1 // SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause)
2 /* raw.c - Raw sockets for protocol family CAN
3 *
4 * Copyright (c) 2002-2007 Volkswagen Group Electronic Research
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of Volkswagen nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * Alternatively, provided that this notice is retained in full, this
20 * software may be distributed under the terms of the GNU General
21 * Public License ("GPL") version 2, in which case the provisions of the
22 * GPL apply INSTEAD OF those given above.
23 *
24 * The provided data structures and external interfaces from this code
25 * are not restricted to be used by modules with a GPL compatible license.
26 *
27 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
28 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
29 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
30 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
31 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
32 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
33 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
34 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
35 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
36 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
37 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
38 * DAMAGE.
39 *
40 */
41
42 #include <linux/module.h>
43 #include <linux/init.h>
44 #include <linux/uio.h>
45 #include <linux/net.h>
46 #include <linux/slab.h>
47 #include <linux/netdevice.h>
48 #include <linux/socket.h>
49 #include <linux/if_arp.h>
50 #include <linux/skbuff.h>
51 #include <linux/can.h>
52 #include <linux/can/core.h>
53 #include <linux/can/dev.h> /* for can_is_canxl_dev_mtu() */
54 #include <linux/can/skb.h>
55 #include <linux/can/raw.h>
56 #include <net/sock.h>
57 #include <net/net_namespace.h>
58
59 MODULE_DESCRIPTION("PF_CAN raw protocol");
60 MODULE_LICENSE("Dual BSD/GPL");
61 MODULE_AUTHOR("Urs Thuermann <urs.thuermann@volkswagen.de>");
62 MODULE_ALIAS("can-proto-1");
63
64 #define RAW_MIN_NAMELEN CAN_REQUIRED_SIZE(struct sockaddr_can, can_ifindex)
65
66 #define MASK_ALL 0
67
68 /* A raw socket has a list of can_filters attached to it, each receiving
69 * the CAN frames matching that filter. If the filter list is empty,
70 * no CAN frames will be received by the socket. The default after
71 * opening the socket, is to have one filter which receives all frames.
72 * The filter list is allocated dynamically with the exception of the
73 * list containing only one item. This common case is optimized by
74 * storing the single filter in dfilter, to avoid using dynamic memory.
75 */
76
77 struct uniqframe {
78 int skbcnt;
79 const struct sk_buff *skb;
80 unsigned int join_rx_count;
81 };
82
83 struct raw_sock {
84 struct sock sk;
85 int bound;
86 int ifindex;
87 struct net_device *dev;
88 netdevice_tracker dev_tracker;
89 struct list_head notifier;
90 int loopback;
91 int recv_own_msgs;
92 int fd_frames;
93 int xl_frames;
94 struct can_raw_vcid_options raw_vcid_opts;
95 canid_t tx_vcid_shifted;
96 canid_t rx_vcid_shifted;
97 canid_t rx_vcid_mask_shifted;
98 int join_filters;
99 int count; /* number of active filters */
100 struct can_filter dfilter; /* default/single filter */
101 struct can_filter *filter; /* pointer to filter(s) */
102 can_err_mask_t err_mask;
103 struct uniqframe __percpu *uniq;
104 };
105
106 static LIST_HEAD(raw_notifier_list);
107 static DEFINE_SPINLOCK(raw_notifier_lock);
108 static struct raw_sock *raw_busy_notifier;
109
110 /* Return pointer to store the extra msg flags for raw_recvmsg().
111 * We use the space of one unsigned int beyond the 'struct sockaddr_can'
112 * in skb->cb.
