1b2441318SGreg Kroah-Hartman // SPDX-License-Identifier: GPL-2.0 21da177e4SLinus Torvalds /* 31da177e4SLinus Torvalds * INET An implementation of the TCP/IP protocol suite for the LINUX 41da177e4SLinus Torvalds * operating system. INET is implemented using the BSD Socket 51da177e4SLinus Torvalds * interface as the means of communication with the user level. 61da177e4SLinus Torvalds * 71da177e4SLinus Torvalds * The IP to API glue. 81da177e4SLinus Torvalds * 91da177e4SLinus Torvalds * Authors: see ip.c 101da177e4SLinus Torvalds * 111da177e4SLinus Torvalds * Fixes: 121da177e4SLinus Torvalds * Many : Split from ip.c , see ip.c for history. 131da177e4SLinus Torvalds * Martin Mares : TOS setting fixed. 141da177e4SLinus Torvalds * Alan Cox : Fixed a couple of oopses in Martin's 151da177e4SLinus Torvalds * TOS tweaks. 161da177e4SLinus Torvalds * Mike McLagan : Routing by source 171da177e4SLinus Torvalds */ 181da177e4SLinus Torvalds 191da177e4SLinus Torvalds #include <linux/module.h> 201da177e4SLinus Torvalds #include <linux/types.h> 211da177e4SLinus Torvalds #include <linux/mm.h> 221da177e4SLinus Torvalds #include <linux/skbuff.h> 231da177e4SLinus Torvalds #include <linux/ip.h> 241da177e4SLinus Torvalds #include <linux/icmp.h> 2514c85021SArnaldo Carvalho de Melo #include <linux/inetdevice.h> 261da177e4SLinus Torvalds #include <linux/netdevice.h> 275a0e3ad6STejun Heo #include <linux/slab.h> 281da177e4SLinus Torvalds #include <net/sock.h> 291da177e4SLinus Torvalds #include <net/ip.h> 301da177e4SLinus Torvalds #include <net/icmp.h> 31d83d8461SArnaldo Carvalho de Melo #include <net/tcp_states.h> 321da177e4SLinus Torvalds #include <linux/udp.h> 331da177e4SLinus Torvalds #include <linux/igmp.h> 341da177e4SLinus Torvalds #include <linux/netfilter.h> 351da177e4SLinus Torvalds #include <linux/route.h> 361da177e4SLinus Torvalds #include <linux/mroute.h> 372c67e9acSMaciej Żenczykowski #include <net/inet_ecn.h> 381da177e4SLinus Torvalds #include <net/route.h> 391da177e4SLinus Torvalds #include <net/xfrm.h> 40dae50295SDavid L Stevens #include <net/compat.h> 41ad6f939aSTom Herbert #include <net/checksum.h> 42dfd56b8bSEric Dumazet #if IS_ENABLED(CONFIG_IPV6) 431da177e4SLinus Torvalds #include <net/transp_v6.h> 441da177e4SLinus Torvalds #endif 4535ebf65eSDavid S. Miller #include <net/ip_fib.h> 461da177e4SLinus Torvalds 471da177e4SLinus Torvalds #include <linux/errqueue.h> 487c0f6ba6SLinus Torvalds #include <linux/uaccess.h> 491da177e4SLinus Torvalds 50d2ba09c1SAlexei Starovoitov #include <linux/bpfilter.h> 51d2ba09c1SAlexei Starovoitov 521da177e4SLinus Torvalds /* 531da177e4SLinus Torvalds * SOL_IP control messages. 541da177e4SLinus Torvalds */ 551da177e4SLinus Torvalds 561da177e4SLinus Torvalds static void ip_cmsg_recv_pktinfo(struct msghdr *msg, struct sk_buff *skb) 571da177e4SLinus Torvalds { 58d826eb14SEric Dumazet struct in_pktinfo info = *PKTINFO_SKB_CB(skb); 591da177e4SLinus Torvalds 60eddc9ec5SArnaldo Carvalho de Melo info.ipi_addr.s_addr = ip_hdr(skb)->daddr; 611da177e4SLinus Torvalds 621da177e4SLinus Torvalds put_cmsg(msg, SOL_IP, IP_PKTINFO, sizeof(info), &info); 631da177e4SLinus Torvalds } 641da177e4SLinus Torvalds 651da177e4SLinus Torvalds static void ip_cmsg_recv_ttl(struct msghdr *msg, struct sk_buff *skb) 661da177e4SLinus Torvalds { 67eddc9ec5SArnaldo Carvalho de Melo int ttl = ip_hdr(skb)->ttl; 681da177e4SLinus Torvalds put_cmsg(msg, SOL_IP, IP_TTL, sizeof(int), &ttl); 691da177e4SLinus Torvalds } 701da177e4SLinus Torvalds 711da177e4SLinus Torvalds static void ip_cmsg_recv_tos(struct msghdr *msg, struct sk_buff *skb) 721da177e4SLinus Torvalds { 73eddc9ec5SArnaldo Carvalho de Melo put_cmsg(msg, SOL_IP, IP_TOS, 1, &ip_hdr(skb)->tos); 741da177e4SLinus Torvalds } 751da177e4SLinus Torvalds 761da177e4SLinus Torvalds static void ip_cmsg_recv_opts(struct msghdr *msg, struct sk_buff *skb) 771da177e4SLinus Torvalds { 781da177e4SLinus Torvalds if (IPCB(skb)->opt.optlen == 0) 791da177e4SLinus Torvalds return; 801da177e4SLinus Torvalds 81eddc9ec5SArnaldo Carvalho de Melo put_cmsg(msg, SOL_IP, IP_RECVOPTS, IPCB(skb)->opt.optlen, 82eddc9ec5SArnaldo Carvalho de Melo ip_hdr(skb) + 1); 831da177e4SLinus Torvalds } 841da177e4SLinus Torvalds 851da177e4SLinus Torvalds 8691ed1e66SPaolo Abeni static void ip_cmsg_recv_retopts(struct net *net, struct msghdr *msg, 8791ed1e66SPaolo Abeni struct sk_buff *skb) 881da177e4SLinus Torvalds { 891da177e4SLinus Torvalds unsigned char optbuf[sizeof(struct ip_options) + 40]; 901da177e4SLinus Torvalds struct ip_options *opt = (struct ip_options *)optbuf; 911da177e4SLinus Torvalds 921da177e4SLinus Torvalds if (IPCB(skb)->opt.optlen == 0) 931da177e4SLinus Torvalds return; 941da177e4SLinus Torvalds 9591ed1e66SPaolo Abeni if (ip_options_echo(net, opt, skb)) { 961da177e4SLinus Torvalds msg->msg_flags |= MSG_CTRUNC; 971da177e4SLinus Torvalds return; 981da177e4SLinus Torvalds } 991da177e4SLinus Torvalds ip_options_undo(opt); 1001da177e4SLinus Torvalds 1011da177e4SLinus Torvalds put_cmsg(msg, SOL_IP, IP_RETOPTS, opt->optlen, opt->__data); 1021da177e4SLinus Torvalds } 1031da177e4SLinus Torvalds 10470ecc248SWillem de Bruijn static void ip_cmsg_recv_fragsize(struct msghdr *msg, struct sk_buff *skb) 10570ecc248SWillem de Bruijn { 10670ecc248SWillem de Bruijn int val; 10770ecc248SWillem de Bruijn 10870ecc248SWillem de Bruijn if (IPCB(skb)->frag_max_size == 0) 10970ecc248SWillem de Bruijn return; 11070ecc248SWillem de Bruijn 11170ecc248SWillem de Bruijn val = IPCB(skb)->frag_max_size; 11270ecc248SWillem de Bruijn put_cmsg(msg, SOL_IP, IP_RECVFRAGSIZE, sizeof(val), &val); 11370ecc248SWillem de Bruijn } 11470ecc248SWillem de Bruijn 115ad6f939aSTom Herbert static void ip_cmsg_recv_checksum(struct msghdr *msg, struct sk_buff *skb, 11610df8e61SEric Dumazet int tlen, int offset) 117ad6f939aSTom Herbert { 118ad6f939aSTom Herbert __wsum csum = skb->csum; 119ad6f939aSTom Herbert 120ad6f939aSTom Herbert if (skb->ip_summed != CHECKSUM_COMPLETE) 121ad6f939aSTom Herbert return; 122ad6f939aSTom Herbert 123ca4ef457SPaolo Abeni if (offset != 0) { 124ca4ef457SPaolo Abeni int tend_off = skb_transport_offset(skb) + tlen; 125ca4ef457SPaolo Abeni csum = csum_sub(csum, skb_checksum(skb, tend_off, offset, 0)); 126ca4ef457SPaolo Abeni } 127ad6f939aSTom Herbert 128ad6f939aSTom Herbert put_cmsg(msg, SOL_IP, IP_CHECKSUM, sizeof(__wsum), &csum); 129ad6f939aSTom Herbert } 130ad6f939aSTom Herbert 1312c7946a7SCatherine Zhang static void ip_cmsg_recv_security(struct msghdr *msg, struct sk_buff *skb) 1322c7946a7SCatherine Zhang { 1332c7946a7SCatherine Zhang char *secdata; 134dc49c1f9SCatherine Zhang u32 seclen, secid; 1352c7946a7SCatherine Zhang int err; 1362c7946a7SCatherine Zhang 137dc49c1f9SCatherine Zhang err = security_socket_getpeersec_dgram(NULL, skb, &secid); 138dc49c1f9SCatherine Zhang if (err) 139dc49c1f9SCatherine Zhang return; 140dc49c1f9SCatherine Zhang 141dc49c1f9SCatherine Zhang err = security_secid_to_secctx(secid, &secdata, &seclen); 1422c7946a7SCatherine Zhang if (err) 1432c7946a7SCatherine Zhang return; 1442c7946a7SCatherine Zhang 1452c7946a7SCatherine Zhang put_cmsg(msg, SOL_IP, SCM_SECURITY, seclen, secdata); 146dc49c1f9SCatherine Zhang security_release_secctx(secdata, seclen); 1472c7946a7SCatherine Zhang } 1482c7946a7SCatherine Zhang 14921d1a161SHarvey Harrison static void ip_cmsg_recv_dstaddr(struct msghdr *msg, struct sk_buff *skb) 150e8b2dfe9SBalazs Scheidler { 1514a06fa67SWillem de Bruijn __be16 _ports[2], *ports; 152e8b2dfe9SBalazs Scheidler struct sockaddr_in sin; 153e8b2dfe9SBalazs Scheidler 154e8b2dfe9SBalazs Scheidler /* All current transport protocols have the port numbers in the 155e8b2dfe9SBalazs Scheidler * first four bytes of the transport header and this function is 156e8b2dfe9SBalazs Scheidler * written with this assumption in mind. 157e8b2dfe9SBalazs Scheidler */ 1584a06fa67SWillem de Bruijn ports = skb_header_pointer(skb, skb_transport_offset(skb), 1594a06fa67SWillem de Bruijn sizeof(_ports), &_ports); 1604a06fa67SWillem de Bruijn if (!ports) 1614a06fa67SWillem de Bruijn return; 162e8b2dfe9SBalazs Scheidler 163e8b2dfe9SBalazs Scheidler sin.sin_family = AF_INET; 16464199fc0SEric Dumazet sin.sin_addr.s_addr = ip_hdr(skb)->daddr; 165e8b2dfe9SBalazs Scheidler sin.sin_port = ports[1]; 166e8b2dfe9SBalazs Scheidler memset(sin.sin_zero, 0, sizeof(sin.sin_zero)); 167e8b2dfe9SBalazs Scheidler 168e8b2dfe9SBalazs Scheidler put_cmsg(msg, SOL_IP, IP_ORIGDSTADDR, sizeof(sin), &sin); 169e8b2dfe9SBalazs Scheidler } 1701da177e4SLinus Torvalds 171ad959036SPaolo Abeni void ip_cmsg_recv_offset(struct msghdr *msg, struct sock *sk, 172ad959036SPaolo Abeni struct sk_buff *skb, int tlen, int offset) 1731da177e4SLinus Torvalds { 174ad959036SPaolo Abeni struct inet_sock *inet = inet_sk(sk); 17595c96174SEric Dumazet unsigned int flags = inet->cmsg_flags; 1761da177e4SLinus Torvalds 1771da177e4SLinus Torvalds /* Ordered by supposed usage frequency */ 178c44d13d6STom Herbert if (flags & IP_CMSG_PKTINFO) { 1791da177e4SLinus Torvalds ip_cmsg_recv_pktinfo(msg, skb); 1801da177e4SLinus Torvalds 181c44d13d6STom Herbert flags &= ~IP_CMSG_PKTINFO; 182c44d13d6STom Herbert if (!flags) 183c44d13d6STom Herbert return; 184c44d13d6STom Herbert } 185c44d13d6STom Herbert 186c44d13d6STom Herbert if (flags & IP_CMSG_TTL) { 1871da177e4SLinus Torvalds ip_cmsg_recv_ttl(msg, skb); 1881da177e4SLinus Torvalds 189c44d13d6STom Herbert flags &= ~IP_CMSG_TTL; 190c44d13d6STom Herbert if (!flags) 191c44d13d6STom Herbert return; 192c44d13d6STom Herbert } 193c44d13d6STom Herbert 194c44d13d6STom Herbert if (flags & IP_CMSG_TOS) { 1951da177e4SLinus Torvalds ip_cmsg_recv_tos(msg, skb); 1961da177e4SLinus Torvalds 197c44d13d6STom Herbert flags &= ~IP_CMSG_TOS; 198c44d13d6STom Herbert if (!flags) 199c44d13d6STom Herbert return; 200c44d13d6STom Herbert } 201c44d13d6STom Herbert 202c44d13d6STom Herbert if (flags & IP_CMSG_RECVOPTS) { 2031da177e4SLinus Torvalds ip_cmsg_recv_opts(msg, skb); 2041da177e4SLinus Torvalds 205c44d13d6STom Herbert flags &= ~IP_CMSG_RECVOPTS; 206c44d13d6STom Herbert if (!flags) 207c44d13d6STom Herbert return; 208c44d13d6STom Herbert } 209c44d13d6STom Herbert 210c44d13d6STom Herbert if (flags & IP_CMSG_RETOPTS) { 21191ed1e66SPaolo Abeni ip_cmsg_recv_retopts(sock_net(sk), msg, skb); 2122c7946a7SCatherine Zhang 213c44d13d6STom Herbert flags &= ~IP_CMSG_RETOPTS; 214c44d13d6STom Herbert if (!flags) 215c44d13d6STom Herbert return; 216c44d13d6STom Herbert } 217c44d13d6STom Herbert 218c44d13d6STom Herbert if (flags & IP_CMSG_PASSSEC) { 2192c7946a7SCatherine Zhang ip_cmsg_recv_security(msg, skb); 220e8b2dfe9SBalazs Scheidler 221c44d13d6STom Herbert flags &= ~IP_CMSG_PASSSEC; 222c44d13d6STom Herbert if (!flags) 223e8b2dfe9SBalazs Scheidler return; 224c44d13d6STom Herbert } 225c44d13d6STom Herbert 226ad6f939aSTom Herbert if (flags & IP_CMSG_ORIGDSTADDR) { 227e8b2dfe9SBalazs Scheidler ip_cmsg_recv_dstaddr(msg, skb); 228e8b2dfe9SBalazs Scheidler 229ad6f939aSTom Herbert flags &= ~IP_CMSG_ORIGDSTADDR; 230ad6f939aSTom Herbert if (!flags) 231ad6f939aSTom Herbert return; 232ad6f939aSTom Herbert } 