2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
11 * Many : Split from ip.c , see ip.c for history.
12 * Martin Mares : TOS setting fixed.
13 * Alan Cox : Fixed a couple of oopses in Martin's
15 * Mike McLagan : Routing by source
18 #include <linux/module.h>
19 #include <linux/types.h>
21 #include <linux/skbuff.h>
23 #include <linux/icmp.h>
24 #include <linux/inetdevice.h>
25 #include <linux/netdevice.h>
26 #include <linux/slab.h>
30 #include <net/tcp_states.h>
31 #include <linux/udp.h>
32 #include <linux/igmp.h>
33 #include <linux/netfilter.h>
34 #include <linux/route.h>
35 #include <linux/mroute.h>
36 #include <net/inet_ecn.h>
37 #include <net/route.h>
39 #include <net/compat.h>
40 #if IS_ENABLED(CONFIG_IPV6)
41 #include <net/transp_v6.h>
43 #include <net/ip_fib.h>
45 #include <linux/errqueue.h>
46 #include <asm/uaccess.h>
48 #define IP_CMSG_PKTINFO 1
51 #define IP_CMSG_RECVOPTS 8
52 #define IP_CMSG_RETOPTS 16
53 #define IP_CMSG_PASSSEC 32
54 #define IP_CMSG_ORIGDSTADDR 64
57 * SOL_IP control messages.
60 static void ip_cmsg_recv_pktinfo(struct msghdr *msg, struct sk_buff *skb)
62 struct in_pktinfo info = *PKTINFO_SKB_CB(skb);
64 info.ipi_addr.s_addr = ip_hdr(skb)->daddr;
66 put_cmsg(msg, SOL_IP, IP_PKTINFO, sizeof(info), &info);
69 static void ip_cmsg_recv_ttl(struct msghdr *msg, struct sk_buff *skb)
71 int ttl = ip_hdr(skb)->ttl;
72 put_cmsg(msg, SOL_IP, IP_TTL, sizeof(int), &ttl);
75 static void ip_cmsg_recv_tos(struct msghdr *msg, struct sk_buff *skb)
77 put_cmsg(msg, SOL_IP, IP_TOS, 1, &ip_hdr(skb)->tos);
80 static void ip_cmsg_recv_opts(struct msghdr *msg, struct sk_buff *skb)
82 if (IPCB(skb)->opt.optlen == 0)
85 put_cmsg(msg, SOL_IP, IP_RECVOPTS, IPCB(skb)->opt.optlen,
90 static void ip_cmsg_recv_retopts(struct msghdr *msg, struct sk_buff *skb)
92 unsigned char optbuf[sizeof(struct ip_options) + 40];
93 struct ip_options *opt = (struct ip_options *)optbuf;
95 if (IPCB(skb)->opt.optlen == 0)
98 if (ip_options_echo(opt, skb)) {
99 msg->msg_flags |= MSG_CTRUNC;
102 ip_options_undo(opt);
104 put_cmsg(msg, SOL_IP, IP_RETOPTS, opt->optlen, opt->__data);
107 static void ip_cmsg_recv_security(struct msghdr *msg, struct sk_buff *skb)
113 err = security_socket_getpeersec_dgram(NULL, skb, &secid);
117 err = security_secid_to_secctx(secid, &secdata, &seclen);
121 put_cmsg(msg, SOL_IP, SCM_SECURITY, seclen, secdata);
122 security_release_secctx(secdata, seclen);
125 static void ip_cmsg_recv_dstaddr(struct msghdr *msg, struct sk_buff *skb)
127 struct sockaddr_in sin;
128 const struct iphdr *iph = ip_hdr(skb);
129 __be16 *ports = (__be16 *)skb_transport_header(skb);
131 if (skb_transport_offset(skb) + 4 > skb->len)
134 /* All current transport protocols have the port numbers in the
135 * first four bytes of the transport header and this function is
136 * written with this assumption in mind.
