search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks
[linux/fpc-iii.git] / net / core / dev_ioctl.c
blob151e047ce07283714ce0d9129d9f923f1ac594b4
1 #include <linux/kmod.h>
2 #include <linux/netdevice.h>
3 #include <linux/etherdevice.h>
4 #include <linux/rtnetlink.h>
5 #include <linux/net_tstamp.h>
6 #include <linux/wireless.h>
7 #include <net/wext.h>
8
9 /*
10 * Map an interface index to its name (SIOCGIFNAME)
11 */
12
13 /*
14 * We need this ioctl for efficient implementation of the
15 * if_indextoname() function required by the IPv6 API. Without
16 * it, we would have to search all the interfaces to find a
17 * match. --pb
18 */
19
20 static int dev_ifname(struct net *net, struct ifreq __user *arg)
21 {
22 struct ifreq ifr;
23 int error;
24
25 /*
26 * Fetch the caller's info block.
27 */
28
29 if (copy_from_user(&ifr, arg, sizeof(struct ifreq)))
30 return -EFAULT;
31 ifr.ifr_name[IFNAMSIZ-1] = 0;
32
33 error = netdev_get_name(net, ifr.ifr_name, ifr.ifr_ifindex);
34 if (error)
35 return error;
36
37 if (copy_to_user(arg, &ifr, sizeof(struct ifreq)))
38 return -EFAULT;
39 return 0;
40 }
41
42 static gifconf_func_t *gifconf_list[NPROTO];
43
44 /**
45 * register_gifconf - register a SIOCGIF handler
46 * @family: Address family
47 * @gifconf: Function handler
48 *
49 * Register protocol dependent address dumping routines. The handler
50 * that is passed must not be freed or reused until it has been replaced
51 * by another handler.
52 */
53 int register_gifconf(unsigned int family, gifconf_func_t *gifconf)
54 {
55 if (family >= NPROTO)
56 return -EINVAL;
57 gifconf_list[family] = gifconf;
58 return 0;
59 }
60 EXPORT_SYMBOL(register_gifconf);
61
62 /*
63 * Perform a SIOCGIFCONF call. This structure will change
64 * size eventually, and there is nothing I can do about it.
65 * Thus we will need a 'compatibility mode'.
66 */
67
68 static int dev_ifconf(struct net *net, char __user *arg)
69 {
70 struct ifconf ifc;
71 struct net_device *dev;
72 char __user *pos;
73 int len;
74 int total;
75 int i;
76
77 /*
78 * Fetch the caller's info block.
79 */
80
81 if (copy_from_user(&ifc, arg, sizeof(struct ifconf)))
82 return -EFAULT;
83
84 pos = ifc.ifc_buf;
85 len = ifc.ifc_len;
86
87 /*
88 * Loop over the interfaces, and write an info block for each.
89 */
90
91 total = 0;
92 for_each_netdev(net, dev) {
93 for (i = 0; i < NPROTO; i++) {
94 if (gifconf_list[i]) {
95 int done;
96 if (!pos)
97 done = gifconf_list[i](dev, NULL, 0);
98 else
99 done = gifconf_list[i](dev, pos + total,
100 len - total);
101 if (done < 0)
102 return -EFAULT;
103 total += done;
104 }
105 }
106 }
107
108 /*
109 * All done. Write the updated control block back to the caller.
110 */
111 ifc.ifc_len = total;
112
113 /*
114 * Both BSD and Solaris return 0 here, so we do too.