113 */
raw_flags(struct sk_buff * skb)114 static inline unsigned int *raw_flags(struct sk_buff *skb)
115 {
116 sock_skb_cb_check_size(sizeof(struct sockaddr_can) +
117 sizeof(unsigned int));
118
119 /* return pointer after struct sockaddr_can */
120 return (unsigned int *)(&((struct sockaddr_can *)skb->cb)[1]);
121 }
122
raw_sk(const struct sock * sk)123 static inline struct raw_sock *raw_sk(const struct sock *sk)
124 {
125 return (struct raw_sock *)sk;
126 }
127
raw_rcv(struct sk_buff * oskb,void * data)128 static void raw_rcv(struct sk_buff *oskb, void *data)
129 {
130 struct sock *sk = (struct sock *)data;
131 struct raw_sock *ro = raw_sk(sk);
132 struct sockaddr_can *addr;
133 struct sk_buff *skb;
134 unsigned int *pflags;
135
136 /* check the received tx sock reference */
137 if (!ro->recv_own_msgs && oskb->sk == sk)
138 return;
139
140 /* make sure to not pass oversized frames to the socket */
141 if (!ro->fd_frames && can_is_canfd_skb(oskb))
142 return;
143
144 if (can_is_canxl_skb(oskb)) {
145 struct canxl_frame *cxl = (struct canxl_frame *)oskb->data;
146
147 /* make sure to not pass oversized frames to the socket */
148 if (!ro->xl_frames)
149 return;
150
151 /* filter CAN XL VCID content */
152 if (ro->raw_vcid_opts.flags & CAN_RAW_XL_VCID_RX_FILTER) {
153 /* apply VCID filter if user enabled the filter */
154 if ((cxl->prio & ro->rx_vcid_mask_shifted) !=
155 (ro->rx_vcid_shifted & ro->rx_vcid_mask_shifted))
156 return;
157 } else {
158 /* no filter => do not forward VCID tagged frames */
159 if (cxl->prio & CANXL_VCID_MASK)
160 return;
161 }
162 }
163
164 /* eliminate multiple filter matches for the same skb */
165 if (this_cpu_ptr(ro->uniq)->skb == oskb &&
166 this_cpu_ptr(ro->uniq)->skbcnt == can_skb_prv(oskb)->skbcnt) {
167 if (!ro->join_filters)
168 return;
169
170 this_cpu_inc(ro->uniq->join_rx_count);
171 /* drop frame until all enabled filters matched */
172 if (this_cpu_ptr(ro->uniq)->join_rx_count < ro->count)
173 return;
174 } else {
175 this_cpu_ptr(ro->uniq)->skb = oskb;
176 this_cpu_ptr(ro->uniq)->skbcnt = can_skb_prv(oskb)->skbcnt;
177 this_cpu_ptr(ro->uniq)->join_rx_count = 1;
178 /* drop first frame to check all enabled filters? */
179 if (ro->join_filters && ro->count > 1)
180 return;
181 }
182
183 /* clone the given skb to be able to enqueue it into the rcv queue */
184 skb = skb_clone(oskb, GFP_ATOMIC);
185 if (!skb)
186 return;
187
188 /* Put the datagram to the queue so that raw_recvmsg() can get
189 * it from there. We need to pass the interface index to
190 * raw_recvmsg(). We pass a whole struct sockaddr_can in
191 * skb->cb containing the interface index.
192 */
193
194 sock_skb_cb_check_size(sizeof(struct sockaddr_can));
195 addr = (struct sockaddr_can *)skb->cb;
196 memset(addr, 0, sizeof(*addr));
197 addr->can_family = AF_CAN;
198 addr->can_ifindex = skb->dev->ifindex;
199
200 /* add CAN specific message flags for raw_recvmsg() */
201 pflags = raw_flags(skb);
202 *pflags = 0;
203 if (oskb->sk)
204 *pflags |= MSG_DONTROUTE;
205 if (oskb->sk == sk)
206 *pflags |= MSG_CONFIRM;
207
208 if (sock_queue_rcv_skb(sk, skb) < 0)
209 kfree_skb(skb);
210 }
211
raw_enable_filters(struct net * net,struct net_device * dev,struct sock * sk,struct can_filter * filter,int count)212 static int raw_enable_filters(struct net *net, struct net_device *dev,
213 struct sock *sk, struct can_filter *filter,
214 int count)
215 {
216 int err = 0;
217 int i;
218
219 for (i = 0; i < count; i++) {
220 err = can_rx_register(net, dev, filter[i].can_id,
221 filter[i].can_mask,
222 raw_rcv, sk, "raw", sk);
223 if (err) {
224 /* clean up successfully registered filters */
225 while (--i >= 0)
226 can_rx_unregister(net, dev, filter[i].can_id,
227 filter[i].can_mask,