233ad6f939aSTom Herbert 234ad6f939aSTom Herbert if (flags & IP_CMSG_CHECKSUM) 23510df8e61SEric Dumazet ip_cmsg_recv_checksum(msg, skb, tlen, offset); 23670ecc248SWillem de Bruijn 23770ecc248SWillem de Bruijn if (flags & IP_CMSG_RECVFRAGSIZE) 23870ecc248SWillem de Bruijn ip_cmsg_recv_fragsize(msg, skb); 2391da177e4SLinus Torvalds } 2405961de9fSTom Herbert EXPORT_SYMBOL(ip_cmsg_recv_offset); 2411da177e4SLinus Torvalds 24224025c46SSoheil Hassas Yeganeh int ip_cmsg_send(struct sock *sk, struct msghdr *msg, struct ipcm_cookie *ipc, 243c8e6ad08SHannes Frederic Sowa bool allow_ipv6) 2441da177e4SLinus Torvalds { 245f02db315SFrancesco Fusco int err, val; 2461da177e4SLinus Torvalds struct cmsghdr *cmsg; 24724025c46SSoheil Hassas Yeganeh struct net *net = sock_net(sk); 2481da177e4SLinus Torvalds 249f95b414eSGu Zheng for_each_cmsghdr(cmsg, msg) { 2501da177e4SLinus Torvalds if (!CMSG_OK(msg, cmsg)) 2511da177e4SLinus Torvalds return -EINVAL; 2525337b5b7SEric Dumazet #if IS_ENABLED(CONFIG_IPV6) 253c8e6ad08SHannes Frederic Sowa if (allow_ipv6 && 254c8e6ad08SHannes Frederic Sowa cmsg->cmsg_level == SOL_IPV6 && 255c8e6ad08SHannes Frederic Sowa cmsg->cmsg_type == IPV6_PKTINFO) { 256c8e6ad08SHannes Frederic Sowa struct in6_pktinfo *src_info; 257c8e6ad08SHannes Frederic Sowa 258c8e6ad08SHannes Frederic Sowa if (cmsg->cmsg_len < CMSG_LEN(sizeof(*src_info))) 259c8e6ad08SHannes Frederic Sowa return -EINVAL; 260c8e6ad08SHannes Frederic Sowa src_info = (struct in6_pktinfo *)CMSG_DATA(cmsg); 261c8e6ad08SHannes Frederic Sowa if (!ipv6_addr_v4mapped(&src_info->ipi6_addr)) 262c8e6ad08SHannes Frederic Sowa return -EINVAL; 2631cbec076SDavid Ahern if (src_info->ipi6_ifindex) 264c8e6ad08SHannes Frederic Sowa ipc->oif = src_info->ipi6_ifindex; 265c8e6ad08SHannes Frederic Sowa ipc->addr = src_info->ipi6_addr.s6_addr32[3]; 266c8e6ad08SHannes Frederic Sowa continue; 267c8e6ad08SHannes Frederic Sowa } 268c8e6ad08SHannes Frederic Sowa #endif 26924025c46SSoheil Hassas Yeganeh if (cmsg->cmsg_level == SOL_SOCKET) { 2702632616bSEric Dumazet err = __sock_cmsg_send(sk, msg, cmsg, &ipc->sockc); 2712632616bSEric Dumazet if (err) 2722632616bSEric Dumazet return err; 27324025c46SSoheil Hassas Yeganeh continue; 27424025c46SSoheil Hassas Yeganeh } 27524025c46SSoheil Hassas Yeganeh 2761da177e4SLinus Torvalds if (cmsg->cmsg_level != SOL_IP) 2771da177e4SLinus Torvalds continue; 2781da177e4SLinus Torvalds switch (cmsg->cmsg_type) { 2791da177e4SLinus Torvalds case IP_RETOPTS: 2801ff8cebfSyuan linyu err = cmsg->cmsg_len - sizeof(struct cmsghdr); 28191948309SEric Dumazet 28291948309SEric Dumazet /* Our caller is responsible for freeing ipc->opt */ 283de40a3e8SChristoph Hellwig err = ip_options_get(net, &ipc->opt, 284de40a3e8SChristoph Hellwig KERNEL_SOCKPTR(CMSG_DATA(cmsg)), 2854d52cfbeSEric Dumazet err < 40 ? err : 40); 2861da177e4SLinus Torvalds if (err) 2871da177e4SLinus Torvalds return err; 2881da177e4SLinus Torvalds break; 2891da177e4SLinus Torvalds case IP_PKTINFO: 2901da177e4SLinus Torvalds { 2911da177e4SLinus Torvalds struct in_pktinfo *info; 2921da177e4SLinus Torvalds if (cmsg->cmsg_len != CMSG_LEN(sizeof(struct in_pktinfo))) 2931da177e4SLinus Torvalds return -EINVAL; 2941da177e4SLinus Torvalds info = (struct in_pktinfo *)CMSG_DATA(cmsg); 2951cbec076SDavid Ahern if (info->ipi_ifindex) 2961da177e4SLinus Torvalds ipc->oif = info->ipi_ifindex; 2971da177e4SLinus Torvalds ipc->addr = info->ipi_spec_dst.s_addr; 2981da177e4SLinus Torvalds break; 2991da177e4SLinus Torvalds } 300f02db315SFrancesco Fusco case IP_TTL: 301f02db315SFrancesco Fusco if (cmsg->cmsg_len != CMSG_LEN(sizeof(int))) 302f02db315SFrancesco Fusco return -EINVAL; 303f02db315SFrancesco Fusco val = *(int *)CMSG_DATA(cmsg); 304f02db315SFrancesco Fusco if (val < 1 || val > 255) 305f02db315SFrancesco Fusco return -EINVAL; 306f02db315SFrancesco Fusco ipc->ttl = val; 307f02db315SFrancesco Fusco break; 308f02db315SFrancesco Fusco case IP_TOS: 309e895cdceSEric Dumazet if (cmsg->cmsg_len == CMSG_LEN(sizeof(int))) 310f02db315SFrancesco Fusco val = *(int *)CMSG_DATA(cmsg); 311e895cdceSEric Dumazet else if (cmsg->cmsg_len == CMSG_LEN(sizeof(u8))) 312e895cdceSEric Dumazet val = *(u8 *)CMSG_DATA(cmsg); 313e895cdceSEric Dumazet else 314e895cdceSEric Dumazet return -EINVAL; 315f02db315SFrancesco Fusco if (val < 0 || val > 255) 316f02db315SFrancesco Fusco return -EINVAL; 317f02db315SFrancesco Fusco ipc->tos = val; 318f02db315SFrancesco Fusco ipc->priority = rt_tos2priority(ipc->tos); 319f02db315SFrancesco Fusco break; 320f02db315SFrancesco Fusco 3211da177e4SLinus Torvalds default: 3221da177e4SLinus Torvalds return -EINVAL; 3231da177e4SLinus Torvalds } 3241da177e4SLinus Torvalds } 3251da177e4SLinus Torvalds return 0; 3261da177e4SLinus Torvalds } 3271da177e4SLinus Torvalds 328592fcb9dSEric Dumazet static void ip_ra_destroy_rcu(struct rcu_head *head) 32966018506SEric Dumazet { 330592fcb9dSEric Dumazet struct ip_ra_chain *ra = container_of(head, struct ip_ra_chain, rcu); 331592fcb9dSEric Dumazet 332592fcb9dSEric Dumazet sock_put(ra->saved_sk); 333592fcb9dSEric Dumazet kfree(ra); 33466018506SEric Dumazet } 3351da177e4SLinus Torvalds 3364d52cfbeSEric Dumazet int ip_ra_control(struct sock *sk, unsigned char on, 3374d52cfbeSEric Dumazet void (*destructor)(struct sock *)) 3381da177e4SLinus Torvalds { 33943a951e9SEric Dumazet struct ip_ra_chain *ra, *new_ra; 34043a951e9SEric Dumazet struct ip_ra_chain __rcu **rap; 3415796ef75SKirill Tkhai struct net *net = sock_net(sk); 3421da177e4SLinus Torvalds 343c720c7e8SEric Dumazet if (sk->sk_type != SOCK_RAW || inet_sk(sk)->inet_num == IPPROTO_RAW) 3441da177e4SLinus Torvalds return -EINVAL; 3451da177e4SLinus Torvalds 3461da177e4SLinus Torvalds new_ra = on ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL; 347425aa0e1SGen Zhang if (on && !new_ra) 348425aa0e1SGen Zhang return -ENOMEM; 3491da177e4SLinus Torvalds 350d9ff3049SKirill Tkhai mutex_lock(&net->ipv4.ra_mutex); 3515796ef75SKirill Tkhai for (rap = &net->ipv4.ra_chain; 35276d3e153SKirill Tkhai (ra = rcu_dereference_protected(*rap, 353d9ff3049SKirill Tkhai lockdep_is_held(&net->ipv4.ra_mutex))) != NULL; 35443a951e9SEric Dumazet rap = &ra->next) { 3551da177e4SLinus Torvalds if (ra->sk == sk) { 3561da177e4SLinus Torvalds if (on) { 357d9ff3049SKirill Tkhai mutex_unlock(&net->ipv4.ra_mutex); 3581da177e4SLinus Torvalds kfree(new_ra); 3591da177e4SLinus Torvalds return -EADDRINUSE; 3601da177e4SLinus Torvalds } 361592fcb9dSEric Dumazet /* dont let ip_call_ra_chain() use sk again */ 362592fcb9dSEric Dumazet ra->sk = NULL; 3638e380f00SEric Dumazet RCU_INIT_POINTER(*rap, ra->next); 364d9ff3049SKirill Tkhai mutex_unlock(&net->ipv4.ra_mutex); 3651da177e4SLinus Torvalds 3661da177e4SLinus Torvalds if (ra->destructor) 3671da177e4SLinus Torvalds ra->destructor(sk); 368592fcb9dSEric Dumazet /* 369592fcb9dSEric Dumazet * Delay sock_put(sk) and kfree(ra) after one rcu grace 370592fcb9dSEric Dumazet * period. This guarantee ip_call_ra_chain() dont need 371592fcb9dSEric Dumazet * to mess with socket refcounts. 372592fcb9dSEric Dumazet */ 373592fcb9dSEric Dumazet ra->saved_sk = sk; 374592fcb9dSEric Dumazet call_rcu(&ra->rcu, ip_ra_destroy_rcu); 3751da177e4SLinus Torvalds return 0; 3761da177e4SLinus Torvalds } 3771da177e4SLinus Torvalds } 37876d3e153SKirill Tkhai if (!new_ra) { 379d9ff3049SKirill Tkhai mutex_unlock(&net->ipv4.ra_mutex); 3801da177e4SLinus Torvalds return -ENOBUFS; 38176d3e153SKirill Tkhai } 3821da177e4SLinus Torvalds new_ra->sk = sk; 3831da177e4SLinus Torvalds new_ra->destructor = destructor; 3841da177e4SLinus Torvalds 3858e380f00SEric Dumazet RCU_INIT_POINTER(new_ra->next, ra); 38666018506SEric Dumazet rcu_assign_pointer(*rap, new_ra); 3871da177e4SLinus Torvalds sock_hold(sk); 388d9ff3049SKirill Tkhai mutex_unlock(&net->ipv4.ra_mutex); 3891da177e4SLinus Torvalds 3901da177e4SLinus Torvalds return 0; 3911da177e4SLinus Torvalds } 3921da177e4SLinus Torvalds 393178c49d9SWillem de Bruijn static void ipv4_icmp_error_rfc4884(const struct sk_buff *skb, 394178c49d9SWillem de Bruijn struct sock_ee_data_rfc4884 *out) 395178c49d9SWillem de Bruijn { 396178c49d9SWillem de Bruijn switch (icmp_hdr(skb)->type) { 397178c49d9SWillem de Bruijn case ICMP_DEST_UNREACH: 398178c49d9SWillem de Bruijn case ICMP_TIME_EXCEEDED: 399178c49d9SWillem de Bruijn case ICMP_PARAMETERPROB: 400178c49d9SWillem de Bruijn ip_icmp_error_rfc4884(skb, out, sizeof(struct icmphdr), 401178c49d9SWillem de Bruijn icmp_hdr(skb)->un.reserved[1] * 4); 402178c49d9SWillem de Bruijn } 403178c49d9SWillem de Bruijn } 404178c49d9SWillem de Bruijn 4051da177e4SLinus Torvalds void ip_icmp_error(struct sock *sk, struct sk_buff *skb, int err, 40635986b32SAl Viro __be16 port, u32 info, u8 *payload) 4071da177e4SLinus Torvalds { 4081da177e4SLinus Torvalds struct sock_exterr_skb *serr; 4091da177e4SLinus Torvalds 4101da177e4SLinus Torvalds skb = skb_clone(skb, GFP_ATOMIC); 4111da177e4SLinus Torvalds if (!skb) 4121da177e4SLinus Torvalds return; 4131da177e4SLinus Torvalds 4141da177e4SLinus Torvalds serr = SKB_EXT_ERR(skb); 4151da177e4SLinus Torvalds serr->ee.ee_errno = err; 4161da177e4SLinus Torvalds serr->ee.ee_origin = SO_EE_ORIGIN_ICMP; 41788c7664fSArnaldo Carvalho de Melo serr->ee.ee_type = icmp_hdr(skb)->type; 41888c7664fSArnaldo Carvalho de Melo serr->ee.ee_code = icmp_hdr(skb)->code; 4191da177e4SLinus Torvalds serr->ee.ee_pad = 0; 4201da177e4SLinus Torvalds serr->ee.ee_info = info; 4211da177e4SLinus Torvalds serr->ee.ee_data = 0; 42288c7664fSArnaldo Carvalho de Melo serr->addr_offset = (u8 *)&(((struct iphdr *)(icmp_hdr(skb) + 1))->daddr) - 423d56f90a7SArnaldo Carvalho de Melo skb_network_header(skb); 4241da177e4SLinus Torvalds serr->port = port; 4251da177e4SLinus Torvalds 42600db4124SIan Morris if (skb_pull(skb, payload - skb->data)) { 427eba75c58SWillem de Bruijn if (inet_sk(sk)->recverr_rfc4884) 428178c49d9SWillem de Bruijn ipv4_icmp_error_rfc4884(skb, &serr->ee.ee_rfc4884); 429eba75c58SWillem de Bruijn 430bd82393cSArnaldo Carvalho de Melo skb_reset_transport_header(skb); 431bd82393cSArnaldo Carvalho de Melo if (sock_queue_err_skb(sk, skb) == 0) 432bd82393cSArnaldo Carvalho de Melo return; 433bd82393cSArnaldo Carvalho de Melo } 4341da177e4SLinus Torvalds kfree_skb(skb); 4351da177e4SLinus Torvalds } 4361da177e4SLinus Torvalds 4370579016eSAl Viro void ip_local_error(struct sock *sk, int err, __be32 daddr, __be16 port, u32 info) 4381da177e4SLinus Torvalds { 4391da177e4SLinus Torvalds struct inet_sock *inet = inet_sk(sk); 4401da177e4SLinus Torvalds struct sock_exterr_skb *serr; 4411da177e4SLinus Torvalds struct iphdr *iph; 4421da177e4SLinus Torvalds struct sk_buff *skb; 4431da177e4SLinus Torvalds 4441da177e4SLinus Torvalds if (!inet->recverr) 4451da177e4SLinus Torvalds return; 4461da177e4SLinus Torvalds 4471da177e4SLinus Torvalds skb = alloc_skb(sizeof(struct iphdr), GFP_ATOMIC); 4481da177e4SLinus Torvalds if (!skb) 4491da177e4SLinus Torvalds return; 4501da177e4SLinus Torvalds 4512ca9e6f2SArnaldo Carvalho de Melo skb_put(skb, sizeof(struct iphdr)); 4522ca9e6f2SArnaldo Carvalho de Melo skb_reset_network_header(skb); 453eddc9ec5SArnaldo