1 /* 2 * IPv6 BSD socket options interface 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * Based on linux/net/ipv4/ip_sockglue.c 9 * 10 * This program is free software; you can redistribute it and/or 11 * modify it under the terms of the GNU General Public License 12 * as published by the Free Software Foundation; either version 13 * 2 of the License, or (at your option) any later version. 14 * 15 * FIXME: Make the setsockopt code POSIX compliant: That is 16 * 17 * o Truncate getsockopt returns 18 * o Return an optlen of the truncated length if need be 19 * 20 * Changes: 21 * David L Stevens <dlstevens@us.ibm.com>: 22 * - added multicast source filtering API for MLDv2 23 */ 24 25 #include <linux/module.h> 26 #include <linux/capability.h> 27 #include <linux/errno.h> 28 #include <linux/types.h> 29 #include <linux/socket.h> 30 #include <linux/sockios.h> 31 #include <linux/net.h> 32 #include <linux/in6.h> 33 #include <linux/mroute6.h> 34 #include <linux/netdevice.h> 35 #include <linux/if_arp.h> 36 #include <linux/init.h> 37 #include <linux/sysctl.h> 38 #include <linux/netfilter.h> 39 #include <linux/slab.h> 40 41 #include <net/sock.h> 42 #include <net/snmp.h> 43 #include <net/ipv6.h> 44 #include <net/ndisc.h> 45 #include <net/protocol.h> 46 #include <net/transp_v6.h> 47 #include <net/ip6_route.h> 48 #include <net/addrconf.h> 49 #include <net/inet_common.h> 50 #include <net/tcp.h> 51 #include <net/udp.h> 52 #include <net/udplite.h> 53 #include <net/xfrm.h> 54 #include <net/compat.h> 55 56 #include <asm/uaccess.h> 57 58 DEFINE_SNMP_STAT(struct ipstats_mib, ipv6_statistics) __read_mostly; 59 60 struct ip6_ra_chain *ip6_ra_chain; 61 DEFINE_RWLOCK(ip6_ra_lock); 62 63 int ip6_ra_control(struct sock *sk, int sel) 64 { 65 struct ip6_ra_chain *ra, *new_ra, **rap; 66 67 /* RA packet may be delivered ONLY to IPPROTO_RAW socket */ 68 if (sk->sk_type != SOCK_RAW || inet_sk(sk)->inet_num != IPPROTO_RAW) 69 return -ENOPROTOOPT; 70 71 new_ra = (sel>=0) ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL; 72 73 write_lock_bh(&ip6_ra_lock); 74 for (rap = &ip6_ra_chain; (ra=*rap) != NULL; rap = &ra->next) { 75 if (ra->sk == sk) { 76 if (sel>=0) { 77 write_unlock_bh(&ip6_ra_lock); 78 kfree(new_ra); 79 return -EADDRINUSE; 80 } 81 82 *rap = ra->next; 83 write_unlock_bh(&ip6_ra_lock); 84 85 sock_put(sk); 86 kfree(ra); 87 return 0; 88 } 89 } 90 if (new_ra == NULL) { 91 write_unlock_bh(&ip6_ra_lock); 92 return -ENOBUFS; 93 } 94 new_ra->sk = sk; 95 new_ra->sel = sel; 96 new_ra->next = ra; 97 *rap = new_ra; 98 sock_hold(sk); 99 write_unlock_bh(&ip6_ra_lock); 100 return 0; 101 } 102 103 static 104 struct ipv6_txoptions *ipv6_update_options(struct sock *sk, 105 struct ipv6_txoptions *opt) 106 { 107 if (inet_sk(sk)->is_icsk) { 108 if (opt && 109 !((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) && 110 inet_sk(sk)->inet_daddr != LOOPBACK4_IPV6) { 111 struct inet_connection_sock *icsk = inet_csk(sk); 112 icsk->icsk_ext_hdr_len = opt->opt_flen + opt->opt_nflen; 113 icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie); 114 } 115 opt = xchg(&inet6_sk(sk)->opt, opt); 116 } else { 117 spin_lock(&sk->sk_dst_lock); 118 opt = xchg(&inet6_sk(sk)->opt, opt); 119 spin_unlock(&sk->sk_dst_lock); 120 } 121 sk_dst_reset(sk); 122 123 return opt; 124 } 125 126 static int do_ipv6_setsockopt(struct sock *sk, int level, int optname, 127 char __user *optval, unsigned int optlen) 128 { 129 struct ipv6_pinfo *np = inet6_sk(sk); 130 struct net *net = sock_net(sk); 131 int val, valbool; 132 int retv = -ENOPROTOOPT; 133 134 if (optval == NULL) 135 val=0; 136 else { 137 if (optlen >= sizeof(int)) { 138 if (get_user(val, (int __user *) optval)) 139 return -EFAULT; 140 } else 141 val = 0; 142 } 143 144 valbool = (val!