1 /* 2 * INET An implementation of the TCP/IP protocol suite for the LINUX 3 * operating system. INET is implemented using the BSD Socket 4 * interface as the means of communication with the user level. 5 * 6 * The IP to API glue. 7 * 8 * Version: $Id: ip_sockglue.c,v 1.62 2002/02/01 22:01:04 davem Exp $ 9 * 10 * Authors: see ip.c 11 * 12 * Fixes: 13 * Many : Split from ip.c , see ip.c for history. 14 * Martin Mares : TOS setting fixed. 15 * Alan Cox : Fixed a couple of oopses in Martin's 16 * TOS tweaks. 17 * Mike McLagan : Routing by source 18 */ 19 20 #include <linux/config.h> 21 #include <linux/module.h> 22 #include <linux/types.h> 23 #include <linux/mm.h> 24 #include <linux/sched.h> 25 #include <linux/skbuff.h> 26 #include <linux/ip.h> 27 #include <linux/icmp.h> 28 #include <linux/inetdevice.h> 29 #include <linux/netdevice.h> 30 #include <net/sock.h> 31 #include <net/ip.h> 32 #include <net/icmp.h> 33 #include <net/tcp_states.h> 34 #include <linux/udp.h> 35 #include <linux/igmp.h> 36 #include <linux/netfilter.h> 37 #include <linux/route.h> 38 #include <linux/mroute.h> 39 #include <net/route.h> 40 #include <net/xfrm.h> 41 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 42 #include <net/transp_v6.h> 43 #endif 44 45 #include <linux/errqueue.h> 46 #include <asm/uaccess.h> 47 48 #define IP_CMSG_PKTINFO 1 49 #define IP_CMSG_TTL 2 50 #define IP_CMSG_TOS 4 51 #define IP_CMSG_RECVOPTS 8 52 #define IP_CMSG_RETOPTS 16 53 #define IP_CMSG_PASSSEC 32 54 55 /* 56 * SOL_IP control messages. 57 */ 58 59 static void ip_cmsg_recv_pktinfo(struct msghdr *msg, struct sk_buff *skb) 60 { 61 struct in_pktinfo info; 62 struct rtable *rt = (struct rtable *)skb->dst; 63 64 info.ipi_addr.s_addr = skb->nh.iph->daddr; 65 if (rt) { 66 info.ipi_ifindex = rt->rt_iif; 67 info.ipi_spec_dst.s_addr = rt->rt_spec_dst; 68 } else { 69 info.ipi_ifindex = 0; 70 info.ipi_spec_dst.s_addr = 0; 71 } 72 73 put_cmsg(msg, SOL_IP, IP_PKTINFO, sizeof(info), &info); 74 } 75 76 static void ip_cmsg_recv_ttl(struct msghdr *msg, struct sk_buff *skb) 77 { 78 int ttl = skb->nh.iph->ttl; 79 put_cmsg(msg, SOL_IP, IP_TTL, sizeof(int), &ttl); 80 } 81 82 static void ip_cmsg_recv_tos(struct msghdr *msg, struct sk_buff *skb) 83 { 84 put_cmsg(msg, SOL_IP, IP_TOS, 1, &skb->nh.iph->tos); 85 } 86 87 static void ip_cmsg_recv_opts(struct msghdr *msg, struct sk_buff *skb) 88 { 89 if (IPCB(skb)->opt.optlen == 0) 90 return; 91 92 put_cmsg(msg, SOL_IP, IP_RECVOPTS, IPCB(skb)->opt.optlen, skb->nh.iph+1); 93 } 94 95 96 static void ip_cmsg_recv_retopts(struct msghdr *msg, struct sk_buff *skb) 97 { 98 unsigned char optbuf[sizeof(struct ip_options) + 40]; 99 struct ip_options * opt = (struct ip_options*)optbuf; 100 101 if (IPCB(skb)->opt.optlen == 0) 102 return; 103 104 if (ip_options_echo(opt, skb)) { 105 msg->msg_flags |= MSG_CTRUNC; 106 return; 107 } 108 ip_options_undo(opt); 109 110 put_cmsg(msg, SOL_IP, IP_RETOPTS, opt->optlen, opt->__data); 111 } 112 113 static void ip_cmsg_recv_security(struct msghdr *msg, struct sk_buff *skb) 114 { 115 char *secdata; 116 u32 seclen; 117 int err; 118 119 err = security_socket_getpeersec_dgram(skb, &secdata, &seclen); 120 if (err) 121 return; 122 123 put_cmsg(msg, SOL_IP, SCM_SECURITY, seclen, secdata); 124 } 125 126 127 void ip_cmsg_recv(struct msghdr *msg, struct sk_buff *skb) 128 { 129 struct inet_sock *inet = inet_sk(skb->sk); 130 unsigned flags = inet->cmsg_flags; 131 132 /* Ordered by supposed usage frequency */ 133 if (flags & 1) 134 ip_cmsg_recv_pktinfo(msg, skb); 135 if ((flags>>=1) == 0) 136 return; 137 138 if (flags & 1) 139 ip_cmsg_recv_ttl(msg, skb); 140 if ((flags>>=1) == 0) 141 return; 142 143 if (flags & 1) 144 ip_cmsg_recv_tos(msg, skb); 145 if ((flags>>=1) == 0) 146 return; 147 148 if (flags & 1) 149 ip_cmsg_recv_opts(msg, skb); 150 if ((flags>>=1) == 0) 151 