1 /* 2 * common UDP/RAW code 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * $Id: datagram.c,v 1.24 2002/02/01 22:01:04 davem Exp $ 9 * 10 * This program is free software; you can redistribute it and/or 11 * modify it under the terms of the GNU General Public License 12 * as published by the Free Software Foundation; either version 13 * 2 of the License, or (at your option) any later version. 14 */ 15 16 #include <linux/capability.h> 17 #include <linux/errno.h> 18 #include <linux/types.h> 19 #include <linux/kernel.h> 20 #include <linux/sched.h> 21 #include <linux/interrupt.h> 22 #include <linux/socket.h> 23 #include <linux/sockios.h> 24 #include <linux/in6.h> 25 #include <linux/ipv6.h> 26 #include <linux/route.h> 27 28 #include <net/ipv6.h> 29 #include <net/ndisc.h> 30 #include <net/addrconf.h> 31 #include <net/transp_v6.h> 32 #include <net/ip6_route.h> 33 #include <net/tcp_states.h> 34 35 #include <linux/errqueue.h> 36 #include <asm/uaccess.h> 37 38 int ip6_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len) 39 { 40 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr; 41 struct inet_sock *inet = inet_sk(sk); 42 struct ipv6_pinfo *np = inet6_sk(sk); 43 struct in6_addr *daddr, *final_p = NULL, final; 44 struct dst_entry *dst; 45 struct flowi fl; 46 struct ip6_flowlabel *flowlabel = NULL; 47 int addr_type; 48 int err; 49 50 if (usin->sin6_family == AF_INET) { 51 if (__ipv6_only_sock(sk)) 52 return -EAFNOSUPPORT; 53 err = ip4_datagram_connect(sk, uaddr, addr_len); 54 goto ipv4_connected; 55 } 56 57 if (addr_len < SIN6_LEN_RFC2133) 58 return -EINVAL; 59 60 if (usin->sin6_family != AF_INET6) 61 return -EAFNOSUPPORT; 62 63 memset(&fl, 0, sizeof(fl)); 64 if (np->sndflow) { 65 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK; 66 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) { 67 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel); 68 if (flowlabel == NULL) 69 return -EINVAL; 70 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst); 71 } 72 } 73 74 addr_type = ipv6_addr_type(&usin->sin6_addr); 75 76 if (addr_type == IPV6_ADDR_ANY) { 77 /* 78 * connect to self 79 */ 80 usin->sin6_addr.s6_addr[15] = 0x01; 81 } 82 83 daddr = &usin->sin6_addr; 84 85 if (addr_type == IPV6_ADDR_MAPPED) { 86 struct sockaddr_in sin; 87 88 if (__ipv6_only_sock(sk)) { 89 err = -ENETUNREACH; 90 goto out; 91 } 92 sin.sin_family = AF_INET; 93 sin.sin_addr.s_addr = daddr->s6_addr32[3]; 94 sin.sin_port = usin->sin6_port; 95 96 err = ip4_datagram_connect(sk, 97 (struct sockaddr*) &sin, 98 sizeof(sin)); 99 100 ipv4_connected: 101 if (err) 102 goto out; 103 104 ipv6_addr_set(&np->daddr, 0, 0, htonl(0x0000ffff), inet->daddr); 