From patchwork Mon Jan 28 18:22:51 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Herbert X-Patchwork-Id: 1032143 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=herbertland.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=herbertland-com.20150623.gappssmtp.com header.i=@herbertland-com.20150623.gappssmtp.com header.b="A83d/lCE"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 43pJ0Y1Pjsz9sDK for ; Tue, 29 Jan 2019 05:23:25 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727428AbfA1SXX (ORCPT ); Mon, 28 Jan 2019 13:23:23 -0500 Received: from mail-pl1-f180.google.com ([209.85.214.180]:44454 "EHLO mail-pl1-f180.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727052AbfA1SXW (ORCPT ); Mon, 28 Jan 2019 13:23:22 -0500 Received: by mail-pl1-f180.google.com with SMTP id e11so8090330plt.11 for ; Mon, 28 Jan 2019 10:23:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=NG8A8l30gx8ddv1YAdQlxx1x0abIRRRmxx8FQi/ZK7c=; b=A83d/lCErGtAoUZh7sk2MWwp2MTNneUJ8VvwGCVp/pDTfREvUrF5++ebgroo022WQC 6XN+uMgTsvUUnsnmq4nLeGWDBpKEH60VWPia+itMtmWEUdt2yjsus0eRie+TkAbGYme7 WAw4FlnZGpJMSZ9rdmDaewZFjMqGU2YK1rSRQLJkzGiba3KSgFajd6xuyUpk7bHr/JOD oN/S58vUpXE5CejXbPqaqE77j5GDJ+9zKYkooBUSkOa5HhXLTRNzd7jdboYWJY5I6iJL 1y2hx6AXpGTCUzWaAvnfqS0aWmaIh8f0qLLVWr4FssbxuFAoHNNaqgJaBis8h8u05qNe uYcA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=NG8A8l30gx8ddv1YAdQlxx1x0abIRRRmxx8FQi/ZK7c=; b=iZiFYnpEie3eG8EHoq4/1HUzfC+aC3RiopKdspP3wmzlf4dOTbZbl98MK/9LP+TSS3 pvnvNtQ/E5lxfRe5BFaP61D72CVqVJS6mMN7ibtJYjj/H9LkxQysSrumWzxKlWoHZ34N DsZH5pabmmY85+D0bHsgURZRd5NxTOdw63Dy2kL/1bHR0Sneqpypj7quTKfTp2Dc83iz ZVTj2NzVxO0o76E1f5rGEZ1Avy4P8xGFzQxToKuIra/Y6Y85/LYOviA/N0v1FxclY1v4 IVhlcUxpKwwKFq4p6gYJ2f2Ffl4/cGE9OGVWTbW5somOibLjHvy+HJfae6bY2+D5zdHU gNWA== X-Gm-Message-State: AJcUukc49ThsbQf1NE2ynaHKf8oWnENy9vezB1im70SbF1FU61rHFPav 14y7mADLOnlwQ7sSN3Drsimu7g== X-Google-Smtp-Source: ALg8bN5Rbx/vzsi5hDKaTUnUEgPBmnSXzLA1lkA5qNTvq6UZIGcJ8HsckFRQfk33cOrL/ZTWsh8GCA== X-Received: by 2002:a17:902:5982:: with SMTP id p2mr22593584pli.39.1548699800925; Mon, 28 Jan 2019 10:23:20 -0800 (PST) Received: from localhost.localdomain (c-73-223-249-119.hsd1.ca.comcast.net. [73.223.249.119]) by smtp.gmail.com with ESMTPSA id n78sm61777238pfk.19.2019.01.28.10.23.20 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 28 Jan 2019 10:23:20 -0800 (PST) From: Tom Herbert X-Google-Original-From: Tom Herbert To: davem@davemloft.net, netdev@vger.kernel.org Cc: Tom Herbert Subject: [PATCH v2 net-next 1/5] exthdrs: Create exthdrs_options.c Date: Mon, 28 Jan 2019 10:22:51 -0800 Message-Id: <1548699775-3015-2-git-send-email-tom@quantonium.net> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1548699775-3015-1-git-send-email-tom@quantonium.net> References: <1548699775-3015-1-git-send-email-tom@quantonium.net> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Create exthdrs_options.c to hold code related to Hop-by-Hop and Destination extension header options. Move related functions in exthdrs.c to the new file. --- include/net/ipv6.h | 8 ++ net/ipv6/Makefile | 2 +- net/ipv6/exthdrs.c | 342 -------------------------------------------- net/ipv6/exthdrs_options.c | 346 +++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 355 insertions(+), 343 deletions(-) create mode 100644 net/ipv6/exthdrs_options.c diff --git a/include/net/ipv6.h b/include/net/ipv6.h index daf8086..8abdcdb 100644 --- a/include/net/ipv6.h +++ b/include/net/ipv6.h @@ -379,6 +379,14 @@ struct ipv6_txoptions *ipv6_renew_options(struct sock *sk, struct ipv6_txoptions *ipv6_fixup_options(struct ipv6_txoptions *opt_space, struct ipv6_txoptions *opt); +struct tlvtype_proc { + int type; + bool (*func)(struct sk_buff *skb, int offset); +}; + +extern const struct tlvtype_proc tlvprocdestopt_lst[]; +extern const struct tlvtype_proc tlvprochopopt_lst[]; + bool ipv6_opt_accepted(const struct sock *sk, const struct sk_buff *skb, const struct inet6_skb_parm *opt); struct ipv6_txoptions *ipv6_update_options(struct sock *sk, diff --git a/net/ipv6/Makefile b/net/ipv6/Makefile index e0026fa..72bd775 100644 --- a/net/ipv6/Makefile +++ b/net/ipv6/Makefile @@ -10,7 +10,7 @@ ipv6-objs := af_inet6.o anycast.o ip6_output.o ip6_input.o addrconf.o \ route.o ip6_fib.o ipv6_sockglue.o ndisc.o udp.o udplite.o \ raw.o icmp.o mcast.o reassembly.o tcp_ipv6.o ping.o \ exthdrs.o datagram.o ip6_flowlabel.o inet6_connection_sock.o \ - udp_offload.o seg6.o fib6_notifier.o + udp_offload.o seg6.o fib6_notifier.o exthdrs_options.o ipv6-offload := ip6_offload.o tcpv6_offload.o exthdrs_offload.o diff --git a/net/ipv6/exthdrs.c b/net/ipv6/exthdrs.c index 20291c2..6dbacf1 100644 --- a/net/ipv6/exthdrs.c +++ b/net/ipv6/exthdrs.c @@ -43,7 +43,6 @@ #include #include #include -#include #if IS_ENABLED(CONFIG_IPV6_MIP6) #include #endif @@ -55,19 +54,6 @@ #include -/* - * Parsing tlv encoded headers. - * - * Parsing function "func" returns true, if parsing succeed - * and false, if it failed. - * It MUST NOT touch skb->h. - */ - -struct tlvtype_proc { - int type; - bool (*func)(struct sk_buff *skb, int offset); -}; - /********************* Generic functions *********************/ @@ -204,80 +190,6 @@ static bool ip6_parse_tlv(const struct tlvtype_proc *procs, return false; } -/***************************** - Destination options header. - *****************************/ - -#if IS_ENABLED(CONFIG_IPV6_MIP6) -static bool ipv6_dest_hao(struct sk_buff *skb, int optoff) -{ - struct ipv6_destopt_hao *hao; - struct inet6_skb_parm *opt = IP6CB(skb); - struct ipv6hdr *ipv6h = ipv6_hdr(skb); - int ret; - - if (opt->dsthao) { - net_dbg_ratelimited("hao duplicated\n"); - goto discard; - } - opt->dsthao = opt->dst1; - opt->dst1 = 0; - - hao = (struct ipv6_destopt_hao *)(skb_network_header(skb) + optoff); - - if (hao->length != 16) { - net_dbg_ratelimited("hao invalid option length = %d\n", - hao->length); - goto discard; - } - - if (!(ipv6_addr_type(&hao->addr) & IPV6_ADDR_UNICAST)) { - net_dbg_ratelimited("hao is not an unicast addr: %pI6\n", - &hao->addr); - goto discard; - } - - ret = xfrm6_input_addr(skb, (xfrm_address_t *)&ipv6h->daddr, - (xfrm_address_t *)&hao->addr, IPPROTO_DSTOPTS); - if (unlikely(ret < 0)) - goto discard; - - if (skb_cloned(skb)) { - if (pskb_expand_head(skb, 0, 0, GFP_ATOMIC)) - goto discard; - - /* update all variable using below by copied skbuff */ - hao = (struct ipv6_destopt_hao *)(skb_network_header(skb) + - optoff); - ipv6h = ipv6_hdr(skb); - } - - if (skb->ip_summed == CHECKSUM_COMPLETE) - skb->ip_summed = CHECKSUM_NONE; - - swap(ipv6h->saddr, hao->addr); - - if (skb->tstamp == 0) - __net_timestamp(skb); - - return true; - - discard: - kfree_skb(skb); - return false; -} -#endif - -static const struct tlvtype_proc tlvprocdestopt_lst[] = { -#if IS_ENABLED(CONFIG_IPV6_MIP6) - { - .type = IPV6_TLV_HAO, - .func = ipv6_dest_hao, - }, -#endif - {-1, NULL} -}; - static int ipv6_destopt_rcv(struct sk_buff *skb) { struct inet6_dev *idev = __in6_dev_get(skb->dev); @@ -706,122 +618,6 @@ void ipv6_exthdrs_exit(void) inet6_del_protocol(&rthdr_protocol, IPPROTO_ROUTING); } -/********************************** - Hop-by-hop options. - **********************************/ - -/* - * Note: we cannot rely on skb_dst(skb) before we assign it in ip6_route_input(). - */ -static inline struct inet6_dev *ipv6_skb_idev(struct sk_buff *skb) -{ - return skb_dst(skb) ? ip6_dst_idev(skb_dst(skb)) : __in6_dev_get(skb->dev); -} - -static inline struct net *ipv6_skb_net(struct sk_buff *skb) -{ - return skb_dst(skb) ? dev_net(skb_dst(skb)->dev) : dev_net(skb->dev); -} - -/* Router Alert as of RFC 2711 */ - -static bool ipv6_hop_ra(struct sk_buff *skb, int optoff) -{ - const unsigned char *nh = skb_network_header(skb); - - if (nh[optoff + 1] == 2) { - IP6CB(skb)->flags |= IP6SKB_ROUTERALERT; - memcpy(&IP6CB(skb)->ra, nh + optoff + 2, sizeof(IP6CB(skb)->ra)); - return true; - } - net_dbg_ratelimited("ipv6_hop_ra: wrong RA length %d\n", - nh[optoff + 1]); - kfree_skb(skb); - return false; -} - -/* Jumbo payload */ - -static bool ipv6_hop_jumbo(struct sk_buff *skb, int optoff) -{ - const unsigned char *nh = skb_network_header(skb); - struct inet6_dev *idev = __in6_dev_get_safely(skb->dev); - struct net *net = ipv6_skb_net(skb); - u32 pkt_len; - - if (nh[optoff + 1] != 4 || (optoff & 3) != 2) { - net_dbg_ratelimited("ipv6_hop_jumbo: wrong jumbo opt length/alignment %d\n", - nh[optoff+1]); - __IP6_INC_STATS(net, idev, IPSTATS_MIB_INHDRERRORS); - goto drop; - } - - pkt_len = ntohl(*(__be32 *)(nh + optoff + 2)); - if (pkt_len <= IPV6_MAXPLEN) { - __IP6_INC_STATS(net, idev, IPSTATS_MIB_INHDRERRORS); - icmpv6_param_prob(skb, ICMPV6_HDR_FIELD, optoff+2); - return false; - } - if (ipv6_hdr(skb)->payload_len) { - __IP6_INC_STATS(net, idev, IPSTATS_MIB_INHDRERRORS); - icmpv6_param_prob(skb, ICMPV6_HDR_FIELD, optoff); - return false; - } - - if (pkt_len > skb->len - sizeof(struct ipv6hdr)) { - __IP6_INC_STATS(net, idev, IPSTATS_MIB_INTRUNCATEDPKTS); - goto drop; - } - - if (pskb_trim_rcsum(skb, pkt_len + sizeof(struct ipv6hdr))) - goto drop; - - IP6CB(skb)->flags |= IP6SKB_JUMBOGRAM; - return true; - -drop: - kfree_skb(skb); - return false; -} - -/* CALIPSO RFC 5570 */ - -static bool ipv6_hop_calipso(struct sk_buff *skb, int optoff) -{ - const unsigned char *nh = skb_network_header(skb); - - if (nh[optoff + 1] < 8) - goto drop; - - if (nh[optoff + 6] * 4 + 8 > nh[optoff + 1]) - goto drop; - - if (!calipso_validate(skb, nh + optoff)) - goto drop; - - return true; - -drop: - kfree_skb(skb); - return false; -} - -static const struct tlvtype_proc tlvprochopopt_lst[] = { - { - .type = IPV6_TLV_ROUTERALERT, - .func = ipv6_hop_ra, - }, - { - .type = IPV6_TLV_JUMBO, - .func = ipv6_hop_jumbo, - }, - { - .type = IPV6_TLV_CALIPSO, - .func = ipv6_hop_calipso, - }, - { -1, } -}; - int ipv6_parse_hopopts(struct sk_buff *skb) { struct inet6_skb_parm *opt = IP6CB(skb); @@ -992,144 +788,6 @@ void ipv6_push_frag_opts(struct sk_buff *skb, struct ipv6_txoptions *opt, u8 *pr } EXPORT_SYMBOL(ipv6_push_frag_opts); -struct ipv6_txoptions * -ipv6_dup_options(struct sock *sk, struct ipv6_txoptions *opt) -{ - struct ipv6_txoptions *opt2; - - opt2 = sock_kmalloc(sk, opt->tot_len, GFP_ATOMIC); - if (opt2) { - long dif = (char *)opt2 - (char *)opt; - memcpy(opt2, opt, opt->tot_len); - if (opt2->hopopt) - *((char **)&opt2->hopopt) += dif; - if (opt2->dst0opt) - *((char **)&opt2->dst0opt) += dif; - if (opt2->dst1opt) - *((char **)&opt2->dst1opt) += dif; - if (opt2->srcrt) - *((char **)&opt2->srcrt) += dif; - refcount_set(&opt2->refcnt, 1); - } - return opt2; -} -EXPORT_SYMBOL_GPL(ipv6_dup_options); - -static void ipv6_renew_option(int renewtype, - struct ipv6_opt_hdr **dest, - struct ipv6_opt_hdr *old, - struct ipv6_opt_hdr *new, - int newtype, char **p) -{ - struct ipv6_opt_hdr *src; - - src = (renewtype == newtype ? new : old); - if (!src) - return; - - memcpy(*p, src, ipv6_optlen(src)); - *dest = (struct ipv6_opt_hdr *)*p; - *p += CMSG_ALIGN(ipv6_optlen(*dest)); -} - -/** - * ipv6_renew_options - replace a specific ext hdr with a new one. - * - * @sk: sock from which to allocate memory - * @opt: original options - * @newtype: option type to replace in @opt - * @newopt: new option of type @newtype to replace (user-mem) - * @newoptlen: length of @newopt - * - * Returns a new set of options which is a copy of @opt with the - * option type @newtype replaced with @newopt. - * - * @opt may be NULL, in which case a new set of options is returned - * containing just @newopt. - * - * @newopt may be NULL, in which case the specified option type is - * not copied into the new set of options. - * - * The new set of options is allocated from the socket option memory - * buffer of @sk. - */ -struct ipv6_txoptions * -ipv6_renew_options(struct sock *sk, struct ipv6_txoptions *opt, - int newtype, struct ipv6_opt_hdr *newopt) -{ - int tot_len = 0; - char *p; - struct ipv6_txoptions *opt2; - - if (opt) { - if (newtype != IPV6_HOPOPTS && opt->hopopt) - tot_len += CMSG_ALIGN(ipv6_optlen(opt->hopopt)); - if (newtype != IPV6_RTHDRDSTOPTS && opt->dst0opt) - tot_len += CMSG_ALIGN(ipv6_optlen(opt->dst0opt)); - if (newtype != IPV6_RTHDR && opt->srcrt) - tot_len += CMSG_ALIGN(ipv6_optlen(opt->srcrt)); - if (newtype != IPV6_DSTOPTS && opt->dst1opt) - tot_len += CMSG_ALIGN(ipv6_optlen(opt->dst1opt)); - } - - if (newopt) - tot_len += CMSG_ALIGN(ipv6_optlen(newopt)); - - if (!tot_len) - return NULL; - - tot_len += sizeof(*opt2); - opt2 = sock_kmalloc(sk, tot_len, GFP_ATOMIC); - if (!opt2) - return ERR_PTR(-ENOBUFS); - - memset(opt2, 0, tot_len); - refcount_set(&opt2->refcnt, 1); - opt2->tot_len = tot_len; - p = (char *)(opt2 + 1); - - ipv6_renew_option(IPV6_HOPOPTS, &opt2->hopopt, - (opt ? opt->hopopt : NULL), - newopt, newtype, &p); - ipv6_renew_option(IPV6_RTHDRDSTOPTS, &opt2->dst0opt, - (opt ? opt->dst0opt : NULL), - newopt, newtype, &p); - ipv6_renew_option(IPV6_RTHDR, - (struct ipv6_opt_hdr **)&opt2->srcrt, - (opt ? (struct ipv6_opt_hdr *)opt->srcrt : NULL), - newopt, newtype, &p); - ipv6_renew_option(IPV6_DSTOPTS, &opt2->dst1opt, - (opt ? opt->dst1opt : NULL), - newopt, newtype, &p); - - opt2->opt_nflen = (opt2->hopopt ? ipv6_optlen(opt2->hopopt) : 0) + - (opt2->dst0opt ? ipv6_optlen(opt2->dst0opt) : 0) + - (opt2->srcrt ? ipv6_optlen(opt2->srcrt) : 0); - opt2->opt_flen = (opt2->dst1opt ? ipv6_optlen(opt2->dst1opt) : 0); - - return opt2; -} - -struct ipv6_txoptions *ipv6_fixup_options(struct ipv6_txoptions *opt_space, - struct ipv6_txoptions *opt) -{ - /* - * ignore the dest before srcrt unless srcrt is being included. - * --yoshfuji - */ - if (opt && opt->dst0opt && !opt->srcrt) { - if (opt_space != opt) { - memcpy(opt_space, opt, sizeof(*opt_space)); - opt = opt_space; - } - opt->opt_nflen -= ipv6_optlen(opt->dst0opt); - opt->dst0opt = NULL; - } - - return opt; -} -EXPORT_SYMBOL_GPL(ipv6_fixup_options); - /** * fl6_update_dst - update flowi destination address with info given * by srcrt option, if any. diff --git a/net/ipv6/exthdrs_options.c b/net/ipv6/exthdrs_options.c new file mode 100644 index 0000000..70266a6 --- /dev/null +++ b/net/ipv6/exthdrs_options.c @@ -0,0 +1,346 @@ +// SPDX-License-Identifier: GPL-2.0 +#include +#include +#include +#include +#include +#include +#include +#include +#include +#if IS_ENABLED(CONFIG_IPV6_MIP6) +#include +#endif + +/* Parsing tlv encoded headers. + * + * Parsing function "func" returns true, if parsing succeed + * and false, if it failed. + * It MUST NOT touch skb->h. + */ + +struct ipv6_txoptions * +ipv6_dup_options(struct sock *sk, struct ipv6_txoptions *opt) +{ + struct ipv6_txoptions *opt2; + + opt2 = sock_kmalloc(sk, opt->tot_len, GFP_ATOMIC); + if (opt2) { + long dif = (char *)opt2 - (char *)opt; + + memcpy(opt2, opt, opt->tot_len); + if (opt2->hopopt) + *((char **)&opt2->hopopt) += dif; + if (opt2->dst0opt) + *((char **)&opt2->dst0opt) += dif; + if (opt2->dst1opt) + *((char **)&opt2->dst1opt) += dif; + if (opt2->srcrt) + *((char **)&opt2->srcrt) += dif; + refcount_set(&opt2->refcnt, 1); + } + return opt2; +} +EXPORT_SYMBOL_GPL(ipv6_dup_options); + +static void ipv6_renew_option(int renewtype, + struct ipv6_opt_hdr **dest, + struct ipv6_opt_hdr *old, + struct ipv6_opt_hdr *new, + int newtype, char **p) +{ + struct ipv6_opt_hdr *src; + + src = (renewtype == newtype ? new : old); + if (!src) + return; + + memcpy(*p, src, ipv6_optlen(src)); + *dest = (struct ipv6_opt_hdr *)*p; + *p += CMSG_ALIGN(ipv6_optlen(*dest)); +} + +/** + * ipv6_renew_options - replace a specific ext hdr with a new one. + * + * @sk: sock from which to allocate memory + * @opt: original options + * @newtype: option type to replace in @opt + * @newopt: new option of type @newtype to replace (user-mem) + * @newoptlen: length of @newopt + * + * Returns a new set of options which is a copy of @opt with the + * option type @newtype replaced with @newopt. + * + * @opt may be NULL, in which case a new set of options is returned + * containing just @newopt. + * + * @newopt may be NULL, in which case the specified option type is + * not copied into the new set of options. + * + * The new set of options is allocated from the socket option memory + * buffer of @sk. + */ +struct ipv6_txoptions * +ipv6_renew_options(struct sock *sk, struct ipv6_txoptions *opt, + int newtype, struct ipv6_opt_hdr *newopt) +{ + int tot_len = 0; + char *p; + struct ipv6_txoptions *opt2; + + if (opt) { + if (newtype != IPV6_HOPOPTS && opt->hopopt) + tot_len += CMSG_ALIGN(ipv6_optlen(opt->hopopt)); + if (newtype != IPV6_RTHDRDSTOPTS && opt->dst0opt) + tot_len += CMSG_ALIGN(ipv6_optlen(opt->dst0opt)); + if (newtype != IPV6_RTHDR && opt->srcrt) + tot_len += CMSG_ALIGN(ipv6_optlen(opt->srcrt)); + if (newtype != IPV6_DSTOPTS && opt->dst1opt) + tot_len += CMSG_ALIGN(ipv6_optlen(opt->dst1opt)); + } + + if (newopt) + tot_len += CMSG_ALIGN(ipv6_optlen(newopt)); + + if (!tot_len) + return NULL; + + tot_len += sizeof(*opt2); + opt2 = sock_kmalloc(sk, tot_len, GFP_ATOMIC); + if (!opt2) + return ERR_PTR(-ENOBUFS); + + memset(opt2, 0, tot_len); + refcount_set(&opt2->refcnt, 1); + opt2->tot_len = tot_len; + p = (char *)(opt2 + 1); + + ipv6_renew_option(IPV6_HOPOPTS, &opt2->hopopt, + (opt ? opt->hopopt : NULL), + newopt, newtype, &p); + ipv6_renew_option(IPV6_RTHDRDSTOPTS, &opt2->dst0opt, + (opt ? opt->dst0opt : NULL), + newopt, newtype, &p); + ipv6_renew_option(IPV6_RTHDR, + (struct ipv6_opt_hdr **)&opt2->srcrt, + (opt ? (struct ipv6_opt_hdr *)opt->srcrt : NULL), + newopt, newtype, &p); + ipv6_renew_option(IPV6_DSTOPTS, &opt2->dst1opt, + (opt ? opt->dst1opt : NULL), + newopt, newtype, &p); + + opt2->opt_nflen = (opt2->hopopt ? ipv6_optlen(opt2->hopopt) : 0) + + (opt2->dst0opt ? ipv6_optlen(opt2->dst0opt) : 0) + + (opt2->srcrt ? ipv6_optlen(opt2->srcrt) : 0); + opt2->opt_flen = (opt2->dst1opt ? ipv6_optlen(opt2->dst1opt) : 0); + + return opt2; +} + +struct ipv6_txoptions *ipv6_fixup_options(struct ipv6_txoptions *opt_space, + struct ipv6_txoptions *opt) +{ + /* ignore the dest before srcrt unless srcrt is being included. + * --yoshfuji + */ + if (opt && opt->dst0opt && !opt->srcrt) { + if (opt_space != opt) { + memcpy(opt_space, opt, sizeof(*opt_space)); + opt = opt_space; + } + opt->opt_nflen -= ipv6_optlen(opt->dst0opt); + opt->dst0opt = NULL; + } + + return opt; +} +EXPORT_SYMBOL_GPL(ipv6_fixup_options); + +/* Destination options header */ + +#if IS_ENABLED(CONFIG_IPV6_MIP6) +static bool ipv6_dest_hao(struct sk_buff *skb, int optoff) +{ + struct ipv6_destopt_hao *hao; + struct inet6_skb_parm *opt = IP6CB(skb); + struct ipv6hdr *ipv6h = ipv6_hdr(skb); + int ret; + + if (opt->dsthao) { + net_dbg_ratelimited("hao duplicated\n"); + goto discard; + } + opt->dsthao = opt->dst1; + opt->dst1 = 0; + + hao = (struct ipv6_destopt_hao *)(skb_network_header(skb) + optoff); + + if (hao->length != 16) { + net_dbg_ratelimited("hao invalid option length = %d\n", + hao->length); + goto discard; + } + + if (!(ipv6_addr_type(&hao->addr) & IPV6_ADDR_UNICAST)) { + net_dbg_ratelimited("hao is not an unicast addr: %pI6\n", + &hao->addr); + goto discard; + } + + ret = xfrm6_input_addr(skb, (xfrm_address_t *)&ipv6h->daddr, + (xfrm_address_t *)&hao->addr, IPPROTO_DSTOPTS); + if (unlikely(ret < 0)) + goto discard; + + if (skb_cloned(skb)) { + if (pskb_expand_head(skb, 0, 0, GFP_ATOMIC)) + goto discard; + + /* update all variable using below by copied skbuff */ + hao = (struct ipv6_destopt_hao *)(skb_network_header(skb) + + optoff); + ipv6h = ipv6_hdr(skb); + } + + if (skb->ip_summed == CHECKSUM_COMPLETE) + skb->ip_summed = CHECKSUM_NONE; + + swap(ipv6h->saddr, hao->addr); + + if (skb->tstamp == 0) + __net_timestamp(skb); + + return true; + + discard: + kfree_skb(skb); + return false; +} +#endif + +const struct tlvtype_proc tlvprocdestopt_lst[] = { +#if IS_ENABLED(CONFIG_IPV6_MIP6) + { + .type = IPV6_TLV_HAO, + .func = ipv6_dest_hao, + }, +#endif + {-1, NULL} +}; + +/* Hop-by-hop options */ + +/* Note: we cannot rely on skb_dst(skb) before we assign it in + * ip6_route_input(). + */ +static inline struct inet6_dev *ipv6_skb_idev(struct sk_buff *skb) +{ + return skb_dst(skb) ? ip6_dst_idev(skb_dst(skb)) : + __in6_dev_get(skb->dev); +} + +static inline struct net *ipv6_skb_net(struct sk_buff *skb) +{ + return skb_dst(skb) ? dev_net(skb_dst(skb)->dev) : dev_net(skb->dev); +} + +/* Router Alert as of RFC 2711 */ + +static bool ipv6_hop_ra(struct sk_buff *skb, int optoff) +{ + const unsigned char *nh = skb_network_header(skb); + + if (nh[optoff + 1] == 2) { + IP6CB(skb)->flags |= IP6SKB_ROUTERALERT; + memcpy(&IP6CB(skb)->ra, nh + optoff + 2, + sizeof(IP6CB(skb)->ra)); + return true; + } + net_dbg_ratelimited("%s: wrong RA length %d\n", + __func__, nh[optoff + 1]); + kfree_skb(skb); + return false; +} + +/* Jumbo payload */ + +static bool ipv6_hop_jumbo(struct sk_buff *skb, int optoff) +{ + const unsigned char *nh = skb_network_header(skb); + struct inet6_dev *idev = __in6_dev_get_safely(skb->dev); + struct net *net = ipv6_skb_net(skb); + u32 pkt_len; + + if (nh[optoff + 1] != 4 || (optoff & 3) != 2) { + net_dbg_ratelimited("%s: wrong jumbo opt length/alignment %d\n", + __func__, nh[optoff + 1]); + __IP6_INC_STATS(net, idev, IPSTATS_MIB_INHDRERRORS); + goto drop; + } + + pkt_len = ntohl(*(__be32 *)(nh + optoff + 2)); + if (pkt_len <= IPV6_MAXPLEN) { + __IP6_INC_STATS(net, idev, IPSTATS_MIB_INHDRERRORS); + icmpv6_param_prob(skb, ICMPV6_HDR_FIELD, optoff + 2); + return false; + } + if (ipv6_hdr(skb)->payload_len) { + __IP6_INC_STATS(net, idev, IPSTATS_MIB_INHDRERRORS); + icmpv6_param_prob(skb, ICMPV6_HDR_FIELD, optoff); + return false; + } + + if (pkt_len > skb->len - sizeof(struct ipv6hdr)) { + __IP6_INC_STATS(net, idev, IPSTATS_MIB_INTRUNCATEDPKTS); + goto drop; + } + + if (pskb_trim_rcsum(skb, pkt_len + sizeof(struct ipv6hdr))) + goto drop; + + IP6CB(skb)->flags |= IP6SKB_JUMBOGRAM; + return true; + +drop: + kfree_skb(skb); + return false; +} + +/* CALIPSO RFC 5570 */ + +static bool ipv6_hop_calipso(struct sk_buff *skb, int optoff) +{ + const unsigned char *nh = skb_network_header(skb); + + if (nh[optoff + 1] < 8) + goto drop; + + if (nh[optoff + 6] * 4 + 8 > nh[optoff + 1]) + goto drop; + + if (!calipso_validate(skb, nh + optoff)) + goto drop; + + return true; + +drop: + kfree_skb(skb); + return false; +} + +const struct tlvtype_proc tlvprochopopt_lst[] = { + { + .type = IPV6_TLV_ROUTERALERT, + .func = ipv6_hop_ra, + }, + { + .type = IPV6_TLV_JUMBO, + .func = ipv6_hop_jumbo, + }, + { + .type = IPV6_TLV_CALIPSO, + .func = ipv6_hop_calipso, + }, + { -1, } +}; From patchwork Mon Jan 28 18:22:52 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Herbert X-Patchwork-Id: 1032144 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=herbertland.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=herbertland-com.20150623.gappssmtp.com header.i=@herbertland-com.20150623.gappssmtp.com header.b="O8G98iIJ"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 43pJ0f0sdrz9s3q for ; Tue, 29 Jan 2019 05:23:30 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727435AbfA1SX2 (ORCPT ); Mon, 28 Jan 2019 13:23:28 -0500 Received: from mail-pg1-f195.google.com ([209.85.215.195]:46498 "EHLO mail-pg1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727052AbfA1SX2 (ORCPT ); Mon, 28 Jan 2019 13:23:28 -0500 Received: by mail-pg1-f195.google.com with SMTP id w7so7541089pgp.13 for ; Mon, 28 Jan 2019 10:23:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=MqYqoYomcM7ewBIuVEiXPMWyOo6ShlhRohPG3FYiDR8=; b=O8G98iIJIg0ydr1TftCB+Ttp8YtvECurQT9kTDA9j5oqcqJObTd/z8WIdP0AB5H3mc wiEEipcNYnbCz3KDD4g6mjU2O3Q4zuDdnJmY6tnXQw+sdk91R2Y4eLwaGnjCIOYA3p6L TSSnQVhzf5Ogdtpdnt8kPKCmSXfVDEzPhLItKqPI93yuuX07p+MDL0Wsk8+IYWcCdaJ5 wZGj/Okx7Epspkfhg/zMUcJpsFxdAMfEUl5L8CehFWlCmY2YTBShWLrcplgmDVAwV7te WIwAcwnD/G2i/s87BoXnu4RQendrur0tMa2mzsbM/9l7QSq+olPg3bPWVKHdH/HEtBBA Q4Cw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=MqYqoYomcM7ewBIuVEiXPMWyOo6ShlhRohPG3FYiDR8=; b=Td4wEGLTxfdZr1cncexrZet5UCA1vAmRBlIMCH+FgRtOs4+smqyj2wv4LZFYoWkf8u 2OgRuFoMeizU1j77O1fN5KLChpi81n3oWtfI8uQeoj1Wn5cTnazMkjRlMbgSo9piS7+U 0ZM9kNuy1rvfIk8sCIQfKrMi7tTJJyRL/FcHZZncg6A8uChFFdES2g2CSLOWITLi/ton dc6+z9rKPPT7xoOxFKYDay7IwdyzZ5dt0KUmOp86tnfeWEIxqWZUBnanydutY0waacjV 5Jj4tb1G1LemMxV+j48pvoAY41coAkhLbnuyFT6X1OgfUPFy1aYJ9TKU7Ab33976SV83 U8qw== X-Gm-Message-State: AJcUukeVYBJ2F8gaBTt0aWUsNtkcY+4eKNeY7hkUQXknsmi1KiO53l67 h42Ip6h7Who6hdV7a1yUoNWg/DeUXIg= X-Google-Smtp-Source: ALg8bN61EAy0BO3q0MsPV7Nb6SAa4s4kZHnAF4wvN7S1D10PINa0jx8LbFZWNe+z2cXZOiQyhde1pg== X-Received: by 2002:a63:2d82:: with SMTP id t124mr20664626pgt.260.1548699806831; Mon, 28 Jan 2019 10:23:26 -0800 (PST) Received: from localhost.localdomain (c-73-223-249-119.hsd1.ca.comcast.net. [73.223.249.119]) by smtp.gmail.com with ESMTPSA id n78sm61777238pfk.19.2019.01.28.10.23.25 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 28 Jan 2019 10:23:26 -0800 (PST) From: Tom Herbert X-Google-Original-From: Tom Herbert To: davem@davemloft.net, netdev@vger.kernel.org Cc: Tom Herbert Subject: [PATCH v2 net-next 2/5] exthdrs: Registration of TLV handlers and parameters Date: Mon, 28 Jan 2019 10:22:52 -0800 Message-Id: <1548699775-3015-3-git-send-email-tom@quantonium.net> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1548699775-3015-1-git-send-email-tom@quantonium.net> References: <1548699775-3015-1-git-send-email-tom@quantonium.net> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Create a single TLV parameter table that holds meta information for IPv6 Hop-by-Hop and Destination TLVs. The data structure is composed of a 256 element array of u8's (one entry for each TLV type to allow O(1) lookup). Each entry provides an offset into an array of TLV parameter data structures which follows the array of u8s. TLV. The TLV parameter data structure contains parameters and handler functions for receiving and transmitting TLVs. The receive and transmit properties can be managed independently. The zeroth element in the TLV parameter array provides default parameters for TLVs. TLV transmit properties include a description of limits, alignment, and preferred ordering. TLV receive properties provide the receiver handler. A class attribute is defined in both receive and transmit properties that indicates the type of extension header in which the TLV may be used (e.g. Hop-by-Hop options, Destination options, or Destination options before the routing header). Receive TLV lookup and processing is modified to be a lookup in the TLV parameter table. tlv_{set,unset}_{rx,tx}_param function can be used to set attributes in the TLV table. A table containing parameters for TLVs supported by the kernel and is used to initialize the TLV table. --- include/net/ipv6.h | 64 +++++++- include/uapi/linux/in6.h | 17 ++ net/ipv6/exthdrs.c | 47 +++--- net/ipv6/exthdrs_options.c | 384 ++++++++++++++++++++++++++++++++++++++++++--- 4 files changed, 465 insertions(+), 47 deletions(-) diff --git a/include/net/ipv6.h b/include/net/ipv6.h index 8abdcdb..9992f17 100644 --- a/include/net/ipv6.h +++ b/include/net/ipv6.h @@ -379,13 +379,67 @@ struct ipv6_txoptions *ipv6_renew_options(struct sock *sk, struct ipv6_txoptions *ipv6_fixup_options(struct ipv6_txoptions *opt_space, struct ipv6_txoptions *opt); -struct tlvtype_proc { - int type; - bool (*func)(struct sk_buff *skb, int offset); +struct tlv_tx_param { + unsigned char preferred_order; + unsigned char admin_perm : 2; + unsigned char user_perm : 2; + unsigned char class : 3; + unsigned char align_mult : 4; + unsigned char align_off : 4; + unsigned char data_len_mult : 4; + unsigned char data_len_off : 4; + unsigned char min_data_len; + unsigned char max_data_len; }; -extern const struct tlvtype_proc tlvprocdestopt_lst[]; -extern const struct tlvtype_proc tlvprochopopt_lst[]; +struct tlv_rx_param { + unsigned char class: 3; + bool (*func)(unsigned int class, struct sk_buff *skb, int offset); +}; + +struct tlv_param { + struct tlv_tx_param tx_params; + struct tlv_rx_param rx_params; +}; + +struct tlv_param_table { + unsigned char entries[256]; + unsigned char count; + struct rcu_head rcu; + struct tlv_param params[0]; +}; + +extern struct tlv_param_table __rcu *tlv_param_table; + +/* Preferred TLV ordering (placed by increasing order) */ +#define TLV_PREF_ORDER_HAO 10 +#define TLV_PREF_ORDER_ROUTERALERT 20 +#define TLV_PREF_ORDER_JUMBO 30 +#define TLV_PREF_ORDER_CALIPSO 40 + +/* tlv_deref_rx_params assume rcu_read_lock is held */ +static inline struct tlv_rx_param *tlv_deref_rx_params(unsigned int type) +{ + struct tlv_param_table *tpt = rcu_dereference(tlv_param_table); + + return &tpt->params[tpt->entries[type]].rx_params; +} + +/* tlv_deref_tx_params assume rcu_read_lock is held */ +static inline struct tlv_tx_param *tlv_deref_tx_params(unsigned int type) +{ + struct tlv_param_table *tpt = rcu_dereference(tlv_param_table); + + return &tpt->params[tpt->entries[type]].tx_params; +} + +int tlv_set_param(unsigned char type, + const struct tlv_rx_param *rx_param_tmpl, + const struct tlv_tx_param *tx_param_tmpl); +int tlv_unset_rx_param(unsigned char type); +int tlv_set_rx_param(unsigned char type, struct tlv_rx_param *rx_param_tmpl); +int tlv_unset_tx_param(unsigned char type); +int tlv_set_tx_param(unsigned char type, struct tlv_tx_param *tx_param_tmpl); bool ipv6_opt_accepted(const struct sock *sk, const struct sk_buff *skb, const struct inet6_skb_parm *opt); diff --git a/include/uapi/linux/in6.h b/include/uapi/linux/in6.h index 71d82fe..38e8e63 100644 --- a/include/uapi/linux/in6.h +++ b/include/uapi/linux/in6.h @@ -296,4 +296,21 @@ struct in6_flowlabel_req { * ... * MRT6_MAX */ + +/* TLV permissions values */ +enum { + IPV6_TLV_PERM_NONE, + IPV6_TLV_PERM_WITH_CHECK, + IPV6_TLV_PERM_NO_CHECK, + IPV6_TLV_PERM_MAX = IPV6_TLV_PERM_NO_CHECK +}; + +/* Flags for EH type that can use a TLV option */ +#define IPV6_TLV_CLASS_FLAG_HOPOPT 0x1 +#define IPV6_TLV_CLASS_FLAG_RTRDSTOPT 0x2 +#define IPV6_TLV_CLASS_FLAG_DSTOPT 0x4 +#define IPV6_TLV_CLASS_MAX 0x7 + +#define IPV6_TLV_CLASS_ANY_DSTOPT (IPV6_TLV_CLASS_FLAG_RTRDSTOPT | \ + IPV6_TLV_CLASS_FLAG_DSTOPT) #endif /* _UAPI_LINUX_IN6_H */ diff --git a/net/ipv6/exthdrs.c b/net/ipv6/exthdrs.c index 6dbacf1..af4152e 100644 --- a/net/ipv6/exthdrs.c +++ b/net/ipv6/exthdrs.c @@ -100,15 +100,14 @@ static bool ip6_tlvopt_unknown(struct sk_buff *skb, int optoff, /* Parse tlv encoded option header (hop-by-hop or destination) */ -static bool ip6_parse_tlv(const struct tlvtype_proc *procs, - struct sk_buff *skb, +static bool ip6_parse_tlv(unsigned int class, struct sk_buff *skb, int max_count) { int len = (skb_transport_header(skb)[1] + 1) << 3; const unsigned char *nh = skb_network_header(skb); int off = skb_network_header_len(skb); - const struct tlvtype_proc *curr; bool disallow_unknowns = false; + struct tlv_rx_param *tprx; int tlv_count = 0; int padlen = 0; @@ -117,12 +116,16 @@ static bool ip6_parse_tlv(const struct tlvtype_proc *procs, max_count = -max_count; } - if (skb_transport_offset(skb) + len > skb_headlen(skb)) - goto bad; + if (skb_transport_offset(skb) + len > skb_headlen(skb)) { + kfree_skb(skb); + return false; + } off += 2; len -= 2; + rcu_read_unlock(); + while (len > 0) { int optlen = nh[off + 1] + 2; int i; @@ -162,19 +165,19 @@ static bool ip6_parse_tlv(const struct tlvtype_proc *procs, if (tlv_count > max_count) goto bad; - for (curr = procs; curr->type >= 0; curr++) { - if (curr->type == nh[off]) { - /* type specific length/alignment - checks will be performed in the - func(). */ - if (curr->func(skb, off) == false) - return false; - break; - } + tprx = tlv_deref_rx_params(nh[off]); + + if ((tprx->class & class) && tprx->func) { + /* Handler will apply additional checks to + * the TLV + */ + if (!tprx->func(class, skb, off)) + goto bad_nofree; + } else if (!ip6_tlvopt_unknown(skb, off, + disallow_unknowns)) { + /* No appropriate handler, TLV is unknown */ + goto bad_nofree; } - if (curr->type < 0 && - !ip6_tlvopt_unknown(skb, off, disallow_unknowns)) - return false; padlen = 0; break; @@ -183,10 +186,14 @@ static bool ip6_parse_tlv(const struct tlvtype_proc *procs, len -= optlen; } - if (len == 0) + if (len == 0) { + rcu_read_unlock(); return true; + } bad: kfree_skb(skb); +bad_nofree: + rcu_read_unlock(); return false; } @@ -220,7 +227,7 @@ static int ipv6_destopt_rcv(struct sk_buff *skb) dstbuf = opt->dst1; #endif - if (ip6_parse_tlv(tlvprocdestopt_lst, skb, + if (ip6_parse_tlv(IPV6_TLV_CLASS_FLAG_DSTOPT, skb, init_net.ipv6.sysctl.max_dst_opts_cnt)) { skb->transport_header += extlen; opt = IP6CB(skb); @@ -643,7 +650,7 @@ int ipv6_parse_hopopts(struct sk_buff *skb) goto fail_and_free; opt->flags |= IP6SKB_HOPBYHOP; - if (ip6_parse_tlv(tlvprochopopt_lst, skb, + if (ip6_parse_tlv(IPV6_TLV_CLASS_FLAG_HOPOPT, skb, init_net.ipv6.sysctl.max_hbh_opts_cnt)) { skb->transport_header += extlen; opt = IP6CB(skb); diff --git a/net/ipv6/exthdrs_options.c b/net/ipv6/exthdrs_options.c index 70266a6..397d9b3 100644 --- a/net/ipv6/exthdrs_options.c +++ b/net/ipv6/exthdrs_options.c @@ -11,6 +11,7 @@ #if IS_ENABLED(CONFIG_IPV6_MIP6) #include #endif +#include /* Parsing tlv encoded headers. * @@ -19,6 +20,8 @@ * It MUST NOT touch skb->h. */ +struct tlv_param_table __rcu *tlv_param_table; + struct ipv6_txoptions * ipv6_dup_options(struct sock *sk, struct ipv6_txoptions *opt) { @@ -160,7 +163,7 @@ EXPORT_SYMBOL_GPL(ipv6_fixup_options); /* Destination options header */ #if IS_ENABLED(CONFIG_IPV6_MIP6) -static bool ipv6_dest_hao(struct sk_buff *skb, int optoff) +static bool ipv6_dest_hao(unsigned int class, struct sk_buff *skb, int optoff) { struct ipv6_destopt_hao *hao; struct inet6_skb_parm *opt = IP6CB(skb); @@ -219,16 +222,6 @@ static bool ipv6_dest_hao(struct sk_buff *skb, int optoff) } #endif -const struct tlvtype_proc tlvprocdestopt_lst[] = { -#if IS_ENABLED(CONFIG_IPV6_MIP6) - { - .type = IPV6_TLV_HAO, - .func = ipv6_dest_hao, - }, -#endif - {-1, NULL} -}; - /* Hop-by-hop options */ /* Note: we cannot rely on skb_dst(skb) before we assign it in @@ -247,7 +240,7 @@ static inline struct net *ipv6_skb_net(struct sk_buff *skb) /* Router Alert as of RFC 2711 */ -static bool ipv6_hop_ra(struct sk_buff *skb, int optoff) +static bool ipv6_hop_ra(unsigned int class, struct sk_buff *skb, int optoff) { const unsigned char *nh = skb_network_header(skb); @@ -265,7 +258,7 @@ static bool ipv6_hop_ra(struct sk_buff *skb, int optoff) /* Jumbo payload */ -static bool ipv6_hop_jumbo(struct sk_buff *skb, int optoff) +static bool ipv6_hop_jumbo(unsigned int class, struct sk_buff *skb, int optoff) { const unsigned char *nh = skb_network_header(skb); struct inet6_dev *idev = __in6_dev_get_safely(skb->dev); @@ -309,7 +302,8 @@ static bool ipv6_hop_jumbo(struct sk_buff *skb, int optoff) /* CALIPSO RFC 5570 */ -static bool ipv6_hop_calipso(struct sk_buff *skb, int optoff) +static bool ipv6_hop_calipso(unsigned int class, struct sk_buff *skb, + int optoff) { const unsigned char *nh = skb_network_header(skb); @@ -329,18 +323,364 @@ static bool ipv6_hop_calipso(struct sk_buff *skb, int optoff) return false; } -const struct tlvtype_proc tlvprochopopt_lst[] = { +/* TLV parameter table functions and structures */ + +static void tlv_param_table_release(struct rcu_head *rcu) +{ + struct tlv_param_table *tpt = + container_of(rcu, struct tlv_param_table, rcu); + + vfree(tpt); +} + +/* Default (unset) values for TX TLV parameters */ +static const struct tlv_param tlv_default_param = { + .tx_params.preferred_order = 0, + .tx_params.admin_perm = IPV6_TLV_PERM_NO_CHECK, + .tx_params.user_perm = IPV6_TLV_PERM_NONE, + .tx_params.class = 0, + .tx_params.align_mult = (4 - 1), /* Default alignment: 4n + 2 */ + .tx_params.align_off = 2, + .tx_params.min_data_len = 0, + .tx_params.max_data_len = 255, + .tx_params.data_len_mult = (1 - 1), /* No default length align */ + .tx_params.data_len_off = 0, +}; + +static DEFINE_MUTEX(tlv_mutex); + +static size_t tlv_param_table_size(unsigned char count) +{ + return sizeof(struct tlv_param_table) + + (count * sizeof(struct tlv_param)); +} + +/* mutex held */ +static int __tlv_set_param(unsigned char type, + const struct tlv_rx_param *rx_param_tmpl, + const struct tlv_tx_param *tx_param_tmpl) +{ + struct tlv_param_table *tpt, *old; + unsigned char count, pos; + struct tlv_param *tp; + + old = rcu_dereference_protected(tlv_param_table, + lockdep_is_held(&tlv_mutex)); + + if (old->entries[type]) { + pos = old->entries[type]; + count = old->count; + } else { + pos = old->count; + count = pos + 1; + } + + tpt = vmalloc(tlv_param_table_size(count)); + if (!tpt) + return -ENOMEM; + + memcpy(tpt, old, tlv_param_table_size(old->count)); + + tp = &tpt->params[pos]; + memcpy(&tp->rx_params, rx_param_tmpl, sizeof(tp->rx_params)); + memcpy(&tp->tx_params, tx_param_tmpl, sizeof(tp->tx_params)); + + tpt->entries[type] = pos; + tpt->count = count; + + rcu_assign_pointer(tlv_param_table, tpt); + + call_rcu(&old->rcu, tlv_param_table_release); + + return 0; +} + +/* mutex held */ +static int __tlv_unset_param(unsigned char type) +{ + struct tlv_param_table *tpt, *old; + struct tlv_param *tp; + unsigned char pos; + int i; + + old = rcu_dereference_protected(tlv_param_table, + lockdep_is_held(&tlv_mutex)); + + if (!old->entries[type]) + return 0; + + tpt = vmalloc(tlv_param_table_size(old->count - 1)); + if (!tpt) + return -ENOMEM; + + pos = old->entries[type]; + + memcpy(tpt->params, old->params, pos * sizeof(*tp)); + memcpy(&tpt->params[pos], &old->params[pos + 1], + (old->count - pos - 1) * sizeof(*tp)); + + for (i = 0; i < 256; i++) { + if (old->entries[i] > pos) + tpt->entries[i] = old->entries[i] - 1; + else + tpt->entries[i] = old->entries[i]; + } + + tpt->entries[type] = 0; + + tpt->count = old->count - 1; + + rcu_assign_pointer(tlv_param_table, tpt); + + call_rcu(&old->rcu, tlv_param_table_release); + + return 0; +} + +void __tlv_destroy_param_table(void) +{ + struct tlv_param_table *tpt; + + mutex_lock(&tlv_mutex); + + tpt = rcu_dereference_protected(tlv_param_table, + lockdep_is_held(&tlv_mutex)); + if (tpt) { + rcu_assign_pointer(tlv_param_table, tpt); + call_rcu(&tpt->rcu, tlv_param_table_release); + } + + mutex_unlock(&tlv_mutex); +} + +int tlv_set_param(unsigned char type, + const struct tlv_rx_param *rx_param_tmpl, + const struct tlv_tx_param *tx_param_tmpl) +{ + int ret; + + if (type < 2) + return -EINVAL; + + mutex_lock(&tlv_mutex); + + ret = __tlv_set_param(type, rx_param_tmpl, tx_param_tmpl); + + mutex_unlock(&tlv_mutex); + + return ret; +} +EXPORT_SYMBOL(tlv_set_param); + +int tlv_unset_rx_param(unsigned char type) +{ + struct tlv_tx_param *tptx; + int ret; + + if (type < 2) + return -EINVAL; + + mutex_lock(&tlv_mutex); + + tptx = tlv_deref_tx_params(type); + + if (!tptx->preferred_order) + ret = __tlv_unset_param(type); + else + ret = __tlv_set_param(type, &tlv_default_param.rx_params, tptx); + + mutex_unlock(&tlv_mutex); + + return ret; +} +EXPORT_SYMBOL(tlv_unset_rx_param); + +int tlv_set_rx_param(unsigned char type, struct tlv_rx_param *rx_param_tmpl) +{ + int ret; + + if (type < 2) + return -EINVAL; + + mutex_lock(&tlv_mutex); + + ret = __tlv_set_param(type, rx_param_tmpl, tlv_deref_tx_params(type)); + + mutex_unlock(&tlv_mutex); + + return ret; +} +EXPORT_SYMBOL(tlv_set_rx_param); + +int tlv_unset_tx_param(unsigned char type) +{ + struct tlv_rx_param *tprx; + int ret; + + if (type < 2) + return -EINVAL; + + mutex_lock(&tlv_mutex); + + tprx = tlv_deref_rx_params(type); + + if (!tprx->class) + ret = __tlv_unset_param(type); + else + ret = __tlv_set_param(type, tprx, &tlv_default_param.tx_params); + + mutex_unlock(&tlv_mutex); + + return ret; +} +EXPORT_SYMBOL(tlv_unset_tx_param); + +int tlv_set_tx_param(unsigned char type, struct tlv_tx_param *tx_param_tmpl) +{ + int ret; + + if (type < 2) + return -EINVAL; + + mutex_lock(&tlv_mutex); + + ret = __tlv_set_param(type, tlv_deref_rx_params(type), tx_param_tmpl); + + mutex_unlock(&tlv_mutex); + + return ret; +} +EXPORT_SYMBOL(tlv_set_tx_param); + +struct tlv_init_params { + int type; + struct tlv_tx_param t; + struct tlv_rx_param r; +}; + +static const struct tlv_init_params tlv_init_params[] __initconst = { { - .type = IPV6_TLV_ROUTERALERT, - .func = ipv6_hop_ra, + .type = IPV6_TLV_HAO, + + .t.preferred_order = TLV_PREF_ORDER_HAO, + .t.admin_perm = IPV6_TLV_PERM_NO_CHECK, + .t.user_perm = IPV6_TLV_PERM_NONE, + .t.class = IPV6_TLV_CLASS_FLAG_DSTOPT, + .t.align_mult = (8 - 1), /* Align to 8n + 6 */ + .t.align_off = 6, + .t.min_data_len = 16, + .t.max_data_len = 16, + .t.data_len_mult = (1 - 1), /* Fixed length */ + .t.data_len_off = 0, + + .r.func = ipv6_dest_hao, + .r.class = IPV6_TLV_CLASS_FLAG_DSTOPT, }, { - .type = IPV6_TLV_JUMBO, - .func = ipv6_hop_jumbo, + .type = IPV6_TLV_ROUTERALERT, + + .t.preferred_order = TLV_PREF_ORDER_ROUTERALERT, + .t.admin_perm = IPV6_TLV_PERM_NO_CHECK, + .t.user_perm = IPV6_TLV_PERM_NONE, + .t.class = IPV6_TLV_CLASS_FLAG_HOPOPT, + .t.align_mult = (2 - 1), /* Align to 2n */ + .t.align_off = 0, + .t.min_data_len = 2, + .t.max_data_len = 2, + .t.data_len_mult = (1 - 1), /* Fixed length */ + .t.data_len_off = 0, + + .r.func = ipv6_hop_ra, + .r.class = IPV6_TLV_CLASS_FLAG_HOPOPT, }, { - .type = IPV6_TLV_CALIPSO, - .func = ipv6_hop_calipso, + .type = IPV6_TLV_JUMBO, + + .t.preferred_order = TLV_PREF_ORDER_JUMBO, + .t.admin_perm = IPV6_TLV_PERM_NO_CHECK, + .t.user_perm = IPV6_TLV_PERM_NONE, + .t.class = IPV6_TLV_CLASS_FLAG_HOPOPT, + .t.align_mult = (4 - 1), /* Align to 4n + 2 */ + .t.align_off = 2, + .t.min_data_len = 4, + .t.max_data_len = 4, + .t.data_len_mult = (1 - 1), /* Fixed length */ + .t.data_len_off = 0, + + .r.func = ipv6_hop_jumbo, + .r.class = IPV6_TLV_CLASS_FLAG_HOPOPT, }, - { -1, } + { + .type = IPV6_TLV_CALIPSO, + + .t.preferred_order = TLV_PREF_ORDER_CALIPSO, + .t.admin_perm = IPV6_TLV_PERM_NO_CHECK, + .t.user_perm = IPV6_TLV_PERM_NONE, + .t.class = IPV6_TLV_CLASS_FLAG_HOPOPT, + .t.align_mult = (4 - 1), /* Align to 4n + 2 */ + .t.align_off = 2, + .t.min_data_len = 8, + .t.max_data_len = 252, + .t.data_len_mult = (4 - 1), /* Length is multiple of 4 */ + .t.data_len_off = 0, + + .r.func = ipv6_hop_calipso, + .r.class = IPV6_TLV_CLASS_FLAG_HOPOPT, + } }; + +static int __init exthdrs_init(void) +{ + unsigned long check_map[BITS_TO_LONGS(256)]; + struct tlv_param_table *tpt; + size_t tsize; + int i; + + memset(check_map, 0, sizeof(check_map)); + + tsize = tlv_param_table_size(ARRAY_SIZE(tlv_init_params) + 1); + + tpt = vmalloc(tsize); + if (!tpt) + return -ENOMEM; + + memset(tpt, 0, tsize); + + /* Zeroth TLV parameter entry is default */ + tpt->params[0] = tlv_default_param; + + for (i = 0; i < ARRAY_SIZE(tlv_init_params); i++) { + const struct tlv_init_params *tpi = &tlv_init_params[i]; + unsigned int order = tpi->t.preferred_order; + struct tlv_param *tp = &tpt->params[i + 1]; + + WARN_ON(tpi->type < 2); /* Padding TLV initialized? */ + + if (order) { + WARN_ON(test_bit(order, check_map)); + set_bit(order, check_map); + tp->tx_params = tpi->t; + } else { + tp->tx_params = tlv_default_param.tx_params; + } + + if (tpi->r.class) + tp->rx_params = tpi->r; + else + tp->rx_params = tlv_default_param.rx_params; + + tpt->entries[tpi->type] = i + 1; + } + + tpt->count = ARRAY_SIZE(tlv_init_params) + 1; + + RCU_INIT_POINTER(tlv_param_table, tpt); + + return 0; +} +module_init(exthdrs_init); + +static void __exit exthdrs_fini(void) +{ +} +module_exit(exthdrs_fini); From patchwork Mon Jan 28 18:22:53 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Herbert X-Patchwork-Id: 1032145 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=herbertland.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=herbertland-com.20150623.gappssmtp.com header.i=@herbertland-com.20150623.gappssmtp.com header.b="M7uudU2a"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 43pJ0j1wwjz9sDB for ; Tue, 29 Jan 2019 05:23:33 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727446AbfA1SXc (ORCPT ); Mon, 28 Jan 2019 13:23:32 -0500 Received: from mail-pg1-f195.google.com ([209.85.215.195]:36917 "EHLO mail-pg1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727052AbfA1SXa (ORCPT ); Mon, 28 Jan 2019 13:23:30 -0500 Received: by mail-pg1-f195.google.com with SMTP id c25so7563786pgb.4 for ; Mon, 28 Jan 2019 10:23:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=N3Lc1/34Mf9+8T2sGNqK/yyCsDJ6BF1Elxn9Y+DHga0=; b=M7uudU2awuksW2oixqPKuJe2O8jRzYOIk5Eac+7D3Ksp1ziMAPdMa8d7qskbnGCDVG q1TtcPURGd77KUF/EbmRYBErM6NHzr99LKUMSg5I5x4axo6TjvzuCMMnvPNHcoEnEbFT Y+EsxbeO3RzSlC43n095skdpGeqOr71Sml/AgwGGmOjDy03wxoAxfwbH6xrpPN11Isof 9DVz3pUF1NMTzWykai0D6maNtpqamXOcdj0V9teH6OtjFSMlTluhJhb/SCVegcdRA3l8 m4ajQNqiLG2YxeML3utB9ISHKA1+mUP8gWAG7DMntfVLsNZngjvIxO2ttTfLToJJIyra eBVQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=N3Lc1/34Mf9+8T2sGNqK/yyCsDJ6BF1Elxn9Y+DHga0=; b=bjk7h+Jj2wKHM0MoAQ4VStBSx9sFOAmxgoAs38s1bHl0dSqwz3uFiO1BRIad8tCvPU cWbgOdYXXQUPlUowXL8PfCLGoHjbTrYG/PwSswSYN4w5SymsRLvdkn5xH/O902COb3ZW v2PU6TdNgurJVYoy5zwKiKBnRCjdj3rfzv3NYexdM31x4I1C2f5B6D6NJh3mb2XmGEKQ Tf5uzxVMN9mMhd0SusTd3ctUR5Aw86V523rl/E9yqBHdrZHFmcAZ6tEfYNDgu5O7bMN+ fIE1bZX+KRgjaCEghBrQpJFocTmNMX+dWF90EGCJSIz5SiFoMWFL/UY5nxCYWNr6SG3S HMjA== X-Gm-Message-State: AJcUukfmEssmdgFyG3kO6o1OPp9Q4SWXzP+BJMbX54VbN5nT64PYVY9F gqvEkp1d422Ka9K52IJ1srBdWajpft0= X-Google-Smtp-Source: ALg8bN5DvnUHkaJ42AZIX3yQjPllr0fFD4c9zHAwi8Rf1F+9fNmjuoS1ZAjwAL+8g4yRopElBaIQ9A== X-Received: by 2002:a63:dc0c:: with SMTP id s12mr21013317pgg.398.1548699809225; Mon, 28 Jan 2019 10:23:29 -0800 (PST) Received: from localhost.localdomain (c-73-223-249-119.hsd1.ca.comcast.net. [73.223.249.119]) by smtp.gmail.com with ESMTPSA id n78sm61777238pfk.19.2019.01.28.10.23.28 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 28 Jan 2019 10:23:28 -0800 (PST) From: Tom Herbert X-Google-Original-From: Tom Herbert To: davem@davemloft.net, netdev@vger.kernel.org Cc: Tom Herbert Subject: [PATCH v2 net-next 3/5] ip6tlvs: Add netlink interface Date: Mon, 28 Jan 2019 10:22:53 -0800 Message-Id: <1548699775-3015-4-git-send-email-tom@quantonium.net> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1548699775-3015-1-git-send-email-tom@quantonium.net> References: <1548699775-3015-1-git-send-email-tom@quantonium.net> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Add a netlink interface to manage the TX TLV parameters. Managed parameters include those for validating and sending TLVs being sent such as alignment, TLV ordering, length limits, etc. --- include/uapi/linux/in6.h | 32 +++++ net/ipv6/exthdrs_options.c | 300 ++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 331 insertions(+), 1 deletion(-) diff --git a/include/uapi/linux/in6.h b/include/uapi/linux/in6.h index 38e8e63..a54cf96 100644 --- a/include/uapi/linux/in6.h +++ b/include/uapi/linux/in6.h @@ -297,6 +297,38 @@ struct in6_flowlabel_req { * MRT6_MAX */ +/* NETLINK_GENERIC related info for IPv6 TLVs */ + +#define IPV6_TLV_GENL_NAME "ipv6-tlv" +#define IPV6_TLV_GENL_VERSION 0x1 + +enum { + IPV6_TLV_ATTR_UNSPEC, + IPV6_TLV_ATTR_TYPE, /* u8, > 1 */ + IPV6_TLV_ATTR_ORDER, /* u8 */ + IPV6_TLV_ATTR_ADMIN_PERM, /* u8, perm value */ + IPV6_TLV_ATTR_USER_PERM, /* u8, perm value */ + IPV6_TLV_ATTR_CLASS, /* u8, 3 bit flags */ + IPV6_TLV_ATTR_ALIGN_MULT, /* u8, 1 to 16 */ + IPV6_TLV_ATTR_ALIGN_OFF, /* u8, 0 to 15 */ + IPV6_TLV_ATTR_MIN_DATA_LEN, /* u8 (option data length) */ + IPV6_TLV_ATTR_MAX_DATA_LEN, /* u8 (option data length) */ + IPV6_TLV_ATTR_DATA_LEN_MULT, /* u8, 1 to 16 */ + IPV6_TLV_ATTR_DATA_LEN_OFF, /* u8, 0 to 15 */ + + __IPV6_TLV_ATTR_MAX, +}; + +#define IPV6_TLV_ATTR_MAX (__IPV6_TLV_ATTR_MAX - 1) + +enum { + IPV6_TLV_CMD_SET, + IPV6_TLV_CMD_UNSET, + IPV6_TLV_CMD_GET, + + __IPV6_TLV_CMD_MAX, +}; + /* TLV permissions values */ enum { IPV6_TLV_PERM_NONE, diff --git a/net/ipv6/exthdrs_options.c b/net/ipv6/exthdrs_options.c index 397d9b3..a7811e0 100644 --- a/net/ipv6/exthdrs_options.c +++ b/net/ipv6/exthdrs_options.c @@ -6,11 +6,13 @@ #include #include #include +#include #include #include #if IS_ENABLED(CONFIG_IPV6_MIP6) #include #endif +#include #include /* Parsing tlv encoded headers. @@ -629,12 +631,298 @@ static const struct tlv_init_params tlv_init_params[] __initconst = { } }; +static struct genl_family tlv_nl_family; + +static const struct nla_policy tlv_nl_policy[IPV6_TLV_ATTR_MAX + 1] = { + [IPV6_TLV_ATTR_TYPE] = { .type = NLA_U8, }, + [IPV6_TLV_ATTR_ORDER] = { .type = NLA_U8, }, + [IPV6_TLV_ATTR_ADMIN_PERM] = { .type = NLA_U8, }, + [IPV6_TLV_ATTR_USER_PERM] = { .type = NLA_U8, }, + [IPV6_TLV_ATTR_CLASS] = { .type = NLA_U8, }, + [IPV6_TLV_ATTR_ALIGN_MULT] = { .type = NLA_U8, }, + [IPV6_TLV_ATTR_ALIGN_OFF] = { .type = NLA_U8, }, + [IPV6_TLV_ATTR_MIN_DATA_LEN] = { .type = NLA_U8, }, + [IPV6_TLV_ATTR_MAX_DATA_LEN] = { .type = NLA_U8, }, + [IPV6_TLV_ATTR_DATA_LEN_OFF] = { .type = NLA_U8, }, + [IPV6_TLV_ATTR_DATA_LEN_MULT] = { .type = NLA_U8, }, +}; + +static int tlv_nl_cmd_set(struct sk_buff *skb, struct genl_info *info) +{ + struct tlv_tx_param new_tx, *tptx; + int retv = -EINVAL, i; + u8 tlv_type, v; + + if (!info->attrs[IPV6_TLV_ATTR_TYPE]) + return -EINVAL; + + tlv_type = nla_get_u8(info->attrs[IPV6_TLV_ATTR_TYPE]); + if (tlv_type < 2) + return -EINVAL; + + rcu_read_lock(); + + new_tx = *tlv_deref_tx_params(tlv_type); + + if (info->attrs[IPV6_TLV_ATTR_ORDER]) { + v = nla_get_u8(info->attrs[IPV6_TLV_ATTR_ORDER]); + if (v) { + struct tlv_tx_param *tptx; + + for (i = 2; i < 256; i++) { + /* Preferred orders must be unique */ + tptx = tlv_deref_tx_params(i); + if (tptx->preferred_order == v && + i != tlv_type) { + retv = -EALREADY; + goto out; + } + } + new_tx.preferred_order = v; + } + } + + if (!new_tx.preferred_order) { + unsigned long check_map[BITS_TO_LONGS(255)]; + int pos; + + /* Preferred order not specified, automatically set one. + * This is chosen to be the first value after the greatest + * order in use. + */ + memset(check_map, 0, sizeof(check_map)); + + for (i = 2; i < 256; i++) { + unsigned int order; + + tptx = tlv_deref_tx_params(i); + order = tptx->preferred_order; + + if (!order) + continue; + + WARN_ON(test_bit(255 - order, check_map)); + set_bit(255 - order, check_map); + } + + pos = find_first_bit(check_map, 255); + if (pos) + new_tx.preferred_order = 255 - (pos - 1); + else + new_tx.preferred_order = 255 - + find_first_zero_bit(check_map, sizeof(check_map)); + } + + if (info->attrs[IPV6_TLV_ATTR_ADMIN_PERM]) { + v = nla_get_u8(info->attrs[IPV6_TLV_ATTR_ADMIN_PERM]); + if (v > IPV6_TLV_PERM_MAX) + goto out; + new_tx.admin_perm = v; + } + + if (info->attrs[IPV6_TLV_ATTR_USER_PERM]) { + v = nla_get_u8(info->attrs[IPV6_TLV_ATTR_USER_PERM]); + if (v > IPV6_TLV_PERM_MAX) + goto out; + new_tx.user_perm = v; + } + + if (info->attrs[IPV6_TLV_ATTR_CLASS]) { + v = nla_get_u8(info->attrs[IPV6_TLV_ATTR_CLASS]); + if (v > IPV6_TLV_CLASS_MAX) + goto out; + new_tx.class = v; + } + + if (info->attrs[IPV6_TLV_ATTR_ALIGN_MULT]) { + v = nla_get_u8(info->attrs[IPV6_TLV_ATTR_ALIGN_MULT]); + if (v > 16 || v < 1) + goto out; + new_tx.align_mult = v - 1; + } + + if (info->attrs[IPV6_TLV_ATTR_ALIGN_OFF]) { + v = nla_get_u8(info->attrs[IPV6_TLV_ATTR_ALIGN_OFF]); + if (v > 15) + goto out; + new_tx.align_off = v; + } + + if (info->attrs[IPV6_TLV_ATTR_MAX_DATA_LEN]) + new_tx.max_data_len = + nla_get_u8(info->attrs[IPV6_TLV_ATTR_MAX_DATA_LEN]); + + if (info->attrs[IPV6_TLV_ATTR_MIN_DATA_LEN]) + new_tx.min_data_len = + nla_get_u8(info->attrs[IPV6_TLV_ATTR_MIN_DATA_LEN]); + + if (info->attrs[IPV6_TLV_ATTR_DATA_LEN_MULT]) { + v = nla_get_u8(info->attrs[IPV6_TLV_ATTR_DATA_LEN_MULT]); + if (v > 16 || v < 1) + goto out; + new_tx.data_len_mult = v - 1; + } + + if (info->attrs[IPV6_TLV_ATTR_DATA_LEN_OFF]) { + v = nla_get_u8(info->attrs[IPV6_TLV_ATTR_DATA_LEN_OFF]); + if (v > 15) + goto out; + new_tx.data_len_off = v; + } + + retv = tlv_set_tx_param(tlv_type, &new_tx); + +out: + rcu_read_unlock(); + return retv; +} + +static int tlv_nl_cmd_unset(struct sk_buff *skb, struct genl_info *info) +{ + unsigned int tlv_type; + + if (!info->attrs[IPV6_TLV_ATTR_TYPE]) + return -EINVAL; + + tlv_type = nla_get_u8(info->attrs[IPV6_TLV_ATTR_TYPE]); + if (tlv_type < 2) + return -EINVAL; + + return tlv_unset_tx_param(tlv_type); +} + +static int tlv_fill_info(int tlv_type, struct sk_buff *msg, bool admin) +{ + struct tlv_tx_param *tptx; + int ret = 0; + + rcu_read_lock(); + + tptx = tlv_deref_tx_params(tlv_type); + + if (nla_put_u8(msg, IPV6_TLV_ATTR_TYPE, tlv_type) || + nla_put_u8(msg, IPV6_TLV_ATTR_ORDER, tptx->preferred_order) || + nla_put_u8(msg, IPV6_TLV_ATTR_USER_PERM, tptx->user_perm) || + (admin && nla_put_u8(msg, IPV6_TLV_ATTR_ADMIN_PERM, + tptx->admin_perm)) || + nla_put_u8(msg, IPV6_TLV_ATTR_CLASS, tptx->class) || + nla_put_u8(msg, IPV6_TLV_ATTR_ALIGN_MULT, tptx->align_mult + 1) || + nla_put_u8(msg, IPV6_TLV_ATTR_ALIGN_OFF, tptx->align_off) || + nla_put_u8(msg, IPV6_TLV_ATTR_MIN_DATA_LEN, tptx->min_data_len) || + nla_put_u8(msg, IPV6_TLV_ATTR_MAX_DATA_LEN, tptx->max_data_len) || + nla_put_u8(msg, IPV6_TLV_ATTR_DATA_LEN_MULT, + tptx->data_len_mult + 1) || + nla_put_u8(msg, IPV6_TLV_ATTR_DATA_LEN_OFF, tptx->data_len_off)) + ret = -1; + + rcu_read_unlock(); + + return ret; +} + +static int tlv_dump_info(int tlv_type, u32 portid, u32 seq, u32 flags, + struct sk_buff *skb, u8 cmd, bool admin) +{ + void *hdr; + + hdr = genlmsg_put(skb, portid, seq, &tlv_nl_family, flags, cmd); + if (!hdr) + return -ENOMEM; + + if (tlv_fill_info(tlv_type, skb, admin) < 0) { + genlmsg_cancel(skb, hdr); + return -EMSGSIZE; + } + + genlmsg_end(skb, hdr); + + return 0; +} + +static int tlv_nl_cmd_get(struct sk_buff *skb, struct genl_info *info) +{ + struct sk_buff *msg; + int ret, tlv_type; + + if (!info->attrs[IPV6_TLV_ATTR_TYPE]) + return -EINVAL; + + tlv_type = nla_get_u8(info->attrs[IPV6_TLV_ATTR_TYPE]); + if (tlv_type < 2) + return -EINVAL; + + msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); + if (!msg) + return -ENOMEM; + + ret = tlv_dump_info(tlv_type, info->snd_portid, info->snd_seq, 0, msg, + info->genlhdr->cmd, + netlink_capable(skb, CAP_NET_ADMIN)); + if (ret < 0) { + nlmsg_free(msg); + return ret; + } + + return genlmsg_reply(msg, info); +} + +static int tlv_nl_dump(struct sk_buff *skb, struct netlink_callback *cb) +{ + int idx = 0, ret, i; + + for (i = 2; i < 256; i++) { + if (idx++ < cb->args[0]) + continue; + ret = tlv_dump_info(i, NETLINK_CB(cb->skb).portid, + cb->nlh->nlmsg_seq, NLM_F_MULTI, + skb, IPV6_TLV_CMD_GET, + netlink_capable(cb->skb, CAP_NET_ADMIN)); + if (ret) + break; + } + + cb->args[0] = idx; + return skb->len; +} + +static const struct genl_ops tlv_nl_ops[] = { +{ + .cmd = IPV6_TLV_CMD_SET, + .doit = tlv_nl_cmd_set, + .policy = tlv_nl_policy, + .flags = GENL_ADMIN_PERM, +}, +{ + .cmd = IPV6_TLV_CMD_UNSET, + .doit = tlv_nl_cmd_unset, + .policy = tlv_nl_policy, + .flags = GENL_ADMIN_PERM, +}, +{ + .cmd = IPV6_TLV_CMD_GET, + .doit = tlv_nl_cmd_get, + .dumpit = tlv_nl_dump, + .policy = tlv_nl_policy, +}, +}; + +static struct genl_family tlv_nl_family __ro_after_init = { + .hdrsize = 0, + .name = IPV6_TLV_GENL_NAME, + .version = IPV6_TLV_GENL_VERSION, + .maxattr = IPV6_TLV_ATTR_MAX, + .netnsok = true, + .module = THIS_MODULE, + .ops = tlv_nl_ops, + .n_ops = ARRAY_SIZE(tlv_nl_ops), +}; + static int __init exthdrs_init(void) { unsigned long check_map[BITS_TO_LONGS(256)]; struct tlv_param_table *tpt; size_t tsize; - int i; + int i, ret; memset(check_map, 0, sizeof(check_map)); @@ -676,11 +964,21 @@ static int __init exthdrs_init(void) RCU_INIT_POINTER(tlv_param_table, tpt); + ret = genl_register_family(&tlv_nl_family); + if (ret < 0) + goto fail_genl_register; + return 0; + +fail_genl_register: + __tlv_destroy_param_table(); + + return ret; } module_init(exthdrs_init); static void __exit exthdrs_fini(void) { + genl_unregister_family(&tlv_nl_family); } module_exit(exthdrs_fini); From patchwork Mon Jan 28 18:22:54 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Herbert X-Patchwork-Id: 1032146 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=herbertland.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=herbertland-com.20150623.gappssmtp.com header.i=@herbertland-com.20150623.gappssmtp.com header.b="zLBnEkNs"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 43pJ0l742gz9sDB for ; Tue, 29 Jan 2019 05:23:35 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727052AbfA1SXe (ORCPT ); Mon, 28 Jan 2019 13:23:34 -0500 Received: from mail-pf1-f196.google.com ([209.85.210.196]:41589 "EHLO mail-pf1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727257AbfA1SXc (ORCPT ); Mon, 28 Jan 2019 13:23:32 -0500 Received: by mail-pf1-f196.google.com with SMTP id b7so8366685pfi.8 for ; Mon, 28 Jan 2019 10:23:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=KPf6H+yQ6UmG662Y1uoJGs7TjTCyXlfY2P3Ev7edX7o=; b=zLBnEkNs7nH8nO4LL8go3ULmCK2CxFzkRh4lZNkPUpMJBdfMK/16JyWAFFopEZY4Y9 OHy1VNnfnX9X2GaHQTbOQvaR0/SCzi5XXwr978nmWkxlxKFvnW06NLaEfIK0HgHSFRS4 ur1QXyYzOdFD3DXbJiIhyx5kd7kqJyLJ+Aa+WCdsJvyfvDENHrN7bB1+LRiO5BxbJwMY KQTxgNh4odVWX4rWs0K+haQ0ok0AGwZ4boTU908Fuh17XAjqSh2ko7zT23QZbG7W7lVB 72LjoaDIK4k3J+vODqPKtt2jXkvQ2sFffZJ9/j0G+pPbd0j5RyGAnWPr7AdUVQ1cM0XQ LhDg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=KPf6H+yQ6UmG662Y1uoJGs7TjTCyXlfY2P3Ev7edX7o=; b=qq5GLMXKSwQCWQQFuxE2lPzC6eCd6ZUj2LR9a8Hrmbm3Tk330LUYXuYTMQMTTR/Ckm vwPMJI3q4NVZf9TokdR3oOPexeEFLt71u3uh63ys2b8KkFijzuZgmLAcQ60SkRsJifMD oZtkqDUnnW+NbF7Ewpgwom9c0kXOC19I8p/VIraci3gJksmvKy8LZFyq28H8ls/pPPtW RsniZd7AzGh5moxtskWFACpoizyu1cFAb9pMwxGnoXKbmeU5X8Xhl9bxubMRlruw6uG2 YZg5Aitigz0GijM47NCOrVyJnut1JUNjir2Sc9egoD7YhhDdj3MGjOtLVHWX7e092I9d JthQ== X-Gm-Message-State: AJcUukdfHUAXKfSV8Tt4BqQ8Ot+DwnducfSu1rLgScznMKghbeuruw9X SeN0nJJOhNDmYLyeB7WUh25Eeg== X-Google-Smtp-Source: ALg8bN7LIQtZLlxzgJzg9PAx4YIoa6pjx3atgLQC5pAt+zW7tecGHzwZgdp794meiqDw9knBM24nkQ== X-Received: by 2002:a63:2f07:: with SMTP id v7mr13381177pgv.368.1548699811203; Mon, 28 Jan 2019 10:23:31 -0800 (PST) Received: from localhost.localdomain (c-73-223-249-119.hsd1.ca.comcast.net. [73.223.249.119]) by smtp.gmail.com with ESMTPSA id n78sm61777238pfk.19.2019.01.28.10.23.30 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 28 Jan 2019 10:23:30 -0800 (PST) From: Tom Herbert X-Google-Original-From: Tom Herbert To: davem@davemloft.net, netdev@vger.kernel.org Cc: Tom Herbert Subject: [PATCH v2 net-next 4/5] ip6tlvs: Validation of TX Destination and Hop-by-Hop options Date: Mon, 28 Jan 2019 10:22:54 -0800 Message-Id: <1548699775-3015-5-git-send-email-tom@quantonium.net> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1548699775-3015-1-git-send-email-tom@quantonium.net> References: <1548699775-3015-1-git-send-email-tom@quantonium.net> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Validate Destination and Hop-by-Hop options. This uses the information in the TLV parameters table to validate various aspects of both individual TLVs as well as a list of TLVs in an extension header. There are two levels of validation that can be performed: simple checks and deep checks. Simple checks validate on the most basic properties such as that the TLV list fits into the EH. Deep checks do a fine grained validation that includes perferred ordering, length limits, and length alignment.. With proper permissions set in the TLV parameter table, this patch allows non-privileged users to send TLVs. Given that TLVs are open ended and potentially a source of DOS attack, deep checks are performed to limit the format that a non-privileged user can send. If deep checks are enabled, a canonical format for sending TLVs is enforced (in adherence with the robustness principle). A TLV must be well ordered with respect to the preferred order for the TLV. Each TLV must be aligned as described in the parameter table. Minimal padding (one padding TLV) is used to align TLVs. The length of the extension header as well as the count of non-padding TLVs is checked against max_*_opts_len and max_*_opts_cnt. For individual TLVs, lengths length alignment is checked. --- include/net/ipv6.h | 7 ++ net/ipv6/datagram.c | 27 ++-- net/ipv6/exthdrs_options.c | 298 +++++++++++++++++++++++++++++++++++++++++++++ net/ipv6/ipv6_sockglue.c | 30 ++++- 4 files changed, 348 insertions(+), 14 deletions(-) diff --git a/include/net/ipv6.h b/include/net/ipv6.h index 9992f17..c5692d6 100644 --- a/include/net/ipv6.h +++ b/include/net/ipv6.h @@ -379,6 +379,13 @@ struct ipv6_txoptions *ipv6_renew_options(struct sock *sk, struct ipv6_txoptions *ipv6_fixup_options(struct ipv6_txoptions *opt_space, struct ipv6_txoptions *opt); +int ipv6_opt_validate_tlvs(struct net *net, struct ipv6_opt_hdr *opt, + unsigned int optname, bool admin); +int ipv6_opt_validate_single_tlv(struct net *net, unsigned int optname, + unsigned char *tlv, size_t len, + bool deleting, bool admin); +int ipv6_opt_check_perm(struct net *net, struct sock *sk, + int optname, bool admin); struct tlv_tx_param { unsigned char preferred_order; unsigned char admin_perm : 2; diff --git a/net/ipv6/datagram.c b/net/ipv6/datagram.c index ee4a4e5..ef50439 100644 --- a/net/ipv6/datagram.c +++ b/net/ipv6/datagram.c @@ -853,10 +853,13 @@ int ip6_datagram_send_ctl(struct net *net, struct sock *sk, err = -EINVAL; goto exit_f; } - if (!ns_capable(net->user_ns, CAP_NET_RAW)) { - err = -EPERM; + + err = ipv6_opt_validate_tlvs(net, hdr, IPV6_HOPOPTS, + ns_capable(net->user_ns, + CAP_NET_RAW)); + if (err < 0) goto exit_f; - } + opt->opt_nflen += len; opt->hopopt = hdr; break; @@ -873,10 +876,13 @@ int ip6_datagram_send_ctl(struct net *net, struct sock *sk, err = -EINVAL; goto exit_f; } - if (!ns_capable(net->user_ns, CAP_NET_RAW)) { - err = -EPERM; + + err = ipv6_opt_validate_tlvs(net, hdr, IPV6_DSTOPTS, + ns_capable(net->user_ns, + CAP_NET_RAW)); + if (err < 0) goto exit_f; - } + if (opt->dst1opt) { err = -EINVAL; goto exit_f; @@ -898,10 +904,13 @@ int ip6_datagram_send_ctl(struct net *net, struct sock *sk, err = -EINVAL; goto exit_f; } - if (!ns_capable(net->user_ns, CAP_NET_RAW)) { - err = -EPERM; + + err = ipv6_opt_validate_tlvs(net, hdr, cmsg->cmsg_type, + ns_capable(net->user_ns, + CAP_NET_RAW)); + if (err < 0) goto exit_f; - } + if (cmsg->cmsg_type == IPV6_DSTOPTS) { opt->opt_flen += len; opt->dst1opt = hdr; diff --git a/net/ipv6/exthdrs_options.c b/net/ipv6/exthdrs_options.c index a7811e0..f334af5 100644 --- a/net/ipv6/exthdrs_options.c +++ b/net/ipv6/exthdrs_options.c @@ -162,6 +162,304 @@ struct ipv6_txoptions *ipv6_fixup_options(struct ipv6_txoptions *opt_space, } EXPORT_SYMBOL_GPL(ipv6_fixup_options); +/* TLV validation functions */ + +/* Validate a single non-padding TLV */ +static int __ipv6_opt_validate_single_tlv(struct net *net, unsigned char *tlv, + struct tlv_tx_param *tptx, + unsigned int class, bool *deep_check, + bool deleting, bool admin) +{ + if (tlv[0] < 2) /* Must be non-padding */ + return -EINVAL; + + /* Check permissions */ + switch (admin ? tptx->admin_perm : tptx->user_perm) { + case IPV6_TLV_PERM_NO_CHECK: + /* Allowed with no deep checks */ + *deep_check = false; + return 0; + case IPV6_TLV_PERM_WITH_CHECK: + /* Allowed with deep checks */ + *deep_check = true; + break; + default: + /* No permission */ + return -EPERM; + } + + /* Perform deep checks on the TLV */ + + /* Check class */ + if ((tptx->class & class) != class) + return -EINVAL; + + /* Don't bother checking lengths when deleting, the TLV is only + * needed here for lookup + */ + if (deleting) { + /* Don't bother with deep checks when deleting */ + *deep_check = false; + } else { + /* Check length */ + if (tlv[1] < tptx->min_data_len || tlv[1] > tptx->max_data_len) + return -EINVAL; + + /* Check length alignment */ + if ((tlv[1] % (tptx->data_len_mult + 1)) != tptx->data_len_off) + return -EINVAL; + } + + return 0; +} + +static unsigned int optname_to_tlv_class(int optname) +{ + switch (optname) { + case IPV6_HOPOPTS: + return IPV6_TLV_CLASS_FLAG_HOPOPT; + case IPV6_RTHDRDSTOPTS: + return IPV6_TLV_CLASS_FLAG_RTRDSTOPT; + case IPV6_DSTOPTS: + return IPV6_TLV_CLASS_FLAG_DSTOPT; + default: + return -1U; + } +} + +static int __ipv6_opt_validate_tlvs(struct net *net, struct ipv6_opt_hdr *opt, + unsigned int optname, bool deleting, + bool admin) +{ + unsigned int max_len = 0, max_cnt = 0, cnt = 0; + unsigned char *tlv = (unsigned char *)opt; + bool deep_check, did_deep_check = false; + unsigned int opt_len, tlv_len, offset; + unsigned int padding = 0, numpad = 0; + unsigned char prev_tlv_order = 0; + struct tlv_tx_param *tptx; + int retc, ret = -EINVAL; + unsigned int class; + + opt_len = ipv6_optlen(opt); + offset = sizeof(*opt); + + class = optname_to_tlv_class(optname); + + switch (optname) { + case IPV6_HOPOPTS: + max_len = net->ipv6.sysctl.max_hbh_opts_len; + max_cnt = net->ipv6.sysctl.max_hbh_opts_cnt; + break; + case IPV6_RTHDRDSTOPTS: + case IPV6_DSTOPTS: + max_len = net->ipv6.sysctl.max_dst_opts_len; + max_cnt = net->ipv6.sysctl.max_dst_opts_cnt; + break; + } + + rcu_read_lock(); + + while (offset < opt_len) { + switch (tlv[offset]) { + case IPV6_TLV_PAD1: + tlv_len = 1; + padding++; + numpad++; + break; + case IPV6_TLV_PADN: + if (offset + 1 >= opt_len) + goto out; + + tlv_len = tlv[offset + 1] + 2; + + if (offset + tlv_len > opt_len) + goto out; + + padding += tlv_len; + numpad++; + break; + default: + if (offset + 1 >= opt_len) + goto out; + + tlv_len = tlv[offset + 1] + 2; + + if (offset + tlv_len > opt_len) + goto out; + + tptx = tlv_deref_tx_params(tlv[offset]); + retc = __ipv6_opt_validate_single_tlv(net, &tlv[offset], + tptx, class, + &deep_check, + deleting, admin); + if (retc < 0) { + ret = retc; + goto out; + } + + if (deep_check) { + /* Check for too many options */ + if (++cnt > max_cnt) { + ret = -E2BIG; + goto out; + } + + /* Check order */ + if (tptx->preferred_order < prev_tlv_order) + goto out; + + /* Check alignment */ + if ((offset % (tptx->align_mult + 1)) != + tptx->align_off) + goto out; + + /* Check for right amount of padding */ + if (numpad > 1 || padding > tptx->align_mult) + goto out; + + prev_tlv_order = tptx->preferred_order; + } + + padding = 0; + numpad = 0; + did_deep_check = true; + } + offset += tlv_len; + } + + /* If we did at least one deep check apply length limit */ + if (did_deep_check && opt_len > max_len) { + ret = -EMSGSIZE; + goto out; + } + + /* All good */ + ret = 0; +out: + rcu_read_unlock(); + + return ret; +} + +/** + * __ipv6_opt_validate_tlvs - Validate TLVs. + * @net: Current net + * @opt: The option header + * @optname: IPV6_HOPOPTS, IPV6_RTHDRDSTOPTS, or IPV6_DSTOPTS + * @admin: Set for privileged user + * + * Description: + * Walks the TLVs in a list to verify that the TLV lengths and other + * parameters are in bounds for a Destination or Hop-by-Hop option. + * Return -EINVAL is there is a problem, zero otherwise. + */ +int ipv6_opt_validate_tlvs(struct net *net, struct ipv6_opt_hdr *opt, + unsigned int optname, bool admin) +{ + return __ipv6_opt_validate_tlvs(net, opt, optname, false, admin); +} +EXPORT_SYMBOL(ipv6_opt_validate_tlvs); + +/** + * ipv6_opt_validate_single - Check that a single TLV is valid. + * @net: Current net + * @optname: IPV6_HOPOPTS, IPV6_RTHDRDSTOPTS, or IPV6_DSTOPTS + * @tlv: The TLV as array of bytes + * @len: Length of buffer holding TLV + * + * Description: + * Validates a single TLV. The TLV must be non-padding type. The length + * of the TLV (as determined by the second byte that gives length of the + * option data) must match @len. + */ +int ipv6_opt_validate_single_tlv(struct net *net, unsigned int optname, + unsigned char *tlv, size_t len, + bool deleting, bool admin) +{ + struct tlv_tx_param *tptx; + unsigned int class; + bool deep_check; + int ret = 0; + + class = optname_to_tlv_class(optname); + + switch (tlv[0]) { + case IPV6_TLV_PAD1: + case IPV6_TLV_PADN: + return -EINVAL; + default: + break; + } + + if (len < 2) + return -EINVAL; + + if (tlv[1] + 2 != len) + return -EINVAL; + + rcu_read_lock(); + + tptx = tlv_deref_tx_params(tlv[0]); + + ret = __ipv6_opt_validate_single_tlv(net, tlv, tptx, class, + &deep_check, deleting, admin); + + rcu_read_unlock(); + + return ret; +} +EXPORT_SYMBOL(ipv6_opt_validate_single_tlv); + +/** + * ipv6_opt_check_perm - Check is current capabilities allows modify + * txopts. + * @net: Current net + * @sk: the socket + * @optname: IPV6_HOPOPTS, IPV6_RTHDRDSTOPTS, or IPV6_DSTOPTS + * @admin: Set for privileged user + * + * Description: + * + * Checks whether the permissions of TLV that are set on a socket permit + * modificationr. + * + */ +int ipv6_opt_check_perm(struct net *net, struct sock *sk, int optname, + bool admin) +{ + struct ipv6_txoptions *old = txopt_get(inet6_sk(sk)); + struct ipv6_opt_hdr *opt; + int retv = -EPERM; + + if (!old) + return 0; + + switch (optname) { + case IPV6_HOPOPTS: + opt = old->hopopt; + break; + case IPV6_RTHDRDSTOPTS: + opt = old->dst0opt; + break; + case IPV6_DSTOPTS: + opt = old->dst1opt; + break; + default: + goto out; + } + + /* Just call the validate function on the options as being + * deleted. + */ + retv = __ipv6_opt_validate_tlvs(net, opt, optname, true, admin); + +out: + txopt_put(old); + return retv; +} +EXPORT_SYMBOL(ipv6_opt_check_perm); + /* Destination options header */ #if IS_ENABLED(CONFIG_IPV6_MIP6) diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c index 973e215..009c8a4 100644 --- a/net/ipv6/ipv6_sockglue.c +++ b/net/ipv6/ipv6_sockglue.c @@ -400,11 +400,6 @@ static int do_ipv6_setsockopt(struct sock *sk, int level, int optname, struct ipv6_txoptions *opt; struct ipv6_opt_hdr *new = NULL; - /* hop-by-hop / destination options are privileged option */ - retv = -EPERM; - if (optname != IPV6_RTHDR && !ns_capable(net->user_ns, CAP_NET_RAW)) - break; - /* remove any sticky options header with a zero option * length, per RFC3542. */ @@ -427,6 +422,31 @@ static int do_ipv6_setsockopt(struct sock *sk, int level, int optname, } } + if (optname != IPV6_RTHDR) { + bool cap = ns_capable(net->user_ns, CAP_NET_RAW); + + /* First check if we have permission to delete + * the existing options on the socket. + */ + retv = ipv6_opt_check_perm(net, sk, optname, cap); + if (retv < 0) { + kfree(new); + break; + } + + /* Check permissions and other validations on new + * TLVs + */ + if (new) { + retv = ipv6_opt_validate_tlvs(net, new, + optname, cap); + if (retv < 0) { + kfree(new); + break; + } + } + } + opt = rcu_dereference_protected(np->opt, lockdep_sock_is_held(sk)); opt = ipv6_renew_options(sk, opt, optname, new); From patchwork Mon Jan 28 18:22:55 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Herbert X-Patchwork-Id: 1032147 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=herbertland.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=herbertland-com.20150623.gappssmtp.com header.i=@herbertland-com.20150623.gappssmtp.com header.b="ZL+jfLty"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 43pJ0n1Vtrz9sDK for ; Tue, 29 Jan 2019 05:23:37 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727470AbfA1SXf (ORCPT ); Mon, 28 Jan 2019 13:23:35 -0500 Received: from mail-pg1-f196.google.com ([209.85.215.196]:39253 "EHLO mail-pg1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727452AbfA1SXe (ORCPT ); Mon, 28 Jan 2019 13:23:34 -0500 Received: by mail-pg1-f196.google.com with SMTP id w6so7556533pgl.6 for ; Mon, 28 Jan 2019 10:23:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=eXX8gzBf7HYyJtXbMVAo1Vi3Nq2xgt8q+GHDHzRATqU=; b=ZL+jfLty35W+mOJgxhneLHVmblBONQitbgc92VNTtdtOA65aflrjWqDhKs60W4AQqW Uei92NRB2hsDsDWFrZM9t5H/pa73b+Z85gngyWT6kOhkt1/GgfpMqU+YL61WTqwsF4tH peicnhvG8lY9LShjBkVSUnzpp5T8Zomzbjug/FSjRfgbVzttMqULQFRNBrfcMRKvV9kP lvtV0Hn+oLL/eEgebtdrn72YDqQImr8HmZT3CAgUZOvRhSvfaRPke8nf/a8ULRRMMnEN p0yVHI7oZijqtevMZu83vlwyKZzz1EeesWNvS3IgIPSU4tKH/RD/s/7U+4z3qBqW+9l5 u22w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=eXX8gzBf7HYyJtXbMVAo1Vi3Nq2xgt8q+GHDHzRATqU=; b=W+Kf0mvwhqLK2ZvOOorlxmLD1vbFJkfaAQdmASw+iMDUnHhL37EpMDS3kLP4gnkLzy fzZ4t1HWoZ1wqGTooXI2bwvcKCANm09VNLG5kta4EEPrkkdfcE367stZT9XDte8Szul4 44lVz47z1+p0Y4JQOY/jOENGB9cJRYNVNqcadgZIgMYiWuuUllN7uxOW2H/3X0FBfobw 4KJmFN+mFgcLSKLVXnJFEOHaWupytoyYD+Qfb7pQHALO+BI/Rv88rZlah5kEpU6JK67u kACRaq6r7ZH/xxccM2WTEJsEAPqcUpT3SOVIVGhysxYA7z043oT/Rewj4/xT4bjNYTdM jN8Q== X-Gm-Message-State: AJcUukdpA/fq/nQaDOeHti16O57NScgmvT21co0hr9DRbFOuIwmyCbg4 EYII7UEv5k2ITfqXdM80YIG/7Q== X-Google-Smtp-Source: ALg8bN5boHvVXEU8IsokdGtSN43nP7Zg8wDSG04gdsKaXlNzmz0UoEGTSRpjIspP1tRtDQqI3oguIw== X-Received: by 2002:a63:6ac5:: with SMTP id f188mr20953968pgc.165.1548699812770; Mon, 28 Jan 2019 10:23:32 -0800 (PST) Received: from localhost.localdomain (c-73-223-249-119.hsd1.ca.comcast.net. [73.223.249.119]) by smtp.gmail.com with ESMTPSA id n78sm61777238pfk.19.2019.01.28.10.23.31 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 28 Jan 2019 10:23:32 -0800 (PST) From: Tom Herbert X-Google-Original-From: Tom Herbert To: davem@davemloft.net, netdev@vger.kernel.org Cc: Tom Herbert Subject: [PATCH v2 net-next 5/5] ip6tlvs: API to set and remove individual TLVs from DO or HBH EH Date: Mon, 28 Jan 2019 10:22:55 -0800 Message-Id: <1548699775-3015-6-git-send-email-tom@quantonium.net> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1548699775-3015-1-git-send-email-tom@quantonium.net> References: <1548699775-3015-1-git-send-email-tom@quantonium.net> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Add functions and socket options that allows setting and removing individual TLVs from Hop-by-Hop, Destination, or Routing Header Destination options that are set in txoptions of a socket. When an individual TLV optiosn is set it is merged into the existing options at the position in the list described by preferred order attribute in the TLV parameters table. This code is based in part on the TLV option handling in calipso.c. Signed-off-by: Tom Herbert --- include/net/ipv6.h | 13 ++ include/uapi/linux/in6.h | 9 + net/ipv6/exthdrs_options.c | 516 +++++++++++++++++++++++++++++++++++++++++++++ net/ipv6/ipv6_sockglue.c | 80 +++++++ 4 files changed, 618 insertions(+) diff --git a/include/net/ipv6.h b/include/net/ipv6.h index c5692d6..898f5e3 100644 --- a/include/net/ipv6.h +++ b/include/net/ipv6.h @@ -378,6 +378,8 @@ struct ipv6_txoptions *ipv6_renew_options(struct sock *sk, struct ipv6_opt_hdr *newopt); struct ipv6_txoptions *ipv6_fixup_options(struct ipv6_txoptions *opt_space, struct ipv6_txoptions *opt); +int ipv6_opt_update(struct sock *sk, struct ipv6_txoptions *opt, + int which, struct ipv6_opt_hdr *new); int ipv6_opt_validate_tlvs(struct net *net, struct ipv6_opt_hdr *opt, unsigned int optname, bool admin); @@ -386,6 +388,17 @@ int ipv6_opt_validate_single_tlv(struct net *net, unsigned int optname, bool deleting, bool admin); int ipv6_opt_check_perm(struct net *net, struct sock *sk, int optname, bool admin); + +int ipv6_opt_tlv_find(struct ipv6_opt_hdr *opt, unsigned char *targ_tlv, + unsigned int *start, unsigned int *end); +struct ipv6_opt_hdr *ipv6_opt_tlv_insert(struct net *net, + struct ipv6_opt_hdr *opt, + int optname, unsigned char *tlv, + bool admin); +struct ipv6_opt_hdr *ipv6_opt_tlv_delete(struct net *net, + struct ipv6_opt_hdr *opt, + unsigned char *tlv, bool admin); + struct tlv_tx_param { unsigned char preferred_order; unsigned char admin_perm : 2; diff --git a/include/uapi/linux/in6.h b/include/uapi/linux/in6.h index a54cf96..f6edf31 100644 --- a/include/uapi/linux/in6.h +++ b/include/uapi/linux/in6.h @@ -288,6 +288,15 @@ struct in6_flowlabel_req { #define IPV6_RECVFRAGSIZE 77 #define IPV6_FREEBIND 78 +/* API to set single Destination or Hop-by-Hop options */ + +#define IPV6_HOPOPTS_TLV 79 +#define IPV6_RTHDRDSTOPTS_TLV 80 +#define IPV6_DSTOPTS_TLV 81 +#define IPV6_HOPOPTS_DEL_TLV 82 +#define IPV6_RTHDRDSTOPTS_DEL_TLV 83 +#define IPV6_DSTOPTS_DEL_TLV 84 + /* * Multicast Routing: * see include/uapi/linux/mroute6.h. diff --git a/net/ipv6/exthdrs_options.c b/net/ipv6/exthdrs_options.c index f334af5..673cd31 100644 --- a/net/ipv6/exthdrs_options.c +++ b/net/ipv6/exthdrs_options.c @@ -162,6 +162,35 @@ struct ipv6_txoptions *ipv6_fixup_options(struct ipv6_txoptions *opt_space, } EXPORT_SYMBOL_GPL(ipv6_fixup_options); +/** + * ipv6_opt_update - Replaces socket's options with a new set + * @sk: the socket + * @opt: TX options from socket + * @which: which set of options + * @new: new extension header for the options + * + * Description: + * Replaces @sk's options with @new for type @which. @new may be NULL to + * leave the socket with no options for the given type. + * + */ +int ipv6_opt_update(struct sock *sk, struct ipv6_txoptions *opt, + int which, struct ipv6_opt_hdr *new) +{ + opt = ipv6_renew_options(sk, opt, which, new); + if (IS_ERR(opt)) + return PTR_ERR(opt); + + opt = ipv6_update_options(sk, opt); + if (opt) { + atomic_sub(opt->tot_len, &sk->sk_omem_alloc); + txopt_put(opt); + } + + return 0; +} +EXPORT_SYMBOL(ipv6_opt_update); + /* TLV validation functions */ /* Validate a single non-padding TLV */ @@ -460,6 +489,493 @@ int ipv6_opt_check_perm(struct net *net, struct sock *sk, int optname, } EXPORT_SYMBOL(ipv6_opt_check_perm); +/* Functions to manage individual TLVs */ + +/** + * __ipv6_opt_tlv_find - Finds a particular TLV in an IPv6 options header + * (destinaton or hop-by-hop options). If TLV is not present, then the + * preferred insertion point is determined. + * @opt: the options header (an EH header followed by data) + * @targ_tlv: Prototype of TLV to find + * @start: on return holds the offset of any leading padding if option + * is present, or offset at which option is inserted. + * @end: on return holds the offset of the first non-pad TLV after option + * if the option was found, else points to the first TLV after + * padding at intsertion point. + * + * Description: + * Finds the space occupied by particular option (including any leading and + * trailing padding), or the perferred position for insertion if the + * TLV is not present. + * + * If the option is found then @start and @end are set to the offsets within + * @opt of the start of padding before the first found option and the end of + * padding after the first found option. In this case the function returns + * the offset in @opt of the found option (a value >= 2 since the TLV + * must be after the option header). + * + * In the absence of the searched option, @start is set to offset in @opt at + * which the option may be inserted per the ordering and alignment rules + * in the TLV parameter table, and @end is set to the end + 1 of any + * padding at the @start offset. When the option is not found -ENOENT is + * returned. + * + * rcu_read_lock assumed held. + */ +static int __ipv6_opt_tlv_find(struct ipv6_opt_hdr *opt, + unsigned char *targ_tlv, + unsigned int *start, unsigned int *end) +{ + unsigned int offset_s = 0, offset_e = 0, last_s = 0; + unsigned char *tlv = (unsigned char *)opt; + unsigned int pad_e = sizeof(*opt); + int ret_val = -ENOENT, tlv_len; + unsigned int opt_len, offset; + struct tlv_tx_param *tptx; + unsigned int targ_order; + bool found_cand = false; + + opt_len = ipv6_optlen(opt); + offset = sizeof(*opt); + + tptx = tlv_deref_tx_params(targ_tlv[0]); + + targ_order = tptx->preferred_order; + + while (offset < opt_len) { + switch (tlv[offset]) { + case IPV6_TLV_PAD1: + if (offset_e) + offset_e = offset; + tlv_len = 1; + break; + case IPV6_TLV_PADN: + if (offset_e) + offset_e = offset; + tlv_len = tlv[offset + 1] + 2; + break; + default: + if (ret_val >= 0) + goto out; + + /* Not found yet */ + + if (tlv[offset] == targ_tlv[0]) { + /* Found it */ + + ret_val = offset; + offset_e = offset; + offset_s = last_s; + found_cand = true; + } else { + struct tlv_tx_param *tptx1; + + tptx1 = tlv_deref_tx_params(tlv[offset]); + + if (targ_order < tptx1->preferred_order && + !found_cand) { + /* Found candidate for insert location + */ + + pad_e = offset; + offset_s = last_s; + found_cand = true; + } + } + + last_s = offset; + tlv_len = tlv[offset + 1] + 2; + break; + } + + offset += tlv_len; + } + + if (!found_cand) { + /* Not found and insert point is after all options */ + offset_s = last_s; + pad_e = opt_len; + } + +out: + if (offset_s) + *start = offset_s + + (tlv[offset_s] ? tlv[offset_s + 1] + 2 : 1); + else + *start = sizeof(*opt); + + if (ret_val >= 0) + *end = offset_e + + (tlv[offset_e] ? tlv[offset_e + 1] + 2 : 1); + else + *end = pad_e; + + return ret_val; +} + +int ipv6_opt_tlv_find(struct ipv6_opt_hdr *opt, unsigned char *targ_tlv, + unsigned int *start, unsigned int *end) +{ + int ret; + + rcu_read_lock(); + ret = __ipv6_opt_tlv_find(opt, targ_tlv, start, end); + rcu_read_unlock(); + + return ret; +} +EXPORT_SYMBOL(ipv6_opt_tlv_find); + +/** + * ipv6_opt_tlv_pad_write - Writes pad bytes in TLV format + * @buf: the buffer + * @offset: offset from start of buffer to write padding + * @count: number of pad bytes to write + * + * Description: + * Write @count bytes of TLV padding into @buffer starting at offset @offset. + * @count should be less than 8 - see RFC 4942. + * + */ +static int ipv6_opt_tlv_pad_write(unsigned char *buf, unsigned int offset, + unsigned int count) +{ + if (WARN_ON_ONCE(count >= 8)) + return -EINVAL; + + switch (count) { + case 0: + break; + case 1: + buf[offset] = IPV6_TLV_PAD1; + break; + default: + buf[offset] = IPV6_TLV_PADN; + buf[offset + 1] = count - 2; + if (count > 2) + memset(buf + offset + 2, 0, count - 2); + break; + } + return 0; +} + +static unsigned int compute_padding(unsigned int offset, unsigned int mult, + unsigned int moff) +{ + return (mult - ((offset - moff) % mult)) % mult; +} + +static int tlv_find_next(unsigned char *tlv, unsigned int offset, + unsigned int optlen) +{ + while (offset < optlen) { + switch (tlv[offset]) { + case IPV6_TLV_PAD1: + offset++; + break; + case IPV6_TLV_PADN: + offset += tlv[offset + 1] + 2; + break; + default: + return offset; + } + } + + return (optlen); +} + +/* __tlv_sum_alignment assumes ruc_read_lock is held */ +static size_t __tlv_sum_alignment(unsigned char *tlv, unsigned int offset, + unsigned int optlen) +{ + int sum = 0; + + offset = tlv_find_next(tlv, offset, optlen); + + while (offset < optlen) { + struct tlv_tx_param *tptx; + + tptx = tlv_deref_tx_params(tlv[offset]); + sum += tptx->align_mult; + offset += tlv[offset + 1] + 2; + offset = tlv_find_next(tlv, offset, optlen); + } + + return sum; +} + +/* __copy_and_align_tlvs assumes ruc_read_lock is held */ +static int __copy_and_align_tlvs(unsigned int src_off, unsigned char *src, + unsigned int dst_off, unsigned char *dst, + unsigned int optlen) +{ + unsigned int padding, len; + struct tlv_tx_param *tptx; + + if (!src) + return dst_off; + + src_off = tlv_find_next(src, src_off, optlen); + + while (src_off < optlen) { + tptx = tlv_deref_tx_params(src[src_off]); + + padding = compute_padding(dst_off, tptx->align_mult + 1, + tptx->align_off); + ipv6_opt_tlv_pad_write(dst, dst_off, padding); + dst_off += padding; + + len = src[src_off + 1] + 2; + memcpy(&dst[dst_off], &src[src_off], len); + + src_off += len; + dst_off += len; + src_off = tlv_find_next(src, src_off, optlen); + } + + return dst_off; +} + +static int count_tlvs(struct ipv6_opt_hdr *opt) +{ + unsigned char *tlv = (unsigned char *)opt; + unsigned int opt_len, tlv_len, offset, cnt = 0; + + opt_len = ipv6_optlen(opt); + offset = sizeof(*opt); + + while (offset < opt_len) { + switch (tlv[offset]) { + case IPV6_TLV_PAD1: + tlv_len = 1; + break; + case IPV6_TLV_PADN: + tlv_len = tlv[offset + 1] + 2; + break; + default: + cnt++; + tlv_len = tlv[offset + 1] + 2; + break; + } + offset += tlv_len; + } + + return cnt; +} + +#define IPV6_OPT_MAX_END_PAD 7 + +/** + * ipv6_opt_tlv_insert - Inserts a TLV into an IPv6 destination options + * or Hop-by-Hop options extension header. + * + * @net: Current net + * @opt: the original options extensions header + * @optname: IPV6_HOPOPTS, IPV6_RTHDRDSTOPTS, or IPV6_DSTOPTS + * @tlv: the new TLV being inserted + * @admin: Set for privileged user + * + * Description: + * Creates a new options header based on @opt with the specified option + * in @tlv option added to it. If @opt already contains the same type + * of TLV, then the TLV is overwritten, otherwise the new TLV is appended + * after any existing TLVs. If @opt is NULL then the new header + * will contain just the new option and any needed padding. + * + * Assumes option has been validated. + */ +struct ipv6_opt_hdr *ipv6_opt_tlv_insert(struct net *net, + struct ipv6_opt_hdr *opt, + int optname, unsigned char *tlv, + bool admin) +{ + unsigned int start = 0, end = 0, buf_len, pad, optlen, max_align; + size_t tlv_len = tlv[1] + 2; + struct tlv_tx_param *tptx; + struct ipv6_opt_hdr *new; + int ret_val; + u8 perm; + + rcu_read_lock(); + + if (opt) { + optlen = ipv6_optlen(opt); + ret_val = __ipv6_opt_tlv_find(opt, tlv, &start, &end); + if (ret_val < 0) { + if (ret_val != -ENOENT) { + rcu_read_unlock(); + return ERR_PTR(ret_val); + } + } else if (((unsigned char *)opt)[ret_val + 1] == tlv[1]) { + unsigned int roff = ret_val + tlv[1] + 2; + + /* Replace existing TLV with one of the same length, + * we can fast path this. + */ + + rcu_read_unlock(); + + new = kmalloc(optlen, GFP_ATOMIC); + if (!new) + return ERR_PTR(-ENOMEM); + + memcpy((unsigned char *)new, + (unsigned char *)opt, ret_val); + memcpy((unsigned char *)new + ret_val, tlv, tlv[1] + 2); + memcpy((unsigned char *)new + roff, + (unsigned char *)opt + roff, optlen - roff); + + return new; + } + } else { + optlen = 0; + start = sizeof(*opt); + end = 0; + } + + tptx = tlv_deref_tx_params(tlv[0]); + + /* Maximum buffer size we'll need including possible padding */ + max_align = __tlv_sum_alignment((unsigned char *)opt, end, optlen) + + tptx->align_mult + IPV6_OPT_MAX_END_PAD; + + buf_len = optlen + start - end + tlv_len + max_align; + new = kmalloc(buf_len, GFP_ATOMIC); + if (!new) { + rcu_read_unlock(); + return ERR_PTR(-ENOMEM); + } + + buf_len = start; + + if (start > sizeof(*opt)) + memcpy(new, opt, start); + + pad = compute_padding(start, tptx->align_mult + 1, tptx->align_off); + ipv6_opt_tlv_pad_write((__u8 *)new, start, pad); + buf_len += pad; + + memcpy((__u8 *)new + buf_len, tlv, tlv_len); + buf_len += tlv_len; + + buf_len = __copy_and_align_tlvs(end, (__u8 *)opt, buf_len, + (__u8 *)new, optlen); + + perm = admin ? tptx->admin_perm : tptx->user_perm; + + rcu_read_unlock(); + + /* Trailer pad to 8 byte alignment */ + pad = (8 - (buf_len & 7)) & 7; + ipv6_opt_tlv_pad_write((__u8 *)new, buf_len, pad); + buf_len += pad; + + /* Set header */ + new->nexthdr = 0; + new->hdrlen = buf_len / 8 - 1; + + if (perm != IPV6_TLV_PERM_NO_CHECK) { + switch (optname) { + case IPV6_HOPOPTS: + if (buf_len > net->ipv6.sysctl.max_hbh_opts_len) + return ERR_PTR(-EMSGSIZE); + if (count_tlvs(new) > net->ipv6.sysctl.max_hbh_opts_cnt) + return ERR_PTR(-E2BIG); + break; + case IPV6_RTHDRDSTOPTS: + case IPV6_DSTOPTS: + if (buf_len > net->ipv6.sysctl.max_dst_opts_len) + return ERR_PTR(-EMSGSIZE); + if (count_tlvs(new) > net->ipv6.sysctl.max_dst_opts_cnt) + return ERR_PTR(-E2BIG); + break; + } + } + + return new; +} +EXPORT_SYMBOL(ipv6_opt_tlv_insert); + +/* rcu_read_lock assume held */ +struct ipv6_opt_hdr *__ipv6_opt_tlv_delete(struct ipv6_opt_hdr *opt, + unsigned int start, + unsigned int end) +{ + unsigned int pad, optlen, buf_len; + struct ipv6_opt_hdr *new; + size_t max_align; + + optlen = ipv6_optlen(opt); + if (start == sizeof(*opt) && end == optlen) { + /* There's no other option in the header so return NULL */ + return NULL; + } + + max_align = __tlv_sum_alignment((unsigned char *)opt, end, optlen) + + IPV6_OPT_MAX_END_PAD; + + new = kmalloc(optlen - (end - start) + max_align, GFP_ATOMIC); + if (!new) + return ERR_PTR(-ENOMEM); /* DIFF */ + + memcpy(new, opt, start); + + buf_len = __copy_and_align_tlvs(end, (__u8 *)opt, start, + (__u8 *)new, optlen); + + /* Now set trailer padding, buf_len is at the end of the last TLV at + * this point + */ + pad = (8 - (buf_len & 7)) & 7; + ipv6_opt_tlv_pad_write((__u8 *)new, buf_len, pad); + buf_len += pad; + + /* Set new header length */ + new->hdrlen = buf_len / 8 - 1; + + return new; +} + +/** + * ipv6_opt_tlv_delete - Removes the specified option from the destination + * or Hop-by-Hop extension header. + * @net: Current net + * @opt: The original header + * @tlv: Prototype of TLV being removed + * @admin: Set for privileged user + * + * Description: + * Creates a new header based on @opt without the specified option in + * @tlv. A new options header is returned without the option. If @opt + * doesn't contain the specified option ERR_PTR(-ENOENT) is returned. + * If @opt contains no other non-padding options, NULL is returned. + * Otherwise, a new header is created and returned without the option + * (and removing as much padding as possible). + */ +struct ipv6_opt_hdr *ipv6_opt_tlv_delete(struct net *net, + struct ipv6_opt_hdr *opt, + unsigned char *tlv, bool admin) +{ + struct ipv6_opt_hdr *retopt; + unsigned int start, end; + int ret_val; + + rcu_read_lock(); + + ret_val = __ipv6_opt_tlv_find(opt, tlv, &start, &end); + if (ret_val < 0) { + rcu_read_unlock(); + return ERR_PTR(ret_val); + } + + retopt = __ipv6_opt_tlv_delete(opt, start, end); + + rcu_read_unlock(); + + return retopt; +} +EXPORT_SYMBOL(ipv6_opt_tlv_delete); + /* Destination options header */ #if IS_ENABLED(CONFIG_IPV6_MIP6) diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c index 009c8a4..affa46c 100644 --- a/net/ipv6/ipv6_sockglue.c +++ b/net/ipv6/ipv6_sockglue.c @@ -493,6 +493,86 @@ static int do_ipv6_setsockopt(struct sock *sk, int level, int optname, break; } + case IPV6_HOPOPTS_TLV: + case IPV6_RTHDRDSTOPTS_TLV: + case IPV6_DSTOPTS_TLV: + case IPV6_HOPOPTS_DEL_TLV: + case IPV6_RTHDRDSTOPTS_DEL_TLV: + case IPV6_DSTOPTS_DEL_TLV: + { + struct ipv6_opt_hdr *old = NULL, *new = NULL; + struct ipv6_txoptions *opt; + bool deleting = false; + void *new_opt = NULL; + int which = -1; + bool admin; + + new_opt = memdup_user(optval, optlen); + if (IS_ERR(new_opt)) { + retv = PTR_ERR(new_opt); + break; + } + + opt = rcu_dereference_protected(np->opt, + lockdep_sock_is_held(sk)); + + switch (optname) { + case IPV6_HOPOPTS_DEL_TLV: + deleting = true; + /* Fallthrough */ + case IPV6_HOPOPTS_TLV: + if (opt) + old = opt->hopopt; + which = IPV6_HOPOPTS; + break; + case IPV6_RTHDRDSTOPTS_DEL_TLV: + deleting = true; + /* Fallthrough */ + case IPV6_RTHDRDSTOPTS_TLV: + if (opt) + old = opt->dst0opt; + which = IPV6_RTHDRDSTOPTS; + break; + case IPV6_DSTOPTS_DEL_TLV: + deleting = true; + /* Fallthrough */ + case IPV6_DSTOPTS_TLV: + if (opt) + old = opt->dst1opt; + which = IPV6_DSTOPTS; + break; + } + + admin = ns_capable(net->user_ns, CAP_NET_RAW); + + retv = ipv6_opt_validate_single_tlv(net, which, new_opt, optlen, + deleting, admin); + if (retv < 0) + break; + + if (deleting) { + if (!old) + break; + new = ipv6_opt_tlv_delete(net, old, new_opt, admin); + } else { + new = ipv6_opt_tlv_insert(net, old, which, new_opt, + admin); + } + + kfree(new_opt); + + if (IS_ERR(new)) { + retv = PTR_ERR(new); + break; + } + + retv = ipv6_opt_update(sk, opt, which, new); + + kfree(new); + + break; + } + case IPV6_PKTINFO: { struct in6_pktinfo pkt;