1 /*-
2  * Copyright (c) 1994-1995 Søren Schmidt
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer
10  *    in this position and unchanged.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in the
13  *    documentation and/or other materials provided with the distribution.
14  * 3. The name of the author may not be used to endorse or promote products
15  *    derived from this software without specific prior written permission
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
18  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
19  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
20  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
21  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
22  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
23  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
24  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
26  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27  */
28 
29 #include "opt_compat.h"
30 
31 #include <sys/cdefs.h>
32 __FBSDID("$FreeBSD: stable/10/sys/compat/linux/linux_ioctl.c 358941 2020-03-13 08:57:22Z hselasky $");
33 
34 #include <sys/param.h>
35 #include <sys/systm.h>
36 #include <sys/sysproto.h>
37 #include <sys/capsicum.h>
38 #include <sys/cdio.h>
39 #include <sys/dvdio.h>
40 #include <sys/conf.h>
41 #include <sys/disk.h>
42 #include <sys/consio.h>
43 #include <sys/ctype.h>
44 #include <sys/fcntl.h>
45 #include <sys/file.h>
46 #include <sys/filedesc.h>
47 #include <sys/filio.h>
48 #include <sys/jail.h>
49 #include <sys/kbio.h>
50 #include <sys/kernel.h>
51 #include <sys/linker_set.h>
52 #include <sys/lock.h>
53 #include <sys/malloc.h>
54 #include <sys/proc.h>
55 #include <sys/sbuf.h>
56 #include <sys/socket.h>
57 #include <sys/sockio.h>
58 #include <sys/soundcard.h>
59 #include <sys/stdint.h>
60 #include <sys/sx.h>
61 #include <sys/sysctl.h>
62 #include <sys/tty.h>
63 #include <sys/uio.h>
64 #include <sys/types.h>
65 #include <sys/mman.h>
66 #include <sys/resourcevar.h>
67 
68 #include <net/if.h>
69 #include <net/if_dl.h>
70 #include <net/if_types.h>
71 
72 #include <dev/usb/usb_ioctl.h>
73 
74 #ifdef COMPAT_LINUX32
75 #include <machine/../linux32/linux.h>
76 #include <machine/../linux32/linux32_proto.h>
77 #else
78 #include <machine/../linux/linux.h>
79 #include <machine/../linux/linux_proto.h>
80 #endif
81 
82 #include <compat/linux/linux_ioctl.h>
83 #include <compat/linux/linux_mib.h>
84 #include <compat/linux/linux_socket.h>
85 #include <compat/linux/linux_util.h>
86 
87 #include <contrib/v4l/videodev.h>
88 #include <compat/linux/linux_videodev_compat.h>
89 
90 #include <contrib/v4l/videodev2.h>
91 #include <compat/linux/linux_videodev2_compat.h>
92 
93 #include <cam/scsi/scsi_sg.h>
94 
95 CTASSERT(LINUX_IFNAMSIZ == IFNAMSIZ);
96 
97 static linux_ioctl_function_t linux_ioctl_cdrom;
98 static linux_ioctl_function_t linux_ioctl_vfat;
99 static linux_ioctl_function_t linux_ioctl_console;
100 static linux_ioctl_function_t linux_ioctl_hdio;
101 static linux_ioctl_function_t linux_ioctl_disk;
102 static linux_ioctl_function_t linux_ioctl_socket;
103 static linux_ioctl_function_t linux_ioctl_sound;
104 static linux_ioctl_function_t linux_ioctl_termio;
105 static linux_ioctl_function_t linux_ioctl_private;
106 static linux_ioctl_function_t linux_ioctl_drm;
107 static linux_ioctl_function_t linux_ioctl_sg;
108 static linux_ioctl_function_t linux_ioctl_v4l;
109 static linux_ioctl_function_t linux_ioctl_v4l2;
110 static linux_ioctl_function_t linux_ioctl_special;
111 static linux_ioctl_function_t linux_ioctl_fbsd_usb;
112 
113 static struct linux_ioctl_handler cdrom_handler =
114 { linux_ioctl_cdrom, LINUX_IOCTL_CDROM_MIN, LINUX_IOCTL_CDROM_MAX };
115 static struct linux_ioctl_handler vfat_handler =
116 { linux_ioctl_vfat, LINUX_IOCTL_VFAT_MIN, LINUX_IOCTL_VFAT_MAX };
117 static struct linux_ioctl_handler console_handler =
118 { linux_ioctl_console, LINUX_IOCTL_CONSOLE_MIN, LINUX_IOCTL_CONSOLE_MAX };
119 static struct linux_ioctl_handler hdio_handler =
120 { linux_ioctl_hdio, LINUX_IOCTL_HDIO_MIN, LINUX_IOCTL_HDIO_MAX };
121 static struct linux_ioctl_handler disk_handler =
122 { linux_ioctl_disk, LINUX_IOCTL_DISK_MIN, LINUX_IOCTL_DISK_MAX };
123 static struct linux_ioctl_handler socket_handler =
124 { linux_ioctl_socket, LINUX_IOCTL_SOCKET_MIN, LINUX_IOCTL_SOCKET_MAX };
125 static struct linux_ioctl_handler sound_handler =
126 { linux_ioctl_sound, LINUX_IOCTL_SOUND_MIN, LINUX_IOCTL_SOUND_MAX };
127 static struct linux_ioctl_handler termio_handler =
128 { linux_ioctl_termio, LINUX_IOCTL_TERMIO_MIN, LINUX_IOCTL_TERMIO_MAX };
129 static struct linux_ioctl_handler private_handler =
130 { linux_ioctl_private, LINUX_IOCTL_PRIVATE_MIN, LINUX_IOCTL_PRIVATE_MAX };
131 static struct linux_ioctl_handler drm_handler =
132 { linux_ioctl_drm, LINUX_IOCTL_DRM_MIN, LINUX_IOCTL_DRM_MAX };
133 static struct linux_ioctl_handler sg_handler =
134 { linux_ioctl_sg, LINUX_IOCTL_SG_MIN, LINUX_IOCTL_SG_MAX };
135 static struct linux_ioctl_handler video_handler =
136 { linux_ioctl_v4l, LINUX_IOCTL_VIDEO_MIN, LINUX_IOCTL_VIDEO_MAX };
137 static struct linux_ioctl_handler video2_handler =
138 { linux_ioctl_v4l2, LINUX_IOCTL_VIDEO2_MIN, LINUX_IOCTL_VIDEO2_MAX };
139 static struct linux_ioctl_handler fbsd_usb =
140 { linux_ioctl_fbsd_usb, FBSD_LUSB_MIN, FBSD_LUSB_MAX };
141 
142 DATA_SET(linux_ioctl_handler_set, cdrom_handler);
143 DATA_SET(linux_ioctl_handler_set, vfat_handler);
144 DATA_SET(linux_ioctl_handler_set, console_handler);
145 DATA_SET(linux_ioctl_handler_set, hdio_handler);
146 DATA_SET(linux_ioctl_handler_set, disk_handler);
147 DATA_SET(linux_ioctl_handler_set, socket_handler);
148 DATA_SET(linux_ioctl_handler_set, sound_handler);
149 DATA_SET(linux_ioctl_handler_set, termio_handler);
150 DATA_SET(linux_ioctl_handler_set, private_handler);
151 DATA_SET(linux_ioctl_handler_set, drm_handler);
152 DATA_SET(linux_ioctl_handler_set, sg_handler);
153 DATA_SET(linux_ioctl_handler_set, video_handler);
154 DATA_SET(linux_ioctl_handler_set, video2_handler);
155 DATA_SET(linux_ioctl_handler_set, fbsd_usb);
156 
157 struct handler_element
158 {
159 	TAILQ_ENTRY(handler_element) list;
160 	int	(*func)(struct thread *, struct linux_ioctl_args *);
161 	int	low, high, span;
162 };
163 
164 static TAILQ_HEAD(, handler_element) handlers =
165     TAILQ_HEAD_INITIALIZER(handlers);
166 static struct sx linux_ioctl_sx;
167 SX_SYSINIT(linux_ioctl, &linux_ioctl_sx, "linux ioctl handlers");
168 
169 /*
170  * hdio related ioctls for VMWare support
171  */
172 
173 struct linux_hd_geometry {
174 	u_int8_t	heads;
175 	u_int8_t	sectors;
176 	u_int16_t	cylinders;
177 	u_int32_t	start;
178 };
179 
180 struct linux_hd_big_geometry {
181 	u_int8_t	heads;
182 	u_int8_t	sectors;
183 	u_int32_t	cylinders;
184 	u_int32_t	start;
185 };
186 
187 static int
linux_ioctl_hdio(struct thread * td,struct linux_ioctl_args * args)188 linux_ioctl_hdio(struct thread *td, struct linux_ioctl_args *args)
189 {
190 	cap_rights_t rights;
191 	struct file *fp;
192 	int error;
193 	u_int sectorsize, fwcylinders, fwheads, fwsectors;
194 	off_t mediasize, bytespercyl;
195 
196 	error = fget(td, args->fd, cap_rights_init(&rights, CAP_IOCTL), &fp);
197 	if (error != 0)
198 		return (error);
199 	switch (args->cmd & 0xffff) {
200 	case LINUX_HDIO_GET_GEO:
201 	case LINUX_HDIO_GET_GEO_BIG:
202 		error = fo_ioctl(fp, DIOCGMEDIASIZE,
203 			(caddr_t)&mediasize, td->td_ucred, td);
204 		if (!error)
205 			error = fo_ioctl(fp, DIOCGSECTORSIZE,
206 				(caddr_t)&sectorsize, td->td_ucred, td);
207 		if (!error)
208 			error = fo_ioctl(fp, DIOCGFWHEADS,
209 				(caddr_t)&fwheads, td->td_ucred, td);
210 		if (!error)
211 			error = fo_ioctl(fp, DIOCGFWSECTORS,
212 				(caddr_t)&fwsectors, td->td_ucred, td);
213 		/*
214 		 * XXX: DIOCGFIRSTOFFSET is not yet implemented, so
215 		 * so pretend that GEOM always says 0. This is NOT VALID
216 		 * for slices or partitions, only the per-disk raw devices.
217 		 */
218 
219 		fdrop(fp, td);
220 		if (error)
221 			return (error);
222 		/*
223 		 * 1. Calculate the number of bytes in a cylinder,
224 		 *    given the firmware's notion of heads and sectors
225 		 *    per cylinder.
226 		 * 2. Calculate the number of cylinders, given the total
227 		 *    size of the media.
228 		 * All internal calculations should have 64-bit precision.
229 		 */
230 		bytespercyl = (off_t) sectorsize * fwheads * fwsectors;
231 		fwcylinders = mediasize / bytespercyl;
232 #if defined(DEBUG)
233 		linux_msg(td, "HDIO_GET_GEO: mediasize %jd, c/h/s %d/%d/%d, "
234 			  "bpc %jd",
235 			  (intmax_t)mediasize, fwcylinders, fwheads, fwsectors,
236 			  (intmax_t)bytespercyl);
237 #endif
238 		if ((args->cmd & 0xffff) == LINUX_HDIO_GET_GEO) {
239 			struct linux_hd_geometry hdg;
240 
241 			hdg.cylinders = fwcylinders;
242 			hdg.heads = fwheads;
243 			hdg.sectors = fwsectors;
244 			hdg.start = 0;
245 			error = copyout(&hdg, (void *)args->arg, sizeof(hdg));
246 		} else if ((args->cmd & 0xffff) == LINUX_HDIO_GET_GEO_BIG) {
247 			struct linux_hd_big_geometry hdbg;
248 
249 			memset(&hdbg, 0, sizeof(hdbg));
250 			hdbg.cylinders = fwcylinders;
251 			hdbg.heads = fwheads;
252 			hdbg.sectors = fwsectors;
253 			hdbg.start = 0;
254 			error = copyout(&hdbg, (void *)args->arg, sizeof(hdbg));
255 		}
256 		return (error);
257 		break;
258 	default:
259 		/* XXX */
260 		linux_msg(td,
261 			"ioctl fd=%d, cmd=0x%x ('%c',%d) is not implemented",
262 			args->fd, (int)(args->cmd & 0xffff),
263 			(int)(args->cmd & 0xff00) >> 8,
264 			(int)(args->cmd & 0xff));
265 		break;
266 	}
267 	fdrop(fp, td);
268 	return (ENOIOCTL);
269 }
270 
271 static int
linux_ioctl_disk(struct thread * td,struct linux_ioctl_args * args)272 linux_ioctl_disk(struct thread *td, struct linux_ioctl_args *args)
273 {
274 	cap_rights_t rights;
275 	struct file *fp;
276 	int error;
277 	u_int sectorsize;
278 	off_t mediasize;
279 
280 	error = fget(td, args->fd, cap_rights_init(&rights, CAP_IOCTL), &fp);
281 	if (error != 0)
282 		return (error);
283 	switch (args->cmd & 0xffff) {
284 	case LINUX_BLKGETSIZE:
285 		error = fo_ioctl(fp, DIOCGSECTORSIZE,
286 		    (caddr_t)&sectorsize, td->td_ucred, td);
287 		if (!error)
288 			error = fo_ioctl(fp, DIOCGMEDIASIZE,
289 			    (caddr_t)&mediasize, td->td_ucred, td);
290 		fdrop(fp, td);
291 		if (error)
292 			return (error);
293 		sectorsize = mediasize / sectorsize;
294 		/*
295 		 * XXX: How do we know we return the right size of integer ?
