linux/net/ipv4/ip_sockglue.c
<<
>>
Prefs
   1/*
   2 * INET         An implementation of the TCP/IP protocol suite for the LINUX
   3 *              operating system.  INET is implemented using the  BSD Socket
   4 *              interface as the means of communication with the user level.
   5 *
   6 *              The IP to API glue.
   7 *
   8 * Authors:     see ip.c
   9 *
  10 * Fixes:
  11 *              Many            :       Split from ip.c , see ip.c for history.
  12 *              Martin Mares    :       TOS setting fixed.
  13 *              Alan Cox        :       Fixed a couple of oopses in Martin's
  14 *                                      TOS tweaks.
  15 *              Mike McLagan    :       Routing by source
  16 */
  17
  18#include <linux/module.h>
  19#include <linux/types.h>
  20#include <linux/mm.h>
  21#include <linux/skbuff.h>
  22#include <linux/ip.h>
  23#include <linux/icmp.h>
  24#include <linux/inetdevice.h>
  25#include <linux/netdevice.h>
  26#include <linux/slab.h>
  27#include <net/sock.h>
  28#include <net/ip.h>
  29#include <net/icmp.h>
  30#include <net/tcp_states.h>
  31#include <linux/udp.h>
  32#include <linux/igmp.h>
  33#include <linux/netfilter.h>
  34#include <linux/route.h>
  35#include <linux/mroute.h>
  36#include <net/route.h>
  37#include <net/xfrm.h>
  38#include <net/compat.h>
  39#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
  40#include <net/transp_v6.h>
  41#endif
  42
  43#include <linux/errqueue.h>
  44#include <asm/uaccess.h>
  45
  46#define IP_CMSG_PKTINFO         1
  47#define IP_CMSG_TTL             2
  48#define IP_CMSG_TOS             4
  49#define IP_CMSG_RECVOPTS        8
  50#define IP_CMSG_RETOPTS         16
  51#define IP_CMSG_PASSSEC         32
  52#define IP_CMSG_ORIGDSTADDR     64
  53
  54/*
  55 *      SOL_IP control messages.
  56 */
  57
  58static void ip_cmsg_recv_pktinfo(struct msghdr *msg, struct sk_buff *skb)
  59{
  60        struct in_pktinfo info;
  61        struct rtable *rt = skb_rtable(skb);
  62
  63        info.ipi_addr.s_addr = ip_hdr(skb)->daddr;
  64        if (rt) {
  65                info.ipi_ifindex = rt->rt_iif;
  66                info.ipi_spec_dst.s_addr = rt->rt_spec_dst;
  67        } else {
  68                info.ipi_ifindex = 0;
  69                info.ipi_spec_dst.s_addr = 0;
  70        }
  71
  72        put_cmsg(msg, SOL_IP, IP_PKTINFO, sizeof(info), &info);
  73}
  74
  75static void ip_cmsg_recv_ttl(struct msghdr *msg, struct sk_buff *skb)
  76{
  77        int ttl = ip_hdr(skb)->ttl;
  78        put_cmsg(msg, SOL_IP, IP_TTL, sizeof(int), &ttl);
  79}
  80
  81static void ip_cmsg_recv_tos(struct msghdr *msg, struct sk_buff *skb)
  82{
  83        put_cmsg(msg, SOL_IP, IP_TOS, 1, &ip_hdr(skb)->tos);
  84}
  85
  86static void ip_cmsg_recv_opts(struct msghdr *msg, struct sk_buff *skb)
  87{
  88        if (IPCB(skb)->opt.optlen == 0)
  89                return;
  90
  91        put_cmsg(msg, SOL_IP, IP_RECVOPTS, IPCB(skb)->opt.optlen,
  92                 ip_hdr(skb) + 1);
  93}
  94
  95
  96static void ip_cmsg_recv_retopts(struct msghdr *msg, struct sk_buff *skb)
  97{
  98        unsigned char optbuf[sizeof(struct ip_options) + 40];
  99        struct ip_options * opt = (struct ip_options *)optbuf;
 100
 101        if (IPCB(skb)->opt.optlen == 0)
 102                return;
 103
 104        if (ip_options_echo(opt, skb)) {
 105                msg->msg_flags |= MSG_CTRUNC;
 106                return;
 107        }
 108        ip_options_undo(opt);
 109
 110        put_cmsg(msg, SOL_IP, IP_RETOPTS, opt->optlen, opt->__data);
 111}
 112
 113static void ip_cmsg_recv_security(struct msghdr *msg, struct sk_buff *skb)
 114{
 115        char *secdata;
 116        u32 seclen, secid;
 117        int err;
 118
 119        err = security_socket_getpeersec_dgram(NULL, skb, &secid);
 120        if (err)
 121                return;
 122
 123        err = security_secid_to_secctx(secid, &secdata, &seclen);
 124        if (err)
 125                return;
 126
 127        put_cmsg(msg, SOL_IP, SCM_SECURITY, seclen, secdata);
 128        security_release_secctx(secdata, seclen);
 129}
 130
 131static void ip_cmsg_recv_dstaddr(struct msghdr *msg, struct sk_buff *skb)
 132{
 133        struct sockaddr_in sin;
 134        struct iphdr *iph = ip_hdr(skb);
 135        __be16 *ports = (__be16 *)skb_transport_header(skb);
 136
 137        if (skb_transport_offset(skb) + 4 > skb->len)
 138                return;
 139
 140        /* All current transport protocols have the port numbers in the
 141         * first four bytes of the transport header and this function is
 142         * written with this assumption in mind.