=0); 145 146 if (ip6_mroute_opt(optname)) 147 return ip6_mroute_setsockopt(sk, optname, optval, optlen); 148 149 lock_sock(sk); 150 151 switch (optname) { 152 153 case IPV6_ADDRFORM: 154 if (optlen < sizeof(int)) 155 goto e_inval; 156 if (val == PF_INET) { 157 struct ipv6_txoptions *opt; 158 struct sk_buff *pktopt; 159 160 if (sk->sk_type == SOCK_RAW) 161 break; 162 163 if (sk->sk_protocol == IPPROTO_UDP || 164 sk->sk_protocol == IPPROTO_UDPLITE) { 165 struct udp_sock *up = udp_sk(sk); 166 if (up->pending == AF_INET6) { 167 retv = -EBUSY; 168 break; 169 } 170 } else if (sk->sk_protocol != IPPROTO_TCP) 171 break; 172 173 if (sk->sk_state != TCP_ESTABLISHED) { 174 retv = -ENOTCONN; 175 break; 176 } 177 178 if (ipv6_only_sock(sk) || 179 !ipv6_addr_v4mapped(&np->daddr)) { 180 retv = -EADDRNOTAVAIL; 181 break; 182 } 183 184 fl6_free_socklist(sk); 185 ipv6_sock_mc_close(sk); 186 187 /* 188 * Sock is moving from IPv6 to IPv4 (sk_prot), so 189 * remove it from the refcnt debug socks count in the 190 * original family... 191 */ 192 sk_refcnt_debug_dec(sk); 193 194 if (sk->sk_protocol == IPPROTO_TCP) { 195 struct inet_connection_sock *icsk = inet_csk(sk); 196 local_bh_disable(); 197 sock_prot_inuse_add(net, sk->sk_prot, -1); 198 sock_prot_inuse_add(net, &tcp_prot, 1); 199 local_bh_enable(); 200 sk->sk_prot = &tcp_prot; 201 icsk->icsk_af_ops = &ipv4_specific; 202 sk->sk_socket->ops = &inet_stream_ops; 203 sk->sk_family = PF_INET; 204 tcp_sync_mss(sk, icsk->icsk_pmtu_cookie); 205 } else { 206 struct proto *prot = &udp_prot; 207 208 if (sk->sk_protocol == IPPROTO_UDPLITE) 209 prot = &udplite_prot; 210 local_bh_disable(); 211 sock_prot_inuse_add(net, sk->sk_prot, -1); 212 sock_prot_inuse_add(net, prot, 1); 213 local_bh_enable(); 214 sk->sk_prot = prot; 215 sk->sk_socket->ops = &inet_dgram_ops; 216 sk->sk_family = PF_INET; 217 } 218 opt = xchg(&np->opt, NULL); 219 if (opt) 220 sock_kfree_s(sk, opt, opt->tot_len); 221 pktopt = xchg(&np->pktoptions, NULL); 222 kfree_skb(pktopt); 223 224 sk->sk_destruct = inet_sock_destruct; 225 /* 226 * ... and add it to the refcnt debug socks count 227 * in the new family. -acme 228 */ 229 sk_refcnt_debug_inc(sk); 230 module_put(THIS_MODULE); 231 retv = 0; 232 break; 233 } 234 goto e_inval; 235 236 case IPV6_V6ONLY: 237 if (optlen < sizeof(int) || 238 inet_sk(sk)->inet_num) 239 goto e_inval; 240 np->ipv6only = valbool; 241 retv = 0; 242 break; 243 244 case IPV6_RECVPKTINFO: 245 if (optlen < sizeof(int)) 246 goto e_inval; 247 np->rxopt.bits.rxinfo = valbool; 248 retv = 0; 249 break; 250 251 case IPV6_2292PKTINFO: 252 if (optlen < sizeof(int)) 253 goto e_inval; 254 np->rxopt.bits.rxoinfo = valbool; 255 retv = 0; 256 break; 257 258 case IPV6_RECVHOPLIMIT: 259 if (optlen < sizeof(int)) 260 goto e_inval; 261 np->rxopt.bits.rxhlim = valbool; 262 retv = 0; 263 break; 264 265 case IPV6_2292HOPLIMIT: 266 if (optlen < sizeof(int)) 267 goto e_inval; 268 np->rxopt.bits.rxohlim = valbool; 269 retv = 0; 270 break; 271 272 case IPV6_RECVRTHDR: 273 if (optlen < sizeof(int)) 274 goto e_inval; 275 np->rxopt.bits.srcrt = valbool; 276 retv = 0; 277 break; 278 279 case IPV6_2292RTHDR: 280 if (optlen < sizeof(int)) 281 goto e_inval; 282 np->rxopt.bits.osrcrt = valbool; 283 retv = 0; 284 break; 285 286 case IPV6_RECVHOPOPTS: 287 if (optlen < sizeof(int)) 288 goto e_inval; 289 np->rxopt.bits.hopopts = valbool; 290 retv = 0; 291 break; 292 293 case IPV6_2292HOPOPTS: 294 if (optlen < sizeof(int)) 295 goto e_inval; 296 np->rxopt.bits.ohopopts = valbool; 297 retv = 0; 298 break; 299 300 case IPV6_RECVDSTOPTS: 301 if (optlen < sizeof(int)) 302 goto e_inval; 303 np->rxopt.bits.dstopts = valbool; 304 retv = 0; 305 break; 306 307 case IPV6_2292DSTOPTS: 308 if (optlen < sizeof(int)) 309 goto e_inval; 310 