1 /* 2 * INET An implementation of the TCP/IP protocol suite for the LINUX 3 * operating system. INET is implemented using the BSD Socket 4 * interface as the means of communication with the user level. 5 * 6 * The IP to API glue. 7 * 8 * Version: $Id: ip_sockglue.c,v 1.62 2002/02/01 22:01:04 davem Exp $ 9 * 10 * Authors: see ip.c 11 * 12 * Fixes: 13 * Many : Split from ip.c , see ip.c for history. 14 * Martin Mares : TOS setting fixed. 15 * Alan Cox : Fixed a couple of oopses in Martin's 16 * TOS tweaks. 17 * Mike McLagan : Routing by source 18 */ 19 20 #include <linux/module.h> 21 #include <linux/types.h> 22 #include <linux/mm.h> 23 #include <linux/skbuff.h> 24 #include <linux/ip.h> 25 #include <linux/icmp.h> 26 #include <linux/inetdevice.h> 27 #include <linux/netdevice.h> 28 #include <net/sock.h> 29 #include <net/ip.h> 30 #include <net/icmp.h> 31 #include <net/tcp_states.h> 32 #include <linux/udp.h> 33 #include <linux/igmp.h> 34 #include <linux/netfilter.h> 35 #include <linux/route.h> 36 #include <linux/mroute.h> 37 #include <net/route.h> 38 #include <net/xfrm.h> 39 #include <net/compat.h> 40 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 41 #include <net/transp_v6.h> 42 #endif 43 44 #include <linux/errqueue.h> 45 #include <asm/uaccess.h> 46 47 #define IP_CMSG_PKTINFO 1 48 #define IP_CMSG_TTL 2 49 #define IP_CMSG_TOS 4 50 #define IP_CMSG_RECVOPTS 8 51 #define IP_CMSG_RETOPTS 16 52 #define IP_CMSG_PASSSEC 32 53 54 /* 55 * SOL_IP control messages. 56 */ 57 58 static void ip_cmsg_recv_pktinfo(struct msghdr *msg, struct sk_buff *skb) 59 { 60 struct in_pktinfo info; 61 struct rtable *rt = skb->rtable; 62 63 info.ipi_addr.s_addr = ip_hdr(skb)->daddr; 64 if (rt) { 65 info.ipi_ifindex = rt->rt_iif; 66 info.ipi_spec_dst.s_addr = rt->rt_spec_dst; 67 } else { 68 info.ipi_ifindex = 0; 69 info.ipi_spec_dst.s_addr = 0; 70 } 71 72 put_cmsg(msg, SOL_IP, IP_PKTINFO, sizeof(info), &info); 73 } 74 75 static void ip_cmsg_recv_ttl(struct msghdr *msg, struct sk_buff *skb) 76 { 77 int ttl = ip_hdr(skb)->ttl; 78 put_cmsg(msg, SOL_IP, IP_TTL, sizeof(int), &ttl); 79 } 80 81 static void ip_cmsg_recv_tos(struct msghdr *msg, struct sk_buff *skb) 82 { 83 put_cmsg(msg, SOL_IP, IP_TOS, 1, &ip_hdr(skb)->tos); 84 } 85 86 static void ip_cmsg_recv_opts(struct msghdr *msg, struct sk_buff *skb) 87 { 88 if (IPCB(skb)->opt.optlen == 0) 89 return; 90 91 put_cmsg(msg, SOL_IP, IP_RECVOPTS, IPCB(skb)->opt.optlen, 92 ip_hdr(skb) + 1); 93 } 94 95 96 static void ip_cmsg_recv_retopts(struct msghdr *msg, struct sk_buff *skb) 97 { 98 unsigned char optbuf[sizeof(struct ip_options) + 40]; 99 struct ip_options * opt = (struct ip_options*)optbuf; 100 101 if (IPCB(skb)->opt.optlen == 0) 102 return; 103 104 if (ip_options_echo(opt, skb)) { 105 msg->msg_flags |= MSG_CTRUNC; 106 return; 107 } 108 ip_options_undo(opt); 109 110 put_cmsg(msg, SOL_IP, IP_RETOPTS, opt->optlen, opt->__data); 111 } 112 113 static void ip_cmsg_recv_security(struct msghdr *msg, struct sk_buff *skb) 114 { 115 char *secdata; 116 u32 seclen, secid; 117 int err; 118 119 err = security_socket_getpeersec_dgram(NULL, skb, &secid); 120 if (err) 121 return; 122 123 err = security_secid_to_secctx(secid, &secdata, &seclen); 124 if (err) 125 return; 126 127 put_cmsg(msg, SOL_IP, SCM_SECURITY, seclen, secdata); 128 security_release_secctx(secdata, seclen); 129 } 130 131 132 void ip_cmsg_recv(struct msghdr *msg, struct sk_buff *skb) 133 { 134 struct inet_sock *inet = inet_sk(skb->sk); 135 unsigned flags = inet->cmsg_flags; 136 137 /* Ordered by supposed usage frequency */ 138 if (flags & 1) 139 ip_cmsg_recv_pktinfo(msg, skb); 140 if ((flags>>=1) == 0) 141 return; 142 143 if (flags & 1) 144 ip_cmsg_recv_ttl(msg, skb); 145 if ((flags>>=1) == 0) 146 return; 147 148 if (flags & 1) 149 ip_cmsg_recv_tos(msg, skb); 150 if ((flags>>=1) == 0) 151 return; 152 153 