139 sin.sin_family = AF_INET;
140 sin.sin_addr.s_addr = iph->daddr;
141 sin.sin_port = ports[1];
142 memset(sin.sin_zero, 0, sizeof(sin.sin_zero));
144 put_cmsg(msg, SOL_IP, IP_ORIGDSTADDR, sizeof(sin), &sin);
147 void ip_cmsg_recv(struct msghdr *msg, struct sk_buff *skb)
149 struct inet_sock *inet = inet_sk(skb->sk);
150 unsigned int flags = inet->cmsg_flags;
152 /* Ordered by supposed usage frequency */
154 ip_cmsg_recv_pktinfo(msg, skb);
155 if ((flags >>= 1) == 0)
159 ip_cmsg_recv_ttl(msg, skb);
160 if ((flags >>= 1) == 0)
164 ip_cmsg_recv_tos(msg, skb);
165 if ((flags >>= 1) == 0)
169 ip_cmsg_recv_opts(msg, skb);
170 if ((flags >>= 1) == 0)
174 ip_cmsg_recv_retopts(msg, skb);
175 if ((flags >>= 1) == 0)
179 ip_cmsg_recv_security(msg, skb);
181 if ((flags >>= 1) == 0)
184 ip_cmsg_recv_dstaddr(msg, skb);
187 EXPORT_SYMBOL(ip_cmsg_recv);
189 int ip_cmsg_send(struct net *net, struct msghdr *msg, struct ipcm_cookie *ipc)
192 struct cmsghdr *cmsg;
194 for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) {
195 if (!CMSG_OK(msg, cmsg))
197 if (cmsg->cmsg_level != SOL_IP)
199 switch (cmsg->cmsg_type) {
201 err = cmsg->cmsg_len - CMSG_ALIGN(sizeof(struct cmsghdr));
202 err = ip_options_get(net, &ipc->opt, CMSG_DATA(cmsg),
203 err < 40 ? err : 40);
209 struct in_pktinfo *info;
210 if (cmsg->cmsg_len != CMSG_LEN(sizeof(struct in_pktinfo)))
212 info = (struct in_pktinfo *)CMSG_DATA(cmsg);
213 ipc->oif = info->ipi_ifindex;
214 ipc->addr = info->ipi_spec_dst.s_addr;
218 if (cmsg->cmsg_len != CMSG_LEN(sizeof(int)))
220 val = *(int *)CMSG_DATA(cmsg);
221 if (val < 1 || val > 255)
226 if (cmsg->cmsg_len != CMSG_LEN(sizeof(int)))
228 val = *(int *)CMSG_DATA(cmsg);
229 if (val < 0 || val > 255)
232 ipc->priority = rt_tos2priority(ipc->tos);
243 /* Special input handler for packets caught by router alert option.
244 They are selected only by protocol field, and then processed likely
245 local ones; but only if someone wants them! Otherwise, router
246 not running rsvpd will kill RSVP.
248 It is user level problem, what it will make with them.
249 I have no idea, how it will masquearde or NAT them (it is joke, joke :-)),
250 but receiver should be enough clever f.e. to forward mtrace requests,
251 sent to multicast group to reach destination designated router.
253 struct ip_ra_chain __rcu *ip_ra_chain;
254 static DEFINE_SPINLOCK(ip_ra_lock);
257 static void ip_ra_destroy_rcu(struct rcu_head *head)
259 struct ip_ra_chain *ra = container_of(head, struct ip_ra_chain, rcu);
261 sock_put(ra->saved_sk);
265 int ip_ra_control(struct sock *sk, unsigned char on,
266 void (*destructor)(struct sock *))
268 struct ip_ra_chain *ra, *new_ra;
269 struct ip_ra_chain __rcu **rap;
271 if (sk->sk_type != SOCK_RAW || inet_sk(sk)->inet_num == IPPROTO_RAW)
274 new_ra = on ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL;
276 spin_lock_bh(&ip_ra_lock);
277 for (rap = &ip_ra_chain;
278 (ra = rcu_dereference_protected(*rap,
279 lockdep_is_held(&ip_ra_lock))) != NULL;
283 spin_unlock_bh(&ip_ra_lock);
287 /* dont let ip_call_ra_chain() use sk again */
289 rcu_assign_pointer(*rap, ra->next);
290 spin_unlock_bh(&ip_ra_lock);
295 * Delay sock_put(sk) and kfree(ra) after one rcu grace
296 * period. This guarantee ip_call_ra_chain() dont need
297 * to mess with socket refcounts.
