2 * NET4: Implementation of BSD Unix domain sockets.
4 * Authors: Alan Cox, <alan@lxorguk.ukuu.org.uk>
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
12 * Linus Torvalds : Assorted bug cures.
13 * Niibe Yutaka : async I/O support.
14 * Carsten Paeth : PF_UNIX check, address fixes.
15 * Alan Cox : Limit size of allocated blocks.
16 * Alan Cox : Fixed the stupid socketpair bug.
17 * Alan Cox : BSD compatibility fine tuning.
18 * Alan Cox : Fixed a bug in connect when interrupted.
19 * Alan Cox : Sorted out a proper draft version of
20 * file descriptor passing hacked up from
22 * Marty Leisner : Fixes to fd passing
23 * Nick Nevin : recvmsg bugfix.
24 * Alan Cox : Started proper garbage collector
25 * Heiko EiBfeldt : Missing verify_area check
26 * Alan Cox : Started POSIXisms
27 * Andreas Schwab : Replace inode by dentry for proper
29 * Kirk Petersen : Made this a module
30 * Christoph Rohland : Elegant non-blocking accept/connect algorithm.
32 * Alexey Kuznetosv : Repaired (I hope) bugs introduces
33 * by above two patches.
34 * Andrea Arcangeli : If possible we block in connect(2)
35 * if the max backlog of the listen socket
36 * is been reached. This won't break
37 * old apps and it will avoid huge amount
38 * of socks hashed (this for unix_gc()
39 * performances reasons).
40 * Security fix that limits the max
41 * number of socks to 2*max_files and
42 * the number of skb queueable in the
44 * Artur Skawina : Hash function optimizations
45 * Alexey Kuznetsov : Full scale SMP. Lot of bugs are introduced 8)
46 * Malcolm Beattie : Set peercred for socketpair
47 * Michal Ostrowski : Module initialization cleanup.
48 * Arnaldo C. Melo : Remove MOD_{INC,DEC}_USE_COUNT,
49 * the core infrastructure is doing that
50 * for all net proto families now (2.5.69+)
53 * Known differences from reference BSD that was tested:
56 * ECONNREFUSED is not returned from one end of a connected() socket to the
57 * other the moment one end closes.
58 * fstat() doesn't return st_dev=0, and give the blksize as high water mark
59 * and a fake inode identifier (nor the BSD first socket fstat twice bug).
61 * accept() returns a path name even if the connecting socket has closed
62 * in the meantime (BSD loses the path and gives up).
63 * accept() returns 0 length path for an unbound connector. BSD returns 16
64 * and a null first byte in the path (but not for gethost/peername - BSD bug ??)
65 * socketpair(...SOCK_RAW..) doesn't panic the kernel.
66 * BSD af_unix apparently has connect forgetting to block properly.
67 * (need to check this with the POSIX spec in detail)
69 * Differences from 2.0.0-11-... (ANK)
70 * Bug fixes and improvements.
71 * - client shutdown killed server socket.
72 * - removed all useless cli/sti pairs.
74 * Semantic changes/extensions.
75 * - generic control message passing.
76 * - SCM_CREDENTIALS control message.
77 * - "Abstract" (not FS based) socket bindings.
78 * Abstract names are sequences of bytes (not zero terminated)
79 * started by 0, so that this name space does not intersect
83 #include <linux/module.h>
84 #include <linux/kernel.h>
85 #include <linux/signal.h>
86 #include <linux/sched.h>
87 #include <linux/errno.h>
88 #include <linux/string.h>
89 #include <linux/stat.h>
90 #include <linux/dcache.h>
91 #include <linux/namei.h>
92 #include <linux/socket.h>
94 #include <linux/fcntl.h>
95 #include <linux/termios.h>
96 #include <linux/sockios.h>
97 #include <linux/net.h>
100 #include <linux/slab.h>
101 #include <asm/uaccess.h>
102 #include <linux/skbuff.h>
103 #include <linux/netdevice.h>
104 #include <net/net_namespace.h>
105 #include <net/sock.h>
106 #include <net/tcp_states.h>
107 #include <net/af_unix.h>
108 #include <linux/proc_fs.h>
109 #include <linux/seq_file.h>
111 #include <linux/init.h>
112 #include <linux/poll.h>
113 #include <linux/rtnetlink.h>
114 #include <linux/mount.h>
115 #include <net/checksum.h>
116 #include <linux/security.h>
118 static struct hlist_head unix_socket_table[UNIX_HASH_SIZE + 1];
119 static DEFINE_SPINLOCK(unix_table_lock);
120 static atomic_t unix_nr_socks = ATOMIC_INIT(0);
122 #define unix_sockets_unbound (&unix_socket_table[UNIX_HASH_SIZE])
124 #define UNIX_ABSTRACT(sk) (unix_sk(sk)->addr->hash != UNIX_HASH_SIZE)
126 #ifdef CONFIG_SECURITY_NETWORK
127 static void unix_get_secdata(struct scm_cookie *scm, struct sk_buff *skb)
129 memcpy(UNIXSID(skb), &scm->secid, sizeof(u32));
132 static inline void unix_set_secdata(struct scm_cookie *scm, struct sk_buff *skb)
134 scm->secid = *UNIXSID(skb);
137 static inline void unix_get_secdata(struct scm_cookie *scm, struct sk_buff *skb)
140 static inline void unix_set_secdata(struct scm_cookie *scm, struct sk_buff *skb)
142 #endif /* CONFIG_SECURITY_NETWORK */
145 * SMP locking strategy:
146 * hash table is protected with spinlock unix_table_lock
147 * each socket state is protected by separate rwlock.
150 static inline unsigned unix_hash_fold(__wsum n)
152 unsigned hash = (__force unsigned)n;
155 return hash&(UNIX_HASH_SIZE-1);
158 #define unix_peer(sk) (unix_sk(sk)->peer)
160 static inline int unix_our_peer(struct sock *sk, struct sock *osk)
162 return unix_peer(osk) == sk;
165 static inline int unix_may_send(struct sock *sk, struct sock *osk)
167 return unix_peer(osk) == NULL || unix_our_peer(sk, osk);
170 static inline int unix_recvq_full(struct sock const *sk)
172 return skb_queue_len(&sk->sk_receive_queue) > sk->sk_max_ack_backlog;
175 static struct sock *unix_peer_get(struct sock *s)
183 unix_state_unlock(s);
187 static inline void unix_release_addr(struct unix_address *addr)
189 if (atomic_dec_and_test(&addr->refcnt))
194 * Check unix socket name:
195 * - should be not zero length.
196 * - if started by not zero, should be NULL terminated (FS object)
197 * - if started by zero, it is abstract name.
200 static int unix_mkname(struct sockaddr_un *sunaddr, int len, unsigned *hashp)
202 if (len <= sizeof(short) || len > sizeof(*sunaddr))
204 if (!sunaddr || sunaddr->sun_family != AF_UNIX)
206 if (sunaddr->sun_path[0]) {
208 * This may look like an off by one error but it is a bit more
209 * subtle. 108 is the longest valid AF_UNIX path for a binding.
210 * sun_path[108] doesnt as such exist. However in kernel space
211 * we are guaranteed that it is a valid memory location in our
212 * kernel address buffer.
