1 /*- 2 * Copyright (c) 2008 David E. O'Brien 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the author nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #include <sys/cdefs.h> 31 __FBSDID("$FreeBSD$"); 32 33 #include "opt_compat.h" 34 35 #include <sys/param.h> 36 #include <sys/capsicum.h> 37 #include <sys/cdio.h> 38 #include <sys/fcntl.h> 39 #include <sys/filio.h> 40 #include <sys/file.h> 41 #include <sys/ioccom.h> 42 #include <sys/malloc.h> 43 #include <sys/mdioctl.h> 44 #include <sys/memrange.h> 45 #include <sys/pciio.h> 46 #include <sys/proc.h> 47 #include <sys/syscall.h> 48 #include <sys/syscallsubr.h> 49 #include <sys/sysctl.h> 50 #include <sys/sysent.h> 51 #include <sys/sysproto.h> 52 #include <sys/systm.h> 53 54 #include <compat/freebsd32/freebsd32.h> 55 #include <compat/freebsd32/freebsd32_ioctl.h> 56 #include <compat/freebsd32/freebsd32_proto.h> 57 58 /* Cannot get exact size in 64-bit due to alignment issue of entire struct. */ 59 CTASSERT((sizeof(struct md_ioctl32)+4) == 436); 60 CTASSERT(sizeof(struct ioc_read_toc_entry32) == 8); 61 CTASSERT(sizeof(struct mem_range_op32) == 12); 62 CTASSERT(sizeof(struct pci_conf_io32) == 36); 63 CTASSERT(sizeof(struct pci_match_conf32) == 44); 64 CTASSERT(sizeof(struct pci_conf32) == 44); 65 66 67 static int 68 freebsd32_ioctl_md(struct thread *td, struct freebsd32_ioctl_args *uap, 69 struct file *fp) 70 { 71 struct md_ioctl mdv; 72 struct md_ioctl32 md32; 73 u_long com = 0; 74 int i, error; 75 76 if (uap->com & IOC_IN) { 77 if ((error = copyin(uap->data, &md32, sizeof(md32)))) { 78 return (error); 79 } 80 CP(md32, mdv, md_version); 81 CP(md32, mdv, md_unit); 82 CP(md32, mdv, md_type); 83 PTRIN_CP(md32, mdv, md_file); 84 CP(md32, mdv, md_mediasize); 85 CP(md32, mdv, md_sectorsize); 86 CP(md32, mdv, md_options); 87 CP(md32, mdv, md_base); 88 CP(md32, mdv, md_fwheads); 89 CP(md32, mdv, md_fwsectors); 90 } else if (uap->com & IOC_OUT) { 91 /* 92 * Zero the buffer so the user always 93 * gets back something deterministic. 94 */ 95 bzero(&mdv, sizeof mdv); 96 } 97 98 switch (uap->com) { 99 case MDIOCATTACH_32: 100 com = MDIOCATTACH; 101 break; 102 case MDIOCDETACH_32: 103 com = MDIOCDETACH; 104 break; 105 case MDIOCQUERY_32: 106 com = MDIOCQUERY; 107 break; 108 case MDIOCLIST_32: 109 com = MDIOCLIST; 110 break; 111 default: 112 panic("%s: unknown MDIOC %#x", __func__, uap->com); 113 } 114 error = fo_ioctl(fp, com, (caddr_t)&mdv, td->td_ucred, td); 115 if (error == 0 && (com & IOC_OUT)) { 116 CP(mdv, md32, md_version); 117 CP(mdv, md32, md_unit); 118 CP(mdv, md32, md_type); 119 PTROUT_CP(mdv, md32, md_file); 120 CP(mdv, md32, md_mediasize); 121 CP(mdv, md32, md_sectorsize); 122 CP(mdv, md32, md_options); 123 CP(mdv, md32, md_base); 124 CP(mdv, md32, md_fwheads); 125 CP(mdv, md32, md_fwsectors); 126 if (com == MDIOCLIST) { 127 /* 128 * Use MDNPAD, and not MDNPAD32. Padding is 129 * allocated and