linux/net/ipv6/ipv6_sockglue.c
<<
>>
Prefs
   1/*
   2 *      IPv6 BSD socket options interface
   3 *      Linux INET6 implementation
   4 *
   5 *      Authors:
   6 *      Pedro Roque             <roque@di.fc.ul.pt>
   7 *
   8 *      Based on linux/net/ipv4/ip_sockglue.c
   9 *
  10 *      This program is free software; you can redistribute it and/or
  11 *      modify it under the terms of the GNU General Public License
  12 *      as published by the Free Software Foundation; either version
  13 *      2 of the License, or (at your option) any later version.
  14 *
  15 *      FIXME: Make the setsockopt code POSIX compliant: That is
  16 *
  17 *      o       Truncate getsockopt returns
  18 *      o       Return an optlen of the truncated length if need be
  19 *
  20 *      Changes:
  21 *      David L Stevens <dlstevens@us.ibm.com>:
  22 *              - added multicast source filtering API for MLDv2
  23 */
  24
  25#include <linux/module.h>
  26#include <linux/capability.h>
  27#include <linux/errno.h>
  28#include <linux/types.h>
  29#include <linux/socket.h>
  30#include <linux/sockios.h>
  31#include <linux/net.h>
  32#include <linux/in6.h>
  33#include <linux/mroute6.h>
  34#include <linux/netdevice.h>
  35#include <linux/if_arp.h>
  36#include <linux/init.h>
  37#include <linux/sysctl.h>
  38#include <linux/netfilter.h>
  39#include <linux/slab.h>
  40
  41#include <net/sock.h>
  42#include <net/snmp.h>
  43#include <net/ipv6.h>
  44#include <net/ndisc.h>
  45#include <net/protocol.h>
  46#include <net/transp_v6.h>
  47#include <net/ip6_route.h>
  48#include <net/addrconf.h>
  49#include <net/inet_common.h>
  50#include <net/tcp.h>
  51#include <net/udp.h>
  52#include <net/udplite.h>
  53#include <net/xfrm.h>
  54#include <net/compat.h>
  55
  56#include <asm/uaccess.h>
  57
  58struct ip6_ra_chain *ip6_ra_chain;
  59DEFINE_RWLOCK(ip6_ra_lock);
  60
  61int ip6_ra_control(struct sock *sk, int sel)
  62{
  63        struct ip6_ra_chain *ra, *new_ra, **rap;
  64
  65        /* RA packet may be delivered ONLY to IPPROTO_RAW socket */
  66        if (sk->sk_type != SOCK_RAW || inet_sk(sk)->inet_num != IPPROTO_RAW)
  67                return -ENOPROTOOPT;
  68
  69        new_ra = (sel>=0) ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL;
  70
  71        write_lock_bh(&ip6_ra_lock);
  72        for (rap = &ip6_ra_chain; (ra=*rap) != NULL; rap = &ra->next) {
  73                if (ra->sk == sk) {
  74                        if (sel>=0) {
  75                                write_unlock_bh(&ip6_ra_lock);
  76                                kfree(new_ra);
  77                                return -EADDRINUSE;
  78                        }
  79
  80                        *rap = ra->next;
  81                        write_unlock_bh(&ip6_ra_lock);
  82
  83                        sock_put(sk);
  84                        kfree(ra);
  85                        return 0;
  86                }
  87        }
  88        if (new_ra == NULL) {
  89                write_unlock_bh(&ip6_ra_lock);
  90                return -ENOBUFS;
  91        }
  92        new_ra->sk = sk;
  93        new_ra->sel = sel;
  94        new_ra->next = ra;
  95        *rap = new_ra;
  96        sock_hold(sk);
  97        write_unlock_bh(&ip6_ra_lock);
  98        return 0;
  99}
 100
 101static
 102struct ipv6_txoptions *ipv6_update_options(struct sock *sk,
 103                                           struct ipv6_txoptions *opt)
 104{
 105        if (inet_sk(sk)->is_icsk) {
 106                if (opt &&
 107                    !((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) &&
 108                    inet_sk(sk)->inet_daddr != LOOPBACK4_IPV6) {
 109                        struct inet_connection_sock *icsk = inet_csk(sk);
 110                        icsk->icsk_ext_hdr_len = opt->opt_flen + opt->opt_nflen;
 111                        icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie);
 112                }
 113                opt = xchg(&inet6_sk(sk)->opt, opt);
 114        } else {
 115                spin_lock(&sk->sk_dst_lock);
 116                opt = xchg(&inet6_sk(sk)->opt, opt);
 117                spin_unlock(&sk->sk_dst_lock);
 118        }
 119        sk_dst_reset(sk);
 120
 121        return opt;
 122}
 123
 124static int do_ipv6_setsockopt(struct sock *sk, int level, int optname,
 125                    char __user *optval, unsigned int optlen)
 126{
 127        struct ipv6_pinfo *np = inet6_sk(sk);
 128        struct net *net = sock_net(sk);
 129        int val, valbool;
 130        int retv = -ENOPROTOOPT;
 131
 132        if (optval == NULL)
 133                val=0;
 134        else {
 135                if (optlen >= sizeof(int)) {
 136                        if (get_user(val, (int __user *) optval))
 137                                return -EFAULT;
 138                } else
 139                        val = 0;
 140        }
 141
 142        valbool = (val!=0);
 143
 144        if (ip6_mroute_opt(optname))
 145                return ip6_mroute_setsockopt(sk, optname, optval, optlen);
 146
 147        lock_sock(sk);
 148
 149        switch (optname) {
 150
 151        case IPV6_ADDRFORM:
 152                if (optlen < sizeof(int))
 153                        goto e_inval;
 154                if (val == PF_INET) {
 155                        struct ipv6_txoptions *opt;
 156                        struct sk_buff *pktopt;
 157
 158                        if (sk->sk_type == SOCK_RAW)
 159                                break;
 160
 161                        if (sk->sk_protocol == IPPROTO_UDP ||
 162                            sk->sk_protocol == IPPROTO_UDPLITE) {
 163                                struct udp_sock *up = udp_sk(sk);
 164                                if (up->pending == AF_INET6) {
 165                                        retv = -EBUSY;
 166                                        break;
 167                                }
 168                        } else if (sk->sk_protocol != IPPROTO_TCP)
 169                                break;
 170
 171                        if (sk->sk_state != TCP_ESTABLISHED) {
 172                                retv = -ENOTCONN;
 173                                break;
 174                        }
 175
 176                        if (ipv6_only_sock(sk) ||
 177                            !ipv6_addr_v4mapped(&np->daddr)) {
 178                                retv = -EADDRNOTAVAIL;
 179                                break;
 180                        }
 181
 182                        fl6_free_socklist(sk);
 183                        ipv6_sock_mc_close(sk);
 184
 185                        /*
 186                         * Sock is moving from IPv6 to IPv4 (sk_prot), so
 187                         * remove it from the refcnt debug socks count in the
 188                         * original family...
