1 /* 2 * INET An implementation of the TCP/IP protocol suite for the LINUX 3 * operating system. INET is implemented using the BSD Socket 4 * interface as the means of communication with the user level. 5 * 6 * The IP to API glue. 7 * 8 * Version: $Id: ip_sockglue.c,v 1.62 2002/02/01 22:01:04 davem Exp $ 9 * 10 * Authors: see ip.c 11 * 12 * Fixes: 13 * Many : Split from ip.c , see ip.c for history. 14 * Martin Mares : TOS setting fixed. 15 * Alan Cox : Fixed a couple of oopses in Martin's 16 * TOS tweaks. 17 * Mike McLagan : Routing by source 18 */ 19 20 #include <linux/module.h> 21 #include <linux/types.h> 22 #include <linux/mm.h> 23 #include <linux/sched.h> 24 #include <linux/skbuff.h> 25 #include <linux/ip.h> 26 #include <linux/icmp.h> 27 #include <linux/inetdevice.h> 28 #include <linux/netdevice.h> 29 #include <net/sock.h> 30 #include <net/ip.h> 31 #include <net/icmp.h> 32 #include <net/tcp_states.h> 33 #include <linux/udp.h> 34 #include <linux/igmp.h> 35 #include <linux/netfilter.h> 36 #include <linux/route.h> 37 #include <linux/mroute.h> 38 #include <net/route.h> 39 #include <net/xfrm.h> 40 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 41 #include <net/transp_v6.h> 42 #endif 43 44 #include <linux/errqueue.h> 45 #include <asm/uaccess.h> 46 47 #define IP_CMSG_PKTINFO 1 48 #define IP_CMSG_TTL 2 49 #define IP_CMSG_TOS 4 50 #define IP_CMSG_RECVOPTS 8 51 #define IP_CMSG_RETOPTS 16 52 #define IP_CMSG_PASSSEC 32 53 54 /* 55 * SOL_IP control messages. 56 */ 57 58 static void ip_cmsg_recv_pktinfo(struct msghdr *msg, struct sk_buff *skb) 59 { 60 struct in_pktinfo info; 61 struct rtable *rt = (struct rtable *)skb->dst; 62 63 info.ipi_addr.s_addr = skb->nh.iph->daddr; 64 if (rt) { 65 info.ipi_ifindex = rt->rt_iif; 66 info.ipi_spec_dst.s_addr = rt->rt_spec_dst; 67 } else { 68 info.ipi_ifindex = 0; 69 info.ipi_spec_dst.s_addr = 0; 70 } 71 72 put_cmsg(msg, SOL_IP, IP_PKTINFO, sizeof(info), &info); 73 } 74 75 static void ip_cmsg_recv_ttl(struct msghdr *msg, struct sk_buff *skb) 76 { 77 int ttl = skb->nh.iph->ttl; 78 put_cmsg(msg, SOL_IP, IP_TTL, sizeof(int), &ttl); 79 } 80 81 static void ip_cmsg_recv_tos(struct msghdr *msg, struct sk_buff *skb) 82 { 83 put_cmsg(msg, SOL_IP, IP_TOS, 1, &skb->nh.iph->tos); 84 } 85 86 static void ip_cmsg_recv_opts(struct msghdr *msg, struct sk_buff *skb) 87 { 88 if (IPCB(skb)->opt.optlen == 0) 89 return; 90 91 put_cmsg(msg, SOL_IP, IP_RECVOPTS, IPCB(skb)->opt.optlen, skb->nh.iph+1); 92 } 93 94 95 static void ip_cmsg_recv_retopts(struct msghdr *msg, struct sk_buff *skb) 96 { 97 unsigned char optbuf[sizeof(struct ip_options) + 40]; 98 struct ip_options * opt = (struct ip_options*)optbuf; 99 100 if (IPCB(skb)->opt.optlen == 0) 101 return; 102 103 if (ip_options_echo(opt, skb)) { 104 msg->msg_flags |= MSG_CTRUNC; 105 return; 106 } 107 ip_options_undo(opt); 108 109 put_cmsg(msg, SOL_IP, IP_RETOPTS, opt->optlen, opt->__data); 110 } 111 112 static void ip_cmsg_recv_security(struct msghdr *msg, struct sk_buff *skb) 113 { 114 char *secdata; 115 u32 seclen; 116 int err; 117 118 err = security_socket_getpeersec_dgram(skb, &secdata, &seclen); 119 if (err) 120 return; 121 122 put_cmsg(msg, SOL_IP, SCM_SECURITY, seclen, secdata); 123 } 124 125 126 void ip_cmsg_recv(struct msghdr *msg, struct sk_buff *skb) 127 { 128 struct inet_sock *inet = inet_sk(skb->sk); 129 unsigned flags = inet->cmsg_flags; 130 131 /* Ordered by supposed usage frequency */ 132 if (flags & 1) 133 ip_cmsg_recv_pktinfo(msg, skb); 134 if ((flags>>=1) == 0) 135 return; 136 137 if (flags & 1) 138 ip_cmsg_recv_ttl(msg, skb); 139 if ((flags>>=1) == 0) 140 return; 141 142 if (flags & 1) 143 ip_cmsg_recv_tos(msg, skb); 144 if ((flags>>=1) == 0) 145 return; 146 147 if (flags & 1) 148 ip_cmsg_recv_opts(msg, skb); 149 if ((flags>>=1) == 0) 150 return; 151 152 if (flags & 1) 153 ip_cmsg_recv_retopts(msg, skb); 154 if ((flags>>=1) == 0) 155 return; 156 157 if (flags & 1) 158 ip_cmsg_recv_security(msg, skb); 159 } 160 161 int ip_cmsg_send(struct msghdr *msg, struct ipcm_cookie *ipc) 162 { 163 int err; 164 struct cmsghdr *cmsg; 165 166 for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) { 167 if (!CMSG_OK(msg, cmsg)) 168 return -EINVAL; 169 if (cmsg->cmsg_level != SOL_IP) 170 continue; 171 switch (cmsg->cmsg_type) { 172 case IP_RETOPTS: 173 err = cmsg->cmsg_len - CMSG_ALIGN(sizeof(struct cmsghdr)); 174 err = ip_options_get(&ipc->opt, CMSG_DATA(cmsg), err < 40 ? err : 40); 175 if (err) 176 return err; 177 break; 178 case IP_PKTINFO: 179 { 180 struct in_pktinfo *info; 181 if (cmsg->cmsg_len != CMSG_LEN(sizeof(struct in_pktinfo))) 182 return -EINVAL; 183 info = (struct in_pktinfo *)CMSG_DATA(cmsg); 184 ipc->oif = info->ipi_ifindex; 185 ipc->addr = info->ipi_spec_dst.s_addr; 186 break; 187 } 188 default: 189 return -EINVAL; 190 } 191 } 192 return 0; 193 } 194 195 196 /* Special input handler for packets caught by router alert option. 197 They are selected only by protocol field, and then processed likely 198 local ones; but only if someone wants them! Otherwise, router 199 not running rsvpd will kill RSVP. 200 201 It is user level problem, what it will make with them. 202 I have no idea, how it will masquearde or NAT them (it is joke, joke :-)), 203 but receiver should be enough clever f.e. to forward mtrace requests, 204 sent to multicast group to reach destination designated router. 205 */ 206 struct ip_ra_chain *ip_ra_chain; 207 DEFINE_RWLOCK(ip_ra_lock); 208 209 int ip_ra_control(struct sock *sk, unsigned char on, void (*destructor)(struct sock *)) 210 { 211 struct ip_ra_chain *ra, *new_ra, **rap; 212 213 if (sk->sk_type != SOCK_RAW || inet_sk(sk)->num == IPPROTO_RAW) 214 return -EINVAL; 215 216 new_ra = on ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL; 217 218 write_lock_bh(&ip_ra_lock); 219 for (rap = &ip_ra_chain; (ra=*rap) != NULL; rap = &ra->next) { 220 if (ra->sk == sk) { 221 if (on) { 222 write_unlock_bh(&ip_ra_lock); 223 kfree(new_ra); 224 return -EADDRINUSE; 225 } 226 *rap = ra->next; 227 write_unlock_bh(&ip_ra_lock); 228 229 if (ra->destructor) 230 ra->destructor(sk); 231 sock_put(sk); 232 kfree(ra); 233 return 0; 234 } 235 } 236 if (new_ra == NULL) { 237 write_unlock_bh(&ip_ra_lock); 238 return -ENOBUFS; 239 } 240 new_ra->sk = sk; 241 new_ra->destructor = destructor; 242 243 new_ra->next = ra; 244 *rap = new_ra; 245 sock_hold(sk); 246 write_unlock_bh(&ip_ra_lock); 247 248 return 0; 249 } 250 251 void ip_icmp_error(struct sock *sk, struct sk_buff *skb, int err, 252 u16 port, u32 info, u8 *payload) 253 { 254 struct inet_sock *inet = inet_sk(sk); 255 struct sock_exterr_skb *serr; 256 257 if (!inet->recverr) 258 return; 259 260 skb = skb_clone(skb, GFP_ATOMIC); 261 if (!skb) 262 return; 263 264 serr = SKB_EXT_ERR(skb); 265 serr->ee.ee_errno = err; 266 serr->ee.ee_origin = SO_EE_ORIGIN_ICMP; 267 serr->ee.ee_type = skb->h.icmph->type; 268 serr->ee.ee_code = skb->h.icmph->code; 269 serr->ee.ee_pad = 0; 270 serr->ee.ee_info = info; 271 serr->ee.ee_data = 0; 272 serr->addr_offset = (u8*)&(((struct iphdr*)(skb->h.icmph+1))->daddr) - skb->nh.raw; 273 serr->port = port; 274 275 skb->h.raw = payload; 276 if (!skb_pull(skb, payload - skb->data) || 277 sock_queue_err_skb(sk, skb)) 278 kfree_skb(skb); 279 } 280 281 void ip_local_error(struct sock *sk, int err, u32 daddr, u16 port, u32 info) 282 { 283 struct inet_sock *inet = inet_sk(sk); 284 struct sock_exterr_skb *serr; 285 struct iphdr *iph; 286 struct sk_buff *skb; 287 288 if (!inet->recverr) 289 return; 290 291 skb = alloc_skb(sizeof(struct iphdr), GFP_ATOMIC); 292 if (!skb) 293 return; 294 295 iph = (struct iphdr*)skb_put(skb, sizeof(struct