used by compat32 ABI. 130 */ 131 for (i = 0; i < MDNPAD; i++) 132 CP(mdv, md32, md_pad[i]); 133 } 134 error = copyout(&md32, uap->data, sizeof(md32)); 135 } 136 return error; 137 } 138 139 140 static int 141 freebsd32_ioctl_ioc_read_toc(struct thread *td, 142 struct freebsd32_ioctl_args *uap, struct file *fp) 143 { 144 struct ioc_read_toc_entry toce; 145 struct ioc_read_toc_entry32 toce32; 146 int error; 147 148 if ((error = copyin(uap->data, &toce32, sizeof(toce32)))) 149 return (error); 150 CP(toce32, toce, address_format); 151 CP(toce32, toce, starting_track); 152 CP(toce32, toce, data_len); 153 PTRIN_CP(toce32, toce, data); 154 155 if ((error = fo_ioctl(fp, CDIOREADTOCENTRYS, (caddr_t)&toce, 156 td->td_ucred, td))) { 157 CP(toce, toce32, address_format); 158 CP(toce, toce32, starting_track); 159 CP(toce, toce32, data_len); 160 PTROUT_CP(toce, toce32, data); 161 error = copyout(&toce32, uap->data, sizeof(toce32)); 162 } 163 return error; 164 } 165 166 static int 167 freebsd32_ioctl_fiodgname(struct thread *td, 168 struct freebsd32_ioctl_args *uap, struct file *fp) 169 { 170 struct fiodgname_arg fgn; 171 struct fiodgname_arg32 fgn32; 172 int error; 173 174 if ((error = copyin(uap->data, &fgn32, sizeof fgn32)) != 0) 175 return (error); 176 CP(fgn32, fgn, len); 177 PTRIN_CP(fgn32, fgn, buf); 178 error = fo_ioctl(fp, FIODGNAME, (caddr_t)&fgn, td->td_ucred, td); 179 return (error); 180 } 181 182 static int 183 freebsd32_ioctl_memrange(struct thread *td, 184 struct freebsd32_ioctl_args *uap, struct file *fp) 185 { 186 struct mem_range_op mro; 187 struct mem_range_op32 mro32; 188 int error; 189 u_long com; 190 191 if ((error = copyin(uap->data, &mro32, sizeof(mro32))) != 0) 192 return (error); 193 194 PTRIN_CP(mro32, mro, mo_desc); 195 CP(mro32, mro, mo_arg[0]); 196 CP(mro32, mro, mo_arg[1]); 197 198 com = 0; 199 switch (uap->com) { 200 case MEMRANGE_GET32: 201 com = MEMRANGE_GET; 202 break; 203 204 case MEMRANGE_SET32: 205 com = MEMRANGE_SET; 206 break; 207 208 default: 209 panic("%s: unknown MEMRANGE %#x", __func__, uap->com); 210 } 211 212 if ((error = fo_ioctl(fp, com, (caddr_t)&mro, td->td_ucred, td)) != 0) 213 return (error); 214 215 if ( (com & IOC_OUT) ) { 216 CP(mro, mro32, mo_arg[0]); 217 CP(mro, mro32, mo_arg[1]); 218 219 error = copyout(&mro32, uap->data, sizeof(mro32)); 220 } 221 222 return (error); 223 } 224 225 static int 226 freebsd32_ioctl_pciocgetconf(struct thread *td, 227 struct freebsd32_ioctl_args *uap, struct file *fp) 228 { 229 struct pci_conf_io pci; 230 struct pci_conf_io32 pci32; 231 struct pci_match_conf32 pmc32; 232 struct pci_match_conf32 *pmc32p; 233 struct pci_match_conf pmc; 234 struct pci_match_conf *pmcp; 235 struct pci_conf32 pc32; 236 struct pci_conf32 *pc32p; 237 struct pci_conf pc; 238 struct pci_conf *pcp; 239 u_int32_t i; 240 u_int32_t npat_to_convert; 241 u_int32_t nmatch_to_convert; 242 vm_offset_t addr; 243 