2017-06-15 02:37:14 +08:00
|
|
|
/*
|
|
|
|
* Pluggable TCP upper layer protocol support.
|
|
|
|
*
|
|
|
|
* Copyright (c) 2016-2017, Mellanox Technologies. All rights reserved.
|
|
|
|
* Copyright (c) 2016-2017, Dave Watson <davejwatson@fb.com>. All rights reserved.
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include<linux/module.h>
|
|
|
|
#include <linux/mm.h>
|
|
|
|
#include <linux/types.h>
|
|
|
|
#include <linux/list.h>
|
|
|
|
#include <linux/gfp.h>
|
|
|
|
#include <net/tcp.h>
|
|
|
|
|
|
|
|
static DEFINE_SPINLOCK(tcp_ulp_list_lock);
|
|
|
|
static LIST_HEAD(tcp_ulp_list);
|
|
|
|
|
|
|
|
/* Simple linear search, don't expect many entries! */
|
|
|
|
static struct tcp_ulp_ops *tcp_ulp_find(const char *name)
|
|
|
|
{
|
|
|
|
struct tcp_ulp_ops *e;
|
|
|
|
|
|
|
|
list_for_each_entry_rcu(e, &tcp_ulp_list, list) {
|
|
|
|
if (strcmp(e->name, name) == 0)
|
|
|
|
return e;
|
|
|
|
}
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2018-02-06 02:17:43 +08:00
|
|
|
static struct tcp_ulp_ops *tcp_ulp_find_id(const int ulp)
|
|
|
|
{
|
|
|
|
struct tcp_ulp_ops *e;
|
|
|
|
|
|
|
|
list_for_each_entry_rcu(e, &tcp_ulp_list, list) {
|
|
|
|
if (e->uid == ulp)
|
|
|
|
return e;
|
|
|
|
}
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2017-06-15 02:37:14 +08:00
|
|
|
static const struct tcp_ulp_ops *__tcp_ulp_find_autoload(const char *name)
|
|
|
|
{
|
|
|
|
const struct tcp_ulp_ops *ulp = NULL;
|
|
|
|
|
|
|
|
rcu_read_lock();
|
|
|
|
ulp = tcp_ulp_find(name);
|
|
|
|
|
|
|
|
#ifdef CONFIG_MODULES
|
|
|
|
if (!ulp && capable(CAP_NET_ADMIN)) {
|
|
|
|
rcu_read_unlock();
|
tcp, ulp: add alias for all ulp modules
Lets not turn the TCP ULP lookup into an arbitrary module loader as
we only intend to load ULP modules through this mechanism, not other
unrelated kernel modules:
[root@bar]# cat foo.c
#include <sys/types.h>
#include <sys/socket.h>
#include <linux/tcp.h>
#include <linux/in.h>
int main(void)
{
int sock = socket(PF_INET, SOCK_STREAM, 0);
setsockopt(sock, IPPROTO_TCP, TCP_ULP, "sctp", sizeof("sctp"));
return 0;
}
[root@bar]# gcc foo.c -O2 -Wall
[root@bar]# lsmod | grep sctp
[root@bar]# ./a.out
[root@bar]# lsmod | grep sctp
sctp 1077248 4
libcrc32c 16384 3 nf_conntrack,nf_nat,sctp
[root@bar]#
Fix it by adding module alias to TCP ULP modules, so probing module
via request_module() will be limited to tcp-ulp-[name]. The existing
modules like kTLS will load fine given tcp-ulp-tls alias, but others
will fail to load:
[root@bar]# lsmod | grep sctp
[root@bar]# ./a.out
[root@bar]# lsmod | grep sctp
[root@bar]#
Sockmap is not affected from this since it's either built-in or not.
Fixes: 734942cc4ea6 ("tcp: ULP infrastructure")
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: John Fastabend <john.fastabend@gmail.com>
Acked-by: Song Liu <songliubraving@fb.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2018-08-17 03:49:06 +08:00
|
|
|
request_module("tcp-ulp-%s", name);
|
2017-06-15 02:37:14 +08:00
|
|
|
rcu_read_lock();
|
|
|
|
ulp = tcp_ulp_find(name);
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
if (!ulp || !try_module_get(ulp->owner))
|
|
|
|
ulp = NULL;
|
|
|
|
|
|
|
|
rcu_read_unlock();
|
|
|
|
return ulp;
|
|
|
|
}
|
|
|
|
|
2018-02-06 02:17:43 +08:00
|
|
|
static const struct tcp_ulp_ops *__tcp_ulp_lookup(const int uid)
|
|
|
|
{
|
|
|
|
const struct tcp_ulp_ops *ulp;
|
|
|
|
|
|
|
|
rcu_read_lock();
|
|
|
|
ulp = tcp_ulp_find_id(uid);
|
|
|
|
if (!ulp || !try_module_get(ulp->owner))
|
|
|
|
ulp = NULL;
|
|
|
|
rcu_read_unlock();
|
|
|
|
return ulp;
|
|
|
|
}
|
|
|
|
|
2017-06-15 02:37:14 +08:00
|
|
|
/* Attach new upper layer protocol to the list
|
|
|
|
* of available protocols.
|
|
|
|
*/
|
|
|
|
int tcp_register_ulp(struct tcp_ulp_ops *ulp)
|
|
|
|
{
|
|
|
|
int ret = 0;
|
|
|
|
|
|
|
|
spin_lock(&tcp_ulp_list_lock);
|
2018-02-06 02:17:43 +08:00
|
|
|
if (tcp_ulp_find(ulp->name))
|
2017-06-15 02:37:14 +08:00
|
|
|
ret = -EEXIST;
|
2018-02-06 02:17:43 +08:00
|
|
|
else
|
2017-06-15 02:37:14 +08:00
|
|
|
list_add_tail_rcu(&ulp->list, &tcp_ulp_list);
|
|
|
|
spin_unlock(&tcp_ulp_list_lock);
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(tcp_register_ulp);
|
|
|
|
|
|
|
|
void tcp_unregister_ulp(struct tcp_ulp_ops *ulp)
|
|
|
|
{
|
|
|
|
spin_lock(&tcp_ulp_list_lock);
|
|
|
|
list_del_rcu(&ulp->list);
|
|
|
|
spin_unlock(&tcp_ulp_list_lock);
|
|
|
|
|
|
|
|
synchronize_rcu();
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(tcp_unregister_ulp);
|
|
|
|
|
|
|
|
/* Build string with list of available upper layer protocl values */
|
|
|
|
void tcp_get_available_ulp(char *buf, size_t maxlen)
|
|
|
|
{
|
|
|
|
struct tcp_ulp_ops *ulp_ops;
|
|
|
|
size_t offs = 0;
|
|
|
|
|
2017-06-23 09:57:55 +08:00
|
|
|
*buf = '\0';
|
2017-06-15 02:37:14 +08:00
|
|
|
rcu_read_lock();
|
|
|
|
list_for_each_entry_rcu(ulp_ops, &tcp_ulp_list, list) {
|
|
|
|
offs += snprintf(buf + offs, maxlen - offs,
|
|
|
|
"%s%s",
|
|
|
|
offs == 0 ? "" : " ", ulp_ops->name);
|
|
|
|
}
|
|
|
|
rcu_read_unlock();
|
|
|
|
}
|
|
|
|
|
|
|
|
void tcp_cleanup_ulp(struct sock *sk)
|
|
|
|
{
|
|
|
|
struct inet_connection_sock *icsk = inet_csk(sk);
|
|
|
|
|
|
|
|
if (!icsk->icsk_ulp_ops)
|
|
|
|
return;
|
|
|
|
|
|
|
|
if (icsk->icsk_ulp_ops->release)
|
|
|
|
icsk->icsk_ulp_ops->release(sk);
|
|
|
|
module_put(icsk->icsk_ulp_ops->owner);
|
2018-08-17 03:49:07 +08:00
|
|
|
|
|
|
|
icsk->icsk_ulp_ops = NULL;
|
2017-06-15 02:37:14 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Change upper layer protocol for socket */
|
|
|
|
int tcp_set_ulp(struct sock *sk, const char *name)
|
|
|
|
{
|
|
|
|
struct inet_connection_sock *icsk = inet_csk(sk);
|
|
|
|
const struct tcp_ulp_ops *ulp_ops;
|
|
|
|
int err = 0;
|
|
|
|
|
|
|
|
if (icsk->icsk_ulp_ops)
|
|
|
|
return -EEXIST;
|
|
|
|
|
|
|
|
ulp_ops = __tcp_ulp_find_autoload(name);
|
|
|
|
if (!ulp_ops)
|
2017-08-15 00:04:24 +08:00
|
|
|
return -ENOENT;
|
2017-06-15 02:37:14 +08:00
|
|
|
|
2018-02-06 02:17:43 +08:00
|
|
|
if (!ulp_ops->user_visible) {
|
|
|
|
module_put(ulp_ops->owner);
|
|
|
|
return -ENOENT;
|
|
|
|
}
|
|
|
|
|
|
|
|
err = ulp_ops->init(sk);
|
|
|
|
if (err) {
|
|
|
|
module_put(ulp_ops->owner);
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
|
|
|
|
icsk->icsk_ulp_ops = ulp_ops;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
int tcp_set_ulp_id(struct sock *sk, int ulp)
|
|
|
|
{
|
|
|
|
struct inet_connection_sock *icsk = inet_csk(sk);
|
|
|
|
const struct tcp_ulp_ops *ulp_ops;
|
|
|
|
int err;
|
|
|
|
|
|
|
|
if (icsk->icsk_ulp_ops)
|
|
|
|
return -EEXIST;
|
|
|
|
|
|
|
|
ulp_ops = __tcp_ulp_lookup(ulp);
|
|
|
|
if (!ulp_ops)
|
|
|
|
return -ENOENT;
|
|
|
|
|
2017-08-15 00:04:24 +08:00
|
|
|
err = ulp_ops->init(sk);
|
|
|
|
if (err) {
|
|
|
|
module_put(ulp_ops->owner);
|
|
|
|
return err;
|
|
|
|
}
|
2017-06-15 02:37:14 +08:00
|
|
|
|
|
|
|
icsk->icsk_ulp_ops = ulp_ops;
|
2017-08-15 00:04:24 +08:00
|
|
|
return 0;
|
2017-06-15 02:37:14 +08:00
|
|
|
}
|