np->rxopt.bits.odstopts = valbool; 311 retv = 0; 312 break; 313 314 case IPV6_TCLASS: 315 if (optlen < sizeof(int)) 316 goto e_inval; 317 if (val < -1 || val > 0xff) 318 goto e_inval; 319 /* RFC 3542, 6.5: default traffic class of 0x0 */ 320 if (val == -1) 321 val = 0; 322 np->tclass = val; 323 retv = 0; 324 break; 325 326 case IPV6_RECVTCLASS: 327 if (optlen < sizeof(int)) 328 goto e_inval; 329 np->rxopt.bits.rxtclass = valbool; 330 retv = 0; 331 break; 332 333 case IPV6_FLOWINFO: 334 if (optlen < sizeof(int)) 335 goto e_inval; 336 np->rxopt.bits.rxflow = valbool; 337 retv = 0; 338 break; 339 340 case IPV6_RECVPATHMTU: 341 if (optlen < sizeof(int)) 342 goto e_inval; 343 np->rxopt.bits.rxpmtu = valbool; 344 retv = 0; 345 break; 346 347 case IPV6_HOPOPTS: 348 case IPV6_RTHDRDSTOPTS: 349 case IPV6_RTHDR: 350 case IPV6_DSTOPTS: 351 { 352 struct ipv6_txoptions *opt; 353 354 /* remove any sticky options header with a zero option 355 * length, per RFC3542. 356 */ 357 if (optlen == 0) 358 optval = NULL; 359 else if (optval == NULL) 360 goto e_inval; 361 else if (optlen < sizeof(struct ipv6_opt_hdr) || 362 optlen & 0x7 || optlen > 8 * 255) 363 goto e_inval; 364 365 /* hop-by-hop / destination options are privileged option */ 366 retv = -EPERM; 367 if (optname != IPV6_RTHDR && !capable(CAP_NET_RAW)) 368 break; 369 370 opt = ipv6_renew_options(sk, np->opt, optname, 371 (struct ipv6_opt_hdr __user *)optval, 372 optlen); 373 if (IS_ERR(opt)) { 374 retv = PTR_ERR(opt); 375 break; 376 } 377 378 /* routing header option needs extra check */ 379 retv = -EINVAL; 380 if (optname == IPV6_RTHDR && opt && opt->srcrt) { 381 struct ipv6_rt_hdr *rthdr = opt->srcrt; 382 switch (rthdr->type) { 383 #if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE) 384 case IPV6_SRCRT_TYPE_2: 385 if (rthdr->hdrlen != 2 || 386 rthdr->segments_left != 1) 387 goto sticky_done; 388 389 break; 390 #endif 391 default: 392 goto sticky_done; 393 } 394 } 395 396 retv = 0; 397 opt = ipv6_update_options(sk, opt); 398 sticky_done: 399 if (opt) 400 sock_kfree_s(sk, opt, opt->tot_len); 401 break; 402 } 403 404 case IPV6_PKTINFO: 405 { 406 struct in6_pktinfo pkt; 407 408 if (optlen == 0) 409 goto e_inval; 410 else if (optlen < sizeof(struct in6_pktinfo) || optval == NULL) 411 goto e_inval; 412 413 if (copy_from_user(&pkt, optval, sizeof(struct in6_pktinfo))) { 414 retv = -EFAULT; 415 break; 416 } 417 if (sk->sk_bound_dev_if && pkt.ipi6_ifindex != sk->sk_bound_dev_if) 418 goto e_inval; 419 420 np->sticky_pktinfo.ipi6_ifindex = pkt.ipi6_ifindex; 421 ipv6_addr_copy(&np->sticky_pktinfo.ipi6_addr, &pkt.ipi6_addr); 422 retv = 0; 423 break; 424 } 425 426 case IPV6_2292PKTOPTIONS: 427 { 428 struct ipv6_txoptions *opt = NULL; 429 struct msghdr msg; 430 struct flowi fl; 431 int junk; 432 433 fl.fl6_flowlabel = 0; 434 fl.oif = sk->sk_bound_dev_if; 435 fl.mark = sk->sk_mark; 436 437 if (optlen == 0) 438 goto update; 439 440 /* 1K is probably excessive 441 * 1K is surely not enough, 2K per standard header is 16K. 442 */ 443 retv = -EINVAL; 444 if (optlen > 64*1024) 445 break; 446 447 opt = sock_kmalloc(sk, sizeof(*opt) + optlen, GFP_KERNEL); 448 retv = -ENOBUFS; 449 if (opt == NULL) 450 break; 451 452 memset(opt, 0, sizeof(*opt)); 453 opt->tot_len = sizeof(*opt) + optlen; 454 retv = -EFAULT; 455 if (copy_from_user(opt+1, optval, optlen)) 456 goto done; 457 458 msg.msg_controllen = optlen; 459 msg.msg_control = (void*)(opt+1); 460 461 retv = datagram_send_ctl(net, &msg, &fl, opt, &junk, &junk, 462 &junk); 463 if (retv) 464 goto done; 465 update: 466 retv = 0; 467 opt = ipv6_update_options(sk, opt); 468 done: 469 if (opt) 470 sock_kfree_s(sk, opt, opt->tot_len); 471 break; 472 } 473 case IPV6_UNICAST_HOPS: 474 if (optlen < sizeof(int)) 475 goto e_inval; 476 if (val > 255 || val < -1) 477 goto e_inval; 478 np->hop_limit = val; 479 retv = 0; 480 break; 481 482 case IPV6_MULTICAST_HOPS: 483 if (sk->sk_type == SOCK_STREAM) 484 break; 485 if (optlen < sizeof(int)) 486 goto e_inval; 487 if (val > 255 || val < -1) 488 goto e_inval; 489 np->mcast_hops = val; 490 retv = 0; 491 break; 492 493 case IPV6_MULTICAST_LOOP: 494 if (optlen < sizeof(int)) 495 goto e_inval; 496 if (val != valbool) 497 goto e_inval; 498 np->mc_loop = valbool; 499 retv = 0; 500 break; 501 502 case IPV6_MULTICAST_IF: 503 if (sk->sk_type == SOCK_STREAM) 504 break; 505 if (optlen < sizeof(int)) 506 goto e_inval; 507 508 if (val) { 509 struct net_device *dev; 510 511 if (sk->sk_bound_dev_if && sk->sk_bound_dev_if != val) 512 goto e_inval; 513 514 dev = dev_get_by_index(net, val); 515 if (!dev) { 516 retv = -ENODEV; 517 break; 518 } 519 dev_put(dev); 520 } 521 np->mcast_oif = val; 522 retv = 0; 523 break; 524 case IPV6_ADD_MEMBERSHIP: 525 case IPV6_DROP_MEMBERSHIP: 526 { 527 struct ipv6_mreq mreq; 528 529 if (optlen < sizeof(struct ipv6_mreq)) 530 goto e_inval; 531 532 retv = -EPROTO; 533 if (inet_sk(sk)->is_icsk) 534 break; 535 536 retv = -EFAULT; 537 if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq))) 538 break; 539 540 if (optname == IPV6_ADD_MEMBERSHIP) 541 retv = ipv6_sock_mc_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr); 542 else 543 retv = ipv6_sock_mc_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr); 544 break; 545 } 546 case IPV6_JOIN_ANYCAST: 547 case IPV6_LEAVE_ANYCAST: 548 { 549 struct ipv6_mreq mreq; 550 551 if (optlen < sizeof(struct ipv6_mreq)) 552 goto e_inval; 553 554 retv = -EFAULT; 555 if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq))) 556 break; 557 558 if (optname == IPV6_JOIN_ANYCAST) 559 retv = ipv6_sock_ac_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr); 560 else 561 retv = ipv6_sock_ac_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr); 562 break; 563 } 564 case MCAST_JOIN_GROUP: 565 case MCAST_LEAVE_GROUP: 566 { 567 struct group_req greq; 568 struct sockaddr_in6 *psin6; 569 570 if (optlen < sizeof(struct group_req)) 571 goto e_inval; 572 573 retv = -EFAULT; 574 if (copy_from_user(&greq, optval, sizeof(struct group_req))) 575 break; 576 if (greq.gr_group.ss_family != AF_INET6) { 577 retv = -EADDRNOTAVAIL; 578 break; 579 } 580 psin6 = (struct sockaddr_in6 *)&greq.gr_group; 581 if (optname == MCAST_JOIN_GROUP) 582 retv = ipv6_sock_mc_join(sk, greq.gr_interface, 583 &psin6->sin6_addr); 584 else 585 retv = ipv6_sock_mc_drop(sk, greq.gr_interface, 586 &psin6->sin6_addr); 587 break; 588 } 589 case MCAST_JOIN_SOURCE_GROUP: 590 case MCAST_LEAVE_SOURCE_GROUP: 591 case MCAST_BLOCK_SOURCE: 592 case MCAST_UNBLOCK_SOURCE: 593 { 594 struct group_source_req greqs; 595 int omode, add; 596 597 if (optlen < sizeof(struct group_source_req)) 598 goto e_inval; 599 if (copy_from_user(&greqs, optval, sizeof(greqs))) { 600 retv = -EFAULT; 601 break; 602 } 603 if (greqs.gsr_group.ss_family != AF_INET6 || 604 greqs.gsr_source.ss_family != AF_INET6) { 605 retv = -EADDRNOTAVAIL; 606 break; 607 } 608 if (optname == MCAST_BLOCK_SOURCE) { 609 omode = MCAST_EXCLUDE; 610 add = 1; 611 } else if (optname == MCAST_UNBLOCK_SOURCE) { 612 omode = MCAST_EXCLUDE; 613 add = 0; 614 } else if (optname == MCAST_JOIN_SOURCE_GROUP) { 615 struct sockaddr_in6 *psin6; 616 617 psin6 = (struct sockaddr_in6 *)&greqs.gsr_group; 618 retv = ipv6_sock_mc_join(sk, greqs.gsr_interface, 619 &psin6->sin6_addr); 620 /* prior join w/ different source is ok */ 621 if (retv && retv != -EADDRINUSE) 622 break; 623 omode = MCAST_INCLUDE; 624 add = 1; 625 } else /* MCAST_LEAVE_SOURCE_GROUP */ { 626 omode = MCAST_INCLUDE; 627 add = 0; 628 } 629 retv = ip6_mc_source(add, omode, sk, &greqs); 