1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 2008 David E. O'Brien 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the author nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 __FBSDID("$FreeBSD$"); 34 35 #include <sys/param.h> 36 #include <sys/capsicum.h> 37 #include <sys/cdio.h> 38 #include <sys/fcntl.h> 39 #include <sys/filio.h> 40 #include <sys/file.h> 41 #include <sys/ioccom.h> 42 #include <sys/malloc.h> 43 #include <sys/memrange.h> 44 #include <sys/pciio.h> 45 #include <sys/proc.h> 46 #include <sys/syscall.h> 47 #include <sys/syscallsubr.h> 48 #include <sys/sysctl.h> 49 #include <sys/sysent.h> 50 #include <sys/sysproto.h> 51 #include <sys/systm.h> 52 #include <sys/uio.h> 53 54 #include <compat/freebsd32/freebsd32.h> 55 #include <compat/freebsd32/freebsd32_ioctl.h> 56 #include <compat/freebsd32/freebsd32_misc.h> 57 #include <compat/freebsd32/freebsd32_proto.h> 58 59 CTASSERT(sizeof(struct ioc_read_toc_entry32) == 8); 60 CTASSERT(sizeof(struct mem_range_op32) == 12); 61 CTASSERT(sizeof(struct pci_conf_io32) == 36); 62 CTASSERT(sizeof(struct pci_match_conf32) == 44); 63 CTASSERT(sizeof(struct pci_conf32) == 44); 64 65 static int 66 freebsd32_ioctl_ioc_read_toc(struct thread *td, 67 struct freebsd32_ioctl_args *uap, struct file *fp) 68 { 69 struct ioc_read_toc_entry toce; 70 struct ioc_read_toc_entry32 toce32; 71 int error; 72 73 if ((error = copyin(uap->data, &toce32, sizeof(toce32)))) 74 return (error); 75 CP(toce32, toce, address_format); 76 CP(toce32, toce, starting_track); 77 CP(toce32, toce, data_len); 78 PTRIN_CP(toce32, toce, data); 79 80 if ((error = fo_ioctl(fp, CDIOREADTOCENTRYS, (caddr_t)&toce, 81 td->td_ucred, td))) { 82 CP(toce, toce32, address_format); 83 CP(toce, toce32, starting_track); 84 CP(toce, toce32, data_len); 85 PTROUT_CP(toce, toce32, data); 86 error = copyout(&toce32, uap->data, sizeof(toce32)); 87 } 88 return error; 89 } 90 91 static int 92 freebsd32_ioctl_fiodgname(struct thread *td, 93 struct freebsd32_ioctl_args *uap, struct file *fp) 94 { 95 struct fiodgname_arg fgn; 96 struct fiodgname_arg32 fgn32; 97 int error; 98 99 if ((error = copyin(uap->data, &fgn32, sizeof fgn32)) != 0) 100 return (error); 101 CP(fgn32, fgn, len); 102 PTRIN_CP(fgn32, fgn, buf); 103 error = fo_ioctl(fp, FIODGNAME, (caddr_t)&fgn, td->td_ucred, td); 104 return (error); 105 } 106 107 static int 108 freebsd32_ioctl_memrange(struct thread *td, 109 struct freebsd32_ioctl_args *uap, struct file *fp) 110 { 111 struct mem_range_op mro; 112 struct mem_range_op32 mro32; 113 int error; 114 u_long com; 115 116 if ((error = copyin(uap->data, &mro32, sizeof(mro32))) != 0) 117 return (error); 118 119 PTRIN_CP(mro32, mro, mo_desc); 120 CP(mro32, mro, mo_arg[0]); 121 CP(mro32, mro, mo_arg[1]); 122 123 com = 0; 124 switch (uap->com) { 125 case MEMRANGE_GET32: 126 com = MEMRANGE_GET; 127 break; 128 129 case MEMRANGE_SET32: 130 com = MEMRANGE_SET; 131 break; 132 133 default: 134 panic("%s: unknown MEMRANGE %#x", __func__, uap->com); 135 } 136 137 if ((error = fo_ioctl(fp, com, (caddr_t)&mro, td->td_ucred, td)) != 0) 138 return (error); 139 140 if ( (com & IOC_OUT) ) { 141 CP(mro, mro32, mo_arg[0]); 142 CP(mro, mro32, mo_arg[1]); 143 144 error = copyout(&mro32, uap->data, sizeof(mro32)); 145 } 146 147 return (error); 148 } 149 150 static int 151 freebsd32_ioctl_pciocgetconf(struct thread *td, 152 struct freebsd32_ioctl_args *uap, struct file *fp) 153 { 154 struct pci_conf_io pci; 155 struct pci_conf_io32 pci32; 156 struct pci_match_conf32 pmc32; 157 struct