iphdr)); 296 skb->nh.iph = iph; 297 iph->daddr = daddr; 298 299 serr = SKB_EXT_ERR(skb); 300 serr->ee.ee_errno = err; 301 serr->ee.ee_origin = SO_EE_ORIGIN_LOCAL; 302 serr->ee.ee_type = 0; 303 serr->ee.ee_code = 0; 304 serr->ee.ee_pad = 0; 305 serr->ee.ee_info = info; 306 serr->ee.ee_data = 0; 307 serr->addr_offset = (u8*)&iph->daddr - skb->nh.raw; 308 serr->port = port; 309 310 skb->h.raw = skb->tail; 311 __skb_pull(skb, skb->tail - skb->data); 312 313 if (sock_queue_err_skb(sk, skb)) 314 kfree_skb(skb); 315 } 316 317 /* 318 * Handle MSG_ERRQUEUE 319 */ 320 int ip_recv_error(struct sock *sk, struct msghdr *msg, int len) 321 { 322 struct sock_exterr_skb *serr; 323 struct sk_buff *skb, *skb2; 324 struct sockaddr_in *sin; 325 struct { 326 struct sock_extended_err ee; 327 struct sockaddr_in offender; 328 } errhdr; 329 int err; 330 int copied; 331 332 err = -EAGAIN; 333 skb = skb_dequeue(&sk->sk_error_queue); 334 if (skb == NULL) 335 goto out; 336 337 copied = skb->len; 338 if (copied > len) { 339 msg->msg_flags |= MSG_TRUNC; 340 copied = len; 341 } 342 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); 343 if (err) 344 goto out_free_skb; 345 346 sock_recv_timestamp(msg, sk, skb); 347 348 serr = SKB_EXT_ERR(skb); 349 350 sin = (struct sockaddr_in *)msg->msg_name; 351 if (sin) { 352 sin->sin_family = AF_INET; 353 sin->sin_addr.s_addr = *(u32*)(skb->nh.raw + serr->addr_offset); 354 sin->sin_port = serr->port; 355 memset(&sin->sin_zero, 0, sizeof(sin->sin_zero)); 356 } 357 358 memcpy(&errhdr.ee, &serr->ee, sizeof(struct sock_extended_err)); 359 sin = &errhdr.offender; 360 sin->sin_family = AF_UNSPEC; 361 if (serr->ee.ee_origin == SO_EE_ORIGIN_ICMP) { 362 struct inet_sock *inet = inet_sk(sk); 363 364 sin->sin_family = AF_INET; 365 sin->sin_addr.s_addr = skb->nh.iph->saddr; 366 sin->sin_port = 0; 367 memset(&sin->sin_zero, 0, sizeof(sin->sin_zero)); 368 if (inet->cmsg_flags) 369 ip_cmsg_recv(msg, skb); 370 } 371 372 put_cmsg(msg, SOL_IP, IP_RECVERR, sizeof(errhdr), &errhdr); 373 374 /* Now we could try to dump offended packet options */ 375 376 msg->msg_flags |= MSG_ERRQUEUE; 377 err = copied; 378 379 /* Reset and regenerate socket error */ 380 spin_lock_bh(&sk->sk_error_queue.lock); 381 sk->sk_err = 0; 382 if ((skb2 = skb_peek(&sk->sk_error_queue)) != NULL) { 383 sk->sk_err = SKB_EXT_ERR(skb2)->ee.ee_errno; 384 spin_unlock_bh(&sk->sk_error_queue.lock); 385 sk->sk_error_report(sk); 386 } else 387 spin_unlock_bh(&sk->sk_error_queue.lock); 388 389 out_free_skb: 390 kfree_skb(skb); 391 out: 392 return err; 393 } 394 395 396 /* 397 * Socket option code for IP. This is the end of the line after any TCP,UDP etc options on 398 * an IP socket. 399 */ 400 401 static int do_ip_setsockopt(struct sock *sk, int level, 402 int optname, char __user *optval, int optlen) 403 { 404 struct inet_sock *inet = inet_sk(sk); 405 int val=0,err; 406 407 if (((1<<optname) & ((1<<IP_PKTINFO) | (1<<IP_RECVTTL) | 408 (1<<IP_RECVOPTS) | (1<<IP_RECVTOS) | 409 (1<<IP_RETOPTS) | (1<<IP_TOS) | 410 (1<<IP_TTL) | (1<<IP_HDRINCL) | 411 (1<<IP_MTU_DISCOVER) | (1<<IP_RECVERR) | 412 (1<<IP_ROUTER_ALERT) | (1<<IP_FREEBIND) | 413 (1<<IP_PASSSEC))) || 414 optname == IP_MULTICAST_TTL || 415 optname == IP_MULTICAST_LOOP) { 416 if (optlen >= sizeof(int)) { 417 if (get_user(val, (int __user *) optval)) 418 return -EFAULT; 419 } else if (optlen >= sizeof(char)) { 420 unsigned char ucval; 421 422 if (get_user(ucval, (unsigned char __user *) optval)) 423 return -EFAULT; 424 val = (int) ucval; 425 } 426 } 427 428 /* If optlen==0, it is equivalent to val == 0 */ 429 430 #ifdef CONFIG_IP_MROUTE 431 if (optname >= MRT_BASE && optname <= (MRT_BASE + 10)) 432 return ip_mroute_setsockopt(sk,optname,optval,optlen); 433 #endif 434 435 err = 0; 436 lock_sock(sk); 437 438 switch (optname) { 439 case IP_OPTIONS: 440 { 441 struct ip_options * opt = NULL; 442 if (optlen > 40 || optlen < 0) 443 goto e_inval; 444 err = ip_options_get_from_user(&opt, optval, optlen); 445 if (err) 446 break; 447 if (inet->is_icsk) { 448 struct inet_connection_sock *icsk = inet_csk(sk); 449 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 450 if (sk->sk_family == PF_INET || 451 (!