return; 152 153 if (flags & 1) 154 ip_cmsg_recv_retopts(msg, skb); 155 if ((flags>>=1) == 0) 156 return; 157 158 if (flags & 1) 159 ip_cmsg_recv_security(msg, skb); 160 } 161 162 int ip_cmsg_send(struct msghdr *msg, struct ipcm_cookie *ipc) 163 { 164 int err; 165 struct cmsghdr *cmsg; 166 167 for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) { 168 if (!CMSG_OK(msg, cmsg)) 169 return -EINVAL; 170 if (cmsg->cmsg_level != SOL_IP) 171 continue; 172 switch (cmsg->cmsg_type) { 173 case IP_RETOPTS: 174 err = cmsg->cmsg_len - CMSG_ALIGN(sizeof(struct cmsghdr)); 175 err = ip_options_get(&ipc->opt, CMSG_DATA(cmsg), err < 40 ? err : 40); 176 if (err) 177 return err; 178 break; 179 case IP_PKTINFO: 180 { 181 struct in_pktinfo *info; 182 if (cmsg->cmsg_len != CMSG_LEN(sizeof(struct in_pktinfo))) 183 return -EINVAL; 184 info = (struct in_pktinfo *)CMSG_DATA(cmsg); 185 ipc->oif = info->ipi_ifindex; 186 ipc->addr = info->ipi_spec_dst.s_addr; 187 break; 188 } 189 default: 190 return -EINVAL; 191 } 192 } 193 return 0; 194 } 195 196 197 /* Special input handler for packets caught by router alert option. 198 They are selected only by protocol field, and then processed likely 199 local ones; but only if someone wants them! Otherwise, router 200 not running rsvpd will kill RSVP. 201 202 It is user level problem, what it will make with them. 203 I have no idea, how it will masquearde or NAT them (it is joke, joke :-)), 204 but receiver should be enough clever f.e. to forward mtrace requests, 205 sent to multicast group to reach destination designated router. 206 */ 207 struct ip_ra_chain *ip_ra_chain; 208 DEFINE_RWLOCK(ip_ra_lock); 209 210 int ip_ra_control(struct sock *sk, unsigned char on, void (*destructor)(struct sock *)) 211 { 212 struct ip_ra_chain *ra, *new_ra, **rap; 213 214 if (sk->sk_type != SOCK_RAW || inet_sk(sk)->num == IPPROTO_RAW) 215 return -EINVAL; 216 217 new_ra = on ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL; 218 219 write_lock_bh(&ip_ra_lock); 220 for (rap = &ip_ra_chain; (ra=*rap) != NULL; rap = &ra->next) { 221 if (ra->sk == sk) { 222 if (on) { 223 write_unlock_bh(&ip_ra_lock); 224 kfree(new_ra); 225 return -EADDRINUSE; 226 } 227 *rap = ra->next; 228 write_unlock_bh(&ip_ra_lock); 229 230 if (ra->destructor) 231 ra->destructor(sk); 232 sock_put(sk); 233 kfree(ra); 234 return 0; 235 } 236 } 237 if (new_ra == NULL) { 238 write_unlock_bh(&ip_ra_lock); 239 return -ENOBUFS; 240 } 241 new_ra->sk = sk; 242 new_ra->destructor = destructor; 243 244 new_ra->next = ra; 245 *rap = new_ra; 246 sock_hold(sk); 247 write_unlock_bh(&ip_ra_lock); 248 249 return 0; 250 } 251 252 void ip_icmp_error(struct sock *sk, struct sk_buff *skb, int err, 253 u16 port, u32 info, u8 *payload) 254 { 255 struct inet_sock *inet = inet_sk(sk); 256 struct sock_exterr_skb *serr; 257 258 if (!inet->recverr) 259 return; 260 261 skb = skb_clone(skb, GFP_ATOMIC); 262 if (!skb) 263 return; 264 265 serr = SKB_EXT_ERR(skb); 266 serr->ee.ee_errno = err; 267 serr->ee.ee_origin = SO_EE_ORIGIN_ICMP; 268 serr->ee.ee_type = skb->h.icmph->type; 269 serr->ee.ee_code = skb->h.icmph->code; 270 serr->ee.ee_pad = 0; 271 serr->ee.ee_info = info; 272 serr->ee.ee_data = 0; 273 serr->addr_offset = (u8*)&(((struct iphdr*)(skb->h.icmph+1))->daddr) - skb->nh.raw; 274 serr->port = port; 275 276 skb->h.raw = payload; 277 if (!skb_pull(skb, payload - skb->data) || 278 sock_queue_err_skb(sk, skb)) 279 kfree_skb(skb); 280 } 281 282 void ip_local_error(struct sock *sk, int err, u32 daddr, u16 port, u32 info) 283 { 284 struct inet_sock *inet = inet_sk(sk); 285 struct sock_exterr_skb *serr; 286 struct iphdr *iph; 287 struct sk_buff *skb; 288 289 if (!inet->recverr) 290 return; 291 292 skb = alloc_skb(sizeof(struct iphdr), GFP_ATOMIC); 293 if (!skb) 294 return; 295 296 iph = (struct