296 		 */
297 		return (copyout(&sectorsize, (void *)args->arg,
298 		    sizeof(sectorsize)));
299 		break;
300 	case LINUX_BLKSSZGET:
301 		error = fo_ioctl(fp, DIOCGSECTORSIZE,
302 		    (caddr_t)&sectorsize, td->td_ucred, td);
303 		fdrop(fp, td);
304 		if (error)
305 			return (error);
306 		return (copyout(&sectorsize, (void *)args->arg,
307 		    sizeof(sectorsize)));
308 		break;
309 	}
310 	fdrop(fp, td);
311 	return (ENOIOCTL);
312 }
313 
314 /*
315  * termio related ioctls
316  */
317 
318 struct linux_termio {
319 	unsigned short c_iflag;
320 	unsigned short c_oflag;
321 	unsigned short c_cflag;
322 	unsigned short c_lflag;
323 	unsigned char c_line;
324 	unsigned char c_cc[LINUX_NCC];
325 };
326 
327 struct linux_termios {
328 	unsigned int c_iflag;
329 	unsigned int c_oflag;
330 	unsigned int c_cflag;
331 	unsigned int c_lflag;
332 	unsigned char c_line;
333 	unsigned char c_cc[LINUX_NCCS];
334 };
335 
336 struct linux_winsize {
337 	unsigned short ws_row, ws_col;
338 	unsigned short ws_xpixel, ws_ypixel;
339 };
340 
341 struct speedtab {
342 	int sp_speed;			/* Speed. */
343 	int sp_code;			/* Code. */
344 };
345 
346 static struct speedtab sptab[] = {
347 	{ B0, LINUX_B0 }, { B50, LINUX_B50 },
348 	{ B75, LINUX_B75 }, { B110, LINUX_B110 },
349 	{ B134, LINUX_B134 }, { B150, LINUX_B150 },
350 	{ B200, LINUX_B200 }, { B300, LINUX_B300 },
351 	{ B600, LINUX_B600 }, { B1200, LINUX_B1200 },
352 	{ B1800, LINUX_B1800 }, { B2400, LINUX_B2400 },
353 	{ B4800, LINUX_B4800 }, { B9600, LINUX_B9600 },
354 	{ B19200, LINUX_B19200 }, { B38400, LINUX_B38400 },
355 	{ B57600, LINUX_B57600 }, { B115200, LINUX_B115200 },
356 	{-1, -1 }
357 };
358 
359 struct linux_serial_struct {
360 	int	type;
361 	int	line;
362 	int	port;
363 	int	irq;
364 	int	flags;
365 	int	xmit_fifo_size;
366 	int	custom_divisor;
367 	int	baud_base;
368 	unsigned short close_delay;
369 	char	reserved_char[2];
370 	int	hub6;
371 	unsigned short closing_wait;
372 	unsigned short closing_wait2;
373 	int	reserved[4];
374 };
375 
376 static int
linux_to_bsd_speed(int code,struct speedtab * table)377 linux_to_bsd_speed(int code, struct speedtab *table)
378 {
379 	for ( ; table->sp_code != -1; table++)
380 		if (table->sp_code == code)
381 			return (table->sp_speed);
382 	return -1;
383 }
384 
385 static int
bsd_to_linux_speed(int speed,struct speedtab * table)386 bsd_to_linux_speed(int speed, struct speedtab *table)
387 {
388 	for ( ; table->sp_speed != -1; table++)
389 		if (table->sp_speed == speed)
390 			return (table->sp_code);
391 	return -1;
392 }
393 
394 static void
bsd_to_linux_termios(struct termios * bios,struct linux_termios * lios)395 bsd_to_linux_termios(struct termios *bios, struct linux_termios *lios)
396 {
397 	int i;
398 
399 #ifdef DEBUG
400 	if (ldebug(ioctl)) {
401 		printf("LINUX: BSD termios structure (input):\n");
402 		printf("i=%08x o=%08x c=%08x l=%08x ispeed=%d ospeed=%d\n",
403 		    bios->c_iflag, bios->c_oflag, bios->c_cflag, bios->c_lflag,
404 		    bios->c_ispeed, bios->c_ospeed);
405 		printf("c_cc ");
406 		for (i=0; i<NCCS; i++)
407 			printf("%02x ", bios->c_cc[i]);
408 		printf("\n");
409 	}
410 #endif
411 
412 	lios->c_iflag = 0;
413 	if (bios->c_iflag & IGNBRK)
414 		lios->c_iflag |= LINUX_IGNBRK;
415 	if (bios->c_iflag & BRKINT)
416 		lios->c_iflag |= LINUX_BRKINT;
417 	if (bios->c_iflag & IGNPAR)
418 		lios->c_iflag |= LINUX_IGNPAR;
419 	if (bios->c_iflag & PARMRK)
420 		lios->c_iflag |= LINUX_PARMRK;
421 	if (bios->c_iflag & INPCK)
422 		lios->c_iflag |= LINUX_INPCK;
423 	if (bios->c_iflag & ISTRIP)
424 		lios->c_iflag |= LINUX_ISTRIP;
425 	if (bios->c_iflag & INLCR)
426 		lios->c_iflag |= LINUX_INLCR;
427 	if (bios->c_iflag & IGNCR)
428 		lios->c_iflag |= LINUX_IGNCR;
429 	if (bios->c_iflag & ICRNL)
430 		lios->c_iflag |= LINUX_ICRNL;
431 	if (bios->c_iflag & IXON)
432 		lios->c_iflag |= LINUX_IXON;
433 	if (bios->c_iflag & IXANY)
434 		lios->c_iflag |= LINUX_IXANY;
435 	if (bios->c_iflag & IXOFF)
436 		lios->c_iflag |= LINUX_IXOFF;
437 	if (bios->c_iflag & IMAXBEL)
438 		lios->c_iflag |= LINUX_IMAXBEL;
439 
440 	lios->c_oflag = 0;
441 	if (bios->c_oflag & OPOST)
442 		lios->c_oflag |= LINUX_OPOST;
443 	if (bios->c_oflag & ONLCR)
444 		lios->c_oflag |= LINUX_ONLCR;
445 	if (bios->c_oflag & TAB3)
446 		lios->c_oflag |= LINUX_XTABS;
447 
448 	lios->c_cflag = bsd_to_linux_speed(bios->c_ispeed, sptab);
449 	lios->c_cflag |= (bios->c_cflag & CSIZE) >> 4;
450 	if (bios->c_cflag & CSTOPB)
451 		lios->c_cflag |= LINUX_CSTOPB;
452 	if (bios->c_cflag & CREAD)
453 		lios->c_cflag |= LINUX_CREAD;
454 	if (bios->c_cflag & PARENB)
455 		lios->c_cflag |= LINUX_PARENB;
456 	if (bios->c_cflag & PARODD)
457 		lios->c_cflag |= LINUX_PARODD;
458 	if (bios->c_cflag & HUPCL)
459 		lios->c_cflag |= LINUX_HUPCL;
460 	if (bios->c_cflag & CLOCAL)
461 		lios->c_cflag |= LINUX_CLOCAL;
462 	if (bios->c_cflag & CRTSCTS)
463 		lios->c_cflag |= LINUX_CRTSCTS;
464 
465 	lios->c_lflag = 0;
466 	if (bios->c_lflag & ISIG)
467 		lios->c_lflag |= LINUX_ISIG;
468 	if (bios->c_lflag & ICANON)
469 		lios->c_lflag |= LINUX_ICANON;
470 	if (bios->c_lflag & ECHO)
471 		lios->c_lflag |= LINUX_ECHO;
472 	if (bios->c_lflag & ECHOE)
473 		lios->c_lflag |= LINUX_ECHOE;
474 	if (bios->c_lflag & ECHOK)
475 		lios->c_lflag |= LINUX_ECHOK;
476 	if (bios->c_lflag & ECHONL)
477 		lios->c_lflag |= LINUX_ECHONL;
478 	if (bios->c_lflag & NOFLSH)
479 		lios->c_lflag |= LINUX_NOFLSH;
480 	if (bios->c_lflag & TOSTOP)
481 		lios->c_lflag |= LINUX_TOSTOP;
482 	if (bios->c_lflag & ECHOCTL)
483 		lios->c_lflag |= LINUX_ECHOCTL;
484 	if (bios->c_lflag & ECHOPRT)
485 		lios->c_lflag |= LINUX_ECHOPRT;
486 	if (bios->c_lflag & ECHOKE)
487 		lios->c_lflag |= LINUX_ECHOKE;
488 	if (bios->c_lflag & FLUSHO)
489 		lios->c_lflag |= LINUX_FLUSHO;
490 	if (bios->c_lflag & PENDIN)
491 		lios->c_lflag |= LINUX_PENDIN;
492 	if (bios->c_lflag & IEXTEN)
493 		lios->c_lflag |= LINUX_IEXTEN;
494 
495 	for (i=0; i<LINUX_NCCS; i++)
496 		lios->c_cc[i] = LINUX_POSIX_VDISABLE;
497 	lios->c_cc[LINUX_VINTR] = bios->c_cc[VINTR];
498 	lios->c_cc[LINUX_VQUIT] = bios->c_cc[VQUIT];
499 	lios->c_cc[LINUX_VERASE] = bios->c_cc[VERASE];
500 	lios->c_cc[LINUX_VKILL] = bios->c_cc[VKILL];
501 	lios->c_cc[LINUX_VEOF] = bios->c_cc[VEOF];
502 	lios->c_cc[LINUX_VEOL] = bios->c_cc[VEOL];
503 	lios->c_cc[LINUX_VMIN] = bios->c_cc[VMIN];
504 	lios->c_cc[LINUX_VTIME] = bios->c_cc[VTIME];
505 	lios->c_cc[LINUX_VEOL2] = bios->c_cc[VEOL2];
506 	lios->c_cc[LINUX_VSUSP] = bios->c_cc[VSUSP];
507 	lios->c_cc[LINUX_VSTART] = bios->c_cc[VSTART];
508 	lios->c_cc[LINUX_VSTOP] = bios->c_cc[VSTOP];
509 	lios->c_cc[LINUX_VREPRINT] = bios->c_cc[VREPRINT];
510 	lios->c_cc[LINUX_VDISCARD] = bios->c_cc[VDISCARD];
511 	lios->c_cc[LINUX_VWERASE] = bios->c_cc[VWERASE];
512 	lios->c_cc[LINUX_VLNEXT] = bios->c_cc[VLNEXT];
513 
514 	for (i=0; i<LINUX_NCCS; i++) {
515 		if (i != LINUX_VMIN && i != LINUX_VTIME &&
516 		    lios->c_cc[i] == _POSIX_VDISABLE)
517 			lios->c_cc[i] = LINUX_POSIX_VDISABLE;
518 	}
519 	lios->c_line = 0;
520 
521 #ifdef DEBUG
522 	if (ldebug(ioctl)) {
523 		printf("LINUX: LINUX termios structure (output):\n");
524 		printf("i=%08x o=%08x c=%08x l=%08x line=%d\n",
525 		    lios->c_iflag, lios->c_oflag, lios->c_cflag,
526 		    lios->c_lflag, (int)lios->c_line);
527 		printf("c_cc ");
528 		for (i=0; i<LINUX_NCCS; i++)
529 			printf("%02x ", lios->c_cc[i]);
530 		printf("\n");
531 	}
532 #endif
533 }
534 
535 static void
linux_to_bsd_termios(struct linux_termios * lios,struct termios * bios)536 linux_to_bsd_termios(struct linux_termios *lios, struct termios *bios)
537 {
538 	int i;
539 
540 #ifdef DEBUG
541 	if (ldebug(ioctl)) {
542 		printf("LINUX: LINUX termios structure (input):\n");
543 		printf("i=%08x o=%08x c=%08x l=%08x line=%d\n",
544 		    lios->c_iflag, lios->c_oflag, lios->c_cflag,
545 		    lios->c_lflag, (int)lios->c_line);
546 		printf("c_cc ");
547 		for (i=0; i<LINUX_NCCS; i++)
548 			printf("%02x ", lios->c_cc[i]);
549 		printf("\n");
550 	}
551 #endif
552 
553 	bios->c_iflag = 0;
554 	if (lios->c_iflag & LINUX_IGNBRK)
555 		bios->c_iflag |= IGNBRK;
556 	if (lios->c_iflag & LINUX_BRKINT)
557 		bios->c_iflag |= BRKINT;
558 	if (lios->c_iflag & LINUX_IGNPAR)
559 		bios->c_iflag |= IGNPAR;
560 	if (lios->c_iflag & LINUX_PARMRK)
561 		bios->c_iflag |= PARMRK;
562 	if (lios->c_iflag & LINUX_INPCK)
563 		bios->c_iflag |= INPCK;
564 	if (lios->c_iflag & LINUX_ISTRIP)
565 		bios->c_iflag |= ISTRIP;
566 	if (lios->c_iflag & LINUX_INLCR)
567 		bios->c_iflag |= INLCR;
568 	if (lios->c_iflag & LINUX_IGNCR)
569 		bios->c_iflag |= IGNCR;
570 	if (lios->c_iflag & LINUX_ICRNL)
571 		bios->c_iflag |= ICRNL;
572 	if (lios->c_iflag & LINUX_IXON)
573 		bios->c_iflag |= IXON;
574 	if (lios->c_iflag & LINUX_IXANY)
575 		bios->c_iflag |= IXANY;
576 	if (lios->c_iflag & LINUX_IXOFF)
577 		bios->c_iflag |= IXOFF;
578 	if (lios->c_iflag & LINUX_IMAXBEL)
579 		bios->c_iflag |= IMAXBEL;
580 
581 	bios->c_oflag = 0;
582 	if (lios->c_oflag & LINUX_OPOST)
583 		bios->c_oflag |= OPOST;
584 	if (lios->c_oflag & LINUX_ONLCR)
585 		bios->c_oflag |= ONLCR;
586 	if (lios->c_oflag & LINUX_XTABS)
587 		bios->c_oflag |= TAB3;
588 
589 	bios->c_cflag = (lios->c_cflag & LINUX_CSIZE) << 4;
590 	if (lios->c_cflag & LINUX_CSTOPB)
591 		bios->c_cflag |= CSTOPB;
592 	if (lios->c_cflag & LINUX_CREAD)
593 		bios->c_cflag |= CREAD;
594 	if (lios->c_cflag & LINUX_PARENB)
595 		bios->c_cflag |= PARENB;
596 	if (lios->c_cflag & LINUX_PARODD)
597 		bios->c_cflag |= PARODD;
598 	if (lios->c_cflag & LINUX_HUPCL)
599 		bios->c_cflag |= HUPCL;
600 	if (lios->c_cflag & LINUX_CLOCAL)
601 		bios->c_cflag |= CLOCAL;
602 	if (lios->c_cflag & LINUX_CRTSCTS)
603 		bios->c_cflag |= CRTSCTS;
604 
605 	bios->c_lflag = 0;
606 	if (lios->c_lflag & LINUX_ISIG)
607 		bios->c_lflag |= ISIG;
608 	if (lios->c_lflag & LINUX_ICANON)
609 		bios->c_lflag |= ICANON;
610 	if (lios->c_lflag & LINUX_ECHO)
611 		bios->c_lflag |= ECHO;
612 	if (lios->c_lflag & LINUX_ECHOE)
613 		bios->c_lflag |= ECHOE;
614 	if (lios->c_lflag & LINUX_ECHOK)
615 		bios->c_lflag |= ECHOK;
616 	if (lios->c_lflag & LINUX_ECHONL)
617 		bios->c_lflag |= ECHONL;
618 	if (lios->c_lflag & LINUX_NOFLSH)
619 		bios->c_lflag |= NOFLSH;
620 	if (lios->c_lflag & LINUX_TOSTOP)
621 		bios->c_lflag |= TOSTOP;
622 	if (lios->c_lflag & LINUX_ECHOCTL)
623 		bios->c_lflag |= ECHOCTL;
624 	if (lios->c_lflag & LINUX_ECHOPRT)
625 		bios->c_lflag |= ECHOPRT;
626 	if (lios->c_lflag & LINUX_ECHOKE)
627 		bios->c_lflag |= ECHOKE;
628 	if (lios->c_lflag & LINUX_FLUSHO)
629 		bios->c_lflag |= FLUSHO;
630 	if (lios->c_lflag & LINUX_PENDIN)
631 		bios->c_lflag |= PENDIN;
632 	if (lios->c_lflag & LINUX_IEXTEN)
633 		bios->c_lflag |= IEXTEN;
634 
635 	for (i=0; i<NCCS; i++)
636 		bios->c_cc[i] = _POSIX_VDISABLE;
637 	bios->c_cc[VINTR] = lios->c_cc[LINUX_VINTR];
638 	bios->c_cc[VQUIT] = lios->c_cc[LINUX_VQUIT];
639 	bios->c_cc[VERASE] = lios->c_cc[LINUX_VERASE];
640 	bios->c_cc[VKILL] = lios->c_cc[LINUX_VKILL];
641 	bios->c_cc[VEOF] = lios->c_cc[LINUX_VEOF];
642 	bios->c_cc[VEOL] = lios->c_cc[LINUX_VEOL];
643 	bios->c_cc[VMIN] = lios->c_cc[LINUX_VMIN];
644 	bios->c_cc[VTIME] = lios->c_cc[LINUX_VTIME];
645 	bios->c_cc[VEOL2] = lios->c_cc[LINUX_VEOL2];
646 	bios->c_cc[VSUSP] = lios->c_cc[LINUX_VSUSP];
647 	bios->c_cc[VSTART] = lios->c_cc[LINUX_VSTART];
648 	bios->c_cc[VSTOP] = lios->c_cc[LINUX_VSTOP];
649 	bios->c_cc[VREPRINT] = lios->c_cc[LINUX_VREPRINT];
650 	bios->c_cc[VDISCARD] = lios->c_cc[LINUX_VDISCARD];
651 	bios->c_cc[VWERASE] = lios->c_cc[LINUX_VWERASE];
652 	bios->c_cc[VLNEXT] = lios->c_cc[LINUX_VLNEXT];
653 
654 	for (i=0; i<NCCS; i++) {
655 		if (i != VMIN && i != VTIME &&
656 		    bios->c_cc[i] == LINUX_POSIX_VDISABLE)
657 			bios->c_cc[i] = _POSIX_VDISABLE;
658 	}
659 
660 	bios->c_ispeed = bios->c_ospeed =
661 	    linux_to_bsd_speed(lios->c_cflag & LINUX_CBAUD, sptab);
662 
663 #ifdef DEBUG
664 	if (ldebug(ioctl)) {
665 		printf("LINUX: BSD termios structure (output):\n");
666 		printf("i=%08x o=%08x c=%08x l=%08x ispeed=%d ospeed=%d\n",
667 		    bios->c_iflag, bios->c_oflag, bios->c_cflag, bios->c_lflag,