int error; 244 245 if ((error = copyin(uap->data, &pci32, sizeof(pci32))) != 0) 246 return (error); 247 248 CP(pci32, pci, num_patterns); 249 CP(pci32, pci, offset); 250 CP(pci32, pci, generation); 251 252 npat_to_convert = pci32.pat_buf_len / sizeof(struct pci_match_conf32); 253 pci.pat_buf_len = npat_to_convert * sizeof(struct pci_match_conf); 254 pci.patterns = NULL; 255 nmatch_to_convert = pci32.match_buf_len / sizeof(struct pci_conf32); 256 pci.match_buf_len = nmatch_to_convert * sizeof(struct pci_conf); 257 pci.matches = NULL; 258 259 if ((error = copyout_map(td, &addr, pci.pat_buf_len)) != 0) 260 goto cleanup; 261 pci.patterns = (struct pci_match_conf *)addr; 262 if ((error = copyout_map(td, &addr, pci.match_buf_len)) != 0) 263 goto cleanup; 264 pci.matches = (struct pci_conf *)addr; 265 266 npat_to_convert = min(npat_to_convert, pci.num_patterns); 267 268 for (i = 0, pmc32p = (struct pci_match_conf32 *)PTRIN(pci32.patterns), 269 pmcp = pci.patterns; 270 i < npat_to_convert; i++, pmc32p++, pmcp++) { 271 if ((error = copyin(pmc32p, &pmc32, sizeof(pmc32))) != 0) 272 goto cleanup; 273 CP(pmc32,pmc,pc_sel); 274 strlcpy(pmc.pd_name, pmc32.pd_name, sizeof(pmc.pd_name)); 275 CP(pmc32,pmc,pd_unit); 276 CP(pmc32,pmc,pc_vendor); 277 CP(pmc32,pmc,pc_device); 278 CP(pmc32,pmc,pc_class); 279 CP(pmc32,pmc,flags); 280 if ((error = copyout(&pmc, pmcp, sizeof(pmc))) != 0) 281 goto cleanup; 282 } 283 284 if ((error = fo_ioctl(fp, PCIOCGETCONF, (caddr_t)&pci, 285 td->td_ucred, td)) != 0) 286 goto cleanup; 287 288 nmatch_to_convert = min(nmatch_to_convert, pci.num_matches); 289 290 for (i = 0, pcp = pci.matches, 291 pc32p = (struct pci_conf32 *)PTRIN(pci32.matches); 292 i < nmatch_to_convert; i++, pcp++, pc32p++) { 293 if ((error = copyin(pcp, &pc, sizeof(pc))) != 0) 294 goto cleanup; 295 CP(pc,pc32,pc_sel); 296 CP(pc,pc32,pc_hdr); 297 CP(pc,pc32,pc_subvendor); 298 CP(pc,pc32,pc_subdevice); 299 CP(pc,pc32,pc_vendor); 300 CP(pc,pc32,pc_device); 301 CP(pc,pc32,pc_class); 302 CP(pc,pc32,pc_subclass); 303 CP(pc,pc32,pc_progif); 304 CP(pc,pc32,pc_revid); 305 strlcpy(pc32.pd_name, pc.pd_name, sizeof(pc32.pd_name)); 306 CP(pc,pc32,pd_unit); 307 if ((error = copyout(&pc32, pc32p, sizeof(pc32))) != 0) 308 goto cleanup; 309 } 310 311 CP(pci, pci32, num_matches); 312 CP(pci, pci32, offset); 313 CP(pci, pci32, generation); 314 CP(pci, pci32, status); 315 316 error = copyout(&pci32, uap->data, sizeof(pci32)); 317 318 cleanup: 319 if (pci.patterns) 320 copyout_unmap(td, (vm_offset_t)pci.patterns, pci.pat_buf_len); 321 if (pci.matches) 322 copyout_unmap(td, (vm_offset_t)pci.matches, pci.match_buf_len); 323 324 return (error); 325 } 326 327 static int 328 freebsd32_ioctl_sg(struct thread *td, 329 struct freebsd32_ioctl_args *uap, struct file *fp) 330 { 331 struct sg_io_hdr io; 332 struct sg_io_hdr32 io32; 333 int error; 334 335 if ((error = copyin(uap->data, &io32, sizeof(io32))) != 