socket.c 33 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405
  1. // SPDX-License-Identifier: GPL-2.0
  2. // Copyright (c) 2010-2011 EIA Electronics,
  3. // Pieter Beyens <pieter.beyens@eia.be>
  4. // Copyright (c) 2010-2011 EIA Electronics,
  5. // Kurt Van Dijck <kurt.van.dijck@eia.be>
  6. // Copyright (c) 2018 Protonic,
  7. // Robin van der Gracht <robin@protonic.nl>
  8. // Copyright (c) 2017-2019 Pengutronix,
  9. // Marc Kleine-Budde <kernel@pengutronix.de>
  10. // Copyright (c) 2017-2019 Pengutronix,
  11. // Oleksij Rempel <kernel@pengutronix.de>
  12. #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
  13. #include <linux/can/can-ml.h>
  14. #include <linux/can/core.h>
  15. #include <linux/can/skb.h>
  16. #include <linux/errqueue.h>
  17. #include <linux/if_arp.h>
  18. #include <net/can.h>
  19. #include "j1939-priv.h"
  20. #define J1939_MIN_NAMELEN CAN_REQUIRED_SIZE(struct sockaddr_can, can_addr.j1939)
  21. /* conversion function between struct sock::sk_priority from linux and
  22. * j1939 priority field
  23. */
  24. static inline priority_t j1939_prio(u32 sk_priority)
  25. {
  26. sk_priority = min(sk_priority, 7U);
  27. return 7 - sk_priority;
  28. }
  29. static inline u32 j1939_to_sk_priority(priority_t prio)
  30. {
  31. return 7 - prio;
  32. }
  33. /* function to see if pgn is to be evaluated */
  34. static inline bool j1939_pgn_is_valid(pgn_t pgn)
  35. {
  36. return pgn <= J1939_PGN_MAX;
  37. }
  38. /* test function to avoid non-zero DA placeholder for pdu1 pgn's */
  39. static inline bool j1939_pgn_is_clean_pdu(pgn_t pgn)
  40. {
  41. if (j1939_pgn_is_pdu1(pgn))
  42. return !(pgn & 0xff);
  43. else
  44. return true;
  45. }
  46. static inline void j1939_sock_pending_add(struct sock *sk)
  47. {
  48. struct j1939_sock *jsk = j1939_sk(sk);
  49. atomic_inc(&jsk->skb_pending);
  50. }
  51. static int j1939_sock_pending_get(struct sock *sk)
  52. {
  53. struct j1939_sock *jsk = j1939_sk(sk);
  54. return atomic_read(&jsk->skb_pending);
  55. }
  56. void j1939_sock_pending_del(struct sock *sk)
  57. {
  58. struct j1939_sock *jsk = j1939_sk(sk);
  59. /* atomic_dec_return returns the new value */
  60. if (!atomic_dec_return(&jsk->skb_pending))
  61. wake_up(&jsk->waitq); /* no pending SKB's */
  62. }
  63. static void j1939_jsk_add(struct j1939_priv *priv, struct j1939_sock *jsk)
  64. {
  65. jsk->state |= J1939_SOCK_BOUND;
  66. j1939_priv_get(priv);
  67. write_lock_bh(&priv->j1939_socks_lock);
  68. list_add_tail(&jsk->list, &priv->j1939_socks);
  69. write_unlock_bh(&priv->j1939_socks_lock);
  70. }
  71. static void j1939_jsk_del(struct j1939_priv *priv, struct j1939_sock *jsk)
  72. {
  73. write_lock_bh(&priv->j1939_socks_lock);
  74. list_del_init(&jsk->list);
  75. write_unlock_bh(&priv->j1939_socks_lock);
  76. j1939_priv_put(priv);
  77. jsk->state &= ~J1939_SOCK_BOUND;
  78. }
  79. static bool j1939_sk_queue_session(struct j1939_session *session)
  80. {
  81. struct j1939_sock *jsk = j1939_sk(session->sk);
  82. bool empty;
  83. spin_lock_bh(&jsk->sk_session_queue_lock);
  84. empty = list_empty(&jsk->sk_session_queue);
  85. j1939_session_get(session);
  86. list_add_tail(&session->sk_session_queue_entry, &jsk->sk_session_queue);
  87. spin_unlock_bh(&jsk->sk_session_queue_lock);
  88. j1939_sock_pending_add(&jsk->sk);
  89. return empty;
  90. }
  91. static struct
  92. j1939_session *j1939_sk_get_incomplete_session(struct j1939_sock *jsk)
  93. {
  94. struct j1939_session *session = NULL;
  95. spin_lock_bh(&jsk->sk_session_queue_lock);
  96. if (!list_empty(&jsk->sk_session_queue)) {
  97. session = list_last_entry(&jsk->sk_session_queue,
  98. struct j1939_session,
  99. sk_session_queue_entry);
  100. if (session->total_queued_size == session->total_message_size)
  101. session = NULL;
  102. else
  103. j1939_session_get(session);
  104. }
  105. spin_unlock_bh(&jsk->sk_session_queue_lock);
  106. return session;
  107. }
  108. static void j1939_sk_queue_drop_all(struct j1939_priv *priv,
  109. struct j1939_sock *jsk, int err)
  110. {
  111. struct j1939_session *session, *tmp;
  112. netdev_dbg(priv->ndev, "%s: err: %i\n", __func__, err);
  113. spin_lock_bh(&jsk->sk_session_queue_lock);
  114. list_for_each_entry_safe(session, tmp, &jsk->sk_session_queue,
  115. sk_session_queue_entry) {
  116. list_del_init(&session->sk_session_queue_entry);
  117. session->err = err;
  118. j1939_session_put(session);
  119. }
  120. spin_unlock_bh(&jsk->sk_session_queue_lock);
  121. }
  122. static void j1939_sk_queue_activate_next_locked(struct j1939_session *session)
  123. {
  124. struct j1939_sock *jsk;
  125. struct j1939_session *first;
  126. int err;
  127. /* RX-Session don't have a socket (yet) */
  128. if (!session->sk)
  129. return;
  130. jsk = j1939_sk(session->sk);
  131. lockdep_assert_held(&jsk->sk_session_queue_lock);
  132. err = session->err;
  133. first = list_first_entry_or_null(&jsk->sk_session_queue,
  134. struct j1939_session,
  135. sk_session_queue_entry);
  136. /* Some else has already activated the next session */
  137. if (first != session)
  138. return;
  139. activate_next:
  140. list_del_init(&first->sk_session_queue_entry);
  141. j1939_session_put(first);
  142. first = list_first_entry_or_null(&jsk->sk_session_queue,
  143. struct j1939_session,
