2 * IPv6 BSD socket options interface
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
8 * Based on linux/net/ipv4/ip_sockglue.c
10 * $Id: ipv6_sockglue.c,v 1.41 2002/02/01 22:01:04 davem Exp $
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version
15 * 2 of the License, or (at your option) any later version.
17 * FIXME: Make the setsockopt code POSIX compliant: That is
19 * o Return -EINVAL for setsockopt of short lengths
20 * o Truncate getsockopt returns
21 * o Return an optlen of the truncated length if need be
24 * David L Stevens <dlstevens@us.ibm.com>:
25 * - added multicast source filtering API for MLDv2
28 #include <linux/module.h>
29 #include <linux/capability.h>
30 #include <linux/errno.h>
31 #include <linux/types.h>
32 #include <linux/socket.h>
33 #include <linux/sockios.h>
34 #include <linux/sched.h>
35 #include <linux/net.h>
36 #include <linux/in6.h>
37 #include <linux/netdevice.h>
38 #include <linux/if_arp.h>
39 #include <linux/init.h>
40 #include <linux/sysctl.h>
41 #include <linux/netfilter.h>
46 #include <net/ndisc.h>
47 #include <net/protocol.h>
48 #include <net/transp_v6.h>
49 #include <net/ip6_route.h>
50 #include <net/addrconf.h>
51 #include <net/inet_common.h>
56 #include <asm/uaccess.h>
58 DEFINE_SNMP_STAT(struct ipstats_mib, ipv6_statistics) __read_mostly;
60 static struct sk_buff *ipv6_gso_segment(struct sk_buff *skb, int features)
62 struct sk_buff *segs = ERR_PTR(-EINVAL);
63 struct ipv6hdr *ipv6h;
64 struct inet6_protocol *ops;
67 if (unlikely(skb_shinfo(skb)->gso_type &
75 if (unlikely(!pskb_may_pull(skb, sizeof(*ipv6h))))
78 ipv6h = skb->nh.ipv6h;
79 proto = ipv6h->nexthdr;
80 __skb_pull(skb, sizeof(*ipv6h));
84 struct ipv6_opt_hdr *opth;
87 if (proto != NEXTHDR_HOP) {
88 ops = rcu_dereference(inet6_protos[proto]);
93 if (!(ops->flags & INET6_PROTO_GSO_EXTHDR))
97 if (unlikely(!pskb_may_pull(skb, 8)))
100 opth = (void *)skb->data;
101 len = opth->hdrlen * 8 + 8;
103 if (unlikely(!pskb_may_pull(skb, len)))
106 proto = opth->nexthdr;
107 __skb_pull(skb, len);
110 skb->h.raw = skb->data;
111 if (likely(ops->gso_segment))
112 segs = ops->gso_segment(skb, features);
117 if (unlikely(IS_ERR(segs)))
120 for (skb = segs; skb; skb = skb->next) {
121 ipv6h = skb->nh.ipv6h;
122 ipv6h->payload_len = htons(skb->len - skb->mac_len);
129 static struct packet_type ipv6_packet_type = {
130 .type = __constant_htons(ETH_P_IPV6),
132 .gso_segment = ipv6_gso_segment,
135 struct ip6_ra_chain *ip6_ra_chain;
136 DEFINE_RWLOCK(ip6_ra_lock);
138 int ip6_ra_control(struct sock *sk, int sel, void (*destructor)(struct sock *))
140 struct ip6_ra_chain *ra, *new_ra, **rap;
142 /* RA packet may be delivered ONLY to IPPROTO_RAW socket */
143 if (sk->sk_type != SOCK_RAW || inet_sk(sk)->num != IPPROTO_RAW)
146 new_ra = (sel>=0) ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL;
