]>
Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | /* |
2 | * RAW sockets for IPv6 | |
3 | * Linux INET6 implementation | |
4 | * | |
5 | * Authors: | |
6 | * Pedro Roque <roque@di.fc.ul.pt> | |
7 | * | |
8 | * Adapted from linux/net/ipv4/raw.c | |
9 | * | |
10 | * $Id: raw.c,v 1.51 2002/02/01 22:01:04 davem Exp $ | |
11 | * | |
12 | * Fixes: | |
13 | * Hideaki YOSHIFUJI : sin6_scope_id support | |
14 | * YOSHIFUJI,H.@USAGI : raw checksum (RFC2292(bis) compliance) | |
15 | * Kazunori MIYAZAWA @USAGI: change process style to use ip6_append_data | |
16 | * | |
17 | * This program is free software; you can redistribute it and/or | |
18 | * modify it under the terms of the GNU General Public License | |
19 | * as published by the Free Software Foundation; either version | |
20 | * 2 of the License, or (at your option) any later version. | |
21 | */ | |
22 | ||
23 | #include <linux/errno.h> | |
24 | #include <linux/types.h> | |
25 | #include <linux/socket.h> | |
26 | #include <linux/sockios.h> | |
27 | #include <linux/sched.h> | |
28 | #include <linux/net.h> | |
29 | #include <linux/in6.h> | |
30 | #include <linux/netdevice.h> | |
31 | #include <linux/if_arp.h> | |
32 | #include <linux/icmpv6.h> | |
33 | #include <linux/netfilter.h> | |
34 | #include <linux/netfilter_ipv6.h> | |
35 | #include <asm/uaccess.h> | |
36 | #include <asm/ioctls.h> | |
37 | ||
38 | #include <net/ip.h> | |
39 | #include <net/sock.h> | |
40 | #include <net/snmp.h> | |
41 | ||
42 | #include <net/ipv6.h> | |
43 | #include <net/ndisc.h> | |
44 | #include <net/protocol.h> | |
45 | #include <net/ip6_route.h> | |
46 | #include <net/ip6_checksum.h> | |
47 | #include <net/addrconf.h> | |
48 | #include <net/transp_v6.h> | |
49 | #include <net/udp.h> | |
50 | #include <net/inet_common.h> | |
51 | ||
52 | #include <net/rawv6.h> | |
53 | #include <net/xfrm.h> | |
54 | ||
55 | #include <linux/proc_fs.h> | |
56 | #include <linux/seq_file.h> | |
57 | ||
58 | struct hlist_head raw_v6_htable[RAWV6_HTABLE_SIZE]; | |
59 | DEFINE_RWLOCK(raw_v6_lock); | |
60 | ||
61 | static void raw_v6_hash(struct sock *sk) | |
62 | { | |
63 | struct hlist_head *list = &raw_v6_htable[inet_sk(sk)->num & | |
64 | (RAWV6_HTABLE_SIZE - 1)]; | |
65 | ||
66 | write_lock_bh(&raw_v6_lock); | |
67 | sk_add_node(sk, list); | |
68 | sock_prot_inc_use(sk->sk_prot); | |
69 | write_unlock_bh(&raw_v6_lock); | |
70 | } | |
71 | ||
72 | static void raw_v6_unhash(struct sock *sk) | |
73 | { | |
74 | write_lock_bh(&raw_v6_lock); | |
75 | if (sk_del_node_init(sk)) | |
76 | sock_prot_dec_use(sk->sk_prot); | |
77 | write_unlock_bh(&raw_v6_lock); | |
78 | } | |
79 | ||
80 | ||
81 | /* Grumble... icmp and ip_input want to get at this... */ | |
82 | struct sock *__raw_v6_lookup(struct sock *sk, unsigned short num, | |
83 | struct in6_addr *loc_addr, struct in6_addr *rmt_addr) | |
84 | { | |
85 | struct hlist_node *node; | |
86 | int is_multicast = ipv6_addr_is_multicast(loc_addr); | |
87 | ||
88 | sk_for_each_from(sk, node) | |
89 | if (inet_sk(sk)->num == num) { | |
90 | struct ipv6_pinfo *np = inet6_sk(sk); | |
91 | ||
92 | if (!ipv6_addr_any(&np->daddr) && | |
93 | !ipv6_addr_equal(&np->daddr, rmt_addr)) | |
94 | continue; | |
95 | ||
96 | if (!ipv6_addr_any(&np->rcv_saddr)) { | |
97 | if (ipv6_addr_equal(&np->rcv_saddr, loc_addr)) | |
98 | goto found; | |
99 | if (is_multicast && | |
100 | inet6_mc_check(sk, loc_addr, rmt_addr)) | |
101 | goto found; | |
102 | continue; | |
103 | } | |
104 | goto found; | |
105 | } | |
106 | sk = NULL; | |
107 | found: | |
108 | return sk; | |
109 | } | |
110 | ||
111 | /* | |
112 | * 0 - deliver | |
113 | * 1 - block | |
114 | */ | |
115 | static __inline__ int icmpv6_filter(struct sock *sk, struct sk_buff *skb) | |
116 | { | |
117 | struct icmp6hdr *icmph; | |
118 | struct raw6_sock *rp = raw6_sk(sk); | |
119 | ||
120 | if (pskb_may_pull(skb, sizeof(struct icmp6hdr))) { | |
121 | __u32 *data = &rp->filter.data[0]; | |
122 | int bit_nr; | |
123 | ||
124 | icmph = (struct icmp6hdr *) skb->data; | |
125 | bit_nr = icmph->icmp6_type; | |
126 | ||
127 | return (data[bit_nr >> 5] & (1 << (bit_nr & 31))) != 0; | |
128 | } | |
129 | return 0; | |
130 | } | |
131 | ||
132 | /* | |
133 | * demultiplex raw sockets. | |
134 | * (should consider queueing the skb in the sock receive_queue | |
135 | * without calling rawv6.c) | |
136 | * | |
137 | * Caller owns SKB so we must make clones. | |
138 | */ | |
139 | void ipv6_raw_deliver(struct sk_buff *skb, int nexthdr) | |
