2 * NET4: Implementation of BSD Unix domain sockets.
4 * Authors: Alan Cox, <alan@lxorguk.ukuu.org.uk>
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
12 * Linus Torvalds : Assorted bug cures.
13 * Niibe Yutaka : async I/O support.
14 * Carsten Paeth : PF_UNIX check, address fixes.
15 * Alan Cox : Limit size of allocated blocks.
16 * Alan Cox : Fixed the stupid socketpair bug.
17 * Alan Cox : BSD compatibility fine tuning.
18 * Alan Cox : Fixed a bug in connect when interrupted.
19 * Alan Cox : Sorted out a proper draft version of
20 * file descriptor passing hacked up from
22 * Marty Leisner : Fixes to fd passing
23 * Nick Nevin : recvmsg bugfix.
24 * Alan Cox : Started proper garbage collector
25 * Heiko EiBfeldt : Missing verify_area check
26 * Alan Cox : Started POSIXisms
27 * Andreas Schwab : Replace inode by dentry for proper
29 * Kirk Petersen : Made this a module
30 * Christoph Rohland : Elegant non-blocking accept/connect algorithm.
32 * Alexey Kuznetosv : Repaired (I hope) bugs introduces
33 * by above two patches.
34 * Andrea Arcangeli : If possible we block in connect(2)
35 * if the max backlog of the listen socket
36 * is been reached. This won't break
37 * old apps and it will avoid huge amount
38 * of socks hashed (this for unix_gc()
39 * performances reasons).
40 * Security fix that limits the max
41 * number of socks to 2*max_files and
42 * the number of skb queueable in the
44 * Artur Skawina : Hash function optimizations
45 * Alexey Kuznetsov : Full scale SMP. Lot of bugs are introduced 8)
46 * Malcolm Beattie : Set peercred for socketpair
47 * Michal Ostrowski : Module initialization cleanup.
48 * Arnaldo C. Melo : Remove MOD_{INC,DEC}_USE_COUNT,
49 * the core infrastructure is doing that
50 * for all net proto families now (2.5.69+)
53 * Known differences from reference BSD that was tested:
56 * ECONNREFUSED is not returned from one end of a connected() socket to the
57 * other the moment one end closes.
58 * fstat() doesn't return st_dev=0, and give the blksize as high water mark
59 * and a fake inode identifier (nor the BSD first socket fstat twice bug).
61 * accept() returns a path name even if the connecting socket has closed
62 * in the meantime (BSD loses the path and gives up).
63 * accept() returns 0 length path for an unbound connector. BSD returns 16
64 * and a null first byte in the path (but not for gethost/peername - BSD bug ??)
65 * socketpair(...SOCK_RAW..) doesn't panic the kernel.
66 * BSD af_unix apparently has connect forgetting to block properly.
67 * (need to check this with the POSIX spec in detail)
69 * Differences from 2.0.0-11-... (ANK)
70 * Bug fixes and improvements.
71 * - client shutdown killed server socket.
72 * - removed all useless cli/sti pairs.
74 * Semantic changes/extensions.
75 * - generic control message passing.
76 * - SCM_CREDENTIALS control message.
77 * - "Abstract" (not FS based) socket bindings.
78 * Abstract names are sequences of bytes (not zero terminated)
79 * started by 0, so that this name space does not intersect
83 #include <linux/module.h>
84 #include <linux/kernel.h>
85 #include <linux/signal.h>
86 #include <linux/sched.h>
87 #include <linux/errno.h>
88 #include <linux/string.h>
89 #include <linux/stat.h>
90 #include <linux/dcache.h>
91 #include <linux/namei.h>
92 #include <linux/socket.h>
94 #include <linux/fcntl.h>
95 #include <linux/termios.h>
96 #include <linux/sockios.h>
97 #include <linux/net.h>
100 #include <linux/slab.h>
101 #include <asm/uaccess.h>
102 #include <linux/skbuff.h>
103 #include <linux/netdevice.h>
104 #include <net/net_namespace.h>
105 #include <net/sock.h>
106 #include <net/tcp_states.h>
107 #include <net/af_unix.h>
108 #include <linux/proc_fs.h>
109 #include <linux/seq_file.h>
111 #include <linux/init.h>
112 #include <linux/poll.h>
113 #include <linux/rtnetlink.h>
114 #include <linux/mount.h>
115 #include <net/checksum.h>
116 #include <linux/security.h>
118 static struct hlist_head unix_socket_table[UNIX_HASH_SIZE + 1];
119 static DEFINE_SPINLOCK(unix_table_lock);
120 static atomic_long_t unix_nr_socks;
122 #define unix_sockets_unbound (&unix_socket_table[UNIX_HASH_SIZE])
124 #define UNIX_ABSTRACT(sk) (unix_sk(sk)->addr->hash != UNIX_HASH_SIZE)
126 #ifdef CONFIG_SECURITY_NETWORK
127 static void unix_get_secdata(struct scm_cookie *scm, struct sk_buff *skb)
129 memcpy(UNIXSID(skb), &scm->secid, sizeof(u32));
132 static inline void unix_set_secdata(struct scm_cookie *scm, struct sk_buff *skb)
134 scm->secid = *UNIXSID(skb);
137 static inline void unix_get_secdata(struct scm_cookie *scm, struct sk_buff *skb)
140 static inline void unix_set_secdata(struct scm_cookie *scm, struct sk_buff *skb)
142 #endif /* CONFIG_SECURITY_NETWORK */
145 * SMP locking strategy:
146 * hash table is protected with spinlock unix_table_lock
147 * each socket state is protected by separate spin lock.
150 static inline unsigned unix_hash_fold(__wsum n)
152 unsigned hash = (__force unsigned)n;
155 return hash&(UNIX_HASH_SIZE-1);
158 #define unix_peer(sk) (unix_sk(sk)->peer)
160 static inline int unix_our_peer(struct sock *sk, struct sock *osk)
162 return unix_peer(osk) == sk;
165 static inline int unix_may_send(struct sock *sk, struct sock *osk)
167 return unix_peer(osk) == NULL || unix_our_peer(sk, osk);
170 static inline int unix_recvq_full(struct sock const *sk)
172 return skb_queue_len(&sk->sk_receive_queue) > sk->sk_max_ack_backlog;
175 static struct sock *unix_peer_get(struct sock *s)
183 unix_state_unlock(s);
187 static inline void unix_release_addr(struct unix_address *addr)
189 if (atomic_dec_and_test(&addr->refcnt))
194 * Check unix socket name:
195 * - should be not zero length.
196 * - if started by not zero, should be NULL terminated (FS object)
197 * - if started by zero, it is abstract name.
200 static int unix_mkname(struct sockaddr_un *sunaddr, int len, unsigned *hashp)
202 if (len <= sizeof(short) || len > sizeof(*sunaddr))
204 if (!sunaddr || sunaddr->sun_family != AF_UNIX)
206 if (sunaddr->sun_path[0]) {
208 * This may look like an off by one error but it is a bit more
209 * subtle. 108 is the longest valid AF_UNIX path for a binding.
210 * sun_path[108] doesnt as such exist. However in kernel space
211 * we are guaranteed that it is a valid memory location in our
212 * kernel address buffer.
