1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * IPv6 BSD socket options interface 4 * Linux INET6 implementation 5 * 6 * Authors: 7 * Pedro Roque <roque@di.fc.ul.pt> 8 * 9 * Based on linux/net/ipv4/ip_sockglue.c 10 * 11 * FIXME: Make the setsockopt code POSIX compliant: That is 12 * 13 * o Truncate getsockopt returns 14 * o Return an optlen of the truncated length if need be 15 * 16 * Changes: 17 * David L Stevens <dlstevens@us.ibm.com>: 18 * - added multicast source filtering API for MLDv2 19 */ 20 21 #include <linux/module.h> 22 #include <linux/capability.h> 23 #include <linux/errno.h> 24 #include <linux/types.h> 25 #include <linux/socket.h> 26 #include <linux/sockios.h> 27 #include <linux/net.h> 28 #include <linux/in6.h> 29 #include <linux/mroute6.h> 30 #include <linux/netdevice.h> 31 #include <linux/if_arp.h> 32 #include <linux/init.h> 33 #include <linux/sysctl.h> 34 #include <linux/netfilter.h> 35 #include <linux/slab.h> 36 37 #include <net/sock.h> 38 #include <net/snmp.h> 39 #include <net/ipv6.h> 40 #include <net/ndisc.h> 41 #include <net/protocol.h> 42 #include <net/transp_v6.h> 43 #include <net/ip6_route.h> 44 #include <net/addrconf.h> 45 #include <net/inet_common.h> 46 #include <net/tcp.h> 47 #include <net/udp.h> 48 #include <net/udplite.h> 49 #include <net/xfrm.h> 50 #include <net/compat.h> 51 #include <net/seg6.h> 52 53 #include <linux/uaccess.h> 54 55 struct ip6_ra_chain *ip6_ra_chain; 56 DEFINE_RWLOCK(ip6_ra_lock); 57 58 int ip6_ra_control(struct sock *sk, int sel) 59 { 60 struct ip6_ra_chain *ra, *new_ra, **rap; 61 62 /* RA packet may be delivered ONLY to IPPROTO_RAW socket */ 63 if (sk->sk_type != SOCK_RAW || inet_sk(sk)->inet_num != IPPROTO_RAW) 64 return -ENOPROTOOPT; 65 66 new_ra = (sel >= 0) ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL; 67 if (sel >= 0 && !new_ra) 68 return -ENOMEM; 69 70 write_lock_bh(&ip6_ra_lock); 71 for (rap = &ip6_ra_chain; (ra = *rap) != NULL; rap = &ra->next) { 72 if (ra->sk == sk) { 73 if (sel >= 0) { 74 write_unlock_bh(&ip6_ra_lock); 75 kfree(new_ra); 76 return -EADDRINUSE; 77 } 78 79 *rap = ra->next; 80 write_unlock_bh(&ip6_ra_lock); 81 82 sock_put(sk); 83 kfree(ra); 84 return 0; 85 } 86 } 87 if (!new_ra) { 88 write_unlock_bh(&ip6_ra_lock); 89 return -ENOBUFS; 90 } 91 new_ra->sk = sk; 92 new_ra->sel = sel; 93 new_ra->next = ra; 94 *rap = new_ra; 95 sock_hold(sk); 96 write_unlock_bh(&ip6_ra_lock); 97 return 0; 98 } 99 100 struct ipv6_txoptions *ipv6_update_options(struct sock *sk, 101 struct ipv6_txoptions *opt) 102 { 103 if (inet_sk(sk)->is_icsk) { 104 if (opt && 105 !((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) && 106 inet_sk(sk)->inet_daddr != LOOPBACK4_IPV6) { 107 struct inet_connection_sock *icsk = inet_csk(sk); 108 icsk->icsk_ext_hdr_len = opt->opt_flen + opt->opt_nflen; 109 icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie); 110 } 111 } 112 opt = xchg((__force struct ipv6_txoptions **)&inet6_sk(sk)->opt, 113 opt); 114 sk_dst_reset(sk); 115 116 return opt; 117 } 118 119 static bool setsockopt_needs_rtnl(int optname) 120 { 121 switch (optname) { 122 case IPV6_ADDRFORM: 123 case IPV6_ADD_MEMBERSHIP: 124 case IPV6_DROP_MEMBERSHIP: 125 case IPV6_JOIN_ANYCAST: 126 case IPV6_LEAVE_ANYCAST: 127 case MCAST_JOIN_GROUP: 128 case MCAST_LEAVE_GROUP: 129 case MCAST_JOIN_SOURCE_GROUP: 130 case MCAST_LEAVE_SOURCE_GROUP: 131 case MCAST_BLOCK_SOURCE: 132 case MCAST_UNBLOCK_SOURCE: 133 case MCAST_MSFILTER: 134 return true; 135 } 136 return false; 137 } 138 139 static int do_ipv6_setsockopt(struct sock *sk, int level, int optname, 140 char __user *optval, unsigned int optlen) 141 { 142 struct ipv6_pinfo *np = inet6_sk(sk); 143 struct net *net = sock_net(sk); 144 int val, valbool; 145 int retv = -ENOPROTOOPT; 146 bool needs_rtnl = setsockopt_needs_rtnl(optname); 147 148 if (!optval) 149 val = 0; 150 else { 151 if (optlen >= sizeof(int)) { 152 if (get_user(val, (int __user *) optval)) 153 return -EFAULT; 154 } else 155 val = 0; 156 } 157 158 valbool = (val != 0); 159 160 if (ip6_mroute_opt(optname)) 161 return ip6_mroute_setsockopt(sk, optname, optval, optlen); 162 163 if (needs_rtnl) 164 rtnl_lock(); 165 lock_sock(sk); 166 167 switch (optname) { 168 169 case IPV6_ADDRFORM: 170 if (optlen < sizeof(int)) 171 goto e_inval; 172 if (val == PF_INET) { 173 struct ipv6_txoptions *opt; 174 struct sk_buff *pktopt; 175 176 if (sk->sk_type == SOCK_RAW) 177 break; 178 179 if (sk->sk_protocol == IPPROTO_UDP || 180 sk->sk_protocol == IPPROTO_UDPLITE) { 181 struct udp_sock *up = udp_sk(sk); 182 if (up->pending == AF_INET6) { 183 retv = -EBUSY; 184 break; 185 } 186 } else if (sk->sk_protocol == IPPROTO_TCP) { 187 if (sk->sk_prot != &tcpv6_prot) { 188 retv = -EBUSY; 189 break; 190 } 191 break; 192 } else { 193 break; 194 } 195 if (sk->sk_state != TCP_ESTABLISHED) { 196 retv = -ENOTCONN; 197 break; 198 } 199 200 if (ipv6_only_sock(sk) || 201 !ipv6_addr_v4mapped(&sk->sk_v6_daddr)) { 202 retv = -EADDRNOTAVAIL; 203 break; 204 } 205 206 fl6_free_socklist(sk); 207 __ipv6_sock_mc_close(sk); 208 209 /* 210 * Sock is moving from IPv6 to IPv4 (sk_prot), so 211 * remove it from the refcnt debug socks count in the 212 * original family... 213 */ 214 sk_refcnt_debug_dec(sk); 215 216 if (sk->sk_protocol == IPPROTO_TCP) { 217 struct inet_connection_sock *icsk = inet_csk(sk); 218 local_bh_disable(); 219 sock_prot_inuse_add(net, sk->sk_prot, -1); 220 sock_prot_inuse_add(net, &tcp_prot, 1); 221 local_bh_enable(); 222 sk->sk_prot = &tcp_prot; 223 icsk->icsk_af_ops = &ipv4_specific; 224 sk->sk_socket->ops = &inet_stream_ops; 225 sk->sk_family = PF_INET; 226 tcp_sync_mss(sk, icsk->icsk_pmtu_cookie); 227 } else { 228 struct proto *prot = &udp_prot; 229 230 if (sk->sk_protocol == IPPROTO_UDPLITE) 231 prot = &udplite_prot; 232 local_bh_disable(); 233 sock_prot_inuse_add(net, sk->sk_prot, -1); 234 sock_prot_inuse_add(net, prot, 1); 235 local_bh_enable(); 236 sk->sk_prot = prot; 237 sk->sk_socket->ops = &inet_dgram_ops; 238 sk->sk_family = PF_INET; 239 } 240 opt = xchg((__force struct ipv6_txoptions **)&np->opt, 241 NULL); 242 if (opt) { 243 atomic_sub(opt->tot_len, &sk->sk_omem_alloc); 244 txopt_put(opt); 245 } 246 pktopt = xchg(&np->pktoptions, NULL); 247 kfree_skb(pktopt); 248 249 /* 250 * ... and add it to the refcnt debug socks count 251 * in the new family. -acme 252 */ 253 sk_refcnt_debug_inc(sk); 254 module_put(THIS_MODULE); 255 retv = 0; 256 break; 257 } 258 goto e_inval; 259 260 case IPV6_V6ONLY: 261 if (optlen < sizeof(int) || 262 inet_sk(sk)->inet_num) 263 goto e_inval; 264 sk->sk_ipv6only = valbool; 265 retv = 0; 266 break; 267 268 case IPV6_RECVPKTINFO: 269 if (optlen < sizeof(int)) 270 goto e_inval; 271 np->rxopt.bits.rxinfo = valbool; 272 retv = 0; 273 break; 274 275 case IPV6_2292PKTINFO: 276 if (optlen < sizeof(int)) 277 goto e_inval; 278 np->rxopt.bits.rxoinfo = valbool; 279 retv = 0; 280 break; 281 282 case IPV6_RECVHOPLIMIT: 283 if (optlen < sizeof(int)) 284 goto e_inval; 285 np->rxopt.bits.rxhlim = valbool; 286 retv = 0; 287 break; 288 289 case IPV6_2292HOPLIMIT: 290 if (optlen < sizeof(int)) 291 goto e_inval; 292 np->rxopt.bits.rxohlim = valbool; 293 retv = 0; 294 break; 295 296 case IPV6_RECVRTHDR: 297 if (optlen < sizeof(int)) 298 goto e_inval; 299 np->rxopt.bits.srcrt = valbool; 300 retv = 0; 301 break; 302 303 case IPV6_2292RTHDR: 304 if (optlen < sizeof(int)) 305 goto e_inval; 306 np->rxopt.bits.osrcrt = valbool; 307 retv = 0; 308 break; 309 310 case IPV6_RECVHOPOPTS: 311 if (optlen < sizeof(int)) 312 goto e_inval; 313 np->rxopt.bits.hopopts = valbool; 314 retv = 0; 315 break; 316 317 case IPV6_2292HOPOPTS: 318 if (optlen < sizeof(int)) 319 goto e_inval; 320 np->rxopt.bits.ohopopts = valbool; 321 retv = 0; 322 break; 323 324 case IPV6_RECVDSTOPTS: 325 if (optlen < sizeof(int)) 326 goto e_inval; 327 np->rxopt.bits.dstopts = valbool; 328 retv = 0; 329 break; 330 331 case IPV6_2292DSTOPTS: 332 if (optlen < sizeof(int)) 333 goto e_inval; 334 np->rxopt.bits.odstopts = valbool; 335 retv = 0; 336 break; 337 338 case IPV6_TCLASS: 339 if (optlen < sizeof(int)) 340 goto e_inval; 341 if (val < -1 || val > 0xff) 342 goto e_inval; 343 /* RFC 3542, 6.5: default traffic class of 0x0 */ 344 if (val == -1) 345 val = 0; 346 np->tclass = val; 347 retv = 0; 348 break; 349 350 case IPV6_RECVTCLASS: 351 if (optlen < sizeof(int)) 352 goto e_inval; 353 np->rxopt.bits.rxtclass = valbool; 354 retv = 0; 355 break; 356 357 case IPV6_FLOWINFO: 358 if (optlen < sizeof(int)) 359 goto e_inval; 360 np->rxopt.bits.rxflow = valbool; 361 retv = 0; 362 break; 363 364 case IPV6_RECVPATHMTU: 365 if (optlen < sizeof(int)) 366 goto e_inval; 367 np->rxopt.bits.rxpmtu = valbool; 368 retv = 0; 369 break; 370 371 case IPV6_TRANSPARENT: 372 if (valbool && !ns_capable(net->user_ns, CAP_NET_RAW) && 373 !ns_capable(net->user_ns, CAP_NET_ADMIN)) { 374 retv = -EPERM; 375 break; 376 } 377 if (optlen < sizeof(int)) 378 goto e_inval; 379 /* we don't have a separate transparent bit for IPV6 we use the one in the IPv4 socket */ 380 inet_sk(sk)->transparent = valbool; 381 retv = 0; 382 break; 383 384 case IPV6_FREEBIND: 385 if (optlen < sizeof(int)) 386 goto e_inval; 387 /* we also don't have a separate freebind bit for IPV6 */ 388 inet_sk(sk)->freebind = valbool; 389 retv = 0; 390 break; 391 392 case IPV6_RECVORIGDSTADDR: 393 if (optlen < sizeof(int)) 394 goto e_inval; 395 np->rxopt.bits.rxorigdstaddr = valbool; 396 retv = 0; 397 break; 398 399 case IPV6_HOPOPTS: 400 case IPV6_RTHDRDSTOPTS: 401 case IPV6_RTHDR: 402 case IPV6_DSTOPTS: 403 { 404 struct ipv6_txoptions *opt; 405 struct ipv6_opt_hdr *new = NULL; 406 407 /* hop-by-hop / destination options are privileged option */ 408 retv = -EPERM; 409 if (optname != IPV6_RTHDR && !ns_capable(net->user_ns, CAP_NET_RAW)) 410 break; 411 412 /* remove any sticky options header with a zero option 413 * length, per RFC3542. 414 */ 415 if (optlen == 0) 416 optval = NULL; 417 else if (!optval) 418 goto e_inval; 419 else if (optlen < sizeof(struct ipv6_opt_hdr) || 420 optlen & 0x7 || optlen > 8 * 255) 421 goto e_inval; 422 else { 423 new = memdup_user(optval, optlen); 424 if (IS_ERR(new)) { 425 retv = PTR_ERR(new); 426 break; 427 } 428 if (unlikely(ipv6_optlen(new) > optlen)) { 429 kfree(new); 430 goto e_inval; 431 } 432 } 433 434 opt = rcu_dereference_protected(np->opt, 435 lockdep_sock_is_held(sk)); 436 opt = ipv6_renew_options(sk, opt, optname, new); 437 kfree(new); 438 if (IS_ERR(opt)) { 439 retv = PTR_ERR(opt); 440 break; 441 } 442 443 /* routing header option needs extra check */ 444 retv = -EINVAL; 445 if (optname == IPV6_RTHDR && opt && opt->srcrt) { 446 struct ipv6_rt_hdr *rthdr = opt->srcrt; 447 switch (rthdr->type) { 448 #if IS_ENABLED(CONFIG_IPV6_MIP6) 449 case IPV6_SRCRT_TYPE_2: 450 if (rthdr->hdrlen != 2 || 451 rthdr->segments_left != 1) 452 goto sticky_done; 453 454 break; 455 #endif 456 case IPV6_SRCRT_TYPE_4: 457 { 458 struct ipv6_sr_hdr *srh = (struct ipv6_sr_hdr *) 459 opt->srcrt; 460 461 if (!seg6_validate_srh(srh, optlen)) 462 goto sticky_done; 463 break; 464 } 465 default: 466 goto sticky_done; 467 } 468 } 469 470 retv = 0; 471 opt = ipv6_update_options(sk, opt); 472 sticky_done: 473 if (opt) { 474 atomic_sub(opt->tot_len, &sk->sk_omem_alloc); 475 txopt_put(opt); 476 } 477 break; 478 } 479 480 case IPV6_PKTINFO: 481 { 482 struct in6_pktinfo pkt; 483 484 if (optlen == 0) 485 goto e_inval; 486 else if (optlen < sizeof(struct in6_pktinfo) || !optval) 487 goto e_inval; 488 489 if (copy_from_user(&pkt, optval, sizeof(struct in6_pktinfo))) { 490 retv = -EFAULT; 491 break; 492 } 493 if (!sk_dev_equal_l3scope(sk, pkt.ipi6_ifindex)) 494 goto e_inval; 495 496 np->sticky_pktinfo.ipi6_ifindex = pkt.ipi6_ifindex; 497 np->sticky_pktinfo.ipi6_addr = pkt.ipi6_addr; 498 retv = 0; 499 break; 500 } 501 502 case IPV6_2292PKTOPTIONS: 503 { 504 struct ipv6_txoptions *opt = NULL; 505 struct msghdr msg; 506 struct flowi6 fl6; 507 struct ipcm6_cookie ipc6; 508 509 memset(&fl6, 0, sizeof(fl6)); 510 fl6.flowi6_oif = sk->sk_bound_dev_if; 511 fl6.flowi6_mark = sk->sk_mark; 512 513 if (optlen == 0) 514 goto update; 515 516 /* 1K is probably excessive 517 * 1K is surely not enough, 2K per standard header is 16K. 518 */ 519 retv = -EINVAL; 520 if (optlen > 64*1024) 521 break; 522 523 opt = sock_kmalloc(sk, sizeof(*opt) + optlen, GFP_KERNEL); 524 retv = -ENOBUFS; 525 if (!opt) 526 break; 527 528 memset(opt, 0, sizeof(*opt)); 529 refcount_set(&opt->refcnt, 1); 530 opt->tot_len = sizeof(*opt) + optlen; 531 retv = -EFAULT; 532 if (copy_from_user(opt+1, optval, optlen)) 533 goto done; 534 535 msg.msg_controllen = optlen; 536 msg.msg_control = (void *)(opt+1); 537 ipc6.opt = opt; 538 539 retv = ip6_datagram_send_ctl(net, sk, &msg, &fl6, &ipc6); 540 if (retv) 541 goto done; 542 update: 543 retv = 0; 544 opt = ipv6_update_options(sk, opt); 545 done: 546 if (opt) { 547 atomic_sub(opt->tot_len, &sk->sk_omem_alloc); 548 txopt_put(opt); 549 } 550 break; 551 } 552 case IPV6_UNICAST_HOPS: 553 