]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blame - net/ipv4/ip_sockglue.c
projects / mirror_ubuntu-artful-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[IPMR]: Fix bug introduced when converting to skb_network_reset_header
[mirror_ubuntu-artful-kernel.git] / net / ipv4 / ip_sockglue.c
CommitLineData
1da177e4
LT		 1/*
2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
5 *
6 * The IP to API glue.
e905a9ed 7 *
1da177e4
LT		 8 * Version: $Id: ip_sockglue.c,v 1.62 2002/02/01 22:01:04 davem Exp $
9 *
10 * Authors: see ip.c
11 *
12 * Fixes:
13 * Many : Split from ip.c , see ip.c for history.
14 * Martin Mares : TOS setting fixed.
e905a9ed 15 * Alan Cox : Fixed a couple of oopses in Martin's
1da177e4
LT		 16 * TOS tweaks.
17 * Mike McLagan : Routing by source
18 */
19
1da177e4
LT		 20#include <linux/module.h>
21#include <linux/types.h>
22#include <linux/mm.h>
1da177e4
LT		 23#include <linux/skbuff.h>
24#include <linux/ip.h>
25#include <linux/icmp.h>
14c85021 26#include <linux/inetdevice.h>
1da177e4
LT		 27#include <linux/netdevice.h>
28#include <net/sock.h>
29#include <net/ip.h>
30#include <net/icmp.h>
d83d8461 31#include <net/tcp_states.h>
1da177e4
LT		 32#include <linux/udp.h>
33#include <linux/igmp.h>
34#include <linux/netfilter.h>
35#include <linux/route.h>
36#include <linux/mroute.h>
37#include <net/route.h>
38#include <net/xfrm.h>
39#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
40#include <net/transp_v6.h>
41#endif
42
43#include <linux/errqueue.h>
44#include <asm/uaccess.h>
45
46#define IP_CMSG_PKTINFO 1
47#define IP_CMSG_TTL 2
48#define IP_CMSG_TOS 4
49#define IP_CMSG_RECVOPTS 8
50#define IP_CMSG_RETOPTS 16
2c7946a7 51#define IP_CMSG_PASSSEC 32
1da177e4
LT		 52
53/*
54 * SOL_IP control messages.
55 */
56
57static void ip_cmsg_recv_pktinfo(struct msghdr *msg, struct sk_buff *skb)
58{
59 struct in_pktinfo info;
60 struct rtable *rt = (struct rtable *)skb->dst;
61
62 info.ipi_addr.s_addr = skb->nh.iph->daddr;
63 if (rt) {
64 info.ipi_ifindex = rt->rt_iif;
65 info.ipi_spec_dst.s_addr = rt->rt_spec_dst;
66 } else {
67 info.ipi_ifindex = 0;
68 info.ipi_spec_dst.s_addr = 0;
69 }
70
71 put_cmsg(msg, SOL_IP, IP_PKTINFO, sizeof(info), &info);
72}
73
74static void ip_cmsg_recv_ttl(struct msghdr *msg, struct sk_buff *skb)
75{
76 int ttl = skb->nh.iph->ttl;
77 put_cmsg(msg, SOL_IP, IP_TTL, sizeof(int), &ttl);
78}
79
80static void ip_cmsg_recv_tos(struct msghdr *msg, struct sk_buff *skb)
81{
82 put_cmsg(msg, SOL_IP, IP_TOS, 1, &skb->nh.iph->tos);
83}
84
85static void ip_cmsg_recv_opts(struct msghdr *msg, struct sk_buff *skb)
86{
87 if (IPCB(skb)->opt.optlen == 0)
88 return;
89
90 put_cmsg(msg, SOL_IP, IP_RECVOPTS, IPCB(skb)->opt.optlen, skb->nh.iph+1);
91}
92
93
94static void ip_cmsg_recv_retopts(struct msghdr *msg, struct sk_buff *skb)
95{
96 unsigned char optbuf[sizeof(struct ip_options) + 40];
97 struct ip_options * opt = (struct ip_options*)optbuf;
98
99 if (IPCB(skb)->opt.optlen == 0)
100 return;
101
102 if (ip_options_echo(opt, skb)) {
103 msg->msg_flags |= MSG_CTRUNC;
104 return;
105 }
106 ip_options_undo(opt);
107
108 put_cmsg(msg, SOL_IP, IP_RETOPTS, opt->optlen, opt->__data);
109}
110
2c7946a7
CZ		 111static void ip_cmsg_recv_security(struct msghdr *msg, struct sk_buff *skb)
112{
113 char *secdata;
dc49c1f9 114 u32 seclen, secid;
2c7946a7
CZ		 115 int err;
116
dc49c1f9
CZ		 117 err = security_socket_getpeersec_dgram(NULL, skb, &secid);
118 if (err)
119 return;
120
121 err = security_secid_to_secctx(secid, &secdata, &seclen);
2c7946a7
CZ		 122 if (err)
123 return;
124
125 put_cmsg(msg, SOL_IP, SCM_SECURITY, seclen, secdata);
dc49c1f9 126 security_release_secctx(secdata, seclen);
2c7946a7
CZ		 127}
128
1da177e4
LT		 129
130void ip_cmsg_recv(struct msghdr *msg, struct sk_buff *skb)
131{
132 struct inet_sock *inet = inet_sk(skb->sk);
133 unsigned flags = inet->cmsg_flags;
134
135 /* Ordered by supposed usage frequency */
136 if (flags & 1)
137 ip_cmsg_recv_pktinfo(msg, skb);
138 if ((flags>>=1) == 0)
139 return;
140
141 if (flags & 1)
142 ip_cmsg_recv_ttl(msg, skb);
143 if ((flags>>=1) == 0)
144 return;
145
146 if (flags & 1)
147 ip_cmsg_recv_tos(msg, skb);
148 if ((flags>>=1) == 0)
149 return;
150
151 if (flags & 1)
152 ip_cmsg_recv_opts(msg, skb);
153 if ((flags>>=1) == 0)
154 return;
155
156 if (flags & 1)
157 ip_cmsg_recv_retopts(msg, skb);
2c7946a7
CZ		 158 if ((flags>>=1) == 0)
159 return;
160
161 if (flags & 1)
162 ip_cmsg_recv_security(msg, skb);
1da177e4
LT		 163}
164
165int ip_cmsg_send(struct msghdr *msg, struct ipcm_cookie *ipc)
166{
167 int err;
168 struct cmsghdr *cmsg;
169
170 for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) {
171 if (!CMSG_OK(msg, cmsg))
172 return -EINVAL;
173 if (cmsg->cmsg_level != SOL_IP)
174 continue;
175 switch (cmsg->cmsg_type) {
176 case IP_RETOPTS:
177 err = cmsg->cmsg_len - CMSG_ALIGN(sizeof(struct cmsghdr));
4c6ea29d 178 err = ip_options_get(&ipc->opt, CMSG_DATA(cmsg), err < 40 ? err : 40);
1da177e4
LT		 179 if (err)
180 return err;
181 break;
182 case IP_PKTINFO:
183 {
184 struct in_pktinfo *info;
185 if (cmsg->cmsg_len != CMSG_LEN(sizeof(struct in_pktinfo)))
186 return -EINVAL;
187 info = (struct in_pktinfo *)CMSG_DATA(cmsg);
188 ipc->oif = info->ipi_ifindex;
189 ipc->addr = info->ipi_spec_dst.s_addr;
190 break;
191 }
192 default:
193 return -EINVAL;
194 }
195 }
196 return 0;
197}
198
199
200/* Special input handler for packets caught by router alert option.