214 ((char *)sunaddr)[len] = 0;
215 len = strlen(sunaddr->sun_path)+1+sizeof(short);
219 *hashp = unix_hash_fold(csum_partial(sunaddr, len, 0));
223 static void __unix_remove_socket(struct sock *sk)
225 sk_del_node_init(sk);
228 static void __unix_insert_socket(struct hlist_head *list, struct sock *sk)
230 WARN_ON(!sk_unhashed(sk));
231 sk_add_node(sk, list);
234 static inline void unix_remove_socket(struct sock *sk)
236 spin_lock(&unix_table_lock);
237 __unix_remove_socket(sk);
238 spin_unlock(&unix_table_lock);
241 static inline void unix_insert_socket(struct hlist_head *list, struct sock *sk)
243 spin_lock(&unix_table_lock);
244 __unix_insert_socket(list, sk);
245 spin_unlock(&unix_table_lock);
248 static struct sock *__unix_find_socket_byname(struct net *net,
249 struct sockaddr_un *sunname,
250 int len, int type, unsigned hash)
253 struct hlist_node *node;
255 sk_for_each(s, node, &unix_socket_table[hash ^ type]) {
256 struct unix_sock *u = unix_sk(s);
258 if (!net_eq(sock_net(s), net))
261 if (u->addr->len == len &&
262 !memcmp(u->addr->name, sunname, len))
270 static inline struct sock *unix_find_socket_byname(struct net *net,
271 struct sockaddr_un *sunname,
277 spin_lock(&unix_table_lock);
278 s = __unix_find_socket_byname(net, sunname, len, type, hash);
281 spin_unlock(&unix_table_lock);
285 static struct sock *unix_find_socket_byinode(struct inode *i)
288 struct hlist_node *node;
290 spin_lock(&unix_table_lock);
292 &unix_socket_table[i->i_ino & (UNIX_HASH_SIZE - 1)]) {
293 struct dentry *dentry = unix_sk(s)->dentry;
295 if (dentry && dentry->d_inode == i) {
302 spin_unlock(&unix_table_lock);
306 static inline int unix_writable(struct sock *sk)
308 return (atomic_read(&sk->sk_wmem_alloc) << 2) <= sk->sk_sndbuf;
311 static void unix_write_space(struct sock *sk)
313 struct socket_wq *wq;
316 if (unix_writable(sk)) {
317 wq = rcu_dereference(sk->sk_wq);
318 if (wq_has_sleeper(wq))
319 wake_up_interruptible_sync_poll(&wq->wait,
320 POLLOUT | POLLWRNORM | POLLWRBAND);
321 sk_wake_async(sk, SOCK_WAKE_SPACE, POLL_OUT);
326 /* When dgram socket disconnects (or changes its peer), we clear its receive
327 * queue of packets arrived from previous peer. First, it allows to do
328 * flow control based only on wmem_alloc; second, sk connected to peer
329 * may receive messages only from that peer. */
330 static void unix_dgram_disconnected(struct sock *sk, struct sock *other)
332 if (!skb_queue_empty(&sk->sk_receive_queue)) {
333 skb_queue_purge(&sk->sk_receive_queue);
334 wake_up_interruptible_all(&unix_sk(sk)->peer_wait);
336 /* If one link of bidirectional dgram pipe is disconnected,
337 * we signal error. Messages are lost. Do not make this,
338 * when peer was not connected to us.
340 if (!sock_flag(other, SOCK_DEAD) && unix_peer(other) == sk) {
341 other->sk_err = ECONNRESET;
342 other->sk_error_report(other);
347 static void unix_sock_destructor(struct sock *sk)
349 struct unix_sock *u = unix_sk(sk);
351 skb_queue_purge(&sk->sk_receive_queue);
353 WARN_ON(atomic_read(&sk->sk_wmem_alloc));
354 WARN_ON(!sk_unhashed(sk));
355 WARN_ON(sk->sk_socket);
356 if (!sock_flag(sk, SOCK_DEAD)) {
357 printk(KERN_INFO "Attempt to release alive unix socket: %p\n", sk);
362 unix_release_addr(u->addr);
364 atomic_long_dec(&unix_nr_socks);
366 sock_prot_inuse_add(sock_net(sk), sk->sk_prot, -1);
368 #ifdef UNIX_REFCNT_DEBUG
369 printk(KERN_DEBUG "UNIX %p is destroyed, %ld are still alive.\n", sk,
370 atomic_long_read(&unix_nr_socks));
374 static int unix_release_sock(struct sock *sk, int embrion)
376 struct unix_sock *u = unix_sk(sk);
377 struct dentry *dentry;
378 struct vfsmount *mnt;
383 unix_remove_socket(sk);
388 sk->sk_shutdown = SHUTDOWN_MASK;
393 state = sk->sk_state;
394 sk->sk_state = TCP_CLOSE;
395 unix_state_unlock(sk);
397 wake_up_interruptible_all(&u->peer_wait);
399 skpair = unix_peer(sk);
401 if (skpair != NULL) {
402 if (sk->sk_type == SOCK_STREAM || sk->sk_type == SOCK_SEQPACKET) {
403 unix_state_lock(skpair);
405 skpair->sk_shutdown = SHUTDOWN_MASK;
406 if (!skb_queue_empty(&sk->sk_receive_queue) || embrion)
407 skpair->sk_err = ECONNRESET;
408 unix_state_unlock(skpair);
409 skpair->sk_state_change(skpair);
410 sk_wake_async(skpair, SOCK_WAKE_WAITD, POLL_HUP);
412 sock_put(skpair); /* It may now die */
413 unix_peer(sk) = NULL;
416 /* Try to flush out this socket. Throw out buffers at least */
418 while ((skb = skb_dequeue(&sk->sk_receive_queue)) != NULL) {
419 if (state == TCP_LISTEN)
420 unix_release_sock(skb->sk, 1);
421 /* passed fds are erased in the kfree_skb hook */
432 /* ---- Socket is dead now and most probably destroyed ---- */
435 * Fixme: BSD difference: In BSD all sockets connected to use get
436 * ECONNRESET and we die on the spot. In Linux we behave
437 * like files and pipes do and wait for the last
440 * Can't we simply set sock->err?