300 call_rcu(&ra->rcu, ip_ra_destroy_rcu);
304 if (new_ra == NULL) {
305 spin_unlock_bh(&ip_ra_lock);
309 new_ra->destructor = destructor;
312 rcu_assign_pointer(*rap, new_ra);
314 spin_unlock_bh(&ip_ra_lock);
319 void ip_icmp_error(struct sock *sk, struct sk_buff *skb, int err,
320 __be16 port, u32 info, u8 *payload)
322 struct sock_exterr_skb *serr;
324 skb = skb_clone(skb, GFP_ATOMIC);
328 serr = SKB_EXT_ERR(skb);
329 serr->ee.ee_errno = err;
330 serr->ee.ee_origin = SO_EE_ORIGIN_ICMP;
331 serr->ee.ee_type = icmp_hdr(skb)->type;
332 serr->ee.ee_code = icmp_hdr(skb)->code;
334 serr->ee.ee_info = info;
335 serr->ee.ee_data = 0;
336 serr->addr_offset = (u8 *)&(((struct iphdr *)(icmp_hdr(skb) + 1))->daddr) -
337 skb_network_header(skb);
340 if (skb_pull(skb, payload - skb->data) != NULL) {
341 skb_reset_transport_header(skb);
342 if (sock_queue_err_skb(sk, skb) == 0)
348 void ip_local_error(struct sock *sk, int err, __be32 daddr, __be16 port, u32 info)
350 struct inet_sock *inet = inet_sk(sk);
351 struct sock_exterr_skb *serr;
358 skb = alloc_skb(sizeof(struct iphdr), GFP_ATOMIC);
362 skb_put(skb, sizeof(struct iphdr));
363 skb_reset_network_header(skb);
367 serr = SKB_EXT_ERR(skb);
368 serr->ee.ee_errno = err;
369 serr->ee.ee_origin = SO_EE_ORIGIN_LOCAL;
370 serr->ee.ee_type = 0;
371 serr->ee.ee_code = 0;
373 serr->ee.ee_info = info;
374 serr->ee.ee_data = 0;
375 serr->addr_offset = (u8 *)&iph->daddr - skb_network_header(skb);
378 __skb_pull(skb, skb_tail_pointer(skb) - skb->data);
379 skb_reset_transport_header(skb);
381 if (sock_queue_err_skb(sk, skb))
386 * Handle MSG_ERRQUEUE
388 int ip_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len)
390 struct sock_exterr_skb *serr;
391 struct sk_buff *skb, *skb2;
392 DECLARE_SOCKADDR(struct sockaddr_in *, sin, msg->msg_name);
394 struct sock_extended_err ee;
395 struct sockaddr_in offender;
401 skb = skb_dequeue(&sk->sk_error_queue);
407 msg->msg_flags |= MSG_TRUNC;
410 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
414 sock_recv_timestamp(msg, sk, skb);
416 serr = SKB_EXT_ERR(skb);
419 sin->sin_family = AF_INET;
420 sin->sin_addr.s_addr = *(__be32 *)(skb_network_header(skb) +
422 sin->sin_port = serr->port;
423 memset(&sin->sin_zero, 0, sizeof(sin->sin_zero));
424 *addr_len = sizeof(*sin);
427 memcpy(&errhdr.ee, &serr->ee, sizeof(struct sock_extended_err));
428 sin = &errhdr.offender;
429 sin->sin_family = AF_UNSPEC;
430 if (serr->ee.ee_origin == SO_EE_ORIGIN_ICMP) {
431 struct inet_sock *inet = inet_sk(sk);
433 sin->sin_family = AF_INET;
434 sin->sin_addr.s_addr = ip_hdr(skb)->saddr;
436 memset(&sin->sin_zero, 0, sizeof(sin->sin_zero));
437 if (inet->cmsg_flags)
438 ip_cmsg_recv(msg, skb);
441 put_cmsg(msg, SOL_IP, IP_RECVERR, sizeof(errhdr), &errhdr);
443 /* Now we could try to dump offended packet options */
445 msg->msg_flags |= MSG_ERRQUEUE;
448 /* Reset and regenerate socket error */
449 spin_lock_bh(&sk->sk_error_queue.lock);
451 skb2 = skb_peek(&sk->sk_error_queue);
453 sk->sk_err = SKB_EXT_ERR(skb2)->ee.ee_errno;
454 spin_unlock_bh(&sk->sk_error_queue.lock);
455 sk->sk_error_report(sk);
457 spin_unlock_bh(&sk->sk_error_queue.lock);
467 * Socket option code for IP. This is the end of the line after any
468 * TCP,UDP etc options on an IP socket.