148 write_lock_bh(&ip6_ra_lock);
149 for (rap = &ip6_ra_chain; (ra=*rap) != NULL; rap = &ra->next) {
152 write_unlock_bh(&ip6_ra_lock);
158 write_unlock_bh(&ip6_ra_lock);
167 if (new_ra == NULL) {
168 write_unlock_bh(&ip6_ra_lock);
173 new_ra->destructor = destructor;
177 write_unlock_bh(&ip6_ra_lock);
181 static int do_ipv6_setsockopt(struct sock *sk, int level, int optname,
182 char __user *optval, int optlen)
184 struct ipv6_pinfo *np = inet6_sk(sk);
186 int retv = -ENOPROTOOPT;
190 else if (get_user(val, (int __user *) optval))
200 if (val == PF_INET) {
201 struct ipv6_txoptions *opt;
202 struct sk_buff *pktopt;
204 if (sk->sk_protocol != IPPROTO_UDP &&
205 sk->sk_protocol != IPPROTO_TCP)
208 if (sk->sk_state != TCP_ESTABLISHED) {
213 if (ipv6_only_sock(sk) ||
214 !(ipv6_addr_type(&np->daddr) & IPV6_ADDR_MAPPED)) {
215 retv = -EADDRNOTAVAIL;
219 fl6_free_socklist(sk);
220 ipv6_sock_mc_close(sk);
223 * Sock is moving from IPv6 to IPv4 (sk_prot), so
224 * remove it from the refcnt debug socks count in the
227 sk_refcnt_debug_dec(sk);
229 if (sk->sk_protocol == IPPROTO_TCP) {
230 struct inet_connection_sock *icsk = inet_csk(sk);
233 sock_prot_dec_use(sk->sk_prot);
234 sock_prot_inc_use(&tcp_prot);
236 sk->sk_prot = &tcp_prot;
237 icsk->icsk_af_ops = &ipv4_specific;
238 sk->sk_socket->ops = &inet_stream_ops;
239 sk->sk_family = PF_INET;
240 tcp_sync_mss(sk, icsk->icsk_pmtu_cookie);
243 sock_prot_dec_use(sk->sk_prot);
244 sock_prot_inc_use(&udp_prot);
246 sk->sk_prot = &udp_prot;
247 sk->sk_socket->ops = &inet_dgram_ops;
248 sk->sk_family = PF_INET;
250 opt = xchg(&np->opt, NULL);
252 sock_kfree_s(sk, opt, opt->tot_len);
253 pktopt = xchg(&np->pktoptions, NULL);
257 sk->sk_destruct = inet_sock_destruct;
259 * ... and add it to the refcnt debug socks count
260 * in the new family. -acme
262 sk_refcnt_debug_inc(sk);
263 module_put(THIS_MODULE);
270 if (inet_sk(sk)->num)
272 np->ipv6only = valbool;
276 case IPV6_RECVPKTINFO:
277 np->rxopt.bits.rxinfo = valbool;
281 case IPV6_2292PKTINFO:
282 np->rxopt.bits.rxoinfo = valbool;
286 case IPV6_RECVHOPLIMIT:
287 np->rxopt.bits.rxhlim = valbool;
291 case IPV6_2292HOPLIMIT:
292 np->rxopt.bits.rxohlim = valbool;
297 if (val < 0 || val > 2)
299 np->rxopt.bits.srcrt = val;
304 if (val < 0 || val > 2)
306 np->rxopt.bits.osrcrt = val;
310 case IPV6_RECVHOPOPTS:
311 np->rxopt.bits.hopopts = valbool;
315 case IPV6_2292HOPOPTS:
316 np->rxopt.bits.ohopopts = valbool;
320 case IPV6_RECVDSTOPTS:
321 np->rxopt.bits.dstopts = valbool;
325 case IPV6_2292DSTOPTS:
326 np->rxopt.bits.odstopts = valbool;
331 if (val < 0 || val > 0xff)
337 case IPV6_RECVTCLASS:
338 np->rxopt.bits.rxtclass = valbool;
343 np->rxopt.bits.rxflow = valbool;
348 case IPV6_RTHDRDSTOPTS:
352 struct ipv6_txoptions *opt;
356 /* hop-by-hop / destination options are privileged option */