668 		    bios->c_ispeed, bios->c_ospeed);
669 		printf("c_cc ");
670 		for (i=0; i<NCCS; i++)
671 			printf("%02x ", bios->c_cc[i]);
672 		printf("\n");
673 	}
674 #endif
675 }
676 
677 static void
bsd_to_linux_termio(struct termios * bios,struct linux_termio * lio)678 bsd_to_linux_termio(struct termios *bios, struct linux_termio *lio)
679 {
680 	struct linux_termios lios;
681 
682 	bsd_to_linux_termios(bios, &lios);
683 	lio->c_iflag = lios.c_iflag;
684 	lio->c_oflag = lios.c_oflag;
685 	lio->c_cflag = lios.c_cflag;
686 	lio->c_lflag = lios.c_lflag;
687 	lio->c_line  = lios.c_line;
688 	memcpy(lio->c_cc, lios.c_cc, LINUX_NCC);
689 }
690 
691 static void
linux_to_bsd_termio(struct linux_termio * lio,struct termios * bios)692 linux_to_bsd_termio(struct linux_termio *lio, struct termios *bios)
693 {
694 	struct linux_termios lios;
695 	int i;
696 
697 	lios.c_iflag = lio->c_iflag;
698 	lios.c_oflag = lio->c_oflag;
699 	lios.c_cflag = lio->c_cflag;
700 	lios.c_lflag = lio->c_lflag;
701 	for (i=LINUX_NCC; i<LINUX_NCCS; i++)
702 		lios.c_cc[i] = LINUX_POSIX_VDISABLE;
703 	memcpy(lios.c_cc, lio->c_cc, LINUX_NCC);
704 	linux_to_bsd_termios(&lios, bios);
705 }
706 
707 static int
linux_ioctl_termio(struct thread * td,struct linux_ioctl_args * args)708 linux_ioctl_termio(struct thread *td, struct linux_ioctl_args *args)
709 {
710 	struct termios bios;
711 	struct linux_termios lios;
712 	struct linux_termio lio;
713 	cap_rights_t rights;
714 	struct file *fp;
715 	int error;
716 
717 	error = fget(td, args->fd, cap_rights_init(&rights, CAP_IOCTL), &fp);
718 	if (error != 0)
719 		return (error);
720 
721 	switch (args->cmd & 0xffff) {
722 
723 	case LINUX_TCGETS:
724 		error = fo_ioctl(fp, TIOCGETA, (caddr_t)&bios, td->td_ucred,
725 		    td);
726 		if (error)
727 			break;
728 		bsd_to_linux_termios(&bios, &lios);
729 		error = copyout(&lios, (void *)args->arg, sizeof(lios));
730 		break;
731 
732 	case LINUX_TCSETS:
733 		error = copyin((void *)args->arg, &lios, sizeof(lios));
734 		if (error)
735 			break;
736 		linux_to_bsd_termios(&lios, &bios);
737 		error = (fo_ioctl(fp, TIOCSETA, (caddr_t)&bios, td->td_ucred,
738 		    td));
739 		break;
740 
741 	case LINUX_TCSETSW:
742 		error = copyin((void *)args->arg, &lios, sizeof(lios));
743 		if (error)
744 			break;
745 		linux_to_bsd_termios(&lios, &bios);
746 		error = (fo_ioctl(fp, TIOCSETAW, (caddr_t)&bios, td->td_ucred,
747 		    td));
748 		break;
749 
750 	case LINUX_TCSETSF:
751 		error = copyin((void *)args->arg, &lios, sizeof(lios));
752 		if (error)
753 			break;
754 		linux_to_bsd_termios(&lios, &bios);
755 		error = (fo_ioctl(fp, TIOCSETAF, (caddr_t)&bios, td->td_ucred,
756 		    td));
757 		break;
758 
759 	case LINUX_TCGETA:
760 		error = fo_ioctl(fp, TIOCGETA, (caddr_t)&bios, td->td_ucred,
761 		    td);
762 		if (error)
763 			break;
764 		bsd_to_linux_termio(&bios, &lio);
765 		error = (copyout(&lio, (void *)args->arg, sizeof(lio)));
766 		break;
767 
768 	case LINUX_TCSETA:
769 		error = copyin((void *)args->arg, &lio, sizeof(lio));
770 		if (error)
771 			break;
772 		linux_to_bsd_termio(&lio, &bios);
773 		error = (fo_ioctl(fp, TIOCSETA, (caddr_t)&bios, td->td_ucred,
774 		    td));
775 		break;
776 
777 	case LINUX_TCSETAW:
778 		error = copyin((void *)args->arg, &lio, sizeof(lio));
779 		if (error)
780 			break;
781 		linux_to_bsd_termio(&lio, &bios);
782 		error = (fo_ioctl(fp, TIOCSETAW, (caddr_t)&bios, td->td_ucred,
783 		    td));
784 		break;
785 
786 	case LINUX_TCSETAF:
787 		error = copyin((void *)args->arg, &lio, sizeof(lio));
788 		if (error)
789 			break;
790 		linux_to_bsd_termio(&lio, &bios);
791 		error = (fo_ioctl(fp, TIOCSETAF, (caddr_t)&bios, td->td_ucred,
792 		    td));
793 		break;
794 
795 	/* LINUX_TCSBRK */
796 
797 	case LINUX_TCXONC: {
798 		switch (args->arg) {
799 		case LINUX_TCOOFF:
800 			args->cmd = TIOCSTOP;
801 			break;
802 		case LINUX_TCOON:
803 			args->cmd = TIOCSTART;
804 			break;
805 		case LINUX_TCIOFF:
806 		case LINUX_TCION: {
807 			int c;
808 			struct write_args wr;
809 			error = fo_ioctl(fp, TIOCGETA, (caddr_t)&bios,
810 			    td->td_ucred, td);
811 			if (error)
812 				break;
813 			fdrop(fp, td);
814 			c = (args->arg == LINUX_TCIOFF) ? VSTOP : VSTART;
815 			c = bios.c_cc[c];
816 			if (c != _POSIX_VDISABLE) {
817 				wr.fd = args->fd;
818 				wr.buf = &c;
819 				wr.nbyte = sizeof(c);
820 				return (sys_write(td, &wr));
821 			} else
822 				return (0);
823 		}
824 		default:
825 			fdrop(fp, td);
826 			return (EINVAL);
827 		}
828 		args->arg = 0;
829 		error = (sys_ioctl(td, (struct ioctl_args *)args));
830 		break;
831 	}
832 
833 	case LINUX_TCFLSH: {
834 		int val;
835 		switch (args->arg) {
836 		case LINUX_TCIFLUSH:
837 			val = FREAD;
838 			break;
839 		case LINUX_TCOFLUSH:
840 			val = FWRITE;
841 			break;
842 		case LINUX_TCIOFLUSH:
843 			val = FREAD | FWRITE;
844 			break;
845 		default:
846 			fdrop(fp, td);
847 			return (EINVAL);
848 		}
849 		error = (fo_ioctl(fp,TIOCFLUSH,(caddr_t)&val,td->td_ucred,td));
850 		break;
851 	}
852 
853 	case LINUX_TIOCEXCL:
854 		args->cmd = TIOCEXCL;
855 		error = (sys_ioctl(td, (struct ioctl_args *)args));
856 		break;
857 
858 	case LINUX_TIOCNXCL:
859 		args->cmd = TIOCNXCL;
860 		error = (sys_ioctl(td, (struct ioctl_args *)args));
861 		break;
862 
863 	case LINUX_TIOCSCTTY:
864 		args->cmd = TIOCSCTTY;
865 		error = (sys_ioctl(td, (struct ioctl_args *)args));
866 		break;
867 
868 	case LINUX_TIOCGPGRP:
869 		args->cmd = TIOCGPGRP;
870 		error = (sys_ioctl(td, (struct ioctl_args *)args));
871 		break;
872 
873 	case LINUX_TIOCSPGRP:
874 		args->cmd = TIOCSPGRP;
875 		error = (sys_ioctl(td, (struct ioctl_args *)args));
876 		break;
877 
878 	/* LINUX_TIOCOUTQ */
879 	/* LINUX_TIOCSTI */
880 
881 	case LINUX_TIOCGWINSZ:
882 		args->cmd = TIOCGWINSZ;
883 		error = (sys_ioctl(td, (struct ioctl_args *)args));
884 		break;
885 
886 	case LINUX_TIOCSWINSZ:
887 		args->cmd = TIOCSWINSZ;
888 		error = (sys_ioctl(td, (struct ioctl_args *)args));
889 		break;
890 
891 	case LINUX_TIOCMGET:
892 		args->cmd = TIOCMGET;
893 		error = (sys_ioctl(td, (struct ioctl_args *)args));
894 		break;
895 
896 	case LINUX_TIOCMBIS:
897 		args->cmd = TIOCMBIS;
898 		error = (sys_ioctl(td, (struct ioctl_args *)args));
899 		break;
900 
901 	case LINUX_TIOCMBIC:
902 		args->cmd = TIOCMBIC;
903 		error = (sys_ioctl(td, (struct ioctl_args *)args));
904 		break;
905 
906 	case LINUX_TIOCMSET:
907 		args->cmd = TIOCMSET;
908 		error = (sys_ioctl(td, (struct ioctl_args *)args));
909 		break;
910 
911 	/* TIOCGSOFTCAR */
912 	/* TIOCSSOFTCAR */
913 
914 	case LINUX_FIONREAD: /* LINUX_TIOCINQ */
915 		args->cmd = FIONREAD;
916 		error = (sys_ioctl(td, (struct ioctl_args *)args));
917 		break;
918 
919 	/* LINUX_TIOCLINUX */
920 
921 	case LINUX_TIOCCONS:
922 		args->cmd = TIOCCONS;
923 		error = (sys_ioctl(td, (struct ioctl_args *)args));
924 		break;
925 
926 	case LINUX_TIOCGSERIAL: {
927 		struct linux_serial_struct lss;
928 
929 		bzero(&lss, sizeof(lss));
930 		lss.type = LINUX_PORT_16550A;
931 		lss.flags = 0;
932 		lss.close_delay = 0;
933 		error = copyout(&lss, (void *)args->arg, sizeof(lss));
934 		break;
935 	}
936 
937 	case LINUX_TIOCSSERIAL: {
938 		struct linux_serial_struct lss;
939 		error = copyin((void *)args->arg, &lss, sizeof(lss));
940 		if (error)
941 			break;
942 		/* XXX - It really helps to have an implementation that
943 		 * does nothing. NOT!
944 		 */
945 		error = 0;
946 		break;
947 	}
948 
949 	case LINUX_TIOCPKT:
950 		args->cmd = TIOCPKT;
951 		error = (sys_ioctl(td, (struct ioctl_args *)args));
952 		break;
953 
954 	case LINUX_FIONBIO:
955 		args->cmd = FIONBIO;
956 		error = (sys_ioctl(td, (struct ioctl_args *)args));
957 		break;
958 
959 	case LINUX_TIOCNOTTY:
960 		args->cmd = TIOCNOTTY;
961 		error = (sys_ioctl(td, (struct ioctl_args *)args));
962 		break;
963 
964 	case LINUX_TIOCSETD: {
965 		int line;
966 		switch (args->arg) {
967 		case LINUX_N_TTY:
968 			line = TTYDISC;
969 			break;
970 		case LINUX_N_SLIP:
971 			line = SLIPDISC;
972 			break;
973 		case LINUX_N_PPP:
974 			line = PPPDISC;
975 			break;
976 		default:
977 			fdrop(fp, td);
978 			return (EINVAL);
979 		}
980 		error = (fo_ioctl(fp, TIOCSETD, (caddr_t)&line, td->td_ucred,
981 		    td));
982 		break;
983 	}
984 
985 	case LINUX_TIOCGETD: {
986 		int linux_line;
987 		int bsd_line = TTYDISC;
988 		error = fo_ioctl(fp, TIOCGETD, (caddr_t)&bsd_line,
989 		    td->td_ucred, td);
990 		if (error)
991 			break;
992 		switch (bsd_line) {
993 		case TTYDISC:
994 			linux_line = LINUX_N_TTY;
995 			break;
996 		case SLIPDISC:
997 			linux_line = LINUX_N_SLIP;
998 			break;
999 		case PPPDISC:
1000 			linux_line = LINUX_N_PPP;
1001 			break;
1002 		default:
1003 			fdrop(fp, td);
1004 			return (EINVAL);
1005 		}
1006 		error = (copyout(&linux_line, (void *)args->arg, sizeof(int)));
1007 		break;
1008 	}
1009 
1010 	/* LINUX_TCSBRKP */
1011 	/* LINUX_TIOCTTYGSTRUCT */
1012 
1013 	case LINUX_FIONCLEX:
1014 		args->cmd = FIONCLEX;
1015 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1016 		break;
1017 
1018 	case LINUX_FIOCLEX:
1019 		args->cmd = FIOCLEX;
1020 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1021 		break;
1022 
1023 	case LINUX_FIOASYNC:
1024 		args->cmd = FIOASYNC;
1025 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1026 		break;
1027 
1028 	/* LINUX_TIOCSERCONFIG */
1029 	/* LINUX_TIOCSERGWILD */
1030 	/* LINUX_TIOCSERSWILD */
1031 	/* LINUX_TIOCGLCKTRMIOS */
1032 	/* LINUX_TIOCSLCKTRMIOS */
1033 
1034 	case LINUX_TIOCSBRK:
1035 		args->cmd = TIOCSBRK;
1036 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1037 		break;
1038 
1039 	case LINUX_TIOCCBRK:
1040 		args->cmd = TIOCCBRK;
1041 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1042 		break;
1043 	case LINUX_TIOCGPTN: {
1044 		int nb;
1045 
1046 		error = fo_ioctl(fp, TIOCGPTN, (caddr_t)&nb, td->td_ucred, td);
1047 		if (!error)
1048 			error = copyout(&nb, (void *)args->arg,
1049 			    sizeof(int));
1050 		break;
1051 	}
1052 	case LINUX_TIOCSPTLCK:
1053 		/* Our unlockpt() does nothing. */
1054 		error = 0;
1055 		break;
1056 	default:
1057 		error = ENOIOCTL;
1058 		break;
1059 	}
1060 
1061 	fdrop(fp, td);
1062 	return (error);
1063 }
1064 
1065 /*
1066  * CDROM related ioctls
1067  */
1068 
1069 struct linux_cdrom_msf
1070 {
1071 	u_char	cdmsf_min0;
1072 	u_char	cdmsf_sec0;
1073 	u_char	cdmsf_frame0;
1074 	u_char	cdmsf_min1;
1075 	u_char	cdmsf_sec1;
1076 	u_char	cdmsf_frame1;
1077 };
1078 
1079 struct linux_cdrom_tochdr
1080 {
1081 	u_char	cdth_trk0;
1082 	u_char	cdth_trk1;
1083 };
1084 
1085 union linux_cdrom_addr
1086 {
1087 	struct {
1088 		u_char	minute;
1089 		u_char	second;
1090 		u_char	frame;
1091 	} msf;
1092 	int	lba;
1093 };
1094 
1095 struct linux_cdrom_tocentry
1096 {
1097 	u_char	cdte_track;
1098 	u_char	cdte_adr:4;
1099 	u_char	cdte_ctrl:4;
1100 	u_char	cdte_format;
1101 	union linux_cdrom_addr cdte_addr;
1102 	u_char	cdte_datamode;
1103 };
1104 
1105 struct linux_cdrom_subchnl
1106 {
1107 	u_char	cdsc_format;
1108 	u_char	cdsc_audiostatus;
1109 	u_char	cdsc_adr:4;
1110 	u_char	cdsc_ctrl:4;
1111 	u_char	cdsc_trk;
1112 	u_char	cdsc_ind;
1113 	union linux_cdrom_addr cdsc_absaddr;
1114 	union linux_cdrom_addr cdsc_reladdr;
1115 };
1116 
1117 struct l_cdrom_read_audio {
1118 	union linux_cdrom_addr addr;
1119 	u_char		addr_format;
1120 	l_int		nframes;
1121 	u_char		*buf;
1122 };
1123 
1124 struct l_dvd_layer {
1125 	u_char		book_version:4;
1126 	u_char		book_type:4;
1127 	u_char		min_rate:4;
1128 	u_char		disc_size:4;
1129 	u_char		layer_type:4;
1130 	u_char		track_path:1;
1131 	u_char		nlayers:2;
1132 	u_char		track_density:4;
1133 	u_char		linear_density:4;
1134 	u_char		bca:1;
1135 	u_int32_t	start_sector;
1136 	u_int32_t	end_sector;
1137 	u_int32_t	end_sector_l0;
1138 };
1139 
1140 struct l_dvd_physical {
1141 	u_char		type;
1142 	u_char		layer_num;
1143 	struct l_dvd_layer layer[4];
1144 };
1145 
1146 struct l_dvd_copyright {
1147 	u_char		type;
1148 	u_char		layer_num;
1149 	u_char		cpst;
1150 	u_char		rmi;
1151 };
1152 
1153 struct l_dvd_disckey {