140 | { | |
141 | struct in6_addr *saddr; | |
142 | struct in6_addr *daddr; | |
143 | struct sock *sk; | |
144 | __u8 hash; | |
145 | ||
146 | saddr = &skb->nh.ipv6h->saddr; | |
147 | daddr = saddr + 1; | |
148 | ||
149 | hash = nexthdr & (MAX_INET_PROTOS - 1); | |
150 | ||
151 | read_lock(&raw_v6_lock); | |
152 | sk = sk_head(&raw_v6_htable[hash]); | |
153 | ||
154 | /* | |
155 | * The first socket found will be delivered after | |
156 | * delivery to transport protocols. | |
157 | */ | |
158 | ||
159 | if (sk == NULL) | |
160 | goto out; | |
161 | ||
162 | sk = __raw_v6_lookup(sk, nexthdr, daddr, saddr); | |
163 | ||
164 | while (sk) { | |
165 | if (nexthdr != IPPROTO_ICMPV6 || !icmpv6_filter(sk, skb)) { | |
166 | struct sk_buff *clone = skb_clone(skb, GFP_ATOMIC); | |
167 | ||
168 | /* Not releasing hash table! */ | |
169 | if (clone) | |
170 | rawv6_rcv(sk, clone); | |
171 | } | |
172 | sk = __raw_v6_lookup(sk_next(sk), nexthdr, daddr, saddr); | |
173 | } | |
174 | out: | |
175 | read_unlock(&raw_v6_lock); | |
176 | } | |
177 | ||
178 | /* This cleans up af_inet6 a bit. -DaveM */ | |
179 | static int rawv6_bind(struct sock *sk, struct sockaddr *uaddr, int addr_len) | |
180 | { | |
181 | struct inet_sock *inet = inet_sk(sk); | |
182 | struct ipv6_pinfo *np = inet6_sk(sk); | |
183 | struct sockaddr_in6 *addr = (struct sockaddr_in6 *) uaddr; | |
184 | __u32 v4addr = 0; | |
185 | int addr_type; | |
186 | int err; | |
187 | ||
188 | if (addr_len < SIN6_LEN_RFC2133) | |
189 | return -EINVAL; | |
190 | addr_type = ipv6_addr_type(&addr->sin6_addr); | |
191 | ||
192 | /* Raw sockets are IPv6 only */ | |
193 | if (addr_type == IPV6_ADDR_MAPPED) | |
194 | return(-EADDRNOTAVAIL); | |
195 | ||
196 | lock_sock(sk); | |
197 | ||
198 | err = -EINVAL; | |
199 | if (sk->sk_state != TCP_CLOSE) | |
200 | goto out; | |
201 | ||
202 | /* Check if the address belongs to the host. */ | |
203 | if (addr_type != IPV6_ADDR_ANY) { | |
204 | struct net_device *dev = NULL; | |
205 | ||
206 | if (addr_type & IPV6_ADDR_LINKLOCAL) { | |
207 | if (addr_len >= sizeof(struct sockaddr_in6) && | |
208 | addr->sin6_scope_id) { | |
209 | /* Override any existing binding, if another | |
210 | * one is supplied by user. | |
211 | */ | |
212 | sk->sk_bound_dev_if = addr->sin6_scope_id; | |
213 | } | |
214 | ||
215 | /* Binding to link-local address requires an interface */ | |
216 | if (!sk->sk_bound_dev_if) | |
217 | goto out; | |
218 | ||
219 | dev = dev_get_by_index(sk->sk_bound_dev_if); | |
220 | if (!dev) { | |
221 | err = -ENODEV; | |
222 | goto out; | |
223 | } | |
224 | } | |
225 | ||
226 | /* ipv4 addr of the socket is invalid. Only the | |
227 | * unspecified and mapped address have a v4 equivalent. | |
228 | */ | |
229 | v4addr = LOOPBACK4_IPV6; | |
230 | if (!(addr_type & IPV6_ADDR_MULTICAST)) { | |
231 | err = -EADDRNOTAVAIL; | |
232 | if (!ipv6_chk_addr(&addr->sin6_addr, dev, 0)) { | |
233 | if (dev) | |
234 | dev_put(dev); | |
235 | goto out; | |
236 | } | |
237 | } | |
238 | if (dev) | |
239 | dev_put(dev); | |
240 | } | |
241 | ||
242 | inet->rcv_saddr = inet->saddr = v4addr; | |
243 | ipv6_addr_copy(&np->rcv_saddr, &addr->sin6_addr); | |
244 | if (!(addr_type & IPV6_ADDR_MULTICAST)) | |
245 | ipv6_addr_copy(&np->saddr, &addr->sin6_addr); | |
246 | err = 0; | |
247 | out: | |
248 | release_sock(sk); | |
249 | return err; | |
250 | } | |
251 | ||
252 | void rawv6_err(struct sock *sk, struct sk_buff *skb, | |
253 | struct inet6_skb_parm *opt, | |
254 | int type, int code, int offset, u32 info) | |
255 | { | |
256 | struct inet_sock *inet = inet_sk(sk); | |
257 | struct ipv6_pinfo *np = inet6_sk(sk); | |
258 | int err; | |
259 | int harderr; | |
260 | ||
261 | /* Report error on raw socket, if: | |
262 | 1. User requested recverr. | |
263 | 2. Socket is connected (otherwise the error indication | |
264 | is useless without recverr and error is hard. | |
265 | */ | |
266 | if (!np->recverr && sk->sk_state != TCP_ESTABLISHED) | |
267 | return; | |
268 | ||
269 | harderr = icmpv6_err_convert(type, code, &err); | |
270 | if (type == ICMPV6_PKT_TOOBIG) | |
271 | harderr = (np->pmtudisc == IPV6_PMTUDISC_DO); | |
272 | ||
273 | if (np->recverr) { | |
274 | u8 *payload = skb->data; | |
275 | if (!inet->hdrincl) | |
276 | payload += offset; | |
277 | ipv6_icmp_error(sk, skb, err, 0, ntohl(info), payload); | |
278 | } | |
279 | ||
280 | if (np->recverr || harderr) { | |
281 | sk->sk_err = err; | |
282 | sk->sk_error_report(sk); | |