((1 << sk->sk_state) & 452 (TCPF_LISTEN | TCPF_CLOSE)) && 453 inet->daddr != LOOPBACK4_IPV6)) { 454 #endif 455 if (inet->opt) 456 icsk->icsk_ext_hdr_len -= inet->opt->optlen; 457 if (opt) 458 icsk->icsk_ext_hdr_len += opt->optlen; 459 icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie); 460 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 461 } 462 #endif 463 } 464 opt = xchg(&inet->opt, opt); 465 kfree(opt); 466 break; 467 } 468 case IP_PKTINFO: 469 if (val) 470 inet->cmsg_flags |= IP_CMSG_PKTINFO; 471 else 472 inet->cmsg_flags &= ~IP_CMSG_PKTINFO; 473 break; 474 case IP_RECVTTL: 475 if (val) 476 inet->cmsg_flags |= IP_CMSG_TTL; 477 else 478 inet->cmsg_flags &= ~IP_CMSG_TTL; 479 break; 480 case IP_RECVTOS: 481 if (val) 482 inet->cmsg_flags |= IP_CMSG_TOS; 483 else 484 inet->cmsg_flags &= ~IP_CMSG_TOS; 485 break; 486 case IP_RECVOPTS: 487 if (val) 488 inet->cmsg_flags |= IP_CMSG_RECVOPTS; 489 else 490 inet->cmsg_flags &= ~IP_CMSG_RECVOPTS; 491 break; 492 case IP_RETOPTS: 493 if (val) 494 inet->cmsg_flags |= IP_CMSG_RETOPTS; 495 else 496 inet->cmsg_flags &= ~IP_CMSG_RETOPTS; 497 break; 498 case IP_PASSSEC: 499 if (val) 500 inet->cmsg_flags |= IP_CMSG_PASSSEC; 501 else 502 inet->cmsg_flags &= ~IP_CMSG_PASSSEC; 503 break; 504 case IP_TOS: /* This sets both TOS and Precedence */ 505 if (sk->sk_type == SOCK_STREAM) { 506 val &= ~3; 507 val |= inet->tos & 3; 508 } 509 if (IPTOS_PREC(val) >= IPTOS_PREC_CRITIC_ECP && 510 !capable(CAP_NET_ADMIN)) { 511 err = -EPERM; 512 break; 513 } 514 if (inet->tos != val) { 515 inet->tos = val; 516 sk->sk_priority = rt_tos2priority(val); 517 sk_dst_reset(sk); 518 } 519 break; 520 case IP_TTL: 521 if (optlen<1) 522 goto e_inval; 523 if (val != -1 && (val < 1 || val>255)) 524 goto e_inval; 525 inet->uc_ttl = val; 526 break; 527 case IP_HDRINCL: 528 if (sk->sk_type != SOCK_RAW) { 529 err = -ENOPROTOOPT; 530 break; 531 } 532 inet->hdrincl = val ? 1 : 0; 533 break; 534 case IP_MTU_DISCOVER: 535 if (val<0 || val>2) 536 goto e_inval; 537 inet->pmtudisc = val; 538 break; 539 case IP_RECVERR: 540 inet->recverr = !!val; 541 if (!val) 542 skb_queue_purge(&sk->sk_error_queue); 543 break; 544 case IP_MULTICAST_TTL: 545 if (sk->sk_type == SOCK_STREAM) 546 goto e_inval; 547 if (optlen<1) 548 goto e_inval; 549 if (val==-1) 550 val = 1; 551 if (val < 0 || val > 255) 552 goto e_inval; 553 inet->mc_ttl = val; 554 break; 555 case IP_MULTICAST_LOOP: 556 if (optlen<1) 557 goto e_inval; 558 inet->mc_loop = !!val; 559 break; 560 case IP_MULTICAST_IF: 561 { 562 struct ip_mreqn mreq; 563 struct net_device *dev = NULL; 564 565 if (sk->sk_type == SOCK_STREAM) 566 goto e_inval; 567 /* 568 * Check the arguments are allowable 569 */ 570 571 err = -EFAULT; 572 if (optlen >= sizeof(struct ip_mreqn)) { 573 if (copy_from_user(&mreq,optval,sizeof(mreq))) 574 break; 575 } else { 576 memset(&mreq, 0, sizeof(mreq)); 577 if (optlen >= sizeof(struct in_addr) && 578 copy_from_user(&mreq.imr_address,optval,sizeof(struct in_addr))) 579 break; 580 } 581 582 if (!mreq.imr_ifindex) { 583 if (mreq.imr_address.s_addr == INADDR_ANY) { 584 inet->mc_index = 0; 585 inet->mc_addr = 0; 586 err = 0; 587 break; 588 } 589 dev = ip_dev_find(mreq.imr_address.s_addr); 590 if (dev) { 591 mreq.imr_ifindex = dev->ifindex; 592 dev_put(dev); 593 } 594 } else 595 dev = __dev_get_by_index(mreq.imr_ifindex); 596 597 598 err = -EADDRNOTAVAIL; 599 if (!dev) 600 break; 601 602 err = -EINVAL; 603 if (sk->sk_bound_dev_if && 604 mreq.imr_ifindex != sk->sk_bound_dev_if) 605 break; 606 607 inet->mc_index = mreq.imr_ifindex; 608 inet->mc_addr = mreq.imr_address.s_addr; 609 err = 0; 610 break; 611 } 612 613 case IP_ADD_MEMBERSHIP: 614 case IP_DROP_MEMBERSHIP: 615 { 616 struct ip_mreqn mreq; 617 618 if (optlen < sizeof(struct ip_mreq)) 619 goto e_inval; 620 err = -EFAULT; 621 if (optlen >= sizeof(struct ip_mreqn)) { 622 if(copy_from_user(&mreq,optval,sizeof(mreq))) 623 break; 624 } else { 625 memset(&mreq, 0, sizeof(mreq)); 626 if (copy_from_user(&mreq,optval,sizeof(struct ip_mreq))) 627 break; 628 } 629 630 if (optname == IP_ADD_MEMBERSHIP) 631 err = ip_mc_join_group(sk, &mreq); 632 else 633 err = ip_mc_leave_group(sk, &mreq); 634 break; 635 } 636 case IP_MSFILTER: 637 { 638 extern int sysctl_igmp_max_msf; 639 struct ip_msfilter *msf; 640 641 if (optlen < IP_MSFILTER_SIZE(0)) 642 goto e_inval; 643 if (optlen > sysctl_optmem_max) { 644 err = -ENOBUFS; 645 break; 646 } 647 msf = kmalloc(optlen, GFP_KERNEL); 648 if (msf == 0) { 649 err = -ENOBUFS; 650 break; 651 } 652 err = -EFAULT; 653 if (copy_from_user(msf, optval, optlen)) { 654 kfree(msf); 655 break; 656 } 657 /* numsrc >= (1G-4) overflow in 32 bits */ 658 if (msf->imsf_numsrc >= 0x3ffffffcU || 659 msf->imsf_numsrc > sysctl_igmp_max_msf) { 660 kfree(msf); 661 err = -ENOBUFS; 662 break; 663 } 664 if (IP_MSFILTER_SIZE(msf->imsf_numsrc) > optlen) { 665 kfree(msf); 666 err = -EINVAL; 667 break; 668 } 669 err = ip_mc_msfilter(sk, msf, 0); 670 kfree(msf); 671 break; 672 } 673 case IP_BLOCK_SOURCE: 674 case IP_UNBLOCK_SOURCE: 675 case IP_ADD_SOURCE_MEMBERSHIP: 676 case IP_DROP_SOURCE_MEMBERSHIP: 677 { 678 struct ip_mreq_source mreqs; 679 int omode, add; 680 681 if (optlen != sizeof(struct ip_mreq_source)) 682 goto e_inval; 683 if (copy_from_user(&mreqs, optval, sizeof(mreqs))) { 684 err = -EFAULT; 685 break; 686 } 687 if (optname == IP_BLOCK_SOURCE) { 688 omode = MCAST_EXCLUDE; 689 add = 1; 690 } else if (optname == IP_UNBLOCK_SOURCE) { 691 omode = MCAST_EXCLUDE; 692 add = 0; 693 } else if (optname == IP_ADD_SOURCE_MEMBERSHIP) { 694 struct ip_mreqn mreq; 695 696 mreq.imr_multiaddr.s_addr = mreqs.imr_multiaddr; 697 mreq.imr_address.s_addr = mreqs.imr_interface; 698 mreq.imr_ifindex = 0; 699 err = ip_mc_join_group(sk, &mreq); 700 if (err && err != -EADDRINUSE) 701 break; 702 omode = MCAST_INCLUDE; 703 add = 1; 704 } else /* IP_DROP_SOURCE_MEMBERSHIP */ { 705 omode = MCAST_INCLUDE; 706 add = 0; 707 } 708 err = ip_mc_source(add, omode, sk, &mreqs, 0); 709 break; 710 } 711 case MCAST_JOIN_GROUP: 712 case MCAST_LEAVE_GROUP: 713 { 714 struct group_req greq; 715 struct sockaddr_in *psin; 716 struct ip_mreqn mreq; 717 718 if (optlen < sizeof(struct group_req)) 719 goto e_inval; 720 err = -EFAULT; 721 if(copy_from_user(&greq, optval, sizeof(greq))) 722 break; 723 psin = (struct sockaddr_in *)&greq.gr_group; 724 if (psin->sin_family != AF_INET) 725 goto e_inval; 726 memset(&mreq, 0, sizeof(mreq)); 727 mreq.imr_multiaddr = psin->sin_addr; 728 mreq.imr_ifindex = greq.gr_interface; 729 730 if (optname == MCAST_JOIN_GROUP) 731 err = ip_mc_join_group(sk, &mreq); 732 else 733 err = ip_mc_leave_group(sk, &mreq); 734 break; 735 } 736 case MCAST_JOIN_SOURCE_GROUP: 737 case MCAST_LEAVE_SOURCE_GROUP: 738 case MCAST_BLOCK_SOURCE: 739 case MCAST_UNBLOCK_SOURCE: 740 { 741 struct group_source_req greqs; 742 struct ip_mreq_source mreqs; 743 struct sockaddr_in *psin; 744 int omode, add; 745 746 if (optlen != sizeof(struct group_source_req)) 747 goto e_inval; 748 if (copy_from_user(&greqs, optval, sizeof(greqs))) { 749 err = -EFAULT; 750 break; 751 } 752 if (greqs.gsr_group.ss_family != AF_INET || 753 greqs.gsr_source.ss_family != AF_INET) { 754 err = -EADDRNOTAVAIL; 755 break; 756 } 757 psin = (struct sockaddr_in *)&greqs.gsr_group; 758 mreqs.imr_multiaddr = psin->sin_addr.s_addr; 759 psin = (struct sockaddr_in *)&greqs.gsr_source; 760 mreqs.imr_sourceaddr = psin->sin_addr.s_addr; 761 mreqs.imr_interface = 0; /* use index for mc_source */ 762 763 if (optname == MCAST_BLOCK_SOURCE) { 764 omode = MCAST_EXCLUDE; 765 add = 1; 766 } else if (optname == MCAST_UNBLOCK_SOURCE) { 767 omode = MCAST_EXCLUDE; 768 add = 0; 769 } else if (optname == MCAST_JOIN_SOURCE_GROUP) { 770 struct ip_mreqn mreq; 771 772 psin = (struct sockaddr_in *)&greqs.gsr_group; 773 mreq.imr_multiaddr = psin->sin_addr; 774 mreq.imr_address.s_addr = 0; 775 mreq.imr_ifindex = greqs.gsr_interface; 776 err = ip_mc_join_group(sk, &mreq); 777 if (err && err != -EADDRINUSE) 778 break; 779 greqs.gsr_interface = mreq.imr_ifindex; 780 omode = MCAST_INCLUDE; 781 add = 1; 782 } else /* MCAST_LEAVE_SOURCE_GROUP */ { 783 omode = MCAST_INCLUDE; 784 add = 0; 785 } 786 err = ip_mc_source(add, omode, sk, &mreqs, 787 greqs.gsr_interface); 788 break; 789 } 790 case MCAST_MSFILTER: 791 { 792 extern int sysctl_igmp_max_msf; 793 struct sockaddr_in *psin; 794 struct ip_msfilter *msf = NULL; 795 struct group_filter *gsf = NULL; 796 int msize, i, ifindex; 797 798 if (optlen < GROUP_FILTER_SIZE(0)) 799 goto e_inval; 800 if (optlen > sysctl_optmem_max) { 801 err = -ENOBUFS; 802 break; 803 } 804 gsf = kmalloc(optlen,GFP_KERNEL); 805 if (gsf == 0) { 806 err = -ENOBUFS; 807 break; 808 } 809 err = -EFAULT; 810 if (copy_from_user(gsf, optval, optlen)) { 811 goto mc_msf_out; 812 } 813 /* numsrc >= (4G-140)/128 overflow in 32 bits */ 814 if (gsf->gf_numsrc >= 0x1ffffff || 815 gsf->gf_numsrc > sysctl_igmp_max_msf) { 816 err = -ENOBUFS; 817 goto mc_msf_out; 818 } 819 if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) { 820 err = -EINVAL; 821 goto mc_msf_out; 822 } 823 msize = IP_MSFILTER_SIZE(gsf->gf_numsrc); 824 msf = kmalloc(msize,GFP_KERNEL); 825 if (msf == 0) { 826 err = -ENOBUFS; 827 goto mc_msf_out; 828 } 829 ifindex = gsf->gf_interface; 830 psin = (struct sockaddr_in *)&gsf->gf_group; 831 if (psin->sin_family != AF_INET) { 832 err = -EADDRNOTAVAIL; 833 goto mc_msf_out; 834 } 835 msf->imsf_multiaddr = psin->sin_addr.s_addr; 836 msf->imsf_interface = 0; 837 msf->imsf_fmode = gsf->gf_fmode; 838 msf->imsf_numsrc = gsf->gf_numsrc; 839 err = -EADDRNOTAVAIL; 840 for (i=0; i<gsf->gf_numsrc; ++i) { 841 psin = (struct sockaddr_in *)&gsf->gf_slist[i]; 842 843 if (psin->sin_family != AF_INET) 844 goto mc_msf_out; 845 msf->imsf_slist[i] = psin->sin_addr.s_addr; 846 } 847 kfree(gsf); 848 gsf = NULL; 849 850 err = ip_mc_msfilter(sk, msf, ifindex); 851 mc_msf_out: 852 kfree(msf); 853 kfree(gsf); 854 break; 855 } 856 case IP_ROUTER_ALERT: 857 err = ip_ra_control(sk, val ? 1 : 0, NULL); 858 break; 859 860 case IP_FREEBIND: 861 if (optlen<1) 862 goto e_inval; 863 inet->freebind = !!val; 864 break; 865 866 case IP_IPSEC_POLICY: 867 case IP_XFRM_POLICY: 868 err = -EPERM; 869 if (!capable(CAP_NET_ADMIN)) 870 break; 871 err = xfrm_user_policy(sk, optname, optval, optlen); 872 break; 873 874 default: 875 err = -ENOPROTOOPT; 876 break; 877 } 878 release_sock(sk); 879 return err; 880 881 e_inval: 882 release_sock(sk); 883 return -EINVAL; 884 } 885 886 int ip_setsockopt(struct sock *sk, int level, 887 int optname, char __user *optval, int optlen) 888 { 889 int err; 890 891 if (level != SOL_IP) 892 return -ENOPROTOOPT; 893 894 err = do_ip_setsockopt(sk, level, optname, optval, optlen); 895 #ifdef CONFIG_NETFILTER 896 /* we need to exclude all possible ENOPROTOOPTs except default case */ 897 if (err == -ENOPROTOOPT && optname != IP_HDRINCL && 898 optname != IP_IPSEC_POLICY && optname != IP_XFRM_POLICY 899 #ifdef CONFIG_IP_MROUTE 900 && (optname < MRT_BASE || optname > (MRT_BASE + 10)) 901 #endif 902 ) { 903 lock_sock(sk); 904 err = nf_setsockopt(sk, PF_INET, optname, optval, optlen); 