]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blame - fs/compat_ioctl.c
projects / mirror_ubuntu-artful-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[PATCH] BLOCK: Remove no-longer necessary linux/buffer_head.h inclusions [try #6]
[mirror_ubuntu-artful-kernel.git] / fs / compat_ioctl.c
CommitLineData
1da177e4
LT		 1/*
2 * ioctl32.c: Conversion between 32bit and 64bit native ioctls.
3 *
4 * Copyright (C) 1997-2000 Jakub Jelinek (jakub@redhat.com)
5 * Copyright (C) 1998 Eddie C. Dost (ecd@skynet.be)
6 * Copyright (C) 2001,2002 Andi Kleen, SuSE Labs
7 * Copyright (C) 2003 Pavel Machek (pavel@suse.cz)
8 *
9 * These routines maintain argument size conversion between 32bit and 64bit
10 * ioctls.
11 */
12
1da177e4
LT		 13#include <linux/types.h>
14#include <linux/compat.h>
15#include <linux/kernel.h>
16f7e0fe 16#include <linux/capability.h>
1da177e4
LT		 17#include <linux/compiler.h>
18#include <linux/sched.h>
19#include <linux/smp.h>
20#include <linux/smp_lock.h>
21#include <linux/ioctl.h>
22#include <linux/if.h>
23#include <linux/if_bridge.h>
24#include <linux/slab.h>
25#include <linux/hdreg.h>
26#include <linux/raid/md.h>
27#include <linux/kd.h>
28#include <linux/dirent.h>
29#include <linux/route.h>
30#include <linux/in6.h>
31#include <linux/ipv6_route.h>
32#include <linux/skbuff.h>
33#include <linux/netlink.h>
34#include <linux/vt.h>
35#include <linux/fs.h>
36#include <linux/file.h>
37#include <linux/fd.h>
38#include <linux/ppp_defs.h>
39#include <linux/if_ppp.h>
40#include <linux/if_pppox.h>
41#include <linux/mtio.h>
42#include <linux/cdrom.h>
1da177e4
LT		 43#include <linux/auto_fs.h>
44#include <linux/auto_fs4.h>
1da177e4
LT		 45#include <linux/tty.h>
46#include <linux/vt_kern.h>
47#include <linux/fb.h>
1da177e4
LT		 48#include <linux/videodev.h>
49#include <linux/netdevice.h>
50#include <linux/raw.h>
51#include <linux/smb_fs.h>
52#include <linux/blkpg.h>
53#include <linux/blkdev.h>
54#include <linux/elevator.h>
55#include <linux/rtc.h>
56#include <linux/pci.h>
57#include <linux/module.h>
58#include <linux/serial.h>
1da177e4
LT		 59#include <linux/if_tun.h>
60#include <linux/ctype.h>
61#include <linux/ioctl32.h>
62#include <linux/syscalls.h>
63#include <linux/ncp_fs.h>
64#include <linux/i2c.h>
65#include <linux/i2c-dev.h>
66#include <linux/wireless.h>
67#include <linux/atalk.h>
2056a782 68#include <linux/blktrace_api.h>
1da177e4
LT		 69
70#include <net/sock.h> /* siocdevprivate_ioctl */
71#include <net/bluetooth/bluetooth.h>
72#include <net/bluetooth/hci.h>
73#include <net/bluetooth/rfcomm.h>
74
75#include <linux/capi.h>
5024ad4a 76#include <linux/gigaset_dev.h>
1da177e4
LT		 77
78#include <scsi/scsi.h>
1da177e4 79#include <scsi/scsi_ioctl.h>
1da177e4
LT		 80#include <scsi/sg.h>
81
1da177e4
LT		 82#include <asm/uaccess.h>
83#include <linux/ethtool.h>
84#include <linux/mii.h>
85#include <linux/if_bonding.h>
86#include <linux/watchdog.h>
87#include <linux/dm-ioctl.h>
88
1da177e4
LT		 89#include <linux/soundcard.h>
90#include <linux/lp.h>
91#include <linux/ppdev.h>
92
93#include <linux/atm.h>
94#include <linux/atmarp.h>
95#include <linux/atmclip.h>
96#include <linux/atmdev.h>
97#include <linux/atmioc.h>
98#include <linux/atmlec.h>
99#include <linux/atmmpc.h>
100#include <linux/atmsvc.h>
101#include <linux/atm_tcp.h>
102#include <linux/sonet.h>
103#include <linux/atm_suni.h>
104#include <linux/mtd/mtd.h>
105
106#include <linux/usb.h>
107#include <linux/usbdevice_fs.h>
108#include <linux/nbd.h>
109#include <linux/random.h>
110#include <linux/filter.h>
1da177e4
LT		 111#include <linux/pktcdvd.h>
112
113#include <linux/hiddev.h>
114
6e87abd0
DM		 115#include <linux/dvb/audio.h>
116#include <linux/dvb/dmx.h>
117#include <linux/dvb/frontend.h>
118#include <linux/dvb/video.h>
c6b44d10 119#include <linux/lp.h>
6e87abd0 120
e6a6d2ef
CH		 121static int do_ioctl32_pointer(unsigned int fd, unsigned int cmd,
122 unsigned long arg, struct file *f)
123{
124 return sys_ioctl(fd, cmd, (unsigned long)compat_ptr(arg));
125}
126
1da177e4
LT		 127static int w_long(unsigned int fd, unsigned int cmd, unsigned long arg)
128{
129 mm_segment_t old_fs = get_fs();
130 int err;
131 unsigned long val;
132
133 set_fs (KERNEL_DS);
134 err = sys_ioctl(fd, cmd, (unsigned long)&val);
135 set_fs (old_fs);
136 if (!err && put_user(val, (u32 __user *)compat_ptr(arg)))
137 return -EFAULT;
138 return err;
139}
140
141static int rw_long(unsigned int fd, unsigned int cmd, unsigned long arg)
142{
143 mm_segment_t old_fs = get_fs();
144 u32 __user *argptr = compat_ptr(arg);
145 int err;
146 unsigned long val;
147
148 if(get_user(val, argptr))
149 return -EFAULT;
150 set_fs (KERNEL_DS);
151 err = sys_ioctl(fd, cmd, (unsigned long)&val);
152 set_fs (old_fs);
153 if (!err && put_user(val, argptr))
154 return -EFAULT;
155 return err;
156}
157
6e87abd0
DM		 158struct compat_video_event {
159 int32_t type;
160 compat_time_t timestamp;
161 union {
162 video_size_t size;
163 unsigned int frame_rate;
164 } u;
165};
166
167static int do_video_get_event(unsigned int fd, unsigned int cmd, unsigned long arg)
168{
169 struct video_event kevent;
170 mm_segment_t old_fs = get_fs();
171 int err;
172
173 set_fs(KERNEL_DS);
174 err = sys_ioctl(fd, cmd, (unsigned long) &kevent);
175 set_fs(old_fs);
176
177 if (!err) {
178 struct compat_video_event __user *up = compat_ptr(arg);
179
180 err = put_user(kevent.type, &up->type);
181 err |= put_user(kevent.timestamp, &up->timestamp);
182 err |= put_user(kevent.u.size.w, &up->u.size.w);
183 err |= put_user(kevent.u.size.h, &up->u.size.h);
184 err |= put_user(kevent.u.size.aspect_ratio,
185 &up->u.size.aspect_ratio);
186 if (err)
187 err = -EFAULT;
188 }
189
190 return err;
191}
192
193struct compat_video_still_picture {
194 compat_uptr_t iFrame;
195 int32_t size;
196};
197
198static int do_video_stillpicture(unsigned int fd, unsigned int cmd, unsigned long arg)
199{
200 struct compat_video_still_picture __user *up;
201 struct video_still_picture __user *up_native;
202 compat_uptr_t fp;
203 int32_t size;
204 int err;
205
206 up = (struct compat_video_still_picture __user *) arg;
207 err = get_user(fp, &up->iFrame);
208 err |= get_user(size, &up->size);
209 if (err)
210 return -EFAULT;
211
212 up_native =
213 compat_alloc_user_space(sizeof(struct video_still_picture));
214
215 put_user(compat_ptr(fp), &up_native->iFrame);
216 put_user(size, &up_native->size);
217
218 err = sys_ioctl(fd, cmd, (unsigned long) up_native);
219
220 return err;
221}
222
223struct compat_video_spu_palette {
224 int length;
225 compat_uptr_t palette;
226};
227
228static int do_video_set_spu_palette(unsigned int fd, unsigned int cmd, unsigned long arg)
229{
230 struct compat_video_spu_palette __user *up;
231 struct video_spu_palette __user *up_native;
232 compat_uptr_t palp;
233 int length, err;
234
235 up = (struct compat_video_spu_palette __user *) arg;
236 err = get_user(palp, &up->palette);
237 err |= get_user(length, &up->length);
238
239 up_native = compat_alloc_user_space(sizeof(struct video_spu_palette));
240 put_user(compat_ptr(palp), &up_native->palette);
241 put_user(length, &up_native->length);
242
243 err = sys_ioctl(fd, cmd, (unsigned long) up_native);
244
245 return err;
246}
247
1da177e4
LT		 248#ifdef CONFIG_NET
249static int do_siocgstamp(unsigned int fd, unsigned int cmd, unsigned long arg)
250{
251 struct compat_timeval __user *up = compat_ptr(arg);
252 struct timeval ktv;
253 mm_segment_t old_fs = get_fs();
254 int err;
255
256 set_fs(KERNEL_DS);
257 err = sys_ioctl(fd, cmd, (unsigned long)&ktv);
258 set_fs(old_fs);
259 if(!err) {
260 err = put_user(ktv.tv_sec, &up->tv_sec);
261 err |= __put_user(ktv.tv_usec, &up->tv_usec);
262 }
263 return err;
264}
265
266struct ifmap32 {
267 compat_ulong_t mem_start;
268 compat_ulong_t mem_end;
269 unsigned short base_addr;
270 unsigned char irq;
271 unsigned char dma;
272 unsigned char port;
273};
274
275struct ifreq32 {
276#define IFHWADDRLEN 6
277#define IFNAMSIZ 16
278 union {
279 char ifrn_name[IFNAMSIZ]; /* if name, e.g. "en0" */
280 } ifr_ifrn;
281 union {
282 struct sockaddr ifru_addr;
283 struct sockaddr ifru_dstaddr;
284 struct sockaddr ifru_broadaddr;
285 struct sockaddr ifru_netmask;
286 struct sockaddr ifru_hwaddr;
287 short ifru_flags;
288 compat_int_t ifru_ivalue;
289 compat_int_t ifru_mtu;
290 struct ifmap32 ifru_map;
291 char ifru_slave[IFNAMSIZ]; /* Just fits the size */
292 char ifru_newname[IFNAMSIZ];
293 compat_caddr_t ifru_data;
294 /* XXXX? ifru_settings should be here */
295 } ifr_ifru;
296};
297
298struct ifconf32 {
299 compat_int_t ifc_len; /* size of buffer */
300 compat_caddr_t ifcbuf;
301};
302
303static int dev_ifname32(unsigned int fd, unsigned int cmd, unsigned long arg)
304{
305 struct net_device *dev;
306 struct ifreq32 ifr32;
307 int err;
308
309 if (copy_from_user(&ifr32, compat_ptr(arg), sizeof(ifr32)))
310 return -EFAULT;
311
312 dev = dev_get_by_index(ifr32.ifr_ifindex);
313 if (!dev)
314 return -ENODEV;
315
316 strlcpy(ifr32.ifr_name, dev->name, sizeof(ifr32.ifr_name));
317 dev_put(dev);
318
319 err = copy_to_user(compat_ptr(arg), &ifr32, sizeof(ifr32));
320 return (err ? -EFAULT : 0);
321}
322
323static int dev_ifconf(unsigned int fd, unsigned int cmd, unsigned long arg)
324{
325 struct ifconf32 ifc32;
326 struct ifconf ifc;
327 struct ifconf __user *uifc;
328 struct ifreq32 __user *ifr32;
329 struct ifreq __user *ifr;
330 unsigned int i, j;
331 int err;
332
333 if (copy_from_user(&ifc32, compat_ptr(arg), sizeof(struct ifconf32)))
334 return -EFAULT;
335
336 if (ifc32.ifcbuf == 0) {
337 ifc32.ifc_len = 0;
338 ifc.ifc_len = 0;
339 ifc.ifc_req = NULL;
340 uifc = compat_alloc_user_space(sizeof(struct ifconf));
341 } else {
342 size_t len =((ifc32.ifc_len / sizeof (struct ifreq32)) + 1) *
343 sizeof (struct ifreq);
344 uifc = compat_alloc_user_space(sizeof(struct ifconf) + len);
345 ifc.ifc_len = len;
346 ifr = ifc.ifc_req = (void __user *)(uifc + 1);
347 ifr32 = compat_ptr(ifc32.ifcbuf);
348 for (i = 0; i < ifc32.ifc_len; i += sizeof (struct ifreq32)) {
349 if (copy_in_user(ifr, ifr32, sizeof(struct ifreq32)))
350 return -EFAULT;
351 ifr++;
352 ifr32++;
353 }
354 }
355 if (copy_to_user(uifc, &ifc, sizeof(struct ifconf)))
356 return -EFAULT;
357
358 err = sys_ioctl (fd, SIOCGIFCONF, (unsigned long)uifc);
359 if (err)
360 return err;
361
362 if (copy_from_user(&ifc, uifc, sizeof(struct ifconf)))
363 return -EFAULT;
364
365 ifr = ifc.ifc_req;
366 ifr32 = compat_ptr(ifc32.ifcbuf);
4909724b 367 for (i = 0, j = 0;
1efa3c05 368 i + sizeof (struct ifreq32) <= ifc32.ifc_len && j < ifc.ifc_len;
1da177e4
LT		 369 i += sizeof (struct ifreq32), j += sizeof (struct ifreq)) {
370 if (copy_in_user(ifr32, ifr, sizeof (struct ifreq32)))
371 return -EFAULT;
372 ifr32++;
373 ifr++;
374 }
375
376 if (ifc32.ifcbuf == 0) {
377 /* Translate from 64-bit structure multiple to
378 * a 32-bit one.