pci_match_conf32 *pmc32p; 158 struct pci_match_conf pmc; 159 struct pci_match_conf *pmcp; 160 struct pci_conf32 pc32; 161 struct pci_conf32 *pc32p; 162 struct pci_conf pc; 163 struct pci_conf *pcp; 164 u_int32_t i; 165 u_int32_t npat_to_convert; 166 u_int32_t nmatch_to_convert; 167 vm_offset_t addr; 168 int error; 169 170 if ((error = copyin(uap->data, &pci32, sizeof(pci32))) != 0) 171 return (error); 172 173 CP(pci32, pci, num_patterns); 174 CP(pci32, pci, offset); 175 CP(pci32, pci, generation); 176 177 npat_to_convert = pci32.pat_buf_len / sizeof(struct pci_match_conf32); 178 pci.pat_buf_len = npat_to_convert * sizeof(struct pci_match_conf); 179 pci.patterns = NULL; 180 nmatch_to_convert = pci32.match_buf_len / sizeof(struct pci_conf32); 181 pci.match_buf_len = nmatch_to_convert * sizeof(struct pci_conf); 182 pci.matches = NULL; 183 184 if ((error = copyout_map(td, &addr, pci.pat_buf_len)) != 0) 185 goto cleanup; 186 pci.patterns = (struct pci_match_conf *)addr; 187 if ((error = copyout_map(td, &addr, pci.match_buf_len)) != 0) 188 goto cleanup; 189 pci.matches = (struct pci_conf *)addr; 190 191 npat_to_convert = min(npat_to_convert, pci.num_patterns); 192 193 for (i = 0, pmc32p = (struct pci_match_conf32 *)PTRIN(pci32.patterns), 194 pmcp = pci.patterns; 195 i < npat_to_convert; i++, pmc32p++, pmcp++) { 196 if ((error = copyin(pmc32p, &pmc32, sizeof(pmc32))) != 0) 197 goto cleanup; 198 CP(pmc32,pmc,pc_sel); 199 strlcpy(pmc.pd_name, pmc32.pd_name, sizeof(pmc.pd_name)); 200 CP(pmc32,pmc,pd_unit); 201 CP(pmc32,pmc,pc_vendor); 202 CP(pmc32,pmc,pc_device); 203 CP(pmc32,pmc,pc_class); 204 CP(pmc32,pmc,flags); 205 if ((error = copyout(&pmc, pmcp, sizeof(pmc))) != 0) 206 goto cleanup; 207 } 208 209 if ((error = fo_ioctl(fp, PCIOCGETCONF, (caddr_t)&pci, 210 td->td_ucred, td)) != 0) 211 goto cleanup; 212 213 nmatch_to_convert = min(nmatch_to_convert, pci.num_matches); 214 215 for (i = 0, pcp = pci.matches, 216 pc32p = (struct pci_conf32 *)PTRIN(pci32.matches); 217 i < nmatch_to_convert; i++, pcp++, pc32p++) { 218 if ((error = copyin(pcp, &pc, sizeof(pc))) != 0) 219 goto cleanup; 220 CP(pc,pc32,pc_sel); 221 CP(pc,pc32,pc_hdr); 222 CP(pc,pc32,pc_subvendor); 223 CP(pc,pc32,pc_subdevice); 224 CP(pc,pc32,pc_vendor); 225 CP(pc,pc32,pc_device); 226 CP(pc,pc32,pc_class); 227 CP(pc,pc32,pc_subclass); 228 CP(pc,pc32,pc_progif); 229 CP(pc,pc32,pc_revid); 230 strlcpy(pc32.pd_name, pc.pd_name, sizeof(pc32.pd_name)); 231 CP(pc,pc32,pd_unit); 232 if ((error = copyout(&pc32, pc32p, sizeof(pc32))) != 0) 233 goto cleanup; 234 } 235 236 CP(pci, pci32, num_matches); 237 CP(pci, pci32, offset); 238 CP(pci, pci32, generation); 239 CP(pci, pci32, status); 240 241 error = copyout(&pci32, uap->data, sizeof(pci32)); 242 243 cleanup: 244 if (pci.patterns) 245 copyout_unmap(td, (vm_offset_t)pci.patterns, pci.pat_buf_len); 246 if (pci.matches) 247 copyout_unmap(td, (vm_offset_t)pci.matches, pci.match_buf_len); 248 249 return (error); 250 } 251 252 static int 253 freebsd32_ioctl_barmmap(struct thread *td, 254 struct freebsd32_ioctl_args *uap, struct file *fp) 255 { 256 struct pci_bar_mmap32 pbm32; 257 struct pci_bar_mmap pbm; 258 int error; 259 260 error = copyin(uap->data, &pbm32, sizeof(pbm32)); 261 if (error != 0) 262 return (error); 263 PTRIN_CP(pbm32, pbm, pbm_map_base); 264 CP(pbm32, pbm, pbm_sel); 265 CP(pbm32, pbm, pbm_reg); 266 CP(pbm32, pbm, pbm_flags); 267 CP(pbm32, pbm, pbm_memattr); 268 pbm.pbm_bar_length = PAIR32TO64(uint64_t, pbm32.pbm_bar_length); 269 error = fo_ioctl(fp, PCIOCBARMMAP, (caddr_t)&pbm, td->td_ucred, td); 