1 // SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause)
2 /* raw.c - Raw sockets for protocol family CAN
3 *
4 * Copyright (c) 2002-2007 Volkswagen Group Electronic Research
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of Volkswagen nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * Alternatively, provided that this notice is retained in full, this
20 * software may be distributed under the terms of the GNU General
21 * Public License ("GPL") version 2, in which case the provisions of the
22 * GPL apply INSTEAD OF those given above.
23 *
24 * The provided data structures and external interfaces from this code
25 * are not restricted to be used by modules with a GPL compatible license.
26 *
27 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
28 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
29 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
30 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
31 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
32 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
33 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
34 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
35 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
36 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
37 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
38 * DAMAGE.
39 *
40 */
41
42 #include <linux/module.h>
43 #include <linux/init.h>
44 #include <linux/uio.h>
45 #include <linux/net.h>
46 #include <linux/slab.h>
47 #include <linux/netdevice.h>
48 #include <linux/socket.h>
49 #include <linux/if_arp.h>
50 #include <linux/skbuff.h>
51 #include <linux/can.h>
52 #include <linux/can/core.h>
53 #include <linux/can/dev.h> /* for can_is_canxl_dev_mtu() */
54 #include <linux/can/skb.h>
55 #include <linux/can/raw.h>
56 #include <net/sock.h>
57 #include <net/net_namespace.h>
58
59 MODULE_DESCRIPTION("PF_CAN raw protocol");
60 MODULE_LICENSE("Dual BSD/GPL");
61 MODULE_AUTHOR("Urs Thuermann <urs.thuermann@volkswagen.de>");
62 MODULE_ALIAS("can-proto-1");
63
64 #define RAW_MIN_NAMELEN CAN_REQUIRED_SIZE(struct sockaddr_can, can_ifindex)
65
66 #define MASK_ALL 0
67
68 /* A raw socket has a list of can_filters attached to it, each receiving
69 * the CAN frames matching that filter. If the filter list is empty,
70 * no CAN frames will be received by the socket. The default after
71 * opening the socket, is to have one filter which receives all frames.
72 * The filter list is allocated dynamically with the exception of the
73 * list containing only one item. This common case is optimized by
74 * storing the single filter in dfilter, to avoid using dynamic memory.
75 */
76
77 struct uniqframe {
78 int skbcnt;
79 const struct sk_buff *skb;
80 unsigned int join_rx_count;
81 };
82
83 struct raw_sock {
84 struct sock sk;
85 int bound;
86 int ifindex;
87 struct list_head notifier;
88 int loopback;
89 int recv_own_msgs;
90 int fd_frames;
91 int xl_frames;
92 int join_filters;
93 int count; /* number of active filters */
94 struct can_filter dfilter; /* default/single filter */
95 struct can_filter *filter; /* pointer to filter(s) */
96 can_err_mask_t err_mask;
97 struct uniqframe __percpu *uniq;
98 };
99
100 static LIST_HEAD(raw_notifier_list);
101 static DEFINE_SPINLOCK(raw_notifier_lock);
102 static struct raw_sock *raw_busy_notifier;
103
104 /* Return pointer to store the extra msg flags for raw_recvmsg().
105 * We use the space of one unsigned int beyond the 'struct sockaddr_can'
106 * in skb->cb.