201 They are selected only by protocol field, and then processed likely
202 local ones; but only if someone wants them! Otherwise, router
203 not running rsvpd will kill RSVP.
204
205 It is user level problem, what it will make with them.
206 I have no idea, how it will masquearde or NAT them (it is joke, joke :-)),
207 but receiver should be enough clever f.e. to forward mtrace requests,
208 sent to multicast group to reach destination designated router.
209 */
210struct ip_ra_chain *ip_ra_chain;
211DEFINE_RWLOCK(ip_ra_lock);
212
213int ip_ra_control(struct sock *sk, unsigned char on, void (*destructor)(struct sock *))
214{
215 struct ip_ra_chain *ra, *new_ra, **rap;
216
217 if (sk->sk_type != SOCK_RAW || inet_sk(sk)->num == IPPROTO_RAW)
218 return -EINVAL;
219
220 new_ra = on ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL;
221
222 write_lock_bh(&ip_ra_lock);
223 for (rap = &ip_ra_chain; (ra=*rap) != NULL; rap = &ra->next) {
224 if (ra->sk == sk) {
225 if (on) {
226 write_unlock_bh(&ip_ra_lock);
a51482bd 227 kfree(new_ra);
1da177e4
LT		 228 return -EADDRINUSE;
229 }
230 *rap = ra->next;
231 write_unlock_bh(&ip_ra_lock);
232
233 if (ra->destructor)
234 ra->destructor(sk);
235 sock_put(sk);
236 kfree(ra);
237 return 0;
238 }
239 }
240 if (new_ra == NULL) {
241 write_unlock_bh(&ip_ra_lock);
242 return -ENOBUFS;
243 }
244 new_ra->sk = sk;
245 new_ra->destructor = destructor;
246
247 new_ra->next = ra;
248 *rap = new_ra;
249 sock_hold(sk);
250 write_unlock_bh(&ip_ra_lock);
251
252 return 0;
253}
254
e905a9ed 255void ip_icmp_error(struct sock *sk, struct sk_buff *skb, int err,
35986b32 256 __be16 port, u32 info, u8 *payload)
1da177e4
LT		 257{
258 struct inet_sock *inet = inet_sk(sk);
259 struct sock_exterr_skb *serr;
260
261 if (!inet->recverr)
262 return;
263
264 skb = skb_clone(skb, GFP_ATOMIC);
265 if (!skb)
266 return;
267
e905a9ed 268 serr = SKB_EXT_ERR(skb);
1da177e4
LT		 269 serr->ee.ee_errno = err;
270 serr->ee.ee_origin = SO_EE_ORIGIN_ICMP;
e905a9ed 271 serr->ee.ee_type = skb->h.icmph->type;
1da177e4
LT		 272 serr->ee.ee_code = skb->h.icmph->code;
273 serr->ee.ee_pad = 0;
274 serr->ee.ee_info = info;
275 serr->ee.ee_data = 0;
d56f90a7
ACM		 276 serr->addr_offset = (u8 *)&(((struct iphdr *)(skb->h.icmph + 1))->daddr) -
277 skb_network_header(skb);
1da177e4
LT		 278 serr->port = port;
279
280 skb->h.raw = payload;
281 if (!skb_pull(skb, payload - skb->data) ||
282 sock_queue_err_skb(sk, skb))
283 kfree_skb(skb);
284}
285
0579016e 286void ip_local_error(struct sock *sk, int err, __be32 daddr, __be16 port, u32 info)
1da177e4
LT		 287{
288 struct inet_sock *inet = inet_sk(sk);
289 struct sock_exterr_skb *serr;
290 struct iphdr *iph;
291 struct sk_buff *skb;
292
293 if (!inet->recverr)
294 return;
295
296 skb = alloc_skb(sizeof(struct iphdr), GFP_ATOMIC);
297 if (!skb)
298 return;
299
2ca9e6f2
ACM		 300 skb_put(skb, sizeof(struct iphdr));
301 skb_reset_network_header(skb);
302 iph = skb->nh.iph;
1da177e4
LT		 303 iph->daddr = daddr;
304
e905a9ed 305 serr = SKB_EXT_ERR(skb);
1da177e4
LT		 306 serr->ee.ee_errno = err;
307 serr->ee.ee_origin = SO_EE_ORIGIN_LOCAL;
e905a9ed 308 serr->ee.ee_type = 0;
1da177e4
LT		 309 serr->ee.ee_code = 0;
310 serr->ee.ee_pad = 0;
311 serr->ee.ee_info = info;
312 serr->ee.ee_data = 0;
d56f90a7 313 serr->addr_offset = (u8 *)&iph->daddr - skb_network_header(skb);
1da177e4
LT		 314 serr->port = port;
315
316 skb->h.raw = skb->tail;
317 __skb_pull(skb, skb->tail - skb->data);
318
319 if (sock_queue_err_skb(sk, skb))
320 kfree_skb(skb);
321}
322
e905a9ed 323/*
1da177e4
LT		 324 * Handle MSG_ERRQUEUE
325 */
326int ip_recv_error(struct sock *sk, struct msghdr *msg, int len)
327{
328 struct sock_exterr_skb *serr;
329 struct sk_buff *skb, *skb2;
330 struct sockaddr_in *sin;
331 struct {
332 struct sock_extended_err ee;
333 struct sockaddr_in offender;
334 } errhdr;
335 int err;
336 int copied;
337
338 err = -EAGAIN;
339 skb = skb_dequeue(&sk->sk_error_queue);
340 if (skb == NULL)
341 goto out;
342
343 copied = skb->len;
344 if (copied > len) {
345 msg->msg_flags |= MSG_TRUNC;
346 copied = len;