 189                         */
 190                        sk_refcnt_debug_dec(sk);
 191
 192                        if (sk->sk_protocol == IPPROTO_TCP) {
 193                                struct inet_connection_sock *icsk = inet_csk(sk);
 194                                local_bh_disable();
 195                                sock_prot_inuse_add(net, sk->sk_prot, -1);
 196                                sock_prot_inuse_add(net, &tcp_prot, 1);
 197                                local_bh_enable();
 198                                sk->sk_prot = &tcp_prot;
 199                                icsk->icsk_af_ops = &ipv4_specific;
 200                                sk->sk_socket->ops = &inet_stream_ops;
 201                                sk->sk_family = PF_INET;
 202                                tcp_sync_mss(sk, icsk->icsk_pmtu_cookie);
 203                        } else {
 204                                struct proto *prot = &udp_prot;
 205
 206                                if (sk->sk_protocol == IPPROTO_UDPLITE)
 207                                        prot = &udplite_prot;
 208                                local_bh_disable();
 209                                sock_prot_inuse_add(net, sk->sk_prot, -1);
 210                                sock_prot_inuse_add(net, prot, 1);
 211                                local_bh_enable();
 212                                sk->sk_prot = prot;
 213                                sk->sk_socket->ops = &inet_dgram_ops;
 214                                sk->sk_family = PF_INET;
 215                        }
 216                        opt = xchg(&np->opt, NULL);
 217                        if (opt)
 218                                sock_kfree_s(sk, opt, opt->tot_len);
 219                        pktopt = xchg(&np->pktoptions, NULL);
 220                        kfree_skb(pktopt);
 221
 222                        sk->sk_destruct = inet_sock_destruct;
 223                        /*
 224                         * ... and add it to the refcnt debug socks count
 225                         * in the new family. -acme
 226                         */
 227                        sk_refcnt_debug_inc(sk);
 228                        module_put(THIS_MODULE);
 229                        retv = 0;
 230                        break;
 231                }
 232                goto e_inval;
 233
 234        case IPV6_V6ONLY:
 235                if (optlen < sizeof(int) ||
 236                    inet_sk(sk)->inet_num)
 237                        goto e_inval;
 238                np->ipv6only = valbool;
 239                retv = 0;
 240                break;
 241
 242        case IPV6_RECVPKTINFO:
 243                if (optlen < sizeof(int))
 244                        goto e_inval;
 245                np->rxopt.bits.rxinfo = valbool;
 246                retv = 0;
 247                break;
 248
 249        case IPV6_2292PKTINFO:
 250                if (optlen < sizeof(int))
 251                        goto e_inval;
 252                np->rxopt.bits.rxoinfo = valbool;
 253                retv = 0;
 254                break;
 255
 256        case IPV6_RECVHOPLIMIT:
 257                if (optlen < sizeof(int))
 258                        goto e_inval;
 259                np->rxopt.bits.rxhlim = valbool;
 260                retv = 0;
 261                break;
 262
 263        case IPV6_2292HOPLIMIT:
 264                if (optlen < sizeof(int))
 265                        goto e_inval;
 266                np->rxopt.bits.rxohlim = valbool;
 267                retv = 0;
 268                break;
 269
 270        case IPV6_RECVRTHDR:
 271                if (optlen < sizeof(int))
 272                        goto e_inval;
 273                np->rxopt.bits.srcrt = valbool;
 274                retv = 0;
 275                break;
 276
 277        case IPV6_2292RTHDR:
 278                if (optlen < sizeof(int))
 279                        goto e_inval;
 280                np->rxopt.bits.osrcrt = valbool;
 281                retv = 0;
 282                break;
 283
 284        case IPV6_RECVHOPOPTS:
 285                if (optlen < sizeof(int))
 286                        goto e_inval;
 287                np->rxopt.bits.hopopts = valbool;
 288                retv = 0;
 289                break;
 290
 291        case IPV6_2292HOPOPTS:
 292                if (optlen < sizeof(int))
 293                        goto e_inval;
 294                np->rxopt.bits.ohopopts = valbool;
 295                retv = 0;
 296                break;
 297
 298        case IPV6_RECVDSTOPTS:
 299                if (optlen < sizeof(int))
 300                        goto e_inval;
 301                np->rxopt.bits.dstopts = valbool;
 302                retv = 0;
 303                break;
 304
 305        case IPV6_2292DSTOPTS:
 306                if (optlen < sizeof(int))
 307                        goto e_inval;
 308                np->rxopt.bits.odstopts = valbool;
 309                retv = 0;
 310                break;
 311
 312        case IPV6_TCLASS:
 313                if (optlen < sizeof(int))
 314                        goto e_inval;
 315                if (val < -1 || val > 0xff)
 316                        goto e_inval;
 317                /* RFC 3542, 6.5: default traffic class of 0x0 */
 318                if (val == -1)
 319                        val = 0;
 320                np->tclass = val;
 321                retv = 0;
 322                break;
 323
 324        case IPV6_RECVTCLASS:
 325                if (optlen < sizeof(int))
 326                        goto e_inval;
 327                np->rxopt.bits.rxtclass = valbool;
 328                retv = 0;
 329                break;
 330
 331        case IPV6_FLOWINFO:
 332                if (optlen < sizeof(int))
 333                        goto e_inval;
 334                np->rxopt.bits.rxflow = valbool;
 335                retv = 0;
 336                break;
 337
 338        case IPV6_RECVPATHMTU:
 339                if (optlen < sizeof(int))
 340                        goto e_inval;
 341                np->rxopt.bits.rxpmtu = valbool;
 342                retv = 0;
 343                break;
 344
 345        case IPV6_TRANSPARENT:
 346                if (valbool && !capable(CAP_NET_ADMIN) && !capable(CAP_NET_RAW)) {
 347                        retv = -EPERM;
 348                        break;
 349                }
 350                if (optlen < sizeof(int))
 351                        goto e_inval;
 352                /* we don't have a separate transparent bit for IPV6 we use the one in the IPv4 socket */
 353                inet_sk(sk)->transparent = valbool;
 354                retv = 0;
 355                break;
 356
 357        case IPV6_RECVORIGDSTADDR:
 358                if (optlen < sizeof(int))
 359                        goto e_inval;
 360                np->rxopt.bits.rxorigdstaddr = valbool;
 361                retv = 0;
 362                break;
 363
 364        case IPV6_HOPOPTS:
 365        case IPV6_RTHDRDSTOPTS:
 366        case IPV6_RTHDR:
 367        case IPV6_DSTOPTS:
 368        {
 369                struct ipv6_txoptions *opt;
 370
 371                /* remove any sticky options header with a zero option
 372                 * length, per RFC3542.