630 break; 631 } 632 case MCAST_MSFILTER: 633 { 634 extern int sysctl_mld_max_msf; 635 struct group_filter *gsf; 636 637 if (optlen < GROUP_FILTER_SIZE(0)) 638 goto e_inval; 639 if (optlen > sysctl_optmem_max) { 640 retv = -ENOBUFS; 641 break; 642 } 643 gsf = kmalloc(optlen,GFP_KERNEL); 644 if (!gsf) { 645 retv = -ENOBUFS; 646 break; 647 } 648 retv = -EFAULT; 649 if (copy_from_user(gsf, optval, optlen)) { 650 kfree(gsf); 651 break; 652 } 653 /* numsrc >= (4G-140)/128 overflow in 32 bits */ 654 if (gsf->gf_numsrc >= 0x1ffffffU || 655 gsf->gf_numsrc > sysctl_mld_max_msf) { 656 kfree(gsf); 657 retv = -ENOBUFS; 658 break; 659 } 660 if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) { 661 kfree(gsf); 662 retv = -EINVAL; 663 break; 664 } 665 retv = ip6_mc_msfilter(sk, gsf); 666 kfree(gsf); 667 668 break; 669 } 670 case IPV6_ROUTER_ALERT: 671 if (optlen < sizeof(int)) 672 goto e_inval; 673 retv = ip6_ra_control(sk, val); 674 break; 675 case IPV6_MTU_DISCOVER: 676 if (optlen < sizeof(int)) 677 goto e_inval; 678 if (val < IP_PMTUDISC_DONT || val > IP_PMTUDISC_PROBE) 679 goto e_inval; 680 np->pmtudisc = val; 681 retv = 0; 682 break; 683 case IPV6_MTU: 684 if (optlen < sizeof(int)) 685 goto e_inval; 686 if (val && val < IPV6_MIN_MTU) 687 goto e_inval; 688 np->frag_size = val; 689 retv = 0; 690 break; 691 case IPV6_RECVERR: 692 if (optlen < sizeof(int)) 693 goto e_inval; 694 np->recverr = valbool; 695 if (!val) 696 skb_queue_purge(&sk->sk_error_queue); 697 retv = 0; 698 break; 699 case IPV6_FLOWINFO_SEND: 700 if (optlen < sizeof(int)) 701 goto e_inval; 702 np->sndflow = valbool; 703 retv = 0; 704 break; 705 case IPV6_FLOWLABEL_MGR: 706 retv = ipv6_flowlabel_opt(sk, optval, optlen); 707 break; 708 case IPV6_IPSEC_POLICY: 709 case IPV6_XFRM_POLICY: 710 retv = -EPERM; 711 if (!capable(CAP_NET_ADMIN)) 712 break; 713 retv = xfrm_user_policy(sk, optname, optval, optlen); 714 break; 715 716 case IPV6_ADDR_PREFERENCES: 717 { 718 unsigned int pref = 0; 719 unsigned int prefmask = ~0; 720 721 if (optlen < sizeof(int)) 722 goto e_inval; 723 724 retv = -EINVAL; 725 726 /* check PUBLIC/TMP/PUBTMP_DEFAULT conflicts */ 727 switch (val & (IPV6_PREFER_SRC_PUBLIC| 728 IPV6_PREFER_SRC_TMP| 729 IPV6_PREFER_SRC_PUBTMP_DEFAULT)) { 730 case IPV6_PREFER_SRC_PUBLIC: 731 pref |= IPV6_PREFER_SRC_PUBLIC; 732 break; 733 case IPV6_PREFER_SRC_TMP: 734 pref |= IPV6_PREFER_SRC_TMP; 735 break; 736 case IPV6_PREFER_SRC_PUBTMP_DEFAULT: 737 break; 738 case 0: 739 goto pref_skip_pubtmp; 740 default: 741 goto e_inval; 742 } 743 744 prefmask &= ~(IPV6_PREFER_SRC_PUBLIC| 745 IPV6_PREFER_SRC_TMP); 746 pref_skip_pubtmp: 747 748 /* check HOME/COA conflicts */ 749 switch (val & (IPV6_PREFER_SRC_HOME|IPV6_PREFER_SRC_COA)) { 750 case IPV6_PREFER_SRC_HOME: 751 break; 752 case IPV6_PREFER_SRC_COA: 753 pref |= IPV6_PREFER_SRC_COA; 754 case 0: 755 goto pref_skip_coa; 756 default: 757 goto e_inval; 758 } 759 760 prefmask &= ~IPV6_PREFER_SRC_COA; 761 pref_skip_coa: 762 763 /* check CGA/NONCGA conflicts */ 764 switch (val & (IPV6_PREFER_SRC_CGA|IPV6_PREFER_SRC_NONCGA)) { 765 case IPV6_PREFER_SRC_CGA: 766 case IPV6_PREFER_SRC_NONCGA: 767 case 0: 768 break; 769 default: 770 goto e_inval; 771 } 772 773 np->srcprefs = (np->srcprefs & prefmask) | pref; 774 retv = 0; 775 776 break; 777 } 778 case IPV6_MINHOPCOUNT: 779 if (optlen < sizeof(int)) 780 goto e_inval; 781 if (val < 0 || val > 255) 782 goto e_inval; 783 np->min_hopcount = val; 784 break; 785 case IPV6_DONTFRAG: 786 np->dontfrag = valbool; 787 retv = 0; 788 break; 789 } 790 791 release_sock(sk); 792 793 return retv; 794 795 e_inval: 796 release_sock(sk); 797 return -EINVAL; 798 } 799 800 int ipv6_setsockopt(struct sock *sk, int level, int optname, 801 char __user *optval, unsigned int optlen) 