linux/net/compat.c
<<
>>
Prefs
   1/*
   2 * 32bit Socket syscall emulation. Based on arch/sparc64/kernel/sys_sparc32.c.
   3 *
   4 * Copyright (C) 2000           VA Linux Co
   5 * Copyright (C) 2000           Don Dugger <n0ano@valinux.com>
   6 * Copyright (C) 1999           Arun Sharma <arun.sharma@intel.com>
   7 * Copyright (C) 1997,1998      Jakub Jelinek (jj@sunsite.mff.cuni.cz)
   8 * Copyright (C) 1997           David S. Miller (davem@caip.rutgers.edu)
   9 * Copyright (C) 2000           Hewlett-Packard Co.
  10 * Copyright (C) 2000           David Mosberger-Tang <davidm@hpl.hp.com>
  11 * Copyright (C) 2000,2001      Andi Kleen, SuSE Labs
  12 */
  13
  14#include <linux/kernel.h>
  15#include <linux/gfp.h>
  16#include <linux/fs.h>
  17#include <linux/types.h>
  18#include <linux/file.h>
  19#include <linux/icmpv6.h>
  20#include <linux/socket.h>
  21#include <linux/syscalls.h>
  22#include <linux/filter.h>
  23#include <linux/compat.h>
  24#include <linux/security.h>
  25#include <linux/export.h>
  26
  27#include <net/scm.h>
  28#include <net/sock.h>
  29#include <net/ip.h>
  30#include <net/ipv6.h>
  31#include <asm/uaccess.h>
  32#include <net/compat.h>
  33
  34static inline int iov_from_user_compat_to_kern(struct iovec *kiov,
  35                                          struct compat_iovec __user *uiov32,
  36                                          int niov)
  37{
  38        int tot_len = 0;
  39
  40        while (niov > 0) {
  41                compat_uptr_t buf;
  42                compat_size_t len;
  43
  44                if (get_user(len, &uiov32->iov_len) ||
  45                    get_user(buf, &uiov32->iov_base))
  46                        return -EFAULT;
  47
  48                if (len > INT_MAX - tot_len)
  49                        len = INT_MAX - tot_len;
  50
  51                tot_len += len;
  52                kiov->iov_base = compat_ptr(buf);
  53                kiov->iov_len = (__kernel_size_t) len;
  54                uiov32++;
  55                kiov++;
  56                niov--;
  57        }
  58        return tot_len;
  59}
  60
  61int get_compat_msghdr(struct msghdr *kmsg, struct compat_msghdr __user *umsg)
  62{
  63        compat_uptr_t tmp1, tmp2, tmp3;
  64
  65        if (!access_ok(VERIFY_READ, umsg, sizeof(*umsg)) ||
  66            __get_user(tmp1, &umsg->msg_name) ||
  67            __get_user(kmsg->msg_namelen, &umsg->msg_namelen) ||
  68            __get_user(tmp2, &umsg->msg_iov) ||
  69            __get_user(kmsg->msg_iovlen, &umsg->msg_iovlen) ||
  70            __get_user(tmp3, &umsg->msg_control) ||
  71            __get_user(kmsg->msg_controllen, &umsg->msg_controllen) ||
  72            __get_user(kmsg->msg_flags, &umsg->msg_flags))
  73                return -EFAULT;
  74        kmsg->msg_name = compat_ptr(tmp1);
  75        kmsg->msg_iov = compat_ptr(tmp2);
  76        kmsg->msg_control = compat_ptr(tmp3);
  77        return 0;
  78}
  79
  80/* I've named the args so it is easy to tell whose space the pointers are in. */
  81int verify_compat_iovec(struct msghdr *kern_msg, struct iovec *kern_iov,
  82                   struct sockaddr_storage *kern_address, int mode)
  83{
  84        int tot_len;
  85
  86        if (kern_msg->msg_namelen) {
  87                if (mode == VERIFY_READ) {
  88                        int err = move_addr_to_kernel(kern_msg->msg_name,
  89                                                      kern_msg->msg_namelen,
  90                                                      kern_address);
  91                        if (err < 0)
  92                                return err;
  93                }
  94                kern_msg->msg_name = kern_address;
  95        } else
  96                kern_msg->msg_name = NULL;
  97
  98        tot_len = iov_from_user_compat_to_kern(kern_iov,
  99                                          (struct compat_iovec __user *)kern_msg->msg_iov,
 100                                          kern_msg->msg_iovlen);
 101        if (tot_len >= 0)
 102                kern_msg->msg_iov = kern_iov;
 103
 104        return tot_len;
 105}
 106
 107/* Bleech... */
 108#define CMSG_COMPAT_ALIGN(len)  ALIGN((len), sizeof(s32))
 109
 110#define CMSG_COMPAT_DATA(cmsg)                          \
 111        ((void __user *)((char __user *)(cmsg) + CMSG_COMPAT_ALIGN(sizeof(struct compat_cmsghdr))))
 112#define CMSG_COMPAT_SPACE(len)                          \
 113        (CMSG_COMPAT_ALIGN(sizeof(struct compat_cmsghdr)) + CMSG_COMPAT_ALIGN(len))
 114#define CMSG_COMPAT_LEN(len)                            \
