]>
git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/blob - net/compat.c
1 // SPDX-License-Identifier: GPL-2.0-only
3 * 32bit Socket syscall emulation. Based on arch/sparc64/kernel/sys_sparc32.c.
5 * Copyright (C) 2000 VA Linux Co
6 * Copyright (C) 2000 Don Dugger <n0ano@valinux.com>
7 * Copyright (C) 1999 Arun Sharma <arun.sharma@intel.com>
8 * Copyright (C) 1997,1998 Jakub Jelinek (jj@sunsite.mff.cuni.cz)
9 * Copyright (C) 1997 David S. Miller (davem@caip.rutgers.edu)
10 * Copyright (C) 2000 Hewlett-Packard Co.
11 * Copyright (C) 2000 David Mosberger-Tang <davidm@hpl.hp.com>
12 * Copyright (C) 2000,2001 Andi Kleen, SuSE Labs
15 #include <linux/kernel.h>
16 #include <linux/gfp.h>
18 #include <linux/types.h>
19 #include <linux/file.h>
20 #include <linux/icmpv6.h>
21 #include <linux/socket.h>
22 #include <linux/syscalls.h>
23 #include <linux/filter.h>
24 #include <linux/compat.h>
25 #include <linux/security.h>
26 #include <linux/audit.h>
27 #include <linux/export.h>
33 #include <linux/uaccess.h>
34 #include <net/compat.h>
36 int __get_compat_msghdr(struct msghdr
*kmsg
,
37 struct compat_msghdr __user
*umsg
,
38 struct sockaddr __user
**save_addr
,
39 compat_uptr_t
*ptr
, compat_size_t
*len
)
41 struct compat_msghdr msg
;
44 if (copy_from_user(&msg
, umsg
, sizeof(*umsg
)))
47 kmsg
->msg_flags
= msg
.msg_flags
;
48 kmsg
->msg_namelen
= msg
.msg_namelen
;
51 kmsg
->msg_namelen
= 0;
53 if (kmsg
->msg_namelen
< 0)
56 if (kmsg
->msg_namelen
> sizeof(struct sockaddr_storage
))
57 kmsg
->msg_namelen
= sizeof(struct sockaddr_storage
);
59 kmsg
->msg_control_is_user
= true;
60 kmsg
->msg_control_user
= compat_ptr(msg
.msg_control
);
61 kmsg
->msg_controllen
= msg
.msg_controllen
;
64 *save_addr
= compat_ptr(msg
.msg_name
);
66 if (msg
.msg_name
&& kmsg
->msg_namelen
) {
68 err
= move_addr_to_kernel(compat_ptr(msg
.msg_name
),
75 kmsg
->msg_name
= NULL
;
76 kmsg
->msg_namelen
= 0;
79 if (msg
.msg_iovlen
> UIO_MAXIOV
)
82 kmsg
->msg_iocb
= NULL
;
84 *len
= msg
.msg_iovlen
;
88 int get_compat_msghdr(struct msghdr
*kmsg
,
89 struct compat_msghdr __user
*umsg
,
90 struct sockaddr __user
**save_addr
,
97 err
= __get_compat_msghdr(kmsg
, umsg
, save_addr
, &ptr
, &len
);
101 err
= compat_import_iovec(save_addr
? READ
: WRITE
, compat_ptr(ptr
),
102 len
, UIO_FASTIOV
, iov
, &kmsg
->msg_iter
);
103 return err
< 0 ? err
: 0;
107 #define CMSG_COMPAT_ALIGN(len) ALIGN((len), sizeof(s32))
109 #define CMSG_COMPAT_DATA(cmsg) \
110 ((void __user *)((char __user *)(cmsg) + sizeof(struct compat_cmsghdr)))
111 #define CMSG_COMPAT_SPACE(len) \
112 (sizeof(struct compat_cmsghdr) + CMSG_COMPAT_ALIGN(len))
