1 /* 2 * IPv6 BSD socket options interface 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * Based on linux/net/ipv4/ip_sockglue.c 9 * 10 * This program is free software; you can redistribute it and/or 11 * modify it under the terms of the GNU General Public License 12 * as published by the Free Software Foundation; either version 13 * 2 of the License, or (at your option) any later version. 14 * 15 * FIXME: Make the setsockopt code POSIX compliant: That is 16 * 17 * o Truncate getsockopt returns 18 * o Return an optlen of the truncated length if need be 19 * 20 * Changes: 21 * David L Stevens <dlstevens@us.ibm.com>: 22 * - added multicast source filtering API for MLDv2 23 */ 24 25 #include <linux/module.h> 26 #include <linux/capability.h> 27 #include <linux/errno.h> 28 #include <linux/types.h> 29 #include <linux/socket.h> 30 #include <linux/sockios.h> 31 #include <linux/net.h> 32 #include <linux/in6.h> 33 #include <linux/mroute6.h> 34 #include <linux/netdevice.h> 35 #include <linux/if_arp.h> 36 #include <linux/init.h> 37 #include <linux/sysctl.h> 38 #include <linux/netfilter.h> 39 #include <linux/slab.h> 40 41 #include <net/sock.h> 42 #include <net/snmp.h> 43 #include <net/ipv6.h> 44 #include <net/ndisc.h> 45 #include <net/protocol.h> 46 #include <net/transp_v6.h> 47 #include <net/ip6_route.h> 48 #include <net/addrconf.h> 49 #include <net/inet_common.h> 50 #include <net/tcp.h> 51 #include <net/udp.h> 52 #include <net/udplite.h> 53 #include <net/xfrm.h> 54 #include <net/compat.h> 55 #include <net/seg6.h> 56 57 #include <linux/uaccess.h> 58 59 struct ip6_ra_chain *ip6_ra_chain; 60 DEFINE_RWLOCK(ip6_ra_lock); 61 62 int ip6_ra_control(struct sock *sk, int sel) 63 { 64 struct ip6_ra_chain *ra, *new_ra, **rap; 65 66 /* RA packet may be delivered ONLY to IPPROTO_RAW socket */ 67 if (sk->sk_type != SOCK_RAW || inet_sk(sk)->inet_num != IPPROTO_RAW) 68 return -ENOPROTOOPT; 69 70 new_ra = (sel >= 0) ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL; 71 72 write_lock_bh(&ip6_ra_lock); 73 for (rap = &ip6_ra_chain; (ra = *rap) != NULL; rap = &ra->next) { 74 if (ra->sk == sk) { 75 if (sel >= 0) { 76 write_unlock_bh(&ip6_ra_lock); 77 kfree(new_ra); 78 return -EADDRINUSE; 79 } 80 81 *rap = ra->next; 82 write_unlock_bh(&ip6_ra_lock); 83 84 sock_put(sk); 85 kfree(ra); 86 return 0; 87 } 88 } 89 if (!new_ra) { 90 write_unlock_bh(&ip6_ra_lock); 91 return -ENOBUFS; 92 } 93 new_ra->sk = sk; 94 new_ra->sel = sel; 95 new_ra->next = ra; 96 *rap = new_ra; 97 sock_hold(sk); 98 write_unlock_bh(&ip6_ra_lock); 99 return 0; 100 } 101 102 struct ipv6_txoptions *ipv6_update_options(struct sock *sk, 103 struct ipv6_txoptions *opt) 104 { 105 if (inet_sk(sk)->is_icsk) { 106 if (opt && 107 !((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) && 108 inet_sk(sk)->inet_daddr != LOOPBACK4_IPV6) { 109 struct inet_connection_sock *icsk = inet_csk(sk); 110 icsk->icsk_ext_hdr_len = opt->opt_flen + opt->opt_nflen; 111 icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie); 112 } 113 } 114 opt = xchg((__force struct ipv6_txoptions **)&inet6_sk(sk)->opt, 115 opt); 116 sk_dst_reset(sk); 117 118 return opt; 119 } 120 121 static bool setsockopt_needs_rtnl(int optname) 122 { 123 switch (optname) { 124 case IPV6_ADDRFORM: 125 case IPV6_ADD_MEMBERSHIP: 126 case IPV6_DROP_MEMBERSHIP: 127 case IPV6_JOIN_ANYCAST: 128 case IPV6_LEAVE_ANYCAST: 129 case MCAST_JOIN_GROUP: 130 case MCAST_LEAVE_GROUP: 131 case MCAST_JOIN_SOURCE_GROUP: 132 case MCAST_LEAVE_SOURCE_GROUP: 133 case MCAST_BLOCK_SOURCE: 134 case MCAST_UNBLOCK_SOURCE: 135 case MCAST_MSFILTER: 136 return true; 137 } 138 return false; 139 } 140 141 static int do_ipv6_setsockopt(struct sock *sk, int level, int optname, 142 char __user *optval, unsigned int optlen) 143 { 144 struct ipv6_pinfo *np = inet6_sk(sk); 145 struct net *net = sock_net(sk); 146 int val, valbool; 147 int retv = -ENOPROTOOPT; 148 bool needs_rtnl = setsockopt_needs_rtnl(optname); 149 150 if (!optval) 151 val = 0; 152 else { 153 if (optlen >= sizeof(int)) { 154 if (get_user(val, (int __user *) optval)) 155 return -EFAULT; 156 } else 157 val = 0; 158 } 159 160 valbool = (val != 0); 161 162 if (ip6_mroute_opt(optname)) 163 return ip6_mroute_setsockopt(sk, optname, optval, optlen); 