12874c5fdSThomas Gleixner // SPDX-License-Identifier: GPL-2.0-or-later 217b085eaSArnaldo Carvalho de Melo /* 317b085eaSArnaldo Carvalho de Melo * tcp_diag.c Module for monitoring TCP transport protocols sockets. 417b085eaSArnaldo Carvalho de Melo * 517b085eaSArnaldo Carvalho de Melo * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru> 617b085eaSArnaldo Carvalho de Melo */ 717b085eaSArnaldo Carvalho de Melo 817b085eaSArnaldo Carvalho de Melo #include <linux/module.h> 9c1e64e29SLorenzo Colitti #include <linux/net.h> 10c1e64e29SLorenzo Colitti #include <linux/sock_diag.h> 1117b085eaSArnaldo Carvalho de Melo #include <linux/inet_diag.h> 1217b085eaSArnaldo Carvalho de Melo 1317b085eaSArnaldo Carvalho de Melo #include <linux/tcp.h> 1417b085eaSArnaldo Carvalho de Melo 15c03fa9bcSIvan Delalande #include <net/netlink.h> 1617b085eaSArnaldo Carvalho de Melo #include <net/tcp.h> 1717b085eaSArnaldo Carvalho de Melo 1817b085eaSArnaldo Carvalho de Melo static void tcp_diag_get_info(struct sock *sk, struct inet_diag_msg *r, 1917b085eaSArnaldo Carvalho de Melo void *_info) 2017b085eaSArnaldo Carvalho de Melo { 2117b085eaSArnaldo Carvalho de Melo struct tcp_info *info = _info; 2217b085eaSArnaldo Carvalho de Melo 23986ffdfdSYafang Shao if (inet_sk_state_load(sk) == TCP_LISTEN) { 2447da8ee6SSridhar Samudrala r->idiag_rqueue = sk->sk_ack_backlog; 255ee3afbaSRick Jones r->idiag_wqueue = sk->sk_max_ack_backlog; 2635ac838aSCraig Gallek } else if (sk->sk_type == SOCK_STREAM) { 2735ac838aSCraig Gallek const struct tcp_sock *tp = tcp_sk(sk); 2835ac838aSCraig Gallek 2949d09007SEric Dumazet r->idiag_rqueue = max_t(int, tp->rcv_nxt - tp->copied_seq, 0); 3017b085eaSArnaldo Carvalho de Melo r->idiag_wqueue = tp->write_seq - tp->snd_una; 315ee3afbaSRick Jones } 3200db4124SIan Morris if (info) 3317b085eaSArnaldo Carvalho de Melo tcp_get_info(sk, info); 3417b085eaSArnaldo Carvalho de Melo } 3517b085eaSArnaldo Carvalho de Melo 36c03fa9bcSIvan Delalande #ifdef CONFIG_TCP_MD5SIG 37c03fa9bcSIvan Delalande static void tcp_diag_md5sig_fill(struct tcp_diag_md5sig *info, 38c03fa9bcSIvan Delalande const struct tcp_md5sig_key *key) 39c03fa9bcSIvan Delalande { 40c03fa9bcSIvan Delalande info->tcpm_family = key->family; 41c03fa9bcSIvan Delalande info->tcpm_prefixlen = key->prefixlen; 42c03fa9bcSIvan Delalande info->tcpm_keylen = key->keylen; 43c03fa9bcSIvan Delalande memcpy(info->tcpm_key, key->key, key->keylen); 44c03fa9bcSIvan Delalande 45c03fa9bcSIvan Delalande if (key->family == AF_INET) 46c03fa9bcSIvan Delalande info->tcpm_addr[0] = key->addr.a4.s_addr; 47c03fa9bcSIvan Delalande #if IS_ENABLED(CONFIG_IPV6) 48c03fa9bcSIvan Delalande else if (key->family == AF_INET6) 49c03fa9bcSIvan Delalande memcpy(&info->tcpm_addr, &key->addr.a6, 50c03fa9bcSIvan Delalande sizeof(info->tcpm_addr)); 51c03fa9bcSIvan Delalande #endif 52c03fa9bcSIvan Delalande } 53c03fa9bcSIvan Delalande 54c03fa9bcSIvan Delalande static int tcp_diag_put_md5sig(struct sk_buff *skb, 55c03fa9bcSIvan Delalande const