442 * What the above comment does talk about? --ANK(980817)
445 if (unix_tot_inflight)
446 unix_gc(); /* Garbage collect fds */
451 static void init_peercred(struct sock *sk)
453 put_pid(sk->sk_peer_pid);
454 if (sk->sk_peer_cred)
455 put_cred(sk->sk_peer_cred);
456 sk->sk_peer_pid = get_pid(task_tgid(current));
457 sk->sk_peer_cred = get_current_cred();
460 static void copy_peercred(struct sock *sk, struct sock *peersk)
462 put_pid(sk->sk_peer_pid);
463 if (sk->sk_peer_cred)
464 put_cred(sk->sk_peer_cred);
465 sk->sk_peer_pid = get_pid(peersk->sk_peer_pid);
466 sk->sk_peer_cred = get_cred(peersk->sk_peer_cred);
469 static int unix_listen(struct socket *sock, int backlog)
472 struct sock *sk = sock->sk;
473 struct unix_sock *u = unix_sk(sk);
474 struct pid *old_pid = NULL;
475 const struct cred *old_cred = NULL;
478 if (sock->type != SOCK_STREAM && sock->type != SOCK_SEQPACKET)
479 goto out; /* Only stream/seqpacket sockets accept */
482 goto out; /* No listens on an unbound socket */
484 if (sk->sk_state != TCP_CLOSE && sk->sk_state != TCP_LISTEN)
486 if (backlog > sk->sk_max_ack_backlog)
487 wake_up_interruptible_all(&u->peer_wait);
488 sk->sk_max_ack_backlog = backlog;
489 sk->sk_state = TCP_LISTEN;
490 /* set credentials so connect can copy them */
495 unix_state_unlock(sk);
503 static int unix_release(struct socket *);
504 static int unix_bind(struct socket *, struct sockaddr *, int);
505 static int unix_stream_connect(struct socket *, struct sockaddr *,
506 int addr_len, int flags);
507 static int unix_socketpair(struct socket *, struct socket *);
508 static int unix_accept(struct socket *, struct socket *, int);
509 static int unix_getname(struct socket *, struct sockaddr *, int *, int);
510 static unsigned int unix_poll(struct file *, struct socket *, poll_table *);
511 static unsigned int unix_dgram_poll(struct file *, struct socket *,
513 static int unix_ioctl(struct socket *, unsigned int, unsigned long);
514 static int unix_shutdown(struct socket *, int);
515 static int unix_stream_sendmsg(struct kiocb *, struct socket *,
516 struct msghdr *, size_t);
517 static int unix_stream_recvmsg(struct kiocb *, struct socket *,
518 struct msghdr *, size_t, int);
519 static int unix_dgram_sendmsg(struct kiocb *, struct socket *,
520 struct msghdr *, size_t);
521 static int unix_dgram_recvmsg(struct kiocb *, struct socket *,
522 struct msghdr *, size_t, int);
523 static int unix_dgram_connect(struct socket *, struct sockaddr *,
525 static int unix_seqpacket_sendmsg(struct kiocb *, struct socket *,
526 struct msghdr *, size_t);
527 static int unix_seqpacket_recvmsg(struct kiocb *, struct socket *,
528 struct msghdr *, size_t, int);
530 static const struct proto_ops unix_stream_ops = {
532 .owner = THIS_MODULE,
533 .release = unix_release,
535 .connect = unix_stream_connect,
536 .socketpair = unix_socketpair,
537 .accept = unix_accept,
538 .getname = unix_getname,
541 .listen = unix_listen,
542 .shutdown = unix_shutdown,
543 .setsockopt = sock_no_setsockopt,
544 .getsockopt = sock_no_getsockopt,
545 .sendmsg = unix_stream_sendmsg,
546 .recvmsg = unix_stream_recvmsg,
547 .mmap = sock_no_mmap,
548 .sendpage = sock_no_sendpage,
551 static const struct proto_ops unix_dgram_ops = {
553 .owner = THIS_MODULE,
554 .release = unix_release,
556 .connect = unix_dgram_connect,
557 .socketpair = unix_socketpair,
558 .accept = sock_no_accept,
559 .getname = unix_getname,
560 .poll = unix_dgram_poll,
562 .listen = sock_no_listen,
563 .shutdown = unix_shutdown,
564 .setsockopt = sock_no_setsockopt,
565 .getsockopt = sock_no_getsockopt,
566 .sendmsg = unix_dgram_sendmsg,
567 .recvmsg = unix_dgram_recvmsg,
568 .mmap = sock_no_mmap,
569 .sendpage = sock_no_sendpage,
572 static const struct proto_ops unix_seqpacket_ops = {
574 .owner = THIS_MODULE,
575 .release = unix_release,
577 .connect = unix_stream_connect,
578 .socketpair = unix_socketpair,
579 .accept = unix_accept,
580 .getname = unix_getname,
581 .poll = unix_dgram_poll,
583 .listen = unix_listen,
584 .shutdown = unix_shutdown,
585 .setsockopt = sock_no_setsockopt,
586 .getsockopt = sock_no_getsockopt,
587 .sendmsg = unix_seqpacket_sendmsg,
588 .recvmsg = unix_seqpacket_recvmsg,
589 .mmap = sock_no_mmap,
590 .sendpage = sock_no_sendpage,
593 static struct proto unix_proto = {
595 .owner = THIS_MODULE,
596 .obj_size = sizeof(struct unix_sock),
600 * AF_UNIX sockets do not interact with hardware, hence they
601 * dont trigger interrupts - so it's safe for them to have
602 * bh-unsafe locking for their sk_receive_queue.lock. Split off
603 * this special lock-class by reinitializing the spinlock key:
605 static struct lock_class_key af_unix_sk_receive_queue_lock_key;
607 static struct sock *unix_create1(struct net *net, struct socket *sock)
609 struct sock *sk = NULL;
612 atomic_long_inc(&unix_nr_socks);
613 if (atomic_long_read(&unix_nr_socks) > 2 * get_max_files())
616 sk = sk_alloc(net, PF_UNIX, GFP_KERNEL, &unix_proto);
620 sock_init_data(sock, sk);
621 lockdep_set_class(&sk->sk_receive_queue.lock,
622 &af_unix_sk_receive_queue_lock_key);
624 sk->sk_write_space = unix_write_space;
625 sk->sk_max_ack_backlog = net->unx.sysctl_max_dgram_qlen;
626 sk->sk_destruct = unix_sock_destructor;
630 spin_lock_init(&u->lock);
631 atomic_long_set(&u->inflight, 0);
632 INIT_LIST_HEAD(&u->link);
633 mutex_init(&u->readlock); /* single task reading lock */
634 init_waitqueue_head(&u->peer_wait);
635 unix_insert_socket(unix_sockets_unbound, sk);
638 atomic_long_dec(&unix_nr_socks);
641 sock_prot_inuse_add(sock_net(sk), sk->sk_prot, 1);
647 static int unix_create(struct net *net, struct socket *sock, int protocol,
650 if (protocol && protocol != PF_UNIX)
651 return -EPROTONOSUPPORT;
653 sock->state = SS_UNCONNECTED;
655 switch (sock->type) {
657 sock->ops = &unix_stream_ops;
660 * Believe it or not BSD has AF_UNIX, SOCK_RAW though
664 sock->type = SOCK_DGRAM;
666 sock->ops = &unix_dgram_ops;
669 sock->ops = &unix_seqpacket_ops;
672 return -ESOCKTNOSUPPORT;
675 return unix_create1(net, sock) ? 0 : -ENOMEM;
678 static int unix_release(struct socket *sock)
680 struct sock *sk = sock->sk;
687 return unix_release_sock(sk, 0);
690 static int unix_autobind(struct socket *sock)
692 struct sock *sk = sock->sk;
693 struct net *net = sock_net(sk);
694 struct unix_sock *u = unix_sk(sk);
695 static u32 ordernum = 1;
696 struct unix_address *addr;
698 unsigned int retries = 0;
700 mutex_lock(&u->readlock);
707 addr = kzalloc(sizeof(*addr) + sizeof(short) + 16, GFP_KERNEL);
711 addr->name->sun_family = AF_UNIX;
712 atomic_set(&addr->refcnt, 1);
715 addr->len = sprintf(addr->name->sun_path+1, "%05x", ordernum) + 1 + sizeof(short);
716 addr->hash = unix_hash_fold(csum_partial(addr->name, addr->len, 0));
718 spin_lock(&unix_table_lock);
719 ordernum = (ordernum+1)&0xFFFFF;
721 if (__unix_find_socket_byname(net, addr->name, addr->len, sock->type,
723 spin_unlock(&unix_table_lock);
725 * __unix_find_socket_byname() may take long time if many names
726 * are already in use.