283 | } | |
284 | } | |
285 | ||
286 | static inline int rawv6_rcv_skb(struct sock * sk, struct sk_buff * skb) | |
287 | { | |
288 | if ((raw6_sk(sk)->checksum || sk->sk_filter) && | |
289 | skb->ip_summed != CHECKSUM_UNNECESSARY) { | |
290 | if ((unsigned short)csum_fold(skb_checksum(skb, 0, skb->len, skb->csum))) { | |
291 | /* FIXME: increment a raw6 drops counter here */ | |
292 | kfree_skb(skb); | |
293 | return 0; | |
294 | } | |
295 | skb->ip_summed = CHECKSUM_UNNECESSARY; | |
296 | } | |
297 | ||
298 | /* Charge it to the socket. */ | |
299 | if (sock_queue_rcv_skb(sk,skb)<0) { | |
300 | /* FIXME: increment a raw6 drops counter here */ | |
301 | kfree_skb(skb); | |
302 | return 0; | |
303 | } | |
304 | ||
305 | return 0; | |
306 | } | |
307 | ||
308 | /* | |
309 | * This is next to useless... | |
310 | * if we demultiplex in network layer we don't need the extra call | |
311 | * just to queue the skb... | |
312 | * maybe we could have the network decide upon a hint if it | |
313 | * should call raw_rcv for demultiplexing | |
314 | */ | |
315 | int rawv6_rcv(struct sock *sk, struct sk_buff *skb) | |
316 | { | |
317 | struct inet_sock *inet = inet_sk(sk); | |
318 | struct raw6_sock *rp = raw6_sk(sk); | |
319 | ||
320 | if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb)) { | |
321 | kfree_skb(skb); | |
322 | return NET_RX_DROP; | |
323 | } | |
324 | ||
325 | if (!rp->checksum) | |
326 | skb->ip_summed = CHECKSUM_UNNECESSARY; | |
327 | ||
328 | if (skb->ip_summed != CHECKSUM_UNNECESSARY) { | |
329 | if (skb->ip_summed == CHECKSUM_HW) { | |
330 | skb->ip_summed = CHECKSUM_UNNECESSARY; | |
331 | if (csum_ipv6_magic(&skb->nh.ipv6h->saddr, | |
332 | &skb->nh.ipv6h->daddr, | |
333 | skb->len, inet->num, skb->csum)) { | |
334 | LIMIT_NETDEBUG( | |
335 | printk(KERN_DEBUG "raw v6 hw csum failure.\n")); | |
336 | skb->ip_summed = CHECKSUM_NONE; | |
337 | } | |
338 | } | |
339 | if (skb->ip_summed == CHECKSUM_NONE) | |
340 | skb->csum = ~csum_ipv6_magic(&skb->nh.ipv6h->saddr, | |
341 | &skb->nh.ipv6h->daddr, | |
342 | skb->len, inet->num, 0); | |
343 | } | |
344 | ||
345 | if (inet->hdrincl) { | |
346 | if (skb->ip_summed != CHECKSUM_UNNECESSARY && | |
347 | (unsigned short)csum_fold(skb_checksum(skb, 0, skb->len, skb->csum))) { | |
348 | /* FIXME: increment a raw6 drops counter here */ | |
349 | kfree_skb(skb); | |
350 | return 0; | |
351 | } | |
352 | skb->ip_summed = CHECKSUM_UNNECESSARY; | |
353 | } | |
354 | ||
355 | rawv6_rcv_skb(sk, skb); | |
356 | return 0; | |
357 | } | |
358 | ||
359 | ||
360 | /* | |
361 | * This should be easy, if there is something there | |
362 | * we return it, otherwise we block. | |
363 | */ | |
364 | ||
365 | static int rawv6_recvmsg(struct kiocb *iocb, struct sock *sk, | |
366 | struct msghdr *msg, size_t len, | |
367 | int noblock, int flags, int *addr_len) | |
368 | { | |
369 | struct ipv6_pinfo *np = inet6_sk(sk); | |
370 | struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)msg->msg_name; | |
371 | struct sk_buff *skb; | |
372 | size_t copied; | |
373 | int err; | |
374 | ||
375 | if (flags & MSG_OOB) | |
376 | return -EOPNOTSUPP; | |
377 | ||
378 | if (addr_len) | |
379 | *addr_len=sizeof(*sin6); | |
380 | ||
381 | if (flags & MSG_ERRQUEUE) | |
382 | return ipv6_recv_error(sk, msg, len); | |
383 | ||
384 | skb = skb_recv_datagram(sk, flags, noblock, &err); | |
385 | if (!skb) | |
386 | goto out; | |
387 | ||
388 | copied = skb->len; | |
389 | if (copied > len) { | |
390 | copied = len; | |
391 | msg->msg_flags |= MSG_TRUNC; | |
392 | } | |
393 | ||
394 | if (skb->ip_summed==CHECKSUM_UNNECESSARY) { | |
395 | err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); | |
396 | } else if (msg->msg_flags&MSG_TRUNC) { | |
397 | if ((unsigned short)csum_fold(skb_checksum(skb, 0, skb->len, skb->csum))) | |
398 | goto csum_copy_err; | |
399 | err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); | |
400 | } else { | |
401 | err = skb_copy_and_csum_datagram_iovec(skb, 0, msg->msg_iov); | |
402 | if (err == -EINVAL) | |
403 | goto csum_copy_err; | |
404 | } | |
405 | if (err) | |
406 | goto out_free; | |
407 | ||
408 | /* Copy the address. */ | |
409 | if (sin6) { | |
410 | sin6->sin6_family = AF_INET6; | |
411 | ipv6_addr_copy(&sin6->sin6_addr, &skb->nh.ipv6h->saddr); | |
412 | sin6->sin6_flowinfo = 0; | |
413 | sin6->sin6_scope_id = 0; | |
414 | if (ipv6_addr_type(&sin6->sin6_addr) & IPV6_ADDR_LINKLOCAL) | |
415 | sin6->sin6_scope_id = IP6CB(skb)->iif; | |