115 */
116 return copy_to_user(arg, &ifc, sizeof(struct ifconf)) ? -EFAULT : 0;
117 }
118
119 /*
120 * Perform the SIOCxIFxxx calls, inside rcu_read_lock()
121 */
122 static int dev_ifsioc_locked(struct net *net, struct ifreq *ifr, unsigned int cmd)
123 {
124 int err;
125 struct net_device *dev = dev_get_by_name_rcu(net, ifr->ifr_name);
126
127 if (!dev)
128 return -ENODEV;
129
130 switch (cmd) {
131 case SIOCGIFFLAGS: /* Get interface flags */
132 ifr->ifr_flags = (short) dev_get_flags(dev);
133 return 0;
134
135 case SIOCGIFMETRIC: /* Get the metric on the interface
136 (currently unused) */
137 ifr->ifr_metric = 0;
138 return 0;
139
140 case SIOCGIFMTU: /* Get the MTU of a device */
141 ifr->ifr_mtu = dev->mtu;
142 return 0;
143
144 case SIOCGIFHWADDR:
145 if (!dev->addr_len)
146 memset(ifr->ifr_hwaddr.sa_data, 0,
147 sizeof(ifr->ifr_hwaddr.sa_data));
148 else
149 memcpy(ifr->ifr_hwaddr.sa_data, dev->dev_addr,
150 min(sizeof(ifr->ifr_hwaddr.sa_data),
151 (size_t)dev->addr_len));
152 ifr->ifr_hwaddr.sa_family = dev->type;
153 return 0;
154
155 case SIOCGIFSLAVE:
156 err = -EINVAL;
157 break;
158
159 case SIOCGIFMAP:
160 ifr->ifr_map.mem_start = dev->mem_start;
161 ifr->ifr_map.mem_end = dev->mem_end;
162 ifr->ifr_map.base_addr = dev->base_addr;
163 ifr->ifr_map.irq = dev->irq;
164 ifr->ifr_map.dma = dev->dma;
165 ifr->ifr_map.port = dev->if_port;
166 return 0;
167
168 case SIOCGIFINDEX:
169 ifr->ifr_ifindex = dev->ifindex;
170 return 0;
171
172 case SIOCGIFTXQLEN:
173 ifr->ifr_qlen = dev->tx_queue_len;
174 return 0;
175
176 default:
177 /* dev_ioctl() should ensure this case
178 * is never reached
179 */
180 WARN_ON(1);
181 err = -ENOTTY;
182 break;
183
184 }
185 return err;
186 }
187
188 static int net_hwtstamp_validate(struct ifreq *ifr)
189 {
190 struct hwtstamp_config cfg;
191 enum hwtstamp_tx_types tx_type;
192 enum hwtstamp_rx_filters rx_filter;
193 int tx_type_valid = 0;
194 int rx_filter_valid = 0;
195
196 if (copy_from_user(&cfg, ifr->ifr_data, sizeof(cfg)))
197 return -EFAULT;
198
199 if (cfg.flags) /* reserved for future extensions */
200 return -EINVAL;
201
202 tx_type = cfg.tx_type;
203 rx_filter = cfg.rx_filter;
204
205 switch (tx_type) {
206 case HWTSTAMP_TX_OFF:
207 case HWTSTAMP_TX_ON:
208 case HWTSTAMP_TX_ONESTEP_SYNC:
209 tx_type_valid = 1;
210 break;
211 }
212
213 switch (rx_filter) {
214 case HWTSTAMP_FILTER_NONE:
215 case HWTSTAMP_FILTER_ALL:
216 case HWTSTAMP_FILTER_SOME:
217 case HWTSTAMP_FILTER_PTP_V1_L4_EVENT:
218 case HWTSTAMP_FILTER_PTP_V1_L4_SYNC:
219 case HWTSTAMP_FILTER_PTP_V1_L4_DELAY_REQ:
220 case HWTSTAMP_FILTER_PTP_V2_L4_EVENT:
221 case HWTSTAMP_FILTER_PTP_V2_L4_SYNC:
222 case HWTSTAMP_FILTER_PTP_V2_L4_DELAY_REQ:
223 case HWTSTAMP_FILTER_PTP_V2_L2_EVENT:
224 case HWTSTAMP_FILTER_PTP_V2_L2_SYNC:
225 case HWTSTAMP_FILTER_PTP_V2_L2_DELAY_REQ:
226 case HWTSTAMP_FILTER_PTP_V2_EVENT:
227 case HWTSTAMP_FILTER_PTP_V2_SYNC:
228 case HWTSTAMP_FILTER_PTP_V2_DELAY_REQ:
229 rx_filter_valid = 1;
230 break;
231 }
232
233 if (!tx_type_valid || !rx_filter_valid)
234 return -ERANGE;
235
236 return 0;
237 }
238
239 /*
240 * Perform the SIOCxIFxxx calls, inside rtnl_lock()