 115        (CMSG_COMPAT_ALIGN(sizeof(struct compat_cmsghdr)) + (len))
 116
 117#define CMSG_COMPAT_FIRSTHDR(msg)                       \
 118        (((msg)->msg_controllen) >= sizeof(struct compat_cmsghdr) ?     \
 119         (struct compat_cmsghdr __user *)((msg)->msg_control) :         \
 120         (struct compat_cmsghdr __user *)NULL)
 121
 122#define CMSG_COMPAT_OK(ucmlen, ucmsg, mhdr) \
 123        ((ucmlen) >= sizeof(struct compat_cmsghdr) && \
 124         (ucmlen) <= (unsigned long) \
 125         ((mhdr)->msg_controllen - \
 126          ((char *)(ucmsg) - (char *)(mhdr)->msg_control)))
 127
 128static inline struct compat_cmsghdr __user *cmsg_compat_nxthdr(struct msghdr *msg,
 129                struct compat_cmsghdr __user *cmsg, int cmsg_len)
 130{
 131        char __user *ptr = (char __user *)cmsg + CMSG_COMPAT_ALIGN(cmsg_len);
 132        if ((unsigned long)(ptr + 1 - (char __user *)msg->msg_control) >
 133                        msg->msg_controllen)
 134                return NULL;
 135        return (struct compat_cmsghdr __user *)ptr;
 136}
 137
 138/* There is a lot of hair here because the alignment rules (and
 139 * thus placement) of cmsg headers and length are different for
 140 * 32-bit apps.  -DaveM
 141 */
 142int cmsghdr_from_user_compat_to_kern(struct msghdr *kmsg, struct sock *sk,
 143                               unsigned char *stackbuf, int stackbuf_size)
 144{
 145        struct compat_cmsghdr __user *ucmsg;
 146        struct cmsghdr *kcmsg, *kcmsg_base;
 147        compat_size_t ucmlen;
 148        __kernel_size_t kcmlen, tmp;
 149        int err = -EFAULT;
 150
 151        kcmlen = 0;
 152        kcmsg_base = kcmsg = (struct cmsghdr *)stackbuf;
 153        ucmsg = CMSG_COMPAT_FIRSTHDR(kmsg);
 154        while (ucmsg != NULL) {
 155                if (get_user(ucmlen, &ucmsg->cmsg_len))
 156                        return -EFAULT;
 157
 158                /* Catch bogons. */
 159                if (!CMSG_COMPAT_OK(ucmlen, ucmsg, kmsg))
 160                        return -EINVAL;
 161
 162                tmp = ((ucmlen - CMSG_COMPAT_ALIGN(sizeof(*ucmsg))) +
 163                       CMSG_ALIGN(sizeof(struct cmsghdr)));
 164                tmp = CMSG_ALIGN(tmp);
 165                kcmlen += tmp;
 166                ucmsg = cmsg_compat_nxthdr(kmsg, ucmsg, ucmlen);
 167        }
 168        if (kcmlen == 0)
 169                return -EINVAL;
 170
 171        /* The kcmlen holds the 64-bit version of the control length.
 172         * It may not be modified as we do not stick it into the kmsg
 173         * until we have successfully copied over all of the data
 174         * from the user.
 175         */
 176        if (kcmlen > stackbuf_size)
 177                kcmsg_base = kcmsg = sock_kmalloc(sk, kcmlen, GFP_KERNEL);
 178        if (kcmsg == NULL)
 179                return -ENOBUFS;
 180
 181        /* Now copy them over neatly. */
 182        memset(kcmsg, 0, kcmlen);
 183        ucmsg = CMSG_COMPAT_FIRSTHDR(kmsg);
 184        while (ucmsg != NULL) {
 185                if (__get_user(ucmlen, &ucmsg->cmsg_len))
 186                        goto Efault;
 187                if (!CMSG_COMPAT_OK(ucmlen, ucmsg, kmsg))
 188                        goto Einval;
 189                tmp = ((ucmlen - CMSG_COMPAT_ALIGN(sizeof(*ucmsg))) +
 190                       CMSG_ALIGN(sizeof(struct cmsghdr)));
 191                if ((char *)kcmsg_base + kcmlen - (char *)kcmsg < CMSG_ALIGN(tmp))
 192                        goto Einval;
 193                kcmsg->cmsg_len = tmp;
 194                tmp = CMSG_ALIGN(tmp);
 195                if (__get_user(kcmsg->cmsg_level, &ucmsg->cmsg_level) ||
 196                    __get_user(kcmsg->cmsg_type, &ucmsg->cmsg_type) ||
 197                    copy_from_user(CMSG_DATA(kcmsg),
 198                                   CMSG_COMPAT_DATA(ucmsg),
 199                                   (ucmlen - CMSG_COMPAT_ALIGN(sizeof(*ucmsg)))))
 200                        goto Efault;
 201
 202                /* Advance. */
 203                kcmsg = (struct cmsghdr *)((char *)kcmsg + tmp);
 204                ucmsg = cmsg_compat_nxthdr(kmsg, ucmsg, ucmlen);
 205        }
 206
 207        /* Ok, looks like we made it.  Hook it up and return success. */
 208        kmsg->msg_control = kcmsg_base;
 209        kmsg->msg_controllen = kcmlen;
 210        return 0;
 211
 212Einval:
 213        err = -EINVAL;
 214Efault:
 215        if (kcmsg_base != (struct cmsghdr *)stackbuf)
 216                sock_kfree_s(sk, kcmsg_base, kcmlen);
 217        return err;
 218}
 219