 143         */
 144
 145        sin.sin_family = AF_INET;
 146        sin.sin_addr.s_addr = iph->daddr;
 147        sin.sin_port = ports[1];
 148        memset(sin.sin_zero, 0, sizeof(sin.sin_zero));
 149
 150        put_cmsg(msg, SOL_IP, IP_ORIGDSTADDR, sizeof(sin), &sin);
 151}
 152
 153void ip_cmsg_recv(struct msghdr *msg, struct sk_buff *skb)
 154{
 155        struct inet_sock *inet = inet_sk(skb->sk);
 156        unsigned flags = inet->cmsg_flags;
 157
 158        /* Ordered by supposed usage frequency */
 159        if (flags & 1)
 160                ip_cmsg_recv_pktinfo(msg, skb);
 161        if ((flags >>= 1) == 0)
 162                return;
 163
 164        if (flags & 1)
 165                ip_cmsg_recv_ttl(msg, skb);
 166        if ((flags >>= 1) == 0)
 167                return;
 168
 169        if (flags & 1)
 170                ip_cmsg_recv_tos(msg, skb);
 171        if ((flags >>= 1) == 0)
 172                return;
 173
 174        if (flags & 1)
 175                ip_cmsg_recv_opts(msg, skb);
 176        if ((flags >>= 1) == 0)
 177                return;
 178
 179        if (flags & 1)
 180                ip_cmsg_recv_retopts(msg, skb);
 181        if ((flags >>= 1) == 0)
 182                return;
 183
 184        if (flags & 1)
 185                ip_cmsg_recv_security(msg, skb);
 186
 187        if ((flags >>= 1) == 0)
 188                return;
 189        if (flags & 1)
 190                ip_cmsg_recv_dstaddr(msg, skb);
 191
 192}
 193EXPORT_SYMBOL(ip_cmsg_recv);
 194
 195int ip_cmsg_send(struct net *net, struct msghdr *msg, struct ipcm_cookie *ipc)
 196{
 197        int err;
 198        struct cmsghdr *cmsg;
 199
 200        for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) {
 201                if (!CMSG_OK(msg, cmsg))
 202                        return -EINVAL;
 203                if (cmsg->cmsg_level != SOL_IP)
 204                        continue;
 205                switch (cmsg->cmsg_type) {
 206                case IP_RETOPTS:
 207                        err = cmsg->cmsg_len - CMSG_ALIGN(sizeof(struct cmsghdr));
 208                        err = ip_options_get(net, &ipc->opt, CMSG_DATA(cmsg),
 209                                             err < 40 ? err : 40);
 210                        if (err)
 211                                return err;
 212                        break;
 213                case IP_PKTINFO:
 214                {
 215                        struct in_pktinfo *info;
 216                        if (cmsg->cmsg_len != CMSG_LEN(sizeof(struct in_pktinfo)))
 217                                return -EINVAL;
 218                        info = (struct in_pktinfo *)CMSG_DATA(cmsg);
 219                        ipc->oif = info->ipi_ifindex;
 220                        ipc->addr = info->ipi_spec_dst.s_addr;
 221                        break;
 222                }
 223                default:
 224                        return -EINVAL;
 225                }
 226        }
 227        return 0;
 228}
 229
 230
 231/* Special input handler for packets caught by router alert option.
 232   They are selected only by protocol field, and then processed likely
 233   local ones; but only if someone wants them! Otherwise, router
 234   not running rsvpd will kill RSVP.
 235
 236   It is user level problem, what it will make with them.
 237   I have no idea, how it will masquearde or NAT them (it is joke, joke :-)),
 238   but receiver should be enough clever f.e. to forward mtrace requests,
 239   sent to multicast group to reach destination designated router.
 240 */
 241struct ip_ra_chain *ip_ra_chain;
 242DEFINE_RWLOCK(ip_ra_lock);
 243
 244int ip_ra_control(struct sock *sk, unsigned char on,
 245                  void (*destructor)(struct sock *))
 246{
 247        struct ip_ra_chain *ra, *new_ra, **rap;
 248
 249        if (sk->sk_type != SOCK_RAW || inet_sk(sk)->inet_num == IPPROTO_RAW)
 250                return -EINVAL;
 251
 252        new_ra = on ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL;
 253
 254        write_lock_bh(&ip_ra_lock);
 255        for (rap = &ip_ra_chain; (ra = *rap) != NULL; rap = &ra->next) {
 256                if (ra->sk == sk) {
 257                        if (on) {
 258                                write_unlock_bh(&ip_ra_lock);
 259                                kfree(new_ra);
 260                                return -EADDRINUSE;
 261                        }
 262                        *rap = ra->next;
 263                        write_unlock_bh(&ip_ra_lock);
 264
 265                        if (ra->destructor)
 266                                ra->destructor(sk);
 267                        sock_put(sk);
 268                        kfree(ra);
 269                        return 0;
 270                }
 271        }
 272        if (new_ra == NULL) {
 273                write_unlock_bh(&ip_ra_lock);
 274                return -ENOBUFS;
 275        }
 276        new_ra->sk = sk;
 277        new_ra->destructor = destructor;
 278
 279        new_ra->next = ra;
 280        *rap = new_ra;
 281        sock_hold(sk);
 282        write_unlock_bh(&ip_ra_lock);
 283
 284        return 0;
 285}
 286
 287void ip_icmp_error(struct sock *sk, struct sk_buff *skb, int err,
 288                   __be16 port, u32 info, u8 *payload)
 289{
 290        struct sock_exterr_skb *serr;
 291
 292        skb = skb_clone(skb, GFP_ATOMIC);
 293        if (!skb)
 294                return;
 295
 296        serr = SKB_EXT_ERR(skb);
 297        serr->ee.ee_errno = err;
 298        serr->ee.ee_origin = SO_EE_ORIGIN_ICMP;
 299        serr->ee.ee_type = icmp_hdr(skb)->type;
 300        serr->ee.ee_code = icmp_hdr(skb)->code;
 301        serr->ee.ee_pad = 0;
 302        serr->ee.ee_info = info;
 303        serr->ee.ee_data = 0;
 304        serr->addr_offset = (u8 *)&(((struct iphdr *)(icmp_hdr(skb) + 1))->daddr) -
 305                                   skb_network_header(skb);
 306        serr->port = port;
 307
 308        if (skb_pull(skb, payload - skb->data) != NULL) {
 309                skb_reset_transport_header(skb);
 310                if (sock_queue_err_skb(sk, skb) == 0)
 311                        return;
 312        }
 313        kfree_skb(skb);
 314}
 315
 316void ip_local_error(struct sock *sk, int err, __be32 daddr, __be16 port, u32 info)
 317{
 318        struct inet_sock *inet = inet_sk(sk);