  144. sk_session_queue_entry);
  145. if (!first)
  146. return;
  147. if (j1939_session_activate(first)) {
  148. netdev_warn_once(first->priv->ndev,
  149. "%s: 0x%p: Identical session is already activated.\n",
  150. __func__, first);
  151. first->err = -EBUSY;
  152. goto activate_next;
  153. } else {
  154. /* Give receiver some time (arbitrary chosen) to recover */
  155. int time_ms = 0;
  156. if (err)
  157. time_ms = 10 + get_random_u32_below(16);
  158. j1939_tp_schedule_txtimer(first, time_ms);
  159. }
  160. }
  161. void j1939_sk_queue_activate_next(struct j1939_session *session)
  162. {
  163. struct j1939_sock *jsk;
  164. if (!session->sk)
  165. return;
  166. jsk = j1939_sk(session->sk);
  167. spin_lock_bh(&jsk->sk_session_queue_lock);
  168. j1939_sk_queue_activate_next_locked(session);
  169. spin_unlock_bh(&jsk->sk_session_queue_lock);
  170. }
  171. static bool j1939_sk_match_dst(struct j1939_sock *jsk,
  172. const struct j1939_sk_buff_cb *skcb)
  173. {
  174. if ((jsk->state & J1939_SOCK_PROMISC))
  175. return true;
  176. /* Destination address filter */
  177. if (jsk->addr.src_name && skcb->addr.dst_name) {
  178. if (jsk->addr.src_name != skcb->addr.dst_name)
  179. return false;
  180. } else {
  181. /* receive (all sockets) if
  182. * - all packages that match our bind() address
  183. * - all broadcast on a socket if SO_BROADCAST
  184. * is set
  185. */
  186. if (j1939_address_is_unicast(skcb->addr.da)) {
  187. if (jsk->addr.sa != skcb->addr.da)
  188. return false;
  189. } else if (!sock_flag(&jsk->sk, SOCK_BROADCAST)) {
  190. /* receiving broadcast without SO_BROADCAST
  191. * flag is not allowed
  192. */
  193. return false;
  194. }
  195. }
  196. /* Source address filter */
  197. if (jsk->state & J1939_SOCK_CONNECTED) {
  198. /* receive (all sockets) if
  199. * - all packages that match our connect() name or address
  200. */
  201. if (jsk->addr.dst_name && skcb->addr.src_name) {
  202. if (jsk->addr.dst_name != skcb->addr.src_name)
  203. return false;
  204. } else {
  205. if (jsk->addr.da != skcb->addr.sa)
  206. return false;
  207. }
  208. }
  209. /* PGN filter */
  210. if (j1939_pgn_is_valid(jsk->pgn_rx_filter) &&
  211. jsk->pgn_rx_filter != skcb->addr.pgn)
  212. return false;
  213. return true;
  214. }
  215. /* matches skb control buffer (addr) with a j1939 filter */
  216. static bool j1939_sk_match_filter(struct j1939_sock *jsk,
  217. const struct j1939_sk_buff_cb *skcb)
  218. {
  219. const struct j1939_filter *f;
  220. int nfilter;
  221. spin_lock_bh(&jsk->filters_lock);
  222. f = jsk->filters;
  223. nfilter = jsk->nfilters;
  224. if (!nfilter)
  225. /* receive all when no filters are assigned */
  226. goto filter_match_found;
  227. for (; nfilter; ++f, --nfilter) {
  228. if ((skcb->addr.pgn & f->pgn_mask) != f->pgn)
  229. continue;
  230. if ((skcb->addr.sa & f->addr_mask) != f->addr)
  231. continue;
  232. if ((skcb->addr.src_name & f->name_mask) != f->name)
  233. continue;
  234. goto filter_match_found;
  235. }
  236. spin_unlock_bh(&jsk->filters_lock);
  237. return false;
  238. filter_match_found:
  239. spin_unlock_bh(&jsk->filters_lock);
  240. return true;
  241. }
  242. static bool j1939_sk_recv_match_one(struct j1939_sock *jsk,
  243. const struct j1939_sk_buff_cb *skcb)
  244. {
  245. if (!(jsk->state & J1939_SOCK_BOUND))
  246. return false;
  247. if (!j1939_sk_match_dst(jsk, skcb))
  248. return false;
  249. if (!j1939_sk_match_filter(jsk, skcb))
  250. return false;
  251. return true;
  252. }
  253. static void j1939_sk_recv_one(struct j1939_sock *jsk, struct sk_buff *oskb)
  254. {
  255. const struct j1939_sk_buff_cb *oskcb = j1939_skb_to_cb(oskb);
  256. struct j1939_sk_buff_cb *skcb;
  257. enum skb_drop_reason reason;
  258. struct sk_buff *skb;
  259. if (oskb->sk == &jsk->sk)
  260. return;
  261. if (!j1939_sk_recv_match_one(jsk, oskcb))
  262. return;
  263. skb = skb_clone(oskb, GFP_ATOMIC);
  264. if (!skb) {
  265. pr_warn("skb clone failed\n");
  266. return;
  267. }
  268. can_skb_set_owner(skb, oskb->sk);
  269. skcb = j1939_skb_to_cb(skb);
  270. skcb->msg_flags &= ~(MSG_DONTROUTE);
  271. if (skb->sk)
  272. skcb->msg_flags |= MSG_DONTROUTE;
  273. if (sock_queue_rcv_skb_reason(&jsk->sk, skb, &reason) < 0)
  274. sk_skb_reason_drop(&jsk->sk, skb, reason);
  275. }
  276. bool j1939_sk_recv_match(struct j1939_priv *priv, struct j1939_sk_buff_cb *skcb)
  277. {
  278. struct j1939_sock *jsk;
  279. bool match = false;
  280. read_lock_bh(&priv->j1939_socks_lock);
  281. list_for_each_entry(jsk, &priv->j1939_socks, list) {
  282. match = j1939_sk_recv_match_one(jsk, skcb);
  283. if (match)
  284. break;
  285. }
  286. read_unlock_bh(&priv->j1939_socks_lock);
  287. return match;
  288. }
  289. void j1939_sk_recv(struct j1939_priv *priv, struct sk_buff *skb)
  290. {
  291. struct j1939_sock *jsk;
  292. read_lock_bh(&priv->j1939_socks_lock);
  293. list_for_each_entry(jsk, &priv->j1939_socks, list) {
  294. j1939_sk_recv_one(jsk, skb);
  295. }
  296. read_unlock_bh(&priv->j1939_socks_lock);
  297. }
  298. static void j1939_sk_sock_destruct(struct sock *sk)
  299. {
  300. struct j1939_sock *jsk = j1939_sk(sk);
  301. /* This function will be called by the generic networking code, when
  302. * the socket is ultimately closed (sk->sk_destruct).