905 release_sock(sk); 906 } 907 #endif 908 return err; 909 } 910 911 #ifdef CONFIG_COMPAT 912 int compat_ip_setsockopt(struct sock *sk, int level, int optname, 913 char __user *optval, int optlen) 914 { 915 int err; 916 917 if (level != SOL_IP) 918 return -ENOPROTOOPT; 919 920 err = do_ip_setsockopt(sk, level, optname, optval, optlen); 921 #ifdef CONFIG_NETFILTER 922 /* we need to exclude all possible ENOPROTOOPTs except default case */ 923 if (err == -ENOPROTOOPT && optname != IP_HDRINCL && 924 optname != IP_IPSEC_POLICY && optname != IP_XFRM_POLICY 925 #ifdef CONFIG_IP_MROUTE 926 && (optname < MRT_BASE || optname > (MRT_BASE + 10)) 927 #endif 928 ) { 929 lock_sock(sk); 930 err = compat_nf_setsockopt(sk, PF_INET, optname, 931 optval, optlen); 932 release_sock(sk); 933 } 934 #endif 935 return err; 936 } 937 938 EXPORT_SYMBOL(compat_ip_setsockopt); 939 #endif 940 941 /* 942 * Get the options. Note for future reference. The GET of IP options gets the 943 * _received_ ones. The set sets the _sent_ ones. 944 */ 945 946 static int do_ip_getsockopt(struct sock *sk, int level, int optname, 947 char __user *optval, int __user *optlen) 948 { 949 struct inet_sock *inet = inet_sk(sk); 950 int val; 951 int len; 952 953 if(level!=SOL_IP) 954 return -EOPNOTSUPP; 955 956 #ifdef CONFIG_IP_MROUTE 957 if(optname>=MRT_BASE && optname <=MRT_BASE+10) 958 { 959 return ip_mroute_getsockopt(sk,optname,optval,optlen); 960 } 961 #endif 962 963 if(get_user(len,optlen)) 964 return -EFAULT; 965 if(len < 0) 966 return -EINVAL; 967 968 lock_sock(sk); 969 970 switch(optname) { 971 case IP_OPTIONS: 972 { 973 unsigned char optbuf[sizeof(struct ip_options)+40]; 974 struct ip_options * opt = (struct ip_options*)optbuf; 975 opt->optlen = 0; 976 if (inet->opt) 977 memcpy(optbuf, inet->opt, 978 sizeof(struct ip_options)+ 979 inet->opt->optlen); 980 release_sock(sk); 981 982 if (opt->optlen == 0) 983 return put_user(0, optlen); 984 985 ip_options_undo(opt); 986 987 len = min_t(unsigned int, len, opt->optlen); 988 if(put_user(len, optlen)) 989 return -EFAULT; 990 if(copy_to_user(optval, opt->__data, len)) 991 return -EFAULT; 992 return 0; 993 } 994 case IP_PKTINFO: 995 val = (inet->cmsg_flags & IP_CMSG_PKTINFO) != 0; 996 break; 997 case IP_RECVTTL: 998 val = (inet->cmsg_flags & IP_CMSG_TTL) != 0; 999 break; 1000 case IP_RECVTOS: 1001 val = (inet->cmsg_flags & IP_CMSG_TOS) != 0; 1002 break; 1003 case IP_RECVOPTS: 1004 val = (inet->cmsg_flags & IP_CMSG_RECVOPTS) != 0; 1005 break; 1006 case IP_RETOPTS: 1007 val = (inet->cmsg_flags & IP_CMSG_RETOPTS) != 0; 1008 break; 1009 case IP_PASSSEC: 1010 val = (inet->cmsg_flags & IP_CMSG_PASSSEC) != 0; 1011 break; 1012 case IP_TOS: 1013 val = inet->tos; 1014 break; 1015 case IP_TTL: 1016 val = (inet->uc_ttl == -1 ? 1017 sysctl_ip_default_ttl : 1018 inet->uc_ttl); 1019 break; 1020 case IP_HDRINCL: 1021 val = inet->hdrincl; 1022 break; 1023 case IP_MTU_DISCOVER: 1024 val = inet->pmtudisc; 1025 break; 1026 case IP_MTU: 1027 { 1028 struct dst_entry *dst; 1029 val = 0; 1030 dst = sk_dst_get(sk); 1031 if (dst) { 1032 val = dst_mtu(dst); 1033 dst_release(dst); 1034 } 1035 if (!val) { 1036 release_sock(sk); 1037 return -ENOTCONN; 1038 } 1039 break; 1040 } 1041 case IP_RECVERR: 1042 val = inet->recverr; 1043 break; 1044 case IP_MULTICAST_TTL: 1045 val = inet->mc_ttl; 1046 break; 1047 case IP_MULTICAST_LOOP: 1048 val = inet->mc_loop; 1049 break; 1050 case IP_MULTICAST_IF: 1051 { 1052 struct in_addr addr; 1053 len = min_t(unsigned int, len, sizeof(struct in_addr)); 1054 addr.s_addr = inet->mc_addr; 1055 release_sock(sk); 1056 1057 if(put_user(len, optlen)) 1058 return -EFAULT; 1059 if(copy_to_user(optval, &addr, len)) 1060 return -EFAULT; 1061 return 0; 1062 } 1063 case IP_MSFILTER: 1064 { 1065 struct ip_msfilter msf; 1066 int err; 1067 1068 