 319        struct sock_exterr_skb *serr;
 320        struct iphdr *iph;
 321        struct sk_buff *skb;
 322
 323        if (!inet->recverr)
 324                return;
 325
 326        skb = alloc_skb(sizeof(struct iphdr), GFP_ATOMIC);
 327        if (!skb)
 328                return;
 329
 330        skb_put(skb, sizeof(struct iphdr));
 331        skb_reset_network_header(skb);
 332        iph = ip_hdr(skb);
 333        iph->daddr = daddr;
 334
 335        serr = SKB_EXT_ERR(skb);
 336        serr->ee.ee_errno = err;
 337        serr->ee.ee_origin = SO_EE_ORIGIN_LOCAL;
 338        serr->ee.ee_type = 0;
 339        serr->ee.ee_code = 0;
 340        serr->ee.ee_pad = 0;
 341        serr->ee.ee_info = info;
 342        serr->ee.ee_data = 0;
 343        serr->addr_offset = (u8 *)&iph->daddr - skb_network_header(skb);
 344        serr->port = port;
 345
 346        __skb_pull(skb, skb_tail_pointer(skb) - skb->data);
 347        skb_reset_transport_header(skb);
 348
 349        if (sock_queue_err_skb(sk, skb))
 350                kfree_skb(skb);
 351}
 352
 353/*
 354 *      Handle MSG_ERRQUEUE
 355 */
 356int ip_recv_error(struct sock *sk, struct msghdr *msg, int len)
 357{
 358        struct sock_exterr_skb *serr;
 359        struct sk_buff *skb, *skb2;
 360        struct sockaddr_in *sin;
 361        struct {
 362                struct sock_extended_err ee;
 363                struct sockaddr_in       offender;
 364        } errhdr;
 365        int err;
 366        int copied;
 367
 368        err = -EAGAIN;
 369        skb = skb_dequeue(&sk->sk_error_queue);
 370        if (skb == NULL)
 371                goto out;
 372
 373        copied = skb->len;
 374        if (copied > len) {
 375                msg->msg_flags |= MSG_TRUNC;
 376                copied = len;
 377        }
 378        err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
 379        if (err)
 380                goto out_free_skb;
 381
 382        sock_recv_timestamp(msg, sk, skb);
 383
 384        serr = SKB_EXT_ERR(skb);
 385
 386        sin = (struct sockaddr_in *)msg->msg_name;
 387        if (sin) {
 388                sin->sin_family = AF_INET;
 389                sin->sin_addr.s_addr = *(__be32 *)(skb_network_header(skb) +
 390                                                   serr->addr_offset);
 391                sin->sin_port = serr->port;
 392                memset(&sin->sin_zero, 0, sizeof(sin->sin_zero));
 393        }
 394
 395        memcpy(&errhdr.ee, &serr->ee, sizeof(struct sock_extended_err));
 396        sin = &errhdr.offender;
 397        sin->sin_family = AF_UNSPEC;
 398        if (serr->ee.ee_origin == SO_EE_ORIGIN_ICMP) {
 399                struct inet_sock *inet = inet_sk(sk);
 400
 401                sin->sin_family = AF_INET;
 402                sin->sin_addr.s_addr = ip_hdr(skb)->saddr;
 403                sin->sin_port = 0;
 404                memset(&sin->sin_zero, 0, sizeof(sin->sin_zero));
 405                if (inet->cmsg_flags)
 406                        ip_cmsg_recv(msg, skb);
 407        }
 408
 409        put_cmsg(msg, SOL_IP, IP_RECVERR, sizeof(errhdr), &errhdr);
 410
 411        /* Now we could try to dump offended packet options */
 412
 413        msg->msg_flags |= MSG_ERRQUEUE;
 414        err = copied;
 415
 416        /* Reset and regenerate socket error */
 417        spin_lock_bh(&sk->sk_error_queue.lock);
 418        sk->sk_err = 0;
 419        skb2 = skb_peek(&sk->sk_error_queue);
 420        if (skb2 != NULL) {
 421                sk->sk_err = SKB_EXT_ERR(skb2)->ee.ee_errno;
 422                spin_unlock_bh(&sk->sk_error_queue.lock);
 423                sk->sk_error_report(sk);
 424        } else
 425                spin_unlock_bh(&sk->sk_error_queue.lock);
 426
 427out_free_skb:
 428        kfree_skb(skb);
 429out:
 430        return err;
 431}
 432
 433
 434/*
 435 *      Socket option code for IP. This is the end of the line after any
 436 *      TCP,UDP etc options on an IP socket.
 437 */
 438
 439static int do_ip_setsockopt(struct sock *sk, int level,
 440                            int optname, char __user *optval, unsigned int optlen)
 441{
 442        struct inet_sock *inet = inet_sk(sk);
 443        int val = 0, err;
 444
 445        if (((1<<optname) & ((1<<IP_PKTINFO) | (1<<IP_RECVTTL) |
 446                             (1<<IP_RECVOPTS) | (1<<IP_RECVTOS) |
 447                             (1<<IP_RETOPTS) | (1<<IP_TOS) |
 448                             (1<<IP_TTL) | (1<<IP_HDRINCL) |
 449                             (1<<IP_MTU_DISCOVER) | (1<<IP_RECVERR) |
 450                             (1<<IP_ROUTER_ALERT) | (1<<IP_FREEBIND) |
 451                             (1<<IP_PASSSEC) | (1<<IP_TRANSPARENT) |
 452                             (1<<IP_MINTTL))) ||
 453            optname == IP_MULTICAST_TTL ||
 454            optname == IP_MULTICAST_ALL ||
 455            optname == IP_MULTICAST_LOOP ||
 456            optname == IP_RECVORIGDSTADDR) {
 457                if (optlen >= sizeof(int)) {
 458                        if (get_user(val, (int __user *) optval))
 459                                return -EFAULT;
 460                } else if (optlen >= sizeof(char)) {
 461                        unsigned char ucval;
 462
 463                        if (get_user(ucval, (unsigned char __user *) optval))
 464                                return -EFAULT;
 465                        val = (int) ucval;
 466                }
 467        }
 468
 469        /* If optlen==0, it is equivalent to val == 0 */
 470
 471        if (ip_mroute_opt(optname))
 472                return ip_mroute_setsockopt(sk, optname, optval, optlen);
 473
 474        err = 0;
 475        lock_sock(sk);
 476
 477        switch (optname) {
 478        case IP_OPTIONS:
 479        {
 480                struct ip_options *opt = NULL;
 481                if (optlen > 40)
 482                        goto e_inval;
 483                err = ip_options_get_from_user(sock_net(sk), &opt,
 484                                               optval, optlen);
 485                if (err)
 486                        break;
 487                if (inet->is_icsk) {
 488                        struct inet_connection_sock *icsk = inet_csk(sk);
 489#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
 490                        if (sk->sk_family == PF_INET ||
 491                            (!((1 << sk->sk_state) &