164 165 if (needs_rtnl) 166 rtnl_lock(); 167 lock_sock(sk); 168 169 switch (optname) { 170 171 case IPV6_ADDRFORM: 172 if (optlen < sizeof(int)) 173 goto e_inval; 174 if (val == PF_INET) { 175 struct ipv6_txoptions *opt; 176 struct sk_buff *pktopt; 177 178 if (sk->sk_type == SOCK_RAW) 179 break; 180 181 if (sk->sk_protocol == IPPROTO_UDP || 182 sk->sk_protocol == IPPROTO_UDPLITE) { 183 struct udp_sock *up = udp_sk(sk); 184 if (up->pending == AF_INET6) { 185 retv = -EBUSY; 186 break; 187 } 188 } else if (sk->sk_protocol != IPPROTO_TCP) 189 break; 190 191 if (sk->sk_state != TCP_ESTABLISHED) { 192 retv = -ENOTCONN; 193 break; 194 } 195 196 if (ipv6_only_sock(sk) || 197 !ipv6_addr_v4mapped(&sk->sk_v6_daddr)) { 198 retv = -EADDRNOTAVAIL; 199 break; 200 } 201 202 fl6_free_socklist(sk); 203 __ipv6_sock_mc_close(sk); 204 205 /* 206 * Sock is moving from IPv6 to IPv4 (sk_prot), so 207 * remove it from the refcnt debug socks count in the 208 * original family... 209 */ 210 sk_refcnt_debug_dec(sk); 211 212 if (sk->sk_protocol == IPPROTO_TCP) { 213 struct inet_connection_sock *icsk = inet_csk(sk); 214 local_bh_disable(); 215 sock_prot_inuse_add(net, sk->sk_prot, -1); 216 sock_prot_inuse_add(net, &tcp_prot, 1); 217 local_bh_enable(); 218 sk->sk_prot = &tcp_prot; 219 icsk->icsk_af_ops = &ipv4_specific; 220 sk->sk_socket->ops = &inet_stream_ops; 221 sk->sk_family = PF_INET; 222 tcp_sync_mss(sk, icsk->icsk_pmtu_cookie); 223 } else { 224 struct proto *prot = &udp_prot; 225 226 if (sk->sk_protocol == IPPROTO_UDPLITE) 227 prot = &udplite_prot; 228 local_bh_disable(); 229 sock_prot_inuse_add(net, sk->sk_prot, -1); 230 sock_prot_inuse_add(net, prot, 1); 231 local_bh_enable(); 232 sk->sk_prot = prot; 233 sk->sk_socket->ops = &inet_dgram_ops; 234 sk->sk_family = PF_INET; 235 } 236 opt = xchg((__force struct ipv6_txoptions **)&np->opt, 237 NULL); 238 if (opt) { 239 atomic_sub(opt->tot_len, &sk->sk_omem_alloc); 240 txopt_put(opt); 241 } 242 pktopt = xchg(&np->pktoptions, NULL); 243 kfree_skb(pktopt); 244 245 sk->sk_destruct = inet_sock_destruct; 246 /* 247 * ... and add it to the refcnt debug socks count 248 * in the new family. -acme 249 */ 250 sk_refcnt_debug_inc(sk); 251 module_put(THIS_MODULE); 252 retv = 0; 253 break; 254 } 255 goto e_inval; 256 257 case IPV6_V6ONLY: 258 if (optlen < sizeof(int) || 259 inet_sk(sk)->inet_num) 260 goto e_inval; 261 sk->sk_ipv6only = valbool; 262 retv = 0; 263 break; 264 265 case IPV6_RECVPKTINFO: 266 if (optlen < sizeof(int)) 267 goto e_inval; 268 np->rxopt.bits.rxinfo = valbool; 269 retv = 0; 270 break; 271 272 case IPV6_2292PKTINFO: 273 if (optlen < sizeof(int)) 274 goto e_inval; 275 np->rxopt.bits.rxoinfo = valbool; 276 retv = 0; 277 break; 278 279 case IPV6_RECVHOPLIMIT: 280 if (optlen < sizeof(int)) 281 goto e_inval; 282 np->rxopt.bits.rxhlim = valbool; 283 retv = 0; 284 break; 285 286 case IPV6_2292HOPLIMIT: 287 if (optlen < sizeof(int)) 288 goto e_inval; 289 np->rxopt.bits.rxohlim = valbool; 290 retv = 0; 291 break; 292 293 case IPV6_RECVRTHDR: 294 if (optlen < sizeof(int)) 295 goto e_inval; 296 np->rxopt.bits.srcrt = valbool; 297 retv = 0; 298 break; 299 300 case IPV6_2292RTHDR: 301 if (optlen < sizeof(int)) 302 goto e_inval; 303 np->rxopt.bits.osrcrt = valbool; 304 retv = 0; 305 break; 306 307 case IPV6_RECVHOPOPTS: 308 if (optlen < sizeof(int)) 309 goto e_inval; 310 np->rxopt.bits.hopopts = valbool; 311 retv = 0; 312 break; 313 314 case IPV6_2292HOPOPTS: 315 if (optlen < sizeof(int)) 316 goto e_inval; 317 np->rxopt.bits.ohopopts = valbool; 318 retv = 0; 319 break; 320 321 case IPV6_RECVDSTOPTS: 322 if (optlen < sizeof(int)) 323 goto e_inval; 324 np->rxopt.bits.dstopts = valbool; 325 retv = 0; 326 break; 327 328 case IPV6_2292DSTOPTS: 329 if (optlen < sizeof(int)) 330 goto e_inval; 331 np->rxopt.bits.odstopts = valbool; 332 retv = 0; 333 break; 334 335 case IPV6_TCLASS: 336 if (optlen < sizeof(int)) 337 goto e_inval; 338 if (val < -1 || val > 0xff) 339 goto e_inval; 340 /* RFC 3542, 6.5: default traffic class of 0x0 */ 341 if (val == -1) 342 val = 0; 343 np->tclass = val; 344 retv = 0; 345 break; 346 347 case IPV6_RECVTCLASS: 348 if (optlen < sizeof(int)) 349 goto e_inval; 350 np->rxopt.bits.rxtclass = valbool; 351 retv = 0; 