214 ((char *)sunaddr)[len] = 0;
215 len = strlen(sunaddr->sun_path)+1+sizeof(short);
219 *hashp = unix_hash_fold(csum_partial(sunaddr, len, 0));
223 static void __unix_remove_socket(struct sock *sk)
225 sk_del_node_init(sk);
228 static void __unix_insert_socket(struct hlist_head *list, struct sock *sk)
230 WARN_ON(!sk_unhashed(sk));
231 sk_add_node(sk, list);
234 static inline void unix_remove_socket(struct sock *sk)
236 spin_lock(&unix_table_lock);
237 __unix_remove_socket(sk);
238 spin_unlock(&unix_table_lock);
241 static inline void unix_insert_socket(struct hlist_head *list, struct sock *sk)
243 spin_lock(&unix_table_lock);
244 __unix_insert_socket(list, sk);
245 spin_unlock(&unix_table_lock);
248 static struct sock *__unix_find_socket_byname(struct net *net,
249 struct sockaddr_un *sunname,
250 int len, int type, unsigned hash)
253 struct hlist_node *node;
255 sk_for_each(s, node, &unix_socket_table[hash ^ type]) {
256 struct unix_sock *u = unix_sk(s);
258 if (!net_eq(sock_net(s), net))
261 if (u->addr->len == len &&
262 !memcmp(u->addr->name, sunname, len))
270 static inline struct sock *unix_find_socket_byname(struct net *net,
271 struct sockaddr_un *sunname,
277 spin_lock(&unix_table_lock);
278 s = __unix_find_socket_byname(net, sunname, len, type, hash);
281 spin_unlock(&unix_table_lock);
285 static struct sock *unix_find_socket_byinode(struct net *net, struct inode *i)
288 struct hlist_node *node;
290 spin_lock(&unix_table_lock);
292 &unix_socket_table[i->i_ino & (UNIX_HASH_SIZE - 1)]) {
293 struct dentry *dentry = unix_sk(s)->dentry;
295 if (!net_eq(sock_net(s), net))
298 if (dentry && dentry->d_inode == i) {
305 spin_unlock(&unix_table_lock);
309 static inline int unix_writable(struct sock *sk)
311 return (atomic_read(&sk->sk_wmem_alloc) << 2) <= sk->sk_sndbuf;
314 static void unix_write_space(struct sock *sk)
316 read_lock(&sk->sk_callback_lock);
317 if (unix_writable(sk)) {
318 if (sk_has_sleeper(sk))
319 wake_up_interruptible_sync(sk->sk_sleep);
320 sk_wake_async(sk, SOCK_WAKE_SPACE, POLL_OUT);
322 read_unlock(&sk->sk_callback_lock);
325 /* When dgram socket disconnects (or changes its peer), we clear its receive
326 * queue of packets arrived from previous peer. First, it allows to do
327 * flow control based only on wmem_alloc; second, sk connected to peer
328 * may receive messages only from that peer. */
329 static void unix_dgram_disconnected(struct sock *sk, struct sock *other)
331 if (!skb_queue_empty(&sk->sk_receive_queue)) {
332 skb_queue_purge(&sk->sk_receive_queue);
333 wake_up_interruptible_all(&unix_sk(sk)->peer_wait);
335 /* If one link of bidirectional dgram pipe is disconnected,
336 * we signal error. Messages are lost. Do not make this,
337 * when peer was not connected to us.
339 if (!sock_flag(other, SOCK_DEAD) && unix_peer(other) == sk) {
340 other->sk_err = ECONNRESET;
341 other->sk_error_report(other);
346 static void unix_sock_destructor(struct sock *sk)
348 struct unix_sock *u = unix_sk(sk);
350 skb_queue_purge(&sk->sk_receive_queue);
352 WARN_ON(atomic_read(&sk->sk_wmem_alloc));
353 WARN_ON(!sk_unhashed(sk));
354 WARN_ON(sk->sk_socket);
355 if (!sock_flag(sk, SOCK_DEAD)) {
356 printk(KERN_INFO "Attempt to release alive unix socket: %p\n", sk);
361 unix_release_addr(u->addr);
363 atomic_dec(&unix_nr_socks);
365 sock_prot_inuse_add(sock_net(sk), sk->sk_prot, -1);
367 #ifdef UNIX_REFCNT_DEBUG
368 printk(KERN_DEBUG "UNIX %p is destroyed, %d are still alive.\n", sk,
369 atomic_read(&unix_nr_socks));
373 static int unix_release_sock(struct sock *sk, int embrion)
375 struct unix_sock *u = unix_sk(sk);
376 struct dentry *dentry;
377 struct vfsmount *mnt;
382 unix_remove_socket(sk);
387 sk->sk_shutdown = SHUTDOWN_MASK;
392 state = sk->sk_state;
393 sk->sk_state = TCP_CLOSE;
394 unix_state_unlock(sk);
396 wake_up_interruptible_all(&u->peer_wait);
398 skpair = unix_peer(sk);
400 if (skpair != NULL) {
401 if (sk->sk_type == SOCK_STREAM || sk->sk_type == SOCK_SEQPACKET) {
402 unix_state_lock(skpair);
404 skpair->sk_shutdown = SHUTDOWN_MASK;
405 if (!skb_queue_empty(&sk->sk_receive_queue) || embrion)
406 skpair->sk_err = ECONNRESET;
407 unix_state_unlock(skpair);
408 skpair->sk_state_change(skpair);
409 read_lock(&skpair->sk_callback_lock);
410 sk_wake_async(skpair, SOCK_WAKE_WAITD, POLL_HUP);
411 read_unlock(&skpair->sk_callback_lock);
413 sock_put(skpair); /* It may now die */
414 unix_peer(sk) = NULL;
417 /* Try to flush out this socket. Throw out buffers at least */
419 while ((skb = skb_dequeue(&sk->sk_receive_queue)) != NULL) {
420 if (state == TCP_LISTEN)
421 unix_release_sock(skb->sk, 1);
422 /* passed fds are erased in the kfree_skb hook */
433 /* ---- Socket is dead now and most probably destroyed ---- */
436 * Fixme: BSD difference: In BSD all sockets connected to use get
437 * ECONNRESET and we die on the spot. In Linux we behave
438 * like files and pipes do and wait for the last
441 * Can't we simply set sock->err?