 373                 */
 374                if (optlen == 0)
 375                        optval = NULL;
 376                else if (optval == NULL)
 377                        goto e_inval;
 378                else if (optlen < sizeof(struct ipv6_opt_hdr) ||
 379                         optlen & 0x7 || optlen > 8 * 255)
 380                        goto e_inval;
 381
 382                /* hop-by-hop / destination options are privileged option */
 383                retv = -EPERM;
 384                if (optname != IPV6_RTHDR && !capable(CAP_NET_RAW))
 385                        break;
 386
 387                opt = ipv6_renew_options(sk, np->opt, optname,
 388                                         (struct ipv6_opt_hdr __user *)optval,
 389                                         optlen);
 390                if (IS_ERR(opt)) {
 391                        retv = PTR_ERR(opt);
 392                        break;
 393                }
 394
 395                /* routing header option needs extra check */
 396                retv = -EINVAL;
 397                if (optname == IPV6_RTHDR && opt && opt->srcrt) {
 398                        struct ipv6_rt_hdr *rthdr = opt->srcrt;
 399                        switch (rthdr->type) {
 400#if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE)
 401                        case IPV6_SRCRT_TYPE_2:
 402                                if (rthdr->hdrlen != 2 ||
 403                                    rthdr->segments_left != 1)
 404                                        goto sticky_done;
 405
 406                                break;
 407#endif
 408                        default:
 409                                goto sticky_done;
 410                        }
 411                }
 412
 413                retv = 0;
 414                opt = ipv6_update_options(sk, opt);
 415sticky_done:
 416                if (opt)
 417                        sock_kfree_s(sk, opt, opt->tot_len);
 418                break;
 419        }
 420
 421        case IPV6_PKTINFO:
 422        {
 423                struct in6_pktinfo pkt;
 424
 425                if (optlen == 0)
 426                        goto e_inval;
 427                else if (optlen < sizeof(struct in6_pktinfo) || optval == NULL)
 428                        goto e_inval;
 429
 430                if (copy_from_user(&pkt, optval, sizeof(struct in6_pktinfo))) {
 431                                retv = -EFAULT;
 432                                break;
 433                }
 434                if (sk->sk_bound_dev_if && pkt.ipi6_ifindex != sk->sk_bound_dev_if)
 435                        goto e_inval;
 436
 437                np->sticky_pktinfo.ipi6_ifindex = pkt.ipi6_ifindex;
 438                np->sticky_pktinfo.ipi6_addr = pkt.ipi6_addr;
 439                retv = 0;
 440                break;
 441        }
 442
 443        case IPV6_2292PKTOPTIONS:
 444        {
 445                struct ipv6_txoptions *opt = NULL;
 446                struct msghdr msg;
 447                struct flowi6 fl6;
 448                int junk;
 449
 450                memset(&fl6, 0, sizeof(fl6));
 451                fl6.flowi6_oif = sk->sk_bound_dev_if;
 452                fl6.flowi6_mark = sk->sk_mark;
 453
 454                if (optlen == 0)
 455                        goto update;
 456
 457                /* 1K is probably excessive
 458                 * 1K is surely not enough, 2K per standard header is 16K.