  303. *
  304. * The race between
  305. * - processing a received CAN frame
  306. * (can_receive -> j1939_can_recv)
  307. * and accessing j1939_priv
  308. * ... and ...
  309. * - closing a socket
  310. * (j1939_can_rx_unregister -> can_rx_unregister)
  311. * and calling the final j1939_priv_put()
  312. *
  313. * is avoided by calling the final j1939_priv_put() from this
  314. * RCU deferred cleanup call.
  315. */
  316. if (jsk->priv) {
  317. j1939_priv_put(jsk->priv);
  318. jsk->priv = NULL;
  319. }
  320. /* call generic CAN sock destruct */
  321. can_sock_destruct(sk);
  322. }
  323. static int j1939_sk_init(struct sock *sk)
  324. {
  325. struct j1939_sock *jsk = j1939_sk(sk);
  326. /* Ensure that "sk" is first member in "struct j1939_sock", so that we
  327. * can skip it during memset().
  328. */
  329. BUILD_BUG_ON(offsetof(struct j1939_sock, sk) != 0);
  330. memset((void *)jsk + sizeof(jsk->sk), 0x0,
  331. sizeof(*jsk) - sizeof(jsk->sk));
  332. INIT_LIST_HEAD(&jsk->list);
  333. init_waitqueue_head(&jsk->waitq);
  334. jsk->sk.sk_priority = j1939_to_sk_priority(6);
  335. jsk->sk.sk_reuse = 1; /* per default */
  336. jsk->addr.sa = J1939_NO_ADDR;
  337. jsk->addr.da = J1939_NO_ADDR;
  338. jsk->addr.pgn = J1939_NO_PGN;
  339. jsk->pgn_rx_filter = J1939_NO_PGN;
  340. atomic_set(&jsk->skb_pending, 0);
  341. spin_lock_init(&jsk->sk_session_queue_lock);
  342. INIT_LIST_HEAD(&jsk->sk_session_queue);
  343. spin_lock_init(&jsk->filters_lock);
  344. /* j1939_sk_sock_destruct() depends on SOCK_RCU_FREE flag */
  345. sock_set_flag(sk, SOCK_RCU_FREE);
  346. sk->sk_destruct = j1939_sk_sock_destruct;
  347. sk->sk_protocol = CAN_J1939;
  348. return 0;
  349. }
  350. static int j1939_sk_sanity_check(struct sockaddr_can *addr, int len)
  351. {
  352. if (!addr)
  353. return -EDESTADDRREQ;
  354. if (len < J1939_MIN_NAMELEN)
  355. return -EINVAL;
  356. if (addr->can_family != AF_CAN)
  357. return -EINVAL;
  358. if (!addr->can_ifindex)
  359. return -ENODEV;
  360. if (j1939_pgn_is_valid(addr->can_addr.j1939.pgn) &&
  361. !j1939_pgn_is_clean_pdu(addr->can_addr.j1939.pgn))
  362. return -EINVAL;
  363. return 0;
  364. }
  365. static int j1939_sk_bind(struct socket *sock, struct sockaddr_unsized *uaddr, int len)
  366. {
  367. struct sockaddr_can *addr = (struct sockaddr_can *)uaddr;
  368. struct j1939_sock *jsk = j1939_sk(sock->sk);
  369. struct j1939_priv *priv;
  370. struct sock *sk;
  371. struct net *net;
  372. int ret = 0;
  373. ret = j1939_sk_sanity_check(addr, len);
  374. if (ret)
  375. return ret;
  376. lock_sock(sock->sk);
  377. priv = jsk->priv;
  378. sk = sock->sk;
  379. net = sock_net(sk);
  380. /* Already bound to an interface? */
  381. if (jsk->state & J1939_SOCK_BOUND) {
  382. /* A re-bind() to a different interface is not
  383. * supported.
  384. */
  385. if (jsk->ifindex != addr->can_ifindex) {
  386. ret = -EINVAL;
  387. goto out_release_sock;
  388. }
  389. /* drop old references */
  390. j1939_jsk_del(priv, jsk);
  391. j1939_local_ecu_put(priv, jsk->addr.src_name, jsk->addr.sa);
  392. } else {
  393. struct can_ml_priv *can_ml;
  394. struct net_device *ndev;
  395. ndev = dev_get_by_index(net, addr->can_ifindex);
  396. if (!ndev) {
  397. ret = -ENODEV;
  398. goto out_release_sock;
  399. }
  400. if (ndev->reg_state != NETREG_REGISTERED) {
  401. dev_put(ndev);
  402. ret = -ENODEV;
  403. goto out_release_sock;
  404. }
  405. can_ml = can_get_ml_priv(ndev);
  406. if (!can_ml) {
  407. dev_put(ndev);
  408. ret = -ENODEV;
  409. goto out_release_sock;
  410. }
  411. if (!(ndev->flags & IFF_UP)) {
  412. dev_put(ndev);
  413. ret = -ENETDOWN;
  414. goto out_release_sock;
  415. }
  416. priv = j1939_netdev_start(ndev);
  417. dev_put(ndev);
  418. if (IS_ERR(priv)) {
  419. ret = PTR_ERR(priv);
  420. goto out_release_sock;
  421. }
  422. jsk->ifindex = addr->can_ifindex;
  423. /* the corresponding j1939_priv_put() is called via
  424. * sk->sk_destruct, which points to j1939_sk_sock_destruct()
  425. */
  426. j1939_priv_get(priv);
  427. jsk->priv = priv;
  428. }
  429. /* set default transmit pgn */
  430. if (j1939_pgn_is_valid(addr->can_addr.j1939.pgn))
  431. jsk->pgn_rx_filter = addr->can_addr.j1939.pgn;
  432. jsk->addr.src_name = addr->can_addr.j1939.name;
  433. jsk->addr.sa = addr->can_addr.j1939.addr;
  434. /* get new references */
  435. ret = j1939_local_ecu_get(priv, jsk->addr.src_name, jsk->addr.sa);
  436. if (ret) {
  437. j1939_netdev_stop(priv);
  438. jsk->priv = NULL;
  439. synchronize_rcu();
  440. j1939_priv_put(priv);
  441. goto out_release_sock;
  442. }
  443. j1939_jsk_add(priv, jsk);
  444. out_release_sock: /* fall through */
  445. release_sock(sock->sk);
  446. return ret;
  447. }
  448. static int j1939_sk_connect(struct socket *sock, struct sockaddr_unsized *uaddr,
  449. int len, int flags)
  450. {
  451. struct sockaddr_can *addr = (struct sockaddr_can *)uaddr;
  452. struct j1939_sock *jsk = j1939_sk(sock->sk);
  453. int ret = 0;
  454. ret = j1939_sk_sanity_check(addr, len);
  455. if (ret)
  456. return ret;
  457. lock_sock(sock->sk);
  458. /* bind() before connect() is mandatory */
  459. if (!(jsk->state & J1939_SOCK_BOUND)) {
  460. ret = -EINVAL;
  461. goto out_release_sock;
  462. }
  463. /* A connect() to a different interface is not supported. */
  464. if (jsk->ifindex != addr->can_ifindex) {
  465. ret = -EINVAL;
  466. goto out_release_sock;
  467. }
  468. if (!addr->can_addr.j1939.name &&
  469. addr->can_addr.j1939.addr == J1939_NO_ADDR &&
  470. !sock_flag(&jsk->sk, SOCK_BROADCAST)) {
  471. /* broadcast, but SO_BROADCAST not set */
  472. ret = -EACCES;
  473. goto out_release_sock;
  474. }
  475. jsk->addr.dst_name = addr->can_addr.j1939.name;
  476. jsk->addr.da = addr->can_addr.j1939.addr;
  477. if (j1939_pgn_is_valid(addr->can_addr.j1939.pgn))
  478. jsk->addr.pgn = addr->can_addr.j1939.pgn;
  479. jsk->state |= J1939_SOCK_CONNECTED;
  480. out_release_sock: /* fall through */
  481. release_sock(sock->sk);
  482. return ret;
  483. }
  484. static void j1939_sk_sock2sockaddr_can(struct sockaddr_can *addr,
  485. const struct j1939_sock *jsk, int peer)
  486. {
  487. /* There are two holes (2 bytes and 3 bytes) to clear to avoid
  488. * leaking kernel information to user space.
  489. */
  490. memset(addr, 0, J1939_MIN_NAMELEN);
  491. addr->can_family = AF_CAN;
  492. addr->can_ifindex = jsk->ifindex;
  493. addr->can_addr.j1939.pgn = jsk->addr.pgn;
  494. if (peer) {
  495. addr->can_addr.j1939.name = jsk->addr.dst_name;
  496. addr->can_addr.j1939.addr = jsk->addr.da;
  497. } else {
  498. addr->can_addr.j1939.name = jsk->addr.src_name;
  499. addr->can_addr.j1939.addr = jsk->addr.sa;
  500. }
  501. }
  502. static int j1939_sk_getname(struct socket *sock, struct sockaddr *uaddr,
  503. int peer)
  504. {
  505. struct sockaddr_can *addr = (struct sockaddr_can *)uaddr;
  506. struct sock *sk = sock->sk;
  507. struct j1939_sock *jsk = j1939_sk(sk);
  508. int ret = 0;
  509. lock_sock(sk);
  510. if (peer && !(jsk->state & J1939_SOCK_CONNECTED)) {
  511. ret = -EADDRNOTAVAIL;
  512. goto failure;
  513. }
  514. j1939_sk_sock2sockaddr_can(addr, jsk, peer);
  515. ret = J1939_MIN_NAMELEN;
  516. failure:
  517. release_sock(sk);
  518. return ret;
  519. }
  520. static int j1939_sk_release(struct socket *sock)
  521. {
  522. struct sock *sk = sock->sk;
  523. struct j1939_sock *jsk;
  524. if (!sk)
  525. return 0;
  526. lock_sock(sk);
  527. jsk = j1939_sk(sk);
  528. if (jsk->state & J1939_SOCK_BOUND) {
  529. struct j1939_priv *priv = jsk->priv;
  530. if (wait_event_interruptible(jsk->waitq,
  531. !j1939_sock_pending_get(&jsk->sk))) {
  532. j1939_cancel_active_session(priv, sk);
  533. j1939_sk_queue_drop_all(priv, jsk, ESHUTDOWN);
  534. }
  535. j1939_jsk_del(priv, jsk);
  536. j1939_local_ecu_put(priv, jsk->addr.src_name,
  537. jsk->addr.sa);
  538. j1939_netdev_stop(priv);
  539. }
  540. kfree(jsk->filters);
  541. sock_orphan(sk);
  542. sock->sk = NULL;
  543. release_sock(sk);
  544. sock_prot_inuse_add(sock_net(sk), sk->sk_prot, -1);
  545. sock_put(sk);
  546. return 0;
  547. }
  548. static int j1939_sk_setsockopt_flag(struct j1939_sock *jsk, sockptr_t optval,
  549. unsigned int optlen, int flag)
  550. {
  551. int tmp;
  552. if (optlen != sizeof(tmp))
  553. return -EINVAL;
  554. if (copy_from_sockptr(&tmp, optval, optlen))
  555. return -EFAULT;
  556. lock_sock(&jsk->sk);
  557. if (tmp)
  558. jsk->state |= flag;
  559. else
  560. jsk->state &= ~flag;
  561. release_sock(&jsk->sk);
  562. return tmp;
  563. }
  564. static int j1939_sk_setsockopt(struct socket *sock, int level, int optname,
  565. sockptr_t optval, unsigned int optlen)
  566. {
  567. struct sock *sk = sock->sk;
  568. struct j1939_sock *jsk = j1939_sk(sk);
  569. int tmp, count = 0, ret = 0;
  570. struct j1939_filter *filters = NULL, *ofilters;
  571. if (level != SOL_CAN_J1939)
  572. return -EINVAL;
  573. switch (optname) {
  574. case SO_J1939_FILTER:
  575. if (!sockptr_is_null(optval) && optlen != 0) {
  576. struct j1939_filter *f;
  577. int c;
  578. if (optlen % sizeof(*filters) != 0)
  579. return -EINVAL;
  580. if (optlen > J1939_FILTER_MAX *
  581. sizeof(struct j1939_filter))
  582. return -EINVAL;
  583. count = optlen / sizeof(*filters);
  584. filters = memdup_sockptr(optval, optlen);
  585. if (IS_ERR(filters))
  586. return PTR_ERR(filters);
  587. for (f = filters, c = count; c; f++, c--) {
  588. f->name &= f->name_mask;
  589. f->pgn &= f->pgn_mask;
  590. f->addr &= f->addr_mask;
  591. }
  592. }
  593. lock_sock(&jsk->sk);
  594. spin_lock_bh(&jsk->filters_lock);
  595. ofilters = jsk->filters;
  596. jsk->filters = filters;
  597. jsk->nfilters = count;
  598. spin_unlock_bh(&jsk->filters_lock);
  599. release_sock(&jsk->sk);
  600. kfree(ofilters);
  601. return 0;
  602. case SO_J1939_PROMISC:
  603. return j1939_sk_setsockopt_flag(jsk, optval, optlen,
  604. J1939_SOCK_PROMISC);
  605. case SO_J1939_ERRQUEUE:
  606. ret = j1939_sk_setsockopt_flag(jsk, optval, optlen,
  607. J1939_SOCK_ERRQUEUE);
  608. if (ret < 0)
  609. return ret;
  610. if (!(jsk->state & J1939_SOCK_ERRQUEUE))
  611. skb_queue_purge(&sk->sk_error_queue);
  612. return ret;
  613. case SO_J1939_SEND_PRIO:
  614. if (optlen != sizeof(tmp))
  615. return -EINVAL;
  616. if (copy_from_sockptr(&tmp, optval, optlen))
  617. return -EFAULT;
  618. if (tmp < 0 || tmp > 7)
  619. return -EDOM;
  620. if (tmp < 2 && !capable(CAP_NET_ADMIN))
  621. return -EPERM;
  622. lock_sock(&jsk->sk);
  623. jsk->sk.sk_priority = j1939_to_sk_priority(tmp);
  624. release_sock(&jsk->sk);
  625. return 0;
  626. default:
  627. return -ENOPROTOOPT;
  628. }
  629. }
  630. static int j1939_sk_getsockopt(struct socket *sock, int level, int optname,
  631. char __user *optval, int __user *optlen)
  632. {
  633. struct sock *sk = sock->sk;