if (optlen < sizeof(int)) 554 goto e_inval; 555 if (val > 255 || val < -1) 556 goto e_inval; 557 np->hop_limit = val; 558 retv = 0; 559 break; 560 561 case IPV6_MULTICAST_HOPS: 562 if (sk->sk_type == SOCK_STREAM) 563 break; 564 if (optlen < sizeof(int)) 565 goto e_inval; 566 if (val > 255 || val < -1) 567 goto e_inval; 568 np->mcast_hops = (val == -1 ? IPV6_DEFAULT_MCASTHOPS : val); 569 retv = 0; 570 break; 571 572 case IPV6_MULTICAST_LOOP: 573 if (optlen < sizeof(int)) 574 goto e_inval; 575 if (val != valbool) 576 goto e_inval; 577 np->mc_loop = valbool; 578 retv = 0; 579 break; 580 581 case IPV6_UNICAST_IF: 582 { 583 struct net_device *dev = NULL; 584 int ifindex; 585 586 if (optlen != sizeof(int)) 587 goto e_inval; 588 589 ifindex = (__force int)ntohl((__force __be32)val); 590 if (ifindex == 0) { 591 np->ucast_oif = 0; 592 retv = 0; 593 break; 594 } 595 596 dev = dev_get_by_index(net, ifindex); 597 retv = -EADDRNOTAVAIL; 598 if (!dev) 599 break; 600 dev_put(dev); 601 602 retv = -EINVAL; 603 if (sk->sk_bound_dev_if) 604 break; 605 606 np->ucast_oif = ifindex; 607 retv = 0; 608 break; 609 } 610 611 case IPV6_MULTICAST_IF: 612 if (sk->sk_type == SOCK_STREAM) 613 break; 614 if (optlen < sizeof(int)) 615 goto e_inval; 616 617 if (val) { 618 struct net_device *dev; 619 int midx; 620 621 rcu_read_lock(); 622 623 dev = dev_get_by_index_rcu(net, val); 624 if (!dev) { 625 rcu_read_unlock(); 626 retv = -ENODEV; 627 break; 628 } 629 midx = l3mdev_master_ifindex_rcu(dev); 630 631 rcu_read_unlock(); 632 633 if (sk->sk_bound_dev_if && 634 sk->sk_bound_dev_if != val && 635 (!midx || midx != sk->sk_bound_dev_if)) 636 goto e_inval; 637 } 638 np->mcast_oif = val; 639 retv = 0; 640 break; 641 case IPV6_ADD_MEMBERSHIP: 642 case IPV6_DROP_MEMBERSHIP: 643 { 644 struct ipv6_mreq mreq; 645 646 if (optlen < sizeof(struct ipv6_mreq)) 647 goto e_inval; 648 649 retv = -EPROTO; 650 if (inet_sk(sk)->is_icsk) 651 break; 652 653 retv = -EFAULT; 654 if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq))) 655 break; 656 657 if (optname == IPV6_ADD_MEMBERSHIP) 658 retv = ipv6_sock_mc_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr); 659 else 660 retv = ipv6_sock_mc_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr); 661 break; 662 } 663 case IPV6_JOIN_ANYCAST: 664 case IPV6_LEAVE_ANYCAST: 665 { 666 struct ipv6_mreq mreq; 667 668 if (optlen < sizeof(struct ipv6_mreq)) 669 goto e_inval; 670 671 retv = -EFAULT; 672 if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq))) 673 break; 674 675 if (optname == IPV6_JOIN_ANYCAST) 676 retv = ipv6_sock_ac_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr); 677 else 678 retv = ipv6_sock_ac_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr); 679 break; 680 } 681 case IPV6_MULTICAST_ALL: 682 if (optlen < sizeof(int)) 683 goto e_inval; 684 np->mc_all = valbool; 685 retv = 0; 686 break; 687 688 case MCAST_JOIN_GROUP: 689 case MCAST_LEAVE_GROUP: 690 { 691 struct group_req greq; 692 struct sockaddr_in6 *psin6; 693 694 if (optlen < sizeof(struct group_req)) 695 goto e_inval; 696 697 retv = -EFAULT; 698 if (copy_from_user(&greq, optval, sizeof(struct group_req))) 699 break; 700 if (greq.gr_group.ss_family != AF_INET6) { 701 retv = -EADDRNOTAVAIL; 702 break; 703 } 704 psin6 = (struct sockaddr_in6 *)&greq.gr_group; 705 if (optname == MCAST_JOIN_GROUP) 706 retv = ipv6_sock_mc_join(sk, greq.gr_interface, 707 &psin6->sin6_addr); 708 else 709 retv = ipv6_sock_mc_drop(sk, greq.gr_interface, 710 &psin6->sin6_addr); 711 break; 712 } 713 case MCAST_JOIN_SOURCE_GROUP: 714 case MCAST_LEAVE_SOURCE_GROUP: 715 case MCAST_BLOCK_SOURCE: 716 case MCAST_UNBLOCK_SOURCE: 717 { 718 struct group_source_req greqs; 719 int omode, add; 720 721 if (optlen < sizeof(struct group_source_req)) 722 goto e_inval; 723 if (copy_from_user(&greqs, optval, sizeof(greqs))) { 724 retv = -EFAULT; 725 break; 726 } 727 if (greqs.gsr_group.ss_family != AF_INET6 || 728 greqs.gsr_source.ss_family != AF_INET6) { 729 retv = -EADDRNOTAVAIL; 730 break; 731 } 732 if (optname == MCAST_BLOCK_SOURCE) { 733 omode = MCAST_EXCLUDE; 734 add = 1; 735 } else if (optname == MCAST_UNBLOCK_SOURCE) { 736 omode = MCAST_EXCLUDE; 737 add = 0; 738 } else if (optname == MCAST_JOIN_SOURCE_GROUP) { 739 struct sockaddr_in6 *psin6; 740 741 psin6 = (struct sockaddr_in6 *)&greqs.gsr_group; 