Merge tag 'usb-3.19-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb
[deliverable/linux.git] / net / ipv6 / ipv6_sockglue.c
1 /*
2 * IPv6 BSD socket options interface
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * Based on linux/net/ipv4/ip_sockglue.c
9 *
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License
12 * as published by the Free Software Foundation; either version
13 * 2 of the License, or (at your option) any later version.
14 *
15 * FIXME: Make the setsockopt code POSIX compliant: That is
16 *
17 * o Truncate getsockopt returns
18 * o Return an optlen of the truncated length if need be
19 *
20 * Changes:
21 * David L Stevens <dlstevens@us.ibm.com>:
22 * - added multicast source filtering API for MLDv2
23 */
24
25 #include <linux/module.h>
26 #include <linux/capability.h>
27 #include <linux/errno.h>
28 #include <linux/types.h>
29 #include <linux/socket.h>
30 #include <linux/sockios.h>
31 #include <linux/net.h>
32 #include <linux/in6.h>
33 #include <linux/mroute6.h>
34 #include <linux/netdevice.h>
35 #include <linux/if_arp.h>
36 #include <linux/init.h>
37 #include <linux/sysctl.h>
38 #include <linux/netfilter.h>
39 #include <linux/slab.h>
40
41 #include <net/sock.h>
42 #include <net/snmp.h>
43 #include <net/ipv6.h>
44 #include <net/ndisc.h>
45 #include <net/protocol.h>
46 #include <net/transp_v6.h>
47 #include <net/ip6_route.h>
48 #include <net/addrconf.h>
49 #include <net/inet_common.h>
50 #include <net/tcp.h>
51 #include <net/udp.h>
52 #include <net/udplite.h>
53 #include <net/xfrm.h>
54 #include <net/compat.h>
55
56 #include <asm/uaccess.h>
57
58 struct ip6_ra_chain *ip6_ra_chain;
59 DEFINE_RWLOCK(ip6_ra_lock);
60
61 int ip6_ra_control(struct sock *sk, int sel)
62 {
63 struct ip6_ra_chain *ra, *new_ra, **rap;
64
65 /* RA packet may be delivered ONLY to IPPROTO_RAW socket */
66 if (sk->sk_type != SOCK_RAW || inet_sk(sk)->inet_num != IPPROTO_RAW)
67 return -ENOPROTOOPT;
68
69 new_ra = (sel >= 0) ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL;
70
71 write_lock_bh(&ip6_ra_lock);
72 for (rap = &ip6_ra_chain; (ra = *rap) != NULL; rap = &ra->next) {
73 if (ra->sk == sk) {
74 if (sel >= 0) {
75 write_unlock_bh(&ip6_ra_lock);
76 kfree(new_ra);
77 return -EADDRINUSE;
78 }
79
80 *rap = ra->next;
81 write_unlock_bh(&ip6_ra_lock);
82
83 sock_put(sk);
84 kfree(ra);
85 return 0;
86 }
87 }
88 if (new_ra == NULL) {
89 write_unlock_bh(&ip6_ra_lock);
90 return -ENOBUFS;
91 }
92 new_ra->sk = sk;
93 new_ra->sel = sel;
94 new_ra->next = ra;
95 *rap = new_ra;
96 sock_hold(sk);
97 write_unlock_bh(&ip6_ra_lock);
98 return 0;
99 }
100
101 static
102 struct ipv6_txoptions *ipv6_update_options(struct sock *sk,
103 struct ipv6_txoptions *opt)
104 {
105 if (inet_sk(sk)->is_icsk) {
106 if (opt &&
107 !((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) &&
108 inet_sk(sk)->inet_daddr != LOOPBACK4_IPV6) {
109 struct inet_connection_sock *icsk = inet_csk(sk);
110 icsk->icsk_ext_hdr_len = opt->opt_flen + opt->opt_nflen;
111 icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie);
112 }
113 }
114 opt = xchg(&inet6_sk(sk)->opt, opt);
115 sk_dst_reset(sk);
116
117 return opt;
118 }
119
120 static int do_ipv6_setsockopt(struct sock *sk, int level, int optname,
121 char __user *optval, unsigned int optlen)
122 {
123 struct ipv6_pinfo *np = inet6_sk(sk);
124 struct net *net = sock_net(sk);
125 int val, valbool;
126 int retv = -ENOPROTOOPT;
127
128 if (optval == NULL)
129 val = 0;
130 else {
131 if (optlen >= sizeof(int)) {
132 if (get_user(val, (int __user *) optval))
133 return -EFAULT;
134 } else
135 val = 0;
136 }
137
138 valbool = (val != 0);
139
140 if (ip6_mroute_opt(optname))
141 return ip6_mroute_setsockopt(sk, optname, optval, optlen);
142
143 lock_sock(sk);
144
145 switch (optname) {
146
147 case IPV6_ADDRFORM:
148 if (optlen < sizeof(int))
149 goto e_inval;
150 if (val == PF_INET) {
151 struct ipv6_txoptions *opt;
152 struct sk_buff *pktopt;
153
154 if (sk->sk_type == SOCK_RAW)
155 break;
156
157 if (sk->sk_protocol == IPPROTO_UDP ||
158 sk->sk_protocol == IPPROTO_UDPLITE) {
159 struct udp_sock *up = udp_sk(sk);
160 if (up->pending == AF_INET6) {
161 retv = -EBUSY;
162 break;
163 }
164 } else if (sk->sk_protocol != IPPROTO_TCP)
165 break;
166
167 if (sk->sk_state != TCP_ESTABLISHED) {
168 retv = -ENOTCONN;
169 break;
170 }
171
172 if (ipv6_only_sock(sk) ||
173 !ipv6_addr_v4mapped(&sk->sk_v6_daddr)) {
174 retv = -EADDRNOTAVAIL;
175 break;
176 }
177
178 fl6_free_socklist(sk);
179 ipv6_sock_mc_close(sk);
180
181 /*
182 * Sock is moving from IPv6 to IPv4 (sk_prot), so
183 * remove it from the refcnt debug socks count in the
184 * original family...
185 */
186 sk_refcnt_debug_dec(sk);
187
188 if (sk->sk_protocol == IPPROTO_TCP) {
189 struct inet_connection_sock *icsk = inet_csk(sk);
190 local_bh_disable();
191 sock_prot_inuse_add(net, sk->sk_prot, -1);
192 sock_prot_inuse_add(net, &tcp_prot, 1);
193 local_bh_enable();
194 sk->sk_prot = &tcp_prot;
195 icsk->icsk_af_ops = &ipv4_specific;
196 sk->sk_socket->ops = &inet_stream_ops;
197 sk->sk_family = PF_INET;
198 tcp_sync_mss(sk, icsk->icsk_pmtu_cookie);
199 } else {
200 struct proto *prot = &udp_prot;
201
202 if (sk->sk_protocol == IPPROTO_UDPLITE)
203 prot = &udplite_prot;
204 local_bh_disable();
205 sock_prot_inuse_add(net, sk->sk_prot, -1);
206 sock_prot_inuse_add(net, prot, 1);
207 local_bh_enable();
208 sk->sk_prot = prot;
209 sk->sk_socket->ops = &inet_dgram_ops;
210 sk->sk_family = PF_INET;
211 }
212 opt = xchg(&np->opt, NULL);
213 if (opt)
214 sock_kfree_s(sk, opt, opt->tot_len);
215 pktopt = xchg(&np->pktoptions, NULL);
216 kfree_skb(pktopt);
217
218 sk->sk_destruct = inet_sock_destruct;
219 /*
220 * ... and add it to the refcnt debug socks count
221 * in the new family. -acme
222 */
223 sk_refcnt_debug_inc(sk);
224 module_put(THIS_MODULE);
225 retv = 0;
226 break;
227 }
228 goto e_inval;
229
230 case IPV6_V6ONLY:
231 if (optlen < sizeof(int) ||
232 inet_sk(sk)->inet_num)
233 goto e_inval;
234 sk->sk_ipv6only = valbool;
235 retv = 0;
236 break;
237
238 case IPV6_RECVPKTINFO:
239 if (optlen < sizeof(int))
240 goto e_inval;
241 np->rxopt.bits.rxinfo = valbool;
242 retv = 0;
243 break;
244
245 case IPV6_2292PKTINFO:
246 if (optlen < sizeof(int))
247 goto e_inval;
248 np->rxopt.bits.rxoinfo = valbool;
249 retv = 0;
250 break;
251
252 case IPV6_RECVHOPLIMIT:
253 if (optlen < sizeof(int))
254 goto e_inval;
255 np->rxopt.bits.rxhlim = valbool;
256 retv = 0;
257 break;
258
259 case IPV6_2292HOPLIMIT:
260 if (optlen < sizeof(int))
261 goto e_inval;
262 np->rxopt.bits.rxohlim = valbool;
263 retv = 0;
264 break;
265
266 case IPV6_RECVRTHDR:
267 if (optlen < sizeof(int))
268 goto e_inval;
269 np->rxopt.bits.srcrt = valbool;
270 retv = 0;
271 break;
272
273 case IPV6_2292RTHDR:
274 if (optlen < sizeof(int))
275 goto e_inval;
276 np->rxopt.bits.osrcrt = valbool;
277 retv = 0;
278 break;
279
280 case IPV6_RECVHOPOPTS:
281 if (optlen < sizeof(int))
282 goto e_inval;
283 np->rxopt.bits.hopopts = valbool;
284 retv = 0;
285 break;
286
287 case IPV6_2292HOPOPTS:
288 if (optlen < sizeof(int))
289 goto e_inval;
290 np->rxopt.bits.ohopopts = valbool;
291 retv = 0;
292 break;
293
294 case IPV6_RECVDSTOPTS:
295 if (optlen < sizeof(int))
296 goto e_inval;
297 np->rxopt.bits.dstopts = valbool;
298 retv = 0;
299 break;
300
301 case IPV6_2292DSTOPTS:
302 if (optlen < sizeof(int))
303 goto e_inval;
304 np->rxopt.bits.odstopts = valbool;
305 retv = 0;
306 break;
307
308 case IPV6_TCLASS:
309 if (optlen < sizeof(int))
310 goto e_inval;
311 if (val < -1 || val > 0xff)
312 goto e_inval;
313 /* RFC 3542, 6.5: default traffic class of 0x0 */
314 if (val == -1)
315 val = 0;
316 np->tclass = val;
317 retv = 0;
318 break;
319
320 case IPV6_RECVTCLASS:
321 if (optlen < sizeof(int))
322 goto e_inval;
323 np->rxopt.bits.rxtclass = valbool;
324 retv = 0;
325 break;
326
327 case IPV6_FLOWINFO:
328 if (optlen < sizeof(int))
329 goto e_inval;
330 np->rxopt.bits.rxflow = valbool;
331 retv = 0;
332 break;
333
334 case IPV6_RECVPATHMTU:
335 if (optlen < sizeof(int))
336 goto e_inval;
337 np->rxopt.bits.rxpmtu = valbool;
338 retv = 0;
339 break;
340
341 case IPV6_TRANSPARENT:
342 if (valbool && !ns_capable(net->user_ns, CAP_NET_ADMIN) &&
343 !ns_capable(net->user_ns, CAP_NET_RAW)) {
344 retv = -EPERM;
345 break;
346 }
347 if (optlen < sizeof(int))
348 goto e_inval;
349 /* we don't have a separate transparent bit for IPV6 we use the one in the IPv4 socket */
350 inet_sk(sk)->transparent = valbool;
351 retv = 0;
352 break;
353
354 case IPV6_RECVORIGDSTADDR:
355 if (optlen < sizeof(int))
356 goto e_inval;
357 np->rxopt.bits.rxorigdstaddr = valbool;
358 retv = 0;
359 break;
360
361 case IPV6_HOPOPTS:
362 case IPV6_RTHDRDSTOPTS:
363 case IPV6_RTHDR:
364 case IPV6_DSTOPTS:
365 {
366 struct ipv6_txoptions *opt;
367
368 /* remove any sticky options header with a zero option
369 * length, per RFC3542.
370 */
371 if (optlen == 0)
372 optval = NULL;
373 else if (optval == NULL)
374 goto e_inval;
375 else if (optlen < sizeof(struct ipv6_opt_hdr) ||
376 optlen & 0x7 || optlen > 8 * 255)
377 goto e_inval;
378
379 /* hop-by-hop / destination options are privileged option */
380 retv = -EPERM;
381 if (optname != IPV6_RTHDR && !ns_capable(net->user_ns, CAP_NET_RAW))
382 break;
383
384 opt = ipv6_renew_options(sk, np->opt, optname,
385 (struct ipv6_opt_hdr __user *)optval,
386 optlen);
387 if (IS_ERR(opt)) {
388 retv = PTR_ERR(opt);
389 break;
390 }
391
392 /* routing header option needs extra check */
393 retv = -EINVAL;
394 if (optname == IPV6_RTHDR && opt && opt->srcrt) {
395 struct ipv6_rt_hdr *rthdr = opt->srcrt;
396 switch (rthdr->type) {
397 #if IS_ENABLED(CONFIG_IPV6_MIP6)
398 case IPV6_SRCRT_TYPE_2:
399 if (rthdr->hdrlen != 2 ||
400 rthdr->segments_left != 1)
401 goto sticky_done;
402
403 break;
404 #endif
405 default:
406 goto sticky_done;
407 }
408 }
409
410 retv = 0;
411 opt = ipv6_update_options(sk, opt);
412 sticky_done:
413 if (opt)
414 sock_kfree_s(sk, opt, opt->tot_len);
415 break;
416 }
417
418 case IPV6_PKTINFO:
419 {
420 struct in6_pktinfo pkt;
421
422 if (optlen == 0)
423 goto e_inval;
424 else if (optlen < sizeof(struct in6_pktinfo) || optval == NULL)
425 goto e_inval;
426
427 if (copy_from_user(&pkt, optval, sizeof(struct in6_pktinfo))) {
428 retv = -EFAULT;
429 break;
430 }
431 if (sk->sk_bound_dev_if && pkt.ipi6_ifindex != sk->sk_bound_dev_if)
432 goto e_inval;
433
434 np->sticky_pktinfo.ipi6_ifindex = pkt.ipi6_ifindex;
435 np->sticky_pktinfo.ipi6_addr = pkt.ipi6_addr;
436 retv = 0;
437 break;
438 }
439
440 case IPV6_2292PKTOPTIONS:
441 {
442 struct ipv6_txoptions *opt = NULL;
443 struct msghdr msg;
444 struct flowi6 fl6;
445 int junk;
446
447 memset(&fl6, 0, sizeof(fl6));
448 fl6.flowi6_oif = sk->sk_bound_dev_if;
449 fl6.flowi6_mark = sk->sk_mark;
450
451 if (optlen == 0)
452 goto update;
453
454 /* 1K is probably excessive
455 * 1K is surely not enough, 2K per standard header is 16K.
456 */
457 retv = -EINVAL;
458 if (optlen > 64*1024)
459 break;
460
461 opt = sock_kmalloc(sk, sizeof(*opt) + optlen, GFP_KERNEL);
462 retv = -ENOBUFS;
463 if (opt == NULL)
464 break;
465
466 memset(opt, 0, sizeof(*opt));
467 opt->tot_len = sizeof(*opt) + optlen;
468 retv = -EFAULT;
469 if (copy_from_user(opt+1, optval, optlen))
470 goto done;
471
472 msg.msg_controllen = optlen;
473 msg.msg_control = (void *)(opt+1);
474
475 retv = ip6_datagram_send_ctl(net, sk, &msg, &fl6, opt, &junk,
476 &junk, &junk);
477 if (retv)
478 goto done;
479 update:
480 retv = 0;
481 opt = ipv6_update_options(sk, opt);
482 done:
483 if (opt)
484 sock_kfree_s(sk, opt, opt->tot_len);
485 break;
486 }
487 case IPV6_UNICAST_HOPS:
488 if (optlen < sizeof(int))
489 goto e_inval;
490 if (val > 255 || val < -1)
491 goto e_inval;
492 np->hop_limit = val;
493 retv = 0;
494 break;
495
496 case IPV6_MULTICAST_HOPS:
497 if (sk->sk_type == SOCK_STREAM)
498 break;
499 if (optlen < sizeof(int))
500 goto e_inval;
501 if (val > 255 || val < -1)
502 goto e_inval;
503 np->mcast_hops = (val == -1 ? IPV6_DEFAULT_MCASTHOPS : val);
504 retv = 0;
505 break;
506
507 case IPV6_MULTICAST_LOOP:
508 if (optlen < sizeof(int))
509 goto e_inval;
510 if (val != valbool)
511 goto e_inval;
512 np->mc_loop = valbool;
513 retv = 0;
514 break;
515
516 case IPV6_UNICAST_IF:
517 {
518 struct net_device *dev = NULL;
519 int ifindex;
520
521 if (optlen != sizeof(int))
522 goto e_inval;
523
524 ifindex = (__force int)ntohl((__force __be32)val);
525 if (ifindex == 0) {
526 np->ucast_oif = 0;
527 retv = 0;
528 break;
529 }
530
531 dev = dev_get_by_index(net, ifindex);
532 retv = -EADDRNOTAVAIL;
533 if (!dev)
534 break;
535 dev_put(dev);
536
537 retv = -EINVAL;
538 if (sk->sk_bound_dev_if)
539 break;
540
541 np->ucast_oif = ifindex;
542 retv = 0;
543 break;
544 }
545
546 case IPV6_MULTICAST_IF:
547 if (sk->sk_type == SOCK_STREAM)
548 break;
549 if (optlen < sizeof(int))
550 goto e_inval;
551
552 if (val) {
553 struct net_device *dev;
554
555 if (sk->sk_bound_dev_if && sk->sk_bound_dev_if != val)
556 goto e_inval;
557
558 dev = dev_get_by_index(net, val);
559 if (!dev) {
560 retv = -ENODEV;
561 break;
562 }
563 dev_put(dev);
564 }
565 np->mcast_oif = val;
566 retv = 0;
567 break;
568 case IPV6_ADD_MEMBERSHIP:
569 case IPV6_DROP_MEMBERSHIP:
570 {
571 struct ipv6_mreq mreq;
572
573 if (optlen < sizeof(struct ipv6_mreq))
574 goto e_inval;
575
576 retv = -EPROTO;
577 if (inet_sk(sk)->is_icsk)
578 break;
579
580 retv = -EFAULT;
581 if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq)))
582 break;
583
584 if (optname == IPV6_ADD_MEMBERSHIP)
585 retv = ipv6_sock_mc_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr);
586 else
587 retv = ipv6_sock_mc_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr);
588 break;
589 }
590 case IPV6_JOIN_ANYCAST:
591 case IPV6_LEAVE_ANYCAST:
592 {
593 struct ipv6_mreq mreq;
594
595 if (optlen < sizeof(struct ipv6_mreq))
596 goto e_inval;
597
598 retv = -EFAULT;
599 if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq)))
600 break;
601
602 if (optname == IPV6_JOIN_ANYCAST)
603 retv = ipv6_sock_ac_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr);
604 else
605 retv = ipv6_sock_ac_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr);
606 break;
607 }
608 case MCAST_JOIN_GROUP:
609 case MCAST_LEAVE_GROUP:
610 {
611 struct group_req greq;
612 struct sockaddr_in6 *psin6;
613
614 if (optlen < sizeof(struct group_req))
615 goto e_inval;
616
617 retv = -EFAULT;
618 if (copy_from_user(&greq, optval, sizeof(struct group_req)))
619 break;
620 if (greq.gr_group.ss_family != AF_INET6) {
621 retv = -EADDRNOTAVAIL;
622 break;
623 }
624 psin6 = (struct sockaddr_in6 *)&greq.gr_group;
625 if (optname == MCAST_JOIN_GROUP)
626 retv = ipv6_sock_mc_join(sk, greq.gr_interface,
627 &psin6->sin6_addr);
628 else
629 retv = ipv6_sock_mc_drop(sk, greq.gr_interface,
630 &psin6->sin6_addr);
631 break;
632 }
633 case MCAST_JOIN_SOURCE_GROUP:
634 case MCAST_LEAVE_SOURCE_GROUP:
635 case MCAST_BLOCK_SOURCE:
636 case MCAST_UNBLOCK_SOURCE:
637 {
638 struct group_source_req greqs;
639 int omode, add;
640
641 if (optlen < sizeof(struct group_source_req))
642 goto e_inval;
643 if (copy_from_user(&greqs, optval, sizeof(greqs))) {
644 retv = -EFAULT;
645 break;
646 }
647 if (greqs.gsr_group.ss_family != AF_INET6 ||
648 greqs.gsr_source.ss_family != AF_INET6) {
649 retv = -EADDRNOTAVAIL;
650 break;
651 }
652 if (optname == MCAST_BLOCK_SOURCE) {
653 omode = MCAST_EXCLUDE;
654 add = 1;
655 } else if (optname == MCAST_UNBLOCK_SOURCE) {
656 omode = MCAST_EXCLUDE;
657 add = 0;
658 } else if (optname == MCAST_JOIN_SOURCE_GROUP) {
659 struct sockaddr_in6 *psin6;
660
661 psin6 = (struct sockaddr_in6 *)&greqs.gsr_group;
662 retv = ipv6_sock_mc_join(sk, greqs.gsr_interface,
663 &psin6->sin6_addr);
664 /* prior join w/ different source is ok */
665 if (retv && retv != -EADDRINUSE)
666 break;
667 omode = MCAST_INCLUDE;
668 add = 1;
669 } else /* MCAST_LEAVE_SOURCE_GROUP */ {
670 omode = MCAST_INCLUDE;
671 add = 0;
672 }
673 retv = ip6_mc_source(add, omode, sk, &greqs);
674 break;
675 }
676 case MCAST_MSFILTER:
677 {
678 struct group_filter *gsf;
679
680 if (optlen < GROUP_FILTER_SIZE(0))
681 goto e_inval;
682 if (optlen > sysctl_optmem_max) {
683 retv = -ENOBUFS;
684 break;
685 }
686 gsf = kmalloc(optlen, GFP_KERNEL);
687 if (!gsf) {
688 retv = -ENOBUFS;
689 break;
690 }
691 retv = -EFAULT;
692 if (copy_from_user(gsf, optval, optlen)) {
693 kfree(gsf);
694 break;
695 }
696 /* numsrc >= (4G-140)/128 overflow in 32 bits */
697 if (gsf->gf_numsrc >= 0x1ffffffU ||
698 gsf->gf_numsrc > sysctl_mld_max_msf) {
699 kfree(gsf);
700 retv = -ENOBUFS;
701 break;
702 }
703 if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) {
704 kfree(gsf);
705 retv = -EINVAL;
706 break;
707 }
708 retv = ip6_mc_msfilter(sk, gsf);
709 kfree(gsf);
710
711 break;
712 }
713 case IPV6_ROUTER_ALERT:
714 if (optlen < sizeof(int))
715 goto e_inval;
716 retv = ip6_ra_control(sk, val);
717 break;
718 case IPV6_MTU_DISCOVER:
719 if (optlen < sizeof(int))
720 goto e_inval;
721 if (val < IPV6_PMTUDISC_DONT || val > IPV6_PMTUDISC_OMIT)
722 goto e_inval;
723 np->pmtudisc = val;
724 retv = 0;
725 break;
726 case IPV6_MTU:
727 if (optlen < sizeof(int))
728 goto e_inval;
729 if (val && val < IPV6_MIN_MTU)
730 goto e_inval;
731 np->frag_size = val;
732 retv = 0;
733 break;
734 case IPV6_RECVERR:
735 if (optlen < sizeof(int))
736 goto e_inval;
737 np->recverr = valbool;
738 if (!val)
739 skb_queue_purge(&sk->sk_error_queue);
740 retv = 0;
741 break;
742 case IPV6_FLOWINFO_SEND:
743 if (optlen < sizeof(int))
744 goto e_inval;
745 np->sndflow = valbool;
746 retv = 0;
747 break;
748 case IPV6_FLOWLABEL_MGR:
749 retv = ipv6_flowlabel_opt(sk, optval, optlen);
750 break;
751 case IPV6_IPSEC_POLICY:
752 case IPV6_XFRM_POLICY:
753 retv = -EPERM;
754 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
755 break;
756 retv = xfrm_user_policy(sk, optname, optval, optlen);
757 break;
758
759 case IPV6_ADDR_PREFERENCES:
760 {
761 unsigned int pref = 0;
762 unsigned int prefmask = ~0;
763
764 if (optlen < sizeof(int))
765 goto e_inval;
766
767 retv = -EINVAL;
768
769 /* check PUBLIC/TMP/PUBTMP_DEFAULT conflicts */
770 switch (val & (IPV6_PREFER_SRC_PUBLIC|
771 IPV6_PREFER_SRC_TMP|
772 IPV6_PREFER_SRC_PUBTMP_DEFAULT)) {
773 case IPV6_PREFER_SRC_PUBLIC:
774 pref |= IPV6_PREFER_SRC_PUBLIC;
775 break;
776 case IPV6_PREFER_SRC_TMP:
777 pref |= IPV6_PREFER_SRC_TMP;
778 break;
779 case IPV6_PREFER_SRC_PUBTMP_DEFAULT:
780 break;
781 case 0:
782 goto pref_skip_pubtmp;
783 default:
784 goto e_inval;
785 }
786
787 prefmask &= ~(IPV6_PREFER_SRC_PUBLIC|
788 IPV6_PREFER_SRC_TMP);
789 pref_skip_pubtmp:
790
791 /* check HOME/COA conflicts */
792 switch (val & (IPV6_PREFER_SRC_HOME|IPV6_PREFER_SRC_COA)) {
793 case IPV6_PREFER_SRC_HOME:
794 break;
795 case IPV6_PREFER_SRC_COA:
796 pref |= IPV6_PREFER_SRC_COA;
797 case 0:
798 goto pref_skip_coa;
799 default:
800 goto e_inval;
801 }
802
803 prefmask &= ~IPV6_PREFER_SRC_COA;
804 pref_skip_coa:
805
806 /* check CGA/NONCGA conflicts */
807 switch (val & (IPV6_PREFER_SRC_CGA|IPV6_PREFER_SRC_NONCGA)) {
808 case IPV6_PREFER_SRC_CGA:
809 case IPV6_PREFER_SRC_NONCGA:
810 case 0:
811 break;
812 default:
813 goto e_inval;
814 }
815
816 np->srcprefs = (np->srcprefs & prefmask) | pref;
817 retv = 0;
818
819 break;
820 }
821 case IPV6_MINHOPCOUNT:
822 if (optlen < sizeof(int))
823 goto e_inval;
824 if (val < 0 || val > 255)
825 goto e_inval;
826 np->min_hopcount = val;
827 retv = 0;
828 break;
829 case IPV6_DONTFRAG:
830 np->dontfrag = valbool;
831 retv = 0;
832 break;
833 case IPV6_AUTOFLOWLABEL:
834 np->autoflowlabel = valbool;
835 retv = 0;
836 break;
837 }
838
839 release_sock(sk);
840
841 return retv;
842
843 e_inval:
844 release_sock(sk);
845 return -EINVAL;
846 }
847
848 int ipv6_setsockopt(struct sock *sk, int level, int optname,
849 char __user *optval, unsigned int optlen)
850 {
851 int err;
852
853 if (level == SOL_IP && sk->sk_type != SOCK_RAW)
854 return udp_prot.setsockopt(sk, level, optname, optval, optlen);
855
856 if (level != SOL_IPV6)
857 return -ENOPROTOOPT;
858
859 err = do_ipv6_setsockopt(sk, level, optname, optval, optlen);
860 #ifdef CONFIG_NETFILTER
861 /* we need to exclude all possible ENOPROTOOPTs except default case */
862 if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY &&
863 optname != IPV6_XFRM_POLICY) {
864 lock_sock(sk);
865 err = nf_setsockopt(sk, PF_INET6, optname, optval,
866 optlen);
867 release_sock(sk);
868 }
869 #endif
870 return err;
871 }
872 EXPORT_SYMBOL(ipv6_setsockopt);
873
874 #ifdef CONFIG_COMPAT
875 int compat_ipv6_setsockopt(struct sock *sk, int level, int optname,
876 char __user *optval, unsigned int optlen)
877 {
878 int err;
879
880 if (level == SOL_IP && sk->sk_type != SOCK_RAW) {
881 if (udp_prot.compat_setsockopt != NULL)
882 return udp_prot.compat_setsockopt(sk, level, optname,
883 optval, optlen);
884 return udp_prot.setsockopt(sk, level, optname, optval, optlen);
885 }
886
887 if (level != SOL_IPV6)
888 return -ENOPROTOOPT;
889
890 if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER)
891 return compat_mc_setsockopt(sk, level, optname, optval, optlen,
892 ipv6_setsockopt);
893
894 err = do_ipv6_setsockopt(sk, level, optname, optval, optlen);
895 #ifdef CONFIG_NETFILTER
896 /* we need to exclude all possible ENOPROTOOPTs except default case */
897 if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY &&
898 optname != IPV6_XFRM_POLICY) {
899 lock_sock(sk);
900 err = compat_nf_setsockopt(sk, PF_INET6, optname,
901 optval, optlen);
902 release_sock(sk);
903 }
904 #endif
905 return err;
906 }
907 EXPORT_SYMBOL(compat_ipv6_setsockopt);
908 #endif
909
910 static int ipv6_getsockopt_sticky(struct sock *sk, struct ipv6_txoptions *opt,
911 int optname, char __user *optval, int len)
912 {
913 struct ipv6_opt_hdr *hdr;
914
915 if (!opt)
916 return 0;
917
918 switch (optname) {
919 case IPV6_HOPOPTS:
920 hdr = opt->hopopt;
921 break;
922 case IPV6_RTHDRDSTOPTS:
923 hdr = opt->dst0opt;
924 break;
925 case IPV6_RTHDR:
926 hdr = (struct ipv6_opt_hdr *)opt->srcrt;
927 break;
928 case IPV6_DSTOPTS:
929 hdr = opt->dst1opt;
930 break;
931 default:
932 return -EINVAL; /* should not happen */
933 }
934
935 if (!hdr)
936 return 0;
937
938 len = min_t(unsigned int, len, ipv6_optlen(hdr));
939 if (copy_to_user(optval, hdr, len))
940 return -EFAULT;
941 return len;
942 }
943
944 static int do_ipv6_getsockopt(struct sock *sk, int level, int optname,
945 char __user *optval, int __user *optlen, unsigned int flags)
946 {
947 struct ipv6_pinfo *np = inet6_sk(sk);
948 int len;
949 int val;
950
951 if (ip6_mroute_opt(optname))
952 return ip6_mroute_getsockopt(sk, optname, optval, optlen);
953
954 if (get_user(len, optlen))
955 return -EFAULT;
956 switch (optname) {
957 case IPV6_ADDRFORM:
958 if (sk->sk_protocol != IPPROTO_UDP &&
959 sk->sk_protocol != IPPROTO_UDPLITE &&
960 sk->sk_protocol != IPPROTO_TCP)
961 return -ENOPROTOOPT;
962 if (sk->sk_state != TCP_ESTABLISHED)
963 return -ENOTCONN;
964 val = sk->sk_family;
965 break;
966 case MCAST_MSFILTER:
967 {
968 struct group_filter gsf;
969 int err;
970
971 if (len < GROUP_FILTER_SIZE(0))
972 return -EINVAL;
973 if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0)))
974 return -EFAULT;
975 if (gsf.gf_group.ss_family != AF_INET6)
976 return -EADDRNOTAVAIL;
977 lock_sock(sk);
978 err = ip6_mc_msfget(sk, &gsf,
979 (struct group_filter __user *)optval, optlen);
980 release_sock(sk);
981 return err;
982 }
983
984 case IPV6_2292PKTOPTIONS:
985 {
986 struct msghdr msg;
987 struct sk_buff *skb;
988
989 if (sk->sk_type != SOCK_STREAM)
990 return -ENOPROTOOPT;
991
992 msg.msg_control = optval;
993 msg.msg_controllen = len;
994 msg.msg_flags = flags;
995
996 lock_sock(sk);
997 skb = np->pktoptions;
998 if (skb)
999 atomic_inc(&skb->users);
1000 release_sock(sk);
1001
1002 if (skb) {
1003 ip6_datagram_recv_ctl(sk, &msg, skb);
1004 kfree_skb(skb);
1005 } else {
1006 if (np->rxopt.bits.rxinfo) {
1007 struct in6_pktinfo src_info;
1008 src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif :
1009 np->sticky_pktinfo.ipi6_ifindex;
1010 src_info.ipi6_addr = np->mcast_oif ? sk->sk_v6_daddr : np->sticky_pktinfo.ipi6_addr;
1011 put_cmsg(&msg, SOL_IPV6, IPV6_PKTINFO, sizeof(src_info), &src_info);
1012 }
1013 if (np->rxopt.bits.rxhlim) {
1014 int hlim = np->mcast_hops;
1015 put_cmsg(&msg, SOL_IPV6, IPV6_HOPLIMIT, sizeof(hlim), &hlim);
1016 }
1017 if (np->rxopt.bits.rxtclass) {
1018 int tclass = (int)ip6_tclass(np->rcv_flowinfo);
1019
1020 put_cmsg(&msg, SOL_IPV6, IPV6_TCLASS, sizeof(tclass), &tclass);
1021 }
1022 if (np->rxopt.bits.rxoinfo) {
1023 struct in6_pktinfo src_info;
1024 src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif :
1025 np->sticky_pktinfo.ipi6_ifindex;
1026 src_info.ipi6_addr = np->mcast_oif ? sk->sk_v6_daddr :
1027 np->sticky_pktinfo.ipi6_addr;
1028 put_cmsg(&msg, SOL_IPV6, IPV6_2292PKTINFO, sizeof(src_info), &src_info);
1029 }
1030 if (np->rxopt.bits.rxohlim) {
1031 int hlim = np->mcast_hops;
1032 put_cmsg(&msg, SOL_IPV6, IPV6_2292HOPLIMIT, sizeof(hlim), &hlim);
1033 }
1034 if (np->rxopt.bits.rxflow) {
1035 __be32 flowinfo = np->rcv_flowinfo;
1036
1037 put_cmsg(&msg, SOL_IPV6, IPV6_FLOWINFO, sizeof(flowinfo), &flowinfo);
1038 }
1039 }
1040 len -= msg.msg_controllen;
1041 return put_user(len, optlen);
1042 }
1043 case IPV6_MTU:
1044 {
1045 struct dst_entry *dst;
1046
1047 val = 0;
1048 rcu_read_lock();
1049 dst = __sk_dst_get(sk);
1050 if (dst)
1051 val = dst_mtu(dst);
1052 rcu_read_unlock();
1053 if (!val)
1054 return -ENOTCONN;
1055 break;
1056 }
1057
1058 case IPV6_V6ONLY:
1059 val = sk->sk_ipv6only;
1060 break;
1061
1062 case IPV6_RECVPKTINFO:
1063 val = np->rxopt.bits.rxinfo;
1064 break;
1065
1066 case IPV6_2292PKTINFO:
1067 val = np->rxopt.bits.rxoinfo;
1068 break;
1069
1070 case IPV6_RECVHOPLIMIT:
1071 val = np->rxopt.bits.rxhlim;
1072 break;
1073
1074 case IPV6_2292HOPLIMIT:
1075 val = np->rxopt.bits.rxohlim;
1076 break;
1077
1078 case IPV6_RECVRTHDR:
1079 val = np->rxopt.bits.srcrt;
1080 break;
1081
1082 case IPV6_2292RTHDR:
1083 val = np->rxopt.bits.osrcrt;
1084 break;
1085
1086 case IPV6_HOPOPTS:
1087 case IPV6_RTHDRDSTOPTS:
1088 case IPV6_RTHDR:
1089 case IPV6_DSTOPTS:
1090 {
1091
1092 lock_sock(sk);
1093 len = ipv6_getsockopt_sticky(sk, np->opt,
1094 optname, optval, len);
1095 release_sock(sk);
1096 /* check if ipv6_getsockopt_sticky() returns err code */
1097 if (len < 0)
1098 return len;
1099 return put_user(len, optlen);
1100 }
1101
1102 case IPV6_RECVHOPOPTS:
1103 val = np->rxopt.bits.hopopts;
1104 break;
1105
1106 case IPV6_2292HOPOPTS:
1107 val = np->rxopt.bits.ohopopts;
1108 break;
1109
1110 case IPV6_RECVDSTOPTS:
1111 val = np->rxopt.bits.dstopts;
1112 break;
1113
1114 case IPV6_2292DSTOPTS:
1115 val = np->rxopt.bits.odstopts;
1116 break;
1117
1118 case IPV6_TCLASS:
1119 val = np->tclass;
1120 break;
1121
1122 case IPV6_RECVTCLASS:
1123 val = np->rxopt.bits.rxtclass;
1124 break;
1125
1126 case IPV6_FLOWINFO:
1127 val = np->rxopt.bits.rxflow;
1128 break;
1129
1130 case IPV6_RECVPATHMTU:
1131 val = np->rxopt.bits.rxpmtu;
1132 break;
1133
1134 case IPV6_PATHMTU:
1135 {
1136 struct dst_entry *dst;
1137 struct ip6_mtuinfo mtuinfo;
1138
1139 if (len < sizeof(mtuinfo))
1140 return -EINVAL;
1141
1142 len = sizeof(mtuinfo);
1143 memset(&mtuinfo, 0, sizeof(mtuinfo));
1144
1145 rcu_read_lock();
1146 dst = __sk_dst_get(sk);
1147 if (dst)
1148 mtuinfo.ip6m_mtu = dst_mtu(dst);
1149 rcu_read_unlock();
1150 if (!mtuinfo.ip6m_mtu)
1151 return -ENOTCONN;
1152
1153 if (put_user(len, optlen))
1154 return -EFAULT;
1155 if (copy_to_user(optval, &mtuinfo, len))
1156 return -EFAULT;
1157
1158 return 0;
1159 }
1160
1161 case IPV6_TRANSPARENT:
1162 val = inet_sk(sk)->transparent;
1163 break;
1164
1165 case IPV6_RECVORIGDSTADDR:
1166 val = np->rxopt.bits.rxorigdstaddr;
1167 break;
1168
1169 case IPV6_UNICAST_HOPS:
1170 case IPV6_MULTICAST_HOPS:
1171 {
1172 struct dst_entry *dst;
1173
1174 if (optname == IPV6_UNICAST_HOPS)
1175 val = np->hop_limit;
1176 else
1177 val = np->mcast_hops;
1178
1179 if (val < 0) {
1180 rcu_read_lock();
1181 dst = __sk_dst_get(sk);
1182 if (dst)
1183 val = ip6_dst_hoplimit(dst);
1184 rcu_read_unlock();
1185 }
1186
1187 if (val < 0)
1188 val = sock_net(sk)->ipv6.devconf_all->hop_limit;
1189 break;
1190 }
1191
1192 case IPV6_MULTICAST_LOOP:
1193 val = np->mc_loop;
1194 break;
1195
1196 case IPV6_MULTICAST_IF:
1197 val = np->mcast_oif;
1198 break;
1199
1200 case IPV6_UNICAST_IF:
1201 val = (__force int)htonl((__u32) np->ucast_oif);
1202 break;
1203
1204 case IPV6_MTU_DISCOVER:
1205 val = np->pmtudisc;
1206 break;
1207
1208 case IPV6_RECVERR:
1209 val = np->recverr;
1210 break;
1211
1212 case IPV6_FLOWINFO_SEND:
1213 val = np->sndflow;
1214 break;
1215
1216 case IPV6_FLOWLABEL_MGR:
1217 {
1218 struct in6_flowlabel_req freq;
1219 int flags;
1220
1221 if (len < sizeof(freq))
1222 return -EINVAL;
1223
1224 if (copy_from_user(&freq, optval, sizeof(freq)))
1225 return -EFAULT;
1226
1227 if (freq.flr_action != IPV6_FL_A_GET)
1228 return -EINVAL;
1229
1230 len = sizeof(freq);
1231 flags = freq.flr_flags;
1232
1233 memset(&freq, 0, sizeof(freq));
1234
1235 val = ipv6_flowlabel_opt_get(sk, &freq, flags);
1236 if (val < 0)
1237 return val;
1238
1239 if (put_user(len, optlen))
1240 return -EFAULT;
1241 if (copy_to_user(optval, &freq, len))
1242 return -EFAULT;
1243
1244 return 0;
1245 }
1246
1247 case IPV6_ADDR_PREFERENCES:
1248 val = 0;
1249
1250 if (np->srcprefs & IPV6_PREFER_SRC_TMP)
1251 val |= IPV6_PREFER_SRC_TMP;
1252 else if (np->srcprefs & IPV6_PREFER_SRC_PUBLIC)
1253 val |= IPV6_PREFER_SRC_PUBLIC;
1254 else {
1255 /* XXX: should we return system default? */
1256 val |= IPV6_PREFER_SRC_PUBTMP_DEFAULT;
1257 }
1258
1259 if (np->srcprefs & IPV6_PREFER_SRC_COA)
1260 val |= IPV6_PREFER_SRC_COA;
1261 else
1262 val |= IPV6_PREFER_SRC_HOME;
1263 break;
1264
1265 case IPV6_MINHOPCOUNT:
1266 val = np->min_hopcount;
1267 break;
1268
1269 case IPV6_DONTFRAG:
1270 val = np->dontfrag;
1271 break;
1272
1273 case IPV6_AUTOFLOWLABEL:
1274 val = np->autoflowlabel;
1275 break;
1276
1277 default:
1278 return -ENOPROTOOPT;
1279 }
1280 len = min_t(unsigned int, sizeof(int), len);
1281 if (put_user(len, optlen))
1282 return -EFAULT;
1283 if (copy_to_user(optval, &val, len))
1284 return -EFAULT;
1285 return 0;
1286 }
1287
1288 int ipv6_getsockopt(struct sock *sk, int level, int optname,
1289 char __user *optval, int __user *optlen)
1290 {
1291 int err;
1292
1293 if (level == SOL_IP && sk->sk_type != SOCK_RAW)
1294 return udp_prot.getsockopt(sk, level, optname, optval, optlen);
1295
1296 if (level != SOL_IPV6)
1297 return -ENOPROTOOPT;
1298
1299 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen, 0);
1300 #ifdef CONFIG_NETFILTER
1301 /* we need to exclude all possible ENOPROTOOPTs except default case */
1302 if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) {
1303 int len;
1304
1305 if (get_user(len, optlen))
1306 return -EFAULT;
1307
1308 lock_sock(sk);
1309 err = nf_getsockopt(sk, PF_INET6, optname, optval,
1310 &len);
1311 release_sock(sk);
1312 if (err >= 0)
1313 err = put_user(len, optlen);
1314 }
1315 #endif
1316 return err;
1317 }
1318 EXPORT_SYMBOL(ipv6_getsockopt);
1319
1320 #ifdef CONFIG_COMPAT
1321 int compat_ipv6_getsockopt(struct sock *sk, int level, int optname,
1322 char __user *optval, int __user *optlen)
1323 {
1324 int err;
1325
1326 if (level == SOL_IP && sk->sk_type != SOCK_RAW) {
1327 if (udp_prot.compat_getsockopt != NULL)
1328 return udp_prot.compat_getsockopt(sk, level, optname,
1329 optval, optlen);
1330 return udp_prot.getsockopt(sk, level, optname, optval, optlen);
1331 }
1332
1333 if (level != SOL_IPV6)
1334 return -ENOPROTOOPT;
1335
1336 if (optname == MCAST_MSFILTER)
1337 return compat_mc_getsockopt(sk, level, optname, optval, optlen,
1338 ipv6_getsockopt);
1339
1340 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen,
1341 MSG_CMSG_COMPAT);
1342 #ifdef CONFIG_NETFILTER
1343 /* we need to exclude all possible ENOPROTOOPTs except default case */
1344 if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) {
1345 int len;
1346
1347 if (get_user(len, optlen))
1348 return -EFAULT;
1349
1350 lock_sock(sk);
1351 err = compat_nf_getsockopt(sk, PF_INET6,
1352 optname, optval, &len);
1353 release_sock(sk);
1354 if (err >= 0)
1355 err = put_user(len, optlen);
1356 }
1357 #endif
1358 return err;
1359 }
1360 EXPORT_SYMBOL(compat_ipv6_getsockopt);
1361 #endif
1362
This page took 0.072025 seconds and 5 git commands to generate.