linux/net/ipv4/ip_sockglue.c
<<
>>
Prefs
   1/*
   2 * INET         An implementation of the TCP/IP protocol suite for the LINUX
   3 *              operating system.  INET is implemented using the  BSD Socket
   4 *              interface as the means of communication with the user level.
   5 *
   6 *              The IP to API glue.
   7 *
   8 * Authors:     see ip.c
   9 *
  10 * Fixes:
  11 *              Many            :       Split from ip.c , see ip.c for history.
  12 *              Martin Mares    :       TOS setting fixed.
  13 *              Alan Cox        :       Fixed a couple of oopses in Martin's
  14 *                                      TOS tweaks.
  15 *              Mike McLagan    :       Routing by source
  16 */
  17
  18#include <linux/module.h>
  19#include <linux/types.h>
  20#include <linux/mm.h>
  21#include <linux/skbuff.h>
  22#include <linux/ip.h>
  23#include <linux/icmp.h>
  24#include <linux/inetdevice.h>
  25#include <linux/netdevice.h>
  26#include <linux/slab.h>
  27#include <net/sock.h>
  28#include <net/ip.h>
  29#include <net/icmp.h>
  30#include <net/tcp_states.h>
  31#include <linux/udp.h>
  32#include <linux/igmp.h>
  33#include <linux/netfilter.h>
  34#include <linux/route.h>
  35#include <linux/mroute.h>
  36#include <net/inet_ecn.h>
  37#include <net/route.h>
  38#include <net/xfrm.h>
  39#include <net/compat.h>
  40#if IS_ENABLED(CONFIG_IPV6)
  41#include <net/transp_v6.h>
  42#endif
  43#include <net/ip_fib.h>
  44
  45#include <linux/errqueue.h>
  46#include <asm/uaccess.h>
  47
  48#define IP_CMSG_PKTINFO         1
  49#define IP_CMSG_TTL             2
  50#define IP_CMSG_TOS             4
  51#define IP_CMSG_RECVOPTS        8
  52#define IP_CMSG_RETOPTS         16
  53#define IP_CMSG_PASSSEC         32
  54#define IP_CMSG_ORIGDSTADDR     64
  55
  56/*
  57 *      SOL_IP control messages.
  58 */
  59#define PKTINFO_SKB_CB(__skb) ((struct in_pktinfo *)((__skb)->cb))
  60
  61static void ip_cmsg_recv_pktinfo(struct msghdr *msg, struct sk_buff *skb)
  62{
  63        struct in_pktinfo info = *PKTINFO_SKB_CB(skb);
  64
  65        info.ipi_addr.s_addr = ip_hdr(skb)->daddr;
  66
  67        put_cmsg(msg, SOL_IP, IP_PKTINFO, sizeof(info), &info);
  68}
  69
  70static void ip_cmsg_recv_ttl(struct msghdr *msg, struct sk_buff *skb)
  71{
  72        int ttl = ip_hdr(skb)->ttl;
  73        put_cmsg(msg, SOL_IP, IP_TTL, sizeof(int), &ttl);
  74}
  75
  76static void ip_cmsg_recv_tos(struct msghdr *msg, struct sk_buff *skb)
  77{
  78        put_cmsg(msg, SOL_IP, IP_TOS, 1, &ip_hdr(skb)->tos);
  79}
  80
  81static void ip_cmsg_recv_opts(struct msghdr *msg, struct sk_buff *skb)
  82{
  83        if (IPCB(skb)->opt.optlen == 0)
  84                return;
  85
  86        put_cmsg(msg, SOL_IP, IP_RECVOPTS, IPCB(skb)->opt.optlen,
  87                 ip_hdr(skb) + 1);
  88}
  89
  90
  91static void ip_cmsg_recv_retopts(struct msghdr *msg, struct sk_buff *skb)
  92{
  93        unsigned char optbuf[sizeof(struct ip_options) + 40];
  94        struct ip_options *opt = (struct ip_options *)optbuf;
  95
  96        if (IPCB(skb)->opt.optlen == 0)
  97                return;
  98
  99        if (ip_options_echo(opt, skb)) {
 100                msg->msg_flags |= MSG_CTRUNC;
 101                return;
 102        }
 103        ip_options_undo(opt);
 104
 105        put_cmsg(msg, SOL_IP, IP_RETOPTS, opt->optlen, opt->__data);
 106}
 107
 108static void ip_cmsg_recv_security(struct msghdr *msg, struct sk_buff *skb)
 109{
 110        char *secdata;
 111        u32 seclen, secid;
 112        int err;
 113
 114        err = security_socket_getpeersec_dgram(NULL, skb, &secid);
 115        if (err)
 116                return;
 117
 118        err = security_secid_to_secctx(secid, &secdata, &seclen);
 119        if (err)
 120                return;
 121
 122        put_cmsg(msg, SOL_IP, SCM_SECURITY, seclen, secdata);
 123        security_release_secctx(secdata, seclen);
 124}
 125
 126static void ip_cmsg_recv_dstaddr(struct msghdr *msg, struct sk_buff *skb)
 127{
 128        struct sockaddr_in sin;
 129        const struct iphdr *iph = ip_hdr(skb);
 130        __be16 *ports = (__be16 *)skb_transport_header(skb);
 131
 132        if (skb_transport_offset(skb) + 4 > skb->len)
 133                return;
 134
 135        /* All current transport protocols have the port numbers in the
 136         * first four bytes of the transport header and this function is
 137         * written with this assumption in mind.
