1 | // SPDX-License-Identifier: GPL-2.0-or-later |
2 | /* |
3 | * INET An implementation of the TCP/IP protocol suite for the LINUX |
4 | * operating system. INET is implemented using the BSD Socket |
5 | * interface as the means of communication with the user level. |
6 | * |
7 | * "Ping" sockets |
8 | * |
9 | * Based on ipv4/ping.c code. |
10 | * |
11 | * Authors: Lorenzo Colitti (IPv6 support) |
12 | * Vasiliy Kulikov / Openwall (IPv4 implementation, for Linux 2.6), |
13 | * Pavel Kankovsky (IPv4 implementation, for Linux 2.4.32) |
14 | */ |
15 | |
16 | #include <net/addrconf.h> |
17 | #include <net/ipv6.h> |
18 | #include <net/ip6_route.h> |
19 | #include <net/protocol.h> |
20 | #include <net/udp.h> |
21 | #include <net/transp_v6.h> |
22 | #include <linux/proc_fs.h> |
23 | #include <linux/bpf-cgroup.h> |
24 | #include <net/ping.h> |
25 | |
26 | /* Compatibility glue so we can support IPv6 when it's compiled as a module */ |
27 | static int dummy_ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len, |
28 | int *addr_len) |
29 | { |
30 | return -EAFNOSUPPORT; |
31 | } |
32 | static void dummy_ip6_datagram_recv_ctl(struct sock *sk, struct msghdr *msg, |
33 | struct sk_buff *skb) |
34 | { |
35 | } |
36 | static int dummy_icmpv6_err_convert(u8 type, u8 code, int *err) |
37 | { |
38 | return -EAFNOSUPPORT; |
39 | } |
40 | static void dummy_ipv6_icmp_error(struct sock *sk, struct sk_buff *skb, int err, |
41 | __be16 port, u32 info, u8 *payload) {} |
42 | static int dummy_ipv6_chk_addr(struct net *net, const struct in6_addr *addr, |
43 | const struct net_device *dev, int strict) |
44 | { |
45 | return 0; |
46 | } |
47 | |
48 | static int ping_v6_pre_connect(struct sock *sk, struct sockaddr *uaddr, |
49 | int addr_len) |
50 | { |
51 | /* This check is replicated from __ip6_datagram_connect() and |
52 | * intended to prevent BPF program called below from accessing |
53 | * bytes that are out of the bound specified by user in addr_len. |
54 | */ |
55 | |
56 | if (addr_len < SIN6_LEN_RFC2133) |
57 | return -EINVAL; |
58 | |
59 | return BPF_CGROUP_RUN_PROG_INET6_CONNECT_LOCK(sk, uaddr, &addr_len); |
60 | } |
61 | |
62 | static int ping_v6_sendmsg(struct sock *sk, struct msghdr *msg, size_t len) |
63 | { |
64 | struct inet_sock *inet = inet_sk(sk); |
65 | struct ipv6_pinfo *np = inet6_sk(sk: sk); |
66 | struct icmp6hdr user_icmph; |
67 | int addr_type; |
68 | struct in6_addr *daddr; |
69 | int oif = 0; |
70 | struct flowi6 fl6; |
71 | int err; |
72 | struct dst_entry *dst; |
73 | struct rt6_info *rt; |
74 | struct pingfakehdr pfh; |
75 | struct ipcm6_cookie ipc6; |
76 | |
77 | err = ping_common_sendmsg(AF_INET6, msg, len, user_icmph: &user_icmph, |
78 | icmph_len: sizeof(user_icmph)); |
79 | if (err) |
80 | return err; |
81 | |
82 | memset(&fl6, 0, sizeof(fl6)); |
83 | |
84 | if (msg->msg_name) { |
85 | DECLARE_SOCKADDR(struct sockaddr_in6 *, u, msg->msg_name); |
86 | if (msg->msg_namelen < sizeof(*u)) |
87 | return -EINVAL; |
88 | if (u->sin6_family != AF_INET6) { |
89 | return -EAFNOSUPPORT; |
90 | } |
91 | daddr = &(u->sin6_addr); |
92 | if (inet6_test_bit(SNDFLOW, sk)) |
93 | fl6.flowlabel = u->sin6_flowinfo & IPV6_FLOWINFO_MASK; |
94 | if (__ipv6_addr_needs_scope_id(type: ipv6_addr_type(addr: daddr))) |
95 | oif = u->sin6_scope_id; |
96 | } else { |
97 | if (sk->sk_state != TCP_ESTABLISHED) |
98 | return -EDESTADDRREQ; |
99 | daddr = &sk->sk_v6_daddr; |
100 | fl6.flowlabel = np->flow_label; |
101 | } |
102 | |
103 | if (!oif) |
104 | oif = sk->sk_bound_dev_if; |
105 | |
106 | if (!oif) |
107 | oif = np->sticky_pktinfo.ipi6_ifindex; |
108 | |
109 | if (!oif && ipv6_addr_is_multicast(addr: daddr)) |
110 | oif = np->mcast_oif; |
111 | else if (!oif) |
112 | oif = np->ucast_oif; |
113 | |
114 | addr_type = ipv6_addr_type(addr: daddr); |
115 | if ((__ipv6_addr_needs_scope_id(type: addr_type) && !oif) || |
116 | (addr_type & IPV6_ADDR_MAPPED) || |
117 | (oif && sk->sk_bound_dev_if && oif != sk->sk_bound_dev_if && |
118 | l3mdev_master_ifindex_by_index(net: sock_net(sk), ifindex: oif) != sk->sk_bound_dev_if)) |
119 | return -EINVAL; |
120 | |
121 | ipcm6_init_sk(ipc6: &ipc6, sk); |
122 | ipc6.sockc.tsflags = READ_ONCE(sk->sk_tsflags); |
123 | ipc6.sockc.mark = READ_ONCE(sk->sk_mark); |
124 | |
125 | fl6.flowi6_oif = oif; |
126 | |
127 | if (msg->msg_controllen) { |
128 | struct ipv6_txoptions opt = {}; |
129 | |
130 | opt.tot_len = sizeof(opt); |
131 | ipc6.opt = &opt; |
132 | |
133 | err = ip6_datagram_send_ctl(net: sock_net(sk), sk, msg, fl6: &fl6, ipc6: &ipc6); |
134 | if (err < 0) |
135 | return err; |
136 | |
137 | /* Changes to txoptions and flow info are not implemented, yet. |
138 | * Drop the options. |
139 | */ |
140 | ipc6.opt = NULL; |
141 | } |
142 | |
143 | fl6.flowi6_proto = IPPROTO_ICMPV6; |
144 | fl6.saddr = np->saddr; |
145 | fl6.daddr = *daddr; |
146 | fl6.flowi6_mark = ipc6.sockc.mark; |
147 | fl6.flowi6_uid = sk->sk_uid; |
148 | fl6.fl6_icmp_type = user_icmph.icmp6_type; |
149 | fl6.fl6_icmp_code = user_icmph.icmp6_code; |
150 | security_sk_classify_flow(sk, flic: flowi6_to_flowi_common(fl6: &fl6)); |
151 | |
152 | fl6.flowlabel = ip6_make_flowinfo(tclass: ipc6.tclass, flowlabel: fl6.flowlabel); |
153 | |
154 | dst = ip6_sk_dst_lookup_flow(sk, fl6: &fl6, final_dst: daddr, connected: false); |
155 | if (IS_ERR(ptr: dst)) |
156 | return PTR_ERR(ptr: dst); |
157 | rt = (struct rt6_info *) dst; |
158 | |
159 | if (!fl6.flowi6_oif && ipv6_addr_is_multicast(addr: &fl6.daddr)) |
160 | fl6.flowi6_oif = np->mcast_oif; |
161 | else if (!fl6.flowi6_oif) |
162 | fl6.flowi6_oif = np->ucast_oif; |
163 | |
164 | pfh.icmph.type = user_icmph.icmp6_type; |
165 | pfh.icmph.code = user_icmph.icmp6_code; |
166 | pfh.icmph.checksum = 0; |
167 | pfh.icmph.un.echo.id = inet->inet_sport; |
168 | pfh.icmph.un.echo.sequence = user_icmph.icmp6_sequence; |
169 | pfh.msg = msg; |
170 | pfh.wcheck = 0; |
171 | pfh.family = AF_INET6; |
172 | |
173 | if (ipc6.hlimit < 0) |
174 | ipc6.hlimit = ip6_sk_dst_hoplimit(np, fl6: &fl6, dst); |
175 | |
176 | lock_sock(sk); |
177 | err = ip6_append_data(sk, getfrag: ping_getfrag, from: &pfh, length: len, |
178 | transhdrlen: sizeof(struct icmp6hdr), ipc6: &ipc6, fl6: &fl6, rt, |
179 | MSG_DONTWAIT); |
180 | |
181 | if (err) { |
182 | ICMP6_INC_STATS(sock_net(sk), rt->rt6i_idev, |
183 | ICMP6_MIB_OUTERRORS); |
184 | ip6_flush_pending_frames(sk); |
185 | } else { |
186 | icmpv6_push_pending_frames(sk, fl6: &fl6, |
187 | thdr: (struct icmp6hdr *)&pfh.icmph, len); |
188 | } |
189 | release_sock(sk); |
190 | |
191 | dst_release(dst); |
192 | |
193 | if (err) |
194 | return err; |
195 | |
196 | return len; |
197 | } |
198 | |
199 | struct proto pingv6_prot = { |
200 | .name = "PINGv6" , |
201 | .owner = THIS_MODULE, |
202 | .init = ping_init_sock, |
203 | .close = ping_close, |
204 | .pre_connect = ping_v6_pre_connect, |
205 | .connect = ip6_datagram_connect_v6_only, |
206 | .disconnect = __udp_disconnect, |
207 | .setsockopt = ipv6_setsockopt, |
208 | .getsockopt = ipv6_getsockopt, |
209 | .sendmsg = ping_v6_sendmsg, |
210 | .recvmsg = ping_recvmsg, |
211 | .bind = ping_bind, |
212 | .backlog_rcv = ping_queue_rcv_skb, |
213 | .hash = ping_hash, |
214 | .unhash = ping_unhash, |
215 | .get_port = ping_get_port, |
216 | .put_port = ping_unhash, |
217 | .obj_size = sizeof(struct raw6_sock), |
218 | .ipv6_pinfo_offset = offsetof(struct raw6_sock, inet6), |
219 | }; |
220 | EXPORT_SYMBOL_GPL(pingv6_prot); |
221 | |
222 | static struct inet_protosw pingv6_protosw = { |
223 | .type = SOCK_DGRAM, |
224 | .protocol = IPPROTO_ICMPV6, |
225 | .prot = &pingv6_prot, |
226 | .ops = &inet6_sockraw_ops, |
227 | .flags = INET_PROTOSW_REUSE, |
228 | }; |
229 | |
230 | #ifdef CONFIG_PROC_FS |
231 | static void *ping_v6_seq_start(struct seq_file *seq, loff_t *pos) |
232 | { |
233 | return ping_seq_start(seq, pos, AF_INET6); |
234 | } |
235 | |
236 | static int ping_v6_seq_show(struct seq_file *seq, void *v) |
237 | { |
238 | if (v == SEQ_START_TOKEN) { |
239 | seq_puts(m: seq, IPV6_SEQ_DGRAM_HEADER); |
240 | } else { |
241 | int bucket = ((struct ping_iter_state *) seq->private)->bucket; |
242 | struct inet_sock *inet = inet_sk((struct sock *)v); |
243 | __u16 srcp = ntohs(inet->inet_sport); |
244 | __u16 destp = ntohs(inet->inet_dport); |
245 | ip6_dgram_sock_seq_show(seq, sp: v, srcp, destp, bucket); |
246 | } |
247 | return 0; |
248 | } |
249 | |
250 | static const struct seq_operations ping_v6_seq_ops = { |
251 | .start = ping_v6_seq_start, |
252 | .show = ping_v6_seq_show, |
253 | .next = ping_seq_next, |
254 | .stop = ping_seq_stop, |
255 | }; |
256 | |
257 | static int __net_init ping_v6_proc_init_net(struct net *net) |
258 | { |
259 | if (!proc_create_net("icmp6" , 0444, net->proc_net, &ping_v6_seq_ops, |
260 | sizeof(struct ping_iter_state))) |
261 | return -ENOMEM; |
262 | return 0; |
263 | } |
264 | |
265 | static void __net_exit ping_v6_proc_exit_net(struct net *net) |
266 | { |
267 | remove_proc_entry("icmp6" , net->proc_net); |
268 | } |
269 | |
270 | static struct pernet_operations ping_v6_net_ops = { |
271 | .init = ping_v6_proc_init_net, |
272 | .exit = ping_v6_proc_exit_net, |
273 | }; |
274 | #endif |
275 | |
276 | int __init pingv6_init(void) |
277 | { |
278 | #ifdef CONFIG_PROC_FS |
279 | int ret = register_pernet_subsys(&ping_v6_net_ops); |
280 | if (ret) |
281 | return ret; |
282 | #endif |
283 | pingv6_ops.ipv6_recv_error = ipv6_recv_error; |
284 | pingv6_ops.ip6_datagram_recv_common_ctl = ip6_datagram_recv_common_ctl; |
285 | pingv6_ops.ip6_datagram_recv_specific_ctl = |
286 | ip6_datagram_recv_specific_ctl; |
287 | pingv6_ops.icmpv6_err_convert = icmpv6_err_convert; |
288 | pingv6_ops.ipv6_icmp_error = ipv6_icmp_error; |
289 | pingv6_ops.ipv6_chk_addr = ipv6_chk_addr; |
290 | return inet6_register_protosw(p: &pingv6_protosw); |
291 | } |
292 | |
293 | /* This never gets called because it's not possible to unload the ipv6 module, |
294 | * but just in case. |
295 | */ |
296 | void pingv6_exit(void) |
297 | { |
298 | pingv6_ops.ipv6_recv_error = dummy_ipv6_recv_error; |
299 | pingv6_ops.ip6_datagram_recv_common_ctl = dummy_ip6_datagram_recv_ctl; |
300 | pingv6_ops.ip6_datagram_recv_specific_ctl = dummy_ip6_datagram_recv_ctl; |
301 | pingv6_ops.icmpv6_err_convert = dummy_icmpv6_err_convert; |
302 | pingv6_ops.ipv6_icmp_error = dummy_ipv6_icmp_error; |
303 | pingv6_ops.ipv6_chk_addr = dummy_ipv6_chk_addr; |
304 | #ifdef CONFIG_PROC_FS |
305 | unregister_pernet_subsys(&ping_v6_net_ops); |
306 | #endif |
307 | inet6_unregister_protosw(p: &pingv6_protosw); |
308 | } |
309 | |