if (flags & 1) 154 ip_cmsg_recv_opts(msg, skb); 155 if ((flags>>=1) == 0) 156 return; 157 158 if (flags & 1) 159 ip_cmsg_recv_retopts(msg, skb); 160 if ((flags>>=1) == 0) 161 return; 162 163 if (flags & 1) 164 ip_cmsg_recv_security(msg, skb); 165 } 166 167 int ip_cmsg_send(struct net *net, struct msghdr *msg, struct ipcm_cookie *ipc) 168 { 169 int err; 170 struct cmsghdr *cmsg; 171 172 for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) { 173 if (!CMSG_OK(msg, cmsg)) 174 return -EINVAL; 175 if (cmsg->cmsg_level != SOL_IP) 176 continue; 177 switch (cmsg->cmsg_type) { 178 case IP_RETOPTS: 179 err = cmsg->cmsg_len - CMSG_ALIGN(sizeof(struct cmsghdr)); 180 err = ip_options_get(net, &ipc->opt, CMSG_DATA(cmsg), err < 40 ? err : 40); 181 if (err) 182 return err; 183 break; 184 case IP_PKTINFO: 185 { 186 struct in_pktinfo *info; 187 if (cmsg->cmsg_len != CMSG_LEN(sizeof(struct in_pktinfo))) 188 return -EINVAL; 189 info = (struct in_pktinfo *)CMSG_DATA(cmsg); 190 ipc->oif = info->ipi_ifindex; 191 ipc->addr = info->ipi_spec_dst.s_addr; 192 break; 193 } 194 default: 195 return -EINVAL; 196 } 197 } 198 return 0; 199 } 200 201 202 /* Special input handler for packets caught by router alert option. 203 They are selected only by protocol field, and then processed likely 204 local ones; but only if someone wants them! Otherwise, router 205 not running rsvpd will kill RSVP. 206 207 It is user level problem, what it will make with them. 208 I have no idea, how it will masquearde or NAT them (it is joke, joke :-)), 209 but receiver should be enough clever f.e. to forward mtrace requests, 210 sent to multicast group to reach destination designated router. 211 */ 212 struct ip_ra_chain *ip_ra_chain; 213 DEFINE_RWLOCK(ip_ra_lock); 214 215 int ip_ra_control(struct sock *sk, unsigned char on, void (*destructor)(struct sock *)) 216 { 217 struct ip_ra_chain *ra, *new_ra, **rap; 218 219 if (sk->sk_type != SOCK_RAW || inet_sk(sk)->num == IPPROTO_RAW) 220 return -EINVAL; 221 222 new_ra = on ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL; 223 224 write_lock_bh(&ip_ra_lock); 225 for (rap = &ip_ra_chain; (ra=*rap) != NULL; rap = &ra->next) { 226 if (ra->sk == sk) { 227 if (on) { 228 write_unlock_bh(&ip_ra_lock); 229 kfree(new_ra); 230 return -EADDRINUSE; 231 } 232 *rap = ra->next; 233 write_unlock_bh(&ip_ra_lock); 234 235 if (ra->destructor) 236 ra->destructor(sk); 237 sock_put(sk); 238 kfree(ra); 239 return 0; 240 } 241 } 242 if (new_ra == NULL) { 243 write_unlock_bh(&ip_ra_lock); 244 return -ENOBUFS; 245 } 246 new_ra->sk = sk; 247 new_ra->destructor = destructor; 248 249 new_ra->next = ra; 250 *rap = new_ra; 251 sock_hold(sk); 252 write_unlock_bh(&ip_ra_lock); 253 254 return 0; 255 } 256 257 void ip_icmp_error(struct sock *sk, struct sk_buff *skb, int err, 258 __be16 port, u32 info, u8 *payload) 259 { 260 struct inet_sock *inet = inet_sk(sk); 261 struct sock_exterr_skb *serr; 262 263 if (!inet->recverr) 264 return; 265 266 skb = skb_clone(skb, GFP_ATOMIC); 267 if (!skb) 268 return; 269 270 serr = SKB_EXT_ERR(skb); 271 serr->ee.ee_errno = err; 272 serr->ee.ee_origin = SO_EE_ORIGIN_ICMP; 273 serr->ee.ee_type = icmp_hdr(skb)->type; 274 serr->ee.ee_code = icmp_hdr(skb)->code; 275 serr->ee.ee_pad = 0; 276 serr->ee.ee_info = info; 277 serr->ee.ee_data = 0; 278 serr->addr_offset = (u8 *)&(((struct iphdr *)(icmp_hdr(skb) + 1))->daddr) - 279 skb_network_header(skb); 280 serr->port = port; 281 282 if (skb_pull(skb, payload - skb->data) != NULL) { 283 skb_reset_transport_header(skb); 284 if (sock_queue_err_skb(sk, skb) == 0) 285 return; 286 } 287 kfree_skb(skb); 288 } 289 290 void ip_local_error(struct sock *sk, int err, __be32 daddr, __be16 port, u32 info) 291 { 292 struct inet_sock *inet = inet_sk(sk); 293 struct sock_exterr_skb *serr; 294 struct iphdr *iph; 295 struct sk_buff *skb; 296 