1 // SPDX-License-Identifier: GPL-2.0
2 #include <linux/kmod.h>
3 #include <linux/netdevice.h>
4 #include <linux/inetdevice.h>
5 #include <linux/etherdevice.h>
6 #include <linux/rtnetlink.h>
7 #include <linux/net_tstamp.h>
8 #include <linux/wireless.h>
9 #include <linux/if_bridge.h>
10 #include <net/dsa.h>
11 #include <net/wext.h>
12 
13 /*
14  *	Map an interface index to its name (SIOCGIFNAME)
15  */
16 
17 /*
18  *	We need this ioctl for efficient implementation of the
19  *	if_indextoname() function required by the IPv6 API.  Without
20  *	it, we would have to search all the interfaces to find a
21  *	match.  --pb
22  */
23 
dev_ifname(struct net * net,struct ifreq * ifr)24 static int dev_ifname(struct net *net, struct ifreq *ifr)
25 {
26 	ifr->ifr_name[IFNAMSIZ-1] = 0;
27 	return netdev_get_name(net, ifr->ifr_name, ifr->ifr_ifindex);
28 }
29 
30 /*
31  *	Perform a SIOCGIFCONF call. This structure will change
32  *	size eventually, and there is nothing I can do about it.
33  *	Thus we will need a 'compatibility mode'.
34  */
dev_ifconf(struct net * net,struct ifconf __user * uifc)35 int dev_ifconf(struct net *net, struct ifconf __user *uifc)
36 {
37 	struct net_device *dev;
38 	void __user *pos;
39 	size_t size;
40 	int len, total = 0, done;
41 
42 	/* both the ifconf and the ifreq structures are slightly different */
43 	if (in_compat_syscall()) {
44 		struct compat_ifconf ifc32;
45 
46 		if (copy_from_user(&ifc32, uifc, sizeof(struct compat_ifconf)))
47 			return -EFAULT;
48 
49 		pos = compat_ptr(ifc32.ifcbuf);
50 		len = ifc32.ifc_len;
51 		size = sizeof(struct compat_ifreq);
52 	} else {
53 		struct ifconf ifc;
54 
55 		if (copy_from_user(&ifc, uifc, sizeof(struct ifconf)))
56 			return -EFAULT;
57 
58 		pos = ifc.ifc_buf;
59 		len = ifc.ifc_len;
60 		size = sizeof(struct ifreq);
61 	}
62 
63 	/* Loop over the interfaces, and write an info block for each. */
64 	rtnl_lock();
65 	for_each_netdev(net, dev) {
66 		if (!pos)
67 			done = inet_gifconf(dev, NULL, 0, size);
68 		else
69 			done = inet_gifconf(dev, pos + total,
70 					    len - total, size);
71 		if (done < 0) {
72 			rtnl_unlock();
73 			return -EFAULT;
74 		}
75 		total += done;
76 	}
77 	rtnl_unlock();
78 
79 	return put_user(total, &uifc->ifc_len);
80 }
81 
dev_getifmap(struct net_device * dev,struct ifreq * ifr)82 static int dev_getifmap(struct net_device *dev, struct ifreq *ifr)
83 {
84 	struct ifmap *ifmap = &ifr->ifr_map;
85 
86 	if (in_compat_syscall()) {
87 		struct compat_ifmap *cifmap = (struct compat_ifmap *)ifmap;
88 
89 		cifmap->mem_start = dev->mem_start;
90 		cifmap->mem_end   = dev->mem_end;
91 		cifmap->base_addr = dev->base_addr;
92 		cifmap->irq       = dev->irq;
93 		cifmap->dma       = dev->dma;
94 		cifmap->port      = dev->if_port;
95 
96 		return 0;
97 	}
98 
99 	ifmap->mem_start  = dev->mem_start;
100 	ifmap->mem_end    = dev->mem_end;
101 	ifmap->base_addr  = dev->base_addr;
102 	ifmap->irq        = dev->irq;
103 	ifmap->dma        = dev->dma;
104 	ifmap->port       = dev->if_port;
105 
106 	return 0;
107 }
108 
dev_setifmap(struct net_device * dev,struct ifreq * ifr)109 static int dev_setifmap(struct net_device *dev, struct ifreq *ifr)
110 {
111 	struct compat_ifmap *cifmap = (struct compat_ifmap *)&ifr->ifr_map;
112 
113 	if (!dev->netdev_ops->ndo_set_config)
114 		return -EOPNOTSUPP;
115 
116 	if (in_compat_syscall()) {
117 		struct ifmap ifmap = {
118 			.mem_start  = cifmap->mem_start,
119 			.mem_end    = cifmap->mem_end,
120 			.base_addr  = cifmap->base_addr,
121 			.irq        = cifmap->irq,
122 			.dma        = cifmap->dma,
123 			.port       = cifmap->port,
124 		};
125 
126 		return dev->netdev_ops->ndo_set_config(dev, &ifmap);
127 	}
128 
129 	return dev->netdev_ops->ndo_set_config(dev, &ifr->ifr_map);
130 }
131 
132 /*
133  *	Perform the SIOCxIFxxx calls, inside rcu_read_lock()
134  */
dev_ifsioc_locked(struct net * net,struct ifreq * ifr,unsigned int cmd)135 static int dev_ifsioc_locked(struct net *net, struct ifreq *ifr, unsigned int cmd)
136 {
137 	int err;
138 	struct net_device *dev = dev_get_by_name_rcu(net, ifr->ifr_name);
139 
140 	if (!dev)
141 		return -ENODEV;
142 
143 	switch (cmd) {
144 	case SIOCGIFFLAGS:	/* Get interface flags */
145 		ifr->ifr_flags = (short) dev_get_flags(dev);
146 		return 0;
147 
148 	case SIOCGIFMETRIC:	/* Get the metric on the interface
149 				   (currently unused) */
150 		ifr->ifr_metric = 0;
151 		return 0;
152 
153 	case SIOCGIFMTU:	/* Get the MTU of a device */
154 		ifr->ifr_mtu = dev->mtu;
155 		return 0;
156 
157 	case SIOCGIFSLAVE:
158 		err = -EINVAL;
159 		break;
160 
161 	case SIOCGIFMAP:
162 		return dev_getifmap(dev, ifr);
163 
164 	case SIOCGIFINDEX:
165 		ifr->ifr_ifindex = dev->ifindex;
166 		return 0;
167 
168 	case SIOCGIFTXQLEN:
169 		ifr->ifr_qlen = dev->tx_queue_len;
170 		return 0;
171 
172 	default:
173 		/* dev_ioctl() should ensure this case
174 		 * is never reached
175 		 */
176 		WARN_ON(1);
177 		err = -ENOTTY;
178 		break;
179 
180 	}
181 	return err;
182 }
183 
net_hwtstamp_validate(struct ifreq * ifr)184 static int net_hwtstamp_validate(struct ifreq *ifr)
185 {
186 	struct hwtstamp_config cfg;
187 	enum hwtstamp_tx_types tx_type;
188 	enum hwtstamp_rx_filters rx_filter;
189 	int tx_type_valid = 0;
190 	int rx_filter_valid = 0;
191 
192 	if (copy_from_user(&cfg, ifr->ifr_data, sizeof(cfg)))
193 		return -EFAULT;
194 
195 	if (cfg.flags) /* reserved for future extensions */
196 		return -EINVAL;
197 
198 	tx_type = cfg.tx_type;
199 	rx_filter = cfg.rx_filter;
200 
201 	switch (tx_type) {
202 	case HWTSTAMP_TX_OFF:
203 	case HWTSTAMP_TX_ON:
204 	case HWTSTAMP_TX_ONESTEP_SYNC:
205 	case HWTSTAMP_TX_ONESTEP_P2P:
206 		tx_type_valid = 1;
207 		break;
208 	case __HWTSTAMP_TX_CNT:
209 		/* not a real value */
210 		break;
211 	}
212 
213 	switch (rx_filter) {
214 	case HWTSTAMP_FILTER_NONE:
215 	case HWTSTAMP_FILTER_ALL:
216 	case HWTSTAMP_FILTER_SOME:
217 	case HWTSTAMP_FILTER_PTP_V1_L4_EVENT:
218 	case HWTSTAMP_FILTER_PTP_V1_L4_SYNC:
219 	case HWTSTAMP_FILTER_PTP_V1_L4_DELAY_REQ:
220 	case HWTSTAMP_FILTER_PTP_V2_L4_EVENT:
221 	case HWTSTAMP_FILTER_PTP_V2_L4_SYNC:
222 	case HWTSTAMP_FILTER_PTP_V2_L4_DELAY_REQ:
223 	case HWTSTAMP_FILTER_PTP_V2_L2_EVENT:
224 	case HWTSTAMP_FILTER_PTP_V2_L2_SYNC:
225 	case HWTSTAMP_FILTER_PTP_V2_L2_DELAY_REQ:
226 	case HWTSTAMP_FILTER_PTP_V2_EVENT:
227 	case HWTSTAMP_FILTER_PTP_V2_SYNC:
228 	case HWTSTAMP_FILTER_PTP_V2_DELAY_REQ:
229 	case HWTSTAMP_FILTER_NTP_ALL:
230 		rx_filter_valid = 1;
231 		break;
232 	case __HWTSTAMP_FILTER_CNT:
233 		/* not a real value */
234 		break;
235 	}
236 
237 	if (!tx_type_valid || !rx_filter_valid)
238 		return -ERANGE;
239 
240 	return 0;
241 }
242 
dev_eth_ioctl(struct net_device * dev,struct ifreq * ifr,unsigned int cmd)243 static int dev_eth_ioctl(struct net_device *dev,
244 			 struct ifreq *ifr, unsigned int cmd)
245 {
246 	const struct net_device_ops *ops = dev->netdev_ops;
247 	int err;
248 
249 	err = dsa_ndo_eth_ioctl(dev, ifr, cmd);
250 	if (err == 0 || err != -EOPNOTSUPP)
251 		return err;
252 
253 	if (ops->ndo_eth_ioctl) {
254 		if (netif_device_present(dev))
255 			err = ops->ndo_eth_ioctl(dev, ifr, cmd);
256 		else
257 			err = -ENODEV;
258 	}
259 
260 	return err;
261 }
262 
dev_siocbond(struct net_device * dev,struct ifreq * ifr,unsigned int cmd)263 static int dev_siocbond(struct net_device *dev,
264 			struct ifreq *ifr, unsigned int cmd)
265 {
266 	const struct net_device_ops *ops = dev->netdev_ops;
267 
268 	if (ops->ndo_siocbond) {
269 		if (netif_device_present(dev))
270 			return ops->ndo_siocbond(dev, ifr, cmd);
271 		else
272 			return -ENODEV;
273 	}
274 
275 	return -EOPNOTSUPP;
276 }
277 
dev_siocdevprivate(struct net_device * dev,struct ifreq * ifr,void __user * data,unsigned int cmd)278 static int dev_siocdevprivate(struct net_device *dev, struct ifreq *ifr,
279 			      void __user *data, unsigned int cmd)
280 {
281 	const struct net_device_ops *ops = dev->netdev_ops;
282 
283 	if (ops->ndo_siocdevprivate) {
284 		if (netif_device_present(dev))
285 			return ops->ndo_siocdevprivate(dev, ifr, data, cmd);
286 		else
287 			return -ENODEV;
288 	}
289 
290 	return -EOPNOTSUPP;
291 }
292 
dev_siocwandev(struct net_device * dev,struct if_settings * ifs)293 static int dev_siocwandev(struct net_device *dev, struct if_settings *ifs)
294 {
295 	const struct net_device_ops *ops = dev->netdev_ops;
296 
297 	if (ops->ndo_siocwandev) {
298 		if (netif_device_present(dev))
299 			return ops->ndo_siocwandev(dev, ifs);
300 		else
301 			return -ENODEV;
302 	}
303 
304 	return -EOPNOTSUPP;
305 }
306 
307 /*
308  *	Perform the SIOCxIFxxx calls, inside rtnl_lock()
309  */
dev_ifsioc(struct net * net,struct ifreq * ifr,void __user * data,unsigned int cmd)310 static int dev_ifsioc(struct net *net, struct ifreq *ifr, void __user *data,
311 		      unsigned int cmd)
312 {
313 	int err;
314 	struct net_device *dev = __dev_get_by_name(net, ifr->ifr_name);
315 	const struct net_device_ops *ops;
316 
317 	if (!dev)
318 		return -ENODEV;
319 
320 	ops = dev->netdev_ops;
321 
322 	switch (cmd) {
323 	case SIOCSIFFLAGS:	/* Set interface flags */
324 		return dev_change_flags(dev, ifr->ifr_flags, NULL);
325 
326 	case SIOCSIFMETRIC:	/* Set the metric on the interface
327 				   (currently unused) */
328 		return -EOPNOTSUPP;
329 
330 	case SIOCSIFMTU:	/* Set the MTU of a device */
331 		return dev_set_mtu(dev, ifr->ifr_mtu);
332 
333 	case SIOCSIFHWADDR:
334 		if (dev->addr_len > sizeof(struct sockaddr))
335 			return -EINVAL;
336 		return dev_set_mac_address_user(dev, &ifr->ifr_hwaddr, NULL);
337 
338 	case SIOCSIFHWBROADCAST:
339 		if (ifr->ifr_hwaddr.sa_family != dev->type)
340 			return -EINVAL;
341 		memcpy(dev->broadcast, ifr->ifr_hwaddr.sa_data,
342 		       min(sizeof(ifr->ifr_hwaddr.sa_data),
343 			   (size_t)dev->addr_len));
344 		call_netdevice_notifiers(NETDEV_CHANGEADDR, dev);
345 		return 0;
346 
347 	case SIOCSIFMAP:
348 		return dev_setifmap(dev, ifr);
349 
350 	case SIOCADDMULTI:
351 		if (!ops->ndo_set_rx_mode ||
352 		    ifr->ifr_hwaddr.sa_family != AF_UNSPEC)
353 			return -EINVAL;
354 		if (!netif_device_present(dev))
355 			return -ENODEV;
356 		return dev_mc_add_global(dev, ifr->ifr_hwaddr.sa_data);
357 
358 	case SIOCDELMULTI:
359 		if (!ops->ndo_set_rx_mode ||
360 		    ifr->ifr_hwaddr.sa_family != AF_UNSPEC)
361 			return -EINVAL;
362 		if (!netif_device_present(dev))
363 			return -ENODEV;
364 		return dev_mc_del_global(dev, ifr->ifr_hwaddr.sa_data);
365 
366 	case SIOCSIFTXQLEN:
367 		if (ifr->ifr_qlen < 0)
368 			return -EINVAL;
369 		return dev_change_tx_queue_len(dev, ifr->ifr_qlen);
370 
371 	case SIOCSIFNAME:
372 		ifr->ifr_newname[IFNAMSIZ-1] = '\0';
373 		return dev_change_name(dev, ifr->ifr_newname);
374 
375 	case SIOCWANDEV:
376 		return dev_siocwandev(dev, &ifr->ifr_settings);
377 
378 	case SIOCBRADDIF:
379 	case SIOCBRDELIF:
380 		if (!netif_device_present(dev))
381 			return -ENODEV;
382 		if (!netif_is_bridge_master(dev))
383 			return -EOPNOTSUPP;
384 		dev_hold(dev);
385 		rtnl_unlock();
386 		err = br_ioctl_call(net, netdev_priv(dev), cmd, ifr, NULL);
387 		dev_put(dev);
388 		rtnl_lock();
389 		return err;
390 
391 	case SIOCSHWTSTAMP:
392 		err = net_hwtstamp_validate(ifr);
393 		if (err)
394 			return err;
395 		fallthrough;
396 
397 	/*
398 	 *	Unknown or private ioctl
399 	 */
400 	default:
401 		if (cmd >= SIOCDEVPRIVATE &&
402 		    cmd <= SIOCDEVPRIVATE + 15)
403 			return dev_siocdevprivate(dev, ifr, data, cmd);
404 
405 		if (cmd == SIOCGMIIPHY ||
406 		    cmd == SIOCGMIIREG ||
407 		    cmd == SIOCSMIIREG ||
408 		    cmd == SIOCSHWTSTAMP ||
409 		    cmd == SIOCGHWTSTAMP) {
410 			err = dev_eth_ioctl(dev, ifr, cmd);
411 		} else if (cmd == SIOCBONDENSLAVE ||
412 		    cmd == SIOCBONDRELEASE ||
413 		    cmd == SIOCBONDSETHWADDR ||
414 		    cmd == SIOCBONDSLAVEINFOQUERY ||
415 		    cmd == SIOCBONDINFOQUERY ||
416 		    cmd == SIOCBONDCHANGEACTIVE) {
417 			err = dev_siocbond(dev, ifr, cmd);
418 		} else
419 			err = -EINVAL;
420 
421 	}
422 	return err;
423 }
424 
425 /**
426  *	dev_load 	- load a network module
427  *	@net: the applicable net namespace
428  *	@name: name of interface
429  *
430  *	If a network interface is not present and the process has suitable
431  *	privileges this function loads the module. If module loading is not
432  *	available in this kernel then it becomes a nop.
433  */
434 
dev_load(struct net * net,const char * name)435 void dev_load(struct net *net, const char *name)
436 {
437 	struct net_device *dev;
438 	int no_module;
439 
440 	rcu_read_lock();
441 	dev = dev_get_by_name_rcu(net, name);
442 	rcu_read_unlock();
443 
444 	no_module = !dev;
445 	if (no_module && capable(CAP_NET_ADMIN))
446 		no_module = request_module("netdev-%s", name);
447 	if (no_module && capable(CAP_SYS_MODULE))
448 		request_module("%s", name);
449 }
450 EXPORT_SYMBOL(dev_load);
451 
452 /*
453  *	This function handles all "interface"-type I/O control requests. The actual
454  *	'doing' part of this is dev_ifsioc above.
455  */
456 
457 /**
458  *	dev_ioctl	-	network device ioctl
459  *	@net: the applicable net namespace
460  *	@cmd: command to issue
461  *	@ifr: pointer to a struct ifreq in user space
462  *	@need_copyout: whether or not copy_to_user() should be called
463  *
464  *	Issue ioctl functions to devices. This is normally called by the
465  *	user space syscall interfaces but can sometimes be useful for
466  *	other purposes. The return value is the return from the syscall if
467  *	positive or a negative errno code on error.
468  */
469 
dev_ioctl(struct net * net,unsigned int cmd,struct ifreq * ifr,void __user * data,bool * need_copyout)470 int dev_ioctl(struct net *net, unsigned int cmd, struct ifreq *ifr,
471 	      void __user *data, bool *need_copyout)
472 {
473 	int ret;
474 	char *colon;
475 
476 	if (need_copyout)
477 		*need_copyout = true;
478 	if (cmd == SIOCGIFNAME)
479 		return dev_ifname(net, ifr);
480 
481 	ifr->ifr_name[IFNAMSIZ-1] = 0;
482 
483 	colon = strchr(ifr->ifr_name, ':');
484 	if (colon)
485 		*colon = 0;
486 
487 	/*
488 	 *	See which interface the caller is talking about.
489 	 */
490 
491 	switch (cmd) {
492 	case SIOCGIFHWADDR:
493 		dev_load(net, ifr->ifr_name);
494 		ret = dev_get_mac_address(&ifr->ifr_hwaddr, net, ifr->ifr_name);
495 		if (colon)
496 			*colon = ':';
497 		return ret;
498 	/*
499 	 *	These ioctl calls:
500 	 *	- can be done by all.
501 	 *	- atomic and do not require locking.
502 	 *	- return a value
503 	 */
504 	case SIOCGIFFLAGS:
505 	case SIOCGIFMETRIC:
506 	case SIOCGIFMTU:
507 	case SIOCGIFSLAVE:
508 	case SIOCGIFMAP:
509 	case SIOCGIFINDEX:
510 	case SIOCGIFTXQLEN:
511 		dev_load(net, ifr->ifr_name);
512 		rcu_read_lock();
513 		ret = dev_ifsioc_locked(net, ifr, cmd);
514 		rcu_read_unlock();
515 		if (colon)
516 			*colon = ':';
517 		return ret;
518 
519 	case SIOCETHTOOL:
520 		dev_load(net, ifr->ifr_name);
521 		rtnl_lock();
522 		ret = dev_ethtool(net, ifr, data);
523 		rtnl_unlock();
524 		if (colon)
525 			*colon = ':';
526 		return ret;
527 
528 	/*
529 	 *	These ioctl calls:
530 	 *	- require superuser power.
531 	 *	- require strict serialization.
532 	 *	- return a value
533 	 */
534 	case SIOCGMIIPHY:
535 	case SIOCGMIIREG:
536 	case SIOCSIFNAME:
537 		dev_load(net, ifr->ifr_name);
538 		if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
539 			return -EPERM;
540 		rtnl_lock();
541 		ret = dev_ifsioc(net, ifr, data, cmd);
542 		rtnl_unlock();
543 		if (colon)
544 			*colon = ':';
545 		return ret;
546 
547 	/*
548 	 *	These ioctl calls:
549 	 *	- require superuser power.
550 	 *	- require strict serialization.
551 	 *	- do not return a value
552 	 */
553 	case SIOCSIFMAP:
554 	case SIOCSIFTXQLEN:
555 		if (!capable(CAP_NET_ADMIN))
556 			return -EPERM;
557 		fallthrough;
558 	/*
559 	 *	These ioctl calls:
560 	 *	- require local superuser power.
561 	 *	- require strict serialization.
562 	 *	- do not return a value
563 	 */
564 	case SIOCSIFFLAGS:
565 	case SIOCSIFMETRIC:
566 	case SIOCSIFMTU:
567 	case SIOCSIFHWADDR:
568 	case SIOCSIFSLAVE:
569 	case SIOCADDMULTI:
570 	case SIOCDELMULTI:
571 	case SIOCSIFHWBROADCAST:
572 	case SIOCSMIIREG:
573 	case SIOCBONDENSLAVE:
574 	case SIOCBONDRELEASE:
575 	case SIOCBONDSETHWADDR:
576 	case SIOCBONDCHANGEACTIVE:
577 	case SIOCBRADDIF:
578 	case SIOCBRDELIF:
579 	case SIOCSHWTSTAMP:
580 		if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
581 			return -EPERM;
582 		fallthrough;
583 	case SIOCBONDSLAVEINFOQUERY:
584 	case SIOCBONDINFOQUERY:
585 		dev_load(net, ifr->ifr_name);
586 		rtnl_lock();
587 		ret = dev_ifsioc(net, ifr, data, cmd);
588 		rtnl_unlock();
589 		if (need_copyout)
590 			*need_copyout = false;
591 		return ret;
592 
593 	case SIOCGIFMEM:
594 		/* Get the per device memory space. We can add this but
595 		 * currently do not support it */
596 	case SIOCSIFMEM:
597 		/* Set the per device memory buffer space.
598 		 * Not applicable in our case */
599 	case SIOCSIFLINK:
600 		return -ENOTTY;
601 
602 	/*
603 	 *	Unknown or private ioctl.
604 	 */
605 	default:
606 		if (cmd == SIOCWANDEV ||
607 		    cmd == SIOCGHWTSTAMP ||
608 		    (cmd >= SIOCDEVPRIVATE &&
609 		     cmd <= SIOCDEVPRIVATE + 15)) {
610 			dev_load(net, ifr->ifr_name);
611 			rtnl_lock();
612 			ret = dev_ifsioc(net, ifr, data, cmd);
613 			rtnl_unlock();
614 			return ret;
615 		}
616 		return -ENOTTY;
617 	}
618 }
619