 138         */
 139
 140        sin.sin_family = AF_INET;
 141        sin.sin_addr.s_addr = iph->daddr;
 142        sin.sin_port = ports[1];
 143        memset(sin.sin_zero, 0, sizeof(sin.sin_zero));
 144
 145        put_cmsg(msg, SOL_IP, IP_ORIGDSTADDR, sizeof(sin), &sin);
 146}
 147
 148void ip_cmsg_recv(struct msghdr *msg, struct sk_buff *skb)
 149{
 150        struct inet_sock *inet = inet_sk(skb->sk);
 151        unsigned int flags = inet->cmsg_flags;
 152
 153        /* Ordered by supposed usage frequency */
 154        if (flags & 1)
 155                ip_cmsg_recv_pktinfo(msg, skb);
 156        if ((flags >>= 1) == 0)
 157                return;
 158
 159        if (flags & 1)
 160                ip_cmsg_recv_ttl(msg, skb);
 161        if ((flags >>= 1) == 0)
 162                return;
 163
 164        if (flags & 1)
 165                ip_cmsg_recv_tos(msg, skb);
 166        if ((flags >>= 1) == 0)
 167                return;
 168
 169        if (flags & 1)
 170                ip_cmsg_recv_opts(msg, skb);
 171        if ((flags >>= 1) == 0)
 172                return;
 173
 174        if (flags & 1)
 175                ip_cmsg_recv_retopts(msg, skb);
 176        if ((flags >>= 1) == 0)
 177                return;
 178
 179        if (flags & 1)
 180                ip_cmsg_recv_security(msg, skb);
 181
 182        if ((flags >>= 1) == 0)
 183                return;
 184        if (flags & 1)
 185                ip_cmsg_recv_dstaddr(msg, skb);
 186
 187}
 188EXPORT_SYMBOL(ip_cmsg_recv);
 189
 190int ip_cmsg_send(struct net *net, struct msghdr *msg, struct ipcm_cookie *ipc)
 191{
 192        int err;
 193        struct cmsghdr *cmsg;
 194
 195        for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) {
 196                if (!CMSG_OK(msg, cmsg))
 197                        return -EINVAL;
 198                if (cmsg->cmsg_level != SOL_IP)
 199                        continue;
 200                switch (cmsg->cmsg_type) {
 201                case IP_RETOPTS:
 202                        err = cmsg->cmsg_len - CMSG_ALIGN(sizeof(struct cmsghdr));
 203                        err = ip_options_get(net, &ipc->opt, CMSG_DATA(cmsg),
 204                                             err < 40 ? err : 40);
 205                        if (err)
 206                                return err;
 207                        break;
 208                case IP_PKTINFO:
 209                {
 210                        struct in_pktinfo *info;
 211                        if (cmsg->cmsg_len != CMSG_LEN(sizeof(struct in_pktinfo)))
 212                                return -EINVAL;
 213                        info = (struct in_pktinfo *)CMSG_DATA(cmsg);
 214                        ipc->oif = info->ipi_ifindex;
 215                        ipc->addr = info->ipi_spec_dst.s_addr;
 216                        break;
 217                }
 218                default:
 219                        return -EINVAL;
 220                }
 221        }
 222        return 0;
 223}
 224
 225
 226/* Special input handler for packets caught by router alert option.
 227   They are selected only by protocol field, and then processed likely
 228   local ones; but only if someone wants them! Otherwise, router
 229   not running rsvpd will kill RSVP.
 230
 231   It is user level problem, what it will make with them.
 232   I have no idea, how it will masquearde or NAT them (it is joke, joke :-)),
 233   but receiver should be enough clever f.e. to forward mtrace requests,
 234   sent to multicast group to reach destination designated router.
 235 */
 236struct ip_ra_chain __rcu *ip_ra_chain;
 237static DEFINE_SPINLOCK(ip_ra_lock);
 238
 239
 240static void ip_ra_destroy_rcu(struct rcu_head *head)
 241{
 242        struct ip_ra_chain *ra = container_of(head, struct ip_ra_chain, rcu);
 243
 244        sock_put(ra->saved_sk);
 245        kfree(ra);
 246}
 247
 248int ip_ra_control(struct sock *sk, unsigned char on,
 249                  void (*destructor)(struct sock *))
 250{
 251        struct ip_ra_chain *ra, *new_ra;
 252        struct ip_ra_chain __rcu **rap;
 253
 254        if (sk->sk_type != SOCK_RAW || inet_sk(sk)->inet_num == IPPROTO_RAW)
 255                return -EINVAL;
 256
 257        new_ra = on ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL;
 258
 259        spin_lock_bh(&ip_ra_lock);
 260        for (rap = &ip_ra_chain;
 261             (ra = rcu_dereference_protected(*rap,
 262                        lockdep_is_held(&ip_ra_lock))) != NULL;
 263             rap = &ra->next) {
 264                if (ra->sk == sk) {
 265                        if (on) {
 266                                spin_unlock_bh(&ip_ra_lock);
 267                                kfree(new_ra);
 268                                return -EADDRINUSE;
 269                        }
 270                        /* dont let ip_call_ra_chain() use sk again */
 271                        ra->sk = NULL;
 272                        rcu_assign_pointer(*rap, ra->next);
 273                        spin_unlock_bh(&ip_ra_lock);
 274
 275                        if (ra->destructor)
 276                                ra->destructor(sk);
 277                        /*
 278                         * Delay sock_put(sk) and kfree(ra) after one rcu grace
 279                         * period. This guarantee ip_call_ra_chain() dont need
 280                         * to mess with socket refcounts.
 281                         */
 282                        ra->saved_sk = sk;
 283                        call_rcu(&ra->rcu, ip_ra_destroy_rcu);
 284                        return 0;
 285                }
 286        }
 287        if (new_ra == NULL) {
 288                spin_unlock_bh(&ip_ra_lock);
 289                return -ENOBUFS;
 290        }
 291        new_ra->sk = sk;
 292        new_ra->destructor = destructor;
 293
 294        new_ra->next = ra;
 295        rcu_assign_pointer(*rap, new_ra);
 296        sock_hold(sk);
 297        spin_unlock_bh(&ip_ra_lock);
 298
 299        return 0;
 300}
 301
 302void ip_icmp_error(struct sock *sk, struct sk_buff *skb, int err,
 303                   __be16 port, u32 info, u8 *payload)
 304{
 305        struct sock_exterr_skb *serr;
 306
 307        skb = skb_clone(skb, GFP_ATOMIC);
 308        if (!skb)
 309                return;
 310
 311        serr = SKB_EXT_ERR(skb);
 312        serr->ee.ee_errno = err;
 313        serr->ee.ee_origin = SO_EE_ORIGIN_ICMP;
 314        serr->ee.ee_type = icmp_hdr(skb)->type;
 315        serr->ee.ee_code = icmp_hdr(skb)->code;
 316        serr->ee.ee_pad = 0;
 317        serr->ee.ee_info = info;
 318        serr->ee.ee_data = 0;
 319        serr->addr_offset = (u8 *)&(((struct iphdr *)(icmp_hdr(skb) + 1))->daddr) -
 320                                   skb_network_header(skb);
 321        serr->port = port;
 322
 323        if (skb_pull(skb, payload - skb->data) != NULL) {