228 raw_rcv, sk);
229 break;
230 }
231 }
232
233 return err;
234 }
235
raw_enable_errfilter(struct net * net,struct net_device * dev,struct sock * sk,can_err_mask_t err_mask)236 static int raw_enable_errfilter(struct net *net, struct net_device *dev,
237 struct sock *sk, can_err_mask_t err_mask)
238 {
239 int err = 0;
240
241 if (err_mask)
242 err = can_rx_register(net, dev, 0, err_mask | CAN_ERR_FLAG,
243 raw_rcv, sk, "raw", sk);
244
245 return err;
246 }
247
raw_disable_filters(struct net * net,struct net_device * dev,struct sock * sk,struct can_filter * filter,int count)248 static void raw_disable_filters(struct net *net, struct net_device *dev,
249 struct sock *sk, struct can_filter *filter,
250 int count)
251 {
252 int i;
253
254 for (i = 0; i < count; i++)
255 can_rx_unregister(net, dev, filter[i].can_id,
256 filter[i].can_mask, raw_rcv, sk);
257 }
258
raw_disable_errfilter(struct net * net,struct net_device * dev,struct sock * sk,can_err_mask_t err_mask)259 static inline void raw_disable_errfilter(struct net *net,
260 struct net_device *dev,
261 struct sock *sk,
262 can_err_mask_t err_mask)
263
264 {
265 if (err_mask)
266 can_rx_unregister(net, dev, 0, err_mask | CAN_ERR_FLAG,
267 raw_rcv, sk);
268 }
269
raw_disable_allfilters(struct net * net,struct net_device * dev,struct sock * sk)270 static inline void raw_disable_allfilters(struct net *net,
271 struct net_device *dev,
272 struct sock *sk)
273 {
274 struct raw_sock *ro = raw_sk(sk);
275
276 raw_disable_filters(net, dev, sk, ro->filter, ro->count);
277 raw_disable_errfilter(net, dev, sk, ro->err_mask);
278 }
279
raw_enable_allfilters(struct net * net,struct net_device * dev,struct sock * sk)280 static int raw_enable_allfilters(struct net *net, struct net_device *dev,
281 struct sock *sk)
282 {
283 struct raw_sock *ro = raw_sk(sk);
284 int err;
285
286 err = raw_enable_filters(net, dev, sk, ro->filter, ro->count);
287 if (!err) {
288 err = raw_enable_errfilter(net, dev, sk, ro->err_mask);
289 if (err)
290 raw_disable_filters(net, dev, sk, ro->filter,
291 ro->count);
292 }
293
294 return err;
295 }
296
raw_notify(struct raw_sock * ro,unsigned long msg,struct net_device * dev)297 static void raw_notify(struct raw_sock *ro, unsigned long msg,
298 struct net_device *dev)
299 {
300 struct sock *sk = &ro->sk;
301
302 if (!net_eq(dev_net(dev), sock_net(sk)))
303 return;
304
305 if (ro->dev != dev)
306 return;
307
308 switch (msg) {
309 case NETDEV_UNREGISTER:
310 lock_sock(sk);
311 /* remove current filters & unregister */
312 if (ro->bound) {
313 raw_disable_allfilters(dev_net(dev), dev, sk);
314 netdev_put(dev, &ro->dev_tracker);
315 }
316
317 if (ro->count > 1)
318 kfree(ro->filter);
319
320 ro->ifindex = 0;
321 ro->bound = 0;
322 ro->dev = NULL;
323 ro->count = 0;
324 release_sock(sk);
325
326 sk->sk_err = ENODEV;
327 if (!sock_flag(sk, SOCK_DEAD))
328 sk_error_report(sk);
329 break;
330
331 case NETDEV_DOWN:
332 sk->sk_err = ENETDOWN;
333 if (!sock_flag(sk, SOCK_DEAD))
334 sk_error_report(sk);
335 break;
336 }
337 }
338
raw_notifier(struct notifier_block * nb,unsigned long msg,void * ptr)339 static int raw_notifier(struct notifier_block *nb, unsigned long msg,
340 void *ptr)
341 {
342 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
343
344 if (dev->type != ARPHRD_CAN)
345 return NOTIFY_DONE;
346 if (msg != NETDEV_UNREGISTER && msg != NETDEV_DOWN)
347 return NOTIFY_DONE;
348 if (unlikely(raw_busy_notifier)) /* Check for reentrant bug. */
349 return NOTIFY_DONE;
350
351 spin_lock(&raw_notifier_lock);
352 list_for_each_entry(raw_busy_notifier, &raw_notifier_list, notifier) {
353 spin_unlock(&raw_notifier_lock);
354 raw_notify(raw_busy_notifier, msg, dev);
355 spin_lock(&raw_notifier_lock);
356 }
