linux/net/ipv6/ipv6_sockglue.c
<<
>>
Prefs
   1/*
   2 *      IPv6 BSD socket options interface
   3 *      Linux INET6 implementation
   4 *
   5 *      Authors:
   6 *      Pedro Roque             <roque@di.fc.ul.pt>
   7 *
   8 *      Based on linux/net/ipv4/ip_sockglue.c
   9 *
  10 *      This program is free software; you can redistribute it and/or
  11 *      modify it under the terms of the GNU General Public License
  12 *      as published by the Free Software Foundation; either version
  13 *      2 of the License, or (at your option) any later version.
  14 *
  15 *      FIXME: Make the setsockopt code POSIX compliant: That is
  16 *
  17 *      o       Truncate getsockopt returns
  18 *      o       Return an optlen of the truncated length if need be
  19 *
  20 *      Changes:
  21 *      David L Stevens <dlstevens@us.ibm.com>:
  22 *              - added multicast source filtering API for MLDv2
  23 */
  24
  25#include <linux/module.h>
  26#include <linux/capability.h>
  27#include <linux/errno.h>
  28#include <linux/types.h>
  29#include <linux/socket.h>
  30#include <linux/sockios.h>
  31#include <linux/net.h>
  32#include <linux/in6.h>
  33#include <linux/mroute6.h>
  34#include <linux/netdevice.h>
  35#include <linux/if_arp.h>
  36#include <linux/init.h>
  37#include <linux/sysctl.h>
  38#include <linux/netfilter.h>
  39#include <linux/slab.h>
  40
  41#include <net/sock.h>
  42#include <net/snmp.h>
  43#include <net/ipv6.h>
  44#include <net/ndisc.h>
  45#include <net/protocol.h>
  46#include <net/transp_v6.h>
  47#include <net/ip6_route.h>
  48#include <net/addrconf.h>
  49#include <net/inet_common.h>
  50#include <net/tcp.h>
  51#include <net/udp.h>
  52#include <net/udplite.h>
  53#include <net/xfrm.h>
  54#include <net/compat.h>
  55
  56#include <asm/uaccess.h>
  57
  58struct ip6_ra_chain *ip6_ra_chain;
  59DEFINE_RWLOCK(ip6_ra_lock);
  60
  61int ip6_ra_control(struct sock *sk, int sel)
  62{
  63        struct ip6_ra_chain *ra, *new_ra, **rap;
  64
  65        /* RA packet may be delivered ONLY to IPPROTO_RAW socket */
  66        if (sk->sk_type != SOCK_RAW || inet_sk(sk)->inet_num != IPPROTO_RAW)
  67                return -ENOPROTOOPT;
  68
  69        new_ra = (sel>=0) ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL;
  70
  71        write_lock_bh(&ip6_ra_lock);
  72        for (rap = &ip6_ra_chain; (ra=*rap) != NULL; rap = &ra->next) {
  73                if (ra->sk == sk) {
  74                        if (sel>=0) {
  75                                write_unlock_bh(&ip6_ra_lock);
  76                                kfree(new_ra);
  77                                return -EADDRINUSE;
  78                        }
  79
  80                        *rap = ra->next;
  81                        write_unlock_bh(&ip6_ra_lock);
  82
  83                        sock_put(sk);
  84                        kfree(ra);
  85                        return 0;
  86                }
  87        }
  88        if (new_ra == NULL) {
  89                write_unlock_bh(&ip6_ra_lock);
  90                return -ENOBUFS;
  91        }
  92        new_ra->sk = sk;
  93        new_ra->sel = sel;
  94        new_ra->next = ra;
  95        *rap = new_ra;
  96        sock_hold(sk);
  97        write_unlock_bh(&ip6_ra_lock);
  98        return 0;
  99}
 100
 101static
 102struct ipv6_txoptions *ipv6_update_options(struct sock *sk,
 103                                           struct ipv6_txoptions *opt)
 104{
 105        if (inet_sk(sk)->is_icsk) {
 106                if (opt &&
 107                    !((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) &&
 108                    inet_sk(sk)->inet_daddr != LOOPBACK4_IPV6) {
 109                        struct inet_connection_sock *icsk = inet_csk(sk);
 110                        icsk->icsk_ext_hdr_len = opt->opt_flen + opt->opt_nflen;
 111                        icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie);
 112                }
 113                opt = xchg(&inet6_sk(sk)->opt, opt);
 114        } else {
 115                spin_lock(&sk->sk_dst_lock);
 116                opt = xchg(&inet6_sk(sk)->opt, opt);
 117                spin_unlock(&sk->sk_dst_lock);
 118        }
 119        sk_dst_reset(sk);
 120
 121        return opt;
 122}
 123
 124static int do_ipv6_setsockopt(struct sock *sk, int level, int optname,
 125                    char __user *optval, unsigned int optlen)
 126{
 127        struct ipv6_pinfo *np = inet6_sk(sk);
 128        struct net *net = sock_net(sk);
 129        int val, valbool;
 130        int retv = -ENOPROTOOPT;
 131
 132        if (optval == NULL)
 133                val=0;
 134        else {
 135                if (optlen >= sizeof(int)) {
 136                        if (get_user(val, (int __user *) optval))
 137                                return -EFAULT;
 138                } else
 139                        val = 0;
 140        }
 141
 142        valbool = (val!=0);
 143
 144        if (ip6_mroute_opt(optname))
 145                return ip6_mroute_setsockopt(sk, optname, optval, optlen);
 146
 147        lock_sock(sk);
 148
 149        switch (optname) {
 150
 151        case IPV6_ADDRFORM:
 152                if (optlen < sizeof(int))
 153                        goto e_inval;
 154                if (val == PF_INET) {
 155                        struct ipv6_txoptions *opt;
 156                        struct sk_buff *pktopt;
 157
 158                        if (sk->sk_type == SOCK_RAW)
 159                                break;
 160
 161                        if (sk->sk_protocol == IPPROTO_UDP ||
 162                            sk->sk_protocol == IPPROTO_UDPLITE) {
 163                                struct udp_sock *up = udp_sk(sk);
 164                                if (up->pending == AF_INET6) {
 165                                        retv = -EBUSY;
 166                                        break;
 167                                }
 168                        } else if (sk->sk_protocol != IPPROTO_TCP)
 169                                break;
 170
 171                        if (sk->sk_state != TCP_ESTABLISHED) {
 172                                retv = -ENOTCONN;
 173                                break;
 174                        }
 175
 176                        if (ipv6_only_sock(sk) ||
 177                            !ipv6_addr_v4mapped(&np->daddr)) {
 178                                retv = -EADDRNOTAVAIL;
 179                                break;
 180                        }
 181
 182                        fl6_free_socklist(sk);
 183                        ipv6_sock_mc_close(sk);
 184
 185                        /*
 186                         * Sock is moving from IPv6 to IPv4 (sk_prot), so
 187                         * remove it from the refcnt debug socks count in the
 188                         * original family...