 492                               (TCPF_LISTEN | TCPF_CLOSE)) &&
 493                             inet->inet_daddr != LOOPBACK4_IPV6)) {
 494#endif
 495                                if (inet->opt)
 496                                        icsk->icsk_ext_hdr_len -= inet->opt->optlen;
 497                                if (opt)
 498                                        icsk->icsk_ext_hdr_len += opt->optlen;
 499                                icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie);
 500#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
 501                        }
 502#endif
 503                }
 504                opt = xchg(&inet->opt, opt);
 505                kfree(opt);
 506                break;
 507        }
 508        case IP_PKTINFO:
 509                if (val)
 510                        inet->cmsg_flags |= IP_CMSG_PKTINFO;
 511                else
 512                        inet->cmsg_flags &= ~IP_CMSG_PKTINFO;
 513                break;
 514        case IP_RECVTTL:
 515                if (val)
 516                        inet->cmsg_flags |=  IP_CMSG_TTL;
 517                else
 518                        inet->cmsg_flags &= ~IP_CMSG_TTL;
 519                break;
 520        case IP_RECVTOS:
 521                if (val)
 522                        inet->cmsg_flags |=  IP_CMSG_TOS;
 523                else
 524                        inet->cmsg_flags &= ~IP_CMSG_TOS;
 525                break;
 526        case IP_RECVOPTS:
 527                if (val)
 528                        inet->cmsg_flags |=  IP_CMSG_RECVOPTS;
 529                else
 530                        inet->cmsg_flags &= ~IP_CMSG_RECVOPTS;
 531                break;
 532        case IP_RETOPTS:
 533                if (val)
 534                        inet->cmsg_flags |= IP_CMSG_RETOPTS;
 535                else
 536                        inet->cmsg_flags &= ~IP_CMSG_RETOPTS;
 537                break;
 538        case IP_PASSSEC:
 539                if (val)
 540                        inet->cmsg_flags |= IP_CMSG_PASSSEC;
 541                else
 542                        inet->cmsg_flags &= ~IP_CMSG_PASSSEC;
 543                break;
 544        case IP_RECVORIGDSTADDR:
 545                if (val)
 546                        inet->cmsg_flags |= IP_CMSG_ORIGDSTADDR;
 547                else
 548                        inet->cmsg_flags &= ~IP_CMSG_ORIGDSTADDR;
 549                break;
 550        case IP_TOS:    /* This sets both TOS and Precedence */
 551                if (sk->sk_type == SOCK_STREAM) {
 552                        val &= ~3;
 553                        val |= inet->tos & 3;
 554                }
 555                if (inet->tos != val) {
 556                        inet->tos = val;
 557                        sk->sk_priority = rt_tos2priority(val);
 558                        sk_dst_reset(sk);
 559                }
 560                break;
 561        case IP_TTL:
 562                if (optlen < 1)
 563                        goto e_inval;
 564                if (val != -1 && (val < 0 || val > 255))
 565                        goto e_inval;
 566                inet->uc_ttl = val;
 567                break;
 568        case IP_HDRINCL:
 569                if (sk->sk_type != SOCK_RAW) {
 570                        err = -ENOPROTOOPT;
 571                        break;
 572                }
 573                inet->hdrincl = val ? 1 : 0;
 574                break;
 575        case IP_MTU_DISCOVER:
 576                if (val < IP_PMTUDISC_DONT || val > IP_PMTUDISC_PROBE)
 577                        goto e_inval;
 578                inet->pmtudisc = val;
 579                break;
 580        case IP_RECVERR:
 581                inet->recverr = !!val;
 582                if (!val)
 583                        skb_queue_purge(&sk->sk_error_queue);
 584                break;
 585        case IP_MULTICAST_TTL:
 586                if (sk->sk_type == SOCK_STREAM)
 587                        goto e_inval;
 588                if (optlen < 1)
 589                        goto e_inval;
 590                if (val == -1)
 591                        val = 1;
 592                if (val < 0 || val > 255)
 593                        goto e_inval;
 594                inet->mc_ttl = val;
 595                break;
 596        case IP_MULTICAST_LOOP:
 597                if (optlen < 1)
 598                        goto e_inval;
 599                inet->mc_loop = !!val;
 600                break;
 601        case IP_MULTICAST_IF:
 602        {
 603                struct ip_mreqn mreq;
 604                struct net_device *dev = NULL;
 605
 606                if (sk->sk_type == SOCK_STREAM)
 607                        goto e_inval;
 608                /*
 609                 *      Check the arguments are allowable
 610                 */
 611
 612                if (optlen < sizeof(struct in_addr))
 613                        goto e_inval;
 614
 615                err = -EFAULT;
 616                if (optlen >= sizeof(struct ip_mreqn)) {
 617                        if (copy_from_user(&mreq, optval, sizeof(mreq)))
 618                                break;
 619                } else {
 620                        memset(&mreq, 0, sizeof(mreq));
 621                        if (optlen >= sizeof(struct in_addr) &&
 622                            copy_from_user(&mreq.imr_address, optval,
 623                                           sizeof(struct in_addr)))
 624                                break;
 625                }
 626
 627                if (!mreq.imr_ifindex) {
 628                        if (mreq.imr_address.s_addr == htonl(INADDR_ANY)) {
 629                                inet->mc_index = 0;
 630                                inet->mc_addr  = 0;
 631                                err = 0;
 632                                break;
 633                        }
 634                        dev = ip_dev_find(sock_net(sk), mreq.imr_address.s_addr);
 635                        if (dev)
 636                                mreq.imr_ifindex = dev->ifindex;
 637                } else
 638                        dev = dev_get_by_index(sock_net(sk), mreq.imr_ifindex);
 639
 640
 641                err = -EADDRNOTAVAIL;
 642                if (!dev)
 643                        break;
 644                dev_put(dev);
 645
 646                err = -EINVAL;
