search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
dm writecache: fix incorrect flush sequence when doing SSD mode commit
[linux/fpc-iii.git] / net / ipv4 / ip_options.c
blobddaa01ec2bce82f77333972813eeee4cbf87d1c9
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * INET An implementation of the TCP/IP protocol suite for the LINUX
4 * operating system. INET is implemented using the BSD Socket
5 * interface as the means of communication with the user level.
6 *
7 * The options processing module for ip.c
8 *
9 * Authors: A.N.Kuznetsov
10 *
11 */
12
13 #define pr_fmt(fmt) "IPv4: " fmt
14
15 #include <linux/capability.h>
16 #include <linux/module.h>
17 #include <linux/slab.h>
18 #include <linux/types.h>
19 #include <linux/uaccess.h>
20 #include <asm/unaligned.h>
21 #include <linux/skbuff.h>
22 #include <linux/ip.h>
23 #include <linux/icmp.h>
24 #include <linux/netdevice.h>
25 #include <linux/rtnetlink.h>
26 #include <net/sock.h>
27 #include <net/ip.h>
28 #include <net/icmp.h>
29 #include <net/route.h>
30 #include <net/cipso_ipv4.h>
31 #include <net/ip_fib.h>
32
33 /*
34 * Write options to IP header, record destination address to
35 * source route option, address of outgoing interface
36 * (we should already know it, so that this function is allowed be
37 * called only after routing decision) and timestamp,
38 * if we originate this datagram.
39 *
40 * daddr is real destination address, next hop is recorded in IP header.
41 * saddr is address of outgoing interface.
42 */
43
44 void ip_options_build(struct sk_buff *skb, struct ip_options *opt,
45 __be32 daddr, struct rtable *rt, int is_frag)
46 {
47 unsigned char *iph = skb_network_header(skb);
48
49 memcpy(&(IPCB(skb)->opt), opt, sizeof(struct ip_options));
50 memcpy(iph+sizeof(struct iphdr), opt->__data, opt->optlen);
51 opt = &(IPCB(skb)->opt);
52
53 if (opt->srr)
54 memcpy(iph+opt->srr+iph[opt->srr+1]-4, &daddr, 4);
55
56 if (!is_frag) {
57 if (opt->rr_needaddr)
58 ip_rt_get_source(iph+opt->rr+iph[opt->rr+2]-5, skb, rt);
59 if (opt->ts_needaddr)
60 ip_rt_get_source(iph+opt->ts+iph[opt->ts+2]-9, skb, rt);
61 if (opt->ts_needtime) {
62 __be32 midtime;
63
64 midtime = inet_current_timestamp();
65 memcpy(iph+opt->ts+iph[opt->ts+2]-5, &midtime, 4);
66 }
67 return;
68 }
69 if (opt->rr) {
70 memset(iph+opt->rr, IPOPT_NOP, iph[opt->rr+1]);
71 opt->rr = 0;
72 opt->rr_needaddr = 0;
73 }
74 if (opt->ts) {
75 memset(iph+opt->ts, IPOPT_NOP, iph[opt->ts+1]);
76 opt->ts = 0;
77 opt->ts_needaddr = opt->ts_needtime = 0;
78 }
79 }
80
81 /*
82 * Provided (sopt, skb) points to received options,
83 * build in dopt compiled option set appropriate for answering.
84 * i.e. invert SRR option, copy anothers,
85 * and grab room in RR/TS options.
86 *
87 * NOTE: dopt cannot point to skb.
88 */
89
90 int __ip_options_echo(struct net *net, struct ip_options *dopt,
91 struct sk_buff *skb, const struct ip_options *sopt)
92 {
93 unsigned char *sptr, *dptr;
94 int soffset, doffset;
95 int optlen;
96
97 memset(dopt, 0, sizeof(struct ip_options));
98
99 if (sopt->optlen == 0)
100 return 0;
101
102 sptr = skb_network_header(skb);
103 dptr = dopt->__data;
104
105 if (sopt->rr) {
106 optlen = sptr[sopt->rr+1];
107 soffset = sptr[sopt->rr+2];
108 dopt->rr = dopt->optlen + sizeof(struct iphdr);
109 memcpy(dptr, sptr+sopt->rr, optlen);
110 if (sopt->rr_needaddr && soffset <= optlen) {
111 if (soffset + 3 > optlen)
112 return -EINVAL;
113 dptr[2] = soffset + 4;
114 dopt->rr_needaddr = 1;
115 }
116 dptr += optlen;
117 dopt->optlen += optlen;
118 }
119 if (sopt->ts) {
120 optlen = sptr[sopt->ts+1];
121 soffset = sptr[sopt->ts+2];
122 dopt->ts = dopt->optlen + sizeof(struct iphdr);
123 memcpy(dptr, sptr+sopt->ts, optlen);
124 if (soffset <= optlen) {
125 if (sopt->ts_needaddr) {
126 if (soffset + 3 > optlen)
127 return -EINVAL;
128 dopt->ts_needaddr = 1;
129 soffset += 4;
130 }
131 if (sopt->ts_needtime) {
132 if (soffset + 3 > optlen)
133 return -EINVAL;
134 if ((dptr[3]&0xF) != IPOPT_TS_PRESPEC) {
135 dopt->ts_needtime = 1;
136 soffset += 4;
137 } else {
138 dopt->ts_needtime = 0;
139
140 if (soffset + 7 <= optlen) {
141 __be32 addr;
142
143 memcpy(&addr, dptr+soffset-1, 4);
144 if (inet_addr_type(net, addr) != RTN_UNICAST) {
145 dopt->ts_needtime = 1;
146 soffset += 8;
147 }
148 }
149 }
150 }
151 dptr[2] = soffset;
152 }
153 dptr += optlen;
154 dopt->optlen += optlen;
155 }
156 if (sopt->srr) {
157 unsigned char *start = sptr+sopt->srr;
158 __be32 faddr;
159
160 optlen = start[1];
161 soffset = start[2];
162 doffset = 0;
163 if (soffset > optlen)
164 soffset = optlen + 1;
165 soffset -= 4;
166 if (soffset > 3) {
167 memcpy(&faddr, &start[soffset-1], 4);
168 for (soffset -= 4, doffset = 4; soffset > 3; soffset -= 4, doffset += 4)
169 memcpy(&dptr[doffset-1], &start[soffset-1], 4);
170 /*
171 * RFC1812 requires to fix illegal source routes.
172 */
173 if (memcmp(&ip_hdr(skb)->saddr,
174 &start[soffset + 3], 4) == 0)
175 doffset -= 4;
176 }
177 if (doffset > 3) {
178 dopt->faddr = faddr;
179 dptr[0] = start[0];
180 dptr[1] = doffset+3;
181 dptr[2] = 4;
182 dptr += doffset+3;
183 dopt->srr = dopt->optlen + sizeof(struct iphdr);
184 dopt->optlen += doffset+3;
185 dopt->is_strictroute = sopt->is_strictroute;
186 }
187 }
188 if (sopt->cipso) {
189 optlen = sptr[sopt->cipso+1];
190 dopt->cipso = dopt->optlen+sizeof(struct iphdr);
191 memcpy(dptr, sptr+sopt->cipso, optlen);
192 dptr += optlen;
193 dopt->optlen += optlen;
194 }
195 while (dopt->optlen & 3) {
196 *dptr++ = IPOPT_END;
197 dopt->optlen++;
198 }
199 return 0;
200 }
201
202 /*
203 * Options "fragmenting", just fill options not
204 * allowed in fragments with NOOPs.
205 * Simple and stupid 8), but the most efficient way.
206 */
207
208 void ip_options_fragment(struct sk_buff *skb)
209 {
210 unsigned char *optptr = skb_network_header(skb) + sizeof(struct iphdr);
211 struct ip_options *opt = &(IPCB(skb)->opt);
212 int l = opt->optlen;
213 int optlen;
214
215 while (l > 0) {
216 switch (*optptr) {
217 case IPOPT_END:
218 return;
219 case IPOPT_NOOP:
220 l--;
221 optptr++;
222 continue;
223 }
224 optlen = optptr[1];
225 if (optlen < 2 || optlen > l)
226 return;
227 if (!IPOPT_COPIED(*optptr))
228 memset(optptr, IPOPT_NOOP, optlen);
229 l -= optlen;
230 optptr += optlen;
231 }
232 opt->ts = 0;
233 opt->rr = 0;
234 opt->rr_needaddr = 0;
235 opt->ts_needaddr = 0;
236 opt->ts_needtime = 0;
237 }
238
239 /* helper used by ip_options_compile() to call fib_compute_spec_dst()
240 * at most one time.
241 */
242 static void spec_dst_fill(__be32 *spec_dst, struct sk_buff *skb)
243 {
244 if (*spec_dst == htonl(INADDR_ANY))
245 *spec_dst = fib_compute_spec_dst(skb);
246 }
247
248 /*
249 * Verify options and fill pointers in struct options.
250 * Caller should clear *opt, and set opt->data.
251 * If opt == NULL, then skb->data should point to IP header.
252 */
253
254 int __ip_options_compile(struct net *net,
255 struct ip_options *opt, struct sk_buff *skb,
256 __be32 *info)
257 {
258 __be32 spec_dst = htonl(INADDR_ANY);
259 unsigned char *pp_ptr = NULL;
260 struct rtable *rt = NULL;
261 unsigned char *optptr;
262 unsigned char *iph;
263 int optlen, l;
264
265 if (skb) {
266 rt = skb_rtable(skb);
267 optptr = (unsigned char *)&(ip_hdr(skb)[1]);
268 } else
269 optptr = opt->__data;
270 iph = optptr - sizeof(struct iphdr);
271
272 for (l = opt->optlen; l > 0; ) {
273 switch (*optptr) {
274 case IPOPT_END:
275 for (optptr++, l--; l > 0; optptr++, l--) {
276 if (*optptr != IPOPT_END) {
277 *optptr = IPOPT_END;
278 opt->is_changed = 1;
279 }
280 }
281 goto eol;
282 case IPOPT_NOOP:
283 l--;
284 optptr++;
285 continue;
286 }
287 if (unlikely(l < 2)) {
288 pp_ptr = optptr;
289 goto error;
290 }
291 optlen = optptr[1];
292 if (optlen < 2 || optlen > l) {
293 pp_ptr = optptr;
294 goto error;
295 }
296 switch (*optptr) {
297 case IPOPT_SSRR:
298 case IPOPT_LSRR:
299 if (optlen < 3) {
300 pp_ptr = optptr + 1;
301 goto error;
302 }
303 if (optptr[2] < 4) {
304 pp_ptr = optptr + 2;
305 goto error;
306 }
307 /* NB: cf RFC-1812 5.2.4.1 */
308 if (opt->srr) {
309 pp_ptr = optptr;
310 goto error;
311 }
312 if (!skb) {
313 if (optptr[2] != 4 || optlen < 7 || ((optlen-3) & 3)) {
314 pp_ptr = optptr + 1;
315 goto error;
316 }
317 memcpy(&opt->faddr, &optptr[3], 4);
318 if (optlen > 7)
319 memmove(&optptr[3], &optptr[7], optlen-7);
320 }
321 opt->is_strictroute = (optptr[0] == IPOPT_SSRR);
322 opt->srr = optptr - iph;
323 break;
324 case IPOPT_RR:
325 if (opt->rr) {
326 pp_ptr = optptr;
327 goto error;
328 }
329 if (optlen < 3) {
330 pp_ptr = optptr + 1;
331 goto error;
332 }
333 if (optptr[2] < 4) {
334 pp_ptr = optptr + 2;
335 goto error;
336 }
337 if (optptr[2] <= optlen) {
338 if (optptr[2]+3 > optlen) {
339 pp_ptr = optptr + 2;
340 goto error;
341 }
342 if (rt) {
343 spec_dst_fill(&spec_dst, skb);
344 memcpy(&optptr[optptr[2]-1], &spec_dst, 4);
345 opt->is_changed = 1;
346 }
347 optptr[2] += 4;
348 opt->rr_needaddr = 1;
349 }
350 opt->rr = optptr - iph;
351 break;
352 case IPOPT_TIMESTAMP:
353 if (opt->ts) {
354 pp_ptr = optptr;
355 goto error;
356 }
357 if (optlen < 4) {
358 pp_ptr = optptr + 1;
359 goto error;
360 }
361 if (optptr[2] < 5) {
362 pp_ptr = optptr + 2;
363 goto error;
364 }
365 if (optptr[2] <= optlen) {
366 unsigned char *timeptr = NULL;
367 if (optptr[2]+3 > optlen) {
368 pp_ptr = optptr + 2;
369 goto error;
370 }
371 switch (optptr[3]&0xF) {
372 case IPOPT_TS_TSONLY:
373 if (skb)
374 timeptr = &optptr[optptr[2]-1];
375 opt->ts_needtime = 1;
376 optptr[2] += 4;
377 break;
378 case IPOPT_TS_TSANDADDR:
379 if (optptr[2]+7 > optlen) {
380 pp_ptr = optptr + 2;
381 goto error;
382 }
383 if (rt) {
384 spec_dst_fill(&spec_dst, skb);
385 memcpy(&optptr[optptr[2]-1], &spec_dst, 4);
386 timeptr = &optptr[optptr[2]+3];
387 }
388 opt->ts_needaddr = 1;
389 opt->ts_needtime = 1;
390 optptr[2] += 8;
391 break;
392 case IPOPT_TS_PRESPEC:
393 if (optptr[2]+7 > optlen) {
394 pp_ptr = optptr + 2;
395 goto error;
396 }
397 {
398 __be32 addr;
399 memcpy(&addr, &optptr[optptr[2]-1], 4);
400 if (inet_addr_type(net, addr) == RTN_UNICAST)
401 break;
402 if (skb)
403 timeptr = &optptr[optptr[2]+3];
404 }
405 opt->ts_needtime = 1;
406 optptr[2] += 8;
407 break;
408 default:
409 if (!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) {
410 pp_ptr = optptr + 3;
411 goto error;
412 }
413 break;
414 }
415 if (timeptr) {
416 __be32 midtime;
417
418 midtime = inet_current_timestamp();
419 memcpy(timeptr, &midtime, 4);
420 opt->is_changed = 1;
421 }
422 } else if ((optptr[3]&0xF) != IPOPT_TS_PRESPEC) {
423 unsigned int overflow = optptr[3]>>4;
424 if (overflow == 15) {
425 pp_ptr = optptr + 3;
426 goto error;
427 }
428 if (skb) {
429 optptr[3] = (optptr[3]&0xF)|((overflow+1)<<4);
430 opt->is_changed = 1;
431 }
432 }
433 opt->ts = optptr - iph;
434 break;
435 case IPOPT_RA:
436 if (optlen < 4) {
437 pp_ptr = optptr + 1;
438 goto error;
439 }
440 if (optptr[2] == 0 && optptr[3] == 0)
441 opt->router_alert = optptr - iph;
442 break;
443 case IPOPT_CIPSO:
444 if ((!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) || opt->cipso) {
445 pp_ptr = optptr;
446 goto error;
447 }
448 opt->cipso = optptr - iph;
449 if (cipso_v4_validate(skb, &optptr)) {
450 pp_ptr = optptr;
451 goto error;
452 }
453 break;
454 case IPOPT_SEC:
455 case IPOPT_SID:
456 default:
457 if (!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) {
458 pp_ptr = optptr;
459 goto error;
460 }
461 break;
462 }
463 l -= optlen;
464 optptr += optlen;
465 }
466
467 eol:
468 if (!pp_ptr)
469 return 0;
470
471 error:
472 if (info)
473 *info = htonl((pp_ptr-iph)<<24);
474 return -EINVAL;
475 }
476 EXPORT_SYMBOL(__ip_options_compile);
477
478 int ip_options_compile(struct net *net,
479 struct ip_options *opt, struct sk_buff *skb)
480 {
481 int ret;
482 __be32 info;
483
484 ret = __ip_options_compile(net, opt, skb, &info);
485 if (ret != 0 && skb)
486 icmp_send(skb, ICMP_PARAMETERPROB, 0, info);
487 return ret;
488 }
489 EXPORT_SYMBOL(ip_options_compile);
490
491 /*
492 * Undo all the changes done by ip_options_compile().
493 */
494
495 void ip_options_undo(struct ip_options *opt)
496 {
497 if (opt->srr) {
498 unsigned char *optptr = opt->__data+opt->srr-sizeof(struct iphdr);
499 memmove(optptr+7, optptr+3, optptr[1]-7);
500 memcpy(optptr+3, &opt->faddr, 4);
501 }
502 if (opt->rr_needaddr) {
503 unsigned char *optptr = opt->__data+opt->rr-sizeof(struct iphdr);
504 optptr[2] -= 4;
505 memset(&optptr[optptr[2]-1], 0, 4);
506 }
507 if (opt->ts) {
508 unsigned char *optptr = opt->__data+opt->ts-sizeof(struct iphdr);
509 if (opt->ts_needtime) {
510 optptr[2] -= 4;
511 memset(&optptr[optptr[2]-1], 0, 4);
512 if ((optptr[3]&0xF) == IPOPT_TS_PRESPEC)
513 optptr[2] -= 4;
514 }
515 if (opt->ts_needaddr) {
516 optptr[2] -= 4;
517 memset(&optptr[optptr[2]-1], 0, 4);
518 }
519 }
520 }
521
522 static struct ip_options_rcu *ip_options_get_alloc(const int optlen)
523 {
524 return kzalloc(sizeof(struct ip_options_rcu) + ((optlen + 3) & ~3),
525 GFP_KERNEL);
526 }
527
528 static int ip_options_get_finish(struct net *net, struct ip_options_rcu **optp,
529 struct ip_options_rcu *opt, int optlen)
530 {
531 while (optlen & 3)
532 opt->opt.__data[optlen++] = IPOPT_END;
533 opt->opt.optlen = optlen;
534 if (optlen && ip_options_compile(net, &opt->opt, NULL)) {
535 kfree(opt);
536 return -EINVAL;
537 }
538 kfree(*optp);
539 *optp = opt;
540 return 0;
541 }
542
543 int ip_options_get_from_user(struct net *net, struct ip_options_rcu **optp,
544 unsigned char __user *data, int optlen)
545 {
546 struct ip_options_rcu *opt = ip_options_get_alloc(optlen);
547
548 if (!opt)
549 return -ENOMEM;
550 if (optlen && copy_from_user(opt->opt.__data, data, optlen)) {
551 kfree(opt);
552 return -EFAULT;
553 }
554 return ip_options_get_finish(net, optp, opt, optlen);
555 }
556
557 int ip_options_get(struct net *net, struct ip_options_rcu **optp,
558 unsigned char *data, int optlen)
559 {
560 struct ip_options_rcu *opt = ip_options_get_alloc(optlen);
561
562 if (!opt)
563 return -ENOMEM;
564 if (optlen)
565 memcpy(opt->opt.__data, data, optlen);
566 return ip_options_get_finish(net, optp, opt, optlen);
567 }
568
569 void ip_forward_options(struct sk_buff *skb)
570 {
571 struct ip_options *opt = &(IPCB(skb)->opt);
572 unsigned char *optptr;
573 struct rtable *rt = skb_rtable(skb);
574 unsigned char *raw = skb_network_header(skb);
575
576 if (opt->rr_needaddr) {
577 optptr = (unsigned char *)raw + opt->rr;
578 ip_rt_get_source(&optptr[optptr[2]-5], skb, rt);
579 opt->is_changed = 1;
580 }
581 if (opt->srr_is_hit) {
582 int srrptr, srrspace;
583
584 optptr = raw + opt->srr;
585
586 for ( srrptr = optptr[2], srrspace = optptr[1];
587 srrptr <= srrspace;
588 srrptr += 4
589 ) {
590 if (srrptr + 3 > srrspace)
591 break;
592 if (memcmp(&opt->nexthop, &optptr[srrptr-1], 4) == 0)
593 break;
594 }
595 if (srrptr + 3 <= srrspace) {
596 opt->is_changed = 1;
597 ip_hdr(skb)->daddr = opt->nexthop;
598 ip_rt_get_source(&optptr[srrptr-1], skb, rt);
599 optptr[2] = srrptr+4;
600 } else {
601 net_crit_ratelimited("%s(): Argh! Destination lost!\n",
602 __func__);
603 }
604 if (opt->ts_needaddr) {
605 optptr = raw + opt->ts;
606 ip_rt_get_source(&optptr[optptr[2]-9], skb, rt);
607 opt->is_changed = 1;
608 }
609 }
610 if (opt->is_changed) {
611 opt->is_changed = 0;
612 ip_send_check(ip_hdr(skb));
613 }
614 }
615
616 int ip_options_rcv_srr(struct sk_buff *skb, struct net_device *dev)
617 {
618 struct ip_options *opt = &(IPCB(skb)->opt);
619 int srrspace, srrptr;
620 __be32 nexthop;
621 struct iphdr *iph = ip_hdr(skb);
622 unsigned char *optptr = skb_network_header(skb) + opt->srr;
623 struct rtable *rt = skb_rtable(skb);
624 struct rtable *rt2;
625 unsigned long orefdst;
626 int err;
627
628 if (!rt)
629 return 0;
630
631 if (skb->pkt_type != PACKET_HOST)
632 return -EINVAL;
633 if (rt->rt_type == RTN_UNICAST) {
634 if (!opt->is_strictroute)
635 return 0;
636 icmp_send(skb, ICMP_PARAMETERPROB, 0, htonl(16<<24));
637 return -EINVAL;
638 }
639 if (rt->rt_type != RTN_LOCAL)
640 return -EINVAL;
641
642 for (srrptr = optptr[2], srrspace = optptr[1]; srrptr <= srrspace; srrptr += 4) {
643 if (srrptr + 3 > srrspace) {
644 icmp_send(skb, ICMP_PARAMETERPROB, 0, htonl((opt->srr+2)<<24));
645 return -EINVAL;
646 }
647 memcpy(&nexthop, &optptr[srrptr-1], 4);
648
649 orefdst = skb->_skb_refdst;
650 skb_dst_set(skb, NULL);
651 err = ip_route_input(skb, nexthop, iph->saddr, iph->tos, dev);
652 rt2 = skb_rtable(skb);
653 if (err || (rt2->rt_type != RTN_UNICAST && rt2->rt_type != RTN_LOCAL)) {
654 skb_dst_drop(skb);
655 skb->_skb_refdst = orefdst;
656 return -EINVAL;
657 }
658 refdst_drop(orefdst);
659 if (rt2->rt_type != RTN_LOCAL)
660 break;
661 /* Superfast 8) loopback forward */
662 iph->daddr = nexthop;
663 opt->is_changed = 1;
664 }
665 if (srrptr <= srrspace) {
666 opt->srr_is_hit = 1;
667 opt->nexthop = nexthop;
668 opt->is_changed = 1;
669 }
670 return 0;
671 }
672 EXPORT_SYMBOL(ip_options_rcv_srr);
Linux with added FPC-III support