729 /* Give up if all names seems to be in use. */
730 if (retries++ == 0xFFFFF) {
737 addr->hash ^= sk->sk_type;
739 __unix_remove_socket(sk);
741 __unix_insert_socket(&unix_socket_table[addr->hash], sk);
742 spin_unlock(&unix_table_lock);
745 out: mutex_unlock(&u->readlock);
749 static struct sock *unix_find_other(struct net *net,
750 struct sockaddr_un *sunname, int len,
751 int type, unsigned hash, int *error)
757 if (sunname->sun_path[0]) {
759 err = kern_path(sunname->sun_path, LOOKUP_FOLLOW, &path);
762 inode = path.dentry->d_inode;
763 err = inode_permission(inode, MAY_WRITE);
768 if (!S_ISSOCK(inode->i_mode))
770 u = unix_find_socket_byinode(inode);
774 if (u->sk_type == type)
775 touch_atime(path.mnt, path.dentry);
780 if (u->sk_type != type) {
786 u = unix_find_socket_byname(net, sunname, len, type, hash);
788 struct dentry *dentry;
789 dentry = unix_sk(u)->dentry;
791 touch_atime(unix_sk(u)->mnt, dentry);
805 static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
807 struct sock *sk = sock->sk;
808 struct net *net = sock_net(sk);
809 struct unix_sock *u = unix_sk(sk);
810 struct sockaddr_un *sunaddr = (struct sockaddr_un *)uaddr;
811 struct dentry *dentry = NULL;
815 struct unix_address *addr;
816 struct hlist_head *list;
819 if (sunaddr->sun_family != AF_UNIX)
822 if (addr_len == sizeof(short)) {
823 err = unix_autobind(sock);
827 err = unix_mkname(sunaddr, addr_len, &hash);
832 mutex_lock(&u->readlock);
839 addr = kmalloc(sizeof(*addr)+addr_len, GFP_KERNEL);
843 memcpy(addr->name, sunaddr, addr_len);
844 addr->len = addr_len;
845 addr->hash = hash ^ sk->sk_type;
846 atomic_set(&addr->refcnt, 1);
848 if (sunaddr->sun_path[0]) {
852 * Get the parent directory, calculate the hash for last
855 err = path_lookup(sunaddr->sun_path, LOOKUP_PARENT, &nd);
857 goto out_mknod_parent;
859 dentry = lookup_create(&nd, 0);
860 err = PTR_ERR(dentry);
862 goto out_mknod_unlock;
865 * All right, let's create it.
868 (SOCK_INODE(sock)->i_mode & ~current_umask());
869 err = mnt_want_write(nd.path.mnt);
872 err = security_path_mknod(&nd.path, dentry, mode, 0);
874 goto out_mknod_drop_write;
875 err = vfs_mknod(nd.path.dentry->d_inode, dentry, mode, 0);
876 out_mknod_drop_write:
877 mnt_drop_write(nd.path.mnt);
880 mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
881 dput(nd.path.dentry);
882 nd.path.dentry = dentry;
884 addr->hash = UNIX_HASH_SIZE;
887 spin_lock(&unix_table_lock);
889 if (!sunaddr->sun_path[0]) {
891 if (__unix_find_socket_byname(net, sunaddr, addr_len,
892 sk->sk_type, hash)) {
893 unix_release_addr(addr);
897 list = &unix_socket_table[addr->hash];
899 list = &unix_socket_table[dentry->d_inode->i_ino & (UNIX_HASH_SIZE-1)];
900 u->dentry = nd.path.dentry;
901 u->mnt = nd.path.mnt;
905 __unix_remove_socket(sk);
907 __unix_insert_socket(list, sk);
910 spin_unlock(&unix_table_lock);
912 mutex_unlock(&u->readlock);
919 mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
924 unix_release_addr(addr);
928 static void unix_state_double_lock(struct sock *sk1, struct sock *sk2)
930 if (unlikely(sk1 == sk2) || !sk2) {
931 unix_state_lock(sk1);
935 unix_state_lock(sk1);
936 unix_state_lock_nested(sk2);
938 unix_state_lock(sk2);
939 unix_state_lock_nested(sk1);
943 static void unix_state_double_unlock(struct sock *sk1, struct sock *sk2)
945 if (unlikely(sk1 == sk2) || !sk2) {
946 unix_state_unlock(sk1);
949 unix_state_unlock(sk1);
950 unix_state_unlock(sk2);
953 static int unix_dgram_connect(struct socket *sock, struct sockaddr *addr,
956 struct sock *sk = sock->sk;
957 struct net *net = sock_net(sk);
958 struct sockaddr_un *sunaddr = (struct sockaddr_un *)addr;
963 if (addr->sa_family != AF_UNSPEC) {
964 err = unix_mkname(sunaddr, alen, &hash);
969 if (test_bit(SOCK_PASSCRED, &sock->flags) &&
970 !unix_sk(sk)->addr && (err = unix_autobind(sock)) != 0)
974 other = unix_find_other(net, sunaddr, alen, sock->type, hash, &err);
978 unix_state_double_lock(sk, other);
980 /* Apparently VFS overslept socket death. Retry. */
981 if (sock_flag(other, SOCK_DEAD)) {
982 unix_state_double_unlock(sk, other);
988 if (!unix_may_send(sk, other))
991 err = security_unix_may_send(sk->sk_socket, other->sk_socket);
997 * 1003.1g breaking connected state with AF_UNSPEC
1000 unix_state_double_lock(sk, other);
1004 * If it was connected, reconnect.
1006 if (unix_peer(sk)) {
1007 struct sock *old_peer = unix_peer(sk);
1008 unix_peer(sk) = other;
1009 unix_state_double_unlock(sk, other);
1011 if (other != old_peer)
1012 unix_dgram_disconnected(sk, old_peer);
1015 unix_peer(sk) = other;
1016 unix_state_double_unlock(sk, other);
1021 unix_state_double_unlock(sk, other);
1027 static long unix_wait_for_peer(struct sock *other, long timeo)
1029 struct unix_sock *u = unix_sk(other);
1033 prepare_to_wait_exclusive(&u->peer_wait, &wait, TASK_INTERRUPTIBLE);
1035 sched = !sock_flag(other, SOCK_DEAD) &&
1036 !(other->sk_shutdown & RCV_SHUTDOWN) &&
1037 unix_recvq_full(other);
1039 unix_state_unlock(other);
1042 timeo = schedule_timeout(timeo);
1044 finish_wait(&u->peer_wait, &wait);
1048 static int unix_stream_connect(struct socket *sock, struct sockaddr *uaddr,
1049 int addr_len, int flags)
1051 struct sockaddr_un *sunaddr = (struct sockaddr_un *)uaddr;
1052 struct sock *sk = sock->sk;
1053 struct net *net = sock_net(sk);
1054 struct unix_sock *u = unix_sk(sk), *newu, *otheru;
1055 struct sock *newsk = NULL;
1056 struct sock *other = NULL;
1057 struct sk_buff *skb = NULL;
1063 err = unix_mkname(sunaddr, addr_len, &hash);
1068 if (test_bit(SOCK_PASSCRED, &sock->flags) && !u->addr &&
1069 (err = unix_autobind(sock)) != 0)
1072 timeo = sock_sndtimeo(sk, flags & O_NONBLOCK);
1074 /* First of all allocate resources.
1075 If we will make it after state is locked,
1076 we will have to recheck all again in any case.
1081 /* create new sock for complete connection */
1082 newsk = unix_create1(sock_net(sk), NULL);
1086 /* Allocate skb for sending to listening sock */
1087 skb = sock_wmalloc(newsk, 1, 0, GFP_KERNEL);
1092 /* Find listening sock. */
1093 other = unix_find_other(net, sunaddr, addr_len, sk->sk_type, hash, &err);
1097 /* Latch state of peer */
1098 unix_state_lock(other);
1100 /* Apparently VFS overslept socket death. Retry. */
1101 if (sock_flag(other, SOCK_DEAD)) {
1102 unix_state_unlock(other);
1107 err = -ECONNREFUSED;
1108 if (other->sk_state != TCP_LISTEN)
1110 if (other->sk_shutdown & RCV_SHUTDOWN)
1113 if (unix_recvq_full(other)) {
1118 timeo = unix_wait_for_peer(other, timeo);
1120 err = sock_intr_errno(timeo);
1121 if (signal_pending(current))
1129 It is tricky place. We need to grab write lock and cannot
1130 drop lock on peer. It is dangerous because deadlock is
1131 possible. Connect to self case and simultaneous
1132 attempt to connect are eliminated by checking socket
1133 state. other is TCP_LISTEN, if sk is TCP_LISTEN we
1134 check this before attempt to grab lock.
