search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks
[linux/fpc-iii.git] / net / ipv6 / datagram.c
blob9f6e57ded3380b73532c436e7a968ac00b341590
1 /*
2 * common UDP/RAW code
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
12 */
13
14 #include <linux/capability.h>
15 #include <linux/errno.h>
16 #include <linux/types.h>
17 #include <linux/kernel.h>
18 #include <linux/interrupt.h>
19 #include <linux/socket.h>
20 #include <linux/sockios.h>
21 #include <linux/in6.h>
22 #include <linux/ipv6.h>
23 #include <linux/route.h>
24 #include <linux/slab.h>
25 #include <linux/export.h>
26
27 #include <net/ipv6.h>
28 #include <net/ndisc.h>
29 #include <net/addrconf.h>
30 #include <net/transp_v6.h>
31 #include <net/ip6_route.h>
32 #include <net/tcp_states.h>
33 #include <net/dsfield.h>
34
35 #include <linux/errqueue.h>
36 #include <asm/uaccess.h>
37
38 static bool ipv6_mapped_addr_any(const struct in6_addr *a)
39 {
40 return ipv6_addr_v4mapped(a) && (a->s6_addr32[3] == 0);
41 }
42
43 static int __ip6_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len)
44 {
45 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
46 struct inet_sock *inet = inet_sk(sk);
47 struct ipv6_pinfo *np = inet6_sk(sk);
48 struct in6_addr *daddr, *final_p, final;
49 struct dst_entry *dst;
50 struct flowi6 fl6;
51 struct ip6_flowlabel *flowlabel = NULL;
52 struct ipv6_txoptions *opt;
53 int addr_type;
54 int err;
55
56 if (usin->sin6_family == AF_INET) {
57 if (__ipv6_only_sock(sk))
58 return -EAFNOSUPPORT;
59 err = __ip4_datagram_connect(sk, uaddr, addr_len);
60 goto ipv4_connected;
61 }
62
63 if (addr_len < SIN6_LEN_RFC2133)
64 return -EINVAL;
65
66 if (usin->sin6_family != AF_INET6)
67 return -EAFNOSUPPORT;
68
69 memset(&fl6, 0, sizeof(fl6));
70 if (np->sndflow) {
71 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
72 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
73 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
74 if (!flowlabel)
75 return -EINVAL;
76 }
77 }
78
79 if (ipv6_addr_any(&usin->sin6_addr)) {
80 /*
81 * connect to self
82 */
83 if (ipv6_addr_v4mapped(&sk->sk_v6_rcv_saddr))
84 ipv6_addr_set_v4mapped(htonl(INADDR_LOOPBACK),
85 &usin->sin6_addr);
86 else
87 usin->sin6_addr = in6addr_loopback;
88 }
89
90 addr_type = ipv6_addr_type(&usin->sin6_addr);
91
92 daddr = &usin->sin6_addr;
93
94 if (addr_type & IPV6_ADDR_MAPPED) {
95 struct sockaddr_in sin;
96
97 if (__ipv6_only_sock(sk)) {
98 err = -ENETUNREACH;
99 goto out;
100 }
101 sin.sin_family = AF_INET;
102 sin.sin_addr.s_addr = daddr->s6_addr32[3];
103 sin.sin_port = usin->sin6_port;
104
105 err = __ip4_datagram_connect(sk,
106 (struct sockaddr *) &sin,
107 sizeof(sin));
108
109 ipv4_connected:
110 if (err)
111 goto out;
112
113 ipv6_addr_set_v4mapped(inet->inet_daddr, &sk->sk_v6_daddr);
114
115 if (ipv6_addr_any(&np->saddr) ||
116 ipv6_mapped_addr_any(&np->saddr))
117 ipv6_addr_set_v4mapped(inet->inet_saddr, &np->saddr);
118
119 if (ipv6_addr_any(&sk->sk_v6_rcv_saddr) ||
120 ipv6_mapped_addr_any(&sk->sk_v6_rcv_saddr)) {
121 ipv6_addr_set_v4mapped(inet->inet_rcv_saddr,
122 &sk->sk_v6_rcv_saddr);
123 if (sk->sk_prot->rehash)
124 sk->sk_prot->rehash(sk);
125 }
126
127 goto out;
128 }
129
130 if (__ipv6_addr_needs_scope_id(addr_type)) {
131 if (addr_len >= sizeof(struct sockaddr_in6) &&
132 usin->sin6_scope_id) {
133 if (sk->sk_bound_dev_if &&
134 sk->sk_bound_dev_if != usin->sin6_scope_id) {
135 err = -EINVAL;
136 goto out;
137 }
138 sk->sk_bound_dev_if = usin->sin6_scope_id;
139 }
140
141 if (!sk->sk_bound_dev_if && (addr_type & IPV6_ADDR_MULTICAST))
142 sk->sk_bound_dev_if = np->mcast_oif;
143
144 /* Connect to link-local address requires an interface */
145 if (!sk->sk_bound_dev_if) {
146 err = -EINVAL;
147 goto out;
148 }
149 }
150
151 sk->sk_v6_daddr = *daddr;
152 np->flow_label = fl6.flowlabel;
153
154 inet->inet_dport = usin->sin6_port;
155
156 /*
157 * Check for a route to destination an obtain the
158 * destination cache for it.