347 }
348 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
349 if (err)
350 goto out_free_skb;
351
352 sock_recv_timestamp(msg, sk, skb);
353
354 serr = SKB_EXT_ERR(skb);
355
356 sin = (struct sockaddr_in *)msg->msg_name;
357 if (sin) {
358 sin->sin_family = AF_INET;
d56f90a7
ACM		 359 sin->sin_addr.s_addr = *(__be32 *)(skb_network_header(skb) +
360 serr->addr_offset);
1da177e4
LT		 361 sin->sin_port = serr->port;
362 memset(&sin->sin_zero, 0, sizeof(sin->sin_zero));
363 }
364
365 memcpy(&errhdr.ee, &serr->ee, sizeof(struct sock_extended_err));
366 sin = &errhdr.offender;
367 sin->sin_family = AF_UNSPEC;
368 if (serr->ee.ee_origin == SO_EE_ORIGIN_ICMP) {
369 struct inet_sock *inet = inet_sk(sk);
370
371 sin->sin_family = AF_INET;
372 sin->sin_addr.s_addr = skb->nh.iph->saddr;
373 sin->sin_port = 0;
374 memset(&sin->sin_zero, 0, sizeof(sin->sin_zero));
375 if (inet->cmsg_flags)
376 ip_cmsg_recv(msg, skb);
377 }
378
379 put_cmsg(msg, SOL_IP, IP_RECVERR, sizeof(errhdr), &errhdr);
380
381 /* Now we could try to dump offended packet options */
382
383 msg->msg_flags |= MSG_ERRQUEUE;
384 err = copied;
385
386 /* Reset and regenerate socket error */
e0f9f858 387 spin_lock_bh(&sk->sk_error_queue.lock);
1da177e4
LT		 388 sk->sk_err = 0;
389 if ((skb2 = skb_peek(&sk->sk_error_queue)) != NULL) {
390 sk->sk_err = SKB_EXT_ERR(skb2)->ee.ee_errno;
e0f9f858 391 spin_unlock_bh(&sk->sk_error_queue.lock);
1da177e4
LT		 392 sk->sk_error_report(sk);
393 } else
e0f9f858 394 spin_unlock_bh(&sk->sk_error_queue.lock);
1da177e4 395
e905a9ed 396out_free_skb:
1da177e4
LT		 397 kfree_skb(skb);
398out:
399 return err;
400}
401
402
403/*
404 * Socket option code for IP. This is the end of the line after any TCP,UDP etc options on
405 * an IP socket.
406 */
407
3fdadf7d 408static int do_ip_setsockopt(struct sock *sk, int level,
132adf54 409 int optname, char __user *optval, int optlen)
1da177e4
LT		 410{
411 struct inet_sock *inet = inet_sk(sk);
412 int val=0,err;
413
e905a9ed 414 if (((1<<optname) & ((1<<IP_PKTINFO) | (1<<IP_RECVTTL) |
132adf54
SH		 415 (1<<IP_RECVOPTS) | (1<<IP_RECVTOS) |
416 (1<<IP_RETOPTS) | (1<<IP_TOS) |
417 (1<<IP_TTL) | (1<<IP_HDRINCL) |
418 (1<<IP_MTU_DISCOVER) | (1<<IP_RECVERR) |
419 (1<<IP_ROUTER_ALERT) | (1<<IP_FREEBIND) |
420 (1<<IP_PASSSEC))) ||
421 optname == IP_MULTICAST_TTL ||
422 optname == IP_MULTICAST_LOOP) {
1da177e4
LT		 423 if (optlen >= sizeof(int)) {
424 if (get_user(val, (int __user *) optval))
425 return -EFAULT;
426 } else if (optlen >= sizeof(char)) {
427 unsigned char ucval;
428
429 if (get_user(ucval, (unsigned char __user *) optval))
430 return -EFAULT;
431 val = (int) ucval;
432 }
433 }
434
435 /* If optlen==0, it is equivalent to val == 0 */
436
437#ifdef CONFIG_IP_MROUTE
438 if (optname >= MRT_BASE && optname <= (MRT_BASE + 10))
439 return ip_mroute_setsockopt(sk,optname,optval,optlen);
440#endif
441
442 err = 0;
443 lock_sock(sk);
444
445 switch (optname) {
132adf54
SH		 446 case IP_OPTIONS:
447 {
448 struct ip_options * opt = NULL;
449 if (optlen > 40 || optlen < 0)
450 goto e_inval;
451 err = ip_options_get_from_user(&opt, optval, optlen);
452 if (err)
453 break;
454 if (inet->is_icsk) {
455 struct inet_connection_sock *icsk = inet_csk(sk);
1da177e4 456#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
132adf54
SH		 457 if (sk->sk_family == PF_INET ||
458 (!((1 << sk->sk_state) &
459 (TCPF_LISTEN | TCPF_CLOSE)) &&
460 inet->daddr != LOOPBACK4_IPV6)) {
1da177e4 461#endif
132adf54
SH		 462 if (inet->opt)
463 icsk->icsk_ext_hdr_len -= inet->opt->optlen;
464 if (opt)
465 icsk->icsk_ext_hdr_len += opt->optlen;
466 icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie);
1da177e4 467#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
1da177e4 468 }
132adf54 469#endif
1da177e4 470 }
132adf54
SH		 471 opt = xchg(&inet->opt, opt);
472 kfree(opt);
473 break;
474 }
475 case IP_PKTINFO:
476 if (val)
477 inet->cmsg_flags |= IP_CMSG_PKTINFO;
478 else
479 inet->cmsg_flags &= ~IP_CMSG_PKTINFO;
480 break;
481 case IP_RECVTTL:
482 if (val)
483 inet->cmsg_flags |= IP_CMSG_TTL;
484 else
