1 // SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause)
2 /* raw.c - Raw sockets for protocol family CAN
3 *
4 * Copyright (c) 2002-2007 Volkswagen Group Electronic Research
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of Volkswagen nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * Alternatively, provided that this notice is retained in full, this
20 * software may be distributed under the terms of the GNU General
21 * Public License ("GPL") version 2, in which case the provisions of the
22 * GPL apply INSTEAD OF those given above.
23 *
24 * The provided data structures and external interfaces from this code
25 * are not restricted to be used by modules with a GPL compatible license.
26 *
27 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
28 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
29 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
30 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
31 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
32 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
33 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
34 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
35 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
36 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
37 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
38 * DAMAGE.
39 *
40 */
41
42 #include <linux/module.h>
43 #include <linux/init.h>
44 #include <linux/uio.h>
45 #include <linux/net.h>
46 #include <linux/slab.h>
47 #include <linux/netdevice.h>
48 #include <linux/socket.h>
49 #include <linux/if_arp.h>
50 #include <linux/skbuff.h>
51 #include <linux/can.h>
52 #include <linux/can/core.h>
53 #include <linux/can/dev.h> /* for can_is_canxl_dev_mtu() */
54 #include <linux/can/skb.h>
55 #include <linux/can/raw.h>
56 #include <net/sock.h>
57 #include <net/net_namespace.h>
58
59 MODULE_DESCRIPTION("PF_CAN raw protocol");
60 MODULE_LICENSE("Dual BSD/GPL");
61 MODULE_AUTHOR("Urs Thuermann <urs.thuermann@volkswagen.de>");
62 MODULE_ALIAS("can-proto-1");
63
64 #define RAW_MIN_NAMELEN CAN_REQUIRED_SIZE(struct sockaddr_can, can_ifindex)
65
66 #define MASK_ALL 0
67
68 /* A raw socket has a list of can_filters attached to it, each receiving
69 * the CAN frames matching that filter. If the filter list is empty,
70 * no CAN frames will be received by the socket. The default after
71 * opening the socket, is to have one filter which receives all frames.
72 * The filter list is allocated dynamically with the exception of the
73 * list containing only one item. This common case is optimized by
74 * storing the single filter in dfilter, to avoid using dynamic memory.
75 */
76
77 struct uniqframe {
78 int skbcnt;
79 const struct sk_buff *skb;
80 unsigned int join_rx_count;
81 };
82
83 struct raw_sock {
84 struct sock sk;
85 int bound;
86 int ifindex;
87 struct net_device *dev;
88 netdevice_tracker dev_tracker;
89 struct list_head notifier;
90 int loopback;
91 int recv_own_msgs;
92 int fd_frames;
93 int xl_frames;
94 struct can_raw_vcid_options raw_vcid_opts;
95 canid_t tx_vcid_shifted;
96 canid_t rx_vcid_shifted;
97 canid_t rx_vcid_mask_shifted;
98 int join_filters;
99 int count; /* number of active filters */
100 struct can_filter dfilter; /* default/single filter */
101 struct can_filter *filter; /* pointer to filter(s) */
102 can_err_mask_t err_mask;
103 struct uniqframe __percpu *uniq;
104 };
105
106 static LIST_HEAD(raw_notifier_list);
107 static DEFINE_SPINLOCK(raw_notifier_lock);
108 static struct raw_sock *raw_busy_notifier;
109
110 /* Return pointer to store the extra msg flags for raw_recvmsg().
111 * We use the space of one unsigned int beyond the 'struct sockaddr_can'
112 * in skb->cb.
