2 * NET4: Implementation of BSD Unix domain sockets.
4 * Authors: Alan Cox, <alan@lxorguk.ukuu.org.uk>
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
12 * Linus Torvalds : Assorted bug cures.
13 * Niibe Yutaka : async I/O support.
14 * Carsten Paeth : PF_UNIX check, address fixes.
15 * Alan Cox : Limit size of allocated blocks.
16 * Alan Cox : Fixed the stupid socketpair bug.
17 * Alan Cox : BSD compatibility fine tuning.
18 * Alan Cox : Fixed a bug in connect when interrupted.
19 * Alan Cox : Sorted out a proper draft version of
20 * file descriptor passing hacked up from
22 * Marty Leisner : Fixes to fd passing
23 * Nick Nevin : recvmsg bugfix.
24 * Alan Cox : Started proper garbage collector
25 * Heiko EiBfeldt : Missing verify_area check
26 * Alan Cox : Started POSIXisms
27 * Andreas Schwab : Replace inode by dentry for proper
29 * Kirk Petersen : Made this a module
30 * Christoph Rohland : Elegant non-blocking accept/connect algorithm.
32 * Alexey Kuznetosv : Repaired (I hope) bugs introduces
33 * by above two patches.
34 * Andrea Arcangeli : If possible we block in connect(2)
35 * if the max backlog of the listen socket
36 * is been reached. This won't break
37 * old apps and it will avoid huge amount
38 * of socks hashed (this for unix_gc()
39 * performances reasons).
40 * Security fix that limits the max
41 * number of socks to 2*max_files and
42 * the number of skb queueable in the
44 * Artur Skawina : Hash function optimizations
45 * Alexey Kuznetsov : Full scale SMP. Lot of bugs are introduced 8)
46 * Malcolm Beattie : Set peercred for socketpair
47 * Michal Ostrowski : Module initialization cleanup.
48 * Arnaldo C. Melo : Remove MOD_{INC,DEC}_USE_COUNT,
49 * the core infrastructure is doing that
50 * for all net proto families now (2.5.69+)
53 * Known differences from reference BSD that was tested:
56 * ECONNREFUSED is not returned from one end of a connected() socket to the
57 * other the moment one end closes.
58 * fstat() doesn't return st_dev=0, and give the blksize as high water mark
59 * and a fake inode identifier (nor the BSD first socket fstat twice bug).
61 * accept() returns a path name even if the connecting socket has closed
62 * in the meantime (BSD loses the path and gives up).
63 * accept() returns 0 length path for an unbound connector. BSD returns 16
64 * and a null first byte in the path (but not for gethost/peername - BSD bug ??)
65 * socketpair(...SOCK_RAW..) doesn't panic the kernel.
66 * BSD af_unix apparently has connect forgetting to block properly.
67 * (need to check this with the POSIX spec in detail)
69 * Differences from 2.0.0-11-... (ANK)
70 * Bug fixes and improvements.
71 * - client shutdown killed server socket.
72 * - removed all useless cli/sti pairs.
74 * Semantic changes/extensions.
75 * - generic control message passing.
76 * - SCM_CREDENTIALS control message.
77 * - "Abstract" (not FS based) socket bindings.
78 * Abstract names are sequences of bytes (not zero terminated)
79 * started by 0, so that this name space does not intersect
83 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
85 #include <linux/module.h>
86 #include <linux/kernel.h>
87 #include <linux/signal.h>
88 #include <linux/sched/signal.h>
89 #include <linux/errno.h>
90 #include <linux/string.h>
91 #include <linux/stat.h>
92 #include <linux/dcache.h>
93 #include <linux/namei.h>
94 #include <linux/socket.h>
96 #include <linux/fcntl.h>
97 #include <linux/termios.h>
98 #include <linux/sockios.h>
99 #include <linux/net.h>
100 #include <linux/in.h>
101 #include <linux/fs.h>
102 #include <linux/slab.h>
103 #include <linux/uaccess.h>
104 #include <linux/skbuff.h>
105 #include <linux/netdevice.h>
106 #include <net/net_namespace.h>
107 #include <net/sock.h>
108 #include <net/tcp_states.h>
109 #include <net/af_unix.h>
110 #include <linux/proc_fs.h>
111 #include <linux/seq_file.h>
113 #include <linux/init.h>
114 #include <linux/poll.h>
115 #include <linux/rtnetlink.h>
116 #include <linux/mount.h>
117 #include <net/checksum.h>
118 #include <linux/security.h>
119 #include <linux/freezer.h>
120 #include <linux/file.h>
124 struct hlist_head unix_socket_table[2 * UNIX_HASH_SIZE];
125 EXPORT_SYMBOL_GPL(unix_socket_table);
126 DEFINE_SPINLOCK(unix_table_lock);
127 EXPORT_SYMBOL_GPL(unix_table_lock);
128 static atomic_long_t unix_nr_socks;
131 static struct hlist_head *unix_sockets_unbound(void *addr)
133 unsigned long hash = (unsigned long)addr;
137 hash %= UNIX_HASH_SIZE;
138 return &unix_socket_table[UNIX_HASH_SIZE + hash];
141 #define UNIX_ABSTRACT(sk) (unix_sk(sk)->addr->hash < UNIX_HASH_SIZE)
143 #ifdef CONFIG_SECURITY_NETWORK
144 static void unix_get_secdata(struct scm_cookie *scm, struct sk_buff *skb)
146 UNIXCB(skb).secid = scm->secid;
149 static inline void unix_set_secdata(struct scm_cookie *scm, struct sk_buff *skb)
151 scm->secid = UNIXCB(skb).secid;
154 static inline bool unix_secdata_eq(struct scm_cookie *scm, struct sk_buff *skb)
156 return (scm->secid == UNIXCB(skb).secid);
159 static inline void unix_get_secdata(struct scm_cookie *scm, struct sk_buff *skb)
162 static inline void unix_set_secdata(struct scm_cookie *scm, struct sk_buff *skb)
165 static inline bool unix_secdata_eq(struct scm_cookie *scm, struct sk_buff *skb)
169 #endif /* CONFIG_SECURITY_NETWORK */
172 * SMP locking strategy:
173 * hash table is protected with spinlock unix_table_lock
174 * each socket state is protected by separate spin lock.
177 static inline unsigned int unix_hash_fold(__wsum n)
179 unsigned int hash = (__force unsigned int)csum_fold(n);
182 return hash&(UNIX_HASH_SIZE-1);
185 #define unix_peer(sk) (unix_sk(sk)->peer)
187 static inline int unix_our_peer(struct sock *sk, struct sock *osk)
189 return unix_peer(osk) == sk;
192 static inline int unix_may_send(struct sock *sk, struct sock *osk)
194 return unix_peer(osk) == NULL || unix_our_peer(sk, osk);
197 static inline int unix_recvq_full(const struct sock *sk)
199 return skb_queue_len(&sk->sk_receive_queue) > sk->sk_max_ack_backlog;
202 static inline int unix_recvq_full_lockless(const struct sock *sk)
204 return skb_queue_len_lockless(&sk->sk_receive_queue) >
205 READ_ONCE(sk->sk_max_ack_backlog);
208 struct sock *unix_peer_get(struct sock *s)
216 unix_state_unlock(s);
219 EXPORT_SYMBOL_GPL(unix_peer_get);
221 static inline void unix_release_addr(struct unix_address *addr)
223 if (refcount_dec_and_test(&addr->refcnt))
228 * Check unix socket name:
229 * - should be not zero length.
230 * - if started by not zero, should be NULL terminated (FS object)
231 * - if started by zero, it is abstract name.
234 static int unix_mkname(struct sockaddr_un *sunaddr, int len, unsigned int *hashp)
238 if (len <= sizeof(short) || len > sizeof(*sunaddr))
240 if (!sunaddr || sunaddr->sun_family != AF_UNIX)
242 if (sunaddr->sun_path[0]) {
244 * This may look like an off by one error but it is a bit more
245 * subtle. 108 is the longest valid AF_UNIX path for a binding.
246 * sun_path[108] doesn't as such exist. However in kernel space
247 * we are guaranteed that it is a valid memory location in our
248 * kernel address buffer.