 459                 */
 460                retv = -EINVAL;
 461                if (optlen > 64*1024)
 462                        break;
 463
 464                opt = sock_kmalloc(sk, sizeof(*opt) + optlen, GFP_KERNEL);
 465                retv = -ENOBUFS;
 466                if (opt == NULL)
 467                        break;
 468
 469                memset(opt, 0, sizeof(*opt));
 470                opt->tot_len = sizeof(*opt) + optlen;
 471                retv = -EFAULT;
 472                if (copy_from_user(opt+1, optval, optlen))
 473                        goto done;
 474
 475                msg.msg_controllen = optlen;
 476                msg.msg_control = (void*)(opt+1);
 477
 478                retv = datagram_send_ctl(net, sk, &msg, &fl6, opt, &junk, &junk,
 479                                         &junk);
 480                if (retv)
 481                        goto done;
 482update:
 483                retv = 0;
 484                opt = ipv6_update_options(sk, opt);
 485done:
 486                if (opt)
 487                        sock_kfree_s(sk, opt, opt->tot_len);
 488                break;
 489        }
 490        case IPV6_UNICAST_HOPS:
 491                if (optlen < sizeof(int))
 492                        goto e_inval;
 493                if (val > 255 || val < -1)
 494                        goto e_inval;
 495                np->hop_limit = val;
 496                retv = 0;
 497                break;
 498
 499        case IPV6_MULTICAST_HOPS:
 500                if (sk->sk_type == SOCK_STREAM)
 501                        break;
 502                if (optlen < sizeof(int))
 503                        goto e_inval;
 504                if (val > 255 || val < -1)
 505                        goto e_inval;
 506                np->mcast_hops = (val == -1 ? IPV6_DEFAULT_MCASTHOPS : val);
 507                retv = 0;
 508                break;
 509
 510        case IPV6_MULTICAST_LOOP:
 511                if (optlen < sizeof(int))
 512                        goto e_inval;
 513                if (val != valbool)
 514                        goto e_inval;
 515                np->mc_loop = valbool;
 516                retv = 0;
 517                break;
 518
 519        case IPV6_UNICAST_IF:
 520        {
 521                struct net_device *dev = NULL;
 522                int ifindex;
 523
 524                if (optlen != sizeof(int))
 525                        goto e_inval;
 526
 527                ifindex = (__force int)ntohl((__force __be32)val);
 528                if (ifindex == 0) {
 529                        np->ucast_oif = 0;
 530                        retv = 0;
 531                        break;
 532                }
 533
 534                dev = dev_get_by_index(net, ifindex);
 535                retv = -EADDRNOTAVAIL;
 536                if (!dev)
 537                        break;
 538                dev_put(dev);
 539
 540                retv = -EINVAL;
 541                if (sk->sk_bound_dev_if)
 542                        break;
 543
 544                np->ucast_oif = ifindex;
 545                retv = 0;
 546                break;
 547        }
 548
 549        case IPV6_MULTICAST_IF:
 550                if (sk->sk_type == SOCK_STREAM)
 551                        break;
 552                if (optlen < sizeof(int))
 553                        goto e_inval;
 554
 555                if (val) {
 556                        struct net_device *dev;
 557
 558                        if (sk->sk_bound_dev_if && sk->sk_bound_dev_if != val)
 559                                goto e_inval;
 560
 561                        dev = dev_get_by_index(net, val);
 562                        if (!dev) {
 563                                retv = -ENODEV;
 564                                break;
 565                        }
 566                        dev_put(dev);
 567                }
 568                np->mcast_oif = val;
 569                retv = 0;
 570                break;
 571        case IPV6_ADD_MEMBERSHIP:
 572        case IPV6_DROP_MEMBERSHIP:
 573        {
 574                struct ipv6_mreq mreq;
 575
 576                if (optlen < sizeof(struct ipv6_mreq))
 577                        goto e_inval;
 578
 579                retv = -EPROTO;
 580                if (inet_sk(sk)->is_icsk)
 581                        break;
 582
 583                retv = -EFAULT;
 584                if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq)))
 585                        break;
 586
 587                if (optname == IPV6_ADD_MEMBERSHIP)
 588                        retv = ipv6_sock_mc_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr);
 589                else
 590                        retv = ipv6_sock_mc_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr);
 591                break;
 592        }
 593        case IPV6_JOIN_ANYCAST:
 594        case IPV6_LEAVE_ANYCAST:
 595        {
 596                struct ipv6_mreq mreq;
 597
 598                if (optlen < sizeof(struct ipv6_mreq))
 599                        goto e_inval;
 600
 601                retv = -EFAULT;
 602                if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq)))
 603                        break;
 604
 605                if (optname == IPV6_JOIN_ANYCAST)
 606                        retv = ipv6_sock_ac_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr);
 607                else
 608                        retv = ipv6_sock_ac_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr);
 609                break;
 610        }
 611        case MCAST_JOIN_GROUP:
 612        case MCAST_LEAVE_GROUP:
 613        {
 614                struct group_req greq;
 615                struct sockaddr_in6 *psin6;
 616
 617                if (optlen < sizeof(struct group_req))
 618                        goto e_inval;
 619
 620                retv = -EFAULT;
 621                if (copy_from_user(&greq, optval, sizeof(struct group_req)))
 622                        break;
 623                if (greq.gr_group.ss_family != AF_INET6) {
 624                        retv = -EADDRNOTAVAIL;
 625                        break;
 626                }
 627                psin6 = (struct sockaddr_in6 *)&greq.gr_group;
 628                if (optname == MCAST_JOIN_GROUP)
 629                        retv = ipv6_sock_mc_join(sk, greq.gr_interface,
 630                                &psin6->sin6_addr);
 631                else