241 */
242 static int dev_ifsioc(struct net *net, struct ifreq *ifr, unsigned int cmd)
243 {
244 int err;
245 struct net_device *dev = __dev_get_by_name(net, ifr->ifr_name);
246 const struct net_device_ops *ops;
247
248 if (!dev)
249 return -ENODEV;
250
251 ops = dev->netdev_ops;
252
253 switch (cmd) {
254 case SIOCSIFFLAGS: /* Set interface flags */
255 return dev_change_flags(dev, ifr->ifr_flags);
256
257 case SIOCSIFMETRIC: /* Set the metric on the interface
258 (currently unused) */
259 return -EOPNOTSUPP;
260
261 case SIOCSIFMTU: /* Set the MTU of a device */
262 return dev_set_mtu(dev, ifr->ifr_mtu);
263
264 case SIOCSIFHWADDR:
265 return dev_set_mac_address(dev, &ifr->ifr_hwaddr);
266
267 case SIOCSIFHWBROADCAST:
268 if (ifr->ifr_hwaddr.sa_family != dev->type)
269 return -EINVAL;
270 memcpy(dev->broadcast, ifr->ifr_hwaddr.sa_data,
271 min(sizeof(ifr->ifr_hwaddr.sa_data),
272 (size_t)dev->addr_len));
273 call_netdevice_notifiers(NETDEV_CHANGEADDR, dev);
274 return 0;
275
276 case SIOCSIFMAP:
277 if (ops->ndo_set_config) {
278 if (!netif_device_present(dev))
279 return -ENODEV;
280 return ops->ndo_set_config(dev, &ifr->ifr_map);
281 }
282 return -EOPNOTSUPP;
283
284 case SIOCADDMULTI:
285 if (!ops->ndo_set_rx_mode ||
286 ifr->ifr_hwaddr.sa_family != AF_UNSPEC)
287 return -EINVAL;
288 if (!netif_device_present(dev))
289 return -ENODEV;
290 return dev_mc_add_global(dev, ifr->ifr_hwaddr.sa_data);
291
292 case SIOCDELMULTI:
293 if (!ops->ndo_set_rx_mode ||
294 ifr->ifr_hwaddr.sa_family != AF_UNSPEC)
295 return -EINVAL;
296 if (!netif_device_present(dev))
297 return -ENODEV;
298 return dev_mc_del_global(dev, ifr->ifr_hwaddr.sa_data);
299
300 case SIOCSIFTXQLEN:
301 if (ifr->ifr_qlen < 0)
302 return -EINVAL;
303 dev->tx_queue_len = ifr->ifr_qlen;
304 return 0;
305
306 case SIOCSIFNAME:
307 ifr->ifr_newname[IFNAMSIZ-1] = '\0';
308 return dev_change_name(dev, ifr->ifr_newname);
309
310 case SIOCSHWTSTAMP:
311 err = net_hwtstamp_validate(ifr);
312 if (err)
313 return err;
314 /* fall through */
315
316 /*
317 * Unknown or private ioctl
318 */
319 default:
320 if ((cmd >= SIOCDEVPRIVATE &&
321 cmd <= SIOCDEVPRIVATE + 15) ||
322 cmd == SIOCBONDENSLAVE ||
323 cmd == SIOCBONDRELEASE ||
324 cmd == SIOCBONDSETHWADDR ||
325 cmd == SIOCBONDSLAVEINFOQUERY ||
326 cmd == SIOCBONDINFOQUERY ||
327 cmd == SIOCBONDCHANGEACTIVE ||
328 cmd == SIOCGMIIPHY ||
329 cmd == SIOCGMIIREG ||
330 cmd == SIOCSMIIREG ||
331 cmd == SIOCBRADDIF ||
332 cmd == SIOCBRDELIF ||
333 cmd == SIOCSHWTSTAMP ||
334 cmd == SIOCGHWTSTAMP ||
335 cmd == SIOCWANDEV) {
336 err = -EOPNOTSUPP;
337 if (ops->ndo_do_ioctl) {
338 if (netif_device_present(dev))
339 err = ops->ndo_do_ioctl(dev, ifr, cmd);
340 else
341 err = -ENODEV;
342 }
343 } else
344 err = -EINVAL;
345
346 }
347 return err;
348 }
349
350 /**
351 * dev_load - load a network module
352 * @net: the applicable net namespace
353 * @name: name of interface
354 *
355 * If a network interface is not present and the process has suitable
356 * privileges this function loads the module. If module loading is not
357 * available in this kernel then it becomes a nop.