113 #define CMSG_COMPAT_LEN(len) \
114 (sizeof(struct compat_cmsghdr) + (len))
116 #define CMSG_COMPAT_FIRSTHDR(msg) \
117 (((msg)->msg_controllen) >= sizeof(struct compat_cmsghdr) ? \
118 (struct compat_cmsghdr __user *)((msg)->msg_control) : \
119 (struct compat_cmsghdr __user *)NULL)
121 #define CMSG_COMPAT_OK(ucmlen, ucmsg, mhdr) \
122 ((ucmlen) >= sizeof(struct compat_cmsghdr) && \
123 (ucmlen) <= (unsigned long) \
124 ((mhdr)->msg_controllen - \
125 ((char __user *)(ucmsg) - (char __user *)(mhdr)->msg_control_user)))
127 static inline struct compat_cmsghdr __user
*cmsg_compat_nxthdr(struct msghdr
*msg
,
128 struct compat_cmsghdr __user
*cmsg
, int cmsg_len
)
130 char __user
*ptr
= (char __user
*)cmsg
+ CMSG_COMPAT_ALIGN(cmsg_len
);
131 if ((unsigned long)(ptr
+ 1 - (char __user
*)msg
->msg_control
) >
134 return (struct compat_cmsghdr __user
*)ptr
;
137 /* There is a lot of hair here because the alignment rules (and
138 * thus placement) of cmsg headers and length are different for
139 * 32-bit apps. -DaveM
141 int cmsghdr_from_user_compat_to_kern(struct msghdr
*kmsg
, struct sock
*sk
,
142 unsigned char *stackbuf
, int stackbuf_size
)
144 struct compat_cmsghdr __user
*ucmsg
;
145 struct cmsghdr
*kcmsg
, *kcmsg_base
;
146 compat_size_t ucmlen
;
147 __kernel_size_t kcmlen
, tmp
;
150 BUILD_BUG_ON(sizeof(struct compat_cmsghdr
) !=
151 CMSG_COMPAT_ALIGN(sizeof(struct compat_cmsghdr
)));
154 kcmsg_base
= kcmsg
= (struct cmsghdr
*)stackbuf
;
155 ucmsg
= CMSG_COMPAT_FIRSTHDR(kmsg
);
156 while (ucmsg
!= NULL
) {
157 if (get_user(ucmlen
, &ucmsg
->cmsg_len
))
161 if (!CMSG_COMPAT_OK(ucmlen
, ucmsg
, kmsg
))
164 tmp
= ((ucmlen
- sizeof(*ucmsg
)) + sizeof(struct cmsghdr
));
165 tmp
= CMSG_ALIGN(tmp
);
167 ucmsg
= cmsg_compat_nxthdr(kmsg
, ucmsg
, ucmlen
);
172 /* The kcmlen holds the 64-bit version of the control length.
173 * It may not be modified as we do not stick it into the kmsg
174 * until we have successfully copied over all of the data
177 if (kcmlen
> stackbuf_size
)
178 kcmsg_base
= kcmsg
= sock_kmalloc(sk
, kcmlen
, GFP_KERNEL
);
182 /* Now copy them over neatly. */
183 memset(kcmsg
, 0, kcmlen
);
184 ucmsg
= CMSG_COMPAT_FIRSTHDR(kmsg
);
185 while (ucmsg
!= NULL
) {
186 struct compat_cmsghdr cmsg
;
187 if (copy_from_user(&cmsg
, ucmsg
, sizeof(cmsg
)))
189 if (!CMSG_COMPAT_OK(cmsg
.cmsg_len
, ucmsg
, kmsg
))
191 tmp
= ((cmsg
.cmsg_len
- sizeof(*ucmsg
)) + sizeof(struct cmsghdr
));
192 if ((char *)kcmsg_base
+ kcmlen
- (char *)kcmsg
< CMSG_ALIGN(tmp
))
194 kcmsg
->cmsg_len
= tmp
;
195 kcmsg
->cmsg_level
= cmsg
.cmsg_level
;
196 kcmsg
->cmsg_type
= cmsg
.cmsg_type
;
197 tmp
= CMSG_ALIGN(tmp
