12874c5fdSThomas Gleixner // SPDX-License-Identifier: GPL-2.0-or-later 217b085eaSArnaldo Carvalho de Melo /* 317b085eaSArnaldo Carvalho de Melo * tcp_diag.c Module for monitoring TCP transport protocols sockets. 417b085eaSArnaldo Carvalho de Melo * 517b085eaSArnaldo Carvalho de Melo * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru> 617b085eaSArnaldo Carvalho de Melo */ 717b085eaSArnaldo Carvalho de Melo 817b085eaSArnaldo Carvalho de Melo #include <linux/module.h> 9c1e64e29SLorenzo Colitti #include <linux/net.h> 10c1e64e29SLorenzo Colitti #include <linux/sock_diag.h> 1117b085eaSArnaldo Carvalho de Melo #include <linux/inet_diag.h> 1217b085eaSArnaldo Carvalho de Melo 1317b085eaSArnaldo Carvalho de Melo #include <linux/tcp.h> 1417b085eaSArnaldo Carvalho de Melo 15c03fa9bcSIvan Delalande #include <net/netlink.h> 1617b085eaSArnaldo Carvalho de Melo #include <net/tcp.h> 1717b085eaSArnaldo Carvalho de Melo 1817b085eaSArnaldo Carvalho de Melo static void tcp_diag_get_info(struct sock *sk, struct inet_diag_msg *r, 1917b085eaSArnaldo Carvalho de Melo void *_info) 2017b085eaSArnaldo Carvalho de Melo { 2117b085eaSArnaldo Carvalho de Melo struct tcp_info *info = _info; 2217b085eaSArnaldo Carvalho de Melo 23986ffdfdSYafang Shao if (inet_sk_state_load(sk) == TCP_LISTEN) { 2447da8ee6SSridhar Samudrala r->idiag_rqueue = sk->sk_ack_backlog; 255ee3afbaSRick Jones r->idiag_wqueue = sk->sk_max_ack_backlog; 2635ac838aSCraig Gallek } else if (sk->sk_type == SOCK_STREAM) { 2735ac838aSCraig Gallek const struct tcp_sock *tp = tcp_sk(sk); 2835ac838aSCraig Gallek 297db48e98SEric Dumazet r->idiag_rqueue = max_t(int, READ_ONCE(tp->rcv_nxt) - 307db48e98SEric Dumazet READ_ONCE(tp->copied_seq), 0); 31*0f317464SEric Dumazet r->idiag_wqueue = READ_ONCE(tp->write_seq) - tp->snd_una; 325ee3afbaSRick Jones } 3300db4124SIan Morris if (info) 3417b085eaSArnaldo Carvalho de Melo tcp_get_info(sk, info); 3517b085eaSArnaldo Carvalho de Melo } 3617b085eaSArnaldo Carvalho de Melo 37c03fa9bcSIvan Delalande #ifdef CONFIG_TCP_MD5SIG 38c03fa9bcSIvan Delalande static void tcp_diag_md5sig_fill(struct tcp_diag_md5sig *info, 39c03fa9bcSIvan Delalande const struct tcp_md5sig_key *key) 40c03fa9bcSIvan Delalande { 41c03fa9bcSIvan Delalande info->tcpm_family = key->family; 42c03fa9bcSIvan Delalande info->tcpm_prefixlen = key->prefixlen; 43c03fa9bcSIvan Delalande info->tcpm_keylen = key->keylen; 44c03fa9bcSIvan Delalande memcpy(info->tcpm_key, key->key, key->keylen); 45c03fa9bcSIvan Delalande 46c03fa9bcSIvan Delalande if (key->family == AF_INET) 47c03fa9bcSIvan Delalande info->tcpm_addr[0] = key->addr.a4.s_addr; 48c03fa9bcSIvan Delalande #if IS_ENABLED(CONFIG_IPV6) 49c03fa9bcSIvan Delalande else if (key->family == AF_INET6) 50c03fa9bcSIvan Delalande memcpy(&info->tcpm_addr, &key->addr.a6, 51c03fa9bcSIvan Delalande sizeof(info->tcpm_addr)); 52c03fa9bcSIvan Delalande #endif 53c03fa9bcSIvan Delalande } 54c03fa9bcSIvan Delalande 55c03fa9bcSIvan Delalande static int tcp_diag_put_md5sig(struct sk_buff *skb, 56c03fa9bcSIvan Delalande const struct tcp_md5sig_info *md5sig) 57c03fa9bcSIvan Delalande { 58c03fa9bcSIvan Delalande const struct tcp_md5sig_key *key; 59c03fa9bcSIvan Delalande struct tcp_diag_md5sig *info; 60c03fa9bcSIvan Delalande struct nlattr *attr; 61c03fa9bcSIvan Delalande int md5sig_count = 0; 62c03fa9bcSIvan Delalande 63c03fa9bcSIvan Delalande hlist_for_each_entry_rcu(key, &md5sig->head, node) 64c03fa9bcSIvan Delalande md5sig_count++; 65c03fa9bcSIvan Delalande if (md5sig_count == 0) 66c03fa9bcSIvan Delalande return 0; 67c03fa9bcSIvan Delalande 68c03fa9bcSIvan Delalande attr = nla_reserve(skb, INET_DIAG_MD5SIG, 69c03fa9bcSIvan Delalande md5sig_count * sizeof(struct tcp_diag_md5sig)); 70c03fa9bcSIvan Delalande if (!attr) 71c03fa9bcSIvan Delalande return -EMSGSIZE; 72c03fa9bcSIvan Delalande 73c03fa9bcSIvan Delalande info = nla_data(attr); 74c03fa9bcSIvan Delalande memset(info, 0, md5sig_count * sizeof(struct tcp_diag_md5sig)); 75c03fa9bcSIvan Delalande hlist_for_each_entry_rcu(key, &md5sig->head, node) { 76c03fa9bcSIvan Delalande tcp_diag_md5sig_fill(info++, key); 77c03fa9bcSIvan Delalande if (--md5sig_count == 0) 78c03fa9bcSIvan Delalande break; 79c03fa9bcSIvan Delalande } 80c03fa9bcSIvan Delalande 81c03fa9bcSIvan Delalande return 0; 82c03fa9bcSIvan Delalande } 83c03fa9bcSIvan Delalande #endif 84c03fa9bcSIvan Delalande 8561723b39SDavide Caratti static int tcp_diag_put_ulp(struct sk_buff *skb, struct sock *sk, 8661723b39SDavide Caratti const struct tcp_ulp_ops *ulp_ops) 8761723b39SDavide Caratti { 8861723b39SDavide Caratti struct nlattr *nest; 8961723b39SDavide Caratti int err; 9061723b39SDavide Caratti 9161723b39SDavide Caratti nest = nla_nest_start_noflag(skb, INET_DIAG_ULP_INFO); 9261723b39SDavide Caratti if (!nest) 9361723b39SDavide Caratti return -EMSGSIZE; 9461723b39SDavide Caratti 9561723b39SDavide Caratti err = nla_put_string(skb, INET_ULP_INFO_NAME, ulp_ops->name); 9661723b39SDavide Caratti if (err) 9761723b39SDavide Caratti goto nla_failure; 9861723b39SDavide Caratti 9961723b39SDavide Caratti if (ulp_ops->get_info) 10061723b39SDavide Caratti err = ulp_ops->get_info(sk, skb); 10161723b39SDavide Caratti if (err) 10261723b39SDavide Caratti goto nla_failure; 10361723b39SDavide Caratti 10461723b39SDavide Caratti nla_nest_end(skb, nest); 10561723b39SDavide Caratti return 0; 10661723b39SDavide Caratti 10761723b39SDavide Caratti nla_failure: 10861723b39SDavide Caratti nla_nest_cancel(skb, nest); 10961723b39SDavide Caratti return err; 11061723b39SDavide Caratti } 11161723b39SDavide Caratti 112c03fa9bcSIvan Delalande static int tcp_diag_get_aux(struct sock *sk, bool net_admin, 113c03fa9bcSIvan Delalande struct sk_buff *skb) 114c03fa9bcSIvan Delalande { 11561723b39SDavide Caratti struct inet_connection_sock *icsk = inet_csk(sk); 11661723b39SDavide Caratti int err = 0; 11761723b39SDavide Caratti 118c03fa9bcSIvan Delalande #ifdef CONFIG_TCP_MD5SIG 119c03fa9bcSIvan Delalande if (net_admin) { 120c03fa9bcSIvan Delalande struct tcp_md5sig_info *md5sig; 121c03fa9bcSIvan Delalande 122c03fa9bcSIvan Delalande rcu_read_lock(); 123c03fa9bcSIvan Delalande md5sig = rcu_dereference(tcp_sk(sk)->md5sig_info); 124c03fa9bcSIvan Delalande if (md5sig) 125c03fa9bcSIvan Delalande err = tcp_diag_put_md5sig(skb, md5sig); 126c03fa9bcSIvan Delalande rcu_read_unlock(); 127c03fa9bcSIvan Delalande if (err < 0) 128c03fa9bcSIvan Delalande return err; 129c03fa9bcSIvan Delalande } 130c03fa9bcSIvan Delalande #endif 131c03fa9bcSIvan Delalande 13261723b39SDavide Caratti if (net_admin) { 13361723b39SDavide Caratti const struct tcp_ulp_ops *ulp_ops; 13461723b39SDavide Caratti 13561723b39SDavide Caratti ulp_ops = icsk->icsk_ulp_ops; 13661723b39SDavide Caratti if (ulp_ops) 13761723b39SDavide Caratti err = tcp_diag_put_ulp(skb, sk, ulp_ops); 13861723b39SDavide Caratti if (err) 13961723b39SDavide Caratti return err; 14061723b39SDavide Caratti } 141c03fa9bcSIvan Delalande return 0; 142c03fa9bcSIvan Delalande } 143c03fa9bcSIvan Delalande 144c03fa9bcSIvan Delalande static size_t tcp_diag_get_aux_size(struct sock *sk, bool net_admin) 145c03fa9bcSIvan Delalande { 14661723b39SDavide Caratti struct inet_connection_sock *icsk = inet_csk(sk); 147c03fa9bcSIvan Delalande size_t size = 0; 148c03fa9bcSIvan Delalande 149c03fa9bcSIvan Delalande #ifdef CONFIG_TCP_MD5SIG 150c03fa9bcSIvan Delalande if (net_admin && sk_fullsock(sk)) { 151c03fa9bcSIvan Delalande const struct tcp_md5sig_info *md5sig; 152c03fa9bcSIvan Delalande const struct tcp_md5sig_key *key; 153c03fa9bcSIvan Delalande size_t md5sig_count = 0; 154c03fa9bcSIvan Delalande 155c03fa9bcSIvan Delalande rcu_read_lock(); 156c03fa9bcSIvan Delalande md5sig = rcu_dereference(tcp_sk(sk)->md5sig_info); 157c03fa9bcSIvan Delalande if (md5sig) { 158c03fa9bcSIvan Delalande hlist_for_each_entry_rcu(key, &md5sig->head, node) 159c03fa9bcSIvan Delalande md5sig_count++; 160c03fa9bcSIvan Delalande } 161c03fa9bcSIvan Delalande rcu_read_unlock(); 162c03fa9bcSIvan Delalande size += nla_total_size(md5sig_count * 163c03fa9bcSIvan Delalande sizeof(struct tcp_diag_md5sig)); 164c03fa9bcSIvan Delalande } 165c03fa9bcSIvan Delalande #endif 166c03fa9bcSIvan Delalande 167b58662a5SEric Dumazet if (net_admin && sk_fullsock(sk)) { 16861723b39SDavide Caratti const struct tcp_ulp_ops *ulp_ops; 16961723b39SDavide Caratti 17061723b39SDavide Caratti ulp_ops = icsk->icsk_ulp_ops; 17161723b39SDavide Caratti if (ulp_ops) { 17261723b39SDavide Caratti size += nla_total_size(0) + 17361723b39SDavide Caratti nla_total_size(TCP_ULP_NAME_MAX); 17461723b39SDavide Caratti if (ulp_ops->get_info_size) 17561723b39SDavide Caratti size += ulp_ops->get_info_size(sk); 17661723b39SDavide Caratti } 17761723b39SDavide Caratti } 178c03fa9bcSIvan Delalande return size; 179c03fa9bcSIvan Delalande } 180c03fa9bcSIvan Delalande 1811942c518SPavel Emelyanov static void tcp_diag_dump(struct sk_buff *skb, struct netlink_callback *cb, 18234160ea3SEric Dumazet const struct inet_diag_req_v2 *r, struct nlattr *bc) 1831942c518SPavel Emelyanov { 1841942c518SPavel Emelyanov inet_diag_dump_icsk(&tcp_hashinfo, skb, cb, r, bc); 1851942c518SPavel Emelyanov } 1861942c518SPavel Emelyanov 1871942c518SPavel Emelyanov static int tcp_diag_dump_one(struct sk_buff *in_skb, const struct nlmsghdr *nlh, 18834160ea3SEric Dumazet const struct inet_diag_req_v2 *req) 1891942c518SPavel Emelyanov { 1901942c518SPavel Emelyanov return inet_diag_dump_one_icsk(&tcp_hashinfo, in_skb, nlh, req); 1911942c518SPavel Emelyanov } 1921942c518SPavel Emelyanov 193c1e64e29SLorenzo Colitti #ifdef CONFIG_INET_DIAG_DESTROY 194c1e64e29SLorenzo Colitti static int tcp_diag_destroy(struct sk_buff *in_skb, 195c1e64e29SLorenzo Colitti const struct inet_diag_req_v2 *req) 196c1e64e29SLorenzo Colitti { 197c1e64e29SLorenzo Colitti struct net *net = sock_net(in_skb->sk); 198c1e64e29SLorenzo Colitti struct sock *sk = inet_diag_find_one_icsk(net, &tcp_hashinfo, req); 199d7226c7aSDavid Ahern int err; 200c1e64e29SLorenzo Colitti 201c1e64e29SLorenzo Colitti if (IS_ERR(sk)) 202c1e64e29SLorenzo Colitti return PTR_ERR(sk); 203c1e64e29SLorenzo Colitti 204d7226c7aSDavid Ahern err = sock_diag_destroy(sk, ECONNABORTED); 205d7226c7aSDavid Ahern 206d7226c7aSDavid Ahern sock_gen_put(sk); 207d7226c7aSDavid Ahern 208d7226c7aSDavid Ahern return err; 209c1e64e29SLorenzo Colitti } 210c1e64e29SLorenzo Colitti #endif 211c1e64e29SLorenzo Colitti 212a7a0d6a8SEric Dumazet static const struct inet_diag_handler tcp_diag_handler = { 2131942c518SPavel Emelyanov .dump = tcp_diag_dump, 2141942c518SPavel Emelyanov .dump_one = tcp_diag_dump_one, 21517b085eaSArnaldo Carvalho de Melo .idiag_get_info = tcp_diag_get_info, 216c03fa9bcSIvan Delalande .idiag_get_aux = tcp_diag_get_aux, 217c03fa9bcSIvan Delalande .idiag_get_aux_size = tcp_diag_get_aux_size, 218f13c95f0SPavel Emelyanov .idiag_type = IPPROTO_TCP, 2193fd22af8SCraig Gallek .idiag_info_size = sizeof(struct tcp_info), 220c1e64e29SLorenzo Colitti #ifdef CONFIG_INET_DIAG_DESTROY 221c1e64e29SLorenzo Colitti .destroy = tcp_diag_destroy, 222c1e64e29SLorenzo Colitti #endif 22317b085eaSArnaldo Carvalho de Melo }; 22417b085eaSArnaldo Carvalho de Melo 22517b085eaSArnaldo Carvalho de Melo static int __init tcp_diag_init(void) 22617b085eaSArnaldo Carvalho de Melo { 22717b085eaSArnaldo Carvalho de Melo return inet_diag_register(&tcp_diag_handler); 22817b085eaSArnaldo Carvalho de Melo } 22917b085eaSArnaldo Carvalho de Melo 23017b085eaSArnaldo Carvalho de Melo static void __exit tcp_diag_exit(void) 23117b085eaSArnaldo Carvalho de Melo { 23217b085eaSArnaldo Carvalho de Melo inet_diag_unregister(&tcp_diag_handler); 23317b085eaSArnaldo Carvalho de Melo } 23417b085eaSArnaldo Carvalho de Melo 23517b085eaSArnaldo Carvalho de Melo module_init(tcp_diag_init); 23617b085eaSArnaldo Carvalho de Melo module_exit(tcp_diag_exit); 23717b085eaSArnaldo Carvalho de Melo MODULE_LICENSE("GPL"); 238aec8dc62SPavel Emelyanov MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_NETLINK, NETLINK_SOCK_DIAG, 2-6 /* AF_INET - IPPROTO_TCP */); 239