1154 	u_char		type;
1155 	l_uint		agid:2;
1156 	u_char		value[2048];
1157 };
1158 
1159 struct l_dvd_bca {
1160 	u_char		type;
1161 	l_int		len;
1162 	u_char		value[188];
1163 };
1164 
1165 struct l_dvd_manufact {
1166 	u_char		type;
1167 	u_char		layer_num;
1168 	l_int		len;
1169 	u_char		value[2048];
1170 };
1171 
1172 typedef union {
1173 	u_char			type;
1174 	struct l_dvd_physical	physical;
1175 	struct l_dvd_copyright	copyright;
1176 	struct l_dvd_disckey	disckey;
1177 	struct l_dvd_bca	bca;
1178 	struct l_dvd_manufact	manufact;
1179 } l_dvd_struct;
1180 
1181 typedef u_char l_dvd_key[5];
1182 typedef u_char l_dvd_challenge[10];
1183 
1184 struct l_dvd_lu_send_agid {
1185 	u_char		type;
1186 	l_uint		agid:2;
1187 };
1188 
1189 struct l_dvd_host_send_challenge {
1190 	u_char		type;
1191 	l_uint		agid:2;
1192 	l_dvd_challenge	chal;
1193 };
1194 
1195 struct l_dvd_send_key {
1196 	u_char		type;
1197 	l_uint		agid:2;
1198 	l_dvd_key	key;
1199 };
1200 
1201 struct l_dvd_lu_send_challenge {
1202 	u_char		type;
1203 	l_uint		agid:2;
1204 	l_dvd_challenge	chal;
1205 };
1206 
1207 struct l_dvd_lu_send_title_key {
1208 	u_char		type;
1209 	l_uint		agid:2;
1210 	l_dvd_key	title_key;
1211 	l_int		lba;
1212 	l_uint		cpm:1;
1213 	l_uint		cp_sec:1;
1214 	l_uint		cgms:2;
1215 };
1216 
1217 struct l_dvd_lu_send_asf {
1218 	u_char		type;
1219 	l_uint		agid:2;
1220 	l_uint		asf:1;
1221 };
1222 
1223 struct l_dvd_host_send_rpcstate {
1224 	u_char		type;
1225 	u_char		pdrc;
1226 };
1227 
1228 struct l_dvd_lu_send_rpcstate {
1229 	u_char		type:2;
1230 	u_char		vra:3;
1231 	u_char		ucca:3;
1232 	u_char		region_mask;
1233 	u_char		rpc_scheme;
1234 };
1235 
1236 typedef union {
1237 	u_char				type;
1238 	struct l_dvd_lu_send_agid	lsa;
1239 	struct l_dvd_host_send_challenge hsc;
1240 	struct l_dvd_send_key		lsk;
1241 	struct l_dvd_lu_send_challenge	lsc;
1242 	struct l_dvd_send_key		hsk;
1243 	struct l_dvd_lu_send_title_key	lstk;
1244 	struct l_dvd_lu_send_asf	lsasf;
1245 	struct l_dvd_host_send_rpcstate	hrpcs;
1246 	struct l_dvd_lu_send_rpcstate	lrpcs;
1247 } l_dvd_authinfo;
1248 
1249 static void
bsd_to_linux_msf_lba(u_char af,union msf_lba * bp,union linux_cdrom_addr * lp)1250 bsd_to_linux_msf_lba(u_char af, union msf_lba *bp, union linux_cdrom_addr *lp)
1251 {
1252 	if (af == CD_LBA_FORMAT)
1253 		lp->lba = bp->lba;
1254 	else {
1255 		lp->msf.minute = bp->msf.minute;
1256 		lp->msf.second = bp->msf.second;
1257 		lp->msf.frame = bp->msf.frame;
1258 	}
1259 }
1260 
1261 static void
set_linux_cdrom_addr(union linux_cdrom_addr * addr,int format,int lba)1262 set_linux_cdrom_addr(union linux_cdrom_addr *addr, int format, int lba)
1263 {
1264 	if (format == LINUX_CDROM_MSF) {
1265 		addr->msf.frame = lba % 75;
1266 		lba /= 75;
1267 		lba += 2;
1268 		addr->msf.second = lba % 60;
1269 		addr->msf.minute = lba / 60;
1270 	} else
1271 		addr->lba = lba;
1272 }
1273 
1274 static int
linux_to_bsd_dvd_struct(l_dvd_struct * lp,struct dvd_struct * bp)1275 linux_to_bsd_dvd_struct(l_dvd_struct *lp, struct dvd_struct *bp)
1276 {
1277 	bp->format = lp->type;
1278 	switch (bp->format) {
1279 	case DVD_STRUCT_PHYSICAL:
1280 		if (bp->layer_num >= 4)
1281 			return (EINVAL);
1282 		bp->layer_num = lp->physical.layer_num;
1283 		break;
1284 	case DVD_STRUCT_COPYRIGHT:
1285 		bp->layer_num = lp->copyright.layer_num;
1286 		break;
1287 	case DVD_STRUCT_DISCKEY:
1288 		bp->agid = lp->disckey.agid;
1289 		break;
1290 	case DVD_STRUCT_BCA:
1291 	case DVD_STRUCT_MANUFACT:
1292 		break;
1293 	default:
1294 		return (EINVAL);
1295 	}
1296 	return (0);
1297 }
1298 
1299 static int
bsd_to_linux_dvd_struct(struct dvd_struct * bp,l_dvd_struct * lp)1300 bsd_to_linux_dvd_struct(struct dvd_struct *bp, l_dvd_struct *lp)
1301 {
1302 	switch (bp->format) {
1303 	case DVD_STRUCT_PHYSICAL: {
1304 		struct dvd_layer *blp = (struct dvd_layer *)bp->data;
1305 		struct l_dvd_layer *llp = &lp->physical.layer[bp->layer_num];
1306 		memset(llp, 0, sizeof(*llp));
1307 		llp->book_version = blp->book_version;
1308 		llp->book_type = blp->book_type;
1309 		llp->min_rate = blp->max_rate;
1310 		llp->disc_size = blp->disc_size;
1311 		llp->layer_type = blp->layer_type;
1312 		llp->track_path = blp->track_path;
1313 		llp->nlayers = blp->nlayers;
1314 		llp->track_density = blp->track_density;
1315 		llp->linear_density = blp->linear_density;
1316 		llp->bca = blp->bca;
1317 		llp->start_sector = blp->start_sector;
1318 		llp->end_sector = blp->end_sector;
1319 		llp->end_sector_l0 = blp->end_sector_l0;
1320 		break;
1321 	}
1322 	case DVD_STRUCT_COPYRIGHT:
1323 		lp->copyright.cpst = bp->cpst;
1324 		lp->copyright.rmi = bp->rmi;
1325 		break;
1326 	case DVD_STRUCT_DISCKEY:
1327 		memcpy(lp->disckey.value, bp->data, sizeof(lp->disckey.value));
1328 		break;
1329 	case DVD_STRUCT_BCA:
1330 		lp->bca.len = bp->length;
1331 		memcpy(lp->bca.value, bp->data, sizeof(lp->bca.value));
1332 		break;
1333 	case DVD_STRUCT_MANUFACT:
1334 		lp->manufact.len = bp->length;
1335 		memcpy(lp->manufact.value, bp->data,
1336 		    sizeof(lp->manufact.value));
1337 		/* lp->manufact.layer_num is unused in linux (redhat 7.0) */
1338 		break;
1339 	default:
1340 		return (EINVAL);
1341 	}
1342 	return (0);
1343 }
1344 
1345 static int
linux_to_bsd_dvd_authinfo(l_dvd_authinfo * lp,int * bcode,struct dvd_authinfo * bp)1346 linux_to_bsd_dvd_authinfo(l_dvd_authinfo *lp, int *bcode,
1347     struct dvd_authinfo *bp)
1348 {
1349 	switch (lp->type) {
1350 	case LINUX_DVD_LU_SEND_AGID:
1351 		*bcode = DVDIOCREPORTKEY;
1352 		bp->format = DVD_REPORT_AGID;
1353 		bp->agid = lp->lsa.agid;
1354 		break;
1355 	case LINUX_DVD_HOST_SEND_CHALLENGE:
1356 		*bcode = DVDIOCSENDKEY;
1357 		bp->format = DVD_SEND_CHALLENGE;
1358 		bp->agid = lp->hsc.agid;
1359 		memcpy(bp->keychal, lp->hsc.chal, 10);
1360 		break;
1361 	case LINUX_DVD_LU_SEND_KEY1:
1362 		*bcode = DVDIOCREPORTKEY;
1363 		bp->format = DVD_REPORT_KEY1;
1364 		bp->agid = lp->lsk.agid;
1365 		break;
1366 	case LINUX_DVD_LU_SEND_CHALLENGE:
1367 		*bcode = DVDIOCREPORTKEY;
1368 		bp->format = DVD_REPORT_CHALLENGE;
1369 		bp->agid = lp->lsc.agid;
1370 		break;
1371 	case LINUX_DVD_HOST_SEND_KEY2:
1372 		*bcode = DVDIOCSENDKEY;
1373 		bp->format = DVD_SEND_KEY2;
1374 		bp->agid = lp->hsk.agid;
1375 		memcpy(bp->keychal, lp->hsk.key, 5);
1376 		break;
1377 	case LINUX_DVD_LU_SEND_TITLE_KEY:
1378 		*bcode = DVDIOCREPORTKEY;
1379 		bp->format = DVD_REPORT_TITLE_KEY;
1380 		bp->agid = lp->lstk.agid;
1381 		bp->lba = lp->lstk.lba;
1382 		break;
1383 	case LINUX_DVD_LU_SEND_ASF:
1384 		*bcode = DVDIOCREPORTKEY;
1385 		bp->format = DVD_REPORT_ASF;
1386 		bp->agid = lp->lsasf.agid;
1387 		break;
1388 	case LINUX_DVD_INVALIDATE_AGID:
1389 		*bcode = DVDIOCREPORTKEY;
1390 		bp->format = DVD_INVALIDATE_AGID;
1391 		bp->agid = lp->lsa.agid;
1392 		break;
1393 	case LINUX_DVD_LU_SEND_RPC_STATE:
1394 		*bcode = DVDIOCREPORTKEY;
1395 		bp->format = DVD_REPORT_RPC;
1396 		break;
1397 	case LINUX_DVD_HOST_SEND_RPC_STATE:
1398 		*bcode = DVDIOCSENDKEY;
1399 		bp->format = DVD_SEND_RPC;
1400 		bp->region = lp->hrpcs.pdrc;
1401 		break;
1402 	default:
1403 		return (EINVAL);
1404 	}
1405 	return (0);
1406 }
1407 
1408 static int
bsd_to_linux_dvd_authinfo(struct dvd_authinfo * bp,l_dvd_authinfo * lp)1409 bsd_to_linux_dvd_authinfo(struct dvd_authinfo *bp, l_dvd_authinfo *lp)
1410 {
1411 	switch (lp->type) {
1412 	case LINUX_DVD_LU_SEND_AGID:
1413 		lp->lsa.agid = bp->agid;
1414 		break;
1415 	case LINUX_DVD_HOST_SEND_CHALLENGE:
1416 		lp->type = LINUX_DVD_LU_SEND_KEY1;
1417 		break;
1418 	case LINUX_DVD_LU_SEND_KEY1:
1419 		memcpy(lp->lsk.key, bp->keychal, sizeof(lp->lsk.key));
1420 		break;
1421 	case LINUX_DVD_LU_SEND_CHALLENGE:
1422 		memcpy(lp->lsc.chal, bp->keychal, sizeof(lp->lsc.chal));
1423 		break;
1424 	case LINUX_DVD_HOST_SEND_KEY2:
1425 		lp->type = LINUX_DVD_AUTH_ESTABLISHED;
1426 		break;
1427 	case LINUX_DVD_LU_SEND_TITLE_KEY:
1428 		memcpy(lp->lstk.title_key, bp->keychal,
1429 		    sizeof(lp->lstk.title_key));
1430 		lp->lstk.cpm = bp->cpm;
1431 		lp->lstk.cp_sec = bp->cp_sec;
1432 		lp->lstk.cgms = bp->cgms;
1433 		break;
1434 	case LINUX_DVD_LU_SEND_ASF:
1435 		lp->lsasf.asf = bp->asf;
1436 		break;
1437 	case LINUX_DVD_INVALIDATE_AGID:
1438 		break;
1439 	case LINUX_DVD_LU_SEND_RPC_STATE:
1440 		lp->lrpcs.type = bp->reg_type;
1441 		lp->lrpcs.vra = bp->vend_rsts;
1442 		lp->lrpcs.ucca = bp->user_rsts;
1443 		lp->lrpcs.region_mask = bp->region;
1444 		lp->lrpcs.rpc_scheme = bp->rpc_scheme;
1445 		break;
1446 	case LINUX_DVD_HOST_SEND_RPC_STATE:
1447 		break;
1448 	default:
1449 		return (EINVAL);
1450 	}
1451 	return (0);
1452 }
1453 
1454 static int
linux_ioctl_cdrom(struct thread * td,struct linux_ioctl_args * args)1455 linux_ioctl_cdrom(struct thread *td, struct linux_ioctl_args *args)
1456 {
1457 	cap_rights_t rights;
1458 	struct file *fp;
1459 	int error;
1460 
1461 	error = fget(td, args->fd, cap_rights_init(&rights, CAP_IOCTL), &fp);
1462 	if (error != 0)
1463 		return (error);
1464 	switch (args->cmd & 0xffff) {
1465 
1466 	case LINUX_CDROMPAUSE:
1467 		args->cmd = CDIOCPAUSE;
1468 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1469 		break;
1470 
1471 	case LINUX_CDROMRESUME:
1472 		args->cmd = CDIOCRESUME;
1473 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1474 		break;
1475 
1476 	case LINUX_CDROMPLAYMSF:
1477 		args->cmd = CDIOCPLAYMSF;
1478 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1479 		break;
1480 
1481 	case LINUX_CDROMPLAYTRKIND:
1482 		args->cmd = CDIOCPLAYTRACKS;
1483 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1484 		break;
1485 
1486 	case LINUX_CDROMREADTOCHDR: {
1487 		struct ioc_toc_header th;
1488 		struct linux_cdrom_tochdr lth;
1489 		error = fo_ioctl(fp, CDIOREADTOCHEADER, (caddr_t)&th,
1490 		    td->td_ucred, td);
1491 		if (!error) {
1492 			lth.cdth_trk0 = th.starting_track;
1493 			lth.cdth_trk1 = th.ending_track;
1494 			copyout(&lth, (void *)args->arg, sizeof(lth));
1495 		}
1496 		break;
1497 	}
1498 
1499 	case LINUX_CDROMREADTOCENTRY: {
1500 		struct linux_cdrom_tocentry lte;
1501 		struct ioc_read_toc_single_entry irtse;
1502 
1503 		error = copyin((void *)args->arg, &lte, sizeof(lte));
1504 		if (error)
1505 			break;
1506 		irtse.address_format = lte.cdte_format;
1507 		irtse.track = lte.cdte_track;
1508 		error = fo_ioctl(fp, CDIOREADTOCENTRY, (caddr_t)&irtse,
1509 		    td->td_ucred, td);
1510 		if (!error) {
1511 			lte.cdte_ctrl = irtse.entry.control;
1512 			lte.cdte_adr = irtse.entry.addr_type;
1513 			bsd_to_linux_msf_lba(irtse.address_format,
1514 			    &irtse.entry.addr, &lte.cdte_addr);
1515 			error = copyout(&lte, (void *)args->arg, sizeof(lte));
1516 		}
1517 		break;
1518 	}
1519 
1520 	case LINUX_CDROMSTOP:
1521 		args->cmd = CDIOCSTOP;
1522 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1523 		break;
1524 
1525 	case LINUX_CDROMSTART:
1526 		args->cmd = CDIOCSTART;
1527 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1528 		break;
1529 
1530 	case LINUX_CDROMEJECT:
1531 		args->cmd = CDIOCEJECT;
1532 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1533 		break;
1534 
1535 	/* LINUX_CDROMVOLCTRL */
1536 
1537 	case LINUX_CDROMSUBCHNL: {
1538 		struct linux_cdrom_subchnl sc;
1539 		struct ioc_read_subchannel bsdsc;
1540 		struct cd_sub_channel_info bsdinfo;
1541 
1542 		bsdsc.address_format = CD_LBA_FORMAT;
1543 		bsdsc.data_format = CD_CURRENT_POSITION;
1544 		bsdsc.track = 0;
1545 		bsdsc.data_len = sizeof(bsdinfo);
1546 		bsdsc.data = &bsdinfo;
1547 		error = fo_ioctl(fp, CDIOCREADSUBCHANNEL_SYSSPACE,
1548 		    (caddr_t)&bsdsc, td->td_ucred, td);
1549 		if (error)
1550 			break;
1551 		error = copyin((void *)args->arg, &sc, sizeof(sc));
1552 		if (error)
1553 			break;
1554 		sc.cdsc_audiostatus = bsdinfo.header.audio_status;
1555 		sc.cdsc_adr = bsdinfo.what.position.addr_type;
1556 		sc.cdsc_ctrl = bsdinfo.what.position.control;
1557 		sc.cdsc_trk = bsdinfo.what.position.track_number;
1558 		sc.cdsc_ind = bsdinfo.what.position.index_number;
1559 		set_linux_cdrom_addr(&sc.cdsc_absaddr, sc.cdsc_format,
1560 		    bsdinfo.what.position.absaddr.lba);