379 */
380 i = ifc.ifc_len;
381 i = ((i / sizeof(struct ifreq)) * sizeof(struct ifreq32));
382 ifc32.ifc_len = i;
383 } else {
4909724b 384 ifc32.ifc_len = i;
1da177e4
LT		 385 }
386 if (copy_to_user(compat_ptr(arg), &ifc32, sizeof(struct ifconf32)))
387 return -EFAULT;
388
389 return 0;
390}
391
392static int ethtool_ioctl(unsigned int fd, unsigned int cmd, unsigned long arg)
393{
394 struct ifreq __user *ifr;
395 struct ifreq32 __user *ifr32;
396 u32 data;
397 void __user *datap;
398
399 ifr = compat_alloc_user_space(sizeof(*ifr));
400 ifr32 = compat_ptr(arg);
401
402 if (copy_in_user(&ifr->ifr_name, &ifr32->ifr_name, IFNAMSIZ))
403 return -EFAULT;
404
405 if (get_user(data, &ifr32->ifr_ifru.ifru_data))
406 return -EFAULT;
407
408 datap = compat_ptr(data);
409 if (put_user(datap, &ifr->ifr_ifru.ifru_data))
410 return -EFAULT;
411
412 return sys_ioctl(fd, cmd, (unsigned long) ifr);
413}
414
415static int bond_ioctl(unsigned int fd, unsigned int cmd, unsigned long arg)
416{
417 struct ifreq kifr;
418 struct ifreq __user *uifr;
419 struct ifreq32 __user *ifr32 = compat_ptr(arg);
420 mm_segment_t old_fs;
421 int err;
422 u32 data;
423 void __user *datap;
424
425 switch (cmd) {
426 case SIOCBONDENSLAVE:
427 case SIOCBONDRELEASE:
428 case SIOCBONDSETHWADDR:
429 case SIOCBONDCHANGEACTIVE:
430 if (copy_from_user(&kifr, ifr32, sizeof(struct ifreq32)))
431 return -EFAULT;
432
433 old_fs = get_fs();
434 set_fs (KERNEL_DS);
435 err = sys_ioctl (fd, cmd, (unsigned long)&kifr);
436 set_fs (old_fs);
437
438 return err;
439 case SIOCBONDSLAVEINFOQUERY:
440 case SIOCBONDINFOQUERY:
441 uifr = compat_alloc_user_space(sizeof(*uifr));
442 if (copy_in_user(&uifr->ifr_name, &ifr32->ifr_name, IFNAMSIZ))
443 return -EFAULT;
444
445 if (get_user(data, &ifr32->ifr_ifru.ifru_data))
446 return -EFAULT;
447
448 datap = compat_ptr(data);
449 if (put_user(datap, &uifr->ifr_ifru.ifru_data))
450 return -EFAULT;
451
452 return sys_ioctl (fd, cmd, (unsigned long)uifr);
453 default:
454 return -EINVAL;
455 };
456}
457
458int siocdevprivate_ioctl(unsigned int fd, unsigned int cmd, unsigned long arg)
459{
460 struct ifreq __user *u_ifreq64;
461 struct ifreq32 __user *u_ifreq32 = compat_ptr(arg);
462 char tmp_buf[IFNAMSIZ];
463 void __user *data64;
464 u32 data32;
465
466 if (copy_from_user(&tmp_buf[0], &(u_ifreq32->ifr_ifrn.ifrn_name[0]),
467 IFNAMSIZ))
468 return -EFAULT;
469 if (__get_user(data32, &u_ifreq32->ifr_ifru.ifru_data))
470 return -EFAULT;
471 data64 = compat_ptr(data32);
472
473 u_ifreq64 = compat_alloc_user_space(sizeof(*u_ifreq64));
474
475 /* Don't check these user accesses, just let that get trapped
476 * in the ioctl handler instead.
477 */
478 if (copy_to_user(&u_ifreq64->ifr_ifrn.ifrn_name[0], &tmp_buf[0],
479 IFNAMSIZ))
480 return -EFAULT;
481 if (__put_user(data64, &u_ifreq64->ifr_ifru.ifru_data))
482 return -EFAULT;
483
484 return sys_ioctl(fd, cmd, (unsigned long) u_ifreq64);
485}
486
487static int dev_ifsioc(unsigned int fd, unsigned int cmd, unsigned long arg)
488{
489 struct ifreq ifr;
490 struct ifreq32 __user *uifr32;
491 struct ifmap32 __user *uifmap32;
492 mm_segment_t old_fs;
493 int err;
494
495 uifr32 = compat_ptr(arg);
496 uifmap32 = &uifr32->ifr_ifru.ifru_map;
497 switch (cmd) {
498 case SIOCSIFMAP:
499 err = copy_from_user(&ifr, uifr32, sizeof(ifr.ifr_name));
500 err |= __get_user(ifr.ifr_map.mem_start, &uifmap32->mem_start);
501 err |= __get_user(ifr.ifr_map.mem_end, &uifmap32->mem_end);
502 err |= __get_user(ifr.ifr_map.base_addr, &uifmap32->base_addr);
503 err |= __get_user(ifr.ifr_map.irq, &uifmap32->irq);
504 err |= __get_user(ifr.ifr_map.dma, &uifmap32->dma);
505 err |= __get_user(ifr.ifr_map.port, &uifmap32->port);
506 if (err)
507 return -EFAULT;
508 break;
509 default:
510 if (copy_from_user(&ifr, uifr32, sizeof(*uifr32)))
511 return -EFAULT;
512 break;
513 }
514 old_fs = get_fs();
515 set_fs (KERNEL_DS);
516 err = sys_ioctl (fd, cmd, (unsigned long)&ifr);
517 set_fs (old_fs);
518 if (!err) {
519 switch (cmd) {
520 /* TUNSETIFF is defined as _IOW, it should be _IORW
521 * as the data is copied back to user space, but that
522 * cannot be fixed without breaking all existing apps.
523 */
524 case TUNSETIFF:
525 case SIOCGIFFLAGS:
526 case SIOCGIFMETRIC:
527 case SIOCGIFMTU:
528 case SIOCGIFMEM:
529 case SIOCGIFHWADDR:
530 case SIOCGIFINDEX:
531 case SIOCGIFADDR:
532 case SIOCGIFBRDADDR:
533 case SIOCGIFDSTADDR:
534 case SIOCGIFNETMASK:
535 case SIOCGIFTXQLEN:
536 if (copy_to_user(uifr32, &ifr, sizeof(*uifr32)))
537 return -EFAULT;
538 break;
539 case SIOCGIFMAP:
540 err = copy_to_user(uifr32, &ifr, sizeof(ifr.ifr_name));
541 err |= __put_user(ifr.ifr_map.mem_start, &uifmap32->mem_start);
542 err |= __put_user(ifr.ifr_map.mem_end, &uifmap32->mem_end);
543 err |= __put_user(ifr.ifr_map.base_addr, &uifmap32->base_addr);
544 err |= __put_user(ifr.ifr_map.irq, &uifmap32->irq);
545 err |= __put_user(ifr.ifr_map.dma, &uifmap32->dma);
546 err |= __put_user(ifr.ifr_map.port, &uifmap32->port);
547 if (err)
548 err = -EFAULT;
549 break;
550 }
551 }
552 return err;
553}
554
555struct rtentry32 {
556 u32 rt_pad1;
557 struct sockaddr rt_dst; /* target address */
558 struct sockaddr rt_gateway; /* gateway addr (RTF_GATEWAY) */
559 struct sockaddr rt_genmask; /* target network mask (IP) */
560 unsigned short rt_flags;
561 short rt_pad2;
562 u32 rt_pad3;
563 unsigned char rt_tos;
564 unsigned char rt_class;
565 short rt_pad4;
566 short rt_metric; /* +1 for binary compatibility! */
567 /* char * */ u32 rt_dev; /* forcing the device at add */
568 u32 rt_mtu; /* per route MTU/Window */
569 u32 rt_window; /* Window clamping */
570 unsigned short rt_irtt; /* Initial RTT */
571
572};
573
574struct in6_rtmsg32 {
575 struct in6_addr rtmsg_dst;
576 struct in6_addr rtmsg_src;
577 struct in6_addr rtmsg_gateway;
578 u32 rtmsg_type;
579 u16 rtmsg_dst_len;
580 u16 rtmsg_src_len;
581 u32 rtmsg_metric;
582 u32 rtmsg_info;
583 u32 rtmsg_flags;
584 s32 rtmsg_ifindex;
585};
586
587static int routing_ioctl(unsigned int fd, unsigned int cmd, unsigned long arg)
588{
589 int ret;
590 void *r = NULL;
591 struct in6_rtmsg r6;
592 struct rtentry r4;
593 char devname[16];
594 u32 rtdev;
595 mm_segment_t old_fs = get_fs();
596
597 struct socket *mysock = sockfd_lookup(fd, &ret);
598
599 if (mysock && mysock->sk && mysock->sk->sk_family == AF_INET6) { /* ipv6 */
600 struct in6_rtmsg32 __user *ur6 = compat_ptr(arg);
601 ret = copy_from_user (&r6.rtmsg_dst, &(ur6->rtmsg_dst),
602 3 * sizeof(struct in6_addr));
603 ret |= __get_user (r6.rtmsg_type, &(ur6->rtmsg_type));
604 ret |= __get_user (r6.rtmsg_dst_len, &(ur6->rtmsg_dst_len));
605 ret |= __get_user (r6.rtmsg_src_len, &(ur6->rtmsg_src_len));
606 ret |= __get_user (r6.rtmsg_metric, &(ur6->rtmsg_metric));
607 ret |= __get_user (r6.rtmsg_info, &(ur6->rtmsg_info));
608 ret |= __get_user (r6.rtmsg_flags, &(ur6->rtmsg_flags));
609 ret |= __get_user (r6.rtmsg_ifindex, &(ur6->rtmsg_ifindex));
610
611 r = (void *) &r6;
612 } else { /* ipv4 */
613 struct rtentry32 __user *ur4 = compat_ptr(arg);
614 ret = copy_from_user (&r4.rt_dst, &(ur4->rt_dst),
615 3 * sizeof(struct sockaddr));
616 ret |= __get_user (r4.rt_flags, &(ur4->rt_flags));
617 ret |= __get_user (r4.rt_metric, &(ur4->rt_metric));
618 ret |= __get_user (r4.rt_mtu, &(ur4->rt_mtu));
619 ret |= __get_user (r4.rt_window, &(ur4->rt_window));
620 ret |= __get_user (r4.rt_irtt, &(ur4->rt_irtt));
621 ret |= __get_user (rtdev, &(ur4->rt_dev));
622 if (rtdev) {
623 ret |= copy_from_user (devname, compat_ptr(rtdev), 15);
624 r4.rt_dev = devname; devname[15] = 0;
625 } else
626 r4.rt_dev = NULL;
627
628 r = (void *) &r4;
629 }
630
d99901d6
KK		 631 if (ret) {
632 ret = -EFAULT;
633 goto out;
634 }
1da177e4
LT		 635
636 set_fs (KERNEL_DS);
637 ret = sys_ioctl (fd, cmd, (unsigned long) r);
638 set_fs (old_fs);
639
d99901d6 640out:
1da177e4
LT		 641 if (mysock)
642 sockfd_put(mysock);
643
644 return ret;
645}
646#endif
647
648struct hd_geometry32 {
649 unsigned char heads;
650 unsigned char sectors;
651 unsigned short cylinders;
652 u32 start;
653};
654
655static int hdio_getgeo(unsigned int fd, unsigned int cmd, unsigned long arg)
656{
657 mm_segment_t old_fs = get_fs();
658 struct hd_geometry geo;
659 struct hd_geometry32 __user *ugeo;
660 int err;
661
662 set_fs (KERNEL_DS);
663 err = sys_ioctl(fd, HDIO_GETGEO, (unsigned long)&geo);
664 set_fs (old_fs);
665 ugeo = compat_ptr(arg);
666 if (!err) {
667 err = copy_to_user (ugeo, &geo, 4);
668 err |= __put_user (geo.start, &ugeo->start);
669 }
670 return err ? -EFAULT : 0;
671}
672
1da177e4
LT		 673static int hdio_ioctl_trans(unsigned int fd, unsigned int cmd, unsigned long arg)
674{
675 mm_segment_t old_fs = get_fs();
676 unsigned long kval;
677 unsigned int __user *uvp;
678 int error;
679
680 set_fs(KERNEL_DS);
681 error = sys_ioctl(fd, cmd, (long)&kval);
682 set_fs(old_fs);
683
684 if(error == 0) {
685 uvp = compat_ptr(arg);
686 if(put_user(kval, uvp))
687 error = -EFAULT;
688 }
689 return error;
690}
691
692
693typedef struct sg_io_hdr32 {
694 compat_int_t interface_id; /* [i] 'S' for SCSI generic (required) */
695 compat_int_t dxfer_direction; /* [i] data transfer direction */
696 unsigned char cmd_len; /* [i] SCSI command length ( <= 16 bytes) */
697 unsigned char mx_sb_len; /* [i] max length to write to sbp */
698 unsigned short iovec_count; /* [i] 0 implies no scatter gather */
699 compat_uint_t dxfer_len; /* [i] byte count of data transfer */
700 compat_uint_t dxferp; /* [i], [*io] points to data transfer memory
701 or scatter gather list */
702 compat_uptr_t cmdp; /* [i], [*i] points to command to perform */
703 compat_uptr_t sbp; /* [i], [*o] points to sense_buffer memory */
704 compat_uint_t timeout; /* [i] MAX_UINT->no timeout (unit: millisec) */
705 compat_uint_t flags; /* [i] 0 -> default, see SG_FLAG... */
706 compat_int_t pack_id; /* [i->o] unused internally (normally) */
707 compat_uptr_t usr_ptr; /* [i->o] unused internally */
708 unsigned char status; /* [o] scsi status */
709 unsigned char masked_status; /* [o] shifted, masked scsi status */
710 unsigned char msg_status; /* [o] messaging level data (optional) */
711 unsigned char sb_len_wr; /* [o] byte count actually written to sbp */
712 unsigned short host_status; /* [o] errors from host adapter */
713 unsigned short driver_status; /* [o] errors from software driver */
714 compat_int_t resid; /* [o] dxfer_len - actual_transferred */
715 compat_uint_t duration; /* [o] time taken by cmd (unit: millisec) */
716 compat_uint_t info; /* [o] auxiliary information */
717} sg_io_hdr32_t; /* 64 bytes long (on sparc32) */
718
719typedef struct sg_iovec32 {
720 compat_uint_t iov_base;
721 compat_uint_t iov_len;
722} sg_iovec32_t;
723
724static int sg_build_iovec(sg_io_hdr_t __user *sgio, void __user *dxferp, u16 iovec_count)
725{
726 sg_iovec_t __user *iov = (sg_iovec_t __user *) (sgio + 1);
727 sg_iovec32_t __user *iov32 = dxferp;
728 int i;
729
730 for (i = 0; i < iovec_count; i++) {
731 u32 base, len;
732
733 if (get_user(base, &iov32[i].iov_base) ||
734 get_user(len, &iov32[i].iov_len) ||
735 put_user(compat_ptr(base), &iov[i].iov_base) ||
736 put_user(len, &iov[i].iov_len))
737 return -EFAULT;
738 }
739
740 if (put_user(iov, &sgio->dxferp))
741 return -EFAULT;
742 return 0;
743}
744
745static int sg_ioctl_trans(unsigned int fd, unsigned int cmd, unsigned long arg)
746{
747 sg_io_hdr_t __user *sgio;
748 sg_io_hdr32_t __user *sgio32;
749 u16 iovec_count;
750 u32 data;
751 void __user *dxferp;
752 int err;
753
754 sgio32 = compat_ptr(arg);