297 if (!inet->recverr) 298 return; 299 300 skb = alloc_skb(sizeof(struct iphdr), GFP_ATOMIC); 301 if (!skb) 302 return; 303 304 skb_put(skb, sizeof(struct iphdr)); 305 skb_reset_network_header(skb); 306 iph = ip_hdr(skb); 307 iph->daddr = daddr; 308 309 serr = SKB_EXT_ERR(skb); 310 serr->ee.ee_errno = err; 311 serr->ee.ee_origin = SO_EE_ORIGIN_LOCAL; 312 serr->ee.ee_type = 0; 313 serr->ee.ee_code = 0; 314 serr->ee.ee_pad = 0; 315 serr->ee.ee_info = info; 316 serr->ee.ee_data = 0; 317 serr->addr_offset = (u8 *)&iph->daddr - skb_network_header(skb); 318 serr->port = port; 319 320 __skb_pull(skb, skb_tail_pointer(skb) - skb->data); 321 skb_reset_transport_header(skb); 322 323 if (sock_queue_err_skb(sk, skb)) 324 kfree_skb(skb); 325 } 326 327 /* 328 * Handle MSG_ERRQUEUE 329 */ 330 int ip_recv_error(struct sock *sk, struct msghdr *msg, int len) 331 { 332 struct sock_exterr_skb *serr; 333 struct sk_buff *skb, *skb2; 334 struct sockaddr_in *sin; 335 struct { 336 struct sock_extended_err ee; 337 struct sockaddr_in offender; 338 } errhdr; 339 int err; 340 int copied; 341 342 err = -EAGAIN; 343 skb = skb_dequeue(&sk->sk_error_queue); 344 if (skb == NULL) 345 goto out; 346 347 copied = skb->len; 348 if (copied > len) { 349 msg->msg_flags |= MSG_TRUNC; 350 copied = len; 351 } 352 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); 353 if (err) 354 goto out_free_skb; 355 356 sock_recv_timestamp(msg, sk, skb); 357 358 serr = SKB_EXT_ERR(skb); 359 360 sin = (struct sockaddr_in *)msg->msg_name; 361 if (sin) { 362 sin->sin_family = AF_INET; 363 sin->sin_addr.s_addr = *(__be32 *)(skb_network_header(skb) + 364 serr->addr_offset); 365 sin->sin_port = serr->port; 366 memset(&sin->sin_zero, 0, sizeof(sin->sin_zero)); 367 } 368 369 memcpy(&errhdr.ee, &serr->ee, sizeof(struct sock_extended_err)); 370 sin = &errhdr.offender; 371 sin->sin_family = AF_UNSPEC; 372 if (serr->ee.ee_origin == SO_EE_ORIGIN_ICMP) { 373 struct inet_sock *inet = inet_sk(sk); 374 375 sin->sin_family = AF_INET; 376 sin->sin_addr.s_addr = ip_hdr(skb)->saddr; 377 sin->sin_port = 0; 378 memset(&sin->sin_zero, 0, sizeof(sin->sin_zero)); 379 if (inet->cmsg_flags) 380 ip_cmsg_recv(msg, skb); 381 } 382 383 put_cmsg(msg, SOL_IP, IP_RECVERR, sizeof(errhdr), &errhdr); 384 385 /* Now we could try to dump offended packet options */ 386 387 msg->msg_flags |= MSG_ERRQUEUE; 388 err = copied; 389 390 /* Reset and regenerate socket error */ 391 spin_lock_bh(&sk->sk_error_queue.lock); 392 sk->sk_err = 0; 393 if ((skb2 = skb_peek(&sk->sk_error_queue)) != NULL) { 394 sk->sk_err = SKB_EXT_ERR(skb2)->ee.ee_errno; 395 spin_unlock_bh(&sk->sk_error_queue.lock); 396 sk->sk_error_report(sk); 397 } else 398 spin_unlock_bh(&sk->sk_error_queue.lock); 399 400 out_free_skb: 401 kfree_skb(skb); 402 out: 403 return err; 404 } 405 406 407 /* 408 * Socket option code for IP. This is the end of the line after any TCP,UDP etc options on 409 * an IP socket. 410 */ 411 412 static int do_ip_setsockopt(struct sock *sk, int level, 413 int optname, char __user *optval, int optlen) 414 { 415 struct inet_sock *inet = inet_sk(sk); 416 int val=0,err; 417 418 if (((1<<optname) & ((1<<IP_PKTINFO) | (1<<IP_RECVTTL) | 419 (1<<IP_RECVOPTS) | (1<<IP_RECVTOS) | 420 (1<<IP_RETOPTS) | (1<<IP_TOS) | 421 (1<<IP_TTL) | (1<<IP_HDRINCL) | 422 (1<<IP_MTU_DISCOVER) | (1<<IP_RECVERR) | 423 (1<<IP_ROUTER_ALERT) | (1<<IP_FREEBIND) | 424 (1<<IP_PASSSEC))) || 425 optname == IP_MULTICAST_TTL || 426 optname == IP_MULTICAST_LOOP) { 427 if (optlen >= sizeof(int)) { 428 if (get_user(val, (int __user *) optval)) 429 return -EFAULT; 430 } else if (optlen >= sizeof(char)) { 431 unsigned char ucval; 432 433 if (get_user(ucval, (unsigned char __user *) optval)) 434 return -EFAULT; 435 val = (int) ucval; 436 } 437 } 438 439 /* If optlen==0, it is equivalent to val == 0 */ 440 441 if (ip_mroute_opt(optname)) 442 return ip_mroute_setsockopt(sk,optname,optval,optlen); 443 444 err = 0; 445 lock_sock(sk); 446 447 switch (optname) { 448 case IP_OPTIONS: 449 { 450 struct ip_options * opt = NULL; 451 if (optlen > 40 || optlen < 0) 452 goto e_inval; 453 err = ip_options_get_from_user(sock_net(sk), &opt, 454 optval, optlen); 455 if (err) 456 break; 457 if (inet->is_icsk) { 458 struct inet_connection_sock *icsk = inet_csk(sk); 459 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 460 if (sk->sk_family == PF_INET || 461 (!