 632                        retv = ipv6_sock_mc_drop(sk, greq.gr_interface,
 633                                &psin6->sin6_addr);
 634                break;
 635        }
 636        case MCAST_JOIN_SOURCE_GROUP:
 637        case MCAST_LEAVE_SOURCE_GROUP:
 638        case MCAST_BLOCK_SOURCE:
 639        case MCAST_UNBLOCK_SOURCE:
 640        {
 641                struct group_source_req greqs;
 642                int omode, add;
 643
 644                if (optlen < sizeof(struct group_source_req))
 645                        goto e_inval;
 646                if (copy_from_user(&greqs, optval, sizeof(greqs))) {
 647                        retv = -EFAULT;
 648                        break;
 649                }
 650                if (greqs.gsr_group.ss_family != AF_INET6 ||
 651                    greqs.gsr_source.ss_family != AF_INET6) {
 652                        retv = -EADDRNOTAVAIL;
 653                        break;
 654                }
 655                if (optname == MCAST_BLOCK_SOURCE) {
 656                        omode = MCAST_EXCLUDE;
 657                        add = 1;
 658                } else if (optname == MCAST_UNBLOCK_SOURCE) {
 659                        omode = MCAST_EXCLUDE;
 660                        add = 0;
 661                } else if (optname == MCAST_JOIN_SOURCE_GROUP) {
 662                        struct sockaddr_in6 *psin6;
 663
 664                        psin6 = (struct sockaddr_in6 *)&greqs.gsr_group;
 665                        retv = ipv6_sock_mc_join(sk, greqs.gsr_interface,
 666                                &psin6->sin6_addr);
 667                        /* prior join w/ different source is ok */
 668                        if (retv && retv != -EADDRINUSE)
 669                                break;
 670                        omode = MCAST_INCLUDE;
 671                        add = 1;
 672                } else /* MCAST_LEAVE_SOURCE_GROUP */ {
 673                        omode = MCAST_INCLUDE;
 674                        add = 0;
 675                }
 676                retv = ip6_mc_source(add, omode, sk, &greqs);
 677                break;
 678        }
 679        case MCAST_MSFILTER:
 680        {
 681                struct group_filter *gsf;
 682
 683                if (optlen < GROUP_FILTER_SIZE(0))
 684                        goto e_inval;
 685                if (optlen > sysctl_optmem_max) {
 686                        retv = -ENOBUFS;
 687                        break;
 688                }
 689                gsf = kmalloc(optlen,GFP_KERNEL);
 690                if (!gsf) {
 691                        retv = -ENOBUFS;
 692                        break;
 693                }
 694                retv = -EFAULT;
 695                if (copy_from_user(gsf, optval, optlen)) {
 696                        kfree(gsf);
 697                        break;
 698                }
 699                /* numsrc >= (4G-140)/128 overflow in 32 bits */
 700                if (gsf->gf_numsrc >= 0x1ffffffU ||
 701                    gsf->gf_numsrc > sysctl_mld_max_msf) {
 702                        kfree(gsf);
 703                        retv = -ENOBUFS;
 704                        break;
 705                }
 706                if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) {
 707                        kfree(gsf);
 708                        retv = -EINVAL;
 709                        break;
 710                }
 711                retv = ip6_mc_msfilter(sk, gsf);
 712                kfree(gsf);
 713
 714                break;
 715        }
 716        case IPV6_ROUTER_ALERT:
 717                if (optlen < sizeof(int))
 718                        goto e_inval;
 719                retv = ip6_ra_control(sk, val);
 720                break;
 721        case IPV6_MTU_DISCOVER:
 722                if (optlen < sizeof(int))
 723                        goto e_inval;
 724                if (val < IP_PMTUDISC_DONT || val > IP_PMTUDISC_PROBE)
 725                        goto e_inval;
 726                np->pmtudisc = val;
 727                retv = 0;
 728                break;
 729        case IPV6_MTU:
 730                if (optlen < sizeof(int))
 731                        goto e_inval;
 732                if (val && val < IPV6_MIN_MTU)
 733                        goto e_inval;
 734                np->frag_size = val;
 735                retv = 0;
 736                break;
 737        case IPV6_RECVERR:
 738                if (optlen < sizeof(int))
 739                        goto e_inval;
 740                np->recverr = valbool;
 741                if (!val)
 742                        skb_queue_purge(&sk->sk_error_queue);
 743                retv = 0;
 744                break;
 745        case IPV6_FLOWINFO_SEND:
 746                if (optlen < sizeof(int))
 747                        goto e_inval;
 748                np->sndflow = valbool;
 749                retv = 0;
 750                break;
 751        case IPV6_FLOWLABEL_MGR:
 752                retv = ipv6_flowlabel_opt(sk, optval, optlen);
 753                break;
 754        case IPV6_IPSEC_POLICY:
 755        case IPV6_XFRM_POLICY:
 756                retv = -EPERM;
 757                if (!capable(CAP_NET_ADMIN))
 758                        break;
 759                retv = xfrm_user_policy(sk, optname, optval, optlen);
 760                break;
 761
 762        case IPV6_ADDR_PREFERENCES:
 763            {
 764                unsigned int pref = 0;
 765                unsigned int prefmask = ~0;
 766
 767                if (optlen < sizeof(int))
 768                        goto e_inval;
 769
 770                retv = -EINVAL;
 771
 772                /* check PUBLIC/TMP/PUBTMP_DEFAULT conflicts */
 773                switch (val & (IPV6_PREFER_SRC_PUBLIC|
 774                               IPV6_PREFER_SRC_TMP|
 775                               IPV6_PREFER_SRC_PUBTMP_DEFAULT)) {
 776                case IPV6_PREFER_SRC_PUBLIC:
 777                        pref |= IPV6_PREFER_SRC_PUBLIC;
 778                        break;
 779                case IPV6_PREFER_SRC_TMP:
 780                        pref |= IPV6_PREFER_SRC_TMP;
 781                        break;
 782                case IPV6_PREFER_SRC_PUBTMP_DEFAULT:
 783                        break;
 784                case 0:
 785                        goto pref_skip_pubtmp;
 786                default:
 787                        goto e_inval;
 788                }
 789