352 break; 353 354 case IPV6_FLOWINFO: 355 if (optlen < sizeof(int)) 356 goto e_inval; 357 np->rxopt.bits.rxflow = valbool; 358 retv = 0; 359 break; 360 361 case IPV6_RECVPATHMTU: 362 if (optlen < sizeof(int)) 363 goto e_inval; 364 np->rxopt.bits.rxpmtu = valbool; 365 retv = 0; 366 break; 367 368 case IPV6_TRANSPARENT: 369 if (valbool && !ns_capable(net->user_ns, CAP_NET_ADMIN) && 370 !ns_capable(net->user_ns, CAP_NET_RAW)) { 371 retv = -EPERM; 372 break; 373 } 374 if (optlen < sizeof(int)) 375 goto e_inval; 376 /* we don't have a separate transparent bit for IPV6 we use the one in the IPv4 socket */ 377 inet_sk(sk)->transparent = valbool; 378 retv = 0; 379 break; 380 381 case IPV6_RECVORIGDSTADDR: 382 if (optlen < sizeof(int)) 383 goto e_inval; 384 np->rxopt.bits.rxorigdstaddr = valbool; 385 retv = 0; 386 break; 387 388 case IPV6_HOPOPTS: 389 case IPV6_RTHDRDSTOPTS: 390 case IPV6_RTHDR: 391 case IPV6_DSTOPTS: 392 { 393 struct ipv6_txoptions *opt; 394 395 /* remove any sticky options header with a zero option 396 * length, per RFC3542. 397 */ 398 if (optlen == 0) 399 optval = NULL; 400 else if (!optval) 401 goto e_inval; 402 else if (optlen < sizeof(struct ipv6_opt_hdr) || 403 optlen & 0x7 || optlen > 8 * 255) 404 goto e_inval; 405 406 /* hop-by-hop / destination options are privileged option */ 407 retv = -EPERM; 408 if (optname != IPV6_RTHDR && !ns_capable(net->user_ns, CAP_NET_RAW)) 409 break; 410 411 opt = rcu_dereference_protected(np->opt, 412 lockdep_sock_is_held(sk)); 413 opt = ipv6_renew_options(sk, opt, optname, 414 (struct ipv6_opt_hdr __user *)optval, 415 optlen); 416 if (IS_ERR(opt)) { 417 retv = PTR_ERR(opt); 418 break; 419 } 420 421 /* routing header option needs extra check */ 422 retv = -EINVAL; 423 if (optname == IPV6_RTHDR && opt && opt->srcrt) { 424 struct ipv6_rt_hdr *rthdr = opt->srcrt; 425 switch (rthdr->type) { 426 #if IS_ENABLED(CONFIG_IPV6_MIP6) 427 case IPV6_SRCRT_TYPE_2: 428 if (rthdr->hdrlen != 2 || 429 rthdr->segments_left != 1) 430 goto sticky_done; 431 432 break; 433 #endif 434 case IPV6_SRCRT_TYPE_4: 435 { 436 struct ipv6_sr_hdr *srh = (struct ipv6_sr_hdr *) 437 opt->srcrt; 438 439 if (!seg6_validate_srh(srh, optlen)) 440 goto sticky_done; 441 break; 442 } 443 default: 444 goto sticky_done; 445 } 446 } 447 448 retv = 0; 449 opt = ipv6_update_options(sk, opt); 450 sticky_done: 451 if (opt) { 452 atomic_sub(opt->tot_len, &sk->sk_omem_alloc); 453 txopt_put(opt); 454 } 455 break; 456 } 457 458 case IPV6_PKTINFO: 459 { 460 struct in6_pktinfo pkt; 461 462 if (optlen == 0) 463 goto e_inval; 464 else if (optlen < sizeof(struct in6_pktinfo) || !optval) 465 goto e_inval; 466 467 if (copy_from_user(&pkt, optval, sizeof(struct in6_pktinfo))) { 468 retv = -EFAULT; 469 break; 470 } 471 if (sk->sk_bound_dev_if && pkt.ipi6_ifindex != sk->sk_bound_dev_if) 472 goto e_inval; 473 474 np->sticky_pktinfo.ipi6_ifindex = pkt.ipi6_ifindex; 475 np->sticky_pktinfo.ipi6_addr = pkt.ipi6_addr; 476 retv = 0; 477 break; 478 } 479 480 case IPV6_2292PKTOPTIONS: 481 { 482 struct ipv6_txoptions *opt = NULL; 483 struct msghdr msg; 484 struct flowi6 fl6; 485 struct sockcm_cookie sockc_junk; 486 struct ipcm6_cookie ipc6; 487 488 memset(&fl6, 0, sizeof(fl6)); 489 fl6.flowi6_oif = sk->sk_bound_dev_if; 490 fl6.flowi6_mark = sk->sk_mark; 491 492 if (optlen == 0) 493 goto update; 494 495 /* 1K is probably excessive 496 * 1K is surely not enough, 2K per standard header is 16K. 497 */ 498 retv = -EINVAL; 499 if (optlen > 64*1024) 500 break; 501 502 opt = sock_kmalloc(sk, sizeof(*opt) + optlen, GFP_KERNEL); 503 retv = -ENOBUFS; 504 if (!opt) 505 break; 506 507 memset(opt, 0, sizeof(*opt)); 508 refcount_set(&opt->refcnt, 1); 509 opt->tot_len = sizeof(*opt) + optlen; 510 retv = -EFAULT; 511 if (copy_from_user(opt+1, optval, optlen)) 512 goto done; 513 514 msg.msg_controllen = optlen; 515 msg.msg_control = (void *)(opt+1); 516 ipc6.opt = opt; 517 518 retv = ip6_datagram_send_ctl(net, sk, &msg, &fl6, &ipc6, &sockc_junk); 519 if (retv) 520 goto done; 521 update: 522 retv = 0; 523 opt = ipv6_update_options(sk, opt); 524 done: 525 if (opt) { 526 atomic_sub(opt->tot_len, &sk->sk_omem_alloc); 527 txopt_put(opt); 528 } 529 break; 530 } 531 case IPV6_UNICAST_HOPS: 532 if (optlen < sizeof(int)) 533 goto e_inval; 534 if (val > 255 || val < -1) 535 goto e_inval; 536 np->hop_limit = val; 537 retv = 0; 538 break; 539 540 case IPV6_MULTICAST_HOPS: 541 if (sk->sk_type == SOCK_STREAM) 542 break; 543 if (optlen < sizeof(int)) 544 goto e_inval; 545 if (val > 255 || val < -1) 546 goto e_inval; 547 np->mcast_hops = (val == -1 ? IPV6_DEFAULT_MCASTHOPS : val); 548 retv = 0; 549 break; 550 551 case IPV6_MULTICAST_LOOP: 552 if (optlen < sizeof(int)) 553 goto e_inval; 554 if (val != valbool) 555 goto e_inval; 556 np->mc_loop = valbool; 557 retv = 0; 558 break; 559 560 case IPV6_UNICAST_IF: 561 { 562 struct net_device *dev = NULL; 563 int ifindex; 564 565 if (optlen != sizeof(int)) 566 goto e_inval; 567 568 ifindex = (__force int)ntohl((__force __be32)val); 569 if (ifindex == 0) { 570 np->ucast_oif = 0; 571 retv = 0; 572 break; 573 } 574 575 dev = dev_get_by_index(net, ifindex); 576 retv = -EADDRNOTAVAIL; 577 if (!dev) 578 break; 579 dev_put(dev); 580 581 retv = -EINVAL; 582 if (sk->sk_bound_dev_if) 583 break; 584 585 np->ucast_oif = ifindex; 586 retv = 0; 587 break; 588 } 589 590 case IPV6_MULTICAST_IF: 591 if (sk->sk_type == SOCK_STREAM) 592 break; 593 if (optlen < sizeof(int)) 594 goto e_inval; 595 596 if (val) { 597 struct net_device *dev; 598 int midx; 599 600 rcu_read_lock(); 601 602 dev = dev_get_by_index_rcu(net, val); 603 if (!dev) { 604 rcu_read_unlock(); 605 retv = -ENODEV; 606 break; 607 } 608 midx = l3mdev_master_ifindex_rcu(dev); 609 610 rcu_read_unlock(); 611 612 if (sk->sk_bound_dev_if && 613 sk->sk_bound_dev_if != val && 614 (!midx || midx != sk->sk_bound_dev_if)) 615 goto e_inval; 616 } 617 np->mcast_oif = val; 618 retv = 0; 619 break; 620 case IPV6_ADD_MEMBERSHIP: 621 case IPV6_DROP_MEMBERSHIP: 622 { 623 struct ipv6_mreq mreq; 624 625 if (optlen < sizeof(struct ipv6_mreq)) 626 goto e_inval; 627 628 retv = -EPROTO; 629 if (inet_sk(sk)->is_icsk) 630 break; 631 632 retv = -EFAULT; 633 if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq))) 634 break; 635 636 if (optname == IPV6_ADD_MEMBERSHIP) 637 retv = ipv6_sock_mc_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr); 638 else 639 retv = ipv6_sock_mc_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr); 640 break; 641 } 642 case IPV6_JOIN_ANYCAST: 643 case IPV6_LEAVE_ANYCAST: 644 { 645 struct ipv6_mreq mreq; 646 647 if (optlen < sizeof(struct ipv6_mreq)) 648 goto e_inval; 649 650 retv = -EFAULT; 651 if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq))) 652 break; 653 654 if (optname == IPV6_JOIN_ANYCAST) 655 retv = ipv6_sock_ac_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr); 656 else 657 retv = ipv6_sock_ac_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr); 658 break; 659 } 660 case MCAST_JOIN_GROUP: 661 case MCAST_LEAVE_GROUP: 662 { 663 struct group_req greq; 664 struct sockaddr_in6 *psin6; 665 666 if (optlen < sizeof(struct group_req)) 667 goto e_inval; 668 669 retv = -EFAULT; 670 if (copy_from_user(&greq, optval, sizeof(struct group_req))) 671 break; 672 if (greq.gr_group.ss_family != AF_INET6) { 673 retv = -EADDRNOTAVAIL; 674 break; 675 } 676 psin6 = (struct sockaddr_in6 *)&greq.gr_group; 677 if (optname == MCAST_JOIN_GROUP) 678 retv = ipv6_sock_mc_join(sk, greq.gr_interface, 679 &psin6->sin6_addr); 680 else 681 retv = ipv6_sock_mc_drop(sk, greq.gr_interface, 682 &psin6->sin6_addr); 683 break; 684 } 685 case MCAST_JOIN_SOURCE_GROUP: 686 case MCAST_LEAVE_SOURCE_GROUP: 687 case MCAST_BLOCK_SOURCE: 688 case MCAST_UNBLOCK_SOURCE: 689 { 690 struct group_source_req greqs; 691 int omode, add; 692 693 if (optlen < sizeof(struct group_source_req)) 694 goto e_inval; 695 if (copy_from_user(&greqs, optval, sizeof(greqs))) { 696 retv = -EFAULT; 697 break; 698 } 699 if (greqs.gsr_group.ss_family != AF_INET6 || 700 greqs.gsr_source.ss_family != AF_INET6) { 701 retv = -EADDRNOTAVAIL; 702 break; 703 } 704 if (optname == MCAST_BLOCK_SOURCE) { 705 omode = MCAST_EXCLUDE; 706 add = 1; 707 } else if (optname == MCAST_UNBLOCK_SOURCE) { 708 omode = MCAST_EXCLUDE; 709 add = 0; 710 } else if (optname == MCAST_JOIN_SOURCE_GROUP) { 711 struct sockaddr_in6 *psin6; 712 713 psin6 = (struct sockaddr_in6 *)&greqs.gsr_group; 714 retv = ipv6_sock_mc_join(sk, greqs.gsr_interface, 715 &psin6->sin6_addr); 716 /* prior join w/ different source is ok */ 717 if (retv && retv != -EADDRINUSE) 718 break; 719 omode = MCAST_INCLUDE; 720 add = 1; 721 } else /* MCAST_LEAVE_SOURCE_GROUP */ { 722 omode = MCAST_INCLUDE; 723 add = 0; 724 } 725 retv = ip6_mc_source(add, omode, sk, &greqs); 726 break; 727 } 728 case MCAST_MSFILTER: 729 { 730 struct group_filter *gsf; 731 732 if (optlen < GROUP_FILTER_SIZE(0)) 733 goto e_inval; 734 if (optlen > sysctl_optmem_max) { 735 retv = -ENOBUFS; 736 break; 737 } 738 gsf = memdup_user(optval, optlen); 739 if (IS_ERR(gsf)) { 740 retv = PTR_ERR(gsf); 741 break; 742 } 743 /* numsrc >= (4G-140)/128 overflow in 32 bits */ 744 if (gsf->gf_numsrc >= 0x1ffffffU || 745 gsf->gf_numsrc > sysctl_mld_max_msf) { 746 kfree(gsf); 747 retv = -ENOBUFS; 748 break; 749 } 750 if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) { 751 kfree(gsf); 752 retv = -EINVAL; 753 break; 754 } 755 retv = ip6_mc_msfilter(sk, gsf); 756 kfree(gsf); 757 758 break; 759 } 760 case IPV6_ROUTER_ALERT: 761 if (optlen < sizeof(int)) 762 goto e_inval; 763 retv = ip6_ra_control(sk, val); 764 break; 765 case IPV6_MTU_DISCOVER: 766 if (optlen < sizeof(int)) 767 goto e_inval; 768 if (val < IPV6_PMTUDISC_DONT || val > IPV6_PMTUDISC_OMIT) 769 goto e_inval; 770 np->pmtudisc = val; 771 retv = 0; 772 break; 773 case IPV6_MTU: 774 if (optlen < sizeof(int)) 775 goto e_inval; 776 if (val && val < IPV6_MIN_MTU) 777 goto e_inval; 778 np->frag_size = val; 779 retv = 0; 780 break; 781 case IPV6_RECVERR: 782 if (optlen < sizeof(int)) 783 goto e_inval; 784 np->recverr = valbool; 785 if (!val) 786 skb_queue_purge(&sk->sk_error_queue); 787 retv = 0; 788 break; 789 case IPV6_FLOWINFO_SEND: 790 if (optlen < sizeof(int)) 791 goto e_inval; 792 np->sndflow = valbool; 793 retv = 0; 794 break; 795 case IPV6_FLOWLABEL_MGR: 796 retv = ipv6_flowlabel_opt(sk, optval, optlen); 797 break; 798 case IPV6_IPSEC_POLICY: 799 case IPV6_XFRM_POLICY: 800 retv = -EPERM; 801 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 802 break; 803 retv = xfrm_user_policy(sk, optname, optval, optlen); 804 break; 805 806 case IPV6_ADDR_PREFERENCES: 807 { 808 unsigned int pref = 0; 809 unsigned int prefmask = ~0; 810 811 if (optlen < sizeof(int)) 812 goto e_inval; 813 814 retv = -EINVAL; 815 816 /* check PUBLIC/TMP/PUBTMP_DEFAULT conflicts */ 817 switch (val & (IPV6_PREFER_SRC_PUBLIC| 818 IPV6_PREFER_SRC_TMP| 819 IPV6_PREFER_SRC_PUBTMP_DEFAULT)) { 820 case IPV6_PREFER_SRC_PUBLIC: 821 pref |= IPV6_PREFER_SRC_PUBLIC; 822 break; 823 case IPV6_PREFER_SRC_TMP: 824 pref |= IPV6_PREFER_SRC_TMP; 825 break; 826 case IPV6_PREFER_SRC_PUBTMP_DEFAULT: 827 break; 828 case 0: 829 goto pref_skip_pubtmp; 830 default: 831 goto e_inval; 832 } 833 834 prefmask &= ~(IPV6_PREFER_SRC_PUBLIC| 835 IPV6_PREFER_SRC_TMP); 836 pref_skip_pubtmp: 837 838 /* check HOME/COA conflicts */ 839 switch (val & (IPV6_PREFER_SRC_HOME|IPV6_PREFER_SRC_COA)) { 840 case IPV6_PREFER_SRC_HOME: 841 break; 842 case IPV6_PREFER_SRC_COA: 843 pref |= IPV6_PREFER_SRC_COA; 844 case 0: 845 goto pref_skip_coa; 846 default: 847 goto e_inval; 848 } 849 850 prefmask &= ~IPV6_PREFER_SRC_COA; 851 pref_skip_coa: 852 853 /* check CGA/NONCGA conflicts */ 854 switch (val & (IPV6_PREFER_SRC_CGA|IPV6_PREFER_SRC_NONCGA)) { 855 case IPV6_PREFER_SRC_CGA: 856 case IPV6_PREFER_SRC_NONCGA: 857 case 0: 858 break; 859 default: 860 goto e_inval; 861 } 862 863 np->srcprefs = (np->srcprefs & prefmask) | pref; 864 retv = 0; 865 866 break; 867 } 868 case IPV6_MINHOPCOUNT: 869 if (optlen < sizeof(int)) 870 goto e_inval; 871 if (val < 0 || val > 255) 872 goto e_inval; 873 np->min_hopcount = val; 874 retv = 0; 875 break; 876 case IPV6_DONTFRAG: 877 np->dontfrag = valbool; 878 retv = 0; 879 break; 880 case IPV6_AUTOFLOWLABEL: 881 np->autoflowlabel = valbool; 882 retv = 0; 883 break; 884 case IPV6_RECVFRAGSIZE: 885 np->rxopt.bits.recvfragsize = valbool; 886 retv = 0; 887 break; 888 } 889 890 release_sock(sk); 891 if (needs_rtnl) 892 rtnl_unlock(); 893 894 return retv; 895 896 e_inval: 897 release_sock(sk); 898 if (needs_rtnl) 899 rtnl_unlock(); 900 return -EINVAL; 901 } 902 903 int ipv6_setsockopt(struct sock *sk, int level, int optname, 904 char __user *optval, unsigned int optlen) 