1561 		set_linux_cdrom_addr(&sc.cdsc_reladdr, sc.cdsc_format,
1562 		    bsdinfo.what.position.reladdr.lba);
1563 		error = copyout(&sc, (void *)args->arg, sizeof(sc));
1564 		break;
1565 	}
1566 
1567 	/* LINUX_CDROMREADMODE2 */
1568 	/* LINUX_CDROMREADMODE1 */
1569 	/* LINUX_CDROMREADAUDIO */
1570 	/* LINUX_CDROMEJECT_SW */
1571 	/* LINUX_CDROMMULTISESSION */
1572 	/* LINUX_CDROM_GET_UPC */
1573 
1574 	case LINUX_CDROMRESET:
1575 		args->cmd = CDIOCRESET;
1576 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1577 		break;
1578 
1579 	/* LINUX_CDROMVOLREAD */
1580 	/* LINUX_CDROMREADRAW */
1581 	/* LINUX_CDROMREADCOOKED */
1582 	/* LINUX_CDROMSEEK */
1583 	/* LINUX_CDROMPLAYBLK */
1584 	/* LINUX_CDROMREADALL */
1585 	/* LINUX_CDROMCLOSETRAY */
1586 	/* LINUX_CDROMLOADFROMSLOT */
1587 	/* LINUX_CDROMGETSPINDOWN */
1588 	/* LINUX_CDROMSETSPINDOWN */
1589 	/* LINUX_CDROM_SET_OPTIONS */
1590 	/* LINUX_CDROM_CLEAR_OPTIONS */
1591 	/* LINUX_CDROM_SELECT_SPEED */
1592 	/* LINUX_CDROM_SELECT_DISC */
1593 	/* LINUX_CDROM_MEDIA_CHANGED */
1594 	/* LINUX_CDROM_DRIVE_STATUS */
1595 	/* LINUX_CDROM_DISC_STATUS */
1596 	/* LINUX_CDROM_CHANGER_NSLOTS */
1597 	/* LINUX_CDROM_LOCKDOOR */
1598 	/* LINUX_CDROM_DEBUG */
1599 	/* LINUX_CDROM_GET_CAPABILITY */
1600 	/* LINUX_CDROMAUDIOBUFSIZ */
1601 
1602 	case LINUX_DVD_READ_STRUCT: {
1603 		l_dvd_struct *lds;
1604 		struct dvd_struct *bds;
1605 
1606 		lds = malloc(sizeof(*lds), M_LINUX, M_WAITOK);
1607 		bds = malloc(sizeof(*bds), M_LINUX, M_WAITOK);
1608 		error = copyin((void *)args->arg, lds, sizeof(*lds));
1609 		if (error)
1610 			goto out;
1611 		error = linux_to_bsd_dvd_struct(lds, bds);
1612 		if (error)
1613 			goto out;
1614 		error = fo_ioctl(fp, DVDIOCREADSTRUCTURE, (caddr_t)bds,
1615 		    td->td_ucred, td);
1616 		if (error)
1617 			goto out;
1618 		error = bsd_to_linux_dvd_struct(bds, lds);
1619 		if (error)
1620 			goto out;
1621 		error = copyout(lds, (void *)args->arg, sizeof(*lds));
1622 	out:
1623 		free(bds, M_LINUX);
1624 		free(lds, M_LINUX);
1625 		break;
1626 	}
1627 
1628 	/* LINUX_DVD_WRITE_STRUCT */
1629 
1630 	case LINUX_DVD_AUTH: {
1631 		l_dvd_authinfo lda;
1632 		struct dvd_authinfo bda;
1633 		int bcode;
1634 
1635 		error = copyin((void *)args->arg, &lda, sizeof(lda));
1636 		if (error)
1637 			break;
1638 		error = linux_to_bsd_dvd_authinfo(&lda, &bcode, &bda);
1639 		if (error)
1640 			break;
1641 		error = fo_ioctl(fp, bcode, (caddr_t)&bda, td->td_ucred,
1642 		    td);
1643 		if (error) {
1644 			if (lda.type == LINUX_DVD_HOST_SEND_KEY2) {
1645 				lda.type = LINUX_DVD_AUTH_FAILURE;
1646 				copyout(&lda, (void *)args->arg, sizeof(lda));
1647 			}
1648 			break;
1649 		}
1650 		error = bsd_to_linux_dvd_authinfo(&bda, &lda);
1651 		if (error)
1652 			break;
1653 		error = copyout(&lda, (void *)args->arg, sizeof(lda));
1654 		break;
1655 	}
1656 
1657 	case LINUX_SCSI_GET_BUS_NUMBER:
1658 	{
1659 		struct sg_scsi_id id;
1660 
1661 		error = fo_ioctl(fp, SG_GET_SCSI_ID, (caddr_t)&id,
1662 		    td->td_ucred, td);
1663 		if (error)
1664 			break;
1665 		error = copyout(&id.channel, (void *)args->arg, sizeof(int));
1666 		break;
1667 	}
1668 
1669 	case LINUX_SCSI_GET_IDLUN:
1670 	{
1671 		struct sg_scsi_id id;
1672 		struct scsi_idlun idl;
1673 
1674 		error = fo_ioctl(fp, SG_GET_SCSI_ID, (caddr_t)&id,
1675 		    td->td_ucred, td);
1676 		if (error)
1677 			break;
1678 		idl.dev_id = (id.scsi_id & 0xff) + ((id.lun & 0xff) << 8) +
1679 		    ((id.channel & 0xff) << 16) + ((id.host_no & 0xff) << 24);
1680 		idl.host_unique_id = id.host_no;
1681 		error = copyout(&idl, (void *)args->arg, sizeof(idl));
1682 		break;
1683 	}
1684 
1685 	/* LINUX_CDROM_SEND_PACKET */
1686 	/* LINUX_CDROM_NEXT_WRITABLE */
1687 	/* LINUX_CDROM_LAST_WRITTEN */
1688 
1689 	default:
1690 		error = ENOIOCTL;
1691 		break;
1692 	}
1693 
1694 	fdrop(fp, td);
1695 	return (error);
1696 }
1697 
1698 static int
linux_ioctl_vfat(struct thread * td,struct linux_ioctl_args * args)1699 linux_ioctl_vfat(struct thread *td, struct linux_ioctl_args *args)
1700 {
1701 
1702 	return (ENOTTY);
1703 }
1704 
1705 /*
1706  * Sound related ioctls
1707  */
1708 
1709 struct linux_old_mixer_info {
1710 	char	id[16];
1711 	char	name[32];
1712 };
1713 
1714 static u_int32_t dirbits[4] = { IOC_VOID, IOC_IN, IOC_OUT, IOC_INOUT };
1715 
1716 #define	SETDIR(c)	(((c) & ~IOC_DIRMASK) | dirbits[args->cmd >> 30])
1717 
1718 static int
linux_ioctl_sound(struct thread * td,struct linux_ioctl_args * args)1719 linux_ioctl_sound(struct thread *td, struct linux_ioctl_args *args)
1720 {
1721 
1722 	switch (args->cmd & 0xffff) {
1723 
1724 	case LINUX_SOUND_MIXER_WRITE_VOLUME:
1725 		args->cmd = SETDIR(SOUND_MIXER_WRITE_VOLUME);
1726 		return (sys_ioctl(td, (struct ioctl_args *)args));
1727 
1728 	case LINUX_SOUND_MIXER_WRITE_BASS:
1729 		args->cmd = SETDIR(SOUND_MIXER_WRITE_BASS);
1730 		return (sys_ioctl(td, (struct ioctl_args *)args));
1731 
1732 	case LINUX_SOUND_MIXER_WRITE_TREBLE:
1733 		args->cmd = SETDIR(SOUND_MIXER_WRITE_TREBLE);
1734 		return (sys_ioctl(td, (struct ioctl_args *)args));
1735 
1736 	case LINUX_SOUND_MIXER_WRITE_SYNTH:
1737 		args->cmd = SETDIR(SOUND_MIXER_WRITE_SYNTH);
1738 		return (sys_ioctl(td, (struct ioctl_args *)args));
1739 
1740 	case LINUX_SOUND_MIXER_WRITE_PCM:
1741 		args->cmd = SETDIR(SOUND_MIXER_WRITE_PCM);
1742 		return (sys_ioctl(td, (struct ioctl_args *)args));
1743 
1744 	case LINUX_SOUND_MIXER_WRITE_SPEAKER:
1745 		args->cmd = SETDIR(SOUND_MIXER_WRITE_SPEAKER);
1746 		return (sys_ioctl(td, (struct ioctl_args *)args));
1747 
1748 	case LINUX_SOUND_MIXER_WRITE_LINE:
1749 		args->cmd = SETDIR(SOUND_MIXER_WRITE_LINE);
1750 		return (sys_ioctl(td, (struct ioctl_args *)args));
1751 
1752 	case LINUX_SOUND_MIXER_WRITE_MIC:
1753 		args->cmd = SETDIR(SOUND_MIXER_WRITE_MIC);
1754 		return (sys_ioctl(td, (struct ioctl_args *)args));
1755 
1756 	case LINUX_SOUND_MIXER_WRITE_CD:
1757 		args->cmd = SETDIR(SOUND_MIXER_WRITE_CD);
1758 		return (sys_ioctl(td, (struct ioctl_args *)args));
1759 
1760 	case LINUX_SOUND_MIXER_WRITE_IMIX:
1761 		args->cmd = SETDIR(SOUND_MIXER_WRITE_IMIX);
1762 		return (sys_ioctl(td, (struct ioctl_args *)args));
1763 
1764 	case LINUX_SOUND_MIXER_WRITE_ALTPCM:
1765 		args->cmd = SETDIR(SOUND_MIXER_WRITE_ALTPCM);
1766 		return (sys_ioctl(td, (struct ioctl_args *)args));
1767 
1768 	case LINUX_SOUND_MIXER_WRITE_RECLEV:
1769 		args->cmd = SETDIR(SOUND_MIXER_WRITE_RECLEV);
1770 		return (sys_ioctl(td, (struct ioctl_args *)args));
1771 
1772 	case LINUX_SOUND_MIXER_WRITE_IGAIN:
1773 		args->cmd = SETDIR(SOUND_MIXER_WRITE_IGAIN);
1774 		return (sys_ioctl(td, (struct ioctl_args *)args));
1775 
1776 	case LINUX_SOUND_MIXER_WRITE_OGAIN:
1777 		args->cmd = SETDIR(SOUND_MIXER_WRITE_OGAIN);
1778 		return (sys_ioctl(td, (struct ioctl_args *)args));
1779 
1780 	case LINUX_SOUND_MIXER_WRITE_LINE1:
1781 		args->cmd = SETDIR(SOUND_MIXER_WRITE_LINE1);
1782 		return (sys_ioctl(td, (struct ioctl_args *)args));
1783 
1784 	case LINUX_SOUND_MIXER_WRITE_LINE2:
1785 		args->cmd = SETDIR(SOUND_MIXER_WRITE_LINE2);
1786 		return (sys_ioctl(td, (struct ioctl_args *)args));
1787 
1788 	case LINUX_SOUND_MIXER_WRITE_LINE3:
1789 		args->cmd = SETDIR(SOUND_MIXER_WRITE_LINE3);
1790 		return (sys_ioctl(td, (struct ioctl_args *)args));
1791 
1792 	case LINUX_SOUND_MIXER_INFO: {
1793 		/* Key on encoded length */
1794 		switch ((args->cmd >> 16) & 0x1fff) {
1795 		case 0x005c: {	/* SOUND_MIXER_INFO */
1796 			args->cmd = SOUND_MIXER_INFO;
1797 			return (sys_ioctl(td, (struct ioctl_args *)args));
1798 		}
1799 		case 0x0030: {	/* SOUND_OLD_MIXER_INFO */
1800 			struct linux_old_mixer_info info;
1801 			bzero(&info, sizeof(info));
1802 			strncpy(info.id, "OSS", sizeof(info.id) - 1);
1803 			strncpy(info.name, "FreeBSD OSS Mixer", sizeof(info.name) - 1);
1804 			copyout(&info, (void *)args->arg, sizeof(info));
1805 			return (0);
1806 		}
1807 		default:
1808 			return (ENOIOCTL);
1809 		}
1810 		break;
1811 	}
1812 
1813 	case LINUX_OSS_GETVERSION: {
1814 		int version = linux_get_oss_version(td);
1815 		return (copyout(&version, (void *)args->arg, sizeof(int)));
1816 	}
1817 
1818 	case LINUX_SOUND_MIXER_READ_STEREODEVS:
1819 		args->cmd = SOUND_MIXER_READ_STEREODEVS;
1820 		return (sys_ioctl(td, (struct ioctl_args *)args));
1821 
1822 	case LINUX_SOUND_MIXER_READ_CAPS:
1823 		args->cmd = SOUND_MIXER_READ_CAPS;
1824 		return (sys_ioctl(td, (struct ioctl_args *)args));
1825 
1826 	case LINUX_SOUND_MIXER_READ_RECMASK:
1827 		args->cmd = SOUND_MIXER_READ_RECMASK;
1828 		return (sys_ioctl(td, (struct ioctl_args *)args));
1829 
1830 	case LINUX_SOUND_MIXER_READ_DEVMASK:
1831 		args->cmd = SOUND_MIXER_READ_DEVMASK;
1832 		return (sys_ioctl(td, (struct ioctl_args *)args));
1833 
1834 	case LINUX_SOUND_MIXER_WRITE_RECSRC:
1835 		args->cmd = SETDIR(SOUND_MIXER_WRITE_RECSRC);
1836 		return (sys_ioctl(td, (struct ioctl_args *)args));
1837 
1838 	case LINUX_SNDCTL_DSP_RESET:
1839 		args->cmd = SNDCTL_DSP_RESET;
1840 		return (sys_ioctl(td, (struct ioctl_args *)args));
1841 
1842 	case LINUX_SNDCTL_DSP_SYNC:
1843 		args->cmd = SNDCTL_DSP_SYNC;
1844 		return (sys_ioctl(td, (struct ioctl_args *)args));
1845 
1846 	case LINUX_SNDCTL_DSP_SPEED:
1847 		args->cmd = SNDCTL_DSP_SPEED;
1848 		return (sys_ioctl(td, (struct ioctl_args *)args));
1849 
1850 	case LINUX_SNDCTL_DSP_STEREO:
1851 		args->cmd = SNDCTL_DSP_STEREO;
1852 		return (sys_ioctl(td, (struct ioctl_args *)args));
1853 
1854 	case LINUX_SNDCTL_DSP_GETBLKSIZE: /* LINUX_SNDCTL_DSP_SETBLKSIZE */
1855 		args->cmd = SNDCTL_DSP_GETBLKSIZE;
1856 		return (sys_ioctl(td, (struct ioctl_args *)args));
1857 
1858 	case LINUX_SNDCTL_DSP_SETFMT:
1859 		args->cmd = SNDCTL_DSP_SETFMT;
1860 		return (sys_ioctl(td, (struct ioctl_args *)args));
1861 
1862 	case LINUX_SOUND_PCM_WRITE_CHANNELS:
1863 		args->cmd = SOUND_PCM_WRITE_CHANNELS;
1864 		return (sys_ioctl(td, (struct ioctl_args *)args));
1865 
1866 	case LINUX_SOUND_PCM_WRITE_FILTER:
1867 		args->cmd = SOUND_PCM_WRITE_FILTER;
1868 		return (sys_ioctl(td, (struct ioctl_args *)args));
1869 
1870 	case LINUX_SNDCTL_DSP_POST:
1871 		args->cmd = SNDCTL_DSP_POST;
1872 		return (sys_ioctl(td, (struct ioctl_args *)args));
1873 
1874 	case LINUX_SNDCTL_DSP_SUBDIVIDE:
1875 		args->cmd = SNDCTL_DSP_SUBDIVIDE;
1876 		return (sys_ioctl(td, (struct ioctl_args *)args));
1877 
1878 	case LINUX_SNDCTL_DSP_SETFRAGMENT:
1879 		args->cmd = SNDCTL_DSP_SETFRAGMENT;
1880 		return (sys_ioctl(td, (struct ioctl_args *)args));
1881 
1882 	case LINUX_SNDCTL_DSP_GETFMTS:
1883 		args->cmd = SNDCTL_DSP_GETFMTS;
1884 		return (sys_ioctl(td, (struct ioctl_args *)args));
1885 
1886 	case LINUX_SNDCTL_DSP_GETOSPACE:
1887 		args->cmd = SNDCTL_DSP_GETOSPACE;
1888 		return (sys_ioctl(td, (struct ioctl_args *)args));
1889 
1890 	case LINUX_SNDCTL_DSP_GETISPACE:
1891 		args->cmd = SNDCTL_DSP_GETISPACE;
1892 		return (sys_ioctl(td, (struct ioctl_args *)args));
1893 
1894 	case LINUX_SNDCTL_DSP_NONBLOCK:
1895 		args->cmd = SNDCTL_DSP_NONBLOCK;
1896 		return (sys_ioctl(td, (struct ioctl_args *)args));
1897 
1898 	case LINUX_SNDCTL_DSP_GETCAPS:
1899 		args->cmd = SNDCTL_DSP_GETCAPS;
1900 		return (sys_ioctl(td, (struct ioctl_args *)args));
1901 
1902 	case LINUX_SNDCTL_DSP_SETTRIGGER: /* LINUX_SNDCTL_GETTRIGGER */
1903 		args->cmd = SNDCTL_DSP_SETTRIGGER;
1904 		return (sys_ioctl(td, (struct ioctl_args *)args));
1905 
1906 	case LINUX_SNDCTL_DSP_GETIPTR:
1907 		args->cmd = SNDCTL_DSP_GETIPTR;
1908 		return (sys_ioctl(td, (struct ioctl_args *)args));
1909 
1910 	case LINUX_SNDCTL_DSP_GETOPTR:
1911 		args->cmd = SNDCTL_DSP_GETOPTR;
1912 		return (sys_ioctl(td, (struct ioctl_args *)args));
1913 
1914 	case LINUX_SNDCTL_DSP_SETDUPLEX:
1915 		args->cmd = SNDCTL_DSP_SETDUPLEX;
1916 		return (sys_ioctl(td, (struct ioctl_args *)args));
1917 
1918 	case LINUX_SNDCTL_DSP_GETODELAY:
1919 		args->cmd = SNDCTL_DSP_GETODELAY;
1920 		return (sys_ioctl(td, (struct ioctl_args *)args));
1921 
1922 	case LINUX_SNDCTL_SEQ_RESET:
1923 		args->cmd = SNDCTL_SEQ_RESET;
1924 		return (sys_ioctl(td, (struct ioctl_args *)args));
1925 
1926 	case LINUX_SNDCTL_SEQ_SYNC:
1927 		args->cmd = SNDCTL_SEQ_SYNC;
1928 		return (sys_ioctl(td, (struct ioctl_args *)args));
1929 
1930 	case LINUX_SNDCTL_SYNTH_INFO:
1931 		args->cmd = SNDCTL_SYNTH_INFO;
1932 		return (sys_ioctl(td, (struct ioctl_args *)args));
1933 
1934 	case LINUX_SNDCTL_SEQ_CTRLRATE:
1935 		args->cmd = SNDCTL_SEQ_CTRLRATE;
1936 		return (sys_ioctl(td, (struct ioctl_args *)args));
1937 
1938 	case LINUX_SNDCTL_SEQ_GETOUTCOUNT:
1939 		args->cmd = SNDCTL_SEQ_GETOUTCOUNT;
1940 		return (sys_ioctl(td, (struct ioctl_args *)args));
1941 
1942 	case LINUX_SNDCTL_SEQ_GETINCOUNT:
1943 		args->cmd = SNDCTL_SEQ_GETINCOUNT;
1944 		return (sys_ioctl(td, (struct ioctl_args *)args));
1945 
1946 	case LINUX_SNDCTL_SEQ_PERCMODE:
1947 		args->cmd = SNDCTL_SEQ_PERCMODE;
1948 		return (sys_ioctl(td, (struct ioctl_args *)args));
1949 
1950 	case LINUX_SNDCTL_FM_LOAD_INSTR:
1951 		args->cmd = SNDCTL_FM_LOAD_INSTR;
1952 		return (sys_ioctl(td, (struct ioctl_args *)args));
1953 
1954 	case LINUX_SNDCTL_SEQ_TESTMIDI:
1955 		args->cmd = SNDCTL_SEQ_TESTMIDI;
1956 		return (sys_ioctl(td, (struct ioctl_args *)args));
1957 
1958 	case LINUX_SNDCTL_SEQ_RESETSAMPLES:
1959 		args->cmd = SNDCTL_SEQ_RESETSAMPLES;
1960 		return (sys_ioctl(td, (struct ioctl_args *)args));
1961 
1962 	case LINUX_SNDCTL_SEQ_NRSYNTHS:
1963 		args->cmd = SNDCTL_SEQ_NRSYNTHS;
1964 		return (sys_ioctl(td, (struct ioctl_args *)args));
1965 
1966 	case LINUX_SNDCTL_SEQ_NRMIDIS:
1967 		args->cmd = SNDCTL_SEQ_NRMIDIS;
1968 		return (sys_ioctl(td, (struct ioctl_args *)args));
1969 
1970 	case LINUX_SNDCTL_MIDI_INFO:
1971 		args->cmd = SNDCTL_MIDI_INFO;
1972 		return (sys_ioctl(td, (struct ioctl_args *)args));
1973 
1974 	case LINUX_SNDCTL_SEQ_TRESHOLD:
1975 		args->cmd = SNDCTL_SEQ_TRESHOLD;
1976 		return (sys_ioctl(td, (struct ioctl_args *)args));
1977 
1978 	case LINUX_SNDCTL_SYNTH_MEMAVL:
1979 		args->cmd = SNDCTL_SYNTH_MEMAVL;
1980 		return (sys_ioctl(td, (struct ioctl_args *)args));
1981 
1982 	}
1983 
1984 	return (ENOIOCTL);
1985 }
1986 
1987 /*
1988  * Console related ioctls
1989  */
1990 
1991 static int
linux_ioctl_console(struct thread * td,struct linux_ioctl_args * args)1992 linux_ioctl_console(struct thread *td, struct linux_ioctl_args *args)
1993 {
1994 	cap_rights_t rights;
1995 	struct file *fp;
1996 	int error;
1997 
1998 	error = fget(td, args->fd, cap_rights_init(&rights, CAP_IOCTL), &fp);
1999 	if (error != 0)
2000 		return (error);
2001 	switch (args->cmd & 0xffff) {
2002 
2003 	case LINUX_KIOCSOUND:
2004 		args->cmd = KIOCSOUND;
2005 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2006 		break;
2007 
2008 	case LINUX_KDMKTONE:
2009 		args->cmd = KDMKTONE;
2010 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2011 		break;
2012 
2013 	case LINUX_KDGETLED:
2014 		args->cmd = KDGETLED;
2015 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2016 		break;
2017 
2018 	case LINUX_KDSETLED:
2019 		args->cmd = KDSETLED;
2020 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2021 		break;
2022 
2023 	case LINUX_KDSETMODE:
2024 		args->cmd = KDSETMODE;
2025 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2026 		break;
2027 
2028 	case LINUX_KDGETMODE:
2029 		args->cmd = KDGETMODE;
2030 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2031 		break;
2032 
2033 	case LINUX_KDGKBMODE:
2034 		args->cmd = KDGKBMODE;
2035 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2036 		break;
2037 
2038 	case LINUX_KDSKBMODE: {
2039 		int kbdmode;
2040 		switch (args->arg) {
2041 		case LINUX_KBD_RAW:
2042 			kbdmode = K_RAW;
2043 			break;
2044 		case LINUX_KBD_XLATE:
2045 			kbdmode = K_XLATE;
2046 			break;
2047 		case LINUX_KBD_MEDIUMRAW:
2048 			kbdmode = K_RAW;
2049 			break;
2050 		default:
2051 			fdrop(fp, td);
2052 			return (EINVAL);
2053 		}
2054 		error = (fo_ioctl(fp, KDSKBMODE, (caddr_t)&kbdmode,
2055 		    td->td_ucred, td));
2056 		break;
2057 	}
2058 
2059 	case LINUX_VT_OPENQRY:
2060 		args->cmd = VT_OPENQRY;
2061 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2062 		break;
2063 
2064 	case LINUX_VT_GETMODE:
2065 		args->cmd = VT_GETMODE;
2066 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2067 		break;
2068 
2069 	case LINUX_VT_SETMODE: {
2070 		struct vt_mode mode;
2071 		if ((error = copyin((void *)args->arg, &mode, sizeof(mode))))
2072 			break;
2073 		if (LINUX_SIG_VALID(mode.relsig))
2074 			mode.relsig = linux_to_bsd_signal(mode.relsig);
2075 		else
2076 			mode.relsig = 0;
2077 		if (LINUX_SIG_VALID(mode.acqsig))
2078 			mode.acqsig = linux_to_bsd_signal(mode.acqsig);
2079 		else
2080 			mode.acqsig = 0;
2081 		/* XXX. Linux ignores frsig and set it to 0. */
2082 		mode.frsig = 0;
2083 		if ((error = copyout(&mode, (void *)args->arg, sizeof(mode))))
2084 			break;
2085 		args->cmd = VT_SETMODE;
2086 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2087 		break;
2088 	}
2089 
2090 	case LINUX_VT_GETSTATE:
2091 		args->cmd = VT_GETACTIVE;
2092 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2093 		break;
2094 
2095 	case LINUX_VT_RELDISP:
2096 		args->cmd = VT_RELDISP;
2097 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2098 		break;
2099 
2100 	case LINUX_VT_ACTIVATE:
2101 		args->cmd = VT_ACTIVATE;
2102 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2103 		break;
2104 
2105 	case LINUX_VT_WAITACTIVE:
2106 		args->cmd = VT_WAITACTIVE;
2107 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2108 		break;
2109 
2110 	default:
2111 		error = ENOIOCTL;
2112 		break;
2113 	}
2114 
2115 	fdrop(fp, td);
2116 	return (error);
2117 }
2118 
2119 /*
2120  * Criteria for interface name translation
2121  */
2122 #define IFP_IS_ETH(ifp) (ifp->if_type == IFT_ETHER)
2123 
2124 /*
2125  * Translate a Linux interface name to a FreeBSD interface name,
2126  * and return the associated ifnet structure
2127  * bsdname and lxname need to be least IFNAMSIZ bytes long, but
2128  * can point to the same buffer.
2129  */
2130 
2131 static struct ifnet *
ifname_linux_to_bsd(struct thread * td,const char * lxname,char * bsdname)2132 ifname_linux_to_bsd(struct thread *td, const char *lxname, char *bsdname)
2133 {
2134 	struct ifnet *ifp;
2135 	int len, unit;
2136 	char *ep;
2137 	int is_eth, index;
2138 
2139 	for (len = 0; len < LINUX_IFNAMSIZ; ++len)
2140 		if (!isalpha(lxname[len]))
2141 			break;
2142 	if (len == 0 || len == LINUX_IFNAMSIZ)
2143 		return (NULL);
2144 	unit = (int)strtoul(lxname + len, &ep, 10);
2145 	if (ep == NULL || ep == lxname + len || ep >= lxname + LINUX_IFNAMSIZ)
2146 		return (NULL);
2147 	index = 0;
2148 	is_eth = (len == 3 && !strncmp(lxname, "eth", len)) ? 1 : 0;
2149 	CURVNET_SET(TD_TO_VNET(td));
2150 	IFNET_RLOCK();
2151 	TAILQ_FOREACH(ifp, &V_ifnet, if_link) {
2152 		/*
2153 		 * Allow Linux programs to use FreeBSD names. Don't presume
2154 		 * we never have an interface named "eth", so don't make
2155 		 * the test optional based on is_eth.
2156 		 */
2157 		if (strncmp(ifp->if_xname, lxname, LINUX_IFNAMSIZ) == 0)
2158 			break;
2159 		if (is_eth && IFP_IS_ETH(ifp) && unit == index++)
2160 			break;
2161 	}
2162 	IFNET_RUNLOCK();
2163 	CURVNET_RESTORE();
2164 	if (ifp != NULL)
2165 		strlcpy(bsdname, ifp->if_xname, IFNAMSIZ);
2166 	return (ifp);
2167 }
2168 
2169 /*
2170  * Implement the SIOCGIFCONF ioctl
2171  */
2172 
2173 static int
linux_ifconf(struct thread * td,struct ifconf * uifc)2174 linux_ifconf(struct thread *td, struct ifconf *uifc)
2175 {
2176 #ifdef COMPAT_LINUX32
2177 	struct l_ifconf ifc;
2178 #else
2179 	struct ifconf ifc;
2180 #endif
2181 	struct l_ifreq ifr;
2182 	struct ifnet *ifp;
2183 	struct ifaddr *ifa;
2184 	struct sbuf *sb;
2185 	int error, ethno, full = 0, valid_len, max_len;
2186 
2187 	error = copyin(uifc, &ifc, sizeof(ifc));
2188 	if (error != 0)
2189 		return (error);
2190 
2191 	max_len = MAXPHYS - 1;
2192 
2193 	CURVNET_SET(TD_TO_VNET(td));
2194 	/* handle the 'request buffer size' case */
2195 	if ((l_uintptr_t)ifc.ifc_buf == PTROUT(NULL)) {
2196 		ifc.ifc_len = 0;
2197 		IFNET_RLOCK();
2198 		TAILQ_FOREACH(ifp, &V_ifnet, if_link) {
2199 			TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2200 				struct sockaddr *sa = ifa->ifa_addr;
2201 				if (sa->sa_family == AF_INET)
2202 					ifc.ifc_len += sizeof(ifr);
2203 			}
2204 		}
2205 		IFNET_RUNLOCK();
2206 		error = copyout(&ifc, uifc, sizeof(ifc));
2207 		CURVNET_RESTORE();
2208 		return (error);
2209 	}
2210 
2211 	if (ifc.ifc_len <= 0) {
2212 		CURVNET_RESTORE();
2213 		return (EINVAL);
2214 	}
2215 
2216 again:
2217 	/* Keep track of eth interfaces */
2218 	ethno = 0;
2219 	if (ifc.ifc_len <= max_len) {
2220 		max_len = ifc.ifc_len;
2221 		full = 1;
2222 	}
2223 	sb = sbuf_new(NULL, NULL, max_len + 1, SBUF_FIXEDLEN);
2224 	max_len = 0;
2225 	valid_len = 0;
2226 
2227 	/* Return all AF_INET addresses of all interfaces */
2228 	IFNET_RLOCK();
2229 	TAILQ_FOREACH(ifp, &V_ifnet, if_link) {
2230 		int addrs = 0;
2231 
2232 		bzero(&ifr, sizeof(ifr));
2233 		if (IFP_IS_ETH(ifp))
2234 			snprintf(ifr.ifr_name, LINUX_IFNAMSIZ, "eth%d",
2235 			    ethno++);
2236 		else
2237 			strlcpy(ifr.ifr_name, ifp->if_xname, LINUX_IFNAMSIZ);
2238 
2239 		/* Walk the address list */
2240 		TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2241 			struct sockaddr *sa = ifa->ifa_addr;
2242 
2243 			if (sa->sa_family == AF_INET) {
2244 				ifr.ifr_addr.sa_family = LINUX_AF_INET;
2245 				memcpy(ifr.ifr_addr.sa_data, sa->sa_data,
2246 				    sizeof(ifr.ifr_addr.sa_data));
2247 				sbuf_bcat(sb, &ifr, sizeof(ifr));
2248 				max_len += sizeof(ifr);
2249 				addrs++;
2250 			}
2251 
2252 			if (sbuf_error(sb) == 0)
2253 				valid_len = sbuf_len(sb);
2254 		}
2255 		if (addrs == 0) {
2256 			bzero((caddr_t)&ifr.ifr_addr, sizeof(ifr.ifr_addr));
2257 			sbuf_bcat(sb, &ifr, sizeof(ifr));
2258 			max_len += sizeof(ifr);
2259 
2260 			if (sbuf_error(sb) == 0)
2261 				valid_len = sbuf_len(sb);
2262 		}
2263 	}
2264 	IFNET_RUNLOCK();
2265 
2266 	if (valid_len != max_len && !full) {
2267 		sbuf_delete(sb);
2268 		goto again;
2269 	}
2270 
2271 	ifc.ifc_len = valid_len;
2272 	sbuf_finish(sb);
2273 	error = copyout(sbuf_data(sb), PTRIN(ifc.ifc_buf), ifc.ifc_len);
2274 	if (error == 0)
2275 		error = copyout(&ifc, uifc, sizeof(ifc));
2276 	sbuf_delete(sb);
2277 	CURVNET_RESTORE();
2278 
2279 	return (error);
2280 }
2281 
2282 static int
linux_gifflags(struct thread * td,struct ifnet * ifp,struct l_ifreq * ifr)2283 linux_gifflags(struct thread *td, struct ifnet *ifp, struct l_ifreq *ifr)
2284 {
2285 	l_short flags;
2286 
2287 	flags = (ifp->if_flags | ifp->if_drv_flags) & 0xffff;
2288 	/* these flags have no Linux equivalent */
2289 	flags &= ~(IFF_SMART|IFF_DRV_OACTIVE|IFF_SIMPLEX|
2290 	    IFF_LINK0|IFF_LINK1|IFF_LINK2);
2291 	/* Linux' multicast flag is in a different bit */
2292 	if (flags & IFF_MULTICAST) {
2293 		flags &= ~IFF_MULTICAST;
2294 		flags |= 0x1000;
2295 	}
2296 
2297 	return (copyout(&flags, &ifr->ifr_flags, sizeof(flags)));
2298 }
2299 
2300 #define ARPHRD_ETHER	1
2301 #define ARPHRD_LOOPBACK	772
2302 
2303 static int
linux_gifhwaddr(struct ifnet * ifp,struct l_ifreq * ifr)2304 linux_gifhwaddr(struct ifnet *ifp, struct l_ifreq *ifr)
2305 {
2306 	struct ifaddr *ifa;
2307 	struct sockaddr_dl *sdl;
2308 	struct l_sockaddr lsa;
2309 
2310 	if (ifp->if_type == IFT_LOOP) {
2311 		bzero(&lsa, sizeof(lsa));
2312 		lsa.sa_family = ARPHRD_LOOPBACK;
2313 		return (copyout(&lsa, &ifr->ifr_hwaddr, sizeof(lsa)));
2314 	}
2315 
2316 	if (ifp->if_type != IFT_ETHER)
2317 		return (ENOENT);
2318 
2319 	TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2320 		sdl = (struct sockaddr_dl*)ifa->ifa_addr;
2321 		if (sdl != NULL && (sdl->sdl_family == AF_LINK) &&
2322 		    (sdl->sdl_type == IFT_ETHER)) {
2323 			bzero(&lsa, sizeof(lsa));
2324 			lsa.sa_family = ARPHRD_ETHER;
2325 			bcopy(LLADDR(sdl), lsa.sa_data, LINUX_IFHWADDRLEN);
2326 			return (copyout(&lsa, &ifr->ifr_hwaddr, sizeof(lsa)));
2327 		}
2328 	}
2329 
2330 	return (ENOENT);
2331 }
2332 
2333 
2334  /*
2335 * If we fault in bsd_to_linux_ifreq() then we will fault when we call
2336 * the native ioctl().  Thus, we don't really need to check the return
2337 * value of this function.