);
198 if (copy_from_user(CMSG_DATA(kcmsg
),
199 CMSG_COMPAT_DATA(ucmsg
),
200 (cmsg
.cmsg_len
- sizeof(*ucmsg
))))
204 kcmsg
= (struct cmsghdr
*)((char *)kcmsg
+ tmp
);
205 ucmsg
= cmsg_compat_nxthdr(kmsg
, ucmsg
, cmsg
.cmsg_len
);
209 * check the length of messages copied in is the same as the
210 * what we get from the first loop
212 if ((char *)kcmsg
- (char *)kcmsg_base
!= kcmlen
)
215 /* Ok, looks like we made it. Hook it up and return success. */
216 kmsg
->msg_control
= kcmsg_base
;
217 kmsg
->msg_controllen
= kcmlen
;
223 if (kcmsg_base
!= (struct cmsghdr
*)stackbuf
)
224 sock_kfree_s(sk
, kcmsg_base
, kcmlen
);
228 int put_cmsg_compat(struct msghdr
*kmsg
, int level
, int type
, int len
, void *data
)
230 struct compat_cmsghdr __user
*cm
= (struct compat_cmsghdr __user
*) kmsg
->msg_control
;
231 struct compat_cmsghdr cmhdr
;
232 struct old_timeval32 ctv
;
233 struct old_timespec32 cts
[3];
236 if (cm
== NULL
|| kmsg
->msg_controllen
< sizeof(*cm
)) {
237 kmsg
->msg_flags
|= MSG_CTRUNC
;
238 return 0; /* XXX: return error? check spec. */
241 if (!COMPAT_USE_64BIT_TIME
) {
242 if (level
== SOL_SOCKET
&& type
== SO_TIMESTAMP_OLD
) {
243 struct __kernel_old_timeval
*tv
= (struct __kernel_old_timeval
*)data
;
244 ctv
.tv_sec
= tv
->tv_sec
;
245 ctv
.tv_usec
= tv
->tv_usec
;
249 if (level
== SOL_SOCKET
&&
250 (type
== SO_TIMESTAMPNS_OLD
|| type
== SO_TIMESTAMPING_OLD
)) {
251 int count
= type
== SO_TIMESTAMPNS_OLD
? 1 : 3;
253 struct __kernel_old_timespec
*ts
= data
;
254 for (i
= 0; i
< count
; i
++) {
255 cts
[i
].tv_sec
= ts
[i
].tv_sec
;
256 cts
[i
].tv_nsec
= ts
[i
].tv_nsec
;
259 len
= sizeof(cts
[0]) * count
;
263 cmlen
= CMSG_COMPAT_LEN(len
);
264 if (kmsg
->msg_controllen
< cmlen
) {
265 kmsg
->msg_flags
|= MSG_CTRUNC
;
266 cmlen
= kmsg
->msg_controllen
;
268 cmhdr
.cmsg_level
= level
;
269 cmhdr
.cmsg_type
= type
;
270 cmhdr
.cmsg_len
= cmlen
;
272 if (copy_to_user(cm
, &cmhdr
, sizeof cmhdr
))
274 if (copy_to_user(CMSG_COMPAT_DATA(cm
), data
, cmlen
- sizeof(struct compat_cmsghdr
)))
276 cmlen
= CMSG_COMPAT_SPACE(len
);
277 if (kmsg
->msg_controllen
< cmlen
)
278 cmlen
= kmsg
->msg_controllen
;
279 kmsg
->msg_control
+= cmlen
;
280 kmsg
->msg_controllen
-= cmlen
;
284 static int scm_max_fds_compat(struct msghdr
*msg
)
286 if (msg
->msg_controllen
<= sizeof(struct compat_cmsghdr
))
288 return (msg
->msg_controllen
- sizeof(struct compat_cmsghdr
)) / sizeof(int);
291 void scm_detach_fds_compat(struct msghdr
*msg
, struct scm_cookie
*scm
)
293 struct compat_cmsghdr __user
*cm
=
294 (struct compat_cmsghdr __user
*)msg
->msg_control
;
295 unsigned int o_flags
= (msg
->msg_flags
& MSG_CMSG_CLOEXEC
) ? O_CLOEXEC
: 0;
296 int fdmax
= min_t(int, scm_max_fds_compat(msg
), scm
->fp
->count
);
297 int __user
*cmsg_data
= CMSG_USER_DATA(cm
);
300 for (i
= 0; i
< fdmax
; i
++) {
301 err
= receive_fd_user(scm
->fp
->fp
[i
], cmsg_data
+ i
, o_flags
);
307 int cmlen
= CMSG_COMPAT_LEN(i
* sizeof(int));
309 err
= put_user(SOL_SOCKET
, &cm
->cmsg_level
);
311 err
= put_user(SCM_RIGHTS
, &cm
->cmsg_type
);
313 err
= put_user(cmlen
, &cm
->cmsg_len
);
315 cmlen
= CMSG_COMPAT_SPACE(i
* sizeof(int));
316 if (msg
->msg_controllen
< cmlen
)
317 cmlen
= msg
->msg_controllen
;
318 msg
->msg_control
+= cmlen
;
319 msg
->msg_controllen
-= cmlen
;
323 if (i
< scm
->fp
->count
|| (scm
->fp
->count
&& fdmax
<= 0))
324 msg
->msg_flags
|= MSG_CTRUNC
;
327 * All of the files that fit in the message have had their usage counts
328 * incremented, so we just free the list.
333 /* allocate a 64-bit sock_fprog on the user stack for duration of syscall. */
334 struct sock_fprog __user
*get_compat_bpf_fprog(char __user
*optval
)
336 struct compat_sock_fprog __user
*fprog32
= (struct compat_sock_fprog __user
*)optval
;
337 struct sock_fprog __user
*kfprog
= compat_alloc_user_space(sizeof(struct sock_fprog
));
338 struct compat_sock_fprog f32
;
341 if (copy_from_user(&f32
, fprog32
, sizeof(*fprog32
)))
343 memset(&f
, 0, sizeof(f
));
345 f
.filter
= compat_ptr(f32
.filter
);
346 if (copy_to_user(kfprog
, &f
, sizeof(struct sock_fprog
)))
351 EXPORT_SYMBOL_GPL(get_compat_bpf_fprog
);
353 static int do_set_attach_filter(struct socket
*sock
, int level
, int optname
,
354 char __user
*optval
, unsigned int optlen
)
356 struct sock_fprog __user
*kfprog
;
358 kfprog
= get_compat_bpf_fprog(optval
);
362 return sock_setsockopt(sock
, level
, optname
, (char __user
*)kfprog
,
363 sizeof(struct sock_fprog
));
366 static int compat_sock_setsockopt(struct socket
*sock
, int level
, int optname
,
367 char __user
*optval
, unsigned int optlen
)
369 if (optname
== SO_ATTACH_FILTER
||
370 optname
== SO_ATTACH_REUSEPORT_CBPF
)
371 return do_set_attach_filter(sock
, level
, optname
,
373 return sock_setsockopt(sock
, level
, optname
, optval
, optlen
);
376 static int __compat_sys_setsockopt(int fd
, int level
, int optname
,
377 char __user
*optval
, unsigned int optlen
)
382 if (optlen
> INT_MAX
)
385 sock
= sockfd_lookup(fd
, &err
);
387 err
= security_socket_setsockopt(sock
, level
, optname
);
393 if (level
== SOL_SOCKET
)
394 err
= compat_sock_setsockopt(sock
, level
,
395 optname
, optval
, optlen
);
396 else if (sock
->ops
->compat_setsockopt
)
397 err
= sock
->ops
->compat_setsockopt(sock
, level
,
398 optname
, optval
, optlen
);
400 err
= sock
->ops
->setsockopt(sock
, level
,
401 optname
, optval
, optlen
);
407 COMPAT_SYSCALL_DEFINE5(setsockopt
, int, fd
, int, level
, int, optname
,
408 char __user
*, optval
, unsigned int, optlen
)
410 return __compat_sys_setsockopt(fd
, level
, optname
, optval
, optlen
);
413 static int __compat_sys_getsockopt(int fd
, int level
, int optname
,
418 struct socket
*sock
= sockfd_lookup(fd
, &err
);
421 err
= security_socket_getsockopt(sock
, level
, optname
);
427 if (level
== SOL_SOCKET
)
428 err
= sock_getsockopt(sock
, level
,
429 optname
, optval
, optlen
);
430 else if (sock
->ops
->compat_getsockopt
)
431 err
= sock
->ops
->compat_getsockopt(sock
, level
,
432 optname
, optval
, optlen
);
434 err
= sock
->ops
->getsockopt(sock
, level
,
435 optname
, optval
, optlen
);
441 COMPAT_SYSCALL_DEFINE5(getsockopt
, int, fd
, int, level
, int, optname
,
442 char __user
*, optval
, int __user
*, optlen
)
444 return __compat_sys_getsockopt(fd
, level
, optname
, optval
, optlen
);
447 /* Argument list sizes for compat_sys_socketcall */
448 #define AL(x) ((x) * sizeof(u32))
449 static unsigned char nas
[21] = {
450 AL(0), AL(3), AL(3), AL(3), AL(2), AL(3),
451 AL(3), AL(3), AL(4), AL(4), AL(4), AL(6),
452 AL(6), AL(2), AL(5), AL(5), AL(3), AL(3),
457 static inline long __compat_sys_sendmsg(int fd
,
458 struct compat_msghdr __user
*msg
,
461 return __sys_sendmsg(fd
, (struct user_msghdr __user
*)msg
,
462 flags
| MSG_CMSG_COMPAT
, false);
465 COMPAT_SYSCALL_DEFINE3(sendmsg
, int, fd
, struct compat_msghdr __user
*, msg
,
468 return __compat_sys_sendmsg(fd
, msg
, flags
);
471 static inline long __compat_sys_sendmmsg(int fd
,
472 struct compat_mmsghdr __user
*mmsg
,
473 unsigned int vlen
, unsigned int flags
)
475 return __sys_sendmmsg(fd
, (struct mmsghdr __user
*)mmsg
, vlen
,
476 flags
| MSG_CMSG_COMPAT
, false);
479 COMPAT_SYSCALL_DEFINE4(sendmmsg
, int, fd
, struct compat_mmsghdr __user
*, mmsg
,
480 unsigned int, vlen
, unsigned int, flags
)
482 return __compat_sys_sendmmsg(fd
, mmsg
, vlen
, flags
);
485 static inline long __compat_sys_recvmsg(int fd
,
486 struct compat_msghdr __user
*msg
,
489 return __sys_recvmsg(fd
, (struct user_msghdr __user
*)msg
,
490 flags
| MSG_CMSG_COMPAT
, false);
493 COMPAT_SYSCALL_DEFINE3(recvmsg
, int, fd
, struct compat_msghdr __user
*, msg
,
496 return __compat_sys_recvmsg(fd
, msg
, flags
);
499 static inline long __compat_sys_recvfrom(int fd
, void __user
*buf
,
500 compat_size_t len
, unsigned int flags
,
501 struct sockaddr __user
*addr
,
504 return __sys_recvfrom(fd
, buf
, len
, flags
| MSG_CMSG_COMPAT
, addr
,
