Merge branch 'tj-upstream-fixes' of git://htj.dyndns.org/libata-tj into upstream...
[linux-2.6] / net / ipv4 / ip_sockglue.c
1 /*
2  * INET         An implementation of the TCP/IP protocol suite for the LINUX
3  *              operating system.  INET is implemented using the  BSD Socket
4  *              interface as the means of communication with the user level.
5  *
6  *              The IP to API glue.
7  *              
8  * Version:     $Id: ip_sockglue.c,v 1.62 2002/02/01 22:01:04 davem Exp $
9  *
10  * Authors:     see ip.c
11  *
12  * Fixes:
13  *              Many            :       Split from ip.c , see ip.c for history.
14  *              Martin Mares    :       TOS setting fixed.
15  *              Alan Cox        :       Fixed a couple of oopses in Martin's 
16  *                                      TOS tweaks.
17  *              Mike McLagan    :       Routing by source
18  */
19
20 #include <linux/module.h>
21 #include <linux/types.h>
22 #include <linux/mm.h>
23 #include <linux/sched.h>
24 #include <linux/skbuff.h>
25 #include <linux/ip.h>
26 #include <linux/icmp.h>
27 #include <linux/inetdevice.h>
28 #include <linux/netdevice.h>
29 #include <net/sock.h>
30 #include <net/ip.h>
31 #include <net/icmp.h>
32 #include <net/tcp_states.h>
33 #include <linux/udp.h>
34 #include <linux/igmp.h>
35 #include <linux/netfilter.h>
36 #include <linux/route.h>
37 #include <linux/mroute.h>
38 #include <net/route.h>
39 #include <net/xfrm.h>
40 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
41 #include <net/transp_v6.h>
42 #endif
43
44 #include <linux/errqueue.h>
45 #include <asm/uaccess.h>
46
47 #define IP_CMSG_PKTINFO         1
48 #define IP_CMSG_TTL             2
49 #define IP_CMSG_TOS             4
50 #define IP_CMSG_RECVOPTS        8
51 #define IP_CMSG_RETOPTS         16
52 #define IP_CMSG_PASSSEC         32
53
54 /*
55  *      SOL_IP control messages.
56  */
57
58 static void ip_cmsg_recv_pktinfo(struct msghdr *msg, struct sk_buff *skb)
59 {
60         struct in_pktinfo info;
61         struct rtable *rt = (struct rtable *)skb->dst;
62
63         info.ipi_addr.s_addr = skb->nh.iph->daddr;
64         if (rt) {
65                 info.ipi_ifindex = rt->rt_iif;
66                 info.ipi_spec_dst.s_addr = rt->rt_spec_dst;
67         } else {
68                 info.ipi_ifindex = 0;
69                 info.ipi_spec_dst.s_addr = 0;
70         }
71
72         put_cmsg(msg, SOL_IP, IP_PKTINFO, sizeof(info), &info);
73 }
74
75 static void ip_cmsg_recv_ttl(struct msghdr *msg, struct sk_buff *skb)
76 {
77         int ttl = skb->nh.iph->ttl;
78         put_cmsg(msg, SOL_IP, IP_TTL, sizeof(int), &ttl);
79 }
80
81 static void ip_cmsg_recv_tos(struct msghdr *msg, struct sk_buff *skb)
82 {
83         put_cmsg(msg, SOL_IP, IP_TOS, 1, &skb->nh.iph->tos);
84 }
85
86 static void ip_cmsg_recv_opts(struct msghdr *msg, struct sk_buff *skb)
87 {
88         if (IPCB(skb)->opt.optlen == 0)
89                 return;
90
91         put_cmsg(msg, SOL_IP, IP_RECVOPTS, IPCB(skb)->opt.optlen, skb->nh.iph+1);
92 }
93
94
95 static void ip_cmsg_recv_retopts(struct msghdr *msg, struct sk_buff *skb)
96 {
97         unsigned char optbuf[sizeof(struct ip_options) + 40];
98         struct ip_options * opt = (struct ip_options*)optbuf;
99
100         if (IPCB(skb)->opt.optlen == 0)
101                 return;
102
103         if (ip_options_echo(opt, skb)) {
104                 msg->msg_flags |= MSG_CTRUNC;
105                 return;
106         }
107         ip_options_undo(opt);
108
109         put_cmsg(msg, SOL_IP, IP_RETOPTS, opt->optlen, opt->__data);
110 }
111
112 static void ip_cmsg_recv_security(struct msghdr *msg, struct sk_buff *skb)
113 {
114         char *secdata;
115         u32 seclen, secid;
116         int err;
117
118         err = security_socket_getpeersec_dgram(NULL, skb, &secid);
119         if (err)
120                 return;
121
122         err = security_secid_to_secctx(secid, &secdata, &seclen);
123         if (err)
124                 return;
125
126         put_cmsg(msg, SOL_IP, SCM_SECURITY, seclen, secdata);
127         security_release_secctx(secdata, seclen);
128 }
129
130
131 void ip_cmsg_recv(struct msghdr *msg, struct sk_buff *skb)
132 {
133         struct inet_sock *inet = inet_sk(skb->sk);
134         unsigned flags = inet->cmsg_flags;
135
136         /* Ordered by supposed usage frequency */
137         if (flags & 1)
138                 ip_cmsg_recv_pktinfo(msg, skb);
139         if ((flags>>=1) == 0)
140                 return;
141
142         if (flags & 1)
143                 ip_cmsg_recv_ttl(msg, skb);
144         if ((flags>>=1) == 0)
145                 return;
146
147         if (flags & 1)
148                 ip_cmsg_recv_tos(msg, skb);
149         if ((flags>>=1) == 0)
150                 return;
151
152         if (flags & 1)
153                 ip_cmsg_recv_opts(msg, skb);
154         if ((flags>>=1) == 0)
155                 return;
156
157         if (flags & 1)
158                 ip_cmsg_recv_retopts(msg, skb);
159         if ((flags>>=1) == 0)
160                 return;
161
162         if (flags & 1)
163                 ip_cmsg_recv_security(msg, skb);
164 }
165
166 int ip_cmsg_send(struct msghdr *msg, struct ipcm_cookie *ipc)
167 {
168         int err;
169         struct cmsghdr *cmsg;
170
171         for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) {
172                 if (!CMSG_OK(msg, cmsg))
173                         return -EINVAL;
174                 if (cmsg->cmsg_level != SOL_IP)
175                         continue;
176                 switch (cmsg->cmsg_type) {
177                 case IP_RETOPTS:
178                         err = cmsg->cmsg_len - CMSG_ALIGN(sizeof(struct cmsghdr));
179                         err = ip_options_get(&ipc->opt, CMSG_DATA(cmsg), err < 40 ? err : 40);
180                         if (err)
181                                 return err;
182                         break;
183                 case IP_PKTINFO:
184                 {
185                         struct in_pktinfo *info;
186                         if (cmsg->cmsg_len != CMSG_LEN(sizeof(struct in_pktinfo)))
187                                 return -EINVAL;
188                         info = (struct in_pktinfo *)CMSG_DATA(cmsg);
189                         ipc->oif = info->ipi_ifindex;
190                         ipc->addr = info->ipi_spec_dst.s_addr;
191                         break;
192                 }
193                 default:
194                         return -EINVAL;
195                 }
196         }
197         return 0;
198 }
199
200
201 /* Special input handler for packets caught by router alert option.
202    They are selected only by protocol field, and then processed likely
203    local ones; but only if someone wants them! Otherwise, router
204    not running rsvpd will kill RSVP.
205
206    It is user level problem, what it will make with them.
207    I have no idea, how it will masquearde or NAT them (it is joke, joke :-)),
208    but receiver should be enough clever f.e. to forward mtrace requests,
209    sent to multicast group to reach destination designated router.
210  */
211 struct ip_ra_chain *ip_ra_chain;
212 DEFINE_RWLOCK(ip_ra_lock);
213
214 int ip_ra_control(struct sock *sk, unsigned char on, void (*destructor)(struct sock *))
215 {
216         struct ip_ra_chain *ra, *new_ra, **rap;
217
218         if (sk->sk_type != SOCK_RAW || inet_sk(sk)->num == IPPROTO_RAW)
219                 return -EINVAL;
220
221         new_ra = on ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL;
222
223         write_lock_bh(&ip_ra_lock);
224         for (rap = &ip_ra_chain; (ra=*rap) != NULL; rap = &ra->next) {
225                 if (ra->sk == sk) {
226                         if (on) {
227                                 write_unlock_bh(&ip_ra_lock);
228                                 kfree(new_ra);
229                                 return -EADDRINUSE;
230                         }
231                         *rap = ra->next;
232                         write_unlock_bh(&ip_ra_lock);
233
234                         if (ra->destructor)
235                                 ra->destructor(sk);
236                         sock_put(sk);
237                         kfree(ra);
238                         return 0;
239                 }
240         }
241         if (new_ra == NULL) {
242                 write_unlock_bh(&ip_ra_lock);
243                 return -ENOBUFS;
244         }
245         new_ra->sk = sk;
246         new_ra->destructor = destructor;
247
248         new_ra->next = ra;
249         *rap = new_ra;
250         sock_hold(sk);
251         write_unlock_bh(&ip_ra_lock);
252
253         return 0;
254 }
255
256 void ip_icmp_error(struct sock *sk, struct sk_buff *skb, int err, 
257                    u16 port, u32 info, u8 *payload)
258 {
259         struct inet_sock *inet = inet_sk(sk);
260         struct sock_exterr_skb *serr;
261
262         if (!inet->recverr)
263                 return;
264
265         skb = skb_clone(skb, GFP_ATOMIC);
266         if (!skb)
267                 return;
268
269         serr = SKB_EXT_ERR(skb);  
270         serr->ee.ee_errno = err;
271         serr->ee.ee_origin = SO_EE_ORIGIN_ICMP;
272         serr->ee.ee_type = skb->h.icmph->type; 
273         serr->ee.ee_code = skb->h.icmph->code;
274         serr->ee.ee_pad = 0;
275         serr->ee.ee_info = info;
276         serr->ee.ee_data = 0;
277         serr->addr_offset = (u8*)&(((struct iphdr*)(skb->h.icmph+1))->daddr) - skb->nh.raw;
278         serr->port = port;
279
280         skb->h.raw = payload;
281         if (!skb_pull(skb, payload - skb->data) ||
282             sock_queue_err_skb(sk, skb))
283                 kfree_skb(skb);
284 }
285
286 void ip_local_error(struct sock *sk, int err, u32 daddr, u16 port, u32 info)
287 {
288         struct inet_sock *inet = inet_sk(sk);
289         struct sock_exterr_skb *serr;
290         struct iphdr *iph;
291         struct sk_buff *skb;
292
293         if (!inet->recverr)
294                 return;
295
296         skb = alloc_skb(sizeof(struct iphdr), GFP_ATOMIC);
297         if (!skb)
298                 return;
299
300         iph = (struct iphdr*)skb_put(skb, sizeof(struct iphdr));
301         skb->nh.iph = iph;
302         iph->daddr = daddr;
303
304         serr = SKB_EXT_ERR(skb);  
305         serr->ee.ee_errno = err;
306         serr->ee.ee_origin = SO_EE_ORIGIN_LOCAL;
307         serr->ee.ee_type = 0; 
308         serr->ee.ee_code = 0;
309         serr->ee.ee_pad = 0;
310         serr->ee.ee_info = info;
311         serr->ee.ee_data = 0;
312         serr->addr_offset = (u8*)&iph->daddr - skb->nh.raw;
313         serr->port = port;
314
315         skb->h.raw = skb->tail;
316         __skb_pull(skb, skb->tail - skb->data);
317
318         if (sock_queue_err_skb(sk, skb))
319                 kfree_skb(skb);
320 }
321
322 /* 
323  *      Handle MSG_ERRQUEUE
324  */
325 int ip_recv_error(struct sock *sk, struct msghdr *msg, int len)
326 {
327         struct sock_exterr_skb *serr;
328         struct sk_buff *skb, *skb2;
329         struct sockaddr_in *sin;
330         struct {
331                 struct sock_extended_err ee;
332                 struct sockaddr_in       offender;
333         } errhdr;
334         int err;
335         int copied;
336
337         err = -EAGAIN;
338         skb = skb_dequeue(&sk->sk_error_queue);
339         if (skb == NULL)
340                 goto out;
341
342         copied = skb->len;
343         if (copied > len) {
344                 msg->msg_flags |= MSG_TRUNC;
345                 copied = len;
346         }
347         err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
348         if (err)
349                 goto out_free_skb;
350
351         sock_recv_timestamp(msg, sk, skb);
352
353         serr = SKB_EXT_ERR(skb);
354
355         sin = (struct sockaddr_in *)msg->msg_name;
356         if (sin) {
357                 sin->sin_family = AF_INET;
358                 sin->sin_addr.s_addr = *(u32*)(skb->nh.raw + serr->addr_offset);
359                 sin->sin_port = serr->port;
360                 memset(&sin->sin_zero, 0, sizeof(sin->sin_zero));
361         }
362
363         memcpy(&errhdr.ee, &serr->ee, sizeof(struct sock_extended_err));
364         sin = &errhdr.offender;
365         sin->sin_family = AF_UNSPEC;
366         if (serr->ee.ee_origin == SO_EE_ORIGIN_ICMP) {
367                 struct inet_sock *inet = inet_sk(sk);
368
369                 sin->sin_family = AF_INET;
370                 sin->sin_addr.s_addr = skb->nh.iph->saddr;
371                 sin->sin_port = 0;
372                 memset(&sin->sin_zero, 0, sizeof(sin->sin_zero));
373                 if (inet->cmsg_flags)
374                         ip_cmsg_recv(msg, skb);
375         }
376
377         put_cmsg(msg, SOL_IP, IP_RECVERR, sizeof(errhdr), &errhdr);
378
379         /* Now we could try to dump offended packet options */
380
381         msg->msg_flags |= MSG_ERRQUEUE;
382         err = copied;
383
384         /* Reset and regenerate socket error */
385         spin_lock_bh(&sk->sk_error_queue.lock);
386         sk->sk_err = 0;
387         if ((skb2 = skb_peek(&sk->sk_error_queue)) != NULL) {
388                 sk->sk_err = SKB_EXT_ERR(skb2)->ee.ee_errno;
389                 spin_unlock_bh(&sk->sk_error_queue.lock);
390                 sk->sk_error_report(sk);
391         } else
392                 spin_unlock_bh(&sk->sk_error_queue.lock);
393
394 out_free_skb:   
395         kfree_skb(skb);
396 out:
397         return err;
398 }
399
400
401 /*
402  *      Socket option code for IP. This is the end of the line after any TCP,UDP etc options on
403  *      an IP socket.
404  */
405
406 static int do_ip_setsockopt(struct sock *sk, int level,
407                 int optname, char __user *optval, int optlen)
408 {
409         struct inet_sock *inet = inet_sk(sk);
410         int val=0,err;
411
412         if (((1<<optname) & ((1<<IP_PKTINFO) | (1<<IP_RECVTTL) | 
413                             (1<<IP_RECVOPTS) | (1<<IP_RECVTOS) | 
414                             (1<<IP_RETOPTS) | (1<<IP_TOS) | 
415                             (1<<IP_TTL) | (1<<IP_HDRINCL) | 
416                             (1<<IP_MTU_DISCOVER) | (1<<IP_RECVERR) | 
417                             (1<<IP_ROUTER_ALERT) | (1<<IP_FREEBIND) |
418                             (1<<IP_PASSSEC))) ||
419                                 optname == IP_MULTICAST_TTL || 
420                                 optname == IP_MULTICAST_LOOP) { 
421                 if (optlen >= sizeof(int)) {
422                         if (get_user(val, (int __user *) optval))
423                                 return -EFAULT;
424                 } else if (optlen >= sizeof(char)) {
425                         unsigned char ucval;
426
427                         if (get_user(ucval, (unsigned char __user *) optval))
428                                 return -EFAULT;
429                         val = (int) ucval;
430                 }
431         }
432
433         /* If optlen==0, it is equivalent to val == 0 */
434
435 #ifdef CONFIG_IP_MROUTE
436         if (optname >= MRT_BASE && optname <= (MRT_BASE + 10))
437                 return ip_mroute_setsockopt(sk,optname,optval,optlen);
438 #endif
439
440         err = 0;
441         lock_sock(sk);
442
443         switch (optname) {
444                 case IP_OPTIONS:
445                 {
446                         struct ip_options * opt = NULL;
447                         if (optlen > 40 || optlen < 0)
448                                 goto e_inval;
449                         err = ip_options_get_from_user(&opt, optval, optlen);
450                         if (err)
451                                 break;
452                         if (inet->is_icsk) {
453                                 struct inet_connection_sock *icsk = inet_csk(sk);
454 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
455                                 if (sk->sk_family == PF_INET ||
456                                     (!((1 << sk->sk_state) &
457                                        (TCPF_LISTEN | TCPF_CLOSE)) &&
458                                      inet->daddr != LOOPBACK4_IPV6)) {
459 #endif
460                                         if (inet->opt)
461                                                 icsk->icsk_ext_hdr_len -= inet->opt->optlen;
462                                         if (opt)
463                                                 icsk->icsk_ext_hdr_len += opt->optlen;
464                                         icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie);
465 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
466                                 }
467 #endif
468                         }
469                         opt = xchg(&inet->opt, opt);
470                         kfree(opt);
471                         break;
472                 }
473                 case IP_PKTINFO:
474                         if (val)
475                                 inet->cmsg_flags |= IP_CMSG_PKTINFO;
476                         else
477                                 inet->cmsg_flags &= ~IP_CMSG_PKTINFO;
478                         break;
479                 case IP_RECVTTL:
480                         if (val)
481                                 inet->cmsg_flags |=  IP_CMSG_TTL;
482                         else
483                                 inet->cmsg_flags &= ~IP_CMSG_TTL;
484                         break;
485                 case IP_RECVTOS:
486                         if (val)
487                                 inet->cmsg_flags |=  IP_CMSG_TOS;
488                         else
489                                 inet->cmsg_flags &= ~IP_CMSG_TOS;
490                         break;
491                 case IP_RECVOPTS:
492                         if (val)
493                                 inet->cmsg_flags |=  IP_CMSG_RECVOPTS;
494                         else
495                                 inet->cmsg_flags &= ~IP_CMSG_RECVOPTS;
496                         break;
497                 case IP_RETOPTS:
498                         if (val)
499                                 inet->cmsg_flags |= IP_CMSG_RETOPTS;
500                         else
501                                 inet->cmsg_flags &= ~IP_CMSG_RETOPTS;
502                         break;
503                 case IP_PASSSEC:
504                         if (val)
505                                 inet->cmsg_flags |= IP_CMSG_PASSSEC;
506                         else
507                                 inet->cmsg_flags &= ~IP_CMSG_PASSSEC;
508                         break;
509                 case IP_TOS:    /* This sets both TOS and Precedence */
510                         if (sk->sk_type == SOCK_STREAM) {
511                                 val &= ~3;
512                                 val |= inet->tos & 3;
513                         }
514                         if (IPTOS_PREC(val) >= IPTOS_PREC_CRITIC_ECP && 
515                             !capable(CAP_NET_ADMIN)) {
516                                 err = -EPERM;
517                                 break;
518                         }
519                         if (inet->tos != val) {
520                                 inet->tos = val;
521                                 sk->sk_priority = rt_tos2priority(val);
522                                 sk_dst_reset(sk); 
523                         }
524                         break;
525                 case IP_TTL:
526                         if (optlen<1)
527                                 goto e_inval;
528                         if (val != -1 && (val < 1 || val>255))
529                                 goto e_inval;
530                         inet->uc_ttl = val;
531                         break;
532                 case IP_HDRINCL:
533                         if (sk->sk_type != SOCK_RAW) {
534                                 err = -ENOPROTOOPT;
535                                 break;
536                         }
537                         inet->hdrincl = val ? 1 : 0;
538                         break;
539                 case IP_MTU_DISCOVER:
540                         if (val<0 || val>2)
541                                 goto e_inval;
542                         inet->pmtudisc = val;
543                         break;
544                 case IP_RECVERR:
545                         inet->recverr = !!val;
546                         if (!val)
547                                 skb_queue_purge(&sk->sk_error_queue);
548                         break;
549                 case IP_MULTICAST_TTL:
550                         if (sk->sk_type == SOCK_STREAM)
551                                 goto e_inval;
552                         if (optlen<1)
553                                 goto e_inval;
554                         if (val==-1)
555                                 val = 1;
556                         if (val < 0 || val > 255)
557                                 goto e_inval;
558                         inet->mc_ttl = val;
559                         break;
560                 case IP_MULTICAST_LOOP: 
561                         if (optlen<1)
562                                 goto e_inval;
563                         inet->mc_loop = !!val;
564                         break;
565                 case IP_MULTICAST_IF: 
566                 {
567                         struct ip_mreqn mreq;
568                         struct net_device *dev = NULL;
569
570                         if (sk->sk_type == SOCK_STREAM)
571                                 goto e_inval;
572                         /*
573                          *      Check the arguments are allowable
574                          */
575
576                         err = -EFAULT;
577                         if (optlen >= sizeof(struct ip_mreqn)) {
578                                 if (copy_from_user(&mreq,optval,sizeof(mreq)))
579                                         break;
580                         } else {
581                                 memset(&mreq, 0, sizeof(mreq));
582                                 if (optlen >= sizeof(struct in_addr) &&
583                                     copy_from_user(&mreq.imr_address,optval,sizeof(struct in_addr)))
584                                         break;
585                         }
586
587                         if (!mreq.imr_ifindex) {
588                                 if (mreq.imr_address.s_addr == INADDR_ANY) {
589                                         inet->mc_index = 0;
590                                         inet->mc_addr  = 0;
591                                         err = 0;
592                                         break;
593                                 }
594                                 dev = ip_dev_find(mreq.imr_address.s_addr);
595                                 if (dev) {
596                                         mreq.imr_ifindex = dev->ifindex;
597                                         dev_put(dev);
598                                 }
599                         } else
600                                 dev = __dev_get_by_index(mreq.imr_ifindex);
601
602
603                         err = -EADDRNOTAVAIL;
604                         if (!dev)
605                                 break;
606
607                         err = -EINVAL;
608                         if (sk->sk_bound_dev_if &&
609                             mreq.imr_ifindex != sk->sk_bound_dev_if)
610                                 break;
611
612                         inet->mc_index = mreq.imr_ifindex;
613                         inet->mc_addr  = mreq.imr_address.s_addr;
614                         err = 0;
615                         break;
616                 }
617
618                 case IP_ADD_MEMBERSHIP:
619                 case IP_DROP_MEMBERSHIP: 
620                 {
621                         struct ip_mreqn mreq;
622
623                         if (optlen < sizeof(struct ip_mreq))
624                                 goto e_inval;
625                         err = -EFAULT;
626                         if (optlen >= sizeof(struct ip_mreqn)) {
627                                 if(copy_from_user(&mreq,optval,sizeof(mreq)))
628                                         break;
629                         } else {
630                                 memset(&mreq, 0, sizeof(mreq));
631                                 if (copy_from_user(&mreq,optval,sizeof(struct ip_mreq)))
632                                         break; 
633                         }
634
635                         if (optname == IP_ADD_MEMBERSHIP)
636                                 err = ip_mc_join_group(sk, &mreq);
637                         else
638                                 err = ip_mc_leave_group(sk, &mreq);
639                         break;
640                 }
641                 case IP_MSFILTER:
642                 {
643                         extern int sysctl_igmp_max_msf;
644                         struct ip_msfilter *msf;
645
646                         if (optlen < IP_MSFILTER_SIZE(0))
647                                 goto e_inval;
648                         if (optlen > sysctl_optmem_max) {
649                                 err = -ENOBUFS;
650                                 break;
651                         }
652                         msf = kmalloc(optlen, GFP_KERNEL);
653                         if (msf == 0) {
654                                 err = -ENOBUFS;
655                                 break;
656                         }
657                         err = -EFAULT;
658                         if (copy_from_user(msf, optval, optlen)) {
659                                 kfree(msf);
660                                 break;
661                         }
662                         /* numsrc >= (1G-4) overflow in 32 bits */
663                         if (msf->imsf_numsrc >= 0x3ffffffcU ||
664                             msf->imsf_numsrc > sysctl_igmp_max_msf) {
665                                 kfree(msf);
666                                 err = -ENOBUFS;
667                                 break;
668                         }
669                         if (IP_MSFILTER_SIZE(msf->imsf_numsrc) > optlen) {
670                                 kfree(msf);
671                                 err = -EINVAL;
672                                 break;
673                         }
674                         err = ip_mc_msfilter(sk, msf, 0);
675                         kfree(msf);
676                         break;
677                 }
678                 case IP_BLOCK_SOURCE:
679                 case IP_UNBLOCK_SOURCE:
680                 case IP_ADD_SOURCE_MEMBERSHIP:
681                 case IP_DROP_SOURCE_MEMBERSHIP:
682                 {
683                         struct ip_mreq_source mreqs;
684                         int omode, add;
685
686                         if (optlen != sizeof(struct ip_mreq_source))
687                                 goto e_inval;
688                         if (copy_from_user(&mreqs, optval, sizeof(mreqs))) {
689                                 err = -EFAULT;
690                                 break;
691                         }
692                         if (optname == IP_BLOCK_SOURCE) {
693                                 omode = MCAST_EXCLUDE;
694                                 add = 1;
695                         } else if (optname == IP_UNBLOCK_SOURCE) {
696                                 omode = MCAST_EXCLUDE;
697                                 add = 0;
698                         } else if (optname == IP_ADD_SOURCE_MEMBERSHIP) {
699                                 struct ip_mreqn mreq;
700
701                                 mreq.imr_multiaddr.s_addr = mreqs.imr_multiaddr;
702                                 mreq.imr_address.s_addr = mreqs.imr_interface;
703                                 mreq.imr_ifindex = 0;
704                                 err = ip_mc_join_group(sk, &mreq);
705                                 if (err && err != -EADDRINUSE)
706                                         break;
707                                 omode = MCAST_INCLUDE;
708                                 add = 1;
709                         } else /* IP_DROP_SOURCE_MEMBERSHIP */ {
710                                 omode = MCAST_INCLUDE;
711                                 add = 0;
712                         }
713                         err = ip_mc_source(add, omode, sk, &mreqs, 0);
714                         break;
715                 }
716                 case MCAST_JOIN_GROUP:
717                 case MCAST_LEAVE_GROUP: 
718                 {
719                         struct group_req greq;
720                         struct sockaddr_in *psin;
721                         struct ip_mreqn mreq;
722
723                         if (optlen < sizeof(struct group_req))
724                                 goto e_inval;
725                         err = -EFAULT;
726                         if(copy_from_user(&greq, optval, sizeof(greq)))
727                                 break;
728                         psin = (struct sockaddr_in *)&greq.gr_group;
729                         if (psin->sin_family != AF_INET)
730                                 goto e_inval;
731                         memset(&mreq, 0, sizeof(mreq));
732                         mreq.imr_multiaddr = psin->sin_addr;
733                         mreq.imr_ifindex = greq.gr_interface;
734
735                         if (optname == MCAST_JOIN_GROUP)
736                                 err = ip_mc_join_group(sk, &mreq);
737                         else
738                                 err = ip_mc_leave_group(sk, &mreq);
739                         break;
740                 }
741                 case MCAST_JOIN_SOURCE_GROUP:
742                 case MCAST_LEAVE_SOURCE_GROUP:
743                 case MCAST_BLOCK_SOURCE:
744                 case MCAST_UNBLOCK_SOURCE:
745                 {
746                         struct group_source_req greqs;
747                         struct ip_mreq_source mreqs;
748                         struct sockaddr_in *psin;
749                         int omode, add;
750
751                         if (optlen != sizeof(struct group_source_req))
752                                 goto e_inval;
753                         if (copy_from_user(&greqs, optval, sizeof(greqs))) {
754                                 err = -EFAULT;
755                                 break;
756                         }
757                         if (greqs.gsr_group.ss_family != AF_INET ||
758                             greqs.gsr_source.ss_family != AF_INET) {
759                                 err = -EADDRNOTAVAIL;
760                                 break;
761                         }
762                         psin = (struct sockaddr_in *)&greqs.gsr_group;
763                         mreqs.imr_multiaddr = psin->sin_addr.s_addr;
764                         psin = (struct sockaddr_in *)&greqs.gsr_source;
765                         mreqs.imr_sourceaddr = psin->sin_addr.s_addr;
766                         mreqs.imr_interface = 0; /* use index for mc_source */
767
768                         if (optname == MCAST_BLOCK_SOURCE) {
769                                 omode = MCAST_EXCLUDE;
770                                 add = 1;
771                         } else if (optname == MCAST_UNBLOCK_SOURCE) {
772                                 omode = MCAST_EXCLUDE;
773                                 add = 0;
774                         } else if (optname == MCAST_JOIN_SOURCE_GROUP) {
775                                 struct ip_mreqn mreq;
776
777                                 psin = (struct sockaddr_in *)&greqs.gsr_group;
778                                 mreq.imr_multiaddr = psin->sin_addr;
779                                 mreq.imr_address.s_addr = 0;
780                                 mreq.imr_ifindex = greqs.gsr_interface;
781                                 err = ip_mc_join_group(sk, &mreq);
782                                 if (err && err != -EADDRINUSE)
783                                         break;
784                                 greqs.gsr_interface = mreq.imr_ifindex;
785                                 omode = MCAST_INCLUDE;
786                                 add = 1;
787                         } else /* MCAST_LEAVE_SOURCE_GROUP */ {
788                                 omode = MCAST_INCLUDE;
789                                 add = 0;
790                         }
791                         err = ip_mc_source(add, omode, sk, &mreqs,
792                                 greqs.gsr_interface);
793                         break;
794                 }
795                 case MCAST_MSFILTER:
796                 {
797                         extern int sysctl_igmp_max_msf;
798                         struct sockaddr_in *psin;
799                         struct ip_msfilter *msf = NULL;
800                         struct group_filter *gsf = NULL;
801                         int msize, i, ifindex;
802
803                         if (optlen < GROUP_FILTER_SIZE(0))
804                                 goto e_inval;
805                         if (optlen > sysctl_optmem_max) {
806                                 err = -ENOBUFS;
807                                 break;
808                         }
809                         gsf = kmalloc(optlen,GFP_KERNEL);
810                         if (gsf == 0) {
811                                 err = -ENOBUFS;
812                                 break;
813                         }
814                         err = -EFAULT;
815                         if (copy_from_user(gsf, optval, optlen)) {
816                                 goto mc_msf_out;
817                         }
818                         /* numsrc >= (4G-140)/128 overflow in 32 bits */
819                         if (gsf->gf_numsrc >= 0x1ffffff ||
820                             gsf->gf_numsrc > sysctl_igmp_max_msf) {
821                                 err = -ENOBUFS;
822                                 goto mc_msf_out;
823                         }
824                         if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) {
825                                 err = -EINVAL;
826                                 goto mc_msf_out;
827                         }
828                         msize = IP_MSFILTER_SIZE(gsf->gf_numsrc);
829                         msf = kmalloc(msize,GFP_KERNEL);
830                         if (msf == 0) {
831                                 err = -ENOBUFS;
832                                 goto mc_msf_out;
833                         }
834                         ifindex = gsf->gf_interface;
835                         psin = (struct sockaddr_in *)&gsf->gf_group;
836                         if (psin->sin_family != AF_INET) {
837                                 err = -EADDRNOTAVAIL;
838                                 goto mc_msf_out;
839                         }
840                         msf->imsf_multiaddr = psin->sin_addr.s_addr;
841                         msf->imsf_interface = 0;
842                         msf->imsf_fmode = gsf->gf_fmode;
843                         msf->imsf_numsrc = gsf->gf_numsrc;
844                         err = -EADDRNOTAVAIL;
845                         for (i=0; i<gsf->gf_numsrc; ++i) {
846                                 psin = (struct sockaddr_in *)&gsf->gf_slist[i];
847
848                                 if (psin->sin_family != AF_INET)
849                                         goto mc_msf_out;
850                                 msf->imsf_slist[i] = psin->sin_addr.s_addr;
851                         }
852                         kfree(gsf);
853                         gsf = NULL;
854
855                         err = ip_mc_msfilter(sk, msf, ifindex);
856 mc_msf_out:
857                         kfree(msf);
858                         kfree(gsf);
859                         break;
860                 }
861                 case IP_ROUTER_ALERT:   
862                         err = ip_ra_control(sk, val ? 1 : 0, NULL);
863                         break;
864
865                 case IP_FREEBIND:
866                         if (optlen<1)
867                                 goto e_inval;
868                         inet->freebind = !!val; 
869                         break;                  
870  
871                 case IP_IPSEC_POLICY:
872                 case IP_XFRM_POLICY:
873                         err = -EPERM;
874                         if (!capable(CAP_NET_ADMIN))
875                                 break;
876                         err = xfrm_user_policy(sk, optname, optval, optlen);
877                         break;
878
879                 default:
880                         err = -ENOPROTOOPT;
881                         break;
882         }
883         release_sock(sk);
884         return err;
885
886 e_inval:
887         release_sock(sk);
888         return -EINVAL;
889 }
890
891 int ip_setsockopt(struct sock *sk, int level,
892                 int optname, char __user *optval, int optlen)
893 {
894         int err;
895
896         if (level != SOL_IP)
897                 return -ENOPROTOOPT;
898
899         err = do_ip_setsockopt(sk, level, optname, optval, optlen);
900 #ifdef CONFIG_NETFILTER
901         /* we need to exclude all possible ENOPROTOOPTs except default case */
902         if (err == -ENOPROTOOPT && optname != IP_HDRINCL &&
903                 optname != IP_IPSEC_POLICY && optname != IP_XFRM_POLICY
904 #ifdef CONFIG_IP_MROUTE
905                 && (optname < MRT_BASE || optname > (MRT_BASE + 10))
906 #endif
907            ) {
908                 lock_sock(sk);
909                 err = nf_setsockopt(sk, PF_INET, optname, optval, optlen);
910                 release_sock(sk);
911         }
912 #endif
913         return err;
914 }
915
916 #ifdef CONFIG_COMPAT
917 int compat_ip_setsockopt(struct sock *sk, int level, int optname,
918                          char __user *optval, int optlen)
919 {
920         int err;
921
922         if (level != SOL_IP)
923                 return -ENOPROTOOPT;
924
925         err = do_ip_setsockopt(sk, level, optname, optval, optlen);
926 #ifdef CONFIG_NETFILTER
927         /* we need to exclude all possible ENOPROTOOPTs except default case */
928         if (err == -ENOPROTOOPT && optname != IP_HDRINCL &&
929             optname != IP_IPSEC_POLICY && optname != IP_XFRM_POLICY
930 #ifdef CONFIG_IP_MROUTE
931             && (optname < MRT_BASE || optname > (MRT_BASE + 10))
932 #endif
933            ) {
934                 lock_sock(sk);
935                 err = compat_nf_setsockopt(sk, PF_INET, optname,
936                                            optval, optlen);
937                 release_sock(sk);
938         }
939 #endif
940         return err;
941 }
942
943 EXPORT_SYMBOL(compat_ip_setsockopt);
944 #endif
945
946 /*
947  *      Get the options. Note for future reference. The GET of IP options gets the
948  *      _received_ ones. The set sets the _sent_ ones.
949  */
950
951 static int do_ip_getsockopt(struct sock *sk, int level, int optname,
952                 char __user *optval, int __user *optlen)
953 {
954         struct inet_sock *inet = inet_sk(sk);
955         int val;
956         int len;
957         
958         if(level!=SOL_IP)
959                 return -EOPNOTSUPP;
960
961 #ifdef CONFIG_IP_MROUTE
962         if(optname>=MRT_BASE && optname <=MRT_BASE+10)
963         {
964                 return ip_mroute_getsockopt(sk,optname,optval,optlen);
965         }
966 #endif
967
968         if(get_user(len,optlen))
969                 return -EFAULT;
970         if(len < 0)
971                 return -EINVAL;
972                 
973         lock_sock(sk);
974
975         switch(optname) {
976                 case IP_OPTIONS:
977                         {
978                                 unsigned char optbuf[sizeof(struct ip_options)+40];
979                                 struct ip_options * opt = (struct ip_options*)optbuf;
980                                 opt->optlen = 0;
981                                 if (inet->opt)
982                                         memcpy(optbuf, inet->opt,
983                                                sizeof(struct ip_options)+
984                                                inet->opt->optlen);
985                                 release_sock(sk);
986
987                                 if (opt->optlen == 0) 
988                                         return put_user(0, optlen);
989
990                                 ip_options_undo(opt);
991
992                                 len = min_t(unsigned int, len, opt->optlen);
993                                 if(put_user(len, optlen))
994                                         return -EFAULT;
995                                 if(copy_to_user(optval, opt->__data, len))
996                                         return -EFAULT;
997                                 return 0;
998                         }
999                 case IP_PKTINFO:
1000                         val = (inet->cmsg_flags & IP_CMSG_PKTINFO) != 0;
1001                         break;
1002                 case IP_RECVTTL:
1003                         val = (inet->cmsg_flags & IP_CMSG_TTL) != 0;
1004                         break;
1005                 case IP_RECVTOS:
1006                         val = (inet->cmsg_flags & IP_CMSG_TOS) != 0;
1007                         break;
1008                 case IP_RECVOPTS:
1009                         val = (inet->cmsg_flags & IP_CMSG_RECVOPTS) != 0;
1010                         break;
1011                 case IP_RETOPTS:
1012                         val = (inet->cmsg_flags & IP_CMSG_RETOPTS) != 0;
1013                         break;
1014                 case IP_PASSSEC:
1015                         val = (inet->cmsg_flags & IP_CMSG_PASSSEC) != 0;
1016                         break;
1017                 case IP_TOS:
1018                         val = inet->tos;
1019                         break;
1020                 case IP_TTL:
1021                         val = (inet->uc_ttl == -1 ?
1022                                sysctl_ip_default_ttl :
1023                                inet->uc_ttl);
1024                         break;
1025                 case IP_HDRINCL:
1026                         val = inet->hdrincl;
1027                         break;
1028                 case IP_MTU_DISCOVER:
1029                         val = inet->pmtudisc;
1030                         break;
1031                 case IP_MTU:
1032                 {
1033                         struct dst_entry *dst;
1034                         val = 0;
1035                         dst = sk_dst_get(sk);
1036                         if (dst) {
1037                                 val = dst_mtu(dst);
1038                                 dst_release(dst);
1039                         }
1040                         if (!val) {
1041                                 release_sock(sk);
1042                                 return -ENOTCONN;
1043                         }
1044                         break;
1045                 }
1046                 case IP_RECVERR:
1047                         val = inet->recverr;
1048                         break;
1049                 case IP_MULTICAST_TTL:
1050                         val = inet->mc_ttl;
1051                         break;
1052                 case IP_MULTICAST_LOOP:
1053                         val = inet->mc_loop;
1054                         break;
1055                 case IP_MULTICAST_IF:
1056                 {
1057                         struct in_addr addr;
1058                         len = min_t(unsigned int, len, sizeof(struct in_addr));
1059                         addr.s_addr = inet->mc_addr;
1060                         release_sock(sk);
1061
1062                         if(put_user(len, optlen))
1063                                 return -EFAULT;
1064                         if(copy_to_user(optval, &addr, len))
1065                                 return -EFAULT;
1066                         return 0;
1067                 }
1068                 case IP_MSFILTER:
1069                 {
1070                         struct ip_msfilter msf;
1071                         int err;
1072
1073                         if (len < IP_MSFILTER_SIZE(0)) {
1074                                 release_sock(sk);
1075                                 return -EINVAL;
1076                         }
1077                         if (copy_from_user(&msf, optval, IP_MSFILTER_SIZE(0))) {
1078                                 release_sock(sk);
1079                                 return -EFAULT;
1080                         }
1081                         err = ip_mc_msfget(sk, &msf,
1082                                 (struct ip_msfilter __user *)optval, optlen);
1083                         release_sock(sk);
1084                         return err;
1085                 }
1086                 case MCAST_MSFILTER:
1087                 {
1088                         struct group_filter gsf;
1089                         int err;
1090
1091                         if (len < GROUP_FILTER_SIZE(0)) {
1092                                 release_sock(sk);
1093                                 return -EINVAL;
1094                         }
1095                         if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0))) {
1096                                 release_sock(sk);
1097                                 return -EFAULT;
1098                         }
1099                         err = ip_mc_gsfget(sk, &gsf,
1100                                 (struct group_filter __user *)optval, optlen);
1101                         release_sock(sk);
1102                         return err;
1103                 }
1104                 case IP_PKTOPTIONS:             
1105                 {
1106                         struct msghdr msg;
1107
1108                         release_sock(sk);
1109
1110                         if (sk->sk_type != SOCK_STREAM)
1111                                 return -ENOPROTOOPT;
1112
1113                         msg.msg_control = optval;
1114                         msg.msg_controllen = len;
1115                         msg.msg_flags = 0;
1116
1117                         if (inet->cmsg_flags & IP_CMSG_PKTINFO) {
1118                                 struct in_pktinfo info;
1119
1120                                 info.ipi_addr.s_addr = inet->rcv_saddr;
1121                                 info.ipi_spec_dst.s_addr = inet->rcv_saddr;
1122                                 info.ipi_ifindex = inet->mc_index;
1123                                 put_cmsg(&msg, SOL_IP, IP_PKTINFO, sizeof(info), &info);
1124                         }
1125                         if (inet->cmsg_flags & IP_CMSG_TTL) {
1126                                 int hlim = inet->mc_ttl;
1127                                 put_cmsg(&msg, SOL_IP, IP_TTL, sizeof(hlim), &hlim);
1128                         }
1129                         len -= msg.msg_controllen;
1130                         return put_user(len, optlen);
1131                 }
1132                 case IP_FREEBIND: 
1133                         val = inet->freebind; 
1134                         break; 
1135                 default:
1136                         release_sock(sk);
1137                         return -ENOPROTOOPT;
1138         }
1139         release_sock(sk);
1140         
1141         if (len < sizeof(int) && len > 0 && val>=0 && val<255) {
1142                 unsigned char ucval = (unsigned char)val;
1143                 len = 1;
1144                 if(put_user(len, optlen))
1145                         return -EFAULT;
1146                 if(copy_to_user(optval,&ucval,1))
1147                         return -EFAULT;
1148         } else {
1149                 len = min_t(unsigned int, sizeof(int), len);
1150                 if(put_user(len, optlen))
1151                         return -EFAULT;
1152                 if(copy_to_user(optval,&val,len))
1153                         return -EFAULT;
1154         }
1155         return 0;
1156 }
1157
1158 int ip_getsockopt(struct sock *sk, int level,
1159                 int optname, char __user *optval, int __user *optlen)
1160 {
1161         int err;
1162
1163         err = do_ip_getsockopt(sk, level, optname, optval, optlen);
1164 #ifdef CONFIG_NETFILTER
1165         /* we need to exclude all possible ENOPROTOOPTs except default case */
1166         if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS
1167 #ifdef CONFIG_IP_MROUTE
1168                 && (optname < MRT_BASE || optname > MRT_BASE+10)
1169 #endif
1170            ) {
1171                 int len;
1172
1173                 if(get_user(len,optlen))
1174                         return -EFAULT;
1175
1176                 lock_sock(sk);
1177                 err = nf_getsockopt(sk, PF_INET, optname, optval,
1178                                 &len);
1179                 release_sock(sk);
1180                 if (err >= 0)
1181                         err = put_user(len, optlen);
1182                 return err;
1183         }
1184 #endif
1185         return err;
1186 }
1187
1188 #ifdef CONFIG_COMPAT
1189 int compat_ip_getsockopt(struct sock *sk, int level, int optname,
1190                          char __user *optval, int __user *optlen)
1191 {
1192         int err = do_ip_getsockopt(sk, level, optname, optval, optlen);
1193 #ifdef CONFIG_NETFILTER
1194         /* we need to exclude all possible ENOPROTOOPTs except default case */
1195         if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS
1196 #ifdef CONFIG_IP_MROUTE
1197             && (optname < MRT_BASE || optname > MRT_BASE+10)
1198 #endif
1199            ) {
1200                 int len;
1201
1202                 if (get_user(len, optlen))
1203                         return -EFAULT;
1204
1205                 lock_sock(sk);
1206                 err = compat_nf_getsockopt(sk, PF_INET, optname, optval, &len);
1207                 release_sock(sk);
1208                 if (err >= 0)
1209                         err = put_user(len, optlen);
1210                 return err;
1211         }
1212 #endif
1213         return err;
1214 }
1215
1216 EXPORT_SYMBOL(compat_ip_getsockopt);
1217 #endif
1218
1219 EXPORT_SYMBOL(ip_cmsg_recv);
1220
1221 EXPORT_SYMBOL(ip_getsockopt);
1222 EXPORT_SYMBOL(ip_setsockopt);