443 * What the above comment does talk about? --ANK(980817)
446 if (unix_tot_inflight)
447 unix_gc(); /* Garbage collect fds */
452 static int unix_listen(struct socket *sock, int backlog)
455 struct sock *sk = sock->sk;
456 struct unix_sock *u = unix_sk(sk);
459 if (sock->type != SOCK_STREAM && sock->type != SOCK_SEQPACKET)
460 goto out; /* Only stream/seqpacket sockets accept */
463 goto out; /* No listens on an unbound socket */
465 if (sk->sk_state != TCP_CLOSE && sk->sk_state != TCP_LISTEN)
467 if (backlog > sk->sk_max_ack_backlog)
468 wake_up_interruptible_all(&u->peer_wait);
469 sk->sk_max_ack_backlog = backlog;
470 sk->sk_state = TCP_LISTEN;
471 /* set credentials so connect can copy them */
472 sk->sk_peercred.pid = task_tgid_vnr(current);
473 current_euid_egid(&sk->sk_peercred.uid, &sk->sk_peercred.gid);
477 unix_state_unlock(sk);
482 static int unix_release(struct socket *);
483 static int unix_bind(struct socket *, struct sockaddr *, int);
484 static int unix_stream_connect(struct socket *, struct sockaddr *,
485 int addr_len, int flags);
486 static int unix_socketpair(struct socket *, struct socket *);
487 static int unix_accept(struct socket *, struct socket *, int);
488 static int unix_getname(struct socket *, struct sockaddr *, int *, int);
489 static unsigned int unix_poll(struct file *, struct socket *, poll_table *);
490 static unsigned int unix_dgram_poll(struct file *, struct socket *,
492 static int unix_ioctl(struct socket *, unsigned int, unsigned long);
493 static int unix_shutdown(struct socket *, int);
494 static int unix_stream_sendmsg(struct kiocb *, struct socket *,
495 struct msghdr *, size_t);
496 static int unix_stream_recvmsg(struct kiocb *, struct socket *,
497 struct msghdr *, size_t, int);
498 static int unix_dgram_sendmsg(struct kiocb *, struct socket *,
499 struct msghdr *, size_t);
500 static int unix_dgram_recvmsg(struct kiocb *, struct socket *,
501 struct msghdr *, size_t, int);
502 static int unix_dgram_connect(struct socket *, struct sockaddr *,
504 static int unix_seqpacket_sendmsg(struct kiocb *, struct socket *,
505 struct msghdr *, size_t);
507 static const struct proto_ops unix_stream_ops = {
509 .owner = THIS_MODULE,
510 .release = unix_release,
512 .connect = unix_stream_connect,
513 .socketpair = unix_socketpair,
514 .accept = unix_accept,
515 .getname = unix_getname,
518 .listen = unix_listen,
519 .shutdown = unix_shutdown,
520 .setsockopt = sock_no_setsockopt,
521 .getsockopt = sock_no_getsockopt,
522 .sendmsg = unix_stream_sendmsg,
523 .recvmsg = unix_stream_recvmsg,
524 .mmap = sock_no_mmap,
525 .sendpage = sock_no_sendpage,
528 static const struct proto_ops unix_dgram_ops = {
530 .owner = THIS_MODULE,
531 .release = unix_release,
533 .connect = unix_dgram_connect,
534 .socketpair = unix_socketpair,
535 .accept = sock_no_accept,
536 .getname = unix_getname,
537 .poll = unix_dgram_poll,
539 .listen = sock_no_listen,
540 .shutdown = unix_shutdown,
541 .setsockopt = sock_no_setsockopt,
542 .getsockopt = sock_no_getsockopt,
543 .sendmsg = unix_dgram_sendmsg,
544 .recvmsg = unix_dgram_recvmsg,
545 .mmap = sock_no_mmap,
546 .sendpage = sock_no_sendpage,
549 static const struct proto_ops unix_seqpacket_ops = {
551 .owner = THIS_MODULE,
552 .release = unix_release,
554 .connect = unix_stream_connect,
555 .socketpair = unix_socketpair,
556 .accept = unix_accept,
557 .getname = unix_getname,
558 .poll = unix_dgram_poll,
560 .listen = unix_listen,
561 .shutdown = unix_shutdown,
562 .setsockopt = sock_no_setsockopt,
563 .getsockopt = sock_no_getsockopt,
564 .sendmsg = unix_seqpacket_sendmsg,
565 .recvmsg = unix_dgram_recvmsg,
566 .mmap = sock_no_mmap,
567 .sendpage = sock_no_sendpage,
570 static struct proto unix_proto = {
572 .owner = THIS_MODULE,
573 .obj_size = sizeof(struct unix_sock),
577 * AF_UNIX sockets do not interact with hardware, hence they
578 * dont trigger interrupts - so it's safe for them to have
579 * bh-unsafe locking for their sk_receive_queue.lock. Split off
580 * this special lock-class by reinitializing the spinlock key:
582 static struct lock_class_key af_unix_sk_receive_queue_lock_key;
584 static struct sock *unix_create1(struct net *net, struct socket *sock)
586 struct sock *sk = NULL;
589 atomic_inc(&unix_nr_socks);
590 if (atomic_read(&unix_nr_socks) > 2 * get_max_files())
593 sk = sk_alloc(net, PF_UNIX, GFP_KERNEL, &unix_proto);
597 sock_init_data(sock, sk);
598 lockdep_set_class(&sk->sk_receive_queue.lock,
599 &af_unix_sk_receive_queue_lock_key);
601 sk->sk_write_space = unix_write_space;
602 sk->sk_max_ack_backlog = net->unx.sysctl_max_dgram_qlen;
603 sk->sk_destruct = unix_sock_destructor;
607 spin_lock_init(&u->lock);
608 atomic_long_set(&u->inflight, 0);
609 INIT_LIST_HEAD(&u->link);
610 mutex_init(&u->readlock); /* single task reading lock */
611 init_waitqueue_head(&u->peer_wait);
612 unix_insert_socket(unix_sockets_unbound, sk);
615 atomic_dec(&unix_nr_socks);
618 sock_prot_inuse_add(sock_net(sk), sk->sk_prot, 1);
624 static int unix_create(struct net *net, struct socket *sock, int protocol,
627 if (protocol && protocol != PF_UNIX)
628 return -EPROTONOSUPPORT;
630 sock->state = SS_UNCONNECTED;
632 switch (sock->type) {
634 sock->ops = &unix_stream_ops;
637 * Believe it or not BSD has AF_UNIX, SOCK_RAW though
641 sock->type = SOCK_DGRAM;
643 sock->ops = &unix_dgram_ops;
646 sock->ops = &unix_seqpacket_ops;
649 return -ESOCKTNOSUPPORT;
652 return unix_create1(net, sock) ? 0 : -ENOMEM;
655 static int unix_release(struct socket *sock)
657 struct sock *sk = sock->sk;
664 return unix_release_sock(sk, 0);
667 static int unix_autobind(struct socket *sock)
669 struct sock *sk = sock->sk;
670 struct net *net = sock_net(sk);
671 struct unix_sock *u = unix_sk(sk);
672 static u32 ordernum = 1;
673 struct unix_address *addr;
676 mutex_lock(&u->readlock);
683 addr = kzalloc(sizeof(*addr) + sizeof(short) + 16, GFP_KERNEL);
687 addr->name->sun_family = AF_UNIX;
688 atomic_set(&addr->refcnt, 1);
691 addr->len = sprintf(addr->name->sun_path+1, "%05x", ordernum) + 1 + sizeof(short);
692 addr->hash = unix_hash_fold(csum_partial(addr->name, addr->len, 0));
694 spin_lock(&unix_table_lock);
695 ordernum = (ordernum+1)&0xFFFFF;
697 if (__unix_find_socket_byname(net, addr->name, addr->len, sock->type,
699 spin_unlock(&unix_table_lock);
700 /* Sanity yield. It is unusual case, but yet... */
701 if (!(ordernum&0xFF))
705 addr->hash ^= sk->sk_type;
707 __unix_remove_socket(sk);
709 __unix_insert_socket(&unix_socket_table[addr->hash], sk);
710 spin_unlock(&unix_table_lock);
713 out: mutex_unlock(&u->readlock);
717 static struct sock *unix_find_other(struct net *net,
718 struct sockaddr_un *sunname, int len,
719 int type, unsigned hash, int *error)
725 if (sunname->sun_path[0]) {
727 err = kern_path(sunname->sun_path, LOOKUP_FOLLOW, &path);
730 inode = path.dentry->d_inode;
731 err = inode_permission(inode, MAY_WRITE);
736 if (!S_ISSOCK(inode->i_mode))
738 u = unix_find_socket_byinode(net, inode);
742 if (u->sk_type == type)
743 touch_atime(path.mnt, path.dentry);
748 if (u->sk_type != type) {
754 u = unix_find_socket_byname(net, sunname, len, type, hash);
756 struct dentry *dentry;
757 dentry = unix_sk(u)->dentry;
759 touch_atime(unix_sk(u)->mnt, dentry);
773 static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
775 struct sock *sk = sock->sk;
776 struct net *net = sock_net(sk);
777 struct unix_sock *u = unix_sk(sk);
778 struct sockaddr_un *sunaddr = (struct sockaddr_un *)uaddr;
779 struct dentry *dentry = NULL;
783 struct unix_address *addr;
784 struct hlist_head *list;
787 if (sunaddr->sun_family != AF_UNIX)
790 if (addr_len == sizeof(short)) {
791 err = unix_autobind(sock);
795 err = unix_mkname(sunaddr, addr_len, &hash);
800 mutex_lock(&u->readlock);
807 addr = kmalloc(sizeof(*addr)+addr_len, GFP_KERNEL);
811 memcpy(addr->name, sunaddr, addr_len);
812 addr->len = addr_len;
813 addr->hash = hash ^ sk->sk_type;
814 atomic_set(&addr->refcnt, 1);
816 if (sunaddr->sun_path[0]) {
820 * Get the parent directory, calculate the hash for last
823 err = path_lookup(sunaddr->sun_path, LOOKUP_PARENT, &nd);
825 goto out_mknod_parent;
827 dentry = lookup_create(&nd, 0);
828 err = PTR_ERR(dentry);
830 goto out_mknod_unlock;
833 * All right, let's create it.