 647                if (sk->sk_bound_dev_if &&
 648                    mreq.imr_ifindex != sk->sk_bound_dev_if)
 649                        break;
 650
 651                inet->mc_index = mreq.imr_ifindex;
 652                inet->mc_addr  = mreq.imr_address.s_addr;
 653                err = 0;
 654                break;
 655        }
 656
 657        case IP_ADD_MEMBERSHIP:
 658        case IP_DROP_MEMBERSHIP:
 659        {
 660                struct ip_mreqn mreq;
 661
 662                err = -EPROTO;
 663                if (inet_sk(sk)->is_icsk)
 664                        break;
 665
 666                if (optlen < sizeof(struct ip_mreq))
 667                        goto e_inval;
 668                err = -EFAULT;
 669                if (optlen >= sizeof(struct ip_mreqn)) {
 670                        if (copy_from_user(&mreq, optval, sizeof(mreq)))
 671                                break;
 672                } else {
 673                        memset(&mreq, 0, sizeof(mreq));
 674                        if (copy_from_user(&mreq, optval, sizeof(struct ip_mreq)))
 675                                break;
 676                }
 677
 678                if (optname == IP_ADD_MEMBERSHIP)
 679                        err = ip_mc_join_group(sk, &mreq);
 680                else
 681                        err = ip_mc_leave_group(sk, &mreq);
 682                break;
 683        }
 684        case IP_MSFILTER:
 685        {
 686                struct ip_msfilter *msf;
 687
 688                if (optlen < IP_MSFILTER_SIZE(0))
 689                        goto e_inval;
 690                if (optlen > sysctl_optmem_max) {
 691                        err = -ENOBUFS;
 692                        break;
 693                }
 694                msf = kmalloc(optlen, GFP_KERNEL);
 695                if (!msf) {
 696                        err = -ENOBUFS;
 697                        break;
 698                }
 699                err = -EFAULT;
 700                if (copy_from_user(msf, optval, optlen)) {
 701                        kfree(msf);
 702                        break;
 703                }
 704                /* numsrc >= (1G-4) overflow in 32 bits */
 705                if (msf->imsf_numsrc >= 0x3ffffffcU ||
 706                    msf->imsf_numsrc > sysctl_igmp_max_msf) {
 707                        kfree(msf);
 708                        err = -ENOBUFS;
 709                        break;
 710                }
 711                if (IP_MSFILTER_SIZE(msf->imsf_numsrc) > optlen) {
 712                        kfree(msf);
 713                        err = -EINVAL;
 714                        break;
 715                }
 716                err = ip_mc_msfilter(sk, msf, 0);
 717                kfree(msf);
 718                break;
 719        }
 720        case IP_BLOCK_SOURCE:
 721        case IP_UNBLOCK_SOURCE:
 722        case IP_ADD_SOURCE_MEMBERSHIP:
 723        case IP_DROP_SOURCE_MEMBERSHIP:
 724        {
 725                struct ip_mreq_source mreqs;
 726                int omode, add;
 727
 728                if (optlen != sizeof(struct ip_mreq_source))
 729                        goto e_inval;
 730                if (copy_from_user(&mreqs, optval, sizeof(mreqs))) {
 731                        err = -EFAULT;
 732                        break;
 733                }
 734                if (optname == IP_BLOCK_SOURCE) {
 735                        omode = MCAST_EXCLUDE;
 736                        add = 1;
 737                } else if (optname == IP_UNBLOCK_SOURCE) {
 738                        omode = MCAST_EXCLUDE;
 739                        add = 0;
 740                } else if (optname == IP_ADD_SOURCE_MEMBERSHIP) {
 741                        struct ip_mreqn mreq;
 742
 743                        mreq.imr_multiaddr.s_addr = mreqs.imr_multiaddr;
 744                        mreq.imr_address.s_addr = mreqs.imr_interface;
 745                        mreq.imr_ifindex = 0;
 746                        err = ip_mc_join_group(sk, &mreq);
 747                        if (err && err != -EADDRINUSE)
 748                                break;
 749                        omode = MCAST_INCLUDE;
 750                        add = 1;
 751                } else /* IP_DROP_SOURCE_MEMBERSHIP */ {
 752                        omode = MCAST_INCLUDE;
 753                        add = 0;
 754                }
 755                err = ip_mc_source(add, omode, sk, &mreqs, 0);
 756                break;
 757        }
 758        case MCAST_JOIN_GROUP:
 759        case MCAST_LEAVE_GROUP:
 760        {
 761                struct group_req greq;
 762                struct sockaddr_in *psin;
 763                struct ip_mreqn mreq;
 764
 765                if (optlen < sizeof(struct group_req))
 766                        goto e_inval;
 767                err = -EFAULT;
 768                if (copy_from_user(&greq, optval, sizeof(greq)))
 769                        break;
 770                psin = (struct sockaddr_in *)&greq.gr_group;
 771                if (psin->sin_family != AF_INET)
 772                        goto e_inval;
 773                memset(&mreq, 0, sizeof(mreq));
 774                mreq.imr_multiaddr = psin->sin_addr;
 775                mreq.imr_ifindex = greq.gr_interface;
 776
 777                if (optname == MCAST_JOIN_GROUP)
 778                        err = ip_mc_join_group(sk, &mreq);
 779                else
 780                        err = ip_mc_leave_group(sk, &mreq);
 781                break;
 782        }
 783        case MCAST_JOIN_SOURCE_GROUP:
 784        case MCAST_LEAVE_SOURCE_GROUP:
 785        case MCAST_BLOCK_SOURCE:
 786        case MCAST_UNBLOCK_SOURCE:
 787        {
 788                struct group_source_req greqs;
 789                struct ip_mreq_source mreqs;
 790                struct sockaddr_in *psin;
 791                int omode, add;
 792
 793                if (optlen != sizeof(struct group_source_req))
 794                        goto e_inval;
 795                if (copy_from_user(&greqs, optval, sizeof(greqs))) {
 796                        err = -EFAULT;
 797                        break;
 798                }
 799                if (greqs.gsr_group.ss_family != AF_INET ||
 800                    greqs.gsr_source.ss_family != AF_INET) {
 801                        err = -EADDRNOTAVAIL;
 802                        break;
 803                }