  634. struct j1939_sock *jsk = j1939_sk(sk);
  635. int ret, ulen;
  636. /* set defaults for using 'int' properties */
  637. int tmp = 0;
  638. int len = sizeof(tmp);
  639. void *val = &tmp;
  640. if (level != SOL_CAN_J1939)
  641. return -EINVAL;
  642. if (get_user(ulen, optlen))
  643. return -EFAULT;
  644. if (ulen < 0)
  645. return -EINVAL;
  646. lock_sock(&jsk->sk);
  647. switch (optname) {
  648. case SO_J1939_PROMISC:
  649. tmp = (jsk->state & J1939_SOCK_PROMISC) ? 1 : 0;
  650. break;
  651. case SO_J1939_ERRQUEUE:
  652. tmp = (jsk->state & J1939_SOCK_ERRQUEUE) ? 1 : 0;
  653. break;
  654. case SO_J1939_SEND_PRIO:
  655. tmp = j1939_prio(jsk->sk.sk_priority);
  656. break;
  657. default:
  658. ret = -ENOPROTOOPT;
  659. goto no_copy;
  660. }
  661. /* copy to user, based on 'len' & 'val'
  662. * but most sockopt's are 'int' properties, and have 'len' & 'val'
  663. * left unchanged, but instead modified 'tmp'
  664. */
  665. if (len > ulen)
  666. ret = -EFAULT;
  667. else if (put_user(len, optlen))
  668. ret = -EFAULT;
  669. else if (copy_to_user(optval, val, len))
  670. ret = -EFAULT;
  671. else
  672. ret = 0;
  673. no_copy:
  674. release_sock(&jsk->sk);
  675. return ret;
  676. }
  677. static int j1939_sk_recvmsg(struct socket *sock, struct msghdr *msg,
  678. size_t size, int flags)
  679. {
  680. struct sock *sk = sock->sk;
  681. struct sk_buff *skb;
  682. struct j1939_sk_buff_cb *skcb;
  683. int ret = 0;
  684. if (flags & ~(MSG_DONTWAIT | MSG_ERRQUEUE | MSG_CMSG_COMPAT))
  685. return -EINVAL;
  686. if (flags & MSG_ERRQUEUE)
  687. return sock_recv_errqueue(sock->sk, msg, size, SOL_CAN_J1939,
  688. SCM_J1939_ERRQUEUE);
  689. skb = skb_recv_datagram(sk, flags, &ret);
  690. if (!skb)
  691. return ret;
  692. if (size < skb->len)
  693. msg->msg_flags |= MSG_TRUNC;
  694. else
  695. size = skb->len;
  696. ret = memcpy_to_msg(msg, skb->data, size);
  697. if (ret < 0) {
  698. skb_free_datagram(sk, skb);
  699. return ret;
  700. }
  701. skcb = j1939_skb_to_cb(skb);
  702. if (j1939_address_is_valid(skcb->addr.da))
  703. put_cmsg(msg, SOL_CAN_J1939, SCM_J1939_DEST_ADDR,
  704. sizeof(skcb->addr.da), &skcb->addr.da);
  705. if (skcb->addr.dst_name)
  706. put_cmsg(msg, SOL_CAN_J1939, SCM_J1939_DEST_NAME,
  707. sizeof(skcb->addr.dst_name), &skcb->addr.dst_name);
  708. put_cmsg(msg, SOL_CAN_J1939, SCM_J1939_PRIO,
  709. sizeof(skcb->priority), &skcb->priority);
  710. if (msg->msg_name) {
  711. struct sockaddr_can *paddr = msg->msg_name;
  712. msg->msg_namelen = J1939_MIN_NAMELEN;
  713. memset(msg->msg_name, 0, msg->msg_namelen);
  714. paddr->can_family = AF_CAN;
  715. paddr->can_ifindex = skb->skb_iif;
  716. paddr->can_addr.j1939.name = skcb->addr.src_name;
  717. paddr->can_addr.j1939.addr = skcb->addr.sa;
  718. paddr->can_addr.j1939.pgn = skcb->addr.pgn;
  719. }
  720. sock_recv_cmsgs(msg, sk, skb);
  721. msg->msg_flags |= skcb->msg_flags;
  722. skb_free_datagram(sk, skb);
  723. return size;
  724. }
  725. static struct sk_buff *j1939_sk_alloc_skb(struct net_device *ndev,
  726. struct sock *sk,
  727. struct msghdr *msg, size_t size,
  728. int *errcode)
  729. {
  730. struct j1939_sock *jsk = j1939_sk(sk);
  731. struct j1939_sk_buff_cb *skcb;
  732. struct sk_buff *skb;
  733. struct can_skb_ext *csx;
  734. int ret;
  735. skb = sock_alloc_send_skb(sk,
  736. size +
  737. sizeof(struct can_frame) -
  738. sizeof(((struct can_frame *)NULL)->data),
  739. msg->msg_flags & MSG_DONTWAIT, &ret);
  740. if (!skb)
  741. goto failure;
  742. csx = can_skb_ext_add(skb);
  743. if (!csx) {
  744. kfree_skb(skb);
  745. ret = -ENOMEM;
  746. goto failure;
  747. }
  748. csx->can_iif = ndev->ifindex;
  749. skb_reserve(skb, offsetof(struct can_frame, data));
  750. ret = memcpy_from_msg(skb_put(skb, size), msg, size);
  751. if (ret < 0)
  752. goto free_skb;
  753. skb->dev = ndev;
  754. skcb = j1939_skb_to_cb(skb);
  755. memset(skcb, 0, sizeof(*skcb));
  756. skcb->addr = jsk->addr;
  757. skcb->priority = j1939_prio(READ_ONCE(sk->sk_priority));
  758. if (msg->msg_name) {
  759. struct sockaddr_can *addr = msg->msg_name;
  760. if (addr->can_addr.j1939.name ||
  761. addr->can_addr.j1939.addr != J1939_NO_ADDR) {
  762. skcb->addr.dst_name = addr->can_addr.j1939.name;
  763. skcb->addr.da = addr->can_addr.j1939.addr;
  764. }
  765. if (j1939_pgn_is_valid(addr->can_addr.j1939.pgn))
  766. skcb->addr.pgn = addr->can_addr.j1939.pgn;
  767. }
  768. *errcode = ret;
  769. return skb;
  770. free_skb:
  771. kfree_skb(skb);
  772. failure:
  773. *errcode = ret;