 220int put_cmsg_compat(struct msghdr *kmsg, int level, int type, int len, void *data)
 221{
 222        struct compat_cmsghdr __user *cm = (struct compat_cmsghdr __user *) kmsg->msg_control;
 223        struct compat_cmsghdr cmhdr;
 224        struct compat_timeval ctv;
 225        struct compat_timespec cts[3];
 226        int cmlen;
 227
 228        if (cm == NULL || kmsg->msg_controllen < sizeof(*cm)) {
 229                kmsg->msg_flags |= MSG_CTRUNC;
 230                return 0; /* XXX: return error? check spec. */
 231        }
 232
 233        if (!COMPAT_USE_64BIT_TIME) {
 234                if (level == SOL_SOCKET && type == SCM_TIMESTAMP) {
 235                        struct timeval *tv = (struct timeval *)data;
 236                        ctv.tv_sec = tv->tv_sec;
 237                        ctv.tv_usec = tv->tv_usec;
 238                        data = &ctv;
 239                        len = sizeof(ctv);
 240                }
 241                if (level == SOL_SOCKET &&
 242                    (type == SCM_TIMESTAMPNS || type == SCM_TIMESTAMPING)) {
 243                        int count = type == SCM_TIMESTAMPNS ? 1 : 3;
 244                        int i;
 245                        struct timespec *ts = (struct timespec *)data;
 246                        for (i = 0; i < count; i++) {
 247                                cts[i].tv_sec = ts[i].tv_sec;
 248                                cts[i].tv_nsec = ts[i].tv_nsec;
 249                        }
 250                        data = &cts;
 251                        len = sizeof(cts[0]) * count;
 252                }
 253        }
 254
 255        cmlen = CMSG_COMPAT_LEN(len);
 256        if (kmsg->msg_controllen < cmlen) {
 257                kmsg->msg_flags |= MSG_CTRUNC;
 258                cmlen = kmsg->msg_controllen;
 259        }
 260        cmhdr.cmsg_level = level;
 261        cmhdr.cmsg_type = type;
 262        cmhdr.cmsg_len = cmlen;
 263
 264        if (copy_to_user(cm, &cmhdr, sizeof cmhdr))
 265                return -EFAULT;
 266        if (copy_to_user(CMSG_COMPAT_DATA(cm), data, cmlen - sizeof(struct compat_cmsghdr)))
 267                return -EFAULT;
 268        cmlen = CMSG_COMPAT_SPACE(len);
 269        if (kmsg->msg_controllen < cmlen)
 270                cmlen = kmsg->msg_controllen;
 271        kmsg->msg_control += cmlen;
 272        kmsg->msg_controllen -= cmlen;
 273        return 0;
 274}
 275
 276void scm_detach_fds_compat(struct msghdr *kmsg, struct scm_cookie *scm)
 277{
 278        struct compat_cmsghdr __user *cm = (struct compat_cmsghdr __user *) kmsg->msg_control;
 279        int fdmax = (kmsg->msg_controllen - sizeof(struct compat_cmsghdr)) / sizeof(int);
 280        int fdnum = scm->fp->count;
 281        struct file **fp = scm->fp->fp;
 282        int __user *cmfptr;
 283        int err = 0, i;
 284
 285        if (fdnum < fdmax)
 286                fdmax = fdnum;
 287
 288        for (i = 0, cmfptr = (int __user *) CMSG_COMPAT_DATA(cm); i < fdmax; i++, cmfptr++) {
 289                int new_fd;
 290                err = security_file_receive(fp[i]);
 291                if (err)
 292                        break;
 293                err = get_unused_fd_flags(MSG_CMSG_CLOEXEC & kmsg->msg_flags
 294                                          ? O_CLOEXEC : 0);
 295                if (err < 0)
 296                        break;
 297                new_fd = err;
 298                err = put_user(new_fd, cmfptr);
 299                if (err) {
 300                        put_unused_fd(new_fd);
 301                        break;
 302                }
 303                /* Bump the usage count and install the file. */
 304                get_file(fp[i]);
 305                fd_install(new_fd, fp[i]);
 306        }
 307
 308        if (i > 0) {
 309                int cmlen = CMSG_COMPAT_LEN(i * sizeof(int));
 310                err = put_user(SOL_SOCKET, &cm->cmsg_level);
 311                if (!err)
 312                        err = put_user(SCM_RIGHTS, &cm->cmsg_type);
 313                if (!err)
 314                        err = put_user(cmlen, &cm->cmsg_len);
 315                if (!err) {
 316                        cmlen = CMSG_COMPAT_SPACE(i * sizeof(int));
 317                        kmsg->msg_control += cmlen;
 318                        kmsg->msg_controllen -= cmlen;
 319                }
 320        }
 321        if (i < fdnum)
 322                kmsg->msg_flags |= MSG_CTRUNC;
 323
 324        /*
 325         * All of the files that fit in the message have had their
 326         * usage counts incremented, so we just free the list.