107 */
raw_flags(struct sk_buff * skb)108 static inline unsigned int *raw_flags(struct sk_buff *skb)
109 {
110 sock_skb_cb_check_size(sizeof(struct sockaddr_can) +
111 sizeof(unsigned int));
112
113 /* return pointer after struct sockaddr_can */
114 return (unsigned int *)(&((struct sockaddr_can *)skb->cb)[1]);
115 }
116
raw_sk(const struct sock * sk)117 static inline struct raw_sock *raw_sk(const struct sock *sk)
118 {
119 return (struct raw_sock *)sk;
120 }
121
raw_rcv(struct sk_buff * oskb,void * data)122 static void raw_rcv(struct sk_buff *oskb, void *data)
123 {
124 struct sock *sk = (struct sock *)data;
125 struct raw_sock *ro = raw_sk(sk);
126 struct sockaddr_can *addr;
127 struct sk_buff *skb;
128 unsigned int *pflags;
129
130 /* check the received tx sock reference */
131 if (!ro->recv_own_msgs && oskb->sk == sk)
132 return;
133
134 /* make sure to not pass oversized frames to the socket */
135 if ((can_is_canfd_skb(oskb) && !ro->fd_frames && !ro->xl_frames) ||
136 (can_is_canxl_skb(oskb) && !ro->xl_frames))
137 return;
138
139 /* eliminate multiple filter matches for the same skb */
140 if (this_cpu_ptr(ro->uniq)->skb == oskb &&
141 this_cpu_ptr(ro->uniq)->skbcnt == can_skb_prv(oskb)->skbcnt) {
142 if (!ro->join_filters)
143 return;
144
145 this_cpu_inc(ro->uniq->join_rx_count);
146 /* drop frame until all enabled filters matched */
147 if (this_cpu_ptr(ro->uniq)->join_rx_count < ro->count)
148 return;
149 } else {
150 this_cpu_ptr(ro->uniq)->skb = oskb;
151 this_cpu_ptr(ro->uniq)->skbcnt = can_skb_prv(oskb)->skbcnt;
152 this_cpu_ptr(ro->uniq)->join_rx_count = 1;
153 /* drop first frame to check all enabled filters? */
154 if (ro->join_filters && ro->count > 1)
155 return;
156 }
157
158 /* clone the given skb to be able to enqueue it into the rcv queue */
159 skb = skb_clone(oskb, GFP_ATOMIC);
160 if (!skb)
161 return;
162
163 /* Put the datagram to the queue so that raw_recvmsg() can get
164 * it from there. We need to pass the interface index to
165 * raw_recvmsg(). We pass a whole struct sockaddr_can in
166 * skb->cb containing the interface index.
167 */
168
169 sock_skb_cb_check_size(sizeof(struct sockaddr_can));
170 addr = (struct sockaddr_can *)skb->cb;
171 memset(addr, 0, sizeof(*addr));
172 addr->can_family = AF_CAN;
173 addr->can_ifindex = skb->dev->ifindex;
174
175 /* add CAN specific message flags for raw_recvmsg() */
176 pflags = raw_flags(skb);
177 *pflags = 0;
178 if (oskb->sk)
179 *pflags |= MSG_DONTROUTE;
180 if (oskb->sk == sk)
181 *pflags |= MSG_CONFIRM;
182
183 if (sock_queue_rcv_skb(sk, skb) < 0)
184 kfree_skb(skb);
185 }
186
raw_enable_filters(struct net * net,struct net_device * dev,struct sock * sk,struct can_filter * filter,int count)187 static int raw_enable_filters(struct net *net, struct net_device *dev,
188 struct sock *sk, struct can_filter *filter,
189 int count)
190 {
191 int err = 0;
192 int i;
193
194 for (i = 0; i < count; i++) {
195 err = can_rx_register(net, dev, filter[i].can_id,
196 filter[i].can_mask,
197 raw_rcv, sk, "raw", sk);
198 if (err) {
199 /* clean up successfully registered filters */
200 while (--i >= 0)
201 can_rx_unregister(net, dev, filter[i].can_id,
202 filter[i].can_mask,
203 raw_rcv, sk);
204 break;
205 }
206 }
207