Carvalho de Melo iph = ip_hdr(skb); 4541da177e4SLinus Torvalds iph->daddr = daddr; 4551da177e4SLinus Torvalds 4561da177e4SLinus Torvalds serr = SKB_EXT_ERR(skb); 4571da177e4SLinus Torvalds serr->ee.ee_errno = err; 4581da177e4SLinus Torvalds serr->ee.ee_origin = SO_EE_ORIGIN_LOCAL; 4591da177e4SLinus Torvalds serr->ee.ee_type = 0; 4601da177e4SLinus Torvalds serr->ee.ee_code = 0; 4611da177e4SLinus Torvalds serr->ee.ee_pad = 0; 4621da177e4SLinus Torvalds serr->ee.ee_info = info; 4631da177e4SLinus Torvalds serr->ee.ee_data = 0; 464d56f90a7SArnaldo Carvalho de Melo serr->addr_offset = (u8 *)&iph->daddr - skb_network_header(skb); 4651da177e4SLinus Torvalds serr->port = port; 4661da177e4SLinus Torvalds 46727a884dcSArnaldo Carvalho de Melo __skb_pull(skb, skb_tail_pointer(skb) - skb->data); 468bd82393cSArnaldo Carvalho de Melo skb_reset_transport_header(skb); 4691da177e4SLinus Torvalds 4701da177e4SLinus Torvalds if (sock_queue_err_skb(sk, skb)) 4711da177e4SLinus Torvalds kfree_skb(skb); 4721da177e4SLinus Torvalds } 4731da177e4SLinus Torvalds 47434b99df4SJulian Anastasov /* For some errors we have valid addr_offset even with zero payload and 47534b99df4SJulian Anastasov * zero port. Also, addr_offset should be supported if port is set. 47634b99df4SJulian Anastasov */ 47734b99df4SJulian Anastasov static inline bool ipv4_datagram_support_addr(struct sock_exterr_skb *serr) 47834b99df4SJulian Anastasov { 47934b99df4SJulian Anastasov return serr->ee.ee_origin == SO_EE_ORIGIN_ICMP || 48034b99df4SJulian Anastasov serr->ee.ee_origin == SO_EE_ORIGIN_LOCAL || serr->port; 48134b99df4SJulian Anastasov } 48234b99df4SJulian Anastasov 483c247f053SWillem de Bruijn /* IPv4 supports cmsg on all imcp errors and some timestamps 484c247f053SWillem de Bruijn * 485c247f053SWillem de Bruijn * Timestamp code paths do not initialize the fields expected by cmsg: 486c247f053SWillem de Bruijn * the PKTINFO fields in skb->cb[]. Fill those in here. 487c247f053SWillem de Bruijn */ 488c247f053SWillem de Bruijn static bool ipv4_datagram_support_cmsg(const struct sock *sk, 489c247f053SWillem de Bruijn struct sk_buff *skb, 490829ae9d6SWillem de Bruijn int ee_origin) 491829ae9d6SWillem de Bruijn { 492c247f053SWillem de Bruijn struct in_pktinfo *info; 493829ae9d6SWillem de Bruijn 494c247f053SWillem de Bruijn if (ee_origin == SO_EE_ORIGIN_ICMP) 495c247f053SWillem de Bruijn return true; 496c247f053SWillem de Bruijn 497c247f053SWillem de Bruijn if (ee_origin == SO_EE_ORIGIN_LOCAL) 498c247f053SWillem de Bruijn return false; 499c247f053SWillem de Bruijn 500c247f053SWillem de Bruijn /* Support IP_PKTINFO on tstamp packets if requested, to correlate 5011862d620SWillem de Bruijn * timestamp with egress dev. Not possible for packets without iif 502c247f053SWillem de Bruijn * or without payload (SOF_TIMESTAMPING_OPT_TSONLY). 503c247f053SWillem de Bruijn */ 5041862d620SWillem de Bruijn info = PKTINFO_SKB_CB(skb); 5051862d620SWillem de Bruijn if (!(sk->sk_tsflags & SOF_TIMESTAMPING_OPT_CMSG) || 5061862d620SWillem de Bruijn !info->ipi_ifindex) 507829ae9d6SWillem de Bruijn return false; 508829ae9d6SWillem de Bruijn 509829ae9d6SWillem de Bruijn info->ipi_spec_dst.s_addr = ip_hdr(skb)->saddr; 510829ae9d6SWillem de Bruijn return true; 511829ae9d6SWillem de Bruijn } 512829ae9d6SWillem de Bruijn 5131da177e4SLinus Torvalds /* 5141da177e4SLinus Torvalds * Handle MSG_ERRQUEUE 5151da177e4SLinus Torvalds */ 51685fbaa75SHannes Frederic Sowa int ip_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len) 5171da177e4SLinus Torvalds { 5181da177e4SLinus Torvalds struct sock_exterr_skb *serr; 519364a9e93SWillem de Bruijn struct sk_buff *skb; 520342dfc30SSteffen Hurrle DECLARE_SOCKADDR(struct sockaddr_in *, sin, msg->msg_name); 5211da177e4SLinus Torvalds struct { 5221da177e4SLinus Torvalds struct sock_extended_err ee; 5231da177e4SLinus Torvalds struct sockaddr_in offender; 5241da177e4SLinus Torvalds } errhdr; 5251da177e4SLinus Torvalds int err; 5261da177e4SLinus Torvalds int copied; 5271da177e4SLinus Torvalds 5281da177e4SLinus Torvalds err = -EAGAIN; 529364a9e93SWillem de Bruijn skb = sock_dequeue_err_skb(sk); 53051456b29SIan Morris if (!skb) 5311da177e4SLinus Torvalds goto out; 5321da177e4SLinus Torvalds 5331da177e4SLinus Torvalds copied = skb->len; 5341da177e4SLinus Torvalds if (copied > len) { 5351da177e4SLinus Torvalds msg->msg_flags |= MSG_TRUNC; 5361da177e4SLinus Torvalds copied = len; 5371da177e4SLinus Torvalds } 53851f3d02bSDavid S. Miller err = skb_copy_datagram_msg(skb, 0, msg, copied); 539960a2628SEric Dumazet if (unlikely(err)) { 540960a2628SEric Dumazet kfree_skb(skb); 541960a2628SEric Dumazet return err; 542960a2628SEric Dumazet } 5431da177e4SLinus Torvalds sock_recv_timestamp(msg, sk, skb); 5441da177e4SLinus Torvalds 5451da177e4SLinus Torvalds serr = SKB_EXT_ERR(skb); 5461da177e4SLinus Torvalds 54734b99df4SJulian Anastasov if (sin && ipv4_datagram_support_addr(serr)) { 5481da177e4SLinus Torvalds sin->sin_family = AF_INET; 549d56f90a7SArnaldo Carvalho de Melo sin->sin_addr.s_addr = *(__be32 *)(skb_network_header(skb) + 550d56f90a7SArnaldo Carvalho de Melo serr->addr_offset); 5511da177e4SLinus Torvalds sin->sin_port = serr->port; 5521da177e4SLinus Torvalds memset(&sin->sin_zero, 0, sizeof(sin->sin_zero)); 55385fbaa75SHannes Frederic Sowa *addr_len = sizeof(*sin); 5541da177e4SLinus Torvalds } 5551da177e4SLinus Torvalds 5561da177e4SLinus Torvalds memcpy(&errhdr.ee, &serr->ee, sizeof(struct sock_extended_err)); 5571da177e4SLinus Torvalds sin = &errhdr.offender; 558f812116bSWillem de Bruijn memset(sin, 0, sizeof(*sin)); 559829ae9d6SWillem de Bruijn 560c247f053SWillem de Bruijn if (ipv4_datagram_support_cmsg(sk, skb, serr->ee.ee_origin)) { 5611da177e4SLinus Torvalds sin->sin_family = AF_INET; 562eddc9ec5SArnaldo Carvalho de Melo sin->sin_addr.s_addr = ip_hdr(skb)->saddr; 563f812116bSWillem de Bruijn if (inet_sk(sk)->cmsg_flags) 5641da177e4SLinus Torvalds ip_cmsg_recv(msg, skb); 5651da177e4SLinus Torvalds } 5661da177e4SLinus Torvalds 5671da177e4SLinus Torvalds put_cmsg(msg, SOL_IP, IP_RECVERR, sizeof(errhdr), &errhdr); 5681da177e4SLinus Torvalds 5691da177e4SLinus Torvalds /* Now we could try to dump offended packet options */ 5701da177e4SLinus Torvalds 5711da177e4SLinus Torvalds msg->msg_flags |= MSG_ERRQUEUE; 5721da177e4SLinus Torvalds err = copied; 5731da177e4SLinus Torvalds 574960a2628SEric Dumazet consume_skb(skb); 5751da177e4SLinus Torvalds out: 5761da177e4SLinus Torvalds return err; 5771da177e4SLinus Torvalds } 5781da177e4SLinus Torvalds 5796ebf71baSChristoph Hellwig static void __ip_sock_set_tos(struct sock *sk, int val) 5806ebf71baSChristoph Hellwig { 5816ebf71baSChristoph Hellwig if (sk->sk_type == SOCK_STREAM) { 5826ebf71baSChristoph Hellwig val &= ~INET_ECN_MASK; 5836ebf71baSChristoph Hellwig val |= inet_sk(sk)->tos & INET_ECN_MASK; 5846ebf71baSChristoph Hellwig } 5856ebf71baSChristoph Hellwig if (inet_sk(sk)->tos != val) { 5866ebf71baSChristoph Hellwig inet_sk(sk)->tos = val; 5876ebf71baSChristoph Hellwig sk->sk_priority = rt_tos2priority(val); 5886ebf71baSChristoph Hellwig sk_dst_reset(sk); 5896ebf71baSChristoph Hellwig } 5906ebf71baSChristoph Hellwig } 5916ebf71baSChristoph Hellwig 5926ebf71baSChristoph Hellwig void ip_sock_set_tos(struct sock *sk, int val) 5936ebf71baSChristoph Hellwig { 5946ebf71baSChristoph Hellwig lock_sock(sk); 5956ebf71baSChristoph Hellwig __ip_sock_set_tos(sk, val); 5966ebf71baSChristoph Hellwig release_sock(sk); 5976ebf71baSChristoph Hellwig } 5986ebf71baSChristoph Hellwig EXPORT_SYMBOL(ip_sock_set_tos); 5991da177e4SLinus Torvalds 600c4e446bfSChristoph Hellwig void ip_sock_set_freebind(struct sock *sk) 601c4e446bfSChristoph Hellwig { 602c4e446bfSChristoph Hellwig lock_sock(sk); 603c4e446bfSChristoph Hellwig inet_sk(sk)->freebind = true; 604c4e446bfSChristoph Hellwig release_sock(sk); 605c4e446bfSChristoph Hellwig } 606c4e446bfSChristoph Hellwig EXPORT_SYMBOL(ip_sock_set_freebind); 607c4e446bfSChristoph Hellwig 608db45c0efSChristoph Hellwig void ip_sock_set_recverr(struct sock *sk) 609db45c0efSChristoph Hellwig { 610db45c0efSChristoph Hellwig lock_sock(sk); 611db45c0efSChristoph Hellwig inet_sk(sk)->recverr = true; 612db45c0efSChristoph Hellwig release_sock(sk); 613db45c0efSChristoph Hellwig } 614db45c0efSChristoph Hellwig EXPORT_SYMBOL(ip_sock_set_recverr); 615db45c0efSChristoph Hellwig 6162de569bdSChristoph Hellwig int ip_sock_set_mtu_discover(struct sock *sk, int val) 6172de569bdSChristoph Hellwig { 6182de569bdSChristoph Hellwig if (val < IP_PMTUDISC_DONT || val > IP_PMTUDISC_OMIT) 6192de569bdSChristoph Hellwig return -EINVAL; 6202de569bdSChristoph Hellwig lock_sock(sk); 6212de569bdSChristoph Hellwig inet_sk(sk)->pmtudisc = val; 6222de569bdSChristoph Hellwig release_sock(sk); 6232de569bdSChristoph Hellwig return 0; 6242de569bdSChristoph Hellwig } 6252de569bdSChristoph Hellwig EXPORT_SYMBOL(ip_sock_set_mtu_discover); 6262de569bdSChristoph Hellwig 627c1f9ec57SChristoph Hellwig void ip_sock_set_pktinfo(struct sock *sk) 628c1f9ec57SChristoph Hellwig { 629c1f9ec57SChristoph Hellwig lock_sock(sk); 630c1f9ec57SChristoph Hellwig inet_sk(sk)->cmsg_flags |= IP_CMSG_PKTINFO; 631c1f9ec57SChristoph Hellwig release_sock(sk); 632c1f9ec57SChristoph Hellwig } 633c1f9ec57SChristoph Hellwig EXPORT_SYMBOL(ip_sock_set_pktinfo); 634c1f9ec57SChristoph Hellwig 6351da177e4SLinus Torvalds /* 6364d52cfbeSEric Dumazet * Socket option code for IP. This is the end of the line after any 6374d52cfbeSEric Dumazet * TCP,UDP etc options on an IP socket. 6381da177e4SLinus Torvalds */ 639baf606d9SMarcelo Ricardo Leitner static bool setsockopt_needs_rtnl(int optname) 640baf606d9SMarcelo Ricardo Leitner { 641baf606d9SMarcelo Ricardo Leitner switch (optname) { 642baf606d9SMarcelo Ricardo Leitner case IP_ADD_MEMBERSHIP: 643baf606d9SMarcelo Ricardo Leitner case IP_ADD_SOURCE_MEMBERSHIP: 64454ff9ef3SMarcelo Ricardo Leitner case IP_BLOCK_SOURCE: 645baf606d9SMarcelo Ricardo Leitner case IP_DROP_MEMBERSHIP: 64654ff9ef3SMarcelo Ricardo Leitner case IP_DROP_SOURCE_MEMBERSHIP: 64754ff9ef3SMarcelo Ricardo Leitner case IP_MSFILTER: 64854ff9ef3SMarcelo Ricardo Leitner case IP_UNBLOCK_SOURCE: 64954ff9ef3SMarcelo Ricardo Leitner case MCAST_BLOCK_SOURCE: 65054ff9ef3SMarcelo Ricardo Leitner case MCAST_MSFILTER: 651baf606d9SMarcelo Ricardo Leitner case MCAST_JOIN_GROUP: 65254ff9ef3SMarcelo Ricardo Leitner case MCAST_JOIN_SOURCE_GROUP: 653baf606d9SMarcelo Ricardo Leitner case MCAST_LEAVE_GROUP: 65454ff9ef3SMarcelo Ricardo Leitner case MCAST_LEAVE_SOURCE_GROUP: 65554ff9ef3SMarcelo Ricardo Leitner case MCAST_UNBLOCK_SOURCE: 656baf606d9SMarcelo Ricardo Leitner return true; 657baf606d9SMarcelo Ricardo Leitner } 658baf606d9SMarcelo Ricardo Leitner return false; 659baf606d9SMarcelo Ricardo Leitner } 6601da177e4SLinus Torvalds 661e986d4daSAl Viro static int set_mcast_msfilter(struct sock *sk, int ifindex, 662e986d4daSAl Viro int numsrc, int fmode, 663e986d4daSAl Viro struct sockaddr_storage *group, 664e986d4daSAl Viro struct sockaddr_storage *list) 665e986d4daSAl Viro { 666e986d4daSAl Viro int msize = IP_MSFILTER_SIZE(numsrc); 667e986d4daSAl Viro struct ip_msfilter *msf; 668e986d4daSAl Viro struct sockaddr_in *psin; 669e986d4daSAl Viro int err, i; 670e986d4daSAl Viro 671e986d4daSAl Viro msf = kmalloc(msize, GFP_KERNEL); 672e986d4daSAl Viro if (!msf) 673e986d4daSAl Viro return -ENOBUFS; 674e986d4daSAl Viro 675e986d4daSAl Viro psin = (struct sockaddr_in *)group; 676e986d4daSAl Viro if (psin->sin_family != AF_INET) 677e986d4daSAl Viro goto Eaddrnotavail; 678e986d4daSAl Viro msf->imsf_multiaddr = psin->sin_addr.s_addr; 679e986d4daSAl Viro msf->imsf_interface = 0; 680e986d4daSAl Viro msf->imsf_fmode = fmode; 681e986d4daSAl Viro msf->imsf_numsrc = numsrc; 682e986d4daSAl Viro for (i = 0; i < numsrc; ++i) { 683e986d4daSAl Viro psin = (struct sockaddr_in *)&list[i]; 684e986d4daSAl Viro 685e986d4daSAl Viro if (psin->sin_family != AF_INET) 686e986d4daSAl Viro goto Eaddrnotavail; 687e986d4daSAl Viro msf->imsf_slist[i] = psin->sin_addr.s_addr; 688e986d4daSAl Viro } 689e986d4daSAl Viro err = ip_mc_msfilter(sk, msf, ifindex); 690e986d4daSAl Viro kfree(msf); 691e986d4daSAl Viro return err; 692e986d4daSAl Viro 693e986d4daSAl Viro Eaddrnotavail: 694e986d4daSAl Viro kfree(msf); 695e986d4daSAl Viro return -EADDRNOTAVAIL; 696e986d4daSAl Viro } 697e986d4daSAl Viro 69889654c5fSChristoph Hellwig static int copy_group_source_from_sockptr(struct group_source_req *greqs, 69989654c5fSChristoph Hellwig sockptr_t optval, int optlen) 7002bbf8c1eSAl Viro { 701b6238c04SChristoph Hellwig if (in_compat_syscall()) { 702b6238c04SChristoph Hellwig struct compat_group_source_req gr32; 703b6238c04SChristoph Hellwig 704b6238c04SChristoph Hellwig if (optlen != sizeof(gr32)) 705b6238c04SChristoph Hellwig return -EINVAL; 70689654c5fSChristoph Hellwig if (copy_from_sockptr(&gr32, optval, sizeof(gr32))) 707b6238c04SChristoph Hellwig return -EFAULT; 708b6238c04SChristoph Hellwig greqs->gsr_interface = gr32.gsr_interface; 709b6238c04SChristoph Hellwig greqs->gsr_group = gr32.gsr_group; 710b6238c04SChristoph Hellwig greqs->gsr_source = gr32.gsr_source; 711b6238c04SChristoph Hellwig } else { 712b6238c04SChristoph Hellwig if (optlen != sizeof(*greqs)) 713b6238c04SChristoph Hellwig return -EINVAL; 71489654c5fSChristoph Hellwig if (copy_from_sockptr(greqs, optval, sizeof(*greqs))) 715b6238c04SChristoph Hellwig return -EFAULT; 716b6238c04SChristoph Hellwig } 717b6238c04SChristoph Hellwig 718b6238c04SChristoph Hellwig return 0; 719b6238c04SChristoph Hellwig } 720b6238c04SChristoph Hellwig 721b6238c04SChristoph Hellwig static int do_mcast_group_source(struct sock *sk, int optname, 72289654c5fSChristoph Hellwig sockptr_t optval, int optlen) 723b6238c04SChristoph Hellwig { 724b6238c04SChristoph Hellwig struct group_source_req greqs; 7252bbf8c1eSAl Viro struct ip_mreq_source mreqs; 7262bbf8c1eSAl Viro struct sockaddr_in *psin; 7272bbf8c1eSAl Viro int omode, add, err; 7282bbf8c1eSAl Viro 72989654c5fSChristoph Hellwig err = copy_group_source_from_sockptr(&greqs, optval, optlen); 730b6238c04SChristoph Hellwig if (err) 731b6238c04SChristoph Hellwig return err; 732b6238c04SChristoph Hellwig 733b6238c04SChristoph Hellwig if (greqs.gsr_group.ss_family != AF_INET || 734b6238c04SChristoph Hellwig greqs.gsr_source.ss_family != AF_INET) 7352bbf8c1eSAl Viro return -EADDRNOTAVAIL; 7362bbf8c1eSAl Viro 737b6238c04SChristoph Hellwig psin = (struct sockaddr_in *)&greqs.gsr_group; 7382bbf8c1eSAl Viro mreqs.imr_multiaddr = psin->sin_addr.s_addr; 739b6238c04SChristoph Hellwig psin = (struct sockaddr_in *)&greqs.gsr_source; 7402bbf8c1eSAl Viro mreqs.imr_sourceaddr = psin->sin_addr.s_addr; 7412bbf8c1eSAl Viro mreqs.imr_interface = 0; /* use index for mc_source */ 7422bbf8c1eSAl Viro 7432bbf8c1eSAl Viro if (optname == MCAST_BLOCK_SOURCE) { 7442bbf8c1eSAl Viro omode = MCAST_EXCLUDE; 7452bbf8c1eSAl Viro add = 1; 7462bbf8c1eSAl Viro } else if (optname == MCAST_UNBLOCK_SOURCE) { 7472bbf8c1eSAl Viro omode = MCAST_EXCLUDE; 7482bbf8c1eSAl Viro add = 0; 7492bbf8c1eSAl Viro } else if (optname == MCAST_JOIN_SOURCE_GROUP) { 7502bbf8c1eSAl Viro struct ip_mreqn mreq; 7512bbf8c1eSAl Viro 752b6238c04SChristoph Hellwig psin = (struct sockaddr_in *)&greqs.gsr_group; 7532bbf8c1eSAl Viro mreq.imr_multiaddr = psin->sin_addr; 7542bbf8c1eSAl Viro mreq.imr_address.s_addr = 0; 755b6238c04SChristoph Hellwig mreq.imr_ifindex = greqs.gsr_interface; 7562bbf8c1eSAl Viro err = ip_mc_join_group_ssm(sk, &mreq, MCAST_INCLUDE); 7572bbf8c1eSAl Viro if (err && err != -EADDRINUSE) 7582bbf8c1eSAl Viro return err; 759b6238c04SChristoph Hellwig greqs.gsr_interface = mreq.imr_ifindex; 7602bbf8c1eSAl Viro omode = MCAST_INCLUDE; 7612bbf8c1eSAl Viro add = 1; 7622bbf8c1eSAl Viro } else /* MCAST_LEAVE_SOURCE_GROUP */ { 7632bbf8c1eSAl Viro omode = MCAST_INCLUDE; 7642bbf8c1eSAl Viro add = 0; 7652bbf8c1eSAl Viro } 766b6238c04SChristoph Hellwig return ip_mc_source(add, omode, sk, &mreqs, greqs.gsr_interface); 7672bbf8c1eSAl Viro } 7682bbf8c1eSAl Viro 76989654c5fSChristoph Hellwig static int ip_set_mcast_msfilter(struct sock *sk, sockptr_t optval, int optlen) 770d62c38f6SChristoph Hellwig { 771d62c38f6SChristoph Hellwig struct group_filter *gsf = NULL; 772d62c38f6SChristoph Hellwig int err; 773d62c38f6SChristoph Hellwig 774d62c38f6SChristoph Hellwig if (optlen < GROUP_FILTER_SIZE(0)) 775d62c38f6SChristoph Hellwig return -EINVAL; 776d62c38f6SChristoph Hellwig if (optlen > sysctl_optmem_max) 777d62c38f6SChristoph Hellwig return -ENOBUFS; 778d62c38f6SChristoph Hellwig 77989654c5fSChristoph Hellwig gsf = memdup_sockptr(optval, optlen); 780d62c38f6SChristoph Hellwig if (IS_ERR(gsf)) 781d62c38f6SChristoph Hellwig return PTR_ERR(gsf); 782d62c38f6SChristoph Hellwig 783d62c38f6SChristoph Hellwig /* numsrc >= (4G-140)/128 overflow in 32 bits */ 784d62c38f6SChristoph Hellwig err = -ENOBUFS; 785d62c38f6SChristoph Hellwig if (gsf->gf_numsrc >= 0x1ffffff || 786d62c38f6SChristoph Hellwig gsf->gf_numsrc > sock_net(sk)->ipv4.sysctl_igmp_max_msf) 787d62c38f6SChristoph Hellwig goto out_free_gsf; 788d62c38f6SChristoph Hellwig 789d62c38f6SChristoph Hellwig err = -EINVAL; 790d62c38f6SChristoph Hellwig if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) 791d62c38f6SChristoph Hellwig goto out_free_gsf; 792d62c38f6SChristoph Hellwig 793d62c38f6SChristoph Hellwig err = set_mcast_msfilter(sk, gsf->gf_interface, gsf->gf_numsrc, 794d62c38f6SChristoph Hellwig gsf->gf_fmode, &gsf->gf_group, gsf->gf_slist); 795d62c38f6SChristoph Hellwig out_free_gsf: 796d62c38f6SChristoph Hellwig kfree(gsf); 797d62c38f6SChristoph Hellwig return err; 798d62c38f6SChristoph Hellwig } 799d62c38f6SChristoph Hellwig 80089654c5fSChristoph Hellwig static int compat_ip_set_mcast_msfilter(struct sock *sk, sockptr_t optval, 801d62c38f6SChristoph Hellwig int optlen) 802d62c38f6SChristoph Hellwig { 803d62c38f6SChristoph Hellwig const int size0 = offsetof(struct compat_group_filter, gf_slist); 804d62c38f6SChristoph Hellwig struct compat_group_filter *gf32; 805d62c38f6SChristoph Hellwig unsigned int n; 806d62c38f6SChristoph Hellwig void *p; 807d62c38f6SChristoph Hellwig int err; 808d62c38f6SChristoph Hellwig 809d62c38f6SChristoph Hellwig if (optlen < size0) 810d62c38f6SChristoph Hellwig return -EINVAL; 811d62c38f6SChristoph Hellwig if (optlen > sysctl_optmem_max - 4) 812d62c38f6SChristoph Hellwig return -ENOBUFS; 813d62c38f6SChristoph Hellwig 814d62c38f6SChristoph Hellwig p = kmalloc(optlen + 4, GFP_KERNEL); 815d62c38f6SChristoph Hellwig if (!p) 816d62c38f6SChristoph Hellwig return -ENOMEM; 817d62c38f6SChristoph Hellwig gf32 = p + 4; /* we want ->gf_group and ->gf_slist aligned */ 818d62c38f6SChristoph Hellwig 819d62c38f6SChristoph Hellwig err = -EFAULT; 82089654c5fSChristoph Hellwig if (copy_from_sockptr(gf32, optval, optlen)) 821d62c38f6SChristoph Hellwig goto out_free_gsf; 822d62c38f6SChristoph Hellwig 823d62c38f6SChristoph Hellwig /* numsrc >= (4G-140)/128 overflow in 32 bits */ 824d62c38f6SChristoph Hellwig n = gf32->gf_numsrc; 825d62c38f6SChristoph Hellwig err = -ENOBUFS; 826d62c38f6SChristoph Hellwig if (n >= 0x1ffffff) 827d62c38f6SChristoph Hellwig goto out_free_gsf; 828d62c38f6SChristoph Hellwig 829d62c38f6SChristoph Hellwig err = -EINVAL; 830d62c38f6SChristoph Hellwig if (offsetof(struct compat_group_filter, gf_slist[n]) > optlen) 831d62c38f6SChristoph Hellwig goto out_free_gsf; 832d62c38f6SChristoph Hellwig 833d62c38f6SChristoph Hellwig /* numsrc >= (4G-140)/128 overflow in 32 bits */ 834d62c38f6SChristoph Hellwig err = -ENOBUFS; 835d62c38f6SChristoph Hellwig if (n > sock_net(sk)->ipv4.sysctl_igmp_max_msf) 836b6238c04SChristoph Hellwig goto out_free_gsf; 837d62c38f6SChristoph Hellwig err = set_mcast_msfilter(sk, gf32->gf_interface, n, gf32->gf_fmode, 838d62c38f6SChristoph Hellwig &gf32->gf_group, gf32->gf_slist); 839d62c38f6SChristoph Hellwig out_free_gsf: 840d62c38f6SChristoph Hellwig kfree(p); 841d62c38f6SChristoph Hellwig return err; 842d62c38f6SChristoph Hellwig } 843d62c38f6SChristoph Hellwig 84402caad7cSChristoph Hellwig static int ip_mcast_join_leave(struct sock *sk, int optname, 84589654c5fSChristoph Hellwig sockptr_t optval, int optlen) 84602caad7cSChristoph Hellwig { 84702caad7cSChristoph Hellwig struct ip_mreqn mreq = { }; 84802caad7cSChristoph Hellwig struct sockaddr_in *psin; 84902caad7cSChristoph Hellwig struct group_req greq; 85002caad7cSChristoph Hellwig 85102caad7cSChristoph Hellwig if (optlen < sizeof(struct group_req)) 85202caad7cSChristoph Hellwig return -EINVAL; 85389654c5fSChristoph Hellwig if (copy_from_sockptr(&greq, optval, sizeof(greq))) 85402caad7cSChristoph Hellwig return -EFAULT; 85502caad7cSChristoph Hellwig 85602caad7cSChristoph Hellwig psin = (struct sockaddr_in *)&greq.gr_group; 85702caad7cSChristoph Hellwig if (psin->sin_family != AF_INET) 85802caad7cSChristoph Hellwig return -EINVAL; 85902caad7cSChristoph Hellwig mreq.imr_multiaddr = psin->sin_addr; 86002caad7cSChristoph Hellwig mreq.imr_ifindex = greq.gr_interface; 86102caad7cSChristoph Hellwig if (optname == MCAST_JOIN_GROUP) 86202caad7cSChristoph Hellwig return ip_mc_join_group(sk, &mreq); 86302caad7cSChristoph Hellwig return ip_mc_leave_group(sk, &mreq); 86402caad7cSChristoph Hellwig } 86502caad7cSChristoph Hellwig 86602caad7cSChristoph Hellwig static int compat_ip_mcast_join_leave(struct sock *sk, int optname, 86789654c5fSChristoph Hellwig sockptr_t optval, int optlen) 86802caad7cSChristoph Hellwig { 86902caad7cSChristoph Hellwig struct compat_group_req greq; 87002caad7cSChristoph Hellwig struct ip_mreqn mreq = { }; 87102caad7cSChristoph Hellwig struct sockaddr_in *psin; 87202caad7cSChristoph Hellwig 87302caad7cSChristoph Hellwig if (optlen < sizeof(struct compat_group_req)) 87402caad7cSChristoph Hellwig return -EINVAL; 87589654c5fSChristoph Hellwig if (copy_from_sockptr(&greq, optval, sizeof(greq))) 87602caad7cSChristoph Hellwig return -EFAULT; 87702caad7cSChristoph Hellwig 87802caad7cSChristoph Hellwig psin = (struct sockaddr_in *)&greq.gr_group; 87902caad7cSChristoph Hellwig if (psin->sin_family != AF_INET) 88002caad7cSChristoph Hellwig return -EINVAL; 88102caad7cSChristoph Hellwig mreq.imr_multiaddr = psin->sin_addr; 88202caad7cSChristoph