159 */
160
161 fl6.flowi6_proto = sk->sk_protocol;
162 fl6.daddr = sk->sk_v6_daddr;
163 fl6.saddr = np->saddr;
164 fl6.flowi6_oif = sk->sk_bound_dev_if;
165 fl6.flowi6_mark = sk->sk_mark;
166 fl6.fl6_dport = inet->inet_dport;
167 fl6.fl6_sport = inet->inet_sport;
168
169 if (!fl6.flowi6_oif)
170 fl6.flowi6_oif = np->sticky_pktinfo.ipi6_ifindex;
171
172 if (!fl6.flowi6_oif && (addr_type&IPV6_ADDR_MULTICAST))
173 fl6.flowi6_oif = np->mcast_oif;
174
175 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
176
177 rcu_read_lock();
178 opt = flowlabel ? flowlabel->opt : rcu_dereference(np->opt);
179 final_p = fl6_update_dst(&fl6, opt, &final);
180 rcu_read_unlock();
181
182 dst = ip6_dst_lookup_flow(sk, &fl6, final_p);
183 err = 0;
184 if (IS_ERR(dst)) {
185 err = PTR_ERR(dst);
186 goto out;
187 }
188
189 /* source address lookup done in ip6_dst_lookup */
190
191 if (ipv6_addr_any(&np->saddr))
192 np->saddr = fl6.saddr;
193
194 if (ipv6_addr_any(&sk->sk_v6_rcv_saddr)) {
195 sk->sk_v6_rcv_saddr = fl6.saddr;
196 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
197 if (sk->sk_prot->rehash)
198 sk->sk_prot->rehash(sk);
199 }
200
201 ip6_dst_store(sk, dst,
202 ipv6_addr_equal(&fl6.daddr, &sk->sk_v6_daddr) ?
203 &sk->sk_v6_daddr : NULL,
204 #ifdef CONFIG_IPV6_SUBTREES
205 ipv6_addr_equal(&fl6.saddr, &np->saddr) ?
206 &np->saddr :
207 #endif
208 NULL);
209
210 sk->sk_state = TCP_ESTABLISHED;
211 sk_set_txhash(sk);
212 out:
213 fl6_sock_release(flowlabel);
214 return err;
215 }
216
217 int ip6_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len)
218 {
219 int res;
220
221 lock_sock(sk);
222 res = __ip6_datagram_connect(sk, uaddr, addr_len);
223 release_sock(sk);
224 return res;
225 }
226 EXPORT_SYMBOL_GPL(ip6_datagram_connect);
227
228 int ip6_datagram_connect_v6_only(struct sock *sk, struct sockaddr *uaddr,
229 int addr_len)
230 {
231 DECLARE_SOCKADDR(struct sockaddr_in6 *, sin6, uaddr);
232 if (sin6->sin6_family != AF_INET6)
233 return -EAFNOSUPPORT;
234 return ip6_datagram_connect(sk, uaddr, addr_len);
235 }
236 EXPORT_SYMBOL_GPL(ip6_datagram_connect_v6_only);
237
238 void ipv6_icmp_error(struct sock *sk, struct sk_buff *skb, int err,
239 __be16 port, u32 info, u8 *payload)
240 {
241 struct ipv6_pinfo *np = inet6_sk(sk);
242 struct icmp6hdr *icmph = icmp6_hdr(skb);
243 struct sock_exterr_skb *serr;
244
245 if (!np->recverr)
246 return;
247
248 skb = skb_clone(skb, GFP_ATOMIC);
249 if (!skb)
250 return;
251
252 skb->protocol = htons(ETH_P_IPV6);
253
254 serr = SKB_EXT_ERR(skb);
255 serr->ee.ee_errno = err;
256 serr->ee.ee_origin = SO_EE_ORIGIN_ICMP6;
257 serr->ee.ee_type = icmph->icmp6_type;
258 serr->ee.ee_code = icmph->icmp6_code;
259 serr->ee.ee_pad = 0;
260 serr->ee.ee_info = info;
261 serr->ee.ee_data = 0;
262 serr->addr_offset = (u8 *)&(((struct ipv6hdr *)(icmph + 1))->daddr) -
263 skb_network_header(skb);
264 serr->port = port;
265
266 __skb_pull(skb, payload - skb->data);
