2 * inet_diag.c Module for monitoring INET transport protocols sockets.
4 * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
12 #include <linux/kernel.h>
13 #include <linux/module.h>
14 #include <linux/types.h>
15 #include <linux/fcntl.h>
16 #include <linux/random.h>
17 #include <linux/slab.h>
18 #include <linux/cache.h>
19 #include <linux/init.h>
20 #include <linux/time.h>
25 #include <net/inet_common.h>
26 #include <net/inet_connection_sock.h>
27 #include <net/inet_hashtables.h>
28 #include <net/inet_timewait_sock.h>
29 #include <net/inet6_hashtables.h>
30 #include <net/netlink.h>
32 #include <linux/inet.h>
33 #include <linux/stddef.h>
35 #include <linux/inet_diag.h>
36 #include <linux/sock_diag.h>
38 static const struct inet_diag_handler **inet_diag_table;
40 struct inet_diag_entry {
51 static DEFINE_MUTEX(inet_diag_table_mutex);
53 static const struct inet_diag_handler *inet_diag_lock_handler(int proto)
55 if (!inet_diag_table[proto])
56 request_module("net-pf-%d-proto-%d-type-%d-%d", PF_NETLINK,
57 NETLINK_SOCK_DIAG, AF_INET, proto);
59 mutex_lock(&inet_diag_table_mutex);
60 if (!inet_diag_table[proto])
61 return ERR_PTR(-ENOENT);
63 return inet_diag_table[proto];
66 static void inet_diag_unlock_handler(const struct inet_diag_handler *handler)
68 mutex_unlock(&inet_diag_table_mutex);
71 static void inet_diag_msg_common_fill(struct inet_diag_msg *r, struct sock *sk)
73 r->idiag_family = sk->sk_family;
75 r->id.idiag_sport = htons(sk->sk_num);
76 r->id.idiag_dport = sk->sk_dport;
77 r->id.idiag_if = sk->sk_bound_dev_if;
78 sock_diag_save_cookie(sk, r->id.idiag_cookie);
80 #if IS_ENABLED(CONFIG_IPV6)
81 if (sk->sk_family == AF_INET6) {
82 *(struct in6_addr *)r->id.idiag_src = sk->sk_v6_rcv_saddr;
83 *(struct in6_addr *)r->id.idiag_dst = sk->sk_v6_daddr;
87 memset(&r->id.idiag_src, 0, sizeof(r->id.idiag_src));
88 memset(&r->id.idiag_dst, 0, sizeof(r->id.idiag_dst));
90 r->id.idiag_src[0] = sk->sk_rcv_saddr;
91 r->id.idiag_dst[0] = sk->sk_daddr;
95 static size_t inet_sk_attr_size(void)
97 return nla_total_size(sizeof(struct tcp_info))
98 + nla_total_size(1) /* INET_DIAG_SHUTDOWN */
99 + nla_total_size(1) /* INET_DIAG_TOS */
100 + nla_total_size(1) /* INET_DIAG_TCLASS */
101 + nla_total_size(sizeof(struct inet_diag_meminfo))
102 + nla_total_size(sizeof(struct inet_diag_msg))
103 + nla_total_size(SK_MEMINFO_VARS * sizeof(u32))
104 + nla_total_size(TCP_CA_NAME_MAX)
105 + nla_total_size(sizeof(struct tcpvegas_info))
109 int inet_sk_diag_fill(struct sock *sk, struct inet_connection_sock *icsk,
110 struct sk_buff *skb, const struct inet_diag_req_v2 *req,
111 struct user_namespace *user_ns,
112 u32 portid, u32 seq, u16 nlmsg_flags,
113 const struct nlmsghdr *unlh)
115 const struct inet_sock *inet = inet_sk(sk);
116 const struct tcp_congestion_ops *ca_ops;
117 const struct inet_diag_handler *handler;
118 int ext = req->idiag_ext;
119 struct inet_diag_msg *r;
120 struct nlmsghdr *nlh;
124 handler = inet_diag_table[req->sdiag_protocol];
127 nlh = nlmsg_put(skb, portid, seq, unlh->nlmsg_type, sizeof(*r),
133 BUG_ON(!sk_fullsock(sk));
135 inet_diag_msg_common_fill(r, sk);
136 r->idiag_state = sk->sk_state;
138 r->idiag_retrans = 0;
140 if (nla_put_u8(skb, INET_DIAG_SHUTDOWN, sk->sk_shutdown))
143 /* IPv6 dual-stack sockets use inet->tos for IPv4 connections,
144 * hence this needs to be included regardless of socket family.
146 if (ext & (1 << (INET_DIAG_TOS - 1)))
147 if (nla_put_u8(skb, INET_DIAG_TOS, inet->tos) < 0)
150 #if IS_ENABLED(CONFIG_IPV6)
151 if (r->idiag_family == AF_INET6) {
152 if (ext & (1 << (INET_DIAG_TCLASS - 1)))
153 if (nla_put_u8(skb, INET_DIAG_TCLASS,
154 inet6_sk(sk)->tclass) < 0)
157 if (((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) &&
158 nla_put_u8(skb, INET_DIAG_SKV6ONLY, ipv6_only_sock(sk)))
163 r->idiag_uid = from_kuid_munged(user_ns, sock_i_uid(sk));
164 r->idiag_inode = sock_i_ino(sk);
166 if (ext & (1 << (INET_DIAG_MEMINFO - 1))) {
167 struct inet_diag_meminfo minfo = {
168 .idiag_rmem = sk_rmem_alloc_get(sk),
169 .idiag_wmem = sk->sk_wmem_queued,
170 .idiag_fmem = sk->sk_forward_alloc,
171 .idiag_tmem = sk_wmem_alloc_get(sk),
174 if (nla_put(skb, INET_DIAG_MEMINFO, sizeof(minfo), &minfo) < 0)
178 if (ext & (1 << (INET_DIAG_SKMEMINFO - 1)))
179 if (sock_diag_put_meminfo(sk, skb, INET_DIAG_SKMEMINFO))
183 handler->idiag_get_info(sk, r, NULL);
187 #define EXPIRES_IN_MS(tmo) DIV_ROUND_UP((tmo - jiffies) * 1000, HZ)
189 if (icsk->icsk_pending == ICSK_TIME_RETRANS ||
190 icsk->icsk_pending == ICSK_TIME_EARLY_RETRANS ||
191 icsk->icsk_pending == ICSK_TIME_LOSS_PROBE) {
193 r->idiag_retrans = icsk->icsk_retransmits;
194 r->idiag_expires = EXPIRES_IN_MS(icsk->icsk_timeout);
195 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
197 r->idiag_retrans = icsk->icsk_probes_out;
198 r->idiag_expires = EXPIRES_IN_MS(icsk->icsk_timeout);
199 } else if (timer_pending(&sk->sk_timer)) {
201 r->idiag_retrans = icsk->icsk_probes_out;
202 r->idiag_expires = EXPIRES_IN_MS(sk->sk_timer.expires);
205 r->idiag_expires = 0;
209 if ((ext & (1 << (INET_DIAG_INFO - 1))) && handler->idiag_info_size) {
210 attr = nla_reserve(skb, INET_DIAG_INFO,
211 handler->idiag_info_size);
215 info = nla_data(attr);
218 if (ext & (1 << (INET_DIAG_CONG - 1))) {
222 ca_ops = READ_ONCE(icsk->icsk_ca_ops);
224 err = nla_put_string(skb, INET_DIAG_CONG, ca_ops->name);
230 handler->idiag_get_info(sk, r, info);
232 if (sk->sk_state < TCP_TIME_WAIT) {
233 union tcp_cc_info info;
238 ca_ops = READ_ONCE(icsk->icsk_ca_ops);
239 if (ca_ops && ca_ops->get_info)
240 sz = ca_ops->get_info(sk, ext, &attr, &info);
242 if (sz && nla_put(skb, attr, sz, &info) < 0)
251 nlmsg_cancel(skb, nlh);
254 EXPORT_SYMBOL_GPL(inet_sk_diag_fill);
256 static int inet_csk_diag_fill(struct sock *sk,
258 const struct inet_diag_req_v2 *req,
259 struct user_namespace *user_ns,
260 u32 portid, u32 seq, u16 nlmsg_flags,
261 const struct nlmsghdr *unlh)
263 return inet_sk_diag_fill(sk, inet_csk(sk), skb, req,
264 user_ns, portid, seq, nlmsg_flags, unlh);
267 static int inet_twsk_diag_fill(struct sock *sk,
269 u32 portid, u32 seq, u16 nlmsg_flags,
270 const struct nlmsghdr *unlh)
272 struct inet_timewait_sock *tw = inet_twsk(sk);
273 struct inet_diag_msg *r;
274 struct nlmsghdr *nlh;
277 nlh = nlmsg_put(skb, portid, seq, unlh->nlmsg_type, sizeof(*r),
283 BUG_ON(tw->tw_state != TCP_TIME_WAIT);
285 tmo = tw->tw_timer.expires - jiffies;
289 inet_diag_msg_common_fill(r, sk);
290 r->idiag_retrans = 0;
292 r->idiag_state = tw->tw_substate;
294 r->idiag_expires = jiffies_to_msecs(tmo);
304 static int inet_req_diag_fill(struct sock *sk, struct sk_buff *skb,
305 u32 portid, u32 seq, u16 nlmsg_flags,
306 const struct nlmsghdr *unlh)
308 struct inet_diag_msg *r;
309 struct nlmsghdr *nlh;
312 nlh = nlmsg_put(skb, portid, seq, unlh->nlmsg_type, sizeof(*r),
318 inet_diag_msg_common_fill(r, sk);
319 r->idiag_state = TCP_SYN_RECV;
321 r->idiag_retrans = inet_reqsk(sk)->num_retrans;
323 BUILD_BUG_ON(offsetof(struct inet_request_sock, ir_cookie) !=
324 offsetof(struct sock, sk_cookie));
326 tmo = inet_reqsk(sk)->rsk_timer.expires - jiffies;
327 r->idiag_expires = (tmo >= 0) ? jiffies_to_msecs(tmo) : 0;
337 static int sk_diag_fill(struct sock *sk, struct sk_buff *skb,
338 const struct inet_diag_req_v2 *r,
339 struct user_namespace *user_ns,
340 u32 portid, u32 seq, u16 nlmsg_flags,
341 const struct nlmsghdr *unlh)
343 if (sk->sk_state == TCP_TIME_WAIT)
344 return inet_twsk_diag_fill(sk, skb, portid, seq,
347 if (sk->sk_state == TCP_NEW_SYN_RECV)
348 return inet_req_diag_fill(sk, skb, portid, seq,
351 return inet_csk_diag_fill(sk, skb, r, user_ns, portid, seq,
355 struct sock *inet_diag_find_one_icsk(struct net *net,
356 struct inet_hashinfo *hashinfo,
357 const struct inet_diag_req_v2 *req)
361 if (req->sdiag_family == AF_INET)
362 sk = inet_lookup(net, hashinfo, req->id.idiag_dst[0],
363 req->id.idiag_dport, req->id.idiag_src[0],
364 req->id.idiag_sport, req->id.idiag_if);
365 #if IS_ENABLED(CONFIG_IPV6)
366 else if (req->sdiag_family == AF_INET6) {
367 if (ipv6_addr_v4mapped((struct in6_addr *)req->id.idiag_dst) &&
368 ipv6_addr_v4mapped((struct in6_addr *)req->id.idiag_src))
369 sk = inet_lookup(net, hashinfo, req->id.idiag_dst[3],
370 req->id.idiag_dport, req->id.idiag_src[3],
371 req->id.idiag_sport, req->id.idiag_if);
373 sk = inet6_lookup(net, hashinfo,
374 (struct in6_addr *)req->id.idiag_dst,
376 (struct in6_addr *)req->id.idiag_src,
382 return ERR_PTR(-EINVAL);
385 return ERR_PTR(-ENOENT);
387 if (sock_diag_check_cookie(sk, req->id.idiag_cookie)) {
389 return ERR_PTR(-ENOENT);
394 EXPORT_SYMBOL_GPL(inet_diag_find_one_icsk);
396 int inet_diag_dump_one_icsk(struct inet_hashinfo *hashinfo,
397 struct sk_buff *in_skb,
398 const struct nlmsghdr *nlh,
399 const struct inet_diag_req_v2 *req)
401 struct net *net = sock_net(in_skb->sk);
406 sk = inet_diag_find_one_icsk(net, hashinfo, req);
410 rep = nlmsg_new(inet_sk_attr_size(), GFP_KERNEL);
416 err = sk_diag_fill(sk, rep, req,
417 sk_user_ns(NETLINK_CB(in_skb).sk),
418 NETLINK_CB(in_skb).portid,
419 nlh->nlmsg_seq, 0, nlh);
421 WARN_ON(err == -EMSGSIZE);
425 err = netlink_unicast(net->diag_nlsk, rep, NETLINK_CB(in_skb).portid,
436 EXPORT_SYMBOL_GPL(inet_diag_dump_one_icsk);
438 static int inet_diag_cmd_exact(int cmd, struct sk_buff *in_skb,
439 const struct nlmsghdr *nlh,
440 const struct inet_diag_req_v2 *req)
442 const struct inet_diag_handler *handler;
445 handler = inet_diag_lock_handler(req->sdiag_protocol);
447 err = PTR_ERR(handler);
448 else if (cmd == SOCK_DIAG_BY_FAMILY)
449 err = handler->dump_one(in_skb, nlh, req);
450 else if (cmd == SOCK_DESTROY_BACKPORT && handler->destroy)
451 err = handler->destroy(in_skb, req);
454 inet_diag_unlock_handler(handler);
459 static int bitstring_match(const __be32 *a1, const __be32 *a2, int bits)
461 int words = bits >> 5;
466 if (memcmp(a1, a2, words << 2))
476 mask = htonl((0xffffffff) << (32 - bits));
478 if ((w1 ^ w2) & mask)
485 static int inet_diag_bc_run(const struct nlattr *_bc,
486 const struct inet_diag_entry *entry)
488 const void *bc = nla_data(_bc);
489 int len = nla_len(_bc);
493 const struct inet_diag_bc_op *op = bc;
496 case INET_DIAG_BC_NOP:
498 case INET_DIAG_BC_JMP:
501 case INET_DIAG_BC_S_GE:
502 yes = entry->sport >= op[1].no;
504 case INET_DIAG_BC_S_LE:
505 yes = entry->sport <= op[1].no;
507 case INET_DIAG_BC_D_GE:
508 yes = entry->dport >= op[1].no;
510 case INET_DIAG_BC_D_LE:
511 yes = entry->dport <= op[1].no;
513 case INET_DIAG_BC_AUTO:
514 yes = !(entry->userlocks & SOCK_BINDPORT_LOCK);
516 case INET_DIAG_BC_S_COND:
517 case INET_DIAG_BC_D_COND: {
518 const struct inet_diag_hostcond *cond;
521 cond = (const struct inet_diag_hostcond *)(op + 1);
522 if (cond->port != -1 &&
523 cond->port != (op->code == INET_DIAG_BC_S_COND ?
524 entry->sport : entry->dport)) {
529 if (op->code == INET_DIAG_BC_S_COND)
534 if (cond->family != AF_UNSPEC &&
535 cond->family != entry->family) {
536 if (entry->family == AF_INET6 &&
537 cond->family == AF_INET) {
538 if (addr[0] == 0 && addr[1] == 0 &&
539 addr[2] == htonl(0xffff) &&
540 bitstring_match(addr + 3,
549 if (cond->prefix_len == 0)
551 if (bitstring_match(addr, cond->addr,
557 case INET_DIAG_BC_DEV_COND: {
560 ifindex = *((const u32 *)(op + 1));
561 if (ifindex != entry->ifindex)
565 case INET_DIAG_BC_MARK_COND: {
566 struct inet_diag_markcond *cond;
568 cond = (struct inet_diag_markcond *)(op + 1);
569 if ((entry->mark & cond->mask) != cond->mark)
586 /* This helper is available for all sockets (ESTABLISH, TIMEWAIT, SYN_RECV)
588 static void entry_fill_addrs(struct inet_diag_entry *entry,
589 const struct sock *sk)
591 #if IS_ENABLED(CONFIG_IPV6)
592 if (sk->sk_family == AF_INET6) {
593 entry->saddr = sk->sk_v6_rcv_saddr.s6_addr32;
594 entry->daddr = sk->sk_v6_daddr.s6_addr32;
598 entry->saddr = &sk->sk_rcv_saddr;
599 entry->daddr = &sk->sk_daddr;
603 int inet_diag_bc_sk(const struct nlattr *bc, struct sock *sk)
605 struct inet_sock *inet = inet_sk(sk);
606 struct inet_diag_entry entry;
611 entry.family = sk->sk_family;
612 entry_fill_addrs(&entry, sk);
613 entry.sport = inet->inet_num;
614 entry.dport = ntohs(inet->inet_dport);
615 entry.ifindex = sk->sk_bound_dev_if;
616 entry.userlocks = sk_fullsock(sk) ? sk->sk_userlocks : 0;
618 entry.mark = sk->sk_mark;
619 else if (sk->sk_state == TCP_NEW_SYN_RECV)
620 entry.mark = inet_rsk(inet_reqsk(sk))->ir_mark;
624 return inet_diag_bc_run(bc, &entry);
626 EXPORT_SYMBOL_GPL(inet_diag_bc_sk);
628 static int valid_cc(const void *bc, int len, int cc)
631 const struct inet_diag_bc_op *op = bc;
637 if (op->yes < 4 || op->yes & 3)
645 /* data is u32 ifindex */
646 static bool valid_devcond(const struct inet_diag_bc_op *op, int len,
649 /* Check ifindex space. */
650 *min_len += sizeof(u32);
656 /* Validate an inet_diag_hostcond. */
657 static bool valid_hostcond(const struct inet_diag_bc_op *op, int len,
660 struct inet_diag_hostcond *cond;
663 /* Check hostcond space. */
664 *min_len += sizeof(struct inet_diag_hostcond);
667 cond = (struct inet_diag_hostcond *)(op + 1);
669 /* Check address family and address length. */
670 switch (cond->family) {
675 addr_len = sizeof(struct in_addr);
678 addr_len = sizeof(struct in6_addr);
683 *min_len += addr_len;
687 /* Check prefix length (in bits) vs address length (in bytes). */
688 if (cond->prefix_len > 8 * addr_len)
694 /* Validate a port comparison operator. */
695 static bool valid_port_comparison(const struct inet_diag_bc_op *op,
696 int len, int *min_len)
698 /* Port comparisons put the port in a follow-on inet_diag_bc_op. */
699 *min_len += sizeof(struct inet_diag_bc_op);
705 static bool valid_markcond(const struct inet_diag_bc_op *op, int len,
708 *min_len += sizeof(struct inet_diag_markcond);
709 return len >= *min_len;
712 static int inet_diag_bc_audit(const struct nlattr *attr,
713 const struct sk_buff *skb)
715 bool net_admin = netlink_net_capable(skb, CAP_NET_ADMIN);
716 const void *bytecode, *bc;
717 int bytecode_len, len;
719 if (!attr || nla_len(attr) < sizeof(struct inet_diag_bc_op))
722 bytecode = bc = nla_data(attr);
723 len = bytecode_len = nla_len(attr);
726 int min_len = sizeof(struct inet_diag_bc_op);
727 const struct inet_diag_bc_op *op = bc;
730 case INET_DIAG_BC_S_COND:
731 case INET_DIAG_BC_D_COND:
732 if (!valid_hostcond(bc, len, &min_len))
735 case INET_DIAG_BC_DEV_COND:
736 if (!valid_devcond(bc, len, &min_len))
739 case INET_DIAG_BC_S_GE:
740 case INET_DIAG_BC_S_LE:
741 case INET_DIAG_BC_D_GE:
742 case INET_DIAG_BC_D_LE:
743 if (!valid_port_comparison(bc, len, &min_len))
746 case INET_DIAG_BC_MARK_COND:
749 if (!valid_markcond(bc, len, &min_len))
752 case INET_DIAG_BC_AUTO:
753 case INET_DIAG_BC_JMP:
754 case INET_DIAG_BC_NOP:
760 if (op->code != INET_DIAG_BC_NOP) {
761 if (op->no < min_len || op->no > len + 4 || op->no & 3)
764 !valid_cc(bytecode, bytecode_len, len - op->no))
768 if (op->yes < min_len || op->yes > len + 4 || op->yes & 3)
773 return len == 0 ? 0 : -EINVAL;
776 static int inet_csk_diag_dump(struct sock *sk,
778 struct netlink_callback *cb,
779 const struct inet_diag_req_v2 *r,
780 const struct nlattr *bc)
782 if (!inet_diag_bc_sk(bc, sk))
785 return inet_csk_diag_fill(sk, skb, r,
786 sk_user_ns(NETLINK_CB(cb->skb).sk),
787 NETLINK_CB(cb->skb).portid,
788 cb->nlh->nlmsg_seq, NLM_F_MULTI, cb->nlh);
791 static void twsk_build_assert(void)
793 BUILD_BUG_ON(offsetof(struct inet_timewait_sock, tw_family) !=
794 offsetof(struct sock, sk_family));
796 BUILD_BUG_ON(offsetof(struct inet_timewait_sock, tw_num) !=
797 offsetof(struct inet_sock, inet_num));
799 BUILD_BUG_ON(offsetof(struct inet_timewait_sock, tw_dport) !=
800 offsetof(struct inet_sock, inet_dport));
802 BUILD_BUG_ON(offsetof(struct inet_timewait_sock, tw_rcv_saddr) !=
803 offsetof(struct inet_sock, inet_rcv_saddr));
805 BUILD_BUG_ON(offsetof(struct inet_timewait_sock, tw_daddr) !=
806 offsetof(struct inet_sock, inet_daddr));
808 #if IS_ENABLED(CONFIG_IPV6)
809 BUILD_BUG_ON(offsetof(struct inet_timewait_sock, tw_v6_rcv_saddr) !=
810 offsetof(struct sock, sk_v6_rcv_saddr));
812 BUILD_BUG_ON(offsetof(struct inet_timewait_sock, tw_v6_daddr) !=
813 offsetof(struct sock, sk_v6_daddr));
817 void inet_diag_dump_icsk(struct inet_hashinfo *hashinfo, struct sk_buff *skb,
818 struct netlink_callback *cb,
819 const struct inet_diag_req_v2 *r, struct nlattr *bc)
821 struct net *net = sock_net(skb->sk);
822 int i, num, s_i, s_num;
823 u32 idiag_states = r->idiag_states;
825 if (idiag_states & TCPF_SYN_RECV)
826 idiag_states |= TCPF_NEW_SYN_RECV;
828 s_num = num = cb->args[2];
830 if (cb->args[0] == 0) {
831 if (!(idiag_states & TCPF_LISTEN))
834 for (i = s_i; i < INET_LHTABLE_SIZE; i++) {
835 struct inet_listen_hashbucket *ilb;
836 struct hlist_nulls_node *node;
840 ilb = &hashinfo->listening_hash[i];
841 spin_lock_bh(&ilb->lock);
842 sk_nulls_for_each(sk, node, &ilb->head) {
843 struct inet_sock *inet = inet_sk(sk);
845 if (!net_eq(sock_net(sk), net))
853 if (r->sdiag_family != AF_UNSPEC &&
854 sk->sk_family != r->sdiag_family)
857 if (r->id.idiag_sport != inet->inet_sport &&
861 if (r->id.idiag_dport ||
865 if (inet_csk_diag_dump(sk, skb, cb, r, bc) < 0) {
866 spin_unlock_bh(&ilb->lock);
875 spin_unlock_bh(&ilb->lock);
883 s_i = num = s_num = 0;
886 if (!(idiag_states & ~TCPF_LISTEN))
889 for (i = s_i; i <= hashinfo->ehash_mask; i++) {
890 struct inet_ehash_bucket *head = &hashinfo->ehash[i];
891 spinlock_t *lock = inet_ehash_lockp(hashinfo, i);
892 struct hlist_nulls_node *node;
897 if (hlist_nulls_empty(&head->chain))
904 sk_nulls_for_each(sk, node, &head->chain) {
907 if (!net_eq(sock_net(sk), net))
911 state = (sk->sk_state == TCP_TIME_WAIT) ?