if (len < IP_MSFILTER_SIZE(0)) { 1069 release_sock(sk); 1070 return -EINVAL; 1071 } 1072 if (copy_from_user(&msf, optval, IP_MSFILTER_SIZE(0))) { 1073 release_sock(sk); 1074 return -EFAULT; 1075 } 1076 err = ip_mc_msfget(sk, &msf, 1077 (struct ip_msfilter __user *)optval, optlen); 1078 release_sock(sk); 1079 return err; 1080 } 1081 case MCAST_MSFILTER: 1082 { 1083 struct group_filter gsf; 1084 int err; 1085 1086 if (len < GROUP_FILTER_SIZE(0)) { 1087 release_sock(sk); 1088 return -EINVAL; 1089 } 1090 if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0))) { 1091 release_sock(sk); 1092 return -EFAULT; 1093 } 1094 err = ip_mc_gsfget(sk, &gsf, 1095 (struct group_filter __user *)optval, optlen); 1096 release_sock(sk); 1097 return err; 1098 } 1099 case IP_PKTOPTIONS: 1100 { 1101 struct msghdr msg; 1102 1103 release_sock(sk); 1104 1105 if (sk->sk_type != SOCK_STREAM) 1106 return -ENOPROTOOPT; 1107 1108 msg.msg_control = optval; 1109 msg.msg_controllen = len; 1110 msg.msg_flags = 0; 1111 1112 if (inet->cmsg_flags & IP_CMSG_PKTINFO) { 1113 struct in_pktinfo info; 1114 1115 info.ipi_addr.s_addr = inet->rcv_saddr; 1116 info.ipi_spec_dst.s_addr = inet->rcv_saddr; 1117 info.ipi_ifindex = inet->mc_index; 1118 put_cmsg(&msg, SOL_IP, IP_PKTINFO, sizeof(info), &info); 1119 } 1120 if (inet->cmsg_flags & IP_CMSG_TTL) { 1121 int hlim = inet->mc_ttl; 1122 put_cmsg(&msg, SOL_IP, IP_TTL, sizeof(hlim), &hlim); 1123 } 1124 len -= msg.msg_controllen; 1125 return put_user(len, optlen); 1126 } 1127 case IP_FREEBIND: 1128 val = inet->freebind; 1129 break; 1130 default: 1131 release_sock(sk); 1132 return -ENOPROTOOPT; 1133 } 1134 release_sock(sk); 1135 1136 if (len < sizeof(int) && len > 0 && val>=0 && val<255) { 1137 unsigned char ucval = (unsigned char)val; 1138 len = 1; 1139 if(put_user(len, optlen)) 1140 return -EFAULT; 1141 if(copy_to_user(optval,&ucval,1)) 1142 return -EFAULT; 1143 } else { 1144 len = min_t(unsigned int, sizeof(int), len); 1145 if(put_user(len, optlen)) 1146 return -EFAULT; 1147 if(copy_to_user(optval,&val,len)) 1148 return -EFAULT; 1149 } 1150 return 0; 1151 } 1152 1153 int ip_getsockopt(struct sock *sk, int level, 1154 int optname, char __user *optval, int __user *optlen) 1155 { 1156 int err; 1157 1158 err = do_ip_getsockopt(sk, level, optname, optval, optlen); 1159 #ifdef CONFIG_NETFILTER 1160 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1161 if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS 1162 #ifdef CONFIG_IP_MROUTE 1163 && (optname < MRT_BASE || optname > MRT_BASE+10) 1164 #endif 1165 ) { 1166 int len; 1167 1168 if(get_user(len,optlen)) 1169 return -EFAULT; 1170 1171 lock_sock(sk); 1172 err = nf_getsockopt(sk, PF_INET, optname, optval, 1173 &len); 1174 release_sock(sk); 1175 if (err >= 0) 1176 err = put_user(len, optlen); 1177 return err; 1178 } 1179 #endif 1180 return err; 1181 } 1182 1183 #ifdef CONFIG_COMPAT 1184 int compat_ip_getsockopt(struct sock *sk, int level, int optname, 1185 char __user *optval, int __user *optlen) 1186 { 1187 int err = do_ip_getsockopt(sk, level, optname, optval, optlen); 1188 #ifdef CONFIG_NETFILTER 1189 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1190 if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS 1191 #ifdef CONFIG_IP_MROUTE 1192 && (optname < MRT_BASE || optname > MRT_BASE+10) 1193 #endif 1194 ) { 1195 int len; 1196 1197 if (get_user(len, optlen)) 1198 return -EFAULT; 1199 1200 lock_sock(sk); 1201 err = compat_nf_getsockopt(sk, PF_INET, optname, optval, &len); 1202 release_sock(sk); 1203 if (err >= 0) 1204 err = put_user(len, optlen); 1205 return err; 1206 } 1207 #endif 1208 return err; 1209 } 1210 1211 EXPORT_SYMBOL(compat_ip_getsockopt); 1212 #endif 1213 1214 EXPORT_SYMBOL(ip_cmsg_recv); 1215 1216 EXPORT_SYMBOL(ip_getsockopt); 1217 EXPORT_SYMBOL(ip_setsockopt); 1218