270 if (error == 0) { 271 PTROUT_CP(pbm, pbm32, pbm_map_base); 272 CP(pbm, pbm32, pbm_map_length); 273 #if BYTE_ORDER == LITTLE_ENDIAN 274 pbm32.pbm_bar_length1 = pbm.pbm_bar_length; 275 pbm32.pbm_bar_length2 = pbm.pbm_bar_length >> 32; 276 #else 277 pbm32.pbm_bar_length1 = pbm.pbm_bar_length >> 32; 278 pbm32.pbm_bar_length2 = pbm.pbm_bar_length; 279 #endif 280 CP(pbm, pbm32, pbm_bar_off); 281 error = copyout(&pbm32, uap->data, sizeof(pbm32)); 282 } 283 return (error); 284 } 285 286 static int 287 freebsd32_ioctl_sg(struct thread *td, 288 struct freebsd32_ioctl_args *uap, struct file *fp) 289 { 290 struct sg_io_hdr io; 291 struct sg_io_hdr32 io32; 292 int error; 293 294 if ((error = copyin(uap->data, &io32, sizeof(io32))) != 0) 295 return (error); 296 297 CP(io32, io, interface_id); 298 CP(io32, io, dxfer_direction); 299 CP(io32, io, cmd_len); 300 CP(io32, io, mx_sb_len); 301 CP(io32, io, iovec_count); 302 CP(io32, io, dxfer_len); 303 PTRIN_CP(io32, io, dxferp); 304 PTRIN_CP(io32, io, cmdp); 305 PTRIN_CP(io32, io, sbp); 306 CP(io32, io, timeout); 307 CP(io32, io, flags); 308 CP(io32, io, pack_id); 309 PTRIN_CP(io32, io, usr_ptr); 310 CP(io32, io, status); 311 CP(io32, io, masked_status); 312 CP(io32, io, msg_status); 313 CP(io32, io, sb_len_wr); 314 CP(io32, io, host_status); 315 CP(io32, io, driver_status); 316 CP(io32, io, resid); 317 CP(io32, io, duration); 318 CP(io32, io, info); 319 320 if ((error = fo_ioctl(fp, SG_IO, (caddr_t)&io, td->td_ucred, td)) != 0) 321 return (error); 322 323 CP(io, io32, interface_id); 324 CP(io, io32, dxfer_direction); 325 CP(io, io32, cmd_len); 326 CP(io, io32, mx_sb_len); 327 CP(io, io32, iovec_count); 328 CP(io, io32, dxfer_len); 329 PTROUT_CP(io, io32, dxferp); 330 PTROUT_CP(io, io32, cmdp); 331 PTROUT_CP(io, io32, sbp); 332 CP(io, io32, timeout); 333 CP(io, io32, flags); 334 CP(io, io32, pack_id); 335 PTROUT_CP(io, io32, usr_ptr); 336 CP(io, io32, status); 337 CP(io, io32, masked_status); 338 CP(io, io32, msg_status); 339 CP(io, io32, sb_len_wr); 340 CP(io, io32, host_status); 341 CP(io, io32, driver_status); 342 CP(io, io32, resid); 343 CP(io, io32, duration); 344 CP(io, io32, info); 345 346 error = copyout(&io32, uap->data, sizeof(io32)); 347 348 return (error); 349 } 350 351 int 352 freebsd32_ioctl(struct thread *td, struct freebsd32_ioctl_args *uap) 353 { 354 struct ioctl_args ap /*{ 355 int fd; 356 u_long com; 357 caddr_t data; 358 }*/ ; 359 struct file *fp; 360 cap_rights_t rights; 361 int error; 362 363 error = fget(td, uap->fd, cap_rights_init(&rights, CAP_IOCTL), &fp); 364 if (error != 0) 365 return (error); 366 if ((fp->f_flag & (FREAD | FWRITE)) == 0) { 367 fdrop(fp, td); 368 return (EBADF); 369 } 370 371 switch (uap->com) { 372 case CDIOREADTOCENTRYS_32: 373 error = freebsd32_ioctl_ioc_read_toc(td, uap, fp); 374 break; 375 376 case FIODGNAME_32: 377 error = freebsd32_ioctl_fiodgname(td, uap, fp); 378 break; 379 380 case MEMRANGE_GET32: /* FALLTHROUGH */ 381 case MEMRANGE_SET32: 382 error = freebsd32_ioctl_memrange(td, uap, fp); 383 break; 384 385 case PCIOCGETCONF_32: 386 error = freebsd32_ioctl_pciocgetconf(td, uap, fp); 387 break; 388 389 case SG_IO_32: 390 error = freebsd32_ioctl_sg(td, uap, fp); 391 break; 392 393 case PCIOCBARMMAP_32: 394 error = freebsd32_ioctl_barmmap(td, uap, fp); 395 break; 396 397 default: 398 fdrop(fp, td); 399 ap.fd = uap->fd; 400 ap.com = uap->com; 401 PTRIN_CP(*uap, ap, data); 402 return sys_ioctl(td, &ap); 403 } 404 405 fdrop(fp, td); 406 return (error); 407 } 408