 327         */
 328        __scm_destroy(scm);
 329}
 330
 331static int do_set_attach_filter(struct socket *sock, int level, int optname,
 332                                char __user *optval, unsigned int optlen)
 333{
 334        struct compat_sock_fprog __user *fprog32 = (struct compat_sock_fprog __user *)optval;
 335        struct sock_fprog __user *kfprog = compat_alloc_user_space(sizeof(struct sock_fprog));
 336        compat_uptr_t ptr;
 337        u16 len;
 338
 339        if (!access_ok(VERIFY_READ, fprog32, sizeof(*fprog32)) ||
 340            !access_ok(VERIFY_WRITE, kfprog, sizeof(struct sock_fprog)) ||
 341            __get_user(len, &fprog32->len) ||
 342            __get_user(ptr, &fprog32->filter) ||
 343            __put_user(len, &kfprog->len) ||
 344            __put_user(compat_ptr(ptr), &kfprog->filter))
 345                return -EFAULT;
 346
 347        return sock_setsockopt(sock, level, optname, (char __user *)kfprog,
 348                              sizeof(struct sock_fprog));
 349}
 350
 351static int do_set_sock_timeout(struct socket *sock, int level,
 352                int optname, char __user *optval, unsigned int optlen)
 353{
 354        struct compat_timeval __user *up = (struct compat_timeval __user *)optval;
 355        struct timeval ktime;
 356        mm_segment_t old_fs;
 357        int err;
 358
 359        if (optlen < sizeof(*up))
 360                return -EINVAL;
 361        if (!access_ok(VERIFY_READ, up, sizeof(*up)) ||
 362            __get_user(ktime.tv_sec, &up->tv_sec) ||
 363            __get_user(ktime.tv_usec, &up->tv_usec))
 364                return -EFAULT;
 365        old_fs = get_fs();
 366        set_fs(KERNEL_DS);
 367        err = sock_setsockopt(sock, level, optname, (char *)&ktime, sizeof(ktime));
 368        set_fs(old_fs);
 369
 370        return err;
 371}
 372
 373static int compat_sock_setsockopt(struct socket *sock, int level, int optname,
 374                                char __user *optval, unsigned int optlen)
 375{
 376        if (optname == SO_ATTACH_FILTER)
 377                return do_set_attach_filter(sock, level, optname,
 378                                            optval, optlen);
 379        if (optname == SO_RCVTIMEO || optname == SO_SNDTIMEO)
 380                return do_set_sock_timeout(sock, level, optname, optval, optlen);
 381
 382        return sock_setsockopt(sock, level, optname, optval, optlen);
 383}
 384
 385asmlinkage long compat_sys_setsockopt(int fd, int level, int optname,
 386                                char __user *optval, unsigned int optlen)
 387{
 388        int err;
 389        struct socket *sock = sockfd_lookup(fd, &err);
 390
 391        if (sock) {
 392                err = security_socket_setsockopt(sock, level, optname);
 393                if (err) {
 394                        sockfd_put(sock);
 395                        return err;
 396                }
 397
 398                if (level == SOL_SOCKET)
 399                        err = compat_sock_setsockopt(sock, level,
 400                                        optname, optval, optlen);
 401                else if (sock->ops->compat_setsockopt)
 402                        err = sock->ops->compat_setsockopt(sock, level,
 403                                        optname, optval, optlen);
 404                else
 405                        err = sock->ops->setsockopt(sock, level,
 406                                        optname, optval, optlen);
 407                sockfd_put(sock);
 408        }
 409        return err;
 410}
 411
 412static int do_get_sock_timeout(struct socket *sock, int level, int optname,
 413                char __user *optval, int __user *optlen)
 414{
 415        struct compat_timeval __user *up;
 416        struct timeval ktime;
 417        mm_segment_t old_fs;
 418        int len, err;
 419
 420        up = (struct compat_timeval __user *) optval;
 421        if (get_user(len, optlen))
 422                return -EFAULT;
 423        if (len < sizeof(*up))
 424                return -EINVAL;
 425        len = sizeof(ktime);
 426        old_fs = get_fs();
 427        set_fs(KERNEL_DS);
 428        err = sock_getsockopt(sock, level, optname, (char *) &ktime, &len);
 429        set_fs(old_fs);
 430
 431        if (!err) {
 432                if (put_user(sizeof(*up), optlen) ||
 433                    !access_ok(VERIFY_WRITE, up, sizeof(*up)) ||
 434                    __put_user(ktime.tv_sec, &up->tv_sec) ||
 435                    __put_user(ktime.tv_usec, &up->tv_usec))
 436                        err = -EFAULT;
 437        }
 438        return err;
 439}
 440
 441static int compat_sock_getsockopt(struct socket *sock, int level, int optname,
 442                                char __user *optval, int __user *optlen)
 443{
 444        if (optname == SO_RCVTIMEO || optname == SO_SNDTIMEO)
 445                return do_get_sock_timeout(sock, level, optname, optval, optlen);
 446        return sock_getsockopt(sock, level, optname, optval, optlen);
 447}
 448
 449int compat_sock_get_timestamp(struct sock *sk, struct timeval __user *userstamp)
 450{
 451        struct compat_timeval __user *ctv;
 452        int err;
 453        struct timeval tv;
 454
 455        if (COMPAT_USE_64BIT_TIME)
 456                return sock_get_timestamp(sk, userstamp);
 457
 458        ctv = (struct compat_timeval __user *) userstamp;
 459        err = -ENOENT;
 460        if (!sock_flag(sk, SOCK_TIMESTAMP))
 461                sock_enable_timestamp(sk, SOCK_TIMESTAMP);
 462        tv = ktime_to_timeval(sk->sk_stamp);
 463        if (tv.tv_sec == -1)
 464                return err;
 465        if (tv.tv_sec == 0) {
 466                sk->sk_stamp = ktime_get_real();
 467                tv = ktime_to_timeval(sk->sk_stamp);
 468        }
 469        err = 0;
 470        if (put_user(tv.tv_sec, &ctv->tv_sec) ||
 471                        put_user(tv.tv_usec, &ctv->tv_usec))
 472                err = -EFAULT;
 473        return err;
 474}
 475EXPORT_SYMBOL(compat_sock_get_timestamp);
 476
 477int compat_sock_get_timestampns(struct sock *sk, struct timespec __user *userstamp)
 478{
 479        struct compat_timespec __user *ctv;
 480        int err;
 481        struct timespec ts;
 482
 483        if (COMPAT_USE_64BIT_TIME)
 484                return sock_get_timestampns (sk, userstamp);
 485
 486        ctv = (struct compat_timespec __user *) userstamp;
 487        err = -ENOENT;
 488        if (!sock_flag(sk, SOCK_TIMESTAMP))
 489                sock_enable_timestamp(sk, SOCK_TIMESTAMP);
 490        ts = ktime_to_timespec(sk->sk_stamp);
 491        if (ts.tv_sec == -1)
 492                return err;
 493        if (ts.tv_sec == 0) {
 494                sk->sk_stamp = ktime_get_real();
 495                ts = ktime_to_timespec(sk->sk_stamp);
 496        }
 497        err = 0;
 498        if (put_user(ts.tv_sec, &ctv->tv_sec) ||
 499                        put_user(ts.tv_nsec, &ctv->tv_nsec))
 500                err = -EFAULT;
 501        return err;
 502}
 503EXPORT_SYMBOL(compat_sock_get_timestampns);
 504
 505asmlinkage long compat_sys_getsockopt(int fd, int level, int optname,
 506                                char __user *optval, int __user *optlen)
 507{
 508        int err;
 509        struct socket *sock = sockfd_lookup(fd, &err);
 510
 511        if (sock) {
 512                err = security_socket_getsockopt(sock, level, optname);
 513                if (err) {
 514                        sockfd_put(sock);
 515                        return err;
 516                }
 517
 518                if (level == SOL_SOCKET)
 519                        err = compat_sock_getsockopt(sock, level,
 520                                        optname, optval, optlen);
 521                else if (sock->ops->compat_getsockopt)
 522                        err = sock->ops->compat_getsockopt(sock, level,
 523                                        optname, optval, optlen);
 524                else
 525                        err = sock->ops->getsockopt(sock, level,
 526                                        optname, optval, optlen);
 527                sockfd_put(sock);
 528        }
 529        return err;
 530}
 531
 532struct compat_group_req {
 533        __u32                            gr_interface;
 534        struct __kernel_sockaddr_storage gr_group
 535                __attribute__ ((aligned(4)));
 536} __packed;
 537
 538struct compat_group_source_req {
 539        __u32                            gsr_interface;
 540        struct __kernel_sockaddr_storage gsr_group
 541                __attribute__ ((aligned(4)));
 542        struct __kernel_sockaddr_storage gsr_source
 543                __attribute__ ((aligned(4)));
 544} __packed;
 545
 546struct compat_group_filter {
 547        __u32                            gf_interface;
 548        struct __kernel_sockaddr_storage gf_group
 549                __attribute__ ((aligned(4)));
 550        __u32                            gf_fmode;
 551        __u32                            gf_numsrc;
 552        struct __kernel_sockaddr_storage gf_slist[1]
 553                __attribute__ ((aligned(4)));
 554} __packed;
 555
