1 /* 2 * RAW sockets for IPv6 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * Adapted from linux/net/ipv4/raw.c 9 * 10 * $Id: raw.c,v 1.51 2002/02/01 22:01:04 davem Exp $ 11 * 12 * Fixes: 13 * Hideaki YOSHIFUJI : sin6_scope_id support 14 * YOSHIFUJI,H.@USAGI : raw checksum (RFC2292(bis) compliance) 15 * Kazunori MIYAZAWA @USAGI: change process style to use ip6_append_data 16 * 17 * This program is free software; you can redistribute it and/or 18 * modify it under the terms of the GNU General Public License 19 * as published by the Free Software Foundation; either version 20 * 2 of the License, or (at your option) any later version. 21 */ 22 23 #include <linux/errno.h> 24 #include <linux/types.h> 25 #include <linux/socket.h> 26 #include <linux/sockios.h> 27 #include <linux/net.h> 28 #include <linux/in6.h> 29 #include <linux/netdevice.h> 30 #include <linux/if_arp.h> 31 #include <linux/icmpv6.h> 32 #include <linux/netfilter.h> 33 #include <linux/netfilter_ipv6.h> 34 #include <linux/skbuff.h> 35 #include <asm/uaccess.h> 36 #include <asm/ioctls.h> 37 38 #include <net/ip.h> 39 #include <net/sock.h> 40 #include <net/snmp.h> 41 42 #include <net/ipv6.h> 43 #include <net/ndisc.h> 44 #include <net/protocol.h> 45 #include <net/ip6_route.h> 46 #include <net/ip6_checksum.h> 47 #include <net/addrconf.h> 48 #include <net/transp_v6.h> 49 #include <net/udp.h> 50 #include <net/inet_common.h> 51 #include <net/tcp_states.h> 52 #ifdef CONFIG_IPV6_MIP6 53 #include <net/mip6.h> 54 #endif 55 56 #include <net/rawv6.h> 57 #include <net/xfrm.h> 58 59 #include <linux/proc_fs.h> 60 #include <linux/seq_file.h> 61 62 struct hlist_head raw_v6_htable[RAWV6_HTABLE_SIZE]; 63 DEFINE_RWLOCK(raw_v6_lock); 64 65 static void raw_v6_hash(struct sock *sk) 66 { 67 struct hlist_head *list = &raw_v6_htable[inet_sk(sk)->num & 68 (RAWV6_HTABLE_SIZE - 1)]; 69 70 write_lock_bh(&raw_v6_lock); 71 sk_add_node(sk, list); 72 sock_prot_inc_use(sk->sk_prot); 73 write_unlock_bh(&raw_v6_lock); 74 } 75 76 static void raw_v6_unhash(struct sock *sk) 77 { 78 write_lock_bh(&raw_v6_lock); 79 if (sk_del_node_init(sk)) 80 sock_prot_dec_use(sk->sk_prot); 81 write_unlock_bh(&raw_v6_lock); 82 } 83 84 85 /* Grumble... icmp and ip_input want to get at this... */ 86 struct sock *__raw_v6_lookup(struct sock *sk, unsigned short num, 87 struct in6_addr *loc_addr, struct in6_addr *rmt_addr, 88 int dif) 89 { 90 struct hlist_node *node; 91 int is_multicast = ipv6_addr_is_multicast(loc_addr); 92 93 sk_for_each_from(sk, node) 94 if (inet_sk(sk)->num == num) { 95 struct ipv6_pinfo *np = inet6_sk(sk); 96 97 if (!ipv6_addr_any(&np->daddr) && 98 !ipv6_addr_equal(&np->daddr, rmt_addr)) 99 continue; 100 101 if (sk->sk_bound_dev_if && sk->sk_bound_dev_if != dif) 102 continue; 103 104 if (!ipv6_addr_any(&np->rcv_saddr)) { 105 if (ipv6_addr_equal(&np->rcv_saddr, loc_addr)) 106 goto found; 107 if (is_multicast && 108 inet6_mc_check(sk, loc_addr, rmt_addr)) 109 goto found; 110 continue; 111 } 112 goto found; 113 } 114 sk = NULL; 115 found: 116 return sk; 117 } 118 119 /* 120 * 0 - deliver 121 * 1 - block 122 */ 123 static __inline__ int icmpv6_filter(struct sock *sk, struct sk_buff *skb) 124 { 125 struct icmp6hdr *icmph; 126 struct raw6_sock *rp = raw6_sk(sk); 127 128 if (pskb_may_pull(skb, sizeof(struct icmp6hdr))) { 129 __u32 *data = &rp->filter.data[0]; 130 int bit_nr; 131 132 icmph = (struct icmp6hdr *) skb->data; 133 bit_nr = icmph->icmp6_type; 134 135 return (data[bit_nr >> 5] & (1 << (bit_nr & 31))) != 0; 136 } 137 return 0; 138 } 139 140 /* 141 * demultiplex raw sockets. 142 * (should consider queueing the skb in the sock receive_queue 143 * without calling rawv6.c) 144 * 145 * Caller owns SKB so we must make clones. 146 */ 147 int ipv6_raw_deliver(struct sk_buff *skb, int nexthdr) 148 { 149 struct in6_addr *saddr; 150 struct in6_addr *daddr; 151 struct sock *sk; 152 int delivered = 0; 153 __u8 hash; 154 155 saddr = &ipv6_hdr(skb)->saddr; 156 daddr = saddr + 1; 157 158 hash = nexthdr & (MAX_INET_PROTOS - 1); 159 160 read_lock(&raw_v6_lock); 161 sk = sk_head(&raw_v6_htable[hash]); 162 163 /* 164 * The first socket found will be delivered after 165 * delivery to transport protocols. 166 */ 167 168 if (sk == NULL) 169 goto out; 170 171 sk = __raw_v6_lookup(sk, nexthdr, daddr, saddr, IP6CB(skb)->iif); 172 173 while (sk) { 174 int filtered; 175 176 delivered = 1; 177 switch (nexthdr) { 178 case IPPROTO_ICMPV6: 179 filtered = icmpv6_filter(sk, skb); 180 break; 181 #ifdef CONFIG_IPV6_MIP6 182 case IPPROTO_MH: 183 /* XXX: To validate MH only once for each packet, 184 * this is placed here. It should be after checking 185 * xfrm policy, however it doesn't. The checking xfrm 186 * policy is placed in rawv6_rcv() because it is 187 * required for each socket. 188 */ 189 filtered = mip6_mh_filter(sk, skb); 190 break; 191 #endif 192 default: 193 filtered = 0; 194 break; 195 } 196 197 if (filtered < 0) 198 break; 199 if (filtered == 0) { 200 struct sk_buff *clone = skb_clone(skb, GFP_ATOMIC); 201 202 /* Not releasing hash table! */ 203 if (clone) { 204 nf_reset(clone); 205 rawv6_rcv(sk, clone); 206 } 207 } 208 sk = __raw_v6_lookup(sk_next(sk), nexthdr, daddr, saddr, 209 IP6CB(skb)->iif); 210 } 211 out: 212 read_unlock(&raw_v6_lock); 213 return delivered; 214 } 215 216 /* This cleans up af_inet6 a bit. -DaveM */ 217 static int rawv6_bind(struct sock *sk, struct sockaddr *uaddr, int addr_len) 218 { 219 struct inet_sock *inet = inet_sk(sk); 220 struct ipv6_pinfo *np = inet6_sk(sk); 221 struct sockaddr_in6 *addr = (struct sockaddr_in6 *) uaddr; 222 __be32 v4addr = 0; 223 int addr_type; 224 int err; 225 226 if (addr_len < SIN6_LEN_RFC2133) 227 return -EINVAL; 228 addr_type = ipv6_addr_type(&addr->sin6_addr); 229 230 /* Raw sockets are IPv6 only */ 231 if (addr_type == IPV6_ADDR_MAPPED) 232 return(-EADDRNOTAVAIL); 233 234 lock_sock(sk); 235 236 err = -EINVAL; 237 if (sk->sk_state != TCP_CLOSE) 238 goto out; 239 240 /* Check if the address belongs to the host. */ 241 if (addr_type != IPV6_ADDR_ANY) { 242 struct net_device *dev = NULL; 243 244 if (addr_type & IPV6_ADDR_LINKLOCAL) { 245 if (addr_len >= sizeof(struct sockaddr_in6) && 246 addr->sin6_scope_id) { 247 /* Override any existing binding, if another 248 * one is supplied by user. 249 */ 250 sk->sk_bound_dev_if = addr->sin6_scope_id; 251 } 252 253 /* Binding to link-local address requires an interface */ 254 if (!sk->sk_bound_dev_if) 255 goto out; 256 257 dev = dev_get_by_index(sk->sk_bound_dev_if); 258 if (!dev) { 259 err = -ENODEV; 260 goto out; 261 } 262 } 263 264 /* ipv4 addr of the socket is invalid. Only the 265 * unspecified and mapped address have a v4 equivalent. 266 */ 267 v4addr = LOOPBACK4_IPV6; 268 if (!(addr_type & IPV6_ADDR_MULTICAST)) { 269 err = -EADDRNOTAVAIL; 270 if (!ipv6_chk_addr(&addr->sin6_addr, dev, 0)) { 271 if (dev) 272 dev_put(dev); 273 goto out; 274 } 275 } 276 if (dev) 277 dev_put(dev); 278 } 279 280 inet->rcv_saddr = inet->saddr = v4addr; 281 ipv6_addr_copy(&np->rcv_saddr, &addr->sin6_addr); 282 if (!(addr_type & IPV6_ADDR_MULTICAST)) 283 ipv6_addr_copy(&np->saddr, &addr->sin6_addr); 284 err = 0; 285 out: 286 release_sock(sk); 287 return err; 288 } 289 290 void rawv6_err(struct sock *sk, struct sk_buff *skb, 291 struct inet6_skb_parm *opt, 292 int type, int code, int offset, __be32 info) 293 { 294 struct inet_sock *inet = inet_sk(sk); 295 struct ipv6_pinfo *np = inet6_sk(sk); 296 int err; 297 int harderr; 298 299 /* Report error on raw socket, if: 300 1. User requested recverr. 301 2. Socket is connected (otherwise the error indication 302 is useless without recverr and error is hard. 303 */ 304 if (!np->recverr && sk->sk_state != TCP_ESTABLISHED) 305 return; 306 307 harderr = icmpv6_err_convert(type, code, &err); 308 if (type == ICMPV6_PKT_TOOBIG) 309 harderr = (np->pmtudisc == IPV6_PMTUDISC_DO); 310 311 if (np->recverr) { 312 u8 *payload = skb->data; 313 if (!inet->hdrincl) 314 payload += offset; 315 ipv6_icmp_error(sk, skb, err, 0, ntohl(info), payload); 316 } 317 318 if (np->recverr || harderr) { 319 sk->sk_err = err; 320 sk->sk_error_report(sk); 321 } 322 } 323 324 static inline int rawv6_rcv_skb(struct sock * sk, struct sk_buff * skb) 325 { 326 if ((raw6_sk(sk)->checksum || sk->sk_filter) && 327 skb_checksum_complete(skb)) { 328 /* FIXME: increment a raw6 drops counter here */ 329 kfree_skb(skb); 330 return 0; 331 } 332 333 /* Charge it to the socket. */ 334 if (sock_queue_rcv_skb(sk,skb)<0) { 335 /* FIXME: increment a raw6 drops counter here */ 336 kfree_skb(skb); 337 return 0; 338 } 339 340 return 0; 341 } 342 343 /* 344 * This is next to useless... 345 * if we demultiplex in network layer we don't need the extra call 346 * just to queue the skb... 347 * maybe we could have the network decide upon a hint if it 348 * should call raw_rcv for demultiplexing 349 */ 350 int rawv6_rcv(struct sock *sk, struct sk_buff *skb) 351 { 352 struct inet_sock *inet = inet_sk(sk); 353 struct raw6_sock *rp = raw6_sk(sk); 354 355 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb)) { 356 kfree_skb(skb); 357 return NET_RX_DROP; 358 } 359 360 if (!rp->checksum) 361 skb->ip_summed = CHECKSUM_UNNECESSARY; 362 363 if (skb->ip_summed == CHECKSUM_COMPLETE) { 364 skb_postpull_rcsum(skb, skb_network_header(skb), 365 skb_network_header_len(skb)); 366 if (!csum_ipv6_magic(&ipv6_hdr(skb)->saddr, 367 &ipv6_hdr(skb)->daddr, 368 skb->len, inet->num, skb->csum)) 369 skb->ip_summed = CHECKSUM_UNNECESSARY; 370 } 371 if (!skb_csum_unnecessary(skb)) 372 skb->csum = ~csum_unfold(csum_ipv6_magic(&ipv6_hdr(skb)->saddr, 373 &ipv6_hdr(skb)->daddr, 374 skb->len, 375 inet->num, 0)); 376 377 if (inet->hdrincl) { 378 if (skb_checksum_complete(skb)) { 379 /* FIXME: increment a raw6 drops counter here */ 380 kfree_skb(skb); 381 return 0; 382 } 383 } 384 385 rawv6_rcv_skb(sk, skb); 386 return 0; 387 } 388 389 390 /* 391 * This should be easy, if there is something there 392 * we return it, otherwise we block. 393 */ 394 395 static int rawv6_recvmsg(struct kiocb *iocb, struct sock *sk, 396 struct msghdr *msg, size_t len, 397 int noblock, int flags, int *addr_len) 398 { 399 struct ipv6_pinfo *np = inet6_sk(sk); 400 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)msg->msg_name; 401 struct sk_buff *skb; 402 size_t copied; 403 int err; 404 405 if (flags & MSG_OOB) 406 return -EOPNOTSUPP; 407 408 if (addr_len) 409 *addr_len=sizeof(*sin6); 410 411 if (flags & MSG_ERRQUEUE) 412 return ipv6_recv_error(sk, msg, len); 413 414 skb = skb_recv_datagram(sk, flags, noblock, &err); 415 if (!skb) 416 goto out; 417 418 copied = skb->len; 419 if (copied > len) { 420 copied = len; 421 msg->msg_flags |= MSG_TRUNC; 422 } 423 424 if (skb_csum_unnecessary(skb)) { 425 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); 426 } else if (msg->msg_flags&MSG_TRUNC) { 427 if (__skb_checksum_complete(skb)) 428 goto csum_copy_err; 429 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); 430 } else { 431 err = skb_copy_and_csum_datagram_iovec(skb, 0, msg->msg_iov); 432 if (err == -EINVAL) 433 goto csum_copy_err; 434 } 435 if (err) 436 goto out_free; 437 438 /* Copy the address. */ 439 if (sin6) { 440 sin6->sin6_family = AF_INET6; 441 sin6->sin6_port = 0; 442 ipv6_addr_copy(&sin6->sin6_addr, &ipv6_hdr(skb)->saddr); 443 sin6->sin6_flowinfo = 0; 444 sin6->sin6_scope_id = 0; 445 if (ipv6_addr_type(&sin6->sin6_addr) & IPV6_ADDR_LINKLOCAL) 446 sin6->sin6_scope_id = IP6CB(skb)->iif; 447 } 448 449 sock_recv_timestamp(msg, sk, skb); 450 451 if (np->rxopt.all) 452 datagram_recv_ctl(sk, msg, skb); 453 454 err = copied; 455 if (flags & MSG_TRUNC) 456 err = skb->len; 457 458 out_free: 459 skb_free_datagram(sk, skb); 460 out: 461 return err; 462 463 csum_copy_err: 464 skb_kill_datagram(sk, skb, flags); 465 466 /* Error for blocking case is chosen to masquerade 467 as some normal condition. 