485 inet->cmsg_flags &= ~IP_CMSG_TTL;
486 break;
487 case IP_RECVTOS:
488 if (val)
489 inet->cmsg_flags |= IP_CMSG_TOS;
490 else
491 inet->cmsg_flags &= ~IP_CMSG_TOS;
492 break;
493 case IP_RECVOPTS:
494 if (val)
495 inet->cmsg_flags |= IP_CMSG_RECVOPTS;
496 else
497 inet->cmsg_flags &= ~IP_CMSG_RECVOPTS;
498 break;
499 case IP_RETOPTS:
500 if (val)
501 inet->cmsg_flags |= IP_CMSG_RETOPTS;
502 else
503 inet->cmsg_flags &= ~IP_CMSG_RETOPTS;
504 break;
505 case IP_PASSSEC:
506 if (val)
507 inet->cmsg_flags |= IP_CMSG_PASSSEC;
508 else
509 inet->cmsg_flags &= ~IP_CMSG_PASSSEC;
510 break;
511 case IP_TOS: /* This sets both TOS and Precedence */
512 if (sk->sk_type == SOCK_STREAM) {
513 val &= ~3;
514 val |= inet->tos & 3;
515 }
516 if (IPTOS_PREC(val) >= IPTOS_PREC_CRITIC_ECP &&
517 !capable(CAP_NET_ADMIN)) {
518 err = -EPERM;
1da177e4 519 break;
132adf54
SH		 520 }
521 if (inet->tos != val) {
522 inet->tos = val;
523 sk->sk_priority = rt_tos2priority(val);
524 sk_dst_reset(sk);
525 }
526 break;
527 case IP_TTL:
528 if (optlen<1)
529 goto e_inval;
530 if (val != -1 && (val < 1 || val>255))
531 goto e_inval;
532 inet->uc_ttl = val;
533 break;
534 case IP_HDRINCL:
535 if (sk->sk_type != SOCK_RAW) {
536 err = -ENOPROTOOPT;
2c7946a7 537 break;
132adf54
SH		 538 }
539 inet->hdrincl = val ? 1 : 0;
540 break;
541 case IP_MTU_DISCOVER:
542 if (val<0 || val>2)
543 goto e_inval;
544 inet->pmtudisc = val;
545 break;
546 case IP_RECVERR:
547 inet->recverr = !!val;
548 if (!val)
549 skb_queue_purge(&sk->sk_error_queue);
550 break;
551 case IP_MULTICAST_TTL:
552 if (sk->sk_type == SOCK_STREAM)
553 goto e_inval;
554 if (optlen<1)
555 goto e_inval;
556 if (val==-1)
557 val = 1;
558 if (val < 0 || val > 255)
559 goto e_inval;
560 inet->mc_ttl = val;
561 break;
562 case IP_MULTICAST_LOOP:
563 if (optlen<1)
564 goto e_inval;
565 inet->mc_loop = !!val;
566 break;
567 case IP_MULTICAST_IF:
568 {
569 struct ip_mreqn mreq;
570 struct net_device *dev = NULL;
571
572 if (sk->sk_type == SOCK_STREAM)
573 goto e_inval;
574 /*
575 * Check the arguments are allowable
576 */
577
578 err = -EFAULT;
579 if (optlen >= sizeof(struct ip_mreqn)) {
580 if (copy_from_user(&mreq,optval,sizeof(mreq)))
1da177e4 581 break;
132adf54
SH		 582 } else {
583 memset(&mreq, 0, sizeof(mreq));
584 if (optlen >= sizeof(struct in_addr) &&
585 copy_from_user(&mreq.imr_address,optval,sizeof(struct in_addr)))
586 break;
587 }
588
589 if (!mreq.imr_ifindex) {
590 if (mreq.imr_address.s_addr == INADDR_ANY) {
591 inet->mc_index = 0;
592 inet->mc_addr = 0;
593 err = 0;
1da177e4
LT		 594 break;
595 }
132adf54
SH		 596 dev = ip_dev_find(mreq.imr_address.s_addr);
597 if (dev) {
598 mreq.imr_ifindex = dev->ifindex;
599 dev_put(dev);
600 }
601 } else
602 dev = __dev_get_by_index(mreq.imr_ifindex);
1da177e4 603
1da177e4 604
132adf54
SH		 605 err = -EADDRNOTAVAIL;
606 if (!dev)
607 break;
608
609 err = -EINVAL;
610 if (sk->sk_bound_dev_if &&
611 mreq.imr_ifindex != sk->sk_bound_dev_if)
612 break;
1da177e4 613
132adf54
SH		 614 inet->mc_index = mreq.imr_ifindex;
615 inet->mc_addr = mreq.imr_address.s_addr;
616 err = 0;
617 break;
618 }
1da177e4 619
132adf54
SH		 620 case IP_ADD_MEMBERSHIP:
621 case IP_DROP_MEMBERSHIP:
622 {
623 struct ip_mreqn mreq;
1da177e4 624
132adf54
SH		 625 if (optlen < sizeof(struct ip_mreq))
626 goto e_inval;
627 err = -EFAULT;
628 if (optlen >= sizeof(struct ip_mreqn)) {
629 if (copy_from_user(&mreq,optval,sizeof(mreq)))
1da177e4 630 break;
132adf54
SH		 631 } else {
632 memset(&mreq, 0, sizeof(mreq));
633 if (copy_from_user(&mreq,optval,sizeof(struct ip_mreq)))
1da177e4 634 break;
132adf54 635 }
1da177e4 636
132adf54
SH		 637 if (optname == IP_ADD_MEMBERSHIP)
638 err = ip_mc_join_group(sk, &mreq);
639 else
640 err = ip_mc_leave_group(sk, &mreq);
641 break;
642 }
643 case IP_MSFILTER:
644 {
645 extern int sysctl_igmp_max_msf;
646 struct ip_msfilter *msf;
647
648 if (optlen < IP_MSFILTER_SIZE(0))
649 goto e_inval;
650 if (optlen > sysctl_optmem_max) {
651 err = -ENOBUFS;
1da177e4
LT		 652 break;
653 }
132adf54
SH		 654 msf = kmalloc(optlen, GFP_KERNEL);