struct tcp_md5sig_info *md5sig) 56c03fa9bcSIvan Delalande { 57c03fa9bcSIvan Delalande const struct tcp_md5sig_key *key; 58c03fa9bcSIvan Delalande struct tcp_diag_md5sig *info; 59c03fa9bcSIvan Delalande struct nlattr *attr; 60c03fa9bcSIvan Delalande int md5sig_count = 0; 61c03fa9bcSIvan Delalande 62c03fa9bcSIvan Delalande hlist_for_each_entry_rcu(key, &md5sig->head, node) 63c03fa9bcSIvan Delalande md5sig_count++; 64c03fa9bcSIvan Delalande if (md5sig_count == 0) 65c03fa9bcSIvan Delalande return 0; 66c03fa9bcSIvan Delalande 67c03fa9bcSIvan Delalande attr = nla_reserve(skb, INET_DIAG_MD5SIG, 68c03fa9bcSIvan Delalande md5sig_count * sizeof(struct tcp_diag_md5sig)); 69c03fa9bcSIvan Delalande if (!attr) 70c03fa9bcSIvan Delalande return -EMSGSIZE; 71c03fa9bcSIvan Delalande 72c03fa9bcSIvan Delalande info = nla_data(attr); 73c03fa9bcSIvan Delalande memset(info, 0, md5sig_count * sizeof(struct tcp_diag_md5sig)); 74c03fa9bcSIvan Delalande hlist_for_each_entry_rcu(key, &md5sig->head, node) { 75c03fa9bcSIvan Delalande tcp_diag_md5sig_fill(info++, key); 76c03fa9bcSIvan Delalande if (--md5sig_count == 0) 77c03fa9bcSIvan Delalande break; 78c03fa9bcSIvan Delalande } 79c03fa9bcSIvan Delalande 80c03fa9bcSIvan Delalande return 0; 81c03fa9bcSIvan Delalande } 82c03fa9bcSIvan Delalande #endif 83c03fa9bcSIvan Delalande 84*61723b39SDavide Caratti static int tcp_diag_put_ulp(struct sk_buff *skb, struct sock *sk, 85*61723b39SDavide Caratti const struct tcp_ulp_ops *ulp_ops) 86*61723b39SDavide Caratti { 87*61723b39SDavide Caratti struct nlattr *nest; 88*61723b39SDavide Caratti int err; 89*61723b39SDavide Caratti 90*61723b39SDavide Caratti nest = nla_nest_start_noflag(skb, INET_DIAG_ULP_INFO); 91*61723b39SDavide Caratti if (!nest) 92*61723b39SDavide Caratti return -EMSGSIZE; 93*61723b39SDavide Caratti 94*61723b39SDavide Caratti err = nla_put_string(skb, INET_ULP_INFO_NAME, ulp_ops->name); 95*61723b39SDavide Caratti if (err) 96*61723b39SDavide Caratti goto nla_failure; 97*61723b39SDavide Caratti 98*61723b39SDavide Caratti if (ulp_ops->get_info) 99*61723b39SDavide Caratti err = ulp_ops->get_info(sk, skb); 100*61723b39SDavide Caratti if (err) 101*61723b39SDavide Caratti goto nla_failure; 102*61723b39SDavide Caratti 103*61723b39SDavide Caratti nla_nest_end(skb, nest); 104*61723b39SDavide Caratti return 0; 105*61723b39SDavide Caratti 106*61723b39SDavide Caratti nla_failure: 107*61723b39SDavide Caratti nla_nest_cancel(skb, nest); 108*61723b39SDavide Caratti return err; 109*61723b39SDavide Caratti } 110*61723b39SDavide Caratti 111c03fa9bcSIvan Delalande static int tcp_diag_get_aux(struct sock *sk, bool net_admin, 112c03fa9bcSIvan Delalande struct sk_buff *skb) 113c03fa9bcSIvan Delalande { 114*61723b39SDavide Caratti struct inet_connection_sock *icsk = inet_csk(sk); 115*61723b39SDavide Caratti int err = 0; 116*61723b39SDavide Caratti 117c03fa9bcSIvan Delalande #ifdef CONFIG_TCP_MD5SIG 118c03fa9bcSIvan Delalande if (net_admin) { 119c03fa9bcSIvan Delalande struct tcp_md5sig_info *md5sig; 120c03fa9bcSIvan Delalande 121c03fa9bcSIvan Delalande rcu_read_lock(); 122c03fa9bcSIvan Delalande md5sig = rcu_dereference(tcp_sk(sk)->md5sig_info); 123c03fa9bcSIvan Delalande if (md5sig) 124c03fa9bcSIvan Delalande err = tcp_diag_put_md5sig(skb, md5sig); 125c03fa9bcSIvan Delalande rcu_read_unlock(); 126c03fa9bcSIvan Delalande if (err < 0) 127c03fa9bcSIvan Delalande return err; 128c03fa9bcSIvan Delalande } 129c03fa9bcSIvan Delalande #endif 130c03fa9bcSIvan Delalande 131*61723b39SDavide Caratti if (net_admin) { 132*61723b39SDavide Caratti const struct tcp_ulp_ops *ulp_ops; 133*61723b39SDavide Caratti 134*61723b39SDavide Caratti ulp_ops = icsk->icsk_ulp_ops; 135*61723b39SDavide Caratti if (ulp_ops) 136*61723b39SDavide Caratti err = tcp_diag_put_ulp(skb, sk, ulp_ops); 137*61723b39SDavide Caratti if (err) 138*61723b39SDavide Caratti return err; 139*61723b39SDavide Caratti } 140c03fa9bcSIvan Delalande return 0; 141c03fa9bcSIvan Delalande } 142c03fa9bcSIvan Delalande 143c03fa9bcSIvan Delalande static size_t tcp_diag_get_aux_size(struct sock *sk, bool net_admin) 144c03fa9bcSIvan Delalande { 145*61723b39SDavide Caratti struct inet_connection_sock *icsk = inet_csk(sk); 146c03fa9bcSIvan Delalande size_t size = 0; 147c03fa9bcSIvan Delalande 148c03fa9bcSIvan Delalande #ifdef CONFIG_TCP_MD5SIG 149c03fa9bcSIvan Delalande if (net_admin && sk_fullsock(sk)) { 150c03fa9bcSIvan Delalande const struct tcp_md5sig_info *md5sig; 151c03fa9bcSIvan Delalande const struct tcp_md5sig_key *key; 152c03fa9bcSIvan Delalande size_t md5sig_count = 0; 153c03fa9bcSIvan Delalande 154c03fa9bcSIvan Delalande rcu_read_lock(); 155c03fa9bcSIvan Delalande md5sig = rcu_dereference(tcp_sk(sk)->md5sig_info); 156c03fa9bcSIvan Delalande if (md5sig) { 157c03fa9bcSIvan Delalande hlist_for_each_entry_rcu(key, &md5sig->head, node) 158c03fa9bcSIvan Delalande md5sig_count++; 159c03fa9bcSIvan Delalande } 160c03fa9bcSIvan Delalande rcu_read_unlock(); 161c03fa9bcSIvan Delalande size += nla_total_size(md5sig_count * 162c03fa9bcSIvan Delalande sizeof(struct tcp_diag_md5sig)); 163c03fa9bcSIvan Delalande } 164c03fa9bcSIvan Delalande #endif 165c03fa9bcSIvan Delalande 166*61723b39SDavide Caratti if (net_admin) { 167*61723b39SDavide Caratti const struct tcp_ulp_ops *ulp_ops; 168*61723b39SDavide Caratti 169*61723b39SDavide Caratti ulp_ops = icsk->icsk_ulp_ops; 170*61723b39SDavide Caratti if (ulp_ops) { 171*61723b39SDavide Caratti size += nla_total_size(0) + 172*61723b39SDavide Caratti nla_total_size(TCP_ULP_NAME_MAX); 173*61723b39SDavide Caratti if (ulp_ops->get_info_size) 174*61723b39SDavide Caratti size += ulp_ops->get_info_size(sk); 175*61723b39SDavide Caratti } 176*61723b39SDavide Caratti } 177c03fa9bcSIvan Delalande return size; 178c03fa9bcSIvan Delalande } 179c03fa9bcSIvan Delalande 1801942c518SPavel Emelyanov static void tcp_diag_dump(struct sk_buff *skb, struct netlink_callback *cb, 18134160ea3SEric Dumazet const struct inet_diag_req_v2 *r, struct nlattr *bc) 1821942c518SPavel Emelyanov { 1831942c518SPavel Emelyanov inet_diag_dump_icsk(&tcp_hashinfo, skb, cb, r, bc); 1841942c518SPavel Emelyanov } 1851942c518SPavel Emelyanov 1861942c518SPavel Emelyanov static int tcp_diag_dump_one(struct sk_buff *in_skb, const struct nlmsghdr *nlh, 18734160ea3SEric Dumazet const struct inet_diag_req_v2 *req) 1881942c518SPavel Emelyanov { 1891942c518SPavel Emelyanov return inet_diag_dump_one_icsk(&tcp_hashinfo, in_skb, nlh, req); 1901942c518SPavel Emelyanov } 1911942c518SPavel Emelyanov 192c1e64e29SLorenzo Colitti #ifdef CONFIG_INET_DIAG_DESTROY 193c1e64e29SLorenzo Colitti static int tcp_diag_destroy(struct sk_buff *in_skb, 194c1e64e29SLorenzo Colitti const struct inet_diag_req_v2 *req) 195c1e64e29SLorenzo Colitti { 196c1e64e29SLorenzo Colitti struct net *net = sock_net(in_skb->sk); 197c1e64e29SLorenzo Colitti struct sock *sk = inet_diag_find_one_icsk(net, &tcp_hashinfo, req); 198d7226c7aSDavid Ahern int err; 199c1e64e29SLorenzo Colitti 200c1e64e29SLorenzo Colitti if (IS_ERR(sk)) 201c1e64e29SLorenzo Colitti return PTR_ERR(sk); 202c1e64e29SLorenzo Colitti 203d7226c7aSDavid Ahern err = sock_diag_destroy(sk, ECONNABORTED); 204d7226c7aSDavid Ahern 205d7226c7aSDavid Ahern sock_gen_put(sk); 206d7226c7aSDavid Ahern 207d7226c7aSDavid Ahern return err; 208c1e64e29SLorenzo Colitti } 209c1e64e29SLorenzo Colitti #endif 210c1e64e29SLorenzo Colitti 211a7a0d6a8SEric Dumazet static const struct inet_diag_handler tcp_diag_handler = { 2121942c518SPavel Emelyanov .dump = tcp_diag_dump, 2131942c518SPavel Emelyanov .dump_one = tcp_diag_dump_one, 21417b085eaSArnaldo Carvalho de Melo .idiag_get_info = tcp_diag_get_info, 215c03fa9bcSIvan Delalande .idiag_get_aux = tcp_diag_get_aux, 216c03fa9bcSIvan Delalande .idiag_get_aux_size = tcp_diag_get_aux_size, 217f13c95f0SPavel Emelyanov .idiag_type = IPPROTO_TCP, 2183fd22af8SCraig Gallek .idiag_info_size = sizeof(struct tcp_info), 219c1e64e29SLorenzo Colitti #ifdef CONFIG_INET_DIAG_DESTROY 220c1e64e29SLorenzo Colitti .destroy = tcp_diag_destroy, 221c1e64e29SLorenzo Colitti #endif 22217b085eaSArnaldo Carvalho de Melo }; 22317b085eaSArnaldo Carvalho de Melo 22417b085eaSArnaldo Carvalho de Melo static int __init tcp_diag_init(void) 22517b085eaSArnaldo Carvalho de Melo { 22617b085eaSArnaldo Carvalho de Melo return inet_diag_register(&tcp_diag_handler); 22717b085eaSArnaldo Carvalho de Melo } 22817b085eaSArnaldo Carvalho de Melo 22917b085eaSArnaldo Carvalho de Melo static void __exit tcp_diag_exit(void) 23017b085eaSArnaldo Carvalho de Melo { 23117b085eaSArnaldo Carvalho de Melo inet_diag_unregister(&tcp_diag_handler); 23217b085eaSArnaldo Carvalho de Melo } 23317b085eaSArnaldo Carvalho de Melo 23417b085eaSArnaldo Carvalho de Melo module_init(tcp_diag_init); 23517b085eaSArnaldo Carvalho de Melo module_exit(tcp_diag_exit); 23617b085eaSArnaldo Carvalho de Melo MODULE_LICENSE("GPL"); 237aec8dc62SPavel Emelyanov MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_NETLINK, NETLINK_SOCK_DIAG, 2-6 /* AF_INET - IPPROTO_TCP */); 238