From patchwork Thu Jul 23 14:33:55 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Willem de Bruijn <willemdebruijn.kernel@gmail.com>
X-Patchwork-Id: 1334938
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming-netdev@ozlabs.org
Delivered-To: patchwork-incoming-netdev@ozlabs.org
Authentication-Results: ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org
 (client-ip=23.128.96.18; helo=vger.kernel.org;
 envelope-from=netdev-owner@vger.kernel.org; receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
 dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: ozlabs.org;
	dkim=pass (2048-bit key;
 unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256
 header.s=20161025 header.b=fXAu9Mc9;
	dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by ozlabs.org (Postfix) with ESMTP id 4BCFFr65HVz9sPf
	for <patchwork-incoming-netdev@ozlabs.org>;
 Fri, 24 Jul 2020 00:34:08 +1000 (AEST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728797AbgGWOeH (ORCPT
        <rfc822;patchwork-incoming-netdev@ozlabs.org>);
        Thu, 23 Jul 2020 10:34:07 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49996 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1727885AbgGWOeH (ORCPT
        <rfc822;netdev@vger.kernel.org>); Thu, 23 Jul 2020 10:34:07 -0400
Received: from mail-qt1-x841.google.com (mail-qt1-x841.google.com
 [IPv6:2607:f8b0:4864:20::841])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A7EE4C0619DC
        for <netdev@vger.kernel.org>; Thu, 23 Jul 2020 07:34:06 -0700 (PDT)
Received: by mail-qt1-x841.google.com with SMTP id 6so4554043qtt.0
        for <netdev@vger.kernel.org>; Thu, 23 Jul 2020 07:34:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=utwLKIiDHY5TJ1dKgkvpKLpYXuoDVUvrDVlxyvHumwM=;
        b=fXAu9Mc9HiZsmXjLEEMTueC/omDGo27BlBiPnqGJgFPesioCBYuOgiZC5rqLbzSn3X
         BqAlbGOXWxUCcXd56z1n+YC+WhPZBceEgtA681+kDRgHDTERWaaoVoiD9vs3K/IFOfTn
         jiZT0uUPemw4WWzEG316bfTruvUDeuMmjVxrl98yrPgJ66OXx+G2yeRRNqp4IKVvjajC
         N+R3xg8IEzmY9nT/XI6hdsitGZWuUQa/ozV6xLzjQh9ksNXcHbzE3TDPRZUNpHNWFd05
         HGGib7yE+hMkCkn1cxFL8SwxErPG+xgVgH1ZBJ0wZpQh51eTrAXZA8FIR4iu+vVzXElP
         ZIXA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=utwLKIiDHY5TJ1dKgkvpKLpYXuoDVUvrDVlxyvHumwM=;
        b=o9kmiKf80b1EQ1Ux48SrNG4mkQWNYOgxgVdwKG9kgD57bpEVJqNzZ1SXucmQVd+pL2
         d/LQmwSpPlEnsVq2JZzH5p+Djr9cgFcd/HS81whM4KL4EL41qR6NgdMDzD0AkRCHJdoo
         4vZ53jLUoLTYYf6EzeNyoLOT39r8RR8iQNyNkHEPeIe9KpinB4PbVmaNAZ7g+RpF1TPD
         4EJSbJLkwSufEShVWqvIDEd4CwDJdVEqzpZ0KzeShcC0AsQ4BjJ+Jhg0Vgj6tNNnslDb
         vpSKtwHStJuCUBdz4EltjLcEOBjdjRdAOCDpX9a1xrpeT+8nyKHwklOTnt6f/6WM30et
         0X4Q==
X-Gm-Message-State: AOAM533UEw2XlYbFZ4Y6uIp/Idgh30wCgmH8yYfj5CiUJ/iGiX67oR2b
        z3TaO5toBLaiU8SL0nrgifcrc8lo
X-Google-Smtp-Source: 
 ABdhPJwoswFNK9ZOs7pLCFCEjOubDkwUCGM/gAnD0Zt7q0624puVhs0EJwlpQsnkF9xlwIUkYNpHYw==
X-Received: by 2002:ac8:70da:: with SMTP id g26mr4668704qtp.67.1595514845559;
        Thu, 23 Jul 2020 07:34:05 -0700 (PDT)
Received: from willemb.nyc.corp.google.com
 ([2620:0:1003:312:f693:9fff:fef4:3e8a])
        by smtp.gmail.com with ESMTPSA id
 w27sm2488114qtv.68.2020.07.23.07.34.04
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 23 Jul 2020 07:34:04 -0700 (PDT)
From: Willem de Bruijn <willemdebruijn.kernel@gmail.com>
To: netdev@vger.kernel.org
Cc: davem@davemloft.net, Willem de Bruijn <willemb@google.com>
Subject: [PATCH net-next 1/3] icmp: revise rfc4884 tests
Date: Thu, 23 Jul 2020 10:33:55 -0400
Message-Id: <20200723143357.451069-2-willemdebruijn.kernel@gmail.com>
X-Mailer: git-send-email 2.28.0.rc0.105.gf9edc3c819-goog
In-Reply-To: <20200723143357.451069-1-willemdebruijn.kernel@gmail.com>
References: <20200723143357.451069-1-willemdebruijn.kernel@gmail.com>
MIME-Version: 1.0
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

From: Willem de Bruijn <willemb@google.com>

1) Only accept packets with original datagram len field >= header len.

The extension header must start after the original datagram headers.
The embedded datagram len field is compared against the 128B minimum
stipulated by RFC 4884. It is unlikely that headers extend beyond
this. But as we know the exact header length, check explicitly.

2) Remove the check that datagram length must be <= 576B.

This is a send constraint. There is no value in testing this on rx.
Within private networks it may be known safe to send larger packets.
Process these packets.

This test was also too lax. It compared original datagram length
rather than entire icmp packet length. The stand-alone fix would be:

  -       if (hlen + skb->len > 576)
  +       if (-skb_network_offset(skb) + skb->len > 576)

Fixes: eba75c587e81 ("icmp: support rfc 4884")
Signed-off-by: Willem de Bruijn <willemb@google.com>
---
 net/ipv4/icmp.c | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c
index fd2e7a3a9eb2..646d4fb72c07 100644
--- a/net/ipv4/icmp.c
+++ b/net/ipv4/icmp.c
@@ -1199,16 +1199,12 @@ void ip_icmp_error_rfc4884(const struct sk_buff *skb,
 		return;
 	}
 
-	/* outer headers up to inner iph. skb->data is at inner payload */
+	/* original datagram headers: end of icmph to payload (skb->data) */
 	hlen = -skb_transport_offset(skb) - sizeof(struct icmphdr);
 
-	/* per rfc 791: maximum packet length of 576 bytes */
-	if (hlen + skb->len > 576)
-		return;
-
 	/* per rfc 4884: minimal datagram length of 128 bytes */
 	off = icmp_hdr(skb)->un.reserved[1] * sizeof(u32);
-	if (off < 128)
+	if (off < 128 || off < hlen)
 		return;
 
 	/* kernel has stripped headers: return payload offset in bytes */

From patchwork Thu Jul 23 14:33:56 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Willem de Bruijn <willemdebruijn.kernel@gmail.com>
X-Patchwork-Id: 1334939
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming-netdev@ozlabs.org
Delivered-To: patchwork-incoming-netdev@ozlabs.org
Authentication-Results: ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org
 (client-ip=23.128.96.18; helo=vger.kernel.org;
 envelope-from=netdev-owner@vger.kernel.org; receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
 dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: ozlabs.org;
	dkim=pass (2048-bit key;
 unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256
 header.s=20161025 header.b=k/n9DzpX;
	dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by ozlabs.org (Postfix) with ESMTP id 4BCFFv4kmGz9sPf
	for <patchwork-incoming-netdev@ozlabs.org>;
 Fri, 24 Jul 2020 00:34:11 +1000 (AEST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728966AbgGWOeK (ORCPT
        <rfc822;patchwork-incoming-netdev@ozlabs.org>);
        Thu, 23 Jul 2020 10:34:10 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50000 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1727885AbgGWOeI (ORCPT
        <rfc822;netdev@vger.kernel.org>); Thu, 23 Jul 2020 10:34:08 -0400
Received: from mail-qk1-x743.google.com (mail-qk1-x743.google.com
 [IPv6:2607:f8b0:4864:20::743])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C0196C0619DC
        for <netdev@vger.kernel.org>; Thu, 23 Jul 2020 07:34:07 -0700 (PDT)
Received: by mail-qk1-x743.google.com with SMTP id b14so3799902qkn.4
        for <netdev@vger.kernel.org>; Thu, 23 Jul 2020 07:34:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=SW50E8jnOWq1JMpv3b3XkWyV9URtKtIIRRZRsUMuSE4=;
        b=k/n9DzpXsldjXfyGmi84lW9OfTIREcQ9vVPgFuZqLZ3HkG67D+ZyELYxK1dDm0sSVM
         /+wzEgvC3R0a2S6MzqIOAcsIHLutoINYYVmwsfamx3bnq4OHDN07wQ3hL0ybwm0eSaoJ
         sW0BfIRLi2ansDWciDIK0pVg7mhRnlysywGsMN2duA8F8LurPrsiSVG7kiu7wYb7BT81
         ho+2m8iJmZurdv4wKQol/TMyeYP6vhdc8yfd4VVMF64VPFvLgBTlmBDS4k9tC5hjaGhu
         +9KGcsHrkfXpqpvepoZYhIy23ggJQqVcmpKklaOl9EFdIKQYej5joDaKm6H9J/ymkMNH
         JWhg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=SW50E8jnOWq1JMpv3b3XkWyV9URtKtIIRRZRsUMuSE4=;
        b=E8x3vEx/femUf3jVpUIhU5/AGnlWgAe1p9PWTqeqcW3cahc85y7pBa7j/y5JTuLdky
         ikrQE8MRUQ+T6BGm41b4+EJGb6/7TJr1toXUDgWAuHnDEeASF3I66w5/qInvf/TLOvGk
         cr/CEMLMHyeJ8YmSi7nfP5LuAOJwnBL8mhk/tt5/yhLgD5TTdSK0SYczfQ0BWf3Wrw9S
         NpOAMz5tMAh+gqQu8nKpSQeM98GXa1yik8YyEFLaqoisIXqp+NLubNfKRiK2O+sWfIib
         4gKr+kQaloZaSFuHICMDOWRtRun8MKIhpj75Xlpz1VSVT6pHUt+Nqd0KtMjl/DoIvCRY
         NvBg==
X-Gm-Message-State: AOAM533jMQbjoEKsa5AoX5Rfgv2zVYh3WkA/IiezTzrzlix4k3CIMx8k
        0A0pNFYGIh6P7M8qinqgy2I9IJwh
X-Google-Smtp-Source: 
 ABdhPJyUSN7fjGJWduqwzNL0s0ooNecMgH9NWkiHlc/W2OOlk+sixI5jW7cZTDMSouCs09qFUyOWvg==
X-Received: by 2002:ae9:ea13:: with SMTP id f19mr3853053qkg.331.1595514846632;
        Thu, 23 Jul 2020 07:34:06 -0700 (PDT)
Received: from willemb.nyc.corp.google.com
 ([2620:0:1003:312:f693:9fff:fef4:3e8a])
        by smtp.gmail.com with ESMTPSA id
 w27sm2488114qtv.68.2020.07.23.07.34.05
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 23 Jul 2020 07:34:05 -0700 (PDT)
From: Willem de Bruijn <willemdebruijn.kernel@gmail.com>
To: netdev@vger.kernel.org
Cc: davem@davemloft.net, Willem de Bruijn <willemb@google.com>
Subject: [PATCH net-next 2/3] icmp: prepare rfc 4884 for ipv6
Date: Thu, 23 Jul 2020 10:33:56 -0400
Message-Id: <20200723143357.451069-3-willemdebruijn.kernel@gmail.com>
X-Mailer: git-send-email 2.28.0.rc0.105.gf9edc3c819-goog
In-Reply-To: <20200723143357.451069-1-willemdebruijn.kernel@gmail.com>
References: <20200723143357.451069-1-willemdebruijn.kernel@gmail.com>
MIME-Version: 1.0
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

From: Willem de Bruijn <willemb@google.com>

The RFC 4884 spec is largely the same between IPv4 and IPv6.
Factor out the IPv4 specific parts in preparation for IPv6 support:

- icmp types supported

- icmp header size, and thus offset to original datagram start

- datagram length field offset in icmp(6)hdr.

- datagram length field word size: 4B for IPv4, 8B for IPv6.

Signed-off-by: Willem de Bruijn <willemb@google.com>
---
 include/linux/icmp.h   |  3 ++-
 net/ipv4/icmp.c        | 17 ++++-------------
 net/ipv4/ip_sockglue.c | 14 +++++++++++++-
 3 files changed, 19 insertions(+), 15 deletions(-)

diff --git a/include/linux/icmp.h b/include/linux/icmp.h
index 8fc38a34cb20..0af4d210ee31 100644
--- a/include/linux/icmp.h
+++ b/include/linux/icmp.h
@@ -37,6 +37,7 @@ static inline bool icmp_is_err(int type)
 }
 
 void ip_icmp_error_rfc4884(const struct sk_buff *skb,
-			   struct sock_ee_data_rfc4884 *out);
+			   struct sock_ee_data_rfc4884 *out,
+			   int thlen, int off);
 
 #endif	/* _LINUX_ICMP_H */
diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c
index 646d4fb72c07..1e70e98f14f8 100644
--- a/net/ipv4/icmp.c
+++ b/net/ipv4/icmp.c
@@ -1186,24 +1186,15 @@ static bool ip_icmp_error_rfc4884_validate(const struct sk_buff *skb, int off)
 }
 
 void ip_icmp_error_rfc4884(const struct sk_buff *skb,
-			   struct sock_ee_data_rfc4884 *out)
+			   struct sock_ee_data_rfc4884 *out,
+			   int thlen, int off)
 {
-	int hlen, off;
-
-	switch (icmp_hdr(skb)->type) {
-	case ICMP_DEST_UNREACH:
-	case ICMP_TIME_EXCEEDED:
-	case ICMP_PARAMETERPROB:
-		break;
-	default:
-		return;
-	}
+	int hlen;
 
 	/* original datagram headers: end of icmph to payload (skb->data) */
-	hlen = -skb_transport_offset(skb) - sizeof(struct icmphdr);
+	hlen = -skb_transport_offset(skb) - thlen;
 
 	/* per rfc 4884: minimal datagram length of 128 bytes */
-	off = icmp_hdr(skb)->un.reserved[1] * sizeof(u32);
 	if (off < 128 || off < hlen)
 		return;
 
diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c
index a5ea02d7a183..6aa45fe0a676 100644
--- a/net/ipv4/ip_sockglue.c
+++ b/net/ipv4/ip_sockglue.c
@@ -389,6 +389,18 @@ int ip_ra_control(struct sock *sk, unsigned char on,
 	return 0;
 }
 
+static void ipv4_icmp_error_rfc4884(const struct sk_buff *skb,
+				    struct sock_ee_data_rfc4884 *out)
+{
+	switch (icmp_hdr(skb)->type) {
+	case ICMP_DEST_UNREACH:
+	case ICMP_TIME_EXCEEDED:
+	case ICMP_PARAMETERPROB:
+		ip_icmp_error_rfc4884(skb, out, sizeof(struct icmphdr),
+				      icmp_hdr(skb)->un.reserved[1] * 4);
+	}
+}
+
 void ip_icmp_error(struct sock *sk, struct sk_buff *skb, int err,
 		   __be16 port, u32 info, u8 *payload)
 {
@@ -412,7 +424,7 @@ void ip_icmp_error(struct sock *sk, struct sk_buff *skb, int err,
 
 	if (skb_pull(skb, payload - skb->data)) {
 		if (inet_sk(sk)->recverr_rfc4884)
-			ip_icmp_error_rfc4884(skb, &serr->ee.ee_rfc4884);
+			ipv4_icmp_error_rfc4884(skb, &serr->ee.ee_rfc4884);
 
 		skb_reset_transport_header(skb);
 		if (sock_queue_err_skb(sk, skb) == 0)

From patchwork Thu Jul 23 14:33:57 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Willem de Bruijn <willemdebruijn.kernel@gmail.com>
X-Patchwork-Id: 1334940
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming-netdev@ozlabs.org
Delivered-To: patchwork-incoming-netdev@ozlabs.org
Authentication-Results: ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org
 (client-ip=23.128.96.18; helo=vger.kernel.org;
 envelope-from=netdev-owner@vger.kernel.org; receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
 dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: ozlabs.org;
	dkim=pass (2048-bit key;
 unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256
 header.s=20161025 header.b=gft6/MA2;
	dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by ozlabs.org (Postfix) with ESMTP id 4BCFG14Gzxz9sR4
	for <patchwork-incoming-netdev@ozlabs.org>;
 Fri, 24 Jul 2020 00:34:17 +1000 (AEST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729225AbgGWOeQ (ORCPT
        <rfc822;patchwork-incoming-netdev@ozlabs.org>);
        Thu, 23 Jul 2020 10:34:16 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50006 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1728811AbgGWOeJ (ORCPT
        <rfc822;netdev@vger.kernel.org>); Thu, 23 Jul 2020 10:34:09 -0400
Received: from mail-qk1-x742.google.com (mail-qk1-x742.google.com
 [IPv6:2607:f8b0:4864:20::742])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0FF9AC0619E2
        for <netdev@vger.kernel.org>; Thu, 23 Jul 2020 07:34:09 -0700 (PDT)
Received: by mail-qk1-x742.google.com with SMTP id x69so5536414qkb.1
        for <netdev@vger.kernel.org>; Thu, 23 Jul 2020 07:34:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=5FbJXuBlGDFf/8gdCB0TBOOF2kd8jOfaRnCGlOzRD7I=;
        b=gft6/MA2h29wAMRkbUYJQLthEPRT7d4vHZURBquY3j4YgX4q7bnZmIxsK314R4a9G2
         pnh3ddWTf0U4W9prZ+iIxGoUYEeUobm9JxpOpUx8mboqeRWIUOE29NgEnpWIZkb6RCQk
         cm1/S4RE5CoA8TCFLu9OHD21p5tqYBg9GlKYtBMQusyvlEroz3+FeagR7b3KYyHIyxyZ
         m1MOx4URv3CgqUOkaBtqvwseIHCq9b95BaPJZkr+Md9IaVeBVDifCOaRHmzb1lG0JxQA
         MvR6EWhqdYymkrSDD72WMHw/ZAGl8Hc5Xjyu4YQI31NvAjzHzJD6E8I5ANt+0HbXjO1E
         3J7w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=5FbJXuBlGDFf/8gdCB0TBOOF2kd8jOfaRnCGlOzRD7I=;
        b=M8WeAp86WAbhGFQmKfDgiSOT+/pTm1FfwhifA9g2TTqLaia3vMg/45yceQtpEACkJz
         iIXuKVZRL3DB59UisdTFjYN3Vk4BNdwJH7jMSYvPL67/uO0OojgCnOLL1vD9YYXvV7hl
         2nMzyd4At0Y/WnOpMohiZkHnd7Z0NEB3p0e/a5z6xG435zTZ6Ss18TAqqfOk3AYhcjm5
         wdz6KQYS759fAt7Kjvu0Td3EVbgg8BplddDGJrFeJSFQ2IDBqPsm/CCebA4YlwAULeLN
         Nd+S5SZNUGGiiliDyNDkXHGYQz/Fyes0QajSGGjMKc8vDrhKEb5rpiiSbolbRLO+uutL
         wRgg==
X-Gm-Message-State: AOAM530YXe6irqVkAmyMpPfbhm9neLsQ2RfevZSe3BmdGzjh3qazUu47
        k/hKOdXsmqQ7IqepSYjsGU2sBXwI
X-Google-Smtp-Source: 
 ABdhPJyonCChK864GV82EYvuxkmZ9+GxDwn6/+beZvtc7wQ5tH0phc72D4MqsbeliDR3Fm5oNAenHw==
X-Received: by 2002:a37:3cd:: with SMTP id 196mr5450672qkd.458.1595514847897;
        Thu, 23 Jul 2020 07:34:07 -0700 (PDT)
Received: from willemb.nyc.corp.google.com
 ([2620:0:1003:312:f693:9fff:fef4:3e8a])
        by smtp.gmail.com with ESMTPSA id
 w27sm2488114qtv.68.2020.07.23.07.34.06
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 23 Jul 2020 07:34:06 -0700 (PDT)
From: Willem de Bruijn <willemdebruijn.kernel@gmail.com>
To: netdev@vger.kernel.org
Cc: davem@davemloft.net, Willem de Bruijn <willemb@google.com>
Subject: [PATCH net-next 3/3] icmp6: support rfc 4884
Date: Thu, 23 Jul 2020 10:33:57 -0400
Message-Id: <20200723143357.451069-4-willemdebruijn.kernel@gmail.com>
X-Mailer: git-send-email 2.28.0.rc0.105.gf9edc3c819-goog
In-Reply-To: <20200723143357.451069-1-willemdebruijn.kernel@gmail.com>
References: <20200723143357.451069-1-willemdebruijn.kernel@gmail.com>
MIME-Version: 1.0
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

From: Willem de Bruijn <willemb@google.com>

Extend the rfc 4884 read interface introduced for ipv4 in
commit eba75c587e81 ("icmp: support rfc 4884") to ipv6.

Add socket option SOL_IPV6/IPV6_RECVERR_RFC4884.

Signed-off-by: Willem de Bruijn <willemb@google.com>
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: kernel test robot <lkp@intel.com>
---
 include/linux/ipv6.h        |  1 +
 include/uapi/linux/icmpv6.h |  1 +
 include/uapi/linux/in6.h    |  1 +
 net/ipv4/icmp.c             |  1 +
 net/ipv6/datagram.c         | 16 ++++++++++++++++
 net/ipv6/ipv6_sockglue.c    | 12 ++++++++++++
 6 files changed, 32 insertions(+)

diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h
index 8d8f877e7f81..a44789d027cc 100644
--- a/include/linux/ipv6.h
+++ b/include/linux/ipv6.h
@@ -283,6 +283,7 @@ struct ipv6_pinfo {
 				autoflowlabel:1,
 				autoflowlabel_set:1,
 				mc_all:1,
+				recverr_rfc4884:1,
 				rtalert_isolate:1;
 	__u8			min_hopcount;
 	__u8			tclass;
diff --git a/include/uapi/linux/icmpv6.h b/include/uapi/linux/icmpv6.h
index 2622b5a3e616..c1661febc2dc 100644
--- a/include/uapi/linux/icmpv6.h
+++ b/include/uapi/linux/icmpv6.h
@@ -68,6 +68,7 @@ struct icmp6hdr {
 #define icmp6_mtu		icmp6_dataun.un_data32[0]
 #define icmp6_unused		icmp6_dataun.un_data32[0]
 #define icmp6_maxdelay		icmp6_dataun.un_data16[0]
+#define icmp6_datagram_len	icmp6_dataun.un_data8[0]
 #define icmp6_router		icmp6_dataun.u_nd_advt.router
 #define icmp6_solicited		icmp6_dataun.u_nd_advt.solicited
 #define icmp6_override		icmp6_dataun.u_nd_advt.override
diff --git a/include/uapi/linux/in6.h b/include/uapi/linux/in6.h
index 9f2273a08356..5ad396a57eb3 100644
--- a/include/uapi/linux/in6.h
+++ b/include/uapi/linux/in6.h
@@ -179,6 +179,7 @@ struct in6_flowlabel_req {
 #define IPV6_LEAVE_ANYCAST	28
 #define IPV6_MULTICAST_ALL	29
 #define IPV6_ROUTER_ALERT_ISOLATE	30
+#define IPV6_RECVERR_RFC4884	31
 
 /* IPV6_MTU_DISCOVER values */
 #define IPV6_PMTUDISC_DONT		0
diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c
index 1e70e98f14f8..1155b6ad7a3b 100644
--- a/net/ipv4/icmp.c
+++ b/net/ipv4/icmp.c
@@ -1208,6 +1208,7 @@ void ip_icmp_error_rfc4884(const struct sk_buff *skb,
 	if (!ip_icmp_error_rfc4884_validate(skb, off))
 		out->flags |= SO_EE_RFC4884_FLAG_INVALID;
 }
+EXPORT_SYMBOL_GPL(ip_icmp_error_rfc4884);
 
 int icmp_err(struct sk_buff *skb, u32 info)
 {
diff --git a/net/ipv6/datagram.c b/net/ipv6/datagram.c
index 390bedde21a5..dd1d71e12b61 100644
--- a/net/ipv6/datagram.c
+++ b/net/ipv6/datagram.c
@@ -19,6 +19,7 @@
 #include <linux/route.h>
 #include <linux/slab.h>
 #include <linux/export.h>
+#include <linux/icmp.h>
 
 #include <net/ipv6.h>
 #include <net/ndisc.h>
@@ -284,6 +285,17 @@ int ip6_datagram_connect_v6_only(struct sock *sk, struct sockaddr *uaddr,
 }
 EXPORT_SYMBOL_GPL(ip6_datagram_connect_v6_only);
 
+void ipv6_icmp_error_rfc4884(const struct sk_buff *skb,
+			     struct sock_ee_data_rfc4884 *out)
+{
+	switch (icmp6_hdr(skb)->icmp6_type) {
+	case ICMPV6_TIME_EXCEED:
+	case ICMPV6_DEST_UNREACH:
+		ip_icmp_error_rfc4884(skb, out, sizeof(struct icmp6hdr),
+				      icmp6_hdr(skb)->icmp6_datagram_len * 8);
+	}
+}
+
 void ipv6_icmp_error(struct sock *sk, struct sk_buff *skb, int err,
 		     __be16 port, u32 info, u8 *payload)
 {
@@ -313,6 +325,10 @@ void ipv6_icmp_error(struct sock *sk, struct sk_buff *skb, int err,
 	serr->port = port;
 
 	__skb_pull(skb, payload - skb->data);
+
+	if (inet6_sk(sk)->recverr_rfc4884)
+		ipv6_icmp_error_rfc4884(skb, &serr->ee.ee_rfc4884);
+
 	skb_reset_transport_header(skb);
 
 	if (sock_queue_err_skb(sk, skb))
diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c
index add8f7912299..d4140a23974f 100644
--- a/net/ipv6/ipv6_sockglue.c
+++ b/net/ipv6/ipv6_sockglue.c
@@ -964,6 +964,14 @@ static int do_ipv6_setsockopt(struct sock *sk, int level, int optname,
 		np->rxopt.bits.recvfragsize = valbool;
 		retv = 0;
 		break;
+	case IPV6_RECVERR_RFC4884:
+		if (optlen < sizeof(int))
+			goto e_inval;
+		if (val < 0 || val > 1)
+			goto e_inval;
+		np->recverr_rfc4884 = valbool;
+		retv = 0;
+		break;
 	}
 
 	release_sock(sk);
@@ -1438,6 +1446,10 @@ static int do_ipv6_getsockopt(struct sock *sk, int level, int optname,
 		val = np->rtalert_isolate;
 		break;
 
+	case IPV6_RECVERR_RFC4884:
+		val = np->recverr_rfc4884;
+		break;
+
 	default:
 		return -ENOPROTOOPT;
 	}