905 { 906 int err; 907 908 if (level == SOL_IP && sk->sk_type != SOCK_RAW) 909 return udp_prot.setsockopt(sk, level, optname, optval, optlen); 910 911 if (level != SOL_IPV6) 912 return -ENOPROTOOPT; 913 914 err = do_ipv6_setsockopt(sk, level, optname, optval, optlen); 915 #ifdef CONFIG_NETFILTER 916 /* we need to exclude all possible ENOPROTOOPTs except default case */ 917 if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY && 918 optname != IPV6_XFRM_POLICY) { 919 lock_sock(sk); 920 err = nf_setsockopt(sk, PF_INET6, optname, optval, 921 optlen); 922 release_sock(sk); 923 } 924 #endif 925 return err; 926 } 927 EXPORT_SYMBOL(ipv6_setsockopt); 928 929 #ifdef CONFIG_COMPAT 930 int compat_ipv6_setsockopt(struct sock *sk, int level, int optname, 931 char __user *optval, unsigned int optlen) 932 { 933 int err; 934 935 if (level == SOL_IP && sk->sk_type != SOCK_RAW) { 936 if (udp_prot.compat_setsockopt != NULL) 937 return udp_prot.compat_setsockopt(sk, level, optname, 938 optval, optlen); 939 return udp_prot.setsockopt(sk, level, optname, optval, optlen); 940 } 941 942 if (level != SOL_IPV6) 943 return -ENOPROTOOPT; 944 945 if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER) 946 return compat_mc_setsockopt(sk, level, optname, optval, optlen, 947 ipv6_setsockopt); 948 949 err = do_ipv6_setsockopt(sk, level, optname, optval, optlen); 950 #ifdef CONFIG_NETFILTER 951 /* we need to exclude all possible ENOPROTOOPTs except default case */ 952 if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY && 953 optname != IPV6_XFRM_POLICY) { 954 lock_sock(sk); 955 err = compat_nf_setsockopt(sk, PF_INET6, optname, 956 optval, optlen); 957 release_sock(sk); 958 } 959 #endif 960 return err; 961 } 962 EXPORT_SYMBOL(compat_ipv6_setsockopt); 963 #endif 964 965 static int ipv6_getsockopt_sticky(struct sock *sk, struct ipv6_txoptions *opt, 966 int optname, char __user *optval, int len) 967 { 968 struct ipv6_opt_hdr *hdr; 969 970 if (!opt) 971 return 0; 972 973 switch (optname) { 974 case IPV6_HOPOPTS: 975 hdr = opt->hopopt; 976 break; 977 case IPV6_RTHDRDSTOPTS: 978 hdr = opt->dst0opt; 979 break; 980 case IPV6_RTHDR: 981 hdr = (struct ipv6_opt_hdr *)opt->srcrt; 982 break; 983 case IPV6_DSTOPTS: 984 hdr = opt->dst1opt; 985 break; 986 default: 987 return -EINVAL; /* should not happen */ 988 } 989 990 if (!hdr) 991 return 0; 992 993 len = min_t(unsigned int, len, ipv6_optlen(hdr)); 994 if (copy_to_user(optval, hdr, len)) 995 return -EFAULT; 996 return len; 997 } 998 999 static int do_ipv6_getsockopt(struct sock *sk, int level, int optname, 1000 char __user *optval, int __user *optlen, unsigned int flags) 1001 { 1002 struct ipv6_pinfo *np = inet6_sk(sk); 1003 int len; 1004 int val; 1005 1006 if (ip6_mroute_opt(optname)) 1007 return ip6_mroute_getsockopt(sk, optname, optval, optlen); 1008 1009 if (get_user(len, optlen)) 1010 return -EFAULT; 1011 switch (optname) { 1012 case IPV6_ADDRFORM: 1013 if (sk->sk_protocol != IPPROTO_UDP && 1014 sk->sk_protocol != IPPROTO_UDPLITE && 1015 sk->sk_protocol != IPPROTO_TCP) 1016 return -ENOPROTOOPT; 1017 if (sk->sk_state != TCP_ESTABLISHED) 1018 return -ENOTCONN; 1019 val = sk->sk_family; 1020 break; 1021 case MCAST_MSFILTER: 1022 { 1023 struct group_filter gsf; 1024 int err; 1025 1026 if (len < GROUP_FILTER_SIZE(0)) 1027 return -EINVAL; 1028 if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0))) 1029 return -EFAULT; 1030 if (gsf.gf_group.ss_family != AF_INET6) 1031 return -EADDRNOTAVAIL; 1032 lock_sock(sk); 1033 err = ip6_mc_msfget(sk, &gsf, 1034 (struct group_filter __user *)optval, optlen); 1035 release_sock(sk); 1036 return err; 1037 } 1038 1039 case IPV6_2292PKTOPTIONS: 1040 { 1041 struct msghdr msg; 1042 struct sk_buff *skb; 1043 1044 if (sk->sk_type != SOCK_STREAM) 1045 return -ENOPROTOOPT; 1046 1047 msg.msg_control = optval; 1048 msg.msg_controllen = len; 1049 msg.msg_flags = flags; 1050 1051 lock_sock(sk); 1052 skb = np->pktoptions; 1053 if (skb) 1054 ip6_datagram_recv_ctl(sk, &msg, skb); 1055 release_sock(sk); 1056 if (!skb) { 1057 if (np->rxopt.bits.rxinfo) { 1058 struct in6_pktinfo src_info; 1059 src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif : 1060 np->sticky_pktinfo.ipi6_ifindex; 1061 src_info.ipi6_addr = np->mcast_oif ? sk->sk_v6_daddr : np->sticky_pktinfo.ipi6_addr; 1062 put_cmsg(&msg, SOL_IPV6, IPV6_PKTINFO, sizeof(src_info), &src_info); 1063 } 1064 if (np->rxopt.bits.rxhlim) { 1065 int hlim = np->mcast_hops; 1066 put_cmsg(&msg, SOL_IPV6, IPV6_HOPLIMIT, sizeof(hlim), &hlim); 1067 } 1068 if (np->rxopt.bits.rxtclass) { 1069 int tclass = (int)ip6_tclass(np->rcv_flowinfo); 1070 1071 put_cmsg(&msg, SOL_IPV6, IPV6_TCLASS, sizeof(tclass), &tclass); 1072 } 1073 if (np->rxopt.bits.rxoinfo) { 1074 struct in6_pktinfo src_info; 1075 src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif : 1076 np->sticky_pktinfo.ipi6_ifindex; 1077 src_info.ipi6_addr = np->mcast_oif ? sk->sk_v6_daddr : 1078 np->sticky_pktinfo.ipi6_addr; 1079 put_cmsg(&msg, SOL_IPV6, IPV6_2292PKTINFO, sizeof(src_info), &src_info); 1080 } 1081 if (np->rxopt.bits.rxohlim) { 1082 int hlim = np->mcast_hops; 1083 put_cmsg(&msg, SOL_IPV6, IPV6_2292HOPLIMIT, sizeof(hlim), &hlim); 1084 } 1085 if (np->rxopt.bits.rxflow) { 1086 __be32 flowinfo = np->rcv_flowinfo; 1087 1088 put_cmsg(&msg, SOL_IPV6, IPV6_FLOWINFO, sizeof(flowinfo), &flowinfo); 1089 } 1090 } 1091 len -= msg.msg_controllen; 1092 return put_user(len, optlen); 1093 } 1094 case IPV6_MTU: 1095 { 1096 struct dst_entry *dst; 1097 1098 val = 0; 1099 rcu_read_lock(); 1100 dst = __sk_dst_get(sk); 1101 if (dst) 1102 val = dst_mtu(dst); 1103 rcu_read_unlock(); 1104 if (!val) 1105 return -ENOTCONN; 1106 break; 1107 } 1108 1109 case IPV6_V6ONLY: 1110 val = sk->sk_ipv6only; 1111 break; 1112 1113 case IPV6_RECVPKTINFO: 1114 val = np->rxopt.bits.rxinfo; 1115 break; 1116 1117 case IPV6_2292PKTINFO: 1118 val = np->rxopt.bits.rxoinfo; 1119 break; 1120 1121 case IPV6_RECVHOPLIMIT: 1122 val = np->rxopt.bits.rxhlim; 1123 break; 1124 1125 case IPV6_2292HOPLIMIT: 1126 val = np->rxopt.bits.rxohlim; 1127 break; 1128 1129 case IPV6_RECVRTHDR: 1130 val = np->rxopt.bits.srcrt; 1131 break; 1132 1133 case IPV6_2292RTHDR: 1134 val = np->rxopt.bits.osrcrt; 1135 break; 1136 1137 case IPV6_HOPOPTS: 1138 case IPV6_RTHDRDSTOPTS: 1139 case IPV6_RTHDR: 1140 case IPV6_DSTOPTS: 1141 { 1142 struct ipv6_txoptions *opt; 1143 1144 lock_sock(sk); 1145 opt = rcu_dereference_protected(np->opt, 1146 lockdep_sock_is_held(sk)); 1147 len = ipv6_getsockopt_sticky(sk, opt, optname, optval, len); 1148 release_sock(sk); 1149 /* check if ipv6_getsockopt_sticky() returns err code */ 1150 if (len < 0) 1151 return len; 1152 return put_user(len, optlen); 1153 } 1154 1155 case IPV6_RECVHOPOPTS: 1156 val = np->rxopt.bits.hopopts; 1157 break; 1158 1159 case IPV6_2292HOPOPTS: 1160 val = np->rxopt.bits.ohopopts; 1161 break; 1162 1163 case IPV6_RECVDSTOPTS: 1164 val = np->rxopt.bits.dstopts; 1165 break; 1166 1167 case IPV6_2292DSTOPTS: 1168 val = np->rxopt.bits.odstopts; 1169 break; 1170 1171 case IPV6_TCLASS: 1172 val = np->tclass; 1173 break; 1174 1175 case IPV6_RECVTCLASS: 1176 val = np->rxopt.bits.rxtclass; 1177 break; 1178 1179 case IPV6_FLOWINFO: 1180 val = np->rxopt.bits.rxflow; 1181 break; 1182 1183 case IPV6_RECVPATHMTU: 1184 val = np->rxopt.bits.rxpmtu; 1185 break; 1186 1187 case IPV6_PATHMTU: 1188 { 1189 struct dst_entry *dst; 1190 struct ip6_mtuinfo mtuinfo; 1191 1192 if (len < sizeof(mtuinfo)) 1193 return -EINVAL; 1194 1195 len = sizeof(mtuinfo); 1196 memset(&mtuinfo, 0, sizeof(mtuinfo)); 1197 1198 rcu_read_lock(); 1199 dst = __sk_dst_get(sk); 1200 if (dst) 1201 mtuinfo.ip6m_mtu = dst_mtu(dst); 1202 rcu_read_unlock(); 1203 if (!mtuinfo.ip6m_mtu) 1204 return -ENOTCONN; 1205 1206 if (put_user(len, optlen)) 1207 return -EFAULT; 1208 if (copy_to_user(optval, &mtuinfo, len)) 1209 return -EFAULT; 1210 1211 return 0; 1212 } 1213 1214 case IPV6_TRANSPARENT: 1215 val = inet_sk(sk)->transparent; 1216 break; 1217 1218 case IPV6_RECVORIGDSTADDR: 1219 val = np->rxopt.bits.rxorigdstaddr; 1220 break; 1221 1222 case IPV6_UNICAST_HOPS: 1223 case IPV6_MULTICAST_HOPS: 1224 { 1225 struct dst_entry *dst; 1226 1227 if (optname == IPV6_UNICAST_HOPS) 1228 val = np->hop_limit; 1229 else 1230 val = np->mcast_hops; 1231 1232 if (val < 0) { 1233 rcu_read_lock(); 1234 dst = __sk_dst_get(sk); 1235 if (dst) 1236 val = ip6_dst_hoplimit(dst); 1237 rcu_read_unlock(); 1238 } 1239 1240 if (val < 0) 1241 val = sock_net(sk)->ipv6.devconf_all->hop_limit; 1242 break; 1243 } 1244 1245 case IPV6_MULTICAST_LOOP: 1246 val = np->mc_loop; 1247 break; 1248 1249 case IPV6_MULTICAST_IF: 1250 val = np->mcast_oif; 1251 break; 1252 1253 case IPV6_UNICAST_IF: 1254 val = (__force int)htonl((__u32) np->ucast_oif); 1255 break; 1256 1257 case IPV6_MTU_DISCOVER: 1258 val = np->pmtudisc; 1259 break; 1260 1261 case IPV6_RECVERR: 1262 val = np->recverr; 1263 break; 1264 1265 case IPV6_FLOWINFO_SEND: 1266 val = np->sndflow; 1267 break; 1268 1269 case IPV6_FLOWLABEL_MGR: 1270 { 1271 struct in6_flowlabel_req freq; 1272 int flags; 1273 1274 if (len < sizeof(freq)) 1275 return -EINVAL; 1276 1277 if (copy_from_user(&freq, optval, sizeof(freq))) 1278 return -EFAULT; 1279 1280 if (freq.flr_action != IPV6_FL_A_GET) 1281 return -EINVAL; 1282 1283 len = sizeof(freq); 1284 flags = freq.flr_flags; 1285 1286 memset(&freq, 0, sizeof(freq)); 1287 1288 val = ipv6_flowlabel_opt_get(sk, &freq, flags); 1289 if (val < 0) 1290 return val; 1291 1292 if (put_user(len, optlen)) 1293 return -EFAULT; 1294 if (copy_to_user(optval, &freq, len)) 1295 return -EFAULT; 1296 1297 return 0; 1298 } 1299 1300 case IPV6_ADDR_PREFERENCES: 1301 val = 0; 1302 1303 if (np->srcprefs & IPV6_PREFER_SRC_TMP) 1304 val |= IPV6_PREFER_SRC_TMP; 1305 else if (np->srcprefs & IPV6_PREFER_SRC_PUBLIC) 1306 val |= IPV6_PREFER_SRC_PUBLIC; 1307 else { 1308 /* XXX: should we return system default? */ 1309 val |= IPV6_PREFER_SRC_PUBTMP_DEFAULT; 1310 } 1311 1312 if (np->srcprefs & IPV6_PREFER_SRC_COA) 1313 val |= IPV6_PREFER_SRC_COA; 1314 else 1315 val |= IPV6_PREFER_SRC_HOME; 1316 break; 1317 1318 case IPV6_MINHOPCOUNT: 1319 val = np->min_hopcount; 1320 break; 1321 1322 case IPV6_DONTFRAG: 1323 val = np->dontfrag; 1324 break; 1325 1326 case IPV6_AUTOFLOWLABEL: 1327 val = np->autoflowlabel; 1328 break; 1329 1330 case IPV6_RECVFRAGSIZE: 1331 val = np->rxopt.bits.recvfragsize; 1332 break; 1333 1334 default: 1335 return -ENOPROTOOPT; 1336 } 1337 len = min_t(unsigned int, sizeof(int), len); 1338 if (put_user(len, optlen)) 1339 return -EFAULT; 1340 if (copy_to_user(optval, &val, len)) 1341 return -EFAULT; 1342 return 0; 1343 } 1344 1345 int ipv6_getsockopt(struct sock *sk, int level, int optname, 1346 char __user *optval, int __user *optlen) 1347 { 1348 int err; 1349 1350 if (level == SOL_IP && sk->sk_type != SOCK_RAW) 1351 return udp_prot.getsockopt(sk, level, optname, optval, optlen); 1352 1353 if (level != SOL_IPV6) 1354 return -ENOPROTOOPT; 1355 1356 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen, 0); 1357 #ifdef CONFIG_NETFILTER 1358 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1359 if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) { 1360 int len; 1361 1362 if (get_user(len, optlen)) 1363 return -EFAULT; 1364 1365 lock_sock(sk); 1366 err = nf_getsockopt(sk, PF_INET6, optname, optval, 1367 &len); 1368 release_sock(sk); 1369 if (err >= 0) 1370 err = put_user(len, optlen); 1371 } 1372 #endif 1373 return err; 1374 } 1375 EXPORT_SYMBOL(ipv6_getsockopt); 1376 1377 #ifdef CONFIG_COMPAT 1378 int compat_ipv6_getsockopt(struct sock *sk, int level, int optname, 1379 char __user *optval, int __user *optlen) 1380 { 1381 int err; 1382 1383 if (level == SOL_IP && sk->sk_type != SOCK_RAW) { 1384 if (udp_prot.compat_getsockopt != NULL) 1385 return udp_prot.compat_getsockopt(sk, level, optname, 1386 optval, optlen); 1387 return udp_prot.getsockopt(sk, level, optname, optval, optlen); 1388 } 1389 1390 if (level != SOL_IPV6) 1391 return -ENOPROTOOPT; 1392 1393 if (optname == MCAST_MSFILTER) 1394 return compat_mc_getsockopt(sk, level, optname, optval, optlen, 1395 ipv6_getsockopt); 1396 1397 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen, 1398 MSG_CMSG_COMPAT); 1399 #ifdef CONFIG_NETFILTER 1400 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1401 if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) { 1402 int len; 1403 1404 if (get_user(len, optlen)) 1405 return -EFAULT; 1406 1407 lock_sock(sk); 1408 err = compat_nf_getsockopt(sk, PF_INET6, 1409 optname, optval, &len); 1410 release_sock(sk); 1411 if (err >= 0) 1412 err = put_user(len, optlen); 1413 } 1414 #endif 1415 return err; 1416 } 1417 EXPORT_SYMBOL(compat_ipv6_getsockopt); 1418 #endif 1419 1420