755 if (get_user(iovec_count, &sgio32->iovec_count))
756 return -EFAULT;
757
758 {
759 void __user *top = compat_alloc_user_space(0);
760 void __user *new = compat_alloc_user_space(sizeof(sg_io_hdr_t) +
761 (iovec_count * sizeof(sg_iovec_t)));
762 if (new > top)
763 return -EINVAL;
764
765 sgio = new;
766 }
767
768 /* Ok, now construct. */
769 if (copy_in_user(&sgio->interface_id, &sgio32->interface_id,
770 (2 * sizeof(int)) +
771 (2 * sizeof(unsigned char)) +
772 (1 * sizeof(unsigned short)) +
773 (1 * sizeof(unsigned int))))
774 return -EFAULT;
775
776 if (get_user(data, &sgio32->dxferp))
777 return -EFAULT;
778 dxferp = compat_ptr(data);
779 if (iovec_count) {
780 if (sg_build_iovec(sgio, dxferp, iovec_count))
781 return -EFAULT;
782 } else {
783 if (put_user(dxferp, &sgio->dxferp))
784 return -EFAULT;
785 }
786
787 {
788 unsigned char __user *cmdp;
789 unsigned char __user *sbp;
790
791 if (get_user(data, &sgio32->cmdp))
792 return -EFAULT;
793 cmdp = compat_ptr(data);
794
795 if (get_user(data, &sgio32->sbp))
796 return -EFAULT;
797 sbp = compat_ptr(data);
798
799 if (put_user(cmdp, &sgio->cmdp) ||
800 put_user(sbp, &sgio->sbp))
801 return -EFAULT;
802 }
803
804 if (copy_in_user(&sgio->timeout, &sgio32->timeout,
805 3 * sizeof(int)))
806 return -EFAULT;
807
808 if (get_user(data, &sgio32->usr_ptr))
809 return -EFAULT;
810 if (put_user(compat_ptr(data), &sgio->usr_ptr))
811 return -EFAULT;
812
813 if (copy_in_user(&sgio->status, &sgio32->status,
814 (4 * sizeof(unsigned char)) +
815 (2 * sizeof(unsigned (short))) +
816 (3 * sizeof(int))))
817 return -EFAULT;
818
819 err = sys_ioctl(fd, cmd, (unsigned long) sgio);
820
821 if (err >= 0) {
822 void __user *datap;
823
824 if (copy_in_user(&sgio32->pack_id, &sgio->pack_id,
825 sizeof(int)) ||
826 get_user(datap, &sgio->usr_ptr) ||
827 put_user((u32)(unsigned long)datap,
828 &sgio32->usr_ptr) ||
829 copy_in_user(&sgio32->status, &sgio->status,
830 (4 * sizeof(unsigned char)) +
831 (2 * sizeof(unsigned short)) +
832 (3 * sizeof(int))))
833 err = -EFAULT;
834 }
835
836 return err;
837}
838
2966387b
AK		 839struct compat_sg_req_info { /* used by SG_GET_REQUEST_TABLE ioctl() */
840 char req_state;
841 char orphan;
842 char sg_io_owned;
843 char problem;
844 int pack_id;
845 compat_uptr_t usr_ptr;
846 unsigned int duration;
847 int unused;
848};
849
850static int sg_grt_trans(unsigned int fd, unsigned int cmd, unsigned long arg)
851{
852 int err, i;
6b2b4e5a
AV		 853 sg_req_info_t __user *r;
854 struct compat_sg_req_info __user *o = (void __user *)arg;
2966387b
AK		 855 r = compat_alloc_user_space(sizeof(sg_req_info_t)*SG_MAX_QUEUE);
856 err = sys_ioctl(fd,cmd,(unsigned long)r);
857 if (err < 0)
858 return err;
859 for (i = 0; i < SG_MAX_QUEUE; i++) {
860 void __user *ptr;
861 int d;
862
863 if (copy_in_user(o + i, r + i, offsetof(sg_req_info_t, usr_ptr)) ||
864 get_user(ptr, &r[i].usr_ptr) ||
865 get_user(d, &r[i].duration) ||
866 put_user((u32)(unsigned long)(ptr), &o[i].usr_ptr) ||
867 put_user(d, &o[i].duration))
868 return -EFAULT;
869 }
870 return err;
871}
872
1da177e4
LT		 873struct sock_fprog32 {
874 unsigned short len;
875 compat_caddr_t filter;
876};
877
878#define PPPIOCSPASS32 _IOW('t', 71, struct sock_fprog32)
879#define PPPIOCSACTIVE32 _IOW('t', 70, struct sock_fprog32)
880
881static int ppp_sock_fprog_ioctl_trans(unsigned int fd, unsigned int cmd, unsigned long arg)
882{
883 struct sock_fprog32 __user *u_fprog32 = compat_ptr(arg);
884 struct sock_fprog __user *u_fprog64 = compat_alloc_user_space(sizeof(struct sock_fprog));
885 void __user *fptr64;
886 u32 fptr32;
887 u16 flen;
888
889 if (get_user(flen, &u_fprog32->len) ||
890 get_user(fptr32, &u_fprog32->filter))
891 return -EFAULT;
892
893 fptr64 = compat_ptr(fptr32);
894
895 if (put_user(flen, &u_fprog64->len) ||
896 put_user(fptr64, &u_fprog64->filter))
897 return -EFAULT;
898
899 if (cmd == PPPIOCSPASS32)
900 cmd = PPPIOCSPASS;
901 else
902 cmd = PPPIOCSACTIVE;
903
904 return sys_ioctl(fd, cmd, (unsigned long) u_fprog64);
905}
906
907struct ppp_option_data32 {
908 compat_caddr_t ptr;
909 u32 length;
910 compat_int_t transmit;
911};
912#define PPPIOCSCOMPRESS32 _IOW('t', 77, struct ppp_option_data32)
913
914struct ppp_idle32 {
915 compat_time_t xmit_idle;
916 compat_time_t recv_idle;
917};
918#define PPPIOCGIDLE32 _IOR('t', 63, struct ppp_idle32)
919
920static int ppp_gidle(unsigned int fd, unsigned int cmd, unsigned long arg)
921{
922 struct ppp_idle __user *idle;
923 struct ppp_idle32 __user *idle32;
924 __kernel_time_t xmit, recv;
925 int err;
926
927 idle = compat_alloc_user_space(sizeof(*idle));
928 idle32 = compat_ptr(arg);
929
930 err = sys_ioctl(fd, PPPIOCGIDLE, (unsigned long) idle);
931
932 if (!err) {
933 if (get_user(xmit, &idle->xmit_idle) ||
934 get_user(recv, &idle->recv_idle) ||
935 put_user(xmit, &idle32->xmit_idle) ||
936 put_user(recv, &idle32->recv_idle))
937 err = -EFAULT;
938 }
939 return err;
940}
941
942static int ppp_scompress(unsigned int fd, unsigned int cmd, unsigned long arg)
943{
944 struct ppp_option_data __user *odata;
945 struct ppp_option_data32 __user *odata32;
946 __u32 data;
947 void __user *datap;
948
949 odata = compat_alloc_user_space(sizeof(*odata));
950 odata32 = compat_ptr(arg);
951
952 if (get_user(data, &odata32->ptr))
953 return -EFAULT;
954
955 datap = compat_ptr(data);
956 if (put_user(datap, &odata->ptr))
957 return -EFAULT;
958
959 if (copy_in_user(&odata->length, &odata32->length,
960 sizeof(__u32) + sizeof(int)))
961 return -EFAULT;
962
963 return sys_ioctl(fd, PPPIOCSCOMPRESS, (unsigned long) odata);
964}
965
966static int ppp_ioctl_trans(unsigned int fd, unsigned int cmd, unsigned long arg)
967{
968 int err;
969
970 switch (cmd) {
971 case PPPIOCGIDLE32:
972 err = ppp_gidle(fd, cmd, arg);
973 break;
974
975 case PPPIOCSCOMPRESS32:
976 err = ppp_scompress(fd, cmd, arg);
977 break;
978
979 default:
980 do {
981 static int count;
982 if (++count <= 20)
983 printk("ppp_ioctl: Unknown cmd fd(%d) "
984 "cmd(%08x) arg(%08x)\n",
985 (int)fd, (unsigned int)cmd, (unsigned int)arg);
986 } while(0);
987 err = -EINVAL;
988 break;
989 };
990
991 return err;
992}
993
994
995struct mtget32 {
996 compat_long_t mt_type;
997 compat_long_t mt_resid;
998 compat_long_t mt_dsreg;
999 compat_long_t mt_gstat;
1000 compat_long_t mt_erreg;
1001 compat_daddr_t mt_fileno;
1002 compat_daddr_t mt_blkno;
1003};
1004#define MTIOCGET32 _IOR('m', 2, struct mtget32)
1005
1006struct mtpos32 {
1007 compat_long_t mt_blkno;
1008};
1009#define MTIOCPOS32 _IOR('m', 3, struct mtpos32)
1010
1011static int mt_ioctl_trans(unsigned int fd, unsigned int cmd, unsigned long arg)
1012{
1013 mm_segment_t old_fs = get_fs();
1014 struct mtget get;
1015 struct mtget32 __user *umget32;
1016 struct mtpos pos;
1017 struct mtpos32 __user *upos32;
1018 unsigned long kcmd;
1019 void *karg;
1020 int err = 0;
1021
1022 switch(cmd) {
1023 case MTIOCPOS32:
1024 kcmd = MTIOCPOS;
1025 karg = &pos;
1026 break;
1027 case MTIOCGET32:
1028 kcmd = MTIOCGET;
1029 karg = &get;
1030 break;
1031 default:
1032 do {
1033 static int count;
1034 if (++count <= 20)
1035 printk("mt_ioctl: Unknown cmd fd(%d) "
1036 "cmd(%08x) arg(%08x)\n",
1037 (int)fd, (unsigned int)cmd, (unsigned int)arg);
1038 } while(0);
1039 return -EINVAL;
1040 }
1041 set_fs (KERNEL_DS);
1042 err = sys_ioctl (fd, kcmd, (unsigned long)karg);
1043 set_fs (old_fs);
1044 if (err)
1045 return err;
1046 switch (cmd) {
1047 case MTIOCPOS32:
1048 upos32 = compat_ptr(arg);
1049 err = __put_user(pos.mt_blkno, &upos32->mt_blkno);
1050 break;
1051 case MTIOCGET32:
1052 umget32 = compat_ptr(arg);
1053 err = __put_user(get.mt_type, &umget32->mt_type);
1054 err |= __put_user(get.mt_resid, &umget32->mt_resid);
1055 err |= __put_user(get.mt_dsreg, &umget32->mt_dsreg);
1056 err |= __put_user(get.mt_gstat, &umget32->mt_gstat);
1057 err |= __put_user(get.mt_erreg, &umget32->mt_erreg);
1058 err |= __put_user(get.mt_fileno, &umget32->mt_fileno);
1059 err |= __put_user(get.mt_blkno, &umget32->mt_blkno);
1060 break;
1061 }
1062 return err ? -EFAULT: 0;
1063}
1064
1065struct cdrom_read_audio32 {
1066 union cdrom_addr addr;
1067 u8 addr_format;
1068 compat_int_t nframes;
1069 compat_caddr_t buf;
1070};
1071
1072struct cdrom_generic_command32 {
1073 unsigned char cmd[CDROM_PACKET_SIZE];
1074 compat_caddr_t buffer;
1075 compat_uint_t buflen;
1076 compat_int_t stat;
1077 compat_caddr_t sense;
1078 unsigned char data_direction;
1079 compat_int_t quiet;
1080 compat_int_t timeout;
1081 compat_caddr_t reserved[1];
1082};
1083
1084static int cdrom_do_read_audio(unsigned int fd, unsigned int cmd, unsigned long arg)
1085{
1086 struct cdrom_read_audio __user *cdread_audio;
1087 struct cdrom_read_audio32 __user *cdread_audio32;
1088 __u32 data;
1089 void __user *datap;
1090
1091 cdread_audio = compat_alloc_user_space(sizeof(*cdread_audio));
1092 cdread_audio32 = compat_ptr(arg);
1093
1094 if (copy_in_user(&cdread_audio->addr,
1095 &cdread_audio32->addr,
1096 (sizeof(*cdread_audio32) -
1097 sizeof(compat_caddr_t))))
1098 return -EFAULT;
1099
1100 if (get_user(data, &cdread_audio32->buf))
1101 return -EFAULT;
1102 datap = compat_ptr(data);
1103 if (put_user(datap, &cdread_audio->buf))
1104 return -EFAULT;
1105
1106 return sys_ioctl(fd, cmd, (unsigned long) cdread_audio);
1107}
1108
1109static int cdrom_do_generic_command(unsigned int fd, unsigned int cmd, unsigned long arg)
1110{
1111 struct cdrom_generic_command __user *cgc;
1112 struct cdrom_generic_command32 __user *cgc32;
1113 u32 data;
1114 unsigned char dir;
1115 int itmp;
1116
1117 cgc = compat_alloc_user_space(sizeof(*cgc));
1118 cgc32 = compat_ptr(arg);
1119
1120 if (copy_in_user(&cgc->cmd, &cgc32->cmd, sizeof(cgc->cmd)) ||
1121 get_user(data, &cgc32->buffer) ||
1122 put_user(compat_ptr(data), &cgc->buffer) ||
1123 copy_in_user(&cgc->buflen, &cgc32->buflen,
1124 (sizeof(unsigned int) + sizeof(int))) ||
1125 get_user(data, &cgc32->sense) ||
1126 put_user(compat_ptr(data), &cgc->sense) ||
1127 get_user(dir, &cgc32->data_direction) ||
1128 put_user(dir, &cgc->data_direction) ||
1129 get_user(itmp, &cgc32->quiet) ||
1130 put_user(itmp, &cgc->quiet) ||
1131 get_user(itmp, &cgc32->timeout) ||
1132 put_user(itmp, &cgc->timeout) ||
1133 get_user(data, &cgc32->reserved[0]) ||
1134 put_user(compat_ptr(data), &cgc->reserved[0]))
1135 return -EFAULT;
1136
1137 return sys_ioctl(fd, cmd, (unsigned long) cgc);
1138}
1139
1140static int cdrom_ioctl_trans(unsigned int fd, unsigned int cmd, unsigned long arg)
1141{
1142 int err;
1143
1144 switch(cmd) {
1145 case CDROMREADAUDIO:
1146 err = cdrom_do_read_audio(fd, cmd, arg);
1147 break;
1148
1149 case CDROM_SEND_PACKET:
1150 err = cdrom_do_generic_command(fd, cmd, arg);
1151 break;
1152
1153 default:
1154 do {
1155 static int count;
1156 if (++count <= 20)
1157 printk("cdrom_ioctl: Unknown cmd fd(%d) "
1158 "cmd(%08x) arg(%08x)\n",
1159 (int)fd, (unsigned int)cmd, (unsigned int)arg);
1160 } while(0);
1161 err = -EINVAL;
1162 break;
1163 };
1164
1165 return err;
1166}
1167
1da177e4
LT		 1168#ifdef CONFIG_VT
1169
1170static int vt_check(struct file *file)
1171{
1172 struct tty_struct *tty;
1173 struct inode *inode = file->f_dentry->d_inode;
1174
1175 if (file->f_op->ioctl != tty_ioctl)
1176 return -EINVAL;
1177
1178 tty = (struct tty_struct *)file->private_data;
1179 if (tty_paranoia_check(tty, inode, "tty_ioctl"))
1180 return -EINVAL;
1181
1182 if (tty->driver->ioctl != vt_ioctl)
1183 return -EINVAL;
1184
1185 /*
1186 * To have permissions to do most of the vt ioctls, we either have
1187 * to be the owner of the tty, or super-user.