1136 Well, and we have to recheck the state after socket locked.
1142 /* This is ok... continue with connect */
1144 case TCP_ESTABLISHED:
1145 /* Socket is already connected */
1153 unix_state_lock_nested(sk);
1155 if (sk->sk_state != st) {
1156 unix_state_unlock(sk);
1157 unix_state_unlock(other);
1162 err = security_unix_stream_connect(sk, other, newsk);
1164 unix_state_unlock(sk);
1168 /* The way is open! Fastly set all the necessary fields... */
1171 unix_peer(newsk) = sk;
1172 newsk->sk_state = TCP_ESTABLISHED;
1173 newsk->sk_type = sk->sk_type;
1174 init_peercred(newsk);
1175 newu = unix_sk(newsk);
1176 newsk->sk_wq = &newu->peer_wq;
1177 otheru = unix_sk(other);
1179 /* copy address information from listening to new sock*/
1181 atomic_inc(&otheru->addr->refcnt);
1182 newu->addr = otheru->addr;
1184 if (otheru->dentry) {
1185 newu->dentry = dget(otheru->dentry);
1186 newu->mnt = mntget(otheru->mnt);
1189 /* Set credentials */
1190 copy_peercred(sk, other);
1192 sock->state = SS_CONNECTED;
1193 sk->sk_state = TCP_ESTABLISHED;
1196 smp_mb__after_atomic_inc(); /* sock_hold() does an atomic_inc() */
1197 unix_peer(sk) = newsk;
1199 unix_state_unlock(sk);
1201 /* take ten and and send info to listening sock */
1202 spin_lock(&other->sk_receive_queue.lock);
1203 __skb_queue_tail(&other->sk_receive_queue, skb);
1204 spin_unlock(&other->sk_receive_queue.lock);
1205 unix_state_unlock(other);
1206 other->sk_data_ready(other, 0);
1212 unix_state_unlock(other);
1217 unix_release_sock(newsk, 0);
1223 static int unix_socketpair(struct socket *socka, struct socket *sockb)
1225 struct sock *ska = socka->sk, *skb = sockb->sk;
1227 /* Join our sockets back to back */
1230 unix_peer(ska) = skb;
1231 unix_peer(skb) = ska;
1235 if (ska->sk_type != SOCK_DGRAM) {
1236 ska->sk_state = TCP_ESTABLISHED;
1237 skb->sk_state = TCP_ESTABLISHED;
1238 socka->state = SS_CONNECTED;
1239 sockb->state = SS_CONNECTED;
1244 static int unix_accept(struct socket *sock, struct socket *newsock, int flags)
1246 struct sock *sk = sock->sk;
1248 struct sk_buff *skb;
1252 if (sock->type != SOCK_STREAM && sock->type != SOCK_SEQPACKET)
1256 if (sk->sk_state != TCP_LISTEN)
1259 /* If socket state is TCP_LISTEN it cannot change (for now...),
1260 * so that no locks are necessary.
1263 skb = skb_recv_datagram(sk, 0, flags&O_NONBLOCK, &err);
1265 /* This means receive shutdown. */
1272 skb_free_datagram(sk, skb);
1273 wake_up_interruptible(&unix_sk(sk)->peer_wait);
1275 /* attach accepted sock to socket */
1276 unix_state_lock(tsk);
1277 newsock->state = SS_CONNECTED;
1278 sock_graft(tsk, newsock);
1279 unix_state_unlock(tsk);
1287 static int unix_getname(struct socket *sock, struct sockaddr *uaddr, int *uaddr_len, int peer)
1289 struct sock *sk = sock->sk;
1290 struct unix_sock *u;
1291 DECLARE_SOCKADDR(struct sockaddr_un *, sunaddr, uaddr);
1295 sk = unix_peer_get(sk);
1306 unix_state_lock(sk);
1308 sunaddr->sun_family = AF_UNIX;
1309 sunaddr->sun_path[0] = 0;
1310 *uaddr_len = sizeof(short);
1312 struct unix_address *addr = u->addr;
1314 *uaddr_len = addr->len;
1315 memcpy(sunaddr, addr->name, *uaddr_len);
1317 unix_state_unlock(sk);
1323 static void unix_detach_fds(struct scm_cookie *scm, struct sk_buff *skb)
1327 scm->fp = UNIXCB(skb).fp;
1328 UNIXCB(skb).fp = NULL;
1330 for (i = scm->fp->count-1; i >= 0; i--)
1331 unix_notinflight(scm->fp->fp[i]);
1334 static void unix_destruct_scm(struct sk_buff *skb)
1336 struct scm_cookie scm;
1337 memset(&scm, 0, sizeof(scm));
1338 scm.pid = UNIXCB(skb).pid;
1339 scm.cred = UNIXCB(skb).cred;
1341 unix_detach_fds(&scm, skb);
1343 /* Alas, it calls VFS */
1344 /* So fscking what? fput() had been SMP-safe since the last Summer */
1349 #define MAX_RECURSION_LEVEL 4
1351 static int unix_attach_fds(struct scm_cookie *scm, struct sk_buff *skb)
1354 unsigned char max_level = 0;
1355 int unix_sock_count = 0;
1357 for (i = scm->fp->count - 1; i >= 0; i--) {
1358 struct sock *sk = unix_get_socket(scm->fp->fp[i]);
1362 max_level = max(max_level,
1363 unix_sk(sk)->recursion_level);
1366 if (unlikely(max_level > MAX_RECURSION_LEVEL))
1367 return -ETOOMANYREFS;
1370 * Need to duplicate file references for the sake of garbage
1371 * collection. Otherwise a socket in the fps might become a
1372 * candidate for GC while the skb is not yet queued.
1374 UNIXCB(skb).fp = scm_fp_dup(scm->fp);
1375 if (!UNIXCB(skb).fp)
1378 if (unix_sock_count) {
1379 for (i = scm->fp->count - 1; i >= 0; i--)
1380 unix_inflight(scm->fp->fp[i]);
1385 static int unix_scm_to_skb(struct scm_cookie *scm, struct sk_buff *skb, bool send_fds)
1388 UNIXCB(skb).pid = get_pid(scm->pid);
1389 UNIXCB(skb).cred = get_cred(scm->cred);
1390 UNIXCB(skb).fp = NULL;
1391 if (scm->fp && send_fds)
1392 err = unix_attach_fds(scm, skb);
1394 skb->destructor = unix_destruct_scm;
1399 * Send AF_UNIX data.
1402 static int unix_dgram_sendmsg(struct kiocb *kiocb, struct socket *sock,
1403 struct msghdr *msg, size_t len)
1405 struct sock_iocb *siocb = kiocb_to_siocb(kiocb);
1406 struct sock *sk = sock->sk;
1407 struct net *net = sock_net(sk);
1408 struct unix_sock *u = unix_sk(sk);
1409 struct sockaddr_un *sunaddr = msg->msg_name;
1410 struct sock *other = NULL;
1411 int namelen = 0; /* fake GCC */
1414 struct sk_buff *skb;
1416 struct scm_cookie tmp_scm;
1419 if (NULL == siocb->scm)
1420 siocb->scm = &tmp_scm;
1422 err = scm_send(sock, msg, siocb->scm);
1427 if (msg->msg_flags&MSG_OOB)
1430 if (msg->msg_namelen) {
1431 err = unix_mkname(sunaddr, msg->msg_namelen, &hash);
1438 other = unix_peer_get(sk);
1443 if (test_bit(SOCK_PASSCRED, &sock->flags) && !u->addr
1444 && (err = unix_autobind(sock)) != 0)
1448 if (len > sk->sk_sndbuf - 32)
1451 skb = sock_alloc_send_skb(sk, len, msg->msg_flags&MSG_DONTWAIT, &err);
1455 err = unix_scm_to_skb(siocb->scm, skb, true);
1458 max_level = err + 1;
1459 unix_get_secdata(siocb->scm, skb);
1461 skb_reset_transport_header(skb);
1462 err = memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len);
1466 timeo = sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT);
1471 if (sunaddr == NULL)
1474 other = unix_find_other(net, sunaddr, namelen, sk->sk_type,
1480 unix_state_lock(other);
1482 if (!unix_may_send(sk, other))
1485 if (sock_flag(other, SOCK_DEAD)) {
1487 * Check with 1003.1g - what should
1490 unix_state_unlock(other);
1494 unix_state_lock(sk);
1495 if (unix_peer(sk) == other) {
1496 unix_peer(sk) = NULL;
1497 unix_state_unlock(sk);
1499 unix_dgram_disconnected(sk, other);
1501 err = -ECONNREFUSED;
1503 unix_state_unlock(sk);
1513 if (other->sk_shutdown & RCV_SHUTDOWN)
1516 if (sk->sk_type != SOCK_SEQPACKET) {
1517 err = security_unix_may_send(sk->sk_socket, other->sk_socket);
1522 if (unix_peer(other) != sk && unix_recvq_full(other)) {
1528 timeo = unix_wait_for_peer(other, timeo);
1530 err = sock_intr_errno(timeo);
1531 if (signal_pending(current))
1537 if (sock_flag(other, SOCK_RCVTSTAMP))
1538 __net_timestamp(skb);
1539 skb_queue_tail(&other->sk_receive_queue, skb);
1540 if (max_level > unix_sk(other)->recursion_level)
1541 unix_sk(other)->recursion_level = max_level;
1542 unix_state_unlock(other);
1543 other->sk_data_ready(other, len);
1545 scm_destroy(siocb->scm);
1549 unix_state_unlock(other);
1555 scm_destroy(siocb->scm);
1560 static int unix_stream_sendmsg(struct kiocb *kiocb, struct socket *sock,
1561 struct msghdr *msg, size_t len)
1563 struct sock_iocb *siocb = kiocb_to_siocb(kiocb);
1564 struct sock *sk = sock->sk;
1565 struct sock *other = NULL;
1566 struct sockaddr_un *sunaddr = msg->msg_name;
1568 struct sk_buff *skb;
1570 struct scm_cookie tmp_scm;
1571 bool fds_sent = false;
1574 if (NULL == siocb->scm)
1575 siocb->scm = &tmp_scm;
1577 err = scm_send(sock, msg, siocb->scm);
1582 if (msg->msg_flags&MSG_OOB)
1585 if (msg->msg_namelen) {
1586 err = sk->sk_state == TCP_ESTABLISHED ? -EISCONN : -EOPNOTSUPP;
1591 other = unix_peer(sk);
1596 if (sk->sk_shutdown & SEND_SHUTDOWN)
1599 while (sent < len) {
1601 * Optimisation for the fact that under 0.01% of X
1602 * messages typically need breaking up.
1607 /* Keep two messages in the pipe so it schedules better */
1608 if (size > ((sk->sk_sndbuf >> 1) - 64))
1609 size = (sk->sk_sndbuf >> 1) - 64;
1611 if (size > SKB_MAX_ALLOC)
1612 size = SKB_MAX_ALLOC;
1618 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT,
1625 * If you pass two values to the sock_alloc_send_skb
1626 * it tries to grab the large buffer with GFP_NOFS
1627 * (which can fail easily), and if it fails grab the
1628 * fallback size buffer which is under a page and will
1631 size = min_t(int, size, skb_tailroom(skb));
1634 /* Only send the fds in the first buffer */
1635 err = unix_scm_to_skb(siocb->scm, skb, !fds_sent);
1640 max_level = err + 1;
1643 err = memcpy_fromiovec(skb_put(skb, size), msg->msg_iov, size);
1649 unix_state_lock(other);
1651 if (sock_flag(other, SOCK_DEAD) ||
1652 (other->sk_shutdown & RCV_SHUTDOWN))
1655 skb_queue_tail(&other->sk_receive_queue, skb);
1656 if (max_level > unix_sk(other)->recursion_level)
1657 unix_sk(other)->recursion_level = max_level;
1658 unix_state_unlock(other);
1659 other->sk_data_ready(other, size);
1663 scm_destroy(siocb->scm);
1669 unix_state_unlock(other);
1672 if (sent == 0 && !(msg->msg_flags&MSG_NOSIGNAL))
1673 send_sig(SIGPIPE, current, 0);
1676 scm_destroy(siocb->scm);
1678 return sent ? : err;
1681 static int unix_seqpacket_sendmsg(struct kiocb *kiocb, struct socket *sock,
1682 struct msghdr *msg, size_t len)
1685 struct sock *sk = sock->sk;
1687 err = sock_error(sk);
1691 if (sk->sk_state != TCP_ESTABLISHED)
1694 if (msg->msg_namelen)
1695 msg->msg_namelen = 0;
1697 return unix_dgram_sendmsg(kiocb, sock, msg, len);
1700 static int unix_seqpacket_recvmsg(struct kiocb *iocb, struct socket *sock,
1701 struct msghdr *msg, size_t size,
1704 struct sock *sk = sock->sk;
1706 if (sk->sk_state != TCP_ESTABLISHED)
1709 return unix_dgram_recvmsg(iocb, sock, msg, size, flags);
1712 static void unix_copy_addr(struct msghdr *msg, struct sock *sk)
1714 struct unix_sock *u = unix_sk(sk);
1716 msg->msg_namelen = 0;
1718 msg->msg_namelen = u->addr->len;
1719 memcpy(msg->msg_name, u->addr->name, u->addr->len);
1723 static int unix_dgram_recvmsg(struct kiocb *iocb, struct socket *sock,
1724 struct msghdr *msg, size_t size,
1727 struct sock_iocb *siocb = kiocb_to_siocb(iocb);
1728 struct scm_cookie tmp_scm;
1729 struct sock *sk = sock->sk;
1730 struct unix_sock *u = unix_sk(sk);
1731 int noblock = flags & MSG_DONTWAIT;
1732 struct sk_buff *skb;
1739 msg->msg_namelen = 0;
1741 err = mutex_lock_interruptible(&u->readlock);
1743 err = sock_intr_errno(sock_rcvtimeo(sk, noblock));
1747 skb = skb_recv_datagram(sk, flags, noblock, &err);
1749 unix_state_lock(sk);
1750 /* Signal EOF on disconnected non-blocking SEQPACKET socket. */
1751 if (sk->sk_type == SOCK_SEQPACKET && err == -EAGAIN &&
1752 (sk->sk_shutdown & RCV_SHUTDOWN))
1754 unix_state_unlock(sk);
1758 wake_up_interruptible_sync_poll(&u->peer_wait,
1759 POLLOUT | POLLWRNORM | POLLWRBAND);
1762 unix_copy_addr(msg, skb->sk);
1764 if (size > skb->len)
1766 else if (size < skb->len)
1767 msg->msg_flags |= MSG_TRUNC;
1769 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, size);
1773 if (sock_flag(sk, SOCK_RCVTSTAMP))
1774 __sock_recv_timestamp(msg, sk, skb);
1777 siocb->scm = &tmp_scm;
1778 memset(&tmp_scm, 0, sizeof(tmp_scm));
1780 scm_set_cred(siocb->scm, UNIXCB(skb).pid, UNIXCB(skb).cred);
1781 unix_set_secdata(siocb->scm, skb);
1783 if (!(flags & MSG_PEEK)) {
1785 unix_detach_fds(siocb->scm, skb);
1787 /* It is questionable: on PEEK we could:
1788 - do not return fds - good, but too simple 8)
1789 - return fds, and do not return them on read (old strategy,
1791 - clone fds (I chose it for now, it is the most universal
1794 POSIX 1003.1g does not actually define this clearly
1795 at all. POSIX 1003.1g doesn't define a lot of things
1800 siocb->scm->fp = scm_fp_dup(UNIXCB(skb).fp);
1804 scm_recv(sock, msg, siocb->scm, flags);
1807 skb_free_datagram(sk, skb);
1809 mutex_unlock(&u->readlock);
1815 * Sleep until data has arrive. But check for races..
1818 static long unix_stream_data_wait(struct sock *sk, long timeo)
1822 unix_state_lock(sk);
1825 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1827 if (!skb_queue_empty(&sk->sk_receive_queue) ||
1829 (sk->sk_shutdown & RCV_SHUTDOWN) ||
1830 signal_pending(current) ||
1834 set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
1835 unix_state_unlock(sk);
1836 timeo = schedule_timeout(timeo);
1837 unix_state_lock(sk);
1838 clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
1841 finish_wait(sk_sleep(sk), &wait);
1842 unix_state_unlock(sk);
1848 static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock,
1849 struct msghdr *msg, size_t size,
1852 struct sock_iocb *siocb = kiocb_to_siocb(iocb);
1853 struct scm_cookie tmp_scm;
1854 struct sock *sk = sock->sk;
1855 struct unix_sock *u = unix_sk(sk);
1856 struct sockaddr_un *sunaddr = msg->msg_name;
1858 int check_creds = 0;
1864 if (sk->sk_state != TCP_ESTABLISHED)
1871 target = sock_rcvlowat(sk, flags&MSG_WAITALL, size);
1872 timeo = sock_rcvtimeo(sk, flags&MSG_DONTWAIT);
1874 msg->msg_namelen = 0;
1876 /* Lock the socket to prevent queue disordering
1877 * while sleeps in memcpy_tomsg
1881 siocb->scm = &tmp_scm;
1882 memset(&tmp_scm, 0, sizeof(tmp_scm));
1885 err = mutex_lock_interruptible(&u->readlock);
1887 err = sock_intr_errno(timeo);
1893 struct sk_buff *skb;
1895 unix_state_lock(sk);
1896 skb = skb_dequeue(&sk->sk_receive_queue);
1898 unix_sk(sk)->recursion_level = 0;
1899 if (copied >= target)
1903 * POSIX 1003.1g mandates this order.
1906 err = sock_error(sk);
1909 if (sk->sk_shutdown & RCV_SHUTDOWN)
1912 unix_state_unlock(sk);
1916 mutex_unlock(&u->readlock);
1918 timeo = unix_stream_data_wait(sk, timeo);
1920 if (signal_pending(current)
1921 || mutex_lock_interruptible(&u->readlock)) {
1922 err = sock_intr_errno(timeo);
1928 unix_state_unlock(sk);
1931 unix_state_unlock(sk);
1934 /* Never glue messages from different writers */
1935 if ((UNIXCB(skb).pid != siocb->scm->pid) ||
1936 (UNIXCB(skb).cred != siocb->scm->cred)) {
1937 skb_queue_head(&sk->sk_receive_queue, skb);
1941 /* Copy credentials */
1942 scm_set_cred(siocb->scm, UNIXCB(skb).pid, UNIXCB(skb).cred);
1946 /* Copy address just once */
1948 unix_copy_addr(msg, skb->sk);
1952 chunk = min_t(unsigned int, skb->len, size);
1953 if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) {
1954 skb_queue_head(&sk->sk_receive_queue, skb);
1962 /* Mark read part of skb as used */
1963 if (!(flags & MSG_PEEK)) {
1964 skb_pull(skb, chunk);
1967 unix_detach_fds(siocb->scm, skb);
1969 /* put the skb back if we didn't use it up.. */
1971 skb_queue_head(&sk->sk_receive_queue, skb);
1980 /* It is questionable, see note in unix_dgram_recvmsg.
1983 siocb->scm->fp = scm_fp_dup(UNIXCB(skb).fp);
1985 /* put message back and return */
1986 skb_queue_head(&sk->sk_receive_queue, skb);
1991 mutex_unlock(&u->readlock);
1992 scm_recv(sock, msg, siocb->scm, flags);
1994 return copied ? : err;
1997 static int unix_shutdown(struct socket *sock, int mode)
1999 struct sock *sk = sock->sk;
2002 mode = (mode+1)&(RCV_SHUTDOWN|SEND_SHUTDOWN);
2005 unix_state_lock(sk);
2006 sk->sk_shutdown |= mode;
2007 other = unix_peer(sk);
2010 unix_state_unlock(sk);
2011 sk->sk_state_change(sk);
2014 (sk->sk_type == SOCK_STREAM || sk->sk_type == SOCK_SEQPACKET)) {
2018 if (mode&RCV_SHUTDOWN)
2019 peer_mode |= SEND_SHUTDOWN;
2020 if (mode&SEND_SHUTDOWN)
2021 peer_mode |= RCV_SHUTDOWN;
2022 unix_state_lock(other);
2023 other->sk_shutdown |= peer_mode;
2024 unix_state_unlock(other);
2025 other->sk_state_change(other);
2026 if (peer_mode == SHUTDOWN_MASK)
2027 sk_wake_async(other, SOCK_WAKE_WAITD, POLL_HUP);
2028 else if (peer_mode & RCV_SHUTDOWN)
2029 sk_wake_async(other, SOCK_WAKE_WAITD, POLL_IN);
2037 static int unix_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
2039 struct sock *sk = sock->sk;
2045 amount = sk_wmem_alloc_get(sk);
2046 err = put_user(amount, (int __user *)arg);
2050 struct sk_buff *skb;
2052 if (sk->sk_state == TCP_LISTEN) {
2057 spin_lock(&sk->sk_receive_queue.lock);
2058 if (sk->sk_type == SOCK_STREAM ||
2059 sk->sk_type == SOCK_SEQPACKET) {
2060 skb_queue_walk(&sk->sk_receive_queue, skb)
2063 skb = skb_peek(&sk->sk_receive_queue);
2067 spin_unlock(&sk->sk_receive_queue.lock);
2068 err = put_user(amount, (int __user *)arg);
2079 static unsigned int unix_poll(struct file *file, struct socket *sock, poll_table *wait)
2081 struct sock *sk = sock->sk;
2084 sock_poll_wait(file, sk_sleep(sk), wait);
2087 /* exceptional events? */
2090 if (sk->sk_shutdown == SHUTDOWN_MASK)
2092 if (sk->sk_shutdown & RCV_SHUTDOWN)
2093 mask |= POLLRDHUP | POLLIN | POLLRDNORM;
2096 if (!skb_queue_empty(&sk->sk_receive_queue))
2097 mask |= POLLIN | POLLRDNORM;
2099 /* Connection-based need to check for termination and startup */
2100 if ((sk->sk_type == SOCK_STREAM || sk->sk_type == SOCK_SEQPACKET) &&
2101 sk->sk_state == TCP_CLOSE)
2105 * we set writable also when the other side has shut down the
2106 * connection. This prevents stuck sockets.