105 106 if (ipv6_addr_any(&np->saddr)) { 107 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000ffff), 108 inet->saddr); 109 } 110 111 if (ipv6_addr_any(&np->rcv_saddr)) { 112 ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000ffff), 113 inet->rcv_saddr); 114 } 115 goto out; 116 } 117 118 if (addr_type&IPV6_ADDR_LINKLOCAL) { 119 if (addr_len >= sizeof(struct sockaddr_in6) && 120 usin->sin6_scope_id) { 121 if (sk->sk_bound_dev_if && 122 sk->sk_bound_dev_if != usin->sin6_scope_id) { 123 err = -EINVAL; 124 goto out; 125 } 126 sk->sk_bound_dev_if = usin->sin6_scope_id; 127 if (!sk->sk_bound_dev_if && 128 (addr_type & IPV6_ADDR_MULTICAST)) 129 fl.oif = np->mcast_oif; 130 } 131 132 /* Connect to link-local address requires an interface */ 133 if (!sk->sk_bound_dev_if) { 134 err = -EINVAL; 135 goto out; 136 } 137 } 138 139 ipv6_addr_copy(&np->daddr, daddr); 140 np->flow_label = fl.fl6_flowlabel; 141 142 inet->dport = usin->sin6_port; 143 144 /* 145 * Check for a route to destination an obtain the 146 * destination cache for it. 147 */ 148 149 fl.proto = sk->sk_protocol; 150 ipv6_addr_copy(&fl.fl6_dst, &np->daddr); 151 ipv6_addr_copy(&fl.fl6_src, &np->saddr); 152 fl.oif = sk->sk_bound_dev_if; 153 fl.fl_ip_dport = inet->dport; 154 fl.fl_ip_sport = inet->sport; 155 156 if (!fl.oif && (addr_type&IPV6_ADDR_MULTICAST)) 157 fl.oif = np->mcast_oif; 158 159 security_sk_classify_flow(sk, &fl); 160 161 if (flowlabel) { 162 if (flowlabel->opt && flowlabel->opt->srcrt) { 163 struct rt0_hdr *rt0 = (struct rt0_hdr *) flowlabel->opt->srcrt; 164 ipv6_addr_copy(&final, &fl.fl6_dst); 165 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 166 final_p = &final; 167 } 168 } else if (np->opt && np->opt->srcrt) { 169 struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt; 170 ipv6_addr_copy(&final, &fl.fl6_dst); 171 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 172 final_p = &final; 173 } 174 175 err = ip6_dst_lookup(sk, &dst, &fl); 176 if (err) 177 goto out; 178 if (final_p) 179 ipv6_addr_copy(&fl.fl6_dst, final_p); 180 181 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) 182 goto out; 183 184 /* source address lookup done in ip6_dst_lookup */ 185 186 if (ipv6_addr_any(&np->saddr)) 187 ipv6_addr_copy(&np->saddr, &fl.fl6_src); 188 189 if (ipv6_addr_any(&np->rcv_saddr)) { 190 ipv6_addr_copy(&np->rcv_saddr, &fl.fl6_src); 191 inet->rcv_saddr = LOOPBACK4_IPV6; 192 } 193 194 ip6_dst_store(sk, dst, 195 ipv6_addr_equal(&fl.fl6_dst, &np->daddr) ? 196 &np->daddr : NULL, 197 #ifdef CONFIG_IPV6_SUBTREES 198 ipv6_addr_equal(&fl.fl6_src, &np->saddr) ? 