1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * udp_diag.c Module for monitoring UDP transport protocols sockets. 4 * 5 * Authors: Pavel Emelyanov, <xemul@parallels.com> 6 */ 7 8 9 #include <linux/module.h> 10 #include <linux/inet_diag.h> 11 #include <linux/udp.h> 12 #include <net/udp.h> 13 #include <linux/sock_diag.h> 14 15 static int sk_diag_dump(struct sock *sk, struct sk_buff *skb, 16 struct netlink_callback *cb, 17 const struct inet_diag_req_v2 *req, 18 bool net_admin) 19 { 20 if (!inet_diag_bc_sk(cb->data, sk)) 21 return 0; 22 23 return inet_sk_diag_fill(sk, NULL, skb, cb, req, NLM_F_MULTI, 24 net_admin); 25 } 26 27 static int udp_diag_dump_one(struct netlink_callback *cb, 28 const struct inet_diag_req_v2 *req) 29 { 30 struct sk_buff *in_skb = cb->skb; 31 struct sock *sk = NULL; 32 struct sk_buff *rep; 33 struct net *net; 34 int err; 35 36 net = sock_net(in_skb->sk); 37 38 rcu_read_lock(); 39 if (req->sdiag_family == AF_INET) 40 /* src and dst are swapped for historical reasons */ 41 sk = __udp4_lib_lookup(net, 42 req->id.idiag_src[0], req->id.idiag_sport, 43 req->id.idiag_dst[0], req->id.idiag_dport, 44 req->id.idiag_if, 0, NULL); 45 #if IS_ENABLED(CONFIG_IPV6) 46 else if (req->sdiag_family == AF_INET6) 47 sk = __udp6_lib_lookup(net, 48 (struct in6_addr *)req->id.idiag_src, 49 req->id.idiag_sport, 50 (struct in6_addr *)req->id.idiag_dst, 51 req->id.idiag_dport, 52 req->id.idiag_if, 0, NULL); 53 #endif 54 if (sk && !refcount_inc_not_zero(&sk->sk_refcnt)) 55 sk = NULL; 56 rcu_read_unlock(); 57 err = -ENOENT; 58 if (!sk) 59 goto out_nosk; 60 61 err = sock_diag_check_cookie(sk, req->id.idiag_cookie); 62 if (err) 63 goto out; 64 65 err = -ENOMEM; 66 rep = nlmsg_new(nla_total_size(sizeof(struct inet_diag_msg)) + 67 inet_diag_msg_attrs_size() + 68 nla_total_size(sizeof(struct inet_diag_meminfo)) + 64, 69 GFP_KERNEL); 70 if (!rep) 71 goto out; 72 73 err = inet_sk_diag_fill(sk, NULL, rep, cb, req, 0, 74 netlink_net_capable(in_skb, CAP_NET_ADMIN)); 75 if (err < 0) { 76 WARN_ON(err == -EMSGSIZE); 77 kfree_skb(rep); 78 goto out; 79 } 80 err = nlmsg_unicast(net->diag_nlsk, rep, NETLINK_CB(in_skb).portid); 81 82 out: 83 if (sk) 84 sock_put(sk); 85 out_nosk: 86 return err; 87 } 88 89 static void udp_diag_dump(struct sk_buff *skb, struct netlink_callback *cb, 90 const struct inet_diag_req_v2 *r) 91 { 92 bool net_admin = netlink_net_capable(cb->skb, CAP_NET_ADMIN); 93 struct net *net = sock_net(skb->sk); 94 int num, s_num, slot, s_slot; 95 struct udp_table *table; 96 97 table = net->ipv4.udp_table; 98 s_slot = cb->args[0]; 99 num = s_num = cb->args[1]; 100 101 for (slot = s_slot; slot <= table->mask; s_num = 0, slot++) { 102 struct udp_hslot *hslot = &table->hash[slot]; 103 struct sock *sk; 104 105 num = 0; 106 107 if (hlist_empty(&hslot->head)) 108 continue; 109 110 spin_lock_bh(&hslot->lock); 111 sk_for_each(sk, &hslot->head) { 112 struct inet_sock *inet = inet_sk(sk); 113 114 if (!net_eq(sock_net(sk), net)) 115 continue; 116 if (num < s_num) 117 goto next; 118 if (!(r->idiag_states & (1 << sk->sk_state))) 119 goto next; 120 if (r->sdiag_family != AF_UNSPEC && 121 sk->sk_family != r->sdiag_family) 122 goto next; 123 if (r->id.idiag_sport != inet->inet_sport && 124 r->id.idiag_sport) 125 goto next; 126 if (r->id.idiag_dport != inet->inet_dport && 127 r->id.idiag_dport) 128 goto next; 129 130 if (sk_diag_dump(sk, skb, cb, r, net_admin) < 0) { 131 spin_unlock_bh(&hslot->lock); 132 goto done; 133 } 134 next: 135 num++; 136 } 137 spin_unlock_bh(&hslot->lock); 138 } 139 done: 140 cb->args[0] = slot; 141 cb->args[1] = num; 142 } 143 144 static void udp_diag_get_info(struct sock *sk, struct inet_diag_msg *r, 145 void *info) 146 { 147 r->idiag_rqueue = udp_rqueue_get(sk); 148 r->idiag_wqueue = sk_wmem_alloc_get(sk); 149 } 150 151 #ifdef CONFIG_INET_DIAG_DESTROY 152 static int udp_diag_destroy(struct sk_buff *in_skb, 153 const struct inet_diag_req_v2 *req) 154 { 155 struct net *net = sock_net(in_skb->sk); 156 struct sock *sk; 157 int err; 158 159 rcu_read_lock(); 160 161 if (req->sdiag_family == AF_INET) 162 sk = __udp4_lib_lookup(net, 163 req->id.idiag_dst[0], req->id.idiag_dport, 164 req->id.idiag_src[0], req->id.idiag_sport, 165 req->id.idiag_if, 0, NULL); 166 #if IS_ENABLED(CONFIG_IPV6) 167 else if (req->sdiag_family == AF_INET6) { 168 if (ipv6_addr_v4mapped((struct in6_addr *)req->id.idiag_dst) && 169 ipv6_addr_v4mapped((struct in6_addr *)req->id.idiag_src)) 170 sk = __udp4_lib_lookup(net, 171 req->id.idiag_dst[3], req->id.idiag_dport, 172 req->id.idiag_src[3], req->id.idiag_sport, 173 req->id.idiag_if, 0, NULL); 174 else 175 sk = __udp6_lib_lookup(net, 176 (struct in6_addr *)req->id.idiag_dst, 177 req->id.idiag_dport, 178 (struct in6_addr *)req->id.idiag_src, 179 req->id.idiag_sport, 180 req->id.idiag_if, 0, NULL); 181 } 182 #endif 183 else { 184 rcu_read_unlock(); 185 return -EINVAL; 186 } 187 188 if (sk && !refcount_inc_not_zero(&sk->sk_refcnt)) 189 sk = NULL; 190 191 rcu_read_unlock(); 192 193 if (!sk) 194 return -ENOENT; 195 196 if (sock_diag_check_cookie(sk, req->id.idiag_cookie)) { 197 sock_put(sk); 198 return -ENOENT; 199 } 200 201 err = sock_diag_destroy(sk, ECONNABORTED); 202 203 sock_put(sk); 204 205 return err; 206 } 207 #endif 208 209 static const struct inet_diag_handler udp_diag_handler = { 210 .owner = THIS_MODULE, 211 .dump = udp_diag_dump, 212 .dump_one = udp_diag_dump_one, 213 .idiag_get_info = udp_diag_get_info, 214 .idiag_type = IPPROTO_UDP, 215 .idiag_info_size = 0, 216 #ifdef CONFIG_INET_DIAG_DESTROY 217 .destroy = udp_diag_destroy, 218 #endif 219 }; 220 221 static int __init udp_diag_init(void) 222 { 223 return inet_diag_register(&udp_diag_handler); 224 } 225 226 static void __exit udp_diag_exit(void) 227 { 228 inet_diag_unregister(&udp_diag_handler); 229 } 230 231 module_init(udp_diag_init); 232 module_exit(udp_diag_exit); 233 MODULE_LICENSE("GPL"); 234 MODULE_DESCRIPTION("UDP socket monitoring via SOCK_DIAG"); 235 MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_NETLINK, NETLINK_SOCK_DIAG, 2-17 /* AF_INET - IPPROTO_UDP */); 236