357 raw_busy_notifier = NULL;
358 spin_unlock(&raw_notifier_lock);
359 return NOTIFY_DONE;
360 }
361
raw_init(struct sock * sk)362 static int raw_init(struct sock *sk)
363 {
364 struct raw_sock *ro = raw_sk(sk);
365
366 ro->bound = 0;
367 ro->ifindex = 0;
368 ro->dev = NULL;
369
370 /* set default filter to single entry dfilter */
371 ro->dfilter.can_id = 0;
372 ro->dfilter.can_mask = MASK_ALL;
373 ro->filter = &ro->dfilter;
374 ro->count = 1;
375
376 /* set default loopback behaviour */
377 ro->loopback = 1;
378 ro->recv_own_msgs = 0;
379 ro->fd_frames = 0;
380 ro->xl_frames = 0;
381 ro->join_filters = 0;
382
383 /* alloc_percpu provides zero'ed memory */
384 ro->uniq = alloc_percpu(struct uniqframe);
385 if (unlikely(!ro->uniq))
386 return -ENOMEM;
387
388 /* set notifier */
389 spin_lock(&raw_notifier_lock);
390 list_add_tail(&ro->notifier, &raw_notifier_list);
391 spin_unlock(&raw_notifier_lock);
392
393 return 0;
394 }
395
raw_release(struct socket * sock)396 static int raw_release(struct socket *sock)
397 {
398 struct sock *sk = sock->sk;
399 struct raw_sock *ro;
400 struct net *net;
401
402 if (!sk)
403 return 0;
404
405 ro = raw_sk(sk);
406 net = sock_net(sk);
407
408 spin_lock(&raw_notifier_lock);
409 while (raw_busy_notifier == ro) {
410 spin_unlock(&raw_notifier_lock);
411 schedule_timeout_uninterruptible(1);
412 spin_lock(&raw_notifier_lock);
413 }
414 list_del(&ro->notifier);
415 spin_unlock(&raw_notifier_lock);
416
417 rtnl_lock();
418 lock_sock(sk);
419
420 /* remove current filters & unregister */
421 if (ro->bound) {
422 if (ro->dev) {
423 raw_disable_allfilters(dev_net(ro->dev), ro->dev, sk);
424 netdev_put(ro->dev, &ro->dev_tracker);
425 } else {
426 raw_disable_allfilters(net, NULL, sk);
427 }
428 }
429
430 if (ro->count > 1)
431 kfree(ro->filter);
432
433 ro->ifindex = 0;
434 ro->bound = 0;
435 ro->dev = NULL;
436 ro->count = 0;
437 free_percpu(ro->uniq);
438
439 sock_orphan(sk);
440 sock->sk = NULL;
441
442 release_sock(sk);
443 rtnl_unlock();
444
445 sock_prot_inuse_add(net, sk->sk_prot, -1);
446 sock_put(sk);
447
448 return 0;
449 }
450
raw_bind(struct socket * sock,struct sockaddr * uaddr,int len)451 static int raw_bind(struct socket *sock, struct sockaddr *uaddr, int len)
452 {
453 struct sockaddr_can *addr = (struct sockaddr_can *)uaddr;
454 struct sock *sk = sock->sk;
455 struct raw_sock *ro = raw_sk(sk);
456 struct net_device *dev = NULL;
457 int ifindex;
458 int err = 0;
459 int notify_enetdown = 0;
460
461 if (len < RAW_MIN_NAMELEN)
462 return -EINVAL;
463 if (addr->can_family != AF_CAN)
464 return -EINVAL;
465
466 rtnl_lock();
467 lock_sock(sk);
468
469 if (ro->bound && addr->can_ifindex == ro->ifindex)
470 goto out;
471
472 if (addr->can_ifindex) {
473 dev = dev_get_by_index(sock_net(sk), addr->can_ifindex);
474 if (!dev) {
475 err = -ENODEV;
476 goto out;
477 }
478 if (dev->type != ARPHRD_CAN) {
479 err = -ENODEV;
480 goto out_put_dev;
481 }
482
483 if (!(dev->flags & IFF_UP))
484 notify_enetdown = 1;
485
486 ifindex = dev->ifindex;
487
488 /* filters set by default/setsockopt */
489 err = raw_enable_allfilters(sock_net(sk), dev, sk);
490 if (err)
491 goto out_put_dev;
492
493 } else {
494 ifindex = 0;
495
496 /* filters set by default/setsockopt */
497 err = raw_enable_allfilters(sock_net(sk), NULL, sk);
498 }
499
500 if (!err) {
501 if (ro->bound) {
502 /* unregister old filters */
503 if (ro->dev) {
504 raw_disable_allfilters(dev_net(ro->dev),
505 ro->dev, sk);
506 /* drop reference to old ro->dev */
507 netdev_put(ro->dev, &ro->dev_tracker);
508 } else {
509 raw_disable_allfilters(sock_net(sk), NULL, sk);
510 }
511 }
512 ro->ifindex = ifindex;
513 ro->bound = 1;
514 /* bind() ok -> hold a reference for new ro->dev */
515 ro->dev = dev;