742 retv = ipv6_sock_mc_join_ssm(sk, greqs.gsr_interface, 743 &psin6->sin6_addr, 744 MCAST_INCLUDE); 745 /* prior join w/ different source is ok */ 746 if (retv && retv != -EADDRINUSE) 747 break; 748 omode = MCAST_INCLUDE; 749 add = 1; 750 } else /* MCAST_LEAVE_SOURCE_GROUP */ { 751 omode = MCAST_INCLUDE; 752 add = 0; 753 } 754 retv = ip6_mc_source(add, omode, sk, &greqs); 755 break; 756 } 757 case MCAST_MSFILTER: 758 { 759 struct group_filter *gsf; 760 761 if (optlen < GROUP_FILTER_SIZE(0)) 762 goto e_inval; 763 if (optlen > sysctl_optmem_max) { 764 retv = -ENOBUFS; 765 break; 766 } 767 gsf = memdup_user(optval, optlen); 768 if (IS_ERR(gsf)) { 769 retv = PTR_ERR(gsf); 770 break; 771 } 772 /* numsrc >= (4G-140)/128 overflow in 32 bits */ 773 if (gsf->gf_numsrc >= 0x1ffffffU || 774 gsf->gf_numsrc > sysctl_mld_max_msf) { 775 kfree(gsf); 776 retv = -ENOBUFS; 777 break; 778 } 779 if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) { 780 kfree(gsf); 781 retv = -EINVAL; 782 break; 783 } 784 retv = ip6_mc_msfilter(sk, gsf); 785 kfree(gsf); 786 787 break; 788 } 789 case IPV6_ROUTER_ALERT: 790 if (optlen < sizeof(int)) 791 goto e_inval; 792 retv = ip6_ra_control(sk, val); 793 break; 794 case IPV6_ROUTER_ALERT_ISOLATE: 795 if (optlen < sizeof(int)) 796 goto e_inval; 797 np->rtalert_isolate = valbool; 798 retv = 0; 799 break; 800 case IPV6_MTU_DISCOVER: 801 if (optlen < sizeof(int)) 802 goto e_inval; 803 if (val < IPV6_PMTUDISC_DONT || val > IPV6_PMTUDISC_OMIT) 804 goto e_inval; 805 np->pmtudisc = val; 806 retv = 0; 807 break; 808 case IPV6_MTU: 809 if (optlen < sizeof(int)) 810 goto e_inval; 811 if (val && val < IPV6_MIN_MTU) 812 goto e_inval; 813 np->frag_size = val; 814 retv = 0; 815 break; 816 case IPV6_RECVERR: 817 if (optlen < sizeof(int)) 818 goto e_inval; 819 np->recverr = valbool; 820 if (!val) 821 skb_queue_purge(&sk->sk_error_queue); 822 retv = 0; 823 break; 824 case IPV6_FLOWINFO_SEND: 825 if (optlen < sizeof(int)) 826 goto e_inval; 827 np->sndflow = valbool; 828 retv = 0; 829 break; 830 case IPV6_FLOWLABEL_MGR: 831 retv = ipv6_flowlabel_opt(sk, optval, optlen); 832 break; 833 case IPV6_IPSEC_POLICY: 834 case IPV6_XFRM_POLICY: 835 retv = -EPERM; 836 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 837 break; 838 retv = xfrm_user_policy(sk, optname, optval, optlen); 839 break; 840 841 case IPV6_ADDR_PREFERENCES: 842 { 843 unsigned int pref = 0; 844 unsigned int prefmask = ~0; 845 846 if (optlen < sizeof(int)) 847 goto e_inval; 848 849 retv = -EINVAL; 850 851 /* check PUBLIC/TMP/PUBTMP_DEFAULT conflicts */ 852 switch (val & (IPV6_PREFER_SRC_PUBLIC| 853 IPV6_PREFER_SRC_TMP| 854 IPV6_PREFER_SRC_PUBTMP_DEFAULT)) { 855 case IPV6_PREFER_SRC_PUBLIC: 856 pref |= IPV6_PREFER_SRC_PUBLIC; 857 break; 858 case IPV6_PREFER_SRC_TMP: 859 pref |= IPV6_PREFER_SRC_TMP; 860 break; 861 case IPV6_PREFER_SRC_PUBTMP_DEFAULT: 862 break; 863 case 0: 864 goto pref_skip_pubtmp; 865 default: 866 goto e_inval; 867 } 868 869 prefmask &= ~(IPV6_PREFER_SRC_PUBLIC| 870 IPV6_PREFER_SRC_TMP); 871 pref_skip_pubtmp: 872 873 /* check HOME/COA conflicts */ 874 switch (val & (IPV6_PREFER_SRC_HOME|IPV6_PREFER_SRC_COA)) { 875 case IPV6_PREFER_SRC_HOME: 876 break; 877 case IPV6_PREFER_SRC_COA: 878 pref |= IPV6_PREFER_SRC_COA; 879 case 0: 880 goto pref_skip_coa; 881 default: 882 goto e_inval; 883 } 884 885 prefmask &= ~IPV6_PREFER_SRC_COA; 886 pref_skip_coa: 887 888 /* check CGA/NONCGA conflicts */ 889 switch (val & (IPV6_PREFER_SRC_CGA|IPV6_PREFER_SRC_NONCGA)) { 890 case IPV6_PREFER_SRC_CGA: 891 case IPV6_PREFER_SRC_NONCGA: 892 case 0: 893 break; 894 default: 895 goto e_inval; 896 } 897 898 np->srcprefs = (np->srcprefs & prefmask) | pref; 899 retv = 0; 900 901 break; 902 } 903 case IPV6_MINHOPCOUNT: 904 if (optlen < sizeof(int)) 905 goto e_inval; 906 if (val < 0 || val > 255) 907 goto e_inval; 908 np->min_hopcount = val; 909 retv = 0; 910 break; 911 case IPV6_DONTFRAG: 912 np->dontfrag = valbool; 913 retv = 0; 914 break; 915 case IPV6_AUTOFLOWLABEL: 916 np->autoflowlabel = valbool; 917 np->autoflowlabel_set = 1; 918 retv = 0; 919 break; 920 case IPV6_RECVFRAGSIZE: 921 np->rxopt.bits.recvfragsize = valbool; 922 retv = 0; 923 break; 924 } 925 926 release_sock(sk); 927 if (needs_rtnl) 928 rtnl_unlock(); 929 930 return retv; 931 932 e_inval: 933 release_sock(sk); 934 