1 /* 2 * IPv6 BSD socket options interface 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * Based on linux/net/ipv4/ip_sockglue.c 9 * 10 * This program is free software; you can redistribute it and/or 11 * modify it under the terms of the GNU General Public License 12 * as published by the Free Software Foundation; either version 13 * 2 of the License, or (at your option) any later version. 14 * 15 * FIXME: Make the setsockopt code POSIX compliant: That is 16 * 17 * o Truncate getsockopt returns 18 * o Return an optlen of the truncated length if need be 19 * 20 * Changes: 21 * David L Stevens <dlstevens@us.ibm.com>: 22 * - added multicast source filtering API for MLDv2 23 */ 24 25 #include <linux/module.h> 26 #include <linux/capability.h> 27 #include <linux/errno.h> 28 #include <linux/types.h> 29 #include <linux/socket.h> 30 #include <linux/sockios.h> 31 #include <linux/net.h> 32 #include <linux/in6.h> 33 #include <linux/mroute6.h> 34 #include <linux/netdevice.h> 35 #include <linux/if_arp.h> 36 #include <linux/init.h> 37 #include <linux/sysctl.h> 38 #include <linux/netfilter.h> 39 #include <linux/slab.h> 40 41 #include <net/sock.h> 42 #include <net/snmp.h> 43 #include <net/ipv6.h> 44 #include <net/ndisc.h> 45 #include <net/protocol.h> 46 #include <net/transp_v6.h> 47 #include <net/ip6_route.h> 48 #include <net/addrconf.h> 49 #include <net/inet_common.h> 50 #include <net/tcp.h> 51 #include <net/udp.h> 52 #include <net/udplite.h> 53 #include <net/xfrm.h> 54 #include <net/compat.h> 55 #include <net/seg6.h> 56 57 #include <linux/uaccess.h> 58 59 struct ip6_ra_chain *ip6_ra_chain; 60 DEFINE_RWLOCK(ip6_ra_lock); 61 62 int ip6_ra_control(struct sock *sk, int sel) 63 { 64 struct ip6_ra_chain *ra, *new_ra, **rap; 65 66 /* RA packet may be delivered ONLY to IPPROTO_RAW socket */ 67 if (sk->sk_type != SOCK_RAW || inet_sk(sk)->inet_num != IPPROTO_RAW) 68 return -ENOPROTOOPT; 69 70 new_ra = (sel >= 0) ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL; 71 72 write_lock_bh(&ip6_ra_lock); 73 for (rap = &ip6_ra_chain; (ra = *rap) != NULL; rap = &ra->next) { 74 if (ra->sk == sk) { 75 if (sel >= 0) { 76 write_unlock_bh(&ip6_ra_lock); 77 kfree(new_ra); 78 return -EADDRINUSE; 79 } 80 81 *rap = ra->next; 82 write_unlock_bh(&ip6_ra_lock); 83 84 sock_put(sk); 85 kfree(ra); 86 return 0; 87 } 88 } 89 if (!new_ra) { 90 write_unlock_bh(&ip6_ra_lock); 91 return -ENOBUFS; 92 } 93 new_ra->sk = sk; 94 new_ra->sel = sel; 95 new_ra->next = ra; 96 *rap = new_ra; 97 sock_hold(sk); 98 write_unlock_bh(&ip6_ra_lock); 99 return 0; 100 } 101 102 struct ipv6_txoptions *ipv6_update_options(struct sock *sk, 103 struct ipv6_txoptions *opt) 104 { 105 if (inet_sk(sk)->is_icsk) { 106 if (opt && 107 !((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) && 108 inet_sk(sk)->inet_daddr != LOOPBACK4_IPV6) { 109 struct inet_connection_sock *icsk = inet_csk(sk); 110 icsk->icsk_ext_hdr_len = opt->opt_flen + opt->opt_nflen; 111 icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie); 112 } 113 } 114 opt = xchg((__force struct ipv6_txoptions **)&inet6_sk(sk)->opt, 115 opt); 116 sk_dst_reset(sk); 117 118 return opt; 119 } 120 121 static bool setsockopt_needs_rtnl(int optname) 122 { 123 switch (optname) { 124 case IPV6_ADDRFORM: 125 case IPV6_ADD_MEMBERSHIP: 126 case IPV6_DROP_MEMBERSHIP: 127 case IPV6_JOIN_ANYCAST: 128 case IPV6_LEAVE_ANYCAST: 129 case MCAST_JOIN_GROUP: 130 case MCAST_LEAVE_GROUP: 131 case MCAST_JOIN_SOURCE_GROUP: 132 case MCAST_LEAVE_SOURCE_GROUP: 133 case MCAST_BLOCK_SOURCE: 134 case MCAST_UNBLOCK_SOURCE: 135 case MCAST_MSFILTER: 136 return true; 137 } 138 return false; 139 } 140 141 static int do_ipv6_setsockopt(struct sock *sk, int level, int optname, 142 char __user *optval, unsigned int optlen) 143 { 144 struct ipv6_pinfo *np = inet6_sk(sk); 145 struct net *net = sock_net(sk); 146 int val, valbool; 147 int retv = -ENOPROTOOPT; 148 bool needs_rtnl = setsockopt_needs_rtnl(optname); 149 150 if (!optval) 151 val = 0; 152 else { 153 if (optlen >= sizeof(int)) { 154 if (get_user(val, (int __user *) optval)) 155 return -EFAULT; 156 } else 157 val = 0; 158 } 159 160 valbool = (val != 0); 161 162 if (ip6_mroute_opt(optname)) 163 return ip6_mroute_setsockopt(sk, optname, optval, optlen); 