ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks
[linux/fpc-iii.git] / net / ipv6 / ping.c
bloba830b68e63c94262e64876e943f55e3aa8fd1b5b
1 /*
2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
6 * "Ping" sockets
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
13 * Based on ipv4/ping.c code.
15 * Authors: Lorenzo Colitti (IPv6 support)
16 * Vasiliy Kulikov / Openwall (IPv4 implementation, for Linux 2.6),
17 * Pavel Kankovsky (IPv4 implementation, for Linux 2.4.32)
21 #include <net/addrconf.h>
22 #include <net/ipv6.h>
23 #include <net/ip6_route.h>
24 #include <net/protocol.h>
25 #include <net/udp.h>
26 #include <net/transp_v6.h>
27 #include <net/ping.h>
29 struct proto pingv6_prot = {
30 .name = "PINGv6",
31 .owner = THIS_MODULE,
32 .init = ping_init_sock,
33 .close = ping_close,
34 .connect = ip6_datagram_connect_v6_only,
35 .disconnect = udp_disconnect,
36 .setsockopt = ipv6_setsockopt,
37 .getsockopt = ipv6_getsockopt,
38 .sendmsg = ping_v6_sendmsg,
39 .recvmsg = ping_recvmsg,
40 .bind = ping_bind,
41 .backlog_rcv = ping_queue_rcv_skb,
42 .hash = ping_hash,
43 .unhash = ping_unhash,
44 .get_port = ping_get_port,
45 .obj_size = sizeof(struct raw6_sock),
47 EXPORT_SYMBOL_GPL(pingv6_prot);
49 static struct inet_protosw pingv6_protosw = {
50 .type = SOCK_DGRAM,
51 .protocol = IPPROTO_ICMPV6,
52 .prot = &pingv6_prot,
53 .ops = &inet6_sockraw_ops,
54 .flags = INET_PROTOSW_REUSE,
58 /* Compatibility glue so we can support IPv6 when it's compiled as a module */
59 static int dummy_ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len,
60 int *addr_len)
62 return -EAFNOSUPPORT;
64 static void dummy_ip6_datagram_recv_ctl(struct sock *sk, struct msghdr *msg,
65 struct sk_buff *skb)
68 static int dummy_icmpv6_err_convert(u8 type, u8 code, int *err)
70 return -EAFNOSUPPORT;
72 static void dummy_ipv6_icmp_error(struct sock *sk, struct sk_buff *skb, int err,
73 __be16 port, u32 info, u8 *payload) {}
74 static int dummy_ipv6_chk_addr(struct net *net, const struct in6_addr *addr,
75 const struct net_device *dev, int strict)
77 return 0;
80 int ping_v6_sendmsg(struct sock *sk, struct msghdr *msg, size_t len)
82 struct inet_sock *inet = inet_sk(sk);
83 struct ipv6_pinfo *np = inet6_sk(sk);
84 struct icmp6hdr user_icmph;
85 int addr_type;
86 struct in6_addr *daddr;
87 int iif = 0;
88 struct flowi6 fl6;
89 int err;
90 int hlimit;
91 struct dst_entry *dst;
92 struct rt6_info *rt;
93 struct pingfakehdr pfh;
95 pr_debug("ping_v6_sendmsg(sk=%p,sk->num=%u)\n", inet, inet->inet_num);
97 err = ping_common_sendmsg(AF_INET6, msg, len, &user_icmph,
98 sizeof(user_icmph));
99 if (err)
100 return err;
102 if (msg->msg_name) {
103 DECLARE_SOCKADDR(struct sockaddr_in6 *, u, msg->msg_name);
104 if (msg->msg_namelen < sizeof(*u))
105 return -EINVAL;
106 if (u->sin6_family != AF_INET6) {
107 return -EAFNOSUPPORT;
109 if (sk->sk_bound_dev_if &&
110 sk->sk_bound_dev_if != u->sin6_scope_id) {
111 return -EINVAL;
113 daddr = &(u->sin6_addr);
114 iif = u->sin6_scope_id;
115 } else {
116 if (sk->sk_state != TCP_ESTABLISHED)
117 return -EDESTADDRREQ;
118 daddr = &sk->sk_v6_daddr;
121 if (!iif)
122 iif = sk->sk_bound_dev_if;
124 addr_type = ipv6_addr_type(daddr);
125 if (__ipv6_addr_needs_scope_id(addr_type) && !iif)
126 return -EINVAL;
127 if (addr_type & IPV6_ADDR_MAPPED)
128 return -EINVAL;
130 /* TODO: use ip6_datagram_send_ctl to get options from cmsg */
132 memset(&fl6, 0, sizeof(fl6));
134 fl6.flowi6_proto = IPPROTO_ICMPV6;
135 fl6.saddr = np->saddr;
136 fl6.daddr = *daddr;
137 fl6.flowi6_mark = sk->sk_mark;
138 fl6.fl6_icmp_type = user_icmph.icmp6_type;
139 fl6.fl6_icmp_code = user_icmph.icmp6_code;
140 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
142 if (!fl6.flowi6_oif && ipv6_addr_is_multicast(&fl6.daddr))