250 ((char *)sunaddr)[len] = 0;
251 len = strlen(sunaddr->sun_path)+1+sizeof(short);
255 *hashp = unix_hash_fold(csum_partial(sunaddr, len, 0));
259 static void __unix_remove_socket(struct sock *sk)
261 sk_del_node_init(sk);
264 static void __unix_insert_socket(struct hlist_head *list, struct sock *sk)
266 WARN_ON(!sk_unhashed(sk));
267 sk_add_node(sk, list);
270 static inline void unix_remove_socket(struct sock *sk)
272 spin_lock(&unix_table_lock);
273 __unix_remove_socket(sk);
274 spin_unlock(&unix_table_lock);
277 static inline void unix_insert_socket(struct hlist_head *list, struct sock *sk)
279 spin_lock(&unix_table_lock);
280 __unix_insert_socket(list, sk);
281 spin_unlock(&unix_table_lock);
284 static struct sock *__unix_find_socket_byname(struct net *net,
285 struct sockaddr_un *sunname,
286 int len, int type, unsigned int hash)
290 sk_for_each(s, &unix_socket_table[hash ^ type]) {
291 struct unix_sock *u = unix_sk(s);
293 if (!net_eq(sock_net(s), net))
296 if (u->addr->len == len &&
297 !memcmp(u->addr->name, sunname, len))
305 static inline struct sock *unix_find_socket_byname(struct net *net,
306 struct sockaddr_un *sunname,
312 spin_lock(&unix_table_lock);
313 s = __unix_find_socket_byname(net, sunname, len, type, hash);
316 spin_unlock(&unix_table_lock);
320 static struct sock *unix_find_socket_byinode(struct inode *i)
324 spin_lock(&unix_table_lock);
326 &unix_socket_table[i->i_ino & (UNIX_HASH_SIZE - 1)]) {
327 struct dentry *dentry = unix_sk(s)->path.dentry;
329 if (dentry && d_backing_inode(dentry) == i) {
336 spin_unlock(&unix_table_lock);
340 /* Support code for asymmetrically connected dgram sockets
342 * If a datagram socket is connected to a socket not itself connected
343 * to the first socket (eg, /dev/log), clients may only enqueue more
344 * messages if the present receive queue of the server socket is not
345 * "too large". This means there's a second writeability condition
346 * poll and sendmsg need to test. The dgram recv code will do a wake
347 * up on the peer_wait wait queue of a socket upon reception of a
348 * datagram which needs to be propagated to sleeping would-be writers
349 * since these might not have sent anything so far. This can't be
350 * accomplished via poll_wait because the lifetime of the server
351 * socket might be less than that of its clients if these break their
352 * association with it or if the server socket is closed while clients
353 * are still connected to it and there's no way to inform "a polling
354 * implementation" that it should let go of a certain wait queue
356 * In order to propagate a wake up, a wait_queue_entry_t of the client
357 * socket is enqueued on the peer_wait queue of the server socket
358 * whose wake function does a wake_up on the ordinary client socket
359 * wait queue. This connection is established whenever a write (or
360 * poll for write) hit the flow control condition and broken when the
361 * association to the server socket is dissolved or after a wake up
365 static int unix_dgram_peer_wake_relay(wait_queue_entry_t *q, unsigned mode, int flags,
369 wait_queue_head_t *u_sleep;
371 u = container_of(q, struct unix_sock, peer_wake);
373 __remove_wait_queue(&unix_sk(u->peer_wake.private)->peer_wait,
375 u->peer_wake.private = NULL;
377 /* relaying can only happen while the wq still exists */
378 u_sleep = sk_sleep(&u->sk);
380 wake_up_interruptible_poll(u_sleep, key_to_poll(key));
385 static int unix_dgram_peer_wake_connect(struct sock *sk, struct sock *other)
387 struct unix_sock *u, *u_other;
391 u_other = unix_sk(other);
393 spin_lock(&u_other->peer_wait.lock);
395 if (!u->peer_wake.private) {
396 u->peer_wake.private = other;
397 __add_wait_queue(&u_other->peer_wait, &u->peer_wake);
402 spin_unlock(&u_other->peer_wait.lock);
406 static void unix_dgram_peer_wake_disconnect(struct sock *sk,
409 struct unix_sock *u, *u_other;
412 u_other = unix_sk(other);
413 spin_lock(&u_other->peer_wait.lock);
415 if (u->peer_wake.private == other) {
416 __remove_wait_queue(&u_other->peer_wait, &u->peer_wake);
417 u->peer_wake.private = NULL;
420 spin_unlock(&u_other->peer_wait.lock);
423 static void unix_dgram_peer_wake_disconnect_wakeup(struct sock *sk,
426 unix_dgram_peer_wake_disconnect(sk, other);
427 wake_up_interruptible_poll(sk_sleep(sk),
434 * - unix_peer(sk) == other
435 * - association is stable
437 static int unix_dgram_peer_wake_me(struct sock *sk, struct sock *other)
441 connected = unix_dgram_peer_wake_connect(sk, other);
443 /* If other is SOCK_DEAD, we want to make sure we signal
444 * POLLOUT, such that a subsequent write() can get a
445 * -ECONNREFUSED. Otherwise, if we haven't queued any skbs
446 * to other and its full, we will hang waiting for POLLOUT.
448 if (unix_recvq_full(other) && !sock_flag(other, SOCK_DEAD))
452 unix_dgram_peer_wake_disconnect(sk, other);
457 static int unix_writable(const struct sock *sk)
459 return sk->sk_state != TCP_LISTEN &&
460 (refcount_read(&sk->sk_wmem_alloc) << 2) <= sk->sk_sndbuf;
463 static void unix_write_space(struct sock *sk)
465 struct socket_wq *wq;
468 if (unix_writable(sk)) {
469 wq = rcu_dereference(sk->sk_wq);
470 if (skwq_has_sleeper(wq))
471 wake_up_interruptible_sync_poll(&wq->wait,
472 EPOLLOUT | EPOLLWRNORM | EPOLLWRBAND);
473 sk_wake_async(sk, SOCK_WAKE_SPACE, POLL_OUT);
478 /* When dgram socket disconnects (or changes its peer), we clear its receive
479 * queue of packets arrived from previous peer. First, it allows to do
480 * flow control based only on wmem_alloc; second, sk connected to peer
481 * may receive messages only from that peer. */
482 static void unix_dgram_disconnected(struct sock *sk, struct sock *other)
484 if (!skb_queue_empty(&sk->sk_receive_queue)) {
485 skb_queue_purge(&sk->sk_receive_queue);
486 wake_up_interruptible_all(&unix_sk(sk)->peer_wait);
488 /* If one link of bidirectional dgram pipe is disconnected,
489 * we signal error. Messages are lost. Do not make this,
490 * when peer was not connected to us.
492 if (!sock_flag(other, SOCK_DEAD) && unix_peer(other) == sk) {
493 other->sk_err = ECONNRESET;
494 other->sk_error_report(other);
499 static void unix_sock_destructor(struct sock *sk)
501 struct unix_sock *u = unix_sk(sk);
503 skb_queue_purge(&sk->sk_receive_queue);
505 WARN_ON(refcount_read(&sk->sk_wmem_alloc));
506 WARN_ON(!sk_unhashed(sk));
507 WARN_ON(sk->sk_socket);
508 if (!sock_flag(sk, SOCK_DEAD)) {
509 pr_info("Attempt to release alive unix socket: %p\n", sk);
514 unix_release_addr(u->addr);
516 atomic_long_dec(&unix_nr_socks);
518 sock_prot_inuse_add(sock_net(sk), sk->sk_prot, -1);
520 #ifdef UNIX_REFCNT_DEBUG
521 pr_debug("UNIX %p is destroyed, %ld are still alive.\n", sk,
522 atomic_long_read(&unix_nr_socks));
526 static void unix_release_sock(struct sock *sk, int embrion)
528 struct unix_sock *u = unix_sk(sk);
534 unix_remove_socket(sk);
539 sk->sk_shutdown = SHUTDOWN_MASK;
541 u->path.dentry = NULL;
543 state = sk->sk_state;
544 sk->sk_state = TCP_CLOSE;
546 skpair = unix_peer(sk);
547 unix_peer(sk) = NULL;
549 unix_state_unlock(sk);
551 wake_up_interruptible_all(&u->peer_wait);
553 if (skpair != NULL) {
554 if (sk->sk_type == SOCK_STREAM || sk->sk_type == SOCK_SEQPACKET) {
555 unix_state_lock(skpair);
557 skpair->sk_shutdown = SHUTDOWN_MASK;
558 if (!skb_queue_empty(&sk->sk_receive_queue) || embrion)
559 skpair->sk_err = ECONNRESET;
560 unix_state_unlock(skpair);
561 skpair->sk_state_change(skpair);
562 sk_wake_async(skpair, SOCK_WAKE_WAITD, POLL_HUP);
565 unix_dgram_peer_wake_disconnect(sk, skpair);
566 sock_put(skpair); /* It may now die */
569 /* Try to flush out this socket. Throw out buffers at least */
571 while ((skb = skb_dequeue(&sk->sk_receive_queue)) != NULL) {
572 if (state == TCP_LISTEN)
573 unix_release_sock(skb->sk, 1);
574 /* passed fds are erased in the kfree_skb hook */
575 UNIXCB(skb).consumed = skb->len;
584 /* ---- Socket is dead now and most probably destroyed ---- */
587 * Fixme: BSD difference: In BSD all sockets connected to us get
588 * ECONNRESET and we die on the spot. In Linux we behave
589 * like files and pipes do and wait for the last
592 * Can't we simply set sock->err?
