Gitiles
Code Review Sign In
192.168.1.100 / T800 / ad7ba9b2ae4c94313f6801cb6e28247d5763f377 / . / src / kernel / linux / v4.19 / net / compat.c
blob: 3c4b0283b29a1045b073484b6b4571f9f9f9d460 [file] [log] [blame]
xjb04a4022021-11-25 15:01:52 +0800[diff] [blame]1/*
2 * 32bit Socket syscall emulation. Based on arch/sparc64/kernel/sys_sparc32.c.
3 *
4 * Copyright (C) 2000 VA Linux Co
5 * Copyright (C) 2000 Don Dugger <n0ano@valinux.com>
6 * Copyright (C) 1999 Arun Sharma <arun.sharma@intel.com>
7 * Copyright (C) 1997,1998 Jakub Jelinek (jj@sunsite.mff.cuni.cz)
8 * Copyright (C) 1997 David S. Miller (davem@caip.rutgers.edu)
9 * Copyright (C) 2000 Hewlett-Packard Co.
10 * Copyright (C) 2000 David Mosberger-Tang <davidm@hpl.hp.com>
11 * Copyright (C) 2000,2001 Andi Kleen, SuSE Labs
12 */
13
14#include <linux/kernel.h>
15#include <linux/gfp.h>
16#include <linux/fs.h>
17#include <linux/types.h>
18#include <linux/file.h>
19#include <linux/icmpv6.h>
20#include <linux/socket.h>
21#include <linux/syscalls.h>
22#include <linux/filter.h>
23#include <linux/compat.h>
24#include <linux/security.h>
25#include <linux/audit.h>
26#include <linux/export.h>
27
28#include <net/scm.h>
29#include <net/sock.h>
30#include <net/ip.h>
31#include <net/ipv6.h>
32#include <linux/uaccess.h>
33#include <net/compat.h>
34
35int get_compat_msghdr(struct msghdr *kmsg,
36 struct compat_msghdr __user *umsg,
37 struct sockaddr __user **save_addr,
38 struct iovec **iov)
39{
40 struct compat_msghdr msg;
41 ssize_t err;
42
43 if (copy_from_user(&msg, umsg, sizeof(*umsg)))
44 return -EFAULT;
45
46 kmsg->msg_flags = msg.msg_flags;
47 kmsg->msg_namelen = msg.msg_namelen;
48
49 if (!msg.msg_name)
50 kmsg->msg_namelen = 0;
51
52 if (kmsg->msg_namelen < 0)
53 return -EINVAL;
54
55 if (kmsg->msg_namelen > sizeof(struct sockaddr_storage))
56 kmsg->msg_namelen = sizeof(struct sockaddr_storage);
57
58 kmsg->msg_control = compat_ptr(msg.msg_control);
59 kmsg->msg_controllen = msg.msg_controllen;
60
61 if (save_addr)
62 *save_addr = compat_ptr(msg.msg_name);
63
64 if (msg.msg_name && kmsg->msg_namelen) {
65 if (!save_addr) {
66 err = move_addr_to_kernel(compat_ptr(msg.msg_name),
67 kmsg->msg_namelen,
68 kmsg->msg_name);
69 if (err < 0)
70 return err;
71 }
72 } else {
73 kmsg->msg_name = NULL;
74 kmsg->msg_namelen = 0;
75 }
76
77 if (msg.msg_iovlen > UIO_MAXIOV)
78 return -EMSGSIZE;
79
80 kmsg->msg_iocb = NULL;
81
82 return compat_import_iovec(save_addr ? READ : WRITE,
83 compat_ptr(msg.msg_iov), msg.msg_iovlen,
84 UIO_FASTIOV, iov, &kmsg->msg_iter);
85}
86
87/* Bleech... */
88#define CMSG_COMPAT_ALIGN(len) ALIGN((len), sizeof(s32))
89
90#define CMSG_COMPAT_DATA(cmsg) \
91 ((void __user *)((char __user *)(cmsg) + sizeof(struct compat_cmsghdr)))
92#define CMSG_COMPAT_SPACE(len) \
93 (sizeof(struct compat_cmsghdr) + CMSG_COMPAT_ALIGN(len))
94#define CMSG_COMPAT_LEN(len) \
95 (sizeof(struct compat_cmsghdr) + (len))
96
97#define CMSG_COMPAT_FIRSTHDR(msg) \
98 (((msg)->msg_controllen) >= sizeof(struct compat_cmsghdr) ? \
99 (struct compat_cmsghdr __user *)((msg)->msg_control) : \
100 (struct compat_cmsghdr __user *)NULL)
101
102#define CMSG_COMPAT_OK(ucmlen, ucmsg, mhdr) \
103 ((ucmlen) >= sizeof(struct compat_cmsghdr) && \
104 (ucmlen) <= (unsigned long) \
105 ((mhdr)->msg_controllen - \
106 ((char *)(ucmsg) - (char *)(mhdr)->msg_control)))
107
108static inline struct compat_cmsghdr __user *cmsg_compat_nxthdr(struct msghdr *msg,
109 struct compat_cmsghdr __user *cmsg, int cmsg_len)
110{
111 char __user *ptr = (char __user *)cmsg + CMSG_COMPAT_ALIGN(cmsg_len);
112 if ((unsigned long)(ptr + 1 - (char __user *)msg->msg_control) >
113 msg->msg_controllen)
114 return NULL;
115 return (struct compat_cmsghdr __user *)ptr;
116}
117
118/* There is a lot of hair here because the alignment rules (and
119 * thus placement) of cmsg headers and length are different for
120 * 32-bit apps. -DaveM
121 */
122int cmsghdr_from_user_compat_to_kern(struct msghdr *kmsg, struct sock *sk,
123 unsigned char *stackbuf, int stackbuf_size)
124{
125 struct compat_cmsghdr __user *ucmsg;
126 struct cmsghdr *kcmsg, *kcmsg_base;
127 compat_size_t ucmlen;
128 __kernel_size_t kcmlen, tmp;
129 int err = -EFAULT;
130
131 BUILD_BUG_ON(sizeof(struct compat_cmsghdr) !=
132 CMSG_COMPAT_ALIGN(sizeof(struct compat_cmsghdr)));
133
134 kcmlen = 0;
135 kcmsg_base = kcmsg = (struct cmsghdr *)stackbuf;
136 ucmsg = CMSG_COMPAT_FIRSTHDR(kmsg);
137 while (ucmsg != NULL) {
138 if (get_user(ucmlen, &ucmsg->cmsg_len))
139 return -EFAULT;
140
141 /* Catch bogons. */
142 if (!CMSG_COMPAT_OK(ucmlen, ucmsg, kmsg))
143 return -EINVAL;
144
145 tmp = ((ucmlen - sizeof(*ucmsg)) + sizeof(struct cmsghdr));
146 tmp = CMSG_ALIGN(tmp);
147 kcmlen += tmp;
148 ucmsg = cmsg_compat_nxthdr(kmsg, ucmsg, ucmlen);
149 }
150 if (kcmlen == 0)
151 return -EINVAL;
152
153 /* The kcmlen holds the 64-bit version of the control length.
154 * It may not be modified as we do not stick it into the kmsg
155 * until we have successfully copied over all of the data
156 * from the user.
157 */
158 if (kcmlen > stackbuf_size)
159 kcmsg_base = kcmsg = sock_kmalloc(sk, kcmlen, GFP_KERNEL);
160 if (kcmsg == NULL)
161 return -ENOBUFS;
162
163 /* Now copy them over neatly. */
164 memset(kcmsg, 0, kcmlen);
165 ucmsg = CMSG_COMPAT_FIRSTHDR(kmsg);
166 while (ucmsg != NULL) {
167 if (__get_user(ucmlen, &ucmsg->cmsg_len))
168 goto Efault;
169 if (!CMSG_COMPAT_OK(ucmlen, ucmsg, kmsg))
170 goto Einval;
171 tmp = ((ucmlen - sizeof(*ucmsg)) + sizeof(struct cmsghdr));
172 if ((char *)kcmsg_base + kcmlen - (char *)kcmsg < CMSG_ALIGN(tmp))
173 goto Einval;
174 kcmsg->cmsg_len = tmp;
175 tmp = CMSG_ALIGN(tmp);
176 if (__get_user(kcmsg->cmsg_level, &ucmsg->cmsg_level) ||
177 __get_user(kcmsg->cmsg_type, &ucmsg->cmsg_type) ||
178 copy_from_user(CMSG_DATA(kcmsg),
179 CMSG_COMPAT_DATA(ucmsg),
180 (ucmlen - sizeof(*ucmsg))))
181 goto Efault;
182
183 /* Advance. */
184 kcmsg = (struct cmsghdr *)((char *)kcmsg + tmp);
185 ucmsg = cmsg_compat_nxthdr(kmsg, ucmsg, ucmlen);
186 }
187
188 /*
189 * check the length of messages copied in is the same as the
190 * what we get from the first loop
191 */
192 if ((char *)kcmsg - (char *)kcmsg_base != kcmlen)
193 goto Einval;
194
195 /* Ok, looks like we made it. Hook it up and return success. */
196 kmsg->msg_control = kcmsg_base;
197 kmsg->msg_controllen = kcmlen;
198 return 0;
199
200Einval:
201 err = -EINVAL;
202Efault:
203 if (kcmsg_base != (struct cmsghdr *)stackbuf)
204 sock_kfree_s(sk, kcmsg_base, kcmlen);
205 return err;
206}
207
208int put_cmsg_compat(struct msghdr *kmsg, int level, int type, int len, void *data)
209{
210 struct compat_cmsghdr __user *cm = (struct compat_cmsghdr __user *) kmsg->msg_control;
211 struct compat_cmsghdr cmhdr;
212 struct compat_timeval ctv;
213 struct compat_timespec cts[3];
214 int cmlen;
215
216 if (cm == NULL || kmsg->msg_controllen < sizeof(*cm)) {
217 kmsg->msg_flags |= MSG_CTRUNC;
218 return 0; /* XXX: return error? check spec. */
219 }
220
221 if (!COMPAT_USE_64BIT_TIME) {
222 if (level == SOL_SOCKET && type == SCM_TIMESTAMP) {
223 struct timeval *tv = (struct timeval *)data;
224 ctv.tv_sec = tv->tv_sec;
225 ctv.tv_usec = tv->tv_usec;
226 data = &ctv;
227 len = sizeof(ctv);
228 }
229 if (level == SOL_SOCKET &&
230 (type == SCM_TIMESTAMPNS || type == SCM_TIMESTAMPING)) {
231 int count = type == SCM_TIMESTAMPNS ? 1 : 3;
232 int i;
233 struct timespec *ts = (struct timespec *)data;
234 for (i = 0; i < count; i++) {
235 cts[i].tv_sec = ts[i].tv_sec;
236 cts[i].tv_nsec = ts[i].tv_nsec;
237 }
238 data = &cts;
239 len = sizeof(cts[0]) * count;
240 }
241 }
242
243 cmlen = CMSG_COMPAT_LEN(len);
244 if (kmsg->msg_controllen < cmlen) {
245 kmsg->msg_flags |= MSG_CTRUNC;
246 cmlen = kmsg->msg_controllen;
247 }
248 cmhdr.cmsg_level = level;
249 cmhdr.cmsg_type = type;
250 cmhdr.cmsg_len = cmlen;
251
252 if (copy_to_user(cm, &cmhdr, sizeof cmhdr))
253 return -EFAULT;
254 if (copy_to_user(CMSG_COMPAT_DATA(cm), data, cmlen - sizeof(struct compat_cmsghdr)))
255 return -EFAULT;
256 cmlen = CMSG_COMPAT_SPACE(len);
257 if (kmsg->msg_controllen < cmlen)
258 cmlen = kmsg->msg_controllen;
259 kmsg->msg_control += cmlen;
260 kmsg->msg_controllen -= cmlen;
261 return 0;
262}
263
264void scm_detach_fds_compat(struct msghdr *kmsg, struct scm_cookie *scm)
265{
266 struct compat_cmsghdr __user *cm = (struct compat_cmsghdr __user *) kmsg->msg_control;
267 int fdmax = (kmsg->msg_controllen - sizeof(struct compat_cmsghdr)) / sizeof(int);
268 int fdnum = scm->fp->count;
269 struct file **fp = scm->fp->fp;
270 int __user *cmfptr;
271 int err = 0, i;
272
273 if (fdnum < fdmax)
274 fdmax = fdnum;
275
276 for (i = 0, cmfptr = (int __user *) CMSG_COMPAT_DATA(cm); i < fdmax; i++, cmfptr++) {
277 int new_fd;
278 err = security_file_receive(fp[i]);
279 if (err)
280 break;
281 err = get_unused_fd_flags(MSG_CMSG_CLOEXEC & kmsg->msg_flags
282 ? O_CLOEXEC : 0);
283 if (err < 0)
284 break;
285 new_fd = err;
286 err = put_user(new_fd, cmfptr);
287 if (err) {
288 put_unused_fd(new_fd);
289 break;
290 }
291 /* Bump the usage count and install the file. */
292 fd_install(new_fd, get_file(fp[i]));
293 }
294
295 if (i > 0) {
296 int cmlen = CMSG_COMPAT_LEN(i * sizeof(int));
297 err = put_user(SOL_SOCKET, &cm->cmsg_level);
298 if (!err)
299 err = put_user(SCM_RIGHTS, &cm->cmsg_type);
300 if (!err)
301 err = put_user(cmlen, &cm->cmsg_len);
302 if (!err) {
303 cmlen = CMSG_COMPAT_SPACE(i * sizeof(int));
304 kmsg->msg_control += cmlen;
305 kmsg->msg_controllen -= cmlen;
306 }
307 }
308 if (i < fdnum)
309 kmsg->msg_flags |= MSG_CTRUNC;
310
311 /*
312 * All of the files that fit in the message have had their
313 * usage counts incremented, so we just free the list.
314 */
315 __scm_destroy(scm);
316}
317
318/* allocate a 64-bit sock_fprog on the user stack for duration of syscall. */
319struct sock_fprog __user *get_compat_bpf_fprog(char __user *optval)
320{
321 struct compat_sock_fprog __user *fprog32 = (struct compat_sock_fprog __user *)optval;
322 struct sock_fprog __user *kfprog = compat_alloc_user_space(sizeof(struct sock_fprog));
323 struct compat_sock_fprog f32;
324 struct sock_fprog f;
325
326 if (copy_from_user(&f32, fprog32, sizeof(*fprog32)))
327 return NULL;
328 memset(&f, 0, sizeof(f));
329 f.len = f32.len;
330 f.filter = compat_ptr(f32.filter);
331 if (copy_to_user(kfprog, &f, sizeof(struct sock_fprog)))
332 return NULL;
333
334 return kfprog;
335}
336EXPORT_SYMBOL_GPL(get_compat_bpf_fprog);
337
338static int do_set_attach_filter(struct socket *sock, int level, int optname,
339 char __user *optval, unsigned int optlen)
340{
341 struct sock_fprog __user *kfprog;
342
343 kfprog = get_compat_bpf_fprog(optval);
344 if (!kfprog)
345 return -EFAULT;
346
347 return sock_setsockopt(sock, level, optname, (char __user *)kfprog,
348 sizeof(struct sock_fprog));
349}
350
351static int do_set_sock_timeout(struct socket *sock, int level,
352 int optname, char __user *optval, unsigned int optlen)
353{
354 struct compat_timeval __user *up = (struct compat_timeval __user *)optval;
355 struct timeval ktime;
356 mm_segment_t old_fs;
357 int err;
358
359 if (optlen < sizeof(*up))
360 return -EINVAL;
361 if (!access_ok(VERIFY_READ, up, sizeof(*up)) ||
362 __get_user(ktime.tv_sec, &up->tv_sec) ||
363 __get_user(ktime.tv_usec, &up->tv_usec))
364 return -EFAULT;
365 old_fs = get_fs();
366 set_fs(KERNEL_DS);
367 err = sock_setsockopt(sock, level, optname, (char *)&ktime, sizeof(ktime));
368 set_fs(old_fs);
369
370 return err;
371}
372
373static int compat_sock_setsockopt(struct socket *sock, int level, int optname,
374 char __user *optval, unsigned int optlen)
375{
376 if (optname == SO_ATTACH_FILTER ||
377 optname == SO_ATTACH_REUSEPORT_CBPF)
378 return do_set_attach_filter(sock, level, optname,
379 optval, optlen);
380 if (!COMPAT_USE_64BIT_TIME &&
381 (optname == SO_RCVTIMEO || optname == SO_SNDTIMEO))
382 return do_set_sock_timeout(sock, level, optname, optval, optlen);
383
384 return sock_setsockopt(sock, level, optname, optval, optlen);
385}
386
387static int __compat_sys_setsockopt(int fd, int level, int optname,
388 char __user *optval, unsigned int optlen)
389{
390 int err;
391 struct socket *sock = sockfd_lookup(fd, &err);
392
393 if (sock) {
394 err = security_socket_setsockopt(sock, level, optname);
395 if (err) {
396 sockfd_put(sock);
397 return err;
398 }
399
400 if (level == SOL_SOCKET)
401 err = compat_sock_setsockopt(sock, level,
402 optname, optval, optlen);
403 else if (sock->ops->compat_setsockopt)
404 err = sock->ops->compat_setsockopt(sock, level,
405 optname, optval, optlen);
406 else
407 err = sock->ops->setsockopt(sock, level,
408 optname, optval, optlen);
409 sockfd_put(sock);
410 }
411 return err;
412}
413
414COMPAT_SYSCALL_DEFINE5(setsockopt, int, fd, int, level, int, optname,
415 char __user *, optval, unsigned int, optlen)
416{
417 return __compat_sys_setsockopt(fd, level, optname, optval, optlen);
418}
419
420static int do_get_sock_timeout(struct socket *sock, int level, int optname,
421 char __user *optval, int __user *optlen)
422{
423 struct compat_timeval __user *up;
424 struct timeval ktime;
425 mm_segment_t old_fs;
426 int len, err;
427
428 up = (struct compat_timeval __user *) optval;
429 if (get_user(len, optlen))
430 return -EFAULT;
431 if (len < sizeof(*up))
432 return -EINVAL;
433 len = sizeof(ktime);
434 old_fs = get_fs();
435 set_fs(KERNEL_DS);
436 err = sock_getsockopt(sock, level, optname, (char *) &ktime, &len);
437 set_fs(old_fs);
438
439 if (!err) {
440 if (put_user(sizeof(*up), optlen) ||
441 !access_ok(VERIFY_WRITE, up, sizeof(*up)) ||
442 __put_user(ktime.tv_sec, &up->tv_sec) ||
443 __put_user(ktime.tv_usec, &up->tv_usec))
444 err = -EFAULT;
445 }
446 return err;
447}
448
449static int compat_sock_getsockopt(struct socket *sock, int level, int optname,
450 char __user *optval, int __user *optlen)
451{
452 if (!COMPAT_USE_64BIT_TIME &&
453 (optname == SO_RCVTIMEO || optname == SO_SNDTIMEO))
454 return do_get_sock_timeout(sock, level, optname, optval, optlen);
455 return sock_getsockopt(sock, level, optname, optval, optlen);
456}
457
458int compat_sock_get_timestamp(struct sock *sk, struct timeval __user *userstamp)
459{
460 struct compat_timeval __user *ctv;
461 int err;
462 struct timeval tv;
463
464 if (COMPAT_USE_64BIT_TIME)
465 return sock_get_timestamp(sk, userstamp);
466
467 ctv = (struct compat_timeval __user *) userstamp;
468 err = -ENOENT;
469 sock_enable_timestamp(sk, SOCK_TIMESTAMP);
470 tv = ktime_to_timeval(sock_read_timestamp(sk));
471
472 if (tv.tv_sec == -1)
473 return err;
474 if (tv.tv_sec == 0) {
475 ktime_t kt = ktime_get_real();
476 sock_write_timestamp(sk, kt);
477 tv = ktime_to_timeval(kt);
478 }
479 err = 0;
480 if (put_user(tv.tv_sec, &ctv->tv_sec) ||
481 put_user(tv.tv_usec, &ctv->tv_usec))
482 err = -EFAULT;
483 return err;
484}
485EXPORT_SYMBOL(compat_sock_get_timestamp);
486
487int compat_sock_get_timestampns(struct sock *sk, struct timespec __user *userstamp)
488{
489 struct compat_timespec __user *ctv;
490 int err;
491 struct timespec ts;
492
493 if (COMPAT_USE_64BIT_TIME)
494 return sock_get_timestampns (sk, userstamp);
495
496 ctv = (struct compat_timespec __user *) userstamp;
497 err = -ENOENT;
498 sock_enable_timestamp(sk, SOCK_TIMESTAMP);
499 ts = ktime_to_timespec(sock_read_timestamp(sk));
500 if (ts.tv_sec == -1)
501 return err;
502 if (ts.tv_sec == 0) {
503 ktime_t kt = ktime_get_real();
504 sock_write_timestamp(sk, kt);
505 ts = ktime_to_timespec(kt);
506 }
507 err = 0;
508 if (put_user(ts.tv_sec, &ctv->tv_sec) ||
509 put_user(ts.tv_nsec, &ctv->tv_nsec))
510 err = -EFAULT;
511 return err;
512}
513EXPORT_SYMBOL(compat_sock_get_timestampns);
514
515static int __compat_sys_getsockopt(int fd, int level, int optname,
516 char __user *optval,
517 int __user *optlen)
518{
519 int err;
520 struct socket *sock = sockfd_lookup(fd, &err);
521
522 if (sock) {
523 err = security_socket_getsockopt(sock, level, optname);
524 if (err) {
525 sockfd_put(sock);
526 return err;
527 }
528
529 if (level == SOL_SOCKET)
530 err = compat_sock_getsockopt(sock, level,
531 optname, optval, optlen);
532 else if (sock->ops->compat_getsockopt)
533 err = sock->ops->compat_getsockopt(sock, level,
534 optname, optval, optlen);
535 else
536 err = sock->ops->getsockopt(sock, level,
537 optname, optval, optlen);
538 sockfd_put(sock);
539 }
540 return err;
541}
542
543COMPAT_SYSCALL_DEFINE5(getsockopt, int, fd, int, level, int, optname,
544 char __user *, optval, int __user *, optlen)
545{
546 return __compat_sys_getsockopt(fd, level, optname, optval, optlen);
547}
548
549struct compat_group_req {
550 __u32 gr_interface;
551 struct __kernel_sockaddr_storage gr_group
552 __aligned(4);
553} __packed;
554
555struct compat_group_source_req {
556 __u32 gsr_interface;
557 struct __kernel_sockaddr_storage gsr_group
558 __aligned(4);
559 struct __kernel_sockaddr_storage gsr_source
560 __aligned(4);
561} __packed;
562
563struct compat_group_filter {
564 __u32 gf_interface;
565 struct __kernel_sockaddr_storage gf_group
566 __aligned(4);
567 __u32 gf_fmode;
568 __u32 gf_numsrc;
569 struct __kernel_sockaddr_storage gf_slist[1]
570 __aligned(4);
571} __packed;
572
573#define __COMPAT_GF0_SIZE (sizeof(struct compat_group_filter) - \
574 sizeof(struct __kernel_sockaddr_storage))
575
576
577int compat_mc_setsockopt(struct sock *sock, int level, int optname,
578 char __user *optval, unsigned int optlen,
579 int (*setsockopt)(struct sock *, int, int, char __user *, unsigned int))
580{
581 char __user *koptval = optval;
582 int koptlen = optlen;
583
584 switch (optname) {
585 case MCAST_JOIN_GROUP:
586 case MCAST_LEAVE_GROUP:
587 {
588 struct compat_group_req __user *gr32 = (void *)optval;
589 struct group_req __user *kgr =
590 compat_alloc_user_space(sizeof(struct group_req));
591 u32 interface;
592
593 if (!access_ok(VERIFY_READ, gr32, sizeof(*gr32)) ||
594 !access_ok(VERIFY_WRITE, kgr, sizeof(struct group_req)) ||
595 __get_user(interface, &gr32->gr_interface) ||
596 __put_user(interface, &kgr->gr_interface) ||
597 copy_in_user(&kgr->gr_group, &gr32->gr_group,
598 sizeof(kgr->gr_group)))
599 return -EFAULT;
600 koptval = (char __user *)kgr;
601 koptlen = sizeof(struct group_req);
602 break;
603 }
604 case MCAST_JOIN_SOURCE_GROUP:
605 case MCAST_LEAVE_SOURCE_GROUP:
606 case MCAST_BLOCK_SOURCE:
607 case MCAST_UNBLOCK_SOURCE:
608 {
609 struct compat_group_source_req __user *gsr32 = (void *)optval;
610 struct group_source_req __user *kgsr = compat_alloc_user_space(
611 sizeof(struct group_source_req));
612 u32 interface;
613
614 if (!access_ok(VERIFY_READ, gsr32, sizeof(*gsr32)) ||
615 !access_ok(VERIFY_WRITE, kgsr,
616 sizeof(struct group_source_req)) ||
617 __get_user(interface, &gsr32->gsr_interface) ||
618 __put_user(interface, &kgsr->gsr_interface) ||
619 copy_in_user(&kgsr->gsr_group, &gsr32->gsr_group,
620 sizeof(kgsr->gsr_group)) ||
621 copy_in_user(&kgsr->gsr_source, &gsr32->gsr_source,
622 sizeof(kgsr->gsr_source)))
623 return -EFAULT;
624 koptval = (char __user *)kgsr;
625 koptlen = sizeof(struct group_source_req);
626 break;
627 }
628 case MCAST_MSFILTER:
629 {
630 struct compat_group_filter __user *gf32 = (void *)optval;
631 struct group_filter __user *kgf;
632 u32 interface, fmode, numsrc;
633
634 if (!access_ok(VERIFY_READ, gf32, __COMPAT_GF0_SIZE) ||
635 __get_user(interface, &gf32->gf_interface) ||
636 __get_user(fmode, &gf32->gf_fmode) ||
637 __get_user(numsrc, &gf32->gf_numsrc))
638 return -EFAULT;
639 koptlen = optlen + sizeof(struct group_filter) -
640 sizeof(struct compat_group_filter);
641 if (koptlen < GROUP_FILTER_SIZE(numsrc))
642 return -EINVAL;
643 kgf = compat_alloc_user_space(koptlen);
644 if (!access_ok(VERIFY_WRITE, kgf, koptlen) ||
645 __put_user(interface, &kgf->gf_interface) ||
646 __put_user(fmode, &kgf->gf_fmode) ||
647 __put_user(numsrc, &kgf->gf_numsrc) ||
648 copy_in_user(&kgf->gf_group, &gf32->gf_group,
649 sizeof(kgf->gf_group)) ||
650 (numsrc && copy_in_user(kgf->gf_slist, gf32->gf_slist,
651 numsrc * sizeof(kgf->gf_slist[0]))))
652 return -EFAULT;
653 koptval = (char __user *)kgf;
654 break;
655 }
656
657 default:
658 break;
659 }
660 return setsockopt(sock, level, optname, koptval, koptlen);
661}
662EXPORT_SYMBOL(compat_mc_setsockopt);
663
664int compat_mc_getsockopt(struct sock *sock, int level, int optname,
665 char __user *optval, int __user *optlen,
666 int (*getsockopt)(struct sock *, int, int, char __user *, int __user *))
667{
668 struct compat_group_filter __user *gf32 = (void *)optval;
669 struct group_filter __user *kgf;
670 int __user *koptlen;
671 u32 interface, fmode, numsrc;
672 int klen, ulen, err;
673
674 if (optname != MCAST_MSFILTER)
675 return getsockopt(sock, level, optname, optval, optlen);
676
677 koptlen = compat_alloc_user_space(sizeof(*koptlen));
678 if (!access_ok(VERIFY_READ, optlen, sizeof(*optlen)) ||
679 __get_user(ulen, optlen))
680 return -EFAULT;
681
682 /* adjust len for pad */
683 klen = ulen + sizeof(*kgf) - sizeof(*gf32);
684
685 if (klen < GROUP_FILTER_SIZE(0))
686 return -EINVAL;
687
688 if (!access_ok(VERIFY_WRITE, koptlen, sizeof(*koptlen)) ||
689 __put_user(klen, koptlen))
690 return -EFAULT;
691
692 /* have to allow space for previous compat_alloc_user_space, too */
693 kgf = compat_alloc_user_space(klen+sizeof(*optlen));
694
695 if (!access_ok(VERIFY_READ, gf32, __COMPAT_GF0_SIZE) ||
696 __get_user(interface, &gf32->gf_interface) ||
697 __get_user(fmode, &gf32->gf_fmode) ||
698 __get_user(numsrc, &gf32->gf_numsrc) ||
699 __put_user(interface, &kgf->gf_interface) ||
700 __put_user(fmode, &kgf->gf_fmode) ||
701 __put_user(numsrc, &kgf->gf_numsrc) ||
702 copy_in_user(&kgf->gf_group, &gf32->gf_group, sizeof(kgf->gf_group)))
703 return -EFAULT;
704
705 err = getsockopt(sock, level, optname, (char __user *)kgf, koptlen);
706 if (err)
707 return err;
708
709 if (!access_ok(VERIFY_READ, koptlen, sizeof(*koptlen)) ||
710 __get_user(klen, koptlen))
711 return -EFAULT;
712
713 ulen = klen - (sizeof(*kgf)-sizeof(*gf32));
714
715 if (!access_ok(VERIFY_WRITE, optlen, sizeof(*optlen)) ||
716 __put_user(ulen, optlen))
717 return -EFAULT;
718
719 if (!access_ok(VERIFY_READ, kgf, klen) ||
720 !access_ok(VERIFY_WRITE, gf32, ulen) ||
721 __get_user(interface, &kgf->gf_interface) ||
722 __get_user(fmode, &kgf->gf_fmode) ||
723 __get_user(numsrc, &kgf->gf_numsrc) ||
724 __put_user(interface, &gf32->gf_interface) ||
725 __put_user(fmode, &gf32->gf_fmode) ||
726 __put_user(numsrc, &gf32->gf_numsrc))
727 return -EFAULT;
728 if (numsrc) {
729 int copylen;
730
731 klen -= GROUP_FILTER_SIZE(0);
732 copylen = numsrc * sizeof(gf32->gf_slist[0]);
733 if (copylen > klen)
734 copylen = klen;
735 if (copy_in_user(gf32->gf_slist, kgf->gf_slist, copylen))
736 return -EFAULT;
737 }
738 return err;
739}
740EXPORT_SYMBOL(compat_mc_getsockopt);
741
742
743/* Argument list sizes for compat_sys_socketcall */
744#define AL(x) ((x) * sizeof(u32))
745static unsigned char nas[21] = {
746 AL(0), AL(3), AL(3), AL(3), AL(2), AL(3),
747 AL(3), AL(3), AL(4), AL(4), AL(4), AL(6),
748 AL(6), AL(2), AL(5), AL(5), AL(3), AL(3),
749 AL(4), AL(5), AL(4)
750};
751#undef AL
752
753static inline long __compat_sys_sendmsg(int fd,
754 struct compat_msghdr __user *msg,
755 unsigned int flags)
756{
757 return __sys_sendmsg(fd, (struct user_msghdr __user *)msg,
758 flags | MSG_CMSG_COMPAT, false);
759}
760
761COMPAT_SYSCALL_DEFINE3(sendmsg, int, fd, struct compat_msghdr __user *, msg,
762 unsigned int, flags)
763{
764 return __compat_sys_sendmsg(fd, msg, flags);
765}
766
767static inline long __compat_sys_sendmmsg(int fd,
768 struct compat_mmsghdr __user *mmsg,
769 unsigned int vlen, unsigned int flags)
770{
771 return __sys_sendmmsg(fd, (struct mmsghdr __user *)mmsg, vlen,
772 flags | MSG_CMSG_COMPAT, false);
773}
774
775COMPAT_SYSCALL_DEFINE4(sendmmsg, int, fd, struct compat_mmsghdr __user *, mmsg,
776 unsigned int, vlen, unsigned int, flags)
777{
778 return __compat_sys_sendmmsg(fd, mmsg, vlen, flags);
779}
780
781static inline long __compat_sys_recvmsg(int fd,
782 struct compat_msghdr __user *msg,
783 unsigned int flags)
784{
785 return __sys_recvmsg(fd, (struct user_msghdr __user *)msg,
786 flags | MSG_CMSG_COMPAT, false);
787}
788
789COMPAT_SYSCALL_DEFINE3(recvmsg, int, fd, struct compat_msghdr __user *, msg,
790 unsigned int, flags)
791{
792 return __compat_sys_recvmsg(fd, msg, flags);
793}
794
795static inline long __compat_sys_recvfrom(int fd, void __user *buf,
796 compat_size_t len, unsigned int flags,
797 struct sockaddr __user *addr,
798 int __user *addrlen)
799{
800 return __sys_recvfrom(fd, buf, len, flags | MSG_CMSG_COMPAT, addr,
801 addrlen);
802}
803
804COMPAT_SYSCALL_DEFINE4(recv, int, fd, void __user *, buf, compat_size_t, len, unsigned int, flags)
805{
806 return __compat_sys_recvfrom(fd, buf, len, flags, NULL, NULL);
807}
808
809COMPAT_SYSCALL_DEFINE6(recvfrom, int, fd, void __user *, buf, compat_size_t, len,
810 unsigned int, flags, struct sockaddr __user *, addr,
811 int __user *, addrlen)
812{
813 return __compat_sys_recvfrom(fd, buf, len, flags, addr, addrlen);
814}
815
816static int __compat_sys_recvmmsg(int fd, struct compat_mmsghdr __user *mmsg,
817 unsigned int vlen, unsigned int flags,
818 struct compat_timespec __user *timeout)
819{
820 int datagrams;
821 struct timespec ktspec;
822
823 if (timeout == NULL)
824 return __sys_recvmmsg(fd, (struct mmsghdr __user *)mmsg, vlen,
825 flags | MSG_CMSG_COMPAT, NULL);
826
827 if (compat_get_timespec(&ktspec, timeout))
828 return -EFAULT;
829
830 datagrams = __sys_recvmmsg(fd, (struct mmsghdr __user *)mmsg, vlen,
831 flags | MSG_CMSG_COMPAT, &ktspec);
832 if (datagrams > 0 && compat_put_timespec(&ktspec, timeout))
833 datagrams = -EFAULT;
834
835 return datagrams;
836}
837
838COMPAT_SYSCALL_DEFINE5(recvmmsg, int, fd, struct compat_mmsghdr __user *, mmsg,
839 unsigned int, vlen, unsigned int, flags,
840 struct compat_timespec __user *, timeout)
841{
842 return __compat_sys_recvmmsg(fd, mmsg, vlen, flags, timeout);
843}
844
845COMPAT_SYSCALL_DEFINE2(socketcall, int, call, u32 __user *, args)
846{
847 u32 a[AUDITSC_ARGS];
848 unsigned int len;
849 u32 a0, a1;
850 int ret;
851
852 if (call < SYS_SOCKET || call > SYS_SENDMMSG)
853 return -EINVAL;
854 len = nas[call];
855 if (len > sizeof(a))
856 return -EINVAL;
857
858 if (copy_from_user(a, args, len))
859 return -EFAULT;
860
861 ret = audit_socketcall_compat(len / sizeof(a[0]), a);
862 if (ret)
863 return ret;
864
865 a0 = a[0];
866 a1 = a[1];
867
868 switch (call) {
869 case SYS_SOCKET:
870 ret = __sys_socket(a0, a1, a[2]);
871 break;
872 case SYS_BIND:
873 ret = __sys_bind(a0, compat_ptr(a1), a[2]);
874 break;
875 case SYS_CONNECT:
876 ret = __sys_connect(a0, compat_ptr(a1), a[2]);
877 break;
878 case SYS_LISTEN:
879 ret = __sys_listen(a0, a1);
880 break;
881 case SYS_ACCEPT:
882 ret = __sys_accept4(a0, compat_ptr(a1), compat_ptr(a[2]), 0);
883 break;
884 case SYS_GETSOCKNAME:
885 ret = __sys_getsockname(a0, compat_ptr(a1), compat_ptr(a[2]));
886 break;
887 case SYS_GETPEERNAME:
888 ret = __sys_getpeername(a0, compat_ptr(a1), compat_ptr(a[2]));
889 break;
890 case SYS_SOCKETPAIR:
891 ret = __sys_socketpair(a0, a1, a[2], compat_ptr(a[3]));
892 break;
893 case SYS_SEND:
894 ret = __sys_sendto(a0, compat_ptr(a1), a[2], a[3], NULL, 0);
895 break;
896 case SYS_SENDTO:
897 ret = __sys_sendto(a0, compat_ptr(a1), a[2], a[3],
898 compat_ptr(a[4]), a[5]);
899 break;
900 case SYS_RECV:
901 ret = __compat_sys_recvfrom(a0, compat_ptr(a1), a[2], a[3],
902 NULL, NULL);
903 break;
904 case SYS_RECVFROM:
905 ret = __compat_sys_recvfrom(a0, compat_ptr(a1), a[2], a[3],
906 compat_ptr(a[4]),
907 compat_ptr(a[5]));
908 break;
909 case SYS_SHUTDOWN:
910 ret = __sys_shutdown(a0, a1);
911 break;
912 case SYS_SETSOCKOPT:
913 ret = __compat_sys_setsockopt(a0, a1, a[2],
914 compat_ptr(a[3]), a[4]);
915 break;
916 case SYS_GETSOCKOPT:
917 ret = __compat_sys_getsockopt(a0, a1, a[2],
918 compat_ptr(a[3]),
919 compat_ptr(a[4]));
920 break;
921 case SYS_SENDMSG:
922 ret = __compat_sys_sendmsg(a0, compat_ptr(a1), a[2]);
923 break;
924 case SYS_SENDMMSG:
925 ret = __compat_sys_sendmmsg(a0, compat_ptr(a1), a[2], a[3]);
926 break;
927 case SYS_RECVMSG:
928 ret = __compat_sys_recvmsg(a0, compat_ptr(a1), a[2]);
929 break;
930 case SYS_RECVMMSG:
931 ret = __compat_sys_recvmmsg(a0, compat_ptr(a1), a[2], a[3],
932 compat_ptr(a[4]));
933 break;
934 case SYS_ACCEPT4:
935 ret = __sys_accept4(a0, compat_ptr(a1), compat_ptr(a[2]), a[3]);
936 break;
937 default:
938 ret = -EINVAL;
939 break;
940 }
941 return ret;
942}