164 165 if (needs_rtnl) 166 rtnl_lock(); 167 lock_sock(sk); 168 169 switch (optname) { 170 171 case IPV6_ADDRFORM: 172 if (optlen < sizeof(int)) 173 goto e_inval; 174 if (val == PF_INET) { 175 struct ipv6_txoptions *opt; 176 struct sk_buff *pktopt; 177 178 if (sk->sk_type == SOCK_RAW) 179 break; 180 181 if (sk->sk_protocol == IPPROTO_UDP || 182 sk->sk_protocol == IPPROTO_UDPLITE) { 183 struct udp_sock *up = udp_sk(sk); 184 if (up->pending == AF_INET6) { 185 retv = -EBUSY; 186 break; 187 } 188 } else if (sk->sk_protocol != IPPROTO_TCP) 189 break; 190 191 if (sk->sk_state != TCP_ESTABLISHED) { 192 retv = -ENOTCONN; 193 break; 194 } 195 196 if (ipv6_only_sock(sk) || 197 !ipv6_addr_v4mapped(&sk->sk_v6_daddr)) { 198 retv = -EADDRNOTAVAIL; 199 break; 200 } 201 202 fl6_free_socklist(sk); 203 __ipv6_sock_mc_close(sk); 204 205 /* 206 * Sock is moving from IPv6 to IPv4 (sk_prot), so 207 * remove it from the refcnt debug socks count in the 208 * original family... 209 */ 210 sk_refcnt_debug_dec(sk); 211 212 if (sk->sk_protocol == IPPROTO_TCP) { 213 struct inet_connection_sock *icsk = inet_csk(sk); 214 local_bh_disable(); 215 sock_prot_inuse_add(net, sk->sk_prot, -1); 216 sock_prot_inuse_add(net, &tcp_prot, 1); 217 local_bh_enable(); 218 sk->sk_prot = &tcp_prot; 219 icsk->icsk_af_ops = &ipv4_specific; 220 sk->sk_socket->ops = &inet_stream_ops; 221 sk->sk_family = PF_INET; 222 tcp_sync_mss(sk, icsk->icsk_pmtu_cookie); 223 } else { 224 struct proto *prot = &udp_prot; 225 226 if (sk->sk_protocol == IPPROTO_UDPLITE) 227 prot = &udplite_prot; 228 local_bh_disable(); 229 sock_prot_inuse_add(net, sk->sk_prot, -1); 230 sock_prot_inuse_add(net, prot, 1); 231 local_bh_enable(); 232 sk->sk_prot = prot; 233 sk->sk_socket->ops = &inet_dgram_ops; 234 sk->sk_family = PF_INET; 235 } 236 opt = xchg((__force struct ipv6_txoptions **)&np->opt, 237 NULL); 238 if (opt) { 239 atomic_sub(opt->tot_len, &sk->sk_omem_alloc); 240 txopt_put(opt); 241 } 242 pktopt = xchg(&np->pktoptions, NULL); 243 kfree_skb(pktopt); 244 245 /* 246 * ... and add it to the refcnt debug socks count 247 * in the new family. -acme 248 */ 249 sk_refcnt_debug_inc(sk); 250 module_put(THIS_MODULE); 251 retv = 0; 252 break; 253 } 254 goto e_inval; 255 256 case IPV6_V6ONLY: 257 if (optlen < sizeof(int) || 258 inet_sk(sk)->inet_num) 259 goto e_inval; 260 sk->sk_ipv6only = valbool; 261 retv = 0; 262 break; 263 264 case IPV6_RECVPKTINFO: 265 if (optlen < sizeof(int)) 266 goto e_inval; 267 np->rxopt.bits.rxinfo = valbool; 268 retv = 0; 269 break; 270 271 case IPV6_2292PKTINFO: 272 if (optlen < sizeof(int)) 273 goto e_inval; 274 np->rxopt.bits.rxoinfo = valbool; 275 retv = 0; 276 break; 277 278 case IPV6_RECVHOPLIMIT: 279 if (optlen < sizeof(int)) 280 goto e_inval; 281 np->rxopt.bits.rxhlim = valbool; 282 retv = 0; 283 break; 284 285 case IPV6_2292HOPLIMIT: 286 if (optlen < sizeof(int)) 287 goto e_inval; 288 np->rxopt.bits.rxohlim = valbool; 289 retv = 0; 290 break; 291 292 case IPV6_RECVRTHDR: 293 if (optlen < sizeof(int)) 294 goto e_inval; 295 np->rxopt.bits.srcrt = valbool; 296 retv = 0; 297 break; 298 299 case IPV6_2292RTHDR: 300 if (optlen < sizeof(int)) 301 goto e_inval; 302 np->rxopt.bits.osrcrt = valbool; 303 retv = 0; 304 break; 305 306 case IPV6_RECVHOPOPTS: 307 if (optlen < sizeof(int)) 308 goto e_inval; 309 np->rxopt.bits.hopopts = valbool; 310 retv = 0; 311 break; 312 313 case IPV6_2292HOPOPTS: 314 if (optlen < sizeof(int)) 315 goto e_inval; 316 np->rxopt.bits.ohopopts = valbool; 317 retv = 0; 318 break; 319 320 case IPV6_RECVDSTOPTS: 321 if (optlen < sizeof(int)) 322 goto e_inval; 323 np->rxopt.bits.dstopts = valbool; 324 retv = 0; 325 break; 326 327 case IPV6_2292DSTOPTS: 328 if (optlen < sizeof(int)) 329 goto e_inval; 330 np->rxopt.bits.odstopts = valbool; 331 retv = 0; 332 break; 333 334 case IPV6_TCLASS: 335 if (optlen < sizeof(int)) 336 goto e_inval; 337 if (val < -1 || val > 0xff) 338 goto e_inval; 339 /* RFC 3542, 6.5: default traffic class of 0x0 */ 340 if (val == -1) 341 val = 0; 342 np->tclass = val; 343 retv = 0; 344 break; 345 346 case IPV6_RECVTCLASS: 347 if (optlen < sizeof(int)) 348 goto e_inval; 349 np->rxopt.bits.rxtclass = valbool; 350 retv = 0; 351 break; 352 353 case IPV6_FLOWINFO: 