655 if (msf == 0) {
656 err = -ENOBUFS;
657 break;
658 }
659 err = -EFAULT;
660 if (copy_from_user(msf, optval, optlen)) {
661 kfree(msf);
662 break;
663 }
664 /* numsrc >= (1G-4) overflow in 32 bits */
665 if (msf->imsf_numsrc >= 0x3ffffffcU ||
666 msf->imsf_numsrc > sysctl_igmp_max_msf) {
667 kfree(msf);
668 err = -ENOBUFS;
669 break;
670 }
671 if (IP_MSFILTER_SIZE(msf->imsf_numsrc) > optlen) {
672 kfree(msf);
673 err = -EINVAL;
674 break;
675 }
676 err = ip_mc_msfilter(sk, msf, 0);
677 kfree(msf);
678 break;
679 }
680 case IP_BLOCK_SOURCE:
681 case IP_UNBLOCK_SOURCE:
682 case IP_ADD_SOURCE_MEMBERSHIP:
683 case IP_DROP_SOURCE_MEMBERSHIP:
684 {
685 struct ip_mreq_source mreqs;
686 int omode, add;
1da177e4 687
132adf54
SH		 688 if (optlen != sizeof(struct ip_mreq_source))
689 goto e_inval;
690 if (copy_from_user(&mreqs, optval, sizeof(mreqs))) {
1da177e4 691 err = -EFAULT;
1da177e4
LT		 692 break;
693 }
132adf54
SH		 694 if (optname == IP_BLOCK_SOURCE) {
695 omode = MCAST_EXCLUDE;
696 add = 1;
697 } else if (optname == IP_UNBLOCK_SOURCE) {
698 omode = MCAST_EXCLUDE;
699 add = 0;
700 } else if (optname == IP_ADD_SOURCE_MEMBERSHIP) {
701 struct ip_mreqn mreq;
1da177e4 702
132adf54
SH		 703 mreq.imr_multiaddr.s_addr = mreqs.imr_multiaddr;
704 mreq.imr_address.s_addr = mreqs.imr_interface;
705 mreq.imr_ifindex = 0;
706 err = ip_mc_join_group(sk, &mreq);
707 if (err && err != -EADDRINUSE)
1da177e4 708 break;
132adf54
SH		 709 omode = MCAST_INCLUDE;
710 add = 1;
711 } else /* IP_DROP_SOURCE_MEMBERSHIP */ {
712 omode = MCAST_INCLUDE;
713 add = 0;
714 }
715 err = ip_mc_source(add, omode, sk, &mreqs, 0);
716 break;
717 }
718 case MCAST_JOIN_GROUP:
719 case MCAST_LEAVE_GROUP:
720 {
721 struct group_req greq;
722 struct sockaddr_in *psin;
723 struct ip_mreqn mreq;
724
725 if (optlen < sizeof(struct group_req))
726 goto e_inval;
727 err = -EFAULT;
728 if (copy_from_user(&greq, optval, sizeof(greq)))
729 break;
730 psin = (struct sockaddr_in *)&greq.gr_group;
731 if (psin->sin_family != AF_INET)
732 goto e_inval;
733 memset(&mreq, 0, sizeof(mreq));
734 mreq.imr_multiaddr = psin->sin_addr;
735 mreq.imr_ifindex = greq.gr_interface;
736
737 if (optname == MCAST_JOIN_GROUP)
738 err = ip_mc_join_group(sk, &mreq);
739 else
740 err = ip_mc_leave_group(sk, &mreq);
741 break;
742 }
743 case MCAST_JOIN_SOURCE_GROUP:
744 case MCAST_LEAVE_SOURCE_GROUP:
745 case MCAST_BLOCK_SOURCE:
746 case MCAST_UNBLOCK_SOURCE:
747 {
748 struct group_source_req greqs;
749 struct ip_mreq_source mreqs;
750 struct sockaddr_in *psin;
751 int omode, add;
752
753 if (optlen != sizeof(struct group_source_req))
754 goto e_inval;
755 if (copy_from_user(&greqs, optval, sizeof(greqs))) {
1da177e4 756 err = -EFAULT;
1da177e4
LT		 757 break;
758 }
132adf54
SH		 759 if (greqs.gsr_group.ss_family != AF_INET ||
760 greqs.gsr_source.ss_family != AF_INET) {
761 err = -EADDRNOTAVAIL;
1da177e4
LT		 762 break;
763 }
132adf54
SH		 764 psin = (struct sockaddr_in *)&greqs.gsr_group;
765 mreqs.imr_multiaddr = psin->sin_addr.s_addr;
766 psin = (struct sockaddr_in *)&greqs.gsr_source;
767 mreqs.imr_sourceaddr = psin->sin_addr.s_addr;
768 mreqs.imr_interface = 0; /* use index for mc_source */
769
770 if (optname == MCAST_BLOCK_SOURCE) {
771 omode = MCAST_EXCLUDE;
772 add = 1;
773 } else if (optname == MCAST_UNBLOCK_SOURCE) {
774 omode = MCAST_EXCLUDE;
775 add = 0;
776 } else if (optname == MCAST_JOIN_SOURCE_GROUP) {
1da177e4
LT		 777 struct ip_mreqn mreq;
778
132adf54 779 psin = (struct sockaddr_in *)&greqs.gsr_group;
1da177e4 780 mreq.imr_multiaddr = psin->sin_addr;
132adf54
SH		 781 mreq.imr_address.s_addr = 0;
782 mreq.imr_ifindex = greqs.gsr_interface;
783 err = ip_mc_join_group(sk, &mreq);
784 if (err && err != -EADDRINUSE)
785 break;
786 greqs.gsr_interface = mreq.imr_ifindex;
787 omode = MCAST_INCLUDE;
788 add = 1;
789 } else /* MCAST_LEAVE_SOURCE_GROUP */ {
790 omode = MCAST_INCLUDE;
791 add = 0;
792 }
793 err = ip_mc_source(add, omode, sk, &mreqs,
794 greqs.gsr_interface);
795 break;
796 }
797 case MCAST_MSFILTER:
798 {
799 extern int sysctl_igmp_max_msf;
800 struct sockaddr_in *psin;
801 struct ip_msfilter *msf = NULL;
802 struct group_filter *gsf = NULL;
803 int msize, i, ifindex;
804
805 if (optlen < GROUP_FILTER_SIZE(0))
806 goto e_inval;
807 if (optlen > sysctl_optmem_max) {
808 err = -ENOBUFS;
1da177e4
LT		 809 break;
810 }
132adf54
SH		 811 gsf = kmalloc(optlen,GFP_KERNEL);
812 if (gsf == 0) {
813 err = -ENOBUFS;
1da177e4
LT		 814 break;
815 }
132adf54
SH		 816 err = -EFAULT;
817 if (copy_from_user(gsf, optval, optlen)) {
818 goto mc_msf_out;
819 }
820 /* numsrc >= (4G-140)/128 overflow in 32 bits */
821 if (gsf->gf_numsrc >= 0x1ffffff ||
822 gsf->gf_numsrc > sysctl_igmp_max_msf) {
823 err = -ENOBUFS;
824 goto mc_msf_out;
825 }
826 if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) {
827 err = -EINVAL;
828 goto mc_msf_out;
829 }
830 msize = IP_MSFILTER_SIZE(gsf->gf_numsrc);
831 msf = kmalloc(msize,GFP_KERNEL);
832 if (msf == 0) {
833 err = -ENOBUFS;
834 goto mc_msf_out;
835 }
836 ifindex = gsf->gf_interface;
837 psin = (struct sockaddr_in *)&gsf->gf_group;
838 if (psin->sin_family != AF_INET) {
1da177e4 839 err = -EADDRNOTAVAIL;
132adf54 840 goto mc_msf_out;
1da177e4 841 }
132adf54
SH		 842 msf->imsf_multiaddr = psin->sin_addr.s_addr;
843 msf->imsf_interface = 0;
844 msf->imsf_fmode = gsf->gf_fmode;
845 msf->imsf_numsrc = gsf->gf_numsrc;
846 err = -EADDRNOTAVAIL;
847 for (i=0; i<gsf->gf_numsrc; ++i) {
848 psin = (struct sockaddr_in *)&gsf->gf_slist[i];
e905a9ed 849
132adf54
SH		 850 if (psin->sin_family != AF_INET)
851 goto mc_msf_out;
852 msf->imsf_slist[i] = psin->sin_addr.s_addr;
853 }
854 kfree(gsf);
855 gsf = NULL;
856
857 err = ip_mc_msfilter(sk, msf, ifindex);
858 mc_msf_out:
859 kfree(msf);
860 kfree(gsf);
861 break;
862 }
863 case IP_ROUTER_ALERT:
864 err = ip_ra_control(sk, val ? 1 : 0, NULL);
865 break;
866
867 case IP_FREEBIND:
868 if (optlen<1)
869 goto e_inval;
870 inet->freebind = !!val;
871 break;
872
873 case IP_IPSEC_POLICY:
874 case IP_XFRM_POLICY:
875 err = -EPERM;
876 if (!capable(CAP_NET_ADMIN))
1da177e4 877 break;
132adf54
SH		 878 err = xfrm_user_policy(sk, optname, optval, optlen);
879 break;
1da177e4 880
132adf54
SH		 881 default:
882 err = -ENOPROTOOPT;
883 break;
1da177e4
LT		 884 }
885 release_sock(sk);
886 return err;
887
888e_inval:
889 release_sock(sk);
890 return -EINVAL;
891}
892
3fdadf7d
DM		 893int ip_setsockopt(struct sock *sk, int level,
894 int optname, char __user *optval, int optlen)
895{
896 int err;
897
898 if (level != SOL_IP)
899 return -ENOPROTOOPT;
900
901 err = do_ip_setsockopt(sk, level, optname, optval, optlen);
902#ifdef CONFIG_NETFILTER
903 /* we need to exclude all possible ENOPROTOOPTs except default case */
904 if (err == -ENOPROTOOPT && optname != IP_HDRINCL &&
905 optname != IP_IPSEC_POLICY && optname != IP_XFRM_POLICY
906#ifdef CONFIG_IP_MROUTE
907 && (optname < MRT_BASE || optname > (MRT_BASE + 10))
908#endif
909 ) {
910 lock_sock(sk);
911 err = nf_setsockopt(sk, PF_INET, optname, optval, optlen);
912 release_sock(sk);
913 }
914#endif
915 return err;
916}
917
918#ifdef CONFIG_COMPAT
543d9cfe
ACM		 919int compat_ip_setsockopt(struct sock *sk, int level, int optname,
920 char __user *optval, int optlen)
3fdadf7d
DM		 921{
922 int err;
923
924 if (level != SOL_IP)
925 return -ENOPROTOOPT;
926
927 err = do_ip_setsockopt(sk, level, optname, optval, optlen);
928#ifdef CONFIG_NETFILTER
929 /* we need to exclude all possible ENOPROTOOPTs except default case */
930 if (err == -ENOPROTOOPT && optname != IP_HDRINCL &&
543d9cfe 931 optname != IP_IPSEC_POLICY && optname != IP_XFRM_POLICY
3fdadf7d 932#ifdef CONFIG_IP_MROUTE
543d9cfe 933 && (optname < MRT_BASE || optname > (MRT_BASE + 10))
3fdadf7d
DM		 934#endif
935 ) {
936 lock_sock(sk);
543d9cfe
ACM		 937 err = compat_nf_setsockopt(sk, PF_INET, optname,
938 optval, optlen);
3fdadf7d
DM		 939 release_sock(sk);
940 }
941#endif
942 return err;
943}
543d9cfe
ACM		 944
945EXPORT_SYMBOL(compat_ip_setsockopt);
3fdadf7d
DM		 946#endif
947
1da177e4
LT		 948/*
949 * Get the options. Note for future reference. The GET of IP options gets the
950 * _received_ ones. The set sets the _sent_ ones.