iphdr*)skb_put(skb, sizeof(struct iphdr)); 297 skb->nh.iph = iph; 298 iph->daddr = daddr; 299 300 serr = SKB_EXT_ERR(skb); 301 serr->ee.ee_errno = err; 302 serr->ee.ee_origin = SO_EE_ORIGIN_LOCAL; 303 serr->ee.ee_type = 0; 304 serr->ee.ee_code = 0; 305 serr->ee.ee_pad = 0; 306 serr->ee.ee_info = info; 307 serr->ee.ee_data = 0; 308 serr->addr_offset = (u8*)&iph->daddr - skb->nh.raw; 309 serr->port = port; 310 311 skb->h.raw = skb->tail; 312 __skb_pull(skb, skb->tail - skb->data); 313 314 if (sock_queue_err_skb(sk, skb)) 315 kfree_skb(skb); 316 } 317 318 /* 319 * Handle MSG_ERRQUEUE 320 */ 321 int ip_recv_error(struct sock *sk, struct msghdr *msg, int len) 322 { 323 struct sock_exterr_skb *serr; 324 struct sk_buff *skb, *skb2; 325 struct sockaddr_in *sin; 326 struct { 327 struct sock_extended_err ee; 328 struct sockaddr_in offender; 329 } errhdr; 330 int err; 331 int copied; 332 333 err = -EAGAIN; 334 skb = skb_dequeue(&sk->sk_error_queue); 335 if (skb == NULL) 336 goto out; 337 338 copied = skb->len; 339 if (copied > len) { 340 msg->msg_flags |= MSG_TRUNC; 341 copied = len; 342 } 343 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); 344 if (err) 345 goto out_free_skb; 346 347 sock_recv_timestamp(msg, sk, skb); 348 349 serr = SKB_EXT_ERR(skb); 350 351 sin = (struct sockaddr_in *)msg->msg_name; 352 if (sin) { 353 sin->sin_family = AF_INET; 354 sin->sin_addr.s_addr = *(u32*)(skb->nh.raw + serr->addr_offset); 355 sin->sin_port = serr->port; 356 memset(&sin->sin_zero, 0, sizeof(sin->sin_zero)); 357 } 358 359 memcpy(&errhdr.ee, &serr->ee, sizeof(struct sock_extended_err)); 360 sin = &errhdr.offender; 361 sin->sin_family = AF_UNSPEC; 362 if (serr->ee.ee_origin == SO_EE_ORIGIN_ICMP) { 363 struct inet_sock *inet = inet_sk(sk); 364 365 sin->sin_family = AF_INET; 366 sin->sin_addr.s_addr = skb->nh.iph->saddr; 367 sin->sin_port = 0; 368 memset(&sin->sin_zero, 0, sizeof(sin->sin_zero)); 369 if (inet->cmsg_flags) 370 ip_cmsg_recv(msg, skb); 371 } 372 373 put_cmsg(msg, SOL_IP, IP_RECVERR, sizeof(errhdr), &errhdr); 374 375 /* Now we could try to dump offended packet options */ 376 377 msg->msg_flags |= MSG_ERRQUEUE; 378 err = copied; 379 380 /* Reset and regenerate socket error */ 381 spin_lock_bh(&sk->sk_error_queue.lock); 382 sk->sk_err = 0; 383 if ((skb2 = skb_peek(&sk->sk_error_queue)) != NULL) { 384 sk->sk_err = SKB_EXT_ERR(skb2)->ee.ee_errno; 385 spin_unlock_bh(&sk->sk_error_queue.lock); 386 sk->sk_error_report(sk); 387 } else 388 spin_unlock_bh(&sk->sk_error_queue.lock); 389 390 out_free_skb: 391 kfree_skb(skb); 392 out: 393 return err; 394 } 395 396 397 /* 398 * Socket option code for IP. This is the end of the line after any TCP,UDP etc options on 399 * an IP socket. 400 */ 401 402 static int do_ip_setsockopt(struct sock *sk, int level, 403 int optname, char __user *optval, int optlen) 404 { 405 struct inet_sock *inet = inet_sk(sk); 406 int val=0,err; 407 408 if (((1<<optname) & ((1<<IP_PKTINFO) | (1<<IP_RECVTTL) | 409 (1<<IP_RECVOPTS) | (1<<IP_RECVTOS) | 410 (1<<IP_RETOPTS) | (1<<IP_TOS) | 411 (1<<IP_TTL) | (1<<IP_HDRINCL) | 412 (1<<IP_MTU_DISCOVER) | (1<<IP_RECVERR) | 413 (1<<IP_ROUTER_ALERT) | (1<<IP_FREEBIND) | 414 (1<<IP_PASSSEC))) || 415 optname == IP_MULTICAST_TTL || 416 optname == IP_MULTICAST_LOOP) { 417 if (optlen >= sizeof(int)) { 418 if (get_user(val, (int __user *) optval)) 419 return -EFAULT; 420 } else if (optlen >= sizeof(char)) { 421 unsigned char ucval; 422 423 if (get_user(ucval, (unsigned char __user *) optval)) 424 return -EFAULT; 425 val = (int) ucval; 426 } 427 } 428 429 /* If optlen==0, it is equivalent to val == 0 */ 430 431 #ifdef CONFIG_IP_MROUTE 432 if (optname >= MRT_BASE && optname <= (MRT_BASE + 10)) 433 return ip_mroute_setsockopt(sk,optname,optval,optlen); 434 #endif 435 436 err = 0; 437 lock_sock(sk); 438 439 switch (optname) { 440 case IP_OPTIONS: 441 { 442 struct ip_options * opt = NULL; 443 if (optlen > 40 || optlen < 0) 444 goto e_inval; 445 err = ip_options_get_from_user(&opt, optval, optlen); 446 if (err) 447 break; 448 if (inet->is_icsk) { 449 struct inet_connection_sock *icsk = inet_csk(sk); 450 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 451 if (sk->sk_family == PF_INET || 452 (!