354 if (optlen < sizeof(int)) 355 goto e_inval; 356 np->rxopt.bits.rxflow = valbool; 357 retv = 0; 358 break; 359 360 case IPV6_RECVPATHMTU: 361 if (optlen < sizeof(int)) 362 goto e_inval; 363 np->rxopt.bits.rxpmtu = valbool; 364 retv = 0; 365 break; 366 367 case IPV6_TRANSPARENT: 368 if (valbool && !ns_capable(net->user_ns, CAP_NET_ADMIN) && 369 !ns_capable(net->user_ns, CAP_NET_RAW)) { 370 retv = -EPERM; 371 break; 372 } 373 if (optlen < sizeof(int)) 374 goto e_inval; 375 /* we don't have a separate transparent bit for IPV6 we use the one in the IPv4 socket */ 376 inet_sk(sk)->transparent = valbool; 377 retv = 0; 378 break; 379 380 case IPV6_RECVORIGDSTADDR: 381 if (optlen < sizeof(int)) 382 goto e_inval; 383 np->rxopt.bits.rxorigdstaddr = valbool; 384 retv = 0; 385 break; 386 387 case IPV6_HOPOPTS: 388 case IPV6_RTHDRDSTOPTS: 389 case IPV6_RTHDR: 390 case IPV6_DSTOPTS: 391 { 392 struct ipv6_txoptions *opt; 393 394 /* remove any sticky options header with a zero option 395 * length, per RFC3542. 396 */ 397 if (optlen == 0) 398 optval = NULL; 399 else if (!optval) 400 goto e_inval; 401 else if (optlen < sizeof(struct ipv6_opt_hdr) || 402 optlen & 0x7 || optlen > 8 * 255) 403 goto e_inval; 404 405 /* hop-by-hop / destination options are privileged option */ 406 retv = -EPERM; 407 if (optname != IPV6_RTHDR && !ns_capable(net->user_ns, CAP_NET_RAW)) 408 break; 409 410 opt = rcu_dereference_protected(np->opt, 411 lockdep_sock_is_held(sk)); 412 opt = ipv6_renew_options(sk, opt, optname, 413 (struct ipv6_opt_hdr __user *)optval, 414 optlen); 415 if (IS_ERR(opt)) { 416 retv = PTR_ERR(opt); 417 break; 418 } 419 420 /* routing header option needs extra check */ 421 retv = -EINVAL; 422 if (optname == IPV6_RTHDR && opt && opt->srcrt) { 423 struct ipv6_rt_hdr *rthdr = opt->srcrt; 424 switch (rthdr->type) { 425 #if IS_ENABLED(CONFIG_IPV6_MIP6) 426 case IPV6_SRCRT_TYPE_2: 427 if (rthdr->hdrlen != 2 || 428 rthdr->segments_left != 1) 429 goto sticky_done; 430 431 break; 432 #endif 433 case IPV6_SRCRT_TYPE_4: 434 { 435 struct ipv6_sr_hdr *srh = (struct ipv6_sr_hdr *) 436 opt->srcrt; 437 438 if (!seg6_validate_srh(srh, optlen)) 439 goto sticky_done; 440 break; 441 } 442 default: 443 goto sticky_done; 444 } 445 } 446 447 retv = 0; 448 opt = ipv6_update_options(sk, opt); 449 sticky_done: 450 if (opt) { 451 atomic_sub(opt->tot_len, &sk->sk_omem_alloc); 452 txopt_put(opt); 453 } 454 break; 455 } 456 457 case IPV6_PKTINFO: 458 { 459 struct in6_pktinfo pkt; 460 461 if (optlen == 0) 462 goto e_inval; 463 else if (optlen < sizeof(struct in6_pktinfo) || !optval) 464 goto e_inval; 465 466 if (copy_from_user(&pkt, optval, sizeof(struct in6_pktinfo))) { 467 retv = -EFAULT; 468 break; 469 } 470 if (sk->sk_bound_dev_if && pkt.ipi6_ifindex != sk->sk_bound_dev_if) 471 goto e_inval; 472 473 np->sticky_pktinfo.ipi6_ifindex = pkt.ipi6_ifindex; 474 np->sticky_pktinfo.ipi6_addr = pkt.ipi6_addr; 475 retv = 0; 476 break; 477 } 478 479 case IPV6_2292PKTOPTIONS: 480 { 481 struct ipv6_txoptions *opt = NULL; 482 struct msghdr msg; 483 struct flowi6 fl6; 484 struct sockcm_cookie sockc_junk; 485 struct ipcm6_cookie ipc6; 486 487 memset(&fl6, 0, sizeof(fl6)); 488 fl6.flowi6_oif = sk->sk_bound_dev_if; 489 fl6.flowi6_mark = sk->sk_mark; 490 491 if (optlen == 0) 492 goto update; 493 494 /* 1K is probably excessive 495 * 1K is surely not enough, 2K per standard header is 16K. 496 */ 497 retv = -EINVAL; 498 if (optlen > 64*1024) 499 break; 500 501 opt = sock_kmalloc(sk, sizeof(*opt) + optlen, GFP_KERNEL); 502 retv = -ENOBUFS; 503 if (!opt) 504 break; 505 506 memset(opt, 0, sizeof(*opt)); 507 refcount_set(&opt->refcnt, 1); 508 opt->tot_len = sizeof(*opt) + optlen; 509 retv = -EFAULT; 510 if (copy_from_user(opt+1, optval, optlen)) 511 goto done; 512 513 msg.msg_controllen = optlen; 514 msg.msg_control = (void *)(opt+1); 515 ipc6.opt = opt; 516 517 retv = ip6_datagram_send_ctl(net, sk, &msg, &fl6, &ipc6, &sockc_junk); 518 if (retv) 519 goto done; 520 update: 521 retv = 0; 522 opt = ipv6_update_options(sk, opt); 523 done: 524 if (opt) { 525 atomic_sub(opt->tot_len, &sk->sk_omem_alloc); 526 txopt_put(opt); 527 } 528 break; 529 } 530 case IPV6_UNICAST_HOPS: 531 if (optlen < sizeof(int)) 532 goto e_inval; 