951 */
952
3fdadf7d 953static int do_ip_getsockopt(struct sock *sk, int level, int optname,
132adf54 954 char __user *optval, int __user *optlen)
1da177e4
LT		 955{
956 struct inet_sock *inet = inet_sk(sk);
957 int val;
958 int len;
e905a9ed 959
132adf54 960 if (level != SOL_IP)
1da177e4
LT		 961 return -EOPNOTSUPP;
962
963#ifdef CONFIG_IP_MROUTE
132adf54 964 if (optname >= MRT_BASE && optname <= MRT_BASE+10) {
1da177e4
LT		 965 return ip_mroute_getsockopt(sk,optname,optval,optlen);
966 }
967#endif
968
132adf54 969 if (get_user(len,optlen))
1da177e4 970 return -EFAULT;
132adf54 971 if (len < 0)
1da177e4 972 return -EINVAL;
e905a9ed 973
1da177e4
LT		 974 lock_sock(sk);
975
132adf54
SH		 976 switch (optname) {
977 case IP_OPTIONS:
978 {
979 unsigned char optbuf[sizeof(struct ip_options)+40];
980 struct ip_options * opt = (struct ip_options*)optbuf;
981 opt->optlen = 0;
982 if (inet->opt)
983 memcpy(optbuf, inet->opt,
984 sizeof(struct ip_options)+
985 inet->opt->optlen);
986 release_sock(sk);
987
988 if (opt->optlen == 0)
989 return put_user(0, optlen);
990
991 ip_options_undo(opt);
992
993 len = min_t(unsigned int, len, opt->optlen);
994 if (put_user(len, optlen))
995 return -EFAULT;
996 if (copy_to_user(optval, opt->__data, len))
997 return -EFAULT;
998 return 0;
999 }
1000 case IP_PKTINFO:
1001 val = (inet->cmsg_flags & IP_CMSG_PKTINFO) != 0;
1002 break;
1003 case IP_RECVTTL:
1004 val = (inet->cmsg_flags & IP_CMSG_TTL) != 0;
1005 break;
1006 case IP_RECVTOS:
1007 val = (inet->cmsg_flags & IP_CMSG_TOS) != 0;
1008 break;
1009 case IP_RECVOPTS:
1010 val = (inet->cmsg_flags & IP_CMSG_RECVOPTS) != 0;
1011 break;
1012 case IP_RETOPTS:
1013 val = (inet->cmsg_flags & IP_CMSG_RETOPTS) != 0;
1014 break;
1015 case IP_PASSSEC:
1016 val = (inet->cmsg_flags & IP_CMSG_PASSSEC) != 0;
1017 break;
1018 case IP_TOS:
1019 val = inet->tos;
1020 break;
1021 case IP_TTL:
1022 val = (inet->uc_ttl == -1 ?
1023 sysctl_ip_default_ttl :
1024 inet->uc_ttl);
1025 break;
1026 case IP_HDRINCL:
1027 val = inet->hdrincl;
1028 break;
1029 case IP_MTU_DISCOVER:
1030 val = inet->pmtudisc;
1031 break;
1032 case IP_MTU:
1033 {
1034 struct dst_entry *dst;
1035 val = 0;
1036 dst = sk_dst_get(sk);
1037 if (dst) {
1038 val = dst_mtu(dst);
1039 dst_release(dst);
1da177e4 1040 }
132adf54 1041 if (!val) {
1da177e4 1042 release_sock(sk);
132adf54 1043 return -ENOTCONN;
1da177e4 1044 }
132adf54
SH		 1045 break;
1046 }
1047 case IP_RECVERR:
1048 val = inet->recverr;
1049 break;
1050 case IP_MULTICAST_TTL:
1051 val = inet->mc_ttl;
1052 break;
1053 case IP_MULTICAST_LOOP:
1054 val = inet->mc_loop;
1055 break;
1056 case IP_MULTICAST_IF:
1057 {
1058 struct in_addr addr;
1059 len = min_t(unsigned int, len, sizeof(struct in_addr));
1060 addr.s_addr = inet->mc_addr;
1061 release_sock(sk);
1da177e4 1062
132adf54
SH		 1063 if (put_user(len, optlen))
1064 return -EFAULT;
1065 if (copy_to_user(optval, &addr, len))
1066 return -EFAULT;
1067 return 0;
1068 }
1069 case IP_MSFILTER:
1070 {
1071 struct ip_msfilter msf;
1072 int err;
1073
1074 if (len < IP_MSFILTER_SIZE(0)) {
1da177e4 1075 release_sock(sk);
132adf54 1076 return -EINVAL;
1da177e4 1077 }
132adf54 1078 if (copy_from_user(&msf, optval, IP_MSFILTER_SIZE(0))) {
1da177e4 1079 release_sock(sk);
132adf54 1080 return -EFAULT;
1da177e4 1081 }
132adf54
SH		 1082 err = ip_mc_msfget(sk, &msf,
1083 (struct ip_msfilter __user *)optval, optlen);
1084 release_sock(sk);
1085 return err;
1086 }
1087 case MCAST_MSFILTER:
1088 {
1089 struct group_filter gsf;
1090 int err;
1da177e4 1091
132adf54 1092 if (len < GROUP_FILTER_SIZE(0)) {
1da177e4 1093 release_sock(sk);
132adf54
SH		 1094 return -EINVAL;
1095 }
1096 if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0))) {
1097 release_sock(sk);