516 if (ro->dev)
517 netdev_hold(ro->dev, &ro->dev_tracker, GFP_KERNEL);
518 }
519
520 out_put_dev:
521 /* remove potential reference from dev_get_by_index() */
522 dev_put(dev);
523 out:
524 release_sock(sk);
525 rtnl_unlock();
526
527 if (notify_enetdown) {
528 sk->sk_err = ENETDOWN;
529 if (!sock_flag(sk, SOCK_DEAD))
530 sk_error_report(sk);
531 }
532
533 return err;
534 }
535
raw_getname(struct socket * sock,struct sockaddr * uaddr,int peer)536 static int raw_getname(struct socket *sock, struct sockaddr *uaddr,
537 int peer)
538 {
539 struct sockaddr_can *addr = (struct sockaddr_can *)uaddr;
540 struct sock *sk = sock->sk;
541 struct raw_sock *ro = raw_sk(sk);
542
543 if (peer)
544 return -EOPNOTSUPP;
545
546 memset(addr, 0, RAW_MIN_NAMELEN);
547 addr->can_family = AF_CAN;
548 addr->can_ifindex = ro->ifindex;
549
550 return RAW_MIN_NAMELEN;
551 }
552
raw_setsockopt(struct socket * sock,int level,int optname,sockptr_t optval,unsigned int optlen)553 static int raw_setsockopt(struct socket *sock, int level, int optname,
554 sockptr_t optval, unsigned int optlen)
555 {
556 struct sock *sk = sock->sk;
557 struct raw_sock *ro = raw_sk(sk);
558 struct can_filter *filter = NULL; /* dyn. alloc'ed filters */
559 struct can_filter sfilter; /* single filter */
560 struct net_device *dev = NULL;
561 can_err_mask_t err_mask = 0;
562 int fd_frames;
563 int count = 0;
564 int err = 0;
565
566 if (level != SOL_CAN_RAW)
567 return -EINVAL;
568
569 switch (optname) {
570 case CAN_RAW_FILTER:
571 if (optlen % sizeof(struct can_filter) != 0)
572 return -EINVAL;
573
574 if (optlen > CAN_RAW_FILTER_MAX * sizeof(struct can_filter))
575 return -EINVAL;
576
577 count = optlen / sizeof(struct can_filter);
578
579 if (count > 1) {
580 /* filter does not fit into dfilter => alloc space */
581 filter = memdup_sockptr(optval, optlen);
582 if (IS_ERR(filter))
583 return PTR_ERR(filter);
584 } else if (count == 1) {
585 if (copy_from_sockptr(&sfilter, optval, sizeof(sfilter)))
586 return -EFAULT;
587 }
588
589 rtnl_lock();
590 lock_sock(sk);
591
592 dev = ro->dev;
593 if (ro->bound && dev) {
594 if (dev->reg_state != NETREG_REGISTERED) {
595 if (count > 1)
596 kfree(filter);
597 err = -ENODEV;
598 goto out_fil;
599 }
600 }
601
602 if (ro->bound) {
603 /* (try to) register the new filters */
604 if (count == 1)
605 err = raw_enable_filters(sock_net(sk), dev, sk,
606 &sfilter, 1);
607 else
608 err = raw_enable_filters(sock_net(sk), dev, sk,
609 filter, count);
610 if (err) {
611 if (count > 1)
612 kfree(filter);
613 goto out_fil;
614 }
615
616 /* remove old filter registrations */
617 raw_disable_filters(sock_net(sk), dev, sk, ro->filter,
618 ro->count);
619 }
620
621 /* remove old filter space */
622 if (ro->count > 1)
623 kfree(ro->filter);
624
625 /* link new filters to the socket */
626 if (count == 1) {
627 /* copy filter data for single filter */
628 ro->dfilter = sfilter;
629 filter = &ro->dfilter;
630 }
631 ro->filter = filter;
632 ro->count = count;
633
634 out_fil:
635 release_sock(sk);
636 rtnl_unlock();
637
638 break;
639
640 case CAN_RAW_ERR_FILTER:
641 if (optlen != sizeof(err_mask))
642 return -EINVAL;
643
644 if (copy_from_sockptr(&err_mask, optval, optlen))
645 return -EFAULT;
646
647 err_mask &= CAN_ERR_MASK;
648
649 rtnl_lock();
650 lock_sock(sk);
651
652 dev = ro->dev;
653 if (ro->bound && dev) {
654 if (dev->reg_state != NETREG_REGISTERED) {
655 err = -ENODEV;
656 goto out_err;
657 }
658 }
659
660 /* remove current error mask */
661 if (ro->bound) {
662 /* (try to) register the new err_mask */
663 err = raw_enable_errfilter(sock_net(sk), dev, sk,
664 err_mask);
665
666 if (err)
667 goto out_err;
668
669 /* remove old err_mask registration */
670 raw_disable_errfilter(sock_net(sk), dev, sk,
671 ro->err_mask);
672 }
673
674 /* link new err_mask to the socket */
675 ro->err_mask = err_mask;
676
677 out_err:
678 release_sock(sk);
679 rtnl_unlock();
680
681 break;
682
683 case CAN_RAW_LOOPBACK:
684 if (optlen != sizeof(ro->loopback))
685 return -EINVAL;
686
687 if (copy_from_sockptr(&ro->loopback, optval, optlen))
688 return -EFAULT;
689
690 break;
691
692 case CAN_RAW_RECV_OWN_MSGS:
693 if (optlen != sizeof(ro->recv_own_msgs))
694 return -EINVAL;
695
696 if (copy_from_sockptr(&ro->recv_own_msgs, optval, optlen))
697 return -EFAULT;
698
699 break;
700
701 case CAN_RAW_FD_FRAMES:
702 if (optlen != sizeof(fd_frames))
703 return -EINVAL;
704
705 if (copy_from_sockptr(&fd_frames, optval, optlen))
706 return -EFAULT;
707
708 /* Enabling CAN XL includes CAN FD */
709 if (ro->xl_frames && !fd_frames)
710 return -EINVAL;
711
712 ro->fd_frames = fd_frames;
713 break;
714
715 case CAN_RAW_XL_FRAMES:
716 if (optlen != sizeof(ro->xl_frames))
717 return -EINVAL;
718
719 if (copy_from_sockptr(&ro->xl_frames, optval, optlen))
720 return -EFAULT;
721
722 /* Enabling CAN XL includes CAN FD */
723 if (ro->xl_frames)
724 ro->fd_frames = ro->xl_frames;
725 break;
726
727 case CAN_RAW_XL_VCID_OPTS:
728 if (optlen != sizeof(ro->raw_vcid_opts))
729 return -EINVAL;
730
731 if (copy_from_sockptr(&ro->raw_vcid_opts, optval, optlen))
732 return -EFAULT;
733
734 /* prepare 32 bit values for handling in hot path */
735 ro->tx_vcid_shifted = ro->raw_vcid_opts.tx_vcid << CANXL_VCID_OFFSET;
736 ro->rx_vcid_shifted = ro->raw_vcid_opts.rx_vcid << CANXL_VCID_OFFSET;
737 ro->rx_vcid_mask_shifted = ro->raw_vcid_opts.rx_vcid_mask << CANXL_VCID_OFFSET;
738 break;
739
740 case CAN_RAW_JOIN_FILTERS:
741 if (optlen != sizeof(ro->join_filters))
742 return -EINVAL;
743
744 if (copy_from_sockptr(&ro->join_filters, optval, optlen))
745 return -EFAULT;
746
747 break;
748
749 default:
750 return -ENOPROTOOPT;
751 }
752 return err;
753 }
754
raw_getsockopt(struct socket * sock,int level,int optname,char __user * optval,int __user * optlen)755 static int raw_getsockopt(struct socket *sock, int level, int optname,
756 char __user *optval, int __user *optlen)
757 {
758 struct sock *sk = sock->sk;
759 struct raw_sock *ro = raw_sk(sk);
760 int len;
761 void *val;
762
763 if (level != SOL_CAN_RAW)
764 return -EINVAL;
765 if (get_user(len, optlen))
766 return -EFAULT;
767 if (len < 0)
768 return -EINVAL;
769
770 switch (optname) {
771 case CAN_RAW_FILTER: {
772 int err = 0;
773
774 lock_sock(sk);
775 if (ro->count > 0) {
776 int fsize = ro->count * sizeof(struct can_filter);
777
778 /* user space buffer to small for filter list? */
779 if (len < fsize) {
780 /* return -ERANGE and needed space in optlen */
781 err = -ERANGE;
782 if (put_user(fsize, optlen))
783 err = -EFAULT;
784 } else {
785 if (len > fsize)
786 len = fsize;
787 if (copy_to_user(optval, ro->filter, len))
788 err = -EFAULT;
789 }
790 } else {
791 len = 0;
792 }
793 release_sock(sk);
794
795 if (!err)
796 err = put_user(len, optlen);
797 return err;
798 }
799 case CAN_RAW_ERR_FILTER:
800 if (len > sizeof(can_err_mask_t))
801 len = sizeof(can_err_mask_t);
802 val = &ro->err_mask;
803 break;
804
805 case CAN_RAW_LOOPBACK:
806 if (len > sizeof(int))
807 len = sizeof(int);
808 val = &ro->loopback;
809 break;
810
811 case CAN_RAW_RECV_OWN_MSGS:
812 if (len > sizeof(int))
813 len = sizeof(int);
814 val = &ro->recv_own_msgs;
815 break;
816
817 case CAN_RAW_FD_FRAMES:
818 if (len > sizeof(int))
819 len = sizeof(int);
820 val = &ro->fd_frames;
821 break;
822
823 case CAN_RAW_XL_FRAMES:
824 if (len > sizeof(int))
825 len = sizeof(int);
826 val = &ro->xl_frames;
827 break;
828
829 case CAN_RAW_XL_VCID_OPTS: {
830 int err = 0;
831