 790                prefmask &= ~(IPV6_PREFER_SRC_PUBLIC|
 791                              IPV6_PREFER_SRC_TMP);
 792pref_skip_pubtmp:
 793
 794                /* check HOME/COA conflicts */
 795                switch (val & (IPV6_PREFER_SRC_HOME|IPV6_PREFER_SRC_COA)) {
 796                case IPV6_PREFER_SRC_HOME:
 797                        break;
 798                case IPV6_PREFER_SRC_COA:
 799                        pref |= IPV6_PREFER_SRC_COA;
 800                case 0:
 801                        goto pref_skip_coa;
 802                default:
 803                        goto e_inval;
 804                }
 805
 806                prefmask &= ~IPV6_PREFER_SRC_COA;
 807pref_skip_coa:
 808
 809                /* check CGA/NONCGA conflicts */
 810                switch (val & (IPV6_PREFER_SRC_CGA|IPV6_PREFER_SRC_NONCGA)) {
 811                case IPV6_PREFER_SRC_CGA:
 812                case IPV6_PREFER_SRC_NONCGA:
 813                case 0:
 814                        break;
 815                default:
 816                        goto e_inval;
 817                }
 818
 819                np->srcprefs = (np->srcprefs & prefmask) | pref;
 820                retv = 0;
 821
 822                break;
 823            }
 824        case IPV6_MINHOPCOUNT:
 825                if (optlen < sizeof(int))
 826                        goto e_inval;
 827                if (val < 0 || val > 255)
 828                        goto e_inval;
 829                np->min_hopcount = val;
 830                retv = 0;
 831                break;
 832        case IPV6_DONTFRAG:
 833                np->dontfrag = valbool;
 834                retv = 0;
 835                break;
 836        }
 837
 838        release_sock(sk);
 839
 840        return retv;
 841
 842e_inval:
 843        release_sock(sk);
 844        return -EINVAL;
 845}
 846
 847int ipv6_setsockopt(struct sock *sk, int level, int optname,
 848                    char __user *optval, unsigned int optlen)
 849{
 850        int err;
 851
 852        if (level == SOL_IP && sk->sk_type != SOCK_RAW)
 853                return udp_prot.setsockopt(sk, level, optname, optval, optlen);
 854
 855        if (level != SOL_IPV6)
 856                return -ENOPROTOOPT;
 857
 858        err = do_ipv6_setsockopt(sk, level, optname, optval, optlen);
 859#ifdef CONFIG_NETFILTER
 860        /* we need to exclude all possible ENOPROTOOPTs except default case */
 861        if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY &&
 862                        optname != IPV6_XFRM_POLICY) {
 863                lock_sock(sk);
 864                err = nf_setsockopt(sk, PF_INET6, optname, optval,
 865                                optlen);
 866                release_sock(sk);
 867        }
 868#endif
 869        return err;
 870}
 871
 872EXPORT_SYMBOL(ipv6_setsockopt);
 873
 874#ifdef CONFIG_COMPAT
 875int compat_ipv6_setsockopt(struct sock *sk, int level, int optname,
 876                           char __user *optval, unsigned int optlen)
 877{
 878        int err;
 879
 880        if (level == SOL_IP && sk->sk_type != SOCK_RAW) {
 881                if (udp_prot.compat_setsockopt != NULL)
 882                        return udp_prot.compat_setsockopt(sk, level, optname,
 883                                                          optval, optlen);
 884                return udp_prot.setsockopt(sk, level, optname, optval, optlen);
 885        }
 886
 887        if (level != SOL_IPV6)
 888                return -ENOPROTOOPT;
 889
 890        if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER)
 891                return compat_mc_setsockopt(sk, level, optname, optval, optlen,
 892                        ipv6_setsockopt);
 893
 894        err = do_ipv6_setsockopt(sk, level, optname, optval, optlen);
 895#ifdef CONFIG_NETFILTER
 896        /* we need to exclude all possible ENOPROTOOPTs except default case */
 897        if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY &&
 898            optname != IPV6_XFRM_POLICY) {
 899                lock_sock(sk);
 900                err = compat_nf_setsockopt(sk, PF_INET6, optname,
 901                                           optval, optlen);
 902                release_sock(sk);
 903        }
 904#endif
 905        return err;
 906}
 907
 908EXPORT_SYMBOL(compat_ipv6_setsockopt);
 909#endif
 910
 911static int ipv6_getsockopt_sticky(struct sock *sk, struct ipv6_txoptions *opt,
 912                                  int optname, char __user *optval, int len)
 913{
 914        struct ipv6_opt_hdr *hdr;
 915
 916        if (!opt)
 917                return 0;
 918
 919        switch(optname) {
 920        case IPV6_HOPOPTS:
 921                hdr = opt->hopopt;
 922                break;
 923        case IPV6_RTHDRDSTOPTS:
 924                hdr = opt->dst0opt;
 925                break;
 926        case IPV6_RTHDR:
 927                hdr = (struct ipv6_opt_hdr *)opt->srcrt;
 928                break;
 929        case IPV6_DSTOPTS:
 930                hdr = opt->dst1opt;
 931                break;
 932        default:
 933                return -EINVAL; /* should not happen */
 934        }
 935
 936        if (!hdr)
 937                return 0;
 938
 939        len = min_t(unsigned int, len, ipv6_optlen(hdr));
 940        if (copy_to_user(optval, hdr, len))
 941                return -EFAULT;
 942        return len;
 943}
 944
 945static int do_ipv6_getsockopt(struct sock *sk, int level, int optname,
 946                    char __user *optval, int __user *optlen, unsigned int flags)
 947{
 948        struct ipv6_pinfo *np = inet6_sk(sk);
 949        int len;
 950        int val;
 951
 952        if (ip6_mroute_opt(optname))
 953                return ip6_mroute_getsockopt(sk, optname, optval, optlen);
 954
 955        if (get_user(len, optlen))
 956                return -EFAULT;
 957        switch (optname) {
 958        case IPV6_ADDRFORM:
 959                if (sk->sk_protocol != IPPROTO_UDP &&
 960                    sk->sk_protocol != IPPROTO_UDPLITE &&
 961                    sk->sk_protocol != IPPROTO_TCP)
 962                        return -ENOPROTOOPT;
 963                if (sk->sk_state != TCP_ESTABLISHED)
 964                        return -ENOTCONN;
 965                val = sk->sk_family;
 966                break;
 967        case MCAST_MSFILTER:
 968        {
 969                struct group_filter gsf;
 970                int err;
 971
