projects / linux-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ipv4: Loosen source address check on IPv4 output
[linux-block.git] / net / ipv4 / ip_sockglue.c
CommitLineData
1da177e4
LT		 1/*
2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
5 *
6 * The IP to API glue.
e905a9ed 7 *
1da177e4
LT		 8 * Authors: see ip.c
9 *
10 * Fixes:
11 * Many : Split from ip.c , see ip.c for history.
12 * Martin Mares : TOS setting fixed.
e905a9ed 13 * Alan Cox : Fixed a couple of oopses in Martin's
1da177e4
LT		 14 * TOS tweaks.
15 * Mike McLagan : Routing by source
16 */
17
1da177e4
LT		 18#include <linux/module.h>
19#include <linux/types.h>
20#include <linux/mm.h>
1da177e4
LT		 21#include <linux/skbuff.h>
22#include <linux/ip.h>
23#include <linux/icmp.h>
14c85021 24#include <linux/inetdevice.h>
1da177e4
LT		 25#include <linux/netdevice.h>
26#include <net/sock.h>
27#include <net/ip.h>
28#include <net/icmp.h>
d83d8461 29#include <net/tcp_states.h>
1da177e4
LT		 30#include <linux/udp.h>
31#include <linux/igmp.h>
32#include <linux/netfilter.h>
33#include <linux/route.h>
34#include <linux/mroute.h>
35#include <net/route.h>
36#include <net/xfrm.h>
dae50295 37#include <net/compat.h>
1da177e4
LT		 38#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
39#include <net/transp_v6.h>
40#endif
41
42#include <linux/errqueue.h>
43#include <asm/uaccess.h>
44
45#define IP_CMSG_PKTINFO 1
46#define IP_CMSG_TTL 2
47#define IP_CMSG_TOS 4
48#define IP_CMSG_RECVOPTS 8
49#define IP_CMSG_RETOPTS 16
2c7946a7 50#define IP_CMSG_PASSSEC 32
1da177e4
LT		 51
52/*
53 * SOL_IP control messages.
54 */
55
56static void ip_cmsg_recv_pktinfo(struct msghdr *msg, struct sk_buff *skb)
57{
58 struct in_pktinfo info;
ee6b9673 59 struct rtable *rt = skb->rtable;
1da177e4 60
eddc9ec5 61 info.ipi_addr.s_addr = ip_hdr(skb)->daddr;
1da177e4
LT		 62 if (rt) {
63 info.ipi_ifindex = rt->rt_iif;
64 info.ipi_spec_dst.s_addr = rt->rt_spec_dst;
65 } else {
66 info.ipi_ifindex = 0;
67 info.ipi_spec_dst.s_addr = 0;
68 }
69
70 put_cmsg(msg, SOL_IP, IP_PKTINFO, sizeof(info), &info);
71}
72
73static void ip_cmsg_recv_ttl(struct msghdr *msg, struct sk_buff *skb)
74{
eddc9ec5 75 int ttl = ip_hdr(skb)->ttl;
1da177e4
LT		 76 put_cmsg(msg, SOL_IP, IP_TTL, sizeof(int), &ttl);
77}
78
79static void ip_cmsg_recv_tos(struct msghdr *msg, struct sk_buff *skb)
80{
eddc9ec5 81 put_cmsg(msg, SOL_IP, IP_TOS, 1, &ip_hdr(skb)->tos);
1da177e4
LT		 82}
83
84static void ip_cmsg_recv_opts(struct msghdr *msg, struct sk_buff *skb)
85{
86 if (IPCB(skb)->opt.optlen == 0)
87 return;
88
eddc9ec5
ACM		 89 put_cmsg(msg, SOL_IP, IP_RECVOPTS, IPCB(skb)->opt.optlen,
90 ip_hdr(skb) + 1);
1da177e4
LT		 91}
92
93
94static void ip_cmsg_recv_retopts(struct msghdr *msg, struct sk_buff *skb)
95{
96 unsigned char optbuf[sizeof(struct ip_options) + 40];
97 struct ip_options * opt = (struct ip_options*)optbuf;
98
99 if (IPCB(skb)->opt.optlen == 0)
100 return;
101
102 if (ip_options_echo(opt, skb)) {
103 msg->msg_flags |= MSG_CTRUNC;
104 return;
105 }
106 ip_options_undo(opt);
107
108 put_cmsg(msg, SOL_IP, IP_RETOPTS, opt->optlen, opt->__data);
109}
110
2c7946a7
CZ		 111static void ip_cmsg_recv_security(struct msghdr *msg, struct sk_buff *skb)
112{
113 char *secdata;
dc49c1f9 114 u32 seclen, secid;
2c7946a7
CZ		 115 int err;
116
dc49c1f9
CZ		 117 err = security_socket_getpeersec_dgram(NULL, skb, &secid);
118 if (err)
119 return;
120
121 err = security_secid_to_secctx(secid, &secdata, &seclen);
2c7946a7
CZ		 122 if (err)
123 return;
124
125 put_cmsg(msg, SOL_IP, SCM_SECURITY, seclen, secdata);
dc49c1f9 126 security_release_secctx(secdata, seclen);
2c7946a7
CZ		 127}
128
1da177e4
LT		 129
130void ip_cmsg_recv(struct msghdr *msg, struct sk_buff *skb)
131{
132 struct inet_sock *inet = inet_sk(skb->sk);
133 unsigned flags = inet->cmsg_flags;
134
135 /* Ordered by supposed usage frequency */
136 if (flags & 1)
137 ip_cmsg_recv_pktinfo(msg, skb);
138 if ((flags>>=1) == 0)
139 return;
140
141 if (flags & 1)
142 ip_cmsg_recv_ttl(msg, skb);
143 if ((flags>>=1) == 0)
144 return;
145
146 if (flags & 1)
147 ip_cmsg_recv_tos(msg, skb);
148 if ((flags>>=1) == 0)
149 return;
150
151 if (flags & 1)
152 ip_cmsg_recv_opts(msg, skb);
153 if ((flags>>=1) == 0)
154 return;
155
156 if (flags & 1)
157 ip_cmsg_recv_retopts(msg, skb);
2c7946a7
CZ		 158 if ((flags>>=1) == 0)
159 return;
160
161 if (flags & 1)
162 ip_cmsg_recv_security(msg, skb);
1da177e4
LT		 163}
164
7a6adb92 165int ip_cmsg_send(struct net *net, struct msghdr *msg, struct ipcm_cookie *ipc)
1da177e4
LT		 166{
167 int err;
168 struct cmsghdr *cmsg;
169
170 for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) {
171 if (!CMSG_OK(msg, cmsg))
172 return -EINVAL;
173 if (cmsg->cmsg_level != SOL_IP)
174 continue;
175 switch (cmsg->cmsg_type) {
176 case IP_RETOPTS:
177 err = cmsg->cmsg_len - CMSG_ALIGN(sizeof(struct cmsghdr));
7a6adb92 178 err = ip_options_get(net, &ipc->opt, CMSG_DATA(cmsg), err < 40 ? err : 40);
1da177e4
LT		 179 if (err)
180 return err;
181 break;
182 case IP_PKTINFO:
183 {
184 struct in_pktinfo *info;
185 if (cmsg->cmsg_len != CMSG_LEN(sizeof(struct in_pktinfo)))
186 return -EINVAL;
187 info = (struct in_pktinfo *)CMSG_DATA(cmsg);
188 ipc->oif = info->ipi_ifindex;
189 ipc->addr = info->ipi_spec_dst.s_addr;
190 break;
191 }
192 default:
193 return -EINVAL;
194 }
195 }
196 return 0;
197}
198
199
200/* Special input handler for packets caught by router alert option.