832 /* user space buffer to small for VCID opts? */
833 if (len < sizeof(ro->raw_vcid_opts)) {
834 /* return -ERANGE and needed space in optlen */
835 err = -ERANGE;
836 if (put_user(sizeof(ro->raw_vcid_opts), optlen))
837 err = -EFAULT;
838 } else {
839 if (len > sizeof(ro->raw_vcid_opts))
840 len = sizeof(ro->raw_vcid_opts);
841 if (copy_to_user(optval, &ro->raw_vcid_opts, len))
842 err = -EFAULT;
843 }
844 if (!err)
845 err = put_user(len, optlen);
846 return err;
847 }
848 case CAN_RAW_JOIN_FILTERS:
849 if (len > sizeof(int))
850 len = sizeof(int);
851 val = &ro->join_filters;
852 break;
853
854 default:
855 return -ENOPROTOOPT;
856 }
857
858 if (put_user(len, optlen))
859 return -EFAULT;
860 if (copy_to_user(optval, val, len))
861 return -EFAULT;
862 return 0;
863 }
864
raw_put_canxl_vcid(struct raw_sock * ro,struct sk_buff * skb)865 static void raw_put_canxl_vcid(struct raw_sock *ro, struct sk_buff *skb)
866 {
867 struct canxl_frame *cxl = (struct canxl_frame *)skb->data;
868
869 /* sanitize non CAN XL bits */
870 cxl->prio &= (CANXL_PRIO_MASK | CANXL_VCID_MASK);
871
872 /* clear VCID in CAN XL frame if pass through is disabled */
873 if (!(ro->raw_vcid_opts.flags & CAN_RAW_XL_VCID_TX_PASS))
874 cxl->prio &= CANXL_PRIO_MASK;
875
876 /* set VCID in CAN XL frame if enabled */
877 if (ro->raw_vcid_opts.flags & CAN_RAW_XL_VCID_TX_SET) {
878 cxl->prio &= CANXL_PRIO_MASK;
879 cxl->prio |= ro->tx_vcid_shifted;
880 }
881 }
882
raw_check_txframe(struct raw_sock * ro,struct sk_buff * skb,int mtu)883 static unsigned int raw_check_txframe(struct raw_sock *ro, struct sk_buff *skb, int mtu)
884 {
885 /* Classical CAN -> no checks for flags and device capabilities */
886 if (can_is_can_skb(skb))
887 return CAN_MTU;
888
889 /* CAN FD -> needs to be enabled and a CAN FD or CAN XL device */
890 if (ro->fd_frames && can_is_canfd_skb(skb) &&
891 (mtu == CANFD_MTU || can_is_canxl_dev_mtu(mtu)))
892 return CANFD_MTU;
893
894 /* CAN XL -> needs to be enabled and a CAN XL device */
895 if (ro->xl_frames && can_is_canxl_skb(skb) &&
896 can_is_canxl_dev_mtu(mtu))
897 return CANXL_MTU;
898
899 return 0;
900 }
901
raw_sendmsg(struct socket * sock,struct msghdr * msg,size_t size)902 static int raw_sendmsg(struct socket *sock, struct msghdr *msg, size_t size)
903 {
904 struct sock *sk = sock->sk;
905 struct raw_sock *ro = raw_sk(sk);
906 struct sockcm_cookie sockc;
907 struct sk_buff *skb;
908 struct net_device *dev;
909 unsigned int txmtu;
910 int ifindex;
911 int err = -EINVAL;
912
913 /* check for valid CAN frame sizes */
914 if (size < CANXL_HDR_SIZE + CANXL_MIN_DLEN || size > CANXL_MTU)
915 return -EINVAL;
916
917 if (msg->msg_name) {
918 DECLARE_SOCKADDR(struct sockaddr_can *, addr, msg->msg_name);
919
920 if (msg->msg_namelen < RAW_MIN_NAMELEN)
921 return -EINVAL;
922
923 if (addr->can_family != AF_CAN)
924 return -EINVAL;
925
926 ifindex = addr->can_ifindex;
927 } else {
928 ifindex = ro->ifindex;
929 }
930
931 dev = dev_get_by_index(sock_net(sk), ifindex);
932 if (!dev)
933 return -ENXIO;
934
935 skb = sock_alloc_send_skb(sk, size + sizeof(struct can_skb_priv),
936 msg->msg_flags & MSG_DONTWAIT, &err);
937 if (!skb)
938 goto put_dev;
939
940 can_skb_reserve(skb);
941 can_skb_prv(skb)->ifindex = dev->ifindex;
942 can_skb_prv(skb)->skbcnt = 0;
943
944 /* fill the skb before testing for valid CAN frames */
945 err = memcpy_from_msg(skb_put(skb, size), msg, size);
946 if (err < 0)
947 goto free_skb;
948
949 err = -EINVAL;
950
951 /* check for valid CAN (CC/FD/XL) frame content */
952 txmtu = raw_check_txframe(ro, skb, dev->mtu);
953 if (!txmtu)
954 goto free_skb;
955
956 /* only CANXL: clear/forward/set VCID value */
957 if (txmtu == CANXL_MTU)
958 raw_put_canxl_vcid(ro, skb);
959