2338 */
2339 static int
bsd_to_linux_ifreq(struct ifreq * arg)2340 bsd_to_linux_ifreq(struct ifreq *arg)
2341 {
2342 	struct ifreq ifr;
2343 	size_t ifr_len = sizeof(struct ifreq);
2344 	int error;
2345 
2346 	if ((error = copyin(arg, &ifr, ifr_len)))
2347 		return (error);
2348 
2349 	*(u_short *)&ifr.ifr_addr = ifr.ifr_addr.sa_family;
2350 
2351 	error = copyout(&ifr, arg, ifr_len);
2352 
2353 	return (error);
2354 }
2355 
2356 /*
2357  * Socket related ioctls
2358  */
2359 
2360 static int
linux_ioctl_socket(struct thread * td,struct linux_ioctl_args * args)2361 linux_ioctl_socket(struct thread *td, struct linux_ioctl_args *args)
2362 {
2363 	char lifname[LINUX_IFNAMSIZ], ifname[IFNAMSIZ];
2364 	cap_rights_t rights;
2365 	struct ifnet *ifp;
2366 	struct file *fp;
2367 	int error, type;
2368 
2369 	ifp = NULL;
2370 	error = 0;
2371 
2372 	error = fget(td, args->fd, cap_rights_init(&rights, CAP_IOCTL), &fp);
2373 	if (error != 0)
2374 		return (error);
2375 	type = fp->f_type;
2376 	fdrop(fp, td);
2377 	if (type != DTYPE_SOCKET) {
2378 		/* not a socket - probably a tap / vmnet device */
2379 		switch (args->cmd) {
2380 		case LINUX_SIOCGIFADDR:
2381 		case LINUX_SIOCSIFADDR:
2382 		case LINUX_SIOCGIFFLAGS:
2383 			return (linux_ioctl_special(td, args));
2384 		default:
2385 			return (ENOIOCTL);
2386 		}
2387 	}
2388 
2389 	switch (args->cmd & 0xffff) {
2390 
2391 	case LINUX_FIOGETOWN:
2392 	case LINUX_FIOSETOWN:
2393 	case LINUX_SIOCADDMULTI:
2394 	case LINUX_SIOCATMARK:
2395 	case LINUX_SIOCDELMULTI:
2396 	case LINUX_SIOCGIFCONF:
2397 	case LINUX_SIOCGPGRP:
2398 	case LINUX_SIOCSPGRP:
2399 	case LINUX_SIOCGIFCOUNT:
2400 		/* these ioctls don't take an interface name */
2401 #ifdef DEBUG
2402 		printf("%s(): ioctl %d\n", __func__,
2403 		    args->cmd & 0xffff);
2404 #endif
2405 		break;
2406 
2407 	case LINUX_SIOCGIFFLAGS:
2408 	case LINUX_SIOCGIFADDR:
2409 	case LINUX_SIOCSIFADDR:
2410 	case LINUX_SIOCGIFDSTADDR:
2411 	case LINUX_SIOCGIFBRDADDR:
2412 	case LINUX_SIOCGIFNETMASK:
2413 	case LINUX_SIOCSIFNETMASK:
2414 	case LINUX_SIOCGIFMTU:
2415 	case LINUX_SIOCSIFMTU:
2416 	case LINUX_SIOCSIFNAME:
2417 	case LINUX_SIOCGIFHWADDR:
2418 	case LINUX_SIOCSIFHWADDR:
2419 	case LINUX_SIOCDEVPRIVATE:
2420 	case LINUX_SIOCDEVPRIVATE+1:
2421 	case LINUX_SIOCGIFINDEX:
2422 		/* copy in the interface name and translate it. */
2423 		error = copyin((void *)args->arg, lifname, LINUX_IFNAMSIZ);
2424 		if (error != 0)
2425 			return (error);
2426 #ifdef DEBUG
2427 		printf("%s(): ioctl %d on %.*s\n", __func__,
2428 		    args->cmd & 0xffff, LINUX_IFNAMSIZ, lifname);
2429 #endif
2430 		memset(ifname, 0, sizeof(ifname));
2431 		ifp = ifname_linux_to_bsd(td, lifname, ifname);
2432 		if (ifp == NULL)
2433 			return (EINVAL);
2434 		/*
2435 		 * We need to copy it back out in case we pass the
2436 		 * request on to our native ioctl(), which will expect
2437 		 * the ifreq to be in user space and have the correct
2438 		 * interface name.
2439 		 */
2440 		error = copyout(ifname, (void *)args->arg, IFNAMSIZ);
2441 		if (error != 0)
2442 			return (error);
2443 #ifdef DEBUG
2444 		printf("%s(): %s translated to %s\n", __func__,
2445 		    lifname, ifname);
2446 #endif
2447 		break;
2448 
2449 	default:
2450 		return (ENOIOCTL);
2451 	}
2452 
2453 	switch (args->cmd & 0xffff) {
2454 
2455 	case LINUX_FIOSETOWN:
2456 		args->cmd = FIOSETOWN;
2457 		error = sys_ioctl(td, (struct ioctl_args *)args);
2458 		break;
2459 
2460 	case LINUX_SIOCSPGRP:
2461 		args->cmd = SIOCSPGRP;
2462 		error = sys_ioctl(td, (struct ioctl_args *)args);
2463 		break;
2464 
2465 	case LINUX_FIOGETOWN:
2466 		args->cmd = FIOGETOWN;
2467 		error = sys_ioctl(td, (struct ioctl_args *)args);
2468 		break;
2469 
2470 	case LINUX_SIOCGPGRP:
2471 		args->cmd = SIOCGPGRP;
2472 		error = sys_ioctl(td, (struct ioctl_args *)args);
2473 		break;
2474 
2475 	case LINUX_SIOCATMARK:
2476 		args->cmd = SIOCATMARK;
2477 		error = sys_ioctl(td, (struct ioctl_args *)args);
2478 		break;
2479 
2480 	/* LINUX_SIOCGSTAMP */
2481 
2482 	case LINUX_SIOCGIFCONF:
2483 		error = linux_ifconf(td, (struct ifconf *)args->arg);
2484 		break;
2485 
2486 	case LINUX_SIOCGIFFLAGS:
2487 		args->cmd = SIOCGIFFLAGS;
2488 		error = linux_gifflags(td, ifp, (struct l_ifreq *)args->arg);
2489 		break;
2490 
2491 	case LINUX_SIOCGIFADDR:
2492 		args->cmd = SIOCGIFADDR;
2493 		error = sys_ioctl(td, (struct ioctl_args *)args);
2494 		bsd_to_linux_ifreq((struct ifreq *)args->arg);
2495 		break;
2496 
2497 	case LINUX_SIOCSIFADDR:
2498 		/* XXX probably doesn't work, included for completeness */
2499 		args->cmd = SIOCSIFADDR;
2500 		error = sys_ioctl(td, (struct ioctl_args *)args);
2501 		break;
2502 
2503 	case LINUX_SIOCGIFDSTADDR:
2504 		args->cmd = SIOCGIFDSTADDR;
2505 		error = sys_ioctl(td, (struct ioctl_args *)args);
2506 		bsd_to_linux_ifreq((struct ifreq *)args->arg);
2507 		break;
2508 
2509 	case LINUX_SIOCGIFBRDADDR:
2510 		args->cmd = SIOCGIFBRDADDR;
2511 		error = sys_ioctl(td, (struct ioctl_args *)args);
2512 		bsd_to_linux_ifreq((struct ifreq *)args->arg);
2513 		break;
2514 
2515 	case LINUX_SIOCGIFNETMASK:
2516 		args->cmd = SIOCGIFNETMASK;
2517 		error = sys_ioctl(td, (struct ioctl_args *)args);
2518 		bsd_to_linux_ifreq((struct ifreq *)args->arg);
2519 		break;
2520 
2521 	case LINUX_SIOCSIFNETMASK:
2522 		error = ENOIOCTL;
2523 		break;
2524 
2525 	case LINUX_SIOCGIFMTU:
2526 		args->cmd = SIOCGIFMTU;
2527 		error = sys_ioctl(td, (struct ioctl_args *)args);
2528 		break;
2529 
2530 	case LINUX_SIOCSIFMTU:
2531 		args->cmd = SIOCSIFMTU;
2532 		error = sys_ioctl(td, (struct ioctl_args *)args);
2533 		break;
2534 
2535 	case LINUX_SIOCSIFNAME:
2536 		error = ENOIOCTL;
2537 		break;
2538 
2539 	case LINUX_SIOCGIFHWADDR:
2540 		error = linux_gifhwaddr(ifp, (struct l_ifreq *)args->arg);
2541 		break;
2542 
2543 	case LINUX_SIOCSIFHWADDR:
2544 		error = ENOIOCTL;
2545 		break;
2546 
2547 	case LINUX_SIOCADDMULTI:
2548 		args->cmd = SIOCADDMULTI;
2549 		error = sys_ioctl(td, (struct ioctl_args *)args);
2550 		break;
2551 
2552 	case LINUX_SIOCDELMULTI:
2553 		args->cmd = SIOCDELMULTI;
2554 		error = sys_ioctl(td, (struct ioctl_args *)args);
2555 		break;
2556 
2557 	case LINUX_SIOCGIFINDEX:
2558 		args->cmd = SIOCGIFINDEX;
2559 		error = sys_ioctl(td, (struct ioctl_args *)args);
2560 		break;
2561 
2562 	case LINUX_SIOCGIFCOUNT:
2563 		error = 0;
2564 		break;
2565 
2566 	/*
2567 	 * XXX This is slightly bogus, but these ioctls are currently
2568 	 * XXX only used by the aironet (if_an) network driver.
2569 	 */
2570 	case LINUX_SIOCDEVPRIVATE:
2571 		args->cmd = SIOCGPRIVATE_0;
2572 		error = sys_ioctl(td, (struct ioctl_args *)args);
2573 		break;
2574 
2575 	case LINUX_SIOCDEVPRIVATE+1:
2576 		args->cmd = SIOCGPRIVATE_1;
2577 		error = sys_ioctl(td, (struct ioctl_args *)args);
2578 		break;
2579 	}
2580 
2581 	if (ifp != NULL)
2582 		/* restore the original interface name */
2583 		copyout(lifname, (void *)args->arg, LINUX_IFNAMSIZ);
2584 
2585 #ifdef DEBUG
2586 	printf("%s(): returning %d\n", __func__, error);
2587 #endif
2588 	return (error);
2589 }
2590 
2591 /*
2592  * Device private ioctl handler
2593  */
2594 static int
linux_ioctl_private(struct thread * td,struct linux_ioctl_args * args)2595 linux_ioctl_private(struct thread *td, struct linux_ioctl_args *args)
2596 {
2597 	cap_rights_t rights;
2598 	struct file *fp;
2599 	int error, type;
2600 
2601 	error = fget(td, args->fd, cap_rights_init(&rights, CAP_IOCTL), &fp);
2602 	if (error != 0)
2603 		return (error);
2604 	type = fp->f_type;
2605 	fdrop(fp, td);
2606 	if (type == DTYPE_SOCKET)
2607 		return (linux_ioctl_socket(td, args));
2608 	return (ENOIOCTL);
2609 }
2610 
2611 /*
2612  * DRM ioctl handler (sys/dev/drm)
2613  */
2614 static int
linux_ioctl_drm(struct thread * td,struct linux_ioctl_args * args)2615 linux_ioctl_drm(struct thread *td, struct linux_ioctl_args *args)
2616 {
2617 	args->cmd = SETDIR(args->cmd);
2618 	return sys_ioctl(td, (struct ioctl_args *)args);
2619 }
2620 
2621 #ifdef COMPAT_LINUX32
2622 #define CP(src,dst,fld) do { (dst).fld = (src).fld; } while (0)
2623 #define PTRIN_CP(src,dst,fld) \
2624 	do { (dst).fld = PTRIN((src).fld); } while (0)
2625 #define PTROUT_CP(src,dst,fld) \
2626 	do { (dst).fld = PTROUT((src).fld); } while (0)
2627 
2628 static int
linux_ioctl_sg_io(struct thread * td,struct linux_ioctl_args * args)2629 linux_ioctl_sg_io(struct thread *td, struct linux_ioctl_args *args)
2630 {
2631 	struct sg_io_hdr io;
2632 	struct sg_io_hdr32 io32;
2633 	cap_rights_t rights;
2634 	struct file *fp;
2635 	int error;
2636 
2637 	error = fget(td, args->fd, cap_rights_init(&rights, CAP_IOCTL), &fp);
2638 	if (error != 0) {
2639 		printf("sg_linux_ioctl: fget returned %d\n", error);
2640 		return (error);
2641 	}
2642 
2643 	if ((error = copyin((void *)args->arg, &io32, sizeof(io32))) != 0)
2644 		goto out;
2645 
2646 	CP(io32, io, interface_id);
2647 	CP(io32, io, dxfer_direction);
2648 	CP(io32, io, cmd_len);
2649 	CP(io32, io, mx_sb_len);
2650 	CP(io32, io, iovec_count);
2651 	CP(io32, io, dxfer_len);
2652 	PTRIN_CP(io32, io, dxferp);
2653 	PTRIN_CP(io32, io, cmdp);
2654 	PTRIN_CP(io32, io, sbp);
2655 	CP(io32, io, timeout);
2656 	CP(io32, io, flags);
2657 	CP(io32, io, pack_id);
2658 	PTRIN_CP(io32, io, usr_ptr);
2659 	CP(io32, io, status);
2660 	CP(io32, io, masked_status);
2661 	CP(io32, io, msg_status);
2662 	CP(io32, io, sb_len_wr);
2663 	CP(io32, io, host_status);
2664 	CP(io32, io, driver_status);
2665 	CP(io32, io, resid);
2666 	CP(io32, io, duration);
2667 	CP(io32, io, info);
2668 
2669 	if ((error = fo_ioctl(fp, SG_IO, (caddr_t)&io, td->td_ucred, td)) != 0)
2670 		goto out;
2671 
2672 	CP(io, io32, interface_id);
2673 	CP(io, io32, dxfer_direction);
2674 	CP(io, io32, cmd_len);
2675 	CP(io, io32, mx_sb_len);
2676 	CP(io, io32, iovec_count);
2677 	CP(io, io32, dxfer_len);
2678 	PTROUT_CP(io, io32, dxferp);
2679 	PTROUT_CP(io, io32, cmdp);
2680 	PTROUT_CP(io, io32, sbp);
2681 	CP(io, io32, timeout);
2682 	CP(io, io32, flags);
2683 	CP(io, io32, pack_id);
2684 	PTROUT_CP(io, io32, usr_ptr);
2685 	CP(io, io32, status);
2686 	CP(io, io32, masked_status);
2687 	CP(io, io32, msg_status);
2688 	CP(io, io32, sb_len_wr);
2689 	CP(io, io32, host_status);
2690 	CP(io, io32, driver_status);
2691 	CP(io, io32, resid);
2692 	CP(io, io32, duration);
2693 	CP(io, io32, info);
2694 
2695 	error = copyout(&io32, (void *)args->arg, sizeof(io32));
2696 
2697 out:
2698 	fdrop(fp, td);
2699 	return (error);
2700 }
2701 #endif
2702 
2703 static int
linux_ioctl_sg(struct thread * td,struct linux_ioctl_args * args)2704 linux_ioctl_sg(struct thread *td, struct linux_ioctl_args *args)
2705 {
2706 
2707 	switch (args->cmd) {
2708 	case LINUX_SG_GET_VERSION_NUM:
2709 		args->cmd = SG_GET_VERSION_NUM;
2710 		break;
2711 	case LINUX_SG_SET_TIMEOUT:
2712 		args->cmd = SG_SET_TIMEOUT;
2713 		break;
2714 	case LINUX_SG_GET_TIMEOUT:
2715 		args->cmd = SG_GET_TIMEOUT;
2716 		break;
2717 	case LINUX_SG_IO:
2718 		args->cmd = SG_IO;
2719 #ifdef COMPAT_LINUX32
2720 		return (linux_ioctl_sg_io(td, args));
2721 #endif
2722 		break;
2723 	case LINUX_SG_GET_RESERVED_SIZE:
2724 		args->cmd = SG_GET_RESERVED_SIZE;
2725 		break;
2726 	case LINUX_SG_GET_SCSI_ID:
2727 		args->cmd = SG_GET_SCSI_ID;
2728 		break;
2729 	case LINUX_SG_GET_SG_TABLESIZE:
2730 		args->cmd = SG_GET_SG_TABLESIZE;
2731 		break;
2732 	default:
2733 		return (ENODEV);
2734 	}
2735 	return (sys_ioctl(td, (struct ioctl_args *)args));
2736 }
2737 
2738 /*
2739  * Video4Linux (V4L) ioctl handler
2740  */
2741 static int
linux_to_bsd_v4l_tuner(struct l_video_tuner * lvt,struct video_tuner * vt)2742 linux_to_bsd_v4l_tuner(struct l_video_tuner *lvt, struct video_tuner *vt)