468 */ 469 err = (flags&MSG_DONTWAIT) ? -EAGAIN : -EHOSTUNREACH; 470 /* FIXME: increment a raw6 drops counter here */ 471 goto out; 472 } 473 474 static int rawv6_push_pending_frames(struct sock *sk, struct flowi *fl, 475 struct raw6_sock *rp) 476 { 477 struct sk_buff *skb; 478 int err = 0; 479 int offset; 480 int len; 481 int total_len; 482 __wsum tmp_csum; 483 __sum16 csum; 484 485 if (!rp->checksum) 486 goto send; 487 488 if ((skb = skb_peek(&sk->sk_write_queue)) == NULL) 489 goto out; 490 491 offset = rp->offset; 492 total_len = inet_sk(sk)->cork.length - (skb_network_header(skb) - 493 skb->data); 494 if (offset >= total_len - 1) { 495 err = -EINVAL; 496 ip6_flush_pending_frames(sk); 497 goto out; 498 } 499 500 /* should be check HW csum miyazawa */ 501 if (skb_queue_len(&sk->sk_write_queue) == 1) { 502 /* 503 * Only one fragment on the socket. 504 */ 505 tmp_csum = skb->csum; 506 } else { 507 struct sk_buff *csum_skb = NULL; 508 tmp_csum = 0; 509 510 skb_queue_walk(&sk->sk_write_queue, skb) { 511 tmp_csum = csum_add(tmp_csum, skb->csum); 512 513 if (csum_skb) 514 continue; 515 516 len = skb->len - skb_transport_offset(skb); 517 if (offset >= len) { 518 offset -= len; 519 continue; 520 } 521 522 csum_skb = skb; 523 } 524 525 skb = csum_skb; 526 } 527 528 offset += skb_transport_offset(skb); 529 if (skb_copy_bits(skb, offset, &csum, 2)) 530 BUG(); 531 532 /* in case cksum was not initialized */ 533 if (unlikely(csum)) 534 tmp_csum = csum_sub(tmp_csum, csum_unfold(csum)); 535 536 csum = csum_ipv6_magic(&fl->fl6_src, 537 &fl->fl6_dst, 538 total_len, fl->proto, tmp_csum); 539 540 if (csum == 0 && fl->proto == IPPROTO_UDP) 541 csum = CSUM_MANGLED_0; 542 543 if (skb_store_bits(skb, offset, &csum, 2)) 544 BUG(); 545 546 send: 547 err = ip6_push_pending_frames(sk); 548 out: 549 return err; 550 } 551 552 static int rawv6_send_hdrinc(struct sock *sk, void *from, int length, 553 struct flowi *fl, struct rt6_info *rt, 554 unsigned int flags) 555 { 556 struct ipv6_pinfo *np = inet6_sk(sk); 557 struct ipv6hdr *iph; 558 struct sk_buff *skb; 559 unsigned int hh_len; 560 int err; 561 562 if (length > rt->u.dst.dev->mtu) { 563 ipv6_local_error(sk, EMSGSIZE, fl, rt->u.dst.dev->mtu); 564 return -EMSGSIZE; 565 } 566 if (flags&MSG_PROBE) 567 goto out; 568 569 hh_len = LL_RESERVED_SPACE(rt->u.dst.dev); 570 571 skb = sock_alloc_send_skb(sk, length+hh_len+15, 572 flags&MSG_DONTWAIT, &err); 573 if (skb == NULL) 574 goto error; 575 skb_reserve(skb, hh_len); 576 577 skb->priority = sk->sk_priority; 578 skb->dst = dst_clone(&rt->u.dst); 579 580 skb_put(skb, length); 581 skb_reset_network_header(skb); 582 iph = ipv6_hdr(skb); 583 584 skb->ip_summed = CHECKSUM_NONE; 585 586 skb->transport_header = skb->network_header; 587 err = memcpy_fromiovecend((void *)iph, from, 0, length); 588 if (err) 589 goto error_fault; 590 591 IP6_INC_STATS(rt->rt6i_idev, IPSTATS_MIB_OUTREQUESTS); 592 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, rt->u.dst.dev, 593 dst_output); 594 if (err > 0) 595 err = np->recverr ? net_xmit_errno(err) : 0; 596 if (err) 597 goto error; 598 out: 599 return 0; 600 601 error_fault: 602 err = -EFAULT; 603 kfree_skb(skb); 604 error: 605 IP6_INC_STATS(rt->rt6i_idev, IPSTATS_MIB_OUTDISCARDS); 606 return err; 607 } 608 609 static int rawv6_probe_proto_opt(struct flowi *fl, struct msghdr *msg) 610 { 611 struct iovec *iov; 612 u8 __user *type = NULL; 613 u8 __user *code = NULL; 614 #ifdef CONFIG_IPV6_MIP6 615 u8 len = 0; 616 #endif 617 int probed = 0; 618 int i; 619 620 if (!msg->msg_iov) 621 return 0; 622 623 for (i = 0; i < msg->msg_iovlen; i++) { 624 iov = &msg->msg_iov[i]; 625 if (!iov) 626 continue; 627 628 switch (fl->proto) { 629 case IPPROTO_ICMPV6: 630 /* check if one-byte field is readable or not. */ 631 if (iov->iov_base && iov->iov_len < 1) 632 break; 633 634 if (!type) { 635 type = iov->iov_base; 636 /* check if code field is readable or not. */ 637 if (iov->iov_len > 1) 638 code = type + 1; 639 } else if (!code) 640 code = iov->iov_base; 641 642 if (type && code) { 643 if (get_user(fl->fl_icmp_type, type) || 644 get_user(fl->fl_icmp_code, code)) 645 return -EFAULT; 646 probed = 1; 647 } 648 break; 649 #ifdef CONFIG_IPV6_MIP6 650 case IPPROTO_MH: 651 if (iov->iov_base && iov->iov_len < 1) 652 break; 653 /* check if type field is readable or not. */ 654 if (iov->iov_len > 2 - len) { 655 u8 __user *p = iov->iov_base; 656 if (get_user(fl->fl_mh_type, &p[2 - len])) 657 return -EFAULT; 658 probed = 1; 659 } else 660 len += iov->iov_len; 661 662 break; 663 #endif 664 default: 665 probed = 1; 666 break; 667 } 668 if (probed) 669 break; 670 } 671 return 0; 672 } 673 674 static int rawv6_sendmsg(struct kiocb *iocb, struct sock *sk, 675 struct msghdr *msg, size_t len) 676 { 677 struct ipv6_txoptions opt_space; 678 struct sockaddr_in6 * sin6 = (struct sockaddr_in6 *) msg->msg_name; 679 struct in6_addr *daddr, *final_p = NULL, final; 680 struct inet_sock *inet = inet_sk(sk); 681 struct ipv6_pinfo *np = inet6_sk(sk); 682 struct raw6_sock *rp = raw6_sk(sk); 683 struct ipv6_txoptions *opt = NULL; 684 struct ip6_flowlabel *flowlabel = NULL; 685 struct dst_entry *dst = NULL; 686 struct flowi fl; 687 int addr_len = msg->msg_namelen; 688 int hlimit = -1; 689 int tclass = -1; 690 u16 proto; 691 int err; 692 693 /* Rough check on arithmetic overflow, 694 better check is made in ip6_append_data(). 695 */ 696 if (len > INT_MAX) 697 return -EMSGSIZE; 698 699 /* Mirror BSD error message compatibility */ 700 if (msg->msg_flags & MSG_OOB) 701 return -EOPNOTSUPP; 702 703 /* 704 * Get and verify the address. 705 */ 706 memset(&fl, 0, sizeof(fl)); 707 708 if (sin6) { 709 if (addr_len < SIN6_LEN_RFC2133) 710 return -EINVAL; 711 712 if (sin6->sin6_family && sin6->sin6_family != AF_INET6) 713 return(-EAFNOSUPPORT); 714 715 /* port is the proto value [0..255] carried in nexthdr */ 716 proto = ntohs(sin6->sin6_port); 717 718 if (!proto) 719 proto = inet->num; 720 else if (proto != inet->num) 721 return(-EINVAL); 722 723 if (proto > 255) 724 return(-EINVAL); 725 726 daddr = &sin6->sin6_addr; 727 if (np->sndflow) { 728 fl.fl6_flowlabel = sin6->sin6_flowinfo&IPV6_FLOWINFO_MASK; 729 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) { 730 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel); 731 if (flowlabel == NULL) 732 return -EINVAL; 733 daddr = &flowlabel->dst; 734 } 735 } 736 737 /* 738 * Otherwise it will be difficult to maintain 739 * sk->sk_dst_cache. 740 */ 741 if (sk->sk_state == TCP_ESTABLISHED && 742 ipv6_addr_equal(daddr, &np->daddr)) 743 daddr = &np->daddr; 744 745 if (addr_len >= sizeof(struct sockaddr_in6) && 746 sin6->sin6_scope_id && 747 ipv6_addr_type(daddr)&IPV6_ADDR_LINKLOCAL) 748 fl.oif = sin6->sin6_scope_id; 749 } else { 750 if (sk->sk_state != TCP_ESTABLISHED) 751 return -EDESTADDRREQ; 752 753 proto = inet->num; 754 daddr = &np->daddr; 755 fl.fl6_flowlabel = np->flow_label; 756 } 757 758 if (ipv6_addr_any(daddr)) { 759 /* 760 * unspecified destination address 761 * treated as error... is this correct ? 762 */ 763 fl6_sock_release(flowlabel); 764 return(-EINVAL); 765 } 766 767 if (fl.oif == 0) 768 fl.oif = sk->sk_bound_dev_if; 769 770 if (msg->msg_controllen) { 771 opt = &opt_space; 772 memset(opt, 0, sizeof(struct ipv6_txoptions)); 773 opt->tot_len = sizeof(struct ipv6_txoptions); 774 775 err = datagram_send_ctl(msg, &fl, opt, &hlimit, &tclass); 776 if (err < 0) { 777 fl6_sock_release(flowlabel); 778 return err; 779 } 780 if ((fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) && !flowlabel) { 781 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel); 782 if (flowlabel == NULL) 783 return -EINVAL; 784 } 785 if (!(opt->opt_nflen|opt->opt_flen)) 786 opt = NULL; 787 } 788 if (opt == NULL) 789 opt = np->opt; 790 if (flowlabel) 791 opt = fl6_merge_options(&opt_space, flowlabel, opt); 792 opt = ipv6_fixup_options(&opt_space, opt); 793 794 fl.proto = proto; 795 err = rawv6_probe_proto_opt(&fl, msg); 796 if (err) 797 goto out; 798 799 ipv6_addr_copy(&fl.fl6_dst, daddr); 800 if (ipv6_addr_any(&fl.fl6_src) && !ipv6_addr_any(&np->saddr)) 801 ipv6_addr_copy(&fl.fl6_src, &np->saddr); 802 803 /* merge ip6_build_xmit from ip6_output */ 804 if (opt && opt->srcrt) { 805 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt; 806 ipv6_addr_copy(&final, &fl.fl6_dst); 807 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 808 final_p = &final; 809 } 810 811 if (!fl.oif && ipv6_addr_is_multicast(&fl.fl6_dst)) 