if (needs_rtnl) 935 rtnl_unlock(); 936 return -EINVAL; 937 } 938 939 int ipv6_setsockopt(struct sock *sk, int level, int optname, 940 char __user *optval, unsigned int optlen) 941 { 942 int err; 943 944 if (level == SOL_IP && sk->sk_type != SOCK_RAW) 945 return udp_prot.setsockopt(sk, level, optname, optval, optlen); 946 947 if (level != SOL_IPV6) 948 return -ENOPROTOOPT; 949 950 err = do_ipv6_setsockopt(sk, level, optname, optval, optlen); 951 #ifdef CONFIG_NETFILTER 952 /* we need to exclude all possible ENOPROTOOPTs except default case */ 953 if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY && 954 optname != IPV6_XFRM_POLICY) 955 err = nf_setsockopt(sk, PF_INET6, optname, optval, optlen); 956 #endif 957 return err; 958 } 959 EXPORT_SYMBOL(ipv6_setsockopt); 960 961 #ifdef CONFIG_COMPAT 962 int compat_ipv6_setsockopt(struct sock *sk, int level, int optname, 963 char __user *optval, unsigned int optlen) 964 { 965 int err; 966 967 if (level == SOL_IP && sk->sk_type != SOCK_RAW) { 968 if (udp_prot.compat_setsockopt != NULL) 969 return udp_prot.compat_setsockopt(sk, level, optname, 970 optval, optlen); 971 return udp_prot.setsockopt(sk, level, optname, optval, optlen); 972 } 973 974 if (level != SOL_IPV6) 975 return -ENOPROTOOPT; 976 977 if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER) 978 return compat_mc_setsockopt(sk, level, optname, optval, optlen, 979 ipv6_setsockopt); 980 981 err = do_ipv6_setsockopt(sk, level, optname, optval, optlen); 982 #ifdef CONFIG_NETFILTER 983 /* we need to exclude all possible ENOPROTOOPTs except default case */ 984 if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY && 985 optname != IPV6_XFRM_POLICY) 986 err = compat_nf_setsockopt(sk, PF_INET6, optname, optval, 987 optlen); 988 #endif 989 return err; 990 } 991 EXPORT_SYMBOL(compat_ipv6_setsockopt); 992 #endif 993 994 static int ipv6_getsockopt_sticky(struct sock *sk, struct ipv6_txoptions *opt, 995 int optname, char __user *optval, int len) 996 { 997 struct ipv6_opt_hdr *hdr; 998 999 if (!opt) 1000 return 0; 1001 1002 switch (optname) { 1003 case IPV6_HOPOPTS: 1004 hdr = opt->hopopt; 1005 break; 1006 case IPV6_RTHDRDSTOPTS: 1007 hdr = opt->dst0opt; 1008 break; 1009 case IPV6_RTHDR: 1010 hdr = (struct ipv6_opt_hdr *)opt->srcrt; 1011 break; 1012 case IPV6_DSTOPTS: 1013 hdr = opt->dst1opt; 1014 break; 1015 default: 1016 return -EINVAL; /* should not happen */ 1017 } 1018 1019 if (!hdr) 1020 return 0; 1021 1022 len = min_t(unsigned int, len, ipv6_optlen(hdr)); 1023 if (copy_to_user(optval, hdr, len)) 1024 return -EFAULT; 1025 return len; 1026 } 1027 1028 static int do_ipv6_getsockopt(struct sock *sk, int level, int optname, 1029 char __user *optval, int __user *optlen, unsigned int flags) 1030 { 1031 struct ipv6_pinfo *np = inet6_sk(sk); 1032 int len; 1033 int val; 1034 1035 if (ip6_mroute_opt(optname)) 1036 return ip6_mroute_getsockopt(sk, optname, optval, optlen); 1037 1038 if (get_user(len, optlen)) 1039 return -EFAULT; 1040 switch (optname) { 1041 case IPV6_ADDRFORM: 1042 if (sk->sk_protocol != IPPROTO_UDP && 1043 sk->sk_protocol != IPPROTO_UDPLITE && 1044 sk->sk_protocol != IPPROTO_TCP) 1045 return -ENOPROTOOPT; 1046 if (sk->sk_state != TCP_ESTABLISHED) 1047 return -ENOTCONN; 1048 val = sk->sk_family; 1049 break; 1050 case MCAST_MSFILTER: 1051 { 1052 struct group_filter gsf; 1053 int err; 1054 1055 if (len < GROUP_FILTER_SIZE(0)) 1056 return -EINVAL; 1057 if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0))) 1058 return -EFAULT; 1059 if (gsf.gf_group.ss_family != AF_INET6) 1060 return -EADDRNOTAVAIL; 1061 lock_sock(sk); 1062 err = ip6_mc_msfget(sk, &gsf, 1063 (struct group_filter __user *)optval, optlen); 1064 release_sock(sk); 1065 return err; 1066 } 1067 1068 case IPV6_2292PKTOPTIONS: 1069 { 1070 struct msghdr msg; 1071 struct sk_buff *skb; 1072 1073 if (sk->sk_type != SOCK_STREAM) 1074 return -ENOPROTOOPT; 1075 1076 msg.msg_control = optval; 1077 msg.msg_controllen = len; 1078 msg.msg_flags = flags; 1079 1080 lock_sock(sk); 1081 skb = np->pktoptions; 1082 if (skb) 1083 ip6_datagram_recv_ctl(sk, &msg, skb); 1084 release_sock(sk); 1085 if (!skb) { 1086 if (np->rxopt.bits.rxinfo) { 1087 struct in6_pktinfo src_info; 1088 src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif : 1089 np->sticky_pktinfo.ipi6_ifindex; 1090 src_info.ipi6_addr = np->mcast_oif ? sk->sk_v6_daddr : np->sticky_pktinfo.ipi6_addr; 1091 put_cmsg(&msg, SOL_IPV6, IPV6_PKTINFO, sizeof(src_info), &src_info); 1092 } 1093 if (np->rxopt.bits.rxhlim) { 1094 int hlim = np->mcast_hops; 1095 put_cmsg(&msg, SOL_IPV6, IPV6_HOPLIMIT, sizeof(hlim), &hlim); 1096 } 1097 if (np->rxopt.bits.rxtclass) { 1098 int tclass = (int)ip6_tclass(np->rcv_flowinfo); 1099 1100 put_cmsg(&msg, SOL_IPV6, IPV6_TCLASS, sizeof(tclass), &tclass); 1101 } 1102 if (np->rxopt.bits.rxoinfo) { 1103 struct in6_pktinfo src_info; 1104 src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif : 1105 np->sticky_pktinfo.ipi6_ifindex; 1106 src_info.ipi6_addr = np->mcast_oif ? sk->sk_v6_daddr : 1107 np->sticky_pktinfo.ipi6_addr; 1108 put_cmsg(&msg, SOL_IPV6, IPV6_2292PKTINFO, sizeof(src_info), &src_info); 1109 } 1110 if (np->rxopt.bits.rxohlim) { 1111 int hlim = np->mcast_hops; 1112 put_cmsg(&msg, SOL_IPV6, IPV6_2292HOPLIMIT, sizeof(hlim), &hlim); 1113 } 1114 if (np->rxopt.bits.rxflow) { 1115 __be32 flowinfo = np->rcv_flowinfo; 1116 1117 put_cmsg(&msg, SOL_IPV6, IPV6_FLOWINFO, sizeof(flowinfo), &flowinfo); 1118 } 1119 } 1120 len -= msg.msg_controllen; 1121 return put_user(len, optlen); 1122 } 1123 case IPV6_MTU: 1124 { 1125 struct dst_entry *dst; 1126 1127 val = 0; 1128 rcu_read_lock(); 1129 dst = __sk_dst_get(sk); 1130 if (dst) 1131 val = dst_mtu(dst); 1132 rcu_read_unlock(); 1133 if (!val) 1134 return -ENOTCONN; 1135 break; 1136 } 1137 1138 case IPV6_V6ONLY: 1139 val = sk->sk_ipv6only; 1140 break; 1141 1142 case IPV6_RECVPKTINFO: 1143 val = np->rxopt.bits.rxinfo; 1144 break; 1145 1146 case IPV6_2292PKTINFO: 1147 val = np->rxopt.bits.rxoinfo; 1148 break; 1149 1150 case IPV6_RECVHOPLIMIT: 1151 val = np->rxopt.bits.rxhlim; 1152 break; 1153 1154 case IPV6_2292HOPLIMIT: 1155 val = np->rxopt.bits.rxohlim; 1156 break; 1157 1158 case IPV6_RECVRTHDR: 1159 val = np->rxopt.bits.srcrt; 1160 break; 1161 1162 case IPV6_2292RTHDR: 1163 val = np->rxopt.bits.osrcrt; 1164 break; 1165 1166 case IPV6_HOPOPTS: 1167 case IPV6_RTHDRDSTOPTS: 1168 case IPV6_RTHDR: 1169 case IPV6_DSTOPTS: 1170 { 1171 struct ipv6_txoptions *opt; 1172 1173 lock_sock(sk); 1174 opt = rcu_dereference_protected(np->opt, 1175 lockdep_sock_is_held(sk)); 1176 len = ipv6_getsockopt_sticky(sk, opt, optname, optval, len); 1177 release_sock(sk); 1178 /* check if ipv6_getsockopt_sticky() returns err code */ 1179 if (len < 0) 1180 return len; 1181 return put_user(len, optlen); 1182 } 1183 1184 case IPV6_RECVHOPOPTS: 1185 val = np->rxopt.bits.hopopts; 1186 break; 1187 1188 case IPV6_2292HOPOPTS: 1189 val = np->rxopt.bits.ohopopts; 1190 break; 1191 1192 case IPV6_RECVDSTOPTS: 1193 val = np->rxopt.bits.dstopts; 1194 break; 1195 1196 case IPV6_2292DSTOPTS: 1197 val = np->rxopt.bits.odstopts; 1198 break; 1199 1200 case IPV6_TCLASS: 1201 val = np->tclass; 1202 break; 1203 1204 case IPV6_RECVTCLASS: 1205 val = np->rxopt.bits.rxtclass; 1206 break; 1207 1208 case IPV6_FLOWINFO: 1209 val = np->rxopt.bits.rxflow; 1210 break; 1211 1212 case IPV6_RECVPATHMTU: 1213 val = np->rxopt.bits.rxpmtu; 1214 break; 1215 1216 case IPV6_PATHMTU: 1217 { 1218 struct dst_entry *dst; 1219 struct ip6_mtuinfo mtuinfo; 1220 1221 if (len < sizeof(mtuinfo)) 1222 return -EINVAL; 1223 1224 len = sizeof(mtuinfo); 1225 memset(&mtuinfo, 0, sizeof(mtuinfo)); 1226 1227 rcu_read_lock(); 1228 dst = __sk_dst_get(sk); 1229 if (dst) 1230 mtuinfo.ip6m_mtu = dst_mtu(dst); 1231 rcu_read_unlock(); 1232 if (!mtuinfo.ip6m_mtu) 1233 return -ENOTCONN; 1234 1235 if (put_user(len, optlen)) 1236 return -EFAULT; 1237 if (copy_to_user(optval, &mtuinfo, len)) 1238 return -EFAULT; 1239 1240 return 0; 1241 } 1242 1243 case IPV6_TRANSPARENT: 1244 val = inet_sk(sk)->transparent; 1245 break; 1246 1247 case IPV6_FREEBIND: 1248 val = inet_sk(sk)->freebind; 1249 break; 1250 1251 case IPV6_RECVORIGDSTADDR: 1252 val = np->rxopt.bits.rxorigdstaddr; 1253 break; 1254 1255 case IPV6_UNICAST_HOPS: 1256 case IPV6_MULTICAST_HOPS: 1257 { 1258 struct dst_entry *dst; 1259 1260 if (optname == IPV6_UNICAST_HOPS) 1261 val = np->hop_limit; 1262 else 1263 val = np->mcast_hops; 1264 1265 if (val < 0) { 1266 rcu_read_lock(); 1267 dst = __sk_dst_get(sk); 1268 if (dst) 1269 val = ip6_dst_hoplimit(dst); 1270 rcu_read_unlock(); 1271 } 1272 1273 if (val < 0) 1274 val = sock_net(sk)->ipv6.devconf_all->hop_limit; 1275 break; 1276 } 1277 1278 case IPV6_MULTICAST_LOOP: 1279 val = np->mc_loop; 1280 break; 1281 1282 case IPV6_MULTICAST_IF: 1283 val = np->mcast_oif; 1284 break; 1285 1286 case IPV6_MULTICAST_ALL: 1287 val = np->mc_all; 1288 break; 1289 1290 case IPV6_UNICAST_IF: 1291 val = (__force int)htonl((__u32) np->ucast_oif); 1292 break; 1293 1294 case IPV6_MTU_DISCOVER: 1295 val = np->pmtudisc; 1296 break; 1297 1298 case IPV6_RECVERR: 1299 val = np->recverr; 1300 break; 1301 1302 case IPV6_FLOWINFO_SEND: 1303 val = np->sndflow; 1304 break; 1305 1306 case IPV6_FLOWLABEL_MGR: 1307 { 1308 struct in6_flowlabel_req freq; 1309 int flags; 1310 1311 if (len < sizeof(freq)) 1312 return -EINVAL; 1313 1314 if (copy_from_user(&freq, optval, sizeof(freq))) 1315 return -EFAULT; 1316 1317 if (freq.flr_action != IPV6_FL_A_GET) 1318 return -EINVAL; 1319 1320 len = sizeof(freq); 1321 flags = freq.flr_flags; 1322 1323 memset(&freq, 0, sizeof(freq)); 1324 1325 val = ipv6_flowlabel_opt_get(sk, &freq, flags); 1326 if (val < 0) 1327 return val; 1328 1329 if (put_user(len, optlen)) 1330 return -EFAULT; 1331 if (copy_to_user(optval, &freq, len)) 1332 return -EFAULT; 1333 1334 return 0; 1335 } 1336 1337 case IPV6_ADDR_PREFERENCES: 1338 val = 0; 1339 1340 if (np->srcprefs & IPV6_PREFER_SRC_TMP) 1341 val |= IPV6_PREFER_SRC_TMP; 1342 else if (np->srcprefs & IPV6_PREFER_SRC_PUBLIC) 1343 val |= IPV6_PREFER_SRC_PUBLIC; 1344 else { 1345 /* XXX: should we return system default? */ 1346 val |= IPV6_PREFER_SRC_PUBTMP_DEFAULT; 1347 } 1348 1349 if (np->srcprefs & IPV6_PREFER_SRC_COA) 1350 val |= IPV6_PREFER_SRC_COA; 1351 else 1352 val |= IPV6_PREFER_SRC_HOME; 1353 break; 1354 1355 case IPV6_MINHOPCOUNT: 1356 val = np->min_hopcount; 1357 break; 1358 1359 case IPV6_DONTFRAG: 1360 val = np->dontfrag; 1361 break; 1362 1363 case IPV6_AUTOFLOWLABEL: 1364 val = ip6_autoflowlabel(sock_net(sk), np); 1365 break; 1366 1367 case IPV6_RECVFRAGSIZE: 1368 val = np->rxopt.bits.recvfragsize; 1369 break; 1370 1371 case IPV6_ROUTER_ALERT_ISOLATE: 1372 val = np->rtalert_isolate; 1373 break; 1374 1375 default: 1376 return -ENOPROTOOPT; 1377 } 1378 len = min_t(unsigned int, sizeof(int), len); 1379 if (put_user(len, optlen)) 1380 return -EFAULT; 1381 if (copy_to_user(optval, &val, len)) 1382 return -EFAULT; 1383 return 0; 1384 } 1385 1386 int ipv6_getsockopt(struct sock *sk, int level, int optname, 1387 char __user *optval, int __user *optlen) 1388 { 1389 int err; 1390 1391 if (level == SOL_IP && sk->sk_type != SOCK_RAW) 1392 return udp_prot.getsockopt(sk, level, optname, optval, optlen); 1393 1394 if (level != SOL_IPV6) 1395 return -ENOPROTOOPT; 1396 1397 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen, 0); 1398 #ifdef CONFIG_NETFILTER 1399 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1400 if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) { 1401 int len; 1402 1403 if (get_user(len, optlen)) 1404 return -EFAULT; 1405 1406 err = nf_getsockopt(sk, PF_INET6, optname, optval, &len); 1407 if (err >= 0) 1408 err = put_user(len, optlen); 1409 } 1410 #endif 1411 return err; 1412 } 1413 EXPORT_SYMBOL(ipv6_getsockopt); 1414 1415 #ifdef CONFIG_COMPAT 1416 int compat_ipv6_getsockopt(struct sock *sk, int level, int optname, 1417 char __user *optval, int __user *optlen) 1418 { 1419 int err; 1420 1421 if (level == SOL_IP && sk->sk_type != SOCK_RAW) { 1422 if (udp_prot.compat_getsockopt != NULL) 1423 return udp_prot.compat_getsockopt(sk, level, optname, 1424 optval, optlen); 1425 return udp_prot.getsockopt(sk, level, optname, optval, optlen); 1426 } 1427 1428 if (level != SOL_IPV6) 1429 return -ENOPROTOOPT; 1430 1431 if (optname == MCAST_MSFILTER) 1432 return compat_mc_getsockopt(sk, level, optname, optval, optlen, 1433 ipv6_getsockopt); 1434 1435 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen, 1436 MSG_CMSG_COMPAT); 1437 #ifdef CONFIG_NETFILTER 1438 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1439 if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) { 1440 int len; 1441 1442 if (get_user(len, optlen)) 1443 return -EFAULT; 1444 1445 err = compat_nf_getsockopt(sk, PF_INET6, optname, optval, &len); 1446 if (err >= 0) 1447 err = put_user(len, optlen); 1448 } 1449 #endif 1450 return err; 1451 } 1452 EXPORT_SYMBOL(compat_ipv6_getsockopt); 1453 #endif 1454