594 * What the above comment does talk about? --ANK(980817)
597 if (unix_tot_inflight)
598 unix_gc(); /* Garbage collect fds */
601 static void init_peercred(struct sock *sk)
603 const struct cred *old_cred;
606 spin_lock(&sk->sk_peer_lock);
607 old_pid = sk->sk_peer_pid;
608 old_cred = sk->sk_peer_cred;
609 sk->sk_peer_pid = get_pid(task_tgid(current));
610 sk->sk_peer_cred = get_current_cred();
611 spin_unlock(&sk->sk_peer_lock);
617 static void copy_peercred(struct sock *sk, struct sock *peersk)
619 const struct cred *old_cred;
623 spin_lock(&sk->sk_peer_lock);
624 spin_lock_nested(&peersk->sk_peer_lock, SINGLE_DEPTH_NESTING);
626 spin_lock(&peersk->sk_peer_lock);
627 spin_lock_nested(&sk->sk_peer_lock, SINGLE_DEPTH_NESTING);
629 old_pid = sk->sk_peer_pid;
630 old_cred = sk->sk_peer_cred;
631 sk->sk_peer_pid = get_pid(peersk->sk_peer_pid);
632 sk->sk_peer_cred = get_cred(peersk->sk_peer_cred);
634 spin_unlock(&sk->sk_peer_lock);
635 spin_unlock(&peersk->sk_peer_lock);
641 static int unix_listen(struct socket *sock, int backlog)
644 struct sock *sk = sock->sk;
645 struct unix_sock *u = unix_sk(sk);
646 struct pid *old_pid = NULL;
649 if (sock->type != SOCK_STREAM && sock->type != SOCK_SEQPACKET)
650 goto out; /* Only stream/seqpacket sockets accept */
653 goto out; /* No listens on an unbound socket */
655 if (sk->sk_state != TCP_CLOSE && sk->sk_state != TCP_LISTEN)
657 if (backlog > sk->sk_max_ack_backlog)
658 wake_up_interruptible_all(&u->peer_wait);
659 sk->sk_max_ack_backlog = backlog;
660 sk->sk_state = TCP_LISTEN;
661 /* set credentials so connect can copy them */
666 unix_state_unlock(sk);
672 static int unix_release(struct socket *);
673 static int unix_bind(struct socket *, struct sockaddr *, int);
674 static int unix_stream_connect(struct socket *, struct sockaddr *,
675 int addr_len, int flags);
676 static int unix_socketpair(struct socket *, struct socket *);
677 static int unix_accept(struct socket *, struct socket *, int, bool);
678 static int unix_getname(struct socket *, struct sockaddr *, int);
679 static __poll_t unix_poll(struct file *, struct socket *, poll_table *);
680 static __poll_t unix_dgram_poll(struct file *, struct socket *,
682 static int unix_ioctl(struct socket *, unsigned int, unsigned long);
684 static int unix_compat_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg);
686 static int unix_shutdown(struct socket *, int);
687 static int unix_stream_sendmsg(struct socket *, struct msghdr *, size_t);
688 static int unix_stream_recvmsg(struct socket *, struct msghdr *, size_t, int);
689 static ssize_t unix_stream_sendpage(struct socket *, struct page *, int offset,
690 size_t size, int flags);
691 static ssize_t unix_stream_splice_read(struct socket *, loff_t *ppos,
692 struct pipe_inode_info *, size_t size,
694 static int unix_dgram_sendmsg(struct socket *, struct msghdr *, size_t);
695 static int unix_dgram_recvmsg(struct socket *, struct msghdr *, size_t, int);
696 static int unix_dgram_connect(struct socket *, struct sockaddr *,
698 static int unix_seqpacket_sendmsg(struct socket *, struct msghdr *, size_t);
699 static int unix_seqpacket_recvmsg(struct socket *, struct msghdr *, size_t,
702 static int unix_set_peek_off(struct sock *sk, int val)
704 struct unix_sock *u = unix_sk(sk);
706 if (mutex_lock_interruptible(&u->iolock))
709 sk->sk_peek_off = val;
710 mutex_unlock(&u->iolock);
716 static const struct proto_ops unix_stream_ops = {
718 .owner = THIS_MODULE,
719 .release = unix_release,
721 .connect = unix_stream_connect,
722 .socketpair = unix_socketpair,
723 .accept = unix_accept,
724 .getname = unix_getname,
728 .compat_ioctl = unix_compat_ioctl,
730 .listen = unix_listen,
731 .shutdown = unix_shutdown,
732 .setsockopt = sock_no_setsockopt,
733 .getsockopt = sock_no_getsockopt,
734 .sendmsg = unix_stream_sendmsg,
735 .recvmsg = unix_stream_recvmsg,
736 .mmap = sock_no_mmap,
737 .sendpage = unix_stream_sendpage,
738 .splice_read = unix_stream_splice_read,
739 .set_peek_off = unix_set_peek_off,
742 static const struct proto_ops unix_dgram_ops = {
744 .owner = THIS_MODULE,
745 .release = unix_release,
747 .connect = unix_dgram_connect,
748 .socketpair = unix_socketpair,
749 .accept = sock_no_accept,
750 .getname = unix_getname,
751 .poll = unix_dgram_poll,
754 .compat_ioctl = unix_compat_ioctl,
756 .listen = sock_no_listen,
757 .shutdown = unix_shutdown,
758 .setsockopt = sock_no_setsockopt,
759 .getsockopt = sock_no_getsockopt,
760 .sendmsg = unix_dgram_sendmsg,
761 .recvmsg = unix_dgram_recvmsg,
762 .mmap = sock_no_mmap,
763 .sendpage = sock_no_sendpage,
764 .set_peek_off = unix_set_peek_off,
767 static const struct proto_ops unix_seqpacket_ops = {
769 .owner = THIS_MODULE,
770 .release = unix_release,
772 .connect = unix_stream_connect,
773 .socketpair = unix_socketpair,
774 .accept = unix_accept,
775 .getname = unix_getname,
776 .poll = unix_dgram_poll,
779 .compat_ioctl = unix_compat_ioctl,
781 .listen = unix_listen,
782 .shutdown = unix_shutdown,
783 .setsockopt = sock_no_setsockopt,
784 .getsockopt = sock_no_getsockopt,
785 .sendmsg = unix_seqpacket_sendmsg,
786 .recvmsg = unix_seqpacket_recvmsg,
787 .mmap = sock_no_mmap,
788 .sendpage = sock_no_sendpage,
789 .set_peek_off = unix_set_peek_off,
792 static struct proto unix_proto = {
794 .owner = THIS_MODULE,
795 .obj_size = sizeof(struct unix_sock),
798 static struct sock *unix_create1(struct net *net, struct socket *sock, int kern)
800 struct sock *sk = NULL;
803 atomic_long_inc(&unix_nr_socks);
804 if (atomic_long_read(&unix_nr_socks) > 2 * get_max_files())
807 sk = sk_alloc(net, PF_UNIX, GFP_KERNEL, &unix_proto, kern);
811 sock_init_data(sock, sk);
813 sk->sk_allocation = GFP_KERNEL_ACCOUNT;
814 sk->sk_write_space = unix_write_space;
815 sk->sk_max_ack_backlog = net->unx.sysctl_max_dgram_qlen;
816 sk->sk_destruct = unix_sock_destructor;
818 u->path.dentry = NULL;
820 spin_lock_init(&u->lock);
821 atomic_long_set(&u->inflight, 0);
822 INIT_LIST_HEAD(&u->link);
823 mutex_init(&u->iolock); /* single task reading lock */
824 mutex_init(&u->bindlock); /* single task binding lock */
825 init_waitqueue_head(&u->peer_wait);
826 init_waitqueue_func_entry(&u->peer_wake, unix_dgram_peer_wake_relay);
827 unix_insert_socket(unix_sockets_unbound(sk), sk);
830 atomic_long_dec(&unix_nr_socks);
833 sock_prot_inuse_add(sock_net(sk), sk->sk_prot, 1);
839 static int unix_create(struct net *net, struct socket *sock, int protocol,
842 if (protocol && protocol != PF_UNIX)
843 return -EPROTONOSUPPORT;
845 sock->state = SS_UNCONNECTED;
847 switch (sock->type) {
849 sock->ops = &unix_stream_ops;
852 * Believe it or not BSD has AF_UNIX, SOCK_RAW though
856 sock->type = SOCK_DGRAM;
859 sock->ops = &unix_dgram_ops;
862 sock->ops = &unix_seqpacket_ops;
865 return -ESOCKTNOSUPPORT;
868 return unix_create1(net, sock, kern) ? 0 : -ENOMEM;
871 static int unix_release(struct socket *sock)
873 struct sock *sk = sock->sk;
878 unix_release_sock(sk, 0);
884 static int unix_autobind(struct socket *sock)
886 struct sock *sk = sock->sk;
887 struct net *net = sock_net(sk);
888 struct unix_sock *u = unix_sk(sk);
889 static u32 ordernum = 1;
890 struct unix_address *addr;
892 unsigned int retries = 0;
894 err = mutex_lock_interruptible(&u->bindlock);
903 addr = kzalloc(sizeof(*addr) + sizeof(short) + 16, GFP_KERNEL);
907 addr->name->sun_family = AF_UNIX;
908 refcount_set(&addr->refcnt, 1);
911 addr->len = sprintf(addr->name->sun_path+1, "%05x", ordernum) + 1 + sizeof(short);
912 addr->hash = unix_hash_fold(csum_partial(addr->name, addr->len, 0));
914 spin_lock(&unix_table_lock);
915 ordernum = (ordernum+1)&0xFFFFF;
917 if (__unix_find_socket_byname(net, addr->name, addr->len, sock->type,
919 spin_unlock(&unix_table_lock);
921 * __unix_find_socket_byname() may take long time if many names
922 * are already in use.
925 /* Give up if all names seems to be in use. */
926 if (retries++ == 0xFFFFF) {
933 addr->hash ^= sk->sk_type;
935 __unix_remove_socket(sk);
936 smp_store_release(&u->addr, addr);
937 __unix_insert_socket(&unix_socket_table[addr->hash], sk);
938 spin_unlock(&unix_table_lock);
941 out: mutex_unlock(&u->bindlock);
945 static struct sock *unix_find_other(struct net *net,
946 struct sockaddr_un *sunname, int len,
947 int type, unsigned int hash, int *error)
953 if (sunname->sun_path[0]) {
955 err = kern_path(sunname->sun_path, LOOKUP_FOLLOW, &path);
958 inode = d_backing_inode(path.dentry);
959 err = inode_permission(inode, MAY_WRITE);
964 if (!S_ISSOCK(inode->i_mode))
966 u = unix_find_socket_byinode(inode);
970 if (u->sk_type == type)
976 if (u->sk_type != type) {
982 u = unix_find_socket_byname(net, sunname, len, type, hash);
984 struct dentry *dentry;
985 dentry = unix_sk(u)->path.dentry;
987 touch_atime(&unix_sk(u)->path);
1000 static int unix_mknod(const char *sun_path, umode_t mode, struct path *res)
1002 struct dentry *dentry;
1006 * Get the parent directory, calculate the hash for last
1009 dentry = kern_path_create(AT_FDCWD, sun_path, &path, 0);
1010 err = PTR_ERR(dentry);
1015 * All right, let's create it.