((1 << sk->sk_state) & 462 (TCPF_LISTEN | TCPF_CLOSE)) && 463 inet->daddr != LOOPBACK4_IPV6)) { 464 #endif 465 if (inet->opt) 466 icsk->icsk_ext_hdr_len -= inet->opt->optlen; 467 if (opt) 468 icsk->icsk_ext_hdr_len += opt->optlen; 469 icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie); 470 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 471 } 472 #endif 473 } 474 opt = xchg(&inet->opt, opt); 475 kfree(opt); 476 break; 477 } 478 case IP_PKTINFO: 479 if (val) 480 inet->cmsg_flags |= IP_CMSG_PKTINFO; 481 else 482 inet->cmsg_flags &= ~IP_CMSG_PKTINFO; 483 break; 484 case IP_RECVTTL: 485 if (val) 486 inet->cmsg_flags |= IP_CMSG_TTL; 487 else 488 inet->cmsg_flags &= ~IP_CMSG_TTL; 489 break; 490 case IP_RECVTOS: 491 if (val) 492 inet->cmsg_flags |= IP_CMSG_TOS; 493 else 494 inet->cmsg_flags &= ~IP_CMSG_TOS; 495 break; 496 case IP_RECVOPTS: 497 if (val) 498 inet->cmsg_flags |= IP_CMSG_RECVOPTS; 499 else 500 inet->cmsg_flags &= ~IP_CMSG_RECVOPTS; 501 break; 502 case IP_RETOPTS: 503 if (val) 504 inet->cmsg_flags |= IP_CMSG_RETOPTS; 505 else 506 inet->cmsg_flags &= ~IP_CMSG_RETOPTS; 507 break; 508 case IP_PASSSEC: 509 if (val) 510 inet->cmsg_flags |= IP_CMSG_PASSSEC; 511 else 512 inet->cmsg_flags &= ~IP_CMSG_PASSSEC; 513 break; 514 case IP_TOS: /* This sets both TOS and Precedence */ 515 if (sk->sk_type == SOCK_STREAM) { 516 val &= ~3; 517 val |= inet->tos & 3; 518 } 519 if (inet->tos != val) { 520 inet->tos = val; 521 sk->sk_priority = rt_tos2priority(val); 522 sk_dst_reset(sk); 523 } 524 break; 525 case IP_TTL: 526 if (optlen<1) 527 goto e_inval; 528 if (val != -1 && (val < 1 || val>255)) 529 goto e_inval; 530 inet->uc_ttl = val; 531 break; 532 case IP_HDRINCL: 533 if (sk->sk_type != SOCK_RAW) { 534 err = -ENOPROTOOPT; 535 break; 536 } 537 inet->hdrincl = val ? 1 : 0; 538 break; 539 case IP_MTU_DISCOVER: 540 if (val<0 || val>3) 541 goto e_inval; 542 inet->pmtudisc = val; 543 break; 544 case IP_RECVERR: 545 inet->recverr = !!val; 546 if (!val) 547 skb_queue_purge(&sk->sk_error_queue); 548 break; 549 case IP_MULTICAST_TTL: 550 if (sk->sk_type == SOCK_STREAM) 551 goto e_inval; 552 if (optlen<1) 553 goto e_inval; 554 if (val==-1) 555 val = 1; 556 if (val < 0 || val > 255) 557 goto e_inval; 558 inet->mc_ttl = val; 559 break; 560 case IP_MULTICAST_LOOP: 561 if (optlen<1) 562 goto e_inval; 563 inet->mc_loop = !!val; 564 break; 565 case IP_MULTICAST_IF: 566 { 567 struct ip_mreqn mreq; 568 struct net_device *dev = NULL; 569 570 if (sk->sk_type == SOCK_STREAM) 571 goto e_inval; 572 /* 573 * Check the arguments are allowable 574 */ 575 576 err = -EFAULT; 577 if (optlen >= sizeof(struct ip_mreqn)) { 578 if (copy_from_user(&mreq,optval,sizeof(mreq))) 579 break; 580 } else { 581 memset(&mreq, 0, sizeof(mreq)); 582 if (optlen >= sizeof(struct in_addr) && 583 copy_from_user(&mreq.imr_address,optval,sizeof(struct in_addr))) 584 break; 585 } 586 587 if (!mreq.imr_ifindex) { 588 if (mreq.imr_address.s_addr == htonl(INADDR_ANY)) { 589 inet->mc_index = 0; 590 inet->mc_addr = 0; 591 err = 0; 592 break; 593 } 594 dev = ip_dev_find(sock_net(sk), mreq.imr_address.s_addr); 595 if (dev) { 596 mreq.imr_ifindex = dev->ifindex; 597 dev_put(dev); 598 } 599 } else 600 dev = __dev_get_by_index(sock_net(sk), mreq.imr_ifindex); 601 602 603 err = -EADDRNOTAVAIL; 604 if (!dev) 