267 skb_reset_transport_header(skb);
268
269 if (sock_queue_err_skb(sk, skb))
270 kfree_skb(skb);
271 }
272
273 void ipv6_local_error(struct sock *sk, int err, struct flowi6 *fl6, u32 info)
274 {
275 const struct ipv6_pinfo *np = inet6_sk(sk);
276 struct sock_exterr_skb *serr;
277 struct ipv6hdr *iph;
278 struct sk_buff *skb;
279
280 if (!np->recverr)
281 return;
282
283 skb = alloc_skb(sizeof(struct ipv6hdr), GFP_ATOMIC);
284 if (!skb)
285 return;
286
287 skb->protocol = htons(ETH_P_IPV6);
288
289 skb_put(skb, sizeof(struct ipv6hdr));
290 skb_reset_network_header(skb);
291 iph = ipv6_hdr(skb);
292 iph->daddr = fl6->daddr;
293
294 serr = SKB_EXT_ERR(skb);
295 serr->ee.ee_errno = err;
296 serr->ee.ee_origin = SO_EE_ORIGIN_LOCAL;
297 serr->ee.ee_type = 0;
298 serr->ee.ee_code = 0;
299 serr->ee.ee_pad = 0;
300 serr->ee.ee_info = info;
301 serr->ee.ee_data = 0;
302 serr->addr_offset = (u8 *)&iph->daddr - skb_network_header(skb);
303 serr->port = fl6->fl6_dport;
304
305 __skb_pull(skb, skb_tail_pointer(skb) - skb->data);
306 skb_reset_transport_header(skb);
307
308 if (sock_queue_err_skb(sk, skb))
309 kfree_skb(skb);
310 }
311
312 void ipv6_local_rxpmtu(struct sock *sk, struct flowi6 *fl6, u32 mtu)
313 {
314 struct ipv6_pinfo *np = inet6_sk(sk);
315 struct ipv6hdr *iph;
316 struct sk_buff *skb;
317 struct ip6_mtuinfo *mtu_info;
318
319 if (!np->rxopt.bits.rxpmtu)
320 return;
321
322 skb = alloc_skb(sizeof(struct ipv6hdr), GFP_ATOMIC);
323 if (!skb)
324 return;
325
326 skb_put(skb, sizeof(struct ipv6hdr));
327 skb_reset_network_header(skb);
328 iph = ipv6_hdr(skb);
329 iph->daddr = fl6->daddr;
330
331 mtu_info = IP6CBMTU(skb);
332
333 mtu_info->ip6m_mtu = mtu;
334 mtu_info->ip6m_addr.sin6_family = AF_INET6;
335 mtu_info->ip6m_addr.sin6_port = 0;
336 mtu_info->ip6m_addr.sin6_flowinfo = 0;
337 mtu_info->ip6m_addr.sin6_scope_id = fl6->flowi6_oif;
338 mtu_info->ip6m_addr.sin6_addr = ipv6_hdr(skb)->daddr;
339
340 __skb_pull(skb, skb_tail_pointer(skb) - skb->data);
341 skb_reset_transport_header(skb);
342
343 skb = xchg(&np->rxpmtu, skb);
344 kfree_skb(skb);
345 }
346
347 /* For some errors we have valid addr_offset even with zero payload and
348 * zero port. Also, addr_offset should be supported if port is set.
349 */
350 static inline bool ipv6_datagram_support_addr(struct sock_exterr_skb *serr)
351 {
352 return serr->ee.ee_origin == SO_EE_ORIGIN_ICMP6 ||
353 serr->ee.ee_origin == SO_EE_ORIGIN_ICMP ||
354 serr->ee.ee_origin == SO_EE_ORIGIN_LOCAL || serr->port;
355 }
356
357 /* IPv6 supports cmsg on all origins aside from SO_EE_ORIGIN_LOCAL.
358 *
359 * At one point, excluding local errors was a quick test to identify icmp/icmp6
360 * errors. This is no longer true, but the test remained, so the v6 stack,
361 * unlike v4, also honors cmsg requests on all wifi and timestamp errors.
362 *
363 * Timestamp code paths do not initialize the fields expected by cmsg:
364 * the PKTINFO fields in skb->cb[]. Fill those in here.