471 static int do_ip_setsockopt(struct sock *sk, int level,
472 int optname, char __user *optval, unsigned int optlen)
474 struct inet_sock *inet = inet_sk(sk);
486 case IP_MTU_DISCOVER:
488 case IP_ROUTER_ALERT:
495 case IP_MULTICAST_TTL:
496 case IP_MULTICAST_ALL:
497 case IP_MULTICAST_LOOP:
498 case IP_RECVORIGDSTADDR:
499 if (optlen >= sizeof(int)) {
500 if (get_user(val, (int __user *) optval))
502 } else if (optlen >= sizeof(char)) {
505 if (get_user(ucval, (unsigned char __user *) optval))
511 /* If optlen==0, it is equivalent to val == 0 */
513 if (ip_mroute_opt(optname))
514 return ip_mroute_setsockopt(sk, optname, optval, optlen);
522 struct ip_options_rcu *old, *opt = NULL;
526 err = ip_options_get_from_user(sock_net(sk), &opt,
530 old = rcu_dereference_protected(inet->inet_opt,
531 sock_owned_by_user(sk));
533 struct inet_connection_sock *icsk = inet_csk(sk);
534 #if IS_ENABLED(CONFIG_IPV6)
535 if (sk->sk_family == PF_INET ||
536 (!((1 << sk->sk_state) &
537 (TCPF_LISTEN | TCPF_CLOSE)) &&
538 inet->inet_daddr != LOOPBACK4_IPV6)) {
541 icsk->icsk_ext_hdr_len -= old->opt.optlen;
543 icsk->icsk_ext_hdr_len += opt->opt.optlen;
544 icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie);
545 #if IS_ENABLED(CONFIG_IPV6)
549 rcu_assign_pointer(inet->inet_opt, opt);
556 inet->cmsg_flags |= IP_CMSG_PKTINFO;
558 inet->cmsg_flags &= ~IP_CMSG_PKTINFO;
562 inet->cmsg_flags |= IP_CMSG_TTL;
564 inet->cmsg_flags &= ~IP_CMSG_TTL;
568 inet->cmsg_flags |= IP_CMSG_TOS;
570 inet->cmsg_flags &= ~IP_CMSG_TOS;
574 inet->cmsg_flags |= IP_CMSG_RECVOPTS;
576 inet->cmsg_flags &= ~IP_CMSG_RECVOPTS;
580 inet->cmsg_flags |= IP_CMSG_RETOPTS;
582 inet->cmsg_flags &= ~IP_CMSG_RETOPTS;
586 inet->cmsg_flags |= IP_CMSG_PASSSEC;
588 inet->cmsg_flags &= ~IP_CMSG_PASSSEC;
590 case IP_RECVORIGDSTADDR:
592 inet->cmsg_flags |= IP_CMSG_ORIGDSTADDR;
594 inet->cmsg_flags &= ~IP_CMSG_ORIGDSTADDR;
596 case IP_TOS: /* This sets both TOS and Precedence */
597 if (sk->sk_type == SOCK_STREAM) {
598 val &= ~INET_ECN_MASK;
599 val |= inet->tos & INET_ECN_MASK;
601 if (inet->tos != val) {
603 sk->sk_priority = rt_tos2priority(val);
610 if (val != -1 && (val < 1 || val > 255))
615 if (sk->sk_type != SOCK_RAW) {
619 inet->hdrincl = val ? 1 : 0;
622 if (sk->sk_type != SOCK_RAW) {
626 inet->nodefrag = val ? 1 : 0;
628 case IP_MTU_DISCOVER:
629 if (val < IP_PMTUDISC_DONT || val > IP_PMTUDISC_INTERFACE)
631 inet->pmtudisc = val;
634 inet->recverr = !!val;
636 skb_queue_purge(&sk->sk_error_queue);
638 case IP_MULTICAST_TTL:
639 if (sk->sk_type == SOCK_STREAM)
645 if (val < 0 || val > 255)
649 case IP_MULTICAST_LOOP:
652 inet->mc_loop = !!val;
656 struct net_device *dev = NULL;
659 if (optlen != sizeof(int))
662 ifindex = (__force int)ntohl((__force __be32)val);
669 dev = dev_get_by_index(sock_net(sk), ifindex);
670 err = -EADDRNOTAVAIL;
676 if (sk->sk_bound_dev_if)
679 inet->uc_index = ifindex;
683 case IP_MULTICAST_IF:
685 struct ip_mreqn mreq;
686 struct net_device *dev = NULL;
688 if (sk->sk_type == SOCK_STREAM)
691 * Check the arguments are allowable
694 if (optlen < sizeof(struct in_addr))
698 if (optlen >= sizeof(struct ip_mreqn)) {
699 if (copy_from_user(&mreq, optval, sizeof(mreq)))