358 if (optname != IPV6_RTHDR && !capable(CAP_NET_RAW))
362 if (optlen & 0x7 || optlen > 8 * 255)
365 opt = ipv6_renew_options(sk, np->opt, optname,
366 (struct ipv6_opt_hdr __user *)optval,
373 /* routing header option needs extra check */
374 if (optname == IPV6_RTHDR && opt->srcrt) {
375 struct ipv6_rt_hdr *rthdr = opt->srcrt;
378 if ((rthdr->hdrlen & 1) ||
379 (rthdr->hdrlen >> 1) != rthdr->segments_left)
384 if (inet_sk(sk)->is_icsk) {
386 struct inet_connection_sock *icsk = inet_csk(sk);
387 if (!((1 << sk->sk_state) &
388 (TCPF_LISTEN | TCPF_CLOSE))
389 && inet_sk(sk)->daddr != LOOPBACK4_IPV6) {
390 icsk->icsk_ext_hdr_len =
391 opt->opt_flen + opt->opt_nflen;
392 icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie);
395 opt = xchg(&np->opt, opt);
398 write_lock(&sk->sk_dst_lock);
399 opt = xchg(&np->opt, opt);
400 write_unlock(&sk->sk_dst_lock);
405 sock_kfree_s(sk, opt, opt->tot_len);
409 case IPV6_2292PKTOPTIONS:
411 struct ipv6_txoptions *opt = NULL;
416 fl.fl6_flowlabel = 0;
417 fl.oif = sk->sk_bound_dev_if;
422 /* 1K is probably excessive
423 * 1K is surely not enough, 2K per standard header is 16K.
426 if (optlen > 64*1024)
429 opt = sock_kmalloc(sk, sizeof(*opt) + optlen, GFP_KERNEL);
434 memset(opt, 0, sizeof(*opt));
435 opt->tot_len = sizeof(*opt) + optlen;
437 if (copy_from_user(opt+1, optval, optlen))
440 msg.msg_controllen = optlen;
441 msg.msg_control = (void*)(opt+1);
443 retv = datagram_send_ctl(&msg, &fl, opt, &junk, &junk);
448 if (inet_sk(sk)->is_icsk) {
450 struct inet_connection_sock *icsk = inet_csk(sk);
451 if (!((1 << sk->sk_state) &
452 (TCPF_LISTEN | TCPF_CLOSE))
453 && inet_sk(sk)->daddr != LOOPBACK4_IPV6) {
454 icsk->icsk_ext_hdr_len =
455 opt->opt_flen + opt->opt_nflen;
456 icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie);
459 opt = xchg(&np->opt, opt);
462 write_lock(&sk->sk_dst_lock);
463 opt = xchg(&np->opt, opt);
464 write_unlock(&sk->sk_dst_lock);
470 sock_kfree_s(sk, opt, opt->tot_len);
473 case IPV6_UNICAST_HOPS:
474 if (val > 255 || val < -1)
480 case IPV6_MULTICAST_HOPS:
481 if (sk->sk_type == SOCK_STREAM)
483 if (val > 255 || val < -1)
485 np->mcast_hops = val;
489 case IPV6_MULTICAST_LOOP:
490 np->mc_loop = valbool;
494 case IPV6_MULTICAST_IF:
495 if (sk->sk_type == SOCK_STREAM)
497 if (sk->sk_bound_dev_if && sk->sk_bound_dev_if != val)
500 if (__dev_get_by_index(val) == NULL) {
507 case IPV6_ADD_MEMBERSHIP:
508 case IPV6_DROP_MEMBERSHIP:
510 struct ipv6_mreq mreq;
513 if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq)))
516 if (optname == IPV6_ADD_MEMBERSHIP)
517 retv = ipv6_sock_mc_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr);
519 retv = ipv6_sock_mc_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr);
522 case IPV6_JOIN_ANYCAST:
523 case IPV6_LEAVE_ANYCAST:
525 struct ipv6_mreq mreq;
527 if (optlen != sizeof(struct ipv6_mreq))