2743 {
2744 	vt->tuner = lvt->tuner;
2745 	strlcpy(vt->name, lvt->name, LINUX_VIDEO_TUNER_NAME_SIZE);
2746 	vt->rangelow = lvt->rangelow;	/* possible long size conversion */
2747 	vt->rangehigh = lvt->rangehigh;	/* possible long size conversion */
2748 	vt->flags = lvt->flags;
2749 	vt->mode = lvt->mode;
2750 	vt->signal = lvt->signal;
2751 	return (0);
2752 }
2753 
2754 static int
bsd_to_linux_v4l_tuner(struct video_tuner * vt,struct l_video_tuner * lvt)2755 bsd_to_linux_v4l_tuner(struct video_tuner *vt, struct l_video_tuner *lvt)
2756 {
2757 	lvt->tuner = vt->tuner;
2758 	strlcpy(lvt->name, vt->name, LINUX_VIDEO_TUNER_NAME_SIZE);
2759 	lvt->rangelow = vt->rangelow;	/* possible long size conversion */
2760 	lvt->rangehigh = vt->rangehigh;	/* possible long size conversion */
2761 	lvt->flags = vt->flags;
2762 	lvt->mode = vt->mode;
2763 	lvt->signal = vt->signal;
2764 	return (0);
2765 }
2766 
2767 #ifdef COMPAT_LINUX_V4L_CLIPLIST
2768 static int
linux_to_bsd_v4l_clip(struct l_video_clip * lvc,struct video_clip * vc)2769 linux_to_bsd_v4l_clip(struct l_video_clip *lvc, struct video_clip *vc)
2770 {
2771 	vc->x = lvc->x;
2772 	vc->y = lvc->y;
2773 	vc->width = lvc->width;
2774 	vc->height = lvc->height;
2775 	vc->next = PTRIN(lvc->next);	/* possible pointer size conversion */
2776 	return (0);
2777 }
2778 #endif
2779 
2780 static int
linux_to_bsd_v4l_window(struct l_video_window * lvw,struct video_window * vw)2781 linux_to_bsd_v4l_window(struct l_video_window *lvw, struct video_window *vw)
2782 {
2783 	vw->x = lvw->x;
2784 	vw->y = lvw->y;
2785 	vw->width = lvw->width;
2786 	vw->height = lvw->height;
2787 	vw->chromakey = lvw->chromakey;
2788 	vw->flags = lvw->flags;
2789 	vw->clips = PTRIN(lvw->clips);	/* possible pointer size conversion */
2790 	vw->clipcount = lvw->clipcount;
2791 	return (0);
2792 }
2793 
2794 static int
bsd_to_linux_v4l_window(struct video_window * vw,struct l_video_window * lvw)2795 bsd_to_linux_v4l_window(struct video_window *vw, struct l_video_window *lvw)
2796 {
2797 	lvw->x = vw->x;
2798 	lvw->y = vw->y;
2799 	lvw->width = vw->width;
2800 	lvw->height = vw->height;
2801 	lvw->chromakey = vw->chromakey;
2802 	lvw->flags = vw->flags;
2803 	lvw->clips = PTROUT(vw->clips);	/* possible pointer size conversion */
2804 	lvw->clipcount = vw->clipcount;
2805 	return (0);
2806 }
2807 
2808 static int
linux_to_bsd_v4l_buffer(struct l_video_buffer * lvb,struct video_buffer * vb)2809 linux_to_bsd_v4l_buffer(struct l_video_buffer *lvb, struct video_buffer *vb)
2810 {
2811 	vb->base = PTRIN(lvb->base);	/* possible pointer size conversion */
2812 	vb->height = lvb->height;
2813 	vb->width = lvb->width;
2814 	vb->depth = lvb->depth;
2815 	vb->bytesperline = lvb->bytesperline;
2816 	return (0);
2817 }
2818 
2819 static int
bsd_to_linux_v4l_buffer(struct video_buffer * vb,struct l_video_buffer * lvb)2820 bsd_to_linux_v4l_buffer(struct video_buffer *vb, struct l_video_buffer *lvb)
2821 {
2822 	lvb->base = PTROUT(vb->base);	/* possible pointer size conversion */
2823 	lvb->height = vb->height;
2824 	lvb->width = vb->width;
2825 	lvb->depth = vb->depth;
2826 	lvb->bytesperline = vb->bytesperline;
2827 	return (0);
2828 }
2829 
2830 static int
linux_to_bsd_v4l_code(struct l_video_code * lvc,struct video_code * vc)2831 linux_to_bsd_v4l_code(struct l_video_code *lvc, struct video_code *vc)
2832 {
2833 	strlcpy(vc->loadwhat, lvc->loadwhat, LINUX_VIDEO_CODE_LOADWHAT_SIZE);
2834 	vc->datasize = lvc->datasize;
2835 	vc->data = PTRIN(lvc->data);	/* possible pointer size conversion */
2836 	return (0);
2837 }
2838 
2839 #ifdef COMPAT_LINUX_V4L_CLIPLIST
2840 static int
linux_v4l_clip_copy(void * lvc,struct video_clip ** ppvc)2841 linux_v4l_clip_copy(void *lvc, struct video_clip **ppvc)
2842 {
2843 	int error;
2844 	struct video_clip vclip;
2845 	struct l_video_clip l_vclip;
2846 
2847 	error = copyin(lvc, &l_vclip, sizeof(l_vclip));
2848 	if (error) return (error);
2849 	linux_to_bsd_v4l_clip(&l_vclip, &vclip);
2850 	/* XXX: If there can be no concurrency: s/M_NOWAIT/M_WAITOK/ */
2851 	if ((*ppvc = malloc(sizeof(**ppvc), M_LINUX, M_NOWAIT)) == NULL)
2852 		return (ENOMEM);    /* XXX: linux has no ENOMEM here */
2853 	memcpy(*ppvc, &vclip, sizeof(vclip));
2854 	(*ppvc)->next = NULL;
2855 	return (0);
2856 }
2857 
2858 static int
linux_v4l_cliplist_free(struct video_window * vw)2859 linux_v4l_cliplist_free(struct video_window *vw)
2860 {
2861 	struct video_clip **ppvc;
2862 	struct video_clip **ppvc_next;
2863 
2864 	for (ppvc = &(vw->clips); *ppvc != NULL; ppvc = ppvc_next) {
2865 		ppvc_next = &((*ppvc)->next);
2866 		free(*ppvc, M_LINUX);
2867 	}
2868 	vw->clips = NULL;
2869 
2870 	return (0);
2871 }
2872 
2873 static int
linux_v4l_cliplist_copy(struct l_video_window * lvw,struct video_window * vw)2874 linux_v4l_cliplist_copy(struct l_video_window *lvw, struct video_window *vw)
2875 {
2876 	int error;
2877 	int clipcount;
2878 	void *plvc;
2879 	struct video_clip **ppvc;
2880 
2881 	/*
2882 	 * XXX: The cliplist is used to pass in a list of clipping
2883 	 *	rectangles or, if clipcount == VIDEO_CLIP_BITMAP, a
2884 	 *	clipping bitmap.  Some Linux apps, however, appear to
2885 	 *	leave cliplist and clips uninitialized.  In any case,
2886 	 *	the cliplist is not used by pwc(4), at the time of
2887 	 *	writing, FreeBSD's only V4L driver.  When a driver
2888 	 *	that uses the cliplist is developed, this code may
2889 	 *	need re-examiniation.
2890 	 */
2891 	error = 0;
2892 	clipcount = vw->clipcount;
2893 	if (clipcount == VIDEO_CLIP_BITMAP) {
2894 		/*
2895 		 * In this case, the pointer (clips) is overloaded
2896 		 * to be a "void *" to a bitmap, therefore there
2897 		 * is no struct video_clip to copy now.
2898 		 */
2899 	} else if (clipcount > 0 && clipcount <= 16384) {
2900 		/*
2901 		 * Clips points to list of clip rectangles, so
2902 		 * copy the list.
2903 		 *
2904 		 * XXX: Upper limit of 16384 was used here to try to
2905 		 *	avoid cases when clipcount and clips pointer
2906 		 *	are uninitialized and therefore have high random
2907 		 *	values, as is the case in the Linux Skype
2908 		 *	application.  The value 16384 was chosen as that
2909 		 *	is what is used in the Linux stradis(4) MPEG
2910 		 *	decoder driver, the only place we found an
2911 		 *	example of cliplist use.
2912 		 */
2913 		plvc = PTRIN(lvw->clips);
2914 		vw->clips = NULL;
2915 		ppvc = &(vw->clips);
2916 		while (clipcount-- > 0) {
2917 			if (plvc == NULL) {
2918 				error = EFAULT;
2919 				break;
2920 			} else {
2921 				error = linux_v4l_clip_copy(plvc, ppvc);
2922 				if (error) {
2923 					linux_v4l_cliplist_free(vw);
2924 					break;
2925 				}
2926 			}
2927 			ppvc = &((*ppvc)->next);
2928 		        plvc = PTRIN(((struct l_video_clip *) plvc)->next);
2929 		}
2930 	} else {
2931 		/*
2932 		 * clipcount == 0 or negative (but not VIDEO_CLIP_BITMAP)
2933 		 * Force cliplist to null.
2934 		 */
2935 		vw->clipcount = 0;
2936 		vw->clips = NULL;
2937 	}
2938 	return (error);
2939 }
2940 #endif
2941 
2942 static int
linux_ioctl_v4l(struct thread * td,struct linux_ioctl_args * args)2943 linux_ioctl_v4l(struct thread *td, struct linux_ioctl_args *args)
2944 {
2945 	cap_rights_t rights;
2946 	struct file *fp;
2947 	int error;
2948 	struct video_tuner vtun;
2949 	struct video_window vwin;
2950 	struct video_buffer vbuf;
2951 	struct video_code vcode;
2952 	struct l_video_tuner l_vtun;
2953 	struct l_video_window l_vwin;
2954 	struct l_video_buffer l_vbuf;
2955 	struct l_video_code l_vcode;
2956 
2957 	switch (args->cmd & 0xffff) {
2958 	case LINUX_VIDIOCGCAP:		args->cmd = VIDIOCGCAP; break;
2959 	case LINUX_VIDIOCGCHAN:		args->cmd = VIDIOCGCHAN; break;
2960 	case LINUX_VIDIOCSCHAN:		args->cmd = VIDIOCSCHAN; break;
2961 
2962 	case LINUX_VIDIOCGTUNER:
2963 		error = fget(td, args->fd,
2964 		    cap_rights_init(&rights, CAP_IOCTL), &fp);
2965 		if (error != 0)
2966 			return (error);
2967 		error = copyin((void *) args->arg, &l_vtun, sizeof(l_vtun));
2968 		if (error) {
2969 			fdrop(fp, td);
2970 			return (error);
2971 		}
2972 		linux_to_bsd_v4l_tuner(&l_vtun, &vtun);
2973 		error = fo_ioctl(fp, VIDIOCGTUNER, &vtun, td->td_ucred, td);
2974 		if (!error) {
2975 			bsd_to_linux_v4l_tuner(&vtun, &l_vtun);
2976 			error = copyout(&l_vtun, (void *) args->arg,
2977 			    sizeof(l_vtun));
2978 		}
2979 		fdrop(fp, td);
2980 		return (error);
2981 
2982 	case LINUX_VIDIOCSTUNER:
2983 		error = fget(td, args->fd,
2984 		    cap_rights_init(&rights, CAP_IOCTL), &fp);
2985 		if (error != 0)
2986 			return (error);
2987 		error = copyin((void *) args->arg, &l_vtun, sizeof(l_vtun));
2988 		if (error) {
2989 			fdrop(fp, td);
2990 			return (error);
2991 		}
2992 		linux_to_bsd_v4l_tuner(&l_vtun, &vtun);
2993 		error = fo_ioctl(fp, VIDIOCSTUNER, &vtun, td->td_ucred, td);
2994 		fdrop(fp, td);
2995 		return (error);
2996 
2997 	case LINUX_VIDIOCGPICT:		args->cmd = VIDIOCGPICT; break;
2998 	case LINUX_VIDIOCSPICT:		args->cmd = VIDIOCSPICT; break;
2999 	case LINUX_VIDIOCCAPTURE:	args->cmd = VIDIOCCAPTURE; break;
3000 
3001 	case LINUX_VIDIOCGWIN:
3002 		error = fget(td, args->fd,
3003 		    cap_rights_init(&rights, CAP_IOCTL), &fp);
3004 		if (error != 0)
3005 			return (error);
3006 		error = fo_ioctl(fp, VIDIOCGWIN, &vwin, td->td_ucred, td);
3007 		if (!error) {
3008 			bsd_to_linux_v4l_window(&vwin, &l_vwin);
3009 			error = copyout(&l_vwin, (void *) args->arg,
3010 			    sizeof(l_vwin));
3011 		}
3012 		fdrop(fp, td);
3013 		return (error);
3014 
3015 	case LINUX_VIDIOCSWIN:
3016 		error = fget(td, args->fd,
3017 		    cap_rights_init(&rights, CAP_IOCTL), &fp);
3018 		if (error != 0)
3019 			return (error);
3020 		error = copyin((void *) args->arg, &l_vwin, sizeof(l_vwin));
3021 		if (error) {
3022 			fdrop(fp, td);
3023 			return (error);
3024 		}
3025 		linux_to_bsd_v4l_window(&l_vwin, &vwin);
3026 #ifdef COMPAT_LINUX_V4L_CLIPLIST
3027 		error = linux_v4l_cliplist_copy(&l_vwin, &vwin);
3028 		if (error) {
3029 			fdrop(fp, td);
3030 			return (error);
3031 		}
3032 #endif
3033 		error = fo_ioctl(fp, VIDIOCSWIN, &vwin, td->td_ucred, td);
3034 		fdrop(fp, td);
3035 #ifdef COMPAT_LINUX_V4L_CLIPLIST
3036 		linux_v4l_cliplist_free(&vwin);
3037 #endif
3038 		return (error);
3039 
3040 	case LINUX_VIDIOCGFBUF:
3041 		error = fget(td, args->fd,
3042 		    cap_rights_init(&rights, CAP_IOCTL), &fp);
3043 		if (error != 0)
3044 			return (error);
3045 		error = fo_ioctl(fp, VIDIOCGFBUF, &vbuf, td->td_ucred, td);
3046 		if (!error) {
3047 			bsd_to_linux_v4l_buffer(&vbuf, &l_vbuf);
3048 			error = copyout(&l_vbuf, (void *) args->arg,
3049 			    sizeof(l_vbuf));
3050 		}
3051 		fdrop(fp, td);
3052 		return (error);
3053 
3054 	case LINUX_VIDIOCSFBUF:
3055 		error = fget(td, args->fd,
3056 		    cap_rights_init(&rights, CAP_IOCTL), &fp);
3057 		if (error != 0)
3058 			return (error);
3059 		error = copyin((void *) args->arg, &l_vbuf, sizeof(l_vbuf));
3060 		if (error) {
3061 			fdrop(fp, td);
3062 			return (error);
3063 		}
3064 		linux_to_bsd_v4l_buffer(&l_vbuf, &vbuf);
3065 		error = fo_ioctl(fp, VIDIOCSFBUF, &vbuf, td->td_ucred, td);
3066 		fdrop(fp, td);
3067 		return (error);
3068 
3069 	case LINUX_VIDIOCKEY:		args->cmd = VIDIOCKEY; break;
3070 	case LINUX_VIDIOCGFREQ:		args->cmd = VIDIOCGFREQ; break;
3071 	case LINUX_VIDIOCSFREQ:		args->cmd = VIDIOCSFREQ; break;
3072 	case LINUX_VIDIOCGAUDIO:	args->cmd = VIDIOCGAUDIO; break;
3073 	case LINUX_VIDIOCSAUDIO:	args->cmd = VIDIOCSAUDIO; break;
3074 	case LINUX_VIDIOCSYNC:		args->cmd = VIDIOCSYNC; break;
3075 	case LINUX_VIDIOCMCAPTURE:	args->cmd = VIDIOCMCAPTURE; break;
3076 	case LINUX_VIDIOCGMBUF:		args->cmd = VIDIOCGMBUF; break;
3077 	case LINUX_VIDIOCGUNