net/ipv6/ipv6_sockglue.c

   1 /*
   2  *      IPv6 BSD socket options interface
   3  *      Linux INET6 implementation
   4  *
   5  *      Authors:
   6  *      Pedro Roque             <roque@di.fc.ul.pt>
   7  *
   8  *      Based on linux/net/ipv4/ip_sockglue.c
   9  *
  10  *      This program is free software; you can redistribute it and/or
  11  *      modify it under the terms of the GNU General Public License
  12  *      as published by the Free Software Foundation; either version
  13  *      2 of the License, or (at your option) any later version.
  14  *
  15  *      FIXME: Make the setsockopt code POSIX compliant: That is
  16  *
  17  *      o       Truncate getsockopt returns
  18  *      o       Return an optlen of the truncated length if need be
  19  *
  20  *      Changes:
  21  *      David L Stevens <dlstevens@us.ibm.com>:
  22  *              - added multicast source filtering API for MLDv2
  23  */
  24
  25 #include <linux/module.h>
  26 #include <linux/capability.h>
  27 #include <linux/errno.h>
  28 #include <linux/types.h>
  29 #include <linux/socket.h>
  30 #include <linux/sockios.h>
  31 #include <linux/net.h>
  32 #include <linux/in6.h>
  33 #include <linux/mroute6.h>
  34 #include <linux/netdevice.h>
  35 #include <linux/if_arp.h>
  36 #include <linux/init.h>
  37 #include <linux/sysctl.h>
  38 #include <linux/netfilter.h>
  39 #include <linux/slab.h>
  40
  41 #include <net/sock.h>
  42 #include <net/snmp.h>
  43 #include <net/ipv6.h>
  44 #include <net/ndisc.h>
  45 #include <net/protocol.h>
  46 #include <net/transp_v6.h>
  47 #include <net/ip6_route.h>
  48 #include <net/addrconf.h>
  49 #include <net/inet_common.h>
  50 #include <net/tcp.h>
  51 #include <net/udp.h>
  52 #include <net/udplite.h>
  53 #include <net/xfrm.h>
  54 #include <net/compat.h>
  55
  56 #include <asm/uaccess.h>
  57
  58 struct ip6_ra_chain *ip6_ra_chain;
  59 DEFINE_RWLOCK(ip6_ra_lock);
  60
  61 int ip6_ra_control(struct sock *sk, int sel)
  62 {
  63         struct ip6_ra_chain *ra, *new_ra, **rap;
  64
  65         /* RA packet may be delivered ONLY to IPPROTO_RAW socket */
  66         if (sk->sk_type != SOCK_RAW || inet_sk(sk)->inet_num != IPPROTO_RAW)
  67                 return -ENOPROTOOPT;
  68
  69         new_ra = (sel >= 0) ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL;
  70
  71         write_lock_bh(&ip6_ra_lock);
  72         for (rap = &ip6_ra_chain; (ra = *rap) != NULL; rap = &ra->next) {
  73                 if (ra->sk == sk) {
  74                         if (sel >= 0) {
  75                                 write_unlock_bh(&ip6_ra_lock);
  76                                 kfree(new_ra);
  77                                 return -EADDRINUSE;
  78                         }
  79
  80                         *rap = ra->next;
  81                         write_unlock_bh(&ip6_ra_lock);
  82
  83                         sock_put(sk);
  84                         kfree(ra);
  85                         return 0;
  86                 }
  87         }
  88         if (new_ra == NULL) {
  89                 write_unlock_bh(&ip6_ra_lock);
  90                 return -ENOBUFS;
  91         }
  92         new_ra->sk = sk;
  93         new_ra->sel = sel;
  94         new_ra->next = ra;
  95         *rap = new_ra;
  96         sock_hold(sk);
  97         write_unlock_bh(&ip6_ra_lock);
  98         return 0;
  99 }
 100
 101 static
 102 struct ipv6_txoptions *ipv6_update_options(struct sock *sk,
 103                                            struct ipv6_txoptions *opt)
 104 {
 105         if (inet_sk(sk)->is_icsk) {
 106                 if (opt &&
 107                     !((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) &&
 108                     inet_sk(sk)->inet_daddr != LOOPBACK4_IPV6) {
 109                         struct inet_connection_sock *icsk = inet_csk(sk);
 110                         icsk->icsk_ext_hdr_len = opt->opt_flen + opt->opt_nflen;
 111                         icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie);
 112                 }
 113         }
 114         opt = xchg(&inet6_sk(sk)->opt, opt);
 115         sk_dst_reset(sk);
 116
 117         return opt;
 118 }
 119
 120 static int do_ipv6_setsockopt(struct sock *sk, int level, int optname,
 121                     char __user *optval, unsigned int optlen)
 122 {
 123         struct ipv6_pinfo *np = inet6_sk(sk);
 124         struct net *net = sock_net(sk);
 125         int val, valbool;
 126         int retv = -ENOPROTOOPT;
 127
 128         if (optval == NULL)
 129                 val = 0;
 130         else {
 131                 if (optlen >= sizeof(int)) {
 132                         if (get_user(val, (int __user *) optval))
 133                                 return -EFAULT;
 134                 } else
 135                         val = 0;
 136         }
 137
 138         valbool = (val != 0);
 139
 140         if (ip6_mroute_opt(optname))
 141                 return ip6_mroute_setsockopt(sk, optname, optval, optlen);
 142
 143         lock_sock(sk);
 144
 145         switch (optname) {
 146
 147         case IPV6_ADDRFORM:
 148                 if (optlen < sizeof(int))
 149                         goto e_inval;
 150                 if (val == PF_INET) {
 151                         struct ipv6_txoptions *opt;
 152                         struct sk_buff *pktopt;
 153
 154                         if (sk->sk_type == SOCK_RAW)
 155                                 break;
 156
 157                         if (sk->sk_protocol == IPPROTO_UDP ||
 158                             sk->sk_protocol == IPPROTO_UDPLITE) {
 159                                 struct udp_sock *up = udp_sk(sk);
 160                                 if (up->pending == AF_INET6) {
 161                                         retv = -EBUSY;
 162                                         break;
 163                                 }
 164                         } else if (sk->sk_protocol != IPPROTO_TCP)
 165                                 break;
 166
 167                         if (sk->sk_state != TCP_ESTABLISHED) {
 168                                 retv = -ENOTCONN;
 169                                 break;
 170                         }
 171
 172                         if (ipv6_only_sock(sk) ||
 173                             !ipv6_addr_v4mapped(&sk->sk_v6_daddr)) {
 174                                 retv = -EADDRNOTAVAIL;
 175                                 break;
 176                         }
 177
 178                         fl6_free_socklist(sk);
 179                         ipv6_sock_mc_close(sk);
 180
 181                         /*
 182                          * Sock is moving from IPv6 to IPv4 (sk_prot), so
 183                          * remove it from the refcnt debug socks count in the
 184                          * original family...
 185                          */
 186                         sk_refcnt_debug_dec(sk);
 187
 188                         if (sk->sk_protocol == IPPROTO_TCP) {
 189                                 struct inet_connection_sock *icsk = inet_csk(sk);
 190                                 local_bh_disable();
 191                                 sock_prot_inuse_add(net, sk->sk_prot, -1);
 192                                 sock_prot_inuse_add(net, &tcp_prot, 1);
 193                                 local_bh_enable();
 194                                 sk->sk_prot = &tcp_prot;
 195                                 icsk->icsk_af_ops = &ipv4_specific;
 196                                 sk->sk_socket->ops = &inet_stream_ops;
 197                                 sk->sk_family = PF_INET;
 198                                 tcp_sync_mss(sk, icsk->icsk_pmtu_cookie);
 199                         } else {
 200                                 struct proto *prot = &udp_prot;
 201
 202                                 if (sk->sk_protocol == IPPROTO_UDPLITE)
 203                                         prot = &udplite_prot;
 204                                 local_bh_disable();
 205                                 sock_prot_inuse_add(net, sk->sk_prot, -1);
 206                                 sock_prot_inuse_add(net, prot, 1);
 207                                 local_bh_enable();
 208                                 sk->sk_prot = prot;
 209                                 sk->sk_socket->ops = &inet_dgram_ops;
 210                                 sk->sk_family = PF_INET;
 211                         }
 212                         opt = xchg(&np->opt, NULL);
 213                         if (opt)
 214                                 sock_kfree_s(sk, opt, opt->tot_len);
 215                         pktopt = xchg(&np->pktoptions, NULL);
 216                         kfree_skb(pktopt);
 217
 218                         sk->sk_destruct = inet_sock_destruct;
 219                         /*
 220                          * ... and add it to the refcnt debug socks count
 221                          * in the new family. -acme
 222                          */
 223                         sk_refcnt_debug_inc(sk);
 224                         module_put(THIS_MODULE);
 225                         retv = 0;
 226                         break;
 227                 }
 228                 goto e_inval;
 229
 230         case IPV6_V6ONLY:
 231                 if (optlen < sizeof(int) ||
 232                     inet_sk(sk)->inet_num)
 233                         goto e_inval;
 234                 sk->sk_ipv6only = valbool;
 235                 retv = 0;
 236                 break;
 237
 238         case IPV6_RECVPKTINFO:
 239                 if (optlen < sizeof(int))
 240                         goto e_inval;
 241                 np->rxopt.bits.rxinfo = valbool;
 242                 retv = 0;
 243                 break;
 244
 245         case IPV6_2292PKTINFO:
 246                 if (optlen < sizeof(int))
 247                         goto e_inval;
 248                 np->rxopt.bits.rxoinfo = valbool;
 249                 retv = 0;
 250                 break;
 251
 252         case IPV6_RECVHOPLIMIT:
 253                 if (optlen < sizeof(int))
 254                         goto e_inval;
 255                 np->rxopt.bits.rxhlim = valbool;
 256                 retv = 0;
 257                 break;
 258
 259         case IPV6_2292HOPLIMIT:
 260                 if (optlen < sizeof(int))
 261                         goto e_inval;
 262                 np->rxopt.bits.rxohlim = valbool;
 263                 retv = 0;
 264                 break;
 265
 266         case IPV6_RECVRTHDR:
 267                 if (optlen < sizeof(int))
 268                         goto e_inval;
 269                 np->rxopt.bits.srcrt = valbool;
 270                 retv = 0;
 271                 break;
 272
 273         case IPV6_2292RTHDR:
 274                 if (optlen < sizeof(int))
 275                         goto e_inval;
 276                 np->rxopt.bits.osrcrt = valbool;
 277                 retv = 0;
 278                 break;
 279
 280         case IPV6_RECVHOPOPTS:
 281                 if (optlen < sizeof(int))
 282                         goto e_inval;
 283                 np->rxopt.bits.hopopts = valbool;
 284                 retv = 0;
 285                 break;
 286
 287         case IPV6_2292HOPOPTS:
 288                 if (optlen < sizeof(int))
 289                         goto e_inval;
 290                 np->rxopt.bits.ohopopts = valbool;
 291                 retv = 0;
 292                 break;
 293
 294         case IPV6_RECVDSTOPTS:
 295                 if (optlen < sizeof(int))
 296                         goto e_inval;
 297                 np->rxopt.bits.dstopts = valbool;
 298                 retv = 0;
 299                 break;
 300
 301         case IPV6_2292DSTOPTS:
 302                 if (optlen < sizeof(int))
 303                         goto e_inval;
 304                 np->rxopt.bits.odstopts = valbool;
 305                 retv = 0;
 306                 break;
 307
 308         case IPV6_TCLASS:
 309                 if (optlen < sizeof(int))
 310                         goto e_inval;
 311                 if (val < -1 || val > 0xff)
 312                         goto e_inval;
 313                 /* RFC 3542, 6.5: default traffic class of 0x0 */
 314                 if (val == -1)
 315                         val = 0;
 316                 np->tclass = val;
 317                 retv = 0;
 318                 break;
 319
 320         case IPV6_RECVTCLASS:
 321                 if (optlen < sizeof(int))
 322                         goto e_inval;
 323                 np->rxopt.bits.rxtclass = valbool;
 324                 retv = 0;
 325                 break;
 326
 327         case IPV6_FLOWINFO:
 328                 if (optlen < sizeof(int))
 329                         goto e_inval;
 330                 np->rxopt.bits.rxflow = valbool;
 331                 retv = 0;
 332                 break;
 333
 334         case IPV6_RECVPATHMTU:
 335                 if (optlen < sizeof(int))
 336                         goto e_inval;
 337                 np->rxopt.bits.rxpmtu = valbool;
 338                 retv = 0;
 339                 break;
 340
 341         case IPV6_TRANSPARENT:
 342                 if (valbool && !ns_capable(net->user_ns, CAP_NET_ADMIN) &&
 343                     !ns_capable(net->user_ns, CAP_NET_RAW)) {
 344                         retv = -EPERM;
 345                         break;
 346                 }
 347                 if (optlen < sizeof(int))
 348                         goto e_inval;
 349                 /* we don't have a separate transparent bit for IPV6 we use the one in the IPv4 socket */
 350                 inet_sk(sk)->transparent = valbool;
 351                 retv = 0;
 352                 break;
 353
 354         case IPV6_RECVORIGDSTADDR:
 355                 if (optlen < sizeof(int))
 356                         goto e_inval;
 357                 np->rxopt.bits.rxorigdstaddr = valbool;
 358                 retv = 0;
 359                 break;
 360
 361         case IPV6_HOPOPTS:
 362         case IPV6_RTHDRDSTOPTS:
 363         case IPV6_RTHDR:
 364         case IPV6_DSTOPTS:
 365         {
 366                 struct ipv6_txoptions *opt;
 367
 368                 /* remove any sticky options header with a zero option
 369                  * length, per RFC3542.
 370                  */
 371                 if (optlen == 0)
 372                         optval = NULL;
 373                 else if (optval == NULL)
 374                         goto e_inval;
 375                 else if (optlen < sizeof(struct ipv6_opt_hdr) ||
 376                          optlen & 0x7 || optlen > 8 * 255)
 377                         goto e_inval;
 378
 379                 /* hop-by-hop / destination options are privileged option */
 380                 retv = -EPERM;
 381                 if (optname != IPV6_RTHDR && !ns_capable(net->user_ns, CAP_NET_RAW))
 382                         break;
 383
 384                 opt = ipv6_renew_options(sk, np->opt, optname,
 385                                          (struct ipv6_opt_hdr __user *)optval,
 386                                          optlen);
 387                 if (IS_ERR(opt)) {
 388                         retv = PTR_ERR(opt);
 389                         break;
 390                 }
 391
 392                 /* routing header option needs extra check */
 393                 retv = -EINVAL;
 394                 if (optname == IPV6_RTHDR && opt && opt->srcrt) {
 395                         struct ipv6_rt_hdr *rthdr = opt->srcrt;
 396                         switch (rthdr->type) {
 397 #if IS_ENABLED(CONFIG_IPV6_MIP6)
 398                         case IPV6_SRCRT_TYPE_2:
 399                                 if (rthdr->hdrlen != 2 ||
 400                                     rthdr->segments_left != 1)
 401                                         goto sticky_done;
 402
 403                                 break;
 404 #endif
 405                         default:
 406                                 goto sticky_done;
 407                         }
 408                 }
 409
 410                 retv = 0;
 411                 opt = ipv6_update_options(sk, opt);
 412 sticky_done:
 413                 if (opt)
 414                         sock_kfree_s(sk, opt, opt->tot_len);
 415                 break;
 416         }
 417
 418         case IPV6_PKTINFO:
 419         {
 420                 struct in6_pktinfo pkt;
 421
 422                 if (optlen == 0)
 423                         goto e_inval;
 424                 else if (optlen < sizeof(struct in6_pktinfo) || optval == NULL)
 425                         goto e_inval;
 426
 427                 if (copy_from_user(&pkt, optval, sizeof(struct in6_pktinfo))) {
 428                                 retv = -EFAULT;
 429                                 break;
 430                 }
 431                 if (sk->sk_bound_dev_if && pkt.ipi6_ifindex != sk->sk_bound_dev_if)
 432                         goto e_inval;
 433
 434                 np->sticky_pktinfo.ipi6_ifindex = pkt.ipi6_ifindex;
 435                 np->sticky_pktinfo.ipi6_addr = pkt.ipi6_addr;
 436                 retv = 0;
 437                 break;
 438         }
 439
 440         case IPV6_2292PKTOPTIONS:
 441         {
 442                 struct ipv6_txoptions *opt = NULL;
 443                 struct msghdr msg;
 444                 struct flowi6 fl6;
 445                 int junk;
 446
 447                 memset(&fl6, 0, sizeof(fl6));
 448                 fl6.flowi6_oif = sk->sk_bound_dev_if;
 449                 fl6.flowi6_mark = sk->sk_mark;
 450
 451                 if (optlen == 0)
 452                         goto update;
 453
 454                 /* 1K is probably excessive
 455                  * 1K is surely not enough, 2K per standard header is 16K.
 456                  */
 457                 retv = -EINVAL;
 458                 if (optlen > 64*1024)
 459                         break;
 460
 461                 opt = sock_kmalloc(sk, sizeof(*opt) + optlen, GFP_KERNEL);
 462                 retv = -ENOBUFS;
 463                 if (opt == NULL)
 464                         break;
 465
 466                 memset(opt, 0, sizeof(*opt));
 467                 opt->tot_len = sizeof(*opt) + optlen;
 468                 retv = -EFAULT;
 469                 if (copy_from_user(opt+1, optval, optlen))
 470                         goto done;
 471
 472                 msg.msg_controllen = optlen;
 473                 msg.msg_control = (void *)(opt+1);
 474
 475                 retv = ip6_datagram_send_ctl(net, sk, &msg, &fl6, opt, &junk,
 476                                              &junk, &junk);
 477                 if (retv)
 478                         goto done;
 479 update:
 480                 retv = 0;
 481                 opt = ipv6_update_options(sk, opt);
 482 done:
 483                 if (opt)
 484                         sock_kfree_s(sk, opt, opt->tot_len);
 485                 break;
 486         }
 487         case IPV6_UNICAST_HOPS:
 488                 if (optlen < sizeof(int))
 489                         goto e_inval;
 490                 if (val > 255 || val < -1)
 491                         goto e_inval;
 492                 np->hop_limit = val;
 493                 retv = 0;
 494                 break;
 495
 496         case IPV6_MULTICAST_HOPS:
 497                 if (sk->sk_type == SOCK_STREAM)
 498                         break;
 499                 if (optlen < sizeof(int))
 500                         goto e_inval;
 501                 if (val > 255 || val < -1)
 502                         goto e_inval;
 503                 np->mcast_hops = (val == -1 ? IPV6_DEFAULT_MCASTHOPS : val);
 504                 retv = 0;
 505                 break;
 506
 507         case IPV6_MULTICAST_LOOP:
 508                 if (optlen < sizeof(int))
 509                         goto e_inval;
 510                 if (val != valbool)
 511                         goto e_inval;
 512                 np->mc_loop = valbool;
 513                 retv = 0;
 514                 break;
 515
 516         case IPV6_UNICAST_IF:
 517         {
 518                 struct net_device *dev = NULL;
 519                 int ifindex;
 520
 521                 if (optlen != sizeof(int))
 522                         goto e_inval;
 523
 524                 ifindex = (__force int)ntohl((__force __be32)val);
 525                 if (ifindex == 0) {
 526                         np->ucast_oif = 0;
 527                         retv = 0;
 528                         break;
 529                 }
 530
 531                 dev = dev_get_by_index(net, ifindex);
 532                 retv = -EADDRNOTAVAIL;
 533                 if (!dev)
 534                         break;
 535                 dev_put(dev);
 536
 537                 retv = -EINVAL;
 538                 if (sk->sk_bound_dev_if)
 539                         break;
 540
 541                 np->ucast_oif = ifindex;
 542                 retv = 0;
 543                 break;
 544         }
 545
 546         case IPV6_MULTICAST_IF:
 547                 if (sk->sk_type == SOCK_STREAM)
 548                         break;
 549                 if (optlen < sizeof(int))
 550                         goto e_inval;
 551
 552                 if (val) {
 553                         struct net_device *dev;
 554
 555                         if (sk->sk_bound_dev_if && sk->sk_bound_dev_if != val)
 556                                 goto e_inval;
 557
 558                         dev = dev_get_by_index(net, val);
 559                         if (!dev) {
 560                                 retv = -ENODEV;
 561                                 break;
 562                         }
 563                         dev_put(dev);
 564                 }
 565                 np->mcast_oif = val;
 566                 retv = 0;
 567                 break;
 568         case IPV6_ADD_MEMBERSHIP:
 569         case IPV6_DROP_MEMBERSHIP:
 570         {
 571                 struct ipv6_mreq mreq;
 572
 573                 if (optlen < sizeof(struct ipv6_mreq))
 574                         goto e_inval;
 575
 576                 retv = -EPROTO;
 577                 if (inet_sk(sk)->is_icsk)
 578                         break;
 579
 580                 retv = -EFAULT;
 581                 if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq)))
 582                         break;
 583
 584                 if (optname == IPV6_ADD_MEMBERSHIP)
 585                         retv = ipv6_sock_mc_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr);
 586                 else
 587                         retv = ipv6_sock_mc_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr);
 588                 break;
 589         }
 590         case IPV6_JOIN_ANYCAST:
 591         case IPV6_LEAVE_ANYCAST:
 592         {
 593                 struct ipv6_mreq mreq;
 594
 595                 if (optlen < sizeof(struct ipv6_mreq))
 596                         goto e_inval;
 597
 598                 retv = -EFAULT;
 599                 if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq)))
 600                         break;
 601
 602                 if (optname == IPV6_JOIN_ANYCAST)
 603                         retv = ipv6_sock_ac_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr);
 604                 else
 605                         retv = ipv6_sock_ac_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr);
 606                 break;
 607         }
 608         case MCAST_JOIN_GROUP:
 609         case MCAST_LEAVE_GROUP:
 610         {
 611                 struct group_req greq;
 612                 struct sockaddr_in6 *psin6;
 613
 614                 if (optlen < sizeof(struct group_req))
 615                         goto e_inval;
 616
 617                 retv = -EFAULT;
 618                 if (copy_from_user(&greq, optval, sizeof(struct group_req)))
 619                         break;
 620                 if (greq.gr_group.ss_family != AF_INET6) {
 621                         retv = -EADDRNOTAVAIL;
 622                         break;
 623                 }
 624                 psin6 = (struct sockaddr_in6 *)&greq.gr_group;
 625                 if (optname == MCAST_JOIN_GROUP)
 626                         retv = ipv6_sock_mc_join(sk, greq.gr_interface,
 627                                 &psin6->sin6_addr);
 628                 else
 629                         retv = ipv6_sock_mc_drop(sk, greq.gr_interface,
 630                                 &psin6->sin6_addr);
 631                 break;
 632         }
 633         case MCAST_JOIN_SOURCE_GROUP:
 634         case MCAST_LEAVE_SOURCE_GROUP:
 635         case MCAST_BLOCK_SOURCE:
 636         case MCAST_UNBLOCK_SOURCE:
 637         {
 638                 struct group_source_req greqs;
 639                 int omode, add;
 640
 641                 if (optlen < sizeof(struct group_source_req))
 642                         goto e_inval;
 643                 if (copy_from_user(&greqs, optval, sizeof(greqs))) {
 644                         retv = -EFAULT;
 645                         break;
 646                 }
 647                 if (greqs.gsr_group.ss_family != AF_INET6 ||
 648                     greqs.gsr_source.ss_family != AF_INET6) {
 649                         retv = -EADDRNOTAVAIL;
 650                         break;
 651                 }
 652                 if (optname == MCAST_BLOCK_SOURCE) {
 653                         omode = MCAST_EXCLUDE;
 654                         add = 1;
 655                 } else if (optname == MCAST_UNBLOCK_SOURCE) {
 656                         omode = MCAST_EXCLUDE;
 657                         add = 0;
 658                 } else if (optname == MCAST_JOIN_SOURCE_GROUP) {
 659                         struct sockaddr_in6 *psin6;
 660
 661                         psin6 = (struct sockaddr_in6 *)&greqs.gsr_group;
 662                         retv = ipv6_sock_mc_join(sk, greqs.gsr_interface,
 663                                 &psin6->sin6_addr);
 664                         /* prior join w/ different source is ok */
 665                         if (retv && retv != -EADDRINUSE)
 666                                 break;
 667                         omode = MCAST_INCLUDE;
 668                         add = 1;
 669                 } else /* MCAST_LEAVE_SOURCE_GROUP */ {
 670                         omode = MCAST_INCLUDE;
 671                         add = 0;
 672                 }
 673                 retv = ip6_mc_source(add, omode, sk, &greqs);
 674                 break;
 675         }
 676         case MCAST_MSFILTER:
 677         {
 678                 struct group_filter *gsf;
 679
 680                 if (optlen < GROUP_FILTER_SIZE(0))
 681                         goto e_inval;
 682                 if (optlen > sysctl_optmem_max) {
 683                         retv = -ENOBUFS;
 684                         break;
 685                 }
 686                 gsf = kmalloc(optlen, GFP_KERNEL);
 687                 if (!gsf) {
 688                         retv = -ENOBUFS;
 689                         break;
 690                 }
 691                 retv = -EFAULT;
 692                 if (copy_from_user(gsf, optval, optlen)) {
 693                         kfree(gsf);
 694                         break;
 695                 }
 696                 /* numsrc >= (4G-140)/128 overflow in 32 bits */
 697                 if (gsf->gf_numsrc >= 0x1ffffffU ||
 698                     gsf->gf_numsrc > sysctl_mld_max_msf) {
 699                         kfree(gsf);
 700                         retv = -ENOBUFS;
 701                         break;
 702                 }
 703                 if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) {
 704                         kfree(gsf);
 705                         retv = -EINVAL;
 706                         break;
 707                 }
 708                 retv = ip6_mc_msfilter(sk, gsf);
 709                 kfree(gsf);
 710
 711                 break;
 712         }
 713         case IPV6_ROUTER_ALERT:
 714                 if (optlen < sizeof(int))
 715                         goto e_inval;
 716                 retv = ip6_ra_control(sk, val);
 717                 break;
 718         case IPV6_MTU_DISCOVER:
 719                 if (optlen < sizeof(int))
 720                         goto e_inval;
 721                 if (val < IPV6_PMTUDISC_DONT || val > IPV6_PMTUDISC_OMIT)
 722                         goto e_inval;
 723                 np->pmtudisc = val;
 724                 retv = 0;
 725                 break;
 726         case IPV6_MTU:
 727                 if (optlen < sizeof(int))
 728                         goto e_inval;
 729                 if (val && val < IPV6_MIN_MTU)
 730                         goto e_inval;
 731                 np->frag_size = val;
 732                 retv = 0;
 733                 break;
 734         case IPV6_RECVERR:
 735                 if (optlen < sizeof(int))
 736                         goto e_inval;
 737                 np->recverr = valbool;
 738                 if (!val)
 739                         skb_queue_purge(&sk->sk_error_queue);
 740                 retv = 0;
 741                 break;
 742         case IPV6_FLOWINFO_SEND:
 743                 if (optlen < sizeof(int))
 744                         goto e_inval;
 745                 np->sndflow = valbool;
 746                 retv = 0;
 747                 break;
 748         case IPV6_FLOWLABEL_MGR:
 749                 retv = ipv6_flowlabel_opt(sk, optval, optlen);
 750                 break;
 751         case IPV6_IPSEC_POLICY:
 752         case IPV6_XFRM_POLICY:
 753                 retv = -EPERM;
 754                 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
 755                         break;
 756                 retv = xfrm_user_policy(sk, optname, optval, optlen);
 757                 break;
 758
 759         case IPV6_ADDR_PREFERENCES:
 760             {
 761                 unsigned int pref = 0;
 762                 unsigned int prefmask = ~0;
 763
 764                 if (optlen < sizeof(int))
 765                         goto e_inval;
 766
 767                 retv = -EINVAL;
 768
 769                 /* check PUBLIC/TMP/PUBTMP_DEFAULT conflicts */
 770                 switch (val & (IPV6_PREFER_SRC_PUBLIC|
 771                                IPV6_PREFER_SRC_TMP|
 772                                IPV6_PREFER_SRC_PUBTMP_DEFAULT)) {
 773                 case IPV6_PREFER_SRC_PUBLIC:
 774                         pref |= IPV6_PREFER_SRC_PUBLIC;
 775                         break;
 776                 case IPV6_PREFER_SRC_TMP:
 777                         pref |= IPV6_PREFER_SRC_TMP;
 778                         break;
 779                 case IPV6_PREFER_SRC_PUBTMP_DEFAULT:
 780                         break;
 781                 case 0:
 782                         goto pref_skip_pubtmp;
 783                 default:
 784                         goto e_inval;
 785                 }
 786
 787                 prefmask &= ~(IPV6_PREFER_SRC_PUBLIC|
 788                               IPV6_PREFER_SRC_TMP);
 789 pref_skip_pubtmp:
 790
 791                 /* check HOME/COA conflicts */
 792                 switch (val & (IPV6_PREFER_SRC_HOME|IPV6_PREFER_SRC_COA)) {
 793                 case IPV6_PREFER_SRC_HOME:
 794                         break;
 795                 case IPV6_PREFER_SRC_COA:
 796                         pref |= IPV6_PREFER_SRC_COA;
 797                 case 0:
 798                         goto pref_skip_coa;
 799                 default:
 800                         goto e_inval;
 801                 }
 802
 803                 prefmask &= ~IPV6_PREFER_SRC_COA;
 804 pref_skip_coa:
 805
 806                 /* check CGA/NONCGA conflicts */
 807                 switch (val & (IPV6_PREFER_SRC_CGA|IPV6_PREFER_SRC_NONCGA)) {
 808                 case IPV6_PREFER_SRC_CGA:
 809                 case IPV6_PREFER_SRC_NONCGA:
 810                 case 0:
 811                         break;
 812                 default:
 813                         goto e_inval;
 814                 }
 815
 816                 np->srcprefs = (np->srcprefs & prefmask) | pref;
 817                 retv = 0;
 818
 819                 break;
 820             }
 821         case IPV6_MINHOPCOUNT:
 822                 if (optlen < sizeof(int))
 823                         goto e_inval;
 824                 if (val < 0 || val > 255)
 825                         goto e_inval;
 826                 np->min_hopcount = val;
 827                 retv = 0;
 828                 break;
 829         case IPV6_DONTFRAG:
 830                 np->dontfrag = valbool;
 831                 retv = 0;
 832                 break;
 833         case IPV6_AUTOFLOWLABEL:
 834                 np->autoflowlabel = valbool;
 835                 retv = 0;
 836                 break;
 837         }
 838
 839         release_sock(sk);
 840
 841         return retv;
 842
 843 e_inval:
 844         release_sock(sk);
 845         return -EINVAL;
 846 }
 847
 848 int ipv6_setsockopt(struct sock *sk, int level, int optname,
 849                     char __user *optval, unsigned int optlen)
 850 {
 851         int err;
 852
 853         if (level == SOL_IP && sk->sk_type != SOCK_RAW)
 854                 return udp_prot.setsockopt(sk, level, optname, optval, optlen);
 855
 856         if (level != SOL_IPV6)
 857                 return -ENOPROTOOPT;
 858
 859         err = do_ipv6_setsockopt(sk, level, optname, optval, optlen);
 860 #ifdef CONFIG_NETFILTER
 861         /* we need to exclude all possible ENOPROTOOPTs except default case */
 862         if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY &&
 863                         optname != IPV6_XFRM_POLICY) {
 864                 lock_sock(sk);
 865                 err = nf_setsockopt(sk, PF_INET6, optname, optval,
 866                                 optlen);
 867                 release_sock(sk);
 868         }
 869 #endif
 870         return err;
 871 }
 872 EXPORT_SYMBOL(ipv6_setsockopt);
 873
 874 #ifdef CONFIG_COMPAT
 875 int compat_ipv6_setsockopt(struct sock *sk, int level, int optname,
 876                            char __user *optval, unsigned int optlen)
 877 {
 878         int err;
 879
 880         if (level == SOL_IP && sk->sk_type != SOCK_RAW) {
 881                 if (udp_prot.compat_setsockopt != NULL)
 882                         return udp_prot.compat_setsockopt(sk, level, optname,
 883                                                           optval, optlen);
 884                 return udp_prot.setsockopt(sk, level, optname, optval, optlen);
 885         }
 886
 887         if (level != SOL_IPV6)
 888                 return -ENOPROTOOPT;
 889
 890         if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER)
 891                 return compat_mc_setsockopt(sk, level, optname, optval, optlen,
 892                         ipv6_setsockopt);
 893
 894         err = do_ipv6_setsockopt(sk, level, optname, optval, optlen);
 895 #ifdef CONFIG_NETFILTER
 896         /* we need to exclude all possible ENOPROTOOPTs except default case */
 897         if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY &&
 898             optname != IPV6_XFRM_POLICY) {
 899                 lock_sock(sk);
 900                 err = compat_nf_setsockopt(sk, PF_INET6, optname,
 901                                            optval, optlen);
 902                 release_sock(sk);
 903         }
 904 #endif
 905         return err;
 906 }
 907 EXPORT_SYMBOL(compat_ipv6_setsockopt);
 908 #endif
 909
 910 static int ipv6_getsockopt_sticky(struct sock *sk, struct ipv6_txoptions *opt,
 911                                   int optname, char __user *optval, int len)
 912 {
 913         struct ipv6_opt_hdr *hdr;
 914
 915         if (!opt)
 916                 return 0;
 917
 918         switch (optname) {
 919         case IPV6_HOPOPTS:
 920                 hdr = opt->hopopt;
 921                 break;
 922         case IPV6_RTHDRDSTOPTS:
 923                 hdr = opt->dst0opt;
 924                 break;
 925         case IPV6_RTHDR:
 926                 hdr = (struct ipv6_opt_hdr *)opt->srcrt;
 927                 break;
 928         case IPV6_DSTOPTS:
 929                 hdr = opt->dst1opt;
 930                 break;
 931         default:
 932                 return -EINVAL; /* should not happen */
 933         }
 934
 935         if (!hdr)
 936                 return 0;
 937
 938         len = min_t(unsigned int, len, ipv6_optlen(hdr));
 939         if (copy_to_user(optval, hdr, len))
 940                 return -EFAULT;
 941         return len;
 942 }
 943
 944 static int do_ipv6_getsockopt(struct sock *sk, int level, int optname,
 945                     char __user *optval, int __user *optlen, unsigned int flags)
 946 {
 947         struct ipv6_pinfo *np = inet6_sk(sk);
 948         int len;
 949         int val;
 950
 951         if (ip6_mroute_opt(optname))
 952                 return ip6_mroute_getsockopt(sk, optname, optval, optlen);
 953
 954         if (get_user(len, optlen))
 955                 return -EFAULT;
 956         switch (optname) {
 957         case IPV6_ADDRFORM:
 958                 if (sk->sk_protocol != IPPROTO_UDP &&
 959                     sk->sk_protocol != IPPROTO_UDPLITE &&
 960                     sk->sk_protocol != IPPROTO_TCP)
 961                         return -ENOPROTOOPT;
 962                 if (sk->sk_state != TCP_ESTABLISHED)
 963                         return -ENOTCONN;
 964                 val = sk->sk_family;
 965                 break;
 966         case MCAST_MSFILTER:
 967         {
 968                 struct group_filter gsf;
 969                 int err;
 970
 971                 if (len < GROUP_FILTER_SIZE(0))
 972                         return -EINVAL;
 973                 if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0)))
 974                         return -EFAULT;
 975                 if (gsf.gf_group.ss_family != AF_INET6)
 976                         return -EADDRNOTAVAIL;
 977                 lock_sock(sk);
 978                 err = ip6_mc_msfget(sk, &gsf,
 979                         (struct group_filter __user *)optval, optlen);
 980                 release_sock(sk);
 981                 return err;
 982         }
 983
 984         case IPV6_2292PKTOPTIONS:
 985         {
 986                 struct msghdr msg;
 987                 struct sk_buff *skb;
 988
 989                 if (sk->sk_type != SOCK_STREAM)
 990                         return -ENOPROTOOPT;
 991
 992                 msg.msg_control = optval;
 993                 msg.msg_controllen = len;
 994                 msg.msg_flags = flags;
 995
 996                 lock_sock(sk);
 997                 skb = np->pktoptions;
 998                 if (skb)
 999                         ip6_datagram_recv_ctl(sk, &msg, skb);
1000                 release_sock(sk);
1001                 if (!skb) {
1002                         if (np->rxopt.bits.rxinfo) {
1003                                 struct in6_pktinfo src_info;
1004                                 src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif :
1005                                         np->sticky_pktinfo.ipi6_ifindex;
1006                                 src_info.ipi6_addr = np->mcast_oif ? sk->sk_v6_daddr : np->sticky_pktinfo.ipi6_addr;
1007                                 put_cmsg(&msg, SOL_IPV6, IPV6_PKTINFO, sizeof(src_info), &src_info);
1008                         }
1009                         if (np->rxopt.bits.rxhlim) {
1010                                 int hlim = np->mcast_hops;
1011                                 put_cmsg(&msg, SOL_IPV6, IPV6_HOPLIMIT, sizeof(hlim), &hlim);
1012                         }
1013                         if (np->rxopt.bits.rxtclass) {
1014                                 int tclass = (int)ip6_tclass(np->rcv_flowinfo);
1015
1016                                 put_cmsg(&msg, SOL_IPV6, IPV6_TCLASS, sizeof(tclass), &tclass);
1017                         }
1018                         if (np->rxopt.bits.rxoinfo) {
1019                                 struct in6_pktinfo src_info;
1020                                 src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif :
1021                                         np->sticky_pktinfo.ipi6_ifindex;
1022                                 src_info.ipi6_addr = np->mcast_oif ? sk->sk_v6_daddr :
1023                                                                      np->sticky_pktinfo.ipi6_addr;
1024                                 put_cmsg(&msg, SOL_IPV6, IPV6_2292PKTINFO, sizeof(src_info), &src_info);
1025                         }
1026                         if (np->rxopt.bits.rxohlim) {
1027                                 int hlim = np->mcast_hops;
1028                                 put_cmsg(&msg, SOL_IPV6, IPV6_2292HOPLIMIT, sizeof(hlim), &hlim);
1029                         }
1030                         if (np->rxopt.bits.rxflow) {
1031                                 __be32 flowinfo = np->rcv_flowinfo;
1032
1033                                 put_cmsg(&msg, SOL_IPV6, IPV6_FLOWINFO, sizeof(flowinfo), &flowinfo);
1034                         }
1035                 }
1036                 len -= msg.msg_controllen;
1037                 return put_user(len, optlen);
1038         }
1039         case IPV6_MTU:
1040         {
1041                 struct dst_entry *dst;
1042
1043                 val = 0;
1044                 rcu_read_lock();
1045                 dst = __sk_dst_get(sk);
1046                 if (dst)
1047                         val = dst_mtu(dst);
1048                 rcu_read_unlock();
1049                 if (!val)
1050                         return -ENOTCONN;
1051                 break;
1052         }
1053
1054         case IPV6_V6ONLY:
1055                 val = sk->sk_ipv6only;
1056                 break;
1057
1058         case IPV6_RECVPKTINFO:
1059                 val = np->rxopt.bits.rxinfo;
1060                 break;
1061
1062         case IPV6_2292PKTINFO:
1063                 val = np->rxopt.bits.rxoinfo;
1064                 break;
1065
1066         case IPV6_RECVHOPLIMIT:
1067                 val = np->rxopt.bits.rxhlim;
1068                 break;
1069
1070         case IPV6_2292HOPLIMIT:
1071                 val = np->rxopt.bits.rxohlim;
1072                 break;
1073
1074         case IPV6_RECVRTHDR:
1075                 val = np->rxopt.bits.srcrt;
1076                 break;
1077
1078         case IPV6_2292RTHDR:
1079                 val = np->rxopt.bits.osrcrt;
1080                 break;
1081
1082         case IPV6_HOPOPTS:
1083         case IPV6_RTHDRDSTOPTS:
1084         case IPV6_RTHDR:
1085         case IPV6_DSTOPTS:
1086         {
1087
1088                 lock_sock(sk);
1089                 len = ipv6_getsockopt_sticky(sk, np->opt,
1090                                              optname, optval, len);
1091                 release_sock(sk);
1092                 /* check if ipv6_getsockopt_sticky() returns err code */
1093                 if (len < 0)
1094                         return len;
1095                 return put_user(len, optlen);
1096         }
1097
1098         case IPV6_RECVHOPOPTS:
1099                 val = np->rxopt.bits.hopopts;
1100                 break;
1101
1102         case IPV6_2292HOPOPTS:
1103                 val = np->rxopt.bits.ohopopts;
1104                 break;
1105
1106         case IPV6_RECVDSTOPTS:
1107                 val = np->rxopt.bits.dstopts;
1108                 break;
1109
1110         case IPV6_2292DSTOPTS:
1111                 val = np->rxopt.bits.odstopts;
1112                 break;
1113
1114         case IPV6_TCLASS:
1115                 val = np->tclass;
1116                 break;
1117
1118         case IPV6_RECVTCLASS:
1119                 val = np->rxopt.bits.rxtclass;
1120                 break;
1121
1122         case IPV6_FLOWINFO:
1123                 val = np->rxopt.bits.rxflow;
1124                 break;
1125
1126         case IPV6_RECVPATHMTU:
1127                 val = np->rxopt.bits.rxpmtu;
1128                 break;
1129
1130         case IPV6_PATHMTU:
1131         {
1132                 struct dst_entry *dst;
1133                 struct ip6_mtuinfo mtuinfo;
1134
1135                 if (len < sizeof(mtuinfo))
1136                         return -EINVAL;
1137
1138                 len = sizeof(mtuinfo);
1139                 memset(&mtuinfo, 0, sizeof(mtuinfo));
1140
1141                 rcu_read_lock();
1142                 dst = __sk_dst_get(sk);
1143                 if (dst)
1144                         mtuinfo.ip6m_mtu = dst_mtu(dst);
1145                 rcu_read_unlock();
1146                 if (!mtuinfo.ip6m_mtu)
1147                         return -ENOTCONN;
1148
1149                 if (put_user(len, optlen))
1150                         return -EFAULT;
1151                 if (copy_to_user(optval, &mtuinfo, len))
1152                         return -EFAULT;
1153
1154                 return 0;
1155         }
1156
1157         case IPV6_TRANSPARENT:
1158                 val = inet_sk(sk)->transparent;
1159                 break;
1160
1161         case IPV6_RECVORIGDSTADDR:
1162                 val = np->rxopt.bits.rxorigdstaddr;
1163                 break;
1164
1165         case IPV6_UNICAST_HOPS:
1166         case IPV6_MULTICAST_HOPS:
1167         {
1168                 struct dst_entry *dst;
1169
1170                 if (optname == IPV6_UNICAST_HOPS)
1171                         val = np->hop_limit;
1172                 else
1173                         val = np->mcast_hops;
1174
1175                 if (val < 0) {
1176                         rcu_read_lock();
1177                         dst = __sk_dst_get(sk);
1178                         if (dst)
1179                                 val = ip6_dst_hoplimit(dst);
1180                         rcu_read_unlock();
1181                 }
1182
1183                 if (val < 0)
1184                         val = sock_net(sk)->ipv6.devconf_all->hop_limit;
1185                 break;
1186         }
1187
1188         case IPV6_MULTICAST_LOOP:
1189                 val = np->mc_loop;
1190                 break;
1191
1192         case IPV6_MULTICAST_IF:
1193                 val = np->mcast_oif;
1194                 break;
1195
1196         case IPV6_UNICAST_IF:
1197                 val = (__force int)htonl((__u32) np->ucast_oif);
1198                 break;
1199
1200         case IPV6_MTU_DISCOVER:
1201                 val = np->pmtudisc;
1202                 break;
1203
1204         case IPV6_RECVERR:
1205                 val = np->recverr;
1206                 break;
1207
1208         case IPV6_FLOWINFO_SEND:
1209                 val = np->sndflow;
1210                 break;
1211
1212         case IPV6_FLOWLABEL_MGR:
1213         {
1214                 struct in6_flowlabel_req freq;
1215                 int flags;
1216
1217                 if (len < sizeof(freq))
1218                         return -EINVAL;
1219
1220                 if (copy_from_user(&freq, optval, sizeof(freq)))
1221                         return -EFAULT;
1222
1223                 if (freq.flr_action != IPV6_FL_A_GET)
1224                         return -EINVAL;
1225
1226                 len = sizeof(freq);
1227                 flags = freq.flr_flags;
1228
1229                 memset(&freq, 0, sizeof(freq));
1230
1231                 val = ipv6_flowlabel_opt_get(sk, &freq, flags);
1232                 if (val < 0)
1233                         return val;
1234
1235                 if (put_user(len, optlen))
1236                         return -EFAULT;
1237                 if (copy_to_user(optval, &freq, len))
1238                         return -EFAULT;
1239
1240                 return 0;
1241         }
1242
1243         case IPV6_ADDR_PREFERENCES:
1244                 val = 0;
1245
1246                 if (np->srcprefs & IPV6_PREFER_SRC_TMP)
1247                         val |= IPV6_PREFER_SRC_TMP;
1248                 else if (np->srcprefs & IPV6_PREFER_SRC_PUBLIC)
1249                         val |= IPV6_PREFER_SRC_PUBLIC;
1250                 else {
1251                         /* XXX: should we return system default? */
1252                         val |= IPV6_PREFER_SRC_PUBTMP_DEFAULT;
1253                 }
1254
1255                 if (np->srcprefs & IPV6_PREFER_SRC_COA)
1256                         val |= IPV6_PREFER_SRC_COA;
1257                 else
1258                         val |= IPV6_PREFER_SRC_HOME;
1259                 break;
1260
1261         case IPV6_MINHOPCOUNT:
1262                 val = np->min_hopcount;
1263                 break;
1264
1265         case IPV6_DONTFRAG:
1266                 val = np->dontfrag;
1267                 break;
1268
1269         case IPV6_AUTOFLOWLABEL:
1270                 val = np->autoflowlabel;
1271                 break;
1272
1273         default:
1274                 return -ENOPROTOOPT;
1275         }
1276         len = min_t(unsigned int, sizeof(int), len);
1277         if (put_user(len, optlen))
1278                 return -EFAULT;
1279         if (copy_to_user(optval, &val, len))
1280                 return -EFAULT;
1281         return 0;
1282 }
1283
1284 int ipv6_getsockopt(struct sock *sk, int level, int optname,
1285                     char __user *optval, int __user *optlen)
1286 {
1287         int err;
1288
1289         if (level == SOL_IP && sk->sk_type != SOCK_RAW)
1290                 return udp_prot.getsockopt(sk, level, optname, optval, optlen);
1291
1292         if (level != SOL_IPV6)
1293                 return -ENOPROTOOPT;
1294
1295         err = do_ipv6_getsockopt(sk, level, optname, optval, optlen, 0);
1296 #ifdef CONFIG_NETFILTER
1297         /* we need to exclude all possible ENOPROTOOPTs except default case */
1298         if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) {
1299                 int len;
1300
1301                 if (get_user(len, optlen))
1302                         return -EFAULT;
1303
1304                 lock_sock(sk);
1305                 err = nf_getsockopt(sk, PF_INET6, optname, optval,
1306                                 &len);
1307                 release_sock(sk);
1308                 if (err >= 0)
1309                         err = put_user(len, optlen);
1310         }
1311 #endif
1312         return err;
1313 }
1314 EXPORT_SYMBOL(ipv6_getsockopt);
1315
1316 #ifdef CONFIG_COMPAT
1317 int compat_ipv6_getsockopt(struct sock *sk, int level, int optname,
1318                            char __user *optval, int __user *optlen)
1319 {
1320         int err;
1321
1322         if (level == SOL_IP && sk->sk_type != SOCK_RAW) {
1323                 if (udp_prot.compat_getsockopt != NULL)
1324                         return udp_prot.compat_getsockopt(sk, level, optname,
1325                                                           optval, optlen);
1326                 return udp_prot.getsockopt(sk, level, optname, optval, optlen);
1327         }
1328
1329         if (level != SOL_IPV6)
1330                 return -ENOPROTOOPT;
1331
1332         if (optname == MCAST_MSFILTER)
1333                 return compat_mc_getsockopt(sk, level, optname, optval, optlen,
1334                         ipv6_getsockopt);
1335
1336         err = do_ipv6_getsockopt(sk, level, optname, optval, optlen,
1337                                  MSG_CMSG_COMPAT);
1338 #ifdef CONFIG_NETFILTER
1339         /* we need to exclude all possible ENOPROTOOPTs except default case */
1340         if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) {
1341                 int len;
1342
1343                 if (get_user(len, optlen))
1344                         return -EFAULT;
1345
1346                 lock_sock(sk);
1347                 err = compat_nf_getsockopt(sk, PF_INET6,
1348                                            optname, optval, &len);
1349                 release_sock(sk);
1350                 if (err >= 0)
1351                         err = put_user(len, optlen);
1352         }
1353 #endif
1354         return err;
1355 }
1356 EXPORT_SYMBOL(compat_ipv6_getsockopt);
1357 #endif
1358