836 (SOCK_INODE(sock)->i_mode & ~current_umask());
837 err = mnt_want_write(nd.path.mnt);
840 err = security_path_mknod(&nd.path, dentry, mode, 0);
842 goto out_mknod_drop_write;
843 err = vfs_mknod(nd.path.dentry->d_inode, dentry, mode, 0);
844 out_mknod_drop_write:
845 mnt_drop_write(nd.path.mnt);
848 mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
849 dput(nd.path.dentry);
850 nd.path.dentry = dentry;
852 addr->hash = UNIX_HASH_SIZE;
855 spin_lock(&unix_table_lock);
857 if (!sunaddr->sun_path[0]) {
859 if (__unix_find_socket_byname(net, sunaddr, addr_len,
860 sk->sk_type, hash)) {
861 unix_release_addr(addr);
865 list = &unix_socket_table[addr->hash];
867 list = &unix_socket_table[dentry->d_inode->i_ino & (UNIX_HASH_SIZE-1)];
868 u->dentry = nd.path.dentry;
869 u->mnt = nd.path.mnt;
873 __unix_remove_socket(sk);
875 __unix_insert_socket(list, sk);
878 spin_unlock(&unix_table_lock);
880 mutex_unlock(&u->readlock);
887 mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
892 unix_release_addr(addr);
896 static void unix_state_double_lock(struct sock *sk1, struct sock *sk2)
898 if (unlikely(sk1 == sk2) || !sk2) {
899 unix_state_lock(sk1);
903 unix_state_lock(sk1);
904 unix_state_lock_nested(sk2);
906 unix_state_lock(sk2);
907 unix_state_lock_nested(sk1);
911 static void unix_state_double_unlock(struct sock *sk1, struct sock *sk2)
913 if (unlikely(sk1 == sk2) || !sk2) {
914 unix_state_unlock(sk1);
917 unix_state_unlock(sk1);
918 unix_state_unlock(sk2);
921 static int unix_dgram_connect(struct socket *sock, struct sockaddr *addr,
924 struct sock *sk = sock->sk;
925 struct net *net = sock_net(sk);
926 struct sockaddr_un *sunaddr = (struct sockaddr_un *)addr;
931 if (addr->sa_family != AF_UNSPEC) {
932 err = unix_mkname(sunaddr, alen, &hash);
937 if (test_bit(SOCK_PASSCRED, &sock->flags) &&
938 !unix_sk(sk)->addr && (err = unix_autobind(sock)) != 0)
942 other = unix_find_other(net, sunaddr, alen, sock->type, hash, &err);
946 unix_state_double_lock(sk, other);
948 /* Apparently VFS overslept socket death. Retry. */
949 if (sock_flag(other, SOCK_DEAD)) {
950 unix_state_double_unlock(sk, other);
956 if (!unix_may_send(sk, other))
959 err = security_unix_may_send(sk->sk_socket, other->sk_socket);
965 * 1003.1g breaking connected state with AF_UNSPEC
968 unix_state_double_lock(sk, other);
972 * If it was connected, reconnect.
975 struct sock *old_peer = unix_peer(sk);
976 unix_peer(sk) = other;
977 unix_state_double_unlock(sk, other);
979 if (other != old_peer)
980 unix_dgram_disconnected(sk, old_peer);
983 unix_peer(sk) = other;
984 unix_state_double_unlock(sk, other);
989 unix_state_double_unlock(sk, other);
995 static long unix_wait_for_peer(struct sock *other, long timeo)
997 struct unix_sock *u = unix_sk(other);
1001 prepare_to_wait_exclusive(&u->peer_wait, &wait, TASK_INTERRUPTIBLE);
1003 sched = !sock_flag(other, SOCK_DEAD) &&
1004 !(other->sk_shutdown & RCV_SHUTDOWN) &&
1005 unix_recvq_full(other);
1007 unix_state_unlock(other);
1010 timeo = schedule_timeout(timeo);
1012 finish_wait(&u->peer_wait, &wait);
1016 static int unix_stream_connect(struct socket *sock, struct sockaddr *uaddr,
1017 int addr_len, int flags)
1019 struct sockaddr_un *sunaddr = (struct sockaddr_un *)uaddr;
1020 struct sock *sk = sock->sk;
1021 struct net *net = sock_net(sk);
1022 struct unix_sock *u = unix_sk(sk), *newu, *otheru;
1023 struct sock *newsk = NULL;
1024 struct sock *other = NULL;
1025 struct sk_buff *skb = NULL;
1031 err = unix_mkname(sunaddr, addr_len, &hash);
1036 if (test_bit(SOCK_PASSCRED, &sock->flags) && !u->addr &&
1037 (err = unix_autobind(sock)) != 0)
1040 timeo = sock_sndtimeo(sk, flags & O_NONBLOCK);
1042 /* First of all allocate resources.
1043 If we will make it after state is locked,
1044 we will have to recheck all again in any case.