531 if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq)))
534 if (optname == IPV6_JOIN_ANYCAST)
535 retv = ipv6_sock_ac_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr);
537 retv = ipv6_sock_ac_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr);
540 case MCAST_JOIN_GROUP:
541 case MCAST_LEAVE_GROUP:
543 struct group_req greq;
544 struct sockaddr_in6 *psin6;
547 if (copy_from_user(&greq, optval, sizeof(struct group_req)))
549 if (greq.gr_group.ss_family != AF_INET6) {
550 retv = -EADDRNOTAVAIL;
553 psin6 = (struct sockaddr_in6 *)&greq.gr_group;
554 if (optname == MCAST_JOIN_GROUP)
555 retv = ipv6_sock_mc_join(sk, greq.gr_interface,
558 retv = ipv6_sock_mc_drop(sk, greq.gr_interface,
562 case MCAST_JOIN_SOURCE_GROUP:
563 case MCAST_LEAVE_SOURCE_GROUP:
564 case MCAST_BLOCK_SOURCE:
565 case MCAST_UNBLOCK_SOURCE:
567 struct group_source_req greqs;
570 if (optlen != sizeof(struct group_source_req))
572 if (copy_from_user(&greqs, optval, sizeof(greqs))) {
576 if (greqs.gsr_group.ss_family != AF_INET6 ||
577 greqs.gsr_source.ss_family != AF_INET6) {
578 retv = -EADDRNOTAVAIL;
581 if (optname == MCAST_BLOCK_SOURCE) {
582 omode = MCAST_EXCLUDE;
584 } else if (optname == MCAST_UNBLOCK_SOURCE) {
585 omode = MCAST_EXCLUDE;
587 } else if (optname == MCAST_JOIN_SOURCE_GROUP) {
588 struct sockaddr_in6 *psin6;
590 psin6 = (struct sockaddr_in6 *)&greqs.gsr_group;
591 retv = ipv6_sock_mc_join(sk, greqs.gsr_interface,
593 /* prior join w/ different source is ok */
594 if (retv && retv != -EADDRINUSE)
596 omode = MCAST_INCLUDE;
598 } else /* MCAST_LEAVE_SOURCE_GROUP */ {
599 omode = MCAST_INCLUDE;
602 retv = ip6_mc_source(add, omode, sk, &greqs);
607 extern int sysctl_mld_max_msf;
608 struct group_filter *gsf;
610 if (optlen < GROUP_FILTER_SIZE(0))
612 if (optlen > sysctl_optmem_max) {
616 gsf = kmalloc(optlen,GFP_KERNEL);
622 if (copy_from_user(gsf, optval, optlen)) {
626 /* numsrc >= (4G-140)/128 overflow in 32 bits */
627 if (gsf->gf_numsrc >= 0x1ffffffU ||
628 gsf->gf_numsrc > sysctl_mld_max_msf) {
633 if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) {
638 retv = ip6_mc_msfilter(sk, gsf);
643 case IPV6_ROUTER_ALERT:
644 retv = ip6_ra_control(sk, val, NULL);
646 case IPV6_MTU_DISCOVER:
653 if (val && val < IPV6_MIN_MTU)
659 np->recverr = valbool;
661 skb_queue_purge(&sk->sk_error_queue);
664 case IPV6_FLOWINFO_SEND:
665 np->sndflow = valbool;
668 case IPV6_FLOWLABEL_MGR:
669 retv = ipv6_flowlabel_opt(sk, optval, optlen);
671 case IPV6_IPSEC_POLICY:
672 case IPV6_XFRM_POLICY:
674 if (!capable(CAP_NET_ADMIN))
676 retv = xfrm_user_policy(sk, optname, optval, optlen);
689 int ipv6_setsockopt(struct sock *sk, int level, int optname,
690 char __user *optval, int optlen)
694 if (level == SOL_IP && sk->sk_type != SOCK_RAW)
695 return udp_prot.setsockopt(sk, level, optname, optval, optlen);