113 */
raw_flags(struct sk_buff * skb)114 static inline unsigned int *raw_flags(struct sk_buff *skb)
115 {
116 sock_skb_cb_check_size(sizeof(struct sockaddr_can) +
117 sizeof(unsigned int));
118
119 /* return pointer after struct sockaddr_can */
120 return (unsigned int *)(&((struct sockaddr_can *)skb->cb)[1]);
121 }
122
raw_sk(const struct sock * sk)123 static inline struct raw_sock *raw_sk(const struct sock *sk)
124 {
125 return (struct raw_sock *)sk;
126 }
127
raw_rcv(struct sk_buff * oskb,void * data)128 static void raw_rcv(struct sk_buff *oskb, void *data)
129 {
130 struct sock *sk = (struct sock *)data;
131 struct raw_sock *ro = raw_sk(sk);
132 struct sockaddr_can *addr;
133 struct sk_buff *skb;
134 unsigned int *pflags;
135
136 /* check the received tx sock reference */
137 if (!ro->recv_own_msgs && oskb->sk == sk)
138 return;
139
140 /* make sure to not pass oversized frames to the socket */
141 if (!ro->fd_frames && can_is_canfd_skb(oskb))
142 return;
143
144 if (can_is_canxl_skb(oskb)) {
145 struct canxl_frame *cxl = (struct canxl_frame *)oskb->data;
146
147 /* make sure to not pass oversized frames to the socket */
148 if (!ro->xl_frames)
149 return;
150
151 /* filter CAN XL VCID content */
152 if (ro->raw_vcid_opts.flags & CAN_RAW_XL_VCID_RX_FILTER) {
153 /* apply VCID filter if user enabled the filter */
154 if ((cxl->prio & ro->rx_vcid_mask_shifted) !=
155 (ro->rx_vcid_shifted & ro->rx_vcid_mask_shifted))
156 return;
157 } else {
158 /* no filter => do not forward VCID tagged frames */
159 if (cxl->prio & CANXL_VCID_MASK)
160 return;
161 }
162 }
163
164 /* eliminate multiple filter matches for the same skb */
165 if (this_cpu_ptr(ro->uniq)->skb == oskb &&
166 this_cpu_ptr(ro->uniq)->skbcnt == can_skb_prv(oskb)->skbcnt) {
167 if (!ro->join_filters)
168 return;
169
170 this_cpu_inc(ro->uniq->join_rx_count);
171 /* drop frame until all enabled filters matched */
172 if (this_cpu_ptr(ro->uniq)->join_rx_count < ro->count)
173 return;
174 } else {
175 this_cpu_ptr(ro->uniq)->skb = oskb;
176 this_cpu_ptr(ro->uniq)->skbcnt = can_skb_prv(oskb)->skbcnt;
177 this_cpu_ptr(ro->uniq)->join_rx_count = 1;
178 /* drop first frame to check all enabled filters? */
179 if (ro->join_filters && ro->count > 1)
180 return;
181 }
182
183 /* clone the given skb to be able to enqueue it into the rcv queue */
184 skb = skb_clone(oskb, GFP_ATOMIC);
185 if (!skb)
186 return;
187
188 /* Put the datagram to the queue so that raw_recvmsg() can get
189 * it from there. We need to pass the interface index to
190 * raw_recvmsg(). We pass a whole struct sockaddr_can in
191 * skb->cb containing the interface index.
192 */
193
194 sock_skb_cb_check_size(sizeof(struct sockaddr_can));
195 addr = (struct sockaddr_can *)skb->cb;
196 memset(addr, 0, sizeof(*addr));
197 addr->can_family = AF_CAN;
198 addr->can_ifindex = skb->dev->ifindex;
199
200 /* add CAN specific message flags for raw_recvmsg() */
201 pflags = raw_flags(skb);
202 *pflags = 0;
203 if (oskb->sk)
204 *pflags |= MSG_DONTROUTE;
205 if (oskb->sk == sk)
206 *pflags |= MSG_CONFIRM;
207
208 if (sock_queue_rcv_skb(sk, skb) < 0)
209 kfree_skb(skb);
210 }
211
raw_enable_filters(struct net * net,struct net_device * dev,struct sock * sk,struct can_filter * filter,int count)212 static int raw_enable_filters(struct net *net, struct net_device *dev,
213 struct sock *sk, struct can_filter *filter,
214 int count)
215 {
216 int err = 0;
217 int i;
218
219 for (i = 0; i < count; i++) {
220 err = can_rx_register(net, dev, filter[i].can_id,
221 filter[i].can_mask,
222 raw_rcv, sk, "raw", sk);
223 if (err) {
224 /* clean up successfully registered filters */
225 while (--i >= 0)
226 can_rx_unregister(net, dev, filter[i].can_id,
227 filter[i].can_mask,