416 | } | |
417 | ||
418 | sock_recv_timestamp(msg, sk, skb); | |
419 | ||
420 | if (np->rxopt.all) | |
421 | datagram_recv_ctl(sk, msg, skb); | |
422 | ||
423 | err = copied; | |
424 | if (flags & MSG_TRUNC) | |
425 | err = skb->len; | |
426 | ||
427 | out_free: | |
428 | skb_free_datagram(sk, skb); | |
429 | out: | |
430 | return err; | |
431 | ||
432 | csum_copy_err: | |
433 | /* Clear queue. */ | |
434 | if (flags&MSG_PEEK) { | |
435 | int clear = 0; | |
436 | spin_lock_irq(&sk->sk_receive_queue.lock); | |
437 | if (skb == skb_peek(&sk->sk_receive_queue)) { | |
438 | __skb_unlink(skb, &sk->sk_receive_queue); | |
439 | clear = 1; | |
440 | } | |
441 | spin_unlock_irq(&sk->sk_receive_queue.lock); | |
442 | if (clear) | |
443 | kfree_skb(skb); | |
444 | } | |
445 | ||
446 | /* Error for blocking case is chosen to masquerade | |
447 | as some normal condition. | |
448 | */ | |
449 | err = (flags&MSG_DONTWAIT) ? -EAGAIN : -EHOSTUNREACH; | |
450 | /* FIXME: increment a raw6 drops counter here */ | |
451 | goto out_free; | |
452 | } | |
453 | ||
454 | static int rawv6_push_pending_frames(struct sock *sk, struct flowi *fl, | |
455 | struct raw6_sock *rp, int len) | |
456 | { | |
457 | struct sk_buff *skb; | |
458 | int err = 0; | |
459 | u16 *csum; | |
460 | u32 tmp_csum; | |
461 | ||
462 | if (!rp->checksum) | |
463 | goto send; | |
464 | ||
465 | if ((skb = skb_peek(&sk->sk_write_queue)) == NULL) | |
466 | goto out; | |
467 | ||
468 | if (rp->offset + 1 < len) | |
469 | csum = (u16 *)(skb->h.raw + rp->offset); | |
470 | else { | |
471 | err = -EINVAL; | |
472 | goto out; | |
473 | } | |
474 | ||
475 | /* should be check HW csum miyazawa */ | |
476 | if (skb_queue_len(&sk->sk_write_queue) == 1) { | |
477 | /* | |
478 | * Only one fragment on the socket. | |
479 | */ | |
480 | tmp_csum = skb->csum; | |
481 | } else { | |
482 | tmp_csum = 0; | |
483 | ||
484 | skb_queue_walk(&sk->sk_write_queue, skb) { | |
485 | tmp_csum = csum_add(tmp_csum, skb->csum); | |
486 | } | |
487 | } | |
488 | ||
489 | /* in case cksum was not initialized */ | |
490 | if (unlikely(*csum)) | |
491 | tmp_csum = csum_sub(tmp_csum, *csum); | |
492 | ||
493 | *csum = csum_ipv6_magic(&fl->fl6_src, | |
494 | &fl->fl6_dst, | |
495 | len, fl->proto, tmp_csum); | |
496 | ||
497 | if (*csum == 0) | |
498 | *csum = -1; | |
499 | send: | |
500 | err = ip6_push_pending_frames(sk); | |
501 | out: | |
502 | return err; | |
503 | } | |
504 | ||
505 | static int rawv6_send_hdrinc(struct sock *sk, void *from, int length, | |
506 | struct flowi *fl, struct rt6_info *rt, | |
507 | unsigned int flags) | |
508 | { | |
509 | struct inet_sock *inet = inet_sk(sk); | |
510 | struct ipv6hdr *iph; | |
511 | struct sk_buff *skb; | |
512 | unsigned int hh_len; | |
513 | int err; | |
514 | ||
515 | if (length > rt->u.dst.dev->mtu) { | |
516 | ipv6_local_error(sk, EMSGSIZE, fl, rt->u.dst.dev->mtu); | |
517 | return -EMSGSIZE; | |
518 | } | |
519 | if (flags&MSG_PROBE) | |
520 | goto out; | |
521 | ||
522 | hh_len = LL_RESERVED_SPACE(rt->u.dst.dev); | |
523 | ||
524 | skb = sock_alloc_send_skb(sk, length+hh_len+15, | |
525 | flags&MSG_DONTWAIT, &err); | |
526 | if (skb == NULL) | |
527 | goto error; | |
528 | skb_reserve(skb, hh_len); | |
529 | ||
530 | skb->priority = sk->sk_priority; | |
531 | skb->dst = dst_clone(&rt->u.dst); | |
532 | ||
533 | skb->nh.ipv6h = iph = (struct ipv6hdr *)skb_put(skb, length); | |
534 | ||
535 | skb->ip_summed = CHECKSUM_NONE; | |
536 | ||
537 | skb->h.raw = skb->nh.raw; | |
538 | err = memcpy_fromiovecend((void *)iph, from, 0, length); | |
539 | if (err) | |
540 | goto error_fault; | |
541 | ||
542 | IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS); | |
543 | err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, rt->u.dst.dev, | |
544 | dst_output); | |
545 | if (err > 0) | |
546 | err = inet->recverr ? net_xmit_errno(err) : 0; | |
547 | if (err) | |
548 | goto error; | |
549 | out: | |
550 | return 0; | |
551 | ||
552 | error_fault: | |
553 | err = -EFAULT; | |
554 | kfree_skb(skb); | |
555 | error: | |
556 | IP6_INC_STATS(IPSTATS_MIB_OUTDISCARDS); | |
557 | return err; | |
558 | } | |
559 | ||
560 | static void rawv6_probe_proto_opt(struct flowi *fl, struct msghdr *msg) | |
561 | { | |
562 | struct iovec *iov; | |
563 | u8 __user *type = NULL; | |
564 | u8 __user *code = NULL; | |
565 | int probed = 0; | |
566 | int i; | |
567 | ||
568 | if (!msg->msg_iov) | |
569 | return; | |
570 | ||
571 | for (i = 0; i < msg->msg_iovlen; i++) { | |
572 | iov = &msg->msg_iov[i]; | |
573 | if (!iov) | |
574 | continue; | |
575 | ||
576 | switch (fl->proto) { | |
577 | case IPPROTO_ICMPV6: | |
578 | /* check if one-byte field is readable or not. */ | |
579 | if (iov->iov_base && iov->iov_len < 1) | |
580 | break; | |
581 | ||
582 | if (!type) { | |
583 | type = iov->iov_base; | |
584 | /* check if code field is readable or not. */ | |
585 | if (iov->iov_len > 1) | |
586 | code = type + 1; | |
587 | } else if (!code) | |
588 | code = iov->iov_base; | |
589 | ||
590 | if (type && code) { | |
591 | get_user(fl->fl_icmp_type, type); | |
592 | __get_user(fl->fl_icmp_code, code); | |
593 | probed = 1; | |
594 | } | |
595 | break; | |
596 | default: | |
597 | probed = 1; | |
598 | break; | |
599 | } | |
600 | if (probed) | |
601 | break; | |
602 | } | |
603 | } | |
604 | ||
605 | static int rawv6_sendmsg(struct kiocb *iocb, struct sock *sk, | |
606 | struct msghdr *msg, size_t len) | |
607 | { | |
608 | struct ipv6_txoptions opt_space; | |
609 | struct sockaddr_in6 * sin6 = (struct sockaddr_in6 *) msg->msg_name; | |
610 | struct in6_addr *daddr, *final_p = NULL, final; | |
611 | struct inet_sock *inet = inet_sk(sk); | |
612 | struct ipv6_pinfo *np = inet6_sk(sk); | |
613 | struct raw6_sock *rp = raw6_sk(sk); | |
614 | struct ipv6_txoptions *opt = NULL; | |
615 | struct ip6_flowlabel *flowlabel = NULL; | |
616 | struct dst_entry *dst = NULL; | |
617 | struct flowi fl; | |
618 | int addr_len = msg->msg_namelen; | |
619 | int hlimit = -1; | |
620 | u16 proto; | |
621 | int err; | |
622 | ||
623 | /* Rough check on arithmetic overflow, | |
624 | better check is made in ip6_build_xmit | |
625 | */ | |
626 | if (len < 0) | |
627 | return -EMSGSIZE; | |
628 | ||
629 | /* Mirror BSD error message compatibility */ | |
630 | if (msg->msg_flags & MSG_OOB) | |
631 | return -EOPNOTSUPP; | |
632 | ||
633 | /* | |
634 | * Get and verify the address. | |
635 | */ | |
636 | memset(&fl, 0, sizeof(fl)); | |
637 | ||
638 | if (sin6) { | |
639 | if (addr_len < SIN6_LEN_RFC2133) | |
640 | return -EINVAL; | |
641 | ||
642 | if (sin6->sin6_family && sin6->sin6_family != AF_INET6) | |
643 | return(-EAFNOSUPPORT); | |
644 | ||
645 | /* port is the proto value [0..255] carried in nexthdr */ | |
646 | proto = ntohs(sin6->sin6_port); | |
647 | ||
648 | if (!proto) | |
649 | proto = inet->num; | |
650 | else if (proto != inet->num) | |
651 | return(-EINVAL); | |
652 | ||
653 | if (proto > 255) | |
654 | return(-EINVAL); | |
655 | ||
656 | daddr = &sin6->sin6_addr; | |
657 | if (np->sndflow) { | |
658 | fl.fl6_flowlabel = sin6->sin6_flowinfo&IPV6_FLOWINFO_MASK; | |
659 | if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) { | |
660 | flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel); | |
661 | if (flowlabel == NULL) | |
662 | return -EINVAL; | |
663 | daddr = &flowlabel->dst; | |
664 | } | |
665 | } | |
666 | ||
667 | /* | |
668 | * Otherwise it will be difficult to maintain | |
669 | * sk->sk_dst_cache. | |
670 | */ | |
671 | if (sk->sk_state == TCP_ESTABLISHED && | |
672 | ipv6_addr_equal(daddr, &np->daddr)) | |
673 | daddr = &np->daddr; | |
674 | ||
675 | if (addr_len >= sizeof(struct sockaddr_in6) && | |
676 | sin6->sin6_scope_id && | |
677 | ipv6_addr_type(daddr)&IPV6_ADDR_LINKLOCAL) | |
678 | fl.oif = sin6->sin6_scope_id; | |
679 | } else { | |
680 | if (sk->sk_state != TCP_ESTABLISHED) | |
681 | return -EDESTADDRREQ; | |
682 | ||
683 | proto = inet->num; | |
684 | daddr = &np->daddr; | |
685 | fl.fl6_flowlabel = np->flow_label; | |
686 | } | |
687 | ||
688 | if (ipv6_addr_any(daddr)) { | |
689 | /* | |
690 | * unspecified destination address | |
691 | * treated as error... is this correct ? | |
692 | */ | |
693 | fl6_sock_release(flowlabel); | |
694 | return(-EINVAL); | |
695 | } | |
696 | ||
697 | if (fl.oif == 0) | |
698 | fl.oif = sk->sk_bound_dev_if; | |
699 | ||
700 | if (msg->msg_controllen) { | |
701 | opt = &opt_space; | |
702 | memset(opt, 0, sizeof(struct ipv6_txoptions)); | |
703 | opt->tot_len = sizeof(struct ipv6_txoptions); | |
704 | ||
705 | err = datagram_send_ctl(msg, &fl, opt, &hlimit); | |
706 | if (err < 0) { | |
707 | fl6_sock_release(flowlabel); | |
708 | return err; | |
709 | } | |
710 | if ((fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) && !flowlabel) { | |
711 | flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel); | |
712 | if (flowlabel == NULL) | |
713 | return -EINVAL; | |
714 | } | |
715 | if (!(opt->opt_nflen|opt->opt_flen)) | |
716 | opt = NULL; | |
717 | } | |
718 | if (opt == NULL) | |
719 | opt = np->opt; | |
720 | if (flowlabel) | |
721 | opt = fl6_merge_options(&opt_space, flowlabel, opt); | |
722 | ||
723 | fl.proto = proto; | |
724 | rawv6_probe_proto_opt(&fl, msg); | |
725 | ||
726 | ipv6_addr_copy(&fl.fl6_dst, daddr); | |
727 | if (ipv6_addr_any(&fl.fl6_src) && !ipv6_addr_any(&np->saddr)) | |
728 | ipv6_addr_copy(&fl.fl6_src, &np->saddr); | |
729 | ||
730 | /* merge ip6_build_xmit from ip6_output */ | |
731 | if (opt && opt->srcrt) { | |
732 | struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt; | |
733 | ipv6_addr_copy(&final, &fl.fl6_dst); | |
734 | ipv6_addr_copy(&fl.fl6_dst, rt0->addr); | |
735 | final_p = &final; | |
736 | } | |
737 | ||
738 | if (!fl.oif && ipv6_addr_is_multicast(&fl.fl6_dst)) | |
739 | fl.oif = np->mcast_oif; | |
740 | ||
741 | err = ip6_dst_lookup(sk, &dst, &fl); | |
742 | if (err) | |
743 | goto out; | |
744 | if (final_p) | |
745 | ipv6_addr_copy(&fl.fl6_dst, final_p); | |
746 | ||
747 | if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) { | |
748 | dst_release(dst); | |
749 | goto out; | |
750 | } | |
751 | ||
752 | if (hlimit < 0) { | |
753 | if (ipv6_addr_is_multicast(&fl.fl6_dst)) | |
754 | hlimit = np->mcast_hops; | |
755 | else | |
756 | hlimit = np->hop_limit; | |
757 | if (hlimit < 0) | |
758 | hlimit = dst_metric(dst, RTAX_HOPLIMIT); | |
759 | if (hlimit < 0) | |
760 | hlimit = ipv6_get_hoplimit(dst->dev); | |
761 | } | |
762 | ||
763 | if (msg->msg_flags&MSG_CONFIRM) | |
764 | goto do_confirm; | |
765 | ||
766 | back_from_confirm: | |
767 | if (inet->hdrincl) { | |
768 | err = rawv6_send_hdrinc(sk, msg->msg_iov, len, &fl, (struct rt6_info*)dst, msg->msg_flags); | |
769 | } else { | |
770 | lock_sock(sk); | |
771 | err = ip6_append_data(sk, ip_generic_getfrag, msg->msg_iov, len, 0, | |
772 | hlimit, opt, &fl, (struct rt6_info*)dst, msg->msg_flags); | |
773 | ||
774 | if (err) | |
775 | ip6_flush_pending_frames(sk); | |
776 | else if (!(msg->msg_flags & MSG_MORE)) | |
777 | err = rawv6_push_pending_frames(sk, &fl, rp, len); | |
778 | } | |
779 | done: | |
780 | ip6_dst_store(sk, dst, | |
781 | ipv6_addr_equal(&fl.fl6_dst, &np->daddr) ? | |
782 | &np->daddr : NULL); | |
783 | if (err > 0) | |
784 | err = np->recverr ? net_xmit_errno(err) : 0; | |
785 | ||
786 | release_sock(sk); | |
787 | out: | |
788 | fl6_sock_release(flowlabel); | |
789 | return err<0?err:len; | |
790 | do_confirm: | |
791 | dst_confirm(dst); | |
792 | if (!(msg->msg_flags & MSG_PROBE) || len) | |
793 | goto back_from_confirm; | |
794 | err = 0; | |
795 | goto done; | |
796 | } | |
797 | ||
798 | static int rawv6_seticmpfilter(struct sock *sk, int level, int optname, | |
799 | char __user *optval, int optlen) | |
800 | { | |
801 | switch (optname) { | |
802 | case ICMPV6_FILTER: | |
803 | if (optlen > sizeof(struct icmp6_filter)) | |
804 | optlen = sizeof(struct icmp6_filter); | |
805 | if (copy_from_user(&raw6_sk(sk)->filter, optval, optlen)) | |
806 | return -EFAULT; | |
807 | return 0; | |
808 | default: | |
809 | return -ENOPROTOOPT; | |
810 | }; | |
811 | ||
812 | return 0; | |
813 | } | |
814 | ||
815 | static int rawv6_geticmpfilter(struct sock *sk, int level, int optname, | |
816 | char __user *optval, int __user *optlen) | |
817 | { | |
818 | int len; | |
819 | ||
820 | switch (optname) { | |
821 | case ICMPV6_FILTER: | |
822 | if (get_user(len, optlen)) | |
823 | return -EFAULT; | |
824 | if (len < 0) | |
825 | return -EINVAL; | |
826 | if (len > sizeof(struct icmp6_filter)) | |
827 | len = sizeof(struct icmp6_filter); | |
828 | if (put_user(len, optlen)) | |
829 | return -EFAULT; | |
830 | if (copy_to_user(optval, &raw6_sk(sk)->filter, len)) | |
831 | return -EFAULT; | |
832 | return 0; | |
833 | default: | |
834 | return -ENOPROTOOPT; | |
835 | }; | |
836 | ||
837 | return 0; | |
838 | } | |
839 | ||
840 | ||
841 | static int rawv6_setsockopt(struct sock *sk, int level, int optname, | |
842 | char __user *optval, int optlen) | |
843 | { | |
844 | struct raw6_sock *rp = raw6_sk(sk); | |
845 | int val; | |
846 | ||
847 | switch(level) { | |
848 | case SOL_RAW: | |
849 | break; | |
850 | ||
851 | case SOL_ICMPV6: | |
852 | if (inet_sk(sk)->num != IPPROTO_ICMPV6) | |
853 | return -EOPNOTSUPP; | |
854 | return rawv6_seticmpfilter(sk, level, optname, optval, | |
855 | optlen); | |
856 | case SOL_IPV6: | |
857 | if (optname == IPV6_CHECKSUM) | |
858 | break; | |
859 | default: | |
860 | return ipv6_setsockopt(sk, level, optname, optval, | |
861 | optlen); | |
862 | }; | |
863 | ||
864 | if (get_user(val, (int __user *)optval)) | |
865 | return -EFAULT; | |
866 | ||
867 | switch (optname) { | |
868 | case IPV6_CHECKSUM: | |
869 | /* You may get strange result with a positive odd offset; | |
870 | RFC2292bis agrees with me. */ | |
871 | if (val > 0 && (val&1)) | |
872 | return(-EINVAL); | |
873 | if (val < 0) { | |
874 | rp->checksum = 0; | |
875 | } else { | |
876 | rp->checksum = 1; | |
877 | rp->offset = val; | |
878 | } | |
879 | ||
880 | return 0; | |
881 | break; | |
882 | ||
883 | default: | |
884 | return(-ENOPROTOOPT); | |
885 | } | |
886 | } | |
887 | ||
888 | static int rawv6_getsockopt(struct sock *sk, int level, int optname, | |
889 | char __user *optval, int __user *optlen) | |
890 | { | |
891 | struct raw6_sock *rp = raw6_sk(sk); | |
892 | int val, len; | |
893 | ||
894 | switch(level) { | |
895 | case SOL_RAW: | |
896 | break; | |
897 | ||
898 | case SOL_ICMPV6: | |
899 | if (inet_sk(sk)->num != IPPROTO_ICMPV6) | |
900 | return -EOPNOTSUPP; | |
901 | return rawv6_geticmpfilter(sk, level, optname, optval, | |
902 | optlen); | |
903 | case SOL_IPV6: | |
904 | if (optname == IPV6_CHECKSUM) | |
905 | break; | |
906 | default: | |
907 | return ipv6_getsockopt(sk, level, optname, optval, | |
908 | optlen); | |
909 | }; | |
910 | ||
911 | if (get_user(len,optlen)) | |
912 | return -EFAULT; | |
913 | ||
914 | switch (optname) { | |
915 | case IPV6_CHECKSUM: | |
916 | if (rp->checksum == 0) | |
917 | val = -1; | |
918 | else | |
919 | val = rp->offset; | |
920 | break; | |
921 | ||
922 | default: | |
923 | return -ENOPROTOOPT; | |
924 | } | |
925 | ||
926 | len = min_t(unsigned int, sizeof(int), len); | |
927 | ||
928 | if (put_user(len, optlen)) | |
929 | return -EFAULT; | |
930 | if (copy_to_user(optval,&val,len)) | |
931 | return -EFAULT; | |
932 | return 0; | |
933 | } | |
934 | ||
935 | static int rawv6_ioctl(struct sock *sk, int cmd, unsigned long arg) | |
936 | { | |
937 | switch(cmd) { | |
938 | case SIOCOUTQ: | |
939 | { | |
940 | int amount = atomic_read(&sk->sk_wmem_alloc); | |
941 | return put_user(amount, (int __user *)arg); | |
942 | } | |
943 | case SIOCINQ: | |
944 | { | |
945 | struct sk_buff *skb; | |
946 | int amount = 0; | |
947 | ||
948 | spin_lock_irq(&sk->sk_receive_queue.lock); | |
949 | skb = skb_peek(&sk->sk_receive_queue); | |
950 | if (skb != NULL) | |
951 | amount = skb->tail - skb->h.raw; | |
952 | spin_unlock_irq(&sk->sk_receive_queue.lock); | |
953 | return put_user(amount, (int __user *)arg); | |
954 | } | |
955 | ||
956 | default: | |
957 | return -ENOIOCTLCMD; | |
958 | } | |
959 | } | |
960 | ||
961 | static void rawv6_close(struct sock *sk, long timeout) | |
962 | { | |
963 | if (inet_sk(sk)->num == IPPROTO_RAW) | |
964 | ip6_ra_control(sk, -1, NULL); | |
965 | ||
966 | sk_common_release(sk); | |
967 | } | |
968 | ||
969 | static int rawv6_init_sk(struct sock *sk) | |
970 | { | |
971 | if (inet_sk(sk)->num == IPPROTO_ICMPV6) { | |
972 | struct raw6_sock *rp = raw6_sk(sk); | |
973 | rp->checksum = 1; | |
974 | rp->offset = 2; | |
975 | } | |
976 | return(0); | |
977 | } | |
978 | ||
979 | struct proto rawv6_prot = { | |
980 | .name = "RAWv6", | |
981 | .owner = THIS_MODULE, | |
982 | .close = rawv6_close, | |
983 | .connect = ip6_datagram_connect, | |
984 | .disconnect = udp_disconnect, | |
985 | .ioctl = rawv6_ioctl, | |
986 | .init = rawv6_init_sk, | |
987 | .destroy = inet6_destroy_sock, | |
988 | .setsockopt = rawv6_setsockopt, | |
989 | .getsockopt = rawv6_getsockopt, | |
990 | .sendmsg = rawv6_sendmsg, | |
991 | .recvmsg = rawv6_recvmsg, | |
992 | .bind = rawv6_bind, | |
993 | .backlog_rcv = rawv6_rcv_skb, | |
994 | .hash = raw_v6_hash, | |
995 | .unhash = raw_v6_unhash, | |
996 | .obj_size = sizeof(struct raw6_sock), | |
997 | }; | |
998 | ||
999 | #ifdef CONFIG_PROC_FS | |
1000 | struct raw6_iter_state { | |
1001 | int bucket; | |
1002 | }; | |
1003 | ||
1004 | #define raw6_seq_private(seq) ((struct raw6_iter_state *)(seq)->private) | |
1005 | ||
1006 | static struct sock *raw6_get_first(struct seq_file *seq) | |
1007 | { | |
1008 | struct sock *sk; | |
1009 | struct hlist_node *node; | |
1010 | struct raw6_iter_state* state = raw6_seq_private(seq); | |
1011 | ||
1012 | for (state->bucket = 0; state->bucket < RAWV6_HTABLE_SIZE; ++state->bucket) | |
1013 | sk_for_each(sk, node, &raw_v6_htable[state->bucket]) | |
1014 | if (sk->sk_family == PF_INET6) | |
1015 | goto out; | |
1016 | sk = NULL; | |
1017 | out: | |
1018 | return sk; | |
1019 | } | |
1020 | ||
1021 | static struct sock *raw6_get_next(struct seq_file *seq, struct sock *sk) | |
1022 | { | |
1023 | struct raw6_iter_state* state = raw6_seq_private(seq); | |
1024 | ||
1025 | do { | |
1026 | sk = sk_next(sk); | |
1027 | try_again: | |
1028 | ; | |
1029 | } while (sk && sk->sk_family != PF_INET6); | |
1030 | ||
1031 | if (!sk && ++state->bucket < RAWV6_HTABLE_SIZE) { | |
1032 | sk = sk_head(&raw_v6_htable[state->bucket]); | |
1033 | goto try_again; | |
1034 | } | |
1035 | return sk; | |
1036 | } | |
1037 | ||
1038 | static struct sock *raw6_get_idx(struct seq_file *seq, loff_t pos) | |
1039 | { | |
1040 | struct sock *sk = raw6_get_first(seq); | |
1041 | if (sk) | |
1042 | while (pos && (sk = raw6_get_next(seq, sk)) != NULL) | |
1043 | --pos; | |
1044 | return pos ? NULL : sk; | |
1045 | } | |
1046 | ||
1047 | static void *raw6_seq_start(struct seq_file *seq, loff_t *pos) | |
1048 | { | |
1049 | read_lock(&raw_v6_lock); | |
1050 | return *pos ? raw6_get_idx(seq, *pos - 1) : SEQ_START_TOKEN; | |
1051 | } | |
1052 | ||
1053 | static void *raw6_seq_next(struct seq_file *seq, void *v, loff_t *pos) | |
1054 | { | |
1055 | struct sock *sk; | |
1056 | ||
1057 | if (v == SEQ_START_TOKEN) | |
1058 | sk = raw6_get_first(seq); | |
1059 | else | |
1060 | sk = raw6_get_next(seq, v); | |
1061 | ++*pos; | |
1062 | return sk; | |
1063 | } | |
1064 | ||
1065 | static void raw6_seq_stop(struct seq_file *seq, void *v) | |
1066 | { | |
1067 | read_unlock(&raw_v6_lock); | |
1068 | } | |
1069 | ||
1070 | static void raw6_sock_seq_show(struct seq_file *seq, struct sock *sp, int i) | |
1071 | { | |
1072 | struct ipv6_pinfo *np = inet6_sk(sp); | |
1073 | struct in6_addr *dest, *src; | |
1074 | __u16 destp, srcp; | |
1075 | ||
1076 | dest = &np->daddr; | |
1077 | src = &np->rcv_saddr; | |
1078 | destp = 0; | |
1079 | srcp = inet_sk(sp)->num; | |
1080 | seq_printf(seq, | |
1081 | "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " | |
1082 | "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p\n", | |
1083 | i, | |
1084 | src->s6_addr32[0], src->s6_addr32[1], | |
1085 | src->s6_addr32[2], src->s6_addr32[3], srcp, | |
1086 | dest->s6_addr32[0], dest->s6_addr32[1], | |
1087 | dest->s6_addr32[2], dest->s6_addr32[3], destp, | |
1088 | sp->sk_state, | |
1089 | atomic_read(&sp->sk_wmem_alloc), | |
1090 | atomic_read(&sp->sk_rmem_alloc), | |
1091 | 0, 0L, 0, | |
1092 | sock_i_uid(sp), 0, | |
1093 | sock_i_ino(sp), | |
1094 | atomic_read(&sp->sk_refcnt), sp); | |
1095 | } | |
1096 | ||
1097 | static int raw6_seq_show(struct seq_file *seq, void *v) | |
1098 | { | |
1099 | if (v == SEQ_START_TOKEN) | |
1100 | seq_printf(seq, | |
1101 | " sl " | |
1102 | "local_address " | |
1103 | "remote_address " | |
1104 | "st tx_queue rx_queue tr tm->when retrnsmt" | |
1105 | " uid timeout inode\n"); | |
1106 | else | |
1107 | raw6_sock_seq_show(seq, v, raw6_seq_private(seq)->bucket); | |
1108 | return 0; | |
1109 | } | |
1110 | ||
1111 | static struct seq_operations raw6_seq_ops = { | |
1112 | .start = raw6_seq_start, | |
1113 | .next = raw6_seq_next, | |
1114 | .stop = raw6_seq_stop, | |
1115 | .show = raw6_seq_show, | |
1116 | }; | |
1117 | ||
1118 | static int raw6_seq_open(struct inode *inode, struct file *file) | |
1119 | { | |
1120 | struct seq_file *seq; | |
1121 | int rc = -ENOMEM; | |
1122 | struct raw6_iter_state *s = kmalloc(sizeof(*s), GFP_KERNEL); | |
1123 | if (!s) | |
1124 | goto out; | |
1125 | rc = seq_open(file, &raw6_seq_ops); | |
1126 | if (rc) | |
1127 | goto out_kfree; | |
1128 | seq = file->private_data; | |
1129 | seq->private = s; | |
1130 | memset(s, 0, sizeof(*s)); | |
1131 | out: | |
1132 | return rc; | |
1133 | out_kfree: | |
1134 | kfree(s); | |
1135 | goto out; | |
1136 | } | |
1137 | ||
1138 | static struct file_operations raw6_seq_fops = { | |
1139 | .owner = THIS_MODULE, | |
1140 | .open = raw6_seq_open, | |
1141 | .read = seq_read, | |
1142 | .llseek = seq_lseek, | |
1143 | .release = seq_release_private, | |
1144 | }; | |
1145 | ||
1146 | int __init raw6_proc_init(void) | |
1147 | { | |
1148 | if (!proc_net_fops_create("raw6", S_IRUGO, &raw6_seq_fops)) | |
1149 | return -ENOMEM; | |
1150 | return 0; | |
1151 | } | |
1152 | ||
1153 | void raw6_proc_exit(void) | |
1154 | { | |
1155 | proc_net_remove("raw6"); | |
1156 | } | |
1157 | #endif /* CONFIG_PROC_FS */ |