 972                if (len < GROUP_FILTER_SIZE(0))
 973                        return -EINVAL;
 974                if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0)))
 975                        return -EFAULT;
 976                if (gsf.gf_group.ss_family != AF_INET6)
 977                        return -EADDRNOTAVAIL;
 978                lock_sock(sk);
 979                err = ip6_mc_msfget(sk, &gsf,
 980                        (struct group_filter __user *)optval, optlen);
 981                release_sock(sk);
 982                return err;
 983        }
 984
 985        case IPV6_2292PKTOPTIONS:
 986        {
 987                struct msghdr msg;
 988                struct sk_buff *skb;
 989
 990                if (sk->sk_type != SOCK_STREAM)
 991                        return -ENOPROTOOPT;
 992
 993                msg.msg_control = optval;
 994                msg.msg_controllen = len;
 995                msg.msg_flags = flags;
 996
 997                lock_sock(sk);
 998                skb = np->pktoptions;
 999                if (skb)
1000                        atomic_inc(&skb->users);
1001                release_sock(sk);
1002
1003                if (skb) {
1004                        int err = datagram_recv_ctl(sk, &msg, skb);
1005                        kfree_skb(skb);
1006                        if (err)
1007                                return err;
1008                } else {
1009                        if (np->rxopt.bits.rxinfo) {
1010                                struct in6_pktinfo src_info;
1011                                src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif :
1012                                        np->sticky_pktinfo.ipi6_ifindex;
1013                                src_info.ipi6_addr = np->mcast_oif ? np->daddr : np->sticky_pktinfo.ipi6_addr;
1014                                put_cmsg(&msg, SOL_IPV6, IPV6_PKTINFO, sizeof(src_info), &src_info);
1015                        }
1016                        if (np->rxopt.bits.rxhlim) {
1017                                int hlim = np->mcast_hops;
1018                                put_cmsg(&msg, SOL_IPV6, IPV6_HOPLIMIT, sizeof(hlim), &hlim);
1019                        }
1020                        if (np->rxopt.bits.rxtclass) {
1021                                int tclass = np->rcv_tclass;
1022                                put_cmsg(&msg, SOL_IPV6, IPV6_TCLASS, sizeof(tclass), &tclass);
1023                        }
1024                        if (np->rxopt.bits.rxoinfo) {
1025                                struct in6_pktinfo src_info;
1026                                src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif :
1027                                        np->sticky_pktinfo.ipi6_ifindex;
1028                                src_info.ipi6_addr = np->mcast_oif ? np->daddr : np->sticky_pktinfo.ipi6_addr;
1029                                put_cmsg(&msg, SOL_IPV6, IPV6_2292PKTINFO, sizeof(src_info), &src_info);
1030                        }
1031                        if (np->rxopt.bits.rxohlim) {
1032                                int hlim = np->mcast_hops;
1033                                put_cmsg(&msg, SOL_IPV6, IPV6_2292HOPLIMIT, sizeof(hlim), &hlim);
1034                        }
1035                }
1036                len -= msg.msg_controllen;
1037                return put_user(len, optlen);
1038        }
1039        case IPV6_MTU:
1040        {
1041                struct dst_entry *dst;
1042
1043                val = 0;
1044                rcu_read_lock();
1045                dst = __sk_dst_get(sk);
1046                if (dst)
1047                        val = dst_mtu(dst);
1048                rcu_read_unlock();
1049                if (!val)
1050                        return -ENOTCONN;
1051                break;
1052        }
1053
1054        case IPV6_V6ONLY:
1055                val = np->ipv6only;
1056                break;
1057
1058        case IPV6_RECVPKTINFO:
1059                val = np->rxopt.bits.rxinfo;
1060                break;
1061
1062        case IPV6_2292PKTINFO:
1063                val = np->rxopt.bits.rxoinfo;
1064                break;
1065
1066        case IPV6_RECVHOPLIMIT:
1067                val = np->rxopt.bits.rxhlim;
1068                break;
1069
1070        case IPV6_2292HOPLIMIT:
1071                val = np->rxopt.bits.rxohlim;
1072                break;
1073
1074        case IPV6_RECVRTHDR:
1075                val = np->rxopt.bits.srcrt;
1076                break;
1077
1078        case IPV6_2292RTHDR:
1079                val = np->rxopt.bits.osrcrt;
1080                break;
1081
1082        case IPV6_HOPOPTS:
1083        case IPV6_RTHDRDSTOPTS:
1084        case IPV6_RTHDR:
1085        case IPV6_DSTOPTS:
1086        {
1087
1088                lock_sock(sk);
1089                len = ipv6_getsockopt_sticky(sk, np->opt,
1090                                             optname, optval, len);
1091                release_sock(sk);
1092                /* check if ipv6_getsockopt_sticky() returns err code */
1093                if (len < 0)
1094                        return len;
1095                return put_user(len, optlen);
1096        }
1097
1098        case IPV6_RECVHOPOPTS:
1099                val = np->rxopt.bits.hopopts;
1100                break;
1101
1102        case IPV6_2292HOPOPTS:
1103                val = np->rxopt.bits.ohopopts;
1104                break;
1105
1106        case IPV6_RECVDSTOPTS:
1107                val = np->rxopt.bits.dstopts;
1108                break;
1109
1110        case IPV6_2292DSTOPTS:
1111                val = np->rxopt.bits.odstopts;
1112                break;
1113
1114        case IPV6_TCLASS:
1115                val = np->tclass;
1116                break;
1117
1118        case IPV6_RECVTCLASS:
1119                val = np->rxopt.bits.rxtclass;
1120                break;
1121
1122        case IPV6_FLOWINFO:
1123                val = np->rxopt.bits.rxflow;
1124                break;
1125
1126        case IPV6_RECVPATHMTU:
1127                val = np->rxopt.bits.rxpmtu;
1128                break;
1129
1130        case IPV6_PATHMTU:
1131        {
1132                struct dst_entry *dst;
1133                struct ip6_mtuinfo mtuinfo;
1134
1135                if (len < sizeof(mtuinfo))
1136                        return -EINVAL;
1137
1138                len = sizeof(mtuinfo);
1139                memset(&mtuinfo, 0, sizeof(mtuinfo));
1140