365 */
366 static bool ip6_datagram_support_cmsg(struct sk_buff *skb,
367 struct sock_exterr_skb *serr)
368 {
369 if (serr->ee.ee_origin == SO_EE_ORIGIN_ICMP ||
370 serr->ee.ee_origin == SO_EE_ORIGIN_ICMP6)
371 return true;
372
373 if (serr->ee.ee_origin == SO_EE_ORIGIN_LOCAL)
374 return false;
375
376 if (!skb->dev)
377 return false;
378
379 if (skb->protocol == htons(ETH_P_IPV6))
380 IP6CB(skb)->iif = skb->dev->ifindex;
381 else
382 PKTINFO_SKB_CB(skb)->ipi_ifindex = skb->dev->ifindex;
383
384 return true;
385 }
386
387 /*
388 * Handle MSG_ERRQUEUE
389 */
390 int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len)
391 {
392 struct ipv6_pinfo *np = inet6_sk(sk);
393 struct sock_exterr_skb *serr;
394 struct sk_buff *skb;
395 DECLARE_SOCKADDR(struct sockaddr_in6 *, sin, msg->msg_name);
396 struct {
397 struct sock_extended_err ee;
398 struct sockaddr_in6 offender;
399 } errhdr;
400 int err;
401 int copied;
402
403 err = -EAGAIN;
404 skb = sock_dequeue_err_skb(sk);
405 if (!skb)
406 goto out;
407
408 copied = skb->len;
409 if (copied > len) {
410 msg->msg_flags |= MSG_TRUNC;
411 copied = len;
412 }
413 err = skb_copy_datagram_msg(skb, 0, msg, copied);
414 if (err)
415 goto out_free_skb;
416
417 sock_recv_timestamp(msg, sk, skb);
418
419 serr = SKB_EXT_ERR(skb);
420
421 if (sin && ipv6_datagram_support_addr(serr)) {
422 const unsigned char *nh = skb_network_header(skb);
423 sin->sin6_family = AF_INET6;
424 sin->sin6_flowinfo = 0;
425 sin->sin6_port = serr->port;
426 if (skb->protocol == htons(ETH_P_IPV6)) {
427 const struct ipv6hdr *ip6h = container_of((struct in6_addr *)(nh + serr->addr_offset),
428 struct ipv6hdr, daddr);
429 sin->sin6_addr = ip6h->daddr;
430 if (np->sndflow)
431 sin->sin6_flowinfo = ip6_flowinfo(ip6h);
432 sin->sin6_scope_id =
433 ipv6_iface_scope_id(&sin->sin6_addr,
434 IP6CB(skb)->iif);
435 } else {
436 ipv6_addr_set_v4mapped(*(__be32 *)(nh + serr->addr_offset),
437 &sin->sin6_addr);
438 sin->sin6_scope_id = 0;
439 }
440 *addr_len = sizeof(*sin);
441 }
442
443 memcpy(&errhdr.ee, &serr->ee, sizeof(struct sock_extended_err));
444 sin = &errhdr.offender;
445 memset(sin, 0, sizeof(*sin));
446
447 if (ip6_datagram_support_cmsg(skb, serr)) {
448 sin->sin6_family = AF_INET6;
449 if (np->rxopt.all)
450 ip6_datagram_recv_common_ctl(sk, msg, skb);
451 if (skb->protocol == htons(ETH_P_IPV6)) {
452 sin->sin6_addr = ipv6_hdr(skb)->saddr;
453 if (np->rxopt.all)
454 ip6_datagram_recv_specific_ctl(sk, msg, skb);
455 sin->sin6_scope_id =
456 ipv6_iface_scope_id(&sin->sin6_addr,
457 IP6CB(skb)->iif);
458 } else {
459 ipv6_addr_set_v4mapped(ip_hdr(skb)->saddr,
460 &sin->sin6_addr);
461 if (inet_sk(sk)->cmsg_flags)
462 ip_cmsg_recv(msg, skb);
463 }
464 }
465
466 put_cmsg(msg, SOL_IPV6, IPV6_RECVERR, sizeof(errhdr), &errhdr);
467
468 /* Now we could try to dump offended packet options */
469
470 msg->msg_flags |= MSG_ERRQUEUE;
471 err = copied;
472
473 out_free_skb:
474 kfree_skb(skb);
475 out:
476 return err;
477 }
478 EXPORT_SYMBOL_GPL(ipv6_recv_error);
479
480 /*
481 * Handle IPV6_RECVPATHMTU
482 */
483 int ipv6_recv_rxpmtu(struct sock *sk, struct msghdr *msg, int len,
484 int *addr_len)
485 {
486 struct ipv6_pinfo *np = inet6_sk(sk);
487 struct sk_buff *skb;
488 struct ip6_mtuinfo mtu_info;
489 DECLARE_SOCKADDR(struct sockaddr_in6 *, sin, msg->msg_name);
490 int err;
491 int copied;
492
493 err = -EAGAIN;
494 skb = xchg(&np->rxpmtu, NULL);
495 if (!skb)
496 goto out;
497
498 copied = skb->len;
499 if (copied > len) {
500 msg->msg_flags |= MSG_TRUNC;
501 copied = len;
502 }
503 err = skb_copy_datagram_msg(skb, 0, msg, copied);
504 if (err)
505 goto out_free_skb;
506
507 sock_recv_timestamp(msg, sk, skb);
508
509 memcpy(&mtu_info, IP6CBMTU(skb), sizeof(mtu_info));
510
511 if (sin) {
512 sin->sin6_family = AF_INET6;
513 sin->sin6_flowinfo = 0;
514 sin->sin6_port = 0;
515 sin->sin6_scope_id = mtu_info.ip6m_addr.sin6_scope_id;
516 sin->sin6_addr = mtu_info.ip6m_addr.sin6_addr;
517 *addr_len = sizeof(*sin);
518 }
519
520 put_cmsg(msg, SOL_IPV6, IPV6_PATHMTU, sizeof(mtu_info), &mtu_info);
521
522 err = copied;
523
524 out_free_skb:
525 kfree_skb(skb);
526 out:
527 return err;
528 }
529
530
531 void ip6_datagram_recv_common_ctl(struct sock *sk, struct msghdr *msg,
532 struct sk_buff *skb)
533 {
534 struct ipv6_pinfo *np = inet6_sk(sk);
535 bool is_ipv6 = skb->protocol == htons(ETH_P_IPV6);
536
537 if (np->rxopt.bits.rxinfo) {
538 struct in6_pktinfo src_info;
539
540 if (is_ipv6) {
541 src_info.ipi6_ifindex = IP6CB(skb)->iif;
542 src_info.ipi6_addr = ipv6_hdr(skb)->daddr;
543 } else {
544 src_info.ipi6_ifindex =
545 PKTINFO_SKB_CB(skb)->ipi_ifindex;
546 ipv6_addr_set_v4mapped(ip_hdr(skb)->daddr,
547 &src_info.ipi6_addr);
548 }
549
550 if (src_info.ipi6_ifindex >= 0)
551 put_cmsg(msg, SOL_IPV6, IPV6_PKTINFO,
552 sizeof(src_info), &src_info);
553 }
554 }
555
556 void ip6_datagram_recv_specific_ctl(struct sock *sk, struct msghdr *msg,
557 struct sk_buff *skb)
558 {
559 struct ipv6_pinfo *np = inet6_sk(sk);
560 struct inet6_skb_parm *opt = IP6CB(skb);
561 unsigned char *nh = skb_network_header(skb);
562
563 if (np->rxopt.bits.rxhlim) {
564 int hlim = ipv6_hdr(skb)->hop_limit;
565 put_cmsg(msg, SOL_IPV6, IPV6_HOPLIMIT, sizeof(hlim), &hlim);
566 }
567
568 if (np->rxopt.bits.rxtclass) {
569 int tclass = ipv6_get_dsfield(ipv6_hdr(skb));
570 put_cmsg(msg, SOL_IPV6, IPV6_TCLASS, sizeof(tclass), &tclass);
571 }
572
573 if (np->rxopt.bits.rxflow) {
574 __be32 flowinfo = ip6_flowinfo((struct ipv6hdr *)nh);
575 if (flowinfo)
576 put_cmsg(msg, SOL_IPV6, IPV6_FLOWINFO, sizeof(flowinfo), &flowinfo);
577 }
578
579 /* HbH is allowed only once */
580 if (np->rxopt.bits.hopopts && (opt->flags & IP6SKB_HOPBYHOP)) {
581 u8 *ptr = nh + sizeof(struct ipv6hdr);
582 put_cmsg(msg, SOL_IPV6, IPV6_HOPOPTS, (ptr[1]+1)<<3, ptr);
583 }
584
585 if (opt->lastopt &&
586 (np->rxopt.bits.dstopts || np->rxopt.bits.srcrt)) {
587 /*
588 * Silly enough, but we need to reparse in order to
589 * report extension headers (except for HbH)
590 * in order.