912 inet_twsk(sk)->tw_substate : sk->sk_state;
913 if (!(idiag_states & (1 << state)))
915 if (r->sdiag_family != AF_UNSPEC &&
916 sk->sk_family != r->sdiag_family)
918 if (r->id.idiag_sport != htons(sk->sk_num) &&
921 if (r->id.idiag_dport != sk->sk_dport &&
926 if (!inet_diag_bc_sk(bc, sk))
929 res = sk_diag_fill(sk, skb, r,
930 sk_user_ns(NETLINK_CB(cb->skb).sk),
931 NETLINK_CB(cb->skb).portid,
932 cb->nlh->nlmsg_seq, NLM_F_MULTI,
935 spin_unlock_bh(lock);
942 spin_unlock_bh(lock);
951 EXPORT_SYMBOL_GPL(inet_diag_dump_icsk);
953 static int __inet_diag_dump(struct sk_buff *skb, struct netlink_callback *cb,
954 const struct inet_diag_req_v2 *r,
957 const struct inet_diag_handler *handler;
960 handler = inet_diag_lock_handler(r->sdiag_protocol);
961 if (!IS_ERR(handler))
962 handler->dump(skb, cb, r, bc);
964 err = PTR_ERR(handler);
965 inet_diag_unlock_handler(handler);
967 return err ? : skb->len;
970 static int inet_diag_dump(struct sk_buff *skb, struct netlink_callback *cb)
972 int hdrlen = sizeof(struct inet_diag_req_v2);
973 struct nlattr *bc = NULL;
975 if (nlmsg_attrlen(cb->nlh, hdrlen))
976 bc = nlmsg_find_attr(cb->nlh, hdrlen, INET_DIAG_REQ_BYTECODE);
978 return __inet_diag_dump(skb, cb, nlmsg_data(cb->nlh), bc);
981 static int inet_diag_type2proto(int type)
984 case TCPDIAG_GETSOCK:
986 case DCCPDIAG_GETSOCK:
993 static int inet_diag_dump_compat(struct sk_buff *skb,
994 struct netlink_callback *cb)
996 struct inet_diag_req *rc = nlmsg_data(cb->nlh);
997 int hdrlen = sizeof(struct inet_diag_req);
998 struct inet_diag_req_v2 req;
999 struct nlattr *bc = NULL;
1001 req.sdiag_family = AF_UNSPEC; /* compatibility */
1002 req.sdiag_protocol = inet_diag_type2proto(cb->nlh->nlmsg_type);
1003 req.idiag_ext = rc->idiag_ext;
1004 req.idiag_states = rc->idiag_states;
1007 if (nlmsg_attrlen(cb->nlh, hdrlen))
1008 bc = nlmsg_find_attr(cb->nlh, hdrlen, INET_DIAG_REQ_BYTECODE);
1010 return __inet_diag_dump(skb, cb, &req, bc);
1013 static int inet_diag_get_exact_compat(struct sk_buff *in_skb,
1014 const struct nlmsghdr *nlh)
1016 struct inet_diag_req *rc = nlmsg_data(nlh);
1017 struct inet_diag_req_v2 req;
1019 req.sdiag_family = rc->idiag_family;
1020 req.sdiag_protocol = inet_diag_type2proto(nlh->nlmsg_type);
1021 req.idiag_ext = rc->idiag_ext;
1022 req.idiag_states = rc->idiag_states;
1025 return inet_diag_cmd_exact(SOCK_DIAG_BY_FAMILY, in_skb, nlh, &req);
1028 static int inet_diag_rcv_msg_compat(struct sk_buff *skb, struct nlmsghdr *nlh)
1030 int hdrlen = sizeof(struct inet_diag_req);
1031 struct net *net = sock_net(skb->sk);
1033 if (nlh->nlmsg_type >= INET_DIAG_GETSOCK_MAX ||
1034 nlmsg_len(nlh) < hdrlen)
1037 if (nlh->nlmsg_flags & NLM_F_DUMP) {
1038 if (nlmsg_attrlen(nlh, hdrlen)) {
1039 struct nlattr *attr;
1042 attr = nlmsg_find_attr(nlh, hdrlen,
1043 INET_DIAG_REQ_BYTECODE);
1044 err = inet_diag_bc_audit(attr, skb);
1049 struct netlink_dump_control c = {
1050 .dump = inet_diag_dump_compat,
1052 return netlink_dump_start(net->diag_nlsk, skb, nlh, &c);
1056 return inet_diag_get_exact_compat(skb, nlh);
1059 static int inet_diag_handler_cmd(struct sk_buff *skb, struct nlmsghdr *h)
1061 int hdrlen = sizeof(struct inet_diag_req_v2);
1062 struct net *net = sock_net(skb->sk);
1064 if (nlmsg_len(h) < hdrlen)
1067 if (h->nlmsg_type == SOCK_DIAG_BY_FAMILY &&
1068 h->nlmsg_flags & NLM_F_DUMP) {
1069 if (nlmsg_attrlen(h, hdrlen)) {