 804                psin = (struct sockaddr_in *)&greqs.gsr_group;
 805                mreqs.imr_multiaddr = psin->sin_addr.s_addr;
 806                psin = (struct sockaddr_in *)&greqs.gsr_source;
 807                mreqs.imr_sourceaddr = psin->sin_addr.s_addr;
 808                mreqs.imr_interface = 0; /* use index for mc_source */
 809
 810                if (optname == MCAST_BLOCK_SOURCE) {
 811                        omode = MCAST_EXCLUDE;
 812                        add = 1;
 813                } else if (optname == MCAST_UNBLOCK_SOURCE) {
 814                        omode = MCAST_EXCLUDE;
 815                        add = 0;
 816                } else if (optname == MCAST_JOIN_SOURCE_GROUP) {
 817                        struct ip_mreqn mreq;
 818
 819                        psin = (struct sockaddr_in *)&greqs.gsr_group;
 820                        mreq.imr_multiaddr = psin->sin_addr;
 821                        mreq.imr_address.s_addr = 0;
 822                        mreq.imr_ifindex = greqs.gsr_interface;
 823                        err = ip_mc_join_group(sk, &mreq);
 824                        if (err && err != -EADDRINUSE)
 825                                break;
 826                        greqs.gsr_interface = mreq.imr_ifindex;
 827                        omode = MCAST_INCLUDE;
 828                        add = 1;
 829                } else /* MCAST_LEAVE_SOURCE_GROUP */ {
 830                        omode = MCAST_INCLUDE;
 831                        add = 0;
 832                }
 833                err = ip_mc_source(add, omode, sk, &mreqs,
 834                                   greqs.gsr_interface);
 835                break;
 836        }
 837        case MCAST_MSFILTER:
 838        {
 839                struct sockaddr_in *psin;
 840                struct ip_msfilter *msf = NULL;
 841                struct group_filter *gsf = NULL;
 842                int msize, i, ifindex;
 843
 844                if (optlen < GROUP_FILTER_SIZE(0))
 845                        goto e_inval;
 846                if (optlen > sysctl_optmem_max) {
 847                        err = -ENOBUFS;
 848                        break;
 849                }
 850                gsf = kmalloc(optlen, GFP_KERNEL);
 851                if (!gsf) {
 852                        err = -ENOBUFS;
 853                        break;
 854                }
 855                err = -EFAULT;
 856                if (copy_from_user(gsf, optval, optlen))
 857                        goto mc_msf_out;
 858
 859                /* numsrc >= (4G-140)/128 overflow in 32 bits */
 860                if (gsf->gf_numsrc >= 0x1ffffff ||
 861                    gsf->gf_numsrc > sysctl_igmp_max_msf) {
 862                        err = -ENOBUFS;
 863                        goto mc_msf_out;
 864                }
 865                if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) {
 866                        err = -EINVAL;
 867                        goto mc_msf_out;
 868                }
 869                msize = IP_MSFILTER_SIZE(gsf->gf_numsrc);
 870                msf = kmalloc(msize, GFP_KERNEL);
 871                if (!msf) {
 872                        err = -ENOBUFS;
 873                        goto mc_msf_out;
 874                }
 875                ifindex = gsf->gf_interface;
 876                psin = (struct sockaddr_in *)&gsf->gf_group;
 877                if (psin->sin_family != AF_INET) {
 878                        err = -EADDRNOTAVAIL;
 879                        goto mc_msf_out;
 880                }
 881                msf->imsf_multiaddr = psin->sin_addr.s_addr;
 882                msf->imsf_interface = 0;
 883                msf->imsf_fmode = gsf->gf_fmode;
 884                msf->imsf_numsrc = gsf->gf_numsrc;
 885                err = -EADDRNOTAVAIL;
 886                for (i = 0; i < gsf->gf_numsrc; ++i) {
 887                        psin = (struct sockaddr_in *)&gsf->gf_slist[i];
 888
 889                        if (psin->sin_family != AF_INET)
 890                                goto mc_msf_out;
 891                        msf->imsf_slist[i] = psin->sin_addr.s_addr;
 892                }
 893                kfree(gsf);
 894                gsf = NULL;
 895
 896                err = ip_mc_msfilter(sk, msf, ifindex);
 897mc_msf_out:
 898                kfree(msf);
 899                kfree(gsf);
 900                break;
 901        }
 902        case IP_MULTICAST_ALL:
 903                if (optlen < 1)
 904                        goto e_inval;
 905                if (val != 0 && val != 1)
 906                        goto e_inval;
 907                inet->mc_all = val;
 908                break;
 909        case IP_ROUTER_ALERT:
 910                err = ip_ra_control(sk, val ? 1 : 0, NULL);
 911                break;
 912
 913        case IP_FREEBIND:
 914                if (optlen < 1)
 915                        goto e_inval;
 916                inet->freebind = !!val;
 917                break;
 918
 919        case IP_IPSEC_POLICY:
 920        case IP_XFRM_POLICY:
 921                err = -EPERM;
 922                if (!capable(CAP_NET_ADMIN))
 923                        break;
 924                err = xfrm_user_policy(sk, optname, optval, optlen);
 925                break;
 926
 927        case IP_TRANSPARENT:
 928                if (!capable(CAP_NET_ADMIN)) {
 929                        err = -EPERM;
 930                        break;
 931                }
 932                if (optlen < 1)
 933                        goto e_inval;
 934                inet->transparent = !!val;
 935                break;
 936
 937        case IP_MINTTL:
 938                if (optlen < 1)
 939                        goto e_inval;
 940                if (val < 0 || val > 255)
 941                        goto e_inval;
 942                inet->min_ttl = val;
 943                break;
 944
 945        default:
 946                err = -ENOPROTOOPT;
 947                break;
 948        }
 949        release_sock(sk);
 950        return err;
 951
 952e_inval:
 953        release_sock(sk);
 954        return -EINVAL;
 955}
 956
 957/**
 958 * ip_queue_rcv_skb - Queue an skb into sock receive queue
 959 * @sk: socket
 960 * @skb: buffer
 961 *
 962 * Queues an skb into socket receive queue. If IP_CMSG_PKTINFO option
 963 * is not set, we drop skb dst entry now, while dst cache line is hot.