208 return err;
209 }
210
raw_enable_errfilter(struct net * net,struct net_device * dev,struct sock * sk,can_err_mask_t err_mask)211 static int raw_enable_errfilter(struct net *net, struct net_device *dev,
212 struct sock *sk, can_err_mask_t err_mask)
213 {
214 int err = 0;
215
216 if (err_mask)
217 err = can_rx_register(net, dev, 0, err_mask | CAN_ERR_FLAG,
218 raw_rcv, sk, "raw", sk);
219
220 return err;
221 }
222
raw_disable_filters(struct net * net,struct net_device * dev,struct sock * sk,struct can_filter * filter,int count)223 static void raw_disable_filters(struct net *net, struct net_device *dev,
224 struct sock *sk, struct can_filter *filter,
225 int count)
226 {
227 int i;
228
229 for (i = 0; i < count; i++)
230 can_rx_unregister(net, dev, filter[i].can_id,
231 filter[i].can_mask, raw_rcv, sk);
232 }
233
raw_disable_errfilter(struct net * net,struct net_device * dev,struct sock * sk,can_err_mask_t err_mask)234 static inline void raw_disable_errfilter(struct net *net,
235 struct net_device *dev,
236 struct sock *sk,
237 can_err_mask_t err_mask)
238
239 {
240 if (err_mask)
241 can_rx_unregister(net, dev, 0, err_mask | CAN_ERR_FLAG,
242 raw_rcv, sk);
243 }
244
raw_disable_allfilters(struct net * net,struct net_device * dev,struct sock * sk)245 static inline void raw_disable_allfilters(struct net *net,
246 struct net_device *dev,
247 struct sock *sk)
248 {
249 struct raw_sock *ro = raw_sk(sk);
250
251 raw_disable_filters(net, dev, sk, ro->filter, ro->count);
252 raw_disable_errfilter(net, dev, sk, ro->err_mask);
253 }
254
raw_enable_allfilters(struct net * net,struct net_device * dev,struct sock * sk)255 static int raw_enable_allfilters(struct net *net, struct net_device *dev,
256 struct sock *sk)
257 {
258 struct raw_sock *ro = raw_sk(sk);
259 int err;
260
261 err = raw_enable_filters(net, dev, sk, ro->filter, ro->count);
262 if (!err) {
263 err = raw_enable_errfilter(net, dev, sk, ro->err_mask);
264 if (err)
265 raw_disable_filters(net, dev, sk, ro->filter,
266 ro->count);
267 }
268
269 return err;
270 }
271
raw_notify(struct raw_sock * ro,unsigned long msg,struct net_device * dev)272 static void raw_notify(struct raw_sock *ro, unsigned long msg,
273 struct net_device *dev)
274 {
275 struct sock *sk = &ro->sk;
276
277 if (!net_eq(dev_net(dev), sock_net(sk)))
278 return;
279
280 if (ro->ifindex != dev->ifindex)
281 return;
282
283 switch (msg) {
284 case NETDEV_UNREGISTER:
285 lock_sock(sk);
286 /* remove current filters & unregister */
287 if (ro->bound)
288 raw_disable_allfilters(dev_net(dev), dev, sk);
289
290 if (ro->count > 1)
291 kfree(ro->filter);
292
293 ro->ifindex = 0;
294 ro->bound = 0;
295 ro->count = 0;
296 release_sock(sk);
297
298 sk->sk_err = ENODEV;
299 if (!sock_flag(sk, SOCK_DEAD))
300 sk_error_report(sk);
301 break;
302
303 case NETDEV_DOWN:
304 sk->sk_err = ENETDOWN;
305 if (!sock_flag(sk, SOCK_DEAD))
306 sk_error_report(sk);
307 break;
308 }
309 }
310
raw_notifier(struct notifier_block * nb,unsigned long msg,void * ptr)311 static int raw_notifier(struct notifier_block *nb, unsigned long msg,
312 void *ptr)
313 {
314 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
315
316 if (dev->type != ARPHRD_CAN)
317 return NOTIFY_DONE;
318 if (msg != NETDEV_UNREGISTER && msg != NETDEV_DOWN)
