search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
/spare/repo/netdev-2.6 branch 'chelsio'
[linux-2.6/sactl.git] / net / ipv4 / tcp_diag.c
blobf66945cb158fd346c0b2f87d0dec068620b7a838
1 /*
2 * tcp_diag.c Module for monitoring TCP sockets.
3 *
4 * Version: $Id: tcp_diag.c,v 1.3 2002/02/01 22:01:04 davem Exp $
5 *
6 * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
12 */
13
14 #include <linux/config.h>
15 #include <linux/module.h>
16 #include <linux/types.h>
17 #include <linux/fcntl.h>
18 #include <linux/random.h>
19 #include <linux/cache.h>
20 #include <linux/init.h>
21 #include <linux/time.h>
22
23 #include <net/icmp.h>
24 #include <net/tcp.h>
25 #include <net/ipv6.h>
26 #include <net/inet_common.h>
27
28 #include <linux/inet.h>
29 #include <linux/stddef.h>
30
31 #include <linux/tcp_diag.h>
32
33 struct tcpdiag_entry
34 {
35 u32 *saddr;
36 u32 *daddr;
37 u16 sport;
38 u16 dport;
39 u16 family;
40 u16 userlocks;
41 };
42
43 static struct sock *tcpnl;
44
45 #define TCPDIAG_PUT(skb, attrtype, attrlen) \
46 RTA_DATA(__RTA_PUT(skb, attrtype, attrlen))
47
48 static int tcpdiag_fill(struct sk_buff *skb, struct sock *sk,
49 int ext, u32 pid, u32 seq, u16 nlmsg_flags)
50 {
51 struct inet_sock *inet = inet_sk(sk);
52 struct tcp_sock *tp = tcp_sk(sk);
53 struct tcpdiagmsg *r;
54 struct nlmsghdr *nlh;
55 struct tcp_info *info = NULL;
56 struct tcpdiag_meminfo *minfo = NULL;
57 unsigned char *b = skb->tail;
58
59 nlh = NLMSG_PUT(skb, pid, seq, TCPDIAG_GETSOCK, sizeof(*r));
60 nlh->nlmsg_flags = nlmsg_flags;
61 r = NLMSG_DATA(nlh);
62 if (sk->sk_state != TCP_TIME_WAIT) {
63 if (ext & (1<<(TCPDIAG_MEMINFO-1)))
64 minfo = TCPDIAG_PUT(skb, TCPDIAG_MEMINFO, sizeof(*minfo));
65 if (ext & (1<<(TCPDIAG_INFO-1)))
66 info = TCPDIAG_PUT(skb, TCPDIAG_INFO, sizeof(*info));
67
68 if (ext & (1<<(TCPDIAG_CONG-1))) {
69 size_t len = strlen(tp->ca_ops->name);
70 strcpy(TCPDIAG_PUT(skb, TCPDIAG_CONG, len+1),
71 tp->ca_ops->name);
72 }
73 }
74 r->tcpdiag_family = sk->sk_family;
75 r->tcpdiag_state = sk->sk_state;
76 r->tcpdiag_timer = 0;
77 r->tcpdiag_retrans = 0;
78
79 r->id.tcpdiag_if = sk->sk_bound_dev_if;
80 r->id.tcpdiag_cookie[0] = (u32)(unsigned long)sk;
81 r->id.tcpdiag_cookie[1] = (u32)(((unsigned long)sk >> 31) >> 1);
82
83 if (r->tcpdiag_state == TCP_TIME_WAIT) {
84 struct tcp_tw_bucket *tw = (struct tcp_tw_bucket*)sk;
85 long tmo = tw->tw_ttd - jiffies;
86 if (tmo < 0)
87 tmo = 0;
88
89 r->id.tcpdiag_sport = tw->tw_sport;
90 r->id.tcpdiag_dport = tw->tw_dport;
91 r->id.tcpdiag_src[0] = tw->tw_rcv_saddr;
92 r->id.tcpdiag_dst[0] = tw->tw_daddr;
93 r->tcpdiag_state = tw->tw_substate;
94 r->tcpdiag_timer = 3;
95 r->tcpdiag_expires = (tmo*1000+HZ-1)/HZ;
96 r->tcpdiag_rqueue = 0;
97 r->tcpdiag_wqueue = 0;
98 r->tcpdiag_uid = 0;
99 r->tcpdiag_inode = 0;
100 #ifdef CONFIG_IP_TCPDIAG_IPV6
101 if (r->tcpdiag_family == AF_INET6) {
102 ipv6_addr_copy((struct in6_addr *)r->id.tcpdiag_src,
103 &tw->tw_v6_rcv_saddr);
104 ipv6_addr_copy((struct in6_addr *)r->id.tcpdiag_dst,
105 &tw->tw_v6_daddr);
106 }
107 #endif
108 nlh->nlmsg_len = skb->tail - b;
109 return skb->len;
110 }
111
112 r->id.tcpdiag_sport = inet->sport;
113 r->id.tcpdiag_dport = inet->dport;
114 r->id.tcpdiag_src[0] = inet->rcv_saddr;
115 r->id.tcpdiag_dst[0] = inet->daddr;
116
117 #ifdef CONFIG_IP_TCPDIAG_IPV6
118 if (r->tcpdiag_family == AF_INET6) {
119 struct ipv6_pinfo *np = inet6_sk(sk);
120
121 ipv6_addr_copy((struct in6_addr *)r->id.tcpdiag_src,
122 &np->rcv_saddr);
123 ipv6_addr_copy((struct in6_addr *)r->id.tcpdiag_dst,
124 &np->daddr);
125 }
126 #endif
127
128 #define EXPIRES_IN_MS(tmo) ((tmo-jiffies)*1000+HZ-1)/HZ
129
130 if (tp->pending == TCP_TIME_RETRANS) {
131 r->tcpdiag_timer = 1;
132 r->tcpdiag_retrans = tp->retransmits;
133 r->tcpdiag_expires = EXPIRES_IN_MS(tp->timeout);
134 } else if (tp->pending == TCP_TIME_PROBE0) {
135 r->tcpdiag_timer = 4;
136 r->tcpdiag_retrans = tp->probes_out;
137 r->tcpdiag_expires = EXPIRES_IN_MS(tp->timeout);
138 } else if (timer_pending(&sk->sk_timer)) {
139 r->tcpdiag_timer = 2;
140 r->tcpdiag_retrans = tp->probes_out;
141 r->tcpdiag_expires = EXPIRES_IN_MS(sk->sk_timer.expires);
142 } else {
143 r->tcpdiag_timer = 0;
144 r->tcpdiag_expires = 0;
145 }
146 #undef EXPIRES_IN_MS
147
148 r->tcpdiag_rqueue = tp->rcv_nxt - tp->copied_seq;
149 r->tcpdiag_wqueue = tp->write_seq - tp->snd_una;
150 r->tcpdiag_uid = sock_i_uid(sk);
151 r->tcpdiag_inode = sock_i_ino(sk);
152
153 if (minfo) {
154 minfo->tcpdiag_rmem = atomic_read(&sk->sk_rmem_alloc);
155 minfo->tcpdiag_wmem = sk->sk_wmem_queued;
156 minfo->tcpdiag_fmem = sk->sk_forward_alloc;
157 minfo->tcpdiag_tmem = atomic_read(&sk->sk_wmem_alloc);
158 }
159
160 if (info)
161 tcp_get_info(sk, info);
162
163 if (sk->sk_state < TCP_TIME_WAIT && tp->ca_ops->get_info)
164 tp->ca_ops->get_info(tp, ext, skb);
165
166 nlh->nlmsg_len = skb->tail - b;
167 return skb->len;
168
169 rtattr_failure:
170 nlmsg_failure:
171 skb_trim(skb, b - skb->data);
172 return -1;
173 }
174
175 extern struct sock *tcp_v4_lookup(u32 saddr, u16 sport, u32 daddr, u16 dport,
176 int dif);
177 #ifdef CONFIG_IP_TCPDIAG_IPV6
178 extern struct sock *tcp_v6_lookup(struct in6_addr *saddr, u16 sport,
179 struct in6_addr *daddr, u16 dport,
180 int dif);
181 #else
182 static inline struct sock *tcp_v6_lookup(struct in6_addr *saddr, u16 sport,
183 struct in6_addr *daddr, u16 dport,
184 int dif)
185 {
186 return NULL;
187 }
188 #endif
189
190 static int tcpdiag_get_exact(struct sk_buff *in_skb, const struct nlmsghdr *nlh)
191 {
192 int err;
193 struct sock *sk;
194 struct tcpdiagreq *req = NLMSG_DATA(nlh);
195 struct sk_buff *rep;
196
197 if (req->tcpdiag_family == AF_INET) {
198 sk = tcp_v4_lookup(req->id.tcpdiag_dst[0], req->id.tcpdiag_dport,
199 req->id.tcpdiag_src[0], req->id.tcpdiag_sport,
200 req->id.tcpdiag_if);
201 }
202 #ifdef CONFIG_IP_TCPDIAG_IPV6
203 else if (req->tcpdiag_family == AF_INET6) {
204 sk = tcp_v6_lookup((struct in6_addr*)req->id.tcpdiag_dst, req->id.tcpdiag_dport,
205 (struct in6_addr*)req->id.tcpdiag_src, req->id.tcpdiag_sport,
206 req->id.tcpdiag_if);
207 }
208 #endif
209 else {
210 return -EINVAL;
211 }
212
213 if (sk == NULL)
214 return -ENOENT;
215
216 err = -ESTALE;
217 if ((req->id.tcpdiag_cookie[0] != TCPDIAG_NOCOOKIE ||
218 req->id.tcpdiag_cookie[1] != TCPDIAG_NOCOOKIE) &&
219 ((u32)(unsigned long)sk != req->id.tcpdiag_cookie[0] ||
220 (u32)((((unsigned long)sk) >> 31) >> 1) != req->id.tcpdiag_cookie[1]))
221 goto out;
222
223 err = -ENOMEM;
224 rep = alloc_skb(NLMSG_SPACE(sizeof(struct tcpdiagmsg)+
225 sizeof(struct tcpdiag_meminfo)+
226 sizeof(struct tcp_info)+64), GFP_KERNEL);
227 if (!rep)
228 goto out;
229
230 if (tcpdiag_fill(rep, sk, req->tcpdiag_ext,
231 NETLINK_CB(in_skb).pid,
232 nlh->nlmsg_seq, 0) <= 0)
233 BUG();
234
235 err = netlink_unicast(tcpnl, rep, NETLINK_CB(in_skb).pid, MSG_DONTWAIT);
236 if (err > 0)
237 err = 0;
238
239 out:
240 if (sk) {
241 if (sk->sk_state == TCP_TIME_WAIT)
242 tcp_tw_put((struct tcp_tw_bucket*)sk);
243 else
244 sock_put(sk);
245 }
246 return err;
247 }
248
249 static int bitstring_match(const u32 *a1, const u32 *a2, int bits)
250 {
251 int words = bits >> 5;
252
253 bits &= 0x1f;
254
255 if (words) {
256 if (memcmp(a1, a2, words << 2))
257 return 0;
258 }
259 if (bits) {
260 __u32 w1, w2;
261 __u32 mask;
262
263 w1 = a1[words];
264 w2 = a2[words];
265
266 mask = htonl((0xffffffff) << (32 - bits));
267
268 if ((w1 ^ w2) & mask)
269 return 0;
270 }
271
272 return 1;
273 }
274
275
276 static int tcpdiag_bc_run(const void *bc, int len,
277 const struct tcpdiag_entry *entry)
278 {
279 while (len > 0) {
280 int yes = 1;
281 const struct tcpdiag_bc_op *op = bc;
282
283 switch (op->code) {
284 case TCPDIAG_BC_NOP:
285 break;
286 case TCPDIAG_BC_JMP:
287 yes = 0;
288 break;
289 case TCPDIAG_BC_S_GE:
290 yes = entry->sport >= op[1].no;
291 break;
292 case TCPDIAG_BC_S_LE:
293 yes = entry->dport <= op[1].no;
294 break;
295 case TCPDIAG_BC_D_GE:
296 yes = entry->dport >= op[1].no;
297 break;
298 case TCPDIAG_BC_D_LE:
299 yes = entry->dport <= op[1].no;
300 break;
301 case TCPDIAG_BC_AUTO:
302 yes = !(entry->userlocks & SOCK_BINDPORT_LOCK);
303 break;
304 case TCPDIAG_BC_S_COND:
305 case TCPDIAG_BC_D_COND:
306 {
307 struct tcpdiag_hostcond *cond = (struct tcpdiag_hostcond*)(op+1);
308 u32 *addr;
309
310 if (cond->port != -1 &&
311 cond->port != (op->code == TCPDIAG_BC_S_COND ?
312 entry->sport : entry->dport)) {
313 yes = 0;
314 break;
315 }
316
317 if (cond->prefix_len == 0)
318 break;
319
320 if (op->code == TCPDIAG_BC_S_COND)
321 addr = entry->saddr;
322 else
323 addr = entry->daddr;
324
325 if (bitstring_match(addr, cond->addr, cond->prefix_len))
326 break;
327 if (entry->family == AF_INET6 &&
328 cond->family == AF_INET) {
329 if (addr[0] == 0 && addr[1] == 0 &&
330 addr[2] == htonl(0xffff) &&
331 bitstring_match(addr+3, cond->addr, cond->prefix_len))
332 break;
333 }
334 yes = 0;
335 break;
336 }
337 }
338
339 if (yes) {
340 len -= op->yes;
341 bc += op->yes;
342 } else {
343 len -= op->no;
344 bc += op->no;
345 }
346 }
347 return (len == 0);
348 }
349
350 static int valid_cc(const void *bc, int len, int cc)
351 {
352 while (len >= 0) {
353 const struct tcpdiag_bc_op *op = bc;
354
355 if (cc > len)
356 return 0;
357 if (cc == len)
358 return 1;
359 if (op->yes < 4)
360 return 0;
361 len -= op->yes;
362 bc += op->yes;
363 }
364 return 0;
365 }
366
367 static int tcpdiag_bc_audit(const void *bytecode, int bytecode_len)
368 {
369 const unsigned char *bc = bytecode;
370 int len = bytecode_len;
371
372 while (len > 0) {
373 struct tcpdiag_bc_op *op = (struct tcpdiag_bc_op*)bc;
374
375 //printk("BC: %d %d %d {%d} / %d\n", op->code, op->yes, op->no, op[1].no, len);
376 switch (op->code) {
377 case TCPDIAG_BC_AUTO:
378 case TCPDIAG_BC_S_COND:
379 case TCPDIAG_BC_D_COND:
380 case TCPDIAG_BC_S_GE:
381 case TCPDIAG_BC_S_LE:
382 case TCPDIAG_BC_D_GE:
383 case TCPDIAG_BC_D_LE:
384 if (op->yes < 4 || op->yes > len+4)
385 return -EINVAL;
386 case TCPDIAG_BC_JMP:
387 if (op->no < 4 || op->no > len+4)
388 return -EINVAL;
389 if (op->no < len &&
390 !valid_cc(bytecode, bytecode_len, len-op->no))
391 return -EINVAL;
392 break;
393 case TCPDIAG_BC_NOP:
394 if (op->yes < 4 || op->yes > len+4)
395 return -EINVAL;
396 break;
397 default:
398 return -EINVAL;
399 }
400 bc += op->yes;
401 len -= op->yes;
402 }
403 return len == 0 ? 0 : -EINVAL;
404 }
405
406 static int tcpdiag_dump_sock(struct sk_buff *skb, struct sock *sk,
407 struct netlink_callback *cb)
408 {
409 struct tcpdiagreq *r = NLMSG_DATA(cb->nlh);
410
411 if (cb->nlh->nlmsg_len > 4 + NLMSG_SPACE(sizeof(*r))) {
412 struct tcpdiag_entry entry;
413 struct rtattr *bc = (struct rtattr *)(r + 1);
414 struct inet_sock *inet = inet_sk(sk);
415
416 entry.family = sk->sk_family;
417 #ifdef CONFIG_IP_TCPDIAG_IPV6
418 if (entry.family == AF_INET6) {
419 struct ipv6_pinfo *np = inet6_sk(sk);
420
421 entry.saddr = np->rcv_saddr.s6_addr32;
422 entry.daddr = np->daddr.s6_addr32;
423 } else
424 #endif
425 {
426 entry.saddr = &inet->rcv_saddr;
427 entry.daddr = &inet->daddr;
428 }
429 entry.sport = inet->num;
430 entry.dport = ntohs(inet->dport);
431 entry.userlocks = sk->sk_userlocks;
432
433 if (!tcpdiag_bc_run(RTA_DATA(bc), RTA_PAYLOAD(bc), &entry))
434 return 0;
435 }
436
437 return tcpdiag_fill(skb, sk, r->tcpdiag_ext, NETLINK_CB(cb->skb).pid,
438 cb->nlh->nlmsg_seq, NLM_F_MULTI);
439 }
440
441 static int tcpdiag_fill_req(struct sk_buff *skb, struct sock *sk,
442 struct request_sock *req,
443 u32 pid, u32 seq)
444 {
445 const struct inet_request_sock *ireq = inet_rsk(req);
446 struct inet_sock *inet = inet_sk(sk);
447 unsigned char *b = skb->tail;
448 struct tcpdiagmsg *r;
449 struct nlmsghdr *nlh;
450 long tmo;
451
452 nlh = NLMSG_PUT(skb, pid, seq, TCPDIAG_GETSOCK, sizeof(*r));
453 nlh->nlmsg_flags = NLM_F_MULTI;
454 r = NLMSG_DATA(nlh);
455
456 r->tcpdiag_family = sk->sk_family;
457 r->tcpdiag_state = TCP_SYN_RECV;
458 r->tcpdiag_timer = 1;
459 r->tcpdiag_retrans = req->retrans;
460
461 r->id.tcpdiag_if = sk->sk_bound_dev_if;
462 r->id.tcpdiag_cookie[0] = (u32)(unsigned long)req;
463 r->id.tcpdiag_cookie[1] = (u32)(((unsigned long)req >> 31) >> 1);
464
465 tmo = req->expires - jiffies;
466 if (tmo < 0)
467 tmo = 0;
468
469 r->id.tcpdiag_sport = inet->sport;
470 r->id.tcpdiag_dport = ireq->rmt_port;
471 r->id.tcpdiag_src[0] = ireq->loc_addr;
472 r->id.tcpdiag_dst[0] = ireq->rmt_addr;
473 r->tcpdiag_expires = jiffies_to_msecs(tmo),
474 r->tcpdiag_rqueue = 0;
475 r->tcpdiag_wqueue = 0;
476 r->tcpdiag_uid = sock_i_uid(sk);
477 r->tcpdiag_inode = 0;
478 #ifdef CONFIG_IP_TCPDIAG_IPV6
479 if (r->tcpdiag_family == AF_INET6) {
480 ipv6_addr_copy((struct in6_addr *)r->id.tcpdiag_src,
481 &tcp6_rsk(req)->loc_addr);
482 ipv6_addr_copy((struct in6_addr *)r->id.tcpdiag_dst,
483 &tcp6_rsk(req)->rmt_addr);
484 }
485 #endif
486 nlh->nlmsg_len = skb->tail - b;
487
488 return skb->len;
489
490 nlmsg_failure:
491 skb_trim(skb, b - skb->data);
492 return -1;
493 }
494
495 static int tcpdiag_dump_reqs(struct sk_buff *skb, struct sock *sk,
496 struct netlink_callback *cb)
497 {
498 struct tcpdiag_entry entry;
499 struct tcpdiagreq *r = NLMSG_DATA(cb->nlh);
500 struct tcp_sock *tp = tcp_sk(sk);
501 struct listen_sock *lopt;
502 struct rtattr *bc = NULL;
503 struct inet_sock *inet = inet_sk(sk);
504 int j, s_j;
505 int reqnum, s_reqnum;
506 int err = 0;
507
508 s_j = cb->args[3];
509 s_reqnum = cb->args[4];
510
511 if (s_j > 0)
512 s_j--;
513
514 entry.family = sk->sk_family;
515
516 read_lock_bh(&tp->accept_queue.syn_wait_lock);
517
518 lopt = tp->accept_queue.listen_opt;
519 if (!lopt || !lopt->qlen)
520 goto out;
521
522 if (cb->nlh->nlmsg_len > 4 + NLMSG_SPACE(sizeof(*r))) {
523 bc = (struct rtattr *)(r + 1);
524 entry.sport = inet->num;
525 entry.userlocks = sk->sk_userlocks;
526 }
527
528 for (j = s_j; j < TCP_SYNQ_HSIZE; j++) {
529 struct request_sock *req, *head = lopt->syn_table[j];
530
531 reqnum = 0;
532 for (req = head; req; reqnum++, req = req->dl_next) {
533 struct inet_request_sock *ireq = inet_rsk(req);
534
535 if (reqnum < s_reqnum)
536 continue;
537 if (r->id.tcpdiag_dport != ireq->rmt_port &&
538 r->id.tcpdiag_dport)
539 continue;
540
541 if (bc) {
542 entry.saddr =
543 #ifdef CONFIG_IP_TCPDIAG_IPV6
544 (entry.family == AF_INET6) ?
545 tcp6_rsk(req)->loc_addr.s6_addr32 :
546 #endif
547 &ireq->loc_addr;
548 entry.daddr =
549 #ifdef CONFIG_IP_TCPDIAG_IPV6
550 (entry.family == AF_INET6) ?
551 tcp6_rsk(req)->rmt_addr.s6_addr32 :
552 #endif
553 &ireq->rmt_addr;
554 entry.dport = ntohs(ireq->rmt_port);
555
556 if (!tcpdiag_bc_run(RTA_DATA(bc),
557 RTA_PAYLOAD(bc), &entry))
558 continue;
559 }
560
561 err = tcpdiag_fill_req(skb, sk, req,
562 NETLINK_CB(cb->skb).pid,
563 cb->nlh->nlmsg_seq);
564 if (err < 0) {
565 cb->args[3] = j + 1;
566 cb->args[4] = reqnum;
567 goto out;
568 }
569 }
570
571 s_reqnum = 0;
572 }
573
574 out:
575 read_unlock_bh(&tp->accept_queue.syn_wait_lock);
576
577 return err;
578 }
579
580 static int tcpdiag_dump(struct sk_buff *skb, struct netlink_callback *cb)
581 {
582 int i, num;
583 int s_i, s_num;
584 struct tcpdiagreq *r = NLMSG_DATA(cb->nlh);
585
586 s_i = cb->args[1];
587 s_num = num = cb->args[2];
588
589 if (cb->args[0] == 0) {
590 if (!(r->tcpdiag_states&(TCPF_LISTEN|TCPF_SYN_RECV)))
591 goto skip_listen_ht;
592 tcp_listen_lock();
593 for (i = s_i; i < TCP_LHTABLE_SIZE; i++) {
594 struct sock *sk;
595 struct hlist_node *node;
596
597 num = 0;
598 sk_for_each(sk, node, &tcp_listening_hash[i]) {
599 struct inet_sock *inet = inet_sk(sk);
600
601 if (num < s_num) {
602 num++;
603 continue;
604 }
605
606 if (r->id.tcpdiag_sport != inet->sport &&
607 r->id.tcpdiag_sport)
608 goto next_listen;
609
610 if (!(r->tcpdiag_states&TCPF_LISTEN) ||
611 r->id.tcpdiag_dport ||
612 cb->args[3] > 0)
613 goto syn_recv;
614
615 if (tcpdiag_dump_sock(skb, sk, cb) < 0) {
616 tcp_listen_unlock();
617 goto done;
618 }
619
620 syn_recv:
621 if (!(r->tcpdiag_states&TCPF_SYN_RECV))
622 goto next_listen;
623
624 if (tcpdiag_dump_reqs(skb, sk, cb) < 0) {
625 tcp_listen_unlock();
626 goto done;
627 }
628
629 next_listen:
630 cb->args[3] = 0;
631 cb->args[4] = 0;
632 ++num;
633 }
634
635 s_num = 0;
636 cb->args[3] = 0;
637 cb->args[4] = 0;
638 }
639 tcp_listen_unlock();
640 skip_listen_ht:
641 cb->args[0] = 1;
642 s_i = num = s_num = 0;
643 }
644
645 if (!(r->tcpdiag_states&~(TCPF_LISTEN|TCPF_SYN_RECV)))
646 return skb->len;
647
648 for (i = s_i; i < tcp_ehash_size; i++) {
649 struct tcp_ehash_bucket *head = &tcp_ehash[i];
650 struct sock *sk;
651 struct hlist_node *node;
652
653 if (i > s_i)
654 s_num = 0;
655
656 read_lock_bh(&head->lock);
657
658 num = 0;
659 sk_for_each(sk, node, &head->chain) {
660 struct inet_sock *inet = inet_sk(sk);
661
662 if (num < s_num)
663 goto next_normal;
664 if (!(r->tcpdiag_states & (1 << sk->sk_state)))
665 goto next_normal;
666 if (r->id.tcpdiag_sport != inet->sport &&
667 r->id.tcpdiag_sport)
668 goto next_normal;
669 if (r->id.tcpdiag_dport != inet->dport && r->id.tcpdiag_dport)
670 goto next_normal;
671 if (tcpdiag_dump_sock(skb, sk, cb) < 0) {
672 read_unlock_bh(&head->lock);
673 goto done;
674 }
675 next_normal:
676 ++num;
677 }
678
679 if (r->tcpdiag_states&TCPF_TIME_WAIT) {
680 sk_for_each(sk, node,
681 &tcp_ehash[i + tcp_ehash_size].chain) {
682 struct inet_sock *inet = inet_sk(sk);
683
684 if (num < s_num)
685 goto next_dying;
686 if (r->id.tcpdiag_sport != inet->sport &&
687 r->id.tcpdiag_sport)
688 goto next_dying;
689 if (r->id.tcpdiag_dport != inet->dport &&
690 r->id.tcpdiag_dport)
691 goto next_dying;
692 if (tcpdiag_dump_sock(skb, sk, cb) < 0) {
693 read_unlock_bh(&head->lock);
694 goto done;
695 }
696 next_dying:
697 ++num;
698 }
699 }
700 read_unlock_bh(&head->lock);
701 }
702
703 done:
704 cb->args[1] = i;
705 cb->args[2] = num;
706 return skb->len;
707 }
708
709 static int tcpdiag_dump_done(struct netlink_callback *cb)
710 {
711 return 0;
712 }
713
714
715 static __inline__ int
716 tcpdiag_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
717 {
718 if (!(nlh->nlmsg_flags&NLM_F_REQUEST))
719 return 0;
720
721 if (nlh->nlmsg_type != TCPDIAG_GETSOCK)
722 goto err_inval;
723
724 if (NLMSG_LENGTH(sizeof(struct tcpdiagreq)) > skb->len)
725 goto err_inval;
726
727 if (nlh->nlmsg_flags&NLM_F_DUMP) {
728 if (nlh->nlmsg_len > 4 + NLMSG_SPACE(sizeof(struct tcpdiagreq))) {
729 struct rtattr *rta = (struct rtattr*)(NLMSG_DATA(nlh) + sizeof(struct tcpdiagreq));
730 if (rta->rta_type != TCPDIAG_REQ_BYTECODE ||
731 rta->rta_len < 8 ||
732 rta->rta_len > nlh->nlmsg_len - NLMSG_SPACE(sizeof(struct tcpdiagreq)))
733 goto err_inval;
734 if (tcpdiag_bc_audit(RTA_DATA(rta), RTA_PAYLOAD(rta)))
735 goto err_inval;
736 }
737 return netlink_dump_start(tcpnl, skb, nlh,
738 tcpdiag_dump,
739 tcpdiag_dump_done);
740 } else {
741 return tcpdiag_get_exact(skb, nlh);
742 }
743
744 err_inval:
745 return -EINVAL;
746 }
747
748
749 static inline void tcpdiag_rcv_skb(struct sk_buff *skb)
750 {
751 int err;
752 struct nlmsghdr * nlh;
753
754 if (skb->len >= NLMSG_SPACE(0)) {
755 nlh = (struct nlmsghdr *)skb->data;
756 if (nlh->nlmsg_len < sizeof(*nlh) || skb->len < nlh->nlmsg_len)
757 return;
758 err = tcpdiag_rcv_msg(skb, nlh);
759 if (err || nlh->nlmsg_flags & NLM_F_ACK)
760 netlink_ack(skb, nlh, err);
761 }
762 }
763
764 static void tcpdiag_rcv(struct sock *sk, int len)
765 {
766 struct sk_buff *skb;
767 unsigned int qlen = skb_queue_len(&sk->sk_receive_queue);
768
769 while (qlen-- && (skb = skb_dequeue(&sk->sk_receive_queue))) {
770 tcpdiag_rcv_skb(skb);
771 kfree_skb(skb);
772 }
773 }
774
775 static int __init tcpdiag_init(void)
776 {
777 tcpnl = netlink_kernel_create(NETLINK_TCPDIAG, tcpdiag_rcv);
778 if (tcpnl == NULL)
779 return -ENOMEM;
780 return 0;
781 }
782
783 static void __exit tcpdiag_exit(void)
784 {
785 sock_release(tcpnl->sk_socket);
786 }
787
788 module_init(tcpdiag_init);
789 module_exit(tcpdiag_exit);
790 MODULE_LICENSE("GPL");
SocketAccessConTroL development