((1 << sk->sk_state) & 453 (TCPF_LISTEN | TCPF_CLOSE)) && 454 inet->daddr != LOOPBACK4_IPV6)) { 455 #endif 456 if (inet->opt) 457 icsk->icsk_ext_hdr_len -= inet->opt->optlen; 458 if (opt) 459 icsk->icsk_ext_hdr_len += opt->optlen; 460 icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie); 461 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 462 } 463 #endif 464 } 465 opt = xchg(&inet->opt, opt); 466 kfree(opt); 467 break; 468 } 469 case IP_PKTINFO: 470 if (val) 471 inet->cmsg_flags |= IP_CMSG_PKTINFO; 472 else 473 inet->cmsg_flags &= ~IP_CMSG_PKTINFO; 474 break; 475 case IP_RECVTTL: 476 if (val) 477 inet->cmsg_flags |= IP_CMSG_TTL; 478 else 479 inet->cmsg_flags &= ~IP_CMSG_TTL; 480 break; 481 case IP_RECVTOS: 482 if (val) 483 inet->cmsg_flags |= IP_CMSG_TOS; 484 else 485 inet->cmsg_flags &= ~IP_CMSG_TOS; 486 break; 487 case IP_RECVOPTS: 488 if (val) 489 inet->cmsg_flags |= IP_CMSG_RECVOPTS; 490 else 491 inet->cmsg_flags &= ~IP_CMSG_RECVOPTS; 492 break; 493 case IP_RETOPTS: 494 if (val) 495 inet->cmsg_flags |= IP_CMSG_RETOPTS; 496 else 497 inet->cmsg_flags &= ~IP_CMSG_RETOPTS; 498 break; 499 case IP_PASSSEC: 500 if (val) 501 inet->cmsg_flags |= IP_CMSG_PASSSEC; 502 else 503 inet->cmsg_flags &= ~IP_CMSG_PASSSEC; 504 break; 505 case IP_TOS: /* This sets both TOS and Precedence */ 506 if (sk->sk_type == SOCK_STREAM) { 507 val &= ~3; 508 val |= inet->tos & 3; 509 } 510 if (IPTOS_PREC(val) >= IPTOS_PREC_CRITIC_ECP && 511 !capable(CAP_NET_ADMIN)) { 512 err = -EPERM; 513 break; 514 } 515 if (inet->tos != val) { 516 inet->tos = val; 517 sk->sk_priority = rt_tos2priority(val); 518 sk_dst_reset(sk); 519 } 520 break; 521 case IP_TTL: 522 if (optlen<1) 523 goto e_inval; 524 if (val != -1 && (val < 1 || val>255)) 525 goto e_inval; 526 inet->uc_ttl = val; 527 break; 528 case IP_HDRINCL: 529 if (sk->sk_type != SOCK_RAW) { 530 err = -ENOPROTOOPT; 531 break; 532 } 533 inet->hdrincl = val ? 1 : 0; 534 break; 535 case IP_MTU_DISCOVER: 536 if (val<0 || val>2) 537 goto e_inval; 538 inet->pmtudisc = val; 539 break; 540 case IP_RECVERR: 541 inet->recverr = !!val; 542 if (!val) 543 skb_queue_purge(&sk->sk_error_queue); 544 break; 545 case IP_MULTICAST_TTL: 546 if (sk->sk_type == SOCK_STREAM) 547 goto e_inval; 548 if (optlen<1) 549 goto e_inval; 550 if (val==-1) 551 val = 1; 552 if (val < 0 || val > 255) 553 goto e_inval; 554 inet->mc_ttl = val; 555 break; 556 case IP_MULTICAST_LOOP: 557 if (optlen<1) 558 goto e_inval; 559 inet->mc_loop = !!val; 560 break; 561 case IP_MULTICAST_IF: 562 { 563 struct ip_mreqn mreq; 564 struct net_device *dev = NULL; 565 566 if (sk->sk_type == SOCK_STREAM) 567 goto e_inval; 568 /* 569 * Check the arguments are allowable 570 */ 571 572 err = -EFAULT; 573 if (optlen >= sizeof(struct ip_mreqn)) { 574 if (copy_from_user(&mreq,optval,sizeof(mreq))) 575 break; 576 } else { 577 memset(&mreq, 0, sizeof(mreq)); 578 if (optlen >= sizeof(struct in_addr) && 579 copy_from_user(&mreq.imr_address,optval,sizeof(struct in_addr))) 580 break; 581 } 582 583 if (!mreq.imr_ifindex) { 584 if (mreq.imr_address.s_addr == INADDR_ANY) { 585 inet->mc_index = 0; 586 inet->mc_addr = 0; 587 err = 0; 588 break; 589 } 590 dev = ip_dev_find(mreq.imr_address.s_addr); 591 if (dev) { 592 mreq.imr_ifindex = dev->ifindex; 593 dev_put(dev); 594 } 595 } else 596 dev = __dev_get_by_index(mreq.imr_ifindex); 597 598 599 err = -EADDRNOTAVAIL; 600 if (!dev) 601 break; 602 603 err = -EINVAL; 604 if (sk->sk_bound_dev_if && 605 mreq.imr_ifindex != sk->sk_bound_dev_if) 606 break; 607 608 inet->mc_index = mreq.imr_ifindex; 609 inet->mc_addr = mreq.imr_address.s_addr; 610 err = 0; 611 break; 612 } 613 614 case IP_ADD_MEMBERSHIP: 615 case IP_DROP_MEMBERSHIP: 616 { 617 struct ip_mreqn mreq; 618 619 if (optlen < sizeof(struct ip_mreq)) 620 goto e_inval; 621 err = -EFAULT; 622 if (optlen >= sizeof(struct ip_mreqn)) { 623 if(copy_from_user(&mreq,optval,sizeof(mreq))) 624 break; 625 } else { 626 memset(&mreq, 0, sizeof(mreq)); 627 if (copy_from_user(&mreq,optval,sizeof(struct ip_mreq))) 628 break; 629 } 630 631 if (optname == IP_ADD_MEMBERSHIP) 632 err = ip_mc_join_group(sk, &mreq); 633 else 634 err = ip_mc_leave_group(sk, &mreq); 635 break; 636 } 637 case IP_MSFILTER: 638 { 639 extern int sysctl_igmp_max_msf; 640 struct ip_msfilter *msf; 641 642 if (optlen < IP_MSFILTER_SIZE(0)) 643 goto e_inval; 644 if (optlen > sysctl_optmem_max) { 645 err = -ENOBUFS; 646 break; 647 } 648 msf = kmalloc(optlen, GFP_KERNEL); 649 if (msf == 0) { 650 err = -ENOBUFS; 651 break; 652 } 653 err = -EFAULT; 654 if (copy_from_user(msf, optval, optlen)) { 655 kfree(msf); 656 break; 657 } 658 /* numsrc >= (1G-4) overflow in 32 bits */ 659 if (msf->imsf_numsrc >= 0x3ffffffcU || 660 msf->imsf_numsrc > sysctl_igmp_max_msf) { 661 kfree(msf); 662 err = -ENOBUFS; 663 break; 664 } 665 if (IP_MSFILTER_SIZE(msf->imsf_numsrc) > optlen) { 666 kfree(msf); 667 err = -EINVAL; 668 break; 669 } 670 err = ip_mc_msfilter(sk, msf, 0); 671 kfree(msf); 672 break; 673 } 674 case IP_BLOCK_SOURCE: 675 case IP_UNBLOCK_SOURCE: 676 case IP_ADD_SOURCE_MEMBERSHIP: 677 case IP_DROP_SOURCE_MEMBERSHIP: 678 { 679 struct ip_mreq_source mreqs; 680 int omode, add; 681 682 if (optlen != sizeof(struct ip_mreq_source)) 683 goto e_inval; 684 if (copy_from_user(&mreqs, optval, sizeof(mreqs))) { 685 err = -EFAULT; 686 break; 687 } 688 if (optname == IP_BLOCK_SOURCE) { 689 omode = MCAST_EXCLUDE; 690 add = 1; 691 } else if (optname == IP_UNBLOCK_SOURCE) { 692 omode = MCAST_EXCLUDE; 693 add = 0; 694 } else if (optname == IP_ADD_SOURCE_MEMBERSHIP) { 695 struct ip_mreqn mreq; 696 697 mreq.imr_multiaddr.s_addr = mreqs.imr_multiaddr; 698 mreq.imr_address.s_addr = mreqs.imr_interface; 699 mreq.imr_ifindex = 0; 700 err = ip_mc_join_group(sk, &mreq); 701 if (err && err != -EADDRINUSE) 702 break; 703 omode = MCAST_INCLUDE; 704 add = 1; 705 } else /* IP_DROP_SOURCE_MEMBERSHIP */ { 706 omode = MCAST_INCLUDE; 707 add = 0; 708 } 709 err = ip_mc_source(add, omode, sk, &mreqs, 0); 710 break; 711 } 712 case MCAST_JOIN_GROUP: 713 case MCAST_LEAVE_GROUP: 714 { 715 struct group_req greq; 716 struct sockaddr_in *psin; 717 struct ip_mreqn mreq; 718 719 if (optlen < sizeof(struct group_req)) 720 goto e_inval; 721 err = -EFAULT; 722 if(copy_from_user(&greq, optval, sizeof(greq))) 723 break; 724 psin = (struct sockaddr_in *)&greq.gr_group; 725 if (psin->sin_family != AF_INET) 726 goto e_inval; 727 memset(&mreq, 0, sizeof(mreq)); 728 mreq.imr_multiaddr = psin->sin_addr; 729 mreq.imr_ifindex = greq.gr_interface; 730 731 if (optname == MCAST_JOIN_GROUP) 732 err = ip_mc_join_group(sk, &mreq); 733 else 734 err = ip_mc_leave_group(sk, &mreq); 735 break; 736 } 737 case MCAST_JOIN_SOURCE_GROUP: 738 case MCAST_LEAVE_SOURCE_GROUP: 739 case MCAST_BLOCK_SOURCE: 740 case MCAST_UNBLOCK_SOURCE: 741 { 742 struct group_source_req greqs; 743 struct ip_mreq_source mreqs; 744 struct sockaddr_in *psin; 745 int omode, add; 746 747 if (optlen != sizeof(struct group_source_req)) 748 goto e_inval; 749 if (copy_from_user(&greqs, optval, sizeof(greqs))) { 750 err = -EFAULT; 751 break; 752 } 753 if (greqs.gsr_group.ss_family != AF_INET || 754 greqs.gsr_source.ss_family != AF_INET) { 755 err = -EADDRNOTAVAIL; 756 break; 757 } 758 psin = (struct sockaddr_in *)&greqs.gsr_group; 759 mreqs.imr_multiaddr = psin->sin_addr.s_addr; 760 psin = (struct sockaddr_in *)&greqs.gsr_source; 761 mreqs.imr_sourceaddr = psin->sin_addr.s_addr; 762 mreqs.imr_interface = 0; /* use index for mc_source */ 763 764 if (optname == MCAST_BLOCK_SOURCE) { 765 omode = MCAST_EXCLUDE; 766 add = 1; 767 } else if (optname == MCAST_UNBLOCK_SOURCE) { 768 omode = MCAST_EXCLUDE; 769 add = 0; 770 } else if (optname == MCAST_JOIN_SOURCE_GROUP) { 771 struct ip_mreqn mreq; 772 773 psin = (struct sockaddr_in *)&greqs.gsr_group; 774 mreq.imr_multiaddr = psin->sin_addr; 775 mreq.imr_address.s_addr = 0; 776 mreq.imr_ifindex = greqs.gsr_interface; 777 err = ip_mc_join_group(sk, &mreq); 778 if (err && err != -EADDRINUSE) 779 break; 780 greqs.gsr_interface = mreq.imr_ifindex; 781 omode = MCAST_INCLUDE; 782 add = 1; 783 } else /* MCAST_LEAVE_SOURCE_GROUP */ { 784 omode = MCAST_INCLUDE; 785 add = 0; 786 } 787 err = ip_mc_source(add, omode, sk, &mreqs, 788 greqs.gsr_interface); 789 break; 790 } 791 case MCAST_MSFILTER: 792 { 793 extern int sysctl_igmp_max_msf; 794 struct sockaddr_in *psin; 795 struct ip_msfilter *msf = NULL; 796 struct group_filter *gsf = NULL; 797 int msize, i, ifindex; 798 799 if (optlen < GROUP_FILTER_SIZE(0)) 800 goto e_inval; 801 if (optlen > sysctl_optmem_max) { 802 err = -ENOBUFS; 803 break; 804 } 805 gsf = kmalloc(optlen,GFP_KERNEL); 806 if (gsf == 0) { 807 err = -ENOBUFS; 808 break; 809 } 810 err = -EFAULT; 811 if (copy_from_user(gsf, optval, optlen)) { 812 goto mc_msf_out; 813 } 814 /* numsrc >= (4G-140)/128 overflow in 32 bits */ 815 if (gsf->gf_numsrc >= 0x1ffffff || 816 gsf->gf_numsrc > sysctl_igmp_max_msf) { 817 err = -ENOBUFS; 818 goto mc_msf_out; 819 } 820 if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) { 821 err = -EINVAL; 822 goto mc_msf_out; 823 } 824 msize = IP_MSFILTER_SIZE(gsf->gf_numsrc); 825 msf = kmalloc(msize,GFP_KERNEL); 826 if (msf == 0) { 827 err = -ENOBUFS; 828 goto mc_msf_out; 829 } 830 ifindex = gsf->gf_interface; 831 psin = (struct sockaddr_in *)&gsf->gf_group; 832 if (psin->sin_family != AF_INET) { 833 err = -EADDRNOTAVAIL; 834 goto mc_msf_out; 835 } 836 msf->imsf_multiaddr = psin->sin_addr.s_addr; 837 msf->imsf_interface = 0; 838 msf->imsf_fmode = gsf->gf_fmode; 839 msf->imsf_numsrc = gsf->gf_numsrc; 840 err = -EADDRNOTAVAIL; 841 for (i=0; i<gsf->gf_numsrc; ++i) { 842 psin = (struct sockaddr_in *)&gsf->gf_slist[i]; 843 844 if (psin->sin_family != AF_INET) 845 goto mc_msf_out; 846 msf->imsf_slist[i] = psin->sin_addr.s_addr; 847 } 848 kfree(gsf); 849 gsf = NULL; 850 851 err = ip_mc_msfilter(sk, msf, ifindex); 852 mc_msf_out: 853 kfree(msf); 854 kfree(gsf); 855 break; 856 } 857 case IP_ROUTER_ALERT: 858 err = ip_ra_control(sk, val ? 1 : 0, NULL); 859 break; 860 861 case IP_FREEBIND: 862 if (optlen<1) 863 goto e_inval; 864 inet->freebind = !!val; 865 break; 866 867 case IP_IPSEC_POLICY: 868 case IP_XFRM_POLICY: 869 err = -EPERM; 870 if (!capable(CAP_NET_ADMIN)) 871 break; 872 err = xfrm_user_policy(sk, optname, optval, optlen); 873 break; 874 875 default: 876 err = -ENOPROTOOPT; 877 break; 878 } 879 release_sock(sk); 880 return err; 881 882 e_inval: 883 release_sock(sk); 884 return -EINVAL; 885 } 886 887 int ip_setsockopt(struct sock *sk, int level, 888 int optname, char __user *optval, int optlen) 889 { 890 int err; 891 892 if (level != SOL_IP) 893 return -ENOPROTOOPT; 894 895 err = do_ip_setsockopt(sk, level, optname, optval, optlen); 896 #ifdef CONFIG_NETFILTER 897 /* we need to exclude all possible ENOPROTOOPTs except default case */ 898 if (err == -ENOPROTOOPT && optname != IP_HDRINCL && 899 optname != IP_IPSEC_POLICY && optname != IP_XFRM_POLICY 900 #ifdef CONFIG_IP_MROUTE 901 && (optname < MRT_BASE || optname > (MRT_BASE + 10)) 902 #endif 903 ) { 904 lock_sock(sk); 905 err = nf_setsockopt(sk, PF_INET, optname, optval, optlen); 