Root/net/unix/af_unix.c

1/*
2 * NET4: Implementation of BSD Unix domain sockets.
3 *
4 * Authors: Alan Cox, <alan@lxorguk.ukuu.org.uk>
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 *
11 * Fixes:
12 * Linus Torvalds : Assorted bug cures.
13 * Niibe Yutaka : async I/O support.
14 * Carsten Paeth : PF_UNIX check, address fixes.
15 * Alan Cox : Limit size of allocated blocks.
16 * Alan Cox : Fixed the stupid socketpair bug.
17 * Alan Cox : BSD compatibility fine tuning.
18 * Alan Cox : Fixed a bug in connect when interrupted.
19 * Alan Cox : Sorted out a proper draft version of
20 * file descriptor passing hacked up from
21 * Mike Shaver's work.
22 * Marty Leisner : Fixes to fd passing
23 * Nick Nevin : recvmsg bugfix.
24 * Alan Cox : Started proper garbage collector
25 * Heiko EiBfeldt : Missing verify_area check
26 * Alan Cox : Started POSIXisms
27 * Andreas Schwab : Replace inode by dentry for proper
28 * reference counting
29 * Kirk Petersen : Made this a module
30 * Christoph Rohland : Elegant non-blocking accept/connect algorithm.
31 * Lots of bug fixes.
32 * Alexey Kuznetosv : Repaired (I hope) bugs introduces
33 * by above two patches.
34 * Andrea Arcangeli : If possible we block in connect(2)
35 * if the max backlog of the listen socket
36 * is been reached. This won't break
37 * old apps and it will avoid huge amount
38 * of socks hashed (this for unix_gc()
39 * performances reasons).
40 * Security fix that limits the max
41 * number of socks to 2*max_files and
42 * the number of skb queueable in the
43 * dgram receiver.
44 * Artur Skawina : Hash function optimizations
45 * Alexey Kuznetsov : Full scale SMP. Lot of bugs are introduced 8)
46 * Malcolm Beattie : Set peercred for socketpair
47 * Michal Ostrowski : Module initialization cleanup.
48 * Arnaldo C. Melo : Remove MOD_{INC,DEC}_USE_COUNT,
49 * the core infrastructure is doing that
50 * for all net proto families now (2.5.69+)
51 *
52 *
53 * Known differences from reference BSD that was tested:
54 *
55 * [TO FIX]
56 * ECONNREFUSED is not returned from one end of a connected() socket to the
57 * other the moment one end closes.
58 * fstat() doesn't return st_dev=0, and give the blksize as high water mark
59 * and a fake inode identifier (nor the BSD first socket fstat twice bug).
60 * [NOT TO FIX]
61 * accept() returns a path name even if the connecting socket has closed
62 * in the meantime (BSD loses the path and gives up).
63 * accept() returns 0 length path for an unbound connector. BSD returns 16
64 * and a null first byte in the path (but not for gethost/peername - BSD bug ??)
65 * socketpair(...SOCK_RAW..) doesn't panic the kernel.
66 * BSD af_unix apparently has connect forgetting to block properly.
67 * (need to check this with the POSIX spec in detail)
68 *
69 * Differences from 2.0.0-11-... (ANK)
70 * Bug fixes and improvements.
71 * - client shutdown killed server socket.
72 * - removed all useless cli/sti pairs.
73 *
74 * Semantic changes/extensions.
75 * - generic control message passing.
76 * - SCM_CREDENTIALS control message.
77 * - "Abstract" (not FS based) socket bindings.
78 * Abstract names are sequences of bytes (not zero terminated)
79 * started by 0, so that this name space does not intersect
80 * with BSD names.
81 */
82
83#include <linux/module.h>
84#include <linux/kernel.h>
85#include <linux/signal.h>
86#include <linux/sched.h>
87#include <linux/errno.h>
88#include <linux/string.h>
89#include <linux/stat.h>
90#include <linux/dcache.h>
91#include <linux/namei.h>
92#include <linux/socket.h>
93#include <linux/un.h>
94#include <linux/fcntl.h>
95#include <linux/termios.h>
96#include <linux/sockios.h>
97#include <linux/net.h>
98#include <linux/in.h>
99#include <linux/fs.h>
100#include <linux/slab.h>
101#include <asm/uaccess.h>
102#include <linux/skbuff.h>
103#include <linux/netdevice.h>
104#include <net/net_namespace.h>
105#include <net/sock.h>
106#include <net/tcp_states.h>
107#include <net/af_unix.h>
108#include <linux/proc_fs.h>
109#include <linux/seq_file.h>
110#include <net/scm.h>
111#include <linux/init.h>
112#include <linux/poll.h>
113#include <linux/rtnetlink.h>
114#include <linux/mount.h>
115#include <net/checksum.h>
116#include <linux/security.h>
117
118static struct hlist_head unix_socket_table[UNIX_HASH_SIZE + 1];
119static DEFINE_SPINLOCK(unix_table_lock);
120static atomic_t unix_nr_socks = ATOMIC_INIT(0);
121
122#define unix_sockets_unbound (&unix_socket_table[UNIX_HASH_SIZE])
123
124#define UNIX_ABSTRACT(sk) (unix_sk(sk)->addr->hash != UNIX_HASH_SIZE)
125
126#ifdef CONFIG_SECURITY_NETWORK
127static void unix_get_secdata(struct scm_cookie *scm, struct sk_buff *skb)
128{
129    memcpy(UNIXSID(skb), &scm->secid, sizeof(u32));
130}
131
132static inline void unix_set_secdata(struct scm_cookie *scm, struct sk_buff *skb)
133{
134    scm->secid = *UNIXSID(skb);
135}
136#else
137static inline void unix_get_secdata(struct scm_cookie *scm, struct sk_buff *skb)
138{ }
139
140static inline void unix_set_secdata(struct scm_cookie *scm, struct sk_buff *skb)
141{ }
142#endif /* CONFIG_SECURITY_NETWORK */
143
144/*
145 * SMP locking strategy:
146 * hash table is protected with spinlock unix_table_lock
147 * each socket state is protected by separate rwlock.
148 */
149
150static inline unsigned unix_hash_fold(__wsum n)
151{
152    unsigned hash = (__force unsigned)n;
153    hash ^= hash>>16;
154    hash ^= hash>>8;
155    return hash&(UNIX_HASH_SIZE-1);
156}
157
158#define unix_peer(sk) (unix_sk(sk)->peer)
159
160static inline int unix_our_peer(struct sock *sk, struct sock *osk)
161{
162    return unix_peer(osk) == sk;
163}
164
165static inline int unix_may_send(struct sock *sk, struct sock *osk)
166{
167    return unix_peer(osk) == NULL || unix_our_peer(sk, osk);
168}
169
170static inline int unix_recvq_full(struct sock const *sk)
171{
172    return skb_queue_len(&sk->sk_receive_queue) > sk->sk_max_ack_backlog;
173}
174
175static struct sock *unix_peer_get(struct sock *s)
176{
177    struct sock *peer;
178
179    unix_state_lock(s);
180    peer = unix_peer(s);
181    if (peer)
182        sock_hold(peer);
183    unix_state_unlock(s);
184    return peer;
185}
186
187static inline void unix_release_addr(struct unix_address *addr)
188{
189    if (atomic_dec_and_test(&addr->refcnt))
190        kfree(addr);
191}
192
193/*
194 * Check unix socket name:
195 * - should be not zero length.
196 * - if started by not zero, should be NULL terminated (FS object)
197 * - if started by zero, it is abstract name.
198 */
199
200static int unix_mkname(struct sockaddr_un *sunaddr, int len, unsigned *hashp)
201{
202    if (len <= sizeof(short) || len > sizeof(*sunaddr))
203        return -EINVAL;
204    if (!sunaddr || sunaddr->sun_family != AF_UNIX)
205        return -EINVAL;
206    if (sunaddr->sun_path[0]) {
207        /*
208         * This may look like an off by one error but it is a bit more
209         * subtle. 108 is the longest valid AF_UNIX path for a binding.
210         * sun_path[108] doesnt as such exist. However in kernel space
211         * we are guaranteed that it is a valid memory location in our
212         * kernel address buffer.
213         */
214        ((char *)sunaddr)[len] = 0;
215        len = strlen(sunaddr->sun_path)+1+sizeof(short);
216        return len;
217    }
218
219    *hashp = unix_hash_fold(csum_partial(sunaddr, len, 0));
220    return len;
221}
222
223static void __unix_remove_socket(struct sock *sk)
224{
225    sk_del_node_init(sk);
226}
227
228static void __unix_insert_socket(struct hlist_head *list, struct sock *sk)
229{
230    WARN_ON(!sk_unhashed(sk));
231    sk_add_node(sk, list);
232}
233
234static inline void unix_remove_socket(struct sock *sk)
235{
236    spin_lock(&unix_table_lock);
237    __unix_remove_socket(sk);
238    spin_unlock(&unix_table_lock);
239}
240
241static inline void unix_insert_socket(struct hlist_head *list, struct sock *sk)
242{
243    spin_lock(&unix_table_lock);
244    __unix_insert_socket(list, sk);
245    spin_unlock(&unix_table_lock);
246}
247
248static struct sock *__unix_find_socket_byname(struct net *net,
249                          struct sockaddr_un *sunname,
250                          int len, int type, unsigned hash)
251{
252    struct sock *s;
253    struct hlist_node *node;
254
255    sk_for_each(s, node, &unix_socket_table[hash ^ type]) {
256        struct unix_sock *u = unix_sk(s);
257
258        if (!net_eq(sock_net(s), net))
259            continue;
260
261        if (u->addr->len == len &&
262            !memcmp(u->addr->name, sunname, len))
263            goto found;
264    }
265    s = NULL;
266found:
267    return s;
268}
269
270static inline struct sock *unix_find_socket_byname(struct net *net,
271                           struct sockaddr_un *sunname,
272                           int len, int type,
273                           unsigned hash)
274{
275    struct sock *s;
276
277    spin_lock(&unix_table_lock);
278    s = __unix_find_socket_byname(net, sunname, len, type, hash);
279    if (s)
280        sock_hold(s);
281    spin_unlock(&unix_table_lock);
282    return s;
283}
284
285static struct sock *unix_find_socket_byinode(struct net *net, struct inode *i)
286{
287    struct sock *s;
288    struct hlist_node *node;
289
290    spin_lock(&unix_table_lock);
291    sk_for_each(s, node,
292            &unix_socket_table[i->i_ino & (UNIX_HASH_SIZE - 1)]) {
293        struct dentry *dentry = unix_sk(s)->dentry;
294
295        if (!net_eq(sock_net(s), net))
296            continue;
297
298        if (dentry && dentry->d_inode == i) {
299            sock_hold(s);
300            goto found;
301        }
302    }
303    s = NULL;
304found:
305    spin_unlock(&unix_table_lock);
306    return s;
307}
308
309static inline int unix_writable(struct sock *sk)
310{
311    return (atomic_read(&sk->sk_wmem_alloc) << 2) <= sk->sk_sndbuf;
312}
313
314static void unix_write_space(struct sock *sk)
315{
316    read_lock(&sk->sk_callback_lock);
317    if (unix_writable(sk)) {
318        if (sk_has_sleeper(sk))
319            wake_up_interruptible_sync(sk->sk_sleep);
320        sk_wake_async(sk, SOCK_WAKE_SPACE, POLL_OUT);
321    }
322    read_unlock(&sk->sk_callback_lock);
323}
324
325/* When dgram socket disconnects (or changes its peer), we clear its receive
326 * queue of packets arrived from previous peer. First, it allows to do
327 * flow control based only on wmem_alloc; second, sk connected to peer
328 * may receive messages only from that peer. */
329static void unix_dgram_disconnected(struct sock *sk, struct sock *other)
330{
331    if (!skb_queue_empty(&sk->sk_receive_queue)) {
332        skb_queue_purge(&sk->sk_receive_queue);
333        wake_up_interruptible_all(&unix_sk(sk)->peer_wait);
334
335        /* If one link of bidirectional dgram pipe is disconnected,
336         * we signal error. Messages are lost. Do not make this,
337         * when peer was not connected to us.
338         */
339        if (!sock_flag(other, SOCK_DEAD) && unix_peer(other) == sk) {
340            other->sk_err = ECONNRESET;
341            other->sk_error_report(other);
342        }
343    }
344}
345
346static void unix_sock_destructor(struct sock *sk)
347{
348    struct unix_sock *u = unix_sk(sk);
349
350    skb_queue_purge(&sk->sk_receive_queue);
351
352    WARN_ON(atomic_read(&sk->sk_wmem_alloc));
353    WARN_ON(!sk_unhashed(sk));
354    WARN_ON(sk->sk_socket);
355    if (!sock_flag(sk, SOCK_DEAD)) {
356        printk(KERN_INFO "Attempt to release alive unix socket: %p\n", sk);
357        return;
358    }
359
360    if (u->addr)
361        unix_release_addr(u->addr);
362
363    atomic_dec(&unix_nr_socks);
364    local_bh_disable();
365    sock_prot_inuse_add(sock_net(sk), sk->sk_prot, -1);
366    local_bh_enable();
367#ifdef UNIX_REFCNT_DEBUG
368    printk(KERN_DEBUG "UNIX %p is destroyed, %d are still alive.\n", sk,
369        atomic_read(&unix_nr_socks));
370#endif
371}
372
373static int unix_release_sock(struct sock *sk, int embrion)
374{
375    struct unix_sock *u = unix_sk(sk);
376    struct dentry *dentry;
377    struct vfsmount *mnt;
378    struct sock *skpair;
379    struct sk_buff *skb;
380    int state;
381
382    unix_remove_socket(sk);
383
384    /* Clear state */
385    unix_state_lock(sk);
386    sock_orphan(sk);
387    sk->sk_shutdown = SHUTDOWN_MASK;
388    dentry = u->dentry;
389    u->dentry = NULL;
390    mnt = u->mnt;
391    u->mnt = NULL;
392    state = sk->sk_state;
393    sk->sk_state = TCP_CLOSE;
394    unix_state_unlock(sk);
395
396    wake_up_interruptible_all(&u->peer_wait);
397
398    skpair = unix_peer(sk);
399
400    if (skpair != NULL) {
401        if (sk->sk_type == SOCK_STREAM || sk->sk_type == SOCK_SEQPACKET) {
402            unix_state_lock(skpair);
403            /* No more writes */
404            skpair->sk_shutdown = SHUTDOWN_MASK;
405            if (!skb_queue_empty(&sk->sk_receive_queue) || embrion)
406                skpair->sk_err = ECONNRESET;
407            unix_state_unlock(skpair);
408            skpair->sk_state_change(skpair);
409            read_lock(&skpair->sk_callback_lock);
410            sk_wake_async(skpair, SOCK_WAKE_WAITD, POLL_HUP);
411            read_unlock(&skpair->sk_callback_lock);
412        }
413        sock_put(skpair); /* It may now die */
414        unix_peer(sk) = NULL;
415    }
416
417    /* Try to flush out this socket. Throw out buffers at least */
418
419    while ((skb = skb_dequeue(&sk->sk_receive_queue)) != NULL) {
420        if (state == TCP_LISTEN)
421            unix_release_sock(skb->sk, 1);
422        /* passed fds are erased in the kfree_skb hook */
423        kfree_skb(skb);
424    }
425
426    if (dentry) {
427        dput(dentry);
428        mntput(mnt);
429    }
430
431    sock_put(sk);
432
433    /* ---- Socket is dead now and most probably destroyed ---- */
434
435    /*
436     * Fixme: BSD difference: In BSD all sockets connected to use get
437     * ECONNRESET and we die on the spot. In Linux we behave
438     * like files and pipes do and wait for the last
439     * dereference.
440     *
441     * Can't we simply set sock->err?
442     *
443     * What the above comment does talk about? --ANK(980817)
444     */
445
446    if (unix_tot_inflight)
447        unix_gc(); /* Garbage collect fds */
448
449    return 0;
450}
451
452static int unix_listen(struct socket *sock, int backlog)
453{
454    int err;
455    struct sock *sk = sock->sk;
456    struct unix_sock *u = unix_sk(sk);
457
458    err = -EOPNOTSUPP;
459    if (sock->type != SOCK_STREAM && sock->type != SOCK_SEQPACKET)
460        goto out; /* Only stream/seqpacket sockets accept */
461    err = -EINVAL;
462    if (!u->addr)
463        goto out; /* No listens on an unbound socket */
464    unix_state_lock(sk);
465    if (sk->sk_state != TCP_CLOSE && sk->sk_state != TCP_LISTEN)
466        goto out_unlock;
467    if (backlog > sk->sk_max_ack_backlog)
468        wake_up_interruptible_all(&u->peer_wait);
469    sk->sk_max_ack_backlog = backlog;
470    sk->sk_state = TCP_LISTEN;
471    /* set credentials so connect can copy them */
472    sk->sk_peercred.pid = task_tgid_vnr(current);
473    current_euid_egid(&sk->sk_peercred.uid, &sk->sk_peercred.gid);
474    err = 0;
475
476out_unlock:
477    unix_state_unlock(sk);
478out:
479    return err;
480}
481
482static int unix_release(struct socket *);
483static int unix_bind(struct socket *, struct sockaddr *, int);
484static int unix_stream_connect(struct socket *, struct sockaddr *,
485                   int addr_len, int flags);
486static int unix_socketpair(struct socket *, struct socket *);
487static int unix_accept(struct socket *, struct socket *, int);
488static int unix_getname(struct socket *, struct sockaddr *, int *, int);
489static unsigned int unix_poll(struct file *, struct socket *, poll_table *);
490static unsigned int unix_dgram_poll(struct file *, struct socket *,
491                    poll_table *);
492static int unix_ioctl(struct socket *, unsigned int, unsigned long);
493static int unix_shutdown(struct socket *, int);
494static int unix_stream_sendmsg(struct kiocb *, struct socket *,
495                   struct msghdr *, size_t);
496static int unix_stream_recvmsg(struct kiocb *, struct socket *,
497                   struct msghdr *, size_t, int);
498static int unix_dgram_sendmsg(struct kiocb *, struct socket *,
499                  struct msghdr *, size_t);
500static int unix_dgram_recvmsg(struct kiocb *, struct socket *,
501                  struct msghdr *, size_t, int);
502static int unix_dgram_connect(struct socket *, struct sockaddr *,
503                  int, int);
504static int unix_seqpacket_sendmsg(struct kiocb *, struct socket *,
505                  struct msghdr *, size_t);
506
507static const struct proto_ops unix_stream_ops = {
508    .family = PF_UNIX,
509    .owner = THIS_MODULE,
510    .release = unix_release,
511    .bind = unix_bind,
512    .connect = unix_stream_connect,
513    .socketpair = unix_socketpair,
514    .accept = unix_accept,
515    .getname = unix_getname,
516    .poll = unix_poll,
517    .ioctl = unix_ioctl,
518    .listen = unix_listen,
519    .shutdown = unix_shutdown,
520    .setsockopt = sock_no_setsockopt,
521    .getsockopt = sock_no_getsockopt,
522    .sendmsg = unix_stream_sendmsg,
523    .recvmsg = unix_stream_recvmsg,
524    .mmap = sock_no_mmap,
525    .sendpage = sock_no_sendpage,
526};
527
528static const struct proto_ops unix_dgram_ops = {
529    .family = PF_UNIX,
530    .owner = THIS_MODULE,
531    .release = unix_release,
532    .bind = unix_bind,
533    .connect = unix_dgram_connect,
534    .socketpair = unix_socketpair,
535    .accept = sock_no_accept,
536    .getname = unix_getname,
537    .poll = unix_dgram_poll,
538    .ioctl = unix_ioctl,
539    .listen = sock_no_listen,
540    .shutdown = unix_shutdown,
541    .setsockopt = sock_no_setsockopt,
542    .getsockopt = sock_no_getsockopt,
543    .sendmsg = unix_dgram_sendmsg,
544    .recvmsg = unix_dgram_recvmsg,
545    .mmap = sock_no_mmap,
546    .sendpage = sock_no_sendpage,
547};
548
549static const struct proto_ops unix_seqpacket_ops = {
550    .family = PF_UNIX,
551    .owner = THIS_MODULE,
552    .release = unix_release,
553    .bind = unix_bind,
554    .connect = unix_stream_connect,
555    .socketpair = unix_socketpair,
556    .accept = unix_accept,
557    .getname = unix_getname,
558    .poll = unix_dgram_poll,
559    .ioctl = unix_ioctl,
560    .listen = unix_listen,
561    .shutdown = unix_shutdown,
562    .setsockopt = sock_no_setsockopt,
563    .getsockopt = sock_no_getsockopt,
564    .sendmsg = unix_seqpacket_sendmsg,
565    .recvmsg = unix_dgram_recvmsg,
566    .mmap = sock_no_mmap,
567    .sendpage = sock_no_sendpage,
568};
569
570static struct proto unix_proto = {
571    .name = "UNIX",
572    .owner = THIS_MODULE,
573    .obj_size = sizeof(struct unix_sock),
574};
575
576/*
577 * AF_UNIX sockets do not interact with hardware, hence they
578 * dont trigger interrupts - so it's safe for them to have
579 * bh-unsafe locking for their sk_receive_queue.lock. Split off
580 * this special lock-class by reinitializing the spinlock key:
581 */
582static struct lock_class_key af_unix_sk_receive_queue_lock_key;
583
584static struct sock *unix_create1(struct net *net, struct socket *sock)
585{
586    struct sock *sk = NULL;
587    struct unix_sock *u;
588
589    atomic_inc(&unix_nr_socks);
590    if (atomic_read(&unix_nr_socks) > 2 * get_max_files())
591        goto out;
592
593    sk = sk_alloc(net, PF_UNIX, GFP_KERNEL, &unix_proto);
594    if (!sk)
595        goto out;
596
597    sock_init_data(sock, sk);
598    lockdep_set_class(&sk->sk_receive_queue.lock,
599                &af_unix_sk_receive_queue_lock_key);
600
601    sk->sk_write_space = unix_write_space;
602    sk->sk_max_ack_backlog = net->unx.sysctl_max_dgram_qlen;
603    sk->sk_destruct = unix_sock_destructor;
604    u = unix_sk(sk);
605    u->dentry = NULL;
606    u->mnt = NULL;
607    spin_lock_init(&u->lock);
608    atomic_long_set(&u->inflight, 0);
609    INIT_LIST_HEAD(&u->link);
610    mutex_init(&u->readlock); /* single task reading lock */
611    init_waitqueue_head(&u->peer_wait);
612    unix_insert_socket(unix_sockets_unbound, sk);
613out:
614    if (sk == NULL)
615        atomic_dec(&unix_nr_socks);
616    else {
617        local_bh_disable();
618        sock_prot_inuse_add(sock_net(sk), sk->sk_prot, 1);
619        local_bh_enable();
620    }
621    return sk;
622}
623
624static int unix_create(struct net *net, struct socket *sock, int protocol)
625{
626    if (protocol && protocol != PF_UNIX)
627        return -EPROTONOSUPPORT;
628
629    sock->state = SS_UNCONNECTED;
630
631    switch (sock->type) {
632    case SOCK_STREAM:
633        sock->ops = &unix_stream_ops;
634        break;
635        /*
636         * Believe it or not BSD has AF_UNIX, SOCK_RAW though
637         * nothing uses it.
638         */
639    case SOCK_RAW:
640        sock->type = SOCK_DGRAM;
641    case SOCK_DGRAM:
642        sock->ops = &unix_dgram_ops;
643        break;
644    case SOCK_SEQPACKET:
645        sock->ops = &unix_seqpacket_ops;
646        break;
647    default:
648        return -ESOCKTNOSUPPORT;
649    }
650
651    return unix_create1(net, sock) ? 0 : -ENOMEM;
652}
653
654static int unix_release(struct socket *sock)
655{
656    struct sock *sk = sock->sk;
657
658    if (!sk)
659        return 0;
660
661    sock->sk = NULL;
662
663    return unix_release_sock(sk, 0);
664}
665
666static int unix_autobind(struct socket *sock)
667{
668    struct sock *sk = sock->sk;
669    struct net *net = sock_net(sk);
670    struct unix_sock *u = unix_sk(sk);
671    static u32 ordernum = 1;
672    struct unix_address *addr;
673    int err;
674
675    mutex_lock(&u->readlock);
676
677    err = 0;
678    if (u->addr)
679        goto out;
680
681    err = -ENOMEM;
682    addr = kzalloc(sizeof(*addr) + sizeof(short) + 16, GFP_KERNEL);
683    if (!addr)
684        goto out;
685
686    addr->name->sun_family = AF_UNIX;
687    atomic_set(&addr->refcnt, 1);
688
689retry:
690    addr->len = sprintf(addr->name->sun_path+1, "%05x", ordernum) + 1 + sizeof(short);
691    addr->hash = unix_hash_fold(csum_partial(addr->name, addr->len, 0));
692
693    spin_lock(&unix_table_lock);
694    ordernum = (ordernum+1)&0xFFFFF;
695
696    if (__unix_find_socket_byname(net, addr->name, addr->len, sock->type,
697                      addr->hash)) {
698        spin_unlock(&unix_table_lock);
699        /* Sanity yield. It is unusual case, but yet... */
700        if (!(ordernum&0xFF))
701            yield();
702        goto retry;
703    }
704    addr->hash ^= sk->sk_type;
705
706    __unix_remove_socket(sk);
707    u->addr = addr;
708    __unix_insert_socket(&unix_socket_table[addr->hash], sk);
709    spin_unlock(&unix_table_lock);
710    err = 0;
711
712out: mutex_unlock(&u->readlock);
713    return err;
714}
715
716static struct sock *unix_find_other(struct net *net,
717                    struct sockaddr_un *sunname, int len,
718                    int type, unsigned hash, int *error)
719{
720    struct sock *u;
721    struct path path;
722    int err = 0;
723
724    if (sunname->sun_path[0]) {
725        struct inode *inode;
726        err = kern_path(sunname->sun_path, LOOKUP_FOLLOW, &path);
727        if (err)
728            goto fail;
729        inode = path.dentry->d_inode;
730        err = inode_permission(inode, MAY_WRITE);
731        if (err)
732            goto put_fail;
733
734        err = -ECONNREFUSED;
735        if (!S_ISSOCK(inode->i_mode))
736            goto put_fail;
737        u = unix_find_socket_byinode(net, inode);
738        if (!u)
739            goto put_fail;
740
741        if (u->sk_type == type)
742            touch_atime(path.mnt, path.dentry);
743
744        path_put(&path);
745
746        err = -EPROTOTYPE;
747        if (u->sk_type != type) {
748            sock_put(u);
749            goto fail;
750        }
751    } else {
752        err = -ECONNREFUSED;
753        u = unix_find_socket_byname(net, sunname, len, type, hash);
754        if (u) {
755            struct dentry *dentry;
756            dentry = unix_sk(u)->dentry;
757            if (dentry)
758                touch_atime(unix_sk(u)->mnt, dentry);
759        } else
760            goto fail;
761    }
762    return u;
763
764put_fail:
765    path_put(&path);
766fail:
767    *error = err;
768    return NULL;
769}
770
771
772static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
773{
774    struct sock *sk = sock->sk;
775    struct net *net = sock_net(sk);
776    struct unix_sock *u = unix_sk(sk);
777    struct sockaddr_un *sunaddr = (struct sockaddr_un *)uaddr;
778    struct dentry *dentry = NULL;
779    struct nameidata nd;
780    int err;
781    unsigned hash;
782    struct unix_address *addr;
783    struct hlist_head *list;
784
785    err = -EINVAL;
786    if (sunaddr->sun_family != AF_UNIX)
787        goto out;
788
789    if (addr_len == sizeof(short)) {
790        err = unix_autobind(sock);
791        goto out;
792    }
793
794    err = unix_mkname(sunaddr, addr_len, &hash);
795    if (err < 0)
796        goto out;
797    addr_len = err;
798
799    mutex_lock(&u->readlock);
800
801    err = -EINVAL;
802    if (u->addr)
803        goto out_up;
804
805    err = -ENOMEM;
806    addr = kmalloc(sizeof(*addr)+addr_len, GFP_KERNEL);
807    if (!addr)
808        goto out_up;
809
810    memcpy(addr->name, sunaddr, addr_len);
811    addr->len = addr_len;
812    addr->hash = hash ^ sk->sk_type;
813    atomic_set(&addr->refcnt, 1);
814
815    if (sunaddr->sun_path[0]) {
816        unsigned int mode;
817        err = 0;
818        /*
819         * Get the parent directory, calculate the hash for last
820         * component.
821         */
822        err = path_lookup(sunaddr->sun_path, LOOKUP_PARENT, &nd);
823        if (err)
824            goto out_mknod_parent;
825
826        dentry = lookup_create(&nd, 0);
827        err = PTR_ERR(dentry);
828        if (IS_ERR(dentry))
829            goto out_mknod_unlock;
830
831        /*
832         * All right, let's create it.
833         */
834        mode = S_IFSOCK |
835               (SOCK_INODE(sock)->i_mode & ~current_umask());
836        err = mnt_want_write(nd.path.mnt);
837        if (err)
838            goto out_mknod_dput;
839        err = security_path_mknod(&nd.path, dentry, mode, 0);
840        if (err)
841            goto out_mknod_drop_write;
842        err = vfs_mknod(nd.path.dentry->d_inode, dentry, mode, 0);
843out_mknod_drop_write:
844        mnt_drop_write(nd.path.mnt);
845        if (err)
846            goto out_mknod_dput;
847        mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
848        dput(nd.path.dentry);
849        nd.path.dentry = dentry;
850
851        addr->hash = UNIX_HASH_SIZE;
852    }
853
854    spin_lock(&unix_table_lock);
855
856    if (!sunaddr->sun_path[0]) {
857        err = -EADDRINUSE;
858        if (__unix_find_socket_byname(net, sunaddr, addr_len,
859                          sk->sk_type, hash)) {
860            unix_release_addr(addr);
861            goto out_unlock;
862        }
863
864        list = &unix_socket_table[addr->hash];
865    } else {
866        list = &unix_socket_table[dentry->d_inode->i_ino & (UNIX_HASH_SIZE-1)];
867        u->dentry = nd.path.dentry;
868        u->mnt = nd.path.mnt;
869    }
870
871    err = 0;
872    __unix_remove_socket(sk);
873    u->addr = addr;
874    __unix_insert_socket(list, sk);
875
876out_unlock:
877    spin_unlock(&unix_table_lock);
878out_up:
879    mutex_unlock(&u->readlock);
880out:
881    return err;
882
883out_mknod_dput:
884    dput(dentry);
885out_mknod_unlock:
886    mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
887    path_put(&nd.path);
888out_mknod_parent:
889    if (err == -EEXIST)
890        err = -EADDRINUSE;
891    unix_release_addr(addr);
892    goto out_up;
893}
894
895static void unix_state_double_lock(struct sock *sk1, struct sock *sk2)
896{
897    if (unlikely(sk1 == sk2) || !sk2) {
898        unix_state_lock(sk1);
899        return;
900    }
901    if (sk1 < sk2) {
902        unix_state_lock(sk1);
903        unix_state_lock_nested(sk2);
904    } else {
905        unix_state_lock(sk2);
906        unix_state_lock_nested(sk1);
907    }
908}
909
910static void unix_state_double_unlock(struct sock *sk1, struct sock *sk2)
911{
912    if (unlikely(sk1 == sk2) || !sk2) {
913        unix_state_unlock(sk1);
914        return;
915    }
916    unix_state_unlock(sk1);
917    unix_state_unlock(sk2);
918}
919
920static int unix_dgram_connect(struct socket *sock, struct sockaddr *addr,
921                  int alen, int flags)
922{
923    struct sock *sk = sock->sk;
924    struct net *net = sock_net(sk);
925    struct sockaddr_un *sunaddr = (struct sockaddr_un *)addr;
926    struct sock *other;
927    unsigned hash;
928    int err;
929
930    if (addr->sa_family != AF_UNSPEC) {
931        err = unix_mkname(sunaddr, alen, &hash);
932        if (err < 0)
933            goto out;
934        alen = err;
935
936        if (test_bit(SOCK_PASSCRED, &sock->flags) &&
937            !unix_sk(sk)->addr && (err = unix_autobind(sock)) != 0)
938            goto out;
939
940restart:
941        other = unix_find_other(net, sunaddr, alen, sock->type, hash, &err);
942        if (!other)
943            goto out;
944
945        unix_state_double_lock(sk, other);
946
947        /* Apparently VFS overslept socket death. Retry. */
948        if (sock_flag(other, SOCK_DEAD)) {
949            unix_state_double_unlock(sk, other);
950            sock_put(other);
951            goto restart;
952        }
953
954        err = -EPERM;
955        if (!unix_may_send(sk, other))
956            goto out_unlock;
957
958        err = security_unix_may_send(sk->sk_socket, other->sk_socket);
959        if (err)
960            goto out_unlock;
961
962    } else {
963        /*
964         * 1003.1g breaking connected state with AF_UNSPEC
965         */
966        other = NULL;
967        unix_state_double_lock(sk, other);
968    }
969
970    /*
971     * If it was connected, reconnect.
972     */
973    if (unix_peer(sk)) {
974        struct sock *old_peer = unix_peer(sk);
975        unix_peer(sk) = other;
976        unix_state_double_unlock(sk, other);
977
978        if (other != old_peer)
979            unix_dgram_disconnected(sk, old_peer);
980        sock_put(old_peer);
981    } else {
982        unix_peer(sk) = other;
983        unix_state_double_unlock(sk, other);
984    }
985    return 0;
986
987out_unlock:
988    unix_state_double_unlock(sk, other);
989    sock_put(other);
990out:
991    return err;
992}
993
994static long unix_wait_for_peer(struct sock *other, long timeo)
995{
996    struct unix_sock *u = unix_sk(other);
997    int sched;
998    DEFINE_WAIT(wait);
999
1000    prepare_to_wait_exclusive(&u->peer_wait, &wait, TASK_INTERRUPTIBLE);
1001
1002    sched = !sock_flag(other, SOCK_DEAD) &&
1003        !(other->sk_shutdown & RCV_SHUTDOWN) &&
1004        unix_recvq_full(other);
1005
1006    unix_state_unlock(other);
1007
1008    if (sched)
1009        timeo = schedule_timeout(timeo);
1010
1011    finish_wait(&u->peer_wait, &wait);
1012    return timeo;
1013}
1014
1015static int unix_stream_connect(struct socket *sock, struct sockaddr *uaddr,
1016                   int addr_len, int flags)
1017{
1018    struct sockaddr_un *sunaddr = (struct sockaddr_un *)uaddr;
1019    struct sock *sk = sock->sk;
1020    struct net *net = sock_net(sk);
1021    struct unix_sock *u = unix_sk(sk), *newu, *otheru;
1022    struct sock *newsk = NULL;
1023    struct sock *other = NULL;
1024    struct sk_buff *skb = NULL;
1025    unsigned hash;
1026    int st;
1027    int err;
1028    long timeo;
1029
1030    err = unix_mkname(sunaddr, addr_len, &hash);
1031    if (err < 0)
1032        goto out;
1033    addr_len = err;
1034
1035    if (test_bit(SOCK_PASSCRED, &sock->flags)
1036        && !u->addr && (err = unix_autobind(sock)) != 0)
1037        goto out;
1038
1039    timeo = sock_sndtimeo(sk, flags & O_NONBLOCK);
1040
1041    /* First of all allocate resources.
1042       If we will make it after state is locked,
1043       we will have to recheck all again in any case.
1044     */
1045
1046    err = -ENOMEM;
1047
1048    /* create new sock for complete connection */
1049    newsk = unix_create1(sock_net(sk), NULL);
1050    if (newsk == NULL)
1051        goto out;
1052
1053    /* Allocate skb for sending to listening sock */
1054    skb = sock_wmalloc(newsk, 1, 0, GFP_KERNEL);
1055    if (skb == NULL)
1056        goto out;
1057
1058restart:
1059    /* Find listening sock. */
1060    other = unix_find_other(net, sunaddr, addr_len, sk->sk_type, hash, &err);
1061    if (!other)
1062        goto out;
1063
1064    /* Latch state of peer */
1065    unix_state_lock(other);
1066
1067    /* Apparently VFS overslept socket death. Retry. */
1068    if (sock_flag(other, SOCK_DEAD)) {
1069        unix_state_unlock(other);
1070        sock_put(other);
1071        goto restart;
1072    }
1073
1074    err = -ECONNREFUSED;
1075    if (other->sk_state != TCP_LISTEN)
1076        goto out_unlock;
1077    if (other->sk_shutdown & RCV_SHUTDOWN)
1078        goto out_unlock;
1079
1080    if (unix_recvq_full(other)) {
1081        err = -EAGAIN;
1082        if (!timeo)
1083            goto out_unlock;
1084
1085        timeo = unix_wait_for_peer(other, timeo);
1086
1087        err = sock_intr_errno(timeo);
1088        if (signal_pending(current))
1089            goto out;
1090        sock_put(other);
1091        goto restart;
1092    }
1093
1094    /* Latch our state.
1095
1096       It is tricky place. We need to grab write lock and cannot
1097       drop lock on peer. It is dangerous because deadlock is
1098       possible. Connect to self case and simultaneous
1099       attempt to connect are eliminated by checking socket
1100       state. other is TCP_LISTEN, if sk is TCP_LISTEN we
1101       check this before attempt to grab lock.
1102
1103       Well, and we have to recheck the state after socket locked.
1104     */
1105    st = sk->sk_state;
1106
1107    switch (st) {
1108    case TCP_CLOSE:
1109        /* This is ok... continue with connect */
1110        break;
1111    case TCP_ESTABLISHED:
1112        /* Socket is already connected */
1113        err = -EISCONN;
1114        goto out_unlock;
1115    default:
1116        err = -EINVAL;
1117        goto out_unlock;
1118    }
1119
1120    unix_state_lock_nested(sk);
1121
1122    if (sk->sk_state != st) {
1123        unix_state_unlock(sk);
1124        unix_state_unlock(other);
1125        sock_put(other);
1126        goto restart;
1127    }
1128
1129    err = security_unix_stream_connect(sock, other->sk_socket, newsk);
1130    if (err) {
1131        unix_state_unlock(sk);
1132        goto out_unlock;
1133    }
1134
1135    /* The way is open! Fastly set all the necessary fields... */
1136
1137    sock_hold(sk);
1138    unix_peer(newsk) = sk;
1139    newsk->sk_state = TCP_ESTABLISHED;
1140    newsk->sk_type = sk->sk_type;
1141    newsk->sk_peercred.pid = task_tgid_vnr(current);
1142    current_euid_egid(&newsk->sk_peercred.uid, &newsk->sk_peercred.gid);
1143    newu = unix_sk(newsk);
1144    newsk->sk_sleep = &newu->peer_wait;
1145    otheru = unix_sk(other);
1146
1147    /* copy address information from listening to new sock*/
1148    if (otheru->addr) {
1149        atomic_inc(&otheru->addr->refcnt);
1150        newu->addr = otheru->addr;
1151    }
1152    if (otheru->dentry) {
1153        newu->dentry = dget(otheru->dentry);
1154        newu->mnt = mntget(otheru->mnt);
1155    }
1156
1157    /* Set credentials */
1158    sk->sk_peercred = other->sk_peercred;
1159
1160    sock->state = SS_CONNECTED;
1161    sk->sk_state = TCP_ESTABLISHED;
1162    sock_hold(newsk);
1163
1164    smp_mb__after_atomic_inc(); /* sock_hold() does an atomic_inc() */
1165    unix_peer(sk) = newsk;
1166
1167    unix_state_unlock(sk);
1168
1169    /* take ten and and send info to listening sock */
1170    spin_lock(&other->sk_receive_queue.lock);
1171    __skb_queue_tail(&other->sk_receive_queue, skb);
1172    spin_unlock(&other->sk_receive_queue.lock);
1173    unix_state_unlock(other);
1174    other->sk_data_ready(other, 0);
1175    sock_put(other);
1176    return 0;
1177
1178out_unlock:
1179    if (other)
1180        unix_state_unlock(other);
1181
1182out:
1183    kfree_skb(skb);
1184    if (newsk)
1185        unix_release_sock(newsk, 0);
1186    if (other)
1187        sock_put(other);
1188    return err;
1189}
1190
1191static int unix_socketpair(struct socket *socka, struct socket *sockb)
1192{
1193    struct sock *ska = socka->sk, *skb = sockb->sk;
1194
1195    /* Join our sockets back to back */
1196    sock_hold(ska);
1197    sock_hold(skb);
1198    unix_peer(ska) = skb;
1199    unix_peer(skb) = ska;
1200    ska->sk_peercred.pid = skb->sk_peercred.pid = task_tgid_vnr(current);
1201    current_euid_egid(&skb->sk_peercred.uid, &skb->sk_peercred.gid);
1202    ska->sk_peercred.uid = skb->sk_peercred.uid;
1203    ska->sk_peercred.gid = skb->sk_peercred.gid;
1204
1205    if (ska->sk_type != SOCK_DGRAM) {
1206        ska->sk_state = TCP_ESTABLISHED;
1207        skb->sk_state = TCP_ESTABLISHED;
1208        socka->state = SS_CONNECTED;
1209        sockb->state = SS_CONNECTED;
1210    }
1211    return 0;
1212}
1213
1214static int unix_accept(struct socket *sock, struct socket *newsock, int flags)
1215{
1216    struct sock *sk = sock->sk;
1217    struct sock *tsk;
1218    struct sk_buff *skb;
1219    int err;
1220
1221    err = -EOPNOTSUPP;
1222    if (sock->type != SOCK_STREAM && sock->type != SOCK_SEQPACKET)
1223        goto out;
1224
1225    err = -EINVAL;
1226    if (sk->sk_state != TCP_LISTEN)
1227        goto out;
1228
1229    /* If socket state is TCP_LISTEN it cannot change (for now...),
1230     * so that no locks are necessary.
1231     */
1232
1233    skb = skb_recv_datagram(sk, 0, flags&O_NONBLOCK, &err);
1234    if (!skb) {
1235        /* This means receive shutdown. */
1236        if (err == 0)
1237            err = -EINVAL;
1238        goto out;
1239    }
1240
1241    tsk = skb->sk;
1242    skb_free_datagram(sk, skb);
1243    wake_up_interruptible(&unix_sk(sk)->peer_wait);
1244
1245    /* attach accepted sock to socket */
1246    unix_state_lock(tsk);
1247    newsock->state = SS_CONNECTED;
1248    sock_graft(tsk, newsock);
1249    unix_state_unlock(tsk);
1250    return 0;
1251
1252out:
1253    return err;
1254}
1255
1256
1257static int unix_getname(struct socket *sock, struct sockaddr *uaddr, int *uaddr_len, int peer)
1258{
1259    struct sock *sk = sock->sk;
1260    struct unix_sock *u;
1261    struct sockaddr_un *sunaddr = (struct sockaddr_un *)uaddr;
1262    int err = 0;
1263
1264    if (peer) {
1265        sk = unix_peer_get(sk);
1266
1267        err = -ENOTCONN;
1268        if (!sk)
1269            goto out;
1270        err = 0;
1271    } else {
1272        sock_hold(sk);
1273    }
1274
1275    u = unix_sk(sk);
1276    unix_state_lock(sk);
1277    if (!u->addr) {
1278        sunaddr->sun_family = AF_UNIX;
1279        sunaddr->sun_path[0] = 0;
1280        *uaddr_len = sizeof(short);
1281    } else {
1282        struct unix_address *addr = u->addr;
1283
1284        *uaddr_len = addr->len;
1285        memcpy(sunaddr, addr->name, *uaddr_len);
1286    }
1287    unix_state_unlock(sk);
1288    sock_put(sk);
1289out:
1290    return err;
1291}
1292
1293static void unix_detach_fds(struct scm_cookie *scm, struct sk_buff *skb)
1294{
1295    int i;
1296
1297    scm->fp = UNIXCB(skb).fp;
1298    skb->destructor = sock_wfree;
1299    UNIXCB(skb).fp = NULL;
1300
1301    for (i = scm->fp->count-1; i >= 0; i--)
1302        unix_notinflight(scm->fp->fp[i]);
1303}
1304
1305static void unix_destruct_fds(struct sk_buff *skb)
1306{
1307    struct scm_cookie scm;
1308    memset(&scm, 0, sizeof(scm));
1309    unix_detach_fds(&scm, skb);
1310
1311    /* Alas, it calls VFS */
1312    /* So fscking what? fput() had been SMP-safe since the last Summer */
1313    scm_destroy(&scm);
1314    sock_wfree(skb);
1315}
1316
1317static int unix_attach_fds(struct scm_cookie *scm, struct sk_buff *skb)
1318{
1319    int i;
1320
1321    /*
1322     * Need to duplicate file references for the sake of garbage
1323     * collection. Otherwise a socket in the fps might become a
1324     * candidate for GC while the skb is not yet queued.
1325     */
1326    UNIXCB(skb).fp = scm_fp_dup(scm->fp);
1327    if (!UNIXCB(skb).fp)
1328        return -ENOMEM;
1329
1330    for (i = scm->fp->count-1; i >= 0; i--)
1331        unix_inflight(scm->fp->fp[i]);
1332    skb->destructor = unix_destruct_fds;
1333    return 0;
1334}
1335
1336/*
1337 * Send AF_UNIX data.
1338 */
1339
1340static int unix_dgram_sendmsg(struct kiocb *kiocb, struct socket *sock,
1341                  struct msghdr *msg, size_t len)
1342{
1343    struct sock_iocb *siocb = kiocb_to_siocb(kiocb);
1344    struct sock *sk = sock->sk;
1345    struct net *net = sock_net(sk);
1346    struct unix_sock *u = unix_sk(sk);
1347    struct sockaddr_un *sunaddr = msg->msg_name;
1348    struct sock *other = NULL;
1349    int namelen = 0; /* fake GCC */
1350    int err;
1351    unsigned hash;
1352    struct sk_buff *skb;
1353    long timeo;
1354    struct scm_cookie tmp_scm;
1355
1356    if (NULL == siocb->scm)
1357        siocb->scm = &tmp_scm;
1358    wait_for_unix_gc();
1359    err = scm_send(sock, msg, siocb->scm);
1360    if (err < 0)
1361        return err;
1362
1363    err = -EOPNOTSUPP;
1364    if (msg->msg_flags&MSG_OOB)
1365        goto out;
1366
1367    if (msg->msg_namelen) {
1368        err = unix_mkname(sunaddr, msg->msg_namelen, &hash);
1369        if (err < 0)
1370            goto out;
1371        namelen = err;
1372    } else {
1373        sunaddr = NULL;
1374        err = -ENOTCONN;
1375        other = unix_peer_get(sk);
1376        if (!other)
1377            goto out;
1378    }
1379
1380    if (test_bit(SOCK_PASSCRED, &sock->flags)
1381        && !u->addr && (err = unix_autobind(sock)) != 0)
1382        goto out;
1383
1384    err = -EMSGSIZE;
1385    if (len > sk->sk_sndbuf - 32)
1386        goto out;
1387
1388    skb = sock_alloc_send_skb(sk, len, msg->msg_flags&MSG_DONTWAIT, &err);
1389    if (skb == NULL)
1390        goto out;
1391
1392    memcpy(UNIXCREDS(skb), &siocb->scm->creds, sizeof(struct ucred));
1393    if (siocb->scm->fp) {
1394        err = unix_attach_fds(siocb->scm, skb);
1395        if (err)
1396            goto out_free;
1397    }
1398    unix_get_secdata(siocb->scm, skb);
1399
1400    skb_reset_transport_header(skb);
1401    err = memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len);
1402    if (err)
1403        goto out_free;
1404
1405    timeo = sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT);
1406
1407restart:
1408    if (!other) {
1409        err = -ECONNRESET;
1410        if (sunaddr == NULL)
1411            goto out_free;
1412
1413        other = unix_find_other(net, sunaddr, namelen, sk->sk_type,
1414                    hash, &err);
1415        if (other == NULL)
1416            goto out_free;
1417    }
1418
1419    unix_state_lock(other);
1420    err = -EPERM;
1421    if (!unix_may_send(sk, other))
1422        goto out_unlock;
1423
1424    if (sock_flag(other, SOCK_DEAD)) {
1425        /*
1426         * Check with 1003.1g - what should
1427         * datagram error
1428         */
1429        unix_state_unlock(other);
1430        sock_put(other);
1431
1432        err = 0;
1433        unix_state_lock(sk);
1434        if (unix_peer(sk) == other) {
1435            unix_peer(sk) = NULL;
1436            unix_state_unlock(sk);
1437
1438            unix_dgram_disconnected(sk, other);
1439            sock_put(other);
1440            err = -ECONNREFUSED;
1441        } else {
1442            unix_state_unlock(sk);
1443        }
1444
1445        other = NULL;
1446        if (err)
1447            goto out_free;
1448        goto restart;
1449    }
1450
1451    err = -EPIPE;
1452    if (other->sk_shutdown & RCV_SHUTDOWN)
1453        goto out_unlock;
1454
1455    if (sk->sk_type != SOCK_SEQPACKET) {
1456        err = security_unix_may_send(sk->sk_socket, other->sk_socket);
1457        if (err)
1458            goto out_unlock;
1459    }
1460
1461    if (unix_peer(other) != sk && unix_recvq_full(other)) {
1462        if (!timeo) {
1463            err = -EAGAIN;
1464            goto out_unlock;
1465        }
1466
1467        timeo = unix_wait_for_peer(other, timeo);
1468
1469        err = sock_intr_errno(timeo);
1470        if (signal_pending(current))
1471            goto out_free;
1472
1473        goto restart;
1474    }
1475
1476    skb_queue_tail(&other->sk_receive_queue, skb);
1477    unix_state_unlock(other);
1478    other->sk_data_ready(other, len);
1479    sock_put(other);
1480    scm_destroy(siocb->scm);
1481    return len;
1482
1483out_unlock:
1484    unix_state_unlock(other);
1485out_free:
1486    kfree_skb(skb);
1487out:
1488    if (other)
1489        sock_put(other);
1490    scm_destroy(siocb->scm);
1491    return err;
1492}
1493
1494
1495static int unix_stream_sendmsg(struct kiocb *kiocb, struct socket *sock,
1496                   struct msghdr *msg, size_t len)
1497{
1498    struct sock_iocb *siocb = kiocb_to_siocb(kiocb);
1499    struct sock *sk = sock->sk;
1500    struct sock *other = NULL;
1501    struct sockaddr_un *sunaddr = msg->msg_name;
1502    int err, size;
1503    struct sk_buff *skb;
1504    int sent = 0;
1505    struct scm_cookie tmp_scm;
1506    bool fds_sent = false;
1507
1508    if (NULL == siocb->scm)
1509        siocb->scm = &tmp_scm;
1510    wait_for_unix_gc();
1511    err = scm_send(sock, msg, siocb->scm);
1512    if (err < 0)
1513        return err;
1514
1515    err = -EOPNOTSUPP;
1516    if (msg->msg_flags&MSG_OOB)
1517        goto out_err;
1518
1519    if (msg->msg_namelen) {
1520        err = sk->sk_state == TCP_ESTABLISHED ? -EISCONN : -EOPNOTSUPP;
1521        goto out_err;
1522    } else {
1523        sunaddr = NULL;
1524        err = -ENOTCONN;
1525        other = unix_peer(sk);
1526        if (!other)
1527            goto out_err;
1528    }
1529
1530    if (sk->sk_shutdown & SEND_SHUTDOWN)
1531        goto pipe_err;
1532
1533    while (sent < len) {
1534        /*
1535         * Optimisation for the fact that under 0.01% of X
1536         * messages typically need breaking up.
1537         */
1538
1539        size = len-sent;
1540
1541        /* Keep two messages in the pipe so it schedules better */
1542        if (size > ((sk->sk_sndbuf >> 1) - 64))
1543            size = (sk->sk_sndbuf >> 1) - 64;
1544
1545        if (size > SKB_MAX_ALLOC)
1546            size = SKB_MAX_ALLOC;
1547
1548        /*
1549         * Grab a buffer
1550         */
1551
1552        skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT,
1553                      &err);
1554
1555        if (skb == NULL)
1556            goto out_err;
1557
1558        /*
1559         * If you pass two values to the sock_alloc_send_skb
1560         * it tries to grab the large buffer with GFP_NOFS
1561         * (which can fail easily), and if it fails grab the
1562         * fallback size buffer which is under a page and will
1563         * succeed. [Alan]
1564         */
1565        size = min_t(int, size, skb_tailroom(skb));
1566
1567        memcpy(UNIXCREDS(skb), &siocb->scm->creds, sizeof(struct ucred));
1568        /* Only send the fds in the first buffer */
1569        if (siocb->scm->fp && !fds_sent) {
1570            err = unix_attach_fds(siocb->scm, skb);
1571            if (err) {
1572                kfree_skb(skb);
1573                goto out_err;
1574            }
1575            fds_sent = true;
1576        }
1577
1578        err = memcpy_fromiovec(skb_put(skb, size), msg->msg_iov, size);
1579        if (err) {
1580            kfree_skb(skb);
1581            goto out_err;
1582        }
1583
1584        unix_state_lock(other);
1585
1586        if (sock_flag(other, SOCK_DEAD) ||
1587            (other->sk_shutdown & RCV_SHUTDOWN))
1588            goto pipe_err_free;
1589
1590        skb_queue_tail(&other->sk_receive_queue, skb);
1591        unix_state_unlock(other);
1592        other->sk_data_ready(other, size);
1593        sent += size;
1594    }
1595
1596    scm_destroy(siocb->scm);
1597    siocb->scm = NULL;
1598
1599    return sent;
1600
1601pipe_err_free:
1602    unix_state_unlock(other);
1603    kfree_skb(skb);
1604pipe_err:
1605    if (sent == 0 && !(msg->msg_flags&MSG_NOSIGNAL))
1606        send_sig(SIGPIPE, current, 0);
1607    err = -EPIPE;
1608out_err:
1609    scm_destroy(siocb->scm);
1610    siocb->scm = NULL;
1611    return sent ? : err;
1612}
1613
1614static int unix_seqpacket_sendmsg(struct kiocb *kiocb, struct socket *sock,
1615                  struct msghdr *msg, size_t len)
1616{
1617    int err;
1618    struct sock *sk = sock->sk;
1619
1620    err = sock_error(sk);
1621    if (err)
1622        return err;
1623
1624    if (sk->sk_state != TCP_ESTABLISHED)
1625        return -ENOTCONN;
1626
1627    if (msg->msg_namelen)
1628        msg->msg_namelen = 0;
1629
1630    return unix_dgram_sendmsg(kiocb, sock, msg, len);
1631}
1632
1633static void unix_copy_addr(struct msghdr *msg, struct sock *sk)
1634{
1635    struct unix_sock *u = unix_sk(sk);
1636
1637    msg->msg_namelen = 0;
1638    if (u->addr) {
1639        msg->msg_namelen = u->addr->len;
1640        memcpy(msg->msg_name, u->addr->name, u->addr->len);
1641    }
1642}
1643
1644static int unix_dgram_recvmsg(struct kiocb *iocb, struct socket *sock,
1645                  struct msghdr *msg, size_t size,
1646                  int flags)
1647{
1648    struct sock_iocb *siocb = kiocb_to_siocb(iocb);
1649    struct scm_cookie tmp_scm;
1650    struct sock *sk = sock->sk;
1651    struct unix_sock *u = unix_sk(sk);
1652    int noblock = flags & MSG_DONTWAIT;
1653    struct sk_buff *skb;
1654    int err;
1655
1656    err = -EOPNOTSUPP;
1657    if (flags&MSG_OOB)
1658        goto out;
1659
1660    msg->msg_namelen = 0;
1661
1662    mutex_lock(&u->readlock);
1663
1664    skb = skb_recv_datagram(sk, flags, noblock, &err);
1665    if (!skb) {
1666        unix_state_lock(sk);
1667        /* Signal EOF on disconnected non-blocking SEQPACKET socket. */
1668        if (sk->sk_type == SOCK_SEQPACKET && err == -EAGAIN &&
1669            (sk->sk_shutdown & RCV_SHUTDOWN))
1670            err = 0;
1671        unix_state_unlock(sk);
1672        goto out_unlock;
1673    }
1674
1675    wake_up_interruptible_sync(&u->peer_wait);
1676
1677    if (msg->msg_name)
1678        unix_copy_addr(msg, skb->sk);
1679
1680    if (size > skb->len)
1681        size = skb->len;
1682    else if (size < skb->len)
1683        msg->msg_flags |= MSG_TRUNC;
1684
1685    err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, size);
1686    if (err)
1687        goto out_free;
1688
1689    if (!siocb->scm) {
1690        siocb->scm = &tmp_scm;
1691        memset(&tmp_scm, 0, sizeof(tmp_scm));
1692    }
1693    siocb->scm->creds = *UNIXCREDS(skb);
1694    unix_set_secdata(siocb->scm, skb);
1695
1696    if (!(flags & MSG_PEEK)) {
1697        if (UNIXCB(skb).fp)
1698            unix_detach_fds(siocb->scm, skb);
1699    } else {
1700        /* It is questionable: on PEEK we could:
1701           - do not return fds - good, but too simple 8)
1702           - return fds, and do not return them on read (old strategy,
1703             apparently wrong)
1704           - clone fds (I chose it for now, it is the most universal
1705             solution)
1706
1707           POSIX 1003.1g does not actually define this clearly
1708           at all. POSIX 1003.1g doesn't define a lot of things
1709           clearly however!
1710
1711        */
1712        if (UNIXCB(skb).fp)
1713            siocb->scm->fp = scm_fp_dup(UNIXCB(skb).fp);
1714    }
1715    err = size;
1716
1717    scm_recv(sock, msg, siocb->scm, flags);
1718
1719out_free:
1720    skb_free_datagram(sk, skb);
1721out_unlock:
1722    mutex_unlock(&u->readlock);
1723out:
1724    return err;
1725}
1726
1727/*
1728 * Sleep until data has arrive. But check for races..
1729 */
1730
1731static long unix_stream_data_wait(struct sock *sk, long timeo)
1732{
1733    DEFINE_WAIT(wait);
1734
1735    unix_state_lock(sk);
1736
1737    for (;;) {
1738        prepare_to_wait(sk->sk_sleep, &wait, TASK_INTERRUPTIBLE);
1739
1740        if (!skb_queue_empty(&sk->sk_receive_queue) ||
1741            sk->sk_err ||
1742            (sk->sk_shutdown & RCV_SHUTDOWN) ||
1743            signal_pending(current) ||
1744            !timeo)
1745            break;
1746
1747        set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
1748        unix_state_unlock(sk);
1749        timeo = schedule_timeout(timeo);
1750        unix_state_lock(sk);
1751        clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
1752    }
1753
1754    finish_wait(sk->sk_sleep, &wait);
1755    unix_state_unlock(sk);
1756    return timeo;
1757}
1758
1759
1760
1761static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock,
1762                   struct msghdr *msg, size_t size,
1763                   int flags)
1764{
1765    struct sock_iocb *siocb = kiocb_to_siocb(iocb);
1766    struct scm_cookie tmp_scm;
1767    struct sock *sk = sock->sk;
1768    struct unix_sock *u = unix_sk(sk);
1769    struct sockaddr_un *sunaddr = msg->msg_name;
1770    int copied = 0;
1771    int check_creds = 0;
1772    int target;
1773    int err = 0;
1774    long timeo;
1775
1776    err = -EINVAL;
1777    if (sk->sk_state != TCP_ESTABLISHED)
1778        goto out;
1779
1780    err = -EOPNOTSUPP;
1781    if (flags&MSG_OOB)
1782        goto out;
1783
1784    target = sock_rcvlowat(sk, flags&MSG_WAITALL, size);
1785    timeo = sock_rcvtimeo(sk, flags&MSG_DONTWAIT);
1786
1787    msg->msg_namelen = 0;
1788
1789    /* Lock the socket to prevent queue disordering
1790     * while sleeps in memcpy_tomsg
1791     */
1792
1793    if (!siocb->scm) {
1794        siocb->scm = &tmp_scm;
1795        memset(&tmp_scm, 0, sizeof(tmp_scm));
1796    }
1797
1798    mutex_lock(&u->readlock);
1799
1800    do {
1801        int chunk;
1802        struct sk_buff *skb;
1803
1804        unix_state_lock(sk);
1805        skb = skb_dequeue(&sk->sk_receive_queue);
1806        if (skb == NULL) {
1807            if (copied >= target)
1808                goto unlock;
1809
1810            /*
1811             * POSIX 1003.1g mandates this order.
1812             */
1813
1814            err = sock_error(sk);
1815            if (err)
1816                goto unlock;
1817            if (sk->sk_shutdown & RCV_SHUTDOWN)
1818                goto unlock;
1819
1820            unix_state_unlock(sk);
1821            err = -EAGAIN;
1822            if (!timeo)
1823                break;
1824            mutex_unlock(&u->readlock);
1825
1826            timeo = unix_stream_data_wait(sk, timeo);
1827
1828            if (signal_pending(current)) {
1829                err = sock_intr_errno(timeo);
1830                goto out;
1831            }
1832            mutex_lock(&u->readlock);
1833            continue;
1834 unlock:
1835            unix_state_unlock(sk);
1836            break;
1837        }
1838        unix_state_unlock(sk);
1839
1840        if (check_creds) {
1841            /* Never glue messages from different writers */
1842            if (memcmp(UNIXCREDS(skb), &siocb->scm->creds,
1843                   sizeof(siocb->scm->creds)) != 0) {
1844                skb_queue_head(&sk->sk_receive_queue, skb);
1845                break;
1846            }
1847        } else {
1848            /* Copy credentials */
1849            siocb->scm->creds = *UNIXCREDS(skb);
1850            check_creds = 1;
1851        }
1852
1853        /* Copy address just once */
1854        if (sunaddr) {
1855            unix_copy_addr(msg, skb->sk);
1856            sunaddr = NULL;
1857        }
1858
1859        chunk = min_t(unsigned int, skb->len, size);
1860        if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) {
1861            skb_queue_head(&sk->sk_receive_queue, skb);
1862            if (copied == 0)
1863                copied = -EFAULT;
1864            break;
1865        }
1866        copied += chunk;
1867        size -= chunk;
1868
1869        /* Mark read part of skb as used */
1870        if (!(flags & MSG_PEEK)) {
1871            skb_pull(skb, chunk);
1872
1873            if (UNIXCB(skb).fp)
1874                unix_detach_fds(siocb->scm, skb);
1875
1876            /* put the skb back if we didn't use it up.. */
1877            if (skb->len) {
1878                skb_queue_head(&sk->sk_receive_queue, skb);
1879                break;
1880            }
1881
1882            kfree_skb(skb);
1883
1884            if (siocb->scm->fp)
1885                break;
1886        } else {
1887            /* It is questionable, see note in unix_dgram_recvmsg.
1888             */
1889            if (UNIXCB(skb).fp)
1890                siocb->scm->fp = scm_fp_dup(UNIXCB(skb).fp);
1891
1892            /* put message back and return */
1893            skb_queue_head(&sk->sk_receive_queue, skb);
1894            break;
1895        }
1896    } while (size);
1897
1898    mutex_unlock(&u->readlock);
1899    scm_recv(sock, msg, siocb->scm, flags);
1900out:
1901    return copied ? : err;
1902}
1903
1904static int unix_shutdown(struct socket *sock, int mode)
1905{
1906    struct sock *sk = sock->sk;
1907    struct sock *other;
1908
1909    mode = (mode+1)&(RCV_SHUTDOWN|SEND_SHUTDOWN);
1910
1911    if (mode) {
1912        unix_state_lock(sk);
1913        sk->sk_shutdown |= mode;
1914        other = unix_peer(sk);
1915        if (other)
1916            sock_hold(other);
1917        unix_state_unlock(sk);
1918        sk->sk_state_change(sk);
1919
1920        if (other &&
1921            (sk->sk_type == SOCK_STREAM || sk->sk_type == SOCK_SEQPACKET)) {
1922
1923            int peer_mode = 0;
1924
1925            if (mode&RCV_SHUTDOWN)
1926                peer_mode |= SEND_SHUTDOWN;
1927            if (mode&SEND_SHUTDOWN)
1928                peer_mode |= RCV_SHUTDOWN;
1929            unix_state_lock(other);
1930            other->sk_shutdown |= peer_mode;
1931            unix_state_unlock(other);
1932            other->sk_state_change(other);
1933            read_lock(&other->sk_callback_lock);
1934            if (peer_mode == SHUTDOWN_MASK)
1935                sk_wake_async(other, SOCK_WAKE_WAITD, POLL_HUP);
1936            else if (peer_mode & RCV_SHUTDOWN)
1937                sk_wake_async(other, SOCK_WAKE_WAITD, POLL_IN);
1938            read_unlock(&other->sk_callback_lock);
1939        }
1940        if (other)
1941            sock_put(other);
1942    }
1943    return 0;
1944}
1945
1946static int unix_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1947{
1948    struct sock *sk = sock->sk;
1949    long amount = 0;
1950    int err;
1951
1952    switch (cmd) {
1953    case SIOCOUTQ:
1954        amount = sk_wmem_alloc_get(sk);
1955        err = put_user(amount, (int __user *)arg);
1956        break;
1957    case SIOCINQ:
1958        {
1959            struct sk_buff *skb;
1960
1961            if (sk->sk_state == TCP_LISTEN) {
1962                err = -EINVAL;
1963                break;
1964            }
1965
1966            spin_lock(&sk->sk_receive_queue.lock);
1967            if (sk->sk_type == SOCK_STREAM ||
1968                sk->sk_type == SOCK_SEQPACKET) {
1969                skb_queue_walk(&sk->sk_receive_queue, skb)
1970                    amount += skb->len;
1971            } else {
1972                skb = skb_peek(&sk->sk_receive_queue);
1973                if (skb)
1974                    amount = skb->len;
1975            }
1976            spin_unlock(&sk->sk_receive_queue.lock);
1977            err = put_user(amount, (int __user *)arg);
1978            break;
1979        }
1980
1981    default:
1982        err = -ENOIOCTLCMD;
1983        break;
1984    }
1985    return err;
1986}
1987
1988static unsigned int unix_poll(struct file *file, struct socket *sock, poll_table *wait)
1989{
1990    struct sock *sk = sock->sk;
1991    unsigned int mask;
1992
1993    sock_poll_wait(file, sk->sk_sleep, wait);
1994    mask = 0;
1995
1996    /* exceptional events? */
1997    if (sk->sk_err)
1998        mask |= POLLERR;
1999    if (sk->sk_shutdown == SHUTDOWN_MASK)
2000        mask |= POLLHUP;
2001    if (sk->sk_shutdown & RCV_SHUTDOWN)
2002        mask |= POLLRDHUP;
2003
2004    /* readable? */
2005    if (!skb_queue_empty(&sk->sk_receive_queue) ||
2006        (sk->sk_shutdown & RCV_SHUTDOWN))
2007        mask |= POLLIN | POLLRDNORM;
2008
2009    /* Connection-based need to check for termination and startup */
2010    if ((sk->sk_type == SOCK_STREAM || sk->sk_type == SOCK_SEQPACKET) &&
2011        sk->sk_state == TCP_CLOSE)
2012        mask |= POLLHUP;
2013
2014    /*
2015     * we set writable also when the other side has shut down the
2016     * connection. This prevents stuck sockets.