  774. return NULL;
  775. }
  776. static size_t j1939_sk_opt_stats_get_size(enum j1939_sk_errqueue_type type)
  777. {
  778. switch (type) {
  779. case J1939_ERRQUEUE_RX_RTS:
  780. return
  781. nla_total_size(sizeof(u32)) + /* J1939_NLA_TOTAL_SIZE */
  782. nla_total_size(sizeof(u32)) + /* J1939_NLA_PGN */
  783. nla_total_size(sizeof(u64)) + /* J1939_NLA_SRC_NAME */
  784. nla_total_size(sizeof(u64)) + /* J1939_NLA_DEST_NAME */
  785. nla_total_size(sizeof(u8)) + /* J1939_NLA_SRC_ADDR */
  786. nla_total_size(sizeof(u8)) + /* J1939_NLA_DEST_ADDR */
  787. 0;
  788. default:
  789. return
  790. nla_total_size(sizeof(u32)) + /* J1939_NLA_BYTES_ACKED */
  791. 0;
  792. }
  793. }
  794. static struct sk_buff *
  795. j1939_sk_get_timestamping_opt_stats(struct j1939_session *session,
  796. enum j1939_sk_errqueue_type type)
  797. {
  798. struct sk_buff *stats;
  799. u32 size;
  800. stats = alloc_skb(j1939_sk_opt_stats_get_size(type), GFP_ATOMIC);
  801. if (!stats)
  802. return NULL;
  803. if (session->skcb.addr.type == J1939_SIMPLE)
  804. size = session->total_message_size;
  805. else
  806. size = min(session->pkt.tx_acked * 7,
  807. session->total_message_size);
  808. switch (type) {
  809. case J1939_ERRQUEUE_RX_RTS:
  810. nla_put_u32(stats, J1939_NLA_TOTAL_SIZE,
  811. session->total_message_size);
  812. nla_put_u32(stats, J1939_NLA_PGN,
  813. session->skcb.addr.pgn);
  814. nla_put_u64_64bit(stats, J1939_NLA_SRC_NAME,
  815. session->skcb.addr.src_name, J1939_NLA_PAD);
  816. nla_put_u64_64bit(stats, J1939_NLA_DEST_NAME,
  817. session->skcb.addr.dst_name, J1939_NLA_PAD);
  818. nla_put_u8(stats, J1939_NLA_SRC_ADDR,
  819. session->skcb.addr.sa);
  820. nla_put_u8(stats, J1939_NLA_DEST_ADDR,
  821. session->skcb.addr.da);
  822. break;
  823. default:
  824. nla_put_u32(stats, J1939_NLA_BYTES_ACKED, size);
  825. }
  826. return stats;
  827. }
  828. static void __j1939_sk_errqueue(struct j1939_session *session, struct sock *sk,
  829. enum j1939_sk_errqueue_type type)
  830. {
  831. struct j1939_priv *priv = session->priv;
  832. struct j1939_sock *jsk;
  833. struct sock_exterr_skb *serr;
  834. struct sk_buff *skb;
  835. char *state = "UNK";
  836. u32 tsflags;
  837. int err;
  838. jsk = j1939_sk(sk);
  839. if (!(jsk->state & J1939_SOCK_ERRQUEUE))
  840. return;
  841. tsflags = READ_ONCE(sk->sk_tsflags);
  842. switch (type) {
  843. case J1939_ERRQUEUE_TX_ACK:
  844. if (!(tsflags & SOF_TIMESTAMPING_TX_ACK))
  845. return;
  846. break;
  847. case J1939_ERRQUEUE_TX_SCHED:
  848. if (!(tsflags & SOF_TIMESTAMPING_TX_SCHED))
  849. return;
  850. break;
  851. case J1939_ERRQUEUE_TX_ABORT:
  852. break;
  853. case J1939_ERRQUEUE_RX_RTS:
  854. fallthrough;
  855. case J1939_ERRQUEUE_RX_DPO:
  856. fallthrough;
  857. case J1939_ERRQUEUE_RX_ABORT:
  858. if (!(tsflags & SOF_TIMESTAMPING_RX_SOFTWARE))
  859. return;
  860. break;
  861. default:
  862. netdev_err(priv->ndev, "Unknown errqueue type %i\n", type);
  863. }
  864. skb = j1939_sk_get_timestamping_opt_stats(session, type);
  865. if (!skb)
  866. return;
  867. skb->tstamp = ktime_get_real();
  868. BUILD_BUG_ON(sizeof(struct sock_exterr_skb) > sizeof(skb->cb));
  869. serr = SKB_EXT_ERR(skb);
  870. memset(serr, 0, sizeof(*serr));
  871. switch (type) {
  872. case J1939_ERRQUEUE_TX_ACK:
  873. serr->ee.ee_errno = ENOMSG;
  874. serr->ee.ee_origin = SO_EE_ORIGIN_TIMESTAMPING;
  875. serr->ee.ee_info = SCM_TSTAMP_ACK;
  876. state = "TX ACK";
  877. break;
  878. case J1939_ERRQUEUE_TX_SCHED:
  879. serr->ee.ee_errno = ENOMSG;
  880. serr->ee.ee_origin = SO_EE_ORIGIN_TIMESTAMPING;
  881. serr->ee.ee_info = SCM_TSTAMP_SCHED;
  882. state = "TX SCH";
  883. break;
  884. case J1939_ERRQUEUE_TX_ABORT:
  885. serr->ee.ee_errno = session->err;
  886. serr->ee.ee_origin = SO_EE_ORIGIN_LOCAL;
  887. serr->ee.ee_info = J1939_EE_INFO_TX_ABORT;
  888. state = "TX ABT";
  889. break;
  890. case J1939_ERRQUEUE_RX_RTS:
  891. serr->ee.ee_errno = ENOMSG;
  892. serr->ee.ee_origin = SO_EE_ORIGIN_LOCAL;
  893. serr->ee.ee_info = J1939_EE_INFO_RX_RTS;
  894. state = "RX RTS";
  895. break;
  896. case J1939_ERRQUEUE_RX_DPO:
  897. serr->ee.ee_errno = ENOMSG;
  898. serr->ee.ee_origin = SO_EE_ORIGIN_LOCAL;
  899. serr->ee.ee_info = J1939_EE_INFO_RX_DPO;
  900. state = "RX DPO";
  901. break;
  902. case J1939_ERRQUEUE_RX_ABORT:
  903. serr->ee.ee_errno = session->err;
  904. serr->ee.ee_origin = SO_EE_ORIGIN_LOCAL;
  905. serr->ee.ee_info = J1939_EE_INFO_RX_ABORT;
  906. state = "RX ABT";
  907. break;
  908. }
  909. serr->opt_stats = true;
  910. if (tsflags & SOF_TIMESTAMPING_OPT_ID)
  911. serr->ee.ee_data = session->tskey;
  912. netdev_dbg(session->priv->ndev, "%s: 0x%p tskey: %i, state: %s\n",
  913. __func__, session, session->tskey, state);
  914. err = sock_queue_err_skb(sk, skb);
  915. if (err)
  916. kfree_skb(skb);
  917. };
  918. void j1939_sk_errqueue(struct j1939_session *session,
  919. enum j1939_sk_errqueue_type type)
  920. {
  921. struct j1939_priv *priv = session->priv;
  922. struct j1939_sock *jsk;
  923. if (session->sk) {
  924. /* send TX notifications to the socket of origin */
  925. __j1939_sk_errqueue(session, session->sk, type);
  926. return;
  927. }
  928. /* spread RX notifications to all sockets subscribed to this session */
  929. read_lock_bh(&priv->j1939_socks_lock);
  930. list_for_each_entry(jsk, &priv->j1939_socks, list) {
  931. if (j1939_sk_recv_match_one(jsk, &session->skcb))
  932. __j1939_sk_errqueue(session, &jsk->sk, type);
  933. }
  934. read_unlock_bh(&priv->j1939_socks_lock);
  935. };
  936. void j1939_sk_send_loop_abort(struct sock *sk, int err)
  937. {
  938. struct j1939_sock *jsk = j1939_sk(sk);
  939. if (jsk->state & J1939_SOCK_ERRQUEUE)
  940. return;
  941. sk->sk_err = err;
  942. sk_error_report(sk);
  943. }
  944. static int j1939_sk_send_loop(struct j1939_priv *priv, struct sock *sk,
  945. struct msghdr *msg, size_t size)
  946. {
  947. struct j1939_sock *jsk = j1939_sk(sk);
  948. struct j1939_session *session = j1939_sk_get_incomplete_session(jsk);
  949. struct sk_buff *skb;
  950. size_t segment_size, todo_size;
  951. int ret = 0;
  952. if (session &&
  953. session->total_message_size != session->total_queued_size + size) {
  954. j1939_session_put(session);
  955. return -EIO;
  956. }
  957. todo_size = size;
  958. do {
  959. struct j1939_sk_buff_cb *skcb;
  960. segment_size = min_t(size_t, J1939_MAX_TP_PACKET_SIZE,
  961. todo_size);
  962. /* Allocate skb for one segment */
  963. skb = j1939_sk_alloc_skb(priv->ndev, sk, msg, segment_size,
  964. &ret);
  965. if (ret)
  966. break;
  967. skcb = j1939_skb_to_cb(skb);
  968. if (!session) {
  969. /* at this point the size should be full size
  970. * of the session
  971. */
  972. skcb->offset = 0;
  973. session = j1939_tp_send(priv, skb, size);
  974. if (IS_ERR(session)) {
  975. ret = PTR_ERR(session);
  976. goto kfree_skb;
  977. }
  978. if (j1939_sk_queue_session(session)) {
  979. /* try to activate session if we a
  980. * fist in the queue
  981. */
  982. if (!j1939_session_activate(session)) {
  983. j1939_tp_schedule_txtimer(session, 0);
  984. } else {
  985. ret = -EBUSY;
  986. session->err = ret;
  987. j1939_sk_queue_drop_all(priv, jsk,
  988. EBUSY);
  989. break;
  990. }
  991. }
  992. } else {
  993. skcb->offset = session->total_queued_size;
  994. j1939_session_skb_queue(session, skb);
  995. }
  996. todo_size -= segment_size;
  997. session->total_queued_size += segment_size;
  998. } while (todo_size);
  999. switch (ret) {
  1000. case 0: /* OK */
  1001. if (todo_size)
  1002. netdev_warn(priv->ndev,
  1003. "no error found and not completely queued?! %zu\n",
  1004. todo_size);
  1005. ret = size;
  1006. break;
  1007. case -ERESTARTSYS:
  1008. ret = -EINTR;
  1009. fallthrough;
  1010. case -EAGAIN: /* OK */
  1011. if (todo_size != size)
  1012. ret = size - todo_size;
  1013. break;
  1014. default: /* ERROR */
  1015. break;
  1016. }
  1017. if (session)
  1018. j1939_session_put(session);
  1019. return ret;
  1020. kfree_skb:
  1021. kfree_skb(skb);
  1022. return ret;
  1023. }
  1024. static int j1939_sk_sendmsg(struct socket *sock, struct msghdr *msg,
  1025. size_t size)
  1026. {
  1027. struct sock *sk = sock->sk;
  1028. struct j1939_sock *jsk = j1939_sk(sk);
  1029. struct j1939_priv *priv;
  1030. int ifindex;
  1031. int ret;
  1032. lock_sock(sock->sk);
  1033. /* various socket state tests */
  1034. if (!(jsk->state & J1939_SOCK_BOUND)) {
  1035. ret = -EBADFD;
  1036. goto sendmsg_done;
  1037. }
  1038. priv = jsk->priv;
  1039. ifindex = jsk->ifindex;
  1040. if (!jsk->addr.src_name && jsk->addr.sa == J1939_NO_ADDR) {
  1041. /* no source address assigned yet */
  1042. ret = -EBADFD;
  1043. goto sendmsg_done;
  1044. }
  1045. /* deal with provided destination address info */
  1046. if (msg->msg_name) {
  1047. struct sockaddr_can *addr = msg->msg_name;
  1048. if (msg->msg_namelen < J1939_MIN_NAMELEN) {
  1049. ret = -EINVAL;
  1050. goto sendmsg_done;
  1051. }
  1052. if (addr->can_family != AF_CAN) {
  1053. ret = -EINVAL;
  1054. goto sendmsg_done;
  1055. }