 324                skb_reset_transport_header(skb);
 325                if (sock_queue_err_skb(sk, skb) == 0)
 326                        return;
 327        }
 328        kfree_skb(skb);
 329}
 330
 331void ip_local_error(struct sock *sk, int err, __be32 daddr, __be16 port, u32 info)
 332{
 333        struct inet_sock *inet = inet_sk(sk);
 334        struct sock_exterr_skb *serr;
 335        struct iphdr *iph;
 336        struct sk_buff *skb;
 337
 338        if (!inet->recverr)
 339                return;
 340
 341        skb = alloc_skb(sizeof(struct iphdr), GFP_ATOMIC);
 342        if (!skb)
 343                return;
 344
 345        skb_put(skb, sizeof(struct iphdr));
 346        skb_reset_network_header(skb);
 347        iph = ip_hdr(skb);
 348        iph->daddr = daddr;
 349
 350        serr = SKB_EXT_ERR(skb);
 351        serr->ee.ee_errno = err;
 352        serr->ee.ee_origin = SO_EE_ORIGIN_LOCAL;
 353        serr->ee.ee_type = 0;
 354        serr->ee.ee_code = 0;
 355        serr->ee.ee_pad = 0;
 356        serr->ee.ee_info = info;
 357        serr->ee.ee_data = 0;
 358        serr->addr_offset = (u8 *)&iph->daddr - skb_network_header(skb);
 359        serr->port = port;
 360
 361        __skb_pull(skb, skb_tail_pointer(skb) - skb->data);
 362        skb_reset_transport_header(skb);
 363
 364        if (sock_queue_err_skb(sk, skb))
 365                kfree_skb(skb);
 366}
 367
 368/*
 369 *      Handle MSG_ERRQUEUE
 370 */
 371int ip_recv_error(struct sock *sk, struct msghdr *msg, int len)
 372{
 373        struct sock_exterr_skb *serr;
 374        struct sk_buff *skb, *skb2;
 375        struct sockaddr_in *sin;
 376        struct {
 377                struct sock_extended_err ee;
 378                struct sockaddr_in       offender;
 379        } errhdr;
 380        int err;
 381        int copied;
 382
 383        err = -EAGAIN;
 384        skb = skb_dequeue(&sk->sk_error_queue);
 385        if (skb == NULL)
 386                goto out;
 387
 388        copied = skb->len;
 389        if (copied > len) {
 390                msg->msg_flags |= MSG_TRUNC;
 391                copied = len;
 392        }
 393        err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
 394        if (err)
 395                goto out_free_skb;
 396
 397        sock_recv_timestamp(msg, sk, skb);
 398
 399        serr = SKB_EXT_ERR(skb);
 400
 401        sin = (struct sockaddr_in *)msg->msg_name;
 402        if (sin) {
 403                sin->sin_family = AF_INET;
 404                sin->sin_addr.s_addr = *(__be32 *)(skb_network_header(skb) +
 405                                                   serr->addr_offset);
 406                sin->sin_port = serr->port;
 407                memset(&sin->sin_zero, 0, sizeof(sin->sin_zero));
 408        }
 409
 410        memcpy(&errhdr.ee, &serr->ee, sizeof(struct sock_extended_err));
 411        sin = &errhdr.offender;
 412        sin->sin_family = AF_UNSPEC;
 413        if (serr->ee.ee_origin == SO_EE_ORIGIN_ICMP) {
 414                struct inet_sock *inet = inet_sk(sk);
 415
 416                sin->sin_family = AF_INET;
 417                sin->sin_addr.s_addr = ip_hdr(skb)->saddr;
 418                sin->sin_port = 0;
 419                memset(&sin->sin_zero, 0, sizeof(sin->sin_zero));
 420                if (inet->cmsg_flags)
 421                        ip_cmsg_recv(msg, skb);
 422        }
 423
 424        put_cmsg(msg, SOL_IP, IP_RECVERR, sizeof(errhdr), &errhdr);
 425
 426        /* Now we could try to dump offended packet options */
 427
 428        msg->msg_flags |= MSG_ERRQUEUE;
 429        err = copied;
 430
 431        /* Reset and regenerate socket error */
 432        spin_lock_bh(&sk->sk_error_queue.lock);
 433        sk->sk_err = 0;
 434        skb2 = skb_peek(&sk->sk_error_queue);
 435        if (skb2 != NULL) {
 436                sk->sk_err = SKB_EXT_ERR(skb2)->ee.ee_errno;
 437                spin_unlock_bh(&sk->sk_error_queue.lock);
 438                sk->sk_error_report(sk);
 439        } else
 440                spin_unlock_bh(&sk->sk_error_queue.lock);
 441
 442out_free_skb:
 443        kfree_skb(skb);
 444out:
 445        return err;
 446}
 447
 448
 449/*
 450 *      Socket option code for IP. This is the end of the line after any
 451 *      TCP,UDP etc options on an IP socket.
 452 */
 453
 454static int do_ip_setsockopt(struct sock *sk, int level,
 455                            int optname, char __user *optval, unsigned int optlen)
 456{
 457        struct inet_sock *inet = inet_sk(sk);
 458        int val = 0, err;
 459
 460        switch (optname) {
 461        case IP_PKTINFO:
 462        case IP_RECVTTL:
 463        case IP_RECVOPTS:
 464        case IP_RECVTOS:
 465        case IP_RETOPTS:
 466        case IP_TOS:
 467        case IP_TTL:
 468        case IP_HDRINCL:
 469        case IP_MTU_DISCOVER:
 470        case IP_RECVERR:
 471        case IP_ROUTER_ALERT:
 472        case IP_FREEBIND:
 473        case IP_PASSSEC:
 474        case IP_TRANSPARENT:
 475        case IP_MINTTL:
 476        case IP_NODEFRAG:
 477        case IP_UNICAST_IF:
 478        case IP_MULTICAST_TTL:
 479        case IP_MULTICAST_ALL:
 480        case IP_MULTICAST_LOOP:
 481        case IP_RECVORIGDSTADDR:
 482                if (optlen >= sizeof(int)) {
 483                        if (get_user(val, (int __user *) optval))
 484                                return -EFAULT;
 485                } else if (optlen >= sizeof(char)) {
 486                        unsigned char ucval;
 487
 488                        if (get_user(ucval, (unsigned char __user *) optval))
 489                                return -EFAULT;
 490                        val = (int) ucval;
 491                }
 492        }
 493
 494        /* If optlen==0, it is equivalent to val == 0 */
 495
 496        if (ip_mroute_opt(optname))
 497                return ip_mroute_setsockopt(sk, optname, optval, optlen);
 498
 499        err = 0;
 500        lock_sock(sk);
 501
 502        switch (optname) {
 503        case IP_OPTIONS:
 504        {
 505                struct ip_options_rcu *old, *opt = NULL;
 506
 507                if (optlen > 40)
 508                        goto e_inval;
 509                err = ip_options_get_from_user(sock_net(sk), &opt,
 510                                               optval, optlen);
 511                if (err)
 512                        break;
 513                old = rcu_dereference_protected(inet->inet_opt,
 514                                                sock_owned_by_user(sk));
 515                if (inet->is_icsk) {
 516                        struct inet_connection_sock *icsk = inet_csk(sk);
 517#if IS_ENABLED(CONFIG_IPV6)
 518                        if (sk->sk_family == PF_INET ||
 519                            (!((1 << sk->sk_state) &
 520                               (TCPF_LISTEN | TCPF_CLOSE)) &&
