From patchwork Fri Jul 24 13:03:08 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Willem de Bruijn X-Patchwork-Id: 1335685 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=23.128.96.18; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=XjF1IjBy; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by ozlabs.org (Postfix) with ESMTP id 4BCqBY3hqvz9sSn for ; Fri, 24 Jul 2020 23:03:17 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726625AbgGXNDQ (ORCPT ); Fri, 24 Jul 2020 09:03:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33464 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726317AbgGXNDQ (ORCPT ); Fri, 24 Jul 2020 09:03:16 -0400 Received: from mail-qv1-xf44.google.com (mail-qv1-xf44.google.com [IPv6:2607:f8b0:4864:20::f44]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 858EBC0619E4 for ; Fri, 24 Jul 2020 06:03:15 -0700 (PDT) Received: by mail-qv1-xf44.google.com with SMTP id u8so4027169qvj.12 for ; Fri, 24 Jul 2020 06:03:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=06HT4wXCGPr8/Xt49Ob28EVxkpMcb9QTE5otfDCwkWc=; b=XjF1IjByg8BljKGZ+c252SaFgcpjlnS8+CoOUCi2kH0VpFbDPIIDGON1ZtkjmCP+ED KAZPkGkBq4B8Qw5E7V8oY2rqK+BhtV+szI1SmbIoktuvnvhX320lUjdHTVhqMDQL9v0X INBoy8KJGQAUS+gOr+Q5aO5Z/5BdHMnBB7FCaLm77cMR8z+Z6ECSHmXCL/DILvcR8+8G AF6aMN+20QmMQTqKgKZ2ZigAdbM/weSundCsn/zw/6H5v00K6rHf9N4PxxCCGReuh/Zx vOGU57X9+xqjqyVrn1hx/a8yol541GCxQEJ5BB3NijlGzIaP6X8hPqr/l/Xv1/4fE4UP ga+w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=06HT4wXCGPr8/Xt49Ob28EVxkpMcb9QTE5otfDCwkWc=; b=PXrCBVVwx38CdxpLo4HFiI6+KA7bhQaIMoIA33t+M7+Wi7Q/tAa0JbThI6492Yn5xU qJ7M4+v6OlRBijOHMuFlUP0bYFPhq0FHEbuI2T1dJFtreq3JCik1NZC0cSHZrtmTcsWN O4AChjUzSt6eZ4jjHsYMOn9peTYy3X1KvdXPsNEJ0A0QWhOpjGysece9cZXNSBGz7rI0 knq/GtX07PkQ8l+7I2fyCZ1QwWqLO8LW1w8vJKq5XWRXo/jJ94sH3U2RQKDSzJdthQeZ 3kGN5ww/ge103B1OTrAVTxEiHa56BK+I4Hd3EOhZJXPQ9QAGj+t5iGBZPJYEQPju8Zob 6EYA== X-Gm-Message-State: AOAM531VSQ+Akb62WRSNC/AMbQtjD1rRDGw0/XB0ssvWKj8WU6EEhxQH kpusYbbxKlda1Fv+u5z+EaHYvVio X-Google-Smtp-Source: ABdhPJxGVOkXT98VXWyrNKwR03SwL0AJSpYROXCK/cnheImKJSUxhg9AMrxLRnvp3rf9IFI/RUPUgQ== X-Received: by 2002:a05:6214:18f:: with SMTP id q15mr9881136qvr.23.1595595794302; Fri, 24 Jul 2020 06:03:14 -0700 (PDT) Received: from willemb.nyc.corp.google.com ([2620:0:1003:312:f693:9fff:fef4:3e8a]) by smtp.gmail.com with ESMTPSA id b8sm1203491qtg.45.2020.07.24.06.03.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 24 Jul 2020 06:03:13 -0700 (PDT) From: Willem de Bruijn To: netdev@vger.kernel.org Cc: davem@davemloft.net, Willem de Bruijn Subject: [PATCH net-next v2 1/3] icmp: revise rfc4884 tests Date: Fri, 24 Jul 2020 09:03:08 -0400 Message-Id: <20200724130310.788305-2-willemdebruijn.kernel@gmail.com> X-Mailer: git-send-email 2.28.0.rc0.142.g3c755180ce-goog In-Reply-To: <20200724130310.788305-1-willemdebruijn.kernel@gmail.com> References: <20200724130310.788305-1-willemdebruijn.kernel@gmail.com> MIME-Version: 1.0 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org From: Willem de Bruijn 1) Only accept packets with original datagram len field >= header len. The extension header must start after the original datagram headers. The embedded datagram len field is compared against the 128B minimum stipulated by RFC 4884. It is unlikely that headers extend beyond this. But as we know the exact header length, check explicitly. 2) Remove the check that datagram length must be <= 576B. This is a send constraint. There is no value in testing this on rx. Within private networks it may be known safe to send larger packets. Process these packets. This test was also too lax. It compared original datagram length rather than entire icmp packet length. The stand-alone fix would be: - if (hlen + skb->len > 576) + if (-skb_network_offset(skb) + skb->len > 576) Fixes: eba75c587e81 ("icmp: support rfc 4884") Signed-off-by: Willem de Bruijn --- net/ipv4/icmp.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c index fd2e7a3a9eb2..646d4fb72c07 100644 --- a/net/ipv4/icmp.c +++ b/net/ipv4/icmp.c @@ -1199,16 +1199,12 @@ void ip_icmp_error_rfc4884(const struct sk_buff *skb, return; } - /* outer headers up to inner iph. skb->data is at inner payload */ + /* original datagram headers: end of icmph to payload (skb->data) */ hlen = -skb_transport_offset(skb) - sizeof(struct icmphdr); - /* per rfc 791: maximum packet length of 576 bytes */ - if (hlen + skb->len > 576) - return; - /* per rfc 4884: minimal datagram length of 128 bytes */ off = icmp_hdr(skb)->un.reserved[1] * sizeof(u32); - if (off < 128) + if (off < 128 || off < hlen) return; /* kernel has stripped headers: return payload offset in bytes */ From patchwork Fri Jul 24 13:03:09 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Willem de Bruijn X-Patchwork-Id: 1335686 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=23.128.96.18; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=efN+rQV+; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by ozlabs.org (Postfix) with ESMTP id 4BCqBb63HTz9sSn for ; Fri, 24 Jul 2020 23:03:19 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726572AbgGXNDT (ORCPT ); Fri, 24 Jul 2020 09:03:19 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33470 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726317AbgGXNDR (ORCPT ); Fri, 24 Jul 2020 09:03:17 -0400 Received: from mail-qt1-x844.google.com (mail-qt1-x844.google.com [IPv6:2607:f8b0:4864:20::844]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 91762C0619D3 for ; Fri, 24 Jul 2020 06:03:16 -0700 (PDT) Received: by mail-qt1-x844.google.com with SMTP id s16so6785786qtn.7 for ; Fri, 24 Jul 2020 06:03:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=cZ/1M4M2pcjmsPWzTe6SQb7gKK8NBJsxA41/6m3M+nM=; b=efN+rQV+o3Vqpa9gEVy59KkqiqRNjvJMBaI8kMnJHGlVzsVRbUhcAEhVHYrq/7XNpZ gwlsgLvvdsbNXakIRObIU6BudouqUkNM6V0AVG3m7ijmb4dE7eio3a2Qo6YewyhQXg7U HwwPMMChNFev7GMhz1PDVC0VUzSEQ8PQ9gjhbeq2qfELb0KHEuYm6O7JIDVM3GpOeR49 1IWX4KY7jsBKT2Dw0uRcHY9gP8zScV9OdKuMXD0omUGH5w3ucIVfMQ5WQBYxqURj4xye WTSWMUiVKQ1rXzSYu5lCgf1B3zX7OL+R/eTecs8NUJNqcZxd9ChL3CbSM8qqjM92akFc ZYHQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=cZ/1M4M2pcjmsPWzTe6SQb7gKK8NBJsxA41/6m3M+nM=; b=OjEL7oY6DfsDZoxaiAHnxRzyknm5JjEWtrz8DhcL0z9uvGksvVBFOR+jJ0EO2fpBs9 GnmTKAuCtfhMzf1GxHoYPIfKRSy5QCWf1qUYBFHmOkJNq+lJTDoMWMXhtP9+KgM3b+7T Q0pzxte5Zf06AKfCsYwmbBEtEleQInxBv8pTnw0iGRGdikfluL/lF/mPEzFWQwk7ACRj ypg1c+jOPPMFruXdrQLz0G9iq8n4I8tDo2UHF6z5mDv9P19KeedvGV3q04ExuEU8aIUn FVxXwlsPedJY0Qfs/bXrl1pVVlKuL0cE6yiwGREVNe3bj6P54/p4TEUiGQ3Y4mYrBPgJ lfxQ== X-Gm-Message-State: AOAM532N/Ebd0soPempI8vMJ5nVUxykCx8A4o4HnVAs76F7dJk7+8yxY RhE4QT9/SXlp/bgav6RnPpwsjAY+ X-Google-Smtp-Source: ABdhPJwnvVc5Lz652w40j73Shn4g/Q0fdz/B63mov29WH3WPgr2GoYLggGbKT8cRNo/113lywDFmmA== X-Received: by 2002:ac8:72cb:: with SMTP id o11mr6787345qtp.13.1595595795431; Fri, 24 Jul 2020 06:03:15 -0700 (PDT) Received: from willemb.nyc.corp.google.com ([2620:0:1003:312:f693:9fff:fef4:3e8a]) by smtp.gmail.com with ESMTPSA id b8sm1203491qtg.45.2020.07.24.06.03.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 24 Jul 2020 06:03:14 -0700 (PDT) From: Willem de Bruijn To: netdev@vger.kernel.org Cc: davem@davemloft.net, Willem de Bruijn Subject: [PATCH net-next v2 2/3] icmp: prepare rfc 4884 for ipv6 Date: Fri, 24 Jul 2020 09:03:09 -0400 Message-Id: <20200724130310.788305-3-willemdebruijn.kernel@gmail.com> X-Mailer: git-send-email 2.28.0.rc0.142.g3c755180ce-goog In-Reply-To: <20200724130310.788305-1-willemdebruijn.kernel@gmail.com> References: <20200724130310.788305-1-willemdebruijn.kernel@gmail.com> MIME-Version: 1.0 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org From: Willem de Bruijn The RFC 4884 spec is largely the same between IPv4 and IPv6. Factor out the IPv4 specific parts in preparation for IPv6 support: - icmp types supported - icmp header size, and thus offset to original datagram start - datagram length field offset in icmp(6)hdr. - datagram length field word size: 4B for IPv4, 8B for IPv6. Signed-off-by: Willem de Bruijn --- include/linux/icmp.h | 3 ++- net/ipv4/icmp.c | 17 ++++------------- net/ipv4/ip_sockglue.c | 14 +++++++++++++- 3 files changed, 19 insertions(+), 15 deletions(-) diff --git a/include/linux/icmp.h b/include/linux/icmp.h index 8fc38a34cb20..0af4d210ee31 100644 --- a/include/linux/icmp.h +++ b/include/linux/icmp.h @@ -37,6 +37,7 @@ static inline bool icmp_is_err(int type) } void ip_icmp_error_rfc4884(const struct sk_buff *skb, - struct sock_ee_data_rfc4884 *out); + struct sock_ee_data_rfc4884 *out, + int thlen, int off); #endif /* _LINUX_ICMP_H */ diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c index 646d4fb72c07..1e70e98f14f8 100644 --- a/net/ipv4/icmp.c +++ b/net/ipv4/icmp.c @@ -1186,24 +1186,15 @@ static bool ip_icmp_error_rfc4884_validate(const struct sk_buff *skb, int off) } void ip_icmp_error_rfc4884(const struct sk_buff *skb, - struct sock_ee_data_rfc4884 *out) + struct sock_ee_data_rfc4884 *out, + int thlen, int off) { - int hlen, off; - - switch (icmp_hdr(skb)->type) { - case ICMP_DEST_UNREACH: - case ICMP_TIME_EXCEEDED: - case ICMP_PARAMETERPROB: - break; - default: - return; - } + int hlen; /* original datagram headers: end of icmph to payload (skb->data) */ - hlen = -skb_transport_offset(skb) - sizeof(struct icmphdr); + hlen = -skb_transport_offset(skb) - thlen; /* per rfc 4884: minimal datagram length of 128 bytes */ - off = icmp_hdr(skb)->un.reserved[1] * sizeof(u32); if (off < 128 || off < hlen) return; diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c index a5ea02d7a183..6aa45fe0a676 100644 --- a/net/ipv4/ip_sockglue.c +++ b/net/ipv4/ip_sockglue.c @@ -389,6 +389,18 @@ int ip_ra_control(struct sock *sk, unsigned char on, return 0; } +static void ipv4_icmp_error_rfc4884(const struct sk_buff *skb, + struct sock_ee_data_rfc4884 *out) +{ + switch (icmp_hdr(skb)->type) { + case ICMP_DEST_UNREACH: + case ICMP_TIME_EXCEEDED: + case ICMP_PARAMETERPROB: + ip_icmp_error_rfc4884(skb, out, sizeof(struct icmphdr), + icmp_hdr(skb)->un.reserved[1] * 4); + } +} + void ip_icmp_error(struct sock *sk, struct sk_buff *skb, int err, __be16 port, u32 info, u8 *payload) { @@ -412,7 +424,7 @@ void ip_icmp_error(struct sock *sk, struct sk_buff *skb, int err, if (skb_pull(skb, payload - skb->data)) { if (inet_sk(sk)->recverr_rfc4884) - ip_icmp_error_rfc4884(skb, &serr->ee.ee_rfc4884); + ipv4_icmp_error_rfc4884(skb, &serr->ee.ee_rfc4884); skb_reset_transport_header(skb); if (sock_queue_err_skb(sk, skb) == 0) From patchwork Fri Jul 24 13:03:10 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Willem de Bruijn X-Patchwork-Id: 1335687 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=23.128.96.18; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=Ar1CsVvR; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by ozlabs.org (Postfix) with ESMTP id 4BCqBc64Wzz9sSt for ; Fri, 24 Jul 2020 23:03:20 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726652AbgGXNDU (ORCPT ); Fri, 24 Jul 2020 09:03:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33474 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726639AbgGXNDS (ORCPT ); Fri, 24 Jul 2020 09:03:18 -0400 Received: from mail-qt1-x842.google.com (mail-qt1-x842.google.com [IPv6:2607:f8b0:4864:20::842]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 97117C0619E4 for ; Fri, 24 Jul 2020 06:03:17 -0700 (PDT) Received: by mail-qt1-x842.google.com with SMTP id 6so6826698qtt.0 for ; Fri, 24 Jul 2020 06:03:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=t2D5tFAe1EvVc0g4ejtRj5fsh0GI3qxPsqhzIujMvfk=; b=Ar1CsVvRH/vhSP0xlXr1iBFKQGwbYQbpUUc8/SfwLnegjIe6p84BGRNgjOQfMitgdz A1ergQsdkgupl5e83/q7X0srmzK2ZuuORuW1ym6IR30LqAbGJpxG8KgssjnqIM6p7RgG I8rZ1jw+thtY4CDo8LuQEtFix9ByibKUqbWq9vz3ZL2e7H4cmKaaRLaJbmXJI10q9M5W EONUiU6pmeZRrrt4pMeg61on+I4SQRuCFxySjZtG+DPevaLnZ7YQSygkVDwub/Osrzla lmZgESSE1065LvveviqkX3oC/jHWSW6S+dfDSp+xxhZpnQiuohIlwKNjnVvMBxOJReiE joFQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=t2D5tFAe1EvVc0g4ejtRj5fsh0GI3qxPsqhzIujMvfk=; b=U+My/2YTIZjGPRJ3ZpcBzwEikXwOaL135eV8wRrU2i/g9kH4DbyeYssMiWTFjhsDV3 oVGcGygS26NWH+iZcoMCyXaJP+cpIiZPsMIEK7DbZfdPGKqSvHnF3TAYz1bCC7i0ElbK iDdFZe24ppi1rKNdlfnuwHxhVtfiu1pGyQGWlalruNa+Og65KSYNPEqKqQUh3sUbyCMR FC8GdT3ehkpRmFaFHEO2fStNbWV7Eabd9NEhzmfJpu4CIqeqVAy1WgKHU6758/y/nM7B MTV3e/XYkvzpLsIrQCtILiKLKHT7unuClVWtJCYQ5v3uN9fitvExW+7dyiXN1pXGAgvR 81Kw== X-Gm-Message-State: AOAM533D1HKZQP0cQVolvWlkGsD0lwvisoqvzksmC+r0uf5Z/RzXDR2r N63CqqfkP5uBF0UwbsV1VdU+J4g9 X-Google-Smtp-Source: ABdhPJyeikv/TvCABQ/1uquskioFc9WTIIWVRzOmCjUptblWhXoKnD+U+UEZho2s4NAF1dl1EZjX7Q== X-Received: by 2002:ac8:3fcf:: with SMTP id v15mr9469375qtk.274.1595595796473; Fri, 24 Jul 2020 06:03:16 -0700 (PDT) Received: from willemb.nyc.corp.google.com ([2620:0:1003:312:f693:9fff:fef4:3e8a]) by smtp.gmail.com with ESMTPSA id b8sm1203491qtg.45.2020.07.24.06.03.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 24 Jul 2020 06:03:15 -0700 (PDT) From: Willem de Bruijn To: netdev@vger.kernel.org Cc: davem@davemloft.net, Willem de Bruijn Subject: [PATCH net-next v2 3/3] icmp6: support rfc 4884 Date: Fri, 24 Jul 2020 09:03:10 -0400 Message-Id: <20200724130310.788305-4-willemdebruijn.kernel@gmail.com> X-Mailer: git-send-email 2.28.0.rc0.142.g3c755180ce-goog In-Reply-To: <20200724130310.788305-1-willemdebruijn.kernel@gmail.com> References: <20200724130310.788305-1-willemdebruijn.kernel@gmail.com> MIME-Version: 1.0 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org From: Willem de Bruijn Extend the rfc 4884 read interface introduced for ipv4 in commit eba75c587e81 ("icmp: support rfc 4884") to ipv6. Add socket option SOL_IPV6/IPV6_RECVERR_RFC4884. Changes v1->v2: - make ipv6_icmp_error_rfc4884 static (file scope) Signed-off-by: Willem de Bruijn --- include/linux/ipv6.h | 1 + include/uapi/linux/icmpv6.h | 1 + include/uapi/linux/in6.h | 1 + net/ipv4/icmp.c | 1 + net/ipv6/datagram.c | 16 ++++++++++++++++ net/ipv6/ipv6_sockglue.c | 12 ++++++++++++ 6 files changed, 32 insertions(+) diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h index 8d8f877e7f81..a44789d027cc 100644 --- a/include/linux/ipv6.h +++ b/include/linux/ipv6.h @@ -283,6 +283,7 @@ struct ipv6_pinfo { autoflowlabel:1, autoflowlabel_set:1, mc_all:1, + recverr_rfc4884:1, rtalert_isolate:1; __u8 min_hopcount; __u8 tclass; diff --git a/include/uapi/linux/icmpv6.h b/include/uapi/linux/icmpv6.h index 2622b5a3e616..c1661febc2dc 100644 --- a/include/uapi/linux/icmpv6.h +++ b/include/uapi/linux/icmpv6.h @@ -68,6 +68,7 @@ struct icmp6hdr { #define icmp6_mtu icmp6_dataun.un_data32[0] #define icmp6_unused icmp6_dataun.un_data32[0] #define icmp6_maxdelay icmp6_dataun.un_data16[0] +#define icmp6_datagram_len icmp6_dataun.un_data8[0] #define icmp6_router icmp6_dataun.u_nd_advt.router #define icmp6_solicited icmp6_dataun.u_nd_advt.solicited #define icmp6_override icmp6_dataun.u_nd_advt.override diff --git a/include/uapi/linux/in6.h b/include/uapi/linux/in6.h index 9f2273a08356..5ad396a57eb3 100644 --- a/include/uapi/linux/in6.h +++ b/include/uapi/linux/in6.h @@ -179,6 +179,7 @@ struct in6_flowlabel_req { #define IPV6_LEAVE_ANYCAST 28 #define IPV6_MULTICAST_ALL 29 #define IPV6_ROUTER_ALERT_ISOLATE 30 +#define IPV6_RECVERR_RFC4884 31 /* IPV6_MTU_DISCOVER values */ #define IPV6_PMTUDISC_DONT 0 diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c index 1e70e98f14f8..1155b6ad7a3b 100644 --- a/net/ipv4/icmp.c +++ b/net/ipv4/icmp.c @@ -1208,6 +1208,7 @@ void ip_icmp_error_rfc4884(const struct sk_buff *skb, if (!ip_icmp_error_rfc4884_validate(skb, off)) out->flags |= SO_EE_RFC4884_FLAG_INVALID; } +EXPORT_SYMBOL_GPL(ip_icmp_error_rfc4884); int icmp_err(struct sk_buff *skb, u32 info) { diff --git a/net/ipv6/datagram.c b/net/ipv6/datagram.c index 390bedde21a5..cc8ad7ddecda 100644 --- a/net/ipv6/datagram.c +++ b/net/ipv6/datagram.c @@ -19,6 +19,7 @@ #include #include #include +#include #include #include @@ -284,6 +285,17 @@ int ip6_datagram_connect_v6_only(struct sock *sk, struct sockaddr *uaddr, } EXPORT_SYMBOL_GPL(ip6_datagram_connect_v6_only); +static void ipv6_icmp_error_rfc4884(const struct sk_buff *skb, + struct sock_ee_data_rfc4884 *out) +{ + switch (icmp6_hdr(skb)->icmp6_type) { + case ICMPV6_TIME_EXCEED: + case ICMPV6_DEST_UNREACH: + ip_icmp_error_rfc4884(skb, out, sizeof(struct icmp6hdr), + icmp6_hdr(skb)->icmp6_datagram_len * 8); + } +} + void ipv6_icmp_error(struct sock *sk, struct sk_buff *skb, int err, __be16 port, u32 info, u8 *payload) { @@ -313,6 +325,10 @@ void ipv6_icmp_error(struct sock *sk, struct sk_buff *skb, int err, serr->port = port; __skb_pull(skb, payload - skb->data); + + if (inet6_sk(sk)->recverr_rfc4884) + ipv6_icmp_error_rfc4884(skb, &serr->ee.ee_rfc4884); + skb_reset_transport_header(skb); if (sock_queue_err_skb(sk, skb)) diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c index add8f7912299..d4140a23974f 100644 --- a/net/ipv6/ipv6_sockglue.c +++ b/net/ipv6/ipv6_sockglue.c @@ -964,6 +964,14 @@ static int do_ipv6_setsockopt(struct sock *sk, int level, int optname, np->rxopt.bits.recvfragsize = valbool; retv = 0; break; + case IPV6_RECVERR_RFC4884: + if (optlen < sizeof(int)) + goto e_inval; + if (val < 0 || val > 1) + goto e_inval; + np->recverr_rfc4884 = valbool; + retv = 0; + break; } release_sock(sk); @@ -1438,6 +1446,10 @@ static int do_ipv6_getsockopt(struct sock *sk, int level, int optname, val = np->rtalert_isolate; break; + case IPV6_RECVERR_RFC4884: + val = np->recverr_rfc4884; + break; + default: return -ENOPROTOOPT; }