906 release_sock(sk); 907 } 908 #endif 909 return err; 910 } 911 912 #ifdef CONFIG_COMPAT 913 int compat_ip_setsockopt(struct sock *sk, int level, int optname, 914 char __user *optval, int optlen) 915 { 916 int err; 917 918 if (level != SOL_IP) 919 return -ENOPROTOOPT; 920 921 err = do_ip_setsockopt(sk, level, optname, optval, optlen); 922 #ifdef CONFIG_NETFILTER 923 /* we need to exclude all possible ENOPROTOOPTs except default case */ 924 if (err == -ENOPROTOOPT && optname != IP_HDRINCL && 925 optname != IP_IPSEC_POLICY && optname != IP_XFRM_POLICY 926 #ifdef CONFIG_IP_MROUTE 927 && (optname < MRT_BASE || optname > (MRT_BASE + 10)) 928 #endif 929 ) { 930 lock_sock(sk); 931 err = compat_nf_setsockopt(sk, PF_INET, optname, 932 optval, optlen); 933 release_sock(sk); 934 } 935 #endif 936 return err; 937 } 938 939 EXPORT_SYMBOL(compat_ip_setsockopt); 940 #endif 941 942 /* 943 * Get the options. Note for future reference. The GET of IP options gets the 944 * _received_ ones. The set sets the _sent_ ones. 945 */ 946 947 static int do_ip_getsockopt(struct sock *sk, int level, int optname, 948 char __user *optval, int __user *optlen) 949 { 950 struct inet_sock *inet = inet_sk(sk); 951 int val; 952 int len; 953 954 if(level!=SOL_IP) 955 return -EOPNOTSUPP; 956 957 #ifdef CONFIG_IP_MROUTE 958 if(optname>=MRT_BASE && optname <=MRT_BASE+10) 959 { 960 return ip_mroute_getsockopt(sk,optname,optval,optlen); 961 } 962 #endif 963 964 if(get_user(len,optlen)) 965 return -EFAULT; 966 if(len < 0) 967 return -EINVAL; 968 969 lock_sock(sk); 970 971 switch(optname) { 972 case IP_OPTIONS: 973 { 974 unsigned char optbuf[sizeof(struct ip_options)+40]; 975 struct ip_options * opt = (struct ip_options*)optbuf; 976 opt->optlen = 0; 977 if (inet->opt) 978 memcpy(optbuf, inet->opt, 979 sizeof(struct ip_options)+ 980 inet->opt->optlen); 981 release_sock(sk); 982 983 if (opt->optlen == 0) 984 return put_user(0, optlen); 985 986 ip_options_undo(opt); 987 988 len = min_t(unsigned int, len, opt->optlen); 989 if(put_user(len, optlen)) 990 return -EFAULT; 991 if(copy_to_user(optval, opt->__data, len)) 992 return -EFAULT; 993 return 0; 994 } 995 case IP_PKTINFO: 996 val = (inet->cmsg_flags & IP_CMSG_PKTINFO) != 0; 997 break; 998 case IP_RECVTTL: 999 val = (inet->cmsg_flags & IP_CMSG_TTL) != 0; 1000 break; 1001 case IP_RECVTOS: 1002 val = (inet->cmsg_flags & IP_CMSG_TOS) != 0; 1003 break; 1004 case IP_RECVOPTS: 1005 val = (inet->cmsg_flags & IP_CMSG_RECVOPTS) != 0; 1006 break; 1007 case IP_RETOPTS: 1008 val = (inet->cmsg_flags & IP_CMSG_RETOPTS) != 0; 1009 break; 1010 case IP_PASSSEC: 1011 val = (inet->cmsg_flags & IP_CMSG_PASSSEC) != 0; 1012 break; 1013 case IP_TOS: 1014 val = inet->tos; 1015 break; 1016 case IP_TTL: 1017 val = (inet->uc_ttl == -1 ? 1018 sysctl_ip_default_ttl : 1019 inet->uc_ttl); 1020 break; 1021 case IP_HDRINCL: 1022 val = inet->hdrincl; 1023 break; 1024 case IP_MTU_DISCOVER: 1025 val = inet->pmtudisc; 1026 break; 1027 case IP_MTU: 1028 { 1029 struct dst_entry *dst; 1030 val = 0; 1031 dst = sk_dst_get(sk); 1032 if (dst) { 1033 val = dst_mtu(dst); 1034 dst_release(dst); 1035 } 1036 if (!val) { 1037 release_sock(sk); 1038 return -ENOTCONN; 1039 } 1040 break; 1041 } 1042 case IP_RECVERR: 1043 val = inet->recverr; 1044 break; 1045 case IP_MULTICAST_TTL: 1046 val = inet->mc_ttl; 1047 break; 1048 case IP_MULTICAST_LOOP: 1049 val = inet->mc_loop; 1050 break; 1051 case IP_MULTICAST_IF: 1052 { 1053 struct in_addr addr; 1054 len = min_t(unsigned int, len, sizeof(struct in_addr)); 1055 addr.s_addr = inet->mc_addr; 1056 release_sock(sk); 1057 1058 if(put_user(len, optlen)) 1059 return -EFAULT; 1060 if(copy_to_user(optval, &addr, len)) 1061 return -EFAULT; 1062 return 0; 1063 } 1064 case IP_MSFILTER: 1065 { 1066 struct ip_msfilter msf; 1067 int err; 1068 