319 return NOTIFY_DONE;
320 if (unlikely(raw_busy_notifier)) /* Check for reentrant bug. */
321 return NOTIFY_DONE;
322
323 spin_lock(&raw_notifier_lock);
324 list_for_each_entry(raw_busy_notifier, &raw_notifier_list, notifier) {
325 spin_unlock(&raw_notifier_lock);
326 raw_notify(raw_busy_notifier, msg, dev);
327 spin_lock(&raw_notifier_lock);
328 }
329 raw_busy_notifier = NULL;
330 spin_unlock(&raw_notifier_lock);
331 return NOTIFY_DONE;
332 }
333
raw_init(struct sock * sk)334 static int raw_init(struct sock *sk)
335 {
336 struct raw_sock *ro = raw_sk(sk);
337
338 ro->bound = 0;
339 ro->ifindex = 0;
340
341 /* set default filter to single entry dfilter */
342 ro->dfilter.can_id = 0;
343 ro->dfilter.can_mask = MASK_ALL;
344 ro->filter = &ro->dfilter;
345 ro->count = 1;
346
347 /* set default loopback behaviour */
348 ro->loopback = 1;
349 ro->recv_own_msgs = 0;
350 ro->fd_frames = 0;
351 ro->xl_frames = 0;
352 ro->join_filters = 0;
353
354 /* alloc_percpu provides zero'ed memory */
355 ro->uniq = alloc_percpu(struct uniqframe);
356 if (unlikely(!ro->uniq))
357 return -ENOMEM;
358
359 /* set notifier */
360 spin_lock(&raw_notifier_lock);
361 list_add_tail(&ro->notifier, &raw_notifier_list);
362 spin_unlock(&raw_notifier_lock);
363
364 return 0;
365 }
366
raw_release(struct socket * sock)367 static int raw_release(struct socket *sock)
368 {
369 struct sock *sk = sock->sk;
370 struct raw_sock *ro;
371
372 if (!sk)
373 return 0;
374
375 ro = raw_sk(sk);
376
377 spin_lock(&raw_notifier_lock);
378 while (raw_busy_notifier == ro) {
379 spin_unlock(&raw_notifier_lock);
380 schedule_timeout_uninterruptible(1);
381 spin_lock(&raw_notifier_lock);
382 }
383 list_del(&ro->notifier);
384 spin_unlock(&raw_notifier_lock);
385
386 lock_sock(sk);
387
388 /* remove current filters & unregister */
389 if (ro->bound) {
390 if (ro->ifindex) {
391 struct net_device *dev;
392
393 dev = dev_get_by_index(sock_net(sk), ro->ifindex);
394 if (dev) {
395 raw_disable_allfilters(dev_net(dev), dev, sk);
396 dev_put(dev);
397 }
398 } else {
399 raw_disable_allfilters(sock_net(sk), NULL, sk);
400 }
401 }
402
403 if (ro->count > 1)
404 kfree(ro->filter);
405
406 ro->ifindex = 0;
407 ro->bound = 0;
408 ro->count = 0;
409 free_percpu(ro->uniq);
410
411 sock_orphan(sk);
412 sock->sk = NULL;
413
414 release_sock(sk);
415 sock_put(sk);
416
417 return 0;
418 }
419
raw_bind(struct socket * sock,struct sockaddr * uaddr,int len)420 static int raw_bind(struct socket *sock, struct sockaddr *uaddr, int len)
421 {
422 struct sockaddr_can *addr = (struct sockaddr_can *)uaddr;
423 struct sock *sk = sock->sk;
424 struct raw_sock *ro = raw_sk(sk);
425 int ifindex;
426 int err = 0;
427 int notify_enetdown = 0;
428
429 if (len < RAW_MIN_NAMELEN)
430 return -EINVAL;
431 if (addr->can_family != AF_CAN)
432 return -EINVAL;
433
434 lock_sock(sk);
435
436 if (ro->bound && addr->can_ifindex == ro->ifindex)
437 goto out;
438
439 if (addr->can_ifindex) {
440 struct net_device *dev;
441
442 dev = dev_get_by_index(sock_net(sk), addr->can_ifindex);
443 if (!dev) {
444 err = -ENODEV;
445 goto out;
446 }
447 if (dev->type != ARPHRD_CAN) {
448 dev_put(dev);
449 err = -ENODEV;
450 goto out;
451 }
452 if (!(dev->flags & IFF_UP))
