git://git.onelab.eu / linux-2.6.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fedora core 6 1.2949 + vserver 2.2.0
[linux-2.6.git] / net / ipv6 / datagram.c
diff --git a/net/ipv6/datagram.c b/net/ipv6/datagram.c
index 5e0aecb..5c94fea 100644 (file)
--- a/net/ipv6/datagram.c
+++ b/net/ipv6/datagram.c
@@ -13,6 +13,7 @@
  *      2 of the License, or (at your option) any later version.
  */
 
+#include <linux/capability.h>
 #include <linux/errno.h>
 #include <linux/types.h>
 #include <linux/kernel.h>
@@ -29,6 +30,7 @@
 #include <net/addrconf.h>
 #include <net/transp_v6.h>
 #include <net/ip6_route.h>
+#include <net/tcp_states.h>
 
 #include <linux/errqueue.h>
 #include <asm/uaccess.h>
@@ -36,7 +38,7 @@
 int ip6_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len)
 {
        struct sockaddr_in6     *usin = (struct sockaddr_in6 *) uaddr;
-       struct inet_opt         *inet = inet_sk(sk);
+       struct inet_sock        *inet = inet_sk(sk);
        struct ipv6_pinfo       *np = inet6_sk(sk);
        struct in6_addr         *daddr, *final_p = NULL, final;
        struct dst_entry        *dst;
@@ -154,6 +156,8 @@ ipv4_connected:
        if (!fl.oif && (addr_type&IPV6_ADDR_MULTICAST))
                fl.oif = np->mcast_oif;
 
+       security_sk_classify_flow(sk, &fl);
+
        if (flowlabel) {
                if (flowlabel->opt && flowlabel->opt->srcrt) {
                        struct rt0_hdr *rt0 = (struct rt0_hdr *) flowlabel->opt->srcrt;
@@ -174,10 +178,8 @@ ipv4_connected:
        if (final_p)
                ipv6_addr_copy(&fl.fl6_dst, final_p);
 
-       if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) {
-               dst_release(dst);
+       if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0)
                goto out;
-       }
 
        /* source address lookup done in ip6_dst_lookup */
 
@@ -190,8 +192,13 @@ ipv4_connected:
        }
 
        ip6_dst_store(sk, dst,
-                     !ipv6_addr_cmp(&fl.fl6_dst, &np->daddr) ?
-                     &np->daddr : NULL);
+                     ipv6_addr_equal(&fl.fl6_dst, &np->daddr) ?
+                     &np->daddr : NULL,
+#ifdef CONFIG_IPV6_SUBTREES
+                     ipv6_addr_equal(&fl.fl6_src, &np->saddr) ?
+                     &np->saddr :
+#endif
+                     NULL);
 
        sk->sk_state = TCP_ESTABLISHED;
 out:
@@ -200,7 +207,7 @@ out:
 }
 
 void ipv6_icmp_error(struct sock *sk, struct sk_buff *skb, int err, 
-                    u16 port, u32 info, u8 *payload)
+                    __be16 port, u32 info, u8 *payload)
 {
        struct ipv6_pinfo *np  = inet6_sk(sk);
        struct icmp6hdr *icmph = (struct icmp6hdr *)skb->h.raw;
@@ -311,13 +318,13 @@ int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len)
                        ipv6_addr_copy(&sin->sin6_addr,
                          (struct in6_addr *)(skb->nh.raw + serr->addr_offset));
                        if (np->sndflow)
-                               sin->sin6_flowinfo = *(u32*)(skb->nh.raw + serr->addr_offset - 24) & IPV6_FLOWINFO_MASK;
+                               sin->sin6_flowinfo = *(__be32*)(skb->nh.raw + serr->addr_offset - 24) & IPV6_FLOWINFO_MASK;
                        if (ipv6_addr_type(&sin->sin6_addr) & IPV6_ADDR_LINKLOCAL)
                                sin->sin6_scope_id = IP6CB(skb)->iif;
                } else {
                        ipv6_addr_set(&sin->sin6_addr, 0, 0,
                                      htonl(0xffff),
-                                     *(u32*)(skb->nh.raw + serr->addr_offset));
+                                     *(__be32*)(skb->nh.raw + serr->addr_offset));
                }
        }
 
@@ -335,7 +342,7 @@ int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len)
                        if (ipv6_addr_type(&sin->sin6_addr) & IPV6_ADDR_LINKLOCAL)
                                sin->sin6_scope_id = IP6CB(skb)->iif;
                } else {
-                       struct inet_opt *inet = inet_sk(sk);
+                       struct inet_sock *inet = inet_sk(sk);
 
                        ipv6_addr_set(&sin->sin6_addr, 0, 0,
                                      htonl(0xffff),
@@ -353,14 +360,14 @@ int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len)
        err = copied;
 
        /* Reset and regenerate socket error */
-       spin_lock_irq(&sk->sk_error_queue.lock);
+       spin_lock_bh(&sk->sk_error_queue.lock);
        sk->sk_err = 0;
        if ((skb2 = skb_peek(&sk->sk_error_queue)) != NULL) {
                sk->sk_err = SKB_EXT_ERR(skb2)->ee.ee_errno;
-               spin_unlock_irq(&sk->sk_error_queue.lock);
+               spin_unlock_bh(&sk->sk_error_queue.lock);
                sk->sk_error_report(sk);
        } else {
-               spin_unlock_irq(&sk->sk_error_queue.lock);
+               spin_unlock_bh(&sk->sk_error_queue.lock);
        }
 
 out_free_skb:  
@@ -389,32 +396,101 @@ int datagram_recv_ctl(struct sock *sk, struct msghdr *msg, struct sk_buff *skb)
                put_cmsg(msg, SOL_IPV6, IPV6_HOPLIMIT, sizeof(hlim), &hlim);
        }
 
-       if (np->rxopt.bits.rxflow && (*(u32*)skb->nh.raw & IPV6_FLOWINFO_MASK)) {
-               u32 flowinfo = *(u32*)skb->nh.raw & IPV6_FLOWINFO_MASK;
+       if (np->rxopt.bits.rxtclass) {
+               int tclass = (ntohl(*(__be32 *)skb->nh.ipv6h) >> 20) & 0xff;
+               put_cmsg(msg, SOL_IPV6, IPV6_TCLASS, sizeof(tclass), &tclass);
+       }
+
+       if (np->rxopt.bits.rxflow && (*(__be32*)skb->nh.raw & IPV6_FLOWINFO_MASK)) {
+               __be32 flowinfo = *(__be32*)skb->nh.raw & IPV6_FLOWINFO_MASK;
                put_cmsg(msg, SOL_IPV6, IPV6_FLOWINFO, sizeof(flowinfo), &flowinfo);
        }
+
+       /* HbH is allowed only once */
        if (np->rxopt.bits.hopopts && opt->hop) {
                u8 *ptr = skb->nh.raw + opt->hop;
                put_cmsg(msg, SOL_IPV6, IPV6_HOPOPTS, (ptr[1]+1)<<3, ptr);
        }
-       if (np->rxopt.bits.dstopts && opt->dst0) {
+
+       if (opt->lastopt &&
+           (np->rxopt.bits.dstopts || np->rxopt.bits.srcrt)) {
+               /*
+                * Silly enough, but we need to reparse in order to
+                * report extension headers (except for HbH)
+                * in order.
+                *
+                * Also note that IPV6_RECVRTHDRDSTOPTS is NOT 
+                * (and WILL NOT be) defined because
+                * IPV6_RECVDSTOPTS is more generic. --yoshfuji
+                */
+               unsigned int off = sizeof(struct ipv6hdr);
+               u8 nexthdr = skb->nh.ipv6h->nexthdr;
+
+               while (off <= opt->lastopt) {
+                       unsigned len;
+                       u8 *ptr = skb->nh.raw + off;
+
+                       switch(nexthdr) {
+                       case IPPROTO_DSTOPTS:
+                               nexthdr = ptr[0];
+                               len = (ptr[1] + 1) << 3;
+                               if (np->rxopt.bits.dstopts)
+                                       put_cmsg(msg, SOL_IPV6, IPV6_DSTOPTS, len, ptr);
+                               break;
+                       case IPPROTO_ROUTING:
+                               nexthdr = ptr[0];
+                               len = (ptr[1] + 1) << 3;
+                               if (np->rxopt.bits.srcrt)
+                                       put_cmsg(msg, SOL_IPV6, IPV6_RTHDR, len, ptr);
+                               break;
+                       case IPPROTO_AH:
+                               nexthdr = ptr[0];
+                               len = (ptr[1] + 2) << 2;
+                               break;
+                       default:
+                               nexthdr = ptr[0];
+                               len = (ptr[1] + 1) << 3;
+                               break;
+                       }
+
+                       off += len;
+               }
+       }
+
+       /* socket options in old style */
+       if (np->rxopt.bits.rxoinfo) {
+               struct in6_pktinfo src_info;
+
+               src_info.ipi6_ifindex = opt->iif;
+               ipv6_addr_copy(&src_info.ipi6_addr, &skb->nh.ipv6h->daddr);
+               put_cmsg(msg, SOL_IPV6, IPV6_2292PKTINFO, sizeof(src_info), &src_info);
+       }
+       if (np->rxopt.bits.rxohlim) {
+               int hlim = skb->nh.ipv6h->hop_limit;
+               put_cmsg(msg, SOL_IPV6, IPV6_2292HOPLIMIT, sizeof(hlim), &hlim);
+       }
+       if (np->rxopt.bits.ohopopts && opt->hop) {
+               u8 *ptr = skb->nh.raw + opt->hop;
+               put_cmsg(msg, SOL_IPV6, IPV6_2292HOPOPTS, (ptr[1]+1)<<3, ptr);
+       }
+       if (np->rxopt.bits.odstopts && opt->dst0) {
                u8 *ptr = skb->nh.raw + opt->dst0;
-               put_cmsg(msg, SOL_IPV6, IPV6_DSTOPTS, (ptr[1]+1)<<3, ptr);
+               put_cmsg(msg, SOL_IPV6, IPV6_2292DSTOPTS, (ptr[1]+1)<<3, ptr);
        }
-       if (np->rxopt.bits.srcrt && opt->srcrt) {
+       if (np->rxopt.bits.osrcrt && opt->srcrt) {
                struct ipv6_rt_hdr *rthdr = (struct ipv6_rt_hdr *)(skb->nh.raw + opt->srcrt);
-               put_cmsg(msg, SOL_IPV6, IPV6_RTHDR, (rthdr->hdrlen+1) << 3, rthdr);
+               put_cmsg(msg, SOL_IPV6, IPV6_2292RTHDR, (rthdr->hdrlen+1) << 3, rthdr);
        }
-       if (np->rxopt.bits.dstopts && opt->dst1) {
+       if (np->rxopt.bits.odstopts && opt->dst1) {
                u8 *ptr = skb->nh.raw + opt->dst1;
-               put_cmsg(msg, SOL_IPV6, IPV6_DSTOPTS, (ptr[1]+1)<<3, ptr);
+               put_cmsg(msg, SOL_IPV6, IPV6_2292DSTOPTS, (ptr[1]+1)<<3, ptr);
        }
        return 0;
 }
 
 int datagram_send_ctl(struct msghdr *msg, struct flowi *fl,
                      struct ipv6_txoptions *opt,
-                     int *hlimit)
+                     int *hlimit, int *tclass)
 {
        struct in6_pktinfo *src_info;
        struct cmsghdr *cmsg;
@@ -427,9 +503,7 @@ int datagram_send_ctl(struct msghdr *msg, struct flowi *fl,
                int addr_type;
                struct net_device *dev = NULL;
 
-               if (cmsg->cmsg_len < sizeof(struct cmsghdr) ||
-                   (unsigned long)(((char*)cmsg - (char*)msg->msg_control)
-                                   + cmsg->cmsg_len) > msg->msg_controllen) {
+               if (!CMSG_OK(msg, cmsg)) {
                        err = -EINVAL;
                        goto exit_f;
                }
@@ -439,6 +513,7 @@ int datagram_send_ctl(struct msghdr *msg, struct flowi *fl,
 
                switch (cmsg->cmsg_type) {
                case IPV6_PKTINFO:
+               case IPV6_2292PKTINFO:
                        if (cmsg->cmsg_len < CMSG_LEN(sizeof(struct in6_pktinfo))) {
                                err = -EINVAL;
                                goto exit_f;
@@ -485,14 +560,15 @@ int datagram_send_ctl(struct msghdr *msg, struct flowi *fl,
                        }
 
                        if (fl->fl6_flowlabel&IPV6_FLOWINFO_MASK) {
-                               if ((fl->fl6_flowlabel^*(u32 *)CMSG_DATA(cmsg))&~IPV6_FLOWINFO_MASK) {
+                               if ((fl->fl6_flowlabel^*(__be32 *)CMSG_DATA(cmsg))&~IPV6_FLOWINFO_MASK) {
                                        err = -EINVAL;
                                        goto exit_f;
                                }
                        }
-                       fl->fl6_flowlabel = IPV6_FLOWINFO_MASK & *(u32 *)CMSG_DATA(cmsg);
+                       fl->fl6_flowlabel = IPV6_FLOWINFO_MASK & *(__be32 *)CMSG_DATA(cmsg);
                        break;
 
+               case IPV6_2292HOPOPTS:
                case IPV6_HOPOPTS:
                         if (opt->hopopt || cmsg->cmsg_len < CMSG_LEN(sizeof(struct ipv6_opt_hdr))) {
                                err = -EINVAL;
@@ -513,7 +589,7 @@ int datagram_send_ctl(struct msghdr *msg, struct flowi *fl,
                        opt->hopopt = hdr;
                        break;
 
-               case IPV6_DSTOPTS:
+               case IPV6_2292DSTOPTS:
                         if (cmsg->cmsg_len < CMSG_LEN(sizeof(struct ipv6_opt_hdr))) {
                                err = -EINVAL;
                                goto exit_f;
@@ -537,6 +613,33 @@ int datagram_send_ctl(struct msghdr *msg, struct flowi *fl,
                        opt->dst1opt = hdr;
                        break;
 
+               case IPV6_DSTOPTS:
+               case IPV6_RTHDRDSTOPTS:
+                       if (cmsg->cmsg_len < CMSG_LEN(sizeof(struct ipv6_opt_hdr))) {
+                               err = -EINVAL;
+                               goto exit_f;
+                       }
+
+                       hdr = (struct ipv6_opt_hdr *)CMSG_DATA(cmsg);
+                       len = ((hdr->hdrlen + 1) << 3);
+                       if (cmsg->cmsg_len < CMSG_LEN(len)) {
+                               err = -EINVAL;
+                               goto exit_f;
+                       }
+                       if (!capable(CAP_NET_RAW)) {
+                               err = -EPERM;
+                               goto exit_f;
+                       }
+                       if (cmsg->cmsg_type == IPV6_DSTOPTS) {
+                               opt->opt_flen += len;
+                               opt->dst1opt = hdr;
+                       } else {
+                               opt->opt_nflen += len;
+                               opt->dst0opt = hdr;
+                       }
+                       break;
+
+               case IPV6_2292RTHDR:
                case IPV6_RTHDR:
                         if (cmsg->cmsg_len < CMSG_LEN(sizeof(struct ipv6_rt_hdr))) {
                                err = -EINVAL;
@@ -545,10 +648,13 @@ int datagram_send_ctl(struct msghdr *msg, struct flowi *fl,
 
                        rthdr = (struct ipv6_rt_hdr *)CMSG_DATA(cmsg);
 
-                       /*
-                        *      TYPE 0
-                        */
-                       if (rthdr->type) {
+                       switch (rthdr->type) {
+                       case IPV6_SRCRT_TYPE_0:
+#ifdef CONFIG_IPV6_MIP6
+                       case IPV6_SRCRT_TYPE_2:
+#endif
+                               break;
+                       default:
                                err = -EINVAL;
                                goto exit_f;
                        }
@@ -569,7 +675,7 @@ int datagram_send_ctl(struct msghdr *msg, struct flowi *fl,
                        opt->opt_nflen += len;
                        opt->srcrt = rthdr;
 
-                       if (opt->dst1opt) {
+                       if (cmsg->cmsg_type == IPV6_2292RTHDR && opt->dst1opt) {
                                int dsthdrlen = ((opt->dst1opt->hdrlen+1)<<3);
 
                                opt->opt_nflen += dsthdrlen;
@@ -580,6 +686,7 @@ int datagram_send_ctl(struct msghdr *msg, struct flowi *fl,
 
                        break;
 
+               case IPV6_2292HOPLIMIT:
                case IPV6_HOPLIMIT:
                        if (cmsg->cmsg_len != CMSG_LEN(sizeof(int))) {
                                err = -EINVAL;
@@ -589,9 +696,27 @@ int datagram_send_ctl(struct msghdr *msg, struct flowi *fl,
                        *hlimit = *(int *)CMSG_DATA(cmsg);
                        break;
 
+               case IPV6_TCLASS:
+                   {
+                       int tc;
+
+                       err = -EINVAL;
+                       if (cmsg->cmsg_len != CMSG_LEN(sizeof(int))) {
+                               goto exit_f;
+                       }
+
+                       tc = *(int *)CMSG_DATA(cmsg);
+                       if (tc < -1 || tc > 0xff)
+                               goto exit_f;
+
+                       err = 0;
+                       *tclass = tc;
+
+                       break;
+                   }
                default:
-                       LIMIT_NETDEBUG(
-                               printk(KERN_DEBUG "invalid cmsg type: %d\n", cmsg->cmsg_type));
+                       LIMIT_NETDEBUG(KERN_DEBUG "invalid cmsg type: %d\n",
+                                      cmsg->cmsg_type);
                        err = -EINVAL;
                        break;
                };
linux-2.6