1 /* 2 * IPv6 BSD socket options interface 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * Based on linux/net/ipv4/ip_sockglue.c 9 * 10 * This program is free software; you can redistribute it and/or 11 * modify it under the terms of the GNU General Public License 12 * as published by the Free Software Foundation; either version 13 * 2 of the License, or (at your option) any later version. 14 * 15 * FIXME: Make the setsockopt code POSIX compliant: That is 16 * 17 * o Truncate getsockopt returns 18 * o Return an optlen of the truncated length if need be 19 * 20 * Changes: 21 * David L Stevens <dlstevens@us.ibm.com>: 22 * - added multicast source filtering API for MLDv2 23 */ 24 25 #include <linux/module.h> 26 #include <linux/capability.h> 27 #include <linux/errno.h> 28 #include <linux/types.h> 29 #include <linux/socket.h> 30 #include <linux/sockios.h> 31 #include <linux/net.h> 32 #include <linux/in6.h> 33 #include <linux/mroute6.h> 34 #include <linux/netdevice.h> 35 #include <linux/if_arp.h> 36 #include <linux/init.h> 37 #include <linux/sysctl.h> 38 #include <linux/netfilter.h> 39 40 #include <net/sock.h> 41 #include <net/snmp.h> 42 #include <net/ipv6.h> 43 #include <net/ndisc.h> 44 #include <net/protocol.h> 45 #include <net/transp_v6.h> 46 #include <net/ip6_route.h> 47 #include <net/addrconf.h> 48 #include <net/inet_common.h> 49 #include <net/tcp.h> 50 #include <net/udp.h> 51 #include <net/udplite.h> 52 #include <net/xfrm.h> 53 #include <net/compat.h> 54 55 #include <asm/uaccess.h> 56 57 DEFINE_SNMP_STAT(struct ipstats_mib, ipv6_statistics) __read_mostly; 58 59 struct ip6_ra_chain *ip6_ra_chain; 60 DEFINE_RWLOCK(ip6_ra_lock); 61 62 int ip6_ra_control(struct sock *sk, int sel) 63 { 64 struct ip6_ra_chain *ra, *new_ra, **rap; 65 66 /* RA packet may be delivered ONLY to IPPROTO_RAW socket */ 67 if (sk->sk_type != SOCK_RAW || inet_sk(sk)->num != IPPROTO_RAW) 68 return -ENOPROTOOPT; 69 70 new_ra = (sel>=0) ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL; 71 72 write_lock_bh(&ip6_ra_lock); 73 for (rap = &ip6_ra_chain; (ra=*rap) != NULL; rap = &ra->next) { 74 if (ra->sk == sk) { 75 if (sel>=0) { 76 write_unlock_bh(&ip6_ra_lock); 77 kfree(new_ra); 78 return -EADDRINUSE; 79 } 80 81 *rap = ra->next; 82 write_unlock_bh(&ip6_ra_lock); 83 84 sock_put(sk); 85 kfree(ra); 86 return 0; 87 } 88 } 89 if (new_ra == NULL) { 90 write_unlock_bh(&ip6_ra_lock); 91 return -ENOBUFS; 92 } 93 new_ra->sk = sk; 94 new_ra->sel = sel; 95 new_ra->next = ra; 96 *rap = new_ra; 97 sock_hold(sk); 98 write_unlock_bh(&ip6_ra_lock); 99 return 0; 100 } 101 102 static 103 struct ipv6_txoptions *ipv6_update_options(struct sock *sk, 104 struct ipv6_txoptions *opt) 105 { 106 if (inet_sk(sk)->is_icsk) { 107 if (opt && 108 !((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) && 109 inet_sk(sk)->daddr != LOOPBACK4_IPV6) { 110 struct inet_connection_sock *icsk = inet_csk(sk); 111 icsk->icsk_ext_hdr_len = opt->opt_flen + opt->opt_nflen; 112 icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie); 113 } 114 opt = xchg(&inet6_sk(sk)->opt, opt); 115 } else { 116 write_lock(&sk->sk_dst_lock); 117 opt = xchg(&inet6_sk(sk)->opt, opt); 118 write_unlock(&sk->sk_dst_lock); 119 } 120 sk_dst_reset(sk); 121 122 return opt; 123 } 124 125 static int do_ipv6_setsockopt(struct sock *sk, int level, int optname, 126 char __user *optval, unsigned int optlen) 127 { 128 struct ipv6_pinfo *np = inet6_sk(sk); 129 struct net *net = sock_net(sk); 130 int val, valbool; 131 int retv = -ENOPROTOOPT; 132 133 if (optval == NULL) 134 val=0; 135 else { 136 if (optlen >= sizeof(int)) { 137 if (get_user(val, (int __user *) optval)) 138 return -EFAULT; 139 } else 140 val = 0; 141 } 142 143 valbool = (val!