 189                         */
 190                        sk_refcnt_debug_dec(sk);
 191
 192                        if (sk->sk_protocol == IPPROTO_TCP) {
 193                                struct inet_connection_sock *icsk = inet_csk(sk);
 194                                local_bh_disable();
 195                                sock_prot_inuse_add(net, sk->sk_prot, -1);
 196                                sock_prot_inuse_add(net, &tcp_prot, 1);
 197                                local_bh_enable();
 198                                sk->sk_prot = &tcp_prot;
 199                                icsk->icsk_af_ops = &ipv4_specific;
 200                                sk->sk_socket->ops = &inet_stream_ops;
 201                                sk->sk_family = PF_INET;
 202                                tcp_sync_mss(sk, icsk->icsk_pmtu_cookie);
 203                        } else {
 204                                struct proto *prot = &udp_prot;
 205
 206                                if (sk->sk_protocol == IPPROTO_UDPLITE)
 207                                        prot = &udplite_prot;
 208                                local_bh_disable();
 209                                sock_prot_inuse_add(net, sk->sk_prot, -1);
 210                                sock_prot_inuse_add(net, prot, 1);
 211                                local_bh_enable();
 212                                sk->sk_prot = prot;
 213                                sk->sk_socket->ops = &inet_dgram_ops;
 214                                sk->sk_family = PF_INET;
 215                        }
 216                        opt = xchg(&np->opt, NULL);
 217                        if (opt)
 218                                sock_kfree_s(sk, opt, opt->tot_len);
 219                        pktopt = xchg(&np->pktoptions, NULL);
 220                        kfree_skb(pktopt);
 221
 222                        sk->sk_destruct = inet_sock_destruct;
 223                        /*
 224                         * ... and add it to the refcnt debug socks count
 225                         * in the new family. -acme
 226                         */
 227                        sk_refcnt_debug_inc(sk);
 228                        module_put(THIS_MODULE);
 229                        retv = 0;
 230                        break;
 231                }
 232                goto e_inval;
 233
 234        case IPV6_V6ONLY:
 235                if (optlen < sizeof(int) ||
 236                    inet_sk(sk)->inet_num)
 237                        goto e_inval;
 238                np->ipv6only = valbool;
 239                retv = 0;
 240                break;
 241
 242        case IPV6_RECVPKTINFO:
 243                if (optlen < sizeof(int))
 244                        goto e_inval;
 245                np->rxopt.bits.rxinfo = valbool;
 246                retv = 0;
 247                break;
 248
 249        case IPV6_2292PKTINFO:
 250                if (optlen < sizeof(int))
 251                        goto e_inval;
 252                np->rxopt.bits.rxoinfo = valbool;
 253                retv = 0;
 254                break;
 255
 256        case IPV6_RECVHOPLIMIT:
 257                if (optlen < sizeof(int))
 258                        goto e_inval;
 259                np->rxopt.bits.rxhlim = valbool;
 260                retv = 0;
 261                break;
 262
 263        case IPV6_2292HOPLIMIT:
 264                if (optlen < sizeof(int))
 265                        goto e_inval;
 266                np->rxopt.bits.rxohlim = valbool;
 267                retv = 0;
 268                break;
 269
 270        case IPV6_RECVRTHDR:
 271                if (optlen < sizeof(int))
 272                        goto e_inval;
 273                np->rxopt.bits.srcrt = valbool;
 274                retv = 0;
 275                break;
 276
 277        case IPV6_2292RTHDR:
 278                if (optlen < sizeof(int))
 279                        goto e_inval;
 280                np->rxopt.bits.osrcrt = valbool;
 281                retv = 0;
 282                break;
 283
 284        case IPV6_RECVHOPOPTS:
 285                if (optlen < sizeof(int))
 286                        goto e_inval;
 287                np->rxopt.bits.hopopts = valbool;
 288                retv = 0;
 289                break;
 290
 291        case IPV6_2292HOPOPTS:
 292                if (optlen < sizeof(int))
 293                        goto e_inval;
 294                np->rxopt.bits.ohopopts = valbool;
 295                retv = 0;
 296                break;
 297
 298        case IPV6_RECVDSTOPTS:
 299                if (optlen < sizeof(int))
 300                        goto e_inval;
 301                np->rxopt.bits.dstopts = valbool;
 302                retv = 0;
 303                break;
 304
 305        case IPV6_2292DSTOPTS:
 306                if (optlen < sizeof(int))
 307                        goto e_inval;
 308                np->rxopt.bits.odstopts = valbool;
 309                retv = 0;
 310                break;
 311
 312        case IPV6_TCLASS:
 313                if (optlen < sizeof(int))
 314                        goto e_inval;
 315                if (val < -1 || val > 0xff)
 316                        goto e_inval;
 317                /* RFC 3542, 6.5: default traffic class of 0x0 */
 318                if (val == -1)
 319                        val = 0;
 320                np->tclass = val;
 321                retv = 0;
 322                break;
 323
 324        case IPV6_RECVTCLASS:
 325                if (optlen < sizeof(int))
 326                        goto e_inval;
 327                np->rxopt.bits.rxtclass = valbool;
 328                retv = 0;
 329                break;
 330
 331        case IPV6_FLOWINFO:
 332                if (optlen < sizeof(int))
 333                        goto e_inval;
 334                np->rxopt.bits.rxflow = valbool;
 335                retv = 0;
 336                break;
 337
 338        case IPV6_RECVPATHMTU:
 339                if (optlen < sizeof(int))
 340                        goto e_inval;
 341                np->rxopt.bits.rxpmtu = valbool;
 342                retv = 0;
 343                break;
 344
 345        case IPV6_TRANSPARENT:
 346                if (valbool && !capable(CAP_NET_ADMIN) && !capable(CAP_NET_RAW)) {
 347                        retv = -EPERM;
 348                        break;
 349                }
 350                if (optlen < sizeof(int))
 351                        goto e_inval;
 352                /* we don't have a separate transparent bit for IPV6 we use the one in the IPv4 socket */
 353                inet_sk(sk)->transparent = valbool;
 354                retv = 0;
 355                break;
 356
 357        case IPV6_RECVORIGDSTADDR:
 358                if (optlen < sizeof(int))
 359                        goto e_inval;
 360                np->rxopt.bits.rxorigdstaddr = valbool;
 361                retv = 0;
 362                break;
 363
 364        case IPV6_HOPOPTS:
 365        case IPV6_RTHDRDSTOPTS:
 366        case IPV6_RTHDR:
 367        case IPV6_DSTOPTS:
 368        {
 369                struct ipv6_txoptions *opt;
 370
 371                /* remove any sticky options header with a zero option
 372                 * length, per RFC3542.