228 raw_rcv, sk);
229 break;
230 }
231 }
232
233 return err;
234 }
235
raw_enable_errfilter(struct net * net,struct net_device * dev,struct sock * sk,can_err_mask_t err_mask)236 static int raw_enable_errfilter(struct net *net, struct net_device *dev,
237 struct sock *sk, can_err_mask_t err_mask)
238 {
239 int err = 0;
240
241 if (err_mask)
242 err = can_rx_register(net, dev, 0, err_mask | CAN_ERR_FLAG,
243 raw_rcv, sk, "raw", sk);
244
245 return err;
246 }
247
raw_disable_filters(struct net * net,struct net_device * dev,struct sock * sk,struct can_filter * filter,int count)248 static void raw_disable_filters(struct net *net, struct net_device *dev,
249 struct sock *sk, struct can_filter *filter,
250 int count)
251 {
252 int i;
253
254 for (i = 0; i < count; i++)
255 can_rx_unregister(net, dev, filter[i].can_id,
256 filter[i].can_mask, raw_rcv, sk);
257 }
258
raw_disable_errfilter(struct net * net,struct net_device * dev,struct sock * sk,can_err_mask_t err_mask)259 static inline void raw_disable_errfilter(struct net *net,
260 struct net_device *dev,
261 struct sock *sk,
262 can_err_mask_t err_mask)
263
264 {
265 if (err_mask)
266 can_rx_unregister(net, dev, 0, err_mask | CAN_ERR_FLAG,
267 raw_rcv, sk);
268 }
269
raw_disable_allfilters(struct net * net,struct net_device * dev,struct sock * sk)270 static inline void raw_disable_allfilters(struct net *net,
271 struct net_device *dev,
272 struct sock *sk)
273 {
274 struct raw_sock *ro = raw_sk(sk);
275
276 raw_disable_filters(net, dev, sk, ro->filter, ro->count);
277 raw_disable_errfilter(net, dev, sk, ro->err_mask);
278 }
279
raw_enable_allfilters(struct net * net,struct net_device * dev,struct sock * sk)280 static int raw_enable_allfilters(struct net *net, struct net_device *dev,
281 struct sock *sk)
282 {
283 struct raw_sock *ro = raw_sk(sk);
284 int err;
285
286 err = raw_enable_filters(net, dev, sk, ro->filter, ro->count);
287 if (!err) {
288 err = raw_enable_errfilter(net, dev, sk, ro->err_mask);
289 if (err)
290 raw_disable_filters(net, dev, sk, ro->filter,
291 ro->count);
292 }
293
294 return err;
295 }
296
raw_notify(struct raw_sock * ro,unsigned long msg,struct net_device * dev)297 static void raw_notify(struct raw_sock *ro, unsigned long msg,
298 struct net_device *dev)
299 {
300 struct sock *sk = &ro->sk;
301
302 if (!net_eq(dev_net(dev), sock_net(sk)))
303 return;
304
305 if (ro->dev != dev)
306 return;
307
308 switch (msg) {
309 case NETDEV_UNREGISTER:
310 lock_sock(sk);
311 /* remove current filters & unregister */
312 if (ro->bound) {
313 raw_disable_allfilters(dev_net(dev), dev, sk);
314 netdev_put(dev, &ro->dev_tracker);
315 }
316
317 if (ro->count > 1)
318 kfree(ro->filter);
319
320 ro->ifindex = 0;
321 ro->bound = 0;
322 ro->dev = NULL;
323 ro->count = 0;
324 release_sock(sk);
325
326 sk->sk_err = ENODEV;
327 if (!sock_flag(sk, SOCK_DEAD))
328 sk_error_report(sk);
329 break;
330
331 case NETDEV_DOWN:
332 sk->sk_err = ENETDOWN;
333 if (!sock_flag(sk, SOCK_DEAD))
334 sk_error_report(sk);
335 break;
336 }
337 }
338
raw_notifier(struct notifier_block * nb,unsigned long msg,void * ptr)339 static int raw_notifier(struct notifier_block *nb, unsigned long msg,
340 void *ptr)
341 {
342 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
343
344 if (dev->type != ARPHRD_CAN)
345 return NOTIFY_DONE;
346 if (msg != NETDEV_UNREGISTER && msg != NETDEV_DOWN)
347 return NOTIFY_DONE;
348 if (unlikely(raw_busy_notifier)) /* Check for reentrant bug. */
349 return NOTIFY_DONE;
350
351 spin_lock(&raw_notifier_lock);
352 list_for_each_entry(raw_busy_notifier, &raw_notifier_list, notifier) {
353 spin_unlock(&raw_notifier_lock);
354 raw_notify(raw_busy_notifier, msg, dev);
355 spin_lock(&raw_notifier_lock);