1049 /* create new sock for complete connection */
1050 newsk = unix_create1(sock_net(sk), NULL);
1054 /* Allocate skb for sending to listening sock */
1055 skb = sock_wmalloc(newsk, 1, 0, GFP_KERNEL);
1060 /* Find listening sock. */
1061 other = unix_find_other(net, sunaddr, addr_len, sk->sk_type, hash, &err);
1065 /* Latch state of peer */
1066 unix_state_lock(other);
1068 /* Apparently VFS overslept socket death. Retry. */
1069 if (sock_flag(other, SOCK_DEAD)) {
1070 unix_state_unlock(other);
1075 err = -ECONNREFUSED;
1076 if (other->sk_state != TCP_LISTEN)
1078 if (other->sk_shutdown & RCV_SHUTDOWN)
1081 if (unix_recvq_full(other)) {
1086 timeo = unix_wait_for_peer(other, timeo);
1088 err = sock_intr_errno(timeo);
1089 if (signal_pending(current))
1097 It is tricky place. We need to grab write lock and cannot
1098 drop lock on peer. It is dangerous because deadlock is
1099 possible. Connect to self case and simultaneous
1100 attempt to connect are eliminated by checking socket
1101 state. other is TCP_LISTEN, if sk is TCP_LISTEN we
1102 check this before attempt to grab lock.
1104 Well, and we have to recheck the state after socket locked.
1110 /* This is ok... continue with connect */
1112 case TCP_ESTABLISHED:
1113 /* Socket is already connected */
1121 unix_state_lock_nested(sk);
1123 if (sk->sk_state != st) {
1124 unix_state_unlock(sk);
1125 unix_state_unlock(other);
1130 err = security_unix_stream_connect(sock, other->sk_socket, newsk);
1132 unix_state_unlock(sk);
1136 /* The way is open! Fastly set all the necessary fields... */
1139 unix_peer(newsk) = sk;
1140 newsk->sk_state = TCP_ESTABLISHED;
1141 newsk->sk_type = sk->sk_type;
1142 newsk->sk_peercred.pid = task_tgid_vnr(current);
1143 current_euid_egid(&newsk->sk_peercred.uid, &newsk->sk_peercred.gid);
1144 newu = unix_sk(newsk);
1145 newsk->sk_sleep = &newu->peer_wait;
1146 otheru = unix_sk(other);
1148 /* copy address information from listening to new sock*/
1150 atomic_inc(&otheru->addr->refcnt);
1151 newu->addr = otheru->addr;
1153 if (otheru->dentry) {
1154 newu->dentry = dget(otheru->dentry);
1155 newu->mnt = mntget(otheru->mnt);
1158 /* Set credentials */
1159 sk->sk_peercred = other->sk_peercred;
1161 sock->state = SS_CONNECTED;
1162 sk->sk_state = TCP_ESTABLISHED;
1165 smp_mb__after_atomic_inc(); /* sock_hold() does an atomic_inc() */
1166 unix_peer(sk) = newsk;
1168 unix_state_unlock(sk);
1170 /* take ten and and send info to listening sock */
1171 spin_lock(&other->sk_receive_queue.lock);
1172 __skb_queue_tail(&other->sk_receive_queue, skb);
1173 spin_unlock(&other->sk_receive_queue.lock);
1174 unix_state_unlock(other);
1175 other->sk_data_ready(other, 0);
1181 unix_state_unlock(other);
1186 unix_release_sock(newsk, 0);
1192 static int unix_socketpair(struct socket *socka, struct socket *sockb)
1194 struct sock *ska = socka->sk, *skb = sockb->sk;
1196 /* Join our sockets back to back */
1199 unix_peer(ska) = skb;
1200 unix_peer(skb) = ska;
1201 ska->sk_peercred.pid = skb->sk_peercred.pid = task_tgid_vnr(current);
1202 current_euid_egid(&skb->sk_peercred.uid, &skb->sk_peercred.gid);
1203 ska->sk_peercred.uid = skb->sk_peercred.uid;
1204 ska->sk_peercred.gid = skb->sk_peercred.gid;
1206 if (ska->sk_type != SOCK_DGRAM) {
1207 ska->sk_state = TCP_ESTABLISHED;
1208 skb->sk_state = TCP_ESTABLISHED;
1209 socka->state = SS_CONNECTED;
1210 sockb->state = SS_CONNECTED;
1215 static int unix_accept(struct socket *sock, struct socket *newsock, int flags)
1217 struct sock *sk = sock->sk;
1219 struct sk_buff *skb;
1223 if (sock->type != SOCK_STREAM && sock->type != SOCK_SEQPACKET)
1227 if (sk->sk_state != TCP_LISTEN)
1230 /* If socket state is TCP_LISTEN it cannot change (for now...),
1231 * so that no locks are necessary.
1234 skb = skb_recv_datagram(sk, 0, flags&O_NONBLOCK, &err);
1236 /* This means receive shutdown. */
1243 skb_free_datagram(sk, skb);
1244 wake_up_interruptible(&unix_sk(sk)->peer_wait);
1246 /* attach accepted sock to socket */
1247 unix_state_lock(tsk);
1248 newsock->state = SS_CONNECTED;
1249 sock_graft(tsk, newsock);
1250 unix_state_unlock(tsk);
1258 static int unix_getname(struct socket *sock, struct sockaddr *uaddr, int *uaddr_len, int peer)
1260 struct sock *sk = sock->sk;
1261 struct unix_sock *u;
1262 DECLARE_SOCKADDR(struct sockaddr_un *, sunaddr, uaddr);
1266 sk = unix_peer_get(sk);
1277 unix_state_lock(sk);
1279 sunaddr->sun_family = AF_UNIX;
1280 sunaddr->sun_path[0] = 0;
1281 *uaddr_len = sizeof(short);
1283 struct unix_address *addr = u->addr;
1285 *uaddr_len = addr->len;
1286 memcpy(sunaddr, addr->name, *uaddr_len);
1288 unix_state_unlock(sk);
1294 static void unix_detach_fds(struct scm_cookie *scm, struct sk_buff *skb)
1298 scm->fp = UNIXCB(skb).fp;
1299 skb->destructor = sock_wfree;
1300 UNIXCB(skb).fp = NULL;
1302 for (i = scm->fp->count-1; i >= 0; i--)
1303 unix_notinflight(scm->fp->fp[i]);
1306 static void unix_destruct_fds(struct sk_buff *skb)
1308 struct scm_cookie scm;
1309 memset(&scm, 0, sizeof(scm));
1310 unix_detach_fds(&scm, skb);
1312 /* Alas, it calls VFS */
1313 /* So fscking what? fput() had been SMP-safe since the last Summer */
1318 static int unix_attach_fds(struct scm_cookie *scm, struct sk_buff *skb)
1323 * Need to duplicate file references for the sake of garbage
1324 * collection. Otherwise a socket in the fps might become a
1325 * candidate for GC while the skb is not yet queued.
1327 UNIXCB(skb).fp = scm_fp_dup(scm->fp);
1328 if (!UNIXCB(skb).fp)
1331 for (i = scm->fp->count-1; i >= 0; i--)
1332 unix_inflight(scm->fp->fp[i]);
1333 skb->destructor = unix_destruct_fds;
1338 * Send AF_UNIX data.
1341 static int unix_dgram_sendmsg(struct kiocb *kiocb, struct socket *sock,
1342 struct msghdr *msg, size_t len)
1344 struct sock_iocb *siocb = kiocb_to_siocb(kiocb);
1345 struct sock *sk = sock->sk;
1346 struct net *net = sock_net(sk);
1347 struct unix_sock *u = unix_sk(sk);
1348 struct sockaddr_un *sunaddr = msg->msg_name;
1349 struct sock *other = NULL;
1350 int namelen = 0; /* fake GCC */
1353 struct sk_buff *skb;
1355 struct scm_cookie tmp_scm;
1357 if (NULL == siocb->scm)
1358 siocb->scm = &tmp_scm;
1360 err = scm_send(sock, msg, siocb->scm);
1365 if (msg->msg_flags&MSG_OOB)
1368 if (msg->msg_namelen) {
1369 err = unix_mkname(sunaddr, msg->msg_namelen, &hash);
1376 other = unix_peer_get(sk);
1381 if (test_bit(SOCK_PASSCRED, &sock->flags) && !u->addr
1382 && (err = unix_autobind(sock)) != 0)
1386 if (len > sk->sk_sndbuf - 32)
1389 skb = sock_alloc_send_skb(sk, len, msg->msg_flags&MSG_DONTWAIT, &err);
1393 memcpy(UNIXCREDS(skb), &siocb->scm->creds, sizeof(struct ucred));
1394 if (siocb->scm->fp) {
1395 err = unix_attach_fds(siocb->scm, skb);
1399 unix_get_secdata(siocb->scm, skb);
1401 skb_reset_transport_header(skb);
1402 err = memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len);
1406 timeo = sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT);
1411 if (sunaddr == NULL)
1414 other = unix_find_other(net, sunaddr, namelen, sk->sk_type,
1420 unix_state_lock(other);
1422 if (!unix_may_send(sk, other))
1425 if (sock_flag(other, SOCK_DEAD)) {
1427 * Check with 1003.1g - what should
1430 unix_state_unlock(other);
1434 unix_state_lock(sk);
1435 if (unix_peer(sk) == other) {
1436 unix_peer(sk) = NULL;
1437 unix_state_unlock(sk);
1439 unix_dgram_disconnected(sk, other);
1441 err = -ECONNREFUSED;
1443 unix_state_unlock(sk);
1453 if (other->sk_shutdown & RCV_SHUTDOWN)
1456 if (sk->sk_type != SOCK_SEQPACKET) {
1457 err = security_unix_may_send(sk->sk_socket, other->sk_socket);
1462 if (unix_peer(other) != sk && unix_recvq_full(other)) {
1468 timeo = unix_wait_for_peer(other, timeo);
1470 err = sock_intr_errno(timeo);
1471 if (signal_pending(current))
1477 skb_queue_tail(&other->sk_receive_queue, skb);
1478 unix_state_unlock(other);
1479 other->sk_data_ready(other, len);
1481 scm_destroy(siocb->scm);
1485 unix_state_unlock(other);
1491 scm_destroy(siocb->scm);
1496 static int unix_stream_sendmsg(struct kiocb *kiocb, struct socket *sock,
1497 struct msghdr *msg, size_t len)
1499 struct sock_iocb *siocb = kiocb_to_siocb(kiocb);
1500 struct sock *sk = sock->sk;
1501 struct sock *other = NULL;
1502 struct sockaddr_un *sunaddr = msg->msg_name;
1504 struct sk_buff *skb;
1506 struct scm_cookie tmp_scm;
1507 bool fds_sent = false;
1509 if (NULL == siocb->scm)
1510 siocb->scm = &tmp_scm;
1512 err = scm_send(sock, msg, siocb->scm);
1517 if (msg->msg_flags&MSG_OOB)
1520 if (msg->msg_namelen) {
1521 err = sk->sk_state == TCP_ESTABLISHED ? -EISCONN : -EOPNOTSUPP;
1526 other = unix_peer(sk);
1531 if (sk->sk_shutdown & SEND_SHUTDOWN)
1534 while (sent < len) {
1536 * Optimisation for the fact that under 0.01% of X
1537 * messages typically need breaking up.
1542 /* Keep two messages in the pipe so it schedules better */
1543 if (size > ((sk->sk_sndbuf >> 1) - 64))
1544 size = (sk->sk_sndbuf >> 1) - 64;
1546 if (size > SKB_MAX_ALLOC)
1547 size = SKB_MAX_ALLOC;
1553 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT,
1560 * If you pass two values to the sock_alloc_send_skb
1561 * it tries to grab the large buffer with GFP_NOFS
1562 * (which can fail easily), and if it fails grab the
1563 * fallback size buffer which is under a page and will
1566 size = min_t(int, size, skb_tailroom(skb));
1568 memcpy(UNIXCREDS(skb), &siocb->scm->creds, sizeof(struct ucred));
1569 /* Only send the fds in the first buffer */
1570 if (siocb->scm->fp && !fds_sent) {
1571 err = unix_attach_fds(siocb->scm, skb);
1579 err = memcpy_fromiovec(skb_put(skb, size), msg->msg_iov, size);
1585 unix_state_lock(other);
1587 if (sock_flag(other, SOCK_DEAD) ||
1588 (other->sk_shutdown & RCV_SHUTDOWN))
1591 skb_queue_tail(&other->sk_receive_queue, skb);
1592 unix_state_unlock(other);
1593 other->sk_data_ready(other, size);
1597 scm_destroy(siocb->scm);
1603 unix_state_unlock(other);
1606 if (sent == 0 && !(msg->msg_flags&MSG_NOSIGNAL))
1607 send_sig(SIGPIPE, current, 0);
1610 scm_destroy(siocb->scm);
1612 return sent ? : err;
1615 static int unix_seqpacket_sendmsg(struct kiocb *kiocb, struct socket *sock,
1616 struct msghdr *msg, size_t len)
1619 struct sock *sk = sock->sk;
1621 err = sock_error(sk);
1625 if (sk->sk_state != TCP_ESTABLISHED)
1628 if (msg->msg_namelen)
1629 msg->msg_namelen = 0;
1631 return unix_dgram_sendmsg(kiocb, sock, msg, len);
1634 static void unix_copy_addr(struct msghdr *msg, struct sock *sk)
1636 struct unix_sock *u = unix_sk(sk);
1638 msg->msg_namelen = 0;
1640 msg->msg_namelen = u->addr->len;
1641 memcpy(msg->msg_name, u->addr->name, u->addr->len);
1645 static int unix_dgram_recvmsg(struct kiocb *iocb, struct socket *sock,
1646 struct msghdr *msg, size_t size,
1649 struct sock_iocb *siocb = kiocb_to_siocb(iocb);
1650 struct scm_cookie tmp_scm;
1651 struct sock *sk = sock->sk;
1652 struct unix_sock *u = unix_sk(sk);
1653 int noblock = flags & MSG_DONTWAIT;
1654 struct sk_buff *skb;
1661 msg->msg_namelen = 0;
1663 mutex_lock(&u->readlock);
1665 skb = skb_recv_datagram(sk, flags, noblock, &err);
1667 unix_state_lock(sk);
1668 /* Signal EOF on disconnected non-blocking SEQPACKET socket. */
1669 if (sk->sk_type == SOCK_SEQPACKET && err == -EAGAIN &&
1670 (sk->sk_shutdown & RCV_SHUTDOWN))
1672 unix_state_unlock(sk);
1676 wake_up_interruptible_sync(&u->peer_wait);
1679 unix_copy_addr(msg, skb->sk);
1681 if (size > skb->len)
1683 else if (size < skb->len)
1684 msg->msg_flags |= MSG_TRUNC;
1686 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, size);
1691 siocb->scm = &tmp_scm;
1692 memset(&tmp_scm, 0, sizeof(tmp_scm));
1694 siocb->scm->creds = *UNIXCREDS(skb);
1695 unix_set_secdata(siocb->scm, skb);
1697 if (!(flags & MSG_PEEK)) {
1699 unix_detach_fds(siocb->scm, skb);
1701 /* It is questionable: on PEEK we could:
1702 - do not return fds - good, but too simple 8)
1703 - return fds, and do not return them on read (old strategy,
1705 - clone fds (I chose it for now, it is the most universal
1708 POSIX 1003.1g does not actually define this clearly
1709 at all. POSIX 1003.1g doesn't define a lot of things
1714 siocb->scm->fp = scm_fp_dup(UNIXCB(skb).fp);
1718 scm_recv(sock, msg, siocb->scm, flags);
1721 skb_free_datagram(sk, skb);
1723 mutex_unlock(&u->readlock);
1729 * Sleep until data has arrive. But check for races..