453 notify_enetdown = 1;
454
455 ifindex = dev->ifindex;
456
457 /* filters set by default/setsockopt */
458 err = raw_enable_allfilters(sock_net(sk), dev, sk);
459 dev_put(dev);
460 } else {
461 ifindex = 0;
462
463 /* filters set by default/setsockopt */
464 err = raw_enable_allfilters(sock_net(sk), NULL, sk);
465 }
466
467 if (!err) {
468 if (ro->bound) {
469 /* unregister old filters */
470 if (ro->ifindex) {
471 struct net_device *dev;
472
473 dev = dev_get_by_index(sock_net(sk),
474 ro->ifindex);
475 if (dev) {
476 raw_disable_allfilters(dev_net(dev),
477 dev, sk);
478 dev_put(dev);
479 }
480 } else {
481 raw_disable_allfilters(sock_net(sk), NULL, sk);
482 }
483 }
484 ro->ifindex = ifindex;
485 ro->bound = 1;
486 }
487
488 out:
489 release_sock(sk);
490
491 if (notify_enetdown) {
492 sk->sk_err = ENETDOWN;
493 if (!sock_flag(sk, SOCK_DEAD))
494 sk_error_report(sk);
495 }
496
497 return err;
498 }
499
raw_getname(struct socket * sock,struct sockaddr * uaddr,int peer)500 static int raw_getname(struct socket *sock, struct sockaddr *uaddr,
501 int peer)
502 {
503 struct sockaddr_can *addr = (struct sockaddr_can *)uaddr;
504 struct sock *sk = sock->sk;
505 struct raw_sock *ro = raw_sk(sk);
506
507 if (peer)
508 return -EOPNOTSUPP;
509
510 memset(addr, 0, RAW_MIN_NAMELEN);
511 addr->can_family = AF_CAN;
512 addr->can_ifindex = ro->ifindex;
513
514 return RAW_MIN_NAMELEN;
515 }
516
raw_setsockopt(struct socket * sock,int level,int optname,sockptr_t optval,unsigned int optlen)517 static int raw_setsockopt(struct socket *sock, int level, int optname,
518 sockptr_t optval, unsigned int optlen)
519 {
520 struct sock *sk = sock->sk;
521 struct raw_sock *ro = raw_sk(sk);
522 struct can_filter *filter = NULL; /* dyn. alloc'ed filters */
523 struct can_filter sfilter; /* single filter */
524 struct net_device *dev = NULL;
525 can_err_mask_t err_mask = 0;
526 int count = 0;
527 int err = 0;
528
529 if (level != SOL_CAN_RAW)
530 return -EINVAL;
531
532 switch (optname) {
533 case CAN_RAW_FILTER:
534 if (optlen % sizeof(struct can_filter) != 0)
535 return -EINVAL;
536
537 if (optlen > CAN_RAW_FILTER_MAX * sizeof(struct can_filter))
538 return -EINVAL;
539
540 count = optlen / sizeof(struct can_filter);
541
542 if (count > 1) {
543 /* filter does not fit into dfilter => alloc space */
544 filter = memdup_sockptr(optval, optlen);
545 if (IS_ERR(filter))
546 return PTR_ERR(filter);
547 } else if (count == 1) {
548 if (copy_from_sockptr(&sfilter, optval, sizeof(sfilter)))
549 return -EFAULT;
550 }
551
552 rtnl_lock();
553 lock_sock(sk);
554
555 if (ro->bound && ro->ifindex) {
556 dev = dev_get_by_index(sock_net(sk), ro->ifindex);
557 if (!dev) {
558 if (count > 1)
559 kfree(filter);
560 err = -ENODEV;
561 goto out_fil;
562 }
563 }
564
565 if (ro->bound) {
566 /* (try to) register the new filters */
567 if (count == 1)
568 err = raw_enable_filters(sock_net(sk), dev, sk,
569 &sfilter, 1);
570 else
571 err = raw_enable_filters(sock_net(sk), dev, sk,
572 filter, count);
573 if (err) {
574 if (count > 1)
575 kfree(filter);
576 goto out_fil;
577 }
578
579 /* remove old filter registrations */
580 raw_disable_filters(sock_net(sk), dev, sk, ro->filter,
581 ro->count);
582 }
583
584 /* remove old filter space */
585 if (ro->count > 1)
586 kfree(ro->filter);
587
588 /* link new filters to the socket */
589 if (count == 1) {
590 /* copy filter data for single filter */
591 ro->dfilter = sfilter;
592 filter = &ro->dfilter;
593 }
594 ro->filter = filter;
595 ro->count = count;
596
597 out_fil:
598 dev_put(dev);
599 release_sock(sk);
600 rtnl_unlock();
601
602 break;
603
604 case CAN_RAW_ERR_FILTER:
605 if (optlen != sizeof(err_mask))
606 return -EINVAL;
607
608 if (copy_from_sockptr(&err_mask, optval, optlen))
609 return -EFAULT;
610
611 err_mask &= CAN_ERR_MASK;
612
613 rtnl_lock();
614 lock_sock(sk);
615
616 if (ro->bound && ro->ifindex) {
617 dev = dev_get_by_index(sock_net(sk), ro->ifindex);
618 if (!dev) {
619 err = -ENODEV;
620 goto out_err;
621 }
622 }
623
624 /* remove current error mask */
625 if (ro->bound) {
626 /* (try to) register the new err_mask */
627 err = raw_enable_errfilter(sock_net(sk), dev, sk,
628 err_mask);
629
630 if (err)
631 goto out_err;
632
633 /* remove old err_mask registration */
634 raw_disable_errfilter(sock_net(sk), dev, sk,
635 ro->err_mask);
636 }
637
638 /* link new err_mask to the socket */
639 ro->err_mask = err_mask;
640
641 out_err:
642 dev_put(dev);
643 release_sock(sk);
644 rtnl_unlock();
645
646 break;
647
648 case CAN_RAW_LOOPBACK:
649 if (optlen != sizeof(ro->loopback))
650 return -EINVAL;
651
652 if (copy_from_sockptr(&ro->loopback, optval, optlen))
653 return -EFAULT;
654
655 break;
656
657 case CAN_RAW_RECV_OWN_MSGS:
658 if (optlen != sizeof(ro->recv_own_msgs))
659 return -EINVAL;
660
661 if (copy_from_sockptr(&ro->recv_own_msgs, optval, optlen))
662 return -EFAULT;
663
664 break;
665
666 case CAN_RAW_FD_FRAMES:
667 if (optlen != sizeof(ro->fd_frames))
668 return -EINVAL;
669
670 if (copy_from_sockptr(&ro->fd_frames, optval, optlen))
671 return -EFAULT;
672
673 break;
674
675 case CAN_RAW_XL_FRAMES:
676 if (optlen != sizeof(ro->xl_frames))
677 return -EINVAL;
678
679 if (copy_from_sockptr(&ro->xl_frames, optval, optlen))
680 return -EFAULT;
681
682 break;
683
684 case CAN_RAW_JOIN_FILTERS:
685 if (optlen != sizeof(ro->join_filters))
686 return -EINVAL;
687
688 if (copy_from_sockptr(&ro->join_filters, optval, optlen))
689 return -EFAULT;
690
691 break;
692
693 default:
694 return -ENOPROTOOPT;
695 }
696 return err;
697 }
698
raw_getsockopt(struct socket * sock,int level,int optname,char __user * optval,int __user * optlen)699 static int raw_getsockopt(struct socket *sock, int level, int optname,
700 char __user *optval, int __user *optlen)
701 {
702 struct sock *sk = sock->sk;
703 struct raw_sock *ro = raw_sk(sk);
704 int len;
705 void *val;
706 int err = 0;
707
708 if (level != SOL_CAN_RAW)
709 return -EINVAL;
710 if (get_user(len, optlen))
711 return -EFAULT;
712 if (len < 0)
713 return -EINVAL;
714
715 switch (optname) {
716 case CAN_RAW_FILTER:
717 lock_sock(sk);
718 if (ro->count > 0) {
719 int fsize = ro->count * sizeof(struct can_filter);
720
721 /* user space buffer to small for filter list? */
722 if (len < fsize) {
723 /* return -ERANGE and needed space in optlen */
724 err = -ERANGE;
725 if (put_user(fsize, optlen))
726 err = -EFAULT;
727 } else {
728 if (len > fsize)
729 len = fsize;
730 if (copy_to_user(optval, ro->filter, len))
731 err = -EFAULT;
732 }