358 */
359
360 void dev_load(struct net *net, const char *name)
361 {
362 struct net_device *dev;
363 int no_module;
364
365 rcu_read_lock();
366 dev = dev_get_by_name_rcu(net, name);
367 rcu_read_unlock();
368
369 no_module = !dev;
370 if (no_module && capable(CAP_NET_ADMIN))
371 no_module = request_module("netdev-%s", name);
372 if (no_module && capable(CAP_SYS_MODULE))
373 request_module("%s", name);
374 }
375 EXPORT_SYMBOL(dev_load);
376
377 /*
378 * This function handles all "interface"-type I/O control requests. The actual
379 * 'doing' part of this is dev_ifsioc above.
380 */
381
382 /**
383 * dev_ioctl - network device ioctl
384 * @net: the applicable net namespace
385 * @cmd: command to issue
386 * @arg: pointer to a struct ifreq in user space
387 *
388 * Issue ioctl functions to devices. This is normally called by the
389 * user space syscall interfaces but can sometimes be useful for
390 * other purposes. The return value is the return from the syscall if
391 * positive or a negative errno code on error.
392 */
393
394 int dev_ioctl(struct net *net, unsigned int cmd, void __user *arg)
395 {
396 struct ifreq ifr;
397 int ret;
398 char *colon;
399
400 /* One special case: SIOCGIFCONF takes ifconf argument
401 and requires shared lock, because it sleeps writing
402 to user space.
403 */
404
405 if (cmd == SIOCGIFCONF) {
406 rtnl_lock();
407 ret = dev_ifconf(net, (char __user *) arg);
408 rtnl_unlock();
409 return ret;
410 }
411 if (cmd == SIOCGIFNAME)
412 return dev_ifname(net, (struct ifreq __user *)arg);
413
414 if (copy_from_user(&ifr, arg, sizeof(struct ifreq)))
415 return -EFAULT;
416
417 ifr.ifr_name[IFNAMSIZ-1] = 0;
418
419 colon = strchr(ifr.ifr_name, ':');
420 if (colon)
421 *colon = 0;
422
423 /*
424 * See which interface the caller is talking about.
425 */
426
427 switch (cmd) {
428 /*
429 * These ioctl calls:
430 * - can be done by all.
431 * - atomic and do not require locking.