1732 static long unix_stream_data_wait(struct sock *sk, long timeo)
1736 unix_state_lock(sk);
1739 prepare_to_wait(sk->sk_sleep, &wait, TASK_INTERRUPTIBLE);
1741 if (!skb_queue_empty(&sk->sk_receive_queue) ||
1743 (sk->sk_shutdown & RCV_SHUTDOWN) ||
1744 signal_pending(current) ||
1748 set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
1749 unix_state_unlock(sk);
1750 timeo = schedule_timeout(timeo);
1751 unix_state_lock(sk);
1752 clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
1755 finish_wait(sk->sk_sleep, &wait);
1756 unix_state_unlock(sk);
1762 static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock,
1763 struct msghdr *msg, size_t size,
1766 struct sock_iocb *siocb = kiocb_to_siocb(iocb);
1767 struct scm_cookie tmp_scm;
1768 struct sock *sk = sock->sk;
1769 struct unix_sock *u = unix_sk(sk);
1770 struct sockaddr_un *sunaddr = msg->msg_name;
1772 int check_creds = 0;
1778 if (sk->sk_state != TCP_ESTABLISHED)
1785 target = sock_rcvlowat(sk, flags&MSG_WAITALL, size);
1786 timeo = sock_rcvtimeo(sk, flags&MSG_DONTWAIT);
1788 msg->msg_namelen = 0;
1790 /* Lock the socket to prevent queue disordering
1791 * while sleeps in memcpy_tomsg
1795 siocb->scm = &tmp_scm;
1796 memset(&tmp_scm, 0, sizeof(tmp_scm));
1799 mutex_lock(&u->readlock);
1803 struct sk_buff *skb;
1805 unix_state_lock(sk);
1806 skb = skb_dequeue(&sk->sk_receive_queue);
1808 if (copied >= target)
1812 * POSIX 1003.1g mandates this order.
1815 err = sock_error(sk);
1818 if (sk->sk_shutdown & RCV_SHUTDOWN)
1821 unix_state_unlock(sk);
1825 mutex_unlock(&u->readlock);
1827 timeo = unix_stream_data_wait(sk, timeo);
1829 if (signal_pending(current)) {
1830 err = sock_intr_errno(timeo);
1833 mutex_lock(&u->readlock);
1836 unix_state_unlock(sk);
1839 unix_state_unlock(sk);
1842 /* Never glue messages from different writers */
1843 if (memcmp(UNIXCREDS(skb), &siocb->scm->creds,
1844 sizeof(siocb->scm->creds)) != 0) {
1845 skb_queue_head(&sk->sk_receive_queue, skb);
1849 /* Copy credentials */
1850 siocb->scm->creds = *UNIXCREDS(skb);
1854 /* Copy address just once */
1856 unix_copy_addr(msg, skb->sk);
1860 chunk = min_t(unsigned int, skb->len, size);
1861 if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) {
1862 skb_queue_head(&sk->sk_receive_queue, skb);
1870 /* Mark read part of skb as used */
1871 if (!(flags & MSG_PEEK)) {
1872 skb_pull(skb, chunk);
1875 unix_detach_fds(siocb->scm, skb);
1877 /* put the skb back if we didn't use it up.. */
1879 skb_queue_head(&sk->sk_receive_queue, skb);
1888 /* It is questionable, see note in unix_dgram_recvmsg.
1891 siocb->scm->fp = scm_fp_dup(UNIXCB(skb).fp);
1893 /* put message back and return */
1894 skb_queue_head(&sk->sk_receive_queue, skb);
1899 mutex_unlock(&u->readlock);
1900 scm_recv(sock, msg, siocb->scm, flags);
1902 return copied ? : err;
1905 static int unix_shutdown(struct socket *sock, int mode)
1907 struct sock *sk = sock->sk;
1910 mode = (mode+1)&(RCV_SHUTDOWN|SEND_SHUTDOWN);
1913 unix_state_lock(sk);
1914 sk->sk_shutdown |= mode;
1915 other = unix_peer(sk);
1918 unix_state_unlock(sk);
1919 sk->sk_state_change(sk);
1922 (sk->sk_type == SOCK_STREAM || sk->sk_type == SOCK_SEQPACKET)) {
1926 if (mode&RCV_SHUTDOWN)
1927 peer_mode |= SEND_SHUTDOWN;
1928 if (mode&SEND_SHUTDOWN)
1929 peer_mode |= RCV_SHUTDOWN;
1930 unix_state_lock(other);
1931 other->sk_shutdown |= peer_mode;
1932 unix_state_unlock(other);
1933 other->sk_state_change(other);
1934 read_lock(&other->sk_callback_lock);
1935 if (peer_mode == SHUTDOWN_MASK)
1936 sk_wake_async(other, SOCK_WAKE_WAITD, POLL_HUP);
1937 else if (peer_mode & RCV_SHUTDOWN)
1938 sk_wake_async(other, SOCK_WAKE_WAITD, POLL_IN);
1939 read_unlock(&other->sk_callback_lock);
1947 static int unix_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1949 struct sock *sk = sock->sk;
1955 amount = sk_wmem_alloc_get(sk);
1956 err = put_user(amount, (int __user *)arg);
1960 struct sk_buff *skb;
1962 if (sk->sk_state == TCP_LISTEN) {
1967 spin_lock(&sk->sk_receive_queue.lock);
1968 if (sk->sk_type == SOCK_STREAM ||
1969 sk->sk_type == SOCK_SEQPACKET) {
1970 skb_queue_walk(&sk->sk_receive_queue, skb)
1973 skb = skb_peek(&sk->sk_receive_queue);
1977 spin_unlock(&sk->sk_receive_queue.lock);
1978 err = put_user(amount, (int __user *)arg);
1989 static unsigned int unix_poll(struct file *file, struct socket *sock, poll_table *wait)
1991 struct sock *sk = sock->sk;
1994 sock_poll_wait(file, sk->sk_sleep, wait);
1997 /* exceptional events? */
2000 if (sk->sk_shutdown == SHUTDOWN_MASK)
2002 if (sk->sk_shutdown & RCV_SHUTDOWN)
2006 if (!skb_queue_empty(&sk->sk_receive_queue) ||
2007 (sk->sk_shutdown & RCV_SHUTDOWN))
2008 mask |= POLLIN | POLLRDNORM;
2010 /* Connection-based need to check for termination and startup */
2011 if ((sk->sk_type == SOCK_STREAM || sk->sk_type == SOCK_SEQPACKET) &&
2012 sk->sk_state == TCP_CLOSE)
2016 * we set writable also when the other side has shut down the
2017 * connection. This prevents stuck sockets.