1017 err = security_path_mknod(&path, dentry, mode, 0);
1019 err = vfs_mknod(d_inode(path.dentry), dentry, mode, 0);
1021 res->mnt = mntget(path.mnt);
1022 res->dentry = dget(dentry);
1025 done_path_create(&path, dentry);
1029 static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
1031 struct sock *sk = sock->sk;
1032 struct net *net = sock_net(sk);
1033 struct unix_sock *u = unix_sk(sk);
1034 struct sockaddr_un *sunaddr = (struct sockaddr_un *)uaddr;
1035 char *sun_path = sunaddr->sun_path;
1038 struct unix_address *addr;
1039 struct hlist_head *list;
1040 struct path path = { };
1043 if (addr_len < offsetofend(struct sockaddr_un, sun_family) ||
1044 sunaddr->sun_family != AF_UNIX)
1047 if (addr_len == sizeof(short)) {
1048 err = unix_autobind(sock);
1052 err = unix_mkname(sunaddr, addr_len, &hash);
1058 umode_t mode = S_IFSOCK |
1059 (SOCK_INODE(sock)->i_mode & ~current_umask());
1060 err = unix_mknod(sun_path, mode, &path);
1068 err = mutex_lock_interruptible(&u->bindlock);
1077 addr = kmalloc(sizeof(*addr)+addr_len, GFP_KERNEL);
1081 memcpy(addr->name, sunaddr, addr_len);
1082 addr->len = addr_len;
1083 addr->hash = hash ^ sk->sk_type;
1084 refcount_set(&addr->refcnt, 1);
1087 addr->hash = UNIX_HASH_SIZE;
1088 hash = d_backing_inode(path.dentry)->i_ino & (UNIX_HASH_SIZE - 1);
1089 spin_lock(&unix_table_lock);
1091 list = &unix_socket_table[hash];
1093 spin_lock(&unix_table_lock);
1095 if (__unix_find_socket_byname(net, sunaddr, addr_len,
1096 sk->sk_type, hash)) {
1097 unix_release_addr(addr);
1101 list = &unix_socket_table[addr->hash];
1105 __unix_remove_socket(sk);
1106 smp_store_release(&u->addr, addr);
1107 __unix_insert_socket(list, sk);
1110 spin_unlock(&unix_table_lock);
1112 mutex_unlock(&u->bindlock);
1120 static void unix_state_double_lock(struct sock *sk1, struct sock *sk2)
1122 if (unlikely(sk1 == sk2) || !sk2) {
1123 unix_state_lock(sk1);
1127 unix_state_lock(sk1);
1128 unix_state_lock_nested(sk2);
1130 unix_state_lock(sk2);
1131 unix_state_lock_nested(sk1);
1135 static void unix_state_double_unlock(struct sock *sk1, struct sock *sk2)
1137 if (unlikely(sk1 == sk2) || !sk2) {
1138 unix_state_unlock(sk1);
1141 unix_state_unlock(sk1);
1142 unix_state_unlock(sk2);
1145 static int unix_dgram_connect(struct socket *sock, struct sockaddr *addr,
1146 int alen, int flags)
1148 struct sock *sk = sock->sk;
1149 struct net *net = sock_net(sk);
1150 struct sockaddr_un *sunaddr = (struct sockaddr_un *)addr;
1156 if (alen < offsetofend(struct sockaddr, sa_family))
1159 if (addr->sa_family != AF_UNSPEC) {
1160 err = unix_mkname(sunaddr, alen, &hash);
1165 if (test_bit(SOCK_PASSCRED, &sock->flags) &&
1166 !unix_sk(sk)->addr && (err = unix_autobind(sock)) != 0)
1170 other = unix_find_other(net, sunaddr, alen, sock->type, hash, &err);
1174 unix_state_double_lock(sk, other);
1176 /* Apparently VFS overslept socket death. Retry. */
1177 if (sock_flag(other, SOCK_DEAD)) {
1178 unix_state_double_unlock(sk, other);
1184 if (!unix_may_send(sk, other))
1187 err = security_unix_may_send(sk->sk_socket, other->sk_socket);
1193 * 1003.1g breaking connected state with AF_UNSPEC
1196 unix_state_double_lock(sk, other);
1200 * If it was connected, reconnect.
1202 if (unix_peer(sk)) {
1203 struct sock *old_peer = unix_peer(sk);
1204 unix_peer(sk) = other;
1205 unix_dgram_peer_wake_disconnect_wakeup(sk, old_peer);
1207 unix_state_double_unlock(sk, other);
1209 if (other != old_peer)
1210 unix_dgram_disconnected(sk, old_peer);
1213 unix_peer(sk) = other;
1214 unix_state_double_unlock(sk, other);
1219 unix_state_double_unlock(sk, other);
1225 static long unix_wait_for_peer(struct sock *other, long timeo)
1227 struct unix_sock *u = unix_sk(other);
1231 prepare_to_wait_exclusive(&u->peer_wait, &wait, TASK_INTERRUPTIBLE);
1233 sched = !sock_flag(other, SOCK_DEAD) &&
1234 !(other->sk_shutdown & RCV_SHUTDOWN) &&
1235 unix_recvq_full(other);
1237 unix_state_unlock(other);
1240 timeo = schedule_timeout(timeo);
1242 finish_wait(&u->peer_wait, &wait);
1246 static int unix_stream_connect(struct socket *sock, struct sockaddr *uaddr,
1247 int addr_len, int flags)
1249 struct sockaddr_un *sunaddr = (struct sockaddr_un *)uaddr;
1250 struct sock *sk = sock->sk;
1251 struct net *net = sock_net(sk);
1252 struct unix_sock *u = unix_sk(sk), *newu, *otheru;
1253 struct sock *newsk = NULL;
1254 struct sock *other = NULL;
1255 struct sk_buff *skb = NULL;
1261 err = unix_mkname(sunaddr, addr_len, &hash);
1266 if (test_bit(SOCK_PASSCRED, &sock->flags) && !u->addr &&
1267 (err = unix_autobind(sock)) != 0)
1270 timeo = sock_sndtimeo(sk, flags & O_NONBLOCK);
1272 /* First of all allocate resources.
1273 If we will make it after state is locked,
1274 we will have to recheck all again in any case.
1279 /* create new sock for complete connection */
1280 newsk = unix_create1(sock_net(sk), NULL, 0);
1284 /* Allocate skb for sending to listening sock */
1285 skb = sock_wmalloc(newsk, 1, 0, GFP_KERNEL);
1290 /* Find listening sock. */
1291 other = unix_find_other(net, sunaddr, addr_len, sk->sk_type, hash, &err);
1295 /* Latch state of peer */
1296 unix_state_lock(other);
1298 /* Apparently VFS overslept socket death. Retry. */
1299 if (sock_flag(other, SOCK_DEAD)) {
1300 unix_state_unlock(other);
1305 err = -ECONNREFUSED;
1306 if (other->sk_state != TCP_LISTEN)
1308 if (other->sk_shutdown & RCV_SHUTDOWN)
1311 if (unix_recvq_full(other)) {
1316 timeo = unix_wait_for_peer(other, timeo);
1318 err = sock_intr_errno(timeo);
1319 if (signal_pending(current))
1327 It is tricky place. We need to grab our state lock and cannot
1328 drop lock on peer. It is dangerous because deadlock is
1329 possible. Connect to self case and simultaneous
1330 attempt to connect are eliminated by checking socket
1331 state. other is TCP_LISTEN, if sk is TCP_LISTEN we
1332 check this before attempt to grab lock.
1334 Well, and we have to recheck the state after socket locked.
1340 /* This is ok... continue with connect */
1342 case TCP_ESTABLISHED:
1343 /* Socket is already connected */
1351 unix_state_lock_nested(sk);
1353 if (sk->sk_state != st) {
1354 unix_state_unlock(sk);
1355 unix_state_unlock(other);
1360 err = security_unix_stream_connect(sk, other, newsk);
1362 unix_state_unlock(sk);
1366 /* The way is open! Fastly set all the necessary fields... */
1369 unix_peer(newsk) = sk;
1370 newsk->sk_state = TCP_ESTABLISHED;
1371 newsk->sk_type = sk->sk_type;
1372 init_peercred(newsk);
1373 newu = unix_sk(newsk);
1374 RCU_INIT_POINTER(newsk->sk_wq, &newu->peer_wq);
1375 otheru = unix_sk(other);
1377 /* copy address information from listening to new sock
1379 * The contents of *(otheru->addr) and otheru->path
1380 * are seen fully set up here, since we have found
1381 * otheru in hash under unix_table_lock. Insertion
1382 * into the hash chain we'd found it in had been done
1383 * in an earlier critical area protected by unix_table_lock,
1384 * the same one where we'd set *(otheru->addr) contents,
1385 * as well as otheru->path and otheru->addr itself.
1387 * Using smp_store_release() here to set newu->addr
1388 * is enough to make those stores, as well as stores
1389 * to newu->path visible to anyone who gets newu->addr
1390 * by smp_load_acquire(). IOW, the same warranties
1391 * as for unix_sock instances bound in unix_bind() or
1392 * in unix_autobind().