199 &np->saddr : 200 #endif 201 NULL); 202 203 sk->sk_state = TCP_ESTABLISHED; 204 out: 205 fl6_sock_release(flowlabel); 206 return err; 207 } 208 209 void ipv6_icmp_error(struct sock *sk, struct sk_buff *skb, int err, 210 __be16 port, u32 info, u8 *payload) 211 { 212 struct ipv6_pinfo *np = inet6_sk(sk); 213 struct icmp6hdr *icmph = (struct icmp6hdr *)skb->h.raw; 214 struct sock_exterr_skb *serr; 215 216 if (!np->recverr) 217 return; 218 219 skb = skb_clone(skb, GFP_ATOMIC); 220 if (!skb) 221 return; 222 223 serr = SKB_EXT_ERR(skb); 224 serr->ee.ee_errno = err; 225 serr->ee.ee_origin = SO_EE_ORIGIN_ICMP6; 226 serr->ee.ee_type = icmph->icmp6_type; 227 serr->ee.ee_code = icmph->icmp6_code; 228 serr->ee.ee_pad = 0; 229 serr->ee.ee_info = info; 230 serr->ee.ee_data = 0; 231 serr->addr_offset = (u8*)&(((struct ipv6hdr*)(icmph+1))->daddr) - skb->nh.raw; 232 serr->port = port; 233 234 skb->h.raw = payload; 235 __skb_pull(skb, payload - skb->data); 236 237 if (sock_queue_err_skb(sk, skb)) 238 kfree_skb(skb); 239 } 240 241 void ipv6_local_error(struct sock *sk, int err, struct flowi *fl, u32 info) 242 { 243 struct ipv6_pinfo *np = inet6_sk(sk); 244 struct sock_exterr_skb *serr; 245 struct ipv6hdr *iph; 246 struct sk_buff *skb; 247 248 if (!np->recverr) 249 return; 250 251 skb = alloc_skb(sizeof(struct ipv6hdr), GFP_ATOMIC); 252 if (!skb) 253 return; 254 255 iph = (struct ipv6hdr*)skb_put(skb, sizeof(struct ipv6hdr)); 256 skb->nh.ipv6h = iph; 257 ipv6_addr_copy(&iph->daddr, &fl->fl6_dst); 258 259 serr = SKB_EXT_ERR(skb); 260 serr->ee.ee_errno = err; 261 serr->ee.ee_origin = SO_EE_ORIGIN_LOCAL; 262 serr->ee.ee_type = 0; 263 serr->ee.ee_code = 0; 264 serr->ee.ee_pad = 0; 265 serr->ee.ee_info = info; 266 serr->ee.ee_data = 0; 267 serr->addr_offset = (u8*)&iph->daddr - skb->nh.raw; 268 serr->port = fl->fl_ip_dport; 269 270 skb->h.raw = skb->tail; 271 __skb_pull(skb, skb->tail - skb->data); 272 273 if (sock_queue_err_skb(sk, skb)) 274 kfree_skb(skb); 275 } 276 277 /* 278 * Handle MSG_ERRQUEUE 279 */ 280 int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len) 281 { 282 struct ipv6_pinfo *np = inet6_sk(sk); 283 struct sock_exterr_skb *serr; 284 struct sk_buff *skb, *skb2; 285 struct sockaddr_in6 *sin; 286 struct { 287 struct sock_extended_err ee; 288 struct sockaddr_in6 offender; 289 } errhdr; 290 int err; 291 int copied; 292 293 err = -EAGAIN; 294 skb = skb_dequeue(&sk->sk_error_queue); 295 if (skb == NULL) 296 goto out; 297 298 copied = skb->len; 299 if (copied > len) { 300 msg->msg_flags |= MSG_TRUNC; 301 copied = len; 302 } 303 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); 304 if (err) 305 goto out_free_skb; 306 307 sock_recv_timestamp(msg, sk, skb); 308 309 serr = SKB_EXT_ERR(skb); 