2019 if (unix_writable(sk))
2020 mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
2025 static unsigned int unix_dgram_poll(struct file *file, struct socket *sock,
2028 struct sock *sk = sock->sk, *other;
2029 unsigned int mask, writable;
2031 sock_poll_wait(file, sk->sk_sleep, wait);
2034 /* exceptional events? */
2035 if (sk->sk_err || !skb_queue_empty(&sk->sk_error_queue))
2037 if (sk->sk_shutdown & RCV_SHUTDOWN)
2039 if (sk->sk_shutdown == SHUTDOWN_MASK)
2043 if (!skb_queue_empty(&sk->sk_receive_queue) ||
2044 (sk->sk_shutdown & RCV_SHUTDOWN))
2045 mask |= POLLIN | POLLRDNORM;
2047 /* Connection-based need to check for termination and startup */
2048 if (sk->sk_type == SOCK_SEQPACKET) {
2049 if (sk->sk_state == TCP_CLOSE)
2051 /* connection hasn't started yet? */
2052 if (sk->sk_state == TCP_SYN_SENT)
2057 writable = unix_writable(sk);
2059 other = unix_peer_get(sk);
2061 if (unix_peer(other) != sk) {
2062 sock_poll_wait(file, &unix_sk(other)->peer_wait,
2064 if (unix_recvq_full(other))
2073 mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
2075 set_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags);
2080 #ifdef CONFIG_PROC_FS
2081 static struct sock *first_unix_socket(int *i)
2083 for (*i = 0; *i <= UNIX_HASH_SIZE; (*i)++) {
2084 if (!hlist_empty(&unix_socket_table[*i]))
2085 return __sk_head(&unix_socket_table[*i]);
2090 static struct sock *next_unix_socket(int *i, struct sock *s)
2092 struct sock *next = sk_next(s);
2093 /* More in this chain? */
2096 /* Look for next non-empty chain. */
2097 for ((*i)++; *i <= UNIX_HASH_SIZE; (*i)++) {
2098 if (!hlist_empty(&unix_socket_table[*i]))
2099 return __sk_head(&unix_socket_table[*i]);
2104 struct unix_iter_state {
2105 struct seq_net_private p;
2109 static struct sock *unix_seq_idx(struct seq_file *seq, loff_t pos)
2111 struct unix_iter_state *iter = seq->private;
2115 for (s = first_unix_socket(&iter->i); s; s = next_unix_socket(&iter->i, s)) {
2116 if (sock_net(s) != seq_file_net(seq))
2125 static void *unix_seq_start(struct seq_file *seq, loff_t *pos)
2126 __acquires(unix_table_lock)
2128 spin_lock(&unix_table_lock);
2129 return *pos ? unix_seq_idx(seq, *pos - 1) : SEQ_START_TOKEN;
2132 static void *unix_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2134 struct unix_iter_state *iter = seq->private;
2135 struct sock *sk = v;
2138 if (v == SEQ_START_TOKEN)
2139 sk = first_unix_socket(&iter->i);
2141 sk = next_unix_socket(&iter->i, sk);
2142 while (sk && (sock_net(sk) != seq_file_net(seq)))
2143 sk = next_unix_socket(&iter->i, sk);
2147 static void unix_seq_stop(struct seq_file *seq, void *v)
2148 __releases(unix_table_lock)
2150 spin_unlock(&unix_table_lock);
2153 static int unix_seq_show(struct seq_file *seq, void *v)
2156 if (v == SEQ_START_TOKEN)
2157 seq_puts(seq, "Num RefCount Protocol Flags Type St "
2161 struct unix_sock *u = unix_sk(s);
2164 seq_printf(seq, "%p: %08X %08X %08X %04X %02X %5lu",
2166 atomic_read(&s->sk_refcnt),
2168 s->sk_state == TCP_LISTEN ? __SO_ACCEPTCON : 0,
2171 (s->sk_state == TCP_ESTABLISHED ? SS_CONNECTED : SS_UNCONNECTED) :
2172 (s->sk_state == TCP_ESTABLISHED ? SS_CONNECTING : SS_DISCONNECTING),
2180 len = u->addr->len - sizeof(short);
2181 if (!UNIX_ABSTRACT(s))
2187 for ( ; i < len; i++)
2188 seq_putc(seq, u->addr->name->sun_path[i]);
2190 unix_state_unlock(s);
2191 seq_putc(seq, '\n');
2197 static const struct seq_operations unix_seq_ops = {
2198 .start = unix_seq_start,
2199 .next = unix_seq_next,
2200 .stop = unix_seq_stop,
2201 .show = unix_seq_show,
2204 static int unix_seq_open(struct inode *inode, struct file *file)
2206 return seq_open_net(inode, file, &unix_seq_ops,
2207 sizeof(struct unix_iter_state));
2210 static const struct file_operations unix_seq_fops = {
2211 .owner = THIS_MODULE,
2212 .open = unix_seq_open,
2214 .llseek = seq_lseek,
2215 .release = seq_release_net,
2220 static const struct net_proto_family unix_family_ops = {
2222 .create = unix_create,
2223 .owner = THIS_MODULE,
2227 static int unix_net_init(struct net *net)
2229 int error = -ENOMEM;
2231 net->unx.sysctl_max_dgram_qlen = 10;
2232 if (unix_sysctl_register(net))
2235 #ifdef CONFIG_PROC_FS
2236 if (!proc_net_fops_create(net, "unix", 0, &unix_seq_fops)) {
2237 unix_sysctl_unregister(net);
2246 static void unix_net_exit(struct net *net)
2248 unix_sysctl_unregister(net);
2249 proc_net_remove(net, "unix");
2252 static struct pernet_operations unix_net_ops = {
2253 .init = unix_net_init,
2254 .exit = unix_net_exit,
2257 static int __init af_unix_init(void)
2260 struct sk_buff *dummy_skb;
2262 BUILD_BUG_ON(sizeof(struct unix_skb_parms) > sizeof(dummy_skb->cb));
2264 rc = proto_register(&unix_proto, 1);
2266 printk(KERN_CRIT "%s: Cannot create unix_sock SLAB cache!\n",
2271 sock_register(&unix_family_ops);
2272 register_pernet_subsys(&unix_net_ops);
2277 static void __exit af_unix_exit(void)
2279 sock_unregister(PF_UNIX);
2280 proto_unregister(&unix_proto);
2281 unregister_pernet_subsys(&unix_net_ops);
2284 /* Earlier than device_initcall() so that other drivers invoking
2285 request_module() don't end up in a loop when modprobe tries
2286 to use a UNIX socket. But later than subsys_initcall() because
2287 we depend on stuff initialised there */
2288 fs_initcall(af_unix_init);
2289 module_exit(af_unix_exit);
2291 MODULE_LICENSE("GPL");
2292 MODULE_ALIAS_NETPROTO(PF_UNIX);
Code Review / linux-2.6.git / blob