1188 */
1189 if (current->signal->tty == tty || capable(CAP_SYS_ADMIN))
1190 return 1;
1191 return 0;
1192}
1193
1194struct consolefontdesc32 {
1195 unsigned short charcount; /* characters in font (256 or 512) */
1196 unsigned short charheight; /* scan lines per character (1-32) */
1197 compat_caddr_t chardata; /* font data in expanded form */
1198};
1199
1200static int do_fontx_ioctl(unsigned int fd, unsigned int cmd, unsigned long arg, struct file *file)
1201{
1202 struct consolefontdesc32 __user *user_cfd = compat_ptr(arg);
1203 struct console_font_op op;
1204 compat_caddr_t data;
1205 int i, perm;
1206
1207 perm = vt_check(file);
1208 if (perm < 0) return perm;
1209
1210 switch (cmd) {
1211 case PIO_FONTX:
1212 if (!perm)
1213 return -EPERM;
1214 op.op = KD_FONT_OP_SET;
1215 op.flags = 0;
1216 op.width = 8;
1217 if (get_user(op.height, &user_cfd->charheight) ||
1218 get_user(op.charcount, &user_cfd->charcount) ||
1219 get_user(data, &user_cfd->chardata))
1220 return -EFAULT;
1221 op.data = compat_ptr(data);
1222 return con_font_op(vc_cons[fg_console].d, &op);
1223 case GIO_FONTX:
1224 op.op = KD_FONT_OP_GET;
1225 op.flags = 0;
1226 op.width = 8;
1227 if (get_user(op.height, &user_cfd->charheight) ||
1228 get_user(op.charcount, &user_cfd->charcount) ||
1229 get_user(data, &user_cfd->chardata))
1230 return -EFAULT;
1231 if (!data)
1232 return 0;
1233 op.data = compat_ptr(data);
1234 i = con_font_op(vc_cons[fg_console].d, &op);
1235 if (i)
1236 return i;
1237 if (put_user(op.height, &user_cfd->charheight) ||
1238 put_user(op.charcount, &user_cfd->charcount) ||
1239 put_user((compat_caddr_t)(unsigned long)op.data,
1240 &user_cfd->chardata))
1241 return -EFAULT;
1242 return 0;
1243 }
1244 return -EINVAL;
1245}
1246
1247struct console_font_op32 {
1248 compat_uint_t op; /* operation code KD_FONT_OP_* */
1249 compat_uint_t flags; /* KD_FONT_FLAG_* */
1250 compat_uint_t width, height; /* font size */
1251 compat_uint_t charcount;
1252 compat_caddr_t data; /* font data with height fixed to 32 */
1253};
1254
1255static int do_kdfontop_ioctl(unsigned int fd, unsigned int cmd, unsigned long arg, struct file *file)
1256{
1257 struct console_font_op op;
1258 struct console_font_op32 __user *fontop = compat_ptr(arg);
1259 int perm = vt_check(file), i;
1260 struct vc_data *vc;
1261
1262 if (perm < 0) return perm;
1263
1264 if (copy_from_user(&op, fontop, sizeof(struct console_font_op32)))
1265 return -EFAULT;
1266 if (!perm && op.op != KD_FONT_OP_GET)
1267 return -EPERM;
1268 op.data = compat_ptr(((struct console_font_op32 *)&op)->data);
1269 op.flags |= KD_FONT_FLAG_OLD;
1270 vc = ((struct tty_struct *)file->private_data)->driver_data;
1271 i = con_font_op(vc, &op);
1272 if (i)
1273 return i;
1274 ((struct console_font_op32 *)&op)->data = (unsigned long)op.data;
1275 if (copy_to_user(fontop, &op, sizeof(struct console_font_op32)))
1276 return -EFAULT;
1277 return 0;
1278}
1279
1280struct unimapdesc32 {
1281 unsigned short entry_ct;
1282 compat_caddr_t entries;
1283};
1284
1285static int do_unimap_ioctl(unsigned int fd, unsigned int cmd, unsigned long arg, struct file *file)
1286{
1287 struct unimapdesc32 tmp;
1288 struct unimapdesc32 __user *user_ud = compat_ptr(arg);
1289 int perm = vt_check(file);
1290
1291 if (perm < 0) return perm;
1292 if (copy_from_user(&tmp, user_ud, sizeof tmp))
1293 return -EFAULT;
1294 switch (cmd) {
1295 case PIO_UNIMAP:
1296 if (!perm) return -EPERM;
1297 return con_set_unimap(vc_cons[fg_console].d, tmp.entry_ct, compat_ptr(tmp.entries));
1298 case GIO_UNIMAP:
1299 return con_get_unimap(vc_cons[fg_console].d, tmp.entry_ct, &(user_ud->entry_ct), compat_ptr(tmp.entries));
1300 }
1301 return 0;
1302}
1303
1304#endif /* CONFIG_VT */
1305
1306static int do_smb_getmountuid(unsigned int fd, unsigned int cmd, unsigned long arg)
1307{
1308 mm_segment_t old_fs = get_fs();
1309 __kernel_uid_t kuid;
1310 int err;
1311
1312 cmd = SMB_IOC_GETMOUNTUID;
1313
1314 set_fs(KERNEL_DS);
1315 err = sys_ioctl(fd, cmd, (unsigned long)&kuid);
1316 set_fs(old_fs);
1317
1318 if (err >= 0)
1319 err = put_user(kuid, (compat_uid_t __user *)compat_ptr(arg));
1320
1321 return err;
1322}
1323
1324struct atmif_sioc32 {
1325 compat_int_t number;
1326 compat_int_t length;
1327 compat_caddr_t arg;
1328};
1329
1330struct atm_iobuf32 {
1331 compat_int_t length;
1332 compat_caddr_t buffer;
1333};
1334
1335#define ATM_GETLINKRATE32 _IOW('a', ATMIOC_ITF+1, struct atmif_sioc32)
1336#define ATM_GETNAMES32 _IOW('a', ATMIOC_ITF+3, struct atm_iobuf32)
1337#define ATM_GETTYPE32 _IOW('a', ATMIOC_ITF+4, struct atmif_sioc32)
1338#define ATM_GETESI32 _IOW('a', ATMIOC_ITF+5, struct atmif_sioc32)
1339#define ATM_GETADDR32 _IOW('a', ATMIOC_ITF+6, struct atmif_sioc32)
1340#define ATM_RSTADDR32 _IOW('a', ATMIOC_ITF+7, struct atmif_sioc32)
1341#define ATM_ADDADDR32 _IOW('a', ATMIOC_ITF+8, struct atmif_sioc32)
1342#define ATM_DELADDR32 _IOW('a', ATMIOC_ITF+9, struct atmif_sioc32)
1343#define ATM_GETCIRANGE32 _IOW('a', ATMIOC_ITF+10, struct atmif_sioc32)
1344#define ATM_SETCIRANGE32 _IOW('a', ATMIOC_ITF+11, struct atmif_sioc32)
1345#define ATM_SETESI32 _IOW('a', ATMIOC_ITF+12, struct atmif_sioc32)
1346#define ATM_SETESIF32 _IOW('a', ATMIOC_ITF+13, struct atmif_sioc32)
1347#define ATM_GETSTAT32 _IOW('a', ATMIOC_SARCOM+0, struct atmif_sioc32)
1348#define ATM_GETSTATZ32 _IOW('a', ATMIOC_SARCOM+1, struct atmif_sioc32)
1349#define ATM_GETLOOP32 _IOW('a', ATMIOC_SARCOM+2, struct atmif_sioc32)
1350#define ATM_SETLOOP32 _IOW('a', ATMIOC_SARCOM+3, struct atmif_sioc32)
1351#define ATM_QUERYLOOP32 _IOW('a', ATMIOC_SARCOM+4, struct atmif_sioc32)
1352
1353static struct {
1354 unsigned int cmd32;
1355 unsigned int cmd;
1356} atm_ioctl_map[] = {
1357 { ATM_GETLINKRATE32, ATM_GETLINKRATE },
1358 { ATM_GETNAMES32, ATM_GETNAMES },
1359 { ATM_GETTYPE32, ATM_GETTYPE },
1360 { ATM_GETESI32, ATM_GETESI },
1361 { ATM_GETADDR32, ATM_GETADDR },
1362 { ATM_RSTADDR32, ATM_RSTADDR },
1363 { ATM_ADDADDR32, ATM_ADDADDR },
1364 { ATM_DELADDR32, ATM_DELADDR },
1365 { ATM_GETCIRANGE32, ATM_GETCIRANGE },
1366 { ATM_SETCIRANGE32, ATM_SETCIRANGE },
1367 { ATM_SETESI32, ATM_SETESI },
1368 { ATM_SETESIF32, ATM_SETESIF },
1369 { ATM_GETSTAT32, ATM_GETSTAT },
1370 { ATM_GETSTATZ32, ATM_GETSTATZ },
1371 { ATM_GETLOOP32, ATM_GETLOOP },
1372 { ATM_SETLOOP32, ATM_SETLOOP },
1373 { ATM_QUERYLOOP32, ATM_QUERYLOOP }
1374};
1375
e8c96f8c 1376#define NR_ATM_IOCTL ARRAY_SIZE(atm_ioctl_map)
1da177e4
LT		 1377
1378static int do_atm_iobuf(unsigned int fd, unsigned int cmd, unsigned long arg)
1379{
1380 struct atm_iobuf __user *iobuf;
1381 struct atm_iobuf32 __user *iobuf32;
1382 u32 data;
1383 void __user *datap;
1384 int len, err;
1385
1386 iobuf = compat_alloc_user_space(sizeof(*iobuf));
1387 iobuf32 = compat_ptr(arg);
1388
1389 if (get_user(len, &iobuf32->length) ||
1390 get_user(data, &iobuf32->buffer))
1391 return -EFAULT;
1392 datap = compat_ptr(data);
1393 if (put_user(len, &iobuf->length) ||
1394 put_user(datap, &iobuf->buffer))
1395 return -EFAULT;
1396
1397 err = sys_ioctl(fd, cmd, (unsigned long)iobuf);
1398
1399 if (!err) {
1400 if (copy_in_user(&iobuf32->length, &iobuf->length,
1401 sizeof(int)))
1402 err = -EFAULT;
1403 }
1404
1405 return err;
1406}
1407
1408static int do_atmif_sioc(unsigned int fd, unsigned int cmd, unsigned long arg)
1409{
1410 struct atmif_sioc __user *sioc;
1411 struct atmif_sioc32 __user *sioc32;
1412 u32 data;
1413 void __user *datap;
1414 int err;
1415
1416 sioc = compat_alloc_user_space(sizeof(*sioc));
1417 sioc32 = compat_ptr(arg);
1418
1419 if (copy_in_user(&sioc->number, &sioc32->number, 2 * sizeof(int)) ||
1420 get_user(data, &sioc32->arg))
1421 return -EFAULT;
1422 datap = compat_ptr(data);
1423 if (put_user(datap, &sioc->arg))
1424 return -EFAULT;
1425
1426 err = sys_ioctl(fd, cmd, (unsigned long) sioc);
1427
1428 if (!err) {
1429 if (copy_in_user(&sioc32->length, &sioc->length,
1430 sizeof(int)))
1431 err = -EFAULT;
1432 }
1433 return err;
1434}
1435
1436static int do_atm_ioctl(unsigned int fd, unsigned int cmd32, unsigned long arg)
1437{
1438 int i;
1439 unsigned int cmd = 0;
1440
1441 switch (cmd32) {
1442 case SONET_GETSTAT:
1443 case SONET_GETSTATZ:
1444 case SONET_GETDIAG:
1445 case SONET_SETDIAG:
1446 case SONET_CLRDIAG:
1447 case SONET_SETFRAMING:
1448 case SONET_GETFRAMING:
1449 case SONET_GETFRSENSE:
1450 return do_atmif_sioc(fd, cmd32, arg);
1451 }
1452
1453 for (i = 0; i < NR_ATM_IOCTL; i++) {
1454 if (cmd32 == atm_ioctl_map[i].cmd32) {
1455 cmd = atm_ioctl_map[i].cmd;
1456 break;
1457 }
1458 }
1459 if (i == NR_ATM_IOCTL)
1460 return -EINVAL;
1461
1462 switch (cmd) {
1463 case ATM_GETNAMES:
1464 return do_atm_iobuf(fd, cmd, arg);
1465
1466 case ATM_GETLINKRATE:
1467 case ATM_GETTYPE:
1468 case ATM_GETESI:
1469 case ATM_GETADDR:
1470 case ATM_RSTADDR:
1471 case ATM_ADDADDR:
1472 case ATM_DELADDR:
1473 case ATM_GETCIRANGE:
1474 case ATM_SETCIRANGE:
1475 case ATM_SETESI:
1476 case ATM_SETESIF:
1477 case ATM_GETSTAT:
1478 case ATM_GETSTATZ:
1479 case ATM_GETLOOP:
1480 case ATM_SETLOOP:
1481 case ATM_QUERYLOOP:
1482 return do_atmif_sioc(fd, cmd, arg);
1483 }
1484
1485 return -EINVAL;
1486}
1487
1488static __attribute_used__ int
1489ret_einval(unsigned int fd, unsigned int cmd, unsigned long arg)
1490{
1491 return -EINVAL;
1492}
1493
1494static int broken_blkgetsize(unsigned int fd, unsigned int cmd, unsigned long arg)
1495{
1496 /* The mkswap binary hard codes it to Intel value :-((( */
1497 return w_long(fd, BLKGETSIZE, arg);
1498}
1499
1500struct blkpg_ioctl_arg32 {
1501 compat_int_t op;
1502 compat_int_t flags;
1503 compat_int_t datalen;
1504 compat_caddr_t data;
1505};
1506
1507static int blkpg_ioctl_trans(unsigned int fd, unsigned int cmd, unsigned long arg)
1508{
1509 struct blkpg_ioctl_arg32 __user *ua32 = compat_ptr(arg);
1510 struct blkpg_ioctl_arg __user *a = compat_alloc_user_space(sizeof(*a));
1511 compat_caddr_t udata;
1512 compat_int_t n;
1513 int err;
1514
1515 err = get_user(n, &ua32->op);
1516 err |= put_user(n, &a->op);
1517 err |= get_user(n, &ua32->flags);
1518 err |= put_user(n, &a->flags);
1519 err |= get_user(n, &ua32->datalen);
1520 err |= put_user(n, &a->datalen);
1521 err |= get_user(udata, &ua32->data);
1522 err |= put_user(compat_ptr(udata), &a->data);
1523 if (err)
1524 return err;
1525
1526 return sys_ioctl(fd, cmd, (unsigned long)a);
1527}
1528
1529static int ioc_settimeout(unsigned int fd, unsigned int cmd, unsigned long arg)
1530{
1531 return rw_long(fd, AUTOFS_IOC_SETTIMEOUT, arg);
1532}
1533
1534/* Fix sizeof(sizeof()) breakage */
1535#define BLKBSZGET_32 _IOR(0x12,112,int)
1536#define BLKBSZSET_32 _IOW(0x12,113,int)
1537#define BLKGETSIZE64_32 _IOR(0x12,114,int)
1538
1539static int do_blkbszget(unsigned int fd, unsigned int cmd, unsigned long arg)
1540{
1541 return sys_ioctl(fd, BLKBSZGET, (unsigned long)compat_ptr(arg));
1542}
1543
1544static int do_blkbszset(unsigned int fd, unsigned int cmd, unsigned long arg)
1545{
1546 return sys_ioctl(fd, BLKBSZSET, (unsigned long)compat_ptr(arg));
1547}
1548
1549static int do_blkgetsize64(unsigned int fd, unsigned int cmd,
1550 unsigned long arg)
1551{
1552 return sys_ioctl(fd, BLKGETSIZE64, (unsigned long)compat_ptr(arg));
1553}
1554
1555/* Bluetooth ioctls */
1556#define HCIUARTSETPROTO _IOW('U', 200, int)
1557#define HCIUARTGETPROTO _IOR('U', 201, int)
1558
1559#define BNEPCONNADD _IOW('B', 200, int)
1560#define BNEPCONNDEL _IOW('B', 201, int)
1561#define BNEPGETCONNLIST _IOR('B', 210, int)
1562#define BNEPGETCONNINFO _IOR('B', 211, int)
1563
1564#define CMTPCONNADD _IOW('C', 200, int)
1565#define CMTPCONNDEL _IOW('C', 201, int)
1566#define CMTPGETCONNLIST _IOR('C', 210, int)
1567#define CMTPGETCONNINFO _IOR('C', 211, int)
1568
1569#define HIDPCONNADD _IOW('H', 200, int)
1570#define HIDPCONNDEL _IOW('H', 201, int)
1571#define HIDPGETCONNLIST _IOR('H', 210, int)
1572#define HIDPGETCONNINFO _IOR('H', 211, int)
1573
1574struct floppy_struct32 {
1575 compat_uint_t size;
1576 compat_uint_t sect;
1577 compat_uint_t head;
1578 compat_uint_t track;
1579 compat_uint_t stretch;
1580 unsigned char gap;
1581 unsigned char rate;
1582 unsigned char spec1;
1583 unsigned char fmt_gap;
1584 const compat_caddr_t name;
1585};
1586
1587struct floppy_drive_params32 {
1588 char cmos;
1589 compat_ulong_t max_dtr;
1590 compat_ulong_t hlt;
1591 compat_ulong_t hut;
1592 compat_ulong_t srt;
1593 compat_ulong_t spinup;
1594 compat_ulong_t spindown;
1595 unsigned char spindown_offset;
1596 unsigned char select_delay;
1597 unsigned char rps;
1598 unsigned char tracks;
1599 compat_ulong_t timeout;
1600 unsigned char interleave_sect;
1601 struct floppy_max_errors max_errors;
1602 char flags;
1603 char read_track;
1604 short autodetect[8];
1605 compat_int_t checkfreq;
1606 compat_int_t native_format;
1607};
1608
1609struct floppy_drive_struct32 {
1610 signed char flags;
1611 compat_ulong_t spinup_date;
1612 compat_ulong_t select_date;
1613 compat_ulong_t first_read_date;
1614 short probed_format;
1615 short track;
1616 short maxblock;
1617 short maxtrack;
1618 compat_int_t generation;
1619 compat_int_t keep_data;
1620 compat_int_t fd_ref;
1621 compat_int_t fd_device;
1622 compat_int_t last_checked;
1623 compat_caddr_t dmabuf;
1624 compat_int_t bufblocks;
1625};
1626
1627struct floppy_fdc_state32 {
1628 compat_int_t spec1;
1629 compat_int_t spec2;
1630 compat_int_t dtr;
1631 unsigned char version;
1632 unsigned char dor;
1633 compat_ulong_t address;
1634 unsigned int rawcmd:2;
1635 unsigned int reset:1;
1636 unsigned int need_configure:1;
1637 unsigned int perp_mode:2;
1638 unsigned int has_fifo:1;
1639 unsigned int driver_version;
1640 unsigned char track[4];
1641};
1642
1643struct floppy_write_errors32 {
1644 unsigned int write_errors;
1645 compat_ulong_t first_error_sector;
1646 compat_int_t first_error_generation;
1647 compat_ulong_t last_error_sector;
1648 compat_int_t last_error_generation;
1649 compat_uint_t badness;
1650};
1651
1652#define FDSETPRM32 _IOW(2, 0x42, struct floppy_struct32)
1653#define FDDEFPRM32 _IOW(2, 0x43, struct floppy_struct32)
1654#define FDGETPRM32 _IOR(2, 0x04, struct floppy_struct32)
1655#define FDSETDRVPRM32 _IOW(2, 0x90, struct floppy_drive_params32)
1656#define FDGETDRVPRM32 _IOR(2, 0x11, struct floppy_drive_params32)
1657#define FDGETDRVSTAT32 _IOR(2, 0x12, struct floppy_drive_struct32)
1658#define FDPOLLDRVSTAT32 _IOR(2, 0x13, struct floppy_drive_struct32)
1659#define FDGETFDCSTAT32 _IOR(2, 0x15, struct floppy_fdc_state32)
1660#define FDWERRORGET32 _IOR(2, 0x17, struct floppy_write_errors32)
1661
1662static struct {
1663 unsigned int cmd32;
1664 unsigned int cmd;
1665} fd_ioctl_trans_table[] = {
1666 { FDSETPRM32, FDSETPRM },
1667 { FDDEFPRM32, FDDEFPRM },
1668 { FDGETPRM32, FDGETPRM },
1669 { FDSETDRVPRM32, FDSETDRVPRM },
1670 { FDGETDRVPRM32, FDGETDRVPRM },
1671 { FDGETDRVSTAT32, FDGETDRVSTAT },
1672 { FDPOLLDRVSTAT32, FDPOLLDRVSTAT },
1673 { FDGETFDCSTAT32, FDGETFDCSTAT },
1674 { FDWERRORGET32, FDWERRORGET }
1675};
1676
e8c96f8c 1677#define NR_FD_IOCTL_TRANS ARRAY_SIZE(fd_ioctl_trans_table)
1da177e4
LT		 1678
1679static int fd_ioctl_trans(unsigned int fd, unsigned int cmd, unsigned long arg)
1680{
1681 mm_segment_t old_fs = get_fs();
1682 void *karg = NULL;
1683 unsigned int kcmd = 0;
1684 int i, err;
1685
1686 for (i = 0; i < NR_FD_IOCTL_TRANS; i++)
1687 if (cmd == fd_ioctl_trans_table[i].cmd32) {
1688 kcmd = fd_ioctl_trans_table[i].cmd;
1689 break;
1690 }
1691 if (!kcmd)
1692 return -EINVAL;
1693
1694 switch (cmd) {
1695 case FDSETPRM32:
1696 case FDDEFPRM32:
1697 case FDGETPRM32:
1698 {
1699 compat_uptr_t name;
1700 struct floppy_struct32 __user *uf;
1701 struct floppy_struct *f;
1702
1703 uf = compat_ptr(arg);
1704 f = karg = kmalloc(sizeof(struct floppy_struct), GFP_KERNEL);
1705 if (!karg)
1706 return -ENOMEM;
1707 if (cmd == FDGETPRM32)
1708 break;
1709 err = __get_user(f->size, &uf->size);
1710 err |= __get_user(f->sect, &uf->sect);
1711 err |= __get_user(f->head, &uf->head);
1712 err |= __get_user(f->track, &uf->track);
1713 err |= __get_user(f->stretch, &uf->stretch);
1714 err |= __get_user(f->gap, &uf->gap);
1715 err |= __get_user(f->rate, &uf->rate);
1716 err |= __get_user(f->spec1, &uf->spec1);
1717 err |= __get_user(f->fmt_gap, &uf->fmt_gap);
1718 err |= __get_user(name, &uf->name);
1719 f->name = compat_ptr(name);
1720 if (err) {
1721 err = -EFAULT;
1722 goto out;
1723 }
1724 break;
1725 }
1726 case FDSETDRVPRM32:
1727 case FDGETDRVPRM32:
1728 {
1729 struct floppy_drive_params32 __user *uf;
1730 struct floppy_drive_params *f;
1731
1732 uf = compat_ptr(arg);
1733 f = karg = kmalloc(sizeof(struct floppy_drive_params), GFP_KERNEL);
1734 if (!karg)
1735 return -ENOMEM;
1736 if (cmd == FDGETDRVPRM32)
1737 break;
1738 err = __get_user(f->cmos, &uf->cmos);
1739 err |= __get_user(f->max_dtr, &uf->max_dtr);
1740 err |= __get_user(f->hlt, &uf->hlt);
1741 err |= __get_user(f->hut, &uf->hut);
1742 err |= __get_user(f->srt, &uf->srt);
1743 err |= __get_user(f->spinup, &uf->spinup);
1744 err |= __get_user(f->spindown, &uf->spindown);
1745 err |= __get_user(f->spindown_offset, &uf->spindown_offset);
1746 err |= __get_user(f->select_delay, &uf->select_delay);
1747 err |= __get_user(f->rps, &uf->rps);
1748 err |= __get_user(f->tracks, &uf->tracks);
1749 err |= __get_user(f->timeout, &uf->timeout);
1750 err |= __get_user(f->interleave_sect, &uf->interleave_sect);
1751 err |= __copy_from_user(&f->max_errors, &uf->max_errors, sizeof(f->max_errors));
1752 err |= __get_user(f->flags, &uf->flags);
1753 err |= __get_user(f->read_track, &uf->read_track);
1754 err |= __copy_from_user(f->autodetect, uf->autodetect, sizeof(f->autodetect));
1755 err |= __get_user(f->checkfreq, &uf->checkfreq);
1756 err |= __get_user(f->native_format, &uf->native_format);
1757 if (err) {
1758 err = -EFAULT;
1759 goto out;
1760 }
1761 break;
1762 }
1763 case FDGETDRVSTAT32:
1764 case FDPOLLDRVSTAT32:
1765 karg = kmalloc(sizeof(struct floppy_drive_struct), GFP_KERNEL);
1766 if (!karg)
1767 return -ENOMEM;
1768 break;
1769 case FDGETFDCSTAT32:
1770 karg = kmalloc(sizeof(struct floppy_fdc_state), GFP_KERNEL);
1771 if (!karg)
1772 return -ENOMEM;
1773 break;
1774 case FDWERRORGET32:
1775 karg = kmalloc(sizeof(struct floppy_write_errors), GFP_KERNEL);
1776 if (!karg)
1777 return -ENOMEM;
1778 break;
1779 default:
1780 return -EINVAL;
1781 }
1782 set_fs (KERNEL_DS);
1783 err = sys_ioctl (fd, kcmd, (unsigned long)karg);
1784 set_fs (old_fs);
1785 if (err)
1786 goto out;
1787 switch (cmd) {
1788 case FDGETPRM32:
1789 {
1790 struct floppy_struct *f = karg;
1791 struct floppy_struct32 __user *uf = compat_ptr(arg);
1792
1793 err = __put_user(f->size, &uf->size);
1794 err |= __put_user(f->sect, &uf->sect);
1795 err |= __put_user(f->head, &uf->head);
1796 err |= __put_user(f->track, &uf->track);
1797 err |= __put_user(f->stretch, &uf->stretch);
1798 err |= __put_user(f->gap, &uf->gap);
1799 err |= __put_user(f->rate, &uf->rate);
1800 err |= __put_user(f->spec1, &uf->spec1);
1801 err |= __put_user(f->fmt_gap, &uf->fmt_gap);
1802 err |= __put_user((u64)f->name, (compat_caddr_t __user *)&uf->name);
1803 break;
1804 }
1805 case FDGETDRVPRM32:
1806 {
1807 struct floppy_drive_params32 __user *uf;
1808 struct floppy_drive_params *f = karg;
1809
1810 uf = compat_ptr(arg);
1811 err = __put_user(f->cmos, &uf->cmos);
1812 err |= __put_user(f->max_dtr, &uf->max_dtr);
1813 err |= __put_user(f->hlt, &uf->hlt);
1814 err |= __put_user(f->hut, &uf->hut);
1815 err |= __put_user(f->srt, &uf->srt);
1816 err |= __put_user(f->spinup, &uf->spinup);
1817 err |= __put_user(f->spindown, &uf->spindown);
1818 err |= __put_user(f->spindown_offset, &uf->spindown_offset);
1819 err |= __put_user(f->select_delay, &uf->select_delay);
1820 err |= __put_user(f->rps, &uf->rps);
1821 err |= __put_user(f->tracks, &uf->tracks);
1822 err |= __put_user(f->timeout, &uf->timeout);
1823 err |= __put_user(f->interleave_sect, &uf->interleave_sect);
1824 err |= __copy_to_user(&uf->max_errors, &f->max_errors, sizeof(f->max_errors));
1825 err |= __put_user(f->flags, &uf->flags);
1826 err |= __put_user(f->read_track, &uf->read_track);
1827 err |= __copy_to_user(uf->autodetect, f->autodetect, sizeof(f->autodetect));
1828 err |= __put_user(f->checkfreq, &uf->checkfreq);
1829 err |= __put_user(f->native_format, &uf->native_format);
1830 break;
1831 }
1832 case FDGETDRVSTAT32:
1833 case FDPOLLDRVSTAT32:
1834 {
1835 struct floppy_drive_struct32 __user *uf;
1836 struct floppy_drive_struct *f = karg;
1837
1838 uf = compat_ptr(arg);
1839 err = __put_user(f->flags, &uf->flags);
1840 err |= __put_user(f->spinup_date, &uf->spinup_date);
1841 err |= __put_user(f->select_date, &uf->select_date);
1842 err |= __put_user(f->first_read_date, &uf->first_read_date);
1843 err |= __put_user(f->probed_format, &uf->probed_format);
1844 err |= __put_user(f->track, &uf->track);
1845 err |= __put_user(f->maxblock, &uf->maxblock);
1846 err |= __put_user(f->maxtrack, &uf->maxtrack);
1847 err |= __put_user(f->generation, &uf->generation);
1848 err |= __put_user(f->keep_data, &uf->keep_data);
1849 err |= __put_user(f->fd_ref, &uf->fd_ref);
1850 err |= __put_user(f->fd_device, &uf->fd_device);
1851 err |= __put_user(f->last_checked, &uf->last_checked);
1852 err |= __put_user((u64)f->dmabuf, &uf->dmabuf);
1853 err |= __put_user((u64)f->bufblocks, &uf->bufblocks);
1854 break;
1855 }
1856 case FDGETFDCSTAT32:
1857 {
1858 struct floppy_fdc_state32 __user *uf;
1859 struct floppy_fdc_state *f = karg;
1860
1861 uf = compat_ptr(arg);
1862 err = __put_user(f->spec1, &uf->spec1);
1863 err |= __put_user(f->spec2, &uf->spec2);
1864 err |= __put_user(f->dtr, &uf->dtr);
1865 err |= __put_user(f->version, &uf->version);
1866 err |= __put_user(f->dor, &uf->dor);
1867 err |= __put_user(f->address, &uf->address);
1868 err |= __copy_to_user((char __user *)&uf->address + sizeof(uf->address),
1869 (char *)&f->address + sizeof(f->address), sizeof(int));
1870 err |= __put_user(f->driver_version, &uf->driver_version);
1871 err |= __copy_to_user(uf->track, f->track, sizeof(f->track));
1872 break;
1873 }
1874 case FDWERRORGET32:
1875 {
1876 struct floppy_write_errors32 __user *uf;
1877 struct floppy_write_errors *f = karg;
1878
1879 uf = compat_ptr(arg);
1880 err = __put_user(f->write_errors, &uf->write_errors);
1881 err |= __put_user(f->first_error_sector, &uf->first_error_sector);
1882 err |= __put_user(f->first_error_generation, &uf->first_error_generation);
1883 err |= __put_user(f->last_error_sector, &uf->last_error_sector);
1884 err |= __put_user(f->last_error_generation, &uf->last_error_generation);
1885 err |= __put_user(f->badness, &uf->badness);
1886 break;
1887 }
1888 default:
1889 break;
1890 }
1891 if (err)
1892 err = -EFAULT;
1893
f99d49ad
JJ		 1894out:
1895 kfree(karg);
1da177e4
LT		 1896 return err;
1897}
1898
1899struct mtd_oob_buf32 {
1900 u_int32_t start;
1901 u_int32_t length;
1902 compat_caddr_t ptr; /* unsigned char* */
1903};
1904
1905#define MEMWRITEOOB32 _IOWR('M',3,struct mtd_oob_buf32)
1906#define MEMREADOOB32 _IOWR('M',4,struct mtd_oob_buf32)
1907
1908static int mtd_rw_oob(unsigned int fd, unsigned int cmd, unsigned long arg)
1909{
1910 struct mtd_oob_buf __user *buf = compat_alloc_user_space(sizeof(*buf));
1911 struct mtd_oob_buf32 __user *buf32 = compat_ptr(arg);
1912 u32 data;
1913 char __user *datap;
1914 unsigned int real_cmd;
1915 int err;
1916
1917 real_cmd = (cmd == MEMREADOOB32) ?
1918 MEMREADOOB : MEMWRITEOOB;
1919
1920 if (copy_in_user(&buf->start, &buf32->start,
1921 2 * sizeof(u32)) ||
1922 get_user(data, &buf32->ptr))
1923 return -EFAULT;
1924 datap = compat_ptr(data);
1925 if (put_user(datap, &buf->ptr))
1926 return -EFAULT;
1927
1928 err = sys_ioctl(fd, real_cmd, (unsigned long) buf);
1929
1930 if (!err) {
1931 if (copy_in_user(&buf32->start, &buf->start,
1932 2 * sizeof(u32)))
1933 err = -EFAULT;
1934 }
1935
1936 return err;
1937}
1938
1da177e4
LT		 1939struct raw32_config_request
1940{
1941 compat_int_t raw_minor;
1942 __u64 block_major;
1943 __u64 block_minor;
1944} __attribute__((packed));
1945
1946static int get_raw32_request(struct raw_config_request *req, struct raw32_config_request __user *user_req)
1947{
1948 int ret;
1949
1950 if (!access_ok(VERIFY_READ, user_req, sizeof(struct raw32_config_request)))
1951 return -EFAULT;
1952
1953 ret = __get_user(req->raw_minor, &user_req->raw_minor);
1954 ret |= __get_user(req->block_major, &user_req->block_major);
1955 ret |= __get_user(req->block_minor, &user_req->block_minor);
1956
1957 return ret ? -EFAULT : 0;
1958}
1959
1960static int set_raw32_request(struct raw_config_request *req, struct raw32_config_request __user *user_req)
1961{
1962 int ret;
1963
1964 if (!access_ok(VERIFY_WRITE, user_req, sizeof(struct raw32_config_request)))
1965 return -EFAULT;
1966
1967 ret = __put_user(req->raw_minor, &user_req->raw_minor);
1968 ret |= __put_user(req->block_major, &user_req->block_major);
1969 ret |= __put_user(req->block_minor, &user_req->block_minor);
1970
1971 return ret ? -EFAULT : 0;
1972}
1973
1974static int raw_ioctl(unsigned fd, unsigned cmd, unsigned long arg)
1975{
1976 int ret;
1977
1978 switch (cmd) {
1979 case RAW_SETBIND:
1980 case RAW_GETBIND: {
1981 struct raw_config_request req;
1982 struct raw32_config_request __user *user_req = compat_ptr(arg);
1983 mm_segment_t oldfs = get_fs();
1984
1985 if ((ret = get_raw32_request(&req, user_req)))
1986 return ret;
1987
1988 set_fs(KERNEL_DS);
1989 ret = sys_ioctl(fd,cmd,(unsigned long)&req);
1990 set_fs(oldfs);
1991
1992 if ((!ret) && (cmd == RAW_GETBIND)) {
1993 ret = set_raw32_request(&req, user_req);
1994 }
1995 break;
1996 }
1997 default:
1998 ret = sys_ioctl(fd, cmd, arg);
1999 break;
2000 }
2001 return ret;
2002}
2003
2004struct serial_struct32 {
2005 compat_int_t type;
2006 compat_int_t line;
2007 compat_uint_t port;
2008 compat_int_t irq;
2009 compat_int_t flags;
2010 compat_int_t xmit_fifo_size;
2011 compat_int_t custom_divisor;
2012 compat_int_t baud_base;
2013 unsigned short close_delay;
2014 char io_type;
2015 char reserved_char[1];
2016 compat_int_t hub6;
2017 unsigned short closing_wait; /* time to wait before closing */
2018 unsigned short closing_wait2; /* no longer used... */
2019 compat_uint_t iomem_base;
2020 unsigned short iomem_reg_shift;
2021 unsigned int port_high;
2022 /* compat_ulong_t iomap_base FIXME */
2023 compat_int_t reserved[1];
2024};
2025
2026static int serial_struct_ioctl(unsigned fd, unsigned cmd, unsigned long arg)
2027{
2028 typedef struct serial_struct SS;
2029 typedef struct serial_struct32 SS32;
2030 struct serial_struct32 __user *ss32 = compat_ptr(arg);
2031 int err;
2032 struct serial_struct ss;
2033 mm_segment_t oldseg = get_fs();
2034 __u32 udata;
2035
2036 if (cmd == TIOCSSERIAL) {
2037 if (!access_ok(VERIFY_READ, ss32, sizeof(SS32)))
2038 return -EFAULT;
2039 if (__copy_from_user(&ss, ss32, offsetof(SS32, iomem_base)))
2040 return -EFAULT;
2041 __get_user(udata, &ss32->iomem_base);
2042 ss.iomem_base = compat_ptr(udata);
2043 __get_user(ss.iomem_reg_shift, &ss32->iomem_reg_shift);
2044 __get_user(ss.port_high, &ss32->port_high);
2045 ss.iomap_base = 0UL;
2046 }
2047 set_fs(KERNEL_DS);
2048 err = sys_ioctl(fd,cmd,(unsigned long)(&ss));
2049 set_fs(oldseg);
2050 if (cmd == TIOCGSERIAL && err >= 0) {
2051 if (!access_ok(VERIFY_WRITE, ss32, sizeof(SS32)))
2052 return -EFAULT;
2053 if (__copy_to_user(ss32,&ss,offsetof(SS32,iomem_base)))
2054 return -EFAULT;
2055 __put_user((unsigned long)ss.iomem_base >> 32 ?
2056 0xffffffff : (unsigned)(unsigned long)ss.iomem_base,
2057 &ss32->iomem_base);
2058 __put_user(ss.iomem_reg_shift, &ss32->iomem_reg_shift);
2059 __put_user(ss.port_high, &ss32->port_high);
2060
2061 }
2062 return err;
2063}
2064
2065struct usbdevfs_ctrltransfer32 {
2066 u8 bRequestType;
2067 u8 bRequest;
2068 u16 wValue;
2069 u16 wIndex;
2070 u16 wLength;
2071 u32 timeout; /* in milliseconds */
2072 compat_caddr_t data;
2073};
2074
2075#define USBDEVFS_CONTROL32 _IOWR('U', 0, struct usbdevfs_ctrltransfer32)
2076
2077static int do_usbdevfs_control(unsigned int fd, unsigned int cmd, unsigned long arg)
2078{
2079 struct usbdevfs_ctrltransfer32 __user *p32 = compat_ptr(arg);
2080 struct usbdevfs_ctrltransfer __user *p;
2081 __u32 udata;
2082 p = compat_alloc_user_space(sizeof(*p));
2083 if (copy_in_user(p, p32, (sizeof(*p32) - sizeof(compat_caddr_t))) ||
2084 get_user(udata, &p32->data) ||
2085 put_user(compat_ptr(udata), &p->data))
2086 return -EFAULT;
2087 return sys_ioctl(fd, USBDEVFS_CONTROL, (unsigned long)p);
2088}
2089
2090
2091struct usbdevfs_bulktransfer32 {
2092 compat_uint_t ep;
2093 compat_uint_t len;
2094 compat_uint_t timeout; /* in milliseconds */
2095 compat_caddr_t data;
2096};
2097
2098#define USBDEVFS_BULK32 _IOWR('U', 2, struct usbdevfs_bulktransfer32)
2099
2100static int do_usbdevfs_bulk(unsigned int fd, unsigned int cmd, unsigned long arg)
2101{
2102 struct usbdevfs_bulktransfer32 __user *p32 = compat_ptr(arg);
2103 struct usbdevfs_bulktransfer __user *p;
2104 compat_uint_t n;
2105 compat_caddr_t addr;
2106
2107 p = compat_alloc_user_space(sizeof(*p));
2108
2109 if (get_user(n, &p32->ep) || put_user(n, &p->ep) ||
2110 get_user(n, &p32->len) || put_user(n, &p->len) ||
2111 get_user(n, &p32->timeout) || put_user(n, &p->timeout) ||
2112 get_user(addr, &p32->data) || put_user(compat_ptr(addr), &p->data))
2113 return -EFAULT;
2114
2115 return sys_ioctl(fd, USBDEVFS_BULK, (unsigned long)p);
2116}
2117
2118
2119/*
2120 * USBDEVFS_SUBMITURB, USBDEVFS_REAPURB and USBDEVFS_REAPURBNDELAY
2121 * are handled in usbdevfs core. -Christopher Li
2122 */
2123
2124struct usbdevfs_disconnectsignal32 {
2125 compat_int_t signr;
2126 compat_caddr_t context;
2127};
2128
2129#define USBDEVFS_DISCSIGNAL32 _IOR('U', 14, struct usbdevfs_disconnectsignal32)
2130
2131static int do_usbdevfs_discsignal(unsigned int fd, unsigned int cmd, unsigned long arg)
2132{
2133 struct usbdevfs_disconnectsignal kdis;
2134 struct usbdevfs_disconnectsignal32 __user *udis;
2135 mm_segment_t old_fs;
2136 u32 uctx;
2137 int err;
2138
2139 udis = compat_ptr(arg);
2140
2141 if (get_user(kdis.signr, &udis->signr) ||
2142 __get_user(uctx, &udis->context))
2143 return -EFAULT;
2144
2145 kdis.context = compat_ptr(uctx);
2146
2147 old_fs = get_fs();
2148 set_fs(KERNEL_DS);
2149 err = sys_ioctl(fd, USBDEVFS_DISCSIGNAL, (unsigned long) &kdis);
2150 set_fs(old_fs);
2151
2152 return err;
2153}
2154
2155/*
2156 * I2C layer ioctls
2157 */
2158
2159struct i2c_msg32 {
2160 u16 addr;
2161 u16 flags;
2162 u16 len;
2163 compat_caddr_t buf;
2164};
2165
2166struct i2c_rdwr_ioctl_data32 {
2167 compat_caddr_t msgs; /* struct i2c_msg __user *msgs */
2168 u32 nmsgs;
2169};
2170
2171struct i2c_smbus_ioctl_data32 {
2172 u8 read_write;
2173 u8 command;
2174 u32 size;
2175 compat_caddr_t data; /* union i2c_smbus_data *data */
2176};
2177
2178struct i2c_rdwr_aligned {
2179 struct i2c_rdwr_ioctl_data cmd;
2180 struct i2c_msg msgs[0];
2181};
2182
2183static int do_i2c_rdwr_ioctl(unsigned int fd, unsigned int cmd, unsigned long arg)
2184{
2185 struct i2c_rdwr_ioctl_data32 __user *udata = compat_ptr(arg);
2186 struct i2c_rdwr_aligned __user *tdata;
2187 struct i2c_msg __user *tmsgs;
2188 struct i2c_msg32 __user *umsgs;
2189 compat_caddr_t datap;
2190 int nmsgs, i;
2191
2192 if (get_user(nmsgs, &udata->nmsgs))
2193 return -EFAULT;
2194 if (nmsgs > I2C_RDRW_IOCTL_MAX_MSGS)
2195 return -EINVAL;
2196
2197 if (get_user(datap, &udata->msgs))
2198 return -EFAULT;
2199 umsgs = compat_ptr(datap);
2200
2201 tdata = compat_alloc_user_space(sizeof(*tdata) +
2202 nmsgs * sizeof(struct i2c_msg));
2203 tmsgs = &tdata->msgs[0];
2204
2205 if (put_user(nmsgs, &tdata->cmd.nmsgs) ||
2206 put_user(tmsgs, &tdata->cmd.msgs))
2207 return -EFAULT;
2208
2209 for (i = 0; i < nmsgs; i++) {
2210 if (copy_in_user(&tmsgs[i].addr, &umsgs[i].addr, 3*sizeof(u16)))
2211 return -EFAULT;
2212 if (get_user(datap, &umsgs[i].buf) ||
2213 put_user(compat_ptr(datap), &tmsgs[i].buf))
2214 return -EFAULT;
2215 }
2216 return sys_ioctl(fd, cmd, (unsigned long)tdata);
2217}
2218
2219static int do_i2c_smbus_ioctl(unsigned int fd, unsigned int cmd, unsigned long arg)
2220{
2221 struct i2c_smbus_ioctl_data __user *tdata;
2222 struct i2c_smbus_ioctl_data32 __user *udata;
2223 compat_caddr_t datap;
2224
2225 tdata = compat_alloc_user_space(sizeof(*tdata));
2226 if (tdata == NULL)
2227 return -ENOMEM;
2228 if (!access_ok(VERIFY_WRITE, tdata, sizeof(*tdata)))
2229 return -EFAULT;
2230
2231 udata = compat_ptr(arg);
2232 if (!access_ok(VERIFY_READ, udata, sizeof(*udata)))
2233 return -EFAULT;
2234
2235 if (__copy_in_user(&tdata->read_write, &udata->read_write, 2 * sizeof(u8)))
2236 return -EFAULT;
2237 if (__copy_in_user(&tdata->size, &udata->size, 2 * sizeof(u32)))
2238 return -EFAULT;
2239 if (__get_user(datap, &udata->data) ||
2240 __put_user(compat_ptr(datap), &tdata->data))
2241 return -EFAULT;
2242
2243 return sys_ioctl(fd, cmd, (unsigned long)tdata);
2244}
2245
2246struct compat_iw_point {
2247 compat_caddr_t pointer;
2248 __u16 length;
2249 __u16 flags;
2250};
2251
2252static int do_wireless_ioctl(unsigned int fd, unsigned int cmd, unsigned long arg)
2253{
2254 struct iwreq __user *iwr;
2255 struct iwreq __user *iwr_u;
2256 struct iw_point __user *iwp;
2257 struct compat_iw_point __user *iwp_u;
2258 compat_caddr_t pointer;
2259 __u16 length, flags;
2260
2261 iwr_u = compat_ptr(arg);
2262 iwp_u = (struct compat_iw_point __user *) &iwr_u->u.data;
2263 iwr = compat_alloc_user_space(sizeof(*iwr));
2264 if (iwr == NULL)
2265 return -ENOMEM;
2266
2267 iwp = &iwr->u.data;
2268
2269 if (!access_ok(VERIFY_WRITE, iwr, sizeof(*iwr)))
2270 return -EFAULT;
2271
2272 if (__copy_in_user(&iwr->ifr_ifrn.ifrn_name[0],
2273 &iwr_u->ifr_ifrn.ifrn_name[0],
2274 sizeof(iwr->ifr_ifrn.ifrn_name)))
2275 return -EFAULT;
2276
2277 if (__get_user(pointer, &iwp_u->pointer) ||
2278 __get_user(length, &iwp_u->length) ||
2279 __get_user(flags, &iwp_u->flags))
2280 return -EFAULT;
2281
2282 if (__put_user(compat_ptr(pointer), &iwp->pointer) ||
2283 __put_user(length, &iwp->length) ||
2284 __put_user(flags, &iwp->flags))
2285 return -EFAULT;
2286
2287 return sys_ioctl(fd, cmd, (unsigned long) iwr);
2288}
2289
2290/* Since old style bridge ioctl's endup using SIOCDEVPRIVATE
2291 * for some operations; this forces use of the newer bridge-utils that
2292 * use compatiable ioctls
2293 */
2294static int old_bridge_ioctl(unsigned int fd, unsigned int cmd, unsigned long arg)
2295{
2296 u32 tmp;
2297
2298 if (get_user(tmp, (u32 __user *) arg))
2299 return -EFAULT;
2300 if (tmp == BRCTL_GET_VERSION)
2301 return BRCTL_VERSION + 1;
2302 return -EINVAL;
2303}
2304
ec3cad96
CH		 2305#define RTC_IRQP_READ32 _IOR('p', 0x0b, compat_ulong_t)
2306#define RTC_IRQP_SET32 _IOW('p', 0x0c, compat_ulong_t)
2307#define RTC_EPOCH_READ32 _IOR('p', 0x0d, compat_ulong_t)
2308#define RTC_EPOCH_SET32 _IOW('p', 0x0e, compat_ulong_t)
2309
2310static int rtc_ioctl(unsigned fd, unsigned cmd, unsigned long arg)
2311{
2312 mm_segment_t oldfs = get_fs();
2313 compat_ulong_t val32;
2314 unsigned long kval;
2315 int ret;
2316
2317 switch (cmd) {
2318 case RTC_IRQP_READ32:
2319 case RTC_EPOCH_READ32:
2320 set_fs(KERNEL_DS);
2321 ret = sys_ioctl(fd, (cmd == RTC_IRQP_READ32) ?
2322 RTC_IRQP_READ : RTC_EPOCH_READ,
2323 (unsigned long)&kval);
2324 set_fs(oldfs);
2325 if (ret)
2326 return ret;
2327 val32 = kval;
2328 return put_user(val32, (unsigned int __user *)arg);
2329 case RTC_IRQP_SET32:
fc5870f6 2330 return sys_ioctl(fd, RTC_IRQP_SET, arg);
ec3cad96 2331 case RTC_EPOCH_SET32:
fc5870f6 2332 return sys_ioctl(fd, RTC_EPOCH_SET, arg);
ec3cad96
CH		 2333 default:
2334 /* unreached */
2335 return -ENOIOCTLCMD;
2336 }
2337}
2338
1da177e4
LT		 2339#if defined(CONFIG_NCP_FS) || defined(CONFIG_NCP_FS_MODULE)
2340struct ncp_ioctl_request_32 {
2341 u32 function;
2342 u32 size;
2343 compat_caddr_t data;
2344};
2345
2346struct ncp_fs_info_v2_32 {
2347 s32 version;
2348 u32 mounted_uid;
2349 u32 connection;
2350 u32 buffer_size;
2351
2352 u32 volume_number;
2353 u32 directory_id;
2354
2355 u32 dummy1;
2356 u32 dummy2;
2357 u32 dummy3;
2358};
2359
2360struct ncp_objectname_ioctl_32
2361{
2362 s32 auth_type;
2363 u32 object_name_len;
2364 compat_caddr_t object_name; /* an userspace data, in most cases user name */
2365};
2366
2367struct ncp_privatedata_ioctl_32
2368{
2369 u32 len;
2370 compat_caddr_t data; /* ~1000 for NDS */
2371};
2372
2373#define NCP_IOC_NCPREQUEST_32 _IOR('n', 1, struct ncp_ioctl_request_32)
2374#define NCP_IOC_GETMOUNTUID2_32 _IOW('n', 2, u32)
2375#define NCP_IOC_GET_FS_INFO_V2_32 _IOWR('n', 4, struct ncp_fs_info_v2_32)
2376#define NCP_IOC_GETOBJECTNAME_32 _IOWR('n', 9, struct ncp_objectname_ioctl_32)
2377#define NCP_IOC_SETOBJECTNAME_32 _IOR('n', 9, struct ncp_objectname_ioctl_32)
2378#define NCP_IOC_GETPRIVATEDATA_32 _IOWR('n', 10, struct ncp_privatedata_ioctl_32)
2379#define NCP_IOC_SETPRIVATEDATA_32 _IOR('n', 10, struct ncp_privatedata_ioctl_32)
2380
2381static int do_ncp_ncprequest(unsigned int fd, unsigned int cmd, unsigned long arg)
2382{
2383 struct ncp_ioctl_request_32 n32;
2384 struct ncp_ioctl_request __user *p = compat_alloc_user_space(sizeof(*p));
2385
2386 if (copy_from_user(&n32, compat_ptr(arg), sizeof(n32)) ||
2387 put_user(n32.function, &p->function) ||
2388 put_user(n32.size, &p->size) ||
2389 put_user(compat_ptr(n32.data), &p->data))
2390 return -EFAULT;
2391
2392 return sys_ioctl(fd, NCP_IOC_NCPREQUEST, (unsigned long)p);
2393}
2394
2395static int do_ncp_getmountuid2(unsigned int fd, unsigned int cmd, unsigned long arg)
2396{
2397 mm_segment_t old_fs = get_fs();
2398 __kernel_uid_t kuid;
2399 int err;
2400
2401 cmd = NCP_IOC_GETMOUNTUID2;
2402
2403 set_fs(KERNEL_DS);
2404 err = sys_ioctl(fd, cmd, (unsigned long)&kuid);
2405 set_fs(old_fs);
2406
2407 if (!err)
2408 err = put_user(kuid,
2409 (unsigned int __user *) compat_ptr(arg));
2410
2411 return err;
2412}
2413
2414static int do_ncp_getfsinfo2(unsigned int fd, unsigned int cmd, unsigned long arg)
2415{
2416 mm_segment_t old_fs = get_fs();
2417 struct ncp_fs_info_v2_32 n32;
2418 struct ncp_fs_info_v2 n;
2419 int err;
2420
2421 if (copy_from_user(&n32, compat_ptr(arg), sizeof(n32)))
2422 return -EFAULT;
2423 if (n32.version != NCP_GET_FS_INFO_VERSION_V2)
2424 return -EINVAL;
2425 n.version = NCP_GET_FS_INFO_VERSION_V2;
2426
2427 set_fs(KERNEL_DS);
2428 err = sys_ioctl(fd, NCP_IOC_GET_FS_INFO_V2, (unsigned long)&n);
2429 set_fs(old_fs);
2430
2431 if (!err) {
2432 n32.version = n.version;
2433 n32.mounted_uid = n.mounted_uid;
2434 n32.connection = n.connection;
2435 n32.buffer_size = n.buffer_size;
2436 n32.volume_number = n.volume_number;
2437 n32.directory_id = n.directory_id;
2438 n32.dummy1 = n.dummy1;
2439 n32.dummy2 = n.dummy2;
2440 n32.dummy3 = n.dummy3;
2441 err = copy_to_user(compat_ptr(arg), &n32, sizeof(n32)) ? -EFAULT : 0;
2442 }
2443 return err;
2444}
2445
2446static int do_ncp_getobjectname(unsigned int fd, unsigned int cmd, unsigned long arg)
2447{
2448 struct ncp_objectname_ioctl_32 n32, __user *p32 = compat_ptr(arg);
2449 struct ncp_objectname_ioctl __user *p = compat_alloc_user_space(sizeof(*p));
2450 s32 auth_type;
2451 u32 name_len;
2452 int err;
2453
2454 if (copy_from_user(&n32, p32, sizeof(n32)) ||
2455 put_user(n32.object_name_len, &p->object_name_len) ||
2456 put_user(compat_ptr(n32.object_name), &p->object_name))
2457 return -EFAULT;
2458
2459 err = sys_ioctl(fd, NCP_IOC_GETOBJECTNAME, (unsigned long)p);
2460 if (err)
2461 return err;
2462
2463 if (get_user(auth_type, &p->auth_type) ||
2464 put_user(auth_type, &p32->auth_type) ||
2465 get_user(name_len, &p->object_name_len) ||
2466 put_user(name_len, &p32->object_name_len))
2467 return -EFAULT;
2468
2469 return 0;
2470}
2471
2472static int do_ncp_setobjectname(unsigned int fd, unsigned int cmd, unsigned long arg)
2473{
2474 struct ncp_objectname_ioctl_32 n32, __user *p32 = compat_ptr(arg);
2475 struct ncp_objectname_ioctl __user *p = compat_alloc_user_space(sizeof(*p));
2476
2477 if (copy_from_user(&n32, p32, sizeof(n32)) ||
2478 put_user(n32.auth_type, &p->auth_type) ||
2479 put_user(n32.object_name_len, &p->object_name_len) ||
2480 put_user(compat_ptr(n32.object_name), &p->object_name))
2481 return -EFAULT;
2482
2483 return sys_ioctl(fd, NCP_IOC_SETOBJECTNAME, (unsigned long)p);
2484}
2485
2486static int do_ncp_getprivatedata(unsigned int fd, unsigned int cmd, unsigned long arg)
2487{
2488 struct ncp_privatedata_ioctl_32 n32, __user *p32 = compat_ptr(arg);
2489 struct ncp_privatedata_ioctl __user *p =
2490 compat_alloc_user_space(sizeof(*p));
2491 u32 len;
2492 int err;
2493
2494 if (copy_from_user(&n32, p32, sizeof(n32)) ||
2495 put_user(n32.len, &p->len) ||
2496 put_user(compat_ptr(n32.data), &p->data))
2497 return -EFAULT;
2498
2499 err = sys_ioctl(fd, NCP_IOC_GETPRIVATEDATA, (unsigned long)p);
2500 if (err)
2501 return err;
2502
2503 if (get_user(len, &p->len) ||
2504 put_user(len, &p32->len))
2505 return -EFAULT;
2506
2507 return 0;
2508}
2509
2510static int do_ncp_setprivatedata(unsigned int fd, unsigned int cmd, unsigned long arg)
2511{
2512 struct ncp_privatedata_ioctl_32 n32;
2513 struct ncp_privatedata_ioctl_32 __user *p32 = compat_ptr(arg);
2514 struct ncp_privatedata_ioctl __user *p =
2515 compat_alloc_user_space(sizeof(*p));
2516
2517 if (copy_from_user(&n32, p32, sizeof(n32)) ||
2518 put_user(n32.len, &p->len) ||
2519 put_user(compat_ptr(n32.data), &p->data))
2520 return -EFAULT;
2521
2522 return sys_ioctl(fd, NCP_IOC_SETPRIVATEDATA, (unsigned long)p);
2523}
2524#endif
2525
c6b44d10
AK		 2526static int
2527lp_timeout_trans(unsigned int fd, unsigned int cmd, unsigned long arg)
2528{
6b2b4e5a
AV		 2529 struct compat_timeval __user *tc = (struct compat_timeval __user *)arg;
2530 struct timeval __user *tn = compat_alloc_user_space(sizeof(struct timeval));
c6b44d10
AK		 2531 struct timeval ts;
2532 if (get_user(ts.tv_sec, &tc->tv_sec) ||
2533 get_user(ts.tv_usec, &tc->tv_usec) ||
2534 put_user(ts.tv_sec, &tn->tv_sec) ||
2535 put_user(ts.tv_usec, &tn->tv_usec))
2536 return -EFAULT;
2537 return sys_ioctl(fd, cmd, (unsigned long)tn);
2538}
2539
e6a6d2ef
CH		 2540#define HANDLE_IOCTL(cmd,handler) \
2541 { (cmd), (ioctl_trans_handler_t)(handler) },
2542
2543/* pointer to compatible structure or no argument */
2544#define COMPATIBLE_IOCTL(cmd) \
2545 { (cmd), do_ioctl32_pointer },
2546
2547/* argument is an unsigned long integer, not a pointer */
2548#define ULONG_IOCTL(cmd) \
2549 { (cmd), (ioctl_trans_handler_t)sys_ioctl },
1da177e4 2550
e6a6d2ef
CH		 2551
2552struct ioctl_trans ioctl_start[] = {
2553#include <linux/compat_ioctl.h>
1da177e4
LT		 2554HANDLE_IOCTL(MEMREADOOB32, mtd_rw_oob)
2555HANDLE_IOCTL(MEMWRITEOOB32, mtd_rw_oob)
2556#ifdef CONFIG_NET
2557HANDLE_IOCTL(SIOCGIFNAME, dev_ifname32)
2558HANDLE_IOCTL(SIOCGIFCONF, dev_ifconf)
2559HANDLE_IOCTL(SIOCGIFFLAGS, dev_ifsioc)
2560HANDLE_IOCTL(SIOCSIFFLAGS, dev_ifsioc)
2561HANDLE_IOCTL(SIOCGIFMETRIC, dev_ifsioc)
2562HANDLE_IOCTL(SIOCSIFMETRIC, dev_ifsioc)
2563HANDLE_IOCTL(SIOCGIFMTU, dev_ifsioc)
2564HANDLE_IOCTL(SIOCSIFMTU, dev_ifsioc)
2565HANDLE_IOCTL(SIOCGIFMEM, dev_ifsioc)
2566HANDLE_IOCTL(SIOCSIFMEM, dev_ifsioc)
2567HANDLE_IOCTL(SIOCGIFHWADDR, dev_ifsioc)
2568HANDLE_IOCTL(SIOCSIFHWADDR, dev_ifsioc)
2569HANDLE_IOCTL(SIOCADDMULTI, dev_ifsioc)
2570HANDLE_IOCTL(SIOCDELMULTI, dev_ifsioc)
2571HANDLE_IOCTL(SIOCGIFINDEX, dev_ifsioc)
2572HANDLE_IOCTL(SIOCGIFMAP, dev_ifsioc)
2573HANDLE_IOCTL(SIOCSIFMAP, dev_ifsioc)
2574HANDLE_IOCTL(SIOCGIFADDR, dev_ifsioc)
2575HANDLE_IOCTL(SIOCSIFADDR, dev_ifsioc)
2576
2577/* ioctls used by appletalk ddp.c */
2578HANDLE_IOCTL(SIOCATALKDIFADDR, dev_ifsioc)
2579HANDLE_IOCTL(SIOCDIFADDR, dev_ifsioc)
2580HANDLE_IOCTL(SIOCSARP, dev_ifsioc)
2581HANDLE_IOCTL(SIOCDARP, dev_ifsioc)
2582
2583HANDLE_IOCTL(SIOCGIFBRDADDR, dev_ifsioc)
2584HANDLE_IOCTL(SIOCSIFBRDADDR, dev_ifsioc)
2585HANDLE_IOCTL(SIOCGIFDSTADDR, dev_ifsioc)
2586HANDLE_IOCTL(SIOCSIFDSTADDR, dev_ifsioc)
2587HANDLE_IOCTL(SIOCGIFNETMASK, dev_ifsioc)
2588HANDLE_IOCTL(SIOCSIFNETMASK, dev_ifsioc)
2589HANDLE_IOCTL(SIOCSIFPFLAGS, dev_ifsioc)
2590HANDLE_IOCTL(SIOCGIFPFLAGS, dev_ifsioc)
2591HANDLE_IOCTL(SIOCGIFTXQLEN, dev_ifsioc)
2592HANDLE_IOCTL(SIOCSIFTXQLEN, dev_ifsioc)
2593HANDLE_IOCTL(TUNSETIFF, dev_ifsioc)
2594HANDLE_IOCTL(SIOCETHTOOL, ethtool_ioctl)
2595HANDLE_IOCTL(SIOCBONDENSLAVE, bond_ioctl)
2596HANDLE_IOCTL(SIOCBONDRELEASE, bond_ioctl)
2597HANDLE_IOCTL(SIOCBONDSETHWADDR, bond_ioctl)
2598HANDLE_IOCTL(SIOCBONDSLAVEINFOQUERY, bond_ioctl)
2599HANDLE_IOCTL(SIOCBONDINFOQUERY, bond_ioctl)
2600HANDLE_IOCTL(SIOCBONDCHANGEACTIVE, bond_ioctl)
2601HANDLE_IOCTL(SIOCADDRT, routing_ioctl)
2602HANDLE_IOCTL(SIOCDELRT, routing_ioctl)
2603HANDLE_IOCTL(SIOCBRADDIF, dev_ifsioc)
2604HANDLE_IOCTL(SIOCBRDELIF, dev_ifsioc)
2605/* Note SIOCRTMSG is no longer, so this is safe and * the user would have seen just an -EINVAL anyways. */
2606HANDLE_IOCTL(SIOCRTMSG, ret_einval)
2607HANDLE_IOCTL(SIOCGSTAMP, do_siocgstamp)
2608#endif
2609HANDLE_IOCTL(HDIO_GETGEO, hdio_getgeo)
2610HANDLE_IOCTL(BLKRAGET, w_long)
2611HANDLE_IOCTL(BLKGETSIZE, w_long)
2612HANDLE_IOCTL(0x1260, broken_blkgetsize)
2613HANDLE_IOCTL(BLKFRAGET, w_long)
2614HANDLE_IOCTL(BLKSECTGET, w_long)
1da177e4 2615HANDLE_IOCTL(BLKPG, blkpg_ioctl_trans)
1da177e4
LT		 2616HANDLE_IOCTL(HDIO_GET_KEEPSETTINGS, hdio_ioctl_trans)
2617HANDLE_IOCTL(HDIO_GET_UNMASKINTR, hdio_ioctl_trans)
2618HANDLE_IOCTL(HDIO_GET_DMA, hdio_ioctl_trans)
2619HANDLE_IOCTL(HDIO_GET_32BIT, hdio_ioctl_trans)
2620HANDLE_IOCTL(HDIO_GET_MULTCOUNT, hdio_ioctl_trans)
2621HANDLE_IOCTL(HDIO_GET_NOWERR, hdio_ioctl_trans)
2622HANDLE_IOCTL(HDIO_GET_NICE, hdio_ioctl_trans)
2623HANDLE_IOCTL(FDSETPRM32, fd_ioctl_trans)
2624HANDLE_IOCTL(FDDEFPRM32, fd_ioctl_trans)
2625HANDLE_IOCTL(FDGETPRM32, fd_ioctl_trans)
2626HANDLE_IOCTL(FDSETDRVPRM32, fd_ioctl_trans)
2627HANDLE_IOCTL(FDGETDRVPRM32, fd_ioctl_trans)
2628HANDLE_IOCTL(FDGETDRVSTAT32, fd_ioctl_trans)
2629HANDLE_IOCTL(FDPOLLDRVSTAT32, fd_ioctl_trans)
2630HANDLE_IOCTL(FDGETFDCSTAT32, fd_ioctl_trans)
2631HANDLE_IOCTL(FDWERRORGET32, fd_ioctl_trans)
2632HANDLE_IOCTL(SG_IO,sg_ioctl_trans)
2966387b 2633HANDLE_IOCTL(SG_GET_REQUEST_TABLE, sg_grt_trans)
1da177e4
LT		 2634HANDLE_IOCTL(PPPIOCGIDLE32, ppp_ioctl_trans)
2635HANDLE_IOCTL(PPPIOCSCOMPRESS32, ppp_ioctl_trans)
2636HANDLE_IOCTL(PPPIOCSPASS32, ppp_sock_fprog_ioctl_trans)
2637HANDLE_IOCTL(PPPIOCSACTIVE32, ppp_sock_fprog_ioctl_trans)
2638HANDLE_IOCTL(MTIOCGET32, mt_ioctl_trans)
2639HANDLE_IOCTL(MTIOCPOS32, mt_ioctl_trans)
2640HANDLE_IOCTL(CDROMREADAUDIO, cdrom_ioctl_trans)
2641HANDLE_IOCTL(CDROM_SEND_PACKET, cdrom_ioctl_trans)
1da177e4
LT		 2642#define AUTOFS_IOC_SETTIMEOUT32 _IOWR(0x93,0x64,unsigned int)
2643HANDLE_IOCTL(AUTOFS_IOC_SETTIMEOUT32, ioc_settimeout)
2644#ifdef CONFIG_VT
2645HANDLE_IOCTL(PIO_FONTX, do_fontx_ioctl)
2646HANDLE_IOCTL(GIO_FONTX, do_fontx_ioctl)
2647HANDLE_IOCTL(PIO_UNIMAP, do_unimap_ioctl)
2648HANDLE_IOCTL(GIO_UNIMAP, do_unimap_ioctl)
2649HANDLE_IOCTL(KDFONTOP, do_kdfontop_ioctl)
2650#endif
1da177e4
LT		 2651/* One SMB ioctl needs translations. */
2652#define SMB_IOC_GETMOUNTUID_32 _IOR('u', 1, compat_uid_t)
2653HANDLE_IOCTL(SMB_IOC_GETMOUNTUID_32, do_smb_getmountuid)
2654HANDLE_IOCTL(ATM_GETLINKRATE32, do_atm_ioctl)
2655HANDLE_IOCTL(ATM_GETNAMES32, do_atm_ioctl)
2656HANDLE_IOCTL(ATM_GETTYPE32, do_atm_ioctl)
2657HANDLE_IOCTL(ATM_GETESI32, do_atm_ioctl)
2658HANDLE_IOCTL(ATM_GETADDR32, do_atm_ioctl)
2659HANDLE_IOCTL(ATM_RSTADDR32, do_atm_ioctl)
2660HANDLE_IOCTL(ATM_ADDADDR32, do_atm_ioctl)
2661HANDLE_IOCTL(ATM_DELADDR32, do_atm_ioctl)
2662HANDLE_IOCTL(ATM_GETCIRANGE32, do_atm_ioctl)
2663HANDLE_IOCTL(ATM_SETCIRANGE32, do_atm_ioctl)
2664HANDLE_IOCTL(ATM_SETESI32, do_atm_ioctl)
2665HANDLE_IOCTL(ATM_SETESIF32, do_atm_ioctl)
2666HANDLE_IOCTL(ATM_GETSTAT32, do_atm_ioctl)
2667HANDLE_IOCTL(ATM_GETSTATZ32, do_atm_ioctl)
2668HANDLE_IOCTL(ATM_GETLOOP32, do_atm_ioctl)
2669HANDLE_IOCTL(ATM_SETLOOP32, do_atm_ioctl)
2670HANDLE_IOCTL(ATM_QUERYLOOP32, do_atm_ioctl)
2671HANDLE_IOCTL(SONET_GETSTAT, do_atm_ioctl)
2672HANDLE_IOCTL(SONET_GETSTATZ, do_atm_ioctl)
2673HANDLE_IOCTL(SONET_GETDIAG, do_atm_ioctl)
2674HANDLE_IOCTL(SONET_SETDIAG, do_atm_ioctl)
2675HANDLE_IOCTL(SONET_CLRDIAG, do_atm_ioctl)
2676HANDLE_IOCTL(SONET_SETFRAMING, do_atm_ioctl)
2677HANDLE_IOCTL(SONET_GETFRAMING, do_atm_ioctl)
2678HANDLE_IOCTL(SONET_GETFRSENSE, do_atm_ioctl)
2679/* block stuff */
2680HANDLE_IOCTL(BLKBSZGET_32, do_blkbszget)
2681HANDLE_IOCTL(BLKBSZSET_32, do_blkbszset)
2682HANDLE_IOCTL(BLKGETSIZE64_32, do_blkgetsize64)
1da177e4
LT		 2683/* Raw devices */
2684HANDLE_IOCTL(RAW_SETBIND, raw_ioctl)
2685HANDLE_IOCTL(RAW_GETBIND, raw_ioctl)
2686/* Serial */
2687HANDLE_IOCTL(TIOCGSERIAL, serial_struct_ioctl)
2688HANDLE_IOCTL(TIOCSSERIAL, serial_struct_ioctl)
9c0cbd54
CH		 2689#ifdef TIOCGLTC
2690COMPATIBLE_IOCTL(TIOCGLTC)
2691COMPATIBLE_IOCTL(TIOCSLTC)
2692#endif
7a81e316
CH		 2693#ifdef TIOCSTART
2694/*
2695 * For these two we have defintions in ioctls.h and/or termios.h on
2696 * some architectures but no actual implemention. Some applications
2697 * like bash call them if they are defined in the headers, so we provide
2698 * entries here to avoid syslog message spew.
2699 */
2700COMPATIBLE_IOCTL(TIOCSTART)
2701COMPATIBLE_IOCTL(TIOCSTOP)
2702#endif
1da177e4
LT		 2703/* Usbdevfs */
2704HANDLE_IOCTL(USBDEVFS_CONTROL32, do_usbdevfs_control)
2705HANDLE_IOCTL(USBDEVFS_BULK32, do_usbdevfs_bulk)
2706HANDLE_IOCTL(USBDEVFS_DISCSIGNAL32, do_usbdevfs_discsignal)
c36fc889 2707COMPATIBLE_IOCTL(USBDEVFS_IOCTL32)
1da177e4
LT		 2708/* i2c */
2709HANDLE_IOCTL(I2C_FUNCS, w_long)
2710HANDLE_IOCTL(I2C_RDWR, do_i2c_rdwr_ioctl)
2711HANDLE_IOCTL(I2C_SMBUS, do_i2c_smbus_ioctl)
2712/* wireless */
2713HANDLE_IOCTL(SIOCGIWRANGE, do_wireless_ioctl)
2714HANDLE_IOCTL(SIOCSIWSPY, do_wireless_ioctl)
2715HANDLE_IOCTL(SIOCGIWSPY, do_wireless_ioctl)
2716HANDLE_IOCTL(SIOCSIWTHRSPY, do_wireless_ioctl)
2717HANDLE_IOCTL(SIOCGIWTHRSPY, do_wireless_ioctl)
2718HANDLE_IOCTL(SIOCGIWAPLIST, do_wireless_ioctl)
2719HANDLE_IOCTL(SIOCGIWSCAN, do_wireless_ioctl)
2720HANDLE_IOCTL(SIOCSIWESSID, do_wireless_ioctl)
2721HANDLE_IOCTL(SIOCGIWESSID, do_wireless_ioctl)
2722HANDLE_IOCTL(SIOCSIWNICKN, do_wireless_ioctl)
2723HANDLE_IOCTL(SIOCGIWNICKN, do_wireless_ioctl)
2724HANDLE_IOCTL(SIOCSIWENCODE, do_wireless_ioctl)
2725HANDLE_IOCTL(SIOCGIWENCODE, do_wireless_ioctl)
2726HANDLE_IOCTL(SIOCSIFBR, old_bridge_ioctl)
2727HANDLE_IOCTL(SIOCGIFBR, old_bridge_ioctl)
ec3cad96
CH		 2728HANDLE_IOCTL(RTC_IRQP_READ32, rtc_ioctl)
2729HANDLE_IOCTL(RTC_IRQP_SET32, rtc_ioctl)
2730HANDLE_IOCTL(RTC_EPOCH_READ32, rtc_ioctl)
2731HANDLE_IOCTL(RTC_EPOCH_SET32, rtc_ioctl)
1da177e4
LT		 2732
2733#if defined(CONFIG_NCP_FS) || defined(CONFIG_NCP_FS_MODULE)
2734HANDLE_IOCTL(NCP_IOC_NCPREQUEST_32, do_ncp_ncprequest)
2735HANDLE_IOCTL(NCP_IOC_GETMOUNTUID2_32, do_ncp_getmountuid2)
2736HANDLE_IOCTL(NCP_IOC_GET_FS_INFO_V2_32, do_ncp_getfsinfo2)
2737HANDLE_IOCTL(NCP_IOC_GETOBJECTNAME_32, do_ncp_getobjectname)
2738HANDLE_IOCTL(NCP_IOC_SETOBJECTNAME_32, do_ncp_setobjectname)
2739HANDLE_IOCTL(NCP_IOC_GETPRIVATEDATA_32, do_ncp_getprivatedata)
2740HANDLE_IOCTL(NCP_IOC_SETPRIVATEDATA_32, do_ncp_setprivatedata)
2741#endif
2742
6e87abd0 2743/* dvb */
6e87abd0
DM		 2744HANDLE_IOCTL(VIDEO_GET_EVENT, do_video_get_event)
2745HANDLE_IOCTL(VIDEO_STILLPICTURE, do_video_stillpicture)
2746HANDLE_IOCTL(VIDEO_SET_SPU_PALETTE, do_video_set_spu_palette)
c6b44d10
AK		 2747
2748/* parport */
2749COMPATIBLE_IOCTL(LPTIME)
2750COMPATIBLE_IOCTL(LPCHAR)
2751COMPATIBLE_IOCTL(LPABORTOPEN)
2752COMPATIBLE_IOCTL(LPCAREFUL)
2753COMPATIBLE_IOCTL(LPWAIT)
2754COMPATIBLE_IOCTL(LPSETIRQ)
2755COMPATIBLE_IOCTL(LPGETSTATUS)
2756COMPATIBLE_IOCTL(LPGETSTATUS)
2757COMPATIBLE_IOCTL(LPRESET)
2758/*LPGETSTATS not implemented, but no kernels seem to compile it in anyways*/
2759COMPATIBLE_IOCTL(LPGETFLAGS)
2760HANDLE_IOCTL(LPSETTIMEOUT, lp_timeout_trans)
e6a6d2ef 2761};
6e87abd0 2762
e6a6d2ef 2763int ioctl_table_size = ARRAY_SIZE(ioctl_start);
Ubuntu Artful kernel mirror