 373                 */
 374                if (optlen == 0)
 375                        optval = NULL;
 376                else if (optval == NULL)
 377                        goto e_inval;
 378                else if (optlen < sizeof(struct ipv6_opt_hdr) ||
 379                         optlen & 0x7 || optlen > 8 * 255)
 380                        goto e_inval;
 381
 382                /* hop-by-hop / destination options are privileged option */
 383                retv = -EPERM;
 384                if (optname != IPV6_RTHDR && !capable(CAP_NET_RAW))
 385                        break;
 386
 387                opt = ipv6_renew_options(sk, np->opt, optname,
 388                                         (struct ipv6_opt_hdr __user *)optval,
 389                                         optlen);
 390                if (IS_ERR(opt)) {
 391                        retv = PTR_ERR(opt);
 392                        break;
 393                }
 394
 395                /* routing header option needs extra check */
 396                retv = -EINVAL;
 397                if (optname == IPV6_RTHDR && opt && opt->srcrt) {
 398                        struct ipv6_rt_hdr *rthdr = opt->srcrt;
 399                        switch (rthdr->type) {
 400#if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE)
 401                        case IPV6_SRCRT_TYPE_2:
 402                                if (rthdr->hdrlen != 2 ||
 403                                    rthdr->segments_left != 1)
 404                                        goto sticky_done;
 405
 406                                break;
 407#endif
 408                        default:
 409                                goto sticky_done;
 410                        }
 411                }
 412
 413                retv = 0;
 414                opt = ipv6_update_options(sk, opt);
 415sticky_done:
 416                if (opt)
 417                        sock_kfree_s(sk, opt, opt->tot_len);
 418                break;
 419        }
 420
 421        case IPV6_PKTINFO:
 422        {
 423                struct in6_pktinfo pkt;
 424
 425                if (optlen == 0)
 426                        goto e_inval;
 427                else if (optlen < sizeof(struct in6_pktinfo) || optval == NULL)
 428                        goto e_inval;
 429
 430                if (copy_from_user(&pkt, optval, sizeof(struct in6_pktinfo))) {
 431                                retv = -EFAULT;
 432                                break;
 433                }
 434                if (sk->sk_bound_dev_if && pkt.ipi6_ifindex != sk->sk_bound_dev_if)
 435                        goto e_inval;
 436
 437                np->sticky_pktinfo.ipi6_ifindex = pkt.ipi6_ifindex;
 438                np->sticky_pktinfo.ipi6_addr = pkt.ipi6_addr;
 439                retv = 0;
 440                break;
 441        }
 442
 443        case IPV6_2292PKTOPTIONS:
 444        {
 445                struct ipv6_txoptions *opt = NULL;
 446                struct msghdr msg;
 447                struct flowi6 fl6;
 448                int junk;
 449
 450                memset(&fl6, 0, sizeof(fl6));
 451                fl6.flowi6_oif = sk->sk_bound_dev_if;
 452                fl6.flowi6_mark = sk->sk_mark;
 453
 454                if (optlen == 0)
 455                        goto update;
 456
 457                /* 1K is probably excessive
 458                 * 1K is surely not enough, 2K per standard header is 16K.
