1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * IPv6 BSD socket options interface 4 * Linux INET6 implementation 5 * 6 * Authors: 7 * Pedro Roque <roque@di.fc.ul.pt> 8 * 9 * Based on linux/net/ipv4/ip_sockglue.c 10 * 11 * FIXME: Make the setsockopt code POSIX compliant: That is 12 * 13 * o Truncate getsockopt returns 14 * o Return an optlen of the truncated length if need be 15 * 16 * Changes: 17 * David L Stevens <dlstevens@us.ibm.com>: 18 * - added multicast source filtering API for MLDv2 19 */ 20 21 #include <linux/module.h> 22 #include <linux/capability.h> 23 #include <linux/errno.h> 24 #include <linux/types.h> 25 #include <linux/socket.h> 26 #include <linux/sockios.h> 27 #include <linux/net.h> 28 #include <linux/in6.h> 29 #include <linux/mroute6.h> 30 #include <linux/netdevice.h> 31 #include <linux/if_arp.h> 32 #include <linux/init.h> 33 #include <linux/sysctl.h> 34 #include <linux/netfilter.h> 35 #include <linux/slab.h> 36 37 #include <net/sock.h> 38 #include <net/snmp.h> 39 #include <net/ipv6.h> 40 #include <net/ndisc.h> 41 #include <net/protocol.h> 42 #include <net/transp_v6.h> 43 #include <net/ip6_route.h> 44 #include <net/addrconf.h> 45 #include <net/inet_common.h> 46 #include <net/tcp.h> 47 #include <net/udp.h> 48 #include <net/udplite.h> 49 #include <net/xfrm.h> 50 #include <net/compat.h> 51 #include <net/seg6.h> 52 53 #include <linux/uaccess.h> 54 55 struct ip6_ra_chain *ip6_ra_chain; 56 DEFINE_RWLOCK(ip6_ra_lock); 57 58 int ip6_ra_control(struct sock *sk, int sel) 59 { 60 struct ip6_ra_chain *ra, *new_ra, **rap; 61 62 /* RA packet may be delivered ONLY to IPPROTO_RAW socket */ 63 if (sk->sk_type != SOCK_RAW || inet_sk(sk)->inet_num != IPPROTO_RAW) 64 return -ENOPROTOOPT; 65 66 new_ra = (sel >= 0) ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL; 67 68 write_lock_bh(&ip6_ra_lock); 69 for (rap = &ip6_ra_chain; (ra = *rap) != NULL; rap = &ra->next) { 70 if (ra->sk == sk) { 71 if (sel >= 0) { 72 write_unlock_bh(&ip6_ra_lock); 73 kfree(new_ra); 74 return -EADDRINUSE; 75 } 76 77 *rap = ra->next; 78 write_unlock_bh(&ip6_ra_lock); 79 80 sock_put(sk); 81 kfree(ra); 82 return 0; 83 } 84 } 85 if (!new_ra) { 86 write_unlock_bh(&ip6_ra_lock); 87 return -ENOBUFS; 88 } 89 new_ra->sk = sk; 90 new_ra->sel = sel; 91 new_ra->next = ra; 92 *rap = new_ra; 93 sock_hold(sk); 94 write_unlock_bh(&ip6_ra_lock); 95 return 0; 96 } 97 98 struct ipv6_txoptions *ipv6_update_options(struct sock *sk, 99 struct ipv6_txoptions *opt) 100 { 101 if (inet_sk(sk)->is_icsk) { 102 if (opt && 103 !((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) && 104 inet_sk(sk)->inet_daddr != LOOPBACK4_IPV6) { 105 struct inet_connection_sock *icsk = inet_csk(sk); 106 icsk->icsk_ext_hdr_len = opt->opt_flen + opt->opt_nflen; 107 icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie); 108 } 109 } 110 opt = xchg((__force struct ipv6_txoptions **)&inet6_sk(sk)->opt, 111 opt); 112 sk_dst_reset(sk); 113 114 return opt; 115 } 116 117 static bool setsockopt_needs_rtnl(int optname) 118 { 119 switch (optname) { 120 case IPV6_ADDRFORM: 121 case IPV6_ADD_MEMBERSHIP: 122 case IPV6_DROP_MEMBERSHIP: 123 case IPV6_JOIN_ANYCAST: 124 case IPV6_LEAVE_ANYCAST: 125 case MCAST_JOIN_GROUP: 126 case MCAST_LEAVE_GROUP: 127 case MCAST_JOIN_SOURCE_GROUP: 128 case MCAST_LEAVE_SOURCE_GROUP: 129 case MCAST_BLOCK_SOURCE: 130 case MCAST_UNBLOCK_SOURCE: 131 case MCAST_MSFILTER: 132 return true; 133 } 134 return false; 135 } 136 137 static int do_ipv6_setsockopt(struct sock *sk, int level, int optname, 138 char __user *optval, unsigned int optlen) 139 { 140 struct ipv6_pinfo *np = inet6_sk(sk); 141 struct net *net = sock_net(sk); 142 int val, valbool; 143 int retv = -ENOPROTOOPT; 144 bool needs_rtnl = setsockopt_needs_rtnl(optname); 145 146 if (!optval) 147 val = 0; 148 else { 149 if (optlen >= sizeof(int)) { 150 if (get_user(val, (int __user *) optval)) 151 return -EFAULT; 152 } else 153 val = 0; 154 } 155 156 valbool = (val != 0); 157 158 if (ip6_mroute_opt(optname)) 159 return ip6_mroute_setsockopt(sk, optname, optval, optlen); 160 161 if (needs_rtnl) 162 rtnl_lock(); 163 lock_sock(sk); 164 165 switch (optname) { 166 167 case IPV6_ADDRFORM: 168 if (optlen < sizeof(int)) 169 goto e_inval; 170 if (val == PF_INET) { 171 struct ipv6_txoptions *opt; 172 struct sk_buff *pktopt; 173 174 if (sk->sk_type == SOCK_RAW) 175 break; 176 177 if (sk->sk_protocol == IPPROTO_UDP || 178 sk->sk_protocol == IPPROTO_UDPLITE) { 179 struct udp_sock *up = udp_sk(sk); 180 if (up->pending == AF_INET6) { 181 retv = -EBUSY; 182 break; 183 } 184 } else if (sk->sk_protocol != IPPROTO_TCP) 185 break; 186 187 if (sk->sk_state != TCP_ESTABLISHED) { 188 retv = -ENOTCONN; 189 break; 190 } 191 192 if (ipv6_only_sock(sk) || 193 !ipv6_addr_v4mapped(&sk->sk_v6_daddr)) { 194 retv = -EADDRNOTAVAIL; 195 break; 196 } 197 198 fl6_free_socklist(sk); 199 __ipv6_sock_mc_close(sk); 200 201 /* 202 * Sock is moving from IPv6 to IPv4 (sk_prot), so 203 * remove it from the refcnt debug socks count in the 204 * original family... 205 */ 206 sk_refcnt_debug_dec(sk); 207 208 if (sk->sk_protocol == IPPROTO_TCP) { 209 struct inet_connection_sock *icsk = inet_csk(sk); 210 local_bh_disable(); 211 sock_prot_inuse_add(net, sk->sk_prot, -1); 212 sock_prot_inuse_add(net, &tcp_prot, 1); 213 local_bh_enable(); 214 sk->sk_prot = &tcp_prot; 215 icsk->icsk_af_ops = &ipv4_specific; 216 sk->sk_socket->ops = &inet_stream_ops; 217 sk->sk_family = PF_INET; 218 tcp_sync_mss(sk, icsk->icsk_pmtu_cookie); 219 } else { 220 struct proto *prot = &udp_prot; 221 222 if (sk->sk_protocol == IPPROTO_UDPLITE) 223 prot = &udplite_prot; 224 local_bh_disable(); 225 sock_prot_inuse_add(net, sk->sk_prot, -1); 226 sock_prot_inuse_add(net, prot, 1); 227 local_bh_enable(); 228 sk->sk_prot = prot; 229 sk->sk_socket->ops = &inet_dgram_ops; 230 sk->sk_family = PF_INET; 231 } 232 opt = xchg((__force struct ipv6_txoptions **)&np->opt, 233 NULL); 234 if (opt) { 235 atomic_sub(opt->tot_len, &sk->sk_omem_alloc); 236 txopt_put(opt); 237 } 238 pktopt = xchg(&np->pktoptions, NULL); 239 kfree_skb(pktopt); 240 241 /* 242 * ... and add it to the refcnt debug socks count 243 * in the new family. -acme 244 */ 245 sk_refcnt_debug_inc(sk); 246 module_put(THIS_MODULE); 247 retv = 0; 248 break; 249 } 250 goto e_inval; 251 252 case IPV6_V6ONLY: 253 if (optlen < sizeof(int) || 254 inet_sk(sk)->inet_num) 255 goto e_inval; 256 sk->sk_ipv6only = valbool; 257 retv = 0; 258 break; 259 260 case IPV6_RECVPKTINFO: 261 if (optlen < sizeof(int)) 262 goto e_inval; 263 np->rxopt.bits.rxinfo = valbool; 264 retv = 0; 265 break; 266 267 case IPV6_2292PKTINFO: 268 if (optlen < sizeof(int)) 269 goto e_inval; 270 np->rxopt.bits.rxoinfo = valbool; 271 retv = 0; 272 break; 273 274 case IPV6_RECVHOPLIMIT: 275 if (optlen < sizeof(int)) 276 goto e_inval; 277 np->rxopt.bits.rxhlim = valbool; 278 retv = 0; 279 break; 280 281 case IPV6_2292HOPLIMIT: 282 if (optlen < sizeof(int)) 283 goto e_inval; 284 np->rxopt.bits.rxohlim = valbool; 285 retv = 0; 286 break; 287 288 case IPV6_RECVRTHDR: 289 if (optlen < sizeof(int)) 290 goto e_inval; 291 np->rxopt.bits.srcrt = valbool; 292 retv = 0; 293 break; 294 295 case IPV6_2292RTHDR: 296 if (optlen < sizeof(int)) 297 goto e_inval; 298 np->rxopt.bits.osrcrt = valbool; 299 retv = 0; 300 break; 301 302 case IPV6_RECVHOPOPTS: 303 if (optlen < sizeof(int)) 304 goto e_inval; 305 np->rxopt.bits.hopopts = valbool; 306 retv = 0; 307 break; 308 309 case IPV6_2292HOPOPTS: 310 if (optlen < sizeof(int)) 311 goto e_inval; 312 np->rxopt.bits.ohopopts = valbool; 313 retv = 0; 314 break; 315 316 case IPV6_RECVDSTOPTS: 317 if (optlen < sizeof(int)) 318 goto e_inval; 319 np->rxopt.bits.dstopts = valbool; 320 retv = 0; 321 break; 322 323 case IPV6_2292DSTOPTS: 324 if (optlen < sizeof(int)) 325 goto e_inval; 326 np->rxopt.bits.odstopts = valbool; 327 retv = 0; 328 break; 329 330 case IPV6_TCLASS: 331 if (optlen < sizeof(int)) 332 goto e_inval; 333 if (val < -1 || val > 0xff) 334 goto e_inval; 335 /* RFC 3542, 6.5: default traffic class of 0x0 */ 336 if (val == -1) 337 val = 0; 338 np->tclass = val; 339 retv = 0; 340 break; 341 342 case IPV6_RECVTCLASS: 343 if (optlen < sizeof(int)) 344 goto e_inval; 345 np->rxopt.bits.rxtclass = valbool; 346 retv = 0; 347 break; 348 349 case IPV6_FLOWINFO: 350 if (optlen < sizeof(int)) 351 goto e_inval; 352 np->rxopt.bits.rxflow = valbool; 353 retv = 0; 354 break; 355 356 case IPV6_RECVPATHMTU: 357 if (optlen < sizeof(int)) 358 goto e_inval; 359 np->rxopt.bits.rxpmtu = valbool; 360 retv = 0; 361 break; 362 363 case IPV6_TRANSPARENT: 364 if (valbool && !ns_capable(net->user_ns, CAP_NET_ADMIN) && 365 !ns_capable(net->user_ns, CAP_NET_RAW)) { 366 retv = -EPERM; 367 break; 368 } 369 if (optlen < sizeof(int)) 370 goto e_inval; 371 /* we don't have a separate transparent bit for IPV6 we use the one in the IPv4 socket */ 372 inet_sk(sk)->transparent = valbool; 373 retv = 0; 374 break; 375 376 case IPV6_FREEBIND: 377 if (optlen < sizeof(int)) 378 goto e_inval; 379 /* we also don't have a separate freebind bit for IPV6 */ 380 inet_sk(sk)->freebind = valbool; 381 retv = 0; 382 break; 383 384 case IPV6_RECVORIGDSTADDR: 385 if (optlen < sizeof(int)) 386 goto e_inval; 387 np->rxopt.bits.rxorigdstaddr = valbool; 388 retv = 0; 389 break; 390 391 case IPV6_HOPOPTS: 392 case IPV6_RTHDRDSTOPTS: 393 case IPV6_RTHDR: 394 case IPV6_DSTOPTS: 395 { 396 struct ipv6_txoptions *opt; 397 struct ipv6_opt_hdr *new = NULL; 398 399 /* hop-by-hop / destination options are privileged option */ 400 retv = -EPERM; 401 if (optname != IPV6_RTHDR && !ns_capable(net->user_ns, CAP_NET_RAW)) 402 break; 403 404 /* remove any sticky options header with a zero option 405 * length, per RFC3542. 406 */ 407 if (optlen == 0) 408 optval = NULL; 409 else if (!optval) 410 goto e_inval; 411 else if (optlen < sizeof(struct ipv6_opt_hdr) || 412 optlen & 0x7 || optlen > 8 * 255) 413 goto e_inval; 414 else { 415 new = memdup_user(optval, optlen); 416 if (IS_ERR(new)) { 417 retv = PTR_ERR(new); 418 break; 419 } 420 if (unlikely(ipv6_optlen(new) > optlen)) { 421 kfree(new); 422 goto e_inval; 423 } 424 } 425 426 opt = rcu_dereference_protected(np->opt, 427 lockdep_sock_is_held(sk)); 428 opt = ipv6_renew_options(sk, opt, optname, new); 429 kfree(new); 430 if (IS_ERR(opt)) { 431 retv = PTR_ERR(opt); 432 break; 433 } 434 435 /* routing header option needs extra check */ 436 retv = -EINVAL; 437 if (optname == IPV6_RTHDR && opt && opt->srcrt) { 438 struct ipv6_rt_hdr *rthdr = opt->srcrt; 439 switch (rthdr->type) { 440 #if IS_ENABLED(CONFIG_IPV6_MIP6) 441 case IPV6_SRCRT_TYPE_2: 442 if (rthdr->hdrlen != 2 || 443 rthdr->segments_left != 1) 444 goto sticky_done; 445 446 break; 447 #endif 448 case IPV6_SRCRT_TYPE_4: 449 { 450 struct ipv6_sr_hdr *srh = (struct ipv6_sr_hdr *) 451 opt->srcrt; 452 453 if (!seg6_validate_srh(srh, optlen)) 454 goto sticky_done; 455 break; 456 } 457 default: 458 goto sticky_done; 459 } 460 } 461 462 retv = 0; 463 opt = ipv6_update_options(sk, opt); 464 sticky_done: 465 if (opt) { 466 atomic_sub(opt->tot_len, &sk->sk_omem_alloc); 467 txopt_put(opt); 468 } 469 break; 470 } 471 472 case IPV6_PKTINFO: 473 { 474 struct in6_pktinfo pkt; 475 476 if (optlen == 0) 477 goto e_inval; 478 else if (optlen < sizeof(struct in6_pktinfo) || !optval) 479 goto e_inval; 480 481 if (copy_from_user(&pkt, optval, sizeof(struct in6_pktinfo))) { 482 retv = -EFAULT; 483 break; 484 } 485 if (!sk_dev_equal_l3scope(sk, pkt.ipi6_ifindex)) 486 goto e_inval; 487 488 np->sticky_pktinfo.ipi6_ifindex = pkt.ipi6_ifindex; 489 np->sticky_pktinfo.ipi6_addr = pkt.ipi6_addr; 490 retv = 0; 491 break; 492 } 493 494 case IPV6_2292PKTOPTIONS: 495 { 496 struct ipv6_txoptions *opt = NULL; 497 struct msghdr msg; 498 struct flowi6 fl6; 499 struct ipcm6_cookie ipc6; 500 501 memset(&fl6, 0, sizeof(fl6)); 502 fl6.flowi6_oif = sk->sk_bound_dev_if; 503 fl6.flowi6_mark = sk->sk_mark; 504 505 if (optlen == 0) 506 goto update; 507 508 /* 1K is probably excessive 509 * 1K is surely not enough, 2K per standard header is 16K. 510 */ 511 retv = -EINVAL; 512 if (optlen > 64*1024) 513 break; 514 515 opt = sock_kmalloc(sk, sizeof(*opt) + optlen, GFP_KERNEL); 516 retv = -ENOBUFS; 517 if (!opt) 518 break; 519 520 memset(opt, 0, sizeof(*opt)); 521 refcount_set(&opt->refcnt, 1); 522 opt->tot_len = sizeof(*opt) + optlen; 523 retv = -EFAULT; 524 if (copy_from_user(opt+1, optval, optlen)) 525 goto done; 526 527 msg.msg_controllen = optlen; 528 msg.msg_control = (void *)(opt+1); 529 ipc6.opt = opt; 530 531 retv = ip6_datagram_send_ctl(net, sk, &msg, &fl6, &ipc6); 532 if (retv) 533 goto done; 534 update: 535 retv = 0; 536 opt = ipv6_update_options(sk, opt); 537 done: 538 if (opt) { 539 atomic_sub(opt->tot_len, &sk->sk_omem_alloc); 540 txopt_put(opt); 541 } 542 break; 543 } 544 case IPV6_UNICAST_HOPS: 545 if (optlen < sizeof(int)) 546 goto e_inval; 547 if (val > 255 || val < -1) 548 goto e_inval; 549 np->hop_limit = val; 550 retv = 0; 551 break; 552 553 case IPV6_MULTICAST_HOPS: 554 if (sk->sk_type == SOCK_STREAM) 555 break; 556 if (optlen < sizeof(int)) 557 goto e_inval; 558 if (val > 255 || val < -1) 559 goto e_inval; 560 np->mcast_hops = (val == -1 ? IPV6_DEFAULT_MCASTHOPS : val); 561 retv = 0; 562 break; 563 564 case IPV6_MULTICAST_LOOP: 565 if (optlen < sizeof(int)) 566 goto e_inval; 567 if (val != valbool) 568 goto e_inval; 569 np->mc_loop = valbool; 570 retv = 0; 571 break; 572 573 case IPV6_UNICAST_IF: 574 { 575 struct net_device *dev = NULL; 576 int ifindex; 577 578 if (optlen != sizeof(int)) 579 goto e_inval; 580 581 ifindex = (__force int)ntohl((__force __be32)val); 582 if (ifindex == 0) { 583 np->ucast_oif = 0; 584 retv = 0; 585 break; 586 } 587 588 dev = dev_get_by_index(net, ifindex); 589 retv = -EADDRNOTAVAIL; 590 if (!dev) 591 break; 592 dev_put(dev); 593 594 retv = -EINVAL; 595 if (sk->sk_bound_dev_if) 596 break; 597 598 np->ucast_oif = ifindex; 599 retv = 0; 600 break; 601 } 602 603 case IPV6_MULTICAST_IF: 604 if (sk->sk_type == SOCK_STREAM) 605 break; 606 if (optlen < sizeof(int)) 607 goto e_inval; 608 609 if (val) { 610 struct net_device *dev; 611 int midx; 612 613 rcu_read_lock(); 614 615 dev = dev_get_by_index_rcu(net, val); 616 if (!dev) { 617 rcu_read_unlock(); 618 retv = -ENODEV; 619 break; 620 } 621 midx = l3mdev_master_ifindex_rcu(dev); 622 623 rcu_read_unlock(); 624 625 if (sk->sk_bound_dev_if && 626 sk->sk_bound_dev_if != val && 627 (!midx || midx != sk->sk_bound_dev_if)) 628 goto e_inval; 629 } 630 np->mcast_oif = val; 631 retv = 0; 632 break; 633 case IPV6_ADD_MEMBERSHIP: 634 case IPV6_DROP_MEMBERSHIP: 635 { 636 struct ipv6_mreq mreq; 637 638 if (optlen < sizeof(struct ipv6_mreq)) 639 goto e_inval; 640 641 retv = -EPROTO; 642 if (inet_sk(sk)->is_icsk) 643 break; 644 645 retv = -EFAULT; 646 if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq))) 647 break; 648 649 if (optname == IPV6_ADD_MEMBERSHIP) 650 retv = ipv6_sock_mc_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr); 651 else 652 retv = ipv6_sock_mc_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr); 653 break; 654 } 655 case IPV6_JOIN_ANYCAST: 656 case IPV6_LEAVE_ANYCAST: 657 { 658 struct ipv6_mreq mreq; 659 660 if (optlen < sizeof(struct ipv6_mreq)) 661 goto e_inval; 662 663 retv = -EFAULT; 664 if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq))) 665 break; 666 667 if (optname == IPV6_JOIN_ANYCAST) 668 retv = ipv6_sock_ac_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr); 669 else 670 retv = ipv6_sock_ac_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr); 671 break; 672 } 673 case IPV6_MULTICAST_ALL: 674 if (optlen < sizeof(int)) 675 goto e_inval; 676 np->mc_all = valbool; 677 retv = 0; 678 break; 679 680 case MCAST_JOIN_GROUP: 681 case MCAST_LEAVE_GROUP: 682 { 683 struct group_req greq; 684 struct sockaddr_in6 *psin6; 685 686 if (optlen < sizeof(struct group_req)) 687 goto e_inval; 688 689 retv = -EFAULT; 690 if (copy_from_user(&greq, optval, sizeof(struct group_req))) 691 break; 692 if (greq.gr_group.ss_family != AF_INET6) { 693 retv = -EADDRNOTAVAIL; 694 break; 695 } 696 psin6 = (struct sockaddr_in6 *)&greq.gr_group; 697 if (optname == MCAST_JOIN_GROUP) 698 retv = ipv6_sock_mc_join(sk, greq.gr_interface, 699 &psin6->sin6_addr); 700 else 701 retv = ipv6_sock_mc_drop(sk, greq.gr_interface, 702 &psin6->sin6_addr); 703 break; 704 } 705 case MCAST_JOIN_SOURCE_GROUP: 706 case MCAST_LEAVE_SOURCE_GROUP: 707 case MCAST_BLOCK_SOURCE: 708 case MCAST_UNBLOCK_SOURCE: 709 { 710 struct group_source_req greqs; 711 int omode, add; 712 713 if (optlen < sizeof(struct group_source_req)) 714 goto e_inval; 715 if (copy_from_user(&greqs, optval, sizeof(greqs))) { 716 retv = -EFAULT; 717 break; 718 } 719 if (greqs.gsr_group.ss_family != AF_INET6 || 720 greqs.gsr_source.ss_family != AF_INET6) { 721 retv = -EADDRNOTAVAIL; 722 break; 723 } 724 if (optname == MCAST_BLOCK_SOURCE) { 725 omode = MCAST_EXCLUDE; 726 add = 1; 727 } else if (optname == MCAST_UNBLOCK_SOURCE) { 728 omode = MCAST_EXCLUDE; 729 add = 0; 730 } else if (optname == MCAST_JOIN_SOURCE_GROUP) { 731 struct sockaddr_in6 *psin6; 732 733 psin6 = (struct sockaddr_in6 *)&greqs.gsr_group; 734 retv = ipv6_sock_mc_join_ssm(sk, greqs.gsr_interface, 735 &psin6->sin6_addr, 736 MCAST_INCLUDE); 737 /* prior join w/ different source is ok */ 738 if (retv && retv != -EADDRINUSE) 739 break; 740 omode = MCAST_INCLUDE; 741 add = 1; 742 } else /* MCAST_LEAVE_SOURCE_GROUP */ { 743 omode = MCAST_INCLUDE; 744 add = 0; 745 } 746 retv = ip6_mc_source(add, omode, sk, &greqs); 747 break; 748 } 749 case MCAST_MSFILTER: 750 { 751 struct group_filter *gsf; 752 753 if (optlen < GROUP_FILTER_SIZE(0)) 754 goto e_inval; 755 if (optlen > sysctl_optmem_max) { 756 retv = -ENOBUFS; 757 break; 758 } 759 gsf = memdup_user(optval, optlen); 760 if (IS_ERR(gsf)) { 761 retv = PTR_ERR(gsf); 762 break; 763 } 764 /* numsrc >= (4G-140)/128 overflow in 32 bits */ 765 if (gsf->gf_numsrc >= 0x1ffffffU || 766 gsf->gf_numsrc > sysctl_mld_max_msf) { 767 kfree(gsf); 768 retv = -ENOBUFS; 769 break; 770 } 771 if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) { 772 kfree(gsf); 773 retv = -EINVAL; 774 break; 775 } 776 retv = ip6_mc_msfilter(sk, gsf); 777 kfree(gsf); 778 779 break; 780 } 781 case IPV6_ROUTER_ALERT: 782 if (optlen < sizeof(int)) 783 goto e_inval; 784 retv = ip6_ra_control(sk, val); 785 break; 786 case IPV6_ROUTER_ALERT_ISOLATE: 787 if (optlen < sizeof(int)) 788 goto e_inval; 789 np->rtalert_isolate = valbool; 790 retv = 0; 791 break; 792 case IPV6_MTU_DISCOVER: 793 if (optlen < sizeof(int)) 794 goto e_inval; 795 if (val < IPV6_PMTUDISC_DONT || val > IPV6_PMTUDISC_OMIT) 796 goto e_inval; 797 np->pmtudisc = val; 798 retv = 0; 799 break; 800 case IPV6_MTU: 801 if (optlen < sizeof(int)) 802 goto e_inval; 803 if (val && val < IPV6_MIN_MTU) 804 goto e_inval; 805 np->frag_size = val; 806 retv = 0; 807 break; 808 case IPV6_RECVERR: 809 if (optlen < sizeof(int)) 810 goto e_inval; 811 np->recverr = valbool; 812 if (!val) 813 skb_queue_purge(&sk->sk_error_queue); 814 retv = 0; 815 break; 816 case IPV6_FLOWINFO_SEND: 817 if (optlen < sizeof(int)) 818 goto e_inval; 819 np->sndflow = valbool; 820 retv = 0; 821 break; 822 case IPV6_FLOWLABEL_MGR: 823 retv = ipv6_flowlabel_opt(sk, optval, optlen); 824 break; 825 case IPV6_IPSEC_POLICY: 826 case IPV6_XFRM_POLICY: 827 retv = -EPERM; 828 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 829 break; 830 retv = xfrm_user_policy(sk, optname, optval, optlen); 831 break; 832 833 case IPV6_ADDR_PREFERENCES: 834 { 835 unsigned int pref = 0; 836 unsigned int prefmask = ~0; 837 838 if (optlen < sizeof(int)) 839 goto e_inval; 840 841 retv = -EINVAL; 842 843 /* check PUBLIC/TMP/PUBTMP_DEFAULT conflicts */ 844 switch (val & (IPV6_PREFER_SRC_PUBLIC| 845 IPV6_PREFER_SRC_TMP| 846 IPV6_PREFER_SRC_PUBTMP_DEFAULT)) { 847 case IPV6_PREFER_SRC_PUBLIC: 848 pref |= IPV6_PREFER_SRC_PUBLIC; 849 break; 850 case IPV6_PREFER_SRC_TMP: 851 pref |= IPV6_PREFER_SRC_TMP; 852 break; 853 case IPV6_PREFER_SRC_PUBTMP_DEFAULT: 854 break; 855 case 0: 856 goto pref_skip_pubtmp; 857 default: 858 goto e_inval; 859 } 860 861 prefmask &= ~(IPV6_PREFER_SRC_PUBLIC| 862 IPV6_PREFER_SRC_TMP); 863 pref_skip_pubtmp: 864 865 /* check HOME/COA conflicts */ 866 switch (val & (IPV6_PREFER_SRC_HOME|IPV6_PREFER_SRC_COA)) { 867 case IPV6_PREFER_SRC_HOME: 868 break; 869 case IPV6_PREFER_SRC_COA: 870 pref |= IPV6_PREFER_SRC_COA; 871 case 0: 872 goto pref_skip_coa; 873 default: 874 goto e_inval; 875 } 876 877 prefmask &= ~IPV6_PREFER_SRC_COA; 878 pref_skip_coa: 879 880 /* check CGA/NONCGA conflicts */ 881 switch (val & (IPV6_PREFER_SRC_CGA|IPV6_PREFER_SRC_NONCGA)) { 882 case IPV6_PREFER_SRC_CGA: 883 case IPV6_PREFER_SRC_NONCGA: 884 case 0: 885 break; 886 default: 887 goto e_inval; 888 } 889 890 np->srcprefs = (np->srcprefs & prefmask) | pref; 891 retv = 0; 892 893 break; 894 } 895 case IPV6_MINHOPCOUNT: 896 if (optlen < sizeof(int)) 897 goto e_inval; 898 if (val < 0 || val > 255) 899 goto e_inval; 900 np->min_hopcount = val; 901 retv = 0; 902 break; 903 case IPV6_DONTFRAG: 904 np->dontfrag = valbool; 905 retv = 0; 906 break; 907 case IPV6_AUTOFLOWLABEL: 908 np->autoflowlabel = valbool; 909 np->autoflowlabel_set = 1; 910 retv = 0; 911 break; 912 case IPV6_RECVFRAGSIZE: 913 np->rxopt.bits.recvfragsize = valbool; 914 retv = 0; 915 break; 916 } 917 918 release_sock(sk); 919 if (needs_rtnl) 920 rtnl_unlock(); 921 922 return retv; 923 924 e_inval: 925 release_sock(sk); 926 if (needs_rtnl) 927 rtnl_unlock(); 928 return -EINVAL; 