533 if (val > 255 || val < -1) 534 goto e_inval; 535 np->hop_limit = val; 536 retv = 0; 537 break; 538 539 case IPV6_MULTICAST_HOPS: 540 if (sk->sk_type == SOCK_STREAM) 541 break; 542 if (optlen < sizeof(int)) 543 goto e_inval; 544 if (val > 255 || val < -1) 545 goto e_inval; 546 np->mcast_hops = (val == -1 ? IPV6_DEFAULT_MCASTHOPS : val); 547 retv = 0; 548 break; 549 550 case IPV6_MULTICAST_LOOP: 551 if (optlen < sizeof(int)) 552 goto e_inval; 553 if (val != valbool) 554 goto e_inval; 555 np->mc_loop = valbool; 556 retv = 0; 557 break; 558 559 case IPV6_UNICAST_IF: 560 { 561 struct net_device *dev = NULL; 562 int ifindex; 563 564 if (optlen != sizeof(int)) 565 goto e_inval; 566 567 ifindex = (__force int)ntohl((__force __be32)val); 568 if (ifindex == 0) { 569 np->ucast_oif = 0; 570 retv = 0; 571 break; 572 } 573 574 dev = dev_get_by_index(net, ifindex); 575 retv = -EADDRNOTAVAIL; 576 if (!dev) 577 break; 578 dev_put(dev); 579 580 retv = -EINVAL; 581 if (sk->sk_bound_dev_if) 582 break; 583 584 np->ucast_oif = ifindex; 585 retv = 0; 586 break; 587 } 588 589 case IPV6_MULTICAST_IF: 590 if (sk->sk_type == SOCK_STREAM) 591 break; 592 if (optlen < sizeof(int)) 593 goto e_inval; 594 595 if (val) { 596 struct net_device *dev; 597 int midx; 598 599 rcu_read_lock(); 600 601 dev = dev_get_by_index_rcu(net, val); 602 if (!dev) { 603 rcu_read_unlock(); 604 retv = -ENODEV; 605 break; 606 } 607 midx = l3mdev_master_ifindex_rcu(dev); 608 609 rcu_read_unlock(); 610 611 if (sk->sk_bound_dev_if && 612 sk->sk_bound_dev_if != val && 613 (!midx || midx != sk->sk_bound_dev_if)) 614 goto e_inval; 615 } 616 np->mcast_oif = val; 617 retv = 0; 618 break; 619 case IPV6_ADD_MEMBERSHIP: 620 case IPV6_DROP_MEMBERSHIP: 621 { 622 struct ipv6_mreq mreq; 623 624 if (optlen < sizeof(struct ipv6_mreq)) 625 goto e_inval; 626 627 retv = -EPROTO; 628 if (inet_sk(sk)->is_icsk) 629 break; 630 631 retv = -EFAULT; 632 if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq))) 633 break; 634 635 if (optname == IPV6_ADD_MEMBERSHIP) 636 retv = ipv6_sock_mc_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr); 637 else 638 retv = ipv6_sock_mc_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr); 639 break; 640 } 641 case IPV6_JOIN_ANYCAST: 642 case IPV6_LEAVE_ANYCAST: 643 { 644 struct ipv6_mreq mreq; 645 646 if (optlen < sizeof(struct ipv6_mreq)) 647 goto e_inval; 648 649 retv = -EFAULT; 650 if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq))) 651 break; 652 653 if (optname == IPV6_JOIN_ANYCAST) 654 retv = ipv6_sock_ac_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr); 655 else 656 retv = ipv6_sock_ac_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr); 657 break; 658 } 659 case MCAST_JOIN_GROUP: 660 case MCAST_LEAVE_GROUP: 661 { 662 struct group_req greq; 663 struct sockaddr_in6 *psin6; 664 665 if (optlen < sizeof(struct group_req)) 666 goto e_inval; 667 668 retv = -EFAULT; 669 if (copy_from_user(&greq, optval, sizeof(struct group_req))) 670 break; 671 if (greq.gr_group.ss_family != AF_INET6) { 672 retv = -EADDRNOTAVAIL; 673 break; 674 } 675 psin6 = (struct sockaddr_in6 *)&greq.gr_group; 676 if (optname == MCAST_JOIN_GROUP) 677 retv = ipv6_sock_mc_join(sk, greq.gr_interface, 678 &psin6->sin6_addr); 679 else 680 retv = ipv6_sock_mc_drop(sk, greq.gr_interface, 681 &psin6->sin6_addr); 682 break; 683 } 684 case MCAST_JOIN_SOURCE_GROUP: 685 case MCAST_LEAVE_SOURCE_GROUP: 686 case MCAST_BLOCK_SOURCE: 687 case MCAST_UNBLOCK_SOURCE: 688 { 689 struct group_source_req greqs; 690 int omode, add; 691 692 if (optlen < sizeof(struct group_source_req)) 693 goto e_inval; 694 if (copy_from_user(&greqs, optval, sizeof(greqs))) { 695 retv = -EFAULT; 696 break; 697 } 698 if (greqs.gsr_group.ss_family != AF_INET6 || 699 greqs.gsr_source.ss_family != AF_INET6) { 700 retv = -EADDRNOTAVAIL; 701 break; 702 } 703 if (optname == MCAST_BLOCK_SOURCE) { 704 omode = MCAST_EXCLUDE; 705 add = 1; 706 } else if (optname == MCAST_UNBLOCK_SOURCE) { 707 omode = MCAST_EXCLUDE; 708 add = 0; 709 } else if (optname == MCAST_JOIN_SOURCE_GROUP) { 710 struct sockaddr_in6 *psin6; 711 712 psin6 = (struct sockaddr_in6 *)&greqs.gsr_group; 713 retv = ipv6_sock_mc_join(sk, greqs.gsr_interface, 714 &psin6->sin6_addr); 