1394 if (otheru->path.dentry) {
1395 path_get(&otheru->path);
1396 newu->path = otheru->path;
1398 refcount_inc(&otheru->addr->refcnt);
1399 smp_store_release(&newu->addr, otheru->addr);
1401 /* Set credentials */
1402 copy_peercred(sk, other);
1404 sock->state = SS_CONNECTED;
1405 sk->sk_state = TCP_ESTABLISHED;
1408 smp_mb__after_atomic(); /* sock_hold() does an atomic_inc() */
1409 unix_peer(sk) = newsk;
1411 unix_state_unlock(sk);
1413 /* take ten and and send info to listening sock */
1414 spin_lock(&other->sk_receive_queue.lock);
1415 __skb_queue_tail(&other->sk_receive_queue, skb);
1416 spin_unlock(&other->sk_receive_queue.lock);
1417 unix_state_unlock(other);
1418 other->sk_data_ready(other);
1424 unix_state_unlock(other);
1429 unix_release_sock(newsk, 0);
1435 static int unix_socketpair(struct socket *socka, struct socket *sockb)
1437 struct sock *ska = socka->sk, *skb = sockb->sk;
1439 /* Join our sockets back to back */
1442 unix_peer(ska) = skb;
1443 unix_peer(skb) = ska;
1447 if (ska->sk_type != SOCK_DGRAM) {
1448 ska->sk_state = TCP_ESTABLISHED;
1449 skb->sk_state = TCP_ESTABLISHED;
1450 socka->state = SS_CONNECTED;
1451 sockb->state = SS_CONNECTED;
1456 static void unix_sock_inherit_flags(const struct socket *old,
1459 if (test_bit(SOCK_PASSCRED, &old->flags))
1460 set_bit(SOCK_PASSCRED, &new->flags);
1461 if (test_bit(SOCK_PASSSEC, &old->flags))
1462 set_bit(SOCK_PASSSEC, &new->flags);
1465 static int unix_accept(struct socket *sock, struct socket *newsock, int flags,
1468 struct sock *sk = sock->sk;
1470 struct sk_buff *skb;
1474 if (sock->type != SOCK_STREAM && sock->type != SOCK_SEQPACKET)
1478 if (sk->sk_state != TCP_LISTEN)
1481 /* If socket state is TCP_LISTEN it cannot change (for now...),
1482 * so that no locks are necessary.
1485 skb = skb_recv_datagram(sk, 0, flags&O_NONBLOCK, &err);
1487 /* This means receive shutdown. */
1494 skb_free_datagram(sk, skb);
1495 wake_up_interruptible(&unix_sk(sk)->peer_wait);
1497 /* attach accepted sock to socket */
1498 unix_state_lock(tsk);
1499 newsock->state = SS_CONNECTED;
1500 unix_sock_inherit_flags(sock, newsock);
1501 sock_graft(tsk, newsock);
1502 unix_state_unlock(tsk);
1510 static int unix_getname(struct socket *sock, struct sockaddr *uaddr, int peer)
1512 struct sock *sk = sock->sk;
1513 struct unix_address *addr;
1514 DECLARE_SOCKADDR(struct sockaddr_un *, sunaddr, uaddr);
1518 sk = unix_peer_get(sk);
1528 addr = smp_load_acquire(&unix_sk(sk)->addr);
1530 sunaddr->sun_family = AF_UNIX;
1531 sunaddr->sun_path[0] = 0;
1532 err = sizeof(short);
1535 memcpy(sunaddr, addr->name, addr->len);
1542 static void unix_peek_fds(struct scm_cookie *scm, struct sk_buff *skb)
1544 scm->fp = scm_fp_dup(UNIXCB(skb).fp);
1547 * Garbage collection of unix sockets starts by selecting a set of
1548 * candidate sockets which have reference only from being in flight
1549 * (total_refs == inflight_refs). This condition is checked once during
1550 * the candidate collection phase, and candidates are marked as such, so
1551 * that non-candidates can later be ignored. While inflight_refs is
1552 * protected by unix_gc_lock, total_refs (file count) is not, hence this
1553 * is an instantaneous decision.
1555 * Once a candidate, however, the socket must not be reinstalled into a
1556 * file descriptor while the garbage collection is in progress.
1558 * If the above conditions are met, then the directed graph of
1559 * candidates (*) does not change while unix_gc_lock is held.
1561 * Any operations that changes the file count through file descriptors
1562 * (dup, close, sendmsg) does not change the graph since candidates are
1563 * not installed in fds.
1565 * Dequeing a candidate via recvmsg would install it into an fd, but
1566 * that takes unix_gc_lock to decrement the inflight count, so it's
1567 * serialized with garbage collection.
1569 * MSG_PEEK is special in that it does not change the inflight count,
1570 * yet does install the socket into an fd. The following lock/unlock
1571 * pair is to ensure serialization with garbage collection. It must be
1572 * done between incrementing the file count and installing the file into
1575 * If garbage collection starts after the barrier provided by the
1576 * lock/unlock, then it will see the elevated refcount and not mark this
1577 * as a candidate. If a garbage collection is already in progress
1578 * before the file count was incremented, then the lock/unlock pair will
1579 * ensure that garbage collection is finished before progressing to
1580 * installing the fd.
1582 * (*) A -> B where B is on the queue of A or B is on the queue of C
1583 * which is on the queue of listening socket A.
1585 spin_lock(&unix_gc_lock);
1586 spin_unlock(&unix_gc_lock);
1589 static int unix_scm_to_skb(struct scm_cookie *scm, struct sk_buff *skb, bool send_fds)
1593 UNIXCB(skb).pid = get_pid(scm->pid);
1594 UNIXCB(skb).uid = scm->creds.uid;
1595 UNIXCB(skb).gid = scm->creds.gid;
1596 UNIXCB(skb).fp = NULL;
1597 unix_get_secdata(scm, skb);
1598 if (scm->fp && send_fds)
1599 err = unix_attach_fds(scm, skb);
1601 skb->destructor = unix_destruct_scm;
1605 static bool unix_passcred_enabled(const struct socket *sock,
1606 const struct sock *other)
1608 return test_bit(SOCK_PASSCRED, &sock->flags) ||
1609 !other->sk_socket ||
1610 test_bit(SOCK_PASSCRED, &other->sk_socket->flags);
1614 * Some apps rely on write() giving SCM_CREDENTIALS
1615 * We include credentials if source or destination socket
1616 * asserted SOCK_PASSCRED.
1618 static void maybe_add_creds(struct sk_buff *skb, const struct socket *sock,
1619 const struct sock *other)
1621 if (UNIXCB(skb).pid)
1623 if (unix_passcred_enabled(sock, other)) {
1624 UNIXCB(skb).pid = get_pid(task_tgid(current));
1625 current_uid_gid(&UNIXCB(skb).uid, &UNIXCB(skb).gid);
1629 static int maybe_init_creds(struct scm_cookie *scm,
1630 struct socket *socket,
1631 const struct sock *other)
1634 struct msghdr msg = { .msg_controllen = 0 };
1636 err = scm_send(socket, &msg, scm, false);
1640 if (unix_passcred_enabled(socket, other)) {
1641 scm->pid = get_pid(task_tgid(current));
1642 current_uid_gid(&scm->creds.uid, &scm->creds.gid);
1647 static bool unix_skb_scm_eq(struct sk_buff *skb,
1648 struct scm_cookie *scm)
1650 const struct unix_skb_parms *u = &UNIXCB(skb);
1652 return u->pid == scm->pid &&
1653 uid_eq(u->uid, scm->creds.uid) &&
1654 gid_eq(u->gid, scm->creds.gid) &&
1655 unix_secdata_eq(scm, skb);
1659 * Send AF_UNIX data.
1662 static int unix_dgram_sendmsg(struct socket *sock, struct msghdr *msg,
1665 struct sock *sk = sock->sk;
1666 struct net *net = sock_net(sk);
1667 struct unix_sock *u = unix_sk(sk);
1668 DECLARE_SOCKADDR(struct sockaddr_un *, sunaddr, msg->msg_name);
1669 struct sock *other = NULL;
1670 int namelen = 0; /* fake GCC */
1673 struct sk_buff *skb;
1675 struct scm_cookie scm;
1680 err = scm_send(sock, msg, &scm, false);
1685 if (msg->msg_flags&MSG_OOB)
1688 if (msg->msg_namelen) {
1689 err = unix_mkname(sunaddr, msg->msg_namelen, &hash);
1696 other = unix_peer_get(sk);
1701 if (test_bit(SOCK_PASSCRED, &sock->flags) && !u->addr
1702 && (err = unix_autobind(sock)) != 0)
1706 if (len > sk->sk_sndbuf - 32)
1709 if (len > SKB_MAX_ALLOC) {
1710 data_len = min_t(size_t,
1711 len - SKB_MAX_ALLOC,
1712 MAX_SKB_FRAGS * PAGE_SIZE);
1713 data_len = PAGE_ALIGN(data_len);
1715 BUILD_BUG_ON(SKB_MAX_ALLOC < PAGE_SIZE);
1718 skb = sock_alloc_send_pskb(sk, len - data_len, data_len,
1719 msg->msg_flags & MSG_DONTWAIT, &err,
1720 PAGE_ALLOC_COSTLY_ORDER);
1724 err = unix_scm_to_skb(&scm, skb, true);
1728 skb_put(skb, len - data_len);
1729 skb->data_len = data_len;
1731 err = skb_copy_datagram_from_iter(skb, 0, &msg->msg_iter, len);
1735 timeo = sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT);
1740 if (sunaddr == NULL)
1743 other = unix_find_other(net, sunaddr, namelen, sk->sk_type,
1749 if (sk_filter(other, skb) < 0) {
1750 /* Toss the packet but do not return any error to the sender */
1756 unix_state_lock(other);
1759 if (!unix_may_send(sk, other))
1762 if (unlikely(sock_flag(other, SOCK_DEAD))) {
1764 * Check with 1003.1g - what should
1767 unix_state_unlock(other);
1771 unix_state_lock(sk);
1774 if (unix_peer(sk) == other) {
1775 unix_peer(sk) = NULL;
1776 unix_dgram_peer_wake_disconnect_wakeup(sk, other);
1778 unix_state_unlock(sk);
1780 unix_dgram_disconnected(sk, other);
1782 err = -ECONNREFUSED;
1784 unix_state_unlock(sk);
1794 if (other->sk_shutdown & RCV_SHUTDOWN)
1797 if (sk->sk_type != SOCK_SEQPACKET) {
1798 err = security_unix_may_send(sk->sk_socket, other->sk_socket);
1803 /* other == sk && unix_peer(other) != sk if
1804 * - unix_peer(sk) == NULL, destination address bound to sk
1805 * - unix_peer(sk) == sk by time of get but disconnected before lock
1808 unlikely(unix_peer(other) != sk &&
1809 unix_recvq_full_lockless(other))) {
1811 timeo = unix_wait_for_peer(other, timeo);
1813 err = sock_intr_errno(timeo);
1814 if (signal_pending(current))
1821 unix_state_unlock(other);
1822 unix_state_double_lock(sk, other);
1825 if (unix_peer(sk) != other ||
1826 unix_dgram_peer_wake_me(sk, other)) {
1834 goto restart_locked;
1838 if (unlikely(sk_locked))
1839 unix_state_unlock(sk);
1841 if (sock_flag(other, SOCK_RCVTSTAMP))
1842 __net_timestamp(skb);
1843 maybe_add_creds(skb, sock, other);
1844 skb_queue_tail(&other->sk_receive_queue, skb);
1845 unix_state_unlock(other);
1846 other->sk_data_ready(other);
1853 unix_state_unlock(sk);
1854 unix_state_unlock(other);
1864 /* We use paged skbs for stream sockets, and limit occupancy to 32768
1865 * bytes, and a minimum of a full page.
1867 #define UNIX_SKB_FRAGS_SZ (PAGE_SIZE << get_order(32768))
1869 static int unix_stream_sendmsg(struct socket *sock, struct msghdr *msg,
1872 struct sock *sk = sock->sk;
1873 struct sock *other = NULL;
1875 struct sk_buff *skb;
1877 struct scm_cookie scm;
1878 bool fds_sent = false;
1882 err = scm_send(sock, msg, &scm, false);
1887 if (msg->msg_flags&MSG_OOB)
1890 if (msg->msg_namelen) {
1891 err = sk->sk_state == TCP_ESTABLISHED ? -EISCONN : -EOPNOTSUPP;
1895 other = unix_peer(sk);
1900 if (sk->sk_shutdown & SEND_SHUTDOWN)
1903 while (sent < len) {
1906 /* Keep two messages in the pipe so it schedules better */
1907 size = min_t(int, size, (sk->sk_sndbuf >> 1) - 64);
1909 /* allow fallback to order-0 allocations */
1910 size = min_t(int, size, SKB_MAX_HEAD(0) + UNIX_SKB_FRAGS_SZ);
1912 data_len = max_t(int, 0, size - SKB_MAX_HEAD(0));
1914 data_len = min_t(size_t, size, PAGE_ALIGN(data_len));
1916 skb = sock_alloc_send_pskb(sk, size - data_len, data_len,
1917 msg->msg_flags & MSG_DONTWAIT, &err,
1918 get_order(UNIX_SKB_FRAGS_SZ));
1922 /* Only send the fds in the first buffer */
1923 err = unix_scm_to_skb(&scm, skb, !fds_sent);
1930 skb_put(skb, size - data_len);
1931 skb->data_len = data_len;
1933 err = skb_copy_datagram_from_iter(skb, 0, &msg->msg_iter, size);
1939 unix_state_lock(other);
1941 if (sock_flag(other, SOCK_DEAD) ||
1942 (other->sk_shutdown & RCV_SHUTDOWN))
1945 maybe_add_creds(skb, sock, other);
1946 skb_queue_tail(&other->sk_receive_queue, skb);
1947 unix_state_unlock(other);
1948 other->sk_data_ready(other);
1957 unix_state_unlock(other);
1960 if (sent == 0 && !(msg->msg_flags&MSG_NOSIGNAL))
1961 send_sig(SIGPIPE, current, 0);
1965 return sent ? : err;
1968 static ssize_t unix_stream_sendpage(struct socket *socket, struct page *page,
1969 int offset, size_t size, int flags)
1972 bool send_sigpipe = false;
1973 bool init_scm = true;
1974 struct scm_cookie scm;
1975 struct sock *other, *sk = socket->sk;
1976 struct sk_buff *skb, *newskb = NULL, *tail = NULL;
1978 if (flags & MSG_OOB)
1981 other = unix_peer(sk);
1982 if (!other || sk->sk_state != TCP_ESTABLISHED)
1987 unix_state_unlock(other);
1988 mutex_unlock(&unix_sk(other)->iolock);
1989 newskb = sock_alloc_send_pskb(sk, 0, 0, flags & MSG_DONTWAIT,
1995 /* we must acquire iolock as we modify already present
1996 * skbs in the sk_receive_queue and mess with skb->len
1998 err = mutex_lock_interruptible(&unix_sk(other)->iolock);
2000 err = flags & MSG_DONTWAIT ? -EAGAIN : -ERESTARTSYS;
2004 if (sk->sk_shutdown & SEND_SHUTDOWN) {
2006 send_sigpipe = true;
2010 unix_state_lock(other);
2012 if (sock_flag(other, SOCK_DEAD) ||
2013 other->sk_shutdown & RCV_SHUTDOWN) {
2015 send_sigpipe = true;
2016 goto err_state_unlock;
2020 err = maybe_init_creds(&scm, socket, other);
2022 goto err_state_unlock;
2026 skb = skb_peek_tail(&other->sk_receive_queue);
2027 if (tail && tail == skb) {
2029 } else if (!skb || !unix_skb_scm_eq(skb, &scm)) {
2036 } else if (newskb) {
2037 /* this is fast path, we don't necessarily need to
2038 * call to kfree_skb even though with newskb == NULL
2039 * this - does no harm
2041 consume_skb(newskb);
2045 if (skb_append_pagefrags(skb, page, offset, size)) {
2051 skb->data_len += size;
2052 skb->truesize += size;
2053 refcount_add(size, &sk->sk_wmem_alloc);
2056 err = unix_scm_to_skb(&scm, skb, false);
2058 goto err_state_unlock;
2059 spin_lock(&other->sk_receive_queue.lock);
2060 __skb_queue_tail(&other->sk_receive_queue, newskb);
2061 spin_unlock(&other->sk_receive_queue.lock);
2064 unix_state_unlock(other);
2065 mutex_unlock(&unix_sk(other)->iolock);
2067 other->sk_data_ready(other);
2072 unix_state_unlock(other);
2074 mutex_unlock(&unix_sk(other)->iolock);
2077 if (send_sigpipe && !(flags & MSG_NOSIGNAL))
2078 send_sig(SIGPIPE, current, 0);
2084 static int unix_seqpacket_sendmsg(struct socket *sock, struct msghdr *msg,
2088 struct sock *sk = sock->sk;
2090 err = sock_error(sk);
2094 if (sk->sk_state != TCP_ESTABLISHED)
2097 if (msg->msg_namelen)
2098 msg->msg_namelen = 0;
2100 return unix_dgram_sendmsg(sock, msg, len);
2103 static int unix_seqpacket_recvmsg(struct socket *sock, struct msghdr *msg,
2104 size_t size, int flags)
2106 struct sock *sk = sock->sk;
2108 if (sk->sk_state != TCP_ESTABLISHED)
2111 return unix_dgram_recvmsg(sock, msg, size, flags);
2114 static void unix_copy_addr(struct msghdr *msg, struct sock *sk)
2116 struct unix_address *addr = smp_load_acquire(&unix_sk(sk)->addr);
2119 msg->msg_namelen = addr->len;
2120 memcpy(msg->msg_name, addr->name, addr->len);
2124 static int unix_dgram_recvmsg(struct socket *sock, struct msghdr *msg,
2125 size_t size, int flags)
2127 struct scm_cookie scm;
2128 struct sock *sk = sock->sk;
2129 struct unix_sock *u = unix_sk(sk);
2130 struct sk_buff *skb, *last;
2139 timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
2142 mutex_lock(&u->iolock);
2144 skip = sk_peek_offset(sk, flags);
2145 skb = __skb_try_recv_datagram(sk, flags, NULL, &peeked, &skip,
2150 mutex_unlock(&u->iolock);
2155 !__skb_wait_for_more_packets(sk, &err, &timeo, last));
2157 if (!skb) { /* implies iolock unlocked */
2158 unix_state_lock(sk);
2159 /* Signal EOF on disconnected non-blocking SEQPACKET socket. */
2160 if (sk->sk_type == SOCK_SEQPACKET && err == -EAGAIN &&
2161 (sk->sk_shutdown & RCV_SHUTDOWN))
2163 unix_state_unlock(sk);
2167 if (wq_has_sleeper(&u->peer_wait))
2168 wake_up_interruptible_sync_poll(&u->peer_wait,
2169 EPOLLOUT | EPOLLWRNORM |
2173 unix_copy_addr(msg, skb->sk);
2175 if (size > skb->len - skip)
2176 size = skb->len - skip;
2177 else if (size < skb->len - skip)
2178 msg->msg_flags |= MSG_TRUNC;
2180 err = skb_copy_datagram_msg(skb, skip, msg, size);
2184 if (sock_flag(sk, SOCK_RCVTSTAMP))
2185 __sock_recv_timestamp(msg, sk, skb);
2187 memset(&scm, 0, sizeof(scm));
2189 scm_set_cred(&scm, UNIXCB(skb).pid, UNIXCB(skb).uid, UNIXCB(skb).gid);
2190 unix_set_secdata(&scm, skb);
2192 if (!(flags & MSG_PEEK)) {
2194 unix_detach_fds(&scm, skb);
2196 sk_peek_offset_bwd(sk, skb->len);
2198 /* It is questionable: on PEEK we could:
2199 - do not return fds - good, but too simple 8)
2200 - return fds, and do not return them on read (old strategy,
2202 - clone fds (I chose it for now, it is the most universal
2205 POSIX 1003.1g does not actually define this clearly
2206 at all. POSIX 1003.1g doesn't define a lot of things
2211 sk_peek_offset_fwd(sk, size);
2214 unix_peek_fds(&scm, skb);
2216 err = (flags & MSG_TRUNC) ? skb->len - skip : size;
2218 scm_recv(sock, msg, &scm, flags);
2221 skb_free_datagram(sk, skb);
2222 mutex_unlock(&u->iolock);
2228 * Sleep until more data has arrived. But check for races..
