2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
6 * PACKET - implements raw packet sockets.
8 * Version: $Id: af_packet.c,v 1.61 2002/02/08 03:57:19 davem Exp $
10 * Authors: Ross Biro, <bir7@leland.Stanford.Edu>
11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Alan Cox, <gw4pts@gw4pts.ampr.org>
15 * Alan Cox : verify_area() now used correctly
16 * Alan Cox : new skbuff lists, look ma no backlogs!
17 * Alan Cox : tidied skbuff lists.
18 * Alan Cox : Now uses generic datagram routines I
19 * added. Also fixed the peek/read crash
20 * from all old Linux datagram code.
21 * Alan Cox : Uses the improved datagram code.
22 * Alan Cox : Added NULL's for socket options.
23 * Alan Cox : Re-commented the code.
24 * Alan Cox : Use new kernel side addressing
25 * Rob Janssen : Correct MTU usage.
26 * Dave Platt : Counter leaks caused by incorrect
27 * interrupt locking and some slightly
28 * dubious gcc output. Can you read
29 * compiler: it said _VOLATILE_
30 * Richard Kooijman : Timestamp fixes.
31 * Alan Cox : New buffers. Use sk->mac.raw.
32 * Alan Cox : sendmsg/recvmsg support.
33 * Alan Cox : Protocol setting support
34 * Alexey Kuznetsov : Untied from IPv4 stack.
35 * Cyrus Durgin : Fixed kerneld for kmod.
36 * Michal Ostrowski : Module initialization cleanup.
37 * Ulises Alonso : Frame number limit removal and
38 * packet_set_ring memory leak.
40 * This program is free software; you can redistribute it and/or
41 * modify it under the terms of the GNU General Public License
42 * as published by the Free Software Foundation; either version
43 * 2 of the License, or (at your option) any later version.
47 #include <linux/config.h>
48 #include <linux/types.h>
49 #include <linux/sched.h>
51 #include <linux/fcntl.h>
52 #include <linux/socket.h>
54 #include <linux/inet.h>
55 #include <linux/netdevice.h>
56 #include <linux/if_packet.h>
57 #include <linux/wireless.h>
58 #include <linux/kmod.h>
60 #include <net/protocol.h>
61 #include <linux/skbuff.h>
63 #include <linux/errno.h>
64 #include <linux/timer.h>
65 #include <asm/system.h>
66 #include <asm/uaccess.h>
67 #include <asm/ioctls.h>
70 #include <linux/proc_fs.h>
71 #include <linux/seq_file.h>
72 #include <linux/poll.h>
73 #include <linux/module.h>
74 #include <linux/init.h>
77 #include <net/inet_common.h>
80 #define CONFIG_SOCK_PACKET 1
83 Proposed replacement for SIOC{ADD,DEL}MULTI and
84 IFF_PROMISC, IFF_ALLMULTI flags.
86 It is more expensive, but I believe,
87 it is really correct solution: reentereble, safe and fault tolerant.
89 IFF_PROMISC/IFF_ALLMULTI/SIOC{ADD/DEL}MULTI are faked by keeping
90 reference count and global flag, so that real status is
91 (gflag|(count != 0)), so that we can use obsolete faulty interface
92 not harming clever users.
94 #define CONFIG_PACKET_MULTICAST 1
98 - if device has no dev->hard_header routine, it adds and removes ll header
99 inside itself. In this case ll header is invisible outside of device,
100 but higher levels still should reserve dev->hard_header_len.
101 Some devices are enough clever to reallocate skb, when header
102 will not fit to reserved space (tunnel), another ones are silly
104 - packet socket receives packets with pulled ll header,
105 so that SOCK_RAW should push it back.
110 Incoming, dev->hard_header!=NULL
114 Outgoing, dev->hard_header!=NULL
118 Incoming, dev->hard_header==NULL
119 mac.raw -> UNKNOWN position. It is very likely, that it points to ll header.
120 PPP makes it, that is wrong, because introduce assymetry
121 between rx and tx paths.
124 Outgoing, dev->hard_header==NULL
125 mac.raw -> data. ll header is still not built!
129 If dev->hard_header==NULL we are unlikely to restore sensible ll header.
135 dev->hard_header != NULL
139 dev->hard_header == NULL (ll header is added by device, we cannot control it)
143 We should set nh.raw on output to correct posistion,
144 packet classifier depends on it.
147 /* List of all packet sockets. */
148 HLIST_HEAD(packet_sklist);
149 static rwlock_t packet_sklist_lock = RW_LOCK_UNLOCKED;
151 atomic_t packet_socks_nr;
154 /* Private packet socket structures. */
156 #ifdef CONFIG_PACKET_MULTICAST
159 struct packet_mclist *next;
164 unsigned char addr[8];
167 #ifdef CONFIG_PACKET_MMAP
168 static int packet_set_ring(struct sock *sk, struct tpacket_req *req, int closing);
171 static void packet_flush_mclist(struct sock *sk);
175 struct tpacket_stats stats;
176 #ifdef CONFIG_PACKET_MMAP
179 unsigned int frames_per_block;
180 unsigned int frame_size;
181 unsigned int frame_max;
184 struct packet_type prot_hook;
185 spinlock_t bind_lock;
186 char running; /* prot_hook is attached*/
187 int ifindex; /* bound device */
189 #ifdef CONFIG_PACKET_MULTICAST
190 struct packet_mclist *mclist;
192 #ifdef CONFIG_PACKET_MMAP
194 unsigned int pg_vec_order;
195 unsigned int pg_vec_pages;
196 unsigned int pg_vec_len;
200 #ifdef CONFIG_PACKET_MMAP
202 static inline char *packet_lookup_frame(struct packet_opt *po, unsigned int position)
204 unsigned int pg_vec_pos, frame_offset;
207 pg_vec_pos = position / po->frames_per_block;
208 frame_offset = position % po->frames_per_block;
210 frame = po->pg_vec[pg_vec_pos] + (frame_offset * po->frame_size);
216 #define pkt_sk(__sk) ((struct packet_opt *)(__sk)->sk_protinfo)
218 void packet_sock_destruct(struct sock *sk)
220 BUG_TRAP(!atomic_read(&sk->sk_rmem_alloc));
221 BUG_TRAP(!atomic_read(&sk->sk_wmem_alloc));
223 if (!sock_flag(sk, SOCK_DEAD)) {
224 printk("Attempt to release alive packet socket: %p\n", sk);
230 atomic_dec(&packet_socks_nr);
231 #ifdef PACKET_REFCNT_DEBUG
232 printk(KERN_DEBUG "PACKET socket %p is free, %d are alive\n", sk, atomic_read(&packet_socks_nr));
237 extern struct proto_ops packet_ops;
239 #ifdef CONFIG_SOCK_PACKET
240 extern struct proto_ops packet_ops_spkt;
242 static int packet_rcv_spkt(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt)
245 struct sockaddr_pkt *spkt;
248 * When we registered the protocol we saved the socket in the data
249 * field for just this event.