733 } else {
734 len = 0;
735 }
736 release_sock(sk);
737
738 if (!err)
739 err = put_user(len, optlen);
740 return err;
741
742 case CAN_RAW_ERR_FILTER:
743 if (len > sizeof(can_err_mask_t))
744 len = sizeof(can_err_mask_t);
745 val = &ro->err_mask;
746 break;
747
748 case CAN_RAW_LOOPBACK:
749 if (len > sizeof(int))
750 len = sizeof(int);
751 val = &ro->loopback;
752 break;
753
754 case CAN_RAW_RECV_OWN_MSGS:
755 if (len > sizeof(int))
756 len = sizeof(int);
757 val = &ro->recv_own_msgs;
758 break;
759
760 case CAN_RAW_FD_FRAMES:
761 if (len > sizeof(int))
762 len = sizeof(int);
763 val = &ro->fd_frames;
764 break;
765
766 case CAN_RAW_XL_FRAMES:
767 if (len > sizeof(int))
768 len = sizeof(int);
769 val = &ro->xl_frames;
770 break;
771
772 case CAN_RAW_JOIN_FILTERS:
773 if (len > sizeof(int))
774 len = sizeof(int);
775 val = &ro->join_filters;
776 break;
777
778 default:
779 return -ENOPROTOOPT;
780 }
781
782 if (put_user(len, optlen))
783 return -EFAULT;
784 if (copy_to_user(optval, val, len))
785 return -EFAULT;
786 return 0;
787 }
788
raw_sendmsg(struct socket * sock,struct msghdr * msg,size_t size)789 static int raw_sendmsg(struct socket *sock, struct msghdr *msg, size_t size)
790 {
791 struct sock *sk = sock->sk;
792 struct raw_sock *ro = raw_sk(sk);
793 struct sockcm_cookie sockc;
794 struct sk_buff *skb;
795 struct net_device *dev;
796 int ifindex;
797 int err = -EINVAL;
798
799 /* check for valid CAN frame sizes */
800 if (size < CANXL_HDR_SIZE + CANXL_MIN_DLEN || size > CANXL_MTU)
801 return -EINVAL;
802
803 if (msg->msg_name) {
804 DECLARE_SOCKADDR(struct sockaddr_can *, addr, msg->msg_name);
805
806 if (msg->msg_namelen < RAW_MIN_NAMELEN)
807 return -EINVAL;
808
809 if (addr->can_family != AF_CAN)
810 return -EINVAL;
811
812 ifindex = addr->can_ifindex;
813 } else {
814 ifindex = ro->ifindex;
815 }
816
817 dev = dev_get_by_index(sock_net(sk), ifindex);
818 if (!dev)
819 return -ENXIO;
820
821 skb = sock_alloc_send_skb(sk, size + sizeof(struct can_skb_priv),
822 msg->msg_flags & MSG_DONTWAIT, &err);
823 if (!skb)
824 goto put_dev;
825
826 can_skb_reserve(skb);
827 can_skb_prv(skb)->ifindex = dev->ifindex;
828 can_skb_prv(skb)->skbcnt = 0;
829
830 /* fill the skb before testing for valid CAN frames */
831 err = memcpy_from_msg(skb_put(skb, size), msg, size);
832 if (err < 0)
833 goto free_skb;
834
835 err = -EINVAL;
836 if (ro->xl_frames && can_is_canxl_dev_mtu(dev->mtu)) {
837 /* CAN XL, CAN FD and Classical CAN */
838 if (!can_is_canxl_skb(skb) && !can_is_canfd_skb(skb) &&
839 !can_is_can_skb(skb))
840 goto free_skb;
841 } else if (ro->fd_frames && dev->mtu == CANFD_MTU) {
842 /* CAN FD and Classical CAN */
843 if (!can_is_canfd_skb(skb) && !can_is_can_skb(skb))
844 goto free_skb;
845 } else {
846 /* Classical CAN */
847 if (!can_is_can_skb(skb))
848 goto free_skb;
849 }
850
851 sockcm_init(&sockc, sk);
852 if (msg->msg_controllen) {
853 err = sock_cmsg_send(sk, msg, &sockc);
854 if (unlikely(err))
855 goto free_skb;
856 }
857
858 skb->dev = dev;
859 skb->priority = sk->sk_priority;
860 skb->tstamp = sockc.transmit_time;
861
862 skb_setup_tx_timestamp(skb, sockc.tsflags);
863
864 err = can_send(skb, ro->loopback);
865
866 dev_put(dev);
867
868 if (err)
869 goto send_failed;