960 sockcm_init(&sockc, sk);
961 if (msg->msg_controllen) {
962 err = sock_cmsg_send(sk, msg, &sockc);
963 if (unlikely(err))
964 goto free_skb;
965 }
966
967 skb->dev = dev;
968 skb->priority = sockc.priority;
969 skb->mark = sockc.mark;
970 skb->tstamp = sockc.transmit_time;
971
972 skb_setup_tx_timestamp(skb, &sockc);
973
974 err = can_send(skb, ro->loopback);
975
976 dev_put(dev);
977
978 if (err)
979 goto send_failed;
980
981 return size;
982
983 free_skb:
984 kfree_skb(skb);
985 put_dev:
986 dev_put(dev);
987 send_failed:
988 return err;
989 }
990
raw_recvmsg(struct socket * sock,struct msghdr * msg,size_t size,int flags)991 static int raw_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,
992 int flags)
993 {
994 struct sock *sk = sock->sk;
995 struct sk_buff *skb;
996 int err = 0;
997
998 if (flags & MSG_ERRQUEUE)
999 return sock_recv_errqueue(sk, msg, size,
1000 SOL_CAN_RAW, SCM_CAN_RAW_ERRQUEUE);
1001
1002 skb = skb_recv_datagram(sk, flags, &err);
1003 if (!skb)
1004 return err;
1005
1006 if (size < skb->len)
1007 msg->msg_flags |= MSG_TRUNC;
1008 else
1009 size = skb->len;
1010
1011 err = memcpy_to_msg(msg, skb->data, size);
1012 if (err < 0) {
1013 skb_free_datagram(sk, skb);
1014 return err;
1015 }
1016
1017 sock_recv_cmsgs(msg, sk, skb);
1018
1019 if (msg->msg_name) {
1020 __sockaddr_check_size(RAW_MIN_NAMELEN);
1021 msg->msg_namelen = RAW_MIN_NAMELEN;
1022 memcpy(msg->msg_name, skb->cb, msg->msg_namelen);
1023 }
1024
1025 /* assign the flags that have been recorded in raw_rcv() */
1026 msg->msg_flags |= *(raw_flags(skb));
1027
1028 skb_free_datagram(sk, skb);
1029
1030 return size;
1031 }
1032
raw_sock_no_ioctlcmd(struct socket * sock,unsigned int cmd,unsigned long arg)1033 static int raw_sock_no_ioctlcmd(struct socket *sock, unsigned int cmd,
1034 unsigned long arg)
1035 {
1036 /* no ioctls for socket layer -> hand it down to NIC layer */
1037 return -ENOIOCTLCMD;
1038 }
1039
1040 static const struct proto_ops raw_ops = {
1041 .family = PF_CAN,
1042 .release = raw_release,
1043 .bind = raw_bind,
1044 .connect = sock_no_connect,
1045 .socketpair = sock_no_socketpair,
1046 .accept = sock_no_accept,
1047 .getname = raw_getname,
1048 .poll = datagram_poll,
1049 .ioctl = raw_sock_no_ioctlcmd,
1050 .gettstamp = sock_gettstamp,
1051 .listen = sock_no_listen,
1052 .shutdown = sock_no_shutdown,
1053 .setsockopt = raw_setsockopt,
1054 .getsockopt = raw_getsockopt,
1055 .sendmsg = raw_sendmsg,
1056 .recvmsg = raw_recvmsg,
1057 .mmap = sock_no_mmap,
1058 };
1059
1060 static struct proto raw_proto __read_mostly = {
1061 .name = "CAN_RAW",
1062 .owner = THIS_MODULE,
1063 .obj_size = sizeof(struct raw_sock),
1064 .init = raw_init,
1065 };
1066
1067 static const struct can_proto raw_can_proto = {
1068 .type = SOCK_RAW,
1069 .protocol = CAN_RAW,
1070 .ops = &raw_ops,
1071 .prot = &raw_proto,
1072 };
1073
1074 static struct notifier_block canraw_notifier = {
1075 .notifier_call = raw_notifier
1076 };
1077
raw_module_init(void)1078 static __init int raw_module_init(void)
1079 {
1080 int err;
1081
1082 pr_info("can: raw protocol\n");
1083
1084 err = register_netdevice_notifier(&canraw_notifier);
1085 if (err)
1086 return err;
1087
1088 err = can_proto_register(&raw_can_proto);
1089 if (err < 0) {
1090 pr_err("can: registration of raw protocol failed\n");
1091 goto register_proto_failed;
1092 }
1093
1094 return 0;
1095
1096 register_proto_failed:
1097 unregister_netdevice_notifier(&canraw_notifier);
1098 return err;
1099 }
1100
raw_module_exit(void)1101 static __exit void raw_module_exit(void)
1102 {
1103 can_proto_unregister(&raw_can_proto);
1104 unregister_netdevice_notifier(&canraw_notifier);
1105 }
1106
1107 module_init(raw_module_init);
1108 module_exit(raw_module_exit);
1109