929 } 930 931 int ipv6_setsockopt(struct sock *sk, int level, int optname, 932 char __user *optval, unsigned int optlen) 933 { 934 int err; 935 936 if (level == SOL_IP && sk->sk_type != SOCK_RAW) 937 return udp_prot.setsockopt(sk, level, optname, optval, optlen); 938 939 if (level != SOL_IPV6) 940 return -ENOPROTOOPT; 941 942 err = do_ipv6_setsockopt(sk, level, optname, optval, optlen); 943 #ifdef CONFIG_NETFILTER 944 /* we need to exclude all possible ENOPROTOOPTs except default case */ 945 if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY && 946 optname != IPV6_XFRM_POLICY) 947 err = nf_setsockopt(sk, PF_INET6, optname, optval, optlen); 948 #endif 949 return err; 950 } 951 EXPORT_SYMBOL(ipv6_setsockopt); 952 953 #ifdef CONFIG_COMPAT 954 int compat_ipv6_setsockopt(struct sock *sk, int level, int optname, 955 char __user *optval, unsigned int optlen) 956 { 957 int err; 958 959 if (level == SOL_IP && sk->sk_type != SOCK_RAW) { 960 if (udp_prot.compat_setsockopt != NULL) 961 return udp_prot.compat_setsockopt(sk, level, optname, 962 optval, optlen); 963 return udp_prot.setsockopt(sk, level, optname, optval, optlen); 964 } 965 966 if (level != SOL_IPV6) 967 return -ENOPROTOOPT; 968 969 if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER) 970 return compat_mc_setsockopt(sk, level, optname, optval, optlen, 971 ipv6_setsockopt); 972 973 err = do_ipv6_setsockopt(sk, level, optname, optval, optlen); 974 #ifdef CONFIG_NETFILTER 975 /* we need to exclude all possible ENOPROTOOPTs except default case */ 976 if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY && 977 optname != IPV6_XFRM_POLICY) 978 err = compat_nf_setsockopt(sk, PF_INET6, optname, optval, 979 optlen); 980 #endif 981 return err; 982 } 983 EXPORT_SYMBOL(compat_ipv6_setsockopt); 984 #endif 985 986 static int ipv6_getsockopt_sticky(struct sock *sk, struct ipv6_txoptions *opt, 987 int optname, char __user *optval, int len) 988 { 989 struct ipv6_opt_hdr *hdr; 990 991 if (!opt) 992 return 0; 993 994 switch (optname) { 995 case IPV6_HOPOPTS: 996 hdr = opt->hopopt; 997 break; 998 case IPV6_RTHDRDSTOPTS: 999 hdr = opt->dst0opt; 1000 break; 1001 case IPV6_RTHDR: 1002 hdr = (struct ipv6_opt_hdr *)opt->srcrt; 1003 break; 1004 case IPV6_DSTOPTS: 1005 hdr = opt->dst1opt; 1006 break; 1007 default: 1008 return -EINVAL; /* should not happen */ 1009 } 1010 1011 if (!hdr) 1012 return 0; 1013 1014 len = min_t(unsigned int, len, ipv6_optlen(hdr)); 1015 if (copy_to_user(optval, hdr, len)) 1016 return -EFAULT; 1017 return len; 1018 } 1019 1020 static int do_ipv6_getsockopt(struct sock *sk, int level, int optname, 1021 char __user *optval, int __user *optlen, unsigned int flags) 1022 { 1023 struct ipv6_pinfo *np = inet6_sk(sk); 1024 int len; 1025 int val; 1026 1027 if (ip6_mroute_opt(optname)) 1028 return ip6_mroute_getsockopt(sk, optname, optval, optlen); 1029 1030 if (get_user(len, optlen)) 1031 return -EFAULT; 1032 switch (optname) { 1033 case IPV6_ADDRFORM: 1034 if (sk->sk_protocol != IPPROTO_UDP && 1035 sk->sk_protocol != IPPROTO_UDPLITE && 1036 sk->sk_protocol != IPPROTO_TCP) 1037 return -ENOPROTOOPT; 1038 if (sk->sk_state != TCP_ESTABLISHED) 1039 return -ENOTCONN; 1040 val = sk->sk_family; 1041 break; 1042 case MCAST_MSFILTER: 1043 { 1044 struct group_filter gsf; 1045 int err; 1046 1047 if (len < GROUP_FILTER_SIZE(0)) 1048 return -EINVAL; 1049 if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0))) 1050 return -EFAULT; 1051 if (gsf.gf_group.ss_family != AF_INET6) 1052 return -EADDRNOTAVAIL; 1053 lock_sock(sk); 1054 err = ip6_mc_msfget(sk, &gsf, 1055 (struct group_filter __user *)optval, optlen); 1056 release_sock(sk); 1057 return err; 1058 } 1059 1060 case IPV6_2292PKTOPTIONS: 1061 { 1062 struct msghdr msg; 1063 struct sk_buff *skb; 1064 1065 if (sk->sk_type != SOCK_STREAM) 1066 return -ENOPROTOOPT; 1067 1068 msg.msg_control = optval; 1069 msg.msg_controllen = len; 1070 msg.msg_flags = flags; 1071 1072 lock_sock(sk); 1073 skb = np->pktoptions; 1074 if (skb) 1075 ip6_datagram_recv_ctl(sk, &msg, skb); 1076 release_sock(sk); 1077 if (!skb) { 1078 if (np->rxopt.bits.rxinfo) { 1079 struct in6_pktinfo src_info; 1080 src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif : 1081 np->sticky_pktinfo.ipi6_ifindex; 1082 src_info.ipi6_addr = np->mcast_oif ? sk->sk_v6_daddr : np->sticky_pktinfo.ipi6_addr; 1083 put_cmsg(&msg, SOL_IPV6, IPV6_PKTINFO, sizeof(src_info), &src_info); 1084 } 1085 if (np->rxopt.bits.rxhlim) { 1086 int hlim = np->mcast_hops; 1087 put_cmsg(&msg, SOL_IPV6, IPV6_HOPLIMIT, sizeof(hlim), &hlim); 1088 } 1089 if (np->rxopt.bits.rxtclass) { 1090 int tclass = (int)ip6_tclass(np->rcv_flowinfo); 1091 1092 put_cmsg(&msg, SOL_IPV6, IPV6_TCLASS, sizeof(tclass), &tclass); 1093 } 1094 if (np->rxopt.bits.rxoinfo) { 1095 struct in6_pktinfo src_info; 1096 src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif : 1097 np->sticky_pktinfo.ipi6_ifindex; 1098 src_info.ipi6_addr = np->mcast_oif ? sk->sk_v6_daddr : 1099 np->sticky_pktinfo.ipi6_addr; 1100 put_cmsg(&msg, SOL_IPV6, IPV6_2292PKTINFO, sizeof(src_info), &src_info); 1101 } 1102 if (np->rxopt.bits.rxohlim) { 1103 int hlim = np->mcast_hops; 1104 put_cmsg(&msg, SOL_IPV6, IPV6_2292HOPLIMIT, sizeof(hlim), &hlim); 1105 } 1106 if (np->rxopt.bits.rxflow) { 1107 __be32 flowinfo = np->rcv_flowinfo; 1108 1109 put_cmsg(&msg, SOL_IPV6, IPV6_FLOWINFO, sizeof(flowinfo), &flowinfo); 1110 } 1111 } 1112 len -= msg.msg_controllen; 1113 return put_user(len, optlen); 1114 } 1115 case IPV6_MTU: 1116 { 1117 struct dst_entry *dst; 1118 1119 val = 0; 1120 rcu_read_lock(); 1121 dst = __sk_dst_get(sk); 1122 if (dst) 1123 val = dst_mtu(dst); 1124 rcu_read_unlock(); 1125 if (!val) 1126 return -ENOTCONN; 1127 break; 1128 } 1129 1130 case IPV6_V6ONLY: 1131 val = sk->sk_ipv6only; 1132 break; 1133 1134 case IPV6_RECVPKTINFO: 1135 val = np->rxopt.bits.rxinfo; 1136 break; 1137 1138 case IPV6_2292PKTINFO: 1139 val = np->rxopt.bits.rxoinfo; 1140 break; 1141 1142 case IPV6_RECVHOPLIMIT: 1143 val = np->rxopt.bits.rxhlim; 1144 break; 1145 1146 case IPV6_2292HOPLIMIT: 1147 val = np->rxopt.bits.rxohlim; 1148 break; 1149 1150 case IPV6_RECVRTHDR: 1151 val = np->rxopt.bits.srcrt; 1152 break; 1153 1154 case IPV6_2292RTHDR: 1155 val = np->rxopt.bits.osrcrt; 1156 break; 1157 1158 case IPV6_HOPOPTS: 1159 case IPV6_RTHDRDSTOPTS: 1160 case IPV6_RTHDR: 1161 case IPV6_DSTOPTS: 1162 { 1163 struct ipv6_txoptions *opt; 1164 1165 lock_sock(sk); 1166 opt = rcu_dereference_protected(np->opt, 1167 lockdep_sock_is_held(sk)); 1168 len = ipv6_getsockopt_sticky(sk, opt, optname, optval, len); 1169 release_sock(sk); 1170 /* check if ipv6_getsockopt_sticky() returns err code */ 1171 if (len < 0) 1172 return len; 1173 return put_user(len, optlen); 1174 } 1175 1176 case IPV6_RECVHOPOPTS: 1177 val = np->rxopt.bits.hopopts; 1178 break; 1179 1180 case IPV6_2292HOPOPTS: 1181 val = np->rxopt.bits.ohopopts; 1182 break; 1183 1184 case IPV6_RECVDSTOPTS: 1185 val = np->rxopt.bits.dstopts; 1186 break; 1187 1188 case IPV6_2292DSTOPTS: 1189 val = np->rxopt.bits.odstopts; 1190 break; 1191 1192 case IPV6_TCLASS: 1193 val = np->tclass; 1194 break; 1195 1196 case IPV6_RECVTCLASS: 1197 val = np->rxopt.bits.rxtclass; 1198 break; 1199 1200 case IPV6_FLOWINFO: 1201 val = np->rxopt.bits.rxflow; 1202 break; 1203 1204 case IPV6_RECVPATHMTU: 1205 val = np->rxopt.bits.rxpmtu; 1206 break; 1207 1208 case IPV6_PATHMTU: 1209 { 1210 struct dst_entry *dst; 1211 struct ip6_mtuinfo mtuinfo; 1212 1213 if (len < sizeof(mtuinfo)) 1214 return -EINVAL; 1215 1216 len = sizeof(mtuinfo); 1217 memset(&mtuinfo, 0, sizeof(mtuinfo)); 1218 1219 rcu_read_lock(); 1220 dst = __sk_dst_get(sk); 1221 if (dst) 1222 mtuinfo.ip6m_mtu = dst_mtu(dst); 1223 rcu_read_unlock(); 1224 if (!mtuinfo.ip6m_mtu) 1225 return -ENOTCONN; 1226 1227 if (put_user(len, optlen)) 1228 return -EFAULT; 1229 if (copy_to_user(optval, &mtuinfo, len)) 1230 return -EFAULT; 1231 1232 return 0; 1233 } 1234 1235 case IPV6_TRANSPARENT: 1236 val = inet_sk(sk)->transparent; 1237 break; 1238 1239 case IPV6_FREEBIND: 1240 val = inet_sk(sk)->freebind; 1241 break; 1242 1243 case IPV6_RECVORIGDSTADDR: 1244 val = np->rxopt.bits.rxorigdstaddr; 1245 break; 1246 1247 case IPV6_UNICAST_HOPS: 1248 case IPV6_MULTICAST_HOPS: 1249 { 1250 struct dst_entry *dst; 1251 1252 if (optname == IPV6_UNICAST_HOPS) 1253 val = np->hop_limit; 1254 else 1255 val = np->mcast_hops; 1256 1257 if (val < 0) { 1258 rcu_read_lock(); 1259 dst = __sk_dst_get(sk); 1260 if (dst) 1261 val = ip6_dst_hoplimit(dst); 1262 rcu_read_unlock(); 1263 } 1264 1265 if (val < 0) 1266 val = sock_net(sk)->ipv6.devconf_all->hop_limit; 1267 break; 1268 } 1269 1270 case IPV6_MULTICAST_LOOP: 1271 val = np->mc_loop; 1272 break; 1273 1274 case IPV6_MULTICAST_IF: 1275 val = np->mcast_oif; 1276 break; 1277 1278 case IPV6_MULTICAST_ALL: 1279 val = np->mc_all; 1280 break; 1281 1282 case IPV6_UNICAST_IF: 1283 val = (__force int)htonl((__u32) np->ucast_oif); 1284 break; 1285 1286 case IPV6_MTU_DISCOVER: 1287 val = np->pmtudisc; 1288 break; 1289 1290 case IPV6_RECVERR: 1291 val = np->recverr; 1292 break; 1293 1294 case IPV6_FLOWINFO_SEND: 1295 val = np->sndflow; 1296 break; 1297 1298 case IPV6_FLOWLABEL_MGR: 1299 { 1300 struct in6_flowlabel_req freq; 1301 int flags; 1302 1303 if (len < sizeof(freq)) 1304 return -EINVAL; 1305 1306 if (copy_from_user(&freq, optval, sizeof(freq))) 1307 return -EFAULT; 1308 1309 if (freq.flr_action != IPV6_FL_A_GET) 1310 return -EINVAL; 1311 1312 len = sizeof(freq); 1313 flags = freq.flr_flags; 1314 1315 memset(&freq, 0, sizeof(freq)); 1316 1317 val = ipv6_flowlabel_opt_get(sk, &freq, flags); 1318 if (val < 0) 1319 return val; 1320 1321 if (put_user(len, optlen)) 1322 return -EFAULT; 1323 if (copy_to_user(optval, &freq, len)) 1324 return -EFAULT; 1325 1326 return 0; 1327 } 1328 1329 case IPV6_ADDR_PREFERENCES: 1330 val = 0; 1331 1332 if (np->srcprefs & IPV6_PREFER_SRC_TMP) 1333 val |= IPV6_PREFER_SRC_TMP; 1334 else if (np->srcprefs & IPV6_PREFER_SRC_PUBLIC) 1335 val |= IPV6_PREFER_SRC_PUBLIC; 1336 else { 1337 /* XXX: should we return system default? */ 1338 val |= IPV6_PREFER_SRC_PUBTMP_DEFAULT; 1339 } 1340 1341 if (np->srcprefs & IPV6_PREFER_SRC_COA) 1342 val |= IPV6_PREFER_SRC_COA; 1343 else 1344 val |= IPV6_PREFER_SRC_HOME; 1345 break; 1346 1347 case IPV6_MINHOPCOUNT: 1348 val = np->min_hopcount; 1349 break; 1350 1351 case IPV6_DONTFRAG: 1352 val = np->dontfrag; 1353 break; 1354 1355 case IPV6_AUTOFLOWLABEL: 1356 val = ip6_autoflowlabel(sock_net(sk), np); 1357 break; 1358 1359 case IPV6_RECVFRAGSIZE: 1360 val = np->rxopt.bits.recvfragsize; 1361 break; 1362 1363 case IPV6_ROUTER_ALERT_ISOLATE: 1364 val = np->rtalert_isolate; 1365 break; 1366 1367 default: 1368 return -ENOPROTOOPT; 1369 } 1370 len = min_t(unsigned int, sizeof(int), len); 1371 if (put_user(len, optlen)) 1372 return -EFAULT; 1373 if (copy_to_user(optval, &val, len)) 1374 return -EFAULT; 1375 return 0; 1376 } 1377 1378 int ipv6_getsockopt(struct sock *sk, int level, int optname, 1379 char __user *optval, int __user *optlen) 1380 { 1381 int err; 1382 1383 if (level == SOL_IP && sk->sk_type != SOCK_RAW) 1384 return udp_prot.getsockopt(sk, level, optname, optval, optlen); 1385 1386 if (level != SOL_IPV6) 1387 return -ENOPROTOOPT; 1388 1389 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen, 0); 1390 #ifdef CONFIG_NETFILTER 1391 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1392 if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) { 1393 int len; 1394 1395 if (get_user(len, optlen)) 1396 return -EFAULT; 1397 1398 err = nf_getsockopt(sk, PF_INET6, optname, optval, &len); 1399 if (err >= 0) 1400 err = put_user(len, optlen); 1401 } 1402 #endif 1403 return err; 1404 } 1405 EXPORT_SYMBOL(ipv6_getsockopt); 1406 1407 #ifdef CONFIG_COMPAT 1408 int compat_ipv6_getsockopt(struct sock *sk, int level, int optname, 1409 char __user *optval, int __user *optlen) 1410 { 1411 int err; 1412 1413 if (level == SOL_IP && sk->sk_type != SOCK_RAW) { 1414 if (udp_prot.compat_getsockopt != NULL) 1415 return udp_prot.compat_getsockopt(sk, level, optname, 1416 optval, optlen); 1417 return udp_prot.getsockopt(sk, level, optname, optval, optlen); 1418 } 1419 1420 if (level != SOL_IPV6) 1421 return -ENOPROTOOPT; 1422 1423 if (optname == MCAST_MSFILTER) 1424 return compat_mc_getsockopt(sk, level, optname, optval, optlen, 1425 ipv6_getsockopt); 1426 1427 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen, 1428 MSG_CMSG_COMPAT); 1429 #ifdef CONFIG_NETFILTER 1430 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1431 if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) { 1432 int len; 1433 1434 if (get_user(len, optlen)) 1435 return -EFAULT; 1436 1437 err = compat_nf_getsockopt(sk, PF_INET6, optname, optval, &len); 1438 if (err >= 0) 1439 err = put_user(len, optlen); 1440 } 1441 #endif 1442 return err; 1443 } 1444 EXPORT_SYMBOL(compat_ipv6_getsockopt); 1445 #endif 1446