870
871 return size;
872
873 free_skb:
874 kfree_skb(skb);
875 put_dev:
876 dev_put(dev);
877 send_failed:
878 return err;
879 }
880
raw_recvmsg(struct socket * sock,struct msghdr * msg,size_t size,int flags)881 static int raw_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,
882 int flags)
883 {
884 struct sock *sk = sock->sk;
885 struct sk_buff *skb;
886 int err = 0;
887
888 if (flags & MSG_ERRQUEUE)
889 return sock_recv_errqueue(sk, msg, size,
890 SOL_CAN_RAW, SCM_CAN_RAW_ERRQUEUE);
891
892 skb = skb_recv_datagram(sk, flags, &err);
893 if (!skb)
894 return err;
895
896 if (size < skb->len)
897 msg->msg_flags |= MSG_TRUNC;
898 else
899 size = skb->len;
900
901 err = memcpy_to_msg(msg, skb->data, size);
902 if (err < 0) {
903 skb_free_datagram(sk, skb);
904 return err;
905 }
906
907 sock_recv_cmsgs(msg, sk, skb);
908
909 if (msg->msg_name) {
910 __sockaddr_check_size(RAW_MIN_NAMELEN);
911 msg->msg_namelen = RAW_MIN_NAMELEN;
912 memcpy(msg->msg_name, skb->cb, msg->msg_namelen);
913 }
914
915 /* assign the flags that have been recorded in raw_rcv() */
916 msg->msg_flags |= *(raw_flags(skb));
917
918 skb_free_datagram(sk, skb);
919
920 return size;
921 }
922
raw_sock_no_ioctlcmd(struct socket * sock,unsigned int cmd,unsigned long arg)923 static int raw_sock_no_ioctlcmd(struct socket *sock, unsigned int cmd,
924 unsigned long arg)
925 {
926 /* no ioctls for socket layer -> hand it down to NIC layer */
927 return -ENOIOCTLCMD;
928 }
929
930 static const struct proto_ops raw_ops = {
931 .family = PF_CAN,
932 .release = raw_release,
933 .bind = raw_bind,
934 .connect = sock_no_connect,
935 .socketpair = sock_no_socketpair,
936 .accept = sock_no_accept,
937 .getname = raw_getname,
938 .poll = datagram_poll,
939 .ioctl = raw_sock_no_ioctlcmd,
940 .gettstamp = sock_gettstamp,
941 .listen = sock_no_listen,
942 .shutdown = sock_no_shutdown,
943 .setsockopt = raw_setsockopt,
944 .getsockopt = raw_getsockopt,
945 .sendmsg = raw_sendmsg,
946 .recvmsg = raw_recvmsg,
947 .mmap = sock_no_mmap,
948 .sendpage = sock_no_sendpage,
949 };
950
951 static struct proto raw_proto __read_mostly = {
952 .name = "CAN_RAW",
953 .owner = THIS_MODULE,
954 .obj_size = sizeof(struct raw_sock),
955 .init = raw_init,
956 };
957
958 static const struct can_proto raw_can_proto = {
959 .type = SOCK_RAW,
960 .protocol = CAN_RAW,
961 .ops = &raw_ops,
962 .prot = &raw_proto,
963 };
964
965 static struct notifier_block canraw_notifier = {
966 .notifier_call = raw_notifier
967 };
968
raw_module_init(void)969 static __init int raw_module_init(void)
970 {
971 int err;
972
973 pr_info("can: raw protocol\n");
974
975 err = register_netdevice_notifier(&canraw_notifier);
976 if (err)
977 return err;
978
979 err = can_proto_register(&raw_can_proto);
980 if (err < 0) {
981 pr_err("can: registration of raw protocol failed\n");
982 goto register_proto_failed;
983 }
984
985 return 0;
986
987 register_proto_failed:
988 unregister_netdevice_notifier(&canraw_notifier);
989 return err;
990 }
991
raw_module_exit(void)992 static __exit void raw_module_exit(void)
993 {
994 can_proto_unregister(&raw_can_proto);
995 unregister_netdevice_notifier(&canraw_notifier);
996 }
997
998 module_init(raw_module_init);
999 module_exit(raw_module_exit);
1000