201 They are selected only by protocol field, and then processed likely
202 local ones; but only if someone wants them! Otherwise, router
203 not running rsvpd will kill RSVP.
204
205 It is user level problem, what it will make with them.
206 I have no idea, how it will masquearde or NAT them (it is joke, joke :-)),
207 but receiver should be enough clever f.e. to forward mtrace requests,
208 sent to multicast group to reach destination designated router.
209 */
210struct ip_ra_chain *ip_ra_chain;
211DEFINE_RWLOCK(ip_ra_lock);
212
213int ip_ra_control(struct sock *sk, unsigned char on, void (*destructor)(struct sock *))
214{
215 struct ip_ra_chain *ra, *new_ra, **rap;
216
217 if (sk->sk_type != SOCK_RAW || inet_sk(sk)->num == IPPROTO_RAW)
218 return -EINVAL;
219
220 new_ra = on ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL;
221
222 write_lock_bh(&ip_ra_lock);
223 for (rap = &ip_ra_chain; (ra=*rap) != NULL; rap = &ra->next) {
224 if (ra->sk == sk) {
225 if (on) {
226 write_unlock_bh(&ip_ra_lock);
a51482bd 227 kfree(new_ra);
1da177e4
LT		 228 return -EADDRINUSE;
229 }
230 *rap = ra->next;
231 write_unlock_bh(&ip_ra_lock);
232
233 if (ra->destructor)
234 ra->destructor(sk);
235 sock_put(sk);
236 kfree(ra);
237 return 0;
238 }
239 }
240 if (new_ra == NULL) {
241 write_unlock_bh(&ip_ra_lock);
242 return -ENOBUFS;
243 }
244 new_ra->sk = sk;
245 new_ra->destructor = destructor;
246
247 new_ra->next = ra;
248 *rap = new_ra;
249 sock_hold(sk);
250 write_unlock_bh(&ip_ra_lock);
251
252 return 0;
253}
254
e905a9ed 255void ip_icmp_error(struct sock *sk, struct sk_buff *skb, int err,
35986b32 256 __be16 port, u32 info, u8 *payload)
1da177e4
LT		 257{
258 struct inet_sock *inet = inet_sk(sk);
259 struct sock_exterr_skb *serr;
260
261 if (!inet->recverr)
262 return;
263
264 skb = skb_clone(skb, GFP_ATOMIC);
265 if (!skb)
266 return;
267
e905a9ed 268 serr = SKB_EXT_ERR(skb);
1da177e4
LT		 269 serr->ee.ee_errno = err;
270 serr->ee.ee_origin = SO_EE_ORIGIN_ICMP;
88c7664f
ACM		 271 serr->ee.ee_type = icmp_hdr(skb)->type;
272 serr->ee.ee_code = icmp_hdr(skb)->code;
1da177e4
LT		 273 serr->ee.ee_pad = 0;
274 serr->ee.ee_info = info;
275 serr->ee.ee_data = 0;
88c7664f 276 serr->addr_offset = (u8 *)&(((struct iphdr *)(icmp_hdr(skb) + 1))->daddr) -
d56f90a7 277 skb_network_header(skb);
1da177e4
LT		 278 serr->port = port;
279
bd82393c
ACM		 280 if (skb_pull(skb, payload - skb->data) != NULL) {
281 skb_reset_transport_header(skb);
282 if (sock_queue_err_skb(sk, skb) == 0)
283 return;
284 }
285 kfree_skb(skb);
1da177e4
LT		 286}
287
0579016e 288void ip_local_error(struct sock *sk, int err, __be32 daddr, __be16 port, u32 info)
1da177e4
LT		 289{
290 struct inet_sock *inet = inet_sk(sk);
291 struct sock_exterr_skb *serr;
292 struct iphdr *iph;
293 struct sk_buff *skb;
294
295 if (!inet->recverr)
296 return;
297
298 skb = alloc_skb(sizeof(struct iphdr), GFP_ATOMIC);
299 if (!skb)
300 return;
301
2ca9e6f2
ACM		 302 skb_put(skb, sizeof(struct iphdr));
303 skb_reset_network_header(skb);
eddc9ec5 304 iph = ip_hdr(skb);
1da177e4
LT		 305 iph->daddr = daddr;
306
e905a9ed 307 serr = SKB_EXT_ERR(skb);
1da177e4
LT		 308 serr->ee.ee_errno = err;
309 serr->ee.ee_origin = SO_EE_ORIGIN_LOCAL;
e905a9ed 310 serr->ee.ee_type = 0;
1da177e4
LT		 311 serr->ee.ee_code = 0;
312 serr->ee.ee_pad = 0;
313 serr->ee.ee_info = info;
314 serr->ee.ee_data = 0;
d56f90a7 315 serr->addr_offset = (u8 *)&iph->daddr - skb_network_header(skb);
1da177e4
LT		 316 serr->port = port;
317
27a884dc 318 __skb_pull(skb, skb_tail_pointer(skb) - skb->data);
bd82393c 319 skb_reset_transport_header(skb);
1da177e4
LT		 320
321 if (sock_queue_err_skb(sk, skb))
322 kfree_skb(skb);
323}
324
e905a9ed 325/*
1da177e4
LT		 326 * Handle MSG_ERRQUEUE
327 */
328int ip_recv_error(struct sock *sk, struct msghdr *msg, int len)
329{
330 struct sock_exterr_skb *serr;
331 struct sk_buff *skb, *skb2;
332 struct sockaddr_in *sin;
333 struct {
334 struct sock_extended_err ee;
335 struct sockaddr_in offender;
336 } errhdr;
337 int err;
338 int copied;
339
340 err = -EAGAIN;
341 skb = skb_dequeue(&sk->sk_error_queue);
342 if (skb == NULL)
343 goto out;
344
345 copied = skb->len;