702 memset(&mreq, 0, sizeof(mreq));
703 if (optlen >= sizeof(struct ip_mreq)) {
704 if (copy_from_user(&mreq, optval,
705 sizeof(struct ip_mreq)))
707 } else if (optlen >= sizeof(struct in_addr)) {
708 if (copy_from_user(&mreq.imr_address, optval,
709 sizeof(struct in_addr)))
714 if (!mreq.imr_ifindex) {
715 if (mreq.imr_address.s_addr == htonl(INADDR_ANY)) {
721 dev = ip_dev_find(sock_net(sk), mreq.imr_address.s_addr);
723 mreq.imr_ifindex = dev->ifindex;
725 dev = dev_get_by_index(sock_net(sk), mreq.imr_ifindex);
728 err = -EADDRNOTAVAIL;
734 if (sk->sk_bound_dev_if &&
735 mreq.imr_ifindex != sk->sk_bound_dev_if)
738 inet->mc_index = mreq.imr_ifindex;
739 inet->mc_addr = mreq.imr_address.s_addr;
744 case IP_ADD_MEMBERSHIP:
745 case IP_DROP_MEMBERSHIP:
747 struct ip_mreqn mreq;
750 if (inet_sk(sk)->is_icsk)
753 if (optlen < sizeof(struct ip_mreq))
756 if (optlen >= sizeof(struct ip_mreqn)) {
757 if (copy_from_user(&mreq, optval, sizeof(mreq)))
760 memset(&mreq, 0, sizeof(mreq));
761 if (copy_from_user(&mreq, optval, sizeof(struct ip_mreq)))
765 if (optname == IP_ADD_MEMBERSHIP)
766 err = ip_mc_join_group(sk, &mreq);
768 err = ip_mc_leave_group(sk, &mreq);
773 struct ip_msfilter *msf;
775 if (optlen < IP_MSFILTER_SIZE(0))
777 if (optlen > sysctl_optmem_max) {
781 msf = kmalloc(optlen, GFP_KERNEL);
787 if (copy_from_user(msf, optval, optlen)) {
791 /* numsrc >= (1G-4) overflow in 32 bits */
792 if (msf->imsf_numsrc >= 0x3ffffffcU ||
793 msf->imsf_numsrc > sysctl_igmp_max_msf) {
798 if (IP_MSFILTER_SIZE(msf->imsf_numsrc) > optlen) {
803 err = ip_mc_msfilter(sk, msf, 0);
807 case IP_BLOCK_SOURCE:
808 case IP_UNBLOCK_SOURCE:
809 case IP_ADD_SOURCE_MEMBERSHIP:
810 case IP_DROP_SOURCE_MEMBERSHIP:
812 struct ip_mreq_source mreqs;
815 if (optlen != sizeof(struct ip_mreq_source))
817 if (copy_from_user(&mreqs, optval, sizeof(mreqs))) {
821 if (optname == IP_BLOCK_SOURCE) {
822 omode = MCAST_EXCLUDE;
824 } else if (optname == IP_UNBLOCK_SOURCE) {
825 omode = MCAST_EXCLUDE;
827 } else if (optname == IP_ADD_SOURCE_MEMBERSHIP) {
828 struct ip_mreqn mreq;
830 mreq.imr_multiaddr.s_addr = mreqs.imr_multiaddr;
831 mreq.imr_address.s_addr = mreqs.imr_interface;
832 mreq.imr_ifindex = 0;
833 err = ip_mc_join_group(sk, &mreq);
834 if (err && err != -EADDRINUSE)
836 omode = MCAST_INCLUDE;
838 } else /* IP_DROP_SOURCE_MEMBERSHIP */ {
839 omode = MCAST_INCLUDE;
842 err = ip_mc_source(add, omode, sk, &mreqs, 0);
845 case MCAST_JOIN_GROUP:
846 case MCAST_LEAVE_GROUP:
848 struct group_req greq;
849 struct sockaddr_in *psin;
850 struct ip_mreqn mreq;
852 if (optlen < sizeof(struct group_req))
855 if (copy_from_user(&greq, optval, sizeof(greq)))
857 psin = (struct sockaddr_in *)&greq.gr_group;
858 if (psin->sin_family != AF_INET)
860 memset(&mreq, 0, sizeof(mreq));
861 mreq.imr_multiaddr = psin->sin_addr;
862 mreq.imr_ifindex = greq.gr_interface;
864 if (optname == MCAST_JOIN_GROUP)
865 err = ip_mc_join_group(sk, &mreq);
867 err = ip_mc_leave_group(sk, &mreq);
870 case MCAST_JOIN_SOURCE_GROUP:
871 case MCAST_LEAVE_SOURCE_GROUP:
872 case MCAST_BLOCK_SOURCE:
873 case MCAST_UNBLOCK_SOURCE:
875 struct group_source_req greqs;
876 struct ip_mreq_source mreqs;