2017     */
2018    if (unix_writable(sk))
2019        mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
2020
2021    return mask;
2022}
2023
2024static unsigned int unix_dgram_poll(struct file *file, struct socket *sock,
2025                    poll_table *wait)
2026{
2027    struct sock *sk = sock->sk, *other;
2028    unsigned int mask, writable;
2029
2030    sock_poll_wait(file, sk->sk_sleep, wait);
2031    mask = 0;
2032
2033    /* exceptional events? */
2034    if (sk->sk_err || !skb_queue_empty(&sk->sk_error_queue))
2035        mask |= POLLERR;
2036    if (sk->sk_shutdown & RCV_SHUTDOWN)
2037        mask |= POLLRDHUP;
2038    if (sk->sk_shutdown == SHUTDOWN_MASK)
2039        mask |= POLLHUP;
2040
2041    /* readable? */
2042    if (!skb_queue_empty(&sk->sk_receive_queue) ||
2043        (sk->sk_shutdown & RCV_SHUTDOWN))
2044        mask |= POLLIN | POLLRDNORM;
2045
2046    /* Connection-based need to check for termination and startup */
2047    if (sk->sk_type == SOCK_SEQPACKET) {
2048        if (sk->sk_state == TCP_CLOSE)
2049            mask |= POLLHUP;
2050        /* connection hasn't started yet? */
2051        if (sk->sk_state == TCP_SYN_SENT)
2052            return mask;
2053    }
2054
2055    /* writable? */
2056    writable = unix_writable(sk);
2057    if (writable) {
2058        other = unix_peer_get(sk);
2059        if (other) {
2060            if (unix_peer(other) != sk) {
2061                sock_poll_wait(file, &unix_sk(other)->peer_wait,
2062                      wait);
2063                if (unix_recvq_full(other))
2064                    writable = 0;
2065            }
2066
2067            sock_put(other);
2068        }
2069    }
2070
2071    if (writable)
2072        mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
2073    else
2074        set_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags);
2075
2076    return mask;
2077}
2078
2079#ifdef CONFIG_PROC_FS
2080static struct sock *first_unix_socket(int *i)
2081{
2082    for (*i = 0; *i <= UNIX_HASH_SIZE; (*i)++) {
2083        if (!hlist_empty(&unix_socket_table[*i]))
2084            return __sk_head(&unix_socket_table[*i]);
2085    }
2086    return NULL;
2087}
2088
2089static struct sock *next_unix_socket(int *i, struct sock *s)
2090{
2091    struct sock *next = sk_next(s);
2092    /* More in this chain? */
2093    if (next)
2094        return next;
2095    /* Look for next non-empty chain. */
2096    for ((*i)++; *i <= UNIX_HASH_SIZE; (*i)++) {
2097        if (!hlist_empty(&unix_socket_table[*i]))
2098            return __sk_head(&unix_socket_table[*i]);
2099    }
2100    return NULL;
2101}
2102
2103struct unix_iter_state {
2104    struct seq_net_private p;
2105    int i;
2106};
2107
2108static struct sock *unix_seq_idx(struct seq_file *seq, loff_t pos)
2109{
2110    struct unix_iter_state *iter = seq->private;
2111    loff_t off = 0;
2112    struct sock *s;
2113
2114    for (s = first_unix_socket(&iter->i); s; s = next_unix_socket(&iter->i, s)) {
2115        if (sock_net(s) != seq_file_net(seq))
2116            continue;
2117        if (off == pos)
2118            return s;
2119        ++off;
2120    }
2121    return NULL;
2122}
2123
2124static void *unix_seq_start(struct seq_file *seq, loff_t *pos)
2125    __acquires(unix_table_lock)
2126{
2127    spin_lock(&unix_table_lock);
2128    return *pos ? unix_seq_idx(seq, *pos - 1) : SEQ_START_TOKEN;
2129}
2130
2131static void *unix_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2132{
2133    struct unix_iter_state *iter = seq->private;
2134    struct sock *sk = v;
2135    ++*pos;
2136
2137    if (v == SEQ_START_TOKEN)
2138        sk = first_unix_socket(&iter->i);
2139    else
2140        sk = next_unix_socket(&iter->i, sk);
2141    while (sk && (sock_net(sk) != seq_file_net(seq)))
2142        sk = next_unix_socket(&iter->i, sk);
2143    return sk;
2144}
2145
2146static void unix_seq_stop(struct seq_file *seq, void *v)
2147    __releases(unix_table_lock)
2148{
2149    spin_unlock(&unix_table_lock);
2150}
2151
2152static int unix_seq_show(struct seq_file *seq, void *v)
2153{
2154
2155    if (v == SEQ_START_TOKEN)
2156        seq_puts(seq, "Num RefCount Protocol Flags Type St "
2157             "Inode Path\n");
2158    else {
2159        struct sock *s = v;
2160        struct unix_sock *u = unix_sk(s);
2161        unix_state_lock(s);
2162
2163        seq_printf(seq, "%p: %08X %08X %08X %04X %02X %5lu",
2164            s,
2165            atomic_read(&s->sk_refcnt),
2166            0,
2167            s->sk_state == TCP_LISTEN ? __SO_ACCEPTCON : 0,
2168            s->sk_type,
2169            s->sk_socket ?
2170            (s->sk_state == TCP_ESTABLISHED ? SS_CONNECTED : SS_UNCONNECTED) :
2171            (s->sk_state == TCP_ESTABLISHED ? SS_CONNECTING : SS_DISCONNECTING),
2172            sock_i_ino(s));
2173
2174        if (u->addr) {
2175            int i, len;
2176            seq_putc(seq, ' ');
2177
2178            i = 0;
2179            len = u->addr->len - sizeof(short);
2180            if (!UNIX_ABSTRACT(s))
2181                len--;
2182            else {
2183                seq_putc(seq, '@');
2184                i++;
2185            }
2186            for ( ; i < len; i++)
2187                seq_putc(seq, u->addr->name->sun_path[i]);
2188        }
2189        unix_state_unlock(s);
2190        seq_putc(seq, '\n');
2191    }
2192
2193    return 0;
2194}
2195
2196static const struct seq_operations unix_seq_ops = {
2197    .start = unix_seq_start,
2198    .next = unix_seq_next,
2199    .stop = unix_seq_stop,
2200    .show = unix_seq_show,
2201};
2202
2203static int unix_seq_open(struct inode *inode, struct file *file)
2204{
2205    return seq_open_net(inode, file, &unix_seq_ops,
2206                sizeof(struct unix_iter_state));
2207}
2208
2209static const struct file_operations unix_seq_fops = {
2210    .owner = THIS_MODULE,
2211    .open = unix_seq_open,
2212    .read = seq_read,
2213    .llseek = seq_lseek,
2214    .release = seq_release_net,
2215};
2216
2217#endif
2218
2219static struct net_proto_family unix_family_ops = {
2220    .family = PF_UNIX,
2221    .create = unix_create,
2222    .owner = THIS_MODULE,
2223};
2224
2225
2226static int unix_net_init(struct net *net)
2227{
2228    int error = -ENOMEM;
2229
2230    net->unx.sysctl_max_dgram_qlen = 10;
2231    if (unix_sysctl_register(net))
2232        goto out;
2233
2234#ifdef CONFIG_PROC_FS
2235    if (!proc_net_fops_create(net, "unix", 0, &unix_seq_fops)) {
2236        unix_sysctl_unregister(net);
2237        goto out;
2238    }
2239#endif
2240    error = 0;
2241out:
2242    return error;
2243}
2244
2245static void unix_net_exit(struct net *net)
2246{
2247    unix_sysctl_unregister(net);
2248    proc_net_remove(net, "unix");
2249}
2250
2251static struct pernet_operations unix_net_ops = {
2252    .init = unix_net_init,
2253    .exit = unix_net_exit,
2254};
2255
2256static int __init af_unix_init(void)
2257{
2258    int rc = -1;
2259    struct sk_buff *dummy_skb;
2260
2261    BUILD_BUG_ON(sizeof(struct unix_skb_parms) > sizeof(dummy_skb->cb));
2262
2263    rc = proto_register(&unix_proto, 1);
2264    if (rc != 0) {
2265        printk(KERN_CRIT "%s: Cannot create unix_sock SLAB cache!\n",
2266               __func__);
2267        goto out;
2268    }
2269
2270    sock_register(&unix_family_ops);
2271    register_pernet_subsys(&unix_net_ops);
2272out:
2273    return rc;
2274}
2275
2276static void __exit af_unix_exit(void)
2277{
2278    sock_unregister(PF_UNIX);
2279    proto_unregister(&unix_proto);
2280    unregister_pernet_subsys(&unix_net_ops);
2281}
2282
2283/* Earlier than device_initcall() so that other drivers invoking
2284   request_module() don't end up in a loop when modprobe tries
2285   to use a UNIX socket. But later than subsys_initcall() because
2286   we depend on stuff initialised there */
2287fs_initcall(af_unix_init);
2288module_exit(af_unix_exit);
2289
2290MODULE_LICENSE("GPL");
2291MODULE_ALIAS_NETPROTO(PF_UNIX);
2292

Archive Download this file



interactive