=0); 144 145 if (ip6_mroute_opt(optname)) 146 return ip6_mroute_setsockopt(sk, optname, optval, optlen); 147 148 lock_sock(sk); 149 150 switch (optname) { 151 152 case IPV6_ADDRFORM: 153 if (optlen < sizeof(int)) 154 goto e_inval; 155 if (val == PF_INET) { 156 struct ipv6_txoptions *opt; 157 struct sk_buff *pktopt; 158 159 if (sk->sk_type == SOCK_RAW) 160 break; 161 162 if (sk->sk_protocol == IPPROTO_UDP || 163 sk->sk_protocol == IPPROTO_UDPLITE) { 164 struct udp_sock *up = udp_sk(sk); 165 if (up->pending == AF_INET6) { 166 retv = -EBUSY; 167 break; 168 } 169 } else if (sk->sk_protocol != IPPROTO_TCP) 170 break; 171 172 if (sk->sk_state != TCP_ESTABLISHED) { 173 retv = -ENOTCONN; 174 break; 175 } 176 177 if (ipv6_only_sock(sk) || 178 !ipv6_addr_v4mapped(&np->daddr)) { 179 retv = -EADDRNOTAVAIL; 180 break; 181 } 182 183 fl6_free_socklist(sk); 184 ipv6_sock_mc_close(sk); 185 186 /* 187 * Sock is moving from IPv6 to IPv4 (sk_prot), so 188 * remove it from the refcnt debug socks count in the 189 * original family... 190 */ 191 sk_refcnt_debug_dec(sk); 192 193 if (sk->sk_protocol == IPPROTO_TCP) { 194 struct inet_connection_sock *icsk = inet_csk(sk); 195 local_bh_disable(); 196 sock_prot_inuse_add(net, sk->sk_prot, -1); 197 sock_prot_inuse_add(net, &tcp_prot, 1); 198 local_bh_enable(); 199 sk->sk_prot = &tcp_prot; 200 icsk->icsk_af_ops = &ipv4_specific; 201 sk->sk_socket->ops = &inet_stream_ops; 202 sk->sk_family = PF_INET; 203 tcp_sync_mss(sk, icsk->icsk_pmtu_cookie); 204 } else { 205 struct proto *prot = &udp_prot; 206 207 if (sk->sk_protocol == IPPROTO_UDPLITE) 208 prot = &udplite_prot; 209 local_bh_disable(); 210 sock_prot_inuse_add(net, sk->sk_prot, -1); 211 sock_prot_inuse_add(net, prot, 1); 212 local_bh_enable(); 213 sk->sk_prot = prot; 214 sk->sk_socket->ops = &inet_dgram_ops; 215 sk->sk_family = PF_INET; 216 } 217 opt = xchg(&np->opt, NULL); 218 if (opt) 219 sock_kfree_s(sk, opt, opt->tot_len); 220 pktopt = xchg(&np->pktoptions, NULL); 221 kfree_skb(pktopt); 222 223 sk->sk_destruct = inet_sock_destruct; 224 /* 225 * ... and add it to the refcnt debug socks count 226 * in the new family. -acme 227 */ 228 sk_refcnt_debug_inc(sk); 229 module_put(THIS_MODULE); 230 retv = 0; 231 break; 232 } 233 goto e_inval; 234 235 case IPV6_V6ONLY: 236 if (optlen < sizeof(int) || 237 inet_sk(sk)->num) 238 goto e_inval; 239 np->ipv6only = valbool; 240 retv = 0; 241 break; 242 243 case IPV6_RECVPKTINFO: 244 if (optlen < sizeof(int)) 245 goto e_inval; 246 np->rxopt.bits.rxinfo = valbool; 247 retv = 0; 248 break; 249 250 case IPV6_2292PKTINFO: 251 if (optlen < sizeof(int)) 252 goto e_inval; 253 np->rxopt.bits.rxoinfo = valbool; 254 retv = 0; 255 break; 256 257 case IPV6_RECVHOPLIMIT: 258 if (optlen < sizeof(int)) 259 goto e_inval; 260 np->rxopt.bits.rxhlim = valbool; 261 retv = 0; 262 break; 263 264 case IPV6_2292HOPLIMIT: 265 if (optlen < sizeof(int)) 266 goto e_inval; 267 np->rxopt.bits.rxohlim = valbool; 268 retv = 0; 269 break; 270 271 case IPV6_RECVRTHDR: 272 if (optlen < sizeof(int)) 273 goto e_inval; 274 np->rxopt.bits.srcrt = valbool; 275 retv = 0; 276 break; 277 278 case IPV6_2292RTHDR: 279 if (optlen < sizeof(int)) 280 goto e_inval; 281 np->rxopt.bits.osrcrt = valbool; 282 retv = 0; 283 break; 284 285 case IPV6_RECVHOPOPTS: 286 if (optlen < sizeof(int)) 287 goto e_inval; 288 np->rxopt.bits.hopopts = valbool; 289 retv = 0; 290 break; 291 292 case IPV6_2292HOPOPTS: 293 if (optlen < sizeof(int)) 294 goto