1070 struct nlattr *attr;
1073 attr = nlmsg_find_attr(h, hdrlen,
1074 INET_DIAG_REQ_BYTECODE);
1075 err = inet_diag_bc_audit(attr, skb);
1080 struct netlink_dump_control c = {
1081 .dump = inet_diag_dump,
1083 return netlink_dump_start(net->diag_nlsk, skb, h, &c);
1087 return inet_diag_cmd_exact(h->nlmsg_type, skb, h, nlmsg_data(h));
1091 int inet_diag_handler_get_info(struct sk_buff *skb, struct sock *sk)
1093 const struct inet_diag_handler *handler;
1094 struct nlmsghdr *nlh;
1095 struct nlattr *attr;
1096 struct inet_diag_msg *r;
1100 nlh = nlmsg_put(skb, 0, 0, SOCK_DIAG_BY_FAMILY, sizeof(*r), 0);
1104 r = nlmsg_data(nlh);
1105 memset(r, 0, sizeof(*r));
1106 inet_diag_msg_common_fill(r, sk);
1107 if (sk->sk_type == SOCK_DGRAM || sk->sk_type == SOCK_STREAM)
1108 r->id.idiag_sport = inet_sk(sk)->inet_sport;
1109 r->idiag_state = sk->sk_state;
1111 if ((err = nla_put_u8(skb, INET_DIAG_PROTOCOL, sk->sk_protocol))) {
1112 nlmsg_cancel(skb, nlh);
1116 handler = inet_diag_lock_handler(sk->sk_protocol);
1117 if (IS_ERR(handler)) {
1118 inet_diag_unlock_handler(handler);
1119 nlmsg_cancel(skb, nlh);
1120 return PTR_ERR(handler);
1123 attr = handler->idiag_info_size
1124 ? nla_reserve(skb, INET_DIAG_INFO, handler->idiag_info_size)
1127 info = nla_data(attr);
1129 handler->idiag_get_info(sk, r, info);
1130 inet_diag_unlock_handler(handler);
1132 nlmsg_end(skb, nlh);
1136 static const struct sock_diag_handler inet_diag_handler = {
1138 .dump = inet_diag_handler_cmd,
1139 .get_info = inet_diag_handler_get_info,
1140 .destroy = inet_diag_handler_cmd,
1143 static const struct sock_diag_handler inet6_diag_handler = {
1145 .dump = inet_diag_handler_cmd,
1146 .get_info = inet_diag_handler_get_info,
1147 .destroy = inet_diag_handler_cmd,
1150 int inet_diag_register(const struct inet_diag_handler *h)
1152 const __u16 type = h->idiag_type;
1155 if (type >= IPPROTO_MAX)
1158 mutex_lock(&inet_diag_table_mutex);
1160 if (!inet_diag_table[type]) {
1161 inet_diag_table[type] = h;
1164 mutex_unlock(&inet_diag_table_mutex);
1168 EXPORT_SYMBOL_GPL(inet_diag_register);
1170 void inet_diag_unregister(const struct inet_diag_handler *h)
1172 const __u16 type = h->idiag_type;
1174 if (type >= IPPROTO_MAX)
1177 mutex_lock(&inet_diag_table_mutex);
1178 inet_diag_table[type] = NULL;
1179 mutex_unlock(&inet_diag_table_mutex);
1181 EXPORT_SYMBOL_GPL(inet_diag_unregister);
1183 static int __init inet_diag_init(void)
1185 const int inet_diag_table_size = (IPPROTO_MAX *
1186 sizeof(struct inet_diag_handler *));
1189 inet_diag_table = kzalloc(inet_diag_table_size, GFP_KERNEL);
1190 if (!inet_diag_table)
1193 err = sock_diag_register(&inet_diag_handler);
1197 err = sock_diag_register(&inet6_diag_handler);
1201 sock_diag_register_inet_compat(inet_diag_rcv_msg_compat);
1206 sock_diag_unregister(&inet_diag_handler);
1208 kfree(inet_diag_table);
1212 static void __exit inet_diag_exit(void)
1214 sock_diag_unregister(&inet6_diag_handler);
1215 sock_diag_unregister(&inet_diag_handler);
1216 sock_diag_unregister_inet_compat(inet_diag_rcv_msg_compat);
1217 kfree(inet_diag_table);
1220 module_init(inet_diag_init);
1221 module_exit(inet_diag_exit);
1222 MODULE_LICENSE("GPL");
1223 MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_NETLINK, NETLINK_SOCK_DIAG, 2 /* AF_INET */);
1224 MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_NETLINK, NETLINK_SOCK_DIAG, 10 /* AF_INET6 */);