802 { 803 int err; 804 805 if (level == SOL_IP && sk->sk_type != SOCK_RAW) 806 return udp_prot.setsockopt(sk, level, optname, optval, optlen); 807 808 if (level != SOL_IPV6) 809 return -ENOPROTOOPT; 810 811 err = do_ipv6_setsockopt(sk, level, optname, optval, optlen); 812 #ifdef CONFIG_NETFILTER 813 /* we need to exclude all possible ENOPROTOOPTs except default case */ 814 if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY && 815 optname != IPV6_XFRM_POLICY) { 816 lock_sock(sk); 817 err = nf_setsockopt(sk, PF_INET6, optname, optval, 818 optlen); 819 release_sock(sk); 820 } 821 #endif 822 return err; 823 } 824 825 EXPORT_SYMBOL(ipv6_setsockopt); 826 827 #ifdef CONFIG_COMPAT 828 int compat_ipv6_setsockopt(struct sock *sk, int level, int optname, 829 char __user *optval, unsigned int optlen) 830 { 831 int err; 832 833 if (level == SOL_IP && sk->sk_type != SOCK_RAW) { 834 if (udp_prot.compat_setsockopt != NULL) 835 return udp_prot.compat_setsockopt(sk, level, optname, 836 optval, optlen); 837 return udp_prot.setsockopt(sk, level, optname, optval, optlen); 838 } 839 840 if (level != SOL_IPV6) 841 return -ENOPROTOOPT; 842 843 if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER) 844 return compat_mc_setsockopt(sk, level, optname, optval, optlen, 845 ipv6_setsockopt); 846 847 err = do_ipv6_setsockopt(sk, level, optname, optval, optlen); 848 #ifdef CONFIG_NETFILTER 849 /* we need to exclude all possible ENOPROTOOPTs except default case */ 850 if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY && 851 optname != IPV6_XFRM_POLICY) { 852 lock_sock(sk); 853 err = compat_nf_setsockopt(sk, PF_INET6, optname, 854 optval, optlen); 855 release_sock(sk); 856 } 857 #endif 858 return err; 859 } 860 861 EXPORT_SYMBOL(compat_ipv6_setsockopt); 862 #endif 863 864 static int ipv6_getsockopt_sticky(struct sock *sk, struct ipv6_txoptions *opt, 865 int optname, char __user *optval, int len) 866 { 867 struct ipv6_opt_hdr *hdr; 868 869 if (!opt) 870 return 0; 871 872 switch(optname) { 873 case IPV6_HOPOPTS: 874 hdr = opt->hopopt; 875 break; 876 case IPV6_RTHDRDSTOPTS: 877 hdr = opt->dst0opt; 878 break; 879 case IPV6_RTHDR: 880 hdr = (struct ipv6_opt_hdr *)opt->srcrt; 881 break; 882 case IPV6_DSTOPTS: 883 hdr = opt->dst1opt; 884 break; 885 default: 886 return -EINVAL; /* should not happen */ 887 } 888 889 if (!hdr) 890 return 0; 891 892 len = min_t(unsigned int, len, ipv6_optlen(hdr)); 893 if (copy_to_user(optval, hdr, len)) 894 return -EFAULT; 895 return len; 896 } 897 898 static int do_ipv6_getsockopt(struct sock *sk, int level, int optname, 899 char __user *optval, int __user *optlen) 900 { 901 struct ipv6_pinfo *np = inet6_sk(sk); 902 int len; 903 int val; 904 905 if (ip6_mroute_opt(optname)) 906 return ip6_mroute_getsockopt(sk, optname, optval, optlen); 907 908 if (get_user(len, optlen)) 909 return -EFAULT; 910 switch (optname) { 911 case IPV6_ADDRFORM: 912 if (sk->sk_protocol != IPPROTO_UDP && 913 sk->sk_protocol != IPPROTO_UDPLITE && 914 sk->sk_protocol != IPPROTO_TCP) 915 return -ENOPROTOOPT; 916 if (sk->sk_state != TCP_ESTABLISHED) 917 return -ENOTCONN; 918 val = sk->sk_family; 919 break; 920 case MCAST_MSFILTER: 921 { 922 struct group_filter gsf; 923 int err; 924 925 if (len < GROUP_FILTER_SIZE(0)) 926 return -EINVAL; 927 if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0))) 928 return -EFAULT; 929 if (gsf.gf_group.ss_family != AF_INET6) 930 return -EADDRNOTAVAIL; 931 lock_sock(sk); 932 err = ip6_mc_msfget(sk, &gsf, 933 (struct group_filter __user *)optval, optlen); 934 release_sock(sk); 935 return err; 936 } 937 938 case IPV6_2292PKTOPTIONS: 939 { 940 struct msghdr msg; 941 struct sk_buff *skb; 942 943 if (sk->sk_type != SOCK_STREAM) 944 return -ENOPROTOOPT; 945 946 msg.msg_control = optval; 