| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370 | // SPDX-License-Identifier: GPL-2.0/* ATM ioctl handling *//* Written 1995-2000 by Werner Almesberger, EPFL LRC/ICA *//* 2003 John Levon  <levon@movementarian.org> */#define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__#include <linux/module.h>#include <linux/kmod.h>#include <linux/net.h>		/* struct socket, struct proto_ops */#include <linux/atm.h>		/* ATM stuff */#include <linux/atmdev.h>#include <linux/atmclip.h>	/* CLIP_*ENCAP */#include <linux/atmarp.h>	/* manifest constants */#include <linux/capability.h>#include <linux/sonet.h>	/* for ioctls */#include <linux/atmsvc.h>#include <linux/atmmpc.h>#include <net/atmclip.h>#include <linux/atmlec.h>#include <linux/mutex.h>#include <asm/ioctls.h>#include <net/compat.h>#include "resources.h"#include "signaling.h"		/* for WAITING and sigd_attach */#include "common.h"static DEFINE_MUTEX(ioctl_mutex);static LIST_HEAD(ioctl_list);void register_atm_ioctl(struct atm_ioctl *ioctl){	mutex_lock(&ioctl_mutex);	list_add_tail(&ioctl->list, &ioctl_list);	mutex_unlock(&ioctl_mutex);}EXPORT_SYMBOL(register_atm_ioctl);void deregister_atm_ioctl(struct atm_ioctl *ioctl){	mutex_lock(&ioctl_mutex);	list_del(&ioctl->list);	mutex_unlock(&ioctl_mutex);}EXPORT_SYMBOL(deregister_atm_ioctl);static int do_vcc_ioctl(struct socket *sock, unsigned int cmd,			unsigned long arg, int compat){	struct sock *sk = sock->sk;	struct atm_vcc *vcc;	int error;	struct list_head *pos;	void __user *argp = (void __user *)arg;	vcc = ATM_SD(sock);	switch (cmd) {	case SIOCOUTQ:		if (sock->state != SS_CONNECTED ||		    !test_bit(ATM_VF_READY, &vcc->flags)) {			error =  -EINVAL;			goto done;		}		error = put_user(sk->sk_sndbuf - sk_wmem_alloc_get(sk),				 (int __user *)argp) ? -EFAULT : 0;		goto done;	case SIOCINQ:	{		struct sk_buff *skb;		if (sock->state != SS_CONNECTED) {			error = -EINVAL;			goto done;		}		skb = skb_peek(&sk->sk_receive_queue);		error = put_user(skb ? skb->len : 0,				 (int __user *)argp) ? -EFAULT : 0;		goto done;	}	case SIOCGSTAMP: /* borrowed from IP */#ifdef CONFIG_COMPAT		if (compat)			error = compat_sock_get_timestamp(sk, argp);		else#endif			error = sock_get_timestamp(sk, argp);		goto done;	case SIOCGSTAMPNS: /* borrowed from IP */#ifdef CONFIG_COMPAT		if (compat)			error = compat_sock_get_timestampns(sk, argp);		else#endif			error = sock_get_timestampns(sk, argp);		goto done;	case ATM_SETSC:		net_warn_ratelimited("ATM_SETSC is obsolete; used by %s:%d\n",				     current->comm, task_pid_nr(current));		error = 0;		goto done;	case ATMSIGD_CTRL:		if (!capable(CAP_NET_ADMIN)) {			error = -EPERM;			goto done;		}		/*		 * The user/kernel protocol for exchanging signalling		 * info uses kernel pointers as opaque references,		 * so the holder of the file descriptor can scribble		 * on the kernel... so we should make sure that we		 * have the same privileges that /proc/kcore needs		 */		if (!capable(CAP_SYS_RAWIO)) {			error = -EPERM;			goto done;		}#ifdef CONFIG_COMPAT		/* WTF? I don't even want to _think_ about making this		   work for 32-bit userspace. TBH I don't really want		   to think about it at all. dwmw2. */		if (compat) {			net_warn_ratelimited("32-bit task cannot be atmsigd\n");			error = -EINVAL;			goto done;		}#endif		error = sigd_attach(vcc);		if (!error)			sock->state = SS_CONNECTED;		goto done;	case ATM_SETBACKEND:	case ATM_NEWBACKENDIF:	{		atm_backend_t backend;		error = get_user(backend, (atm_backend_t __user *)argp);		if (error)			goto done;		switch (backend) {		case ATM_BACKEND_PPP:			request_module("pppoatm");			break;		case ATM_BACKEND_BR2684:			request_module("br2684");			break;		}		break;	}	case ATMMPC_CTRL:	case ATMMPC_DATA:		request_module("mpoa");		break;	case ATMARPD_CTRL:		request_module("clip");		break;	case ATMLEC_CTRL:		request_module("lec");		break;	}	error = -ENOIOCTLCMD;	mutex_lock(&ioctl_mutex);	list_for_each(pos, &ioctl_list) {		struct atm_ioctl *ic = list_entry(pos, struct atm_ioctl, list);		if (try_module_get(ic->owner)) {			error = ic->ioctl(sock, cmd, arg);			module_put(ic->owner);			if (error != -ENOIOCTLCMD)				break;		}	}	mutex_unlock(&ioctl_mutex);	if (error != -ENOIOCTLCMD)		goto done;	error = atm_dev_ioctl(cmd, argp, compat);done:	return error;}int vcc_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg){	return do_vcc_ioctl(sock, cmd, arg, 0);}#ifdef CONFIG_COMPAT/* * FIXME: * The compat_ioctl handling is duplicated, using both these conversion * routines and the compat argument to the actual handlers. Both * versions are somewhat incomplete and should be merged, e.g. by * moving the ioctl number translation into the actual handlers and * killing the conversion code. * * -arnd, November 2009 */#define ATM_GETLINKRATE32 _IOW('a', ATMIOC_ITF+1, struct compat_atmif_sioc)#define ATM_GETNAMES32    _IOW('a', ATMIOC_ITF+3, struct compat_atm_iobuf)#define ATM_GETTYPE32     _IOW('a', ATMIOC_ITF+4, struct compat_atmif_sioc)#define ATM_GETESI32	  _IOW('a', ATMIOC_ITF+5, struct compat_atmif_sioc)#define ATM_GETADDR32	  _IOW('a', ATMIOC_ITF+6, struct compat_atmif_sioc)#define ATM_RSTADDR32	  _IOW('a', ATMIOC_ITF+7, struct compat_atmif_sioc)#define ATM_ADDADDR32	  _IOW('a', ATMIOC_ITF+8, struct compat_atmif_sioc)#define ATM_DELADDR32	  _IOW('a', ATMIOC_ITF+9, struct compat_atmif_sioc)#define ATM_GETCIRANGE32  _IOW('a', ATMIOC_ITF+10, struct compat_atmif_sioc)#define ATM_SETCIRANGE32  _IOW('a', ATMIOC_ITF+11, struct compat_atmif_sioc)#define ATM_SETESI32      _IOW('a', ATMIOC_ITF+12, struct compat_atmif_sioc)#define ATM_SETESIF32     _IOW('a', ATMIOC_ITF+13, struct compat_atmif_sioc)#define ATM_GETSTAT32     _IOW('a', ATMIOC_SARCOM+0, struct compat_atmif_sioc)#define ATM_GETSTATZ32    _IOW('a', ATMIOC_SARCOM+1, struct compat_atmif_sioc)#define ATM_GETLOOP32	  _IOW('a', ATMIOC_SARCOM+2, struct compat_atmif_sioc)#define ATM_SETLOOP32	  _IOW('a', ATMIOC_SARCOM+3, struct compat_atmif_sioc)#define ATM_QUERYLOOP32	  _IOW('a', ATMIOC_SARCOM+4, struct compat_atmif_sioc)static struct {	unsigned int cmd32;	unsigned int cmd;} atm_ioctl_map[] = {	{ ATM_GETLINKRATE32, ATM_GETLINKRATE },	{ ATM_GETNAMES32,    ATM_GETNAMES },	{ ATM_GETTYPE32,     ATM_GETTYPE },	{ ATM_GETESI32,	     ATM_GETESI },	{ ATM_GETADDR32,     ATM_GETADDR },	{ ATM_RSTADDR32,     ATM_RSTADDR },	{ ATM_ADDADDR32,     ATM_ADDADDR },	{ ATM_DELADDR32,     ATM_DELADDR },	{ ATM_GETCIRANGE32,  ATM_GETCIRANGE },	{ ATM_SETCIRANGE32,  ATM_SETCIRANGE },	{ ATM_SETESI32,	     ATM_SETESI },	{ ATM_SETESIF32,     ATM_SETESIF },	{ ATM_GETSTAT32,     ATM_GETSTAT },	{ ATM_GETSTATZ32,    ATM_GETSTATZ },	{ ATM_GETLOOP32,     ATM_GETLOOP },	{ ATM_SETLOOP32,     ATM_SETLOOP },	{ ATM_QUERYLOOP32,   ATM_QUERYLOOP },};#define NR_ATM_IOCTL ARRAY_SIZE(atm_ioctl_map)static int do_atm_iobuf(struct socket *sock, unsigned int cmd,			unsigned long arg){	struct atm_iobuf __user *iobuf;	struct compat_atm_iobuf __user *iobuf32;	u32 data;	void __user *datap;	int len, err;	iobuf = compat_alloc_user_space(sizeof(*iobuf));	iobuf32 = compat_ptr(arg);	if (get_user(len, &iobuf32->length) ||	    get_user(data, &iobuf32->buffer))		return -EFAULT;	datap = compat_ptr(data);	if (put_user(len, &iobuf->length) ||	    put_user(datap, &iobuf->buffer))		return -EFAULT;	err = do_vcc_ioctl(sock, cmd, (unsigned long) iobuf, 0);	if (!err) {		if (copy_in_user(&iobuf32->length, &iobuf->length,				 sizeof(int)))			err = -EFAULT;	}	return err;}static int do_atmif_sioc(struct socket *sock, unsigned int cmd,			 unsigned long arg){	struct atmif_sioc __user *sioc;	struct compat_atmif_sioc __user *sioc32;	u32 data;	void __user *datap;	int err;	sioc = compat_alloc_user_space(sizeof(*sioc));	sioc32 = compat_ptr(arg);	if (copy_in_user(&sioc->number, &sioc32->number, 2 * sizeof(int)) ||	    get_user(data, &sioc32->arg))		return -EFAULT;	datap = compat_ptr(data);	if (put_user(datap, &sioc->arg))		return -EFAULT;	err = do_vcc_ioctl(sock, cmd, (unsigned long) sioc, 0);	if (!err) {		if (copy_in_user(&sioc32->length, &sioc->length,				 sizeof(int)))			err = -EFAULT;	}	return err;}static int do_atm_ioctl(struct socket *sock, unsigned int cmd32,			unsigned long arg){	int i;	unsigned int cmd = 0;	switch (cmd32) {	case SONET_GETSTAT:	case SONET_GETSTATZ:	case SONET_GETDIAG:	case SONET_SETDIAG:	case SONET_CLRDIAG:	case SONET_SETFRAMING:	case SONET_GETFRAMING:	case SONET_GETFRSENSE:		return do_atmif_sioc(sock, cmd32, arg);	}	for (i = 0; i < NR_ATM_IOCTL; i++) {		if (cmd32 == atm_ioctl_map[i].cmd32) {			cmd = atm_ioctl_map[i].cmd;			break;		}	}	if (i == NR_ATM_IOCTL)		return -EINVAL;	switch (cmd) {	case ATM_GETNAMES:		return do_atm_iobuf(sock, cmd, arg);	case ATM_GETLINKRATE:	case ATM_GETTYPE:	case ATM_GETESI:	case ATM_GETADDR:	case ATM_RSTADDR:	case ATM_ADDADDR:	case ATM_DELADDR:	case ATM_GETCIRANGE:	case ATM_SETCIRANGE:	case ATM_SETESI:	case ATM_SETESIF:	case ATM_GETSTAT:	case ATM_GETSTATZ:	case ATM_GETLOOP:	case ATM_SETLOOP:	case ATM_QUERYLOOP:		return do_atmif_sioc(sock, cmd, arg);	}	return -EINVAL;}int vcc_compat_ioctl(struct socket *sock, unsigned int cmd,		     unsigned long arg){	int ret;	ret = do_vcc_ioctl(sock, cmd, arg, 1);	if (ret != -ENOIOCTLCMD)		return ret;	return do_atm_ioctl(sock, cmd, arg);}#endif
 |