143 fl6.flowi6_oif = np->mcast_oif;
144 else if (!fl6.flowi6_oif)
145 fl6.flowi6_oif = np->ucast_oif;
147 dst = ip6_sk_dst_lookup_flow(sk, &fl6, daddr);
148 if (IS_ERR(dst))
149 return PTR_ERR(dst);
150 rt = (struct rt6_info *) dst;
152 np = inet6_sk(sk);
153 if (!np) {
154 err = -EBADF;
155 goto dst_err_out;
158 if (!fl6.flowi6_oif && ipv6_addr_is_multicast(&fl6.daddr))
159 fl6.flowi6_oif = np->mcast_oif;
160 else if (!fl6.flowi6_oif)
161 fl6.flowi6_oif = np->ucast_oif;
163 pfh.icmph.type = user_icmph.icmp6_type;
164 pfh.icmph.code = user_icmph.icmp6_code;
165 pfh.icmph.checksum = 0;
166 pfh.icmph.un.echo.id = inet->inet_sport;
167 pfh.icmph.un.echo.sequence = user_icmph.icmp6_sequence;
168 pfh.msg = msg;
169 pfh.wcheck = 0;
170 pfh.family = AF_INET6;
172 hlimit = ip6_sk_dst_hoplimit(np, &fl6, dst);
174 lock_sock(sk);
175 err = ip6_append_data(sk, ping_getfrag, &pfh, len,
176 0, hlimit,
177 np->tclass, NULL, &fl6, rt,
178 MSG_DONTWAIT, np->dontfrag);
180 if (err) {
181 ICMP6_INC_STATS(sock_net(sk), rt->rt6i_idev,
182 ICMP6_MIB_OUTERRORS);
183 ip6_flush_pending_frames(sk);
184 } else {
185 err = icmpv6_push_pending_frames(sk, &fl6,
186 (struct icmp6hdr *) &pfh.icmph,
187 len);
189 release_sock(sk);
191 dst_err_out:
192 dst_release(dst);
194 if (err)
195 return err;
197 return len;
200 #ifdef CONFIG_PROC_FS
201 static void *ping_v6_seq_start(struct seq_file *seq, loff_t *pos)
203 return ping_seq_start(seq, pos, AF_INET6);
206 static int ping_v6_seq_show(struct seq_file *seq, void *v)
208 if (v == SEQ_START_TOKEN) {
209 seq_puts(seq, IPV6_SEQ_DGRAM_HEADER);
210 } else {
211 int bucket = ((struct ping_iter_state *) seq->private)->bucket;
212 struct inet_sock *inet = inet_sk(v);
213 __u16 srcp = ntohs(inet->inet_sport);
214 __u16 destp = ntohs(inet->inet_dport);
215 ip6_dgram_sock_seq_show(seq, v, srcp, destp, bucket);
217 return 0;
220 static struct ping_seq_afinfo ping_v6_seq_afinfo = {
221 .name = "icmp6",
222 .family = AF_INET6,
223 .seq_fops = &ping_seq_fops,
224 .seq_ops = {
225 .start = ping_v6_seq_start,
226 .show = ping_v6_seq_show,
227 .next = ping_seq_next,
228 .stop = ping_seq_stop,
232 static int __net_init ping_v6_proc_init_net(struct net *net)
234 return ping_proc_register(net, &ping_v6_seq_afinfo);
237 static void __net_init ping_v6_proc_exit_net(struct net *net)
239 return ping_proc_unregister(net, &ping_v6_seq_afinfo);
242 static struct pernet_operations ping_v6_net_ops = {
243 .init = ping_v6_proc_init_net,
244 .exit = ping_v6_proc_exit_net,
246 #endif
248 int __init pingv6_init(void)
250 #ifdef CONFIG_PROC_FS
251 int ret = register_pernet_subsys(&ping_v6_net_ops);
252 if (ret)
253 return ret;
254 #endif
255 pingv6_ops.ipv6_recv_error = ipv6_recv_error;
256 pingv6_ops.ip6_datagram_recv_common_ctl = ip6_datagram_recv_common_ctl;
257 pingv6_ops.ip6_datagram_recv_specific_ctl =
258 ip6_datagram_recv_specific_ctl;
259 pingv6_ops.icmpv6_err_convert = icmpv6_err_convert;
260 pingv6_ops.ipv6_icmp_error = ipv6_icmp_error;
261 pingv6_ops.ipv6_chk_addr = ipv6_chk_addr;
262 return inet6_register_protosw(&pingv6_protosw);
265 /* This never gets called because it's not possible to unload the ipv6 module,
266 * but just in case.
268 void pingv6_exit(void)
270 pingv6_ops.ipv6_recv_error = dummy_ipv6_recv_error;
271 pingv6_ops.ip6_datagram_recv_common_ctl = dummy_ip6_datagram_recv_ctl;
272 pingv6_ops.ip6_datagram_recv_specific_ctl = dummy_ip6_datagram_recv_ctl;
273 pingv6_ops.icmpv6_err_convert = dummy_icmpv6_err_convert;
274 pingv6_ops.ipv6_icmp_error = dummy_ipv6_icmp_error;
275 pingv6_ops.ipv6_chk_addr = dummy_ipv6_chk_addr;
276 #ifdef CONFIG_PROC_FS
277 unregister_pernet_subsys(&ping_v6_net_ops);
278 #endif
279 inet6_unregister_protosw(&pingv6_protosw);