Hellwig mreq.imr_ifindex = greq.gr_interface; 88302caad7cSChristoph Hellwig 88402caad7cSChristoph Hellwig if (optname == MCAST_JOIN_GROUP) 885b6238c04SChristoph Hellwig return ip_mc_join_group(sk, &mreq); 886b6238c04SChristoph Hellwig return ip_mc_leave_group(sk, &mreq); 88702caad7cSChristoph Hellwig } 88802caad7cSChristoph Hellwig 88989654c5fSChristoph Hellwig static int do_ip_setsockopt(struct sock *sk, int level, int optname, 89089654c5fSChristoph Hellwig sockptr_t optval, unsigned int optlen) 8911da177e4SLinus Torvalds { 8921da177e4SLinus Torvalds struct inet_sock *inet = inet_sk(sk); 893166b6b2dSNikolay Borisov struct net *net = sock_net(sk); 8941da177e4SLinus Torvalds int val = 0, err; 895baf606d9SMarcelo Ricardo Leitner bool needs_rtnl = setsockopt_needs_rtnl(optname); 8961da177e4SLinus Torvalds 8970c9f79beSXi Wang switch (optname) { 8980c9f79beSXi Wang case IP_PKTINFO: 8990c9f79beSXi Wang case IP_RECVTTL: 9000c9f79beSXi Wang case IP_RECVOPTS: 9010c9f79beSXi Wang case IP_RECVTOS: 9020c9f79beSXi Wang case IP_RETOPTS: 9030c9f79beSXi Wang case IP_TOS: 9040c9f79beSXi Wang case IP_TTL: 9050c9f79beSXi Wang case IP_HDRINCL: 9060c9f79beSXi Wang case IP_MTU_DISCOVER: 9070c9f79beSXi Wang case IP_RECVERR: 9080c9f79beSXi Wang case IP_ROUTER_ALERT: 9090c9f79beSXi Wang case IP_FREEBIND: 9100c9f79beSXi Wang case IP_PASSSEC: 9110c9f79beSXi Wang case IP_TRANSPARENT: 9120c9f79beSXi Wang case IP_MINTTL: 9130c9f79beSXi Wang case IP_NODEFRAG: 91490c337daSEric Dumazet case IP_BIND_ADDRESS_NO_PORT: 9150c9f79beSXi Wang case IP_UNICAST_IF: 9160c9f79beSXi Wang case IP_MULTICAST_TTL: 9170c9f79beSXi Wang case IP_MULTICAST_ALL: 9180c9f79beSXi Wang case IP_MULTICAST_LOOP: 9190c9f79beSXi Wang case IP_RECVORIGDSTADDR: 920ad6f939aSTom Herbert case IP_CHECKSUM: 92170ecc248SWillem de Bruijn case IP_RECVFRAGSIZE: 922eba75c58SWillem de Bruijn case IP_RECVERR_RFC4884: 9231da177e4SLinus Torvalds if (optlen >= sizeof(int)) { 92489654c5fSChristoph Hellwig if (copy_from_sockptr(&val, optval, sizeof(val))) 9251da177e4SLinus Torvalds return -EFAULT; 9261da177e4SLinus Torvalds } else if (optlen >= sizeof(char)) { 9271da177e4SLinus Torvalds unsigned char ucval; 9281da177e4SLinus Torvalds 92989654c5fSChristoph Hellwig if (copy_from_sockptr(&ucval, optval, sizeof(ucval))) 9301da177e4SLinus Torvalds return -EFAULT; 9311da177e4SLinus Torvalds val = (int) ucval; 9321da177e4SLinus Torvalds } 9331da177e4SLinus Torvalds } 9341da177e4SLinus Torvalds 9351da177e4SLinus Torvalds /* If optlen==0, it is equivalent to val == 0 */ 9361da177e4SLinus Torvalds 9370526947fSKirill Tkhai if (optname == IP_ROUTER_ALERT) 9380526947fSKirill Tkhai return ip_ra_control(sk, val ? 1 : 0, NULL); 9396a9fb947SPavel Emelyanov if (ip_mroute_opt(optname)) 94089654c5fSChristoph Hellwig return ip_mroute_setsockopt(sk, optname, optval, optlen); 9411da177e4SLinus Torvalds 9421da177e4SLinus Torvalds err = 0; 943baf606d9SMarcelo Ricardo Leitner if (needs_rtnl) 944baf606d9SMarcelo Ricardo Leitner rtnl_lock(); 9451da177e4SLinus Torvalds lock_sock(sk); 9461da177e4SLinus Torvalds 9471da177e4SLinus Torvalds switch (optname) { 9481da177e4SLinus Torvalds case IP_OPTIONS: 9491da177e4SLinus Torvalds { 950f6d8bd05SEric Dumazet struct ip_options_rcu *old, *opt = NULL; 951f6d8bd05SEric Dumazet 95265a1c4ffSroel kluin if (optlen > 40) 9531da177e4SLinus Torvalds goto e_inval; 95489654c5fSChristoph Hellwig err = ip_options_get(sock_net(sk), &opt, optval, optlen); 9551da177e4SLinus Torvalds if (err) 9561da177e4SLinus Torvalds break; 957f6d8bd05SEric Dumazet old = rcu_dereference_protected(inet->inet_opt, 9581e1d04e6SHannes Frederic Sowa lockdep_sock_is_held(sk)); 959d83d8461SArnaldo Carvalho de Melo if (inet->is_icsk) { 960d83d8461SArnaldo Carvalho de Melo struct inet_connection_sock *icsk = inet_csk(sk); 961dfd56b8bSEric Dumazet #if IS_ENABLED(CONFIG_IPV6) 9621da177e4SLinus Torvalds if (sk->sk_family == PF_INET || 9631da177e4SLinus Torvalds (!((1 << sk->sk_state) & 9641da177e4SLinus Torvalds (TCPF_LISTEN | TCPF_CLOSE)) && 965c720c7e8SEric Dumazet inet->inet_daddr != LOOPBACK4_IPV6)) { 9661da177e4SLinus Torvalds #endif 967f6d8bd05SEric Dumazet if (old) 968f6d8bd05SEric Dumazet icsk->icsk_ext_hdr_len -= old->opt.optlen; 9691da177e4SLinus Torvalds if (opt) 970f6d8bd05SEric Dumazet icsk->icsk_ext_hdr_len += opt->opt.optlen; 971d83d8461SArnaldo Carvalho de Melo icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie); 972dfd56b8bSEric Dumazet #if IS_ENABLED(CONFIG_IPV6) 9731da177e4SLinus Torvalds } 9741da177e4SLinus Torvalds #endif 9751da177e4SLinus Torvalds } 976f6d8bd05SEric Dumazet rcu_assign_pointer(inet->inet_opt, opt); 977f6d8bd05SEric Dumazet if (old) 978605b4afeSPaul E. McKenney kfree_rcu(old, rcu); 9791da177e4SLinus Torvalds break; 9801da177e4SLinus Torvalds } 9811da177e4SLinus Torvalds case IP_PKTINFO: 9821da177e4SLinus Torvalds if (val) 9831da177e4SLinus Torvalds inet->cmsg_flags |= IP_CMSG_PKTINFO; 9841da177e4SLinus Torvalds else 9851da177e4SLinus Torvalds inet->cmsg_flags &= ~IP_CMSG_PKTINFO; 9861da177e4SLinus Torvalds break; 9871da177e4SLinus Torvalds case IP_RECVTTL: 9881da177e4SLinus Torvalds if (val) 9891da177e4SLinus Torvalds inet->cmsg_flags |= IP_CMSG_TTL; 9901da177e4SLinus Torvalds else 9911da177e4SLinus Torvalds inet->cmsg_flags &= ~IP_CMSG_TTL; 9921da177e4SLinus Torvalds break; 9931da177e4SLinus Torvalds case IP_RECVTOS: 9941da177e4SLinus Torvalds if (val) 9951da177e4SLinus Torvalds inet->cmsg_flags |= IP_CMSG_TOS; 9961da177e4SLinus Torvalds else 9971da177e4SLinus Torvalds inet->cmsg_flags &= ~IP_CMSG_TOS; 9981da177e4SLinus Torvalds break; 9991da177e4SLinus Torvalds case IP_RECVOPTS: 10001da177e4SLinus Torvalds if (val) 10011da177e4SLinus Torvalds inet->cmsg_flags |= IP_CMSG_RECVOPTS; 10021da177e4SLinus Torvalds else 10031da177e4SLinus Torvalds inet->cmsg_flags &= ~IP_CMSG_RECVOPTS; 10041da177e4SLinus Torvalds break; 10051da177e4SLinus Torvalds case IP_RETOPTS: 10061da177e4SLinus Torvalds if (val) 10071da177e4SLinus Torvalds inet->cmsg_flags |= IP_CMSG_RETOPTS; 10081da177e4SLinus Torvalds else 10091da177e4SLinus Torvalds inet->cmsg_flags &= ~IP_CMSG_RETOPTS; 10101da177e4SLinus Torvalds break; 10112c7946a7SCatherine Zhang case IP_PASSSEC: 10122c7946a7SCatherine Zhang if (val) 10132c7946a7SCatherine Zhang inet->cmsg_flags |= IP_CMSG_PASSSEC; 10142c7946a7SCatherine Zhang else 10152c7946a7SCatherine Zhang inet->cmsg_flags &= ~IP_CMSG_PASSSEC; 10162c7946a7SCatherine Zhang break; 1017e8b2dfe9SBalazs Scheidler case IP_RECVORIGDSTADDR: 1018e8b2dfe9SBalazs Scheidler if (val) 1019e8b2dfe9SBalazs Scheidler inet->cmsg_flags |= IP_CMSG_ORIGDSTADDR; 1020e8b2dfe9SBalazs Scheidler else 1021e8b2dfe9SBalazs Scheidler inet->cmsg_flags &= ~IP_CMSG_ORIGDSTADDR; 1022e8b2dfe9SBalazs Scheidler break; 1023ad6f939aSTom Herbert case IP_CHECKSUM: 1024ad6f939aSTom Herbert if (val) { 1025ad6f939aSTom Herbert if (!(inet->cmsg_flags & IP_CMSG_CHECKSUM)) { 1026ad6f939aSTom Herbert inet_inc_convert_csum(sk); 1027ad6f939aSTom Herbert inet->cmsg_flags |= IP_CMSG_CHECKSUM; 1028ad6f939aSTom Herbert } 1029ad6f939aSTom Herbert } else { 1030ad6f939aSTom Herbert if (inet->cmsg_flags & IP_CMSG_CHECKSUM) { 1031ad6f939aSTom Herbert inet_dec_convert_csum(sk); 1032ad6f939aSTom Herbert inet->cmsg_flags &= ~IP_CMSG_CHECKSUM; 1033ad6f939aSTom Herbert } 1034ad6f939aSTom Herbert } 1035ad6f939aSTom Herbert break; 103670ecc248SWillem de Bruijn case IP_RECVFRAGSIZE: 103770ecc248SWillem de Bruijn if (sk->sk_type != SOCK_RAW && sk->sk_type != SOCK_DGRAM) 103870ecc248SWillem de Bruijn goto e_inval; 103970ecc248SWillem de Bruijn if (val) 104070ecc248SWillem de Bruijn inet->cmsg_flags |= IP_CMSG_RECVFRAGSIZE; 104170ecc248SWillem de Bruijn else 104270ecc248SWillem de Bruijn inet->cmsg_flags &= ~IP_CMSG_RECVFRAGSIZE; 104370ecc248SWillem de Bruijn break; 10441da177e4SLinus Torvalds case IP_TOS: /* This sets both TOS and Precedence */ 10456ebf71baSChristoph Hellwig __ip_sock_set_tos(sk, val); 10461da177e4SLinus Torvalds break; 10471da177e4SLinus Torvalds case IP_TTL: 10481da177e4SLinus Torvalds if (optlen < 1) 10491da177e4SLinus Torvalds goto e_inval; 1050c9be4a5cSCong Wang if (val != -1 && (val < 1 || val > 255)) 10511da177e4SLinus Torvalds goto e_inval; 10521da177e4SLinus Torvalds inet->uc_ttl = val; 10531da177e4SLinus Torvalds break; 10541da177e4SLinus Torvalds case IP_HDRINCL: 10551da177e4SLinus Torvalds if (sk->sk_type != SOCK_RAW) { 10561da177e4SLinus Torvalds err = -ENOPROTOOPT; 10571da177e4SLinus Torvalds break; 10581da177e4SLinus Torvalds } 10591da177e4SLinus Torvalds inet->hdrincl = val ? 1 : 0; 10601da177e4SLinus Torvalds break; 10617b2ff18eSJiri Olsa case IP_NODEFRAG: 10627b2ff18eSJiri Olsa if (sk->sk_type != SOCK_RAW) { 10637b2ff18eSJiri Olsa err = -ENOPROTOOPT; 10647b2ff18eSJiri Olsa break; 10657b2ff18eSJiri Olsa } 10667b2ff18eSJiri Olsa inet->nodefrag = val ? 1 : 0; 10677b2ff18eSJiri Olsa break; 106890c337daSEric Dumazet case IP_BIND_ADDRESS_NO_PORT: 106990c337daSEric Dumazet inet->bind_address_no_port = val ? 1 : 0; 107090c337daSEric Dumazet break; 10711da177e4SLinus Torvalds case IP_MTU_DISCOVER: 10721b346576SHannes Frederic Sowa if (val < IP_PMTUDISC_DONT || val > IP_PMTUDISC_OMIT) 10731da177e4SLinus Torvalds goto e_inval; 10741da177e4SLinus Torvalds inet->pmtudisc = val; 10751da177e4SLinus Torvalds break; 10761da177e4SLinus Torvalds case IP_RECVERR: 10771da177e4SLinus Torvalds inet->recverr = !!val; 10781da177e4SLinus Torvalds if (!val) 10791da177e4SLinus Torvalds skb_queue_purge(&sk->sk_error_queue); 10801da177e4SLinus Torvalds break; 1081eba75c58SWillem de Bruijn case IP_RECVERR_RFC4884: 1082eba75c58SWillem de Bruijn if (val < 0 || val > 1) 1083eba75c58SWillem de Bruijn goto e_inval; 1084eba75c58SWillem de Bruijn inet->recverr_rfc4884 = !!val; 1085eba75c58SWillem de Bruijn break; 10861da177e4SLinus Torvalds case IP_MULTICAST_TTL: 10871da177e4SLinus Torvalds if (sk->sk_type == SOCK_STREAM) 10881da177e4SLinus Torvalds goto e_inval; 10891da177e4SLinus Torvalds if (optlen < 1) 10901da177e4SLinus Torvalds goto e_inval; 10911da177e4SLinus Torvalds if (val == -1) 10921da177e4SLinus Torvalds val = 1; 10931da177e4SLinus Torvalds if (val < 0 || val > 255) 10941da177e4SLinus Torvalds goto e_inval; 10951da177e4SLinus Torvalds inet->mc_ttl = val; 10961da177e4SLinus Torvalds break; 10971da177e4SLinus Torvalds case IP_MULTICAST_LOOP: 10981da177e4SLinus Torvalds if (optlen < 1) 10991da177e4SLinus Torvalds goto e_inval; 11001da177e4SLinus Torvalds inet->mc_loop = !!val; 11011da177e4SLinus Torvalds break; 110276e21053SErich E. Hoover case IP_UNICAST_IF: 110376e21053SErich E. Hoover { 110476e21053SErich E. Hoover struct net_device *dev = NULL; 110576e21053SErich E. Hoover int ifindex; 11069515a2e0SDavid Ahern int midx; 110776e21053SErich E. Hoover 110876e21053SErich E. Hoover if (optlen != sizeof(int)) 110976e21053SErich E. Hoover goto e_inval; 111076e21053SErich E. Hoover 111176e21053SErich E. Hoover ifindex = (__force int)ntohl((__force __be32)val); 111276e21053SErich E. Hoover if (ifindex == 0) { 111376e21053SErich E. Hoover inet->uc_index = 0; 111476e21053SErich