1098 return -EFAULT;
1099 }
1100 err = ip_mc_gsfget(sk, &gsf,
1101 (struct group_filter __user *)optval, optlen);
1102 release_sock(sk);
1103 return err;
1104 }
1105 case IP_PKTOPTIONS:
1106 {
1107 struct msghdr msg;
1da177e4 1108
132adf54 1109 release_sock(sk);
1da177e4 1110
132adf54
SH		 1111 if (sk->sk_type != SOCK_STREAM)
1112 return -ENOPROTOOPT;
1da177e4 1113
132adf54
SH		 1114 msg.msg_control = optval;
1115 msg.msg_controllen = len;
1116 msg.msg_flags = 0;
1da177e4 1117
132adf54
SH		 1118 if (inet->cmsg_flags & IP_CMSG_PKTINFO) {
1119 struct in_pktinfo info;
1120
1121 info.ipi_addr.s_addr = inet->rcv_saddr;
1122 info.ipi_spec_dst.s_addr = inet->rcv_saddr;
1123 info.ipi_ifindex = inet->mc_index;
1124 put_cmsg(&msg, SOL_IP, IP_PKTINFO, sizeof(info), &info);
1da177e4 1125 }
132adf54
SH		 1126 if (inet->cmsg_flags & IP_CMSG_TTL) {
1127 int hlim = inet->mc_ttl;
1128 put_cmsg(&msg, SOL_IP, IP_TTL, sizeof(hlim), &hlim);
1129 }
1130 len -= msg.msg_controllen;
1131 return put_user(len, optlen);
1132 }
1133 case IP_FREEBIND:
1134 val = inet->freebind;
1135 break;
1136 default:
1137 release_sock(sk);
1138 return -ENOPROTOOPT;
1da177e4
LT		 1139 }
1140 release_sock(sk);
e905a9ed 1141
1da177e4
LT		 1142 if (len < sizeof(int) && len > 0 && val>=0 && val<255) {
1143 unsigned char ucval = (unsigned char)val;
1144 len = 1;
132adf54 1145 if (put_user(len, optlen))
1da177e4 1146 return -EFAULT;
132adf54 1147 if (copy_to_user(optval,&ucval,1))
1da177e4
LT		 1148 return -EFAULT;
1149 } else {
1150 len = min_t(unsigned int, sizeof(int), len);
132adf54 1151 if (put_user(len, optlen))
1da177e4 1152 return -EFAULT;
132adf54 1153 if (copy_to_user(optval,&val,len))
1da177e4
LT		 1154 return -EFAULT;
1155 }
1156 return 0;
1157}
1158
3fdadf7d 1159int ip_getsockopt(struct sock *sk, int level,
132adf54 1160 int optname, char __user *optval, int __user *optlen)
3fdadf7d
DM		 1161{
1162 int err;
1163
1164 err = do_ip_getsockopt(sk, level, optname, optval, optlen);
1165#ifdef CONFIG_NETFILTER
1166 /* we need to exclude all possible ENOPROTOOPTs except default case */
1167 if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS
1168#ifdef CONFIG_IP_MROUTE
1169 && (optname < MRT_BASE || optname > MRT_BASE+10)
1170#endif
1171 ) {
e905a9ed 1172 int len;
3fdadf7d 1173
132adf54 1174 if (get_user(len,optlen))
3fdadf7d
DM		 1175 return -EFAULT;
1176
1177 lock_sock(sk);
1178 err = nf_getsockopt(sk, PF_INET, optname, optval,
1179 &len);
1180 release_sock(sk);
1181 if (err >= 0)
1182 err = put_user(len, optlen);
1183 return err;
1184 }
1185#endif
1186 return err;
1187}
1188
1189#ifdef CONFIG_COMPAT
543d9cfe
ACM		 1190int compat_ip_getsockopt(struct sock *sk, int level, int optname,
1191 char __user *optval, int __user *optlen)
3fdadf7d 1192{
543d9cfe 1193 int err = do_ip_getsockopt(sk, level, optname, optval, optlen);
3fdadf7d
DM		 1194#ifdef CONFIG_NETFILTER
1195 /* we need to exclude all possible ENOPROTOOPTs except default case */
1196 if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS
1197#ifdef CONFIG_IP_MROUTE
543d9cfe 1198 && (optname < MRT_BASE || optname > MRT_BASE+10)
3fdadf7d
DM		 1199#endif
1200 ) {
e905a9ed 1201 int len;
3fdadf7d 1202
543d9cfe 1203 if (get_user(len, optlen))
3fdadf7d
DM		 1204 return -EFAULT;
1205
1206 lock_sock(sk);
543d9cfe 1207 err = compat_nf_getsockopt(sk, PF_INET, optname, optval, &len);
3fdadf7d
DM		 1208 release_sock(sk);
1209 if (err >= 0)
1210 err = put_user(len, optlen);
1211 return err;
1212 }
1213#endif
1214 return err;
1215}
543d9cfe
ACM		 1216
1217EXPORT_SYMBOL(compat_ip_getsockopt);
3fdadf7d
DM		 1218#endif
1219
1da177e4
LT		 1220EXPORT_SYMBOL(ip_cmsg_recv);
1221
1da177e4
LT		 1222EXPORT_SYMBOL(ip_getsockopt);
1223EXPORT_SYMBOL(ip_setsockopt);
Ubuntu Artful kernel mirror