2108 if (unix_writable(sk))
2109 mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
2114 static unsigned int unix_dgram_poll(struct file *file, struct socket *sock,
2117 struct sock *sk = sock->sk, *other;
2118 unsigned int mask, writable;
2120 sock_poll_wait(file, sk_sleep(sk), wait);
2123 /* exceptional events? */
2124 if (sk->sk_err || !skb_queue_empty(&sk->sk_error_queue))
2126 if (sk->sk_shutdown & RCV_SHUTDOWN)
2127 mask |= POLLRDHUP | POLLIN | POLLRDNORM;
2128 if (sk->sk_shutdown == SHUTDOWN_MASK)
2132 if (!skb_queue_empty(&sk->sk_receive_queue))
2133 mask |= POLLIN | POLLRDNORM;
2135 /* Connection-based need to check for termination and startup */
2136 if (sk->sk_type == SOCK_SEQPACKET) {
2137 if (sk->sk_state == TCP_CLOSE)
2139 /* connection hasn't started yet? */
2140 if (sk->sk_state == TCP_SYN_SENT)
2144 /* No write status requested, avoid expensive OUT tests. */
2145 if (wait && !(wait->key & (POLLWRBAND | POLLWRNORM | POLLOUT)))
2148 writable = unix_writable(sk);
2149 other = unix_peer_get(sk);
2151 if (unix_peer(other) != sk) {
2152 sock_poll_wait(file, &unix_sk(other)->peer_wait, wait);
2153 if (unix_recvq_full(other))
2160 mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
2162 set_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags);
2167 #ifdef CONFIG_PROC_FS
2168 static struct sock *first_unix_socket(int *i)
2170 for (*i = 0; *i <= UNIX_HASH_SIZE; (*i)++) {
2171 if (!hlist_empty(&unix_socket_table[*i]))
2172 return __sk_head(&unix_socket_table[*i]);
2177 static struct sock *next_unix_socket(int *i, struct sock *s)
2179 struct sock *next = sk_next(s);
2180 /* More in this chain? */
2183 /* Look for next non-empty chain. */
2184 for ((*i)++; *i <= UNIX_HASH_SIZE; (*i)++) {
2185 if (!hlist_empty(&unix_socket_table[*i]))
2186 return __sk_head(&unix_socket_table[*i]);
2191 struct unix_iter_state {
2192 struct seq_net_private p;
2196 static struct sock *unix_seq_idx(struct seq_file *seq, loff_t pos)
2198 struct unix_iter_state *iter = seq->private;
2202 for (s = first_unix_socket(&iter->i); s; s = next_unix_socket(&iter->i, s)) {
2203 if (sock_net(s) != seq_file_net(seq))
2212 static void *unix_seq_start(struct seq_file *seq, loff_t *pos)
2213 __acquires(unix_table_lock)
2215 spin_lock(&unix_table_lock);
2216 return *pos ? unix_seq_idx(seq, *pos - 1) : SEQ_START_TOKEN;
2219 static void *unix_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2221 struct unix_iter_state *iter = seq->private;
2222 struct sock *sk = v;
2225 if (v == SEQ_START_TOKEN)
2226 sk = first_unix_socket(&iter->i);
2228 sk = next_unix_socket(&iter->i, sk);
2229 while (sk && (sock_net(sk) != seq_file_net(seq)))
2230 sk = next_unix_socket(&iter->i, sk);
2234 static void unix_seq_stop(struct seq_file *seq, void *v)
2235 __releases(unix_table_lock)
2237 spin_unlock(&unix_table_lock);
2240 static int unix_seq_show(struct seq_file *seq, void *v)
2243 if (v == SEQ_START_TOKEN)
2244 seq_puts(seq, "Num RefCount Protocol Flags Type St "
2248 struct unix_sock *u = unix_sk(s);
2251 seq_printf(seq, "%pK: %08X %08X %08X %04X %02X %5lu",
2253 atomic_read(&s->sk_refcnt),
2255 s->sk_state == TCP_LISTEN ? __SO_ACCEPTCON : 0,
2258 (s->sk_state == TCP_ESTABLISHED ? SS_CONNECTED : SS_UNCONNECTED) :
2259 (s->sk_state == TCP_ESTABLISHED ? SS_CONNECTING : SS_DISCONNECTING),
2267 len = u->addr->len - sizeof(short);
2268 if (!UNIX_ABSTRACT(s))
2274 for ( ; i < len; i++)
2275 seq_putc(seq, u->addr->name->sun_path[i]);
2277 unix_state_unlock(s);
2278 seq_putc(seq, '\n');
2284 static const struct seq_operations unix_seq_ops = {
2285 .start = unix_seq_start,
2286 .next = unix_seq_next,
2287 .stop = unix_seq_stop,
2288 .show = unix_seq_show,
2291 static int unix_seq_open(struct inode *inode, struct file *file)
2293 return seq_open_net(inode, file, &unix_seq_ops,
2294 sizeof(struct unix_iter_state));
2297 static const struct file_operations unix_seq_fops = {
2298 .owner = THIS_MODULE,
2299 .open = unix_seq_open,
2301 .llseek = seq_lseek,
2302 .release = seq_release_net,
2307 static const struct net_proto_family unix_family_ops = {
2309 .create = unix_create,
2310 .owner = THIS_MODULE,
2314 static int __net_init unix_net_init(struct net *net)
2316 int error = -ENOMEM;
2318 net->unx.sysctl_max_dgram_qlen = 10;
2319 if (unix_sysctl_register(net))
2322 #ifdef CONFIG_PROC_FS
2323 if (!proc_net_fops_create(net, "unix", 0, &unix_seq_fops)) {
2324 unix_sysctl_unregister(net);
2333 static void __net_exit unix_net_exit(struct net *net)
2335 unix_sysctl_unregister(net);
2336 proc_net_remove(net, "unix");
2339 static struct pernet_operations unix_net_ops = {
2340 .init = unix_net_init,
2341 .exit = unix_net_exit,
2344 static int __init af_unix_init(void)
2347 struct sk_buff *dummy_skb;
2349 BUILD_BUG_ON(sizeof(struct unix_skb_parms) > sizeof(dummy_skb->cb));
2351 rc = proto_register(&unix_proto, 1);
2353 printk(KERN_CRIT "%s: Cannot create unix_sock SLAB cache!\n",
2358 sock_register(&unix_family_ops);
2359 register_pernet_subsys(&unix_net_ops);
2364 static void __exit af_unix_exit(void)
2366 sock_unregister(PF_UNIX);
2367 proto_unregister(&unix_proto);
2368 unregister_pernet_subsys(&unix_net_ops);
2371 /* Earlier than device_initcall() so that other drivers invoking
2372 request_module() don't end up in a loop when modprobe tries
2373 to use a UNIX socket. But later than subsys_initcall() because
2374 we depend on stuff initialised there */
2375 fs_initcall(af_unix_init);
2376 module_exit(af_unix_exit);
2378 MODULE_LICENSE("GPL");
2379 MODULE_ALIAS_NETPROTO(PF_UNIX);
projects / linux-flexiantxendom0-natty.git / blob