 521                             inet->inet_daddr != LOOPBACK4_IPV6)) {
 522#endif
 523                                if (old)
 524                                        icsk->icsk_ext_hdr_len -= old->opt.optlen;
 525                                if (opt)
 526                                        icsk->icsk_ext_hdr_len += opt->opt.optlen;
 527                                icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie);
 528#if IS_ENABLED(CONFIG_IPV6)
 529                        }
 530#endif
 531                }
 532                rcu_assign_pointer(inet->inet_opt, opt);
 533                if (old)
 534                        kfree_rcu(old, rcu);
 535                break;
 536        }
 537        case IP_PKTINFO:
 538                if (val)
 539                        inet->cmsg_flags |= IP_CMSG_PKTINFO;
 540                else
 541                        inet->cmsg_flags &= ~IP_CMSG_PKTINFO;
 542                break;
 543        case IP_RECVTTL:
 544                if (val)
 545                        inet->cmsg_flags |=  IP_CMSG_TTL;
 546                else
 547                        inet->cmsg_flags &= ~IP_CMSG_TTL;
 548                break;
 549        case IP_RECVTOS:
 550                if (val)
 551                        inet->cmsg_flags |=  IP_CMSG_TOS;
 552                else
 553                        inet->cmsg_flags &= ~IP_CMSG_TOS;
 554                break;
 555        case IP_RECVOPTS:
 556                if (val)
 557                        inet->cmsg_flags |=  IP_CMSG_RECVOPTS;
 558                else
 559                        inet->cmsg_flags &= ~IP_CMSG_RECVOPTS;
 560                break;
 561        case IP_RETOPTS:
 562                if (val)
 563                        inet->cmsg_flags |= IP_CMSG_RETOPTS;
 564                else
 565                        inet->cmsg_flags &= ~IP_CMSG_RETOPTS;
 566                break;
 567        case IP_PASSSEC:
 568                if (val)
 569                        inet->cmsg_flags |= IP_CMSG_PASSSEC;
 570                else
 571                        inet->cmsg_flags &= ~IP_CMSG_PASSSEC;
 572                break;
 573        case IP_RECVORIGDSTADDR:
 574                if (val)
 575                        inet->cmsg_flags |= IP_CMSG_ORIGDSTADDR;
 576                else
 577                        inet->cmsg_flags &= ~IP_CMSG_ORIGDSTADDR;
 578                break;
 579        case IP_TOS:    /* This sets both TOS and Precedence */
 580                if (sk->sk_type == SOCK_STREAM) {
 581                        val &= ~INET_ECN_MASK;
 582                        val |= inet->tos & INET_ECN_MASK;
 583                }
 584                if (inet->tos != val) {
 585                        inet->tos = val;
 586                        sk->sk_priority = rt_tos2priority(val);
 587                        sk_dst_reset(sk);
 588                }
 589                break;
 590        case IP_TTL:
 591                if (optlen < 1)
 592                        goto e_inval;
 593                if (val != -1 && (val < 0 || val > 255))
 594                        goto e_inval;
 595                inet->uc_ttl = val;
 596                break;
 597        case IP_HDRINCL:
 598                if (sk->sk_type != SOCK_RAW) {
 599                        err = -ENOPROTOOPT;
 600                        break;
 601                }
 602                inet->hdrincl = val ? 1 : 0;
 603                break;
 604        case IP_NODEFRAG:
 605                if (sk->sk_type != SOCK_RAW) {
 606                        err = -ENOPROTOOPT;
 607                        break;
 608                }
 609                inet->nodefrag = val ? 1 : 0;
 610                break;
 611        case IP_MTU_DISCOVER:
 612                if (val < IP_PMTUDISC_DONT || val > IP_PMTUDISC_PROBE)
 613                        goto e_inval;
 614                inet->pmtudisc = val;
 615                break;
 616        case IP_RECVERR:
 617                inet->recverr = !!val;
 618                if (!val)
 619                        skb_queue_purge(&sk->sk_error_queue);
 620                break;
 621        case IP_MULTICAST_TTL:
 622                if (sk->sk_type == SOCK_STREAM)
 623                        goto e_inval;
 624                if (optlen < 1)
 625                        goto e_inval;
 626                if (val == -1)
 627                        val = 1;
 628                if (val < 0 || val > 255)
 629                        goto e_inval;
 630                inet->mc_ttl = val;
 631                break;
 632        case IP_MULTICAST_LOOP:
 633                if (optlen < 1)
 634                        goto e_inval;
 635                inet->mc_loop = !!val;
 636                break;
 637        case IP_UNICAST_IF:
 638        {
 639                struct net_device *dev = NULL;
 640                int ifindex;
 641
 642                if (optlen != sizeof(int))
 643                        goto e_inval;
 644
 645                ifindex = (__force int)ntohl((__force __be32)val);
 646                if (ifindex == 0) {
 647                        inet->uc_index = 0;
 648                        err = 0;
 649                        break;
 650                }
 651
 652                dev = dev_get_by_index(sock_net(sk), ifindex);
 653                err = -EADDRNOTAVAIL;
 654                if (!dev)
 655                        break;
 656                dev_put(dev);
 657
 658                err = -EINVAL;
 659                if (sk->sk_bound_dev_if)
 660                        break;
 661
 662                inet->uc_index = ifindex;
 663                err = 0;
 664                break;
 665        }
 666        case IP_MULTICAST_IF:
 667        {
 668                struct ip_mreqn mreq;
 669                struct net_device *dev = NULL;
 670
 671                if (sk->sk_type == SOCK_STREAM)
 672                        goto e_inval;
 673                /*
 674                 *      Check the arguments are allowable
 675                 */
 676
 677                if (optlen < sizeof(struct in_addr))
 678                        goto e_inval;
 679
 680                err = -EFAULT;
 681                if (optlen >= sizeof(struct ip_mreqn)) {
 682                        if (copy_from_user(&mreq, optval, sizeof(mreq)))
 683                                break;
 684                } else {
 685                        memset(&mreq, 0, sizeof(mreq));
 686                        if (optlen >= sizeof(struct ip_mreq)) {
 687                                if (copy_from_user(&mreq, optval,
 688                                                   sizeof(struct ip_mreq)))
 689                                        break;
 690                        } else if (optlen >= sizeof(struct in_addr)) {
 691                                if (copy_from_user(&mreq.imr_address, optval,
 692                                                   sizeof(struct in_addr)))