812 fl.oif = np->mcast_oif; 813 security_sk_classify_flow(sk, &fl); 814 815 err = ip6_dst_lookup(sk, &dst, &fl); 816 if (err) 817 goto out; 818 if (final_p) 819 ipv6_addr_copy(&fl.fl6_dst, final_p); 820 821 if ((err = xfrm_lookup(&dst, &fl, sk, 1)) < 0) 822 goto out; 823 824 if (hlimit < 0) { 825 if (ipv6_addr_is_multicast(&fl.fl6_dst)) 826 hlimit = np->mcast_hops; 827 else 828 hlimit = np->hop_limit; 829 if (hlimit < 0) 830 hlimit = dst_metric(dst, RTAX_HOPLIMIT); 831 if (hlimit < 0) 832 hlimit = ipv6_get_hoplimit(dst->dev); 833 } 834 835 if (tclass < 0) { 836 tclass = np->tclass; 837 if (tclass < 0) 838 tclass = 0; 839 } 840 841 if (msg->msg_flags&MSG_CONFIRM) 842 goto do_confirm; 843 844 back_from_confirm: 845 if (inet->hdrincl) { 846 err = rawv6_send_hdrinc(sk, msg->msg_iov, len, &fl, (struct rt6_info*)dst, msg->msg_flags); 847 } else { 848 lock_sock(sk); 849 err = ip6_append_data(sk, ip_generic_getfrag, msg->msg_iov, 850 len, 0, hlimit, tclass, opt, &fl, (struct rt6_info*)dst, 851 msg->msg_flags); 852 853 if (err) 854 ip6_flush_pending_frames(sk); 855 else if (!(msg->msg_flags & MSG_MORE)) 856 err = rawv6_push_pending_frames(sk, &fl, rp); 857 } 858 done: 859 dst_release(dst); 860 if (!inet->hdrincl) 861 release_sock(sk); 862 out: 863 fl6_sock_release(flowlabel); 864 return err<0?err:len; 865 do_confirm: 866 dst_confirm(dst); 867 if (!(msg->msg_flags & MSG_PROBE) || len) 868 goto back_from_confirm; 869 err = 0; 870 goto done; 871 } 872 873 static int rawv6_seticmpfilter(struct sock *sk, int level, int optname, 874 char __user *optval, int optlen) 875 { 876 switch (optname) { 877 case ICMPV6_FILTER: 878 if (optlen > sizeof(struct icmp6_filter)) 879 optlen = sizeof(struct icmp6_filter); 880 if (copy_from_user(&raw6_sk(sk)->filter, optval, optlen)) 881 return -EFAULT; 882 return 0; 883 default: 884 return -ENOPROTOOPT; 885 } 886 887 return 0; 888 } 889 890 static int rawv6_geticmpfilter(struct sock *sk, int level, int optname, 891 char __user *optval, int __user *optlen) 892 { 893 int len; 894 895 switch (optname) { 896 case ICMPV6_FILTER: 897 if (get_user(len, optlen)) 898 return -EFAULT; 899 if (len < 0) 900 return -EINVAL; 901 if (len > sizeof(struct icmp6_filter)) 902 len = sizeof(struct icmp6_filter); 903 if (put_user(len, optlen)) 904 return -EFAULT; 905 if (copy_to_user(optval, &raw6_sk(sk)->filter, len)) 906 return -EFAULT; 907 return 0; 908 default: 909 return -ENOPROTOOPT; 910 } 911 912 return 0; 913 } 914 915 916 static int do_rawv6_setsockopt(struct sock *sk, int level, int optname, 917 char __user *optval, int optlen) 918 { 919 struct raw6_sock *rp = raw6_sk(sk); 920 int val; 921 922 if (get_user(val, (int __user *)optval)) 923 return -EFAULT; 924 925 switch (optname) { 926 case IPV6_CHECKSUM: 927 /* You may get strange result with a positive odd offset; 928 RFC2292bis agrees with me. */ 929 if (val > 0 && (val&1)) 930 return(-EINVAL); 931 if (val < 0) { 932 rp->checksum = 0; 933 } else { 934 rp->checksum = 1; 935 rp->offset = val; 936 } 937 938 return 0; 939 break; 940 941 default: 942 return(-ENOPROTOOPT); 943 } 944 } 945 946 static int rawv6_setsockopt(struct sock *sk, int level, int optname, 947 char __user *optval, int optlen) 948 { 949 switch(level) { 950 case SOL_RAW: 951 break; 952 953 case SOL_ICMPV6: 954 if (inet_sk(sk)->num != IPPROTO_ICMPV6) 955 return -EOPNOTSUPP; 956 return rawv6_seticmpfilter(sk, level, optname, optval, 957 optlen); 958 case SOL_IPV6: 959 if (optname == IPV6_CHECKSUM) 960 break; 961 default: 962 return ipv6_setsockopt(sk, level, optname, optval, 963 optlen); 964 } 965 966 return do_rawv6_setsockopt(sk, level, optname, optval, optlen); 967 } 968 969 #ifdef CONFIG_COMPAT 970 static int compat_rawv6_setsockopt(struct sock *sk, int level, int optname, 971 char __user *optval, int optlen) 972 { 973 switch (level) { 974 case SOL_RAW: 975 break; 976 case SOL_ICMPV6: 977 if (inet_sk(sk)->num != IPPROTO_ICMPV6) 978 return -EOPNOTSUPP; 979 return rawv6_seticmpfilter(sk, level, optname, optval, optlen); 980 case SOL_IPV6: 981 if (optname == IPV6_CHECKSUM) 982 break; 983 default: 984 return compat_ipv6_setsockopt(sk, level, optname, 985 optval, optlen); 986 } 987 return do_rawv6_setsockopt(sk, level, optname, optval, optlen); 988 } 989 #endif 990 991 static int do_rawv6_getsockopt(struct sock *sk, int level, int optname, 992 char __user *optval, int __user *optlen) 993 { 994 struct raw6_sock *rp = raw6_sk(sk); 995 int val, len; 996 997 if (get_user(len,optlen)) 998 return -EFAULT; 999 1000 switch (optname) { 1001 case IPV6_CHECKSUM: 1002 if (rp->checksum == 0) 1003 val = -1; 1004 else 1005 val = rp->offset; 1006 break; 1007 1008 default: 1009 return -ENOPROTOOPT; 1010 } 1011 1012 len = min_t(unsigned int, sizeof(int), len); 1013 1014 if (put_user(len, optlen)) 1015 return -EFAULT; 1016 if (copy_to_user(optval,&val,len)) 1017 return -EFAULT; 1018 return 0; 1019 } 1020 1021 static int rawv6_getsockopt(struct sock *sk, int level, int optname, 1022 char __user *optval, int __user *optlen) 1023 { 1024 switch(level) { 1025 case SOL_RAW: 1026 break; 1027 1028 case SOL_ICMPV6: 1029 if (inet_sk(sk)->num != IPPROTO_ICMPV6) 1030 return -EOPNOTSUPP; 1031 return rawv6_geticmpfilter(sk, level, optname, optval, 1032 optlen); 1033 case SOL_IPV6: 1034 if (optname == IPV6_CHECKSUM) 1035 break; 1036 default: 1037 return ipv6_getsockopt(sk, level, optname, optval, 1038 optlen); 1039 } 1040 1041 return do_rawv6_getsockopt(sk, level, optname, optval, optlen); 1042 } 1043 1044 #ifdef CONFIG_COMPAT 1045 static int compat_rawv6_getsockopt(struct sock *sk, int level, int optname, 1046 char __user *optval, int __user *optlen) 1047 { 1048 switch (level) { 1049 case SOL_RAW: 1050 break; 1051 case SOL_ICMPV6: 1052 if (inet_sk(sk)->num != IPPROTO_ICMPV6) 1053 return -EOPNOTSUPP; 1054 return rawv6_geticmpfilter(sk, level, optname, optval, optlen); 1055 case SOL_IPV6: 1056 if (optname == IPV6_CHECKSUM) 1057 break; 1058 default: 1059 return compat_ipv6_getsockopt(sk, level, optname, 1060 optval, optlen); 1061 } 1062 return do_rawv6_getsockopt(sk, level, optname, optval, optlen); 1063 } 1064 #endif 1065 1066 static int rawv6_ioctl(struct sock *sk, int cmd, unsigned long arg) 1067 { 1068 switch(cmd) { 1069 case SIOCOUTQ: 1070 { 1071 int amount = atomic_read(&sk->sk_wmem_alloc); 1072 return put_user(amount, (int __user *)arg); 1073 } 1074 case SIOCINQ: 1075 { 1076 struct sk_buff *skb; 1077 int amount = 0; 1078 1079 spin_lock_bh(&sk->sk_receive_queue.lock); 1080 skb = skb_peek(&sk->sk_receive_queue); 1081 if (skb != NULL) 1082 amount = skb->tail - skb->transport_header; 1083 spin_unlock_bh(&sk->sk_receive_queue.lock); 1084 return put_user(amount, (int __user *)arg); 1085 } 1086 1087 default: 1088 return -ENOIOCTLCMD; 1089 } 1090 } 1091 1092 static void rawv6_close(struct sock *sk, long timeout) 1093 { 1094 if (inet_sk(sk)->num == IPPROTO_RAW) 1095 ip6_ra_control(sk, -1, NULL); 1096 1097 sk_common_release(sk); 1098 } 1099 1100 static int rawv6_init_sk(struct sock *sk) 1101 { 1102 struct raw6_sock *rp = raw6_sk(sk); 1103 1104 switch (inet_sk(sk)->num) { 1105 case IPPROTO_ICMPV6: 1106 rp->checksum = 1; 1107 rp->offset = 2; 1108 break; 1109 case IPPROTO_MH: 1110 rp->checksum = 1; 1111 rp->offset = 4; 1112 break; 1113 default: 1114 break; 1115 } 1116 return(0); 1117 } 1118 1119 struct proto rawv6_prot = { 1120 .name = "RAWv6", 1121 .owner = THIS_MODULE, 1122 .close = rawv6_close, 1123 .connect = ip6_datagram_connect, 1124 .disconnect = udp_disconnect, 1125 .ioctl = rawv6_ioctl, 1126 .init = rawv6_init_sk, 1127 .destroy = inet6_destroy_sock, 1128 .setsockopt = rawv6_setsockopt, 1129 .getsockopt = rawv6_getsockopt, 1130 .sendmsg = rawv6_sendmsg, 1131 .recvmsg = rawv6_recvmsg, 1132 .bind = rawv6_bind, 1133 .backlog_rcv = rawv6_rcv_skb, 1134 .hash = raw_v6_hash, 1135 .unhash = raw_v6_unhash, 1136 .obj_size = sizeof(struct raw6_sock), 1137 #ifdef CONFIG_COMPAT 1138 .compat_setsockopt = compat_rawv6_setsockopt, 1139 .compat_getsockopt = compat_rawv6_getsockopt, 1140 #endif 1141 }; 1142 1143 #ifdef CONFIG_PROC_FS 1144 struct raw6_iter_state { 1145 