252 sk = pt->af_packet_priv;
255 * Yank back the headers [hope the device set this
256 * right or kerboom...]
258 * Incoming packets have ll header pulled,
261 * For outgoing ones skb->data == skb->mac.raw
262 * so that this procedure is noop.
265 if (skb->pkt_type == PACKET_LOOPBACK)
268 if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL)
271 /* drop any routing info */
272 dst_release(skb->dst);
275 spkt = (struct sockaddr_pkt*)skb->cb;
277 skb_push(skb, skb->data-skb->mac.raw);
280 * The SOCK_PACKET socket receives _all_ frames.
283 spkt->spkt_family = dev->type;
284 strlcpy(spkt->spkt_device, dev->name, sizeof(spkt->spkt_device));
285 spkt->spkt_protocol = skb->protocol;
288 * Charge the memory to the socket. This is done specifically
289 * to prevent sockets using all the memory up.
292 if (sock_queue_rcv_skb(sk,skb) == 0)
303 * Output a raw packet to a device layer. This bypasses all the other
304 * protocol layers and you must therefore supply it with a complete frame
307 static int packet_sendmsg_spkt(struct kiocb *iocb, struct socket *sock,
308 struct msghdr *msg, size_t len)
310 struct sock *sk = sock->sk;
311 struct sockaddr_pkt *saddr=(struct sockaddr_pkt *)msg->msg_name;
313 struct net_device *dev;
314 unsigned short proto=0;
318 * Get and verify the address.
323 if (msg->msg_namelen < sizeof(struct sockaddr))
325 if (msg->msg_namelen==sizeof(struct sockaddr_pkt))
326 proto=saddr->spkt_protocol;
329 return(-ENOTCONN); /* SOCK_PACKET must be sent giving an address */
332 * Find the device first to size check it
335 saddr->spkt_device[13] = 0;
336 dev = dev_get_by_name(saddr->spkt_device);
342 * You may not queue a frame bigger than the mtu. This is the lowest level
343 * raw protocol and you must do your own fragmentation at this level.
347 if(len>dev->mtu+dev->hard_header_len)
351 skb = sock_wmalloc(sk, len + LL_RESERVED_SPACE(dev), 0, GFP_KERNEL);
354 * If the write buffer is full, then tough. At this level the user gets to
355 * deal with the problem - do your own algorithmic backoffs. That's far
366 /* FIXME: Save some space for broken drivers that write a
367 * hard header at transmission time by themselves. PPP is the
368 * notable one here. This should really be fixed at the driver level.
370 skb_reserve(skb, LL_RESERVED_SPACE(dev));
371 skb->nh.raw = skb->data;
373 /* Try to align data part correctly */
374 if (dev->hard_header) {
375 skb->data -= dev->hard_header_len;
376 skb->tail -= dev->hard_header_len;
377 if (len < dev->hard_header_len)
378 skb->nh.raw = skb->data;
381 /* Returns -EFAULT on error */
382 err = memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len);
383 skb->protocol = proto;
385 skb->priority = sk->sk_priority;
390 if (!(dev->flags & IFF_UP))
410 static inline unsigned run_filter(struct sk_buff *skb, struct sock *sk, unsigned res)
412 struct sk_filter *filter;
415 filter = sk->sk_filter;
417 * Our caller already checked that filter != NULL but we need to
418 * verify that under bh_lock_sock() to be safe
420 if (likely(filter != NULL))
421 res = sk_run_filter(skb, filter->insns, filter->len);
428 This function makes lazy skb cloning in hope that most of packets
429 are discarded by BPF.
431 Note tricky part: we DO mangle shared skb! skb->data, skb->len
432 and skb->cb are mangled. It works because (and until) packets
433 falling here are owned by current CPU. Output packets are cloned
434 by dev_queue_xmit_nit(), input packets are processed by net_bh
435 sequencially, so that if we return skb to original state on exit,
436 we will not harm anyone.
439 static int packet_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt)
442 struct sockaddr_ll *sll;
443 struct packet_opt *po;
444 u8 * skb_head = skb->data;
445 int skb_len = skb->len;
448 if (skb->pkt_type == PACKET_LOOPBACK)
451 sk = pt->af_packet_priv;
456 if (dev->hard_header) {
457 /* The device has an explicit notion of ll header,
458 exported to higher levels.
460 Otherwise, the device hides datails of it frame
461 structure, so that corresponding packet head
462 never delivered to user.