 459                 */
 460                retv = -EINVAL;
 461                if (optlen > 64*1024)
 462                        break;
 463
 464                opt = sock_kmalloc(sk, sizeof(*opt) + optlen, GFP_KERNEL);
 465                retv = -ENOBUFS;
 466                if (opt == NULL)
 467                        break;
 468
 469                memset(opt, 0, sizeof(*opt));
 470                opt->tot_len = sizeof(*opt) + optlen;
 471                retv = -EFAULT;
 472                if (copy_from_user(opt+1, optval, optlen))
 473                        goto done;
 474
 475                msg.msg_controllen = optlen;
 476                msg.msg_control = (void*)(opt+1);
 477
 478                retv = datagram_send_ctl(net, sk, &msg, &fl6, opt, &junk, &junk,
 479                                         &junk);
 480                if (retv)
 481                        goto done;
 482update:
 483                retv = 0;
 484                opt = ipv6_update_options(sk, opt);
 485done:
 486                if (opt)
 487                        sock_kfree_s(sk, opt, opt->tot_len);
 488                break;
 489        }
 490        case IPV6_UNICAST_HOPS:
 491                if (optlen < sizeof(int))
 492                        goto e_inval;
 493                if (val > 255 || val < -1)
 494                        goto e_inval;
 495                np->hop_limit = val;
 496                retv = 0;
 497                break;
 498
 499        case IPV6_MULTICAST_HOPS:
 500                if (sk->sk_type == SOCK_STREAM)
 501                        break;
 502                if (optlen < sizeof(int))
 503                        goto e_inval;
 504                if (val > 255 || val < -1)
 505                        goto e_inval;
 506                np->mcast_hops = (val == -1 ? IPV6_DEFAULT_MCASTHOPS : val);
 507                retv = 0;
 508                break;
 509
 510        case IPV6_MULTICAST_LOOP:
 511                if (optlen < sizeof(int))
 512                        goto e_inval;
 513                if (val != valbool)
 514                        goto e_inval;
 515                np->mc_loop = valbool;
 516                retv = 0;
 517                break;
 518
 519        case IPV6_UNICAST_IF:
 520        {
 521                struct net_device *dev = NULL;
 522                int ifindex;
 523
 524                if (optlen != sizeof(int))
 525                        goto e_inval;
 526
 527                ifindex = (__force int)ntohl((__force __be32)val);
 528                if (ifindex == 0) {
 529                        np->ucast_oif = 0;
 530                        retv = 0;
 531                        break;
 532                }
 533
 534                dev = dev_get_by_index(net, ifindex);
 535                retv = -EADDRNOTAVAIL;
 536                if (!dev)
 537                        break;
 538                dev_put(dev);
 539
 540                retv = -EINVAL;
 541                if (sk->sk_bound_dev_if)
 542                        break;
 543
 544                np->ucast_oif = ifindex;
 545                retv = 0;
 546                break;
 547        }
 548
 549        case IPV6_MULTICAST_IF:
 550                if (sk->sk_type == SOCK_STREAM)
 551                        break;
 552                if (optlen < sizeof(int))
 553                        goto e_inval;
 554
 555                if (val) {
 556                        struct net_device *dev;
 557
 558                        if (sk->sk_bound_dev_if && sk->sk_bound_dev_if != val)
 559                                goto e_inval;
 560
 561                        dev = dev_get_by_index(net, val);
 562                        if (!dev) {
 563                                retv = -ENODEV;
 564                                break;
 565                        }
 566                        dev_put(dev);
 567                }
 568                np->mcast_oif = val;
 569                retv = 0;
 570                break;
 571        case IPV6_ADD_MEMBERSHIP:
 572        case IPV6_DROP_MEMBERSHIP:
 573        {
 574                struct ipv6_mreq mreq;
 575
 576                if (optlen < sizeof(struct ipv6_mreq))
 577                        goto e_inval;
 578
 579                retv = -EPROTO;
 580                if (inet_sk(sk)->is_icsk)
 581                        break;
 582
 583                retv = -EFAULT;
 584                if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq)))
 585                        break;
 586
 587                if (optname == IPV6_ADD_MEMBERSHIP)
 588                        retv = ipv6_sock_mc_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr);
 589                else
 590                        retv = ipv6_sock_mc_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr);
 591                break;
 592        }
 593        case IPV6_JOIN_ANYCAST:
 594        case IPV6_LEAVE_ANYCAST:
 595        {
 596                struct ipv6_mreq mreq;
 597
 598                if (optlen < sizeof(struct ipv6_mreq))
 599                        goto e_inval;
 600
 601                retv = -EFAULT;
 602                if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq)))
 603                        break;
 604
 605                if (optname == IPV6_JOIN_ANYCAST)
 606                        retv = ipv6_sock_ac_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr);
 607                else
 608                        retv = ipv6_sock_ac_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr);
 609                break;
 610        }
 611        case MCAST_JOIN_GROUP:
 612        case MCAST_LEAVE_GROUP:
 613        {
 614                struct group_req greq;
 615                struct sockaddr_in6 *psin6;
 616
 617                if (optlen < sizeof(struct group_req))
 618                        goto e_inval;
 619
 620                retv = -EFAULT;
 621                if (copy_from_user(&greq, optval, sizeof(struct group_req)))
 622                        break;
 623                if (greq.gr_group.ss_family != AF_INET6) {
 624                        retv = -EADDRNOTAVAIL;
 625                        break;
 626                }
 627                psin6 = (struct sockaddr_in6 *)&greq.gr_group;
 628                if (optname == MCAST_JOIN_GROUP)
 629                        retv = ipv6_sock_mc_join(sk, greq.gr_interface,
 630                                &psin6->sin6_addr);
 631                else