947 msg.msg_controllen = len; 948 msg.msg_flags = 0; 949 950 lock_sock(sk); 951 skb = np->pktoptions; 952 if (skb) 953 atomic_inc(&skb->users); 954 release_sock(sk); 955 956 if (skb) { 957 int err = datagram_recv_ctl(sk, &msg, skb); 958 kfree_skb(skb); 959 if (err) 960 return err; 961 } else { 962 if (np->rxopt.bits.rxinfo) { 963 struct in6_pktinfo src_info; 964 src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif : 965 np->sticky_pktinfo.ipi6_ifindex; 966 np->mcast_oif? ipv6_addr_copy(&src_info.ipi6_addr, &np->daddr) : 967 ipv6_addr_copy(&src_info.ipi6_addr, &(np->sticky_pktinfo.ipi6_addr)); 968 put_cmsg(&msg, SOL_IPV6, IPV6_PKTINFO, sizeof(src_info), &src_info); 969 } 970 if (np->rxopt.bits.rxhlim) { 971 int hlim = np->mcast_hops; 972 put_cmsg(&msg, SOL_IPV6, IPV6_HOPLIMIT, sizeof(hlim), &hlim); 973 } 974 if (np->rxopt.bits.rxoinfo) { 975 struct in6_pktinfo src_info; 976 src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif : 977 np->sticky_pktinfo.ipi6_ifindex; 978 np->mcast_oif? ipv6_addr_copy(&src_info.ipi6_addr, &np->daddr) : 979 ipv6_addr_copy(&src_info.ipi6_addr, &(np->sticky_pktinfo.ipi6_addr)); 980 put_cmsg(&msg, SOL_IPV6, IPV6_2292PKTINFO, sizeof(src_info), &src_info); 981 } 982 if (np->rxopt.bits.rxohlim) { 983 int hlim = np->mcast_hops; 984 put_cmsg(&msg, SOL_IPV6, IPV6_2292HOPLIMIT, sizeof(hlim), &hlim); 985 } 986 } 987 len -= msg.msg_controllen; 988 return put_user(len, optlen); 989 } 990 case IPV6_MTU: 991 { 992 struct dst_entry *dst; 993 994 val = 0; 995 rcu_read_lock(); 996 dst = __sk_dst_get(sk); 997 if (dst) 998 val = dst_mtu(dst); 999 rcu_read_unlock(); 1000 if (!val) 1001 return -ENOTCONN; 1002 break; 1003 } 1004 1005 case IPV6_V6ONLY: 1006 val = np->ipv6only; 1007 break; 1008 1009 case IPV6_RECVPKTINFO: 1010 val = np->rxopt.bits.rxinfo; 1011 break; 1012 1013 case IPV6_2292PKTINFO: 1014 val = np->rxopt.bits.rxoinfo; 1015 break; 1016 1017 case IPV6_RECVHOPLIMIT: 1018 val = np->rxopt.bits.rxhlim; 1019 break; 1020 1021 case IPV6_2292HOPLIMIT: 1022 val = np->rxopt.bits.rxohlim; 1023 break; 1024 1025 case IPV6_RECVRTHDR: 1026 val = np->rxopt.bits.srcrt; 1027 break; 1028 1029 case IPV6_2292RTHDR: 1030 val = np->rxopt.bits.osrcrt; 1031 break; 1032 1033 case IPV6_HOPOPTS: 1034 case IPV6_RTHDRDSTOPTS: 1035 case IPV6_RTHDR: 1036 case IPV6_DSTOPTS: 1037 { 1038 1039 lock_sock(sk); 1040 len = ipv6_getsockopt_sticky(sk, np->opt, 1041 optname, optval, len); 1042 release_sock(sk); 1043 /* check if ipv6_getsockopt_sticky() returns err code */ 1044 if (len < 0) 1045 return len; 1046 return put_user(len, optlen); 1047 } 1048 1049 case IPV6_RECVHOPOPTS: 1050 val = np->rxopt.bits.hopopts; 1051 break; 1052 1053 case IPV6_2292HOPOPTS: 1054 val = np->rxopt.bits.ohopopts; 1055 break; 1056 1057 case IPV6_RECVDSTOPTS: 1058 val = np->rxopt.bits.dstopts; 1059 break; 1060 1061 case IPV6_2292DSTOPTS: 1062 val = np->rxopt.bits.odstopts; 1063 break; 1064 1065 case IPV6_TCLASS: 1066 val = np->tclass; 1067 break; 1068 1069 case IPV6_RECVTCLASS: 1070 val = np->rxopt.bits.rxtclass; 1071 break; 1072 1073 case IPV6_FLOWINFO: 1074 val = np->rxopt.bits.rxflow; 1075 break; 1076 1077 case IPV6_RECVPATHMTU: 1078 val = np->rxopt.bits.rxpmtu; 1079 break; 1080 1081 case IPV6_PATHMTU: 1082 { 1083 struct dst_entry *dst; 1084 struct ip6_mtuinfo mtuinfo; 1085 1086 if (len < sizeof(mtuinfo)) 1087 return -EINVAL; 1088 1089 len = sizeof(mtuinfo); 1090 memset(&mtuinfo, 0, sizeof(mtuinfo)); 1091 1092 rcu_read_lock(); 1093 dst = __sk_dst_get(sk); 1094 if (dst) 1095 mtuinfo.ip6m_mtu = dst_mtu(dst); 1096 rcu_read_unlock(); 1097 if (!mtuinfo.ip6m_mtu) 1098 return -ENOTCONN; 1099 1100 if (put_user(len, optlen)) 1101 return -EFAULT; 1102 if (copy_to_user(optval, &mtuinfo, len)) 1103 return -EFAULT; 1104 1105 return 0; 1106 break; 1107 } 1108 1109 case IPV6_UNICAST_HOPS: 1110 case IPV6_MULTICAST_HOPS: 1111 { 1112 struct dst_entry *dst; 1113 1114 if (optname == IPV6_UNICAST_HOPS) 1115 val = np->hop_limit; 1116 else 1117 val = np->mcast_hops; 1118 1119 if (val < 0) { 1120 rcu_read_lock(); 1121 dst = __sk_dst_get(sk); 1122 if (dst) 1123 val = ip6_dst_hoplimit(dst); 1124 rcu_read_unlock(); 1125 } 1126 1127 if (val < 0) 1128 val = sock_net(sk)->ipv6.devconf_all->hop_limit; 1129 break; 1130 } 1131 1132 case IPV6_MULTICAST_LOOP: 1133 val = np->mc_loop; 1134 break; 1135 1136 case IPV6_MULTICAST_IF: 1137 val = np->mcast_oif; 1138 break; 1139 1140 case IPV6_MTU_DISCOVER: 1141 val = np->pmtudisc; 1142 break; 1143 1144 case IPV6_RECVERR: 1145 val = np->recverr; 1146 break; 1147 1148 case IPV6_FLOWINFO_SEND: 1149 val = np->sndflow; 1150 break; 1151 1152 case IPV6_ADDR_PREFERENCES: 1153 val = 0; 1154 1155 if (np->srcprefs & IPV6_PREFER_SRC_TMP) 1156 val |= IPV6_PREFER_SRC_TMP; 1157 else if (np->srcprefs & IPV6_PREFER_SRC_PUBLIC) 1158 val |= IPV6_PREFER_SRC_PUBLIC; 1159 else { 1160 /* XXX: should we return system default? */ 1161 val |= IPV6_PREFER_SRC_PUBTMP_DEFAULT; 1162 } 1163 1164 if (np->srcprefs & IPV6_PREFER_SRC_COA) 1165 val |= IPV6_PREFER_SRC_COA; 1166 else 1167 val |= IPV6_PREFER_SRC_HOME; 1168 break; 1169 1170 case IPV6_MINHOPCOUNT: 1171 val = np->min_hopcount; 1172 break; 1173 1174 case IPV6_DONTFRAG: 1175 val = np->dontfrag; 1176 break; 1177 1178 default: 1179 return -ENOPROTOOPT; 1180 } 1181 len = min_t(unsigned int, sizeof(int), len); 1182 if(put_user(len, optlen)) 1183 return -EFAULT; 1184 if(copy_to_user(optval,&val,len)) 1185 return -EFAULT; 1186 return 0; 1187 } 1188 1189 int ipv6_getsockopt(struct sock *sk, int level, int optname, 1190 char __user *optval, int __user *optlen) 1191 { 1192 int err; 1193 1194 if (level == SOL_IP && sk->sk_type != SOCK_RAW) 1195 return udp_prot.getsockopt(sk, level, optname, optval, optlen); 1196 1197 if(level != SOL_IPV6) 1198 return -ENOPROTOOPT; 1199 1200 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen); 1201 #ifdef CONFIG_NETFILTER 1202 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1203 if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) { 1204 int len; 1205 1206 if (get_user(len, optlen)) 1207 return -EFAULT; 1208 1209 lock_sock(sk); 1210 err = nf_getsockopt(sk, PF_INET6, optname, optval, 1211 &len); 1212 release_sock(sk); 1213 if (err >= 0) 1214 err = put_user(len, optlen); 1215 } 1216 #endif 1217 return err; 1218 } 1219 1220 EXPORT_SYMBOL(ipv6_getsockopt); 1221 1222 #ifdef CONFIG_COMPAT 1223 int compat_ipv6_getsockopt(struct sock *sk, int level, int optname, 1224 char __user *optval, int __user *optlen) 1225 { 1226 int err; 1227 1228 if (level == SOL_IP && sk->sk_type != SOCK_RAW) { 1229 if (udp_prot.compat_getsockopt != NULL) 1230 return udp_prot.compat_getsockopt(sk, level, optname, 1231 optval, optlen); 1232 return udp_prot.getsockopt(sk, level, optname, optval, optlen); 1233 } 1234 1235 if (level != SOL_IPV6) 1236 return -ENOPROTOOPT; 1237 1238 if (optname == MCAST_MSFILTER) 1239 return compat_mc_getsockopt(sk, level, optname, optval, optlen, 1240 ipv6_getsockopt); 1241 1242 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen); 1243 #ifdef CONFIG_NETFILTER 1244 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1245 if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) { 1246 int len; 1247 1248 if (get_user(len, optlen)) 1249 return -EFAULT; 1250 1251 lock_sock(sk); 1252 err = compat_nf_getsockopt(sk, PF_INET6, 1253 optname, optval, &len); 1254 release_sock(sk); 1255 if (err >= 0) 1256 err = put_user(len, optlen); 1257 } 1258 #endif 1259 return err; 1260 } 1261 1262 EXPORT_SYMBOL(compat_ipv6_getsockopt); 1263 #endif 1264 1265