697 if (level != SOL_IPV6)
700 err = do_ipv6_setsockopt(sk, level, optname, optval, optlen);
701 #ifdef CONFIG_NETFILTER
702 /* we need to exclude all possible ENOPROTOOPTs except default case */
703 if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY &&
704 optname != IPV6_XFRM_POLICY) {
706 err = nf_setsockopt(sk, PF_INET6, optname, optval,
716 int compat_ipv6_setsockopt(struct sock *sk, int level, int optname,
717 char __user *optval, int optlen)
721 if (level == SOL_IP && sk->sk_type != SOCK_RAW) {
722 if (udp_prot.compat_setsockopt != NULL)
723 return udp_prot.compat_setsockopt(sk, level, optname,
725 return udp_prot.setsockopt(sk, level, optname, optval, optlen);
728 if (level != SOL_IPV6)
731 err = do_ipv6_setsockopt(sk, level, optname, optval, optlen);
732 #ifdef CONFIG_NETFILTER
733 /* we need to exclude all possible ENOPROTOOPTs except default case */
734 if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY &&
735 optname != IPV6_XFRM_POLICY) {
737 err = compat_nf_setsockopt(sk, PF_INET6, optname,
745 EXPORT_SYMBOL(compat_ipv6_setsockopt);
748 static int ipv6_getsockopt_sticky(struct sock *sk, struct ipv6_opt_hdr *hdr,
749 char __user *optval, int len)
753 len = min_t(int, len, ipv6_optlen(hdr));
754 if (copy_to_user(optval, hdr, ipv6_optlen(hdr)))
759 static int do_ipv6_getsockopt(struct sock *sk, int level, int optname,
760 char __user *optval, int __user *optlen)
762 struct ipv6_pinfo *np = inet6_sk(sk);
766 if (get_user(len, optlen))
770 if (sk->sk_protocol != IPPROTO_UDP &&
771 sk->sk_protocol != IPPROTO_TCP)
773 if (sk->sk_state != TCP_ESTABLISHED)
779 struct group_filter gsf;
782 if (len < GROUP_FILTER_SIZE(0))
784 if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0)))
787 err = ip6_mc_msfget(sk, &gsf,
788 (struct group_filter __user *)optval, optlen);
793 case IPV6_2292PKTOPTIONS:
798 if (sk->sk_type != SOCK_STREAM)
801 msg.msg_control = optval;
802 msg.msg_controllen = len;
806 skb = np->pktoptions;
808 atomic_inc(&skb->users);
812 int err = datagram_recv_ctl(sk, &msg, skb);
817 if (np->rxopt.bits.rxinfo) {
818 struct in6_pktinfo src_info;
819 src_info.ipi6_ifindex = np->mcast_oif;
820 ipv6_addr_copy(&src_info.ipi6_addr, &np->daddr);
821 put_cmsg(&msg, SOL_IPV6, IPV6_PKTINFO, sizeof(src_info), &src_info);
823 if (np->rxopt.bits.rxhlim) {
824 int hlim = np->mcast_hops;
825 put_cmsg(&msg, SOL_IPV6, IPV6_HOPLIMIT, sizeof(hlim), &hlim);
827 if (np->rxopt.bits.rxoinfo) {
828 struct in6_pktinfo src_info;
829 src_info.ipi6_ifindex = np->mcast_oif;
830 ipv6_addr_copy(&src_info.ipi6_addr, &np->daddr);
831 put_cmsg(&msg, SOL_IPV6, IPV6_2292PKTINFO, sizeof(src_info), &src_info);
833 if (np->rxopt.bits.rxohlim) {
834 int hlim = np->mcast_hops;
835 put_cmsg(&msg, SOL_IPV6, IPV6_2292HOPLIMIT, sizeof(hlim), &hlim);
838 len -= msg.msg_controllen;
839 return put_user(len, optlen);
843 struct dst_entry *dst;
846 dst = sk_dst_get(sk);
861 case IPV6_RECVPKTINFO:
862 val = np->rxopt.bits.rxinfo;
865 case IPV6_2292PKTINFO:
866 val = np->rxopt.bits.rxoinfo;
869 case IPV6_RECVHOPLIMIT:
870 val = np->rxopt.bits.rxhlim;
873 case IPV6_2292HOPLIMIT:
874 val = np->rxopt.bits.rxohlim;
878 val = np->rxopt.bits.srcrt;
882 val = np->rxopt.bits.osrcrt;
886 case IPV6_RTHDRDSTOPTS:
892 len = ipv6_getsockopt_sticky(sk, np->opt->hopopt,
895 return put_user(len, optlen);
898 case IPV6_RECVHOPOPTS:
899 val = np->rxopt.bits.hopopts;
902 case IPV6_2292HOPOPTS:
903 val = np->rxopt.bits.ohopopts;
906 case IPV6_RECVDSTOPTS:
907 val = np->rxopt.bits.dstopts;
910 case IPV6_2292DSTOPTS:
911 val = np->rxopt.bits.odstopts;
918 case IPV6_RECVTCLASS:
919 val = np->rxopt.bits.rxtclass;
923 val = np->rxopt.bits.rxflow;
926 case IPV6_UNICAST_HOPS:
930 case IPV6_MULTICAST_HOPS:
931 val = np->mcast_hops;
934 case IPV6_MULTICAST_LOOP:
938 case IPV6_MULTICAST_IF:
942 case IPV6_MTU_DISCOVER:
950 case IPV6_FLOWINFO_SEND:
957 len = min_t(unsigned int, sizeof(int), len);
958 if(put_user(len, optlen))
960 if(copy_to_user(optval,&val,len))
965 int ipv6_getsockopt(struct sock *sk, int level, int optname,
966 char __user *optval, int __user *optlen)
970 if (level == SOL_IP && sk->sk_type != SOCK_RAW)
971 return udp_prot.getsockopt(sk, level, optname, optval, optlen);
973 if(level != SOL_IPV6)
976 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen);
977 #ifdef CONFIG_NETFILTER
978 /* we need to exclude all possible EINVALs except default case */
979 if (err == -EINVAL && optname != IPV6_ADDRFORM &&
980 optname != MCAST_MSFILTER) {
983 if (get_user(len, optlen))
987 err = nf_getsockopt(sk, PF_INET6, optname, optval,
991 err = put_user(len, optlen);
998 int compat_ipv6_getsockopt(struct sock *sk, int level, int optname,
999 char __user *optval, int __user *optlen)
1003 if (level == SOL_IP && sk->sk_type != SOCK_RAW) {
1004 if (udp_prot.compat_getsockopt != NULL)
1005 return udp_prot.compat_getsockopt(sk, level, optname,
1007 return udp_prot.getsockopt(sk, level, optname, optval, optlen);
1010 if (level != SOL_IPV6)
1011 return -ENOPROTOOPT;
1013 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen);
1014 #ifdef CONFIG_NETFILTER
1015 /* we need to exclude all possible EINVALs except default case */
1016 if (err == -EINVAL && optname != IPV6_ADDRFORM &&
1017 optname != MCAST_MSFILTER) {
1020 if (get_user(len, optlen))
1024 err = compat_nf_getsockopt(sk, PF_INET6,
1025 optname, optval, &len);
1028 err = put_user(len, optlen);
1034 EXPORT_SYMBOL(compat_ipv6_getsockopt);
1037 void __init ipv6_packet_init(void)
1039 dev_add_pack(&ipv6_packet_type);
1042 void ipv6_packet_cleanup(void)
1044 dev_remove_pack(&ipv6_packet_type);
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob