1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * ioctl32.c: Conversion between 32bit and 64bit native ioctls.
4  *
5  * Copyright (C) 1997-2000  Jakub Jelinek  (jakub@redhat.com)
6  * Copyright (C) 1998  Eddie C. Dost  (ecd@skynet.be)
7  * Copyright (C) 2001,2002  Andi Kleen, SuSE Labs
8  * Copyright (C) 2003       Pavel Machek (pavel@ucw.cz)
9  *
10  * These routines maintain argument size conversion between 32bit and 64bit
11  * ioctls.
12  */
13 
14 #include <linux/joystick.h>
15 
16 #include <linux/types.h>
17 #include <linux/compat.h>
18 #include <linux/kernel.h>
19 #include <linux/capability.h>
20 #include <linux/compiler.h>
21 #include <linux/sched.h>
22 #include <linux/smp.h>
23 #include <linux/ioctl.h>
24 #include <linux/if.h>
25 #include <linux/if_bridge.h>
26 #include <linux/raid/md_u.h>
27 #include <linux/kd.h>
28 #include <linux/route.h>
29 #include <linux/in6.h>
30 #include <linux/ipv6_route.h>
31 #include <linux/skbuff.h>
32 #include <linux/netlink.h>
33 #include <linux/vt.h>
34 #include <linux/falloc.h>
35 #include <linux/fs.h>
36 #include <linux/file.h>
37 #include <linux/ppp_defs.h>
38 #include <linux/ppp-ioctl.h>
39 #include <linux/if_pppox.h>
40 #include <linux/mtio.h>
41 #include <linux/tty.h>
42 #include <linux/vt_kern.h>
43 #include <linux/fb.h>
44 #include <linux/videodev2.h>
45 #include <linux/netdevice.h>
46 #include <linux/raw.h>
47 #include <linux/blkdev.h>
48 #include <linux/elevator.h>
49 #include <linux/rtc.h>
50 #include <linux/pci.h>
51 #include <linux/serial.h>
52 #include <linux/if_tun.h>
53 #include <linux/ctype.h>
54 #include <linux/syscalls.h>
55 #include <linux/atalk.h>
56 #include <linux/gfp.h>
57 #include <linux/cec.h>
58 
59 #include "internal.h"
60 
61 #include <net/bluetooth/bluetooth.h>
62 #include <net/bluetooth/hci_sock.h>
63 #include <net/bluetooth/rfcomm.h>
64 
65 #include <linux/capi.h>
66 #include <linux/gigaset_dev.h>
67 
68 #ifdef CONFIG_BLOCK
69 #include <linux/cdrom.h>
70 #include <linux/fd.h>
71 #include <scsi/scsi.h>
72 #include <scsi/scsi_ioctl.h>
73 #include <scsi/sg.h>
74 #endif
75 
76 #include <linux/uaccess.h>
77 #include <linux/ethtool.h>
78 #include <linux/mii.h>
79 #include <linux/if_bonding.h>
80 #include <linux/watchdog.h>
81 
82 #include <linux/soundcard.h>
83 #include <linux/lp.h>
84 #include <linux/ppdev.h>
85 
86 #include <linux/atm.h>
87 #include <linux/atmarp.h>
88 #include <linux/atmclip.h>
89 #include <linux/atmdev.h>
90 #include <linux/atmioc.h>
91 #include <linux/atmlec.h>
92 #include <linux/atmmpc.h>
93 #include <linux/atmsvc.h>
94 #include <linux/atm_tcp.h>
95 #include <linux/sonet.h>
96 #include <linux/atm_suni.h>
97 
98 #include <linux/usb.h>
99 #include <linux/usbdevice_fs.h>
100 #include <linux/nbd.h>
101 #include <linux/random.h>
102 #include <linux/filter.h>
103 
104 #include <linux/hiddev.h>
105 
106 #define __DVB_CORE__
107 #include <linux/dvb/audio.h>
108 #include <linux/dvb/dmx.h>
109 #include <linux/dvb/frontend.h>
110 #include <linux/dvb/video.h>
111 
112 #include <linux/sort.h>
113 
114 #ifdef CONFIG_SPARC
115 #include <asm/fbio.h>
116 #endif
117 
118 #define convert_in_user(srcptr, dstptr)			\
119 ({							\
120 	typeof(*srcptr) val;				\
121 							\
122 	get_user(val, srcptr) || put_user(val, dstptr);	\
123 })
124 
do_ioctl(struct file * file,unsigned int cmd,unsigned long arg)125 static int do_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
126 {
127 	int err;
128 
129 	err = security_file_ioctl(file, cmd, arg);
130 	if (err)
131 		return err;
132 
133 	return vfs_ioctl(file, cmd, arg);
134 }
135 
136 struct compat_video_event {
137 	int32_t		type;
138 	compat_time_t	timestamp;
139 	union {
140 	        video_size_t size;
141 		unsigned int frame_rate;
142 	} u;
143 };
144 
do_video_get_event(struct file * file,unsigned int cmd,struct compat_video_event __user * up)145 static int do_video_get_event(struct file *file,
146 		unsigned int cmd, struct compat_video_event __user *up)
147 {
148 	struct video_event __user *kevent =
149 		compat_alloc_user_space(sizeof(*kevent));
150 	int err;
151 
152 	if (kevent == NULL)
153 		return -EFAULT;
154 
155 	err = do_ioctl(file, cmd, (unsigned long)kevent);
156 	if (!err) {
157 		err  = convert_in_user(&kevent->type, &up->type);
158 		err |= convert_in_user(&kevent->timestamp, &up->timestamp);
159 		err |= convert_in_user(&kevent->u.size.w, &up->u.size.w);
160 		err |= convert_in_user(&kevent->u.size.h, &up->u.size.h);
161 		err |= convert_in_user(&kevent->u.size.aspect_ratio,
162 				&up->u.size.aspect_ratio);
163 		if (err)
164 			err = -EFAULT;
165 	}
166 
167 	return err;
168 }
169 
170 struct compat_video_still_picture {
171         compat_uptr_t iFrame;
172         int32_t size;
173 };
174 
do_video_stillpicture(struct file * file,unsigned int cmd,struct compat_video_still_picture __user * up)175 static int do_video_stillpicture(struct file *file,
176 		unsigned int cmd, struct compat_video_still_picture __user *up)
177 {
178 	struct video_still_picture __user *up_native;
179 	compat_uptr_t fp;
180 	int32_t size;
181 	int err;
182 
183 	err  = get_user(fp, &up->iFrame);
184 	err |= get_user(size, &up->size);
185 	if (err)
186 		return -EFAULT;
187 
188 	up_native =
189 		compat_alloc_user_space(sizeof(struct video_still_picture));
190 
191 	err =  put_user(compat_ptr(fp), &up_native->iFrame);
192 	err |= put_user(size, &up_native->size);
193 	if (err)
194 		return -EFAULT;
195 
196 	err = do_ioctl(file, cmd, (unsigned long) up_native);
197 
198 	return err;
199 }
200 
201 #ifdef CONFIG_BLOCK
202 typedef struct sg_io_hdr32 {
203 	compat_int_t interface_id;	/* [i] 'S' for SCSI generic (required) */
204 	compat_int_t dxfer_direction;	/* [i] data transfer direction  */
205 	unsigned char cmd_len;		/* [i] SCSI command length ( <= 16 bytes) */
206 	unsigned char mx_sb_len;		/* [i] max length to write to sbp */
207 	unsigned short iovec_count;	/* [i] 0 implies no scatter gather */
208 	compat_uint_t dxfer_len;		/* [i] byte count of data transfer */
209 	compat_uint_t dxferp;		/* [i], [*io] points to data transfer memory
210 					      or scatter gather list */
211 	compat_uptr_t cmdp;		/* [i], [*i] points to command to perform */
212 	compat_uptr_t sbp;		/* [i], [*o] points to sense_buffer memory */
213 	compat_uint_t timeout;		/* [i] MAX_UINT->no timeout (unit: millisec) */
214 	compat_uint_t flags;		/* [i] 0 -> default, see SG_FLAG... */
215 	compat_int_t pack_id;		/* [i->o] unused internally (normally) */
216 	compat_uptr_t usr_ptr;		/* [i->o] unused internally */
217 	unsigned char status;		/* [o] scsi status */
218 	unsigned char masked_status;	/* [o] shifted, masked scsi status */
219 	unsigned char msg_status;		/* [o] messaging level data (optional) */
220 	unsigned char sb_len_wr;		/* [o] byte count actually written to sbp */
221 	unsigned short host_status;	/* [o] errors from host adapter */
222 	unsigned short driver_status;	/* [o] errors from software driver */
223 	compat_int_t resid;		/* [o] dxfer_len - actual_transferred */
224 	compat_uint_t duration;		/* [o] time taken by cmd (unit: millisec) */
225 	compat_uint_t info;		/* [o] auxiliary information */
226 } sg_io_hdr32_t;  /* 64 bytes long (on sparc32) */
227 
228 typedef struct sg_iovec32 {
229 	compat_uint_t iov_base;
230 	compat_uint_t iov_len;
231 } sg_iovec32_t;
232 
sg_build_iovec(sg_io_hdr_t __user * sgio,void __user * dxferp,u16 iovec_count)233 static int sg_build_iovec(sg_io_hdr_t __user *sgio, void __user *dxferp, u16 iovec_count)
234 {
235 	sg_iovec_t __user *iov = (sg_iovec_t __user *) (sgio + 1);
236 	sg_iovec32_t __user *iov32 = dxferp;
237 	int i;
238 
239 	for (i = 0; i < iovec_count; i++) {
240 		u32 base, len;
241 
242 		if (get_user(base, &iov32[i].iov_base) ||
243 		    get_user(len, &iov32[i].iov_len) ||
244 		    put_user(compat_ptr(base), &iov[i].iov_base) ||
245 		    put_user(len, &iov[i].iov_len))
246 			return -EFAULT;
247 	}
248 
249 	if (put_user(iov, &sgio->dxferp))
250 		return -EFAULT;
251 	return 0;
252 }
253 
sg_ioctl_trans(struct file * file,unsigned int cmd,sg_io_hdr32_t __user * sgio32)254 static int sg_ioctl_trans(struct file *file, unsigned int cmd,
255 			sg_io_hdr32_t __user *sgio32)
256 {
257 	sg_io_hdr_t __user *sgio;
258 	u16 iovec_count;
259 	u32 data;
260 	void __user *dxferp;
261 	int err;
262 	int interface_id;
263 
264 	if (get_user(interface_id, &sgio32->interface_id))
265 		return -EFAULT;
266 	if (interface_id != 'S')
267 		return do_ioctl(file, cmd, (unsigned long)sgio32);
268 
269 	if (get_user(iovec_count, &sgio32->iovec_count))
270 		return -EFAULT;
271 
272 	{
273 		void __user *top = compat_alloc_user_space(0);
274 		void __user *new = compat_alloc_user_space(sizeof(sg_io_hdr_t) +
275 				       (iovec_count * sizeof(sg_iovec_t)));
276 		if (new > top)
277 			return -EINVAL;
278 
279 		sgio = new;
280 	}
281 
282 	/* Ok, now construct.  */
283 	if (copy_in_user(&sgio->interface_id, &sgio32->interface_id,
284 			 (2 * sizeof(int)) +
285 			 (2 * sizeof(unsigned char)) +
286 			 (1 * sizeof(unsigned short)) +
287 			 (1 * sizeof(unsigned int))))
288 		return -EFAULT;
289 
290 	if (get_user(data, &sgio32->dxferp))
291 		return -EFAULT;
292 	dxferp = compat_ptr(data);
293 	if (iovec_count) {
294 		if (sg_build_iovec(sgio, dxferp, iovec_count))
295 			return -EFAULT;
296 	} else {
297 		if (put_user(dxferp, &sgio->dxferp))
298 			return -EFAULT;
299 	}
300 
301 	{
302 		unsigned char __user *cmdp;
303 		unsigned char __user *sbp;
304 
305 		if (get_user(data, &sgio32->cmdp))
306 			return -EFAULT;
307 		cmdp = compat_ptr(data);
308 
309 		if (get_user(data, &sgio32->sbp))
310 			return -EFAULT;
311 		sbp = compat_ptr(data);
312 
313 		if (put_user(cmdp, &sgio->cmdp) ||
314 		    put_user(sbp, &sgio->sbp))
315 			return -EFAULT;
316 	}
317 
318 	if (copy_in_user(&sgio->timeout, &sgio32->timeout,
319 			 3 * sizeof(int)))
320 		return -EFAULT;
321 
322 	if (get_user(data, &sgio32->usr_ptr))
323 		return -EFAULT;
324 	if (put_user(compat_ptr(data), &sgio->usr_ptr))
325 		return -EFAULT;
326 
327 	err = do_ioctl(file, cmd, (unsigned long) sgio);
328 
329 	if (err >= 0) {
330 		void __user *datap;
331 
332 		if (copy_in_user(&sgio32->pack_id, &sgio->pack_id,
333 				 sizeof(int)) ||
334 		    get_user(datap, &sgio->usr_ptr) ||
335 		    put_user((u32)(unsigned long)datap,
336 			     &sgio32->usr_ptr) ||
337 		    copy_in_user(&sgio32->status, &sgio->status,
338 				 (4 * sizeof(unsigned char)) +
339 				 (2 * sizeof(unsigned short)) +
340 				 (3 * sizeof(int))))
341 			err = -EFAULT;
342 	}
343 
344 	return err;
345 }
346 
347 struct compat_sg_req_info { /* used by SG_GET_REQUEST_TABLE ioctl() */
348 	char req_state;
349 	char orphan;
350 	char sg_io_owned;
351 	char problem;
352 	int pack_id;
353 	compat_uptr_t usr_ptr;
354 	unsigned int duration;
355 	int unused;
356 };
357 
sg_grt_trans(struct file * file,unsigned int cmd,struct compat_sg_req_info __user * o)358 static int sg_grt_trans(struct file *file,
359 		unsigned int cmd, struct compat_sg_req_info __user *o)
360 {
361 	int err, i;
362 	sg_req_info_t __user *r;
363 	r = compat_alloc_user_space(sizeof(sg_req_info_t)*SG_MAX_QUEUE);
364 	err = do_ioctl(file, cmd, (unsigned long)r);
365 	if (err < 0)
366 		return err;
367 	for (i = 0; i < SG_MAX_QUEUE; i++) {
368 		void __user *ptr;
369 		int d;
370 
371 		if (copy_in_user(o + i, r + i, offsetof(sg_req_info_t, usr_ptr)) ||
372 		    get_user(ptr, &r[i].usr_ptr) ||
373 		    get_user(d, &r[i].duration) ||
374 		    put_user((u32)(unsigned long)(ptr), &o[i].usr_ptr) ||
375 		    put_user(d, &o[i].duration))
376 			return -EFAULT;
377 	}
378 	return err;
379 }
380 #endif /* CONFIG_BLOCK */
381 
382 struct sock_fprog32 {
383 	unsigned short	len;
384 	compat_caddr_t	filter;
385 };
386 
387 #define PPPIOCSPASS32	_IOW('t', 71, struct sock_fprog32)
388 #define PPPIOCSACTIVE32	_IOW('t', 70, struct sock_fprog32)
389 
ppp_sock_fprog_ioctl_trans(struct file * file,unsigned int cmd,struct sock_fprog32 __user * u_fprog32)390 static int ppp_sock_fprog_ioctl_trans(struct file *file,
391 		unsigned int cmd, struct sock_fprog32 __user *u_fprog32)
392 {
393 	struct sock_fprog __user *u_fprog64 = compat_alloc_user_space(sizeof(struct sock_fprog));
394 	void __user *fptr64;
395 	u32 fptr32;
396 	u16 flen;
397 
398 	if (get_user(flen, &u_fprog32->len) ||
399 	    get_user(fptr32, &u_fprog32->filter))
400 		return -EFAULT;
401 
402 	fptr64 = compat_ptr(fptr32);
403 
404 	if (put_user(flen, &u_fprog64->len) ||
405 	    put_user(fptr64, &u_fprog64->filter))
406 		return -EFAULT;
407 
408 	if (cmd == PPPIOCSPASS32)
409 		cmd = PPPIOCSPASS;
410 	else
411 		cmd = PPPIOCSACTIVE;
412 
413 	return do_ioctl(file, cmd, (unsigned long) u_fprog64);
414 }
415 
416 struct ppp_option_data32 {
417 	compat_caddr_t	ptr;
418 	u32			length;
419 	compat_int_t		transmit;
420 };
421 #define PPPIOCSCOMPRESS32	_IOW('t', 77, struct ppp_option_data32)
422 
423 struct ppp_idle32 {
424 	compat_time_t xmit_idle;
425 	compat_time_t recv_idle;
426 };
427 #define PPPIOCGIDLE32		_IOR('t', 63, struct ppp_idle32)
428 
ppp_gidle(struct file * file,unsigned int cmd,struct ppp_idle32 __user * idle32)429 static int ppp_gidle(struct file *file, unsigned int cmd,
430 		struct ppp_idle32 __user *idle32)
431 {
432 	struct ppp_idle __user *idle;
433 	__kernel_time_t xmit, recv;
434 	int err;
435 
436 	idle = compat_alloc_user_space(sizeof(*idle));
437 
438 	err = do_ioctl(file, PPPIOCGIDLE, (unsigned long) idle);
439 
440 	if (!err) {
441 		if (get_user(xmit, &idle->xmit_idle) ||
442 		    get_user(recv, &idle->recv_idle) ||
443 		    put_user(xmit, &idle32->xmit_idle) ||
444 		    put_user(recv, &idle32->recv_idle))
445 			err = -EFAULT;
446 	}
447 	return err;
448 }
449 
ppp_scompress(struct file * file,unsigned int cmd,struct ppp_option_data32 __user * odata32)450 static int ppp_scompress(struct file *file, unsigned int cmd,
451 	struct ppp_option_data32 __user *odata32)
452 {
453 	struct ppp_option_data __user *odata;
454 	__u32 data;
455 	void __user *datap;
456 
457 	odata = compat_alloc_user_space(sizeof(*odata));
458 
459 	if (get_user(data, &odata32->ptr))
460 		return -EFAULT;
461 
462 	datap = compat_ptr(data);
463 	if (put_user(datap, &odata->ptr))
464 		return -EFAULT;
465 
466 	if (copy_in_user(&odata->length, &odata32->length,
467 			 sizeof(__u32) + sizeof(int)))
468 		return -EFAULT;
469 
470 	return do_ioctl(file, PPPIOCSCOMPRESS, (unsigned long) odata);
471 }
472 
473 #ifdef CONFIG_BLOCK
474 struct mtget32 {
475 	compat_long_t	mt_type;
476 	compat_long_t	mt_resid;
477 	compat_long_t	mt_dsreg;
478 	compat_long_t	mt_gstat;
479 	compat_long_t	mt_erreg;
480 	compat_daddr_t	mt_fileno;
481 	compat_daddr_t	mt_blkno;
482 };
483 #define MTIOCGET32	_IOR('m', 2, struct mtget32)
484 
485 struct mtpos32 {
486 	compat_long_t	mt_blkno;
487 };
488 #define MTIOCPOS32	_IOR('m', 3, struct mtpos32)
489 
mt_ioctl_trans(struct file * file,unsigned int cmd,void __user * argp)490 static int mt_ioctl_trans(struct file *file,
491 		unsigned int cmd, void __user *argp)
492 {
493 	/* NULL initialization to make gcc shut up */
494 	struct mtget __user *get = NULL;
495 	struct mtget32 __user *umget32;
496 	struct mtpos __user *pos = NULL;
497 	struct mtpos32 __user *upos32;
498 	unsigned long kcmd;
499 	void *karg;
500 	int err = 0;
501 
502 	switch(cmd) {
503 	case MTIOCPOS32:
504 		kcmd = MTIOCPOS;
505 		pos = compat_alloc_user_space(sizeof(*pos));
506 		karg = pos;
507 		break;
508 	default:	/* MTIOCGET32 */
509 		kcmd = MTIOCGET;
510 		get = compat_alloc_user_space(sizeof(*get));
511 		karg = get;
512 		break;
513 	}
514 	if (karg == NULL)
515 		return -EFAULT;
516 	err = do_ioctl(file, kcmd, (unsigned long)karg);
517 	if (err)
518 		return err;
519 	switch (cmd) {
520 	case MTIOCPOS32:
521 		upos32 = argp;
522 		err = convert_in_user(&pos->mt_blkno, &upos32->mt_blkno);
523 		break;
524 	case MTIOCGET32:
525 		umget32 = argp;
526 		err = convert_in_user(&get->mt_type, &umget32->mt_type);
527 		err |= convert_in_user(&get->mt_resid, &umget32->mt_resid);
528 		err |= convert_in_user(&get->mt_dsreg, &umget32->mt_dsreg);
529 		err |= convert_in_user(&get->mt_gstat, &umget32->mt_gstat);
530 		err |= convert_in_user(&get->mt_erreg, &umget32->mt_erreg);
531 		err |= convert_in_user(&get->mt_fileno, &umget32->mt_fileno);
532 		err |= convert_in_user(&get->mt_blkno, &umget32->mt_blkno);
533 		break;
534 	}
535 	return err ? -EFAULT: 0;
536 }
537 
538 #endif /* CONFIG_BLOCK */
539 
540 /* Bluetooth ioctls */
541 #define HCIUARTSETPROTO		_IOW('U', 200, int)
542 #define HCIUARTGETPROTO		_IOR('U', 201, int)
543 #define HCIUARTGETDEVICE	_IOR('U', 202, int)
544 #define HCIUARTSETFLAGS		_IOW('U', 203, int)
545 #define HCIUARTGETFLAGS		_IOR('U', 204, int)
546 
547 #define BNEPCONNADD	_IOW('B', 200, int)
548 #define BNEPCONNDEL	_IOW('B', 201, int)
549 #define BNEPGETCONNLIST	_IOR('B', 210, int)
550 #define BNEPGETCONNINFO	_IOR('B', 211, int)
551 #define BNEPGETSUPPFEAT	_IOR('B', 212, int)
552 
553 #define CMTPCONNADD	_IOW('C', 200, int)
554 #define CMTPCONNDEL	_IOW('C', 201, int)
555 #define CMTPGETCONNLIST	_IOR('C', 210, int)
556 #define CMTPGETCONNINFO	_IOR('C', 211, int)
557 
558 #define HIDPCONNADD	_IOW('H', 200, int)
559 #define HIDPCONNDEL	_IOW('H', 201, int)
560 #define HIDPGETCONNLIST	_IOR('H', 210, int)
561 #define HIDPGETCONNINFO	_IOR('H', 211, int)
562 
563 
564 struct serial_struct32 {
565         compat_int_t    type;
566         compat_int_t    line;
567         compat_uint_t   port;
568         compat_int_t    irq;
569         compat_int_t    flags;
570         compat_int_t    xmit_fifo_size;
571         compat_int_t    custom_divisor;
572         compat_int_t    baud_base;
573         unsigned short  close_delay;
574         char    io_type;
575         char    reserved_char[1];
576         compat_int_t    hub6;
577         unsigned short  closing_wait; /* time to wait before closing */
578         unsigned short  closing_wait2; /* no longer used... */
579         compat_uint_t   iomem_base;
580         unsigned short  iomem_reg_shift;
581         unsigned int    port_high;
582      /* compat_ulong_t  iomap_base FIXME */
583         compat_int_t    reserved[1];
584 };
585 
serial_struct_ioctl(struct file * file,unsigned cmd,struct serial_struct32 __user * ss32)586 static int serial_struct_ioctl(struct file *file,
587 		unsigned cmd, struct serial_struct32 __user *ss32)
588 {
589         typedef struct serial_struct32 SS32;
590         int err;
591 	struct serial_struct __user *ss = compat_alloc_user_space(sizeof(*ss));
592         __u32 udata;
593 	unsigned int base;
594 	unsigned char *iomem_base;
595 
596 	if (ss == NULL)
597 		return -EFAULT;
598         if (cmd == TIOCSSERIAL) {
599 		if (copy_in_user(ss, ss32, offsetof(SS32, iomem_base)) ||
600 		    get_user(udata, &ss32->iomem_base))
601 			return -EFAULT;
602 		iomem_base = compat_ptr(udata);
603 		if (put_user(iomem_base, &ss->iomem_base) ||
604 		    convert_in_user(&ss32->iomem_reg_shift,
605 		      &ss->iomem_reg_shift) ||
606 		    convert_in_user(&ss32->port_high, &ss->port_high) ||
607 		    put_user(0UL, &ss->iomap_base))
608 			return -EFAULT;
609         }
610 	err = do_ioctl(file, cmd, (unsigned long)ss);
611         if (cmd == TIOCGSERIAL && err >= 0) {
612 		if (copy_in_user(ss32, ss, offsetof(SS32, iomem_base)) ||
613 		    get_user(iomem_base, &ss->iomem_base))
614 			return -EFAULT;
615 		base = (unsigned long)iomem_base  >> 32 ?
616 			0xffffffff : (unsigned)(unsigned long)iomem_base;
617 		if (put_user(base, &ss32->iomem_base) ||
618 		    convert_in_user(&ss->iomem_reg_shift,
619 		      &ss32->iomem_reg_shift) ||
620 		    convert_in_user(&ss->port_high, &ss32->port_high))
621 			return -EFAULT;
622         }
623         return err;
624 }
625 
626 #define RTC_IRQP_READ32		_IOR('p', 0x0b, compat_ulong_t)
627 #define RTC_IRQP_SET32		_IOW('p', 0x0c, compat_ulong_t)
628 #define RTC_EPOCH_READ32	_IOR('p', 0x0d, compat_ulong_t)
629 #define RTC_EPOCH_SET32		_IOW('p', 0x0e, compat_ulong_t)
630 
rtc_ioctl(struct file * file,unsigned cmd,void __user * argp)631 static int rtc_ioctl(struct file *file,
632 		unsigned cmd, void __user *argp)
633 {
634 	unsigned long __user *valp = compat_alloc_user_space(sizeof(*valp));
635 	int ret;
636 
637 	if (valp == NULL)
638 		return -EFAULT;
639 	switch (cmd) {
640 	case RTC_IRQP_READ32:
641 	case RTC_EPOCH_READ32:
642 		ret = do_ioctl(file, (cmd == RTC_IRQP_READ32) ?
643 					RTC_IRQP_READ : RTC_EPOCH_READ,
644 					(unsigned long)valp);
645 		if (ret)
646 			return ret;
647 		return convert_in_user(valp, (unsigned int __user *)argp);
648 	case RTC_IRQP_SET32:
649 		return do_ioctl(file, RTC_IRQP_SET, (unsigned long)argp);
650 	case RTC_EPOCH_SET32:
651 		return do_ioctl(file, RTC_EPOCH_SET, (unsigned long)argp);
652 	}
653 
654 	return -ENOIOCTLCMD;
655 }
656 
657 /* on ia32 l_start is on a 32-bit boundary */
658 #if defined(CONFIG_IA64) || defined(CONFIG_X86_64)
659 struct space_resv_32 {
660 	__s16		l_type;
661 	__s16		l_whence;
662 	__s64		l_start	__attribute__((packed));
663 			/* len == 0 means until end of file */
664 	__s64		l_len __attribute__((packed));
665 	__s32		l_sysid;
666 	__u32		l_pid;
667 	__s32		l_pad[4];	/* reserve area */
668 };
669 
670 #define FS_IOC_RESVSP_32		_IOW ('X', 40, struct space_resv_32)
671 #define FS_IOC_RESVSP64_32	_IOW ('X', 42, struct space_resv_32)
672 
673 /* just account for different alignment */
compat_ioctl_preallocate(struct file * file,struct space_resv_32 __user * p32)674 static int compat_ioctl_preallocate(struct file *file,
675 			struct space_resv_32    __user *p32)
676 {
677 	struct space_resv	__user *p = compat_alloc_user_space(sizeof(*p));
678 
679 	if (copy_in_user(&p->l_type,	&p32->l_type,	sizeof(s16)) ||
680 	    copy_in_user(&p->l_whence,	&p32->l_whence, sizeof(s16)) ||
681 	    copy_in_user(&p->l_start,	&p32->l_start,	sizeof(s64)) ||
682 	    copy_in_user(&p->l_len,	&p32->l_len,	sizeof(s64)) ||
683 	    copy_in_user(&p->l_sysid,	&p32->l_sysid,	sizeof(s32)) ||
684 	    copy_in_user(&p->l_pid,	&p32->l_pid,	sizeof(u32)) ||
685 	    copy_in_user(&p->l_pad,	&p32->l_pad,	4*sizeof(u32)))
686 		return -EFAULT;
687 
688 	return ioctl_preallocate(file, p);
689 }
690 #endif
691 
692 /*
693  * simple reversible transform to make our table more evenly
694  * distributed after sorting.
695  */
696 #define XFORM(i) (((i) ^ ((i) << 27) ^ ((i) << 17)) & 0xffffffff)
697 
698 #define COMPATIBLE_IOCTL(cmd) XFORM((u32)cmd),
699 /* ioctl should not be warned about even if it's not implemented.
700    Valid reasons to use this:
701    - It is implemented with ->compat_ioctl on some device, but programs
702    call it on others too.
703    - The ioctl is not implemented in the native kernel, but programs
704    call it commonly anyways.