310 311 sin = (struct sockaddr_in6 *)msg->msg_name; 312 if (sin) { 313 sin->sin6_family = AF_INET6; 314 sin->sin6_flowinfo = 0; 315 sin->sin6_port = serr->port; 316 sin->sin6_scope_id = 0; 317 if (serr->ee.ee_origin == SO_EE_ORIGIN_ICMP6) { 318 ipv6_addr_copy(&sin->sin6_addr, 319 (struct in6_addr *)(skb->nh.raw + serr->addr_offset)); 320 if (np->sndflow) 321 sin->sin6_flowinfo = *(__be32*)(skb->nh.raw + serr->addr_offset - 24) & IPV6_FLOWINFO_MASK; 322 if (ipv6_addr_type(&sin->sin6_addr) & IPV6_ADDR_LINKLOCAL) 323 sin->sin6_scope_id = IP6CB(skb)->iif; 324 } else { 325 ipv6_addr_set(&sin->sin6_addr, 0, 0, 326 htonl(0xffff), 327 *(__be32*)(skb->nh.raw + serr->addr_offset)); 328 } 329 } 330 331 memcpy(&errhdr.ee, &serr->ee, sizeof(struct sock_extended_err)); 332 sin = &errhdr.offender; 333 sin->sin6_family = AF_UNSPEC; 334 if (serr->ee.ee_origin != SO_EE_ORIGIN_LOCAL) { 335 sin->sin6_family = AF_INET6; 336 sin->sin6_flowinfo = 0; 337 sin->sin6_scope_id = 0; 338 if (serr->ee.ee_origin == SO_EE_ORIGIN_ICMP6) { 339 ipv6_addr_copy(&sin->sin6_addr, &skb->nh.ipv6h->saddr); 340 if (np->rxopt.all) 341 datagram_recv_ctl(sk, msg, skb); 342 if (ipv6_addr_type(&sin->sin6_addr) & IPV6_ADDR_LINKLOCAL) 343 sin->sin6_scope_id = IP6CB(skb)->iif; 344 } else { 345 struct inet_sock *inet = inet_sk(sk); 346 347 ipv6_addr_set(&sin->sin6_addr, 0, 0, 348 htonl(0xffff), 349 skb->nh.iph->saddr); 350 if (inet->cmsg_flags) 351 ip_cmsg_recv(msg, skb); 352 } 353 } 354 355 put_cmsg(msg, SOL_IPV6, IPV6_RECVERR, sizeof(errhdr), &errhdr); 356 357 /* Now we could try to dump offended packet options */ 358 359 msg->msg_flags |= MSG_ERRQUEUE; 360 err = copied; 361 362 /* Reset and regenerate socket error */ 363 spin_lock_bh(&sk->sk_error_queue.lock); 364 sk->sk_err = 0; 365 if ((skb2 = skb_peek(&sk->sk_error_queue)) != NULL) { 366 sk->sk_err = SKB_EXT_ERR(skb2)->ee.ee_errno; 367 spin_unlock_bh(&sk->sk_error_queue.lock); 368 sk->sk_error_report(sk); 369 } else { 370 spin_unlock_bh(&sk->sk_error_queue.lock); 371 } 372 373 out_free_skb: 374 kfree_skb(skb); 375 out: 376 return err; 377 } 378 379 380 381 int datagram_recv_ctl(struct sock *sk, struct msghdr *msg, struct sk_buff *skb) 382 { 383 struct ipv6_pinfo *np = inet6_sk(sk); 384 struct inet6_skb_parm *opt = IP6CB(skb); 385 386 if (np->rxopt.bits.rxinfo) { 387 struct in6_pktinfo src_info; 388 389 src_info.ipi6_ifindex = opt->iif; 390 ipv6_addr_copy(&src_info.ipi6_addr, &skb->nh.ipv6h->daddr); 391 put_cmsg(msg, SOL_IPV6, IPV6_PKTINFO, sizeof(src_info), &src_info); 392 } 393 394 if (np->rxopt.bits.rxhlim) { 395 int hlim = skb->nh.ipv6h->hop_limit; 396 put_cmsg(msg, SOL_IPV6, IPV6_HOPLIMIT, sizeof(hlim), &hlim); 397 } 398 399 if (np->rxopt.bits.rxtclass) { 400 int tclass = (ntohl(*(__be32 *)skb->nh.ipv6h) >> 20) & 0xff; 401 put_cmsg(msg, SOL_IPV6, IPV6_TCLASS, sizeof(tclass), &tclass); 402 } 403 404 if (np->rxopt.bits.rxflow && (*(__be32*)skb->nh.raw & IPV6_FLOWINFO_MASK)) { 405 __be32 flowinfo = *(__be32*)skb->nh.raw & IPV6_FLOWINFO_MASK; 406 put_cmsg(msg, SOL_IPV6, IPV6_FLOWINFO, sizeof(flowinfo), &flowinfo); 407 } 408 409 /* HbH is allowed only once */ 410 if (np->rxopt.bits.hopopts && opt->hop) { 411 u8 *ptr = skb->nh.raw + opt->hop; 412 put_cmsg(msg, SOL_IPV6, IPV6_HOPOPTS, (ptr[1]+1)<<3, ptr); 413 } 414 415 if (opt->lastopt && 416 (np->rxopt.bits.dstopts || np->rxopt.bits.srcrt)) { 417 /* 418 * Silly enough, but we need to reparse in order to 419 * report extension headers (except for HbH) 420 * in order. 421 * 422 * Also note that IPV6_RECVRTHDRDSTOPTS is NOT 423 * (and WILL NOT be) defined because 424 * IPV6_RECVDSTOPTS is more generic. --yoshfuji 425 */ 426 unsigned int off = sizeof(struct ipv6hdr); 427 u8 nexthdr = skb->nh.ipv6h->nexthdr; 428 429 while (off <= opt->lastopt) { 430 unsigned len; 431 u8 *ptr = skb->nh.raw + off; 432 433 switch(nexthdr) { 434 case IPPROTO_DSTOPTS: 435 nexthdr = ptr[0]; 436 len = (ptr[1] + 1) << 3; 437 if (np->rxopt.bits.dstopts) 438 put_cmsg(msg, SOL_IPV6, IPV6_DSTOPTS, len, ptr); 439 break; 440 case IPPROTO_ROUTING: 441 nexthdr = ptr[0]; 442 len = (ptr[1] + 1) << 3; 443 if (np->rxopt.bits.srcrt) 444 put_cmsg(msg, SOL_IPV6, IPV6_RTHDR, len, ptr); 445 break; 446 case IPPROTO_AH: 447 nexthdr = ptr[0]; 448 len = (ptr[1] + 2) << 2; 449 break; 450 default: 451 nexthdr = ptr[0]; 452 len = (ptr[1] + 1) << 3; 453 break; 454 } 455 456 off += len; 457 } 458 } 459 460 /* socket options in old style */ 461 if (np->rxopt.bits.rxoinfo) { 462 struct in6_pktinfo src_info; 463 464 src_info.ipi6_ifindex = opt->iif; 465 ipv6_addr_copy(&src_info.ipi6_addr, &skb->nh.ipv6h->daddr); 466 put_cmsg(msg, SOL_IPV6, IPV6_2292PKTINFO, sizeof(src_info), &src_info); 467 } 468 if (np->rxopt.bits.rxohlim) { 469 int hlim = skb->nh.ipv6h->hop_limit; 470 put_cmsg(msg, SOL_IPV6, IPV6_2292HOPLIMIT, sizeof(hlim), &hlim); 471 } 472 if (np->rxopt.bits.ohopopts && opt->hop) { 473 u8 *ptr = skb->nh.raw + opt->hop; 474 put_cmsg(msg, SOL_IPV6, IPV6_2292HOPOPTS, (ptr[1]+1)<<3, ptr); 475 } 476 if (np->rxopt.bits.odstopts && opt->dst0) { 477 u8 *ptr = skb->nh.raw + opt->dst0; 478 put_cmsg(msg, SOL_IPV6, IPV6_2292DSTOPTS, (ptr[1]+1)<<3, ptr); 479 } 480 if (np->rxopt.bits.osrcrt && opt->srcrt) { 481 struct ipv6_rt_hdr *rthdr = (struct ipv6_rt_hdr *)(skb->nh.raw + opt->srcrt); 482 put_cmsg(msg, SOL_IPV6, IPV6_2292RTHDR, (rthdr->hdrlen+1) << 