605 break; 606 607 err = -EINVAL; 608 if (sk->sk_bound_dev_if && 609 mreq.imr_ifindex != sk->sk_bound_dev_if) 610 break; 611 612 inet->mc_index = mreq.imr_ifindex; 613 inet->mc_addr = mreq.imr_address.s_addr; 614 err = 0; 615 break; 616 } 617 618 case IP_ADD_MEMBERSHIP: 619 case IP_DROP_MEMBERSHIP: 620 { 621 struct ip_mreqn mreq; 622 623 err = -EPROTO; 624 if (inet_sk(sk)->is_icsk) 625 break; 626 627 if (optlen < sizeof(struct ip_mreq)) 628 goto e_inval; 629 err = -EFAULT; 630 if (optlen >= sizeof(struct ip_mreqn)) { 631 if (copy_from_user(&mreq,optval,sizeof(mreq))) 632 break; 633 } else { 634 memset(&mreq, 0, sizeof(mreq)); 635 if (copy_from_user(&mreq,optval,sizeof(struct ip_mreq))) 636 break; 637 } 638 639 if (optname == IP_ADD_MEMBERSHIP) 640 err = ip_mc_join_group(sk, &mreq); 641 else 642 err = ip_mc_leave_group(sk, &mreq); 643 break; 644 } 645 case IP_MSFILTER: 646 { 647 extern int sysctl_igmp_max_msf; 648 struct ip_msfilter *msf; 649 650 if (optlen < IP_MSFILTER_SIZE(0)) 651 goto e_inval; 652 if (optlen > sysctl_optmem_max) { 653 err = -ENOBUFS; 654 break; 655 } 656 msf = kmalloc(optlen, GFP_KERNEL); 657 if (!msf) { 658 err = -ENOBUFS; 659 break; 660 } 661 err = -EFAULT; 662 if (copy_from_user(msf, optval, optlen)) { 663 kfree(msf); 664 break; 665 } 666 /* numsrc >= (1G-4) overflow in 32 bits */ 667 if (msf->imsf_numsrc >= 0x3ffffffcU || 668 msf->imsf_numsrc > sysctl_igmp_max_msf) { 669 kfree(msf); 670 err = -ENOBUFS; 671 break; 672 } 673 if (IP_MSFILTER_SIZE(msf->imsf_numsrc) > optlen) { 674 kfree(msf); 675 err = -EINVAL; 676 break; 677 } 678 err = ip_mc_msfilter(sk, msf, 0); 679 kfree(msf); 680 break; 681 } 682 case IP_BLOCK_SOURCE: 683 case IP_UNBLOCK_SOURCE: 684 case IP_ADD_SOURCE_MEMBERSHIP: 685 case IP_DROP_SOURCE_MEMBERSHIP: 686 { 687 struct ip_mreq_source mreqs; 688 int omode, add; 689 690 if (optlen != sizeof(struct ip_mreq_source)) 691 goto e_inval; 692 if (copy_from_user(&mreqs, optval, sizeof(mreqs))) { 693 err = -EFAULT; 694 break; 695 } 696 if (optname == IP_BLOCK_SOURCE) { 697 omode = MCAST_EXCLUDE; 698 add = 1; 699 } else if (optname == IP_UNBLOCK_SOURCE) { 700 omode = MCAST_EXCLUDE; 701 add = 0; 702 } else if (optname == IP_ADD_SOURCE_MEMBERSHIP) { 703 struct ip_mreqn mreq; 704 705 mreq.imr_multiaddr.s_addr = mreqs.imr_multiaddr; 706 mreq.imr_address.s_addr = mreqs.imr_interface; 707 mreq.imr_ifindex = 0; 708 err = ip_mc_join_group(sk, &mreq); 709 if (err && err != -EADDRINUSE) 710 break; 711 omode = MCAST_INCLUDE; 712 add = 1; 713 } else /* IP_DROP_SOURCE_MEMBERSHIP */ { 714 omode = MCAST_INCLUDE; 715 add = 0; 716 } 717 err = ip_mc_source(add, omode, sk, &mreqs, 0); 718 break; 719 } 720 case MCAST_JOIN_GROUP: 721 case MCAST_LEAVE_GROUP: 722 { 723 struct group_req greq; 724 struct sockaddr_in *psin; 725 struct ip_mreqn mreq; 726 727 if (optlen < sizeof(struct group_req)) 728 goto e_inval; 729 err = -EFAULT; 730 if (copy_from_user(&greq, optval, sizeof(greq))) 731 break; 732 psin = (struct sockaddr_in *)&greq.gr_group; 733 if (psin->sin_family != AF_INET) 734 goto e_inval; 735 memset(&mreq, 0, sizeof(mreq)); 736 mreq.imr_multiaddr = psin->sin_addr; 737 mreq.imr_ifindex = greq.gr_interface; 738 739 if (optname == MCAST_JOIN_GROUP) 740 err = ip_mc_join_group(sk, &mreq); 741 else 742 err = ip_mc_leave_group(sk, &mreq); 743 break; 744 } 745 case MCAST_JOIN_SOURCE_GROUP: 746 case MCAST_LEAVE_SOURCE_GROUP: 747 case MCAST_BLOCK_SOURCE: 748 case MCAST_UNBLOCK_SOURCE: 749 { 750 struct group_source_req greqs; 751 struct ip_mreq_source mreqs; 752 struct sockaddr_in *psin; 753 int omode, add; 754 755 if (optlen != sizeof(struct group_source_req)) 756 goto e_inval; 757 if (copy_from_user(&greqs, optval, sizeof(greqs))) { 758 err = -EFAULT; 759 break; 760 } 761 if (greqs.gsr_group.ss_family != AF_INET || 762 greqs.gsr_source.ss_family != AF_INET) { 763 err = -EADDRNOTAVAIL; 764 break; 765 } 766 psin = (struct sockaddr_in *)&greqs.gsr_group; 767 mreqs.imr_multiaddr = psin->sin_addr.s_addr; 768 psin = (struct sockaddr_in *)&greqs.gsr_source; 769 mreqs.imr_sourceaddr = psin->sin_addr.s_addr; 770 mreqs.imr_interface = 0; /* use index for mc_source */ 771 772 if (optname == MCAST_BLOCK_SOURCE) { 773 omode = MCAST_EXCLUDE; 774 add = 1; 775 } else if (optname == MCAST_UNBLOCK_SOURCE) { 776 omode = MCAST_EXCLUDE; 777 add = 0; 778 } else if (optname == MCAST_JOIN_SOURCE_GROUP) { 779 struct ip_mreqn mreq; 780 781 psin = (struct sockaddr_in *)&greqs.gsr_group; 782 mreq.imr_multiaddr = psin->sin_addr; 783 mreq.imr_address.s_addr = 0; 784 mreq.imr_ifindex = greqs.gsr_interface; 785 err = ip_mc_join_group(sk, &mreq); 786 if (err && err != -EADDRINUSE) 787 break; 788 greqs.gsr_interface = mreq.imr_ifindex; 789 omode = MCAST_INCLUDE; 790 add = 1; 791 } else /* MCAST_LEAVE_SOURCE_GROUP */ { 792 omode = MCAST_INCLUDE; 793 add = 0; 794 } 795 err = ip_mc_source(add, omode, sk, &mreqs, 796 greqs.gsr_interface); 797 break; 798 } 799 case MCAST_MSFILTER: 800 { 801 extern int sysctl_igmp_max_msf; 802 struct sockaddr_in *psin; 803 struct ip_msfilter *msf = NULL; 804 struct group_filter *gsf = NULL; 805 int msize, i, ifindex; 806 807 if (optlen < GROUP_FILTER_SIZE(0)) 808 goto e_inval; 809 if (optlen > sysctl_optmem_max) { 810 err = -ENOBUFS; 811 break; 812 } 813 gsf = kmalloc(optlen,GFP_KERNEL); 814 if (!gsf) { 815 err = -ENOBUFS; 816 break; 817 } 818 err = -EFAULT; 819 if (copy_from_user(gsf, optval, optlen)) { 820 goto mc_msf_out; 821 } 822 /* numsrc >= (4G-140)/128 overflow in 32 bits */ 823 if (gsf->gf_numsrc >= 0x1ffffff || 824 gsf->gf_numsrc > sysctl_igmp_max_msf) { 825 err = -ENOBUFS; 826 goto mc_msf_out; 827 } 828 if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) { 829 err = -EINVAL; 830 goto mc_msf_out; 831 } 832 msize = IP_MSFILTER_SIZE(gsf->gf_numsrc); 833 msf = kmalloc(msize,GFP_KERNEL); 834 if (!msf) { 835 err = -ENOBUFS; 836 goto mc_msf_out; 837 } 838 ifindex = gsf->gf_interface; 839 psin = (struct sockaddr_in *)&gsf->gf_group; 840 if (psin->sin_family != AF_INET) { 841 err = -EADDRNOTAVAIL; 842 goto mc_msf_out; 843 } 844 msf->imsf_multiaddr = psin->sin_addr.s_addr; 845 msf->imsf_interface = 0; 846 msf->imsf_fmode = gsf->gf_fmode; 847 msf->imsf_numsrc = gsf->gf_numsrc; 848 err = -EADDRNOTAVAIL; 849 for (i=0; i<gsf->gf_numsrc; ++i) { 850 psin = (struct sockaddr_in *)&gsf->gf_slist[i]; 851 852 if (psin->sin_family != AF_INET) 853 goto mc_msf_out; 854 msf->imsf_slist[i] = psin->sin_addr.s_addr; 855 } 856 kfree(gsf); 857 gsf = NULL; 858 859 err = ip_mc_msfilter(sk, msf, ifindex); 860 mc_msf_out: 861 kfree(msf); 862 kfree(gsf); 863 break; 864 } 865 case IP_ROUTER_ALERT: 866 err = ip_ra_control(sk, val ? 1 : 0, NULL); 867 break; 868 869 case IP_FREEBIND: 870 if (optlen<1) 871 goto e_inval; 872 inet->freebind = !!val; 873 break; 874 875 case IP_IPSEC_POLICY: 876 case IP_XFRM_POLICY: 877 err = -EPERM; 878 if (!capable(CAP_NET_ADMIN)) 879 break; 880 err = xfrm_user_policy(sk, optname, optval, optlen); 881 break; 882 883 default: 884 err = -ENOPROTOOPT; 885 break; 886 } 887 release_sock(sk); 888 return err; 889 890 e_inval: 891 release_sock(sk); 892 return -EINVAL; 893 } 894 895 int ip_setsockopt(struct sock *sk, int level, 896 int optname, char __user *optval, int optlen) 897 { 898 int err; 899 900 if (level != SOL_IP) 901 return -ENOPROTOOPT; 902 903 err = do_ip_setsockopt(sk, level, optname, optval, optlen); 904 #ifdef CONFIG_NETFILTER 905 /* we need to exclude all possible ENOPROTOOPTs except default case */ 906 if (err == -ENOPROTOOPT && optname != IP_HDRINCL && 907 optname != IP_IPSEC_POLICY && 908 optname != IP_XFRM_POLICY && 909 !ip_mroute_opt(optname)) { 910 lock_sock(sk); 911 err = nf_setsockopt(sk, PF_INET, optname, optval, optlen); 912 release_sock(sk); 913 } 914 #endif 915 return err; 916 } 917 918 #ifdef CONFIG_COMPAT 919 int compat_ip_setsockopt(struct sock *sk, int level, int optname, 920 char __user *optval, int optlen) 921 { 922 int err; 923 924 if (level != SOL_IP) 925 return -ENOPROTOOPT; 926 927 if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER) 928 return compat_mc_setsockopt(sk, level, optname, optval, optlen, 929 ip_setsockopt); 930 931 err = do_ip_setsockopt(sk, level, optname, optval, optlen); 932 #ifdef CONFIG_NETFILTER 933 /* we need to exclude all possible ENOPROTOOPTs except default case */ 934 if (err == -ENOPROTOOPT && optname != IP_HDRINCL && 935 optname != IP_IPSEC_POLICY && 936 optname != IP_XFRM_POLICY && 937 !ip_mroute_opt(optname)) { 938 lock_sock(sk); 939 err = compat_nf_setsockopt(sk, PF_INET, optname, 940 optval, optlen); 941 release_sock(sk); 942 } 943 #endif 944 return err; 945 } 946 947 EXPORT_SYMBOL(compat_ip_setsockopt); 948 #endif 949 950 /* 951 * Get the options. Note for future reference. The GET of IP options gets the 952 * _received_ ones. The set sets the _sent_ ones. 953 */ 954 955 static int do_ip_getsockopt(struct sock *sk, int level, int optname, 956 char __user *optval, int __user *optlen) 957 { 958 struct inet_sock *inet = inet_sk(sk); 959 int val; 960 int len; 961 962 if (level != SOL_IP) 963 return -EOPNOTSUPP; 964 965 if (ip_mroute_opt(optname)) 966 return ip_mroute_getsockopt(sk,optname,optval,optlen); 967 968 if (get_user(len,optlen)) 969 return -EFAULT; 970 if (len < 0) 971 return -EINVAL; 972 973 lock_sock(sk); 974 975 switch (optname) { 976 case IP_OPTIONS: 977 { 978 unsigned char optbuf[sizeof(struct ip_options)+40]; 979 struct ip_options * opt = (struct ip_options*)optbuf; 980 opt->optlen = 0; 981 if (inet->opt) 982 memcpy(optbuf, inet->opt, 983 sizeof(struct ip_options)+ 984 inet->opt->optlen); 985 release_sock(sk); 986 987 if (opt->optlen == 0) 988 return put_user(0, optlen); 989 990 ip_options_undo(opt); 991 992 len = min_t(unsigned int, len, opt->optlen); 993 if (put_user(len, optlen)) 994 return -EFAULT; 995 if (copy_to_user(optval, opt->__data, len)) 996 return -EFAULT; 997 return 0; 998 } 999 case IP_PKTINFO: 1000 val = (inet->cmsg_flags & IP_CMSG_PKTINFO) != 0; 1001 break; 1002 case IP_RECVTTL: 1003 val = (inet->cmsg_flags & IP_CMSG_TTL) != 0; 1004 break; 1005 case IP_RECVTOS: 1006 val = (inet->cmsg_flags & IP_CMSG_TOS) != 0; 1007 break; 1008 case IP_RECVOPTS: 1009 val = (inet->cmsg_flags & IP_CMSG_RECVOPTS) != 0; 1010 break; 1011 case IP_RETOPTS: 1012 val = (inet->cmsg_flags & IP_CMSG_RETOPTS) != 0; 1013 break; 1014 case IP_PASSSEC: 1015 val = (inet->cmsg_flags & IP_CMSG_PASSSEC) != 0; 1016 break; 1017 case IP_TOS: 1018 val = inet->tos; 1019 break; 1020 case IP_TTL: 1021 val = (inet->uc_ttl == -1 ? 1022 sysctl_ip_default_ttl : 1023 inet->uc_ttl); 1024 break; 1025 case IP_HDRINCL: 1026 val = inet->hdrincl; 1027 break; 1028 case IP_MTU_DISCOVER: 1029 val = inet->pmtudisc; 1030 break; 1031 case IP_MTU: 1032 { 1033 struct dst_entry *dst; 1034 val = 0; 1035 dst = sk_dst_get(sk); 1036 if (dst) { 1037 val = dst_mtu(dst); 1038 dst_release(dst); 1039 } 1040 if (!val) { 1041 release_sock(sk); 1042 return -ENOTCONN; 1043 } 1044 break; 1045 } 1046 case IP_RECVERR: 1047 val = inet->recverr; 1048 break; 1049 case IP_MULTICAST_TTL: 1050 val = inet->mc_ttl; 1051 break; 1052 case IP_MULTICAST_LOOP: 1053 val = inet->mc_loop; 1054 break; 1055 case IP_MULTICAST_IF: 1056 { 1057 struct in_addr addr; 1058 len = min_t(unsigned int, len, sizeof(struct in_addr)); 1059 addr.s_addr = inet->mc_addr; 1060 release_sock(sk); 1061 1062 if (put_user(len, optlen)) 1063 return -EFAULT; 1064 if (copy_to_user(optval, &addr, len)) 1065 return -EFAULT; 1066 return 0; 1067 } 1068 case IP_MSFILTER: 1069 { 1070 struct ip_msfilter msf; 1071 int err; 