e_inval; 295 np->rxopt.bits.ohopopts = valbool; 296 retv = 0; 297 break; 298 299 case IPV6_RECVDSTOPTS: 300 if (optlen < sizeof(int)) 301 goto e_inval; 302 np->rxopt.bits.dstopts = valbool; 303 retv = 0; 304 break; 305 306 case IPV6_2292DSTOPTS: 307 if (optlen < sizeof(int)) 308 goto e_inval; 309 np->rxopt.bits.odstopts = valbool; 310 retv = 0; 311 break; 312 313 case IPV6_TCLASS: 314 if (optlen < sizeof(int)) 315 goto e_inval; 316 if (val < -1 || val > 0xff) 317 goto e_inval; 318 /* RFC 3542, 6.5: default traffic class of 0x0 */ 319 if (val == -1) 320 val = 0; 321 np->tclass = val; 322 retv = 0; 323 break; 324 325 case IPV6_RECVTCLASS: 326 if (optlen < sizeof(int)) 327 goto e_inval; 328 np->rxopt.bits.rxtclass = valbool; 329 retv = 0; 330 break; 331 332 case IPV6_FLOWINFO: 333 if (optlen < sizeof(int)) 334 goto e_inval; 335 np->rxopt.bits.rxflow = valbool; 336 retv = 0; 337 break; 338 339 case IPV6_HOPOPTS: 340 case IPV6_RTHDRDSTOPTS: 341 case IPV6_RTHDR: 342 case IPV6_DSTOPTS: 343 { 344 struct ipv6_txoptions *opt; 345 346 /* remove any sticky options header with a zero option 347 * length, per RFC3542. 348 */ 349 if (optlen == 0) 350 optval = NULL; 351 else if (optval == NULL) 352 goto e_inval; 353 else if (optlen < sizeof(struct ipv6_opt_hdr) || 354 optlen & 0x7 || optlen > 8 * 255) 355 goto e_inval; 356 357 /* hop-by-hop / destination options are privileged option */ 358 retv = -EPERM; 359 if (optname != IPV6_RTHDR && !capable(CAP_NET_RAW)) 360 break; 361 362 opt = ipv6_renew_options(sk, np->opt, optname, 363 (struct ipv6_opt_hdr __user *)optval, 364 optlen); 365 if (IS_ERR(opt)) { 366 retv = PTR_ERR(opt); 367 break; 368 } 369 370 /* routing header option needs extra check */ 371 retv = -EINVAL; 372 if (optname == IPV6_RTHDR && opt && opt->srcrt) { 373 struct ipv6_rt_hdr *rthdr = opt->srcrt; 374 switch (rthdr->type) { 375 #if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE) 376 case IPV6_SRCRT_TYPE_2: 377 if (rthdr->hdrlen != 2 || 378 rthdr->segments_left != 1) 379 goto sticky_done; 380 381 break; 382 #endif 383 default: 384 goto sticky_done; 385 } 386 } 387 388 retv = 0; 389 opt = ipv6_update_options(sk, opt); 390 sticky_done: 391 if (opt) 392 sock_kfree_s(sk, opt, opt->tot_len); 393 break; 394 } 395 396 case IPV6_PKTINFO: 397 { 398 struct in6_pktinfo pkt; 399 400 if (optlen == 0) 401 goto e_inval; 402 else if (optlen < sizeof(struct in6_pktinfo) || optval == NULL) 403 goto e_inval; 404 405 if (copy_from_user(&pkt, optval, sizeof(struct in6_pktinfo))) { 406 retv = -EFAULT; 407 break; 408 } 409 if (sk->sk_bound_dev_if && pkt.ipi6_ifindex != sk->sk_bound_dev_if) 410 goto e_inval; 411 412 np->sticky_pktinfo.ipi6_ifindex = pkt.ipi6_ifindex; 413 ipv6_addr_copy(&np->sticky_pktinfo.ipi6_addr, &pkt.ipi6_addr); 414 retv = 0; 415 break; 416 } 417 418 case IPV6_2292PKTOPTIONS: 419 { 420 struct ipv6_txoptions *opt = NULL; 421 struct msghdr msg; 422 struct flowi fl; 423 int junk; 424 425 fl.fl6_flowlabel = 0; 426 fl.oif = sk->sk_bound_dev_if; 427 428 if (optlen == 0) 429 goto update; 430 431 /* 1K is probably excessive 432 * 1K is surely not enough, 2K per standard header is 16K. 433 */ 434 retv = -EINVAL; 435 if (optlen > 64*1024) 436 break; 437 438 opt = sock_kmalloc(sk, sizeof(*opt) + optlen, GFP_KERNEL); 439 retv = -ENOBUFS; 440 if (opt == NULL) 441 break; 442 443 memset(opt, 0, sizeof(*opt)); 444 opt->tot_len = sizeof(*opt) + optlen; 445 retv = -EFAULT; 446 if (copy_from_user(opt+1, optval, optlen)) 447 goto done; 448 449 msg.msg_controllen = optlen; 450 msg.msg_control = (void*)(opt+1); 451 452 retv = datagram_send_ctl(net, &msg, &fl, opt, &junk, &junk); 453 if (retv) 454 goto done; 455 update: 456 retv = 0; 457 opt = ipv6_update_options(sk, opt); 458 done: 459 if (opt) 460 sock_kfree_s(sk, opt, opt->tot_len); 461 break; 462 } 463 case IPV6_UNICAST_HOPS: 464 if (optlen < sizeof(int)) 465 goto e_inval; 466 if (val > 255 || val < -1) 467 goto e_inval; 468 np->hop_limit = val; 469 retv = 0; 470 break; 471 472 case IPV6_MULTICAST_HOPS: 473 if (sk->sk_type == SOCK_STREAM) 474 break; 475 if (optlen < sizeof(int)) 476 goto e_inval; 477 if (val > 255 || val < -1) 478 goto e_inval; 479 np->mcast_hops = val; 480 retv = 0; 481 break; 482 483 case IPV6_MULTICAST_LOOP: 484 if (optlen < sizeof(int)) 485 goto e_inval; 486 if (val != valbool) 487 goto e_inval; 488 np->mc_loop = valbool; 489 retv = 0; 490 break; 491 492 case IPV6_MULTICAST_IF: 493 if (sk->sk_type == SOCK_STREAM) 494 break; 495 if (optlen < sizeof(int)) 496 goto e_inval; 497 498 if (val) { 499 if (sk->sk_bound_dev_if && sk->sk_bound_dev_if != val) 500 goto e_inval; 501 502 if (__dev_get_by_index(net, val) == NULL) { 503 retv = -ENODEV; 504 break; 505 } 506 } 507 np->mcast_oif = val; 508 retv = 0; 509 break; 510 case IPV6_ADD_MEMBERSHIP: 511 case IPV6_DROP_MEMBERSHIP: 512 { 513 struct ipv6_mreq mreq; 514 515 if (optlen < sizeof(struct ipv6_mreq)) 516 goto e_inval; 517 518 retv = -EPROTO; 519 if (inet_sk(sk)->is_icsk) 520 break; 521 522 retv = -EFAULT; 523 if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq))) 524 break; 525 526 if (optname == IPV6_ADD_MEMBERSHIP) 527 retv = ipv6_sock_mc_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr); 528 else 529 retv = ipv6_sock_mc_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr); 530 break; 531 } 532 case IPV6_JOIN_ANYCAST: 533 case IPV6_LEAVE_ANYCAST: 534 { 535 struct ipv6_mreq mreq; 536 537 if (optlen < sizeof(struct ipv6_mreq)) 538 goto e_inval; 539 540 retv = -EFAULT; 541 if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq))) 542 break; 543 544 if (optname == IPV6_JOIN_ANYCAST) 545 retv = ipv6_sock_ac_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr); 546 else 547 retv = ipv6_sock_ac_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr); 548 break; 549 } 550 case MCAST_JOIN_GROUP: 551 case MCAST_LEAVE_GROUP: 552 { 553 struct group_req greq; 554 struct sockaddr_in6 *psin6; 555 556 if (optlen < sizeof(struct group_req)) 557 goto e_inval; 558 559 retv = -EFAULT; 560 if (copy_from_user(&greq, optval, sizeof(struct group_req))) 561 break; 562 if (greq.gr_group.ss_family != AF_INET6) { 563 retv = -EADDRNOTAVAIL; 564 break; 565 } 566 psin6 = (struct sockaddr_in6 *)&greq.gr_group; 567 if (optname == MCAST_JOIN_GROUP) 568 retv = ipv6_sock_mc_join(sk, greq.gr_interface, 569 &psin6->sin6_addr); 570 else 571 retv = ipv6_sock_mc_drop(sk, greq.gr_interface, 572 &psin6->sin6_addr); 573 break; 574 } 575 case MCAST_JOIN_SOURCE_GROUP: 576 case MCAST_LEAVE_SOURCE_GROUP: 577 case MCAST_BLOCK_SOURCE: 578 case MCAST_UNBLOCK_SOURCE: 579 { 580 struct group_source_req greqs; 581 int omode, add; 582 583 if (optlen < sizeof(struct group_source_req)) 584 goto e_inval; 585 if (copy_from_user(&greqs, optval, sizeof(greqs))) { 586 retv = -EFAULT; 587 break; 588 } 589 if (greqs.gsr_group.ss_family != AF_INET6 || 590 greqs.gsr_source.ss_family != AF_INET6) { 591 retv = -EADDRNOTAVAIL; 592 break; 593 } 594 if (optname == MCAST_BLOCK_SOURCE) { 595 omode = MCAST_EXCLUDE; 596 add = 1; 597 } else if (optname == MCAST_UNBLOCK_SOURCE) { 598 omode = MCAST_EXCLUDE; 599 add = 0; 600 } else if (optname == MCAST_JOIN_SOURCE_GROUP) { 601 struct sockaddr_in6 *psin6; 602 603 psin6 = (struct sockaddr_in6 *)&greqs.gsr_group; 604 retv = ipv6_sock_mc_join(sk, greqs.gsr_interface, 605 &psin6->sin6_addr); 606 /* prior join w/ different source is ok */ 607 if (retv && retv != -EADDRINUSE) 608 break; 609 omode = MCAST_INCLUDE; 610 add = 1; 611 } else /* MCAST_LEAVE_SOURCE_GROUP */ { 612 omode = MCAST_INCLUDE; 613 add = 0; 614 } 615 retv = ip6_mc_source(add, omode, sk, &greqs); 616 break; 617 } 618 case MCAST_MSFILTER: 619 { 620 extern int sysctl_mld_max_msf; 621 struct group_filter *gsf; 622 623 if (optlen < GROUP_FILTER_SIZE(0)) 624 goto e_inval; 625 if (optlen > sysctl_optmem_max) { 626 retv = -ENOBUFS; 627 break; 628 } 629 gsf = kmalloc(optlen,GFP_KERNEL); 630 if (!gsf) { 631 retv = -ENOBUFS; 632 break; 633 } 634 retv = -EFAULT; 635 if (copy_from_user(gsf, optval, optlen)) { 636 kfree(gsf); 637 break; 638 } 639 /* numsrc >= (4G-140)/128 overflow in 32 bits */ 640 if (gsf->gf_numsrc >= 0x1ffffffU || 641 gsf->gf_numsrc > sysctl_mld_max_msf) { 642 kfree(gsf); 643 retv = -ENOBUFS; 644 break; 645 } 646 if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) { 647 kfree(gsf); 648 retv = -EINVAL; 649 break; 650 } 651 retv = ip6_mc_msfilter(sk, gsf); 652 kfree(gsf); 653 654 break; 655 } 656 case IPV6_ROUTER_ALERT: 657 if (optlen < sizeof(int)) 658 goto e_inval; 659 retv = ip6_ra_control(sk, val); 660 break; 661 case IPV6_MTU_DISCOVER: 662 if (optlen < sizeof(int)) 663 goto e_inval; 664 if (val<0 || val>3) 665 goto e_inval; 666 np->pmtudisc = val; 667 retv = 0; 668 break; 669 case IPV6_MTU: 670 if (optlen < sizeof(int)) 671 goto e_inval; 672 if (val && val < IPV6_MIN_MTU) 673 goto e_inval; 674 np->frag_size = val; 675 retv = 0; 676 break; 677 case IPV6_RECVERR: 678 if (optlen < sizeof(int)) 679 goto e_inval; 680 np->recverr = valbool; 681 if (!val) 682 skb_queue_purge(&sk->sk_error_queue); 683 retv = 0; 684 break; 685 case IPV6_FLOWINFO_SEND: 686 if (optlen < sizeof(int)) 687 goto e_inval; 688 np->sndflow = valbool; 689 retv = 0; 690 break; 691 case IPV6_FLOWLABEL_MGR: 692 retv = ipv6_flowlabel_opt(sk, optval, optlen); 693 break; 694 case IPV6_IPSEC_POLICY: 695 case IPV6_XFRM_POLICY: 696 retv = -EPERM; 697 if (!capable(CAP_NET_ADMIN)) 698 break; 699 retv = xfrm_user_policy(sk, optname, optval, optlen); 700 break; 701 702 case IPV6_ADDR_PREFERENCES: 703 { 704 unsigned int pref = 0; 705 unsigned int prefmask = ~0; 706 707 if (optlen < sizeof(int)) 708 goto e_inval; 709 710 retv = -EINVAL; 711 712 /* check PUBLIC/TMP/PUBTMP_DEFAULT conflicts */ 713 switch (val & (IPV6_PREFER_SRC_PUBLIC| 714 IPV6_PREFER_SRC_TMP| 715 IPV6_PREFER_SRC_PUBTMP_DEFAULT)) { 716 case IPV6_PREFER_SRC_PUBLIC: 717 pref |= IPV6_PREFER_SRC_PUBLIC; 718 break; 719 case IPV6_PREFER_SRC_TMP: 720 pref |= IPV6_PREFER_SRC_TMP; 721 break; 722 case IPV6_PREFER_SRC_PUBTMP_DEFAULT: 723 break; 724 case 0: 725 goto pref_skip_pubtmp; 726 default: 727 goto e_inval; 728 } 729 730 prefmask &= ~(IPV6_PREFER_SRC_PUBLIC| 731 IPV6_PREFER_SRC_TMP); 732 pref_skip_pubtmp: 733 734 /* check HOME/COA conflicts */ 735 switch (val & (IPV6_PREFER_SRC_HOME|IPV6_PREFER_SRC_COA)) { 736 case IPV6_PREFER_SRC_HOME: 737 break; 738 case IPV6_PREFER_SRC_COA: 739 pref |= IPV6_PREFER_SRC_COA; 740 case 0: 741 goto pref_skip_coa; 742 default: 743 goto e_inval; 744 } 745 746 prefmask &= ~IPV6_PREFER_SRC_COA; 747 pref_skip_coa: 748 749 /* check CGA/NONCGA conflicts */ 750 switch (val & (IPV6_PREFER_SRC_CGA|IPV6_PREFER_SRC_NONCGA)) { 751 case IPV6_PREFER_SRC_CGA: 752 case IPV6_PREFER_SRC_NONCGA: 753 case 0: 754 break; 755 default: 756 goto e_inval; 757 } 758 759 np->srcprefs = (np->srcprefs & prefmask) | pref; 760 retv = 0; 761 762 break; 763 } 764 } 765 766 release_sock(sk); 767 768 return retv; 769 770 e_inval: 771 release_sock(sk); 772 return -EINVAL; 773 } 774 775 int ipv6_setsockopt(struct sock *sk, int level, int optname, 776 char __user *optval, unsigned int optlen) 777 { 778 int err; 779 780 if (level == SOL_IP && sk->sk_type != SOCK_RAW) 781 return udp_prot.setsockopt(sk, level, optname, optval, optlen); 782 783 if (level != SOL_IPV6) 784 return -ENOPROTOOPT; 785 786 err = do_ipv6_setsockopt(sk, level, optname, optval, optlen); 787 #ifdef CONFIG_NETFILTER 788 /* we need to exclude all possible ENOPROTOOPTs except default case */ 789 if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY && 790 optname != IPV6_XFRM_POLICY) { 791 lock_sock(sk); 792 err = nf_setsockopt(sk, PF_INET6, optname, optval, 793 optlen); 794 release_sock(sk); 795 } 796 #endif 797 return err; 798 } 799 800 EXPORT_SYMBOL(ipv6_setsockopt); 801 802 #ifdef CONFIG_COMPAT 803 int compat_ipv6_setsockopt(struct sock *sk, int level, int optname, 804 char __user *optval, unsigned int optlen) 805 { 806 int err; 807 808 if (level == SOL_IP && sk->sk_type != SOCK_RAW) { 809 if (udp_prot.compat_setsockopt != NULL) 810 return udp_prot.compat_setsockopt(sk, level, optname, 811 optval, optlen); 812 return udp_prot.setsockopt(sk, level, optname, optval, optlen); 813 } 814 815 if (level != SOL_IPV6) 816 return -ENOPROTOOPT; 817 818 if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER) 819 return compat_mc_setsockopt(sk, level, optname, optval, optlen, 820 ipv6_setsockopt); 821 822 err = do_ipv6_setsockopt(sk, level, optname, optval, optlen); 823 #ifdef CONFIG_NETFILTER 824 /* we need to exclude all possible ENOPROTOOPTs except default case */ 825 if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY && 826 optname != IPV6_XFRM_POLICY) { 827 lock_sock(sk); 828 err = compat_nf_setsockopt(sk, PF_INET6, optname, 829 optval, optlen); 830 release_sock(sk); 831 } 832 #endif 833 return err; 834 } 835 836 EXPORT_SYMBOL(compat_ipv6_setsockopt); 837 #endif 838 839 static int ipv6_getsockopt_sticky(struct sock *sk, struct ipv6_txoptions *opt, 840 int optname, char __user *optval, int len) 841 { 842 struct ipv6_opt_hdr *hdr; 843 844 if (!opt) 845 return 0; 846 847 switch(optname) { 848 case IPV6_HOPOPTS: 849 hdr = opt->hopopt; 850 break; 851 case IPV6_RTHDRDSTOPTS: 852 hdr = opt->dst0opt; 853 break; 854 case IPV6_RTHDR: 855 hdr = (struct ipv6_opt_hdr *)opt->srcrt; 856 break; 857 case IPV6_DSTOPTS: 858 hdr = opt->dst1opt; 859 break; 860 default: 861 return -EINVAL; /* should not happen */ 862 } 863 864 if (!hdr) 865 return 0; 866 867 len = min_t(unsigned int, len, ipv6_optlen(hdr)); 868 if (copy_to_user(optval, hdr, len)) 869 return -EFAULT; 870 return len; 871 } 872 873 static int do_ipv6_getsockopt(struct sock *sk, int level, int optname, 874 char __user *optval, int __user *optlen) 875 { 876 struct ipv6_pinfo *np = inet6_sk(sk); 877 int len; 878 int val; 879 880 if (ip6_mroute_opt(optname)) 881 return ip6_mroute_getsockopt(sk, optname, optval, optlen); 882 883 if (get_user(len, optlen)) 884 return -EFAULT; 885 switch (optname) { 886 case IPV6_ADDRFORM: 887 if (sk->sk_protocol != IPPROTO_UDP && 888 sk->sk_protocol != IPPROTO_UDPLITE && 889 sk->sk_protocol != IPPROTO_TCP) 890 return -ENOPROTOOPT; 891 if (sk->sk_state != TCP_ESTABLISHED) 892 return -ENOTCONN; 893 val = sk->sk_family; 894 break; 895 case MCAST_MSFILTER: 896 { 897 struct group_filter gsf; 898 int err; 899 900 if (len < GROUP_FILTER_SIZE(0)) 901 return -EINVAL; 902 if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0))) 903 return -EFAULT; 904 if (gsf.gf_group.ss_family != AF_INET6) 905 return -EADDRNOTAVAIL; 906 lock_sock(sk); 907 err = ip6_mc_msfget(sk, &gsf, 908 (struct group_filter __user *)optval, optlen); 909 release_sock(sk); 910 return err; 911 } 912 913 case IPV6_2292PKTOPTIONS: 914 { 915 struct msghdr msg; 916 struct sk_buff *skb; 917 918 if (sk->sk_type != SOCK_STREAM) 919 return -ENOPROTOOPT; 920 921 msg.msg_control = optval; 922 msg.msg_controllen = len; 923 msg.msg_flags = 0; 924 925 lock_sock(sk); 926 skb = np->pktoptions; 927 if (skb) 928 atomic_inc(&skb->users); 929 release_sock(sk); 930 931 if (skb) { 932 int err = datagram_recv_ctl(sk, &msg, skb); 933 kfree_skb(skb); 934 if (err) 935 return err; 936 } else { 937 if (np->rxopt.bits.rxinfo) { 938 struct in6_pktinfo src_info; 939 src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif : 940 np->sticky_pktinfo.ipi6_ifindex; 941 np->mcast_oif? ipv6_addr_copy(&src_info.ipi6_addr, &np->daddr) : 942 ipv6_addr_copy(&src_info.ipi6_addr, &(np->sticky_pktinfo.ipi6_addr)); 943 put_cmsg(&msg, SOL_IPV6, IPV6_PKTINFO, sizeof(src_info), &src_info); 944 } 945 if (np->rxopt.bits.rxhlim) { 946 int hlim = np->mcast_hops; 947 put_cmsg(&msg, SOL_IPV6, IPV6_HOPLIMIT, sizeof(hlim), &hlim); 948 } 949 if (np->rxopt.bits.rxoinfo) { 950 struct in6_pktinfo src_info; 951 src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif : 952 np->sticky_pktinfo.ipi6_ifindex; 953 np->mcast_oif? ipv6_addr_copy(&src_info.ipi6_addr, &np->daddr) : 954 ipv6_addr_copy(&src_info.ipi6_addr, &(np->sticky_pktinfo.ipi6_addr)); 955 put_cmsg(&msg, SOL_IPV6, IPV6_2292PKTINFO, sizeof(src_info), &src_info); 956 } 957 if (np->rxopt.bits.rxohlim) { 958 int hlim = np->mcast_hops; 959 put_cmsg(&msg, SOL_IPV6, IPV6_2292HOPLIMIT, sizeof(hlim), &hlim); 960 } 961 } 962 len -= msg.msg_controllen; 963 return put_user(len, optlen); 964 } 965 case IPV6_MTU: 966 { 967 struct dst_entry *dst; 968 val = 0; 969 lock_sock(sk); 970 dst = sk_dst_get(sk); 971 if (dst) { 972 val = dst_mtu(dst); 973 dst_release(dst); 974 } 975 release_sock(sk); 976 if (!val) 977 return -ENOTCONN; 978 break; 979 } 980 981 case IPV6_V6ONLY: 982 val = np->ipv6only; 983 break; 984 985 case IPV6_RECVPKTINFO: 986 val = np->rxopt.bits.rxinfo; 987 break; 988 989 case IPV6_2292PKTINFO: 990 val = np->rxopt.bits.rxoinfo; 991 break; 992 993 case IPV6_RECVHOPLIMIT: 994 val = np->rxopt.bits.rxhlim; 995 break; 996 997 case IPV6_2292HOPLIMIT: 998 val = np->rxopt.bits.rxohlim; 999 break; 1000 1001 case IPV6_RECVRTHDR: 1002 val = np->rxopt.bits.srcrt; 1003 break; 1004 1005 case IPV6_2292RTHDR: 1006 val = np->rxopt.bits.osrcrt; 1007 break; 1008 1009 case IPV6_HOPOPTS: 1010 case IPV6_RTHDRDSTOPTS: 1011 case IPV6_RTHDR: 1012 case IPV6_DSTOPTS: 1013 { 1014 1015 lock_sock(sk); 1016 len = ipv6_getsockopt_sticky(sk, np->opt, 1017 optname, optval, len); 1018 release_sock(sk); 1019 /* check if ipv6_getsockopt_sticky() returns err code */ 1020 if (len < 0) 1021 return len; 1022 return put_user(len, optlen); 1023 } 1024 1025 case IPV6_RECVHOPOPTS: 1026 val = np->rxopt.bits.hopopts; 1027 break; 1028 1029 case IPV6_2292HOPOPTS: 1030 val = np->rxopt.bits.ohopopts; 1031 break; 1032 1033 case IPV6_RECVDSTOPTS: 1034 val = np->rxopt.bits.dstopts; 1035 break; 1036 1037 case IPV6_2292DSTOPTS: 1038 val = np->rxopt.bits.odstopts; 1039 break; 1040 1041 case IPV6_TCLASS: 1042 val = np->tclass; 1043 break; 1044 1045 case IPV6_RECVTCLASS: 1046 val = np->rxopt.bits.rxtclass; 1047 break; 1048 1049 case IPV6_FLOWINFO: 1050 val = np->rxopt.bits.rxflow; 1051 break; 1052 1053 case IPV6_UNICAST_HOPS: 1054 case IPV6_MULTICAST_HOPS: 1055 { 1056 struct dst_entry *dst; 1057 1058 if (optname == IPV6_UNICAST_HOPS) 1059 val = np->hop_limit; 1060 else 1061 val = np->mcast_hops; 1062 1063 dst = sk_dst_get(sk); 1064 if (dst) { 1065 if (val < 0) 1066 val = ip6_dst_hoplimit(dst); 1067 dst_release(dst); 1068 } 1069 if (val < 0) 1070 val = sock_net(sk)->ipv6.devconf_all->hop_limit; 1071 break; 1072 } 1073 1074 case IPV6_MULTICAST_LOOP: 1075 val = np->mc_loop; 1076 break; 1077 1078 case IPV6_MULTICAST_IF: 1079 val = np->mcast_oif; 1080 break; 1081 1082 case IPV6_MTU_DISCOVER: 1083 val = np->pmtudisc; 1084 break; 1085 1086 case IPV6_RECVERR: 1087 val = np->recverr; 1088 break; 1089 1090 case IPV6_FLOWINFO_SEND: 1091 val = np->sndflow; 1092 break; 1093 1094 case IPV6_ADDR_PREFERENCES: 1095 val = 0; 1096 1097 if (np->srcprefs & IPV6_PREFER_SRC_TMP) 1098 val |= IPV6_PREFER_SRC_TMP; 1099 else if (np->srcprefs & IPV6_PREFER_SRC_PUBLIC) 1100 val |= IPV6_PREFER_SRC_PUBLIC; 1101 else { 1102 /* XXX: should we return system default? */ 1103 val |= IPV6_PREFER_SRC_PUBTMP_DEFAULT; 1104 } 1105 1106 if (np->srcprefs & IPV6_PREFER_SRC_COA) 1107 val |= IPV6_PREFER_SRC_COA; 1108 else 1109 val |= IPV6_PREFER_SRC_HOME; 1110 break; 1111 1112 default: 1113 return -ENOPROTOOPT; 1114 } 1115 len = min_t(unsigned int, sizeof(int), len); 1116 if(put_user(len, optlen)) 1117 return -EFAULT; 1118 if(copy_to_user(optval,&val,len)) 1119 return -EFAULT; 1120 return 0; 1121 } 1122 1123 int ipv6_getsockopt(struct sock *sk, int level, int optname, 1124 char __user *optval, int __user *optlen) 1125 { 1126 int err; 1127 1128 if (level == SOL_IP && sk->sk_type != SOCK_RAW) 1129 return udp_prot.getsockopt(sk, level, optname, optval, optlen); 1130 1131 if(level != SOL_IPV6) 1132 return -ENOPROTOOPT; 1133 1134 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen); 1135 #ifdef CONFIG_NETFILTER 1136 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1137 if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) { 1138 int len; 1139 1140 if (get_user(len, optlen)) 1141 return -EFAULT; 1142 1143 lock_sock(sk); 1144 err = nf_getsockopt(sk, PF_INET6, optname, optval, 1145 &len); 1146 release_sock(sk); 1147 if (err >= 0) 1148 err = put_user(len, optlen); 1149 } 1150 #endif 1151 return err; 1152 } 1153 1154 EXPORT_SYMBOL(ipv6_getsockopt); 1155 1156 #ifdef CONFIG_COMPAT 1157 int compat_ipv6_getsockopt(struct sock *sk, int level, int optname, 1158 char __user *optval, int __user *optlen) 1159 { 1160 int err; 1161 1162 if (level == SOL_IP && sk->sk_type != SOCK_RAW) { 1163 if (udp_prot.compat_getsockopt != NULL) 1164 return udp_prot.compat_getsockopt(sk, level, optname, 1165 optval, optlen); 1166 return udp_prot.getsockopt(sk, level, optname, optval, optlen); 1167 } 1168 1169 if (level != SOL_IPV6) 1170 return -ENOPROTOOPT; 1171 1172 if (optname == MCAST_MSFILTER) 1173 return compat_mc_getsockopt(sk, level, optname, optval, optlen, 1174 ipv6_getsockopt); 1175 1176 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen); 1177 #ifdef CONFIG_NETFILTER 1178 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1179 if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) { 1180 int len; 1181 1182 if (get_user(len, optlen)) 1183 return -EFAULT; 1184 1185 lock_sock(sk); 1186 err = compat_nf_getsockopt(sk, PF_INET6, 1187 optname, optval, &len); 1188 release_sock(sk); 1189 if (err >= 0) 1190 err = put_user(len, optlen); 1191 } 1192 #endif 1193 return err; 1194 } 1195 1196 EXPORT_SYMBOL(compat_ipv6_getsockopt); 1197 #endif 1198 1199