1069 if (len < IP_MSFILTER_SIZE(0)) { 1070 release_sock(sk); 1071 return -EINVAL; 1072 } 1073 if (copy_from_user(&msf, optval, IP_MSFILTER_SIZE(0))) { 1074 release_sock(sk); 1075 return -EFAULT; 1076 } 1077 err = ip_mc_msfget(sk, &msf, 1078 (struct ip_msfilter __user *)optval, optlen); 1079 release_sock(sk); 1080 return err; 1081 } 1082 case MCAST_MSFILTER: 1083 { 1084 struct group_filter gsf; 1085 int err; 1086 1087 if (len < GROUP_FILTER_SIZE(0)) { 1088 release_sock(sk); 1089 return -EINVAL; 1090 } 1091 if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0))) { 1092 release_sock(sk); 1093 return -EFAULT; 1094 } 1095 err = ip_mc_gsfget(sk, &gsf, 1096 (struct group_filter __user *)optval, optlen); 1097 release_sock(sk); 1098 return err; 1099 } 1100 case IP_PKTOPTIONS: 1101 { 1102 struct msghdr msg; 1103 1104 release_sock(sk); 1105 1106 if (sk->sk_type != SOCK_STREAM) 1107 return -ENOPROTOOPT; 1108 1109 msg.msg_control = optval; 1110 msg.msg_controllen = len; 1111 msg.msg_flags = 0; 1112 1113 if (inet->cmsg_flags & IP_CMSG_PKTINFO) { 1114 struct in_pktinfo info; 1115 1116 info.ipi_addr.s_addr = inet->rcv_saddr; 1117 info.ipi_spec_dst.s_addr = inet->rcv_saddr; 1118 info.ipi_ifindex = inet->mc_index; 1119 put_cmsg(&msg, SOL_IP, IP_PKTINFO, sizeof(info), &info); 1120 } 1121 if (inet->cmsg_flags & IP_CMSG_TTL) { 1122 int hlim = inet->mc_ttl; 1123 put_cmsg(&msg, SOL_IP, IP_TTL, sizeof(hlim), &hlim); 1124 } 1125 len -= msg.msg_controllen; 1126 return put_user(len, optlen); 1127 } 1128 case IP_FREEBIND: 1129 val = inet->freebind; 1130 break; 1131 default: 1132 release_sock(sk); 1133 return -ENOPROTOOPT; 1134 } 1135 release_sock(sk); 1136 1137 if (len < sizeof(int) && len > 0 && val>=0 && val<255) { 1138 unsigned char ucval = (unsigned char)val; 1139 len = 1; 1140 if(put_user(len, optlen)) 1141 return -EFAULT; 1142 if(copy_to_user(optval,&ucval,1)) 1143 return -EFAULT; 1144 } else { 1145 len = min_t(unsigned int, sizeof(int), len); 1146 if(put_user(len, optlen)) 1147 return -EFAULT; 1148 if(copy_to_user(optval,&val,len)) 1149 return -EFAULT; 1150 } 1151 return 0; 1152 } 1153 1154 int ip_getsockopt(struct sock *sk, int level, 1155 int optname, char __user *optval, int __user *optlen) 1156 { 1157 int err; 1158 1159 err = do_ip_getsockopt(sk, level, optname, optval, optlen); 1160 #ifdef CONFIG_NETFILTER 1161 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1162 if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS 1163 #ifdef CONFIG_IP_MROUTE 1164 && (optname < MRT_BASE || optname > MRT_BASE+10) 1165 #endif 1166 ) { 1167 int len; 1168 1169 if(get_user(len,optlen)) 1170 return -EFAULT; 1171 1172 lock_sock(sk); 1173 err = nf_getsockopt(sk, PF_INET, optname, optval, 1174 &len); 1175 release_sock(sk); 1176 if (err >= 0) 1177 err = put_user(len, optlen); 1178 return err; 1179 } 1180 #endif 1181 return err; 1182 } 1183 1184 #ifdef CONFIG_COMPAT 1185 int compat_ip_getsockopt(struct sock *sk, int level, int optname, 1186 char __user *optval, int __user *optlen) 1187 { 1188 int err = do_ip_getsockopt(sk, level, optname, optval, optlen); 1189 #ifdef CONFIG_NETFILTER 1190 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1191 if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS 1192 #ifdef CONFIG_IP_MROUTE 1193 && (optname < MRT_BASE || optname > MRT_BASE+10) 1194 #endif 1195 ) { 1196 int len; 1197 1198 if (get_user(len, optlen)) 1199 return -EFAULT; 1200 1201 lock_sock(sk); 1202 err = compat_nf_getsockopt(sk, PF_INET, optname, optval, &len); 1203 release_sock(sk); 1204 if (err >= 0) 1205 err = put_user(len, optlen); 1206 return err; 1207 } 1208 #endif 1209 return err; 1210 } 1211 1212 EXPORT_SYMBOL(compat_ip_getsockopt); 1213 #endif 1214 1215 EXPORT_SYMBOL(ip_cmsg_recv); 1216 1217 EXPORT_SYMBOL(ip_getsockopt); 1218 EXPORT_SYMBOL(ip_setsockopt); 1219