[deliverable/linux.git] / net / ipv4 / ip_options.c

/*
 * INET		An implementation of the TCP/IP protocol suite for the LINUX
 *		operating system.  INET is implemented using the  BSD Socket
 *		interface as the means of communication with the user level.
 *
 *		The options processing module for ip.c
 *
 * Version:	$Id: ip_options.c,v 1.21 2001/09/01 00:31:50 davem Exp $
 *
 * Authors:	A.N.Kuznetsov
 *
 */

#include <linux/capability.h>
#include <linux/module.h>
#include <linux/types.h>
#include <asm/uaccess.h>
#include <linux/skbuff.h>
#include <linux/ip.h>
#include <linux/icmp.h>
#include <linux/netdevice.h>
#include <linux/rtnetlink.h>
#include <net/sock.h>
#include <net/ip.h>
#include <net/icmp.h>
#include <net/route.h>
#include <net/cipso_ipv4.h>

/*
 * Write options to IP header, record destination address to
 * source route option, address of outgoing interface
 * (we should already know it, so that this  function is allowed be
 * called only after routing decision) and timestamp,
 * if we originate this datagram.
 *
 * daddr is real destination address, next hop is recorded in IP header.
 * saddr is address of outgoing interface.
 */

void ip_options_build(struct sk_buff * skb, struct ip_options * opt,
			    __be32 daddr, struct rtable *rt, int is_frag)
{
	unsigned char *iph = skb_network_header(skb);

	memcpy(&(IPCB(skb)->opt), opt, sizeof(struct ip_options));
	memcpy(iph+sizeof(struct iphdr), opt->__data, opt->optlen);
	opt = &(IPCB(skb)->opt);
	opt->is_data = 0;

	if (opt->srr)
		memcpy(iph+opt->srr+iph[opt->srr+1]-4, &daddr, 4);

	if (!is_frag) {
		if (opt->rr_needaddr)
			ip_rt_get_source(iph+opt->rr+iph[opt->rr+2]-5, rt);
		if (opt->ts_needaddr)
			ip_rt_get_source(iph+opt->ts+iph[opt->ts+2]-9, rt);
		if (opt->ts_needtime) {
			struct timeval tv;
			__be32 midtime;
			do_gettimeofday(&tv);
			midtime = htonl((tv.tv_sec % 86400) * 1000 + tv.tv_usec / 1000);
			memcpy(iph+opt->ts+iph[opt->ts+2]-5, &midtime, 4);
		}
		return;
	}
	if (opt->rr) {
		memset(iph+opt->rr, IPOPT_NOP, iph[opt->rr+1]);
		opt->rr = 0;
		opt->rr_needaddr = 0;
	}
	if (opt->ts) {
		memset(iph+opt->ts, IPOPT_NOP, iph[opt->ts+1]);
		opt->ts = 0;
		opt->ts_needaddr = opt->ts_needtime = 0;
	}
}

/*
 * Provided (sopt, skb) points to received options,
 * build in dopt compiled option set appropriate for answering.
 * i.e. invert SRR option, copy anothers,
 * and grab room in RR/TS options.
 *
 * NOTE: dopt cannot point to skb.
 */

int ip_options_echo(struct ip_options * dopt, struct sk_buff * skb)
{
	struct ip_options *sopt;
	unsigned char *sptr, *dptr;
	int soffset, doffset;
	int	optlen;
	__be32	daddr;

	memset(dopt, 0, sizeof(struct ip_options));

	dopt->is_data = 1;

	sopt = &(IPCB(skb)->opt);

	if (sopt->optlen == 0) {
		dopt->optlen = 0;
		return 0;
	}

	sptr = skb_network_header(skb);
	dptr = dopt->__data;

	daddr = skb->rtable->rt_spec_dst;

	if (sopt->rr) {
		optlen  = sptr[sopt->rr+1];
		soffset = sptr[sopt->rr+2];
		dopt->rr = dopt->optlen + sizeof(struct iphdr);
		memcpy(dptr, sptr+sopt->rr, optlen);
		if (sopt->rr_needaddr && soffset <= optlen) {
			if (soffset + 3 > optlen)
				return -EINVAL;
			dptr[2] = soffset + 4;
			dopt->rr_needaddr = 1;
		}
		dptr += optlen;
		dopt->optlen += optlen;
	}
	if (sopt->ts) {
		optlen = sptr[sopt->ts+1];
		soffset = sptr[sopt->ts+2];
		dopt->ts = dopt->optlen + sizeof(struct iphdr);
		memcpy(dptr, sptr+sopt->ts, optlen);
		if (soffset <= optlen) {
			if (sopt->ts_needaddr) {
				if (soffset + 3 > optlen)
					return -EINVAL;
				dopt->ts_needaddr = 1;
				soffset += 4;
			}
			if (sopt->ts_needtime) {
				if (soffset + 3 > optlen)
					return -EINVAL;
				if ((dptr[3]&0xF) != IPOPT_TS_PRESPEC) {
					dopt->ts_needtime = 1;
					soffset += 4;
				} else {
					dopt->ts_needtime = 0;

					if (soffset + 8 <= optlen) {
						__be32 addr;

						memcpy(&addr, sptr+soffset-1, 4);
						if (inet_addr_type(&init_net, addr) != RTN_LOCAL) {
							dopt->ts_needtime = 1;
							soffset += 8;
						}
					}
				}
			}
			dptr[2] = soffset;
		}
		dptr += optlen;
		dopt->optlen += optlen;
	}
	if (sopt->srr) {
		unsigned char * start = sptr+sopt->srr;
		__be32 faddr;