877 struct sockaddr_in *psin;
880 if (optlen != sizeof(struct group_source_req))
882 if (copy_from_user(&greqs, optval, sizeof(greqs))) {
886 if (greqs.gsr_group.ss_family != AF_INET ||
887 greqs.gsr_source.ss_family != AF_INET) {
888 err = -EADDRNOTAVAIL;
891 psin = (struct sockaddr_in *)&greqs.gsr_group;
892 mreqs.imr_multiaddr = psin->sin_addr.s_addr;
893 psin = (struct sockaddr_in *)&greqs.gsr_source;
894 mreqs.imr_sourceaddr = psin->sin_addr.s_addr;
895 mreqs.imr_interface = 0; /* use index for mc_source */
897 if (optname == MCAST_BLOCK_SOURCE) {
898 omode = MCAST_EXCLUDE;
900 } else if (optname == MCAST_UNBLOCK_SOURCE) {
901 omode = MCAST_EXCLUDE;
903 } else if (optname == MCAST_JOIN_SOURCE_GROUP) {
904 struct ip_mreqn mreq;
906 psin = (struct sockaddr_in *)&greqs.gsr_group;
907 mreq.imr_multiaddr = psin->sin_addr;
908 mreq.imr_address.s_addr = 0;
909 mreq.imr_ifindex = greqs.gsr_interface;
910 err = ip_mc_join_group(sk, &mreq);
911 if (err && err != -EADDRINUSE)
913 greqs.gsr_interface = mreq.imr_ifindex;
914 omode = MCAST_INCLUDE;
916 } else /* MCAST_LEAVE_SOURCE_GROUP */ {
917 omode = MCAST_INCLUDE;
920 err = ip_mc_source(add, omode, sk, &mreqs,
921 greqs.gsr_interface);
926 struct sockaddr_in *psin;
927 struct ip_msfilter *msf = NULL;
928 struct group_filter *gsf = NULL;
929 int msize, i, ifindex;
931 if (optlen < GROUP_FILTER_SIZE(0))
933 if (optlen > sysctl_optmem_max) {
937 gsf = kmalloc(optlen, GFP_KERNEL);
943 if (copy_from_user(gsf, optval, optlen))
946 /* numsrc >= (4G-140)/128 overflow in 32 bits */
947 if (gsf->gf_numsrc >= 0x1ffffff ||
948 gsf->gf_numsrc > sysctl_igmp_max_msf) {
952 if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) {
956 msize = IP_MSFILTER_SIZE(gsf->gf_numsrc);
957 msf = kmalloc(msize, GFP_KERNEL);
962 ifindex = gsf->gf_interface;
963 psin = (struct sockaddr_in *)&gsf->gf_group;
964 if (psin->sin_family != AF_INET) {
965 err = -EADDRNOTAVAIL;
968 msf->imsf_multiaddr = psin->sin_addr.s_addr;
969 msf->imsf_interface = 0;
970 msf->imsf_fmode = gsf->gf_fmode;
971 msf->imsf_numsrc = gsf->gf_numsrc;
972 err = -EADDRNOTAVAIL;
973 for (i = 0; i < gsf->gf_numsrc; ++i) {
974 psin = (struct sockaddr_in *)&gsf->gf_slist[i];
976 if (psin->sin_family != AF_INET)
978 msf->imsf_slist[i] = psin->sin_addr.s_addr;
983 err = ip_mc_msfilter(sk, msf, ifindex);
989 case IP_MULTICAST_ALL:
992 if (val != 0 && val != 1)
996 case IP_ROUTER_ALERT:
997 err = ip_ra_control(sk, val ? 1 : 0, NULL);
1003 inet->freebind = !!val;
1006 case IP_IPSEC_POLICY:
1007 case IP_XFRM_POLICY:
1009 if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN))
1011 err = xfrm_user_policy(sk, optname, optval, optlen);
1014 case IP_TRANSPARENT:
1015 if (!!val && !ns_capable(sock_net(sk)->user_ns, CAP_NET_RAW) &&
1016 !ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) {
1022 inet->transparent = !!val;
1028 if (val < 0 || val > 255)
1030 inet->min_ttl = val;
1046 * ipv4_pktinfo_prepare - transfert some info from rtable to skb
1050 * To support IP_CMSG_PKTINFO option, we store rt_iif and specific
1051 * destination in skb->cb[] before dst drop.
1052 * This way, receiver doesn't make cache line misses to read rtable.