591 *
592 * Also note that IPV6_RECVRTHDRDSTOPTS is NOT
593 * (and WILL NOT be) defined because
594 * IPV6_RECVDSTOPTS is more generic. --yoshfuji
595 */
596 unsigned int off = sizeof(struct ipv6hdr);
597 u8 nexthdr = ipv6_hdr(skb)->nexthdr;
598
599 while (off <= opt->lastopt) {
600 unsigned int len;
601 u8 *ptr = nh + off;
602
603 switch (nexthdr) {
604 case IPPROTO_DSTOPTS:
605 nexthdr = ptr[0];
606 len = (ptr[1] + 1) << 3;
607 if (np->rxopt.bits.dstopts)
608 put_cmsg(msg, SOL_IPV6, IPV6_DSTOPTS, len, ptr);
609 break;
610 case IPPROTO_ROUTING:
611 nexthdr = ptr[0];
612 len = (ptr[1] + 1) << 3;
613 if (np->rxopt.bits.srcrt)
614 put_cmsg(msg, SOL_IPV6, IPV6_RTHDR, len, ptr);
615 break;
616 case IPPROTO_AH:
617 nexthdr = ptr[0];
618 len = (ptr[1] + 2) << 2;
619 break;
620 default:
621 nexthdr = ptr[0];
622 len = (ptr[1] + 1) << 3;
623 break;
624 }
625
626 off += len;
627 }
628 }
629
630 /* socket options in old style */
631 if (np->rxopt.bits.rxoinfo) {
632 struct in6_pktinfo src_info;
633
634 src_info.ipi6_ifindex = opt->iif;
635 src_info.ipi6_addr = ipv6_hdr(skb)->daddr;
636 put_cmsg(msg, SOL_IPV6, IPV6_2292PKTINFO, sizeof(src_info), &src_info);
637 }
638 if (np->rxopt.bits.rxohlim) {
639 int hlim = ipv6_hdr(skb)->hop_limit;
640 put_cmsg(msg, SOL_IPV6, IPV6_2292HOPLIMIT, sizeof(hlim), &hlim);
641 }
642 if (np->rxopt.bits.ohopopts && (opt->flags & IP6SKB_HOPBYHOP)) {
643 u8 *ptr = nh + sizeof(struct ipv6hdr);
644 put_cmsg(msg, SOL_IPV6, IPV6_2292HOPOPTS, (ptr[1]+1)<<3, ptr);
645 }
646 if (np->rxopt.bits.odstopts && opt->dst0) {
647 u8 *ptr = nh + opt->dst0;
648 put_cmsg(msg, SOL_IPV6, IPV6_2292DSTOPTS, (ptr[1]+1)<<3, ptr);
649 }
650 if (np->rxopt.bits.osrcrt && opt->srcrt) {
651 struct ipv6_rt_hdr *rthdr = (struct ipv6_rt_hdr *)(nh + opt->srcrt);
652 put_cmsg(msg, SOL_IPV6, IPV6_2292RTHDR, (rthdr->hdrlen+1) << 3, rthdr);
653 }
654 if (np->rxopt.bits.odstopts && opt->dst1) {
655 u8 *ptr = nh + opt->dst1;
656 put_cmsg(msg, SOL_IPV6, IPV6_2292DSTOPTS, (ptr[1]+1)<<3, ptr);
657 }
658 if (np->rxopt.bits.rxorigdstaddr) {
659 struct sockaddr_in6 sin6;
660 __be16 *ports;
661 int end;
662
663 end = skb_transport_offset(skb) + 4;
664 if (end <= 0 || pskb_may_pull(skb, end)) {
665 /* All current transport protocols have the port numbers in the
666 * first four bytes of the transport header and this function is
667 * written with this assumption in mind.
668 */
669 ports = (__be16 *)skb_transport_header(skb);
670
671 sin6.sin6_family = AF_INET6;
672 sin6.sin6_addr = ipv6_hdr(skb)->daddr;
673 sin6.sin6_port = ports[1];
674 sin6.sin6_flowinfo = 0;
675 sin6.sin6_scope_id =
676 ipv6_iface_scope_id(&ipv6_hdr(skb)->daddr,
677 opt->iif);
678
679 put_cmsg(msg, SOL_IPV6, IPV6_ORIGDSTADDR, sizeof(sin6), &sin6);
680 }
681 }
682 }
683
684 void ip6_datagram_recv_ctl(struct sock *sk, struct msghdr *msg,
685 struct sk_buff *skb)
686 {
687 ip6_datagram_recv_common_ctl(sk, msg, skb);
688 ip6_datagram_recv_specific_ctl(sk, msg, skb);
689 }
690 EXPORT_SYMBOL_GPL(ip6_datagram_recv_ctl);
691
692 int ip6_datagram_send_ctl(struct net *net, struct sock *sk,
693 struct msghdr *msg, struct flowi6 *fl6,
694 struct ipv6_txoptions *opt,
695 int *hlimit, int *tclass, int *dontfrag)
696 {
697 struct in6_pktinfo *src_info;
698 struct cmsghdr *cmsg;