 556#define __COMPAT_GF0_SIZE (sizeof(struct compat_group_filter) - \
 557                        sizeof(struct __kernel_sockaddr_storage))
 558
 559
 560int compat_mc_setsockopt(struct sock *sock, int level, int optname,
 561        char __user *optval, unsigned int optlen,
 562        int (*setsockopt)(struct sock *, int, int, char __user *, unsigned int))
 563{
 564        char __user     *koptval = optval;
 565        int             koptlen = optlen;
 566
 567        switch (optname) {
 568        case MCAST_JOIN_GROUP:
 569        case MCAST_LEAVE_GROUP:
 570        {
 571                struct compat_group_req __user *gr32 = (void *)optval;
 572                struct group_req __user *kgr =
 573                        compat_alloc_user_space(sizeof(struct group_req));
 574                u32 interface;
 575
 576                if (!access_ok(VERIFY_READ, gr32, sizeof(*gr32)) ||
 577                    !access_ok(VERIFY_WRITE, kgr, sizeof(struct group_req)) ||
 578                    __get_user(interface, &gr32->gr_interface) ||
 579                    __put_user(interface, &kgr->gr_interface) ||
 580                    copy_in_user(&kgr->gr_group, &gr32->gr_group,
 581                                sizeof(kgr->gr_group)))
 582                        return -EFAULT;
 583                koptval = (char __user *)kgr;
 584                koptlen = sizeof(struct group_req);
 585                break;
 586        }
 587        case MCAST_JOIN_SOURCE_GROUP:
 588        case MCAST_LEAVE_SOURCE_GROUP:
 589        case MCAST_BLOCK_SOURCE:
 590        case MCAST_UNBLOCK_SOURCE:
 591        {
 592                struct compat_group_source_req __user *gsr32 = (void *)optval;
 593                struct group_source_req __user *kgsr = compat_alloc_user_space(
 594                        sizeof(struct group_source_req));
 595                u32 interface;
 596
 597                if (!access_ok(VERIFY_READ, gsr32, sizeof(*gsr32)) ||
 598                    !access_ok(VERIFY_WRITE, kgsr,
 599                        sizeof(struct group_source_req)) ||
 600                    __get_user(interface, &gsr32->gsr_interface) ||
 601                    __put_user(interface, &kgsr->gsr_interface) ||
 602                    copy_in_user(&kgsr->gsr_group, &gsr32->gsr_group,
 603                                sizeof(kgsr->gsr_group)) ||
 604                    copy_in_user(&kgsr->gsr_source, &gsr32->gsr_source,
 605                                sizeof(kgsr->gsr_source)))
 606                        return -EFAULT;
 607                koptval = (char __user *)kgsr;
 608                koptlen = sizeof(struct group_source_req);
 609                break;
 610        }
 611        case MCAST_MSFILTER:
 612        {
 613                struct compat_group_filter __user *gf32 = (void *)optval;
 614                struct group_filter __user *kgf;
 615                u32 interface, fmode, numsrc;
 616
 617                if (!access_ok(VERIFY_READ, gf32, __COMPAT_GF0_SIZE) ||
 618                    __get_user(interface, &gf32->gf_interface) ||
 619                    __get_user(fmode, &gf32->gf_fmode) ||
 620                    __get_user(numsrc, &gf32->gf_numsrc))
 621                        return -EFAULT;
 622                koptlen = optlen + sizeof(struct group_filter) -
 623                                sizeof(struct compat_group_filter);
 624                if (koptlen < GROUP_FILTER_SIZE(numsrc))
 625                        return -EINVAL;
 626                kgf = compat_alloc_user_space(koptlen);
 627                if (!access_ok(VERIFY_WRITE, kgf, koptlen) ||
 628                    __put_user(interface, &kgf->gf_interface) ||
 629                    __put_user(fmode, &kgf->gf_fmode) ||
 630                    __put_user(numsrc, &kgf->gf_numsrc) ||
 631                    copy_in_user(&kgf->gf_group, &gf32->gf_group,
 632                                sizeof(kgf->gf_group)) ||
 633                    (numsrc && copy_in_user(kgf->gf_slist, gf32->gf_slist,
 634                                numsrc * sizeof(kgf->gf_slist[0]))))
 635                        return -EFAULT;
 636                koptval = (char __user *)kgf;
 637                break;
 638        }
 639
 640        default:
 641                break;
 642        }
 643        return setsockopt(sock, level, optname, koptval, koptlen);
 644}
 645EXPORT_SYMBOL(compat_mc_setsockopt);
 646
 647int compat_mc_getsockopt(struct sock *sock, int level, int optname,
 648        char __user *optval, int __user *optlen,
 649        int (*getsockopt)(struct sock *, int, int, char __user *, int __user *))
 650{