0) 336 return (error); 337 338 CP(io32, io, interface_id); 339 CP(io32, io, dxfer_direction); 340 CP(io32, io, cmd_len); 341 CP(io32, io, mx_sb_len); 342 CP(io32, io, iovec_count); 343 CP(io32, io, dxfer_len); 344 PTRIN_CP(io32, io, dxferp); 345 PTRIN_CP(io32, io, cmdp); 346 PTRIN_CP(io32, io, sbp); 347 CP(io32, io, timeout); 348 CP(io32, io, flags); 349 CP(io32, io, pack_id); 350 PTRIN_CP(io32, io, usr_ptr); 351 CP(io32, io, status); 352 CP(io32, io, masked_status); 353 CP(io32, io, msg_status); 354 CP(io32, io, sb_len_wr); 355 CP(io32, io, host_status); 356 CP(io32, io, driver_status); 357 CP(io32, io, resid); 358 CP(io32, io, duration); 359 CP(io32, io, info); 360 361 if ((error = fo_ioctl(fp, SG_IO, (caddr_t)&io, td->td_ucred, td)) != 0) 362 return (error); 363 364 CP(io, io32, interface_id); 365 CP(io, io32, dxfer_direction); 366 CP(io, io32, cmd_len); 367 CP(io, io32, mx_sb_len); 368 CP(io, io32, iovec_count); 369 CP(io, io32, dxfer_len); 370 PTROUT_CP(io, io32, dxferp); 371 PTROUT_CP(io, io32, cmdp); 372 PTROUT_CP(io, io32, sbp); 373 CP(io, io32, timeout); 374 CP(io, io32, flags); 375 CP(io, io32, pack_id); 376 PTROUT_CP(io, io32, usr_ptr); 377 CP(io, io32, status); 378 CP(io, io32, masked_status); 379 CP(io, io32, msg_status); 380 CP(io, io32, sb_len_wr); 381 CP(io, io32, host_status); 382 CP(io, io32, driver_status); 383 CP(io, io32, resid); 384 CP(io, io32, duration); 385 CP(io, io32, info); 386 387 error = copyout(&io32, uap->data, sizeof(io32)); 388 389 return (error); 390 } 391 392 int 393 freebsd32_ioctl(struct thread *td, struct freebsd32_ioctl_args *uap) 394 { 395 struct ioctl_args ap /*{ 396 int fd; 397 u_long com; 398 caddr_t data; 399 }*/ ; 400 struct file *fp; 401 cap_rights_t rights; 402 int error; 403 404 error = fget(td, uap->fd, cap_rights_init(&rights, CAP_IOCTL), &fp); 405 if (error != 0) 406 return (error); 407 if ((fp->f_flag & (FREAD | FWRITE)) == 0) { 408 fdrop(fp, td); 409 return (EBADF); 410 } 411 412 switch (uap->com) { 413 case MDIOCATTACH_32: /* FALLTHROUGH */ 414 case MDIOCDETACH_32: /* FALLTHROUGH */ 415 case MDIOCQUERY_32: /* FALLTHROUGH */ 416 case MDIOCLIST_32: 417 error = freebsd32_ioctl_md(td, uap, fp); 418 break; 419 420 case CDIOREADTOCENTRYS_32: 421 error = freebsd32_ioctl_ioc_read_toc(td, uap, fp); 422 break; 423 424 case FIODGNAME_32: 425 error = freebsd32_ioctl_fiodgname(td, uap, fp); 426 break; 427 428 case MEMRANGE_GET32: /* FALLTHROUGH */ 429 case MEMRANGE_SET32: 430 error = freebsd32_ioctl_memrange(td, uap, fp); 431 break; 432 433 case PCIOCGETCONF_32: 434 error = freebsd32_ioctl_pciocgetconf(td, uap, fp); 435 break; 436 437 case SG_IO_32: 438 error = freebsd32_ioctl_sg(td, uap, fp); 439 break; 440 441 default: 442 fdrop(fp, td); 443 ap.fd = uap->fd; 444 ap.com = uap->com; 445 PTRIN_CP(*uap, ap, data); 446 return sys_ioctl(td, &ap); 447 } 448 449 fdrop(fp, td); 450 return error; 451 } 452