464 if (sk->sk_type != SOCK_DGRAM)
465 skb_push(skb, skb->data - skb->mac.raw);
466 else if (skb->pkt_type == PACKET_OUTGOING) {
467 /* Special case: outgoing packets have ll header at head */
468 skb_pull(skb, skb->nh.raw - skb->data);
475 unsigned res = run_filter(skb, sk, snaplen);
482 if (atomic_read(&sk->sk_rmem_alloc) + skb->truesize >=
483 (unsigned)sk->sk_rcvbuf)
486 if (skb_shared(skb)) {
487 struct sk_buff *nskb = skb_clone(skb, GFP_ATOMIC);
491 if (skb_head != skb->data) {
492 skb->data = skb_head;
499 sll = (struct sockaddr_ll*)skb->cb;
500 sll->sll_family = AF_PACKET;
501 sll->sll_hatype = dev->type;
502 sll->sll_protocol = skb->protocol;
503 sll->sll_pkttype = skb->pkt_type;
504 sll->sll_ifindex = dev->ifindex;
507 if (dev->hard_header_parse)
508 sll->sll_halen = dev->hard_header_parse(skb, sll->sll_addr);
510 if (pskb_trim(skb, snaplen))
513 skb_set_owner_r(skb, sk);
515 dst_release(skb->dst);
518 spin_lock(&sk->sk_receive_queue.lock);
519 po->stats.tp_packets++;
520 __skb_queue_tail(&sk->sk_receive_queue, skb);
521 spin_unlock(&sk->sk_receive_queue.lock);
522 sk->sk_data_ready(sk, skb->len);
526 spin_lock(&sk->sk_receive_queue.lock);
527 po->stats.tp_drops++;
528 spin_unlock(&sk->sk_receive_queue.lock);
531 if (skb_head != skb->data && skb_shared(skb)) {
532 skb->data = skb_head;
540 #ifdef CONFIG_PACKET_MMAP
541 static int tpacket_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt)
544 struct packet_opt *po;
545 struct sockaddr_ll *sll;
546 struct tpacket_hdr *h;
547 u8 * skb_head = skb->data;
548 int skb_len = skb->len;
550 unsigned long status = TP_STATUS_LOSING|TP_STATUS_USER;
551 unsigned short macoff, netoff;
552 struct sk_buff *copy_skb = NULL;
554 if (skb->pkt_type == PACKET_LOOPBACK)
557 sk = pt->af_packet_priv;
560 if (dev->hard_header) {
561 if (sk->sk_type != SOCK_DGRAM)
562 skb_push(skb, skb->data - skb->mac.raw);
563 else if (skb->pkt_type == PACKET_OUTGOING) {
564 /* Special case: outgoing packets have ll header at head */
565 skb_pull(skb, skb->nh.raw - skb->data);
566 if (skb->ip_summed == CHECKSUM_HW)
567 status |= TP_STATUS_CSUMNOTREADY;
574 unsigned res = run_filter(skb, sk, snaplen);
581 if (sk->sk_type == SOCK_DGRAM) {
582 macoff = netoff = TPACKET_ALIGN(TPACKET_HDRLEN) + 16;
584 unsigned maclen = skb->nh.raw - skb->data;
585 netoff = TPACKET_ALIGN(TPACKET_HDRLEN + (maclen < 16 ? 16 : maclen));
586 macoff = netoff - maclen;
589 if (macoff + snaplen > po->frame_size) {
590 if (po->copy_thresh &&
591 atomic_read(&sk->sk_rmem_alloc) + skb->truesize <
592 (unsigned)sk->sk_rcvbuf) {
593 if (skb_shared(skb)) {
594 copy_skb = skb_clone(skb, GFP_ATOMIC);
596 copy_skb = skb_get(skb);
597 skb_head = skb->data;
600 skb_set_owner_r(copy_skb, sk);
602 snaplen = po->frame_size - macoff;
603 if ((int)snaplen < 0)
606 if (snaplen > skb->len-skb->data_len)
607 snaplen = skb->len-skb->data_len;
609 spin_lock(&sk->sk_receive_queue.lock);
610 h = (struct tpacket_hdr *)packet_lookup_frame(po, po->head);
614 po->head = po->head != po->frame_max ? po->head+1 : 0;
615 po->stats.tp_packets++;
617 status |= TP_STATUS_COPY;
618 __skb_queue_tail(&sk->sk_receive_queue, copy_skb);
620 if (!po->stats.tp_drops)
621 status &= ~TP_STATUS_LOSING;
622 spin_unlock(&sk->sk_receive_queue.lock);
624 memcpy((u8*)h + macoff, skb->data, snaplen);
626 h->tp_len = skb->len;
627 h->tp_snaplen = snaplen;
630 if (skb->stamp.tv_sec == 0) {
631 do_gettimeofday(&skb->stamp);
632 sock_enable_timestamp(sk);
634 h->tp_sec = skb->stamp.tv_sec;
635 h->tp_usec = skb->stamp.tv_usec;
637 sll = (struct sockaddr_ll*)((u8*)h + TPACKET_ALIGN(sizeof(*h)));
639 if (dev->hard_header_parse)
640 sll->sll_halen = dev->hard_header_parse(skb, sll->sll_addr);
641 sll->sll_family = AF_PACKET;
642 sll->sll_hatype = dev->type;
643 sll->sll_protocol = skb->protocol;
644 sll->sll_pkttype = skb->pkt_type;
645 sll->sll_ifindex = dev->ifindex;
647 h->tp_status = status;
651 struct page *p_start, *p_end;
652 u8 *h_end = (u8 *)h + macoff + snaplen - 1;
654 p_start = virt_to_page(h);
655 p_end = virt_to_page(h_end);
656 while (p_start <= p_end) {
657 flush_dcache_page(p_start);
662 sk->sk_data_ready(sk, 0);
665 if (skb_head != skb->data && skb_shared(skb)) {
666 skb->data = skb_head;
674 po->stats.tp_drops++;
675 spin_unlock(&sk->sk_receive_queue.lock);
677 sk->sk_data_ready(sk, 0);
686 static int packet_sendmsg(struct kiocb *iocb, struct socket *sock,
687 struct msghdr *msg, size_t len)
689 struct sock *sk = sock->sk;
690 struct sockaddr_ll *saddr=(struct sockaddr_ll *)msg->msg_name;
692 struct net_device *dev;
693 unsigned short proto;
695 int ifindex, err, reserve = 0;
698 * Get and verify the address.
702 struct packet_opt *po = pkt_sk(sk);
704 ifindex = po->ifindex;
709 if (msg->msg_namelen < sizeof(struct sockaddr_ll))
711 ifindex = saddr->sll_ifindex;
712 proto = saddr->sll_protocol;
713 addr = saddr->sll_addr;
717 dev = dev_get_by_index(ifindex);
721 if (sock->type == SOCK_RAW)
722 reserve = dev->hard_header_len;
725 if (len > dev->mtu+reserve)
728 skb = sock_alloc_send_skb(sk, len + LL_RESERVED_SPACE(dev),
729 msg->msg_flags & MSG_DONTWAIT, &err);
733 skb_reserve(skb, LL_RESERVED_SPACE(dev));
734 skb->nh.raw = skb->data;
736 if (dev->hard_header) {
739 res = dev->hard_header(skb, dev, ntohs(proto), addr, NULL, len);
740 if (sock->type != SOCK_DGRAM) {
741 skb->tail = skb->data;
747 /* Returns -EFAULT on error */
748 err = memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len);
752 skb->protocol = proto;
754 skb->priority = sk->sk_priority;
757 if (!(dev->flags & IFF_UP))
764 err = dev_queue_xmit(skb);
765 if (err > 0 && (err = net_xmit_errno(err)) != 0)
782 * Close a PACKET socket. This is fairly simple. We immediately go
783 * to 'closed' state and remove our protocol entry in the device list.
786 static int packet_release(struct socket *sock)
788 struct sock *sk = sock->sk;
789 struct packet_opt *po;
796 write_lock_bh(&packet_sklist_lock);
797 sk_del_node_init(sk);
798 write_unlock_bh(&packet_sklist_lock);
801 * Unhook packet receive handler.
806 * Remove the protocol hook
808 dev_remove_pack(&po->prot_hook);
814 #ifdef CONFIG_PACKET_MULTICAST
815 packet_flush_mclist(sk);
818 #ifdef CONFIG_PACKET_MMAP
820 struct tpacket_req req;
821 memset(&req, 0, sizeof(req));
822 packet_set_ring(sk, &req, 1);
827 * Now the socket is dead. No more input will appear.
835 skb_queue_purge(&sk->sk_receive_queue);
842 * Attach a packet hook.
845 static int packet_do_bind(struct sock *sk, struct net_device *dev, int protocol)
847 struct packet_opt *po = pkt_sk(sk);
849 * Detach an existing hook if present.
854 spin_lock(&po->bind_lock);
859 spin_unlock(&po->bind_lock);
860 dev_remove_pack(&po->prot_hook);
861 spin_lock(&po->bind_lock);
865 po->prot_hook.type = protocol;
866 po->prot_hook.dev = dev;
868 po->ifindex = dev ? dev->ifindex : 0;
874 if (dev->flags&IFF_UP) {
875 dev_add_pack(&po->prot_hook);
879 sk->sk_err = ENETDOWN;
880 if (!sock_flag(sk, SOCK_DEAD))
881 sk->sk_error_report(sk);
884 dev_add_pack(&po->prot_hook);
890 spin_unlock(&po->bind_lock);
896 * Bind a packet socket to a device
899 #ifdef CONFIG_SOCK_PACKET
901 static int packet_bind_spkt(struct socket *sock, struct sockaddr *uaddr, int addr_len)
903 struct sock *sk=sock->sk;
905 struct net_device *dev;
912 if(addr_len!=sizeof(struct sockaddr))
914 strlcpy(name,uaddr->sa_data,sizeof(name));
916 dev = dev_get_by_name(name);
918 err = packet_do_bind(sk, dev, pkt_sk(sk)->num);
925 static int packet_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
927 struct sockaddr_ll *sll = (struct sockaddr_ll*)uaddr;
928 struct sock *sk=sock->sk;
929 struct net_device *dev = NULL;
937 if (addr_len < sizeof(struct sockaddr_ll))
939 if (sll->sll_family != AF_PACKET)
942 if (sll->sll_ifindex) {
944 dev = dev_get_by_index(sll->sll_ifindex);
948 err = packet_do_bind(sk, dev, sll->sll_protocol ? : pkt_sk(sk)->num);
958 * Create a packet of type SOCK_PACKET.
961 static int packet_create(struct socket *sock, int protocol)
964 struct packet_opt *po;
967 if (!capable(CAP_NET_RAW))
969 if (sock->type != SOCK_DGRAM && sock->type != SOCK_RAW
970 #ifdef CONFIG_SOCK_PACKET
971 && sock->type != SOCK_PACKET
974 return -ESOCKTNOSUPPORT;
976 sock->state = SS_UNCONNECTED;
979 sk = sk_alloc(PF_PACKET, GFP_KERNEL, 1, NULL);
983 sock->ops = &packet_ops;
984 #ifdef CONFIG_SOCK_PACKET
985 if (sock->type == SOCK_PACKET)
986 sock->ops = &packet_ops_spkt;
988 sock_init_data(sock,sk);
989 sk_set_owner(sk, THIS_MODULE);
991 po = sk->sk_protinfo = kmalloc(sizeof(*po), GFP_KERNEL);
994 memset(po, 0, sizeof(*po));
995 sk->sk_family = PF_PACKET;
998 sk->sk_destruct = packet_sock_destruct;
999 atomic_inc(&packet_socks_nr);
1002 * Attach a protocol block
1005 spin_lock_init(&po->bind_lock);
1006 po->prot_hook.func = packet_rcv;
1007 #ifdef CONFIG_SOCK_PACKET
1008 if (sock->type == SOCK_PACKET)
1009 po->prot_hook.func = packet_rcv_spkt;
1011 po->prot_hook.af_packet_priv = sk;
1014 po->prot_hook.type = protocol;
1015 dev_add_pack(&po->prot_hook);
1020 write_lock_bh(&packet_sklist_lock);
1021 sk_add_node(sk, &packet_sklist);
1022 write_unlock_bh(&packet_sklist_lock);
1032 * Pull a packet from our receive queue and hand it to the user.
1033 * If necessary we block.
1036 static int packet_recvmsg(struct kiocb *iocb, struct socket *sock,
1037 struct msghdr *msg, size_t len, int flags)
1039 struct sock *sk = sock->sk;
1040 struct sk_buff *skb;
1044 if (flags & ~(MSG_PEEK|MSG_DONTWAIT|MSG_TRUNC|MSG_CMSG_COMPAT))
1048 /* What error should we return now? EUNATTACH? */
1049 if (pkt_sk(sk)->ifindex < 0)
1054 * If the address length field is there to be filled in, we fill
1058 if (sock->type == SOCK_PACKET)
1059 msg->msg_namelen = sizeof(struct sockaddr_pkt);
1061 msg->msg_namelen = sizeof(struct sockaddr_ll);
1064 * Call the generic datagram receiver. This handles all sorts
1065 * of horrible races and re-entrancy so we can forget about it
1066 * in the protocol layers.
1068 * Now it will return ENETDOWN, if device have just gone down,
1069 * but then it will block.
1072 skb=skb_recv_datagram(sk,flags,flags&MSG_DONTWAIT,&err);
1075 * An error occurred so return it. Because skb_recv_datagram()
1076 * handles the blocking we don't see and worry about blocking
1084 * You lose any data beyond the buffer you gave. If it worries a
1085 * user program they can ask the device for its MTU anyway.
1092 msg->msg_flags|=MSG_TRUNC;
1095 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
1099 sock_recv_timestamp(msg, sk, skb);
1102 memcpy(msg->msg_name, skb->cb, msg->msg_namelen);
1105 * Free or return the buffer as appropriate. Again this
1106 * hides all the races and re-entrancy issues from us.
1108 err = (flags&MSG_TRUNC) ? skb->len : copied;
1111 skb_free_datagram(sk, skb);
1116 #ifdef CONFIG_SOCK_PACKET
1117 static int packet_getname_spkt(struct socket *sock, struct sockaddr *uaddr,
1118 int *uaddr_len, int peer)
1120 struct net_device *dev;
1121 struct sock *sk = sock->sk;
1126 uaddr->sa_family = AF_PACKET;
1127 dev = dev_get_by_index(pkt_sk(sk)->ifindex);
1129 strlcpy(uaddr->sa_data, dev->name, 15);
1132 memset(uaddr->sa_data, 0, 14);
1133 *uaddr_len = sizeof(*uaddr);
1139 static int packet_getname(struct socket *sock, struct sockaddr *uaddr,
1140 int *uaddr_len, int peer)
1142 struct net_device *dev;
1143 struct sock *sk = sock->sk;
1144 struct packet_opt *po = pkt_sk(sk);
1145 struct sockaddr_ll *sll = (struct sockaddr_ll*)uaddr;
1150 sll->sll_family = AF_PACKET;
1151 sll->sll_ifindex = po->ifindex;
1152 sll->sll_protocol = po->num;
1153 dev = dev_get_by_index(po->ifindex);
1155 sll->sll_hatype = dev->type;
1156 sll->sll_halen = dev->addr_len;
1157 memcpy(sll->sll_addr, dev->dev_addr, dev->addr_len);
1160 sll->sll_hatype = 0; /* Bad: we have no ARPHRD_UNSPEC */
1163 *uaddr_len = sizeof(*sll);
1168 #ifdef CONFIG_PACKET_MULTICAST
1169 static void packet_dev_mc(struct net_device *dev, struct packet_mclist *i, int what)
1172 case PACKET_MR_MULTICAST:
1174 dev_mc_add(dev, i->addr, i->alen, 0);
1176 dev_mc_delete(dev, i->addr, i->alen, 0);
1178 case PACKET_MR_PROMISC:
1179 dev_set_promiscuity(dev, what);
1181 case PACKET_MR_ALLMULTI:
1182 dev_set_allmulti(dev, what);
1188 static void packet_dev_mclist(struct net_device *dev, struct packet_mclist *i, int what)
1190 for ( ; i; i=i->next) {
1191 if (i->ifindex == dev->ifindex)
1192 packet_dev_mc(dev, i, what);
1196 static int packet_mc_add(struct sock *sk, struct packet_mreq *mreq)
1198 struct packet_opt *po = pkt_sk(sk);
1199 struct packet_mclist *ml, *i;
1200 struct net_device *dev;
1206 dev = __dev_get_by_index(mreq->mr_ifindex);
1211 if (mreq->mr_alen > dev->addr_len)
1215 i = (struct packet_mclist *)kmalloc(sizeof(*i), GFP_KERNEL);
1220 for (ml = po->mclist; ml; ml = ml->next) {
1221 if (ml->ifindex == mreq->mr_ifindex &&
1222 ml->type == mreq->mr_type &&
1223 ml->alen == mreq->mr_alen &&
1224 memcmp(ml->addr, mreq->mr_address, ml->alen) == 0) {
1226 /* Free the new element ... */
1232 i->type = mreq->mr_type;
1233 i->ifindex = mreq->mr_ifindex;
1234 i->alen = mreq->mr_alen;
1235 memcpy(i->addr, mreq->mr_address, i->alen);
1237 i->next = po->mclist;
1239 packet_dev_mc(dev, i, +1);
1246 static int packet_mc_drop(struct sock *sk, struct packet_mreq *mreq)
1248 struct packet_mclist *ml, **mlp;
1252 for (mlp = &pkt_sk(sk)->mclist; (ml = *mlp) != NULL; mlp = &ml->next) {
1253 if (ml->ifindex == mreq->mr_ifindex &&
1254 ml->type == mreq->mr_type &&
1255 ml->alen == mreq->mr_alen &&
1256 memcmp(ml->addr, mreq->mr_address, ml->alen) == 0) {
1257 if (--ml->count == 0) {
1258 struct net_device *dev;
1260 dev = dev_get_by_index(ml->ifindex);
1262 packet_dev_mc(dev, ml, -1);
1272 return -EADDRNOTAVAIL;
1275 static void packet_flush_mclist(struct sock *sk)
1277 struct packet_opt *po = pkt_sk(sk);
1278 struct packet_mclist *ml;
1284 while ((ml = po->mclist) != NULL) {
1285 struct net_device *dev;
1287 po->mclist = ml->next;
1288 if ((dev = dev_get_by_index(ml->ifindex)) != NULL) {
1289 packet_dev_mc(dev, ml, -1);
1299 packet_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int optlen)
1301 struct sock *sk = sock->sk;
1304 if (level != SOL_PACKET)
1305 return -ENOPROTOOPT;
1308 #ifdef CONFIG_PACKET_MULTICAST
1309 case PACKET_ADD_MEMBERSHIP:
1310 case PACKET_DROP_MEMBERSHIP:
1312 struct packet_mreq mreq;
1313 if (optlen<sizeof(mreq))
1315 if (copy_from_user(&mreq,optval,sizeof(mreq)))
1317 if (optname == PACKET_ADD_MEMBERSHIP)
1318 ret = packet_mc_add(sk, &mreq);
1320 ret = packet_mc_drop(sk, &mreq);
1324 #ifdef CONFIG_PACKET_MMAP
1325 case PACKET_RX_RING:
1327 struct tpacket_req req;
1329 if (optlen<sizeof(req))
1331 if (copy_from_user(&req,optval,sizeof(req)))
1333 return packet_set_ring(sk, &req, 0);
1335 case PACKET_COPY_THRESH:
1339 if (optlen!=sizeof(val))
1341 if (copy_from_user(&val,optval,sizeof(val)))
1344 pkt_sk(sk)->copy_thresh = val;
1349 return -ENOPROTOOPT;
1353 int packet_getsockopt(struct socket *sock, int level, int optname,
1354 char __user *optval, int __user *optlen)
1357 struct sock *sk = sock->sk;
1358 struct packet_opt *po = pkt_sk(sk);
1360 if (level != SOL_PACKET)
1361 return -ENOPROTOOPT;
1363 if (get_user(len,optlen))
1370 case PACKET_STATISTICS:
1372 struct tpacket_stats st;
1374 if (len > sizeof(struct tpacket_stats))
1375 len = sizeof(struct tpacket_stats);
1376 spin_lock_bh(&sk->sk_receive_queue.lock);
1378 memset(&po->stats, 0, sizeof(st));
1379 spin_unlock_bh(&sk->sk_receive_queue.lock);
1380 st.tp_packets += st.tp_drops;
1382 if (copy_to_user(optval, &st, len))
1387 return -ENOPROTOOPT;
1390 if (put_user(len, optlen))
1396 static int packet_notifier(struct notifier_block *this, unsigned long msg, void *data)
1399 struct hlist_node *node;
1400 struct net_device *dev = (struct net_device*)data;
1402 read_lock(&packet_sklist_lock);
1403 sk_for_each(sk, node, &packet_sklist) {
1404 struct packet_opt *po = pkt_sk(sk);
1407 case NETDEV_UNREGISTER:
1408 #ifdef CONFIG_PACKET_MULTICAST
1410 packet_dev_mclist(dev, po->mclist, -1);
1414 if (dev->ifindex == po->ifindex) {
1415 spin_lock(&po->bind_lock);
1417 __dev_remove_pack(&po->prot_hook);
1420 sk->sk_err = ENETDOWN;
1421 if (!sock_flag(sk, SOCK_DEAD))
1422 sk->sk_error_report(sk);
1424 if (msg == NETDEV_UNREGISTER) {
1426 po->prot_hook.dev = NULL;
1428 spin_unlock(&po->bind_lock);
1432 spin_lock(&po->bind_lock);
1433 if (dev->ifindex == po->ifindex && po->num &&
1435 dev_add_pack(&po->prot_hook);
1439 spin_unlock(&po->bind_lock);
1443 read_unlock(&packet_sklist_lock);
1448 static int packet_ioctl(struct socket *sock, unsigned int cmd,
1451 struct sock *sk = sock->sk;
1456 int amount = atomic_read(&sk->sk_wmem_alloc);
1457 return put_user(amount, (int __user *)arg);
1461 struct sk_buff *skb;
1464 spin_lock_bh(&sk->sk_receive_queue.lock);
1465 skb = skb_peek(&sk->sk_receive_queue);
1468 spin_unlock_bh(&sk->sk_receive_queue.lock);
1469 return put_user(amount, (int __user *)arg);
1472 return sock_get_timestamp(sk, (struct timeval __user *)arg);
1482 case SIOCGIFBRDADDR:
1483 case SIOCSIFBRDADDR:
1484 case SIOCGIFNETMASK:
1485 case SIOCSIFNETMASK:
1486 case SIOCGIFDSTADDR:
1487 case SIOCSIFDSTADDR:
1489 return inet_dgram_ops.ioctl(sock, cmd, arg);
1493 return dev_ioctl(cmd, (void __user *)arg);
1498 #ifndef CONFIG_PACKET_MMAP
1499 #define packet_mmap sock_no_mmap
1500 #define packet_poll datagram_poll
1503 unsigned int packet_poll(struct file * file, struct socket *sock, poll_table *wait)
1505 struct sock *sk = sock->sk;
1506 struct packet_opt *po = pkt_sk(sk);
1507 unsigned int mask = datagram_poll(file, sock, wait);
1509 spin_lock_bh(&sk->sk_receive_queue.lock);
1511 unsigned last = po->head ? po->head-1 : po->frame_max;
1512 struct tpacket_hdr *h;
1514 h = (struct tpacket_hdr *)packet_lookup_frame(po, last);
1517 mask |= POLLIN | POLLRDNORM;
1519 spin_unlock_bh(&sk->sk_receive_queue.lock);
1524 /* Dirty? Well, I still did not learn better way to account
1528 static void packet_mm_open(struct vm_area_struct *vma)
1530 struct file *file = vma->vm_file;
1531 struct inode *inode = file->f_dentry->d_inode;
1532 struct socket * sock = SOCKET_I(inode);
1533 struct sock *sk = sock->sk;
1536 atomic_inc(&pkt_sk(sk)->mapped);
1539 static void packet_mm_close(struct vm_area_struct *vma)
1541 struct file *file = vma->vm_file;
1542 struct inode *inode = file->f_dentry->d_inode;
1543 struct socket * sock = SOCKET_I(inode);
1544 struct sock *sk = sock->sk;
1547 atomic_dec(&pkt_sk(sk)->mapped);
1550 static struct vm_operations_struct packet_mmap_ops = {
1551 .open = packet_mm_open,
1552 .close =packet_mm_close,
1555 static inline struct page *pg_vec_endpage(char *one_pg_vec, unsigned int order)
1557 return virt_to_page(one_pg_vec + (PAGE_SIZE << order) - 1);
1560 static void free_pg_vec(char **pg_vec, unsigned order, unsigned len)
1564 for (i=0; i<len; i++) {
1566 struct page *page, *pend;
1568 pend = pg_vec_endpage(pg_vec[i], order);
1569 for (page = virt_to_page(pg_vec[i]); page <= pend; page++)
1570 ClearPageReserved(page);
1571 free_pages((unsigned long)pg_vec[i], order);
1578 static int packet_set_ring(struct sock *sk, struct tpacket_req *req, int closing)
1580 char **pg_vec = NULL;
1581 struct packet_opt *po = pkt_sk(sk);
1582 int was_running, num, order = 0;
1585 if (req->tp_block_nr) {
1588 /* Sanity tests and some calculations */
1593 if ((int)req->tp_block_size <= 0)
1595 if (req->tp_block_size&(PAGE_SIZE-1))
1597 if (req->tp_frame_size < TPACKET_HDRLEN)
1599 if (req->tp_frame_size&(TPACKET_ALIGNMENT-1))
1602 po->frames_per_block = req->tp_block_size/req->tp_frame_size;
1603 if (po->frames_per_block <= 0)
1605 if (po->frames_per_block*req->tp_block_nr != req->tp_frame_nr)
1609 /* Allocate page vector */
1610 while ((PAGE_SIZE<<order) < req->tp_block_size)
1615 pg_vec = kmalloc(req->tp_block_nr*sizeof(char *), GFP_KERNEL);
1618 memset(pg_vec, 0, req->tp_block_nr*sizeof(char **));
1620 for (i=0; i<req->tp_block_nr; i++) {
1621 struct page *page, *pend;
1622 pg_vec[i] = (char *)__get_free_pages(GFP_KERNEL, order);
1624 goto out_free_pgvec;
1626 pend = pg_vec_endpage(pg_vec[i], order);
1627 for (page = virt_to_page(pg_vec[i]); page <= pend; page++)
1628 SetPageReserved(page);
1630 /* Page vector is allocated */
1633 for (i=0; i<req->tp_block_nr; i++) {
1634 char *ptr = pg_vec[i];
1635 struct tpacket_hdr *header;
1638 for (k=0; k<po->frames_per_block; k++) {
1640 header = (struct tpacket_hdr*)ptr;
1641 header->tp_status = TP_STATUS_KERNEL;
1642 ptr += req->tp_frame_size;
1647 if (req->tp_frame_nr)
1653 /* Detach socket from network */
1654 spin_lock(&po->bind_lock);
1655 was_running = po->running;
1658 __dev_remove_pack(&po->prot_hook);
1663 spin_unlock(&po->bind_lock);
1668 if (closing || atomic_read(&po->mapped) == 0) {
1670 #define XC(a, b) ({ __typeof__ ((a)) __t; __t = (a); (a) = (b); __t; })
1672 spin_lock_bh(&sk->sk_receive_queue.lock);
1673 pg_vec = XC(po->pg_vec, pg_vec);
1674 po->frame_max = req->tp_frame_nr-1;
1676 po->frame_size = req->tp_frame_size;
1677 spin_unlock_bh(&sk->sk_receive_queue.lock);
1679 order = XC(po->pg_vec_order, order);
1680 req->tp_block_nr = XC(po->pg_vec_len, req->tp_block_nr);
1682 po->pg_vec_pages = req->tp_block_size/PAGE_SIZE;
1683 po->prot_hook.func = po->pg_vec ? tpacket_rcv : packet_rcv;
1684 skb_queue_purge(&sk->sk_receive_queue);
1686 if (atomic_read(&po->mapped))
1687 printk(KERN_DEBUG "packet_mmap: vma is busy: %d\n", atomic_read(&po->mapped));
1690 spin_lock(&po->bind_lock);
1691 if (was_running && !po->running) {
1695 dev_add_pack(&po->prot_hook);
1697 spin_unlock(&po->bind_lock);
1703 free_pg_vec(pg_vec, order, req->tp_block_nr);
1708 static int packet_mmap(struct file *file, struct socket *sock, struct vm_area_struct *vma)
1710 struct sock *sk = sock->sk;
1711 struct packet_opt *po = pkt_sk(sk);
1713 unsigned long start;
1720 size = vma->vm_end - vma->vm_start;
1723 if (po->pg_vec == NULL)
1725 if (size != po->pg_vec_len*po->pg_vec_pages*PAGE_SIZE)
1728 atomic_inc(&po->mapped);
1729 start = vma->vm_start;
1731 for (i=0; i<po->pg_vec_len; i++) {
1732 if (remap_page_range(vma, start, __pa(po->pg_vec[i]),
1733 po->pg_vec_pages*PAGE_SIZE,
1736 start += po->pg_vec_pages*PAGE_SIZE;
1738 vma->vm_ops = &packet_mmap_ops;
1748 #ifdef CONFIG_SOCK_PACKET
1749 struct proto_ops packet_ops_spkt = {
1750 .family = PF_PACKET,
1751 .owner = THIS_MODULE,
1752 .release = packet_release,
1753 .bind = packet_bind_spkt,
1754 .connect = sock_no_connect,
1755 .socketpair = sock_no_socketpair,
1756 .accept = sock_no_accept,
1757 .getname = packet_getname_spkt,
1758 .poll = datagram_poll,
1759 .ioctl = packet_ioctl,
1760 .listen = sock_no_listen,
1761 .shutdown = sock_no_shutdown,
1762 .setsockopt = sock_no_setsockopt,
1763 .getsockopt = sock_no_getsockopt,
1764 .sendmsg = packet_sendmsg_spkt,
1765 .recvmsg = packet_recvmsg,
1766 .mmap = sock_no_mmap,
1767 .sendpage = sock_no_sendpage,
1771 struct proto_ops packet_ops = {
1772 .family = PF_PACKET,
1773 .owner = THIS_MODULE,
1774 .release = packet_release,
1775 .bind = packet_bind,
1776 .connect = sock_no_connect,
1777 .socketpair = sock_no_socketpair,
1778 .accept = sock_no_accept,
1779 .getname = packet_getname,
1780 .poll = packet_poll,
1781 .ioctl = packet_ioctl,
1782 .listen = sock_no_listen,
1783 .shutdown = sock_no_shutdown,
1784 .setsockopt = packet_setsockopt,
1785 .getsockopt = packet_getsockopt,
1786 .sendmsg = packet_sendmsg,
1787 .recvmsg = packet_recvmsg,
1788 .mmap = packet_mmap,
1789 .sendpage = sock_no_sendpage,
1792 static struct net_proto_family packet_family_ops = {
1793 .family = PF_PACKET,
1794 .create = packet_create,
1795 .owner = THIS_MODULE,
1798 static struct notifier_block packet_netdev_notifier = {
1799 .notifier_call =packet_notifier,
1802 #ifdef CONFIG_PROC_FS
1803 static inline struct sock *packet_seq_idx(loff_t off)
1806 struct hlist_node *node;
1808 sk_for_each(s, node, &packet_sklist) {
1815 static void *packet_seq_start(struct seq_file *seq, loff_t *pos)
1817 read_lock(&packet_sklist_lock);
1818 return *pos ? packet_seq_idx(*pos - 1) : SEQ_START_TOKEN;
1821 static void *packet_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1824 return (v == SEQ_START_TOKEN)
1825 ? sk_head(&packet_sklist)
1826 : sk_next((struct sock*)v) ;
1829 static void packet_seq_stop(struct seq_file *seq, void *v)
1831 read_unlock(&packet_sklist_lock);
1834 static int packet_seq_show(struct seq_file *seq, void *v)
1836 if (v == SEQ_START_TOKEN)
1837 seq_puts(seq, "sk RefCnt Type Proto Iface R Rmem User Inode\n");
1840 const struct packet_opt *po = pkt_sk(s);
1843 "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n",
1845 atomic_read(&s->sk_refcnt),
1850 atomic_read(&s->sk_rmem_alloc),
1858 static struct seq_operations packet_seq_ops = {
1859 .start = packet_seq_start,
1860 .next = packet_seq_next,
1861 .stop = packet_seq_stop,
1862 .show = packet_seq_show,
1865 static int packet_seq_open(struct inode *inode, struct file *file)
1867 return seq_open(file, &packet_seq_ops);
1870 static struct file_operations packet_seq_fops = {
1871 .owner = THIS_MODULE,
1872 .open = packet_seq_open,
1874 .llseek = seq_lseek,
1875 .release = seq_release,
1880 static void __exit packet_exit(void)
1882 proc_net_remove("packet");
1883 unregister_netdevice_notifier(&packet_netdev_notifier);
1884 sock_unregister(PF_PACKET);
1888 static int __init packet_init(void)
1890 sock_register(&packet_family_ops);
1891 register_netdevice_notifier(&packet_netdev_notifier);
1892 proc_net_fops_create("packet", 0, &packet_seq_fops);
1897 module_init(packet_init);
1898 module_exit(packet_exit);
1899 MODULE_LICENSE("GPL");
1900 MODULE_ALIAS_NETPROTO(PF_PACKET);