356 }
357 raw_busy_notifier = NULL;
358 spin_unlock(&raw_notifier_lock);
359 return NOTIFY_DONE;
360 }
361
raw_init(struct sock * sk)362 static int raw_init(struct sock *sk)
363 {
364 struct raw_sock *ro = raw_sk(sk);
365
366 ro->bound = 0;
367 ro->ifindex = 0;
368 ro->dev = NULL;
369
370 /* set default filter to single entry dfilter */
371 ro->dfilter.can_id = 0;
372 ro->dfilter.can_mask = MASK_ALL;
373 ro->filter = &ro->dfilter;
374 ro->count = 1;
375
376 /* set default loopback behaviour */
377 ro->loopback = 1;
378 ro->recv_own_msgs = 0;
379 ro->fd_frames = 0;
380 ro->xl_frames = 0;
381 ro->join_filters = 0;
382
383 /* alloc_percpu provides zero'ed memory */
384 ro->uniq = alloc_percpu(struct uniqframe);
385 if (unlikely(!ro->uniq))
386 return -ENOMEM;
387
388 /* set notifier */
389 spin_lock(&raw_notifier_lock);
390 list_add_tail(&ro->notifier, &raw_notifier_list);
391 spin_unlock(&raw_notifier_lock);
392
393 return 0;
394 }
395
raw_release(struct socket * sock)396 static int raw_release(struct socket *sock)
397 {
398 struct sock *sk = sock->sk;
399 struct raw_sock *ro;
400
401 if (!sk)
402 return 0;
403
404 ro = raw_sk(sk);
405
406 spin_lock(&raw_notifier_lock);
407 while (raw_busy_notifier == ro) {
408 spin_unlock(&raw_notifier_lock);
409 schedule_timeout_uninterruptible(1);
410 spin_lock(&raw_notifier_lock);
411 }
412 list_del(&ro->notifier);
413 spin_unlock(&raw_notifier_lock);
414
415 rtnl_lock();
416 lock_sock(sk);
417
418 /* remove current filters & unregister */
419 if (ro->bound) {
420 if (ro->dev) {
421 raw_disable_allfilters(dev_net(ro->dev), ro->dev, sk);
422 netdev_put(ro->dev, &ro->dev_tracker);
423 } else {
424 raw_disable_allfilters(sock_net(sk), NULL, sk);
425 }
426 }
427
428 if (ro->count > 1)
429 kfree(ro->filter);
430
431 ro->ifindex = 0;
432 ro->bound = 0;
433 ro->dev = NULL;
434 ro->count = 0;
435 free_percpu(ro->uniq);
436
437 sock_orphan(sk);
438 sock->sk = NULL;
439
440 release_sock(sk);
441 rtnl_unlock();
442
443 sock_put(sk);
444
445 return 0;
446 }
447
raw_bind(struct socket * sock,struct sockaddr * uaddr,int len)448 static int raw_bind(struct socket *sock, struct sockaddr *uaddr, int len)
449 {
450 struct sockaddr_can *addr = (struct sockaddr_can *)uaddr;
451 struct sock *sk = sock->sk;
452 struct raw_sock *ro = raw_sk(sk);
453 struct net_device *dev = NULL;
454 int ifindex;
455 int err = 0;
456 int notify_enetdown = 0;
457
458 if (len < RAW_MIN_NAMELEN)
459 return -EINVAL;
460 if (addr->can_family != AF_CAN)
461 return -EINVAL;
462
463 rtnl_lock();
464 lock_sock(sk);
465
466 if (ro->bound && addr->can_ifindex == ro->ifindex)
467 goto out;
468
469 if (addr->can_ifindex) {
470 dev = dev_get_by_index(sock_net(sk), addr->can_ifindex);
471 if (!dev) {
472 err = -ENODEV;
473 goto out;
474 }
475 if (dev->type != ARPHRD_CAN) {
476 err = -ENODEV;
477 goto out_put_dev;
478 }
479
480 if (!(dev->flags & IFF_UP))
481 notify_enetdown = 1;
482
483 ifindex = dev->ifindex;
484
485 /* filters set by default/setsockopt */
486 err = raw_enable_allfilters(sock_net(sk), dev, sk);
487 if (err)
488 goto out_put_dev;
489
490 } else {
491 ifindex = 0;
492
493 /* filters set by default/setsockopt */
494 err = raw_enable_allfilters(sock_net(sk), NULL, sk);
495 }
496
497 if (!err) {
498 if (ro->bound) {
499 /* unregister old filters */
500 if (ro->dev) {
501 raw_disable_allfilters(dev_net(ro->dev),
502 ro->dev, sk);
503 /* drop reference to old ro->dev */
504 netdev_put(ro->dev, &ro->dev_tracker);
505 } else {
506 raw_disable_allfilters(sock_net(sk), NULL, sk);
507 }
508 }
509 ro->ifindex = ifindex;
510 ro->bound = 1;
511 /* bind() ok -> hold a reference for new ro->dev */
512 ro->dev = dev;
513 if (ro->dev)
514 netdev_hold(ro->dev, &ro->dev_tracker, GFP_KERNEL);
515 }
516
517 out_put_dev:
518 /* remove potential reference from dev_get_by_index() */
519 dev_put(dev);
520 out:
521 release_sock(sk);
522 rtnl_unlock();
523
524 if (notify_enetdown) {
525 sk->sk_err = ENETDOWN;
526 if (!sock_flag(sk, SOCK_DEAD))
527 sk_error_report(sk);
528 }
529
530 return err;
531 }
532
raw_getname(struct socket * sock,struct sockaddr * uaddr,int peer)533 static int raw_getname(struct socket *sock, struct sockaddr *uaddr,
534 int peer)
535 {
536 struct sockaddr_can *addr = (struct sockaddr_can *)uaddr;
537 struct sock *sk = sock->sk;
538 struct raw_sock *ro = raw_sk(sk);
539
540 if (peer)
541 return -EOPNOTSUPP;
542
543 memset(addr, 0, RAW_MIN_NAMELEN);
544 addr->can_family = AF_CAN;
545 addr->can_ifindex = ro->ifindex;
546
547 return RAW_MIN_NAMELEN;
548 }
549
raw_setsockopt(struct socket * sock,int level,int optname,sockptr_t optval,unsigned int optlen)550 static int raw_setsockopt(struct socket *sock, int level, int optname,
551 sockptr_t optval, unsigned int optlen)
552 {
553 struct sock *sk = sock->sk;
554 struct raw_sock *ro = raw_sk(sk);
555 struct can_filter *filter = NULL; /* dyn. alloc'ed filters */
556 struct can_filter sfilter; /* single filter */
557 struct net_device *dev = NULL;
558 can_err_mask_t err_mask = 0;
559 int fd_frames;
560 int count = 0;
561 int err = 0;
562
563 if (level != SOL_CAN_RAW)
564 return -EINVAL;
565
566 switch (optname) {
567 case CAN_RAW_FILTER:
568 if (optlen % sizeof(struct can_filter) != 0)
569 return -EINVAL;
570
571 if (optlen > CAN_RAW_FILTER_MAX * sizeof(struct can_filter))
572 return -EINVAL;
573
574 count = optlen / sizeof(struct can_filter);
575
576 if (count > 1) {
577 /* filter does not fit into dfilter => alloc space */
578 filter = memdup_sockptr(optval, optlen);
579 if (IS_ERR(filter))
580 return PTR_ERR(filter);
581 } else if (count == 1) {
582 if (copy_from_sockptr(&sfilter, optval, sizeof(sfilter)))
583 return -EFAULT;
584 }
585
586 rtnl_lock();
587 lock_sock(sk);
588
589 dev = ro->dev;
590 if (ro->bound && dev) {
591 if (dev->reg_state != NETREG_REGISTERED) {
592 if (count > 1)
593 kfree(filter);
594 err = -ENODEV;
595 goto out_fil;
596 }
597 }
598
599 if (ro->bound) {
600 /* (try to) register the new filters */
601 if (count == 1)
602 err = raw_enable_filters(sock_net(sk), dev, sk,
603 &sfilter, 1);
604 else
605 err = raw_enable_filters(sock_net(sk), dev, sk,
606 filter, count);
607 if (err) {
608 if (count > 1)
609 kfree(filter);
610 goto out_fil;
611 }
612
613 /* remove old filter registrations */
614 raw_disable_filters(sock_net(sk), dev, sk, ro->filter,
615 ro->count);
616 }
617
618 /* remove old filter space */
619 if (ro->count > 1)
620 kfree(ro->filter);
621
622 /* link new filters to the socket */
623 if (count == 1) {
624 /* copy filter data for single filter */
625 ro->dfilter = sfilter;
626 filter = &ro->dfilter;
627 }
628 ro->filter = filter;
629 ro->count = count;
630
631 out_fil:
632 release_sock(sk);
633 rtnl_unlock();
634
635 break;
636
637 case CAN_RAW_ERR_FILTER:
638 if (optlen != sizeof(err_mask))
639 return -EINVAL;
640
641 if (copy_from_sockptr(&err_mask, optval, optlen))
642 return -EFAULT;
643
644 err_mask &= CAN_ERR_MASK;
645
646 rtnl_lock();
647 lock_sock(sk);
648
649 dev = ro->dev;
650 if (ro->bound && dev) {
651 if (dev->reg_state != NETREG_REGISTERED) {
652 err = -ENODEV;
653 goto out_err;
654 }
655 }
656
657 /* remove current error mask */
658 if (ro->bound) {
659 /* (try to) register the new err_mask */
660 err = raw_enable_errfilter(sock_net(sk), dev, sk,
661 err_mask);
662
663 if (err)
664 goto out_err;
665
666 /* remove old err_mask registration */
667 raw_disable_errfilter(sock_net(sk), dev, sk,
668 ro->err_mask);
669 }
670
671 /* link new err_mask to the socket */
672 ro->err_mask = err_mask;
673
674 out_err:
675 release_sock(sk);
676 rtnl_unlock();
677
678 break;
679
680 case CAN_RAW_LOOPBACK:
681 if (optlen != sizeof(ro->loopback))
682 return -EINVAL;
683
684 if (copy_from_sockptr(&ro->loopback, optval, optlen))
685 return -EFAULT;
686
687 break;
688
689 case CAN_RAW_RECV_OWN_MSGS:
690 if (optlen != sizeof(ro->recv_own_msgs))
691 return -EINVAL;
692
693 if (copy_from_sockptr(&ro->recv_own_msgs, optval, optlen))
694 return -EFAULT;
695
696 break;
697
698 case CAN_RAW_FD_FRAMES:
699 if (optlen != sizeof(fd_frames))
700 return -EINVAL;
701
702 if (copy_from_sockptr(&fd_frames, optval, optlen))
703 return -EFAULT;
704
705 /* Enabling CAN XL includes CAN FD */
706 if (ro->xl_frames && !fd_frames)
707 return -EINVAL;
708
709 ro->fd_frames = fd_frames;
710 break;
711
712 case CAN_RAW_XL_FRAMES:
713 if (optlen != sizeof(ro->xl_frames))
714 return -EINVAL;
715
716 if (copy_from_sockptr(&ro->xl_frames, optval, optlen))
717 return -EFAULT;
718
719 /* Enabling CAN XL includes CAN FD */
720 if (ro->xl_frames)
721 ro->fd_frames = ro->xl_frames;
722 break;
723
724 case CAN_RAW_XL_VCID_OPTS:
725 if (optlen != sizeof(ro->raw_vcid_opts))
726 return -EINVAL;
727
728 if (copy_from_sockptr(&ro->raw_vcid_opts, optval, optlen))
729 return -EFAULT;
730
731 /* prepare 32 bit values for handling in hot path */
732 ro->tx_vcid_shifted = ro->raw_vcid_opts.tx_vcid << CANXL_VCID_OFFSET;
733 ro->rx_vcid_shifted = ro->raw_vcid_opts.rx_vcid << CANXL_VCID_OFFSET;
734 ro->rx_vcid_mask_shifted = ro->raw_vcid_opts.rx_vcid_mask << CANXL_VCID_OFFSET;
735 break;
736
737 case CAN_RAW_JOIN_FILTERS:
738 if (optlen != sizeof(ro->join_filters))
739 return -EINVAL;
740
741 if (copy_from_sockptr(&ro->join_filters, optval, optlen))
742 return -EFAULT;
743
744 break;
745
746 default:
747 return -ENOPROTOOPT;
748 }
749 return err;
750 }
751
raw_getsockopt(struct socket * sock,int level,int optname,char __user * optval,int __user * optlen)752 static int raw_getsockopt(struct socket *sock, int level, int optname,
753 char __user *optval, int __user *optlen)
754 {
755 struct sock *sk = sock->sk;
756 struct raw_sock *ro = raw_sk(sk);
757 int len;
758 void *val;
759
760 if (level != SOL_CAN_RAW)
761 return -EINVAL;
762 if (get_user(len, optlen))
763 return -EFAULT;
764 if (len < 0)
765 return -EINVAL;
766
767 switch (optname) {
768 case CAN_RAW_FILTER: {
769 int err = 0;
770
771 lock_sock(sk);
772 if (ro->count > 0) {
773 int fsize = ro->count * sizeof(struct can_filter);
774
775 /* user space buffer to small for filter list? */
776 if (len < fsize) {
777 /* return -ERANGE and needed space in optlen */
778 err = -ERANGE;
779 if (put_user(fsize, optlen))
780 err = -EFAULT;
781 } else {
782 if (len > fsize)
783 len = fsize;
784 if (copy_to_user(optval, ro->filter, len))
785 err = -EFAULT;
786 }
787 } else {
788 len = 0;
789 }
790 release_sock(sk);
791
792 if (!err)
793 err = put_user(len, optlen);
794 return err;
795 }
796 case CAN_RAW_ERR_FILTER:
797 if (len > sizeof(can_err_mask_t))
798 len = sizeof(can_err_mask_t);
799 val = &ro->err_mask;
800 break;
801
802 case CAN_RAW_LOOPBACK:
803 if (len > sizeof(int))
804 len = sizeof(int);
805 val = &ro->loopback;
806 break;
807
808 case CAN_RAW_RECV_OWN_MSGS:
809 if (len > sizeof(int))
810 len = sizeof(int);
811 val = &ro->recv_own_msgs;
812 break;
813
814 case CAN_RAW_FD_FRAMES:
815 if (len > sizeof(int))
816 len = sizeof(int);
817 val = &ro->fd_frames;
818 break;
819
820 case CAN_RAW_XL_FRAMES:
821 if (len > sizeof(int))
822 len = sizeof(int);
823 val = &ro->xl_frames;
824 break;
825
826 case CAN_RAW_XL_VCID_OPTS: {
827 int err = 0;
828
829 /* user space buffer to small for VCID opts? */
830 if (len < sizeof(ro->raw_vcid_opts)) {
831 /* return -ERANGE and needed space in optlen */
832 err = -ERANGE;
833 if (put_user(sizeof(ro->raw_vcid_opts), optlen))
834 err = -EFAULT;
835 } else {
836 if (len > sizeof(ro->raw_vcid_opts))
837 len = sizeof(ro->raw_vcid_opts);
838 if (copy_to_user(optval, &ro->raw_vcid_opts, len))
839 err = -EFAULT;
840 }
841 if (!err)
842 err = put_user(len, optlen);
843 return err;
844 }
845 case CAN_RAW_JOIN_FILTERS:
846 if (len > sizeof(int))
847 len = sizeof(int);
848 val = &ro->join_filters;
849 break;
850
851 default:
852 return -ENOPROTOOPT;
853 }
854
855 if (put_user(len, optlen))
856 return -EFAULT;
857 if (copy_to_user(optval, val, len))
858 return -EFAULT;
859 return 0;
860 }
861
raw_put_canxl_vcid(struct raw_sock * ro,struct sk_buff * skb)862 static void raw_put_canxl_vcid(struct raw_sock *ro, struct sk_buff *skb)
863 {
864 struct canxl_frame *cxl = (struct canxl_frame *)skb->data;
865
866 /* sanitize non CAN XL bits */
867 cxl->prio &= (CANXL_PRIO_MASK | CANXL_VCID_MASK);
868
869 /* clear VCID in CAN XL frame if pass through is disabled */
870 if (!(ro->raw_vcid_opts.flags & CAN_RAW_XL_VCID_TX_PASS))
871 cxl->prio &= CANXL_PRIO_MASK;
872
873 /* set VCID in CAN XL frame if enabled */
874 if (ro->raw_vcid_opts.flags & CAN_RAW_XL_VCID_TX_SET) {
875 cxl->prio &= CANXL_PRIO_MASK;
876 cxl->prio |= ro->tx_vcid_shifted;
877 }
878 }
879
raw_check_txframe(struct raw_sock * ro,struct sk_buff * skb,int mtu)880 static unsigned int raw_check_txframe(struct raw_sock *ro, struct sk_buff *skb, int mtu)
881 {
882 /* Classical CAN -> no checks for flags and device capabilities */
883 if (can_is_can_skb(skb))
884 return CAN_MTU;
885
886 /* CAN FD -> needs to be enabled and a CAN FD or CAN XL device */
887 if (ro->fd_frames && can_is_canfd_skb(skb) &&
888 (mtu == CANFD_MTU || can_is_canxl_dev_mtu(mtu)))
889 return CANFD_MTU;
890
891 /* CAN XL -> needs to be enabled and a CAN XL device */
892 if (ro->xl_frames && can_is_canxl_skb(skb) &&
893 can_is_canxl_dev_mtu(mtu))
894 return CANXL_MTU;
895
896 return 0;
897 }
898
raw_sendmsg(struct socket * sock,struct msghdr * msg,size_t size)899 static int raw_sendmsg(struct socket *sock, struct msghdr *msg, size_t size)
900 {
901 struct sock *sk = sock->sk;
902 struct raw_sock *ro = raw_sk(sk);
903 struct sockcm_cookie sockc;
904 struct sk_buff *skb;
905 struct net_device *dev;
906 unsigned int txmtu;
907 int ifindex;
908 int err = -EINVAL;
909
910 /* check for valid CAN frame sizes */
911 if (size < CANXL_HDR_SIZE + CANXL_MIN_DLEN || size > CANXL_MTU)
912 return -EINVAL;
913
914 if (msg->msg_name) {
915 DECLARE_SOCKADDR(struct sockaddr_can *, addr, msg->msg_name);
916
917 if (msg->msg_namelen < RAW_MIN_NAMELEN)
918 return -EINVAL;
919
920 if (addr->can_family != AF_CAN)
921 return -EINVAL;
922
923 ifindex = addr->can_ifindex;
924 } else {
925 ifindex = ro->ifindex;
926 }
927
928 dev = dev_get_by_index(sock_net(sk), ifindex);
929 if (!dev)
930 return -ENXIO;
931
932 skb = sock_alloc_send_skb(sk, size + sizeof(struct can_skb_priv),
933 msg->msg_flags & MSG_DONTWAIT, &err);
934 if (!skb)
935 goto put_dev;
936
937 can_skb_reserve(skb);
938 can_skb_prv(skb)->ifindex = dev->ifindex;
939 can_skb_prv(skb)->skbcnt = 0;
940
941 /* fill the skb before testing for valid CAN frames */
942 err = memcpy_from_msg(skb_put(skb, size), msg, size);
943 if (err < 0)
944 goto free_skb;
945
946 err = -EINVAL;
947
948 /* check for valid CAN (CC/FD/XL) frame content */
949 txmtu = raw_check_txframe(ro, skb, dev->mtu);
950 if (!txmtu)
951 goto free_skb;
952
953 /* only CANXL: clear/forward/set VCID value */
954 if (txmtu == CANXL_MTU)
955 raw_put_canxl_vcid(ro, skb);
956
957 sockcm_init(&sockc, sk);
958 if (msg->msg_controllen) {
959 err = sock_cmsg_send(sk, msg, &sockc);
960 if (unlikely(err))
961 goto free_skb;
962 }
963
964 skb->dev = dev;
965 skb->priority = READ_ONCE(sk->sk_priority);
966 skb->mark = READ_ONCE(sk->sk_mark);
967 skb->tstamp = sockc.transmit_time;
968
969 skb_setup_tx_timestamp(skb, sockc.tsflags);
970
971 err = can_send(skb, ro->loopback);
972
973 dev_put(dev);
974
975 if (err)
976 goto send_failed;
977
978 return size;
979
980 free_skb:
981 kfree_skb(skb);
982 put_dev:
983 dev_put(dev);
984 send_failed:
985 return err;
986 }
987
raw_recvmsg(struct socket * sock,struct msghdr * msg,size_t size,int flags)988 static int raw_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,
989 int flags)
990 {
991 struct sock *sk = sock->sk;
992 struct sk_buff *skb;
993 int err = 0;
994
995 if (flags & MSG_ERRQUEUE)
996 return sock_recv_errqueue(sk, msg, size,
997 SOL_CAN_RAW, SCM_CAN_RAW_ERRQUEUE);
998
999 skb = skb_recv_datagram(sk, flags, &err);
1000 if (!skb)
1001 return err;
1002
1003 if (size < skb->len)
1004 msg->msg_flags |= MSG_TRUNC;
1005 else
1006 size = skb->len;
1007
1008 err = memcpy_to_msg(msg, skb->data, size);
1009 if (err < 0) {
1010 skb_free_datagram(sk, skb);
1011 return err;
1012 }
1013
1014 sock_recv_cmsgs(msg, sk, skb);
1015
1016 if (msg->msg_name) {
1017 __sockaddr_check_size(RAW_MIN_NAMELEN);
1018 msg->msg_namelen = RAW_MIN_NAMELEN;
1019 memcpy(msg->msg_name, skb->cb, msg->msg_namelen);
1020 }
1021
1022 /* assign the flags that have been recorded in raw_rcv() */
1023 msg->msg_flags |= *(raw_flags(skb));
1024
1025 skb_free_datagram(sk, skb);
1026
1027 return size;
1028 }
1029
raw_sock_no_ioctlcmd(struct socket * sock,unsigned int cmd,unsigned long arg)1030 static int raw_sock_no_ioctlcmd(struct socket *sock, unsigned int cmd,
1031 unsigned long arg)
1032 {
1033 /* no ioctls for socket layer -> hand it down to NIC layer */
1034 return -ENOIOCTLCMD;
1035 }
1036
1037 static const struct proto_ops raw_ops = {
1038 .family = PF_CAN,
1039 .release = raw_release,
1040 .bind = raw_bind,
1041 .connect = sock_no_connect,
1042 .socketpair = sock_no_socketpair,
1043 .accept = sock_no_accept,
1044 .getname = raw_getname,
1045 .poll = datagram_poll,
1046 .ioctl = raw_sock_no_ioctlcmd,
1047 .gettstamp = sock_gettstamp,
1048 .listen = sock_no_listen,
1049 .shutdown = sock_no_shutdown,
1050 .setsockopt = raw_setsockopt,
1051 .getsockopt = raw_getsockopt,
1052 .sendmsg = raw_sendmsg,
1053 .recvmsg = raw_recvmsg,
1054 .mmap = sock_no_mmap,
1055 };
1056
1057 static struct proto raw_proto __read_mostly = {
1058 .name = "CAN_RAW",
1059 .owner = THIS_MODULE,
1060 .obj_size = sizeof(struct raw_sock),
1061 .init = raw_init,
1062 };
1063
1064 static const struct can_proto raw_can_proto = {
1065 .type = SOCK_RAW,
1066 .protocol = CAN_RAW,
1067 .ops = &raw_ops,
1068 .prot = &raw_proto,
1069 };
1070
1071 static struct notifier_block canraw_notifier = {
1072 .notifier_call = raw_notifier
1073 };
1074
raw_module_init(void)1075 static __init int raw_module_init(void)
1076 {
1077 int err;
1078
1079 pr_info("can: raw protocol\n");
1080
1081 err = register_netdevice_notifier(&canraw_notifier);
1082 if (err)
1083 return err;
1084
1085 err = can_proto_register(&raw_can_proto);
1086 if (err < 0) {
1087 pr_err("can: registration of raw protocol failed\n");
1088 goto register_proto_failed;
1089 }
1090
1091 return 0;
1092
1093 register_proto_failed:
1094 unregister_netdevice_notifier(&canraw_notifier);
1095 return err;
1096 }
1097
raw_module_exit(void)1098 static __exit void raw_module_exit(void)
1099 {
1100 can_proto_unregister(&raw_can_proto);
1101 unregister_netdevice_notifier(&canraw_notifier);
1102 }
1103
1104 module_init(raw_module_init);
1105 module_exit(raw_module_exit);
1106