1054 void ipv4_pktinfo_prepare(const struct sock *sk, struct sk_buff *skb)
1056 struct in_pktinfo *pktinfo = PKTINFO_SKB_CB(skb);
1057 bool prepare = (inet_sk(sk)->cmsg_flags & IP_CMSG_PKTINFO) ||
1060 if (prepare && skb_rtable(skb)) {
1061 pktinfo->ipi_ifindex = inet_iif(skb);
1062 pktinfo->ipi_spec_dst.s_addr = fib_compute_spec_dst(skb);
1064 pktinfo->ipi_ifindex = 0;
1065 pktinfo->ipi_spec_dst.s_addr = 0;
1070 int ip_setsockopt(struct sock *sk, int level,
1071 int optname, char __user *optval, unsigned int optlen)
1075 if (level != SOL_IP)
1076 return -ENOPROTOOPT;
1078 err = do_ip_setsockopt(sk, level, optname, optval, optlen);
1079 #ifdef CONFIG_NETFILTER
1080 /* we need to exclude all possible ENOPROTOOPTs except default case */
1081 if (err == -ENOPROTOOPT && optname != IP_HDRINCL &&
1082 optname != IP_IPSEC_POLICY &&
1083 optname != IP_XFRM_POLICY &&
1084 !ip_mroute_opt(optname)) {
1086 err = nf_setsockopt(sk, PF_INET, optname, optval, optlen);
1092 EXPORT_SYMBOL(ip_setsockopt);
1094 #ifdef CONFIG_COMPAT
1095 int compat_ip_setsockopt(struct sock *sk, int level, int optname,
1096 char __user *optval, unsigned int optlen)
1100 if (level != SOL_IP)
1101 return -ENOPROTOOPT;
1103 if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER)
1104 return compat_mc_setsockopt(sk, level, optname, optval, optlen,
1107 err = do_ip_setsockopt(sk, level, optname, optval, optlen);
1108 #ifdef CONFIG_NETFILTER
1109 /* we need to exclude all possible ENOPROTOOPTs except default case */
1110 if (err == -ENOPROTOOPT && optname != IP_HDRINCL &&
1111 optname != IP_IPSEC_POLICY &&
1112 optname != IP_XFRM_POLICY &&
1113 !ip_mroute_opt(optname)) {
1115 err = compat_nf_setsockopt(sk, PF_INET, optname,
1122 EXPORT_SYMBOL(compat_ip_setsockopt);
1126 * Get the options. Note for future reference. The GET of IP options gets
1127 * the _received_ ones. The set sets the _sent_ ones.
1130 static int do_ip_getsockopt(struct sock *sk, int level, int optname,
1131 char __user *optval, int __user *optlen, unsigned int flags)
1133 struct inet_sock *inet = inet_sk(sk);
1137 if (level != SOL_IP)
1140 if (ip_mroute_opt(optname))
1141 return ip_mroute_getsockopt(sk, optname, optval, optlen);
1143 if (get_user(len, optlen))
1153 unsigned char optbuf[sizeof(struct ip_options)+40];
1154 struct ip_options *opt = (struct ip_options *)optbuf;
1155 struct ip_options_rcu *inet_opt;
1157 inet_opt = rcu_dereference_protected(inet->inet_opt,
1158 sock_owned_by_user(sk));
1161 memcpy(optbuf, &inet_opt->opt,
1162 sizeof(struct ip_options) +
1163 inet_opt->opt.optlen);
1166 if (opt->optlen == 0)
1167 return put_user(0, optlen);
1169 ip_options_undo(opt);
1171 len = min_t(unsigned int, len, opt->optlen);
1172 if (put_user(len, optlen))
1174 if (copy_to_user(optval, opt->__data, len))
1179 val = (inet->cmsg_flags & IP_CMSG_PKTINFO) != 0;
1182 val = (inet->cmsg_flags & IP_CMSG_TTL) != 0;
1185 val = (inet->cmsg_flags & IP_CMSG_TOS) != 0;
1188 val = (inet->cmsg_flags & IP_CMSG_RECVOPTS) != 0;
1191 val = (inet->cmsg_flags & IP_CMSG_RETOPTS) != 0;
1194 val = (inet->cmsg_flags & IP_CMSG_PASSSEC) != 0;
1196 case IP_RECVORIGDSTADDR:
1197 val = (inet->cmsg_flags & IP_CMSG_ORIGDSTADDR) != 0;
1203 val = (inet->uc_ttl == -1 ?