 632                        retv = ipv6_sock_mc_drop(sk, greq.gr_interface,
 633                                &psin6->sin6_addr);
 634                break;
 635        }
 636        case MCAST_JOIN_SOURCE_GROUP:
 637        case MCAST_LEAVE_SOURCE_GROUP:
 638        case MCAST_BLOCK_SOURCE:
 639        case MCAST_UNBLOCK_SOURCE:
 640        {
 641                struct group_source_req greqs;
 642                int omode, add;
 643
 644                if (optlen < sizeof(struct group_source_req))
 645                        goto e_inval;
 646                if (copy_from_user(&greqs, optval, sizeof(greqs))) {
 647                        retv = -EFAULT;
 648                        break;
 649                }
 650                if (greqs.gsr_group.ss_family != AF_INET6 ||
 651                    greqs.gsr_source.ss_family != AF_INET6) {
 652                        retv = -EADDRNOTAVAIL;
 653                        break;
 654                }
 655                if (optname == MCAST_BLOCK_SOURCE) {
 656                        omode = MCAST_EXCLUDE;
 657                        add = 1;
 658                } else if (optname == MCAST_UNBLOCK_SOURCE) {
 659                        omode = MCAST_EXCLUDE;
 660                        add = 0;
 661                } else if (optname == MCAST_JOIN_SOURCE_GROUP) {
 662                        struct sockaddr_in6 *psin6;
 663
 664                        psin6 = (struct sockaddr_in6 *)&greqs.gsr_group;
 665                        retv = ipv6_sock_mc_join(sk, greqs.gsr_interface,
 666                                &psin6->sin6_addr);
 667                        /* prior join w/ different source is ok */
 668                        if (retv && retv != -EADDRINUSE)
 669                                break;
 670                        omode = MCAST_INCLUDE;
 671                        add = 1;
 672                } else /* MCAST_LEAVE_SOURCE_GROUP */ {
 673                        omode = MCAST_INCLUDE;
 674                        add = 0;
 675                }
 676                retv = ip6_mc_source(add, omode, sk, &greqs);
 677                break;
 678        }
 679        case MCAST_MSFILTER:
 680        {
 681                struct group_filter *gsf;
 682
 683                if (optlen < GROUP_FILTER_SIZE(0))
 684                        goto e_inval;
 685                if (optlen > sysctl_optmem_max) {
 686                        retv = -ENOBUFS;
 687                        break;
 688                }
 689                gsf = kmalloc(optlen,GFP_KERNEL);
 690                if (!gsf) {
 691                        retv = -ENOBUFS;
 692                        break;
 693                }
 694                retv = -EFAULT;
 695                if (copy_from_user(gsf, optval, optlen)) {
 696                        kfree(gsf);
 697                        break;
 698                }
 699                /* numsrc >= (4G-140)/128 overflow in 32 bits */
 700                if (gsf->gf_numsrc >= 0x1ffffffU ||
 701                    gsf->gf_numsrc > sysctl_mld_max_msf) {
 702                        kfree(gsf);
 703                        retv = -ENOBUFS;
 704                        break;
 705                }
 706                if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) {
 707                        kfree(gsf);
 708                        retv = -EINVAL;
 709                        break;
 710                }
 711                retv = ip6_mc_msfilter(sk, gsf);
 712                kfree(gsf);
 713
 714                break;
 715        }
 716        case IPV6_ROUTER_ALERT:
 717                if (optlen < sizeof(int))
 718                        goto e_inval;
 719                retv = ip6_ra_control(sk, val);
 720                break;
 721        case IPV6_MTU_DISCOVER:
 722                if (optlen < sizeof(int))
 723                        goto e_inval;
 724                if (val < IP_PMTUDISC_DONT || val > IP_PMTUDISC_PROBE)
 725                        goto e_inval;
 726                np->pmtudisc = val;
 727                retv = 0;
 728                break;
 729        case IPV6_MTU:
 730                if (optlen < sizeof(int))
 731                        goto e_inval;
 732                if (val && val < IPV6_MIN_MTU)
 733                        goto e_inval;
 734                np->frag_size = val;
 735                retv = 0;
 736                break;
 737        case IPV6_RECVERR:
 738                if (optlen < sizeof(int))
 739                        goto e_inval;
 740                np->recverr = valbool;
 741                if (!val)
 742                        skb_queue_purge(&sk->sk_error_queue);
 743                retv = 0;
 744                break;
 745        case IPV6_FLOWINFO_SEND:
 746                if (optlen < sizeof(int))
 747                        goto e_inval;
 748                np->sndflow = valbool;
 749                retv = 0;
 750                break;
 751        case IPV6_FLOWLABEL_MGR:
 752                retv = ipv6_flowlabel_opt(sk, optval, optlen);
 753                break;
 754        case IPV6_IPSEC_POLICY:
 755        case IPV6_XFRM_POLICY:
 756                retv = -EPERM;
 757                if (!capable(CAP_NET_ADMIN))
 758                        break;
 759                retv = xfrm_user_policy(sk, optname, optval, optlen);
 760                break;
 761
 762        case IPV6_ADDR_PREFERENCES:
 763            {
 764                unsigned int pref = 0;
 765                unsigned int prefmask = ~0;
 766
 767                if (optlen < sizeof(int))
 768                        goto e_inval;
 769
 770                retv = -EINVAL;
 771
 772                /* check PUBLIC/TMP/PUBTMP_DEFAULT conflicts */
 773                switch (val & (IPV6_PREFER_SRC_PUBLIC|
 774                               IPV6_PREFER_SRC_TMP|
 775                               IPV6_PREFER_SRC_PUBTMP_DEFAULT)) {
 776                case IPV6_PREFER_SRC_PUBLIC:
 777                        pref |= IPV6_PREFER_SRC_PUBLIC;
 778                        break;
 779                case IPV6_PREFER_SRC_TMP:
 780                        pref |= IPV6_PREFER_SRC_TMP;
 781                        break;
 782                case IPV6_PREFER_SRC_PUBTMP_DEFAULT:
 783                        break;
 784                case 0:
 785                        goto pref_skip_pubtmp;
 786                default:
 787                        goto e_inval;
 788                }
 789