 964 */
 965int ip_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
 966{
 967        if (!(inet_sk(sk)->cmsg_flags & IP_CMSG_PKTINFO))
 968                skb_dst_drop(skb);
 969        return sock_queue_rcv_skb(sk, skb);
 970}
 971EXPORT_SYMBOL(ip_queue_rcv_skb);
 972
 973int ip_setsockopt(struct sock *sk, int level,
 974                int optname, char __user *optval, unsigned int optlen)
 975{
 976        int err;
 977
 978        if (level != SOL_IP)
 979                return -ENOPROTOOPT;
 980
 981        err = do_ip_setsockopt(sk, level, optname, optval, optlen);
 982#ifdef CONFIG_NETFILTER
 983        /* we need to exclude all possible ENOPROTOOPTs except default case */
 984        if (err == -ENOPROTOOPT && optname != IP_HDRINCL &&
 985                        optname != IP_IPSEC_POLICY &&
 986                        optname != IP_XFRM_POLICY &&
 987                        !ip_mroute_opt(optname)) {
 988                lock_sock(sk);
 989                err = nf_setsockopt(sk, PF_INET, optname, optval, optlen);
 990                release_sock(sk);
 991        }
 992#endif
 993        return err;
 994}
 995EXPORT_SYMBOL(ip_setsockopt);
 996
 997#ifdef CONFIG_COMPAT
 998int compat_ip_setsockopt(struct sock *sk, int level, int optname,
 999                         char __user *optval, unsigned int optlen)
1000{
1001        int err;
1002
1003        if (level != SOL_IP)
1004                return -ENOPROTOOPT;
1005
1006        if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER)
1007                return compat_mc_setsockopt(sk, level, optname, optval, optlen,
1008                        ip_setsockopt);
1009
1010        err = do_ip_setsockopt(sk, level, optname, optval, optlen);
1011#ifdef CONFIG_NETFILTER
1012        /* we need to exclude all possible ENOPROTOOPTs except default case */
1013        if (err == -ENOPROTOOPT && optname != IP_HDRINCL &&
1014                        optname != IP_IPSEC_POLICY &&
1015                        optname != IP_XFRM_POLICY &&
1016                        !ip_mroute_opt(optname)) {
1017                lock_sock(sk);
1018                err = compat_nf_setsockopt(sk, PF_INET, optname,
1019                                           optval, optlen);
1020                release_sock(sk);
1021        }
1022#endif
1023        return err;
1024}
1025EXPORT_SYMBOL(compat_ip_setsockopt);
1026#endif
1027
1028/*
1029 *      Get the options. Note for future reference. The GET of IP options gets
1030 *      the _received_ ones. The set sets the _sent_ ones.
1031 */
1032
1033static int do_ip_getsockopt(struct sock *sk, int level, int optname,
1034                            char __user *optval, int __user *optlen)
1035{
1036        struct inet_sock *inet = inet_sk(sk);
1037        int val;
1038        int len;
1039
1040        if (level != SOL_IP)
1041                return -EOPNOTSUPP;
1042
1043        if (ip_mroute_opt(optname))
1044                return ip_mroute_getsockopt(sk, optname, optval, optlen);
1045
1046        if (get_user(len, optlen))
1047                return -EFAULT;
1048        if (len < 0)
1049                return -EINVAL;
1050
1051        lock_sock(sk);
1052
1053        switch (optname) {
1054        case IP_OPTIONS:
1055        {
1056                unsigned char optbuf[sizeof(struct ip_options)+40];
1057                struct ip_options * opt = (struct ip_options *)optbuf;
1058                opt->optlen = 0;
1059                if (inet->opt)
1060                        memcpy(optbuf, inet->opt,
1061                               sizeof(struct ip_options)+
1062                               inet->opt->optlen);
1063                release_sock(sk);
1064
1065                if (opt->optlen == 0)
1066                        return put_user(0, optlen);
1067
1068                ip_options_undo(opt);
1069
1070                len = min_t(unsigned int, len, opt->optlen);
1071                if (put_user(len, optlen))
1072                        return -EFAULT;
1073                if (copy_to_user(optval, opt->__data, len))
1074                        return -EFAULT;
1075                return 0;
1076        }
1077        case IP_PKTINFO:
1078                val = (inet->cmsg_flags & IP_CMSG_PKTINFO) != 0;
1079                break;
1080        case IP_RECVTTL:
1081                val = (inet->cmsg_flags & IP_CMSG_TTL) != 0;
1082                break;
1083        case IP_RECVTOS:
1084                val = (inet->cmsg_flags & IP_CMSG_TOS) != 0;
1085                break;
1086        case IP_RECVOPTS:
1087                val = (inet->cmsg_flags & IP_CMSG_RECVOPTS) != 0;
1088                break;
1089        case IP_RETOPTS:
1090                val = (inet->cmsg_flags & IP_CMSG_RETOPTS) != 0;
1091                break;
1092        case IP_PASSSEC:
1093                val = (inet->cmsg_flags & IP_CMSG_PASSSEC) != 0;
1094                break;
1095        case IP_RECVORIGDSTADDR:
1096                val = (inet->cmsg_flags & IP_CMSG_ORIGDSTADDR) != 0;
1097                break;
1098        case IP_TOS:
1099                val = inet->tos;
1100                break;
1101        case IP_TTL:
1102                val = (inet->uc_ttl == -1 ?