2230 static long unix_stream_data_wait(struct sock *sk, long timeo,
2231 struct sk_buff *last, unsigned int last_len,
2234 struct sk_buff *tail;
2237 unix_state_lock(sk);
2240 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
2242 tail = skb_peek_tail(&sk->sk_receive_queue);
2244 (tail && tail->len != last_len) ||
2246 (sk->sk_shutdown & RCV_SHUTDOWN) ||
2247 signal_pending(current) ||
2251 sk_set_bit(SOCKWQ_ASYNC_WAITDATA, sk);
2252 unix_state_unlock(sk);
2254 timeo = freezable_schedule_timeout(timeo);
2256 timeo = schedule_timeout(timeo);
2257 unix_state_lock(sk);
2259 if (sock_flag(sk, SOCK_DEAD))
2262 sk_clear_bit(SOCKWQ_ASYNC_WAITDATA, sk);
2265 finish_wait(sk_sleep(sk), &wait);
2266 unix_state_unlock(sk);
2270 static unsigned int unix_skb_len(const struct sk_buff *skb)
2272 return skb->len - UNIXCB(skb).consumed;
2275 struct unix_stream_read_state {
2276 int (*recv_actor)(struct sk_buff *, int, int,
2277 struct unix_stream_read_state *);
2278 struct socket *socket;
2280 struct pipe_inode_info *pipe;
2283 unsigned int splice_flags;
2286 static int unix_stream_read_generic(struct unix_stream_read_state *state,
2289 struct scm_cookie scm;
2290 struct socket *sock = state->socket;
2291 struct sock *sk = sock->sk;
2292 struct unix_sock *u = unix_sk(sk);
2294 int flags = state->flags;
2295 int noblock = flags & MSG_DONTWAIT;
2296 bool check_creds = false;
2301 size_t size = state->size;
2302 unsigned int last_len;
2304 if (unlikely(sk->sk_state != TCP_ESTABLISHED)) {
2309 if (unlikely(flags & MSG_OOB)) {
2314 target = sock_rcvlowat(sk, flags & MSG_WAITALL, size);
2315 timeo = sock_rcvtimeo(sk, noblock);
2317 memset(&scm, 0, sizeof(scm));
2319 /* Lock the socket to prevent queue disordering
2320 * while sleeps in memcpy_tomsg
2322 mutex_lock(&u->iolock);
2324 skip = max(sk_peek_offset(sk, flags), 0);
2329 struct sk_buff *skb, *last;
2332 unix_state_lock(sk);
2333 if (sock_flag(sk, SOCK_DEAD)) {
2337 last = skb = skb_peek(&sk->sk_receive_queue);
2338 last_len = last ? last->len : 0;
2341 if (copied >= target)
2345 * POSIX 1003.1g mandates this order.
2348 err = sock_error(sk);
2351 if (sk->sk_shutdown & RCV_SHUTDOWN)
2354 unix_state_unlock(sk);
2360 mutex_unlock(&u->iolock);
2362 timeo = unix_stream_data_wait(sk, timeo, last,
2363 last_len, freezable);
2365 if (signal_pending(current)) {
2366 err = sock_intr_errno(timeo);
2371 mutex_lock(&u->iolock);
2374 unix_state_unlock(sk);
2378 while (skip >= unix_skb_len(skb)) {
2379 skip -= unix_skb_len(skb);
2381 last_len = skb->len;
2382 skb = skb_peek_next(skb, &sk->sk_receive_queue);
2387 unix_state_unlock(sk);
2390 /* Never glue messages from different writers */
2391 if (!unix_skb_scm_eq(skb, &scm))
2393 } else if (test_bit(SOCK_PASSCRED, &sock->flags)) {
2394 /* Copy credentials */
2395 scm_set_cred(&scm, UNIXCB(skb).pid, UNIXCB(skb).uid, UNIXCB(skb).gid);
2396 unix_set_secdata(&scm, skb);
2400 /* Copy address just once */
2401 if (state->msg && state->msg->msg_name) {
2402 DECLARE_SOCKADDR(struct sockaddr_un *, sunaddr,
2403 state->msg->msg_name);
2404 unix_copy_addr(state->msg, skb->sk);
2408 chunk = min_t(unsigned int, unix_skb_len(skb) - skip, size);
2410 chunk = state->recv_actor(skb, skip, chunk, state);
2411 drop_skb = !unix_skb_len(skb);
2412 /* skb is only safe to use if !drop_skb */
2423 /* the skb was touched by a concurrent reader;
2424 * we should not expect anything from this skb
2425 * anymore and assume it invalid - we can be
2426 * sure it was dropped from the socket queue
2428 * let's report a short read
2434 /* Mark read part of skb as used */
2435 if (!(flags & MSG_PEEK)) {
2436 UNIXCB(skb).consumed += chunk;
2438 sk_peek_offset_bwd(sk, chunk);
2441 unix_detach_fds(&scm, skb);
2443 if (unix_skb_len(skb))
2446 skb_unlink(skb, &sk->sk_receive_queue);
2452 /* It is questionable, see note in unix_dgram_recvmsg.
2455 unix_peek_fds(&scm, skb);
2457 sk_peek_offset_fwd(sk, chunk);
2464 last_len = skb->len;
2465 unix_state_lock(sk);
2466 skb = skb_peek_next(skb, &sk->sk_receive_queue);
2469 unix_state_unlock(sk);
2474 mutex_unlock(&u->iolock);
2476 scm_recv(sock, state->msg, &scm, flags);
2480 return copied ? : err;
2483 static int unix_stream_read_actor(struct sk_buff *skb,
2484 int skip, int chunk,
2485 struct unix_stream_read_state *state)
2489 ret = skb_copy_datagram_msg(skb, UNIXCB(skb).consumed + skip,
2491 return ret ?: chunk;
2494 static int unix_stream_recvmsg(struct socket *sock, struct msghdr *msg,
2495 size_t size, int flags)
2497 struct unix_stream_read_state state = {
2498 .recv_actor = unix_stream_read_actor,
2505 return unix_stream_read_generic(&state, true);
2508 static int unix_stream_splice_actor(struct sk_buff *skb,
2509 int skip, int chunk,
2510 struct unix_stream_read_state *state)
2512 return skb_splice_bits(skb, state->socket->sk,
2513 UNIXCB(skb).consumed + skip,
2514 state->pipe, chunk, state->splice_flags);
2517 static ssize_t unix_stream_splice_read(struct socket *sock, loff_t *ppos,
2518 struct pipe_inode_info *pipe,
2519 size_t size, unsigned int flags)
2521 struct unix_stream_read_state state = {
2522 .recv_actor = unix_stream_splice_actor,
2526 .splice_flags = flags,
2529 if (unlikely(*ppos))
2532 if (sock->file->f_flags & O_NONBLOCK ||
2533 flags & SPLICE_F_NONBLOCK)
2534 state.flags = MSG_DONTWAIT;
2536 return unix_stream_read_generic(&state, false);
2539 static int unix_shutdown(struct socket *sock, int mode)
2541 struct sock *sk = sock->sk;
2544 if (mode < SHUT_RD || mode > SHUT_RDWR)
2547 * SHUT_RD (0) -> RCV_SHUTDOWN (1)
2548 * SHUT_WR (1) -> SEND_SHUTDOWN (2)
2549 * SHUT_RDWR (2) -> SHUTDOWN_MASK (3)
2553 unix_state_lock(sk);
2554 sk->sk_shutdown |= mode;
2555 other = unix_peer(sk);
2558 unix_state_unlock(sk);
2559 sk->sk_state_change(sk);
2562 (sk->sk_type == SOCK_STREAM || sk->sk_type == SOCK_SEQPACKET)) {
2566 if (mode&RCV_SHUTDOWN)
2567 peer_mode |= SEND_SHUTDOWN;
2568 if (mode&SEND_SHUTDOWN)
2569 peer_mode |= RCV_SHUTDOWN;
2570 unix_state_lock(other);
2571 other->sk_shutdown |= peer_mode;
2572 unix_state_unlock(other);
2573 other->sk_state_change(other);
2574 if (peer_mode == SHUTDOWN_MASK)
2575 sk_wake_async(other, SOCK_WAKE_WAITD, POLL_HUP);
2576 else if (peer_mode & RCV_SHUTDOWN)
2577 sk_wake_async(other, SOCK_WAKE_WAITD, POLL_IN);
2585 long unix_inq_len(struct sock *sk)
2587 struct sk_buff *skb;
2590 if (sk->sk_state == TCP_LISTEN)
2593 spin_lock(&sk->sk_receive_queue.lock);
2594 if (sk->sk_type == SOCK_STREAM ||
2595 sk->sk_type == SOCK_SEQPACKET) {
2596 skb_queue_walk(&sk->sk_receive_queue, skb)
2597 amount += unix_skb_len(skb);
2599 skb = skb_peek(&sk->sk_receive_queue);
2603 spin_unlock(&sk->sk_receive_queue.lock);
2607 EXPORT_SYMBOL_GPL(unix_inq_len);
2609 long unix_outq_len(struct sock *sk)
2611 return sk_wmem_alloc_get(sk);
2613 EXPORT_SYMBOL_GPL(unix_outq_len);
2615 static int unix_open_file(struct sock *sk)
2621 if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN))
2624 if (!smp_load_acquire(&unix_sk(sk)->addr))
2627 path = unix_sk(sk)->path;
2633 fd = get_unused_fd_flags(O_CLOEXEC);
2637 f = dentry_open(&path, O_PATH, current_cred());
2651 static int unix_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
2653 struct sock *sk = sock->sk;
2659 amount = unix_outq_len(sk);
2660 err = put_user(amount, (int __user *)arg);
2663 amount = unix_inq_len(sk);
2667 err = put_user(amount, (int __user *)arg);
2670 err = unix_open_file(sk);
2679 #ifdef CONFIG_COMPAT
2680 static int unix_compat_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
2682 return unix_ioctl(sock, cmd, (unsigned long)compat_ptr(arg));
2686 static __poll_t unix_poll(struct file *file, struct socket *sock, poll_table *wait)
2688 struct sock *sk = sock->sk;
2691 sock_poll_wait(file, sock, wait);
2694 /* exceptional events? */
2697 if (sk->sk_shutdown == SHUTDOWN_MASK)
2699 if (sk->sk_shutdown & RCV_SHUTDOWN)
2700 mask |= EPOLLRDHUP | EPOLLIN | EPOLLRDNORM;
2703 if (!skb_queue_empty_lockless(&sk->sk_receive_queue))
2704 mask |= EPOLLIN | EPOLLRDNORM;
2706 /* Connection-based need to check for termination and startup */
2707 if ((sk->sk_type == SOCK_STREAM || sk->sk_type == SOCK_SEQPACKET) &&
2708 sk->sk_state == TCP_CLOSE)
2712 * we set writable also when the other side has shut down the
2713 * connection. This prevents stuck sockets.