E. Hoover err = 0; 111576e21053SErich E. Hoover break; 111676e21053SErich E. Hoover } 111776e21053SErich E. Hoover 111876e21053SErich E. Hoover dev = dev_get_by_index(sock_net(sk), ifindex); 111976e21053SErich E. Hoover err = -EADDRNOTAVAIL; 112076e21053SErich E. Hoover if (!dev) 112176e21053SErich E. Hoover break; 11229515a2e0SDavid Ahern 11239515a2e0SDavid Ahern midx = l3mdev_master_ifindex(dev); 112476e21053SErich E. Hoover dev_put(dev); 112576e21053SErich E. Hoover 112676e21053SErich E. Hoover err = -EINVAL; 1127*fdf1923bSMiaohe Lin if (sk->sk_bound_dev_if && midx != sk->sk_bound_dev_if) 112876e21053SErich E. Hoover break; 112976e21053SErich E. Hoover 113076e21053SErich E. Hoover inet->uc_index = ifindex; 113176e21053SErich E. Hoover err = 0; 113276e21053SErich E. Hoover break; 113376e21053SErich E. Hoover } 11341da177e4SLinus Torvalds case IP_MULTICAST_IF: 11351da177e4SLinus Torvalds { 11361da177e4SLinus Torvalds struct ip_mreqn mreq; 11371da177e4SLinus Torvalds struct net_device *dev = NULL; 11387bb387c5SDavid Ahern int midx; 11391da177e4SLinus Torvalds 11401da177e4SLinus Torvalds if (sk->sk_type == SOCK_STREAM) 11411da177e4SLinus Torvalds goto e_inval; 11421da177e4SLinus Torvalds /* 11431da177e4SLinus Torvalds * Check the arguments are allowable 11441da177e4SLinus Torvalds */ 11451da177e4SLinus Torvalds 11460915921bSShan Wei if (optlen < sizeof(struct in_addr)) 11470915921bSShan Wei goto e_inval; 11480915921bSShan Wei 11491da177e4SLinus Torvalds err = -EFAULT; 11501da177e4SLinus Torvalds if (optlen >= sizeof(struct ip_mreqn)) { 115189654c5fSChristoph Hellwig if (copy_from_sockptr(&mreq, optval, sizeof(mreq))) 11521da177e4SLinus Torvalds break; 11531da177e4SLinus Torvalds } else { 11541da177e4SLinus Torvalds memset(&mreq, 0, sizeof(mreq)); 11553a084ddbSJiri Pirko if (optlen >= sizeof(struct ip_mreq)) { 115689654c5fSChristoph Hellwig if (copy_from_sockptr(&mreq, optval, 11573a084ddbSJiri Pirko sizeof(struct ip_mreq))) 11583a084ddbSJiri Pirko break; 11593a084ddbSJiri Pirko } else if (optlen >= sizeof(struct in_addr)) { 116089654c5fSChristoph Hellwig if (copy_from_sockptr(&mreq.imr_address, optval, 11614d52cfbeSEric Dumazet sizeof(struct in_addr))) 11621da177e4SLinus Torvalds break; 11631da177e4SLinus Torvalds } 11643a084ddbSJiri Pirko } 11651da177e4SLinus Torvalds 11661da177e4SLinus Torvalds if (!mreq.imr_ifindex) { 1167e6f1cebfSAl Viro if (mreq.imr_address.s_addr == htonl(INADDR_ANY)) { 11681da177e4SLinus Torvalds inet->mc_index = 0; 11691da177e4SLinus Torvalds inet->mc_addr = 0; 11701da177e4SLinus Torvalds err = 0; 11711da177e4SLinus Torvalds break; 11721da177e4SLinus Torvalds } 11733b1e0a65SYOSHIFUJI Hideaki dev = ip_dev_find(sock_net(sk), mreq.imr_address.s_addr); 117455b80503SEric Dumazet if (dev) 11751da177e4SLinus Torvalds mreq.imr_ifindex = dev->ifindex; 11761da177e4SLinus Torvalds } else 117755b80503SEric Dumazet dev = dev_get_by_index(sock_net(sk), mreq.imr_ifindex); 11781da177e4SLinus Torvalds 11791da177e4SLinus Torvalds 11801da177e4SLinus Torvalds err = -EADDRNOTAVAIL; 11811da177e4SLinus Torvalds if (!dev) 11821da177e4SLinus Torvalds break; 11837bb387c5SDavid Ahern 11847bb387c5SDavid Ahern midx = l3mdev_master_ifindex(dev); 11857bb387c5SDavid Ahern 118655b80503SEric Dumazet dev_put(dev); 11871da177e4SLinus Torvalds 11881da177e4SLinus Torvalds err = -EINVAL; 11891da177e4SLinus Torvalds if (sk->sk_bound_dev_if && 11907bb387c5SDavid Ahern mreq.imr_ifindex != sk->sk_bound_dev_if && 1191*fdf1923bSMiaohe Lin midx != sk->sk_bound_dev_if) 11921da177e4SLinus Torvalds break; 11931da177e4SLinus Torvalds 11941da177e4SLinus Torvalds inet->mc_index = mreq.imr_ifindex; 11951da177e4SLinus Torvalds inet->mc_addr = mreq.imr_address.s_addr; 11961da177e4SLinus Torvalds err = 0; 11971da177e4SLinus Torvalds break; 11981da177e4SLinus Torvalds } 11991da177e4SLinus Torvalds 12001da177e4SLinus Torvalds case IP_ADD_MEMBERSHIP: 12011da177e4SLinus Torvalds case IP_DROP_MEMBERSHIP: 12021da177e4SLinus Torvalds { 12031da177e4SLinus Torvalds struct ip_mreqn mreq; 12041da177e4SLinus Torvalds 1205a96fb49bSFlavio Leitner err = -EPROTO; 1206a96fb49bSFlavio Leitner if (inet_sk(sk)->is_icsk) 1207a96fb49bSFlavio Leitner break; 1208a96fb49bSFlavio Leitner 12091da177e4SLinus Torvalds if (optlen < sizeof(struct ip_mreq)) 12101da177e4SLinus Torvalds goto e_inval; 12111da177e4SLinus Torvalds err = -EFAULT; 12121da177e4SLinus Torvalds if (optlen >= sizeof(struct ip_mreqn)) { 121389654c5fSChristoph Hellwig if (copy_from_sockptr(&mreq, optval, sizeof(mreq))) 12141da177e4SLinus Torvalds break; 12151da177e4SLinus Torvalds } else { 12161da177e4SLinus Torvalds memset(&mreq, 0, sizeof(mreq)); 121789654c5fSChristoph Hellwig if (copy_from_sockptr(&mreq, optval, 121889654c5fSChristoph Hellwig sizeof(struct ip_mreq))) 12191da177e4SLinus Torvalds break; 12201da177e4SLinus Torvalds } 12211da177e4SLinus Torvalds 12221da177e4SLinus Torvalds if (optname == IP_ADD_MEMBERSHIP) 122354ff9ef3SMarcelo Ricardo Leitner err = ip_mc_join_group(sk, &mreq); 12241da177e4SLinus Torvalds else 122554ff9ef3SMarcelo Ricardo Leitner err = ip_mc_leave_group(sk, &mreq); 12261da177e4SLinus Torvalds break; 12271da177e4SLinus Torvalds } 12281da177e4SLinus Torvalds case IP_MSFILTER: 12291da177e4SLinus Torvalds { 12301da177e4SLinus Torvalds struct ip_msfilter *msf; 12311da177e4SLinus Torvalds 12321da177e4SLinus Torvalds if (optlen < IP_MSFILTER_SIZE(0)) 12331da177e4SLinus Torvalds goto e_inval; 12341da177e4SLinus Torvalds if (optlen > sysctl_optmem_max) { 12351da177e4SLinus Torvalds err = -ENOBUFS; 12361da177e4SLinus Torvalds break; 12371da177e4SLinus Torvalds } 123889654c5fSChristoph Hellwig msf = memdup_sockptr(optval, optlen); 1239a2c841d9SAl Viro if (IS_ERR(msf)) { 1240a2c841d9SAl Viro err = PTR_ERR(msf); 12411da177e4SLinus Torvalds break; 12421da177e4SLinus Torvalds } 12431da177e4SLinus Torvalds /* numsrc >= (1G-4) overflow in 32 bits */ 12441da177e4SLinus Torvalds if (msf->imsf_numsrc >= 0x3ffffffcU || 1245166b6b2dSNikolay Borisov msf->imsf_numsrc > net->ipv4.sysctl_igmp_max_msf) { 12461da177e4SLinus Torvalds kfree(msf); 12471da177e4SLinus Torvalds err = -ENOBUFS; 12481da177e4SLinus Torvalds break; 12491da177e4SLinus Torvalds } 12501da177e4SLinus Torvalds if (IP_MSFILTER_SIZE(msf->imsf_numsrc) > optlen) { 12511da177e4SLinus Torvalds kfree(msf); 12521da177e4SLinus Torvalds err = -EINVAL; 12531da177e4SLinus Torvalds break; 12541da177e4SLinus Torvalds } 12551da177e4SLinus Torvalds err = ip_mc_msfilter(sk, msf, 0); 12561da177e4SLinus Torvalds kfree(msf); 12571da177e4SLinus Torvalds break; 12581da177e4SLinus Torvalds } 12591da177e4SLinus Torvalds case IP_BLOCK_SOURCE: 12601da177e4SLinus Torvalds case IP_UNBLOCK_SOURCE: 12611da177e4SLinus Torvalds case IP_ADD_SOURCE_MEMBERSHIP: 12621da177e4SLinus Torvalds case IP_DROP_SOURCE_MEMBERSHIP: 12631da177e4SLinus Torvalds { 12641da177e4SLinus Torvalds struct ip_mreq_source mreqs; 12651da177e4SLinus Torvalds int omode, add; 12661da177e4SLinus Torvalds 12671da177e4SLinus Torvalds if (optlen != sizeof(struct ip_mreq_source)) 12681da177e4SLinus Torvalds goto e_inval; 126989654c5fSChristoph Hellwig if (copy_from_sockptr(&mreqs, optval, sizeof(mreqs))) { 12701da177e4SLinus Torvalds err = -EFAULT; 12711da177e4SLinus Torvalds break; 12721da177e4SLinus Torvalds } 12731da177e4SLinus Torvalds if (optname == IP_BLOCK_SOURCE) { 12741da177e4SLinus Torvalds omode = MCAST_EXCLUDE; 12751da177e4SLinus Torvalds add = 1; 12761da177e4SLinus Torvalds } else if (optname == IP_UNBLOCK_SOURCE) { 12771da177e4SLinus Torvalds omode = MCAST_EXCLUDE; 12781da177e4SLinus Torvalds add = 0; 12791da177e4SLinus Torvalds } else if (optname == IP_ADD_SOURCE_MEMBERSHIP) { 12801da177e4SLinus Torvalds struct ip_mreqn mreq; 12811da177e4SLinus Torvalds 12821da177e4SLinus Torvalds mreq.imr_multiaddr.s_addr = mreqs.imr_multiaddr; 12831da177e4SLinus Torvalds mreq.imr_address.s_addr = mreqs.imr_interface; 12841da177e4SLinus Torvalds mreq.imr_ifindex = 0; 12856e2059b5SHangbin Liu err = ip_mc_join_group_ssm(sk, &mreq, MCAST_INCLUDE); 12868cdaaa15SDavid L Stevens if (err && err != -EADDRINUSE) 12871da177e4SLinus Torvalds break; 12881da177e4SLinus Torvalds omode = MCAST_INCLUDE; 12891da177e4SLinus Torvalds add = 1; 12901da177e4SLinus Torvalds } else /* IP_DROP_SOURCE_MEMBERSHIP */ { 12911da177e4SLinus Torvalds omode = MCAST_INCLUDE; 12921da177e4SLinus Torvalds add = 0; 12931da177e4SLinus Torvalds } 12941da177e4SLinus Torvalds err = ip_mc_source(add, omode, sk, &mreqs, 0); 12951da177e4SLinus Torvalds break; 12961da177e4SLinus Torvalds } 12971da177e4SLinus Torvalds case MCAST_JOIN_GROUP: 12981da177e4SLinus Torvalds case MCAST_LEAVE_GROUP: 1299b6238c04SChristoph Hellwig if (in_compat_syscall()) 1300b6238c04SChristoph Hellwig err = compat_ip_mcast_join_leave(sk, optname, optval, 1301b6238c04SChristoph Hellwig optlen); 1302b6238c04SChristoph Hellwig else 130302caad7cSChristoph Hellwig err = ip_mcast_join_leave(sk, optname, optval, optlen); 13041da177e4SLinus Torvalds break; 13051da177e4SLinus Torvalds case MCAST_JOIN_SOURCE_GROUP: 13061da177e4SLinus Torvalds case MCAST_LEAVE_SOURCE_GROUP: 13071da177e4SLinus Torvalds case MCAST_BLOCK_SOURCE: 13081da177e4SLinus Torvalds case MCAST_UNBLOCK_SOURCE: 1309b6238c04SChristoph Hellwig err = do_mcast_group_source(sk, optname, optval, optlen); 13101da177e4SLinus Torvalds break; 13111da177e4SLinus Torvalds case MCAST_MSFILTER: 1312b6238c04SChristoph Hellwig if (in_compat_syscall()) 1313b6238c04SChristoph Hellwig err = compat_ip_set_mcast_msfilter(sk, optval, optlen); 1314b6238c04SChristoph Hellwig else 1315d62c38f6SChristoph Hellwig err = ip_set_mcast_msfilter(sk, optval, optlen); 13161da177e4SLinus Torvalds break; 1317f771bef9SNivedita Singhvi case IP_MULTICAST_ALL: 1318f771bef9SNivedita Singhvi if (optlen < 1) 1319f771bef9SNivedita Singhvi goto e_inval; 1320f771bef9SNivedita Singhvi if (val != 0 && val != 1) 1321f771bef9SNivedita Singhvi goto e_inval; 1322f771bef9SNivedita Singhvi inet->mc_all = val; 1323f771bef9SNivedita Singhvi break; 13241da177e4SLinus Torvalds 13251da177e4SLinus Torvalds case IP_FREEBIND: 13261da177e4SLinus Torvalds if (optlen < 1) 13271da177e4SLinus Torvalds goto e_inval; 13281da177e4SLinus Torvalds inet->freebind = !!val; 13291da177e4SLinus Torvalds break; 13301da177e4SLinus Torvalds 13311da177e4SLinus Torvalds case IP_IPSEC_POLICY: 13321da177e4SLinus Torvalds case IP_XFRM_POLICY: 13336fc0b4a7SHerbert Xu err = -EPERM; 133452e804c6SEric W. Biederman if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) 13356fc0b4a7SHerbert Xu break; 133689654c5fSChristoph Hellwig err = xfrm_user_policy(sk, optname, optval, optlen); 13371da177e4SLinus Torvalds break; 13381da177e4SLinus Torvalds 1339f5715aeaSKOVACS Krisztian case IP_TRANSPARENT: 134052e804c6SEric W. Biederman if (!!val && !ns_capable(sock_net(sk)->user_ns, CAP_NET_RAW) && 134152e804c6SEric W. Biederman !ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) { 1342f5715aeaSKOVACS Krisztian err = -EPERM; 1343f5715aeaSKOVACS Krisztian break; 1344f5715aeaSKOVACS Krisztian } 1345f5715aeaSKOVACS Krisztian if (optlen < 1) 1346f5715aeaSKOVACS Krisztian goto e_inval; 1347f5715aeaSKOVACS Krisztian inet->transparent = !!val; 1348f5715aeaSKOVACS Krisztian break; 1349f5715aeaSKOVACS Krisztian 1350d218d111SStephen Hemminger case IP_MINTTL: 1351d218d111SStephen Hemminger if (optlen < 1) 1352d218d111SStephen Hemminger goto e_inval; 1353d218d111SStephen Hemminger if (val < 0 || val > 255) 1354d218d111SStephen Hemminger goto e_inval; 1355d218d111SStephen Hemminger inet->min_ttl = val; 1356d218d111SStephen Hemminger break; 1357d218d111SStephen Hemminger 13581da177e4SLinus Torvalds default: 13591da177e4SLinus Torvalds err = -ENOPROTOOPT; 13601da177e4SLinus Torvalds break; 13611da177e4SLinus Torvalds } 13621da177e4SLinus Torvalds release_sock(sk); 1363baf606d9SMarcelo Ricardo Leitner if (needs_rtnl) 1364baf606d9SMarcelo Ricardo Leitner rtnl_unlock(); 13651da177e4SLinus Torvalds return err; 13661da177e4SLinus Torvalds 13671da177e4SLinus Torvalds e_inval: 13681da177e4SLinus Torvalds release_sock(sk); 1369baf606d9SMarcelo Ricardo Leitner if (needs_rtnl) 1370baf606d9SMarcelo Ricardo Leitner rtnl_unlock(); 13711da177e4SLinus Torvalds return -EINVAL; 13721da177e4SLinus Torvalds } 13731da177e4SLinus Torvalds 1374f84af32cSEric Dumazet /** 1375829ae9d6SWillem de Bruijn * ipv4_pktinfo_prepare - transfer some info from rtable to skb 1376f84af32cSEric Dumazet * @sk: socket 1377f84af32cSEric Dumazet * @skb: buffer 1378f84af32cSEric Dumazet * 137935ebf65eSDavid S. Miller * To support IP_CMSG_PKTINFO option, we store rt_iif and specific 138035ebf65eSDavid S. Miller * destination in skb->cb[] before dst drop. 13818e3bff96Sstephen hemminger * This way, receiver doesn't make cache line misses to read rtable. 1382f84af32cSEric Dumazet */ 1383fbf8866dSShawn Bohrer void ipv4_pktinfo_prepare(const struct sock *sk, struct sk_buff *skb) 1384f84af32cSEric Dumazet { 1385d826eb14SEric Dumazet struct in_pktinfo *pktinfo = PKTINFO_SKB_CB(skb); 13864b261c75SHannes Frederic Sowa bool prepare = (inet_sk(sk)->cmsg_flags & IP_CMSG_PKTINFO) || 13874b261c75SHannes Frederic Sowa ipv6_sk_rxinfo(sk); 1388d826eb14SEric Dumazet 13894b261c75SHannes Frederic Sowa if (prepare && skb_rtable(skb)) { 13900b922b7aSDavid Ahern /* skb->cb is overloaded: prior to this point it is IP{6}CB 13910b922b7aSDavid Ahern * which has interface index (iif) as the first member of the 13920b922b7aSDavid Ahern * underlying inet{6}_skb_parm struct. This code then overlays 13930b922b7aSDavid Ahern * PKTINFO_SKB_CB and in_pktinfo also has iif as the first 1394f0c16ba8SWei Zhang * element so the iif is picked up from the prior IPCB. If iif 1395f0c16ba8SWei Zhang * is the loopback interface, then return the sending interface 1396f0c16ba8SWei Zhang * (e.g., process binds socket to eth0 for Tx which is 1397f0c16ba8SWei Zhang * redirected to loopback in the rtable/dst). 13980b922b7aSDavid Ahern */ 1399cbea8f02SDavid Ahern struct rtable *rt = skb_rtable(skb); 1400cbea8f02SDavid Ahern bool l3slave = ipv4_l3mdev_skb(IPCB(skb)->flags); 1401cbea8f02SDavid Ahern 1402cbea8f02SDavid Ahern if (pktinfo->ipi_ifindex == LOOPBACK_IFINDEX) 1403f0c16ba8SWei Zhang pktinfo->ipi_ifindex = inet_iif(skb); 1404cbea8f02SDavid Ahern else if (l3slave && rt && rt->rt_iif) 1405cbea8f02SDavid Ahern pktinfo->ipi_ifindex = rt->rt_iif; 1406f0c16ba8SWei Zhang 140735ebf65eSDavid S. Miller pktinfo->ipi_spec_dst.s_addr = fib_compute_spec_dst(skb); 1408d826eb14SEric Dumazet } else { 1409d826eb14SEric Dumazet pktinfo->ipi_ifindex = 0; 1410d826eb14SEric Dumazet pktinfo->ipi_spec_dst.s_addr = 0; 1411f84af32cSEric Dumazet } 1412d826eb14SEric Dumazet skb_dst_drop(skb); 1413d826eb14SEric Dumazet } 1414f84af32cSEric Dumazet 1415a7b75c5aSChristoph Hellwig int ip_setsockopt(struct sock *sk, int level, int optname, sockptr_t optval, 1416a7b75c5aSChristoph Hellwig unsigned int optlen) 14173fdadf7dSDmitry Mishin { 14183fdadf7dSDmitry Mishin int err; 14193fdadf7dSDmitry Mishin 14203fdadf7dSDmitry Mishin if (level != SOL_IP) 14213fdadf7dSDmitry Mishin return -ENOPROTOOPT; 14223fdadf7dSDmitry Mishin 1423a7b75c5aSChristoph Hellwig err = do_ip_setsockopt(sk, level, optname, optval, optlen); 142497adaddaSTaehee Yoo #if IS_ENABLED(CONFIG_BPFILTER_UMH) 1425d2ba09c1SAlexei Starovoitov if (optname >= BPFILTER_IPT_SO_SET_REPLACE && 1426d2ba09c1SAlexei Starovoitov optname < BPFILTER_IPT_SET_MAX) 1427a7b75c5aSChristoph Hellwig err = bpfilter_ip_set_sockopt(sk, optname, optval, optlen); 1428d2ba09c1SAlexei Starovoitov #endif 14293fdadf7dSDmitry Mishin #ifdef CONFIG_NETFILTER 14303fdadf7dSDmitry Mishin /* we need to exclude all possible ENOPROTOOPTs except default case */ 14313fdadf7dSDmitry Mishin if (err == -ENOPROTOOPT && optname != IP_HDRINCL && 14326a9fb947SPavel Emelyanov optname != IP_IPSEC_POLICY && 14336a9fb947SPavel Emelyanov optname != IP_XFRM_POLICY && 14343f34cfaeSPaolo Abeni !ip_mroute_opt(optname)) 1435a7b75c5aSChristoph Hellwig err = nf_setsockopt(sk, PF_INET, optname, optval, optlen); 14363fdadf7dSDmitry Mishin #endif 14373fdadf7dSDmitry Mishin return err; 14383fdadf7dSDmitry Mishin } 14394d52cfbeSEric Dumazet EXPORT_SYMBOL(ip_setsockopt); 14403fdadf7dSDmitry Mishin 14411da177e4SLinus Torvalds /* 14424d52cfbeSEric Dumazet * Get the options. Note for future reference. The GET of IP options gets 14434d52cfbeSEric Dumazet * the _received_ ones. The set sets the _sent_ ones. 14441da177e4SLinus Torvalds */ 14451da177e4SLinus Torvalds 144687e9f031SWANG Cong static bool getsockopt_needs_rtnl(int optname) 144787e9f031SWANG Cong { 144887e9f031SWANG Cong switch (optname) { 144987e9f031SWANG Cong case IP_MSFILTER: 145087e9f031SWANG Cong case MCAST_MSFILTER: 145187e9f031SWANG Cong return true; 145287e9f031SWANG Cong } 145387e9f031SWANG Cong return false; 145487e9f031SWANG Cong } 145587e9f031SWANG Cong 145649e74c24SChristoph Hellwig static int ip_get_mcast_msfilter(struct sock *sk, void __user *optval, 145749e74c24SChristoph Hellwig int __user *optlen, int len) 145849e74c24SChristoph Hellwig { 145949e74c24SChristoph Hellwig const int size0 = offsetof(struct group_filter, gf_slist); 146049e74c24SChristoph Hellwig struct group_filter __user *p = optval; 146149e74c24SChristoph Hellwig struct group_filter gsf; 146249e74c24SChristoph Hellwig int num; 146349e74c24SChristoph Hellwig int err; 146449e74c24SChristoph Hellwig 146549e74c24SChristoph Hellwig if (len < size0) 146649e74c24SChristoph Hellwig return -EINVAL; 146749e74c24SChristoph Hellwig if (copy_from_user(&gsf, p, size0)) 146849e74c24SChristoph Hellwig return -EFAULT; 146949e74c24SChristoph Hellwig 147049e74c24SChristoph Hellwig num = gsf.gf_numsrc; 147149e74c24SChristoph Hellwig err = ip_mc_gsfget(sk, &gsf, p->gf_slist); 147249e74c24SChristoph Hellwig if (err) 147349e74c24SChristoph Hellwig return err; 147449e74c24SChristoph Hellwig if (gsf.gf_numsrc < num) 147549e74c24SChristoph Hellwig num = gsf.gf_numsrc; 147649e74c24SChristoph Hellwig if (put_user(GROUP_FILTER_SIZE(num), optlen) || 147749e74c24SChristoph Hellwig copy_to_user(p, &gsf, size0)) 147849e74c24SChristoph Hellwig return -EFAULT; 147949e74c24SChristoph Hellwig return 0; 148049e74c24SChristoph Hellwig } 148149e74c24SChristoph Hellwig 148249e74c24SChristoph Hellwig static int compat_ip_get_mcast_msfilter(struct sock *sk, void __user *optval, 1483b6238c04SChristoph Hellwig int __user *optlen, int len) 148449e74c24SChristoph Hellwig { 148549e74c24SChristoph Hellwig const int size0 = offsetof(struct compat_group_filter, gf_slist); 148649e74c24SChristoph Hellwig struct compat_group_filter __user *p = optval; 148749e74c24SChristoph Hellwig struct compat_group_filter gf32; 148849e74c24SChristoph Hellwig struct group_filter gf; 148949e74c24SChristoph Hellwig int num; 1490b6238c04SChristoph Hellwig int err; 149149e74c24SChristoph Hellwig 149249e74c24SChristoph Hellwig if (len < size0) 149349e74c24SChristoph Hellwig return -EINVAL; 149449e74c24SChristoph Hellwig if (copy_from_user(&gf32, p, size0)) 149549e74c24SChristoph Hellwig return -EFAULT; 149649e74c24SChristoph Hellwig 149749e74c24SChristoph Hellwig gf.gf_interface = gf32.gf_interface; 149849e74c24SChristoph Hellwig gf.gf_fmode = gf32.gf_fmode; 149949e74c24SChristoph Hellwig num = gf.gf_numsrc = gf32.gf_numsrc; 150049e74c24SChristoph Hellwig gf.gf_group = gf32.gf_group; 150149e74c24SChristoph Hellwig 150249e74c24SChristoph Hellwig err = ip_mc_gsfget(sk, &gf, p->gf_slist); 150349e74c24SChristoph Hellwig if (err) 150449e74c24SChristoph Hellwig return err; 150549e74c24SChristoph Hellwig if (gf.gf_numsrc < num) 150649e74c24SChristoph Hellwig num = gf.gf_numsrc; 150749e74c24SChristoph Hellwig len = GROUP_FILTER_SIZE(num) - (sizeof(gf) - sizeof(gf32)); 150849e74c24SChristoph Hellwig if (put_user(len, optlen) || 150949e74c24SChristoph Hellwig put_user(gf.gf_fmode, &p->gf_fmode) || 151049e74c24SChristoph Hellwig put_user(gf.gf_numsrc, &p->gf_numsrc)) 151149e74c24SChristoph Hellwig return -EFAULT; 151249e74c24SChristoph Hellwig return 0; 151349e74c24SChristoph Hellwig } 151449e74c24SChristoph Hellwig 15153fdadf7dSDmitry Mishin static int do_ip_getsockopt(struct sock *sk, int level, int optname, 1516b6238c04SChristoph Hellwig char __user *optval, int __user *optlen) 15171da177e4SLinus Torvalds { 15181da177e4SLinus Torvalds struct inet_sock *inet = inet_sk(sk); 151987e9f031SWANG Cong bool needs_rtnl = getsockopt_needs_rtnl(optname); 152087e9f031SWANG Cong int val, err = 0; 15211da177e4SLinus Torvalds int len; 15221da177e4SLinus Torvalds 15231da177e4SLinus Torvalds if (level != SOL_IP) 15241da177e4SLinus Torvalds return -EOPNOTSUPP; 15251da177e4SLinus Torvalds 15266a9fb947SPavel Emelyanov if (ip_mroute_opt(optname)) 15271da177e4SLinus Torvalds return ip_mroute_getsockopt(sk, optname, optval, optlen); 15281da177e4SLinus Torvalds 15291da177e4SLinus Torvalds if (get_user(len, optlen)) 15301da177e4SLinus Torvalds return -EFAULT; 15311da177e4SLinus Torvalds if (len < 0) 15321da177e4SLinus Torvalds return -EINVAL; 15331da177e4SLinus Torvalds 153487e9f031SWANG Cong if (needs_rtnl) 153587e9f031SWANG Cong rtnl_lock(); 15361da177e4SLinus Torvalds lock_sock(sk); 15371da177e4SLinus Torvalds 15381da177e4SLinus Torvalds switch (optname) { 15391da177e4SLinus Torvalds case IP_OPTIONS: 15401da177e4SLinus Torvalds { 15411da177e4SLinus Torvalds unsigned char optbuf[sizeof(struct ip_options)+40]; 15421da177e4SLinus Torvalds struct ip_options *opt = (struct ip_options *)optbuf; 1543f6d8bd05SEric Dumazet struct ip_options_rcu *inet_opt; 1544f6d8bd05SEric Dumazet 1545f6d8bd05SEric Dumazet inet_opt = rcu_dereference_protected(inet->inet_opt, 15461e1d04e6SHannes Frederic Sowa lockdep_sock_is_held(sk)); 15471da177e4SLinus Torvalds opt->optlen = 0; 1548f6d8bd05SEric Dumazet if (inet_opt) 1549f6d8bd05SEric Dumazet memcpy(optbuf, &inet_opt->opt, 15501da177e4SLinus Torvalds sizeof(struct ip_options) + 1551f6d8bd05SEric Dumazet inet_opt->opt.optlen); 15521da177e4SLinus Torvalds release_sock(sk); 15531da177e4SLinus Torvalds 15541da177e4SLinus Torvalds if (opt->optlen == 0) 15551da177e4SLinus Torvalds return put_user(0, optlen); 15561da177e4SLinus Torvalds 15571da177e4SLinus