 790                prefmask &= ~(IPV6_PREFER_SRC_PUBLIC|
 791                              IPV6_PREFER_SRC_TMP);
 792pref_skip_pubtmp:
 793
 794                /* check HOME/COA conflicts */
 795                switch (val & (IPV6_PREFER_SRC_HOME|IPV6_PREFER_SRC_COA)) {
 796                case IPV6_PREFER_SRC_HOME:
 797                        break;
 798                case IPV6_PREFER_SRC_COA:
 799                        pref |= IPV6_PREFER_SRC_COA;
 800                case 0:
 801                        goto pref_skip_coa;
 802                default:
 803                        goto e_inval;
 804                }
 805
 806                prefmask &= ~IPV6_PREFER_SRC_COA;
 807pref_skip_coa:
 808
 809                /* check CGA/NONCGA conflicts */
 810                switch (val & (IPV6_PREFER_SRC_CGA|IPV6_PREFER_SRC_NONCGA)) {
 811                case IPV6_PREFER_SRC_CGA:
 812                case IPV6_PREFER_SRC_NONCGA:
 813                case 0:
 814                        break;
 815                default:
 816                        goto e_inval;
 817                }
 818
 819                np->srcprefs = (np->srcprefs & prefmask) | pref;
 820                retv = 0;
 821
 822                break;
 823            }
 824        case IPV6_MINHOPCOUNT:
 825                if (optlen < sizeof(int))
 826                        goto e_inval;
 827                if (val < 0 || val > 255)
 828                        goto e_inval;
 829                np->min_hopcount = val;
 830                break;
 831        case IPV6_DONTFRAG:
 832                np->dontfrag = valbool;
 833                retv = 0;
 834                break;
 835        }
 836
 837        release_sock(sk);
 838
 839        return retv;
 840
 841e_inval:
 842        release_sock(sk);
 843        return -EINVAL;
 844}
 845
 846int ipv6_setsockopt(struct sock *sk, int level, int optname,
 847                    char __user *optval, unsigned int optlen)
 848{
 849        int err;
 850
 851        if (level == SOL_IP && sk->sk_type != SOCK_RAW)
 852                return udp_prot.setsockopt(sk, level, optname, optval, optlen);
 853
 854        if (level != SOL_IPV6)
 855                return -ENOPROTOOPT;
 856
 857        err = do_ipv6_setsockopt(sk, level, optname, optval, optlen);
 858#ifdef CONFIG_NETFILTER
 859        /* we need to exclude all possible ENOPROTOOPTs except default case */
 860        if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY &&
 861                        optname != IPV6_XFRM_POLICY) {
 862                lock_sock(sk);
 863                err = nf_setsockopt(sk, PF_INET6, optname, optval,
 864                                optlen);
 865                release_sock(sk);
 866        }
 867#endif
 868        return err;
 869}
 870
 871EXPORT_SYMBOL(ipv6_setsockopt);
 872
 873#ifdef CONFIG_COMPAT
 874int compat_ipv6_setsockopt(struct sock *sk, int level, int optname,
 875                           char __user *optval, unsigned int optlen)
 876{
 877        int err;
 878
 879        if (level == SOL_IP && sk->sk_type != SOCK_RAW) {
 880                if (udp_prot.compat_setsockopt != NULL)
 881                        return udp_prot.compat_setsockopt(sk, level, optname,
 882                                                          optval, optlen);
 883                return udp_prot.setsockopt(sk, level, optname, optval, optlen);
 884        }
 885
 886        if (level != SOL_IPV6)
 887                return -ENOPROTOOPT;
 888
 889        if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER)
 890                return compat_mc_setsockopt(sk, level, optname, optval, optlen,
 891                        ipv6_setsockopt);
 892
 893        err = do_ipv6_setsockopt(sk, level, optname, optval, optlen);
 894#ifdef CONFIG_NETFILTER
 895        /* we need to exclude all possible ENOPROTOOPTs except default case */
 896        if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY &&
 897            optname != IPV6_XFRM_POLICY) {
 898                lock_sock(sk);
 899                err = compat_nf_setsockopt(sk, PF_INET6, optname,
 900                                           optval, optlen);
 901                release_sock(sk);
 902        }
 903#endif
 904        return err;
 905}
 906
 907EXPORT_SYMBOL(compat_ipv6_setsockopt);
 908#endif
 909
 910static int ipv6_getsockopt_sticky(struct sock *sk, struct ipv6_txoptions *opt,
 911                                  int optname, char __user *optval, int len)
 912{
 913        struct ipv6_opt_hdr *hdr;
 914
 915        if (!opt)
 916                return 0;
 917
 918        switch(optname) {
 919        case IPV6_HOPOPTS:
 920                hdr = opt->hopopt;
 921                break;
 922        case IPV6_RTHDRDSTOPTS:
 923                hdr = opt->dst0opt;
 924                break;
 925        case IPV6_RTHDR:
 926                hdr = (struct ipv6_opt_hdr *)opt->srcrt;
 927                break;
 928        case IPV6_DSTOPTS:
 929                hdr = opt->dst1opt;
 930                break;
 931        default:
 932                return -EINVAL; /* should not happen */
 933        }
 934
 935        if (!hdr)
 936                return 0;
 937
 938        len = min_t(unsigned int, len, ipv6_optlen(hdr));
 939        if (copy_to_user(optval, hdr, len))
 940                return -EFAULT;
 941        return len;
 942}
 943
 944static int do_ipv6_getsockopt(struct sock *sk, int level, int optname,
 945                    char __user *optval, int __user *optlen, unsigned int flags)
 946{
 947        struct ipv6_pinfo *np = inet6_sk(sk);
 948        int len;
 949        int val;
 950
 951        if (ip6_mroute_opt(optname))
 952                return ip6_mroute_getsockopt(sk, optname, optval, optlen);
 953
 954        if (get_user(len, optlen))
 955                return -EFAULT;
 956        switch (optname) {
 957        case IPV6_ADDRFORM:
 958                if (sk->sk_protocol != IPPROTO_UDP &&
 959                    sk->sk_protocol != IPPROTO_UDPLITE &&
 960                    sk->sk_protocol != IPPROTO_TCP)
 961                        return -ENOPROTOOPT;
 962                if (sk->sk_state != TCP_ESTABLISHED)
 963                        return -ENOTCONN;
 964                val = sk->sk_family;
 965                break;
 966        case MCAST_MSFILTER:
 967        {
 968                struct group_filter gsf;
 969                int err;
 970
 971                if (len < GROUP_FILTER_SIZE(0))
 972                        return -EINVAL;
 973                if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0)))
 974                        return -EFAULT;
 975                if (gsf.gf_group.ss_family != AF_INET6)
 976                        return -EADDRNOTAVAIL;
 977                lock_sock(sk);
 978                err = ip6_mc_msfget(sk, &gsf,
 979                        (struct group_filter __user *)optval, optlen);
 980                release_sock(sk);
 981                return err;
 982        }
 983
 984        case IPV6_2292PKTOPTIONS:
 985        {
 986                struct msghdr msg;
 987                struct sk_buff *skb;
 988
 989                if (sk->sk_type != SOCK_STREAM)
 990                        return -ENOPROTOOPT;
 991
 992                msg.msg_control = optval;
 993                msg.msg_controllen = len;
 994                msg.msg_flags = flags;
 995
 996                lock_sock(sk);
 997                skb = np->pktoptions;
 998                if (skb)
 999                        atomic_inc(&skb->users);
1000                release_sock(sk);
1001
1002                if (skb) {
1003                        int err = datagram_recv_ctl(sk, &msg, skb);
1004                        kfree_skb(skb);
1005                        if (err)
1006                                return err;
1007                } else {
1008                        if (np->rxopt.bits.rxinfo) {
1009                                struct in6_pktinfo src_info;
1010                                src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif :
1011                                        np->sticky_pktinfo.ipi6_ifindex;
1012                                src_info.ipi6_addr = np->mcast_oif ? np->daddr : np->sticky_pktinfo.ipi6_addr;
1013                                put_cmsg(&msg, SOL_IPV6, IPV6_PKTINFO, sizeof(src_info), &src_info);
1014                        }
1015                        if (np->rxopt.bits.rxhlim) {
1016                                int hlim = np->mcast_hops;
1017                                put_cmsg(&msg, SOL_IPV6, IPV6_HOPLIMIT, sizeof(hlim), &hlim);
1018                        }
1019                        if (np->rxopt.bits.rxtclass) {
1020                                int tclass = np->rcv_tclass;
1021                                put_cmsg(&msg, SOL_IPV6, IPV6_TCLASS, sizeof(tclass), &tclass);
1022                        }
1023                        if (np->rxopt.bits.rxoinfo) {
1024                                struct in6_pktinfo src_info;
1025                                src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif :
1026                                        np->sticky_pktinfo.ipi6_ifindex;
1027                                src_info.ipi6_addr = np->mcast_oif ? np->daddr : np->sticky_pktinfo.ipi6_addr;
1028                                put_cmsg(&msg, SOL_IPV6, IPV6_2292PKTINFO, sizeof(src_info), &src_info);
1029                        }
1030                        if (np->rxopt.bits.rxohlim) {
1031                                int hlim = np->mcast_hops;
1032                                put_cmsg(&msg, SOL_IPV6, IPV6_2292HOPLIMIT, sizeof(hlim), &hlim);
1033                        }
1034                }
1035                len -= msg.msg_controllen;
1036                return put_user(len, optlen);
1037        }
1038        case IPV6_MTU:
1039        {
1040                struct dst_entry *dst;
1041
1042                val = 0;
1043                rcu_read_lock();
1044                dst = __sk_dst_get(sk);
1045                if (dst)
1046                        val = dst_mtu(dst);
1047                rcu_read_unlock();
1048                if (!val)
1049                        return -ENOTCONN;
1050                break;
1051        }
1052
1053        case IPV6_V6ONLY:
1054                val = np->ipv6only;
1055                break;
1056
1057        case IPV6_RECVPKTINFO:
1058                val = np->rxopt.bits.rxinfo;
1059                break;
1060
1061        case IPV6_2292PKTINFO:
1062                val = np->rxopt.bits.rxoinfo;
1063                break;
1064
1065        case IPV6_RECVHOPLIMIT:
1066                val = np->rxopt.bits.rxhlim;
1067                break;
1068
1069        case IPV6_2292HOPLIMIT:
1070                val = np->rxopt.bits.rxohlim;
1071                break;
1072
1073        case IPV6_RECVRTHDR:
1074                val = np->rxopt.bits.srcrt;
1075                break;
1076
1077        case IPV6_2292RTHDR:
1078                val = np->rxopt.bits.osrcrt;
1079                break;
1080
1081        case IPV6_HOPOPTS:
1082        case IPV6_RTHDRDSTOPTS:
1083        case IPV6_RTHDR:
1084        case IPV6_DSTOPTS:
1085        {
1086
1087                lock_sock(sk);
1088                len = ipv6_getsockopt_sticky(sk, np->opt,
1089                                             optname, optval, len);
1090                release_sock(sk);
1091                /* check if ipv6_getsockopt_sticky() returns err code */
1092                if (len < 0)
1093                        return len;
1094                return put_user(len, optlen);
1095        }
1096
1097        case IPV6_RECVHOPOPTS:
1098                val = np->rxopt.bits.hopopts;
1099                break;
1100
1101        case IPV6_2292HOPOPTS:
1102                val = np->rxopt.bits.ohopopts;
1103                break;
1104
1105        case IPV6_RECVDSTOPTS:
1106                val = np->rxopt.bits.dstopts;
1107                break;
1108
1109        case IPV6_2292DSTOPTS:
1110                val = np->rxopt.bits.odstopts;
1111                break;
1112
1113        case IPV6_TCLASS:
1114                val = np->tclass;
1115                break;
1116
1117        case IPV6_RECVTCLASS:
1118                val = np->rxopt.bits.rxtclass;
1119                break;
1120
1121        case IPV6_FLOWINFO:
1122                val = np->rxopt.bits.rxflow;
1123                break;
1124
1125        case IPV6_RECVPATHMTU:
1126                val = np->rxopt.bits.rxpmtu;
1127                break;
1128
1129        case IPV6_PATHMTU:
1130        {
1131                struct dst_entry *dst;
1132                struct ip6_mtuinfo mtuinfo;
1133
1134                if (len < sizeof(mtuinfo))
1135                        return -EINVAL;
1136
1137                len = sizeof(mtuinfo);
1138                memset(&mtuinfo, 0, sizeof(mtuinfo));
1139
1140                rcu_read_lock();
1141                dst = __sk_dst_get(sk);
1142                if (dst)
1143                        mtuinfo.ip6m_mtu = dst_mtu(dst);
1144                rcu_read_unlock();
1145                if (!mtuinfo.ip6m_mtu)
1146                        return -ENOTCONN;
1147
1148                if (put_user(len, optlen))
1149                        return -EFAULT;
1150                if (copy_to_user(optval, &mtuinfo, len))
1151                        return -EFAULT;
1152
1153                return 0;
1154                break;
1155        }
1156
1157        case IPV6_TRANSPARENT:
1158                val = inet_sk(sk)->transparent;
1159                break;
1160
1161        case IPV6_RECVORIGDSTADDR:
1162                val = np->rxopt.bits.rxorigdstaddr;
1163                break;
1164
1165        case IPV6_UNICAST_HOPS:
1166        case IPV6_MULTICAST_HOPS:
1167        {
1168                struct dst_entry *dst;
1169
1170                if (optname == IPV6_UNICAST_HOPS)
1171                        val = np->hop_limit;
1172                else
1173                        val = np->mcast_hops;
1174
1175                if (val < 0) {
1176                        rcu_read_lock();
1177                        dst = __sk_dst_get(sk);
1178                        if (dst)
1179                                val = ip6_dst_hoplimit(dst);
1180                        rcu_read_unlock();
1181                }
1182
1183                if (val < 0)
1184                        val = sock_net(sk)->ipv6.devconf_all->hop_limit;
1185                break;
1186        }
1187
1188        case IPV6_MULTICAST_LOOP:
1189                val = np->mc_loop;
1190                break;
1191
1192        case IPV6_MULTICAST_IF:
1193                val = np->mcast_oif;
1194                break;
1195
1196        case IPV6_UNICAST_IF:
1197                val = (__force int)htonl((__u32) np->ucast_oif);
1198                break;
1199
1200        case IPV6_MTU_DISCOVER:
1201                val = np->pmtudisc;
1202                break;
1203
1204        case IPV6_RECVERR:
1205                val = np->recverr;
1206                break;
1207
1208        case IPV6_FLOWINFO_SEND:
1209                val = np->sndflow;
1210                break;
1211
1212        case IPV6_ADDR_PREFERENCES:
1213                val = 0;
1214
1215                if (np->srcprefs & IPV6_PREFER_SRC_TMP)
1216                        val |= IPV6_PREFER_SRC_TMP;
1217                else if (np->srcprefs & IPV6_PREFER_SRC_PUBLIC)
1218                        val |= IPV6_PREFER_SRC_PUBLIC;
1219                else {
1220                        /* XXX: should we return system default? */
1221                        val |= IPV6_PREFER_SRC_PUBTMP_DEFAULT;
1222                }
1223
1224                if (np->srcprefs & IPV6_PREFER_SRC_COA)
1225                        val |= IPV6_PREFER_SRC_COA;
1226                else
1227                        val |= IPV6_PREFER_SRC_HOME;
1228                break;
1229
1230        case IPV6_MINHOPCOUNT:
1231                val = np->min_hopcount;
1232                break;
1233
1234        case IPV6_DONTFRAG:
1235                val = np->dontfrag;
1236                break;
1237
1238        default:
1239                return -ENOPROTOOPT;
1240        }
1241        len = min_t(unsigned int, sizeof(int), len);
1242        if(put_user(len, optlen))
1243                return -EFAULT;
1244        if(copy_to_user(optval,&val,len))
1245                return -EFAULT;
1246        return 0;
1247}
1248
1249int ipv6_getsockopt(struct sock *sk, int level, int optname,
1250                    char __user *optval, int __user *optlen)
1251{
1252        int err;
1253
1254        if (level == SOL_IP && sk->sk_type != SOCK_RAW)
1255                return udp_prot.getsockopt(sk, level, optname, optval, optlen);
1256
1257        if(level != SOL_IPV6)
1258                return -ENOPROTOOPT;
1259
1260        err = do_ipv6_getsockopt(sk, level, optname, optval, optlen, 0);
1261#ifdef CONFIG_NETFILTER
1262        /* we need to exclude all possible ENOPROTOOPTs except default case */
1263        if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) {
1264                int len;
1265
1266                if (get_user(len, optlen))
1267                        return -EFAULT;
1268
1269                lock_sock(sk);
1270                err = nf_getsockopt(sk, PF_INET6, optname, optval,
1271                                &len);
1272                release_sock(sk);
1273                if (err >= 0)
1274                        err = put_user(len, optlen);
1275        }
1276#endif
1277        return err;
1278}
1279
1280EXPORT_SYMBOL(ipv6_getsockopt);
1281
1282#ifdef CONFIG_COMPAT
1283int compat_ipv6_getsockopt(struct sock *sk, int level, int optname,
1284                           char __user *optval, int __user *optlen)
1285{
1286        int err;
1287
1288        if (level == SOL_IP && sk->sk_type != SOCK_RAW) {
1289                if (udp_prot.compat_getsockopt != NULL)
1290                        return udp_prot.compat_getsockopt(sk, level, optname,
1291                                                          optval, optlen);
1292                return udp_prot.getsockopt(sk, level, optname, optval, optlen);
1293        }
1294
1295        if (level != SOL_IPV6)
1296                return -ENOPROTOOPT;
1297
1298        if (optname == MCAST_MSFILTER)
1299                return compat_mc_getsockopt(sk, level, optname, optval, optlen,
1300                        ipv6_getsockopt);
1301
1302        err = do_ipv6_getsockopt(sk, level, optname, optval, optlen,
1303                                 MSG_CMSG_COMPAT);
1304#ifdef CONFIG_NETFILTER
1305        /* we need to exclude all possible ENOPROTOOPTs except default case */
1306        if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) {
1307                int len;
1308
1309                if (get_user(len, optlen))
1310                        return -EFAULT;
1311
1312                lock_sock(sk);
1313                err = compat_nf_getsockopt(sk, PF_INET6,
1314                                           optname, optval, &len);
1315                release_sock(sk);
1316                if (err >= 0)
1317                        err = put_user(len, optlen);
1318        }
1319#endif
1320        return err;
1321}
1322
1323EXPORT_SYMBOL(compat_ipv6_getsockopt);
1324#endif
1325
1326
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.