705    Most other reasons are not valid. */
706 #define IGNORE_IOCTL(cmd) COMPATIBLE_IOCTL(cmd)
707 
708 static unsigned int ioctl_pointer[] = {
709 /* compatible ioctls first */
710 COMPATIBLE_IOCTL(0x4B50)   /* KDGHWCLK - not in the kernel, but don't complain */
711 COMPATIBLE_IOCTL(0x4B51)   /* KDSHWCLK - not in the kernel, but don't complain */
712 
713 /* Big T */
714 COMPATIBLE_IOCTL(TCGETA)
715 COMPATIBLE_IOCTL(TCSETA)
716 COMPATIBLE_IOCTL(TCSETAW)
717 COMPATIBLE_IOCTL(TCSETAF)
718 COMPATIBLE_IOCTL(TCSBRK)
719 COMPATIBLE_IOCTL(TCXONC)
720 COMPATIBLE_IOCTL(TCFLSH)
721 COMPATIBLE_IOCTL(TCGETS)
722 COMPATIBLE_IOCTL(TCSETS)
723 COMPATIBLE_IOCTL(TCSETSW)
724 COMPATIBLE_IOCTL(TCSETSF)
725 COMPATIBLE_IOCTL(TIOCLINUX)
726 COMPATIBLE_IOCTL(TIOCSBRK)
727 COMPATIBLE_IOCTL(TIOCGDEV)
728 COMPATIBLE_IOCTL(TIOCCBRK)
729 COMPATIBLE_IOCTL(TIOCGSID)
730 COMPATIBLE_IOCTL(TIOCGICOUNT)
731 COMPATIBLE_IOCTL(TIOCGEXCL)
732 /* Little t */
733 COMPATIBLE_IOCTL(TIOCGETD)
734 COMPATIBLE_IOCTL(TIOCSETD)
735 COMPATIBLE_IOCTL(TIOCEXCL)
736 COMPATIBLE_IOCTL(TIOCNXCL)
737 COMPATIBLE_IOCTL(TIOCCONS)
738 COMPATIBLE_IOCTL(TIOCGSOFTCAR)
739 COMPATIBLE_IOCTL(TIOCSSOFTCAR)
740 COMPATIBLE_IOCTL(TIOCSWINSZ)
741 COMPATIBLE_IOCTL(TIOCGWINSZ)
742 COMPATIBLE_IOCTL(TIOCMGET)
743 COMPATIBLE_IOCTL(TIOCMBIC)
744 COMPATIBLE_IOCTL(TIOCMBIS)
745 COMPATIBLE_IOCTL(TIOCMSET)
746 COMPATIBLE_IOCTL(TIOCNOTTY)
747 COMPATIBLE_IOCTL(TIOCSTI)
748 COMPATIBLE_IOCTL(TIOCOUTQ)
749 COMPATIBLE_IOCTL(TIOCSPGRP)
750 COMPATIBLE_IOCTL(TIOCGPGRP)
751 COMPATIBLE_IOCTL(TIOCSERGETLSR)
752 #ifdef TIOCSRS485
753 COMPATIBLE_IOCTL(TIOCSRS485)
754 #endif
755 #ifdef TIOCGRS485
756 COMPATIBLE_IOCTL(TIOCGRS485)
757 #endif
758 #ifdef TCGETS2
759 COMPATIBLE_IOCTL(TCGETS2)
760 COMPATIBLE_IOCTL(TCSETS2)
761 COMPATIBLE_IOCTL(TCSETSW2)
762 COMPATIBLE_IOCTL(TCSETSF2)
763 #endif
764 /* Little f */
765 COMPATIBLE_IOCTL(FIOCLEX)
766 COMPATIBLE_IOCTL(FIONCLEX)
767 COMPATIBLE_IOCTL(FIOASYNC)
768 COMPATIBLE_IOCTL(FIONBIO)
769 COMPATIBLE_IOCTL(FIONREAD)  /* This is also TIOCINQ */
770 COMPATIBLE_IOCTL(FS_IOC_FIEMAP)
771 /* 0x00 */
772 COMPATIBLE_IOCTL(FIBMAP)
773 COMPATIBLE_IOCTL(FIGETBSZ)
774 /* 'X' - originally XFS but some now in the VFS */
775 COMPATIBLE_IOCTL(FIFREEZE)
776 COMPATIBLE_IOCTL(FITHAW)
777 COMPATIBLE_IOCTL(FITRIM)
778 COMPATIBLE_IOCTL(KDGETKEYCODE)
779 COMPATIBLE_IOCTL(KDSETKEYCODE)
780 COMPATIBLE_IOCTL(KDGKBTYPE)
781 COMPATIBLE_IOCTL(KDGETMODE)
782 COMPATIBLE_IOCTL(KDGKBMODE)
783 COMPATIBLE_IOCTL(KDGKBMETA)
784 COMPATIBLE_IOCTL(KDGKBENT)
785 COMPATIBLE_IOCTL(KDSKBENT)
786 COMPATIBLE_IOCTL(KDGKBSENT)
787 COMPATIBLE_IOCTL(KDSKBSENT)
788 COMPATIBLE_IOCTL(KDGKBDIACR)
789 COMPATIBLE_IOCTL(KDSKBDIACR)
790 COMPATIBLE_IOCTL(KDGKBDIACRUC)
791 COMPATIBLE_IOCTL(KDSKBDIACRUC)
792 COMPATIBLE_IOCTL(KDKBDREP)
793 COMPATIBLE_IOCTL(KDGKBLED)
794 COMPATIBLE_IOCTL(KDGETLED)
795 #ifdef CONFIG_BLOCK
796 /* Big S */
797 COMPATIBLE_IOCTL(SCSI_IOCTL_GET_IDLUN)
798 COMPATIBLE_IOCTL(SCSI_IOCTL_DOORLOCK)
799 COMPATIBLE_IOCTL(SCSI_IOCTL_DOORUNLOCK)
800 COMPATIBLE_IOCTL(SCSI_IOCTL_TEST_UNIT_READY)
801 COMPATIBLE_IOCTL(SCSI_IOCTL_GET_BUS_NUMBER)
802 COMPATIBLE_IOCTL(SCSI_IOCTL_SEND_COMMAND)
803 COMPATIBLE_IOCTL(SCSI_IOCTL_PROBE_HOST)
804 COMPATIBLE_IOCTL(SCSI_IOCTL_GET_PCI)
805 #endif
806 /* Big V (don't complain on serial console) */
807 IGNORE_IOCTL(VT_OPENQRY)
808 IGNORE_IOCTL(VT_GETMODE)
809 /* Little p (/dev/rtc, /dev/envctrl, etc.) */
810 COMPATIBLE_IOCTL(RTC_AIE_ON)
811 COMPATIBLE_IOCTL(RTC_AIE_OFF)
812 COMPATIBLE_IOCTL(RTC_UIE_ON)
813 COMPATIBLE_IOCTL(RTC_UIE_OFF)
814 COMPATIBLE_IOCTL(RTC_PIE_ON)
815 COMPATIBLE_IOCTL(RTC_PIE_OFF)
816 COMPATIBLE_IOCTL(RTC_WIE_ON)
817 COMPATIBLE_IOCTL(RTC_WIE_OFF)
818 COMPATIBLE_IOCTL(RTC_ALM_SET)
819 COMPATIBLE_IOCTL(RTC_ALM_READ)
820 COMPATIBLE_IOCTL(RTC_RD_TIME)
821 COMPATIBLE_IOCTL(RTC_SET_TIME)
822 COMPATIBLE_IOCTL(RTC_WKALM_SET)
823 COMPATIBLE_IOCTL(RTC_WKALM_RD)
824 /*
825  * These two are only for the sbus rtc driver, but
826  * hwclock tries them on every rtc device first when
827  * running on sparc.  On other architectures the entries
828  * are useless but harmless.
829  */
830 COMPATIBLE_IOCTL(_IOR('p', 20, int[7])) /* RTCGET */
831 COMPATIBLE_IOCTL(_IOW('p', 21, int[7])) /* RTCSET */
832 /* Little m */
833 COMPATIBLE_IOCTL(MTIOCTOP)
834 /* Socket level stuff */
835 COMPATIBLE_IOCTL(FIOQSIZE)
836 #ifdef CONFIG_BLOCK
837 /* md calls this on random blockdevs */
838 IGNORE_IOCTL(RAID_VERSION)
839 /* qemu/qemu-img might call these two on plain files for probing */
840 IGNORE_IOCTL(CDROM_DRIVE_STATUS)
841 IGNORE_IOCTL(FDGETPRM32)
842 /* SG stuff */
843 COMPATIBLE_IOCTL(SG_SET_TIMEOUT)
844 COMPATIBLE_IOCTL(SG_GET_TIMEOUT)
845 COMPATIBLE_IOCTL(SG_EMULATED_HOST)
846 COMPATIBLE_IOCTL(SG_GET_TRANSFORM)
847 COMPATIBLE_IOCTL(SG_SET_RESERVED_SIZE)
848 COMPATIBLE_IOCTL(SG_GET_RESERVED_SIZE)
849 COMPATIBLE_IOCTL(SG_GET_SCSI_ID)
850 COMPATIBLE_IOCTL(SG_SET_FORCE_LOW_DMA)
851 COMPATIBLE_IOCTL(SG_GET_LOW_DMA)
852 COMPATIBLE_IOCTL(SG_SET_FORCE_PACK_ID)
853 COMPATIBLE_IOCTL(SG_GET_PACK_ID)
854 COMPATIBLE_IOCTL(SG_GET_NUM_WAITING)
855 COMPATIBLE_IOCTL(SG_SET_DEBUG)
856 COMPATIBLE_IOCTL(SG_GET_SG_TABLESIZE)
857 COMPATIBLE_IOCTL(SG_GET_COMMAND_Q)
858 COMPATIBLE_IOCTL(SG_SET_COMMAND_Q)
859 COMPATIBLE_IOCTL(SG_GET_VERSION_NUM)
860 COMPATIBLE_IOCTL(SG_NEXT_CMD_LEN)
861 COMPATIBLE_IOCTL(SG_SCSI_RESET)
862 COMPATIBLE_IOCTL(SG_GET_REQUEST_TABLE)
863 COMPATIBLE_IOCTL(SG_SET_KEEP_ORPHAN)
864 COMPATIBLE_IOCTL(SG_GET_KEEP_ORPHAN)
865 #endif
866 /* PPP stuff */
867 COMPATIBLE_IOCTL(PPPIOCGFLAGS)
868 COMPATIBLE_IOCTL(PPPIOCSFLAGS)
869 COMPATIBLE_IOCTL(PPPIOCGASYNCMAP)
870 COMPATIBLE_IOCTL(PPPIOCSASYNCMAP)
871 COMPATIBLE_IOCTL(PPPIOCGUNIT)
872 COMPATIBLE_IOCTL(PPPIOCGRASYNCMAP)
873 COMPATIBLE_IOCTL(PPPIOCSRASYNCMAP)
874 COMPATIBLE_IOCTL(PPPIOCGMRU)
875 COMPATIBLE_IOCTL(PPPIOCSMRU)
876 COMPATIBLE_IOCTL(PPPIOCSMAXCID)
877 COMPATIBLE_IOCTL(PPPIOCGXASYNCMAP)
878 COMPATIBLE_IOCTL(PPPIOCSXASYNCMAP)
879 COMPATIBLE_IOCTL(PPPIOCXFERUNIT)
880 /* PPPIOCSCOMPRESS is translated */
881 COMPATIBLE_IOCTL(PPPIOCGNPMODE)
882 COMPATIBLE_IOCTL(PPPIOCSNPMODE)
883 COMPATIBLE_IOCTL(PPPIOCGDEBUG)
884 COMPATIBLE_IOCTL(PPPIOCSDEBUG)
885 /* PPPIOCSPASS is translated */
886 /* PPPIOCSACTIVE is translated */
887 /* PPPIOCGIDLE is translated */
888 COMPATIBLE_IOCTL(PPPIOCNEWUNIT)
889 COMPATIBLE_IOCTL(PPPIOCATTACH)
890 COMPATIBLE_IOCTL(PPPIOCDETACH)
891 COMPATIBLE_IOCTL(PPPIOCSMRRU)
892 COMPATIBLE_IOCTL(PPPIOCCONNECT)
893 COMPATIBLE_IOCTL(PPPIOCDISCONN)
894 COMPATIBLE_IOCTL(PPPIOCATTCHAN)
895 COMPATIBLE_IOCTL(PPPIOCGCHAN)
896 COMPATIBLE_IOCTL(PPPIOCGL2TPSTATS)
897 /* PPPOX */
898 COMPATIBLE_IOCTL(PPPOEIOCSFWD)
899 COMPATIBLE_IOCTL(PPPOEIOCDFWD)
900 /* Big A */
901 /* sparc only */
902 /* Big Q for sound/OSS */
903 COMPATIBLE_IOCTL(SNDCTL_SEQ_RESET)
904 COMPATIBLE_IOCTL(SNDCTL_SEQ_SYNC)
905 COMPATIBLE_IOCTL(SNDCTL_SYNTH_INFO)
906 COMPATIBLE_IOCTL(SNDCTL_SEQ_CTRLRATE)
907 COMPATIBLE_IOCTL(SNDCTL_SEQ_GETOUTCOUNT)
908 COMPATIBLE_IOCTL(SNDCTL_SEQ_GETINCOUNT)
909 COMPATIBLE_IOCTL(SNDCTL_SEQ_PERCMODE)
910 COMPATIBLE_IOCTL(SNDCTL_FM_LOAD_INSTR)
911 COMPATIBLE_IOCTL(SNDCTL_SEQ_TESTMIDI)
912 COMPATIBLE_IOCTL(SNDCTL_SEQ_RESETSAMPLES)
913 COMPATIBLE_IOCTL(SNDCTL_SEQ_NRSYNTHS)
914 COMPATIBLE_IOCTL(SNDCTL_SEQ_NRMIDIS)
915 COMPATIBLE_IOCTL(SNDCTL_MIDI_INFO)
916 COMPATIBLE_IOCTL(SNDCTL_SEQ_THRESHOLD)
917 COMPATIBLE_IOCTL(SNDCTL_SYNTH_MEMAVL)
918 COMPATIBLE_IOCTL(SNDCTL_FM_4OP_ENABLE)
919 COMPATIBLE_IOCTL(SNDCTL_SEQ_PANIC)
920 COMPATIBLE_IOCTL(SNDCTL_SEQ_OUTOFBAND)
921 COMPATIBLE_IOCTL(SNDCTL_SEQ_GETTIME)
922 COMPATIBLE_IOCTL(SNDCTL_SYNTH_ID)
923 COMPATIBLE_IOCTL(SNDCTL_SYNTH_CONTROL)
924 COMPATIBLE_IOCTL(SNDCTL_SYNTH_REMOVESAMPLE)
925 /* Big T for sound/OSS */
926 COMPATIBLE_IOCTL(SNDCTL_TMR_TIMEBASE)
927 COMPATIBLE_IOCTL(SNDCTL_TMR_START)
928 COMPATIBLE_IOCTL(SNDCTL_TMR_STOP)
929 COMPATIBLE_IOCTL(SNDCTL_TMR_CONTINUE)
930 COMPATIBLE_IOCTL(SNDCTL_TMR_TEMPO)
931 COMPATIBLE_IOCTL(SNDCTL_TMR_SOURCE)
932 COMPATIBLE_IOCTL(SNDCTL_TMR_METRONOME)
933 COMPATIBLE_IOCTL(SNDCTL_TMR_SELECT)
934 /* Little m for sound/OSS */
935 COMPATIBLE_IOCTL(SNDCTL_MIDI_PRETIME)
936 COMPATIBLE_IOCTL(SNDCTL_MIDI_MPUMODE)
937 COMPATIBLE_IOCTL(SNDCTL_MIDI_MPUCMD)
938 /* Big P for sound/OSS */
939 COMPATIBLE_IOCTL(SNDCTL_DSP_RESET)
940 COMPATIBLE_IOCTL(SNDCTL_DSP_SYNC)
941 COMPATIBLE_IOCTL(SNDCTL_DSP_SPEED)
942 COMPATIBLE_IOCTL(SNDCTL_DSP_STEREO)
943 COMPATIBLE_IOCTL(SNDCTL_DSP_GETBLKSIZE)
944 COMPATIBLE_IOCTL(SNDCTL_DSP_CHANNELS)
945 COMPATIBLE_IOCTL(SOUND_PCM_WRITE_FILTER)
946 COMPATIBLE_IOCTL(SNDCTL_DSP_POST)
947 COMPATIBLE_IOCTL(SNDCTL_DSP_SUBDIVIDE)
948 COMPATIBLE_IOCTL(SNDCTL_DSP_SETFRAGMENT)
949 COMPATIBLE_IOCTL(SNDCTL_DSP_GETFMTS)
950 COMPATIBLE_IOCTL(SNDCTL_DSP_SETFMT)
951 COMPATIBLE_IOCTL(SNDCTL_DSP_GETOSPACE)
952 COMPATIBLE_IOCTL(SNDCTL_DSP_GETISPACE)
953 COMPATIBLE_IOCTL(SNDCTL_DSP_NONBLOCK)
954 COMPATIBLE_IOCTL(SNDCTL_DSP_GETCAPS)
955 COMPATIBLE_IOCTL(SNDCTL_DSP_GETTRIGGER)
956 COMPATIBLE_IOCTL(SNDCTL_DSP_SETTRIGGER)
957 COMPATIBLE_IOCTL(SNDCTL_DSP_GETIPTR)
958 COMPATIBLE_IOCTL(SNDCTL_DSP_GETOPTR)
959 /* SNDCTL_DSP_MAPINBUF,  XXX needs translation */
960 /* SNDCTL_DSP_MAPOUTBUF,  XXX needs translation */
961 COMPATIBLE_IOCTL(SNDCTL_DSP_SETSYNCRO)
962 COMPATIBLE_IOCTL(SNDCTL_DSP_SETDUPLEX)
963 COMPATIBLE_IOCTL(SNDCTL_DSP_GETODELAY)
964 COMPATIBLE_IOCTL(SNDCTL_DSP_PROFILE)
965 COMPATIBLE_IOCTL(SOUND_PCM_READ_RATE)
966 COMPATIBLE_IOCTL(SOUND_PCM_READ_CHANNELS)
967 COMPATIBLE_IOCTL(SOUND_PCM_READ_BITS)
968 COMPATIBLE_IOCTL(SOUND_PCM_READ_FILTER)
969 /* Big C for sound/OSS */
970 COMPATIBLE_IOCTL(SNDCTL_COPR_RESET)
971 COMPATIBLE_IOCTL(SNDCTL_COPR_LOAD)
972 COMPATIBLE_IOCTL(SNDCTL_COPR_RDATA)
973 COMPATIBLE_IOCTL(SNDCTL_COPR_RCODE)
974 COMPATIBLE_IOCTL(SNDCTL_COPR_WDATA)
975 COMPATIBLE_IOCTL(SNDCTL_COPR_WCODE)
976 COMPATIBLE_IOCTL(SNDCTL_COPR_RUN)
977 COMPATIBLE_IOCTL(SNDCTL_COPR_HALT)
978 COMPATIBLE_IOCTL(SNDCTL_COPR_SENDMSG)
979 COMPATIBLE_IOCTL(SNDCTL_COPR_RCVMSG)
980 /* Big M for sound/OSS */
981 COMPATIBLE_IOCTL(SOUND_MIXER_READ_VOLUME)
982 COMPATIBLE_IOCTL(SOUND_MIXER_READ_BASS)
983 COMPATIBLE_IOCTL(SOUND_MIXER_READ_TREBLE)
984 COMPATIBLE_IOCTL(SOUND_MIXER_READ_SYNTH)
985 COMPATIBLE_IOCTL(SOUND_MIXER_READ_PCM)
986 COMPATIBLE_IOCTL(SOUND_MIXER_READ_SPEAKER)
987 COMPATIBLE_IOCTL(SOUND_MIXER_READ_LINE)
988 COMPATIBLE_IOCTL(SOUND_MIXER_READ_MIC)
989 COMPATIBLE_IOCTL(SOUND_MIXER_READ_CD)
990 COMPATIBLE_IOCTL(SOUND_MIXER_READ_IMIX)
991 COMPATIBLE_IOCTL(SOUND_MIXER_READ_ALTPCM)
992 COMPATIBLE_IOCTL(SOUND_MIXER_READ_RECLEV)
993 COMPATIBLE_IOCTL(SOUND_MIXER_READ_IGAIN)
994 COMPATIBLE_IOCTL(SOUND_MIXER_READ_OGAIN)
995 COMPATIBLE_IOCTL(SOUND_MIXER_READ_LINE1)
996 COMPATIBLE_IOCTL(SOUND_MIXER_READ_LINE2)
997 COMPATIBLE_IOCTL(SOUND_MIXER_READ_LINE3)
998 COMPATIBLE_IOCTL(MIXER_READ(SOUND_MIXER_DIGITAL1))
999 COMPATIBLE_IOCTL(MIXER_READ(SOUND_MIXER_DIGITAL2))
1000 COMPATIBLE_IOCTL(MIXER_READ(SOUND_MIXER_DIGITAL3))
1001 COMPATIBLE_IOCTL(MIXER_READ(SOUND_MIXER_PHONEIN))
1002 COMPATIBLE_IOCTL(MIXER_READ(SOUND_MIXER_PHONEOUT))
1003 COMPATIBLE_IOCTL(MIXER_READ(SOUND_MIXER_VIDEO))
1004 COMPATIBLE_IOCTL(MIXER_READ(SOUND_MIXER_RADIO))
1005 COMPATIBLE_IOCTL(MIXER_READ(SOUND_MIXER_MONITOR))
1006 COMPATIBLE_IOCTL(SOUND_MIXER_READ_MUTE)
1007 /* SOUND_MIXER_READ_ENHANCE,  same value as READ_MUTE */
1008 /* SOUND_MIXER_READ_LOUD,  same value as READ_MUTE */
1009 COMPATIBLE_IOCTL(SOUND_MIXER_READ_RECSRC)
1010 COMPATIBLE_IOCTL(SOUND_MIXER_READ_DEVMASK)
1011 COMPATIBLE_IOCTL(SOUND_MIXER_READ_RECMASK)
1012 COMPATIBLE_IOCTL(SOUND_MIXER_READ_STEREODEVS)
1013 COMPATIBLE_IOCTL(SOUND_MIXER_READ_CAPS)
1014 COMPATIBLE_IOCTL(SOUND_MIXER_WRITE_VOLUME)
1015 COMPATIBLE_IOCTL(SOUND_MIXER_WRITE_BASS)
1016 COMPATIBLE_IOCTL(SOUND_MIXER_WRITE_TREBLE)
1017 COMPATIBLE_IOCTL(SOUND_MIXER_WRITE_SYNTH)
1018 COMPATIBLE_IOCTL(SOUND_MIXER_WRITE_PCM)
1019 COMPATIBLE_IOCTL(SOUND_MIXER_WRITE_SPEAKER)
1020 COMPATIBLE_IOCTL(SOUND_MIXER_WRITE_LINE)
1021 COMPATIBLE_IOCTL(SOUND_MIXER_WRITE_MIC)
1022 COMPATIBLE_IOCTL(SOUND_MIXER_WRITE_CD)
1023 COMPATIBLE_IOCTL(SOUND_MIXER_WRITE_IMIX)
1024 COMPATIBLE_IOCTL(SOUND_MIXER_WRITE_ALTPCM)
1025 COMPATIBLE_IOCTL(SOUND_MIXER_WRITE_RECLEV)
1026 COMPATIBLE_IOCTL(SOUND_MIXER_WRITE_IGAIN)
1027 COMPATIBLE_IOCTL(SOUND_MIXER_WRITE_OGAIN)
1028 COMPATIBLE_IOCTL(SOUND_MIXER_WRITE_LINE1)
1029 COMPATIBLE_IOCTL(SOUND_MIXER_WRITE_LINE2)
1030 COMPATIBLE_IOCTL(SOUND_MIXER_WRITE_LINE3)
1031 COMPATIBLE_IOCTL(MIXER_WRITE(SOUND_MIXER_DIGITAL1))
1032 COMPATIBLE_IOCTL(MIXER_WRITE(SOUND_MIXER_DIGITAL2))
1033 COMPATIBLE_IOCTL(MIXER_WRITE(SOUND_MIXER_DIGITAL3))
1034 COMPATIBLE_IOCTL(MIXER_WRITE(SOUND_MIXER_PHONEIN))
1035 COMPATIBLE_IOCTL(MIXER_WRITE(SOUND_MIXER_PHONEOUT))
1036 COMPATIBLE_IOCTL(MIXER_WRITE(SOUND_MIXER_VIDEO))
1037 COMPATIBLE_IOCTL(MIXER_WRITE(SOUND_MIXER_RADIO))
1038 COMPATIBLE_IOCTL(MIXER_WRITE(SOUND_MIXER_MONITOR))
1039 COMPATIBLE_IOCTL(SOUND_MIXER_WRITE_MUTE)
1040 /* SOUND_MIXER_WRITE_ENHANCE,  same value as WRITE_MUTE */
1041 /* SOUND_MIXER_WRITE_LOUD,  same value as WRITE_MUTE */
1042 COMPATIBLE_IOCTL(SOUND_MIXER_WRITE_RECSRC)
1043 COMPATIBLE_IOCTL(SOUND_MIXER_INFO)
1044 COMPATIBLE_IOCTL(SOUND_OLD_MIXER_INFO)
1045 COMPATIBLE_IOCTL(SOUND_MIXER_ACCESS)
1046 COMPATIBLE_IOCTL(SOUND_MIXER_AGC)
1047 COMPATIBLE_IOCTL(SOUND_MIXER_3DSE)
1048 COMPATIBLE_IOCTL(SOUND_MIXER_PRIVATE1)
1049 COMPATIBLE_IOCTL(SOUND_MIXER_PRIVATE2)
1050 COMPATIBLE_IOCTL(SOUND_MIXER_PRIVATE3)
1051 COMPATIBLE_IOCTL(SOUND_MIXER_PRIVATE4)
1052 COMPATIBLE_IOCTL(SOUND_MIXER_PRIVATE5)
1053 COMPATIBLE_IOCTL(SOUND_MIXER_GETLEVELS)
1054 COMPATIBLE_IOCTL(SOUND_MIXER_SETLEVELS)
1055 COMPATIBLE_IOCTL(OSS_GETVERSION)
1056 /* Raw devices */
1057 COMPATIBLE_IOCTL(RAW_SETBIND)
1058 COMPATIBLE_IOCTL(RAW_GETBIND)
1059 /* Watchdog */
1060 COMPATIBLE_IOCTL(WDIOC_GETSUPPORT)
1061 COMPATIBLE_IOCTL(WDIOC_GETSTATUS)
1062 COMPATIBLE_IOCTL(WDIOC_GETBOOTSTATUS)
1063 COMPATIBLE_IOCTL(WDIOC_GETTEMP)
1064 COMPATIBLE_IOCTL(WDIOC_SETOPTIONS)
1065 COMPATIBLE_IOCTL(WDIOC_KEEPALIVE)
1066 COMPATIBLE_IOCTL(WDIOC_SETTIMEOUT)
1067 COMPATIBLE_IOCTL(WDIOC_GETTIMEOUT)
1068 COMPATIBLE_IOCTL(WDIOC_SETPRETIMEOUT)
1069 COMPATIBLE_IOCTL(WDIOC_GETPRETIMEOUT)
1070 /* Big R */
1071 COMPATIBLE_IOCTL(RNDGETENTCNT)
1072 COMPATIBLE_IOCTL(RNDADDTOENTCNT)
1073 COMPATIBLE_IOCTL(RNDGETPOOL)
1074 COMPATIBLE_IOCTL(RNDADDENTROPY)
1075 COMPATIBLE_IOCTL(RNDZAPENTCNT)
1076 COMPATIBLE_IOCTL(RNDCLEARPOOL)
1077 /* Bluetooth */
1078 COMPATIBLE_IOCTL(HCIDEVUP)
1079 COMPATIBLE_IOCTL(HCIDEVDOWN)
1080 COMPATIBLE_IOCTL(HCIDEVRESET)
1081 COMPATIBLE_IOCTL(HCIDEVRESTAT)
1082 COMPATIBLE_IOCTL(HCIGETDEVLIST)
1083 COMPATIBLE_IOCTL(HCIGETDEVINFO)
1084 COMPATIBLE_IOCTL(HCIGETCONNLIST)
1085 COMPATIBLE_IOCTL(HCIGETCONNINFO)
1086 COMPATIBLE_IOCTL(HCIGETAUTHINFO)
1087 COMPATIBLE_IOCTL(HCISETRAW)
1088 COMPATIBLE_IOCTL(HCISETSCAN)
1089 COMPATIBLE_IOCTL(HCISETAUTH)
1090 COMPATIBLE_IOCTL(HCISETENCRYPT)
1091 COMPATIBLE_IOCTL(HCISETPTYPE)
1092 COMPATIBLE_IOCTL(HCISETLINKPOL)
1093 COMPATIBLE_IOCTL(HCISETLINKMODE)
1094 COMPATIBLE_IOCTL(HCISETACLMTU)
1095 COMPATIBLE_IOCTL(HCISETSCOMTU)
1096 COMPATIBLE_IOCTL(HCIBLOCKADDR)
1097 COMPATIBLE_IOCTL(HCIUNBLOCKADDR)
1098 COMPATIBLE_IOCTL(HCIINQUIRY)
1099 COMPATIBLE_IOCTL(HCIUARTSETPROTO)
1100 COMPATIBLE_IOCTL(HCIUARTGETPROTO)
1101 COMPATIBLE_IOCTL(HCIUARTGETDEVICE)
1102 COMPATIBLE_IOCTL(HCIUARTSETFLAGS)
1103 COMPATIBLE_IOCTL(HCIUARTGETFLAGS)
1104 COMPATIBLE_IOCTL(RFCOMMCREATEDEV)
1105 COMPATIBLE_IOCTL(RFCOMMRELEASEDEV)
1106 COMPATIBLE_IOCTL(RFCOMMGETDEVLIST)
1107 COMPATIBLE_IOCTL(RFCOMMGETDEVINFO)
1108 COMPATIBLE_IOCTL(RFCOMMSTEALDLC)
1109 COMPATIBLE_IOCTL(BNEPCONNADD)
1110 COMPATIBLE_IOCTL(BNEPCONNDEL)
1111 COMPATIBLE_IOCTL(BNEPGETCONNLIST)
1112 COMPATIBLE_IOCTL(BNEPGETCONNINFO)
1113 COMPATIBLE_IOCTL(BNEPGETSUPPFEAT)
1114 COMPATIBLE_IOCTL(CMTPCONNADD)
1115 COMPATIBLE_IOCTL(CMTPCONNDEL)
1116 COMPATIBLE_IOCTL(CMTPGETCONNLIST)
1117 COMPATIBLE_IOCTL(CMTPGETCONNINFO)
1118 COMPATIBLE_IOCTL(HIDPCONNADD)
1119 COMPATIBLE_IOCTL(HIDPCONNDEL)
1120 COMPATIBLE_IOCTL(HIDPGETCONNLIST)
1121 COMPATIBLE_IOCTL(HIDPGETCONNINFO)
1122 /* CAPI */
1123 COMPATIBLE_IOCTL(CAPI_REGISTER)
1124 COMPATIBLE_IOCTL(CAPI_GET_MANUFACTURER)
1125 COMPATIBLE_IOCTL(CAPI_GET_VERSION)
1126 COMPATIBLE_IOCTL(CAPI_GET_SERIAL)
1127 COMPATIBLE_IOCTL(CAPI_GET_PROFILE)
1128 COMPATIBLE_IOCTL(CAPI_MANUFACTURER_CMD)
1129 COMPATIBLE_IOCTL(CAPI_GET_ERRCODE)
1130 COMPATIBLE_IOCTL(CAPI_INSTALLED)
1131 COMPATIBLE_IOCTL(CAPI_GET_FLAGS)
1132 COMPATIBLE_IOCTL(CAPI_SET_FLAGS)
1133 COMPATIBLE_IOCTL(CAPI_CLR_FLAGS)
1134 COMPATIBLE_IOCTL(CAPI_NCCI_OPENCOUNT)
1135 COMPATIBLE_IOCTL(CAPI_NCCI_GETUNIT)
1136 /* Siemens Gigaset */
1137 COMPATIBLE_IOCTL(GIGASET_REDIR)
1138 COMPATIBLE_IOCTL(GIGASET_CONFIG)
1139 COMPATIBLE_IOCTL(GIGASET_BRKCHARS)
1140 COMPATIBLE_IOCTL(GIGASET_VERSION)
1141 /* Misc. */
1142 COMPATIBLE_IOCTL(0x41545900)		/* ATYIO_CLKR */
1143 COMPATIBLE_IOCTL(0x41545901)		/* ATYIO_CLKW */
1144 COMPATIBLE_IOCTL(PCIIOC_CONTROLLER)
1145 COMPATIBLE_IOCTL(PCIIOC_MMAP_IS_IO)
1146 COMPATIBLE_IOCTL(PCIIOC_MMAP_IS_MEM)
1147 COMPATIBLE_IOCTL(PCIIOC_WRITE_COMBINE)
1148 /* hiddev */
1149 COMPATIBLE_IOCTL(HIDIOCGVERSION)
1150 COMPATIBLE_IOCTL(HIDIOCAPPLICATION)
1151 COMPATIBLE_IOCTL(HIDIOCGDEVINFO)
1152 COMPATIBLE_IOCTL(HIDIOCGSTRING)
1153 COMPATIBLE_IOCTL(HIDIOCINITREPORT)
1154 COMPATIBLE_IOCTL(HIDIOCGREPORT)
1155 COMPATIBLE_IOCTL(HIDIOCSREPORT)
1156 COMPATIBLE_IOCTL(HIDIOCGREPORTINFO)
1157 COMPATIBLE_IOCTL(HIDIOCGFIELDINFO)
1158 COMPATIBLE_IOCTL(HIDIOCGUSAGE)
1159 COMPATIBLE_IOCTL(HIDIOCSUSAGE)
1160 COMPATIBLE_IOCTL(HIDIOCGUCODE)
1161 COMPATIBLE_IOCTL(HIDIOCGFLAG)
1162 COMPATIBLE_IOCTL(HIDIOCSFLAG)
1163 COMPATIBLE_IOCTL(HIDIOCGCOLLECTIONINDEX)
1164 COMPATIBLE_IOCTL(HIDIOCGCOLLECTIONINFO)
1165 /* dvb */
1166 COMPATIBLE_IOCTL(AUDIO_STOP)
1167 COMPATIBLE_IOCTL(AUDIO_PLAY)
1168 COMPATIBLE_IOCTL(AUDIO_PAUSE)
1169 COMPATIBLE_IOCTL(AUDIO_CONTINUE)
1170 COMPATIBLE_IOCTL(AUDIO_SELECT_SOURCE)
1171 COMPATIBLE_IOCTL(AUDIO_SET_MUTE)
1172 COMPATIBLE_IOCTL(AUDIO_SET_AV_SYNC)
1173 COMPATIBLE_IOCTL(AUDIO_SET_BYPASS_MODE)
1174 COMPATIBLE_IOCTL(AUDIO_CHANNEL_SELECT)
1175 COMPATIBLE_IOCTL(AUDIO_GET_STATUS)
1176 COMPATIBLE_IOCTL(AUDIO_GET_CAPABILITIES)
1177 COMPATIBLE_IOCTL(AUDIO_CLEAR_BUFFER)
1178 COMPATIBLE_IOCTL(AUDIO_SET_ID)
1179 COMPATIBLE_IOCTL(AUDIO_SET_MIXER)
1180 COMPATIBLE_IOCTL(AUDIO_SET_STREAMTYPE)
1181 COMPATIBLE_IOCTL(DMX_START)
1182 COMPATIBLE_IOCTL(DMX_STOP)
1183 COMPATIBLE_IOCTL(DMX_SET_FILTER)
1184 COMPATIBLE_IOCTL(DMX_SET_PES_FILTER)
1185 COMPATIBLE_IOCTL(DMX_SET_BUFFER_SIZE)
1186 COMPATIBLE_IOCTL(DMX_GET_PES_PIDS)
1187 COMPATIBLE_IOCTL(DMX_GET_STC)
1188 COMPATIBLE_IOCTL(DMX_REQBUFS)
1189 COMPATIBLE_IOCTL(DMX_QUERYBUF)
1190 COMPATIBLE_IOCTL(DMX_EXPBUF)
1191 COMPATIBLE_IOCTL(DMX_QBUF)
1192 COMPATIBLE_IOCTL(DMX_DQBUF)
1193 COMPATIBLE_IOCTL(VIDEO_STOP)
1194 COMPATIBLE_IOCTL(VIDEO_PLAY)
1195 COMPATIBLE_IOCTL(VIDEO_FREEZE)
1196 COMPATIBLE_IOCTL(VIDEO_CONTINUE)
1197 COMPATIBLE_IOCTL(VIDEO_SELECT_SOURCE)
1198 COMPATIBLE_IOCTL(VIDEO_SET_BLANK)
1199 COMPATIBLE_IOCTL(VIDEO_GET_STATUS)
1200 COMPATIBLE_IOCTL(VIDEO_SET_DISPLAY_FORMAT)
1201 COMPATIBLE_IOCTL(VIDEO_FAST_FORWARD)
1202 COMPATIBLE_IOCTL(VIDEO_SLOWMOTION)
1203 COMPATIBLE_IOCTL(VIDEO_GET_CAPABILITIES)
1204 COMPATIBLE_IOCTL(VIDEO_CLEAR_BUFFER)
1205 COMPATIBLE_IOCTL(VIDEO_SET_STREAMTYPE)
1206 COMPATIBLE_IOCTL(VIDEO_SET_FORMAT)
1207 COMPATIBLE_IOCTL(VIDEO_GET_SIZE)
1208 /* cec */
1209 COMPATIBLE_IOCTL(CEC_ADAP_G_CAPS)
1210 COMPATIBLE_IOCTL(CEC_ADAP_G_LOG_ADDRS)
1211 COMPATIBLE_IOCTL(CEC_ADAP_S_LOG_ADDRS)
1212 COMPATIBLE_IOCTL(CEC_ADAP_G_PHYS_ADDR)
1213 COMPATIBLE_IOCTL(CEC_ADAP_S_PHYS_ADDR)
1214 COMPATIBLE_IOCTL(CEC_G_MODE)
1215 COMPATIBLE_IOCTL(CEC_S_MODE)
1216 COMPATIBLE_IOCTL(CEC_TRANSMIT)
1217 COMPATIBLE_IOCTL(CEC_RECEIVE)
1218 COMPATIBLE_IOCTL(CEC_DQEVENT)
1219 
1220 /* joystick */
1221 COMPATIBLE_IOCTL(JSIOCGVERSION)
1222 COMPATIBLE_IOCTL(JSIOCGAXES)
1223 COMPATIBLE_IOCTL(JSIOCGBUTTONS)
1224 COMPATIBLE_IOCTL(JSIOCGNAME(0))
1225 
1226 #ifdef TIOCGLTC
1227 COMPATIBLE_IOCTL(TIOCGLTC)
1228 COMPATIBLE_IOCTL(TIOCSLTC)
1229 #endif
1230 #ifdef TIOCSTART
1231 /*
1232  * For these two we have definitions in ioctls.h and/or termios.h on
1233  * some architectures but no actual implemention.  Some applications
1234  * like bash call them if they are defined in the headers, so we provide
1235  * entries here to avoid syslog message spew.
1236  */
1237 COMPATIBLE_IOCTL(TIOCSTART)
1238 COMPATIBLE_IOCTL(TIOCSTOP)
1239 #endif
1240 
1241 /* fat 'r' ioctls. These are handled by fat with ->compat_ioctl,
1242    but we don't want warnings on other file systems. So declare
1243    them as compatible here. */
1244 #define VFAT_IOCTL_READDIR_BOTH32       _IOR('r', 1, struct compat_dirent[2])
1245 #define VFAT_IOCTL_READDIR_SHORT32      _IOR('r', 2, struct compat_dirent[2])
1246 
1247 IGNORE_IOCTL(VFAT_IOCTL_READDIR_BOTH32)
1248 IGNORE_IOCTL(VFAT_IOCTL_READDIR_SHORT32)
1249 
1250 #ifdef CONFIG_SPARC
1251 /* Sparc framebuffers, handled in sbusfb_compat_ioctl() */
1252 IGNORE_IOCTL(FBIOGTYPE)
1253 IGNORE_IOCTL(FBIOSATTR)
1254 IGNORE_IOCTL(FBIOGATTR)
1255 IGNORE_IOCTL(FBIOSVIDEO)
1256 IGNORE_IOCTL(FBIOGVIDEO)
1257 IGNORE_IOCTL(FBIOSCURPOS)
1258 IGNORE_IOCTL(FBIOGCURPOS)
1259 IGNORE_IOCTL(FBIOGCURMAX)
1260 IGNORE_IOCTL(FBIOPUTCMAP32)
1261 IGNORE_IOCTL(FBIOGETCMAP32)
1262 IGNORE_IOCTL(FBIOSCURSOR32)
1263 IGNORE_IOCTL(FBIOGCURSOR32)
1264 #endif
1265 };
1266 
1267 /*
1268  * Convert common ioctl arguments based on their command number
1269  *
1270  * Please do not add any code in here. Instead, implement
1271  * a compat_ioctl operation in the place that handleѕ the
1272  * ioctl for the native case.
1273  */
do_ioctl_trans(unsigned int cmd,unsigned long arg,struct file * file)1274 static long do_ioctl_trans(unsigned int cmd,
1275 		 unsigned long arg, struct file *file)
1276 {
1277 	void __user *argp = compat_ptr(arg);
1278 
1279 	switch (cmd) {
1280 	case PPPIOCGIDLE32:
1281 		return ppp_gidle(file, cmd, argp);
1282 	case PPPIOCSCOMPRESS32:
1283 		return ppp_scompress(file, cmd, argp);
1284 	case PPPIOCSPASS32:
1285 	case PPPIOCSACTIVE32:
1286 		return ppp_sock_fprog_ioctl_trans(file, cmd, argp);
1287 #ifdef CONFIG_BLOCK
1288 	case SG_IO:
1289 		return sg_ioctl_trans(file, cmd, argp);
1290 	case SG_GET_REQUEST_TABLE:
1291 		return sg_grt_trans(file, cmd, argp);
1292 	case MTIOCGET32:
1293 	case MTIOCPOS32:
1294 		return mt_ioctl_trans(file, cmd, argp);
1295 #endif
1296 	/* Serial */
1297 	case TIOCGSERIAL:
1298 	case TIOCSSERIAL:
1299 		return serial_struct_ioctl(file, cmd, argp);
1300 	/* Not implemented in the native kernel */
1301 	case RTC_IRQP_READ32:
1302 	case RTC_IRQP_SET32:
1303 	case RTC_EPOCH_READ32:
1304 	case RTC_EPOCH_SET32:
1305 		return rtc_ioctl(file, cmd, argp);
1306 
1307 	/* dvb */
1308 	case VIDEO_GET_EVENT:
1309 		return do_video_get_event(file, cmd, argp);
1310 	case VIDEO_STILLPICTURE:
1311 		return do_video_stillpicture(file, cmd, argp);
1312 	}
1313 
1314 	/*
1315 	 * These take an integer instead of a pointer as 'arg',
1316 	 * so we must not do a compat_ptr() translation.
1317 	 */
1318 	switch (cmd) {
1319 	/* Big T */
1320 	case TCSBRKP:
1321 	case TIOCMIWAIT:
1322 	case TIOCSCTTY:
1323 	/* RAID */
1324 	case HOT_REMOVE_DISK:
1325 	case HOT_ADD_DISK:
1326 	case SET_DISK_FAULTY:
1327 	case SET_BITMAP_FILE:
1328 	/* Big K */
1329 	case KDSIGACCEPT:
1330 	case KIOCSOUND:
1331 	case KDMKTONE:
1332 	case KDSETMODE:
1333 	case KDSKBMODE:
1334 	case KDSKBMETA:
1335 	case KDSKBLED:
1336 	case KDSETLED:
1337 		return vfs_ioctl(file, cmd, arg);
1338 	}
1339 
1340 	return -ENOIOCTLCMD;
1341 }
1342 
compat_ioctl_check_table(unsigned int xcmd)1343 static int compat_ioctl_check_table(unsigned int xcmd)
1344 {
1345 	int i;
1346 	const int max = ARRAY_SIZE(ioctl_pointer) - 1;
1347 
1348 	BUILD_BUG_ON(max >= (1 << 16));
1349 
1350 	/* guess initial offset into table, assuming a
1351 	   normalized distribution */
1352 	i = ((xcmd >> 16) * max) >> 16;
1353 
1354 	/* do linear search up first, until greater or equal */
1355 	while (ioctl_pointer[i] < xcmd && i < max)
1356 		i++;
1357 
1358 	/* then do linear search down */
1359 	while (ioctl_pointer[i] > xcmd && i > 0)
1360 		i--;
1361 
1362 	return ioctl_pointer[i] == xcmd;
1363 }
1364 
COMPAT_SYSCALL_DEFINE3(ioctl,unsigned int,fd,unsigned int,cmd,compat_ulong_t,arg32)1365 COMPAT_SYSCALL_DEFINE3(ioctl, unsigned int, fd, unsigned int, cmd,
1366 		       compat_ulong_t, arg32)
1367 {
1368 	unsigned long arg = arg32;
1369 	struct fd f = fdget(fd);
1370 	int error = -EBADF;
1371 	if (!f.file)
1372 		goto out;
1373 
1374 	/* RED-PEN how should LSM module know it's handling 32bit? */
1375 	error = security_file_ioctl(f.file, cmd, arg);
1376 	if (error)
1377 		goto out_fput;
1378 
1379 	/*
1380 	 * To allow the compat_ioctl handlers to be self contained
1381 	 * we need to check the common ioctls here first.
1382 	 * Just handle them with the standard handlers below.
1383 	 */
1384 	switch (cmd) {
1385 	case FIOCLEX:
1386 	case FIONCLEX:
1387 	case FIONBIO:
1388 	case FIOASYNC:
1389 	case FIOQSIZE:
1390 		break;
1391 
1392 #if defined(CONFIG_IA64) || defined(CONFIG_X86_64)
1393 	case FS_IOC_RESVSP_32:
1394 	case FS_IOC_RESVSP64_32:
1395 		error = compat_ioctl_preallocate(f.file, compat_ptr(arg));
1396 		goto out_fput;
1397 #else
1398 	case FS_IOC_RESVSP:
1399 	case FS_IOC_RESVSP64:
1400 		error = ioctl_preallocate(f.file, compat_ptr(arg));
1401 		goto out_fput;
1402 #endif
1403 
1404 	case FICLONE:
1405 	case FICLONERANGE:
1406 	case FIDEDUPERANGE:
1407 	case FS_IOC_FIEMAP:
1408 		goto do_ioctl;
1409 
1410 	case FIBMAP:
1411 	case FIGETBSZ:
1412 	case FIONREAD:
1413 		if (S_ISREG(file_inode(f.file)->i_mode))
1414 			break;
1415 		/*FALL THROUGH*/
1416 
1417 	default:
1418 		if (f.file->f_op->compat_ioctl) {
1419 			error = f.file->f_op->compat_ioctl(f.file, cmd, arg);
1420 			if (error != -ENOIOCTLCMD)
1421 				goto out_fput;
1422 		}
1423 
1424 		if (!f.file->f_op->unlocked_ioctl)
1425 			goto do_ioctl;
1426 		break;
1427 	}
1428 
1429 	if (compat_ioctl_check_table(XFORM(cmd)))
1430 		goto found_handler;
1431 
1432 	error = do_ioctl_trans(cmd, arg, f.file);
1433 	if (error == -ENOIOCTLCMD)
1434 		error = -ENOTTY;
1435 
1436 	goto out_fput;
1437 
1438  found_handler:
1439 	arg = (unsigned long)compat_ptr(arg);
1440  do_ioctl:
1441 	error = do_vfs_ioctl(f.file, fd, cmd, arg);
1442  out_fput:
1443 	fdput(f);
1444  out:
1445 	return error;
1446 }
1447 
init_sys32_ioctl_cmp(const void * p,const void * q)1448 static int __init init_sys32_ioctl_cmp(const void *p, const void *q)
1449 {
1450 	unsigned int a, b;
1451 	a = *(unsigned int *)p;
1452 	b = *(unsigned int *)q;
1453 	if (a > b)
1454 		return 1;
1455 	if (a < b)
1456 		return -1;
1457 	return 0;
1458 }
1459 
init_sys32_ioctl(void)1460 static int __init init_sys32_ioctl(void)
1461 {
1462 	sort(ioctl_pointer, ARRAY_SIZE(ioctl_pointer), sizeof(*ioctl_pointer),
1463 		init_sys32_ioctl_cmp, NULL);
1464 	return 0;
1465 }
1466 __initcall(init_sys32_ioctl);
1467