int bucket; 1146 }; 1147 1148 #define raw6_seq_private(seq) ((struct raw6_iter_state *)(seq)->private) 1149 1150 static struct sock *raw6_get_first(struct seq_file *seq) 1151 { 1152 struct sock *sk; 1153 struct hlist_node *node; 1154 struct raw6_iter_state* state = raw6_seq_private(seq); 1155 1156 for (state->bucket = 0; state->bucket < RAWV6_HTABLE_SIZE; ++state->bucket) 1157 sk_for_each(sk, node, &raw_v6_htable[state->bucket]) 1158 if (sk->sk_family == PF_INET6) 1159 goto out; 1160 sk = NULL; 1161 out: 1162 return sk; 1163 } 1164 1165 static struct sock *raw6_get_next(struct seq_file *seq, struct sock *sk) 1166 { 1167 struct raw6_iter_state* state = raw6_seq_private(seq); 1168 1169 do { 1170 sk = sk_next(sk); 1171 try_again: 1172 ; 1173 } while (sk && sk->sk_family != PF_INET6); 1174 1175 if (!sk && ++state->bucket < RAWV6_HTABLE_SIZE) { 1176 sk = sk_head(&raw_v6_htable[state->bucket]); 1177 goto try_again; 1178 } 1179 return sk; 1180 } 1181 1182 static struct sock *raw6_get_idx(struct seq_file *seq, loff_t pos) 1183 { 1184 struct sock *sk = raw6_get_first(seq); 1185 if (sk) 1186 while (pos && (sk = raw6_get_next(seq, sk)) != NULL) 1187 --pos; 1188 return pos ? NULL : sk; 1189 } 1190 1191 static void *raw6_seq_start(struct seq_file *seq, loff_t *pos) 1192 { 1193 read_lock(&raw_v6_lock); 1194 return *pos ? raw6_get_idx(seq, *pos - 1) : SEQ_START_TOKEN; 1195 } 1196 1197 static void *raw6_seq_next(struct seq_file *seq, void *v, loff_t *pos) 1198 { 1199 struct sock *sk; 1200 1201 if (v == SEQ_START_TOKEN) 1202 sk = raw6_get_first(seq); 1203 else 1204 sk = raw6_get_next(seq, v); 1205 ++*pos; 1206 return sk; 1207 } 1208 1209 static void raw6_seq_stop(struct seq_file *seq, void *v) 1210 { 1211 read_unlock(&raw_v6_lock); 1212 } 1213 1214 static void raw6_sock_seq_show(struct seq_file *seq, struct sock *sp, int i) 1215 { 1216 struct ipv6_pinfo *np = inet6_sk(sp); 1217 struct in6_addr *dest, *src; 1218 __u16 destp, srcp; 1219 1220 dest = &np->daddr; 1221 src = &np->rcv_saddr; 1222 destp = 0; 1223 srcp = inet_sk(sp)->num; 1224 seq_printf(seq, 1225 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1226 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p\n", 1227 i, 1228 src->s6_addr32[0], src->s6_addr32[1], 1229 src->s6_addr32[2], src->s6_addr32[3], srcp, 1230 dest->s6_addr32[0], dest->s6_addr32[1], 1231 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1232 sp->sk_state, 1233 atomic_read(&sp->sk_wmem_alloc), 1234 atomic_read(&sp->sk_rmem_alloc), 1235 0, 0L, 0, 1236 sock_i_uid(sp), 0, 1237 sock_i_ino(sp), 1238 atomic_read(&sp->sk_refcnt), sp); 1239 } 1240 1241 static int raw6_seq_show(struct seq_file *seq, void *v) 1242 { 1243 if (v == SEQ_START_TOKEN) 1244 seq_printf(seq, 1245 " sl " 1246 "local_address " 1247 "remote_address " 1248 "st tx_queue rx_queue tr tm->when retrnsmt" 1249 " uid timeout inode\n"); 1250 else 1251 raw6_sock_seq_show(seq, v, raw6_seq_private(seq)->bucket); 1252 return 0; 1253 } 1254 1255 static struct seq_operations raw6_seq_ops = { 1256 .start = raw6_seq_start, 1257 .next = raw6_seq_next, 1258 .stop = raw6_seq_stop, 1259 .show = raw6_seq_show, 1260 }; 1261 1262 static int raw6_seq_open(struct inode *inode, struct file *file) 1263 { 1264 struct seq_file *seq; 1265 int rc = -ENOMEM; 1266 struct raw6_iter_state *s = kzalloc(sizeof(*s), GFP_KERNEL); 1267 if (!s) 1268 goto out; 1269 rc = seq_open(file, &raw6_seq_ops); 1270 if (rc) 1271 goto out_kfree; 1272 seq = file->private_data; 1273 seq->private = s; 1274 out: 1275 return rc; 1276 out_kfree: 1277 kfree(s); 1278 goto out; 1279 } 1280 1281 static const struct file_operations raw6_seq_fops = { 1282 .owner = THIS_MODULE, 1283 .open = raw6_seq_open, 1284 .read = seq_read, 1285 .llseek = seq_lseek, 1286 .release = seq_release_private, 1287 }; 1288 1289 int __init raw6_proc_init(void) 1290 { 1291 if (!proc_net_fops_create("raw6", S_IRUGO, &raw6_seq_fops)) 1292 return -ENOMEM; 1293 return 0; 1294 } 1295 1296 void raw6_proc_exit(void) 1297 { 1298 proc_net_remove("raw6"); 1299 } 1300 #endif /* CONFIG_PROC_FS */ 1301