG_SOCK_PACKET
1756 struct proto_ops packet_ops_spkt = {
1757 .family = PF_PACKET,
1758 .owner = THIS_MODULE,
1759 .release = packet_release,
1760 .bind = packet_bind_spkt,
1761 .connect = sock_no_connect,
1762 .socketpair = sock_no_socketpair,
1763 .accept = sock_no_accept,
1764 .getname = packet_getname_spkt,
1765 .poll = datagram_poll,
1766 .ioctl = packet_ioctl,
1767 .listen = sock_no_listen,
1768 .shutdown = sock_no_shutdown,
1769 .setsockopt = sock_no_setsockopt,
1770 .getsockopt = sock_no_getsockopt,
1771 .sendmsg = packet_sendmsg_spkt,
1772 .recvmsg = packet_recvmsg,
1773 .mmap = sock_no_mmap,
1774 .sendpage = sock_no_sendpage,
1778 struct proto_ops packet_ops = {
1779 .family = PF_PACKET,
1780 .owner = THIS_MODULE,
1781 .release = packet_release,
1782 .bind = packet_bind,
1783 .connect = sock_no_connect,
1784 .socketpair = sock_no_socketpair,
1785 .accept = sock_no_accept,
1786 .getname = packet_getname,
1787 .poll = packet_poll,
1788 .ioctl = packet_ioctl,
1789 .listen = sock_no_listen,
1790 .shutdown = sock_no_shutdown,
1791 .setsockopt = packet_setsockopt,
1792 .getsockopt = packet_getsockopt,
1793 .sendmsg = packet_sendmsg,
1794 .recvmsg = packet_recvmsg,
1795 .mmap = packet_mmap,
1796 .sendpage = sock_no_sendpage,
1798 EXPORT_SYMBOL(packet_ops);
1800 struct net_proto_family packet_family_ops = {
1801 .family = PF_PACKET,
1802 .create = packet_create,
1803 .owner = THIS_MODULE,
1805 EXPORT_SYMBOL(packet_family_ops);
1807 static struct notifier_block packet_netdev_notifier = {
1808 .notifier_call =packet_notifier,
1811 #ifdef CONFIG_PROC_FS
1812 static inline struct sock *packet_seq_idx(loff_t off)
1815 struct hlist_node *node;
1817 sk_for_each(s, node, &packet_sklist) {
1824 static void *packet_seq_start(struct seq_file *seq, loff_t *pos)
1826 read_lock(&packet_sklist_lock);
1827 return *pos ? packet_seq_idx(*pos - 1) : SEQ_START_TOKEN;
1830 static void *packet_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1833 return (v == SEQ_START_TOKEN)
1834 ? sk_head(&packet_sklist)
1835 : sk_next((struct sock*)v) ;
1838 static void packet_seq_stop(struct seq_file *seq, void *v)
1840 read_unlock(&packet_sklist_lock);
1843 static int packet_seq_show(struct seq_file *seq, void *v)
1845 if (v == SEQ_START_TOKEN)
1846 seq_puts(seq, "sk RefCnt Type Proto Iface R Rmem User Inode\n");
1849 const struct packet_opt *po = pkt_sk(s);
1852 "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n",
1854 atomic_read(&s->sk_refcnt),
1859 atomic_read(&s->sk_rmem_alloc),
1867 static struct seq_operations packet_seq_ops = {
1868 .start = packet_seq_start,
1869 .next = packet_seq_next,
1870 .stop = packet_seq_stop,
1871 .show = packet_seq_show,
1874 static int packet_seq_open(struct inode *inode, struct file *file)
1876 return seq_open(file, &packet_seq_ops);
1879 static struct file_operations packet_seq_fops = {
1880 .owner = THIS_MODULE,
1881 .open = packet_seq_open,
1883 .llseek = seq_lseek,
1884 .release = seq_release,
1889 static void __exit packet_exit(void)
1891 proc_net_remove("packet");
1892 unregister_netdevice_notifier(&packet_netdev_notifier);
1893 sock_unregister(PF_PACKET);
1897 static int __init packet_init(void)
1899 sock_register(&packet_family_ops);
1900 register_netdevice_notifier(&packet_netdev_notifier);
1901 proc_net_fops_create("packet", 0, &packet_seq_fops);
1906 module_init(packet_init);
1907 module_exit(packet_exit);
1908 MODULE_LICENSE("GPL");
1909 MODULE_ALIAS_NETPROTO(PF_PACKET);