1204 sysctl_ip_default_ttl :
1208 val = inet->hdrincl;
1211 val = inet->nodefrag;
1213 case IP_MTU_DISCOVER:
1214 val = inet->pmtudisc;
1218 struct dst_entry *dst;
1220 dst = sk_dst_get(sk);
1232 val = inet->recverr;
1234 case IP_MULTICAST_TTL:
1237 case IP_MULTICAST_LOOP:
1238 val = inet->mc_loop;
1241 val = (__force int)htonl((__u32) inet->uc_index);
1243 case IP_MULTICAST_IF:
1245 struct in_addr addr;
1246 len = min_t(unsigned int, len, sizeof(struct in_addr));
1247 addr.s_addr = inet->mc_addr;
1250 if (put_user(len, optlen))
1252 if (copy_to_user(optval, &addr, len))
1258 struct ip_msfilter msf;
1261 if (len < IP_MSFILTER_SIZE(0)) {
1265 if (copy_from_user(&msf, optval, IP_MSFILTER_SIZE(0))) {
1269 err = ip_mc_msfget(sk, &msf,
1270 (struct ip_msfilter __user *)optval, optlen);
1274 case MCAST_MSFILTER:
1276 struct group_filter gsf;
1279 if (len < GROUP_FILTER_SIZE(0)) {
1283 if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0))) {
1287 err = ip_mc_gsfget(sk, &gsf,
1288 (struct group_filter __user *)optval,
1293 case IP_MULTICAST_ALL:
1302 if (sk->sk_type != SOCK_STREAM)
1303 return -ENOPROTOOPT;
1305 msg.msg_control = optval;
1306 msg.msg_controllen = len;
1307 msg.msg_flags = flags;
1309 if (inet->cmsg_flags & IP_CMSG_PKTINFO) {
1310 struct in_pktinfo info;
1312 info.ipi_addr.s_addr = inet->inet_rcv_saddr;
1313 info.ipi_spec_dst.s_addr = inet->inet_rcv_saddr;
1314 info.ipi_ifindex = inet->mc_index;
1315 put_cmsg(&msg, SOL_IP, IP_PKTINFO, sizeof(info), &info);
1317 if (inet->cmsg_flags & IP_CMSG_TTL) {
1318 int hlim = inet->mc_ttl;
1319 put_cmsg(&msg, SOL_IP, IP_TTL, sizeof(hlim), &hlim);
1321 if (inet->cmsg_flags & IP_CMSG_TOS) {
1322 int tos = inet->rcv_tos;
1323 put_cmsg(&msg, SOL_IP, IP_TOS, sizeof(tos), &tos);
1325 len -= msg.msg_controllen;
1326 return put_user(len, optlen);
1329 val = inet->freebind;
1331 case IP_TRANSPARENT:
1332 val = inet->transparent;
1335 val = inet->min_ttl;
1339 return -ENOPROTOOPT;
1343 if (len < sizeof(int) && len > 0 && val >= 0 && val <= 255) {
1344 unsigned char ucval = (unsigned char)val;
1346 if (put_user(len, optlen))
1348 if (copy_to_user(optval, &ucval, 1))
1351 len = min_t(unsigned int, sizeof(int), len);
1352 if (put_user(len, optlen))
1354 if (copy_to_user(optval, &val, len))
1360 int ip_getsockopt(struct sock *sk, int level,
1361 int optname, char __user *optval, int __user *optlen)
1365 err = do_ip_getsockopt(sk, level, optname, optval, optlen, 0);
1366 #ifdef CONFIG_NETFILTER
1367 /* we need to exclude all possible ENOPROTOOPTs except default case */
1368 if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS &&
1369 !ip_mroute_opt(optname)) {
1372 if (get_user(len, optlen))
1376 err = nf_getsockopt(sk, PF_INET, optname, optval,
1380 err = put_user(len, optlen);
1386 EXPORT_SYMBOL(ip_getsockopt);
1388 #ifdef CONFIG_COMPAT
1389 int compat_ip_getsockopt(struct sock *sk, int level, int optname,
1390 char __user *optval, int __user *optlen)
1394 if (optname == MCAST_MSFILTER)
1395 return compat_mc_getsockopt(sk, level, optname, optval, optlen,
1398 err = do_ip_getsockopt(sk, level, optname, optval, optlen,
1401 #ifdef CONFIG_NETFILTER
1402 /* we need to exclude all possible ENOPROTOOPTs except default case */
1403 if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS &&
1404 !ip_mroute_opt(optname)) {
1407 if (get_user(len, optlen))
1411 err = compat_nf_getsockopt(sk, PF_INET, optname, optval, &len);
1414 err = put_user(len, optlen);
1420 EXPORT_SYMBOL(compat_ip_getsockopt);
projects / ~andy / linux / blob