		optlen  = start[1];
		soffset = start[2];
		doffset = 0;
		if (soffset > optlen)
			soffset = optlen + 1;
		soffset -= 4;
		if (soffset > 3) {
			memcpy(&faddr, &start[soffset-1], 4);
			for (soffset-=4, doffset=4; soffset > 3; soffset-=4, doffset+=4)
				memcpy(&dptr[doffset-1], &start[soffset-1], 4);
			/*
			 * RFC1812 requires to fix illegal source routes.
			 */
			if (memcmp(&ip_hdr(skb)->saddr,
				   &start[soffset + 3], 4) == 0)
				doffset -= 4;
		}
		if (doffset > 3) {
			memcpy(&start[doffset-1], &daddr, 4);
			dopt->faddr = faddr;
			dptr[0] = start[0];
			dptr[1] = doffset+3;
			dptr[2] = 4;
			dptr += doffset+3;
			dopt->srr = dopt->optlen + sizeof(struct iphdr);
			dopt->optlen += doffset+3;
			dopt->is_strictroute = sopt->is_strictroute;
		}
	}
	if (sopt->cipso) {
		optlen  = sptr[sopt->cipso+1];
		dopt->cipso = dopt->optlen+sizeof(struct iphdr);
		memcpy(dptr, sptr+sopt->cipso, optlen);
		dptr += optlen;
		dopt->optlen += optlen;
	}
	while (dopt->optlen & 3) {
		*dptr++ = IPOPT_END;
		dopt->optlen++;
	}
	return 0;
}

/*
 *	Options "fragmenting", just fill options not
 *	allowed in fragments with NOOPs.
 *	Simple and stupid 8), but the most efficient way.
 */

void ip_options_fragment(struct sk_buff * skb)
{
	unsigned char *optptr = skb_network_header(skb) + sizeof(struct iphdr);
	struct ip_options * opt = &(IPCB(skb)->opt);
	int  l = opt->optlen;
	int  optlen;

	while (l > 0) {
		switch (*optptr) {
		case IPOPT_END:
			return;
		case IPOPT_NOOP:
			l--;
			optptr++;
			continue;
		}
		optlen = optptr[1];
		if (optlen<2 || optlen>l)
		  return;
		if (!IPOPT_COPIED(*optptr))
			memset(optptr, IPOPT_NOOP, optlen);
		l -= optlen;
		optptr += optlen;
	}
	opt->ts = 0;
	opt->rr = 0;
	opt->rr_needaddr = 0;
	opt->ts_needaddr = 0;
	opt->ts_needtime = 0;
	return;
}

/*
 * Verify options and fill pointers in struct options.
 * Caller should clear *opt, and set opt->data.
 * If opt == NULL, then skb->data should point to IP header.
 */

int ip_options_compile(struct ip_options * opt, struct sk_buff * skb)
{
	int l;
	unsigned char * iph;
	unsigned char * optptr;
	int optlen;
	unsigned char * pp_ptr = NULL;
	struct rtable *rt = skb ? skb->rtable : NULL;

	if (!opt) {
		opt = &(IPCB(skb)->opt);
		iph = skb_network_header(skb);
		opt->optlen = ((struct iphdr *)iph)->ihl*4 - sizeof(struct iphdr);
		optptr = iph + sizeof(struct iphdr);
		opt->is_data = 0;
	} else {
		optptr = opt->__data;
		iph = optptr - sizeof(struct iphdr);
	}

	for (l = opt->optlen; l > 0; ) {
		switch (*optptr) {
		      case IPOPT_END:
			for (optptr++, l--; l>0; optptr++, l--) {
				if (*optptr != IPOPT_END) {
					*optptr = IPOPT_END;
					opt->is_changed = 1;
				}
			}
			goto eol;
		      case IPOPT_NOOP:
			l--;
			optptr++;
			continue;
		}
		optlen = optptr[1];
		if (optlen<2 || optlen>l) {
			pp_ptr = optptr;
			goto error;
		}
		switch (*optptr) {
		      case IPOPT_SSRR:
		      case IPOPT_LSRR:
			if (optlen < 3) {
				pp_ptr = optptr + 1;
				goto error;
			}
			if (optptr[2] < 4) {
				pp_ptr = optptr + 2;
				goto error;
			}
			/* NB: cf RFC-1812 5.2.4.1 */
			if (opt->srr) {
				pp_ptr = optptr;
				goto error;
			}
			if (!skb) {
				if (optptr[2] != 4 || optlen < 7 || ((optlen-3) & 3)) {
					pp_ptr = optptr + 1;
					goto error;
				}
				memcpy(&opt->faddr, &optptr[3], 4);
				if (optlen > 7)
					memmove(&optptr[3], &optptr[7], optlen-7);
			}
			opt->is_strictroute = (optptr[0] == IPOPT_SSRR);
			opt->srr = optptr - iph;
			break;
		      case IPOPT_RR:
			if (opt->rr) {
				pp_ptr = optptr;
				goto error;
			}
			if (optlen < 3) {
				pp_ptr = optptr + 1;
				goto error;
			}
			if (optptr[2] < 4) {
				pp_ptr = optptr + 2;
				goto error;
			}
			if (optptr[2] <= optlen) {
				if (optptr[2]+3 > optlen) {
					pp_ptr = optptr + 2;
					goto error;
				}
				if (skb) {
					memcpy(&optptr[optptr[2]-1], &rt->rt_spec_dst, 4);
					opt->is_changed = 1;
				}
				optptr[2] += 4;
				opt->rr_needaddr = 1;
			}
			opt->rr = optptr - iph;
			break;
		      case IPOPT_TIMESTAMP:
			if (opt->ts) {
				pp_ptr = optptr;
				goto error;
			}
			if (optlen < 4) {
				pp_ptr = optptr + 1;
				goto error;
			}
			if (optptr[2] < 5) {
				pp_ptr = optptr + 2;
				goto error;
			}
			if (optptr[2] <= optlen) {
				__be32 *timeptr = NULL;
				if (optptr[2]+3 > optptr[1]) {
					pp_ptr = optptr + 2;
					goto error;
				}
				switch (optptr[3]&0xF) {
				      case IPOPT_TS_TSONLY:
					opt->ts = optptr - iph;
					if (skb)
						timeptr = (__be32*)&optptr[optptr[2]-1];
					opt->ts_needtime = 1;
					optptr[2] += 4;
					break;
				      case IPOPT_TS_TSANDADDR:
					if (optptr[2]+7 > optptr[1]) {
						pp_ptr = optptr + 2;
						goto error;
					}
					opt->ts = optptr - iph;
					if (skb) {
						memcpy(&optptr[optptr[2]-1], &rt->rt_spec_dst, 4);
						timeptr = (__be32*)&optptr[optptr[2]+3];
					}
					opt->ts_needaddr = 1;
					opt->ts_needtime = 1;
					optptr[2] += 8;
					break;
				      case IPOPT_TS_PRESPEC:
					if (optptr[2]+7 > optptr[1]) {
						pp_ptr = optptr + 2;
						goto error;
					}
					opt->ts = optptr - iph;
					{
						__be32 addr;
						memcpy(&addr, &optptr[optptr[2]-1], 4);
						if (inet_addr_type(&init_net, addr) == RTN_UNICAST)
							break;
						if (skb)
							timeptr = (__be32*)&optptr[optptr[2]+3];
					}
					opt->ts_needtime = 1;
					optptr[2] += 8;
					break;
				      default:
					if (!skb && !capable(CAP_NET_RAW)) {
						pp_ptr = optptr + 3;
						goto error;
					}
					break;
				}
				if (timeptr) {
					struct timeval tv;
					__be32  midtime;
					do_gettimeofday(&tv);
					midtime = htonl((tv.tv_sec % 86400) * 1000 + tv.tv_usec / 1000);
					memcpy(timeptr, &midtime, sizeof(__be32));
					opt->is_changed = 1;
				}
			} else {
				unsigned overflow = optptr[3]>>4;
				if (overflow == 15) {
					pp_ptr = optptr + 3;
					goto error;
				}
				opt->ts = optptr - iph;
				if (skb) {
					optptr[3] = (optptr[3]&0xF)|((overflow+1)<<4);
					opt->is_changed = 1;
				}
			}
			break;
		      case IPOPT_RA:
			if (optlen < 4) {
				pp_ptr = optptr + 1;
				goto error;
			}
			if (optptr[2] == 0 && optptr[3] == 0)
				opt->router_alert = optptr - iph;
			break;
		      case IPOPT_CIPSO:
			if ((!skb && !capable(CAP_NET_RAW)) || opt->cipso) {
				pp_ptr = optptr;
				goto error;
			}
			opt->cipso = optptr - iph;
			if (cipso_v4_validate(&optptr)) {
				pp_ptr = optptr;
				goto error;
			}
			break;
		      case IPOPT_SEC:
		      case IPOPT_SID:
		      default:
			if (!skb && !capable(CAP_NET_RAW)) {
				pp_ptr = optptr;
				goto error;
			}
			break;
		}
		l -= optlen;
		optptr += optlen;
	}

eol:
	if (!pp_ptr)
		return 0;

error:
	if (skb) {
		icmp_send(skb, ICMP_PARAMETERPROB, 0, htonl((pp_ptr-iph)<<24));
	}
	return -EINVAL;
}


/*
 *	Undo all the changes done by ip_options_compile().
 */

void ip_options_undo(struct ip_options * opt)
{
	if (opt->srr) {
		unsigned  char * optptr = opt->__data+opt->srr-sizeof(struct  iphdr);
		memmove(optptr+7, optptr+3, optptr[1]-7);
		memcpy(optptr+3, &opt->faddr, 4);
	}
	if (opt->rr_needaddr) {
		unsigned  char * optptr = opt->__data+opt->rr-sizeof(struct  iphdr);
		optptr[2] -= 4;
		memset(&optptr[optptr[2]-1], 0, 4);
	}
	if (opt->ts) {
		unsigned  char * optptr = opt->__data+opt->ts-sizeof(struct  iphdr);
		if (opt->ts_needtime) {
			optptr[2] -= 4;
			memset(&optptr[optptr[2]-1], 0, 4);
			if ((optptr[3]&0xF) == IPOPT_TS_PRESPEC)
				optptr[2] -= 4;
		}
		if (opt->ts_needaddr) {
			optptr[2] -= 4;
			memset(&optptr[optptr[2]-1], 0, 4);
		}
	}
}

static struct ip_options *ip_options_get_alloc(const int optlen)
{
	return kzalloc(sizeof(struct ip_options) + ((optlen + 3) & ~3),
		       GFP_KERNEL);
}

static int ip_options_get_finish(struct ip_options **optp,
				 struct ip_options *opt, int optlen)
{
	while (optlen & 3)
		opt->__data[optlen++] = IPOPT_END;
	opt->optlen = optlen;
	opt->is_data = 1;
	if (optlen && ip_options_compile(opt, NULL)) {
		kfree(opt);
		return -EINVAL;
	}
	kfree(*optp);
	*optp = opt;
	return 0;
}

int ip_options_get_from_user(struct ip_options **optp, unsigned char __user *data, int optlen)
{
	struct ip_options *opt = ip_options_get_alloc(optlen);

	if (!opt)
		return -ENOMEM;
	if (optlen && copy_from_user(opt->__data, data, optlen)) {
		kfree(opt);
		return -EFAULT;
	}
	return ip_options_get_finish(optp, opt, optlen);
}

int ip_options_get(struct ip_options **optp, unsigned char *data, int optlen)
{
	struct ip_options *opt = ip_options_get_alloc(optlen);

	if (!opt)
		return -ENOMEM;
	if (optlen)
		memcpy(opt->__data, data, optlen);
	return ip_options_get_finish(optp, opt, optlen);
}

void ip_forward_options(struct sk_buff *skb)
{
	struct   ip_options * opt	= &(IPCB(skb)->opt);
	unsigned char * optptr;
	struct rtable *rt = skb->rtable;
	unsigned char *raw = skb_network_header(skb);

	if (opt->rr_needaddr) {
		optptr = (unsigned char *)raw + opt->rr;
		ip_rt_get_source(&optptr[optptr[2]-5], rt);
		opt->is_changed = 1;
	}
	if (opt->srr_is_hit) {
		int srrptr, srrspace;

		optptr = raw + opt->srr;

		for ( srrptr=optptr[2], srrspace = optptr[1];
		     srrptr <= srrspace;
		     srrptr += 4
		     ) {
			if (srrptr + 3 > srrspace)
				break;
			if (memcmp(&rt->rt_dst, &optptr[srrptr-1], 4) == 0)
				break;
		}
		if (srrptr + 3 <= srrspace) {
			opt->is_changed = 1;
			ip_rt_get_source(&optptr[srrptr-1], rt);
			ip_hdr(skb)->daddr = rt->rt_dst;
			optptr[2] = srrptr+4;
		} else if (net_ratelimit())
			printk(KERN_CRIT "ip_forward(): Argh! Destination lost!\n");
		if (opt->ts_needaddr) {
			optptr = raw + opt->ts;
			ip_rt_get_source(&optptr[optptr[2]-9], rt);
			opt->is_changed = 1;
		}
	}
	if (opt->is_changed) {
		opt->is_changed = 0;
		ip_send_check(ip_hdr(skb));
	}
}

int ip_options_rcv_srr(struct sk_buff *skb)
{
	struct ip_options *opt = &(IPCB(skb)->opt);
	int srrspace, srrptr;
	__be32 nexthop;
	struct iphdr *iph = ip_hdr(skb);
	unsigned char *optptr = skb_network_header(skb) + opt->srr;
	struct rtable *rt = skb->rtable;
	struct rtable *rt2;
	int err;

	if (!opt->srr)
		return 0;

	if (skb->pkt_type != PACKET_HOST)
		return -EINVAL;
	if (rt->rt_type == RTN_UNICAST) {
		if (!opt->is_strictroute)
			return 0;
		icmp_send(skb, ICMP_PARAMETERPROB, 0, htonl(16<<24));
		return -EINVAL;
	}
	if (rt->rt_type != RTN_LOCAL)
		return -EINVAL;

	for (srrptr=optptr[2], srrspace = optptr[1]; srrptr <= srrspace; srrptr += 4) {
		if (srrptr + 3 > srrspace) {
			icmp_send(skb, ICMP_PARAMETERPROB, 0, htonl((opt->srr+2)<<24));
			return -EINVAL;
		}
		memcpy(&nexthop, &optptr[srrptr-1], 4);

		rt = skb->rtable;
		skb->rtable = NULL;
		err = ip_route_input(skb, nexthop, iph->saddr, iph->tos, skb->dev);
		rt2 = skb->rtable;
		if (err || (rt2->rt_type != RTN_UNICAST && rt2->rt_type != RTN_LOCAL)) {
			ip_rt_put(rt2);
			skb->rtable = rt;
			return -EINVAL;
		}
		ip_rt_put(rt);
		if (rt2->rt_type != RTN_LOCAL)
			break;
		/* Superfast 8) loopback forward */
		memcpy(&iph->daddr, &optptr[srrptr-1], 4);
		opt->is_changed = 1;
	}
	if (srrptr <= srrspace) {
		opt->srr_is_hit = 1;
		opt->is_changed = 1;
	}
	return 0;
}
Commit	Line	Data
1da177e4 LT	1	/*
	2	* INET An implementation of the TCP/IP protocol suite for the LINUX
	3	* operating system. INET is implemented using the BSD Socket
	4	* interface as the means of communication with the user level.
	5	*
	6	* The options processing module for ip.c
	7	*
	8	* Version: $Id: ip_options.c,v 1.21 2001/09/01 00:31:50 davem Exp $
	9	*
	10	* Authors: A.N.Kuznetsov
e905a9ed	11	*
1da177e4 LT	12	*/
1da177e4 LT	13
4fc268d2	14	#include <linux/capability.h>
1da177e4 LT	15	#include <linux/module.h>
	16	#include <linux/types.h>
	17	#include <asm/uaccess.h>
	18	#include <linux/skbuff.h>
	19	#include <linux/ip.h>
	20	#include <linux/icmp.h>
	21	#include <linux/netdevice.h>
	22	#include <linux/rtnetlink.h>
	23	#include <net/sock.h>
	24	#include <net/ip.h>
	25	#include <net/icmp.h>
14c85021	26	#include <net/route.h>
11a03f78	27	#include <net/cipso_ipv4.h>
1da177e4	28
e905a9ed	29	/*
1da177e4 LT	30	* Write options to IP header, record destination address to
	31	* source route option, address of outgoing interface
	32	* (we should already know it, so that this function is allowed be
	33	* called only after routing decision) and timestamp,
	34	* if we originate this datagram.
	35	*
	36	* daddr is real destination address, next hop is recorded in IP header.
	37	* saddr is address of outgoing interface.
	38	*/
	39
	40	void ip_options_build(struct sk_buff * skb, struct ip_options * opt,
8712f774	41	__be32 daddr, struct rtable *rt, int is_frag)
1da177e4	42	{
d56f90a7	43	unsigned char *iph = skb_network_header(skb);
1da177e4 LT	44
	45	memcpy(&(IPCB(skb)->opt), opt, sizeof(struct ip_options));
	46	memcpy(iph+sizeof(struct iphdr), opt->__data, opt->optlen);
	47	opt = &(IPCB(skb)->opt);
	48	opt->is_data = 0;
	49
	50	if (opt->srr)
	51	memcpy(iph+opt->srr+iph[opt->srr+1]-4, &daddr, 4);
	52
	53	if (!is_frag) {
	54	if (opt->rr_needaddr)
	55	ip_rt_get_source(iph+opt->rr+iph[opt->rr+2]-5, rt);
	56	if (opt->ts_needaddr)
	57	ip_rt_get_source(iph+opt->ts+iph[opt->ts+2]-9, rt);
	58	if (opt->ts_needtime) {
	59	struct timeval tv;
e25d2ca6	60	__be32 midtime;
1da177e4 LT	61	do_gettimeofday(&tv);
	62	midtime = htonl((tv.tv_sec % 86400) * 1000 + tv.tv_usec / 1000);
	63	memcpy(iph+opt->ts+iph[opt->ts+2]-5, &midtime, 4);
	64	}
	65	return;
	66	}
	67	if (opt->rr) {
	68	memset(iph+opt->rr, IPOPT_NOP, iph[opt->rr+1]);
	69	opt->rr = 0;
	70	opt->rr_needaddr = 0;
	71	}
	72	if (opt->ts) {
	73	memset(iph+opt->ts, IPOPT_NOP, iph[opt->ts+1]);
	74	opt->ts = 0;
	75	opt->ts_needaddr = opt->ts_needtime = 0;
	76	}
	77	}
	78
e905a9ed	79	/*
1da177e4 LT	80	* Provided (sopt, skb) points to received options,
	81	* build in dopt compiled option set appropriate for answering.
	82	* i.e. invert SRR option, copy anothers,
	83	* and grab room in RR/TS options.
	84	*
	85	* NOTE: dopt cannot point to skb.
	86	*/
	87
e905a9ed	88	int ip_options_echo(struct ip_options * dopt, struct sk_buff * skb)
1da177e4 LT	89	{
	90	struct ip_options *sopt;
	91	unsigned char sptr, dptr;
	92	int soffset, doffset;
	93	int optlen;
e25d2ca6	94	__be32 daddr;
1da177e4 LT	95
	96	memset(dopt, 0, sizeof(struct ip_options));
	97
	98	dopt->is_data = 1;
	99
	100	sopt = &(IPCB(skb)->opt);
	101
	102	if (sopt->optlen == 0) {
	103	dopt->optlen = 0;
	104	return 0;
	105	}
	106
d56f90a7	107	sptr = skb_network_header(skb);
1da177e4 LT	108	dptr = dopt->__data;
1da177e4 LT	109
ee6b9673	110	daddr = skb->rtable->rt_spec_dst;
1da177e4 LT	111
	112	if (sopt->rr) {
	113	optlen = sptr[sopt->rr+1];
	114	soffset = sptr[sopt->rr+2];
	115	dopt->rr = dopt->optlen + sizeof(struct iphdr);
	116	memcpy(dptr, sptr+sopt->rr, optlen);
	117	if (sopt->rr_needaddr && soffset <= optlen) {
	118	if (soffset + 3 > optlen)
	119	return -EINVAL;
	120	dptr[2] = soffset + 4;
	121	dopt->rr_needaddr = 1;
	122	}
	123	dptr += optlen;
	124	dopt->optlen += optlen;
	125	}
	126	if (sopt->ts) {
	127	optlen = sptr[sopt->ts+1];
	128	soffset = sptr[sopt->ts+2];
	129	dopt->ts = dopt->optlen + sizeof(struct iphdr);
	130	memcpy(dptr, sptr+sopt->ts, optlen);
	131	if (soffset <= optlen) {
	132	if (sopt->ts_needaddr) {
	133	if (soffset + 3 > optlen)
	134	return -EINVAL;
	135	dopt->ts_needaddr = 1;
	136	soffset += 4;
	137	}
	138	if (sopt->ts_needtime) {
	139	if (soffset + 3 > optlen)
	140	return -EINVAL;
	141	if ((dptr[3]&0xF) != IPOPT_TS_PRESPEC) {
	142	dopt->ts_needtime = 1;
	143	soffset += 4;
	144	} else {
	145	dopt->ts_needtime = 0;
	146
	147	if (soffset + 8 <= optlen) {
fd683222	148	__be32 addr;
1da177e4 LT	149
1da177e4 LT	150	memcpy(&addr, sptr+soffset-1, 4);
6b175b26	151	if (inet_addr_type(&init_net, addr) != RTN_LOCAL) {
1da177e4 LT	152	dopt->ts_needtime = 1;
	153	soffset += 8;
	154	}
	155	}
	156	}
	157	}
	158	dptr[2] = soffset;
	159	}
	160	dptr += optlen;
	161	dopt->optlen += optlen;
	162	}
	163	if (sopt->srr) {
	164	unsigned char * start = sptr+sopt->srr;
3ca3c68e	165	__be32 faddr;
1da177e4 LT	166
	167	optlen = start[1];
	168	soffset = start[2];
	169	doffset = 0;
	170	if (soffset > optlen)
	171	soffset = optlen + 1;
	172	soffset -= 4;
	173	if (soffset > 3) {
	174	memcpy(&faddr, &start[soffset-1], 4);
	175	for (soffset-=4, doffset=4; soffset > 3; soffset-=4, doffset+=4)
	176	memcpy(&dptr[doffset-1], &start[soffset-1], 4);
	177	/*
	178	* RFC1812 requires to fix illegal source routes.
	179	*/
eddc9ec5 ACM	180	if (memcmp(&ip_hdr(skb)->saddr,
eddc9ec5 ACM	181	&start[soffset + 3], 4) == 0)
1da177e4 LT	182	doffset -= 4;
	183	}
	184	if (doffset > 3) {
	185	memcpy(&start[doffset-1], &daddr, 4);
	186	dopt->faddr = faddr;
	187	dptr[0] = start[0];
	188	dptr[1] = doffset+3;
	189	dptr[2] = 4;
	190	dptr += doffset+3;
	191	dopt->srr = dopt->optlen + sizeof(struct iphdr);
	192	dopt->optlen += doffset+3;
	193	dopt->is_strictroute = sopt->is_strictroute;
	194	}
	195	}
11a03f78 PM	196	if (sopt->cipso) {
	197	optlen = sptr[sopt->cipso+1];
	198	dopt->cipso = dopt->optlen+sizeof(struct iphdr);
	199	memcpy(dptr, sptr+sopt->cipso, optlen);
	200	dptr += optlen;
	201	dopt->optlen += optlen;
	202	}
1da177e4 LT	203	while (dopt->optlen & 3) {
	204	*dptr++ = IPOPT_END;
	205	dopt->optlen++;
	206	}
	207	return 0;
	208	}
	209
	210	/*
	211	* Options "fragmenting", just fill options not
	212	* allowed in fragments with NOOPs.
	213	* Simple and stupid 8), but the most efficient way.
	214	*/
	215
e905a9ed	216	void ip_options_fragment(struct sk_buff * skb)
1da177e4	217	{
d56f90a7	218	unsigned char *optptr = skb_network_header(skb) + sizeof(struct iphdr);
1da177e4 LT	219	struct ip_options * opt = &(IPCB(skb)->opt);
	220	int l = opt->optlen;
	221	int optlen;
	222
	223	while (l > 0) {
	224	switch (*optptr) {
	225	case IPOPT_END:
	226	return;
	227	case IPOPT_NOOP:
	228	l--;
	229	optptr++;
	230	continue;
	231	}
	232	optlen = optptr[1];
	233	if (optlen<2 \|\| optlen>l)
	234	return;
	235	if (!IPOPT_COPIED(*optptr))
	236	memset(optptr, IPOPT_NOOP, optlen);
	237	l -= optlen;
	238	optptr += optlen;
	239	}
	240	opt->ts = 0;
	241	opt->rr = 0;
	242	opt->rr_needaddr = 0;
	243	opt->ts_needaddr = 0;
	244	opt->ts_needtime = 0;
	245	return;
	246	}
	247
	248	/*
	249	* Verify options and fill pointers in struct options.
	250	* Caller should clear *opt, and set opt->data.
	251	* If opt == NULL, then skb->data should point to IP header.
	252	*/
	253
	254	int ip_options_compile(struct ip_options * opt, struct sk_buff * skb)
	255	{
	256	int l;
	257	unsigned char * iph;
	258	unsigned char * optptr;
	259	int optlen;
	260	unsigned char * pp_ptr = NULL;
ee6b9673	261	struct rtable *rt = skb ? skb->rtable : NULL;
1da177e4 LT	262
	263	if (!opt) {
	264	opt = &(IPCB(skb)->opt);
d56f90a7	265	iph = skb_network_header(skb);
1da177e4 LT	266	opt->optlen = ((struct iphdr )iph)->ihl4 - sizeof(struct iphdr);
	267	optptr = iph + sizeof(struct iphdr);
	268	opt->is_data = 0;
	269	} else {
10fe7d85	270	optptr = opt->__data;
1da177e4 LT	271	iph = optptr - sizeof(struct iphdr);
	272	}
	273
	274	for (l = opt->optlen; l > 0; ) {
	275	switch (*optptr) {
	276	case IPOPT_END:
	277	for (optptr++, l--; l>0; optptr++, l--) {
	278	if (*optptr != IPOPT_END) {
	279	*optptr = IPOPT_END;
	280	opt->is_changed = 1;
	281	}
	282	}
	283	goto eol;
	284	case IPOPT_NOOP:
	285	l--;
	286	optptr++;
	287	continue;
	288	}
	289	optlen = optptr[1];
	290	if (optlen<2 \|\| optlen>l) {
	291	pp_ptr = optptr;
	292	goto error;
	293	}
	294	switch (*optptr) {
	295	case IPOPT_SSRR:
	296	case IPOPT_LSRR:
	297	if (optlen < 3) {
	298	pp_ptr = optptr + 1;
	299	goto error;
	300	}
	301	if (optptr[2] < 4) {
	302	pp_ptr = optptr + 2;
	303	goto error;
	304	}
	305	/* NB: cf RFC-1812 5.2.4.1 */
	306	if (opt->srr) {
	307	pp_ptr = optptr;
	308	goto error;
	309	}
	310	if (!skb) {
	311	if (optptr[2] != 4 \|\| optlen < 7 \|\| ((optlen-3) & 3)) {
	312	pp_ptr = optptr + 1;
	313	goto error;
	314	}
	315	memcpy(&opt->faddr, &optptr[3], 4);
	316	if (optlen > 7)
	317	memmove(&optptr[3], &optptr[7], optlen-7);
	318	}
	319	opt->is_strictroute = (optptr[0] == IPOPT_SSRR);
	320	opt->srr = optptr - iph;
	321	break;
	322	case IPOPT_RR:
	323	if (opt->rr) {
	324	pp_ptr = optptr;
	325	goto error;
	326	}
	327	if (optlen < 3) {
	328	pp_ptr = optptr + 1;
	329	goto error;
	330	}
	331	if (optptr[2] < 4) {
	332	pp_ptr = optptr + 2;
	333	goto error;
	334	}
335	if (optptr[2] <= optlen) {
336	if (optptr[2]+3 > optlen) {
337	pp_ptr = optptr + 2;
338	goto error;
339	}
340	if (skb) {
341	memcpy(&optptr[optptr[2]-1], &rt->rt_spec_dst, 4);
342	opt->is_changed = 1;
343	}
344	optptr[2] += 4;
345	opt->rr_needaddr = 1;
346	}
347	opt->rr = optptr - iph;
348	break;
349	case IPOPT_TIMESTAMP:
350	if (opt->ts) {
351	pp_ptr = optptr;
352	goto error;
353	}
354	if (optlen < 4) {
355	pp_ptr = optptr + 1;
356	goto error;
357	}
358	if (optptr[2] < 5) {
359	pp_ptr = optptr + 2;
360	goto error;
361	}
362	if (optptr[2] <= optlen) {
e25d2ca6	363	__be32 *timeptr = NULL;
1da177e4 LT	364	if (optptr[2]+3 > optptr[1]) {
	365	pp_ptr = optptr + 2;
	366	goto error;
	367	}
	368	switch (optptr[3]&0xF) {
	369	case IPOPT_TS_TSONLY:
	370	opt->ts = optptr - iph;
e905a9ed	371	if (skb)
e25d2ca6	372	timeptr = (__be32*)&optptr[optptr[2]-1];
1da177e4 LT	373	opt->ts_needtime = 1;
	374	optptr[2] += 4;
	375	break;
	376	case IPOPT_TS_TSANDADDR:
	377	if (optptr[2]+7 > optptr[1]) {
	378	pp_ptr = optptr + 2;
	379	goto error;
	380	}
	381	opt->ts = optptr - iph;
	382	if (skb) {
	383	memcpy(&optptr[optptr[2]-1], &rt->rt_spec_dst, 4);
e25d2ca6	384	timeptr = (__be32*)&optptr[optptr[2]+3];
1da177e4 LT	385	}
	386	opt->ts_needaddr = 1;
	387	opt->ts_needtime = 1;
	388	optptr[2] += 8;
	389	break;
	390	case IPOPT_TS_PRESPEC:
	391	if (optptr[2]+7 > optptr[1]) {
	392	pp_ptr = optptr + 2;
	393	goto error;
	394	}
	395	opt->ts = optptr - iph;
	396	{
fd683222	397	__be32 addr;
1da177e4	398	memcpy(&addr, &optptr[optptr[2]-1], 4);
6b175b26	399	if (inet_addr_type(&init_net, addr) == RTN_UNICAST)
1da177e4 LT	400	break;
1da177e4 LT	401	if (skb)
e25d2ca6	402	timeptr = (__be32*)&optptr[optptr[2]+3];
1da177e4 LT	403	}
	404	opt->ts_needtime = 1;
	405	optptr[2] += 8;
	406	break;
	407	default:
	408	if (!skb && !capable(CAP_NET_RAW)) {
	409	pp_ptr = optptr + 3;
	410	goto error;
	411	}
	412	break;
	413	}
	414	if (timeptr) {
	415	struct timeval tv;
e25d2ca6	416	__be32 midtime;
1da177e4 LT	417	do_gettimeofday(&tv);
1da177e4 LT	418	midtime = htonl((tv.tv_sec % 86400) * 1000 + tv.tv_usec / 1000);
e25d2ca6	419	memcpy(timeptr, &midtime, sizeof(__be32));
1da177e4 LT	420	opt->is_changed = 1;
	421	}
	422	} else {
	423	unsigned overflow = optptr[3]>>4;
	424	if (overflow == 15) {
	425	pp_ptr = optptr + 3;
	426	goto error;
	427	}
	428	opt->ts = optptr - iph;
	429	if (skb) {
	430	optptr[3] = (optptr[3]&0xF)\|((overflow+1)<<4);
	431	opt->is_changed = 1;
	432	}
	433	}
	434	break;
	435	case IPOPT_RA:
	436	if (optlen < 4) {
	437	pp_ptr = optptr + 1;
	438	goto error;
	439	}
	440	if (optptr[2] == 0 && optptr[3] == 0)
	441	opt->router_alert = optptr - iph;
	442	break;
11a03f78	443	case IPOPT_CIPSO:
f8687afe	444	if ((!skb && !capable(CAP_NET_RAW)) \|\| opt->cipso) {
11a03f78 PM	445	pp_ptr = optptr;
	446	goto error;
	447	}
	448	opt->cipso = optptr - iph;
e905a9ed	449	if (cipso_v4_validate(&optptr)) {
11a03f78 PM	450	pp_ptr = optptr;
	451	goto error;
	452	}
	453	break;
1da177e4 LT	454	case IPOPT_SEC:
	455	case IPOPT_SID:
	456	default:
	457	if (!skb && !capable(CAP_NET_RAW)) {
	458	pp_ptr = optptr;
	459	goto error;
	460	}
	461	break;
	462	}
	463	l -= optlen;
	464	optptr += optlen;
	465	}
	466
	467	eol:
	468	if (!pp_ptr)
	469	return 0;
	470
	471	error:
	472	if (skb) {
	473	icmp_send(skb, ICMP_PARAMETERPROB, 0, htonl((pp_ptr-iph)<<24));
	474	}
	475	return -EINVAL;
	476	}
	477
	478
	479	/*
	480	* Undo all the changes done by ip_options_compile().
	481	*/
	482
	483	void ip_options_undo(struct ip_options * opt)
	484	{
	485	if (opt->srr) {
	486	unsigned char * optptr = opt->__data+opt->srr-sizeof(struct iphdr);
	487	memmove(optptr+7, optptr+3, optptr[1]-7);
	488	memcpy(optptr+3, &opt->faddr, 4);
	489	}
	490	if (opt->rr_needaddr) {
	491	unsigned char * optptr = opt->__data+opt->rr-sizeof(struct iphdr);
	492	optptr[2] -= 4;
	493	memset(&optptr[optptr[2]-1], 0, 4);
	494	}
	495	if (opt->ts) {
	496	unsigned char * optptr = opt->__data+opt->ts-sizeof(struct iphdr);
	497	if (opt->ts_needtime) {
	498	optptr[2] -= 4;
	499	memset(&optptr[optptr[2]-1], 0, 4);
	500	if ((optptr[3]&0xF) == IPOPT_TS_PRESPEC)
	501	optptr[2] -= 4;
	502	}
	503	if (opt->ts_needaddr) {
	504	optptr[2] -= 4;
	505	memset(&optptr[optptr[2]-1], 0, 4);
	506	}
	507	}
	508	}
	509
4c6ea29d	510	static struct ip_options *ip_options_get_alloc(const int optlen)
1da177e4	511	{
37640703 MK	512	return kzalloc(sizeof(struct ip_options) + ((optlen + 3) & ~3),
37640703 MK	513	GFP_KERNEL);
4c6ea29d	514	}
1da177e4	515
4c6ea29d ACM	516	static int ip_options_get_finish(struct ip_options **optp,
	517	struct ip_options *opt, int optlen)
	518	{
1da177e4 LT	519	while (optlen & 3)
	520	opt->__data[optlen++] = IPOPT_END;
	521	opt->optlen = optlen;
	522	opt->is_data = 1;
1da177e4 LT	523	if (optlen && ip_options_compile(opt, NULL)) {
	524	kfree(opt);
	525	return -EINVAL;
	526	}
a51482bd	527	kfree(*optp);
1da177e4 LT	528	*optp = opt;
	529	return 0;
	530	}
	531
4c6ea29d ACM	532	int ip_options_get_from_user(struct ip_options *optp, unsigned char __user data, int optlen)
	533	{
	534	struct ip_options *opt = ip_options_get_alloc(optlen);
	535
	536	if (!opt)
	537	return -ENOMEM;
	538	if (optlen && copy_from_user(opt->__data, data, optlen)) {
	539	kfree(opt);
	540	return -EFAULT;
	541	}
	542	return ip_options_get_finish(optp, opt, optlen);
	543	}
	544
	545	int ip_options_get(struct ip_options *optp, unsigned char data, int optlen)
	546	{
	547	struct ip_options *opt = ip_options_get_alloc(optlen);
	548
	549	if (!opt)
	550	return -ENOMEM;
	551	if (optlen)
	552	memcpy(opt->__data, data, optlen);
	553	return ip_options_get_finish(optp, opt, optlen);
	554	}
	555
1da177e4 LT	556	void ip_forward_options(struct sk_buff *skb)
	557	{
	558	struct ip_options * opt = &(IPCB(skb)->opt);
	559	unsigned char * optptr;
ee6b9673	560	struct rtable *rt = skb->rtable;
d56f90a7	561	unsigned char *raw = skb_network_header(skb);
1da177e4 LT	562
	563	if (opt->rr_needaddr) {
	564	optptr = (unsigned char *)raw + opt->rr;
	565	ip_rt_get_source(&optptr[optptr[2]-5], rt);
	566	opt->is_changed = 1;
	567	}
	568	if (opt->srr_is_hit) {
	569	int srrptr, srrspace;
	570
	571	optptr = raw + opt->srr;
	572
	573	for ( srrptr=optptr[2], srrspace = optptr[1];
	574	srrptr <= srrspace;
	575	srrptr += 4
	576	) {
	577	if (srrptr + 3 > srrspace)
	578	break;
	579	if (memcmp(&rt->rt_dst, &optptr[srrptr-1], 4) == 0)
	580	break;
	581	}
	582	if (srrptr + 3 <= srrspace) {
	583	opt->is_changed = 1;
	584	ip_rt_get_source(&optptr[srrptr-1], rt);
eddc9ec5	585	ip_hdr(skb)->daddr = rt->rt_dst;
1da177e4 LT	586	optptr[2] = srrptr+4;
	587	} else if (net_ratelimit())
	588	printk(KERN_CRIT "ip_forward(): Argh! Destination lost!\n");
	589	if (opt->ts_needaddr) {
	590	optptr = raw + opt->ts;
	591	ip_rt_get_source(&optptr[optptr[2]-9], rt);
	592	opt->is_changed = 1;
	593	}
	594	}
	595	if (opt->is_changed) {
	596	opt->is_changed = 0;
eddc9ec5	597	ip_send_check(ip_hdr(skb));
1da177e4 LT	598	}
	599	}
	600
	601	int ip_options_rcv_srr(struct sk_buff *skb)
	602	{
	603	struct ip_options *opt = &(IPCB(skb)->opt);
	604	int srrspace, srrptr;
9e12bb22	605	__be32 nexthop;
eddc9ec5	606	struct iphdr *iph = ip_hdr(skb);
d56f90a7	607	unsigned char *optptr = skb_network_header(skb) + opt->srr;
ee6b9673	608	struct rtable *rt = skb->rtable;
1da177e4 LT	609	struct rtable *rt2;
	610	int err;
	611
	612	if (!opt->srr)
	613	return 0;
	614
	615	if (skb->pkt_type != PACKET_HOST)
	616	return -EINVAL;
	617	if (rt->rt_type == RTN_UNICAST) {
	618	if (!opt->is_strictroute)
	619	return 0;
	620	icmp_send(skb, ICMP_PARAMETERPROB, 0, htonl(16<<24));
	621	return -EINVAL;
	622	}
	623	if (rt->rt_type != RTN_LOCAL)
	624	return -EINVAL;
	625
	626	for (srrptr=optptr[2], srrspace = optptr[1]; srrptr <= srrspace; srrptr += 4) {
	627	if (srrptr + 3 > srrspace) {
	628	icmp_send(skb, ICMP_PARAMETERPROB, 0, htonl((opt->srr+2)<<24));
	629	return -EINVAL;
	630	}
	631	memcpy(&nexthop, &optptr[srrptr-1], 4);
	632
ee6b9673 ED	633	rt = skb->rtable;
ee6b9673 ED	634	skb->rtable = NULL;
1da177e4	635	err = ip_route_input(skb, nexthop, iph->saddr, iph->tos, skb->dev);
ee6b9673	636	rt2 = skb->rtable;
1da177e4 LT	637	if (err \|\| (rt2->rt_type != RTN_UNICAST && rt2->rt_type != RTN_LOCAL)) {
1da177e4 LT	638	ip_rt_put(rt2);
ee6b9673	639	skb->rtable = rt;
1da177e4 LT	640	return -EINVAL;
	641	}
	642	ip_rt_put(rt);
	643	if (rt2->rt_type != RTN_LOCAL)
	644	break;
	645	/* Superfast 8) loopback forward */
	646	memcpy(&iph->daddr, &optptr[srrptr-1], 4);
	647	opt->is_changed = 1;
	648	}
	649	if (srrptr <= srrspace) {
	650	opt->srr_is_hit = 1;
	651	opt->is_changed = 1;
	652	}
	653	return 0;
	654	}