699 struct ipv6_rt_hdr *rthdr;
700 struct ipv6_opt_hdr *hdr;
701 int len;
702 int err = 0;
703
704 for_each_cmsghdr(cmsg, msg) {
705 int addr_type;
706
707 if (!CMSG_OK(msg, cmsg)) {
708 err = -EINVAL;
709 goto exit_f;
710 }
711
712 if (cmsg->cmsg_level != SOL_IPV6)
713 continue;
714
715 switch (cmsg->cmsg_type) {
716 case IPV6_PKTINFO:
717 case IPV6_2292PKTINFO:
718 {
719 struct net_device *dev = NULL;
720
721 if (cmsg->cmsg_len < CMSG_LEN(sizeof(struct in6_pktinfo))) {
722 err = -EINVAL;
723 goto exit_f;
724 }
725
726 src_info = (struct in6_pktinfo *)CMSG_DATA(cmsg);
727
728 if (src_info->ipi6_ifindex) {
729 if (fl6->flowi6_oif &&
730 src_info->ipi6_ifindex != fl6->flowi6_oif)
731 return -EINVAL;
732 fl6->flowi6_oif = src_info->ipi6_ifindex;
733 }
734
735 addr_type = __ipv6_addr_type(&src_info->ipi6_addr);
736
737 rcu_read_lock();
738 if (fl6->flowi6_oif) {
739 dev = dev_get_by_index_rcu(net, fl6->flowi6_oif);
740 if (!dev) {
741 rcu_read_unlock();
742 return -ENODEV;
743 }
744 } else if (addr_type & IPV6_ADDR_LINKLOCAL) {
745 rcu_read_unlock();
746 return -EINVAL;
747 }
748
749 if (addr_type != IPV6_ADDR_ANY) {
750 int strict = __ipv6_addr_src_scope(addr_type) <= IPV6_ADDR_SCOPE_LINKLOCAL;
751 if (!(inet_sk(sk)->freebind || inet_sk(sk)->transparent) &&
752 !ipv6_chk_addr(net, &src_info->ipi6_addr,
753 strict ? dev : NULL, 0) &&
754 !ipv6_chk_acast_addr_src(net, dev,
755 &src_info->ipi6_addr))
756 err = -EINVAL;
757 else
758 fl6->saddr = src_info->ipi6_addr;
759 }
760
761 rcu_read_unlock();
762
763 if (err)
764 goto exit_f;
765
766 break;
767 }
768
769 case IPV6_FLOWINFO:
770 if (cmsg->cmsg_len < CMSG_LEN(4)) {
771 err = -EINVAL;
772 goto exit_f;
773 }
774
775 if (fl6->flowlabel&IPV6_FLOWINFO_MASK) {
776 if ((fl6->flowlabel^*(__be32 *)CMSG_DATA(cmsg))&~IPV6_FLOWINFO_MASK) {
777 err = -EINVAL;
778 goto exit_f;
779 }
780 }
781 fl6->flowlabel = IPV6_FLOWINFO_MASK & *(__be32 *)CMSG_DATA(cmsg);
782 break;
783
784 case IPV6_2292HOPOPTS:
785 case IPV6_HOPOPTS:
786 if (opt->hopopt || cmsg->cmsg_len < CMSG_LEN(sizeof(struct ipv6_opt_hdr))) {
787 err = -EINVAL;
788 goto exit_f;
789 }
790
791 hdr = (struct ipv6_opt_hdr *)CMSG_DATA(cmsg);
792 len = ((hdr->hdrlen + 1) << 3);
793 if (cmsg->cmsg_len < CMSG_LEN(len)) {
794 err = -EINVAL;
795 goto exit_f;
796 }
797 if (!ns_capable(net->user_ns, CAP_NET_RAW)) {
798 err = -EPERM;
799 goto exit_f;
800 }
801 opt->opt_nflen += len;
802 opt->hopopt = hdr;
803 break;
804
805 case IPV6_2292DSTOPTS:
806 if (cmsg->cmsg_len < CMSG_LEN(sizeof(struct ipv6_opt_hdr))) {
807 err = -EINVAL;
808 goto exit_f;
809 }
810
811 hdr = (struct ipv6_opt_hdr *)CMSG_DATA(cmsg);
812 len = ((hdr->hdrlen + 1) << 3);
813 if (cmsg->cmsg_len < CMSG_LEN(len)) {
814 err = -EINVAL;
815 goto exit_f;
816 }
817 if (!ns_capable(net->user_ns, CAP_NET_RAW)) {
818 err = -EPERM;
819 goto exit_f;
820 }
821 if (opt->dst1opt) {
822 err = -EINVAL;
823 goto exit_f;
824 }
825 opt->opt_flen += len;
826 opt->dst1opt = hdr;
827 break;
828
829 case IPV6_DSTOPTS:
830 case IPV6_RTHDRDSTOPTS:
831 if (cmsg->cmsg_len < CMSG_LEN(sizeof(struct ipv6_opt_hdr))) {
832 err = -EINVAL;
833 goto exit_f;
834 }
835
836 hdr = (struct ipv6_opt_hdr *)CMSG_DATA(cmsg);
837 len = ((hdr->hdrlen + 1) << 3);
838 if (cmsg->cmsg_len < CMSG_LEN(len)) {
839 err = -EINVAL;
840 goto exit_f;
841 }
842 if (!ns_capable(net->user_ns, CAP_NET_RAW)) {
843 err = -EPERM;
844 goto exit_f;
845 }
846 if (cmsg->cmsg_type == IPV6_DSTOPTS) {
847 opt->opt_flen += len;
848 opt->dst1opt = hdr;
849 } else {
850 opt->opt_nflen += len;
851 opt->dst0opt = hdr;
852 }
853 break;
854
855 case IPV6_2292RTHDR:
856 case IPV6_RTHDR:
857 if (cmsg->cmsg_len < CMSG_LEN(sizeof(struct ipv6_rt_hdr))) {
858 err = -EINVAL;
859 goto exit_f;
860 }
861
862 rthdr = (struct ipv6_rt_hdr *)CMSG_DATA(cmsg);
863
864 switch (rthdr->type) {
865 #if IS_ENABLED(CONFIG_IPV6_MIP6)
866 case IPV6_SRCRT_TYPE_2:
867 if (rthdr->hdrlen != 2 ||
868 rthdr->segments_left != 1) {
869 err = -EINVAL;
870 goto exit_f;
871 }
872 break;
873 #endif
874 default:
875 err = -EINVAL;
876 goto exit_f;
877 }
878
879 len = ((rthdr->hdrlen + 1) << 3);
880
881 if (cmsg->cmsg_len < CMSG_LEN(len)) {
882 err = -EINVAL;
883 goto exit_f;
884 }
885
886 /* segments left must also match */
887 if ((rthdr->hdrlen >> 1) != rthdr->segments_left) {
888 err = -EINVAL;
889 goto exit_f;
890 }
891
892 opt->opt_nflen += len;
893 opt->srcrt = rthdr;
894
895 if (cmsg->cmsg_type == IPV6_2292RTHDR && opt->dst1opt) {
896 int dsthdrlen = ((opt->dst1opt->hdrlen+1)<<3);
897
898 opt->opt_nflen += dsthdrlen;
899 opt->dst0opt = opt->dst1opt;
900 opt->dst1opt = NULL;
901 opt->opt_flen -= dsthdrlen;
902 }
903
904 break;
905
906 case IPV6_2292HOPLIMIT:
907 case IPV6_HOPLIMIT:
908 if (cmsg->cmsg_len != CMSG_LEN(sizeof(int))) {
909 err = -EINVAL;
910 goto exit_f;
911 }
912
913 *hlimit = *(int *)CMSG_DATA(cmsg);
914 if (*hlimit < -1 || *hlimit > 0xff) {
915 err = -EINVAL;
916 goto exit_f;
917 }
918
919 break;
920
921 case IPV6_TCLASS:
922 {
923 int tc;
924
925 err = -EINVAL;
926 if (cmsg->cmsg_len != CMSG_LEN(sizeof(int)))
927 goto exit_f;
928
929 tc = *(int *)CMSG_DATA(cmsg);
930 if (tc < -1 || tc > 0xff)
931 goto exit_f;
932
933 err = 0;
934 *tclass = tc;
935
936 break;
937 }
938
939 case IPV6_DONTFRAG:
940 {
941 int df;
942
943 err = -EINVAL;
944 if (cmsg->cmsg_len != CMSG_LEN(sizeof(int)))
945 goto exit_f;
946
947 df = *(int *)CMSG_DATA(cmsg);
948 if (df < 0 || df > 1)
949 goto exit_f;
950
951 err = 0;
952 *dontfrag = df;
953
954 break;
955 }
956 default:
957 net_dbg_ratelimited("invalid cmsg type: %d\n",
958 cmsg->cmsg_type);
959 err = -EINVAL;
960 goto exit_f;
961 }
962 }
963
964 exit_f:
965 return err;
966 }
967 EXPORT_SYMBOL_GPL(ip6_datagram_send_ctl);
968
969 void ip6_dgram_sock_seq_show(struct seq_file *seq, struct sock *sp,
970 __u16 srcp, __u16 destp, int bucket)
971 {
972 const struct in6_addr *dest, *src;
973
974 dest = &sp->sk_v6_daddr;
975 src = &sp->sk_v6_rcv_saddr;
976 seq_printf(seq,
977 "%5d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
978 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %d\n",
979 bucket,
980 src->s6_addr32[0], src->s6_addr32[1],
981 src->s6_addr32[2], src->s6_addr32[3], srcp,
982 dest->s6_addr32[0], dest->s6_addr32[1],
983 dest->s6_addr32[2], dest->s6_addr32[3], destp,
984 sp->sk_state,
985 sk_wmem_alloc_get(sp),
986 sk_rmem_alloc_get(sp),
987 0, 0L, 0,
988 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
989 0,
990 sock_i_ino(sp),
991 atomic_read(&sp->sk_refcnt), sp,
992 atomic_read(&sp->sk_drops));
993 }
Linux with added FPC-III support