346 if (copied > len) {
347 msg->msg_flags |= MSG_TRUNC;
348 copied = len;
349 }
350 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
351 if (err)
352 goto out_free_skb;
353
354 sock_recv_timestamp(msg, sk, skb);
355
356 serr = SKB_EXT_ERR(skb);
357
358 sin = (struct sockaddr_in *)msg->msg_name;
359 if (sin) {
360 sin->sin_family = AF_INET;
d56f90a7
ACM		 361 sin->sin_addr.s_addr = *(__be32 *)(skb_network_header(skb) +
362 serr->addr_offset);
1da177e4
LT		 363 sin->sin_port = serr->port;
364 memset(&sin->sin_zero, 0, sizeof(sin->sin_zero));
365 }
366
367 memcpy(&errhdr.ee, &serr->ee, sizeof(struct sock_extended_err));
368 sin = &errhdr.offender;
369 sin->sin_family = AF_UNSPEC;
370 if (serr->ee.ee_origin == SO_EE_ORIGIN_ICMP) {
371 struct inet_sock *inet = inet_sk(sk);
372
373 sin->sin_family = AF_INET;
eddc9ec5 374 sin->sin_addr.s_addr = ip_hdr(skb)->saddr;
1da177e4
LT		 375 sin->sin_port = 0;
376 memset(&sin->sin_zero, 0, sizeof(sin->sin_zero));
377 if (inet->cmsg_flags)
378 ip_cmsg_recv(msg, skb);
379 }
380
381 put_cmsg(msg, SOL_IP, IP_RECVERR, sizeof(errhdr), &errhdr);
382
383 /* Now we could try to dump offended packet options */
384
385 msg->msg_flags |= MSG_ERRQUEUE;
386 err = copied;
387
388 /* Reset and regenerate socket error */
e0f9f858 389 spin_lock_bh(&sk->sk_error_queue.lock);
1da177e4
LT		 390 sk->sk_err = 0;
391 if ((skb2 = skb_peek(&sk->sk_error_queue)) != NULL) {
392 sk->sk_err = SKB_EXT_ERR(skb2)->ee.ee_errno;
e0f9f858 393 spin_unlock_bh(&sk->sk_error_queue.lock);
1da177e4
LT		 394 sk->sk_error_report(sk);
395 } else
e0f9f858 396 spin_unlock_bh(&sk->sk_error_queue.lock);
1da177e4 397
e905a9ed 398out_free_skb:
1da177e4
LT		 399 kfree_skb(skb);
400out:
401 return err;
402}
403
404
405/*
406 * Socket option code for IP. This is the end of the line after any TCP,UDP etc options on
407 * an IP socket.
408 */
409
3fdadf7d 410static int do_ip_setsockopt(struct sock *sk, int level,
132adf54 411 int optname, char __user *optval, int optlen)
1da177e4
LT		 412{
413 struct inet_sock *inet = inet_sk(sk);
414 int val=0,err;
415
e905a9ed 416 if (((1<<optname) & ((1<<IP_PKTINFO) | (1<<IP_RECVTTL) |
132adf54
SH		 417 (1<<IP_RECVOPTS) | (1<<IP_RECVTOS) |
418 (1<<IP_RETOPTS) | (1<<IP_TOS) |
419 (1<<IP_TTL) | (1<<IP_HDRINCL) |
420 (1<<IP_MTU_DISCOVER) | (1<<IP_RECVERR) |
421 (1<<IP_ROUTER_ALERT) | (1<<IP_FREEBIND) |
422 (1<<IP_PASSSEC))) ||
423 optname == IP_MULTICAST_TTL ||
424 optname == IP_MULTICAST_LOOP) {
1da177e4
LT		 425 if (optlen >= sizeof(int)) {
426 if (get_user(val, (int __user *) optval))
427 return -EFAULT;
428 } else if (optlen >= sizeof(char)) {
429 unsigned char ucval;
430
431 if (get_user(ucval, (unsigned char __user *) optval))
432 return -EFAULT;
433 val = (int) ucval;
434 }
435 }
436
437 /* If optlen==0, it is equivalent to val == 0 */
438
6a9fb947 439 if (ip_mroute_opt(optname))
1da177e4 440 return ip_mroute_setsockopt(sk,optname,optval,optlen);
1da177e4
LT		 441
442 err = 0;
443 lock_sock(sk);
444
445 switch (optname) {
132adf54
SH		 446 case IP_OPTIONS:
447 {
448 struct ip_options * opt = NULL;
449 if (optlen > 40 || optlen < 0)
450 goto e_inval;
3b1e0a65 451 err = ip_options_get_from_user(sock_net(sk), &opt,
cb84663e 452 optval, optlen);
132adf54
SH		 453 if (err)
454 break;
455 if (inet->is_icsk) {
456 struct inet_connection_sock *icsk = inet_csk(sk);
1da177e4 457#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
132adf54
SH		 458 if (sk->sk_family == PF_INET ||
459 (!((1 << sk->sk_state) &
460 (TCPF_LISTEN | TCPF_CLOSE)) &&
461 inet->daddr != LOOPBACK4_IPV6)) {
1da177e4 462#endif
132adf54
SH		 463 if (inet->opt)
464 icsk->icsk_ext_hdr_len -= inet->opt->optlen;
465 if (opt)
466 icsk->icsk_ext_hdr_len += opt->optlen;
467 icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie);
1da177e4 468#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
1da177e4 469 }
132adf54 470#endif
1da177e4 471 }
132adf54
SH		 472 opt = xchg(&inet->opt, opt);
473 kfree(opt);
474 break;
475 }
476 case IP_PKTINFO:
477 if (val)
478 inet->cmsg_flags |= IP_CMSG_PKTINFO;
479 else
480 inet->cmsg_flags &= ~IP_CMSG_PKTINFO;
481 break;
482 case IP_RECVTTL:
483 if (val)
484 inet->cmsg_flags |= IP_CMSG_TTL;
485 else
486 inet->cmsg_flags &= ~IP_CMSG_TTL;
487 break;
488 case IP_RECVTOS:
489 if (val)
490 inet->cmsg_flags |= IP_CMSG_TOS;
491 else
492 inet->cmsg_flags &= ~IP_CMSG_TOS;
493 break;
494 case IP_RECVOPTS:
495 if (val)
496 inet->cmsg_flags |= IP_CMSG_RECVOPTS;
497 else
498 inet->cmsg_flags &= ~IP_CMSG_RECVOPTS;
499 break;
500 case IP_RETOPTS:
501 if (val)
502 inet->cmsg_flags |= IP_CMSG_RETOPTS;
503 else
504 inet->cmsg_flags &= ~IP_CMSG_RETOPTS;
505 break;
506 case IP_PASSSEC:
507 if (val)
508 inet->cmsg_flags |= IP_CMSG_PASSSEC;
509 else
510 inet->cmsg_flags &= ~IP_CMSG_PASSSEC;
511 break;
512 case IP_TOS: /* This sets both TOS and Precedence */
513 if (sk->sk_type == SOCK_STREAM) {
514 val &= ~3;
515 val |= inet->tos & 3;
516 }
132adf54
SH		 517 if (inet->tos != val) {
518 inet->tos = val;
519 sk->sk_priority = rt_tos2priority(val);
520 sk_dst_reset(sk);
521 }
522 break;
523 case IP_TTL:
524 if (optlen<1)
525 goto e_inval;
526 if (val != -1 && (val < 1 || val>255))
527 goto e_inval;
528 inet->uc_ttl = val;
529 break;
530 case IP_HDRINCL:
531 if (sk->sk_type != SOCK_RAW) {
532 err = -ENOPROTOOPT;
2c7946a7 533 break;
132adf54
SH		 534 }
535 inet->hdrincl = val ? 1 : 0;
536 break;
537 case IP_MTU_DISCOVER:
628a5c56 538 if (val<0 || val>3)
132adf54
SH		 539 goto e_inval;
540 inet->pmtudisc = val;
541 break;
542 case IP_RECVERR:
543 inet->recverr = !!val;
544 if (!val)
545 skb_queue_purge(&sk->sk_error_queue);
546 break;
547 case IP_MULTICAST_TTL:
548 if (sk->sk_type == SOCK_STREAM)
549 goto e_inval;
550 if (optlen<1)
551 goto e_inval;
552 if (val==-1)
553 val = 1;
554 if (val < 0 || val > 255)
555 goto e_inval;
556 inet->mc_ttl = val;
557 break;
558 case IP_MULTICAST_LOOP:
559 if (optlen<1)
560 goto e_inval;
561 inet->mc_loop = !!val;
562 break;
563 case IP_MULTICAST_IF:
564 {
565 struct ip_mreqn mreq;
566 struct net_device *dev = NULL;
567
568 if (sk->sk_type == SOCK_STREAM)
569 goto e_inval;
570 /*
571 * Check the arguments are allowable
572 */
573
574 err = -EFAULT;
575 if (optlen >= sizeof(struct ip_mreqn)) {
576 if (copy_from_user(&mreq,optval,sizeof(mreq)))
1da177e4 577 break;
132adf54
SH		 578 } else {
579 memset(&mreq, 0, sizeof(mreq));
580 if (optlen >= sizeof(struct in_addr) &&
581 copy_from_user(&mreq.imr_address,optval,sizeof(struct in_addr)))
582 break;
583 }
584
585 if (!mreq.imr_ifindex) {
e6f1cebf 586 if (mreq.imr_address.s_addr == htonl(INADDR_ANY)) {
132adf54
SH		 587 inet->mc_index = 0;
588 inet->mc_addr = 0;
589 err = 0;
1da177e4
LT		 590 break;
591 }
3b1e0a65 592 dev = ip_dev_find(sock_net(sk), mreq.imr_address.s_addr);
132adf54
SH		 593 if (dev) {
594 mreq.imr_ifindex = dev->ifindex;
595 dev_put(dev);
596 }
597 } else
3b1e0a65 598 dev = __dev_get_by_index(sock_net(sk), mreq.imr_ifindex);
1da177e4 599
1da177e4 600
132adf54
SH		 601 err = -EADDRNOTAVAIL;
602 if (!dev)
603 break;
604
605 err = -EINVAL;
606 if (sk->sk_bound_dev_if &&
607 mreq.imr_ifindex != sk->sk_bound_dev_if)
608 break;
1da177e4 609
132adf54
SH		 610 inet->mc_index = mreq.imr_ifindex;
611 inet->mc_addr = mreq.imr_address.s_addr;
612 err = 0;
613 break;
614 }
1da177e4 615
132adf54
SH		 616 case IP_ADD_MEMBERSHIP:
617 case IP_DROP_MEMBERSHIP:
618 {
619 struct ip_mreqn mreq;
1da177e4 620
a96fb49b
FL		 621 err = -EPROTO;
622 if (inet_sk(sk)->is_icsk)
623 break;
624
132adf54
SH		 625 if (optlen < sizeof(struct ip_mreq))
626 goto e_inval;
627 err = -EFAULT;
628 if (optlen >= sizeof(struct ip_mreqn)) {
629 if (copy_from_user(&mreq,optval,sizeof(mreq)))
1da177e4 630 break;
132adf54
SH		 631 } else {
632 memset(&mreq, 0, sizeof(mreq));
633 if (copy_from_user(&mreq,optval,sizeof(struct ip_mreq)))
1da177e4 634 break;
132adf54 635 }
1da177e4 636
132adf54
SH		 637 if (optname == IP_ADD_MEMBERSHIP)
638 err = ip_mc_join_group(sk, &mreq);
639 else
640 err = ip_mc_leave_group(sk, &mreq);
641 break;
642 }
643 case IP_MSFILTER:
644 {
645 extern int sysctl_igmp_max_msf;
646 struct ip_msfilter *msf;
647
648 if (optlen < IP_MSFILTER_SIZE(0))
649 goto e_inval;
650 if (optlen > sysctl_optmem_max) {
651 err = -ENOBUFS;
1da177e4
LT		 652 break;
653 }
132adf54 654 msf = kmalloc(optlen, GFP_KERNEL);
cfcabdcc 655 if (!msf) {
132adf54
SH		 656 err = -ENOBUFS;
657 break;
658 }
659 err = -EFAULT;
660 if (copy_from_user(msf, optval, optlen)) {
661 kfree(msf);
662 break;
663 }
664 /* numsrc >= (1G-4) overflow in 32 bits */
665 if (msf->imsf_numsrc >= 0x3ffffffcU ||
666 msf->imsf_numsrc > sysctl_igmp_max_msf) {
667 kfree(msf);
668 err = -ENOBUFS;
669 break;
670 }
671 if (IP_MSFILTER_SIZE(msf->imsf_numsrc) > optlen) {
672 kfree(msf);
673 err = -EINVAL;
674 break;
675 }
676 err = ip_mc_msfilter(sk, msf, 0);
677 kfree(msf);
678 break;
679 }
680 case IP_BLOCK_SOURCE:
681 case IP_UNBLOCK_SOURCE:
682 case IP_ADD_SOURCE_MEMBERSHIP:
683 case IP_DROP_SOURCE_MEMBERSHIP:
684 {
685 struct ip_mreq_source mreqs;
686 int omode, add;
1da177e4 687
132adf54
SH		 688 if (optlen != sizeof(struct ip_mreq_source))
689 goto e_inval;
690 if (copy_from_user(&mreqs, optval, sizeof(mreqs))) {
1da177e4 691 err = -EFAULT;
1da177e4
LT		 692 break;
693 }
132adf54
SH		 694 if (optname == IP_BLOCK_SOURCE) {
695 omode = MCAST_EXCLUDE;
696 add = 1;
697 } else if (optname == IP_UNBLOCK_SOURCE) {
698 omode = MCAST_EXCLUDE;
699 add = 0;
700 } else if (optname == IP_ADD_SOURCE_MEMBERSHIP) {
701 struct ip_mreqn mreq;
1da177e4 702
132adf54
SH		 703 mreq.imr_multiaddr.s_addr = mreqs.imr_multiaddr;
704 mreq.imr_address.s_addr = mreqs.imr_interface;
705 mreq.imr_ifindex = 0;
706 err = ip_mc_join_group(sk, &mreq);
707 if (err && err != -EADDRINUSE)
1da177e4 708 break;
132adf54
SH		 709 omode = MCAST_INCLUDE;
710 add = 1;
711 } else /* IP_DROP_SOURCE_MEMBERSHIP */ {
712 omode = MCAST_INCLUDE;
713 add = 0;
714 }
715 err = ip_mc_source(add, omode, sk, &mreqs, 0);
716 break;
717 }
718 case MCAST_JOIN_GROUP:
719 case MCAST_LEAVE_GROUP:
720 {
721 struct group_req greq;
722 struct sockaddr_in *psin;
723 struct ip_mreqn mreq;
724
725 if (optlen < sizeof(struct group_req))
726 goto e_inval;
727 err = -EFAULT;
728 if (copy_from_user(&greq, optval, sizeof(greq)))
729 break;
730 psin = (struct sockaddr_in *)&greq.gr_group;
731 if (psin->sin_family != AF_INET)
732 goto e_inval;
733 memset(&mreq, 0, sizeof(mreq));
734 mreq.imr_multiaddr = psin->sin_addr;
735 mreq.imr_ifindex = greq.gr_interface;
736
737 if (optname == MCAST_JOIN_GROUP)
738 err = ip_mc_join_group(sk, &mreq);
739 else
740 err = ip_mc_leave_group(sk, &mreq);
741 break;
742 }
743 case MCAST_JOIN_SOURCE_GROUP:
744 case MCAST_LEAVE_SOURCE_GROUP:
745 case MCAST_BLOCK_SOURCE:
746 case MCAST_UNBLOCK_SOURCE:
747 {
748 struct group_source_req greqs;
749 struct ip_mreq_source mreqs;
750 struct sockaddr_in *psin;
751 int omode, add;
752
753 if (optlen != sizeof(struct group_source_req))
754 goto e_inval;
755 if (copy_from_user(&greqs, optval, sizeof(greqs))) {
1da177e4 756 err = -EFAULT;
1da177e4
LT		 757 break;
758 }
132adf54
SH		 759 if (greqs.gsr_group.ss_family != AF_INET ||
760 greqs.gsr_source.ss_family != AF_INET) {
761 err = -EADDRNOTAVAIL;
1da177e4
LT		 762 break;
763 }
132adf54
SH		 764 psin = (struct sockaddr_in *)&greqs.gsr_group;
765 mreqs.imr_multiaddr = psin->sin_addr.s_addr;
766 psin = (struct sockaddr_in *)&greqs.gsr_source;
767 mreqs.imr_sourceaddr = psin->sin_addr.s_addr;
768 mreqs.imr_interface = 0; /* use index for mc_source */
769
770 if (optname == MCAST_BLOCK_SOURCE) {
771 omode = MCAST_EXCLUDE;
772 add = 1;
773 } else if (optname == MCAST_UNBLOCK_SOURCE) {
774 omode = MCAST_EXCLUDE;
775 add = 0;
776 } else if (optname == MCAST_JOIN_SOURCE_GROUP) {
1da177e4
LT		 777 struct ip_mreqn mreq;
778
132adf54 779 psin = (struct sockaddr_in *)&greqs.gsr_group;
1da177e4 780 mreq.imr_multiaddr = psin->sin_addr;
132adf54
SH		 781 mreq.imr_address.s_addr = 0;
782 mreq.imr_ifindex = greqs.gsr_interface;
783 err = ip_mc_join_group(sk, &mreq);
784 if (err && err != -EADDRINUSE)
785 break;
786 greqs.gsr_interface = mreq.imr_ifindex;
787 omode = MCAST_INCLUDE;
788 add = 1;
789 } else /* MCAST_LEAVE_SOURCE_GROUP */ {
790 omode = MCAST_INCLUDE;
791 add = 0;
792 }
793 err = ip_mc_source(add, omode, sk, &mreqs,
794 greqs.gsr_interface);
795 break;
796 }
797 case MCAST_MSFILTER:
798 {
799 extern int sysctl_igmp_max_msf;
800 struct sockaddr_in *psin;
801 struct ip_msfilter *msf = NULL;
802 struct group_filter *gsf = NULL;
803 int msize, i, ifindex;
804
805 if (optlen < GROUP_FILTER_SIZE(0))
806 goto e_inval;
807 if (optlen > sysctl_optmem_max) {
808 err = -ENOBUFS;
1da177e4
LT		 809 break;
810 }
132adf54 811 gsf = kmalloc(optlen,GFP_KERNEL);
cfcabdcc 812 if (!gsf) {
132adf54 813 err = -ENOBUFS;
1da177e4
LT		 814 break;
815 }
132adf54
SH		 816 err = -EFAULT;
817 if (copy_from_user(gsf, optval, optlen)) {
818 goto mc_msf_out;
819 }
820 /* numsrc >= (4G-140)/128 overflow in 32 bits */
821 if (gsf->gf_numsrc >= 0x1ffffff ||
822 gsf->gf_numsrc > sysctl_igmp_max_msf) {
823 err = -ENOBUFS;
824 goto mc_msf_out;
825 }
826 if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) {
827 err = -EINVAL;
828 goto mc_msf_out;
829 }
830 msize = IP_MSFILTER_SIZE(gsf->gf_numsrc);
831 msf = kmalloc(msize,GFP_KERNEL);
cfcabdcc 832 if (!msf) {
132adf54
SH		 833 err = -ENOBUFS;
834 goto mc_msf_out;
835 }
836 ifindex = gsf->gf_interface;
837 psin = (struct sockaddr_in *)&gsf->gf_group;
838 if (psin->sin_family != AF_INET) {
1da177e4 839 err = -EADDRNOTAVAIL;
132adf54 840 goto mc_msf_out;
1da177e4 841 }
132adf54
SH		 842 msf->imsf_multiaddr = psin->sin_addr.s_addr;
843 msf->imsf_interface = 0;
844 msf->imsf_fmode = gsf->gf_fmode;
845 msf->imsf_numsrc = gsf->gf_numsrc;
846 err = -EADDRNOTAVAIL;
847 for (i=0; i<gsf->gf_numsrc; ++i) {
848 psin = (struct sockaddr_in *)&gsf->gf_slist[i];
e905a9ed 849
132adf54
SH		 850 if (psin->sin_family != AF_INET)
851 goto mc_msf_out;
852 msf->imsf_slist[i] = psin->sin_addr.s_addr;
853 }
854 kfree(gsf);
855 gsf = NULL;
856
857 err = ip_mc_msfilter(sk, msf, ifindex);
858 mc_msf_out:
859 kfree(msf);
860 kfree(gsf);
861 break;
862 }
863 case IP_ROUTER_ALERT:
864 err = ip_ra_control(sk, val ? 1 : 0, NULL);
865 break;
866
867 case IP_FREEBIND:
868 if (optlen<1)
869 goto e_inval;
870 inet->freebind = !!val;
871 break;
872
873 case IP_IPSEC_POLICY:
874 case IP_XFRM_POLICY:
875 err = -EPERM;
876 if (!capable(CAP_NET_ADMIN))
1da177e4 877 break;
132adf54
SH		 878 err = xfrm_user_policy(sk, optname, optval, optlen);
879 break;
1da177e4 880
132adf54
SH		 881 default:
882 err = -ENOPROTOOPT;
883 break;
1da177e4
LT		 884 }
885 release_sock(sk);
886 return err;
887
888e_inval:
889 release_sock(sk);
890 return -EINVAL;
891}
892
3fdadf7d
DM		 893int ip_setsockopt(struct sock *sk, int level,
894 int optname, char __user *optval, int optlen)
895{
896 int err;
897
898 if (level != SOL_IP)
899 return -ENOPROTOOPT;
900
901 err = do_ip_setsockopt(sk, level, optname, optval, optlen);
902#ifdef CONFIG_NETFILTER
903 /* we need to exclude all possible ENOPROTOOPTs except default case */
904 if (err == -ENOPROTOOPT && optname != IP_HDRINCL &&
6a9fb947
PE		 905 optname != IP_IPSEC_POLICY &&
906 optname != IP_XFRM_POLICY &&
907 !ip_mroute_opt(optname)) {
3fdadf7d
DM		 908 lock_sock(sk);
909 err = nf_setsockopt(sk, PF_INET, optname, optval, optlen);
910 release_sock(sk);
911 }
912#endif
913 return err;
914}
915
916#ifdef CONFIG_COMPAT
543d9cfe
ACM		 917int compat_ip_setsockopt(struct sock *sk, int level, int optname,
918 char __user *optval, int optlen)
3fdadf7d
DM		 919{
920 int err;
921
922 if (level != SOL_IP)
923 return -ENOPROTOOPT;
924
dae50295
DS		 925 if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER)
926 return compat_mc_setsockopt(sk, level, optname, optval, optlen,
927 ip_setsockopt);
928
3fdadf7d
DM		 929 err = do_ip_setsockopt(sk, level, optname, optval, optlen);
930#ifdef CONFIG_NETFILTER
931 /* we need to exclude all possible ENOPROTOOPTs except default case */
932 if (err == -ENOPROTOOPT && optname != IP_HDRINCL &&
6a9fb947
PE		 933 optname != IP_IPSEC_POLICY &&
934 optname != IP_XFRM_POLICY &&
935 !ip_mroute_opt(optname)) {
3fdadf7d 936 lock_sock(sk);
543d9cfe
ACM		 937 err = compat_nf_setsockopt(sk, PF_INET, optname,
938 optval, optlen);
3fdadf7d
DM		 939 release_sock(sk);
940 }
941#endif
942 return err;
943}
543d9cfe
ACM		 944
945EXPORT_SYMBOL(compat_ip_setsockopt);
3fdadf7d
DM		 946#endif
947
1da177e4
LT		 948/*
949 * Get the options. Note for future reference. The GET of IP options gets the
950 * _received_ ones. The set sets the _sent_ ones.
951 */
952
3fdadf7d 953static int do_ip_getsockopt(struct sock *sk, int level, int optname,
132adf54 954 char __user *optval, int __user *optlen)
1da177e4
LT		 955{
956 struct inet_sock *inet = inet_sk(sk);
957 int val;
958 int len;
e905a9ed 959
132adf54 960 if (level != SOL_IP)
1da177e4
LT		 961 return -EOPNOTSUPP;
962
6a9fb947 963 if (ip_mroute_opt(optname))
1da177e4 964 return ip_mroute_getsockopt(sk,optname,optval,optlen);
1da177e4 965
132adf54 966 if (get_user(len,optlen))
1da177e4 967 return -EFAULT;
132adf54 968 if (len < 0)
1da177e4 969 return -EINVAL;
e905a9ed 970
1da177e4
LT		 971 lock_sock(sk);
972
132adf54
SH		 973 switch (optname) {
974 case IP_OPTIONS:
975 {
976 unsigned char optbuf[sizeof(struct ip_options)+40];
977 struct ip_options * opt = (struct ip_options*)optbuf;
978 opt->optlen = 0;
979 if (inet->opt)
980 memcpy(optbuf, inet->opt,
981 sizeof(struct ip_options)+
982 inet->opt->optlen);
983 release_sock(sk);
984
985 if (opt->optlen == 0)
986 return put_user(0, optlen);
987
988 ip_options_undo(opt);
989
990 len = min_t(unsigned int, len, opt->optlen);
991 if (put_user(len, optlen))
992 return -EFAULT;
993 if (copy_to_user(optval, opt->__data, len))
994 return -EFAULT;
995 return 0;
996 }
997 case IP_PKTINFO:
998 val = (inet->cmsg_flags & IP_CMSG_PKTINFO) != 0;
999 break;
1000 case IP_RECVTTL:
1001 val = (inet->cmsg_flags & IP_CMSG_TTL) != 0;
1002 break;
1003 case IP_RECVTOS:
1004 val = (inet->cmsg_flags & IP_CMSG_TOS) != 0;
1005 break;
1006 case IP_RECVOPTS:
1007 val = (inet->cmsg_flags & IP_CMSG_RECVOPTS) != 0;
1008 break;
1009 case IP_RETOPTS:
1010 val = (inet->cmsg_flags & IP_CMSG_RETOPTS) != 0;
1011 break;
1012 case IP_PASSSEC:
1013 val = (inet->cmsg_flags & IP_CMSG_PASSSEC) != 0;
1014 break;
1015 case IP_TOS:
1016 val = inet->tos;
1017 break;
1018 case IP_TTL:
1019 val = (inet->uc_ttl == -1 ?
1020 sysctl_ip_default_ttl :
1021 inet->uc_ttl);
1022 break;
1023 case IP_HDRINCL:
1024 val = inet->hdrincl;
1025 break;
1026 case IP_MTU_DISCOVER:
1027 val = inet->pmtudisc;
1028 break;
1029 case IP_MTU:
1030 {
1031 struct dst_entry *dst;
1032 val = 0;
1033 dst = sk_dst_get(sk);
1034 if (dst) {
1035 val = dst_mtu(dst);
1036 dst_release(dst);
1da177e4 1037 }
132adf54 1038 if (!val) {
1da177e4 1039 release_sock(sk);
132adf54 1040 return -ENOTCONN;
1da177e4 1041 }
132adf54
SH		 1042 break;
1043 }
1044 case IP_RECVERR:
1045 val = inet->recverr;
1046 break;
1047 case IP_MULTICAST_TTL:
1048 val = inet->mc_ttl;
1049 break;
1050 case IP_MULTICAST_LOOP:
1051 val = inet->mc_loop;
1052 break;
1053 case IP_MULTICAST_IF:
1054 {
1055 struct in_addr addr;
1056 len = min_t(unsigned int, len, sizeof(struct in_addr));
1057 addr.s_addr = inet->mc_addr;
1058 release_sock(sk);
1da177e4 1059
132adf54
SH		 1060 if (put_user(len, optlen))
1061 return -EFAULT;
1062 if (copy_to_user(optval, &addr, len))
1063 return -EFAULT;
1064 return 0;
1065 }
1066 case IP_MSFILTER:
1067 {
1068 struct ip_msfilter msf;
1069 int err;
1070
1071 if (len < IP_MSFILTER_SIZE(0)) {
1da177e4 1072 release_sock(sk);
132adf54 1073 return -EINVAL;
1da177e4 1074 }
132adf54 1075 if (copy_from_user(&msf, optval, IP_MSFILTER_SIZE(0))) {
1da177e4 1076 release_sock(sk);
132adf54 1077 return -EFAULT;
1da177e4 1078 }
132adf54
SH		 1079 err = ip_mc_msfget(sk, &msf,
1080 (struct ip_msfilter __user *)optval, optlen);
1081 release_sock(sk);
1082 return err;
1083 }
1084 case MCAST_MSFILTER:
1085 {
1086 struct group_filter gsf;
1087 int err;
1da177e4 1088
132adf54 1089 if (len < GROUP_FILTER_SIZE(0)) {
1da177e4 1090 release_sock(sk);
132adf54
SH		 1091 return -EINVAL;
1092 }
1093 if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0))) {
1094 release_sock(sk);
1095 return -EFAULT;
1096 }
1097 err = ip_mc_gsfget(sk, &gsf,
1098 (struct group_filter __user *)optval, optlen);
1099 release_sock(sk);
1100 return err;
1101 }
1102 case IP_PKTOPTIONS:
1103 {
1104 struct msghdr msg;
1da177e4 1105
132adf54 1106 release_sock(sk);
1da177e4 1107
132adf54
SH		 1108 if (sk->sk_type != SOCK_STREAM)
1109 return -ENOPROTOOPT;
1da177e4 1110
132adf54
SH		 1111 msg.msg_control = optval;
1112 msg.msg_controllen = len;
1113 msg.msg_flags = 0;
1da177e4 1114
132adf54
SH		 1115 if (inet->cmsg_flags & IP_CMSG_PKTINFO) {
1116 struct in_pktinfo info;
1117
1118 info.ipi_addr.s_addr = inet->rcv_saddr;
1119 info.ipi_spec_dst.s_addr = inet->rcv_saddr;
1120 info.ipi_ifindex = inet->mc_index;
1121 put_cmsg(&msg, SOL_IP, IP_PKTINFO, sizeof(info), &info);
1da177e4 1122 }
132adf54
SH		 1123 if (inet->cmsg_flags & IP_CMSG_TTL) {
1124 int hlim = inet->mc_ttl;
1125 put_cmsg(&msg, SOL_IP, IP_TTL, sizeof(hlim), &hlim);
1126 }
1127 len -= msg.msg_controllen;
1128 return put_user(len, optlen);
1129 }
1130 case IP_FREEBIND:
1131 val = inet->freebind;
1132 break;
1133 default:
1134 release_sock(sk);
1135 return -ENOPROTOOPT;
1da177e4
LT		 1136 }
1137 release_sock(sk);
e905a9ed 1138
951e07c9 1139 if (len < sizeof(int) && len > 0 && val>=0 && val<=255) {
1da177e4
LT		 1140 unsigned char ucval = (unsigned char)val;
1141 len = 1;
132adf54 1142 if (put_user(len, optlen))
1da177e4 1143 return -EFAULT;
132adf54 1144 if (copy_to_user(optval,&ucval,1))
1da177e4
LT		 1145 return -EFAULT;
1146 } else {
1147 len = min_t(unsigned int, sizeof(int), len);
132adf54 1148 if (put_user(len, optlen))
1da177e4 1149 return -EFAULT;
132adf54 1150 if (copy_to_user(optval,&val,len))
1da177e4
LT		 1151 return -EFAULT;
1152 }
1153 return 0;
1154}
1155
3fdadf7d 1156int ip_getsockopt(struct sock *sk, int level,
132adf54 1157 int optname, char __user *optval, int __user *optlen)
3fdadf7d
DM		 1158{
1159 int err;
1160
1161 err = do_ip_getsockopt(sk, level, optname, optval, optlen);
1162#ifdef CONFIG_NETFILTER
1163 /* we need to exclude all possible ENOPROTOOPTs except default case */
6a9fb947
PE		 1164 if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS &&
1165 !ip_mroute_opt(optname)) {
e905a9ed 1166 int len;
3fdadf7d 1167
132adf54 1168 if (get_user(len,optlen))
3fdadf7d
DM		 1169 return -EFAULT;
1170
1171 lock_sock(sk);
1172 err = nf_getsockopt(sk, PF_INET, optname, optval,
1173 &len);
1174 release_sock(sk);
1175 if (err >= 0)
1176 err = put_user(len, optlen);
1177 return err;
1178 }
1179#endif
1180 return err;
1181}
1182
1183#ifdef CONFIG_COMPAT
543d9cfe
ACM		 1184int compat_ip_getsockopt(struct sock *sk, int level, int optname,
1185 char __user *optval, int __user *optlen)
3fdadf7d 1186{
42908c69
DS		 1187 int err;
1188
1189 if (optname == MCAST_MSFILTER)
1190 return compat_mc_getsockopt(sk, level, optname, optval, optlen,
1191 ip_getsockopt);
1192
1193 err = do_ip_getsockopt(sk, level, optname, optval, optlen);
1194
3fdadf7d
DM		 1195#ifdef CONFIG_NETFILTER
1196 /* we need to exclude all possible ENOPROTOOPTs except default case */
6a9fb947
PE		 1197 if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS &&
1198 !ip_mroute_opt(optname)) {
e905a9ed 1199 int len;
3fdadf7d 1200
543d9cfe 1201 if (get_user(len, optlen))
3fdadf7d
DM		 1202 return -EFAULT;
1203
1204 lock_sock(sk);
543d9cfe 1205 err = compat_nf_getsockopt(sk, PF_INET, optname, optval, &len);
3fdadf7d
DM		 1206 release_sock(sk);
1207 if (err >= 0)
1208 err = put_user(len, optlen);
1209 return err;
1210 }
1211#endif
1212 return err;
1213}
543d9cfe
ACM		 1214
1215EXPORT_SYMBOL(compat_ip_getsockopt);
3fdadf7d
DM		 1216#endif
1217
1da177e4
LT		 1218EXPORT_SYMBOL(ip_cmsg_recv);
1219
1da177e4
LT		 1220EXPORT_SYMBOL(ip_getsockopt);
1221EXPORT_SYMBOL(ip_setsockopt);
Linux 6.x block layer and io_uring tree(s)