1141                rcu_read_lock();
1142                dst = __sk_dst_get(sk);
1143                if (dst)
1144                        mtuinfo.ip6m_mtu = dst_mtu(dst);
1145                rcu_read_unlock();
1146                if (!mtuinfo.ip6m_mtu)
1147                        return -ENOTCONN;
1148
1149                if (put_user(len, optlen))
1150                        return -EFAULT;
1151                if (copy_to_user(optval, &mtuinfo, len))
1152                        return -EFAULT;
1153
1154                return 0;
1155                break;
1156        }
1157
1158        case IPV6_TRANSPARENT:
1159                val = inet_sk(sk)->transparent;
1160                break;
1161
1162        case IPV6_RECVORIGDSTADDR:
1163                val = np->rxopt.bits.rxorigdstaddr;
1164                break;
1165
1166        case IPV6_UNICAST_HOPS:
1167        case IPV6_MULTICAST_HOPS:
1168        {
1169                struct dst_entry *dst;
1170
1171                if (optname == IPV6_UNICAST_HOPS)
1172                        val = np->hop_limit;
1173                else
1174                        val = np->mcast_hops;
1175
1176                if (val < 0) {
1177                        rcu_read_lock();
1178                        dst = __sk_dst_get(sk);
1179                        if (dst)
1180                                val = ip6_dst_hoplimit(dst);
1181                        rcu_read_unlock();
1182                }
1183
1184                if (val < 0)
1185                        val = sock_net(sk)->ipv6.devconf_all->hop_limit;
1186                break;
1187        }
1188
1189        case IPV6_MULTICAST_LOOP:
1190                val = np->mc_loop;
1191                break;
1192
1193        case IPV6_MULTICAST_IF:
1194                val = np->mcast_oif;
1195                break;
1196
1197        case IPV6_UNICAST_IF:
1198                val = (__force int)htonl((__u32) np->ucast_oif);
1199                break;
1200
1201        case IPV6_MTU_DISCOVER:
1202                val = np->pmtudisc;
1203                break;
1204
1205        case IPV6_RECVERR:
1206                val = np->recverr;
1207                break;
1208
1209        case IPV6_FLOWINFO_SEND:
1210                val = np->sndflow;
1211                break;
1212
1213        case IPV6_ADDR_PREFERENCES:
1214                val = 0;
1215
1216                if (np->srcprefs & IPV6_PREFER_SRC_TMP)
1217                        val |= IPV6_PREFER_SRC_TMP;
1218                else if (np->srcprefs & IPV6_PREFER_SRC_PUBLIC)
1219                        val |= IPV6_PREFER_SRC_PUBLIC;
1220                else {
1221                        /* XXX: should we return system default? */
1222                        val |= IPV6_PREFER_SRC_PUBTMP_DEFAULT;
1223                }
1224
1225                if (np->srcprefs & IPV6_PREFER_SRC_COA)
1226                        val |= IPV6_PREFER_SRC_COA;
1227                else
1228                        val |= IPV6_PREFER_SRC_HOME;
1229                break;
1230
1231        case IPV6_MINHOPCOUNT:
1232                val = np->min_hopcount;
1233                break;
1234
1235        case IPV6_DONTFRAG:
1236                val = np->dontfrag;
1237                break;
1238
1239        default:
1240                return -ENOPROTOOPT;
1241        }
1242        len = min_t(unsigned int, sizeof(int), len);
1243        if(put_user(len, optlen))
1244                return -EFAULT;
1245        if(copy_to_user(optval,&val,len))
1246                return -EFAULT;
1247        return 0;
1248}
1249
1250int ipv6_getsockopt(struct sock *sk, int level, int optname,
1251                    char __user *optval, int __user *optlen)
1252{
1253        int err;
1254
1255        if (level == SOL_IP && sk->sk_type != SOCK_RAW)
1256                return udp_prot.getsockopt(sk, level, optname, optval, optlen);
1257
1258        if(level != SOL_IPV6)
1259                return -ENOPROTOOPT;
1260
1261        err = do_ipv6_getsockopt(sk, level, optname, optval, optlen, 0);
1262#ifdef CONFIG_NETFILTER
1263        /* we need to exclude all possible ENOPROTOOPTs except default case */
1264        if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) {
1265                int len;
1266
1267                if (get_user(len, optlen))
1268                        return -EFAULT;
1269
1270                lock_sock(sk);
1271                err = nf_getsockopt(sk, PF_INET6, optname, optval,
1272                                &len);
1273                release_sock(sk);
1274                if (err >= 0)
1275                        err = put_user(len, optlen);
1276        }
1277#endif
1278        return err;
1279}
1280
1281EXPORT_SYMBOL(ipv6_getsockopt);
1282
1283#ifdef CONFIG_COMPAT
1284int compat_ipv6_getsockopt(struct sock *sk, int level, int optname,
1285                           char __user *optval, int __user *optlen)
1286{
1287        int err;
1288
1289        if (level == SOL_IP && sk->sk_type != SOCK_RAW) {
1290                if (udp_prot.compat_getsockopt != NULL)
1291                        return udp_prot.compat_getsockopt(sk, level, optname,
1292                                                          optval, optlen);
1293                return udp_prot.getsockopt(sk, level, optname, optval, optlen);
1294        }
1295
1296        if (level != SOL_IPV6)
1297                return -ENOPROTOOPT;
1298
1299        if (optname == MCAST_MSFILTER)
1300                return compat_mc_getsockopt(sk, level, optname, optval, optlen,
1301                        ipv6_getsockopt);
1302
1303        err = do_ipv6_getsockopt(sk, level, optname, optval, optlen,
1304                                 MSG_CMSG_COMPAT);
1305#ifdef CONFIG_NETFILTER
1306        /* we need to exclude all possible ENOPROTOOPTs except default case */
1307        if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) {
1308                int len;
1309
1310                if (get_user(len, optlen))
1311                        return -EFAULT;
1312
1313                lock_sock(sk);
1314                err = compat_nf_getsockopt(sk, PF_INET6,
1315                                           optname, optval, &len);
1316                release_sock(sk);
1317                if (err >= 0)
1318                        err = put_user(len, optlen);
1319        }
1320#endif
1321        return err;
1322}
1323
1324EXPORT_SYMBOL(compat_ipv6_getsockopt);
1325#endif
1326
1327
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.