1072 1073 if (len < IP_MSFILTER_SIZE(0)) { 1074 release_sock(sk); 1075 return -EINVAL; 1076 } 1077 if (copy_from_user(&msf, optval, IP_MSFILTER_SIZE(0))) { 1078 release_sock(sk); 1079 return -EFAULT; 1080 } 1081 err = ip_mc_msfget(sk, &msf, 1082 (struct ip_msfilter __user *)optval, optlen); 1083 release_sock(sk); 1084 return err; 1085 } 1086 case MCAST_MSFILTER: 1087 { 1088 struct group_filter gsf; 1089 int err; 1090 1091 if (len < GROUP_FILTER_SIZE(0)) { 1092 release_sock(sk); 1093 return -EINVAL; 1094 } 1095 if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0))) { 1096 release_sock(sk); 1097 return -EFAULT; 1098 } 1099 err = ip_mc_gsfget(sk, &gsf, 1100 (struct group_filter __user *)optval, optlen); 1101 release_sock(sk); 1102 return err; 1103 } 1104 case IP_PKTOPTIONS: 1105 { 1106 struct msghdr msg; 1107 1108 release_sock(sk); 1109 1110 if (sk->sk_type != SOCK_STREAM) 1111 return -ENOPROTOOPT; 1112 1113 msg.msg_control = optval; 1114 msg.msg_controllen = len; 1115 msg.msg_flags = 0; 1116 1117 if (inet->cmsg_flags & IP_CMSG_PKTINFO) { 1118 struct in_pktinfo info; 1119 1120 info.ipi_addr.s_addr = inet->rcv_saddr; 1121 info.ipi_spec_dst.s_addr = inet->rcv_saddr; 1122 info.ipi_ifindex = inet->mc_index; 1123 put_cmsg(&msg, SOL_IP, IP_PKTINFO, sizeof(info), &info); 1124 } 1125 if (inet->cmsg_flags & IP_CMSG_TTL) { 1126 int hlim = inet->mc_ttl; 1127 put_cmsg(&msg, SOL_IP, IP_TTL, sizeof(hlim), &hlim); 1128 } 1129 len -= msg.msg_controllen; 1130 return put_user(len, optlen); 1131 } 1132 case IP_FREEBIND: 1133 val = inet->freebind; 1134 break; 1135 default: 1136 release_sock(sk); 1137 return -ENOPROTOOPT; 1138 } 1139 release_sock(sk); 1140 1141 if (len < sizeof(int) && len > 0 && val>=0 && val<=255) { 1142 unsigned char ucval = (unsigned char)val; 1143 len = 1; 1144 if (put_user(len, optlen)) 1145 return -EFAULT; 1146 if (copy_to_user(optval,&ucval,1)) 1147 return -EFAULT; 1148 } else { 1149 len = min_t(unsigned int, sizeof(int), len); 1150 if (put_user(len, optlen)) 1151 return -EFAULT; 1152 if (copy_to_user(optval,&val,len)) 1153 return -EFAULT; 1154 } 1155 return 0; 1156 } 1157 1158 int ip_getsockopt(struct sock *sk, int level, 1159 int optname, char __user *optval, int __user *optlen) 1160 { 1161 int err; 1162 1163 err = do_ip_getsockopt(sk, level, optname, optval, optlen); 1164 #ifdef CONFIG_NETFILTER 1165 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1166 if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS && 1167 !ip_mroute_opt(optname)) { 1168 int len; 1169 1170 if (get_user(len,optlen)) 1171 return -EFAULT; 1172 1173 lock_sock(sk); 1174 err = nf_getsockopt(sk, PF_INET, optname, optval, 1175 &len); 1176 release_sock(sk); 1177 if (err >= 0) 1178 err = put_user(len, optlen); 1179 return err; 1180 } 1181 #endif 1182 return err; 1183 } 1184 1185 #ifdef CONFIG_COMPAT 1186 int compat_ip_getsockopt(struct sock *sk, int level, int optname, 1187 char __user *optval, int __user *optlen) 1188 { 1189 int err; 1190 1191 if (optname == MCAST_MSFILTER) 1192 return compat_mc_getsockopt(sk, level, optname, optval, optlen, 1193 ip_getsockopt); 1194 1195 err = do_ip_getsockopt(sk, level, optname, optval, optlen); 1196 1197 #ifdef CONFIG_NETFILTER 1198 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1199 if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS && 1200 !ip_mroute_opt(optname)) { 1201 int len; 1202 1203 if (get_user(len, optlen)) 1204 return -EFAULT; 1205 1206 lock_sock(sk); 1207 err = compat_nf_getsockopt(sk, PF_INET, optname, optval, &len); 1208 release_sock(sk); 1209 if (err >= 0) 1210 err = put_user(len, optlen); 1211 return err; 1212 } 1213 #endif 1214 return err; 1215 } 1216 1217 EXPORT_SYMBOL(compat_ip_getsockopt); 1218 #endif 1219 1220 EXPORT_SYMBOL(ip_cmsg_recv); 1221 1222 EXPORT_SYMBOL(ip_getsockopt); 1223 EXPORT_SYMBOL(ip_setsockopt); 1224