715 /* prior join w/ different source is ok */ 716 if (retv && retv != -EADDRINUSE) 717 break; 718 omode = MCAST_INCLUDE; 719 add = 1; 720 } else /* MCAST_LEAVE_SOURCE_GROUP */ { 721 omode = MCAST_INCLUDE; 722 add = 0; 723 } 724 retv = ip6_mc_source(add, omode, sk, &greqs); 725 break; 726 } 727 case MCAST_MSFILTER: 728 { 729 struct group_filter *gsf; 730 731 if (optlen < GROUP_FILTER_SIZE(0)) 732 goto e_inval; 733 if (optlen > sysctl_optmem_max) { 734 retv = -ENOBUFS; 735 break; 736 } 737 gsf = memdup_user(optval, optlen); 738 if (IS_ERR(gsf)) { 739 retv = PTR_ERR(gsf); 740 break; 741 } 742 /* numsrc >= (4G-140)/128 overflow in 32 bits */ 743 if (gsf->gf_numsrc >= 0x1ffffffU || 744 gsf->gf_numsrc > sysctl_mld_max_msf) { 745 kfree(gsf); 746 retv = -ENOBUFS; 747 break; 748 } 749 if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) { 750 kfree(gsf); 751 retv = -EINVAL; 752 break; 753 } 754 retv = ip6_mc_msfilter(sk, gsf); 755 kfree(gsf); 756 757 break; 758 } 759 case IPV6_ROUTER_ALERT: 760 if (optlen < sizeof(int)) 761 goto e_inval; 762 retv = ip6_ra_control(sk, val); 763 break; 764 case IPV6_MTU_DISCOVER: 765 if (optlen < sizeof(int)) 766 goto e_inval; 767 if (val < IPV6_PMTUDISC_DONT || val > IPV6_PMTUDISC_OMIT) 768 goto e_inval; 769 np->pmtudisc = val; 770 retv = 0; 771 break; 772 case IPV6_MTU: 773 if (optlen < sizeof(int)) 774 goto e_inval; 775 if (val && val < IPV6_MIN_MTU) 776 goto e_inval; 777 np->frag_size = val; 778 retv = 0; 779 break; 780 case IPV6_RECVERR: 781 if (optlen < sizeof(int)) 782 goto e_inval; 783 np->recverr = valbool; 784 if (!val) 785 skb_queue_purge(&sk->sk_error_queue); 786 retv = 0; 787 break; 788 case IPV6_FLOWINFO_SEND: 789 if (optlen < sizeof(int)) 790 goto e_inval; 791 np->sndflow = valbool; 792 retv = 0; 793 break; 794 case IPV6_FLOWLABEL_MGR: 795 retv = ipv6_flowlabel_opt(sk, optval, optlen); 796 break; 797 case IPV6_IPSEC_POLICY: 798 case IPV6_XFRM_POLICY: 799 retv = -EPERM; 800 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 801 break; 802 retv = xfrm_user_policy(sk, optname, optval, optlen); 803 break; 804 805 case IPV6_ADDR_PREFERENCES: 806 { 807 unsigned int pref = 0; 808 unsigned int prefmask = ~0; 809 810 if (optlen < sizeof(int)) 811 goto e_inval; 812 813 retv = -EINVAL; 814 815 /* check PUBLIC/TMP/PUBTMP_DEFAULT conflicts */ 816 switch (val & (IPV6_PREFER_SRC_PUBLIC| 817 IPV6_PREFER_SRC_TMP| 818 IPV6_PREFER_SRC_PUBTMP_DEFAULT)) { 819 case IPV6_PREFER_SRC_PUBLIC: 820 pref |= IPV6_PREFER_SRC_PUBLIC; 821 break; 822 case IPV6_PREFER_SRC_TMP: 823 pref |= IPV6_PREFER_SRC_TMP; 824 break; 825 case IPV6_PREFER_SRC_PUBTMP_DEFAULT: 826 break; 827 case 0: 828 goto pref_skip_pubtmp; 829 default: 830 goto e_inval; 831 } 832 833 prefmask &= ~(IPV6_PREFER_SRC_PUBLIC| 834 IPV6_PREFER_SRC_TMP); 835 pref_skip_pubtmp: 836 837 /* check HOME/COA conflicts */ 838 switch (val & (IPV6_PREFER_SRC_HOME|IPV6_PREFER_SRC_COA)) { 839 case IPV6_PREFER_SRC_HOME: 840 break; 841 case IPV6_PREFER_SRC_COA: 842 pref |= IPV6_PREFER_SRC_COA; 843 case 0: 844 goto pref_skip_coa; 845 default: 846 goto e_inval; 847 } 848 849 prefmask &= ~IPV6_PREFER_SRC_COA; 850 pref_skip_coa: 851 852 /* check CGA/NONCGA conflicts */ 853 switch (val & (IPV6_PREFER_SRC_CGA|IPV6_PREFER_SRC_NONCGA)) { 854 case IPV6_PREFER_SRC_CGA: 855 case IPV6_PREFER_SRC_NONCGA: 856 case 0: 857 break; 858 default: 859 goto e_inval; 860 } 861 862 np->srcprefs = (np->srcprefs & prefmask) | pref; 863 retv = 0; 864 865 break; 866 } 867 case IPV6_MINHOPCOUNT: 868 if (optlen < sizeof(int)) 869 goto e_inval; 870 if (val < 0 || val > 255) 871 goto e_inval; 872 np->min_hopcount = val; 873 retv = 0; 874 break; 875 case IPV6_DONTFRAG: 876 np->dontfrag = valbool; 877 retv = 0; 878 break; 879 case IPV6_AUTOFLOWLABEL: 880 np->autoflowlabel = valbool; 881 retv = 0; 882 break; 883 case IPV6_RECVFRAGSIZE: 884 np->rxopt.bits.recvfragsize = valbool; 885 retv = 0; 886 break; 887 } 888 889 release_sock(sk); 890 if (needs_rtnl) 891 rtnl_unlock(); 892 893 return retv; 894 895 e_inval: 896 release_sock(sk); 897 if (needs_rtnl) 898 rtnl_unlock(); 899 return -EINVAL; 900 } 901 902 int ipv6_setsockopt(struct sock *sk, int level, int optname, 903 char __user *optval, unsigned int optlen) 904 { 905 int err; 