Torvalds ip_options_undo(opt); 15581da177e4SLinus Torvalds 15591da177e4SLinus Torvalds len = min_t(unsigned int, len, opt->optlen); 15601da177e4SLinus Torvalds if (put_user(len, optlen)) 15611da177e4SLinus Torvalds return -EFAULT; 15621da177e4SLinus Torvalds if (copy_to_user(optval, opt->__data, len)) 15631da177e4SLinus Torvalds return -EFAULT; 15641da177e4SLinus Torvalds return 0; 15651da177e4SLinus Torvalds } 15661da177e4SLinus Torvalds case IP_PKTINFO: 15671da177e4SLinus Torvalds val = (inet->cmsg_flags & IP_CMSG_PKTINFO) != 0; 15681da177e4SLinus Torvalds break; 15691da177e4SLinus Torvalds case IP_RECVTTL: 15701da177e4SLinus Torvalds val = (inet->cmsg_flags & IP_CMSG_TTL) != 0; 15711da177e4SLinus Torvalds break; 15721da177e4SLinus Torvalds case IP_RECVTOS: 15731da177e4SLinus Torvalds val = (inet->cmsg_flags & IP_CMSG_TOS) != 0; 15741da177e4SLinus Torvalds break; 15751da177e4SLinus Torvalds case IP_RECVOPTS: 15761da177e4SLinus Torvalds val = (inet->cmsg_flags & IP_CMSG_RECVOPTS) != 0; 15771da177e4SLinus Torvalds break; 15781da177e4SLinus Torvalds case IP_RETOPTS: 15791da177e4SLinus Torvalds val = (inet->cmsg_flags & IP_CMSG_RETOPTS) != 0; 15801da177e4SLinus Torvalds break; 15812c7946a7SCatherine Zhang case IP_PASSSEC: 15822c7946a7SCatherine Zhang val = (inet->cmsg_flags & IP_CMSG_PASSSEC) != 0; 15832c7946a7SCatherine Zhang break; 1584e8b2dfe9SBalazs Scheidler case IP_RECVORIGDSTADDR: 1585e8b2dfe9SBalazs Scheidler val = (inet->cmsg_flags & IP_CMSG_ORIGDSTADDR) != 0; 1586e8b2dfe9SBalazs Scheidler break; 1587ad6f939aSTom Herbert case IP_CHECKSUM: 1588ad6f939aSTom Herbert val = (inet->cmsg_flags & IP_CMSG_CHECKSUM) != 0; 1589ad6f939aSTom Herbert break; 159070ecc248SWillem de Bruijn case IP_RECVFRAGSIZE: 159170ecc248SWillem de Bruijn val = (inet->cmsg_flags & IP_CMSG_RECVFRAGSIZE) != 0; 159270ecc248SWillem de Bruijn break; 15931da177e4SLinus Torvalds case IP_TOS: 15941da177e4SLinus Torvalds val = inet->tos; 15951da177e4SLinus Torvalds break; 15961da177e4SLinus Torvalds case IP_TTL: 1597fa50d974SNikolay Borisov { 1598fa50d974SNikolay Borisov struct net *net = sock_net(sk); 15991da177e4SLinus Torvalds val = (inet->uc_ttl == -1 ? 1600fa50d974SNikolay Borisov net->ipv4.sysctl_ip_default_ttl : 16011da177e4SLinus Torvalds inet->uc_ttl); 16021da177e4SLinus Torvalds break; 1603fa50d974SNikolay Borisov } 16041da177e4SLinus Torvalds case IP_HDRINCL: 16051da177e4SLinus Torvalds val = inet->hdrincl; 16061da177e4SLinus Torvalds break; 1607a89b4763SMichael Kerrisk case IP_NODEFRAG: 1608a89b4763SMichael Kerrisk val = inet->nodefrag; 1609a89b4763SMichael Kerrisk break; 161090c337daSEric Dumazet case IP_BIND_ADDRESS_NO_PORT: 161190c337daSEric Dumazet val = inet->bind_address_no_port; 161290c337daSEric Dumazet break; 16131da177e4SLinus Torvalds case IP_MTU_DISCOVER: 16141da177e4SLinus Torvalds val = inet->pmtudisc; 16151da177e4SLinus Torvalds break; 16161da177e4SLinus Torvalds case IP_MTU: 16171da177e4SLinus Torvalds { 16181da177e4SLinus Torvalds struct dst_entry *dst; 16191da177e4SLinus Torvalds val = 0; 16201da177e4SLinus Torvalds dst = sk_dst_get(sk); 16211da177e4SLinus Torvalds if (dst) { 16221da177e4SLinus Torvalds val = dst_mtu(dst); 16231da177e4SLinus Torvalds dst_release(dst); 16241da177e4SLinus Torvalds } 16251da177e4SLinus Torvalds if (!val) { 16261da177e4SLinus Torvalds release_sock(sk); 16271da177e4SLinus Torvalds return -ENOTCONN; 16281da177e4SLinus Torvalds } 16291da177e4SLinus Torvalds break; 16301da177e4SLinus Torvalds } 16311da177e4SLinus Torvalds case IP_RECVERR: 16321da177e4SLinus Torvalds val = inet->recverr; 16331da177e4SLinus Torvalds break; 1634eba75c58SWillem de Bruijn case IP_RECVERR_RFC4884: 1635eba75c58SWillem de Bruijn val = inet->recverr_rfc4884; 1636eba75c58SWillem de Bruijn break; 16371da177e4SLinus Torvalds case IP_MULTICAST_TTL: 16381da177e4SLinus Torvalds val = inet->mc_ttl; 16391da177e4SLinus Torvalds break; 16401da177e4SLinus Torvalds case IP_MULTICAST_LOOP: 16411da177e4SLinus Torvalds val = inet->mc_loop; 16421da177e4SLinus Torvalds break; 164376e21053SErich E. Hoover case IP_UNICAST_IF: 164476e21053SErich E. Hoover val = (__force int)htonl((__u32) inet->uc_index); 164576e21053SErich E. Hoover break; 16461da177e4SLinus Torvalds case IP_MULTICAST_IF: 16471da177e4SLinus Torvalds { 16481da177e4SLinus Torvalds struct in_addr addr; 16491da177e4SLinus Torvalds len = min_t(unsigned int, len, sizeof(struct in_addr)); 16501da177e4SLinus Torvalds addr.s_addr = inet->mc_addr; 16511da177e4SLinus Torvalds release_sock(sk); 16521da177e4SLinus Torvalds 16531da177e4SLinus Torvalds if (put_user(len, optlen)) 16541da177e4SLinus Torvalds return -EFAULT; 16551da177e4SLinus Torvalds if (copy_to_user(optval, &addr, len)) 16561da177e4SLinus Torvalds return -EFAULT; 16571da177e4SLinus Torvalds return 0; 16581da177e4SLinus Torvalds } 16591da177e4SLinus Torvalds case IP_MSFILTER: 16601da177e4SLinus Torvalds { 16611da177e4SLinus Torvalds struct ip_msfilter msf; 16621da177e4SLinus Torvalds 16631da177e4SLinus Torvalds if (len < IP_MSFILTER_SIZE(0)) { 166487e9f031SWANG Cong err = -EINVAL; 166587e9f031SWANG Cong goto out; 16661da177e4SLinus Torvalds } 16671da177e4SLinus Torvalds if (copy_from_user(&msf, optval, IP_MSFILTER_SIZE(0))) { 166887e9f031SWANG Cong err = -EFAULT; 166987e9f031SWANG Cong goto out; 16701da177e4SLinus Torvalds } 16711da177e4SLinus Torvalds err = ip_mc_msfget(sk, &msf, 16721da177e4SLinus Torvalds (struct ip_msfilter __user *)optval, optlen); 167387e9f031SWANG Cong goto out; 16741da177e4SLinus Torvalds } 16751da177e4SLinus Torvalds case MCAST_MSFILTER: 1676b6238c04SChristoph Hellwig if (in_compat_syscall()) 1677b6238c04SChristoph Hellwig err = compat_ip_get_mcast_msfilter(sk, optval, optlen, 1678b6238c04SChristoph Hellwig len); 1679b6238c04SChristoph Hellwig else 168049e74c24SChristoph Hellwig err = ip_get_mcast_msfilter(sk, optval, optlen, len); 168187e9f031SWANG Cong goto out; 1682f771bef9SNivedita Singhvi case IP_MULTICAST_ALL: 1683f771bef9SNivedita Singhvi val = inet->mc_all; 1684f771bef9SNivedita Singhvi break; 16851da177e4SLinus Torvalds case IP_PKTOPTIONS: 16861da177e4SLinus Torvalds { 16871da177e4SLinus Torvalds struct msghdr msg; 16881da177e4SLinus Torvalds 16891da177e4SLinus Torvalds release_sock(sk); 16901da177e4SLinus Torvalds 16911da177e4SLinus Torvalds if (sk->sk_type != SOCK_STREAM) 16921da177e4SLinus Torvalds return -ENOPROTOOPT; 16931da177e4SLinus Torvalds 16941f466e1fSChristoph Hellwig msg.msg_control_is_user = true; 16951f466e1fSChristoph Hellwig msg.msg_control_user = optval; 16961da177e4SLinus Torvalds msg.msg_controllen = len; 1697b6238c04SChristoph Hellwig msg.msg_flags = in_compat_syscall() ? MSG_CMSG_COMPAT : 0; 16981da177e4SLinus Torvalds 16991da177e4SLinus Torvalds if (inet->cmsg_flags & IP_CMSG_PKTINFO) { 17001da177e4SLinus Torvalds struct in_pktinfo info; 17011da177e4SLinus Torvalds 1702c720c7e8SEric Dumazet info.ipi_addr.s_addr = inet->inet_rcv_saddr; 1703c720c7e8SEric Dumazet info.ipi_spec_dst.s_addr = inet->inet_rcv_saddr; 17041da177e4SLinus Torvalds info.ipi_ifindex = inet->mc_index; 17051da177e4SLinus Torvalds put_cmsg(&msg, SOL_IP, IP_PKTINFO, sizeof(info), &info); 17061da177e4SLinus Torvalds } 17071da177e4SLinus Torvalds if (inet->cmsg_flags & IP_CMSG_TTL) { 17081da177e4SLinus Torvalds int hlim = inet->mc_ttl; 17091da177e4SLinus Torvalds put_cmsg(&msg, SOL_IP, IP_TTL, sizeof(hlim), &hlim); 17101da177e4SLinus Torvalds } 17114c507d28SJiri Benc if (inet->cmsg_flags & IP_CMSG_TOS) { 17124c507d28SJiri Benc int tos = inet->rcv_tos; 17134c507d28SJiri Benc put_cmsg(&msg, SOL_IP, IP_TOS, sizeof(tos), &tos); 17144c507d28SJiri Benc } 17151da177e4SLinus Torvalds len -= msg.msg_controllen; 17161da177e4SLinus Torvalds return put_user(len, optlen); 17171da177e4SLinus Torvalds } 17181da177e4SLinus Torvalds case IP_FREEBIND: 17191da177e4SLinus Torvalds val = inet->freebind; 17201da177e4SLinus Torvalds break; 1721f5715aeaSKOVACS Krisztian case IP_TRANSPARENT: 1722f5715aeaSKOVACS Krisztian val = inet->transparent; 1723f5715aeaSKOVACS Krisztian break; 1724d218d111SStephen Hemminger case IP_MINTTL: 1725d218d111SStephen Hemminger val = inet->min_ttl; 1726d218d111SStephen Hemminger break; 17271da177e4SLinus Torvalds default: 17281da177e4SLinus Torvalds release_sock(sk); 17291da177e4SLinus Torvalds return -ENOPROTOOPT; 17301da177e4SLinus Torvalds } 17311da177e4SLinus Torvalds release_sock(sk); 17321da177e4SLinus Torvalds 1733951e07c9SDavid S. Miller if (len < sizeof(int) && len > 0 && val >= 0 && val <= 255) { 17341da177e4SLinus Torvalds unsigned char ucval = (unsigned char)val; 17351da177e4SLinus Torvalds len = 1; 17361da177e4SLinus Torvalds if (put_user(len, optlen)) 17371da177e4SLinus Torvalds return -EFAULT; 17381da177e4SLinus Torvalds if (copy_to_user(optval, &ucval, 1)) 17391da177e4SLinus Torvalds return -EFAULT; 17401da177e4SLinus Torvalds } else { 17411da177e4SLinus Torvalds len = min_t(unsigned int, sizeof(int), len); 17421da177e4SLinus Torvalds if (put_user(len, optlen)) 17431da177e4SLinus Torvalds return -EFAULT; 17441da177e4SLinus Torvalds if (copy_to_user(optval, &val, len)) 17451da177e4SLinus Torvalds return -EFAULT; 17461da177e4SLinus Torvalds } 17471da177e4SLinus Torvalds return 0; 174887e9f031SWANG Cong 174987e9f031SWANG Cong out: 175087e9f031SWANG Cong release_sock(sk); 175187e9f031SWANG Cong if (needs_rtnl) 175287e9f031SWANG Cong rtnl_unlock(); 175387e9f031SWANG Cong return err; 17541da177e4SLinus Torvalds } 17551da177e4SLinus Torvalds 17563fdadf7dSDmitry Mishin int ip_getsockopt(struct sock *sk, int level, 17573fdadf7dSDmitry Mishin int optname, char __user *optval, int __user *optlen) 17583fdadf7dSDmitry Mishin { 17593fdadf7dSDmitry Mishin int err; 17603fdadf7dSDmitry Mishin 1761b6238c04SChristoph Hellwig err = do_ip_getsockopt(sk, level, optname, optval, optlen); 1762b6238c04SChristoph Hellwig 176397adaddaSTaehee Yoo #if IS_ENABLED(CONFIG_BPFILTER_UMH) 1764d2ba09c1SAlexei Starovoitov if (optname >= BPFILTER_IPT_SO_GET_INFO && 1765d2ba09c1SAlexei Starovoitov optname < BPFILTER_IPT_GET_MAX) 1766d2ba09c1SAlexei Starovoitov err = bpfilter_ip_get_sockopt(sk, optname, optval, optlen); 1767d2ba09c1SAlexei Starovoitov #endif 17683fdadf7dSDmitry Mishin #ifdef CONFIG_NETFILTER 17693fdadf7dSDmitry Mishin /* we need to exclude all possible ENOPROTOOPTs except default case */ 17706a9fb947SPavel Emelyanov if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS && 17716a9fb947SPavel Emelyanov !ip_mroute_opt(optname)) { 17723fdadf7dSDmitry Mishin int len; 17733fdadf7dSDmitry Mishin 17743fdadf7dSDmitry Mishin if (get_user(len, optlen)) 17753fdadf7dSDmitry Mishin return -EFAULT; 17763fdadf7dSDmitry Mishin 177701ea306fSPaolo Abeni err = nf_getsockopt(sk, PF_INET, optname, optval, &len); 17783fdadf7dSDmitry Mishin if (err >= 0) 17793fdadf7dSDmitry Mishin err = put_user(len, optlen); 17803fdadf7dSDmitry Mishin return err; 17813fdadf7dSDmitry Mishin } 17823fdadf7dSDmitry Mishin #endif 17833fdadf7dSDmitry Mishin return err; 17843fdadf7dSDmitry Mishin } 17854d52cfbeSEric Dumazet EXPORT_SYMBOL(ip_getsockopt); 1786