508 COMPAT_SYSCALL_DEFINE4(recv
, int, fd
, void __user
*, buf
, compat_size_t
, len
, unsigned int, flags
)
510 return __compat_sys_recvfrom(fd
, buf
, len
, flags
, NULL
, NULL
);
513 COMPAT_SYSCALL_DEFINE6(recvfrom
, int, fd
, void __user
*, buf
, compat_size_t
, len
,
514 unsigned int, flags
, struct sockaddr __user
*, addr
,
515 int __user
*, addrlen
)
517 return __compat_sys_recvfrom(fd
, buf
, len
, flags
, addr
, addrlen
);
520 COMPAT_SYSCALL_DEFINE5(recvmmsg_time64
, int, fd
, struct compat_mmsghdr __user
*, mmsg
,
521 unsigned int, vlen
, unsigned int, flags
,
522 struct __kernel_timespec __user
*, timeout
)
524 return __sys_recvmmsg(fd
, (struct mmsghdr __user
*)mmsg
, vlen
,
525 flags
| MSG_CMSG_COMPAT
, timeout
, NULL
);
528 #ifdef CONFIG_COMPAT_32BIT_TIME
529 COMPAT_SYSCALL_DEFINE5(recvmmsg_time32
, int, fd
, struct compat_mmsghdr __user
*, mmsg
,
530 unsigned int, vlen
, unsigned int, flags
,
531 struct old_timespec32 __user
*, timeout
)
533 return __sys_recvmmsg(fd
, (struct mmsghdr __user
*)mmsg
, vlen
,
534 flags
| MSG_CMSG_COMPAT
, NULL
, timeout
);
538 COMPAT_SYSCALL_DEFINE2(socketcall
, int, call
, u32 __user
*, args
)
545 if (call
< SYS_SOCKET
|| call
> SYS_SENDMMSG
)
551 if (copy_from_user(a
, args
, len
))
554 ret
= audit_socketcall_compat(len
/ sizeof(a
[0]), a
);
563 ret
= __sys_socket(a0
, a1
, a
[2]);
566 ret
= __sys_bind(a0
, compat_ptr(a1
), a
[2]);
569 ret
= __sys_connect(a0
, compat_ptr(a1
), a
[2]);
572 ret
= __sys_listen(a0
, a1
);
575 ret
= __sys_accept4(a0
, compat_ptr(a1
), compat_ptr(a
[2]), 0);
577 case SYS_GETSOCKNAME
:
578 ret
= __sys_getsockname(a0
, compat_ptr(a1
), compat_ptr(a
[2]));
580 case SYS_GETPEERNAME
:
581 ret
= __sys_getpeername(a0
, compat_ptr(a1
), compat_ptr(a
[2]));
584 ret
= __sys_socketpair(a0
, a1
, a
[2], compat_ptr(a
[3]));
587 ret
= __sys_sendto(a0
, compat_ptr(a1
), a
[2], a
[3], NULL
, 0);
590 ret
= __sys_sendto(a0
, compat_ptr(a1
), a
[2], a
[3],
591 compat_ptr(a
[4]), a
[5]);
594 ret
= __compat_sys_recvfrom(a0
, compat_ptr(a1
), a
[2], a
[3],
598 ret
= __compat_sys_recvfrom(a0
, compat_ptr(a1
), a
[2], a
[3],
603 ret
= __sys_shutdown(a0
, a1
);
606 ret
= __compat_sys_setsockopt(a0
, a1
, a
[2],
607 compat_ptr(a
[3]), a
[4]);
610 ret
= __compat_sys_getsockopt(a0
, a1
, a
[2],
615 ret
= __compat_sys_sendmsg(a0
, compat_ptr(a1
), a
[2]);
618 ret
= __compat_sys_sendmmsg(a0
, compat_ptr(a1
), a
[2], a
[3]);
621 ret
= __compat_sys_recvmsg(a0
, compat_ptr(a1
), a
[2]);
624 ret
= __sys_recvmmsg(a0
, compat_ptr(a1
), a
[2],
625 a
[3] | MSG_CMSG_COMPAT
, NULL
,
629 ret
= __sys_accept4(a0
, compat_ptr(a1
), compat_ptr(a
[2]), a
[3]);