  1056. if (addr->can_ifindex && addr->can_ifindex != ifindex) {
  1057. ret = -EBADFD;
  1058. goto sendmsg_done;
  1059. }
  1060. if (j1939_pgn_is_valid(addr->can_addr.j1939.pgn) &&
  1061. !j1939_pgn_is_clean_pdu(addr->can_addr.j1939.pgn)) {
  1062. ret = -EINVAL;
  1063. goto sendmsg_done;
  1064. }
  1065. if (!addr->can_addr.j1939.name &&
  1066. addr->can_addr.j1939.addr == J1939_NO_ADDR &&
  1067. !sock_flag(sk, SOCK_BROADCAST)) {
  1068. /* broadcast, but SO_BROADCAST not set */
  1069. ret = -EACCES;
  1070. goto sendmsg_done;
  1071. }
  1072. } else {
  1073. if (!jsk->addr.dst_name && jsk->addr.da == J1939_NO_ADDR &&
  1074. !sock_flag(sk, SOCK_BROADCAST)) {
  1075. /* broadcast, but SO_BROADCAST not set */
  1076. ret = -EACCES;
  1077. goto sendmsg_done;
  1078. }
  1079. }
  1080. ret = j1939_sk_send_loop(priv, sk, msg, size);
  1081. sendmsg_done:
  1082. release_sock(sock->sk);
  1083. return ret;
  1084. }
  1085. void j1939_sk_netdev_event_netdown(struct j1939_priv *priv)
  1086. {
  1087. struct j1939_sock *jsk;
  1088. int error_code = ENETDOWN;
  1089. read_lock_bh(&priv->j1939_socks_lock);
  1090. list_for_each_entry(jsk, &priv->j1939_socks, list) {
  1091. jsk->sk.sk_err = error_code;
  1092. if (!sock_flag(&jsk->sk, SOCK_DEAD))
  1093. sk_error_report(&jsk->sk);
  1094. j1939_sk_queue_drop_all(priv, jsk, error_code);
  1095. }
  1096. read_unlock_bh(&priv->j1939_socks_lock);
  1097. }
  1098. void j1939_sk_netdev_event_unregister(struct j1939_priv *priv)
  1099. {
  1100. struct sock *sk;
  1101. struct j1939_sock *jsk;
  1102. bool wait_rcu = false;
  1103. rescan: /* The caller is holding a ref on this "priv" via j1939_priv_get_by_ndev(). */
  1104. read_lock_bh(&priv->j1939_socks_lock);
  1105. list_for_each_entry(jsk, &priv->j1939_socks, list) {
  1106. /* Skip if j1939_jsk_add() is not called on this socket. */
  1107. if (!(jsk->state & J1939_SOCK_BOUND))
  1108. continue;
  1109. sk = &jsk->sk;
  1110. sock_hold(sk);
  1111. read_unlock_bh(&priv->j1939_socks_lock);
  1112. /* Check if j1939_jsk_del() is not yet called on this socket after holding
  1113. * socket's lock, for both j1939_sk_bind() and j1939_sk_release() call
  1114. * j1939_jsk_del() with socket's lock held.
  1115. */
  1116. lock_sock(sk);
  1117. if (jsk->state & J1939_SOCK_BOUND) {
  1118. /* Neither j1939_sk_bind() nor j1939_sk_release() called j1939_jsk_del().
  1119. * Make this socket no longer bound, by pretending as if j1939_sk_bind()
  1120. * dropped old references but did not get new references.
  1121. */
  1122. j1939_jsk_del(priv, jsk);
  1123. j1939_local_ecu_put(priv, jsk->addr.src_name, jsk->addr.sa);
  1124. j1939_netdev_stop(priv);
  1125. /* Call j1939_priv_put() now and prevent j1939_sk_sock_destruct() from
  1126. * calling the corresponding j1939_priv_put().
  1127. *
  1128. * j1939_sk_sock_destruct() is supposed to call j1939_priv_put() after
  1129. * an RCU grace period. But since the caller is holding a ref on this
  1130. * "priv", we can defer synchronize_rcu() until immediately before
  1131. * the caller calls j1939_priv_put().
  1132. */
  1133. j1939_priv_put(priv);
  1134. jsk->priv = NULL;
  1135. wait_rcu = true;
  1136. }
  1137. release_sock(sk);
  1138. sock_put(sk);
  1139. goto rescan;
  1140. }
  1141. read_unlock_bh(&priv->j1939_socks_lock);
  1142. if (wait_rcu)
  1143. synchronize_rcu();
  1144. }
  1145. static int j1939_sk_no_ioctlcmd(struct socket *sock, unsigned int cmd,
  1146. unsigned long arg)
  1147. {
  1148. /* no ioctls for socket layer -> hand it down to NIC layer */
  1149. return -ENOIOCTLCMD;
  1150. }
  1151. static const struct proto_ops j1939_ops = {
  1152. .family = PF_CAN,
  1153. .release = j1939_sk_release,
  1154. .bind = j1939_sk_bind,
  1155. .connect = j1939_sk_connect,
  1156. .socketpair = sock_no_socketpair,
  1157. .accept = sock_no_accept,
  1158. .getname = j1939_sk_getname,
  1159. .poll = datagram_poll,
  1160. .ioctl = j1939_sk_no_ioctlcmd,
  1161. .listen = sock_no_listen,
  1162. .shutdown = sock_no_shutdown,
  1163. .setsockopt = j1939_sk_setsockopt,
  1164. .getsockopt = j1939_sk_getsockopt,
  1165. .sendmsg = j1939_sk_sendmsg,
  1166. .recvmsg = j1939_sk_recvmsg,
  1167. .mmap = sock_no_mmap,
  1168. };
  1169. static struct proto j1939_proto __read_mostly = {
  1170. .name = "CAN_J1939",
  1171. .owner = THIS_MODULE,
  1172. .obj_size = sizeof(struct j1939_sock),
  1173. .init = j1939_sk_init,
  1174. };
  1175. const struct can_proto j1939_can_proto = {
  1176. .type = SOCK_DGRAM,
  1177. .protocol = CAN_J1939,
  1178. .ops = &j1939_ops,
  1179. .prot = &j1939_proto,
  1180. };