3, rthdr); 483 } 484 if (np->rxopt.bits.odstopts && opt->dst1) { 485 u8 *ptr = skb->nh.raw + opt->dst1; 486 put_cmsg(msg, SOL_IPV6, IPV6_2292DSTOPTS, (ptr[1]+1)<<3, ptr); 487 } 488 return 0; 489 } 490 491 int datagram_send_ctl(struct msghdr *msg, struct flowi *fl, 492 struct ipv6_txoptions *opt, 493 int *hlimit, int *tclass) 494 { 495 struct in6_pktinfo *src_info; 496 struct cmsghdr *cmsg; 497 struct ipv6_rt_hdr *rthdr; 498 struct ipv6_opt_hdr *hdr; 499 int len; 500 int err = 0; 501 502 for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) { 503 int addr_type; 504 struct net_device *dev = NULL; 505 506 if (!CMSG_OK(msg, cmsg)) { 507 err = -EINVAL; 508 goto exit_f; 509 } 510 511 if (cmsg->cmsg_level != SOL_IPV6) 512 continue; 513 514 switch (cmsg->cmsg_type) { 515 case IPV6_PKTINFO: 516 case IPV6_2292PKTINFO: 517 if (cmsg->cmsg_len < CMSG_LEN(sizeof(struct in6_pktinfo))) { 518 err = -EINVAL; 519 goto exit_f; 520 } 521 522 src_info = (struct in6_pktinfo *)CMSG_DATA(cmsg); 523 524 if (src_info->ipi6_ifindex) { 525 if (fl->oif && src_info->ipi6_ifindex != fl->oif) 526 return -EINVAL; 527 fl->oif = src_info->ipi6_ifindex; 528 } 529 530 addr_type = ipv6_addr_type(&src_info->ipi6_addr); 531 532 if (addr_type == IPV6_ADDR_ANY) 533 break; 534 535 if (addr_type & IPV6_ADDR_LINKLOCAL) { 536 if (!src_info->ipi6_ifindex) 537 return -EINVAL; 538 else { 539 dev = dev_get_by_index(src_info->ipi6_ifindex); 540 if (!dev) 541 return -ENODEV; 542 } 543 } 544 if (!ipv6_chk_addr(&src_info->ipi6_addr, dev, 0)) { 545 if (dev) 546 dev_put(dev); 547 err = -EINVAL; 548 goto exit_f; 549 } 550 if (dev) 551 dev_put(dev); 552 553 ipv6_addr_copy(&fl->fl6_src, &src_info->ipi6_addr); 554 break; 555 556 case IPV6_FLOWINFO: 557 if (cmsg->cmsg_len < CMSG_LEN(4)) { 558 err = -EINVAL; 559 goto exit_f; 560 } 561 562 if (fl->fl6_flowlabel&IPV6_FLOWINFO_MASK) { 563 if ((fl->fl6_flowlabel^*(__be32 *)CMSG_DATA(cmsg))&~IPV6_FLOWINFO_MASK) { 564 err = -EINVAL; 565 goto exit_f; 566 } 567 } 568 fl->fl6_flowlabel = IPV6_FLOWINFO_MASK & *(__be32 *)CMSG_DATA(cmsg); 569 break; 570 571 case IPV6_2292HOPOPTS: 572 case IPV6_HOPOPTS: 573 if (opt->hopopt || cmsg->cmsg_len < CMSG_LEN(sizeof(struct ipv6_opt_hdr))) { 574 err = -EINVAL; 575 goto exit_f; 576 } 577 578 hdr = (struct ipv6_opt_hdr *)CMSG_DATA(cmsg); 579 len = ((hdr->hdrlen + 1) << 3); 580 if (cmsg->cmsg_len < CMSG_LEN(len)) { 581 err = -EINVAL; 582 goto exit_f; 583 } 584 if (!capable(CAP_NET_RAW)) { 585 err = -EPERM; 586 goto exit_f; 587 } 588 opt->opt_nflen += len; 589 opt->hopopt = hdr; 590 break; 591 592 case IPV6_2292DSTOPTS: 593 if (cmsg->cmsg_len < CMSG_LEN(sizeof(struct ipv6_opt_hdr))) { 594 err = -EINVAL; 595 goto exit_f; 596 } 597 598 hdr = (struct ipv6_opt_hdr *)CMSG_DATA(cmsg); 599 len = ((hdr->hdrlen + 1) << 3); 600 if (cmsg->cmsg_len < CMSG_LEN(len)) { 601 err = -EINVAL; 602 goto exit_f; 603 } 604 if (!capable(CAP_NET_RAW)) { 605 err = -EPERM; 606 goto exit_f; 607 } 608 if (opt->dst1opt) { 609 err = -EINVAL; 610 goto exit_f; 611 } 612 opt->opt_flen += len; 613 opt->dst1opt = hdr; 614 break; 615 616 case IPV6_DSTOPTS: 617 case IPV6_RTHDRDSTOPTS: 618 if (cmsg->cmsg_len < CMSG_LEN(sizeof(struct ipv6_opt_hdr))) { 619 err = -EINVAL; 620 goto exit_f; 621 } 622 623 hdr = (struct ipv6_opt_hdr *)CMSG_DATA(cmsg); 624 len = ((hdr->hdrlen + 1) << 3); 625 if (cmsg->cmsg_len < CMSG_LEN(len)) { 626 err = -EINVAL; 627 goto exit_f; 628 } 629 if (!capable(CAP_NET_RAW)) { 630 err = -EPERM; 631 goto exit_f; 632 } 633 if (cmsg->cmsg_type == IPV6_DSTOPTS) { 634 opt->opt_flen += len; 635 opt->dst1opt = hdr; 636 } else { 637 opt->opt_nflen += len; 638 opt->dst0opt = hdr; 639 } 640 break; 641 642 case IPV6_2292RTHDR: 643 case IPV6_RTHDR: 644 if (cmsg->cmsg_len < CMSG_LEN(sizeof(struct ipv6_rt_hdr))) { 645 err = -EINVAL; 646 goto exit_f; 647 } 648 649 rthdr = (struct ipv6_rt_hdr *)CMSG_DATA(cmsg); 650 651 switch (rthdr->type) { 652 case IPV6_SRCRT_TYPE_0: 653 #ifdef CONFIG_IPV6_MIP6 654 case IPV6_SRCRT_TYPE_2: 655 #endif 656 break; 657 default: 658 err = -EINVAL; 659 goto exit_f; 660 } 661 662 len = ((rthdr->hdrlen + 1) << 3); 663 664 if (cmsg->cmsg_len < CMSG_LEN(len)) { 665 err = -EINVAL; 666 goto exit_f; 667 } 668 669 /* segments left must also match */ 670 if ((rthdr->hdrlen >> 1) != rthdr->segments_left) { 671 err = -EINVAL; 672 goto exit_f; 673 } 674 675 opt->opt_nflen += len; 676 opt->srcrt = rthdr; 677 678 if (cmsg->cmsg_type == IPV6_2292RTHDR && opt->dst1opt) { 679 int dsthdrlen = ((opt->dst1opt->hdrlen+1)<<3); 680 681 opt->opt_nflen += dsthdrlen; 682 opt->dst0opt = opt->dst1opt; 683 opt->dst1opt = NULL; 684 opt->opt_flen -= dsthdrlen; 685 } 686 687 break; 688 689 case IPV6_2292HOPLIMIT: 690 case IPV6_HOPLIMIT: 691 if (cmsg->cmsg_len != CMSG_LEN(sizeof(int))) { 692 err = -EINVAL; 693 goto exit_f; 694 } 695 696 *hlimit = *(int *)CMSG_DATA(cmsg); 697 break; 698 699 case IPV6_TCLASS: 700 { 701 int tc; 702 703 err = -EINVAL; 704 if (cmsg->cmsg_len != CMSG_LEN(sizeof(int))) { 705 goto exit_f; 706 } 707 708 tc = *(int *)CMSG_DATA(cmsg); 709 if (tc < -1 || tc > 0xff) 710 goto exit_f; 711 712 err = 0; 713 *tclass = tc; 714 715 break; 716 } 717 default: 718 LIMIT_NETDEBUG(KERN_DEBUG "invalid cmsg type: %d\n", 719 cmsg->cmsg_type); 720 err = -EINVAL; 721 break; 722 }; 723 } 724 725 exit_f: 726 return err; 727 } 728