 651        struct compat_group_filter __user *gf32 = (void *)optval;
 652        struct group_filter __user *kgf;
 653        int __user      *koptlen;
 654        u32 interface, fmode, numsrc;
 655        int klen, ulen, err;
 656
 657        if (optname != MCAST_MSFILTER)
 658                return getsockopt(sock, level, optname, optval, optlen);
 659
 660        koptlen = compat_alloc_user_space(sizeof(*koptlen));
 661        if (!access_ok(VERIFY_READ, optlen, sizeof(*optlen)) ||
 662            __get_user(ulen, optlen))
 663                return -EFAULT;
 664
 665        /* adjust len for pad */
 666        klen = ulen + sizeof(*kgf) - sizeof(*gf32);
 667
 668        if (klen < GROUP_FILTER_SIZE(0))
 669                return -EINVAL;
 670
 671        if (!access_ok(VERIFY_WRITE, koptlen, sizeof(*koptlen)) ||
 672            __put_user(klen, koptlen))
 673                return -EFAULT;
 674
 675        /* have to allow space for previous compat_alloc_user_space, too */
 676        kgf = compat_alloc_user_space(klen+sizeof(*optlen));
 677
 678        if (!access_ok(VERIFY_READ, gf32, __COMPAT_GF0_SIZE) ||
 679            __get_user(interface, &gf32->gf_interface) ||
 680            __get_user(fmode, &gf32->gf_fmode) ||
 681            __get_user(numsrc, &gf32->gf_numsrc) ||
 682            __put_user(interface, &kgf->gf_interface) ||
 683            __put_user(fmode, &kgf->gf_fmode) ||
 684            __put_user(numsrc, &kgf->gf_numsrc) ||
 685            copy_in_user(&kgf->gf_group, &gf32->gf_group, sizeof(kgf->gf_group)))
 686                return -EFAULT;
 687
 688        err = getsockopt(sock, level, optname, (char __user *)kgf, koptlen);
 689        if (err)
 690                return err;
 691
 692        if (!access_ok(VERIFY_READ, koptlen, sizeof(*koptlen)) ||
 693            __get_user(klen, koptlen))
 694                return -EFAULT;
 695
 696        ulen = klen - (sizeof(*kgf)-sizeof(*gf32));
 697
 698        if (!access_ok(VERIFY_WRITE, optlen, sizeof(*optlen)) ||
 699            __put_user(ulen, optlen))
 700                return -EFAULT;
 701
 702        if (!access_ok(VERIFY_READ, kgf, klen) ||
 703            !access_ok(VERIFY_WRITE, gf32, ulen) ||
 704            __get_user(interface, &kgf->gf_interface) ||
 705            __get_user(fmode, &kgf->gf_fmode) ||
 706            __get_user(numsrc, &kgf->gf_numsrc) ||
 707            __put_user(interface, &gf32->gf_interface) ||
 708            __put_user(fmode, &gf32->gf_fmode) ||
 709            __put_user(numsrc, &gf32->gf_numsrc))
 710                return -EFAULT;
 711        if (numsrc) {
 712                int copylen;
 713
 714                klen -= GROUP_FILTER_SIZE(0);
 715                copylen = numsrc * sizeof(gf32->gf_slist[0]);
 716                if (copylen > klen)
 717                        copylen = klen;
 718                if (copy_in_user(gf32->gf_slist, kgf->gf_slist, copylen))
 719                        return -EFAULT;
 720        }
 721        return err;
 722}
 723EXPORT_SYMBOL(compat_mc_getsockopt);
 724
 725
 726/* Argument list sizes for compat_sys_socketcall */
 727#define AL(x) ((x) * sizeof(u32))
 728static unsigned char nas[21] = {
 729        AL(0), AL(3), AL(3), AL(3), AL(2), AL(3),
 730        AL(3), AL(3), AL(4), AL(4), AL(4), AL(6),
 731        AL(6), AL(2), AL(5), AL(5), AL(3), AL(3),
 732        AL(4), AL(5), AL(4)
 733};
 734#undef AL
 735
 736asmlinkage long compat_sys_sendmsg(int fd, struct compat_msghdr __user *msg, unsigned int flags)
 737{
 738        return sys_sendmsg(fd, (struct msghdr __user *)msg, flags | MSG_CMSG_COMPAT);
 739}
 740
 741asmlinkage long compat_sys_sendmmsg(int fd, struct compat_mmsghdr __user *mmsg,
 742                                    unsigned int vlen, unsigned int flags)
 743{
 744        return __sys_sendmmsg(fd, (struct mmsghdr __user *)mmsg, vlen,
 745                              flags | MSG_CMSG_COMPAT);
 746}
 747
 748asmlinkage long compat_sys_recvmsg(int fd, struct compat_msghdr __user *msg, unsigned int flags)
 749{
 750        return sys_recvmsg(fd, (struct msghdr __user *)msg, flags | MSG_CMSG_COMPAT);
 751}
 752
 753asmlinkage long compat_sys_recv(int fd, void __user *buf, size_t len, unsigned int flags)
 754{
 755        return sys_recv(fd, buf, len, flags | MSG_CMSG_COMPAT);
 756}
 757
 758asmlinkage long compat_sys_recvfrom(int fd, void __user *buf, size_t len,
 759                                    unsigned int flags, struct sockaddr __user *addr,
 760                                    int __user *addrlen)
 761{
 762        return sys_recvfrom(fd, buf, len, flags | MSG_CMSG_COMPAT, addr, addrlen);
 763}