432 * - return a value
433 */
434 case SIOCGIFFLAGS:
435 case SIOCGIFMETRIC:
436 case SIOCGIFMTU:
437 case SIOCGIFHWADDR:
438 case SIOCGIFSLAVE:
439 case SIOCGIFMAP:
440 case SIOCGIFINDEX:
441 case SIOCGIFTXQLEN:
442 dev_load(net, ifr.ifr_name);
443 rcu_read_lock();
444 ret = dev_ifsioc_locked(net, &ifr, cmd);
445 rcu_read_unlock();
446 if (!ret) {
447 if (colon)
448 *colon = ':';
449 if (copy_to_user(arg, &ifr,
450 sizeof(struct ifreq)))
451 ret = -EFAULT;
452 }
453 return ret;
454
455 case SIOCETHTOOL:
456 dev_load(net, ifr.ifr_name);
457 rtnl_lock();
458 ret = dev_ethtool(net, &ifr);
459 rtnl_unlock();
460 if (!ret) {
461 if (colon)
462 *colon = ':';
463 if (copy_to_user(arg, &ifr,
464 sizeof(struct ifreq)))
465 ret = -EFAULT;
466 }
467 return ret;
468
469 /*
470 * These ioctl calls:
471 * - require superuser power.
472 * - require strict serialization.
473 * - return a value
474 */
475 case SIOCGMIIPHY:
476 case SIOCGMIIREG:
477 case SIOCSIFNAME:
478 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
479 return -EPERM;
480 dev_load(net, ifr.ifr_name);
481 rtnl_lock();
482 ret = dev_ifsioc(net, &ifr, cmd);
483 rtnl_unlock();
484 if (!ret) {
485 if (colon)
486 *colon = ':';
487 if (copy_to_user(arg, &ifr,
488 sizeof(struct ifreq)))
489 ret = -EFAULT;
490 }
491 return ret;
492
493 /*
494 * These ioctl calls:
495 * - require superuser power.
496 * - require strict serialization.
497 * - do not return a value
498 */
499 case SIOCSIFMAP:
500 case SIOCSIFTXQLEN:
501 if (!capable(CAP_NET_ADMIN))
502 return -EPERM;
503 /* fall through */
504 /*
505 * These ioctl calls:
506 * - require local superuser power.
507 * - require strict serialization.
508 * - do not return a value
509 */
510 case SIOCSIFFLAGS:
511 case SIOCSIFMETRIC:
512 case SIOCSIFMTU:
513 case SIOCSIFHWADDR:
514 case SIOCSIFSLAVE:
515 case SIOCADDMULTI:
516 case SIOCDELMULTI:
517 case SIOCSIFHWBROADCAST:
518 case SIOCSMIIREG:
519 case SIOCBONDENSLAVE:
520 case SIOCBONDRELEASE:
521 case SIOCBONDSETHWADDR:
522 case SIOCBONDCHANGEACTIVE:
523 case SIOCBRADDIF:
524 case SIOCBRDELIF:
525 case SIOCSHWTSTAMP:
526 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
527 return -EPERM;
528 /* fall through */
529 case SIOCBONDSLAVEINFOQUERY:
530 case SIOCBONDINFOQUERY:
531 dev_load(net, ifr.ifr_name);
532 rtnl_lock();
533 ret = dev_ifsioc(net, &ifr, cmd);
534 rtnl_unlock();
535 return ret;
536
537 case SIOCGIFMEM:
538 /* Get the per device memory space. We can add this but
539 * currently do not support it */
540 case SIOCSIFMEM:
541 /* Set the per device memory buffer space.
542 * Not applicable in our case */
543 case SIOCSIFLINK:
544 return -ENOTTY;
545
546 /*
547 * Unknown or private ioctl.
548 */
549 default:
550 if (cmd == SIOCWANDEV ||
551 cmd == SIOCGHWTSTAMP ||
552 (cmd >= SIOCDEVPRIVATE &&
553 cmd <= SIOCDEVPRIVATE + 15)) {
554 dev_load(net, ifr.ifr_name);
555 rtnl_lock();
556 ret = dev_ifsioc(net, &ifr, cmd);
557 rtnl_unlock();
558 if (!ret && copy_to_user(arg, &ifr,
559 sizeof(struct ifreq)))
560 ret = -EFAULT;
561 return ret;
562 }
563 /* Take care of Wireless Extensions */
564 if (cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST)
565 return wext_handle_ioctl(net, &ifr, cmd, arg);
566 return -ENOTTY;
567 }
568 }
Linux with added FPC-III support