 693                                        break;
 694                        }
 695                }
 696
 697                if (!mreq.imr_ifindex) {
 698                        if (mreq.imr_address.s_addr == htonl(INADDR_ANY)) {
 699                                inet->mc_index = 0;
 700                                inet->mc_addr  = 0;
 701                                err = 0;
 702                                break;
 703                        }
 704                        dev = ip_dev_find(sock_net(sk), mreq.imr_address.s_addr);
 705                        if (dev)
 706                                mreq.imr_ifindex = dev->ifindex;
 707                } else
 708                        dev = dev_get_by_index(sock_net(sk), mreq.imr_ifindex);
 709
 710
 711                err = -EADDRNOTAVAIL;
 712                if (!dev)
 713                        break;
 714                dev_put(dev);
 715
 716                err = -EINVAL;
 717                if (sk->sk_bound_dev_if &&
 718                    mreq.imr_ifindex != sk->sk_bound_dev_if)
 719                        break;
 720
 721                inet->mc_index = mreq.imr_ifindex;
 722                inet->mc_addr  = mreq.imr_address.s_addr;
 723                err = 0;
 724                break;
 725        }
 726
 727        case IP_ADD_MEMBERSHIP:
 728        case IP_DROP_MEMBERSHIP:
 729        {
 730                struct ip_mreqn mreq;
 731
 732                err = -EPROTO;
 733                if (inet_sk(sk)->is_icsk)
 734                        break;
 735
 736                if (optlen < sizeof(struct ip_mreq))
 737                        goto e_inval;
 738                err = -EFAULT;
 739                if (optlen >= sizeof(struct ip_mreqn)) {
 740                        if (copy_from_user(&mreq, optval, sizeof(mreq)))
 741                                break;
 742                } else {
 743                        memset(&mreq, 0, sizeof(mreq));
 744                        if (copy_from_user(&mreq, optval, sizeof(struct ip_mreq)))
 745                                break;
 746                }
 747
 748                if (optname == IP_ADD_MEMBERSHIP)
 749                        err = ip_mc_join_group(sk, &mreq);
 750                else
 751                        err = ip_mc_leave_group(sk, &mreq);
 752                break;
 753        }
 754        case IP_MSFILTER:
 755        {
 756                struct ip_msfilter *msf;
 757
 758                if (optlen < IP_MSFILTER_SIZE(0))
 759                        goto e_inval;
 760                if (optlen > sysctl_optmem_max) {
 761                        err = -ENOBUFS;
 762                        break;
 763                }
 764                msf = kmalloc(optlen, GFP_KERNEL);
 765                if (!msf) {
 766                        err = -ENOBUFS;
 767                        break;
 768                }
 769                err = -EFAULT;
 770                if (copy_from_user(msf, optval, optlen)) {
 771                        kfree(msf);
 772                        break;
 773                }
 774                /* numsrc >= (1G-4) overflow in 32 bits */
 775                if (msf->imsf_numsrc >= 0x3ffffffcU ||
 776                    msf->imsf_numsrc > sysctl_igmp_max_msf) {
 777                        kfree(msf);
 778                        err = -ENOBUFS;
 779                        break;
 780                }
 781                if (IP_MSFILTER_SIZE(msf->imsf_numsrc) > optlen) {
 782                        kfree(msf);
 783                        err = -EINVAL;
 784                        break;
 785                }
 786                err = ip_mc_msfilter(sk, msf, 0);
 787                kfree(msf);
 788                break;
 789        }
 790        case IP_BLOCK_SOURCE:
 791        case IP_UNBLOCK_SOURCE:
 792        case IP_ADD_SOURCE_MEMBERSHIP:
 793        case IP_DROP_SOURCE_MEMBERSHIP:
 794        {
 795                struct ip_mreq_source mreqs;
 796                int omode, add;
 797
 798                if (optlen != sizeof(struct ip_mreq_source))
 799                        goto e_inval;
 800                if (copy_from_user(&mreqs, optval, sizeof(mreqs))) {
 801                        err = -EFAULT;
 802                        break;
 803                }
 804                if (optname == IP_BLOCK_SOURCE) {
 805                        omode = MCAST_EXCLUDE;
 806                        add = 1;
 807                } else if (optname == IP_UNBLOCK_SOURCE) {
 808                        omode = MCAST_EXCLUDE;
 809                        add = 0;
 810                } else if (optname == IP_ADD_SOURCE_MEMBERSHIP) {
 811                        struct ip_mreqn mreq;
 812
 813                        mreq.imr_multiaddr.s_addr = mreqs.imr_multiaddr;
 814                        mreq.imr_address.s_addr = mreqs.imr_interface;
 815                        mreq.imr_ifindex = 0;
 816                        err = ip_mc_join_group(sk, &mreq);
 817                        if (err && err != -EADDRINUSE)
 818                                break;
 819                        omode = MCAST_INCLUDE;
 820                        add = 1;
 821                } else /* IP_DROP_SOURCE_MEMBERSHIP */ {
 822                        omode = MCAST_INCLUDE;
 823                        add = 0;
 824                }
 825                err = ip_mc_source(add, omode, sk, &mreqs, 0);
 826                break;
 827        }
 828        case MCAST_JOIN_GROUP:
 829        case MCAST_LEAVE_GROUP:
 830        {
 831                struct group_req greq;
 832                struct sockaddr_in *psin;
 833                struct ip_mreqn mreq;
 834
 835                if (optlen < sizeof(struct group_req))
 836                        goto e_inval;
 837                err = -EFAULT;
 838                if (copy_from_user(&greq, optval, sizeof(greq)))
 839                        break;
 840                psin = (struct sockaddr_in *)&greq.gr_group;
 841                if (psin->sin_family != AF_INET)
 842                        goto e_inval;
 843                memset(&mreq, 0, sizeof(mreq));
 844                mreq.imr_multiaddr = psin->sin_addr;
 845                mreq.imr_ifindex = greq.gr_interface;
 846
 847                if (optname == MCAST_JOIN_GROUP)
 848                        err = ip_mc_join_group(sk, &mreq);
 849                else
 850                        err = ip_mc_leave_group(sk, &mreq);
 851                break;
 852        }
 853        case MCAST_JOIN_SOURCE_GROUP:
 854        case MCAST_LEAVE_SOURCE_GROUP:
 855        case MCAST_BLOCK_SOURCE:
 856        case MCAST_UNBLOCK_SOURCE:
 857        {
 858                struct group_source_req greqs;
 859                struct ip_mreq_source mreqs;
 860                struct sockaddr_in *psin;
 861                int omode, add;
 862
 863                if (optlen != sizeof(struct group_source_req))
 864                        goto e_inval;
 865                if (copy_from_user(&greqs, optval, sizeof(greqs))) {
 866                        err = -EFAULT;
 867                        break;
 868                }
 869                if (greqs.gsr_group.ss_family != AF_INET ||
 870                    greqs.gsr_source.ss_family != AF_INET) {
 871                        err = -EADDRNOTAVAIL;
 872                        break;
 873                }
 874                psin = (struct sockaddr_in *)&greqs.gsr_group;
 875                mreqs.imr_multiaddr = psin->sin_addr.s_addr;
 876                psin = (struct sockaddr_in *)&greqs.gsr_source;
 877                mreqs.imr_sourceaddr = psin->sin_addr.s_addr;
 878                mreqs.imr_interface = 0; /* use index for mc_source */
 879
 880                if (optname == MCAST_BLOCK_SOURCE) {
 881                        omode = MCAST_EXCLUDE;
 882                        add = 1;
 883                } else if (optname == MCAST_UNBLOCK_SOURCE) {
 884                        omode = MCAST_EXCLUDE;
 885                        add = 0;
 886                } else if (optname == MCAST_JOIN_SOURCE_GROUP) {
 887                        struct ip_mreqn mreq;
 888
 889                        psin = (struct sockaddr_in *)&greqs.gsr_group;
 890                        mreq.imr_multiaddr = psin->sin_addr;
 891                        mreq.imr_address.s_addr = 0;
 892                        mreq.imr_ifindex = greqs.gsr_interface;
 893                        err = ip_mc_join_group(sk, &mreq);
 894                        if (err && err != -EADDRINUSE)
 895                                break;
 896                        greqs.gsr_interface = mreq.imr_ifindex;
 897                        omode = MCAST_INCLUDE;
 898                        add = 1;
 899                } else /* MCAST_LEAVE_SOURCE_GROUP */ {
 900                        omode = MCAST_INCLUDE;
 901                        add = 0;
 902                }
 903                err = ip_mc_source(add, omode, sk, &mreqs,
 904                                   greqs.gsr_interface);
 905                break;
 906        }
 907        case MCAST_MSFILTER:
 908        {
 909                struct sockaddr_in *psin;
 910                struct ip_msfilter *msf = NULL;
 911                struct group_filter *gsf = NULL;
 912                int msize, i, ifindex;
 913
 914                if (optlen < GROUP_FILTER_SIZE(0))
 915                        goto e_inval;
 916                if (optlen > sysctl_optmem_max) {
 917                        err = -ENOBUFS;
 918                        break;
 919                }
 920                gsf = kmalloc(optlen, GFP_KERNEL);
 921                if (!gsf) {
 922                        err = -ENOBUFS;
 923                        break;
 924                }
 925                err = -EFAULT;
 926                if (copy_from_user(gsf, optval, optlen))
 927                        goto mc_msf_out;
 928
 929                /* numsrc >= (4G-140)/128 overflow in 32 bits */
 930                if (gsf->gf_numsrc >= 0x1ffffff ||
 931                    gsf->gf_numsrc > sysctl_igmp_max_msf) {
 932                        err = -ENOBUFS;
 933                        goto mc_msf_out;
 934                }
 935                if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) {
 936                        err = -EINVAL;
 937                        goto mc_msf_out;
 938                }
 939                msize = IP_MSFILTER_SIZE(gsf->gf_numsrc);
 940                msf = kmalloc(msize, GFP_KERNEL);
 941                if (!msf) {
 942                        err = -ENOBUFS;
 943                        goto mc_msf_out;
 944                }
 945                ifindex = gsf->gf_interface;
 946                psin = (struct sockaddr_in *)&gsf->gf_group;
 947                if (psin->sin_family != AF_INET) {
 948                        err = -EADDRNOTAVAIL;
 949                        goto mc_msf_out;
 950                }
 951                msf->imsf_multiaddr = psin->sin_addr.s_addr;
 952                msf->imsf_interface = 0;
 953                msf->imsf_fmode = gsf->gf_fmode;
 954                msf->imsf_numsrc = gsf->gf_numsrc;
 955                err = -EADDRNOTAVAIL;
 956                for (i = 0; i < gsf->gf_numsrc; ++i) {
 957                        psin = (struct sockaddr_in *)&gsf->gf_slist[i];
 958
 959                        if (psin->sin_family != AF_INET)
 960                                goto mc_msf_out;
 961                        msf->imsf_slist[i] = psin->sin_addr.s_addr;
 962                }
 963                kfree(gsf);
 964                gsf = NULL;
 965
 966                err = ip_mc_msfilter(sk, msf, ifindex);
 967mc_msf_out:
 968                kfree(msf);
 969                kfree(gsf);
 970                break;
 971        }
 972        case IP_MULTICAST_ALL:
 973                if (optlen < 1)
 974                        goto e_inval;
 975                if (val != 0 && val != 1)
 976                        goto e_inval;
 977                inet->mc_all = val;
 978                break;
 979        case IP_ROUTER_ALERT:
 980                err = ip_ra_control(sk, val ? 1 : 0, NULL);
 981                break;
 982
 983        case IP_FREEBIND:
 984                if (optlen < 1)
 985                        goto e_inval;
 986                inet->freebind = !!val;
 987                break;
 988
 989        case IP_IPSEC_POLICY:
 990        case IP_XFRM_POLICY:
 991                err = -EPERM;
 992                if (!capable(CAP_NET_ADMIN))
 993                        break;
 994                err = xfrm_user_policy(sk, optname, optval, optlen);
 995                break;
 996
 997        case IP_TRANSPARENT:
 998                if (!!val && !capable(CAP_NET_RAW) && !capable(CAP_NET_ADMIN)) {
 999                        err = -EPERM;
1000                        break;
1001                }
1002                if (optlen < 1)
1003                        goto e_inval;
1004                inet->transparent = !!val;
1005                break;
1006
1007        case IP_MINTTL:
1008                if (optlen < 1)
1009                        goto e_inval;
1010                if (val < 0 || val > 255)
1011                        goto e_inval;
1012                inet->min_ttl = val;
1013                break;
1014
1015        default:
1016                err = -ENOPROTOOPT;
1017                break;
1018        }
1019        release_sock(sk);
1020        return err;
1021
1022e_inval:
1023        release_sock(sk);
1024        return -EINVAL;
1025}
1026
1027/**
1028 * ipv4_pktinfo_prepare - transfert some info from rtable to skb
1029 * @sk: socket
1030 * @skb: buffer
1031 *
1032 * To support IP_CMSG_PKTINFO option, we store rt_iif and specific
1033 * destination in skb->cb[] before dst drop.
1034 * This way, receiver doesnt make cache line misses to read rtable.
1035 */
1036void ipv4_pktinfo_prepare(struct sk_buff *skb)
1037{
1038        struct in_pktinfo *pktinfo = PKTINFO_SKB_CB(skb);
1039
1040        if (skb_rtable(skb)) {
1041                pktinfo->ipi_ifindex = inet_iif(skb);
1042                pktinfo->ipi_spec_dst.s_addr = fib_compute_spec_dst(skb);
1043        } else {
1044                pktinfo->ipi_ifindex = 0;
1045                pktinfo->ipi_spec_dst.s_addr = 0;
1046        }
1047        skb_dst_drop(skb);
1048}
1049
1050int ip_setsockopt(struct sock *sk, int level,
1051                int optname, char __user *optval, unsigned int optlen)
1052{
1053        int err;
1054
1055        if (level != SOL_IP)
1056                return -ENOPROTOOPT;
1057
1058        err = do_ip_setsockopt(sk, level, optname, optval, optlen);
1059#ifdef CONFIG_NETFILTER
1060        /* we need to exclude all possible ENOPROTOOPTs except default case */
1061        if (err == -ENOPROTOOPT && optname != IP_HDRINCL &&
1062                        optname != IP_IPSEC_POLICY &&
1063                        optname != IP_XFRM_POLICY &&
1064                        !ip_mroute_opt(optname)) {
1065                lock_sock(sk);
1066                err = nf_setsockopt(sk, PF_INET, optname, optval, optlen);
1067                release_sock(sk);
1068        }
1069#endif
1070        return err;
1071}
1072EXPORT_SYMBOL(ip_setsockopt);
1073
1074#ifdef CONFIG_COMPAT
1075int compat_ip_setsockopt(struct sock *sk, int level, int optname,
1076                         char __user *optval, unsigned int optlen)
1077{
1078        int err;
1079
1080        if (level != SOL_IP)
1081                return -ENOPROTOOPT;
1082
1083        if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER)
1084                return compat_mc_setsockopt(sk, level, optname, optval, optlen,
1085                        ip_setsockopt);
1086
1087        err = do_ip_setsockopt(sk, level, optname, optval, optlen);
1088#ifdef CONFIG_NETFILTER
1089        /* we need to exclude all possible ENOPROTOOPTs except default case */
1090        if (err == -ENOPROTOOPT && optname != IP_HDRINCL &&
1091                        optname != IP_IPSEC_POLICY &&
1092                        optname != IP_XFRM_POLICY &&
1093                        !ip_mroute_opt(optname)) {
1094                lock_sock(sk);
1095                err = compat_nf_setsockopt(sk, PF_INET, optname,
1096                                           optval, optlen);
1097                release_sock(sk);
1098        }
1099#endif
1100        return err;
1101}
1102EXPORT_SYMBOL(compat_ip_setsockopt);
1103#endif
1104
1105/*
1106 *      Get the options. Note for future reference. The GET of IP options gets
1107 *      the _received_ ones. The set sets the _sent_ ones.
1108 */
1109
1110static int do_ip_getsockopt(struct sock *sk, int level, int optname,
1111                            char __user *optval, int __user *optlen, unsigned int flags)
1112{
1113        struct inet_sock *inet = inet_sk(sk);
1114        int val;
1115        int len;
1116
1117        if (level != SOL_IP)
1118                return -EOPNOTSUPP;
1119
1120        if (ip_mroute_opt(optname))
1121                return ip_mroute_getsockopt(sk, optname, optval, optlen);
1122
1123        if (get_user(len, optlen))
1124                return -EFAULT;
1125        if (len < 0)
1126                return -EINVAL;
1127
1128        lock_sock(sk);
1129
1130        switch (optname) {
1131        case IP_OPTIONS:
1132        {
1133                unsigned char optbuf[sizeof(struct ip_options)+40];
1134                struct ip_options *opt = (struct ip_options *)optbuf;
1135                struct ip_options_rcu *inet_opt;
1136
1137                inet_opt = rcu_dereference_protected(inet->inet_opt,
1138                                                     sock_owned_by_user(sk));
1139                opt->optlen = 0;
1140                if (inet_opt)
1141                        memcpy(optbuf, &inet_opt->opt,
1142                               sizeof(struct ip_options) +
1143                               inet_opt->opt.optlen);
1144                release_sock(sk);
1145
1146                if (opt->optlen == 0)
1147                        return put_user(0, optlen);
1148
1149                ip_options_undo(opt);
1150
1151                len = min_t(unsigned int, len, opt->optlen);
1152                if (put_user(len, optlen))
1153                        return -EFAULT;
1154                if (copy_to_user(optval, opt->__data, len))
1155                        return -EFAULT;
1156                return 0;
1157        }
1158        case IP_PKTINFO:
1159                val = (inet->cmsg_flags & IP_CMSG_PKTINFO) != 0;
1160                break;
1161        case IP_RECVTTL:
1162                val = (inet->cmsg_flags & IP_CMSG_TTL) != 0;
1163                break;
1164        case IP_RECVTOS:
1165                val = (inet->cmsg_flags & IP_CMSG_TOS) != 0;
1166                break;
1167        case IP_RECVOPTS:
1168                val = (inet->cmsg_flags & IP_CMSG_RECVOPTS) != 0;
1169                break;
1170        case IP_RETOPTS:
1171                val = (inet->cmsg_flags & IP_CMSG_RETOPTS) != 0;
1172                break;
1173        case IP_PASSSEC:
1174                val = (inet->cmsg_flags & IP_CMSG_PASSSEC) != 0;
1175                break;
1176        case IP_RECVORIGDSTADDR:
1177                val = (inet->cmsg_flags & IP_CMSG_ORIGDSTADDR) != 0;
1178                break;
1179        case IP_TOS:
1180                val = inet->tos;
1181                break;
1182        case IP_TTL:
1183                val = (inet->uc_ttl == -1 ?
1184                       sysctl_ip_default_ttl :
1185                       inet->uc_ttl);
1186                break;
1187        case IP_HDRINCL:
1188                val = inet->hdrincl;
1189                break;
1190        case IP_NODEFRAG:
1191                val = inet->nodefrag;
1192                break;
1193        case IP_MTU_DISCOVER:
1194                val = inet->pmtudisc;
1195                break;
1196        case IP_MTU:
1197        {
1198                struct dst_entry *dst;
1199                val = 0;
1200                dst = sk_dst_get(sk);
1201                if (dst) {
1202                        val = dst_mtu(dst);
1203                        dst_release(dst);
1204                }
1205                if (!val) {
1206                        release_sock(sk);
1207                        return -ENOTCONN;
1208                }
1209                break;
1210        }
1211        case IP_RECVERR:
1212                val = inet->recverr;
1213                break;
1214        case IP_MULTICAST_TTL:
1215                val = inet->mc_ttl;
1216                break;
1217        case IP_MULTICAST_LOOP:
1218                val = inet->mc_loop;
1219                break;
1220        case IP_UNICAST_IF:
1221                val = (__force int)htonl((__u32) inet->uc_index);
1222                break;
1223        case IP_MULTICAST_IF:
1224        {
1225                struct in_addr addr;
1226                len = min_t(unsigned int, len, sizeof(struct in_addr));
1227                addr.s_addr = inet->mc_addr;
1228                release_sock(sk);
1229
1230                if (put_user(len, optlen))
1231                        return -EFAULT;
1232                if (copy_to_user(optval, &addr, len))
1233                        return -EFAULT;
1234                return 0;
1235        }
1236        case IP_MSFILTER:
1237        {
1238                struct ip_msfilter msf;
1239                int err;
1240
1241                if (len < IP_MSFILTER_SIZE(0)) {
1242                        release_sock(sk);
1243                        return -EINVAL;
1244                }
1245                if (copy_from_user(&msf, optval, IP_MSFILTER_SIZE(0))) {
1246                        release_sock(sk);
1247                        return -EFAULT;
1248                }
1249                err = ip_mc_msfget(sk, &msf,
1250                                   (struct ip_msfilter __user *)optval, optlen);
1251                release_sock(sk);
1252                return err;
1253        }
1254        case MCAST_MSFILTER:
1255        {
1256                struct group_filter gsf;
1257                int err;
1258
1259                if (len < GROUP_FILTER_SIZE(0)) {
1260                        release_sock(sk);
1261                        return -EINVAL;
1262                }
1263                if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0))) {
1264                        release_sock(sk);
1265                        return -EFAULT;
1266                }
1267                err = ip_mc_gsfget(sk, &gsf,
1268                                   (struct group_filter __user *)optval,
1269                                   optlen);
1270                release_sock(sk);
1271                return err;
1272        }
1273        case IP_MULTICAST_ALL:
1274                val = inet->mc_all;
1275                break;
1276        case IP_PKTOPTIONS:
1277        {
1278                struct msghdr msg;
1279
1280                release_sock(sk);
1281
1282                if (sk->sk_type != SOCK_STREAM)
1283                        return -ENOPROTOOPT;
1284
1285                msg.msg_control = optval;
1286                msg.msg_controllen = len;
1287                msg.msg_flags = flags;
1288
1289                if (inet->cmsg_flags & IP_CMSG_PKTINFO) {
1290                        struct in_pktinfo info;
1291
1292                        info.ipi_addr.s_addr = inet->inet_rcv_saddr;
1293                        info.ipi_spec_dst.s_addr = inet->inet_rcv_saddr;
1294                        info.ipi_ifindex = inet->mc_index;
1295                        put_cmsg(&msg, SOL_IP, IP_PKTINFO, sizeof(info), &info);
1296                }
1297                if (inet->cmsg_flags & IP_CMSG_TTL) {
1298                        int hlim = inet->mc_ttl;
1299                        put_cmsg(&msg, SOL_IP, IP_TTL, sizeof(hlim), &hlim);
1300                }
1301                if (inet->cmsg_flags & IP_CMSG_TOS) {
1302                        int tos = inet->rcv_tos;
1303                        put_cmsg(&msg, SOL_IP, IP_TOS, sizeof(tos), &tos);
1304                }
1305                len -= msg.msg_controllen;
1306                return put_user(len, optlen);
1307        }
1308        case IP_FREEBIND:
1309                val = inet->freebind;
1310                break;
1311        case IP_TRANSPARENT:
1312                val = inet->transparent;
1313                break;
1314        case IP_MINTTL:
1315                val = inet->min_ttl;
1316                break;
1317        default:
1318                release_sock(sk);
1319                return -ENOPROTOOPT;
1320        }
1321        release_sock(sk);
1322
1323        if (len < sizeof(int) && len > 0 && val >= 0 && val <= 255) {
1324                unsigned char ucval = (unsigned char)val;
1325                len = 1;
1326                if (put_user(len, optlen))
1327                        return -EFAULT;
1328                if (copy_to_user(optval, &ucval, 1))
1329                        return -EFAULT;
1330        } else {
1331                len = min_t(unsigned int, sizeof(int), len);
1332                if (put_user(len, optlen))
1333                        return -EFAULT;
1334                if (copy_to_user(optval, &val, len))
1335                        return -EFAULT;
1336        }
1337        return 0;
1338}
1339
1340int ip_getsockopt(struct sock *sk, int level,
1341                  int optname, char __user *optval, int __user *optlen)
1342{
1343        int err;
1344
1345        err = do_ip_getsockopt(sk, level, optname, optval, optlen, 0);
1346#ifdef CONFIG_NETFILTER
1347        /* we need to exclude all possible ENOPROTOOPTs except default case */
1348        if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS &&
1349                        !ip_mroute_opt(optname)) {
1350                int len;
1351
1352                if (get_user(len, optlen))
1353                        return -EFAULT;
1354
1355                lock_sock(sk);
1356                err = nf_getsockopt(sk, PF_INET, optname, optval,
1357                                &len);
1358                release_sock(sk);
1359                if (err >= 0)
1360                        err = put_user(len, optlen);
1361                return err;
1362        }
1363#endif
1364        return err;
1365}
1366EXPORT_SYMBOL(ip_getsockopt);
1367
1368#ifdef CONFIG_COMPAT
1369int compat_ip_getsockopt(struct sock *sk, int level, int optname,
1370                         char __user *optval, int __user *optlen)
1371{
1372        int err;
1373
1374        if (optname == MCAST_MSFILTER)
1375                return compat_mc_getsockopt(sk, level, optname, optval, optlen,
1376                        ip_getsockopt);
1377
1378        err = do_ip_getsockopt(sk, level, optname, optval, optlen,
1379                MSG_CMSG_COMPAT);
1380
1381#ifdef CONFIG_NETFILTER
1382        /* we need to exclude all possible ENOPROTOOPTs except default case */
1383        if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS &&
1384                        !ip_mroute_opt(optname)) {
1385                int len;
1386
1387                if (get_user(len, optlen))
1388                        return -EFAULT;
1389
1390                lock_sock(sk);
1391                err = compat_nf_getsockopt(sk, PF_INET, optname, optval, &len);
1392                release_sock(sk);
1393                if (err >= 0)
1394                        err = put_user(len, optlen);
1395                return err;
1396        }
1397#endif
1398        return err;
1399}
1400EXPORT_SYMBOL(compat_ip_getsockopt);
1401#endif
1402
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.