 764
 765asmlinkage long compat_sys_recvmmsg(int fd, struct compat_mmsghdr __user *mmsg,
 766                                    unsigned int vlen, unsigned int flags,
 767                                    struct compat_timespec __user *timeout)
 768{
 769        int datagrams;
 770        struct timespec ktspec;
 771
 772        if (COMPAT_USE_64BIT_TIME)
 773                return __sys_recvmmsg(fd, (struct mmsghdr __user *)mmsg, vlen,
 774                                      flags | MSG_CMSG_COMPAT,
 775                                      (struct timespec *) timeout);
 776
 777        if (timeout == NULL)
 778                return __sys_recvmmsg(fd, (struct mmsghdr __user *)mmsg, vlen,
 779                                      flags | MSG_CMSG_COMPAT, NULL);
 780
 781        if (get_compat_timespec(&ktspec, timeout))
 782                return -EFAULT;
 783
 784        datagrams = __sys_recvmmsg(fd, (struct mmsghdr __user *)mmsg, vlen,
 785                                   flags | MSG_CMSG_COMPAT, &ktspec);
 786        if (datagrams > 0 && put_compat_timespec(&ktspec, timeout))
 787                datagrams = -EFAULT;
 788
 789        return datagrams;
 790}
 791
 792asmlinkage long compat_sys_socketcall(int call, u32 __user *args)
 793{
 794        int ret;
 795        u32 a[6];
 796        u32 a0, a1;
 797
 798        if (call < SYS_SOCKET || call > SYS_SENDMMSG)
 799                return -EINVAL;
 800        if (copy_from_user(a, args, nas[call]))
 801                return -EFAULT;
 802        a0 = a[0];
 803        a1 = a[1];
 804
 805        switch (call) {
 806        case SYS_SOCKET:
 807                ret = sys_socket(a0, a1, a[2]);
 808                break;
 809        case SYS_BIND:
 810                ret = sys_bind(a0, compat_ptr(a1), a[2]);
 811                break;
 812        case SYS_CONNECT:
 813                ret = sys_connect(a0, compat_ptr(a1), a[2]);
 814                break;
 815        case SYS_LISTEN:
 816                ret = sys_listen(a0, a1);
 817                break;
 818        case SYS_ACCEPT:
 819                ret = sys_accept4(a0, compat_ptr(a1), compat_ptr(a[2]), 0);
 820                break;
 821        case SYS_GETSOCKNAME:
 822                ret = sys_getsockname(a0, compat_ptr(a1), compat_ptr(a[2]));
 823                break;
 824        case SYS_GETPEERNAME:
 825                ret = sys_getpeername(a0, compat_ptr(a1), compat_ptr(a[2]));
 826                break;
 827        case SYS_SOCKETPAIR:
 828                ret = sys_socketpair(a0, a1, a[2], compat_ptr(a[3]));
 829                break;
 830        case SYS_SEND:
 831                ret = sys_send(a0, compat_ptr(a1), a[2], a[3]);
 832                break;
 833        case SYS_SENDTO:
 834                ret = sys_sendto(a0, compat_ptr(a1), a[2], a[3], compat_ptr(a[4]), a[5]);
 835                break;
 836        case SYS_RECV:
 837                ret = compat_sys_recv(a0, compat_ptr(a1), a[2], a[3]);
 838                break;
 839        case SYS_RECVFROM:
 840                ret = compat_sys_recvfrom(a0, compat_ptr(a1), a[2], a[3],
 841                                          compat_ptr(a[4]), compat_ptr(a[5]));
 842                break;
 843        case SYS_SHUTDOWN:
 844                ret = sys_shutdown(a0, a1);
 845                break;
 846        case SYS_SETSOCKOPT:
 847                ret = compat_sys_setsockopt(a0, a1, a[2],
 848                                compat_ptr(a[3]), a[4]);
 849                break;
 850        case SYS_GETSOCKOPT:
 851                ret = compat_sys_getsockopt(a0, a1, a[2],
 852                                compat_ptr(a[3]), compat_ptr(a[4]));
 853                break;
 854        case SYS_SENDMSG:
 855                ret = compat_sys_sendmsg(a0, compat_ptr(a1), a[2]);
 856                break;
 857        case SYS_SENDMMSG:
 858                ret = compat_sys_sendmmsg(a0, compat_ptr(a1), a[2], a[3]);
 859                break;
 860        case SYS_RECVMSG:
 861                ret = compat_sys_recvmsg(a0, compat_ptr(a1), a[2]);
 862                break;
 863        case SYS_RECVMMSG:
 864                ret = compat_sys_recvmmsg(a0, compat_ptr(a1), a[2], a[3],
 865                                          compat_ptr(a[4]));
 866                break;
 867        case SYS_ACCEPT4:
 868                ret = sys_accept4(a0, compat_ptr(a1), compat_ptr(a[2]), a[3]);
 869                break;
 870        default:
 871                ret = -EINVAL;
 872                break;
 873        }
 874        return ret;
 875}
 876
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.