2715 if (unix_writable(sk))
2716 mask |= EPOLLOUT | EPOLLWRNORM | EPOLLWRBAND;
2721 static __poll_t unix_dgram_poll(struct file *file, struct socket *sock,
2724 struct sock *sk = sock->sk, *other;
2725 unsigned int writable;
2728 sock_poll_wait(file, sock, wait);
2731 /* exceptional events? */
2732 if (sk->sk_err || !skb_queue_empty_lockless(&sk->sk_error_queue))
2734 (sock_flag(sk, SOCK_SELECT_ERR_QUEUE) ? EPOLLPRI : 0);
2736 if (sk->sk_shutdown & RCV_SHUTDOWN)
2737 mask |= EPOLLRDHUP | EPOLLIN | EPOLLRDNORM;
2738 if (sk->sk_shutdown == SHUTDOWN_MASK)
2742 if (!skb_queue_empty_lockless(&sk->sk_receive_queue))
2743 mask |= EPOLLIN | EPOLLRDNORM;
2745 /* Connection-based need to check for termination and startup */
2746 if (sk->sk_type == SOCK_SEQPACKET) {
2747 if (sk->sk_state == TCP_CLOSE)
2749 /* connection hasn't started yet? */
2750 if (sk->sk_state == TCP_SYN_SENT)
2754 /* No write status requested, avoid expensive OUT tests. */
2755 if (!(poll_requested_events(wait) & (EPOLLWRBAND|EPOLLWRNORM|EPOLLOUT)))
2758 writable = unix_writable(sk);
2760 unix_state_lock(sk);
2762 other = unix_peer(sk);
2763 if (other && unix_peer(other) != sk &&
2764 unix_recvq_full_lockless(other) &&
2765 unix_dgram_peer_wake_me(sk, other))
2768 unix_state_unlock(sk);
2772 mask |= EPOLLOUT | EPOLLWRNORM | EPOLLWRBAND;
2774 sk_set_bit(SOCKWQ_ASYNC_NOSPACE, sk);
2779 #ifdef CONFIG_PROC_FS
2781 #define BUCKET_SPACE (BITS_PER_LONG - (UNIX_HASH_BITS + 1) - 1)
2783 #define get_bucket(x) ((x) >> BUCKET_SPACE)
2784 #define get_offset(x) ((x) & ((1L << BUCKET_SPACE) - 1))
2785 #define set_bucket_offset(b, o) ((b) << BUCKET_SPACE | (o))
2787 static struct sock *unix_from_bucket(struct seq_file *seq, loff_t *pos)
2789 unsigned long offset = get_offset(*pos);
2790 unsigned long bucket = get_bucket(*pos);
2792 unsigned long count = 0;
2794 for (sk = sk_head(&unix_socket_table[bucket]); sk; sk = sk_next(sk)) {
2795 if (sock_net(sk) != seq_file_net(seq))
2797 if (++count == offset)
2804 static struct sock *unix_next_socket(struct seq_file *seq,
2808 unsigned long bucket;
2810 while (sk > (struct sock *)SEQ_START_TOKEN) {
2814 if (sock_net(sk) == seq_file_net(seq))
2819 sk = unix_from_bucket(seq, pos);
2824 bucket = get_bucket(*pos) + 1;
2825 *pos = set_bucket_offset(bucket, 1);
2826 } while (bucket < ARRAY_SIZE(unix_socket_table));
2831 static void *unix_seq_start(struct seq_file *seq, loff_t *pos)
2832 __acquires(unix_table_lock)
2834 spin_lock(&unix_table_lock);
2837 return SEQ_START_TOKEN;
2839 if (get_bucket(*pos) >= ARRAY_SIZE(unix_socket_table))
2842 return unix_next_socket(seq, NULL, pos);
2845 static void *unix_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2848 return unix_next_socket(seq, v, pos);
2851 static void unix_seq_stop(struct seq_file *seq, void *v)
2852 __releases(unix_table_lock)
2854 spin_unlock(&unix_table_lock);
2857 static int unix_seq_show(struct seq_file *seq, void *v)
2860 if (v == SEQ_START_TOKEN)
2861 seq_puts(seq, "Num RefCount Protocol Flags Type St "
2865 struct unix_sock *u = unix_sk(s);
2868 seq_printf(seq, "%pK: %08X %08X %08X %04X %02X %5lu",
2870 refcount_read(&s->sk_refcnt),
2872 s->sk_state == TCP_LISTEN ? __SO_ACCEPTCON : 0,
2875 (s->sk_state == TCP_ESTABLISHED ? SS_CONNECTED : SS_UNCONNECTED) :
2876 (s->sk_state == TCP_ESTABLISHED ? SS_CONNECTING : SS_DISCONNECTING),
2879 if (u->addr) { // under unix_table_lock here
2884 len = u->addr->len - sizeof(short);
2885 if (!UNIX_ABSTRACT(s))
2891 for ( ; i < len; i++)
2892 seq_putc(seq, u->addr->name->sun_path[i] ?:
2895 unix_state_unlock(s);
2896 seq_putc(seq, '\n');
2902 static const struct seq_operations unix_seq_ops = {
2903 .start = unix_seq_start,
2904 .next = unix_seq_next,
2905 .stop = unix_seq_stop,
2906 .show = unix_seq_show,
2910 static const struct net_proto_family unix_family_ops = {
2912 .create = unix_create,
2913 .owner = THIS_MODULE,
2917 static int __net_init unix_net_init(struct net *net)
2919 int error = -ENOMEM;
2921 net->unx.sysctl_max_dgram_qlen = 10;
2922 if (unix_sysctl_register(net))
2925 #ifdef CONFIG_PROC_FS
2926 if (!proc_create_net("unix", 0, net->proc_net, &unix_seq_ops,
2927 sizeof(struct seq_net_private))) {
2928 unix_sysctl_unregister(net);
2937 static void __net_exit unix_net_exit(struct net *net)
2939 unix_sysctl_unregister(net);
2940 remove_proc_entry("unix", net->proc_net);
2943 static struct pernet_operations unix_net_ops = {
2944 .init = unix_net_init,
2945 .exit = unix_net_exit,
2948 static int __init af_unix_init(void)
2952 BUILD_BUG_ON(sizeof(struct unix_skb_parms) > FIELD_SIZEOF(struct sk_buff, cb));
2954 rc = proto_register(&unix_proto, 1);
2956 pr_crit("%s: Cannot create unix_sock SLAB cache!\n", __func__);
2960 sock_register(&unix_family_ops);
2961 register_pernet_subsys(&unix_net_ops);
2966 static void __exit af_unix_exit(void)
2968 sock_unregister(PF_UNIX);
2969 proto_unregister(&unix_proto);
2970 unregister_pernet_subsys(&unix_net_ops);
2973 /* Earlier than device_initcall() so that other drivers invoking
2974 request_module() don't end up in a loop when modprobe tries
2975 to use a UNIX socket. But later than subsys_initcall() because
2976 we depend on stuff initialised there */
2977 fs_initcall(af_unix_init);
2978 module_exit(af_unix_exit);
2980 MODULE_LICENSE("GPL");
2981 MODULE_ALIAS_NETPROTO(PF_UNIX);
projects / releases.git / blob