1103                       sysctl_ip_default_ttl :
1104                       inet->uc_ttl);
1105                break;
1106        case IP_HDRINCL:
1107                val = inet->hdrincl;
1108                break;
1109        case IP_MTU_DISCOVER:
1110                val = inet->pmtudisc;
1111                break;
1112        case IP_MTU:
1113        {
1114                struct dst_entry *dst;
1115                val = 0;
1116                dst = sk_dst_get(sk);
1117                if (dst) {
1118                        val = dst_mtu(dst);
1119                        dst_release(dst);
1120                }
1121                if (!val) {
1122                        release_sock(sk);
1123                        return -ENOTCONN;
1124                }
1125                break;
1126        }
1127        case IP_RECVERR:
1128                val = inet->recverr;
1129                break;
1130        case IP_MULTICAST_TTL:
1131                val = inet->mc_ttl;
1132                break;
1133        case IP_MULTICAST_LOOP:
1134                val = inet->mc_loop;
1135                break;
1136        case IP_MULTICAST_IF:
1137        {
1138                struct in_addr addr;
1139                len = min_t(unsigned int, len, sizeof(struct in_addr));
1140                addr.s_addr = inet->mc_addr;
1141                release_sock(sk);
1142
1143                if (put_user(len, optlen))
1144                        return -EFAULT;
1145                if (copy_to_user(optval, &addr, len))
1146                        return -EFAULT;
1147                return 0;
1148        }
1149        case IP_MSFILTER:
1150        {
1151                struct ip_msfilter msf;
1152                int err;
1153
1154                if (len < IP_MSFILTER_SIZE(0)) {
1155                        release_sock(sk);
1156                        return -EINVAL;
1157                }
1158                if (copy_from_user(&msf, optval, IP_MSFILTER_SIZE(0))) {
1159                        release_sock(sk);
1160                        return -EFAULT;
1161                }
1162                err = ip_mc_msfget(sk, &msf,
1163                                   (struct ip_msfilter __user *)optval, optlen);
1164                release_sock(sk);
1165                return err;
1166        }
1167        case MCAST_MSFILTER:
1168        {
1169                struct group_filter gsf;
1170                int err;
1171
1172                if (len < GROUP_FILTER_SIZE(0)) {
1173                        release_sock(sk);
1174                        return -EINVAL;
1175                }
1176                if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0))) {
1177                        release_sock(sk);
1178                        return -EFAULT;
1179                }
1180                err = ip_mc_gsfget(sk, &gsf,
1181                                   (struct group_filter __user *)optval,
1182                                   optlen);
1183                release_sock(sk);
1184                return err;
1185        }
1186        case IP_MULTICAST_ALL:
1187                val = inet->mc_all;
1188                break;
1189        case IP_PKTOPTIONS:
1190        {
1191                struct msghdr msg;
1192
1193                release_sock(sk);
1194
1195                if (sk->sk_type != SOCK_STREAM)
1196                        return -ENOPROTOOPT;
1197
1198                msg.msg_control = optval;
1199                msg.msg_controllen = len;
1200                msg.msg_flags = 0;
1201
1202                if (inet->cmsg_flags & IP_CMSG_PKTINFO) {
1203                        struct in_pktinfo info;
1204
1205                        info.ipi_addr.s_addr = inet->inet_rcv_saddr;
1206                        info.ipi_spec_dst.s_addr = inet->inet_rcv_saddr;
1207                        info.ipi_ifindex = inet->mc_index;
1208                        put_cmsg(&msg, SOL_IP, IP_PKTINFO, sizeof(info), &info);
1209                }
1210                if (inet->cmsg_flags & IP_CMSG_TTL) {
1211                        int hlim = inet->mc_ttl;
1212                        put_cmsg(&msg, SOL_IP, IP_TTL, sizeof(hlim), &hlim);
1213                }
1214                len -= msg.msg_controllen;
1215                return put_user(len, optlen);
1216        }
1217        case IP_FREEBIND:
1218                val = inet->freebind;
1219                break;
1220        case IP_TRANSPARENT:
1221                val = inet->transparent;
1222                break;
1223        case IP_MINTTL:
1224                val = inet->min_ttl;
1225                break;
1226        default:
1227                release_sock(sk);
1228                return -ENOPROTOOPT;
1229        }
1230        release_sock(sk);
1231
1232        if (len < sizeof(int) && len > 0 && val >= 0 && val <= 255) {
1233                unsigned char ucval = (unsigned char)val;
1234                len = 1;
1235                if (put_user(len, optlen))
1236                        return -EFAULT;
1237                if (copy_to_user(optval, &ucval, 1))
1238                        return -EFAULT;
1239        } else {
1240                len = min_t(unsigned int, sizeof(int), len);
1241                if (put_user(len, optlen))
1242                        return -EFAULT;
1243                if (copy_to_user(optval, &val, len))
1244                        return -EFAULT;
1245        }
1246        return 0;
1247}
1248
1249int ip_getsockopt(struct sock *sk, int level,
1250                  int optname, char __user *optval, int __user *optlen)
1251{
1252        int err;
1253
1254        err = do_ip_getsockopt(sk, level, optname, optval, optlen);
1255#ifdef CONFIG_NETFILTER
1256        /* we need to exclude all possible ENOPROTOOPTs except default case */
1257        if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS &&
1258                        !ip_mroute_opt(optname)) {
1259                int len;
1260
1261                if (get_user(len, optlen))
1262                        return -EFAULT;
1263
1264                lock_sock(sk);
1265                err = nf_getsockopt(sk, PF_INET, optname, optval,
1266                                &len);
1267                release_sock(sk);
1268                if (err >= 0)
1269                        err = put_user(len, optlen);
1270                return err;
1271        }
1272#endif
1273        return err;
1274}
1275EXPORT_SYMBOL(ip_getsockopt);
1276
1277#ifdef CONFIG_COMPAT
1278int compat_ip_getsockopt(struct sock *sk, int level, int optname,
1279                         char __user *optval, int __user *optlen)
1280{
1281        int err;
1282
1283        if (optname == MCAST_MSFILTER)
1284                return compat_mc_getsockopt(sk, level, optname, optval, optlen,
1285                        ip_getsockopt);
1286
1287        err = do_ip_getsockopt(sk, level, optname, optval, optlen);
1288
1289#ifdef CONFIG_NETFILTER
1290        /* we need to exclude all possible ENOPROTOOPTs except default case */
1291        if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS &&
1292                        !ip_mroute_opt(optname)) {
1293                int len;
1294
1295                if (get_user(len, optlen))
1296                        return -EFAULT;
1297
1298                lock_sock(sk);
1299                err = compat_nf_getsockopt(sk, PF_INET, optname, optval, &len);
1300                release_sock(sk);
1301                if (err >= 0)
1302                        err = put_user(len, optlen);
1303                return err;
1304        }
1305#endif
1306        return err;
1307}
1308EXPORT_SYMBOL(compat_ip_getsockopt);
1309#endif
1310