906 907 if (level == SOL_IP && sk->sk_type != SOCK_RAW) 908 return udp_prot.setsockopt(sk, level, optname, optval, optlen); 909 910 if (level != SOL_IPV6) 911 return -ENOPROTOOPT; 912 913 err = do_ipv6_setsockopt(sk, level, optname, optval, optlen); 914 #ifdef CONFIG_NETFILTER 915 /* we need to exclude all possible ENOPROTOOPTs except default case */ 916 if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY && 917 optname != IPV6_XFRM_POLICY) { 918 lock_sock(sk); 919 err = nf_setsockopt(sk, PF_INET6, optname, optval, 920 optlen); 921 release_sock(sk); 922 } 923 #endif 924 return err; 925 } 926 EXPORT_SYMBOL(ipv6_setsockopt); 927 928 #ifdef CONFIG_COMPAT 929 int compat_ipv6_setsockopt(struct sock *sk, int level, int optname, 930 char __user *optval, unsigned int optlen) 931 { 932 int err; 933 934 if (level == SOL_IP && sk->sk_type != SOCK_RAW) { 935 if (udp_prot.compat_setsockopt != NULL) 936 return udp_prot.compat_setsockopt(sk, level, optname, 937 optval, optlen); 938 return udp_prot.setsockopt(sk, level, optname, optval, optlen); 939 } 940 941 if (level != SOL_IPV6) 942 return -ENOPROTOOPT; 943 944 if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER) 945 return compat_mc_setsockopt(sk, level, optname, optval, optlen, 946 ipv6_setsockopt); 947 948 err = do_ipv6_setsockopt(sk, level, optname, optval, optlen); 949 #ifdef CONFIG_NETFILTER 950 /* we need to exclude all possible ENOPROTOOPTs except default case */ 951 if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY && 952 optname != IPV6_XFRM_POLICY) { 953 lock_sock(sk); 954 err = compat_nf_setsockopt(sk, PF_INET6, optname, 955 optval, optlen); 956 release_sock(sk); 957 } 958 #endif 959 return err; 960 } 961 EXPORT_SYMBOL(compat_ipv6_setsockopt); 962 #endif 963 964 static int ipv6_getsockopt_sticky(struct sock *sk, struct ipv6_txoptions *opt, 965 int optname, char __user *optval, int len) 966 { 967 struct ipv6_opt_hdr *hdr; 968 969 if (!opt) 970 return 0; 971 972 switch (optname) { 973 case IPV6_HOPOPTS: 974 hdr = opt->hopopt; 975 break; 976 case IPV6_RTHDRDSTOPTS: 977 hdr = opt->dst0opt; 978 break; 979 case IPV6_RTHDR: 980 hdr = (struct ipv6_opt_hdr *)opt->srcrt; 981 break; 982 case IPV6_DSTOPTS: 983 hdr = opt->dst1opt; 984 break; 985 default: 986 return -EINVAL; /* should not happen */ 987 } 988 989 if (!hdr) 990 return 0; 991 992 len = min_t(unsigned int, len, ipv6_optlen(hdr)); 993 if (copy_to_user(optval, hdr, len)) 994 return -EFAULT; 995 return len; 996 } 997 998 static int do_ipv6_getsockopt(struct sock *sk, int level, int optname, 999 char __user *optval, int __user *optlen, unsigned int flags) 1000 { 1001 struct ipv6_pinfo *np = inet6_sk(sk); 1002 int len; 1003 int val; 1004 1005 if (ip6_mroute_opt(optname)) 1006 return ip6_mroute_getsockopt(sk, optname, optval, optlen); 1007 1008 if (get_user(len, optlen)) 1009 return -EFAULT; 1010 switch (optname) { 1011 case IPV6_ADDRFORM: 1012 if (sk->sk_protocol != IPPROTO_UDP && 1013 sk->sk_protocol != IPPROTO_UDPLITE && 1014 sk->sk_protocol != IPPROTO_TCP) 1015 return -ENOPROTOOPT; 1016 if (sk->sk_state != TCP_ESTABLISHED) 1017 return -ENOTCONN; 1018 val = sk->sk_family; 1019 break; 1020 case MCAST_MSFILTER: 1021 { 1022 struct group_filter gsf; 1023 int err; 1024 1025 if (len < GROUP_FILTER_SIZE(0)) 1026 return -EINVAL; 1027 if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0))) 1028 return -EFAULT; 1029 if (gsf.gf_group.ss_family != AF_INET6) 1030 return -EADDRNOTAVAIL; 1031 lock_sock(sk); 1032 err = ip6_mc_msfget(sk, &gsf, 1033 (struct group_filter __user *)optval, optlen); 1034 release_sock(sk); 1035 return err; 1036 } 1037 1038 case IPV6_2292PKTOPTIONS: 1039 { 1040 struct msghdr msg; 1041 struct sk_buff *skb; 1042 1043 if (sk->sk_type != SOCK_STREAM) 1044 return -ENOPROTOOPT; 1045 1046 msg.msg_control = optval; 1047 msg.msg_controllen = len; 1048 msg.msg_flags = flags; 1049 1050 lock_sock(sk); 1051 skb = np->pktoptions; 1052 if (skb) 1053 ip6_datagram_recv_ctl(sk, &msg, skb); 1054 release_sock(sk); 1055 if (!skb) { 1056 if (np->rxopt.bits.rxinfo) { 1057 struct in6_pktinfo src_info; 1058 src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif : 1059 np->sticky_pktinfo.ipi6_ifindex; 1060 src_info.ipi6_addr = np->mcast_oif ? sk->sk_v6_daddr : np->sticky_pktinfo.ipi6_addr; 1061 put_cmsg(&msg, SOL_IPV6, IPV6_PKTINFO, sizeof(src_info), &src_info); 1062 } 1063 if (np->rxopt.bits.rxhlim) { 1064 int hlim = np->mcast_hops; 1065 put_cmsg(&msg, SOL_IPV6, IPV6_HOPLIMIT, sizeof(hlim), &hlim); 1066 } 1067 if (np->rxopt.bits.rxtclass) { 1068 int tclass = (int)ip6_tclass(np->rcv_flowinfo); 1069 1070 put_cmsg(&msg, SOL_IPV6, IPV6_TCLASS, sizeof(tclass), &tclass); 1071 } 1072 if (np->rxopt.bits.rxoinfo) { 1073 struct in6_pktinfo src_info; 1074 src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif : 1075 np->sticky_pktinfo.ipi6_ifindex; 1076 src_info.ipi6_addr = np->mcast_oif ? sk->sk_v6_daddr : 1077 np->sticky_pktinfo.ipi6_addr; 1078 put_cmsg(&msg, SOL_IPV6, IPV6_2292PKTINFO, sizeof(src_info), &src_info); 1079 } 1080 if (np->rxopt.bits.rxohlim) { 1081 int hlim = np->mcast_hops; 1082 put_cmsg(&msg, SOL_IPV6, IPV6_2292HOPLIMIT, sizeof(hlim), &hlim); 1083 } 1084 if (np->rxopt.bits.rxflow) { 1085 __be32 flowinfo = np->rcv_flowinfo; 1086 1087 put_cmsg(&msg, SOL_IPV6, IPV6_FLOWINFO, sizeof(flowinfo), &flowinfo); 1088 } 1089 } 1090 len -= msg.msg_controllen; 1091 return put_user(len, optlen); 1092 } 1093 case IPV6_MTU: 1094 { 1095 struct dst_entry *dst; 1096 1097 val = 0; 1098 rcu_read_lock(); 1099 dst = __sk_dst_get(sk); 1100 if (dst) 1101 val = dst_mtu(dst); 1102 rcu_read_unlock(); 1103 if (!val) 1104 return -ENOTCONN; 1105 break; 1106 } 1107 1108 case IPV6_V6ONLY: 1109 val = sk->sk_ipv6only; 1110 break; 1111 1112 case IPV6_RECVPKTINFO: 1113 val = np->rxopt.bits.rxinfo; 1114 break; 1115 1116 case IPV6_2292PKTINFO: 1117 val = np->rxopt.bits.rxoinfo; 1118 break; 1119 1120 case IPV6_RECVHOPLIMIT: 1121 val = np->rxopt.bits.rxhlim; 1122 break; 1123 1124 case IPV6_2292HOPLIMIT: 1125 val = np->rxopt.bits.rxohlim; 1126 break; 1127 1128 case IPV6_RECVRTHDR: 1129 val = np->rxopt.bits.srcrt; 1130 break; 1131 1132 case IPV6_2292RTHDR: 1133 val = np->rxopt.bits.osrcrt; 1134 break; 1135 1136 case IPV6_HOPOPTS: 1137 case IPV6_RTHDRDSTOPTS: 1138 case IPV6_RTHDR: 1139 case IPV6_DSTOPTS: 1140 { 1141 struct ipv6_txoptions *opt; 1142 1143 lock_sock(sk); 1144 opt = rcu_dereference_protected(np->opt, 1145 lockdep_sock_is_held(sk)); 1146 len = ipv6_getsockopt_sticky(sk, opt, optname, optval, len); 1147 release_sock(sk); 1148 /* check if ipv6_getsockopt_sticky() returns err code */ 1149 if (len < 0) 1150 return len; 1151 return put_user(len, optlen); 1152 } 1153 1154 case IPV6_RECVHOPOPTS: 1155 val = np->rxopt.bits.hopopts; 1156 break; 1157 1158 case IPV6_2292HOPOPTS: 1159 val = np->rxopt.bits.ohopopts; 1160 break; 1161 1162 case IPV6_RECVDSTOPTS: 1163 val = np->rxopt.bits.dstopts; 1164 break; 1165 1166 case IPV6_2292DSTOPTS: 1167 val = np->rxopt.bits.odstopts; 1168 break; 1169 1170 case IPV6_TCLASS: 1171 val = np->tclass; 1172 break; 1173 1174 case IPV6_RECVTCLASS: 1175 val = np->rxopt.bits.rxtclass; 1176 break; 1177 1178 case IPV6_FLOWINFO: 1179 val = np->rxopt.bits.rxflow; 1180 break; 1181 1182 case IPV6_RECVPATHMTU: 1183 val = np->rxopt.bits.rxpmtu; 1184 break; 1185 1186 case IPV6_PATHMTU: 1187 { 1188 struct dst_entry *dst; 1189 struct ip6_mtuinfo mtuinfo; 1190 1191 if (len < sizeof(mtuinfo)) 1192 return -EINVAL; 1193 1194 len = sizeof(mtuinfo); 1195 memset(&mtuinfo, 0, sizeof(mtuinfo)); 1196 1197 rcu_read_lock(); 1198 dst = __sk_dst_get(sk); 1199 if (dst) 1200 mtuinfo.ip6m_mtu = dst_mtu(dst); 1201 rcu_read_unlock(); 1202 if (!mtuinfo.ip6m_mtu) 1203 return -ENOTCONN; 1204 1205 if (put_user(len, optlen)) 1206 return -EFAULT; 1207 if (copy_to_user(optval, &mtuinfo, len)) 1208 return -EFAULT; 1209 1210 return 0; 1211 } 1212 1213 case IPV6_TRANSPARENT: 1214 val = inet_sk(sk)->transparent; 1215 break; 1216 1217 case IPV6_RECVORIGDSTADDR: 1218 val = np->rxopt.bits.rxorigdstaddr; 1219 break; 1220 1221 case IPV6_UNICAST_HOPS: 1222 case IPV6_MULTICAST_HOPS: 1223 { 1224 struct dst_entry *dst; 1225 1226 if (optname == IPV6_UNICAST_HOPS) 1227 val = np->hop_limit; 1228 else 1229 val = np->mcast_hops; 1230 1231 if (val < 0) { 1232 rcu_read_lock(); 1233 dst = __sk_dst_get(sk); 1234 if (dst) 1235 val = ip6_dst_hoplimit(dst); 1236 rcu_read_unlock(); 1237 } 1238 1239 if (val < 0) 1240 val = sock_net(sk)->ipv6.devconf_all->hop_limit; 1241 break; 1242 } 1243 1244 case IPV6_MULTICAST_LOOP: 1245 val = np->mc_loop; 1246 break; 1247 1248 case IPV6_MULTICAST_IF: 1249 val = np->mcast_oif; 1250 break; 1251 1252 case IPV6_UNICAST_IF: 1253 val = (__force int)htonl((__u32) np->ucast_oif); 1254 break; 1255 1256 case IPV6_MTU_DISCOVER: 1257 val = np->pmtudisc; 1258 break; 1259 1260 case IPV6_RECVERR: 1261 val = np->recverr; 1262 break; 1263 1264 case IPV6_FLOWINFO_SEND: 1265 val = np->sndflow; 1266 break; 1267 1268 case IPV6_FLOWLABEL_MGR: 1269 { 1270 struct in6_flowlabel_req freq; 1271 int flags; 1272 1273 if (len < sizeof(freq)) 1274 return -EINVAL; 1275 1276 if (copy_from_user(&freq, optval, sizeof(freq))) 1277 return -EFAULT; 1278 1279 if (freq.flr_action != IPV6_FL_A_GET) 1280 return -EINVAL; 1281 1282 len = sizeof(freq); 1283 flags = freq.flr_flags; 1284 1285 memset(&freq, 0, sizeof(freq)); 1286 1287 val = ipv6_flowlabel_opt_get(sk, &freq, flags); 1288 if (val < 0) 1289 return val; 1290 1291 if (put_user(len, optlen)) 1292 return -EFAULT; 1293 if (copy_to_user(optval, &freq, len)) 1294 return -EFAULT; 1295 1296 return 0; 1297 } 1298 1299 case IPV6_ADDR_PREFERENCES: 1300 val = 0; 1301 1302 if (np->srcprefs & IPV6_PREFER_SRC_TMP) 1303 val |= IPV6_PREFER_SRC_TMP; 1304 else if (np->srcprefs & IPV6_PREFER_SRC_PUBLIC) 1305 val |= IPV6_PREFER_SRC_PUBLIC; 1306 else { 1307 /* XXX: should we return system default? */ 1308 val |= IPV6_PREFER_SRC_PUBTMP_DEFAULT; 1309 } 1310 1311 if (np->srcprefs & IPV6_PREFER_SRC_COA) 1312 val |= IPV6_PREFER_SRC_COA; 1313 else 1314 val |= IPV6_PREFER_SRC_HOME; 1315 break; 1316 1317 case IPV6_MINHOPCOUNT: 1318 val = np->min_hopcount; 1319 break; 1320 1321 case IPV6_DONTFRAG: 1322 val = np->dontfrag; 1323 break; 1324 1325 case IPV6_AUTOFLOWLABEL: 1326 val = np->autoflowlabel; 1327 break; 1328 1329 case IPV6_RECVFRAGSIZE: 1330 val = np->rxopt.bits.recvfragsize; 1331 break; 1332 1333 default: 1334 return -ENOPROTOOPT; 1335 } 1336 len = min_t(unsigned int, sizeof(int), len); 1337 if (put_user(len, optlen)) 1338 return -EFAULT; 1339 if (copy_to_user(optval, &val, len)) 1340 return -EFAULT; 1341 return 0; 1342 } 1343 1344 int ipv6_getsockopt(struct sock *sk, int level, int optname, 1345 char __user *optval, int __user *optlen) 1346 { 1347 int err; 1348 1349 if (level == SOL_IP && sk->sk_type != SOCK_RAW) 1350 return udp_prot.getsockopt(sk, level, optname, optval, optlen); 1351 1352 if (level != SOL_IPV6) 1353 return -ENOPROTOOPT; 1354 1355 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen, 0); 1356 #ifdef CONFIG_NETFILTER 1357 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1358 if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) { 1359 int len; 1360 1361 if (get_user(len, optlen)) 1362 return -EFAULT; 1363 1364 lock_sock(sk); 1365 err = nf_getsockopt(sk, PF_INET6, optname, optval, 1366 &len); 1367 release_sock(sk); 1368 if (err >= 0) 1369 err = put_user(len, optlen); 1370 } 1371 #endif 1372 return err; 1373 } 1374 EXPORT_SYMBOL(ipv6_getsockopt); 1375 1376 #ifdef CONFIG_COMPAT 1377 int compat_ipv6_getsockopt(struct sock *sk, int level, int optname, 1378 char __user *optval, int __user *optlen) 1379 { 1380 int err; 1381 1382 if (level == SOL_IP && sk->sk_type != SOCK_RAW) { 1383 if (udp_prot.compat_getsockopt != NULL) 1384 return udp_prot.compat_getsockopt(sk, level, optname, 1385 optval, optlen); 1386 return udp_prot.getsockopt(sk, level, optname, optval, optlen); 1387 } 1388 1389 if (level != SOL_IPV6) 1390 return -ENOPROTOOPT; 1391 1392 if (optname == MCAST_MSFILTER) 1393 return compat_mc_getsockopt(sk, level, optname, optval, optlen, 1394 ipv6_getsockopt); 1395 1396 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen, 1397 MSG_CMSG_COMPAT); 1398 #ifdef CONFIG_NETFILTER 1399 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1400 if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) { 1401 int len; 1402 1403 if (get_user(len, optlen)) 1404 return -EFAULT; 1405 1406 lock_sock(sk); 1407 err = compat_nf_getsockopt(sk, PF_INET6, 1408 optname, optval, &len); 1409 release_sock(sk); 1410 if (err >= 0) 1411 err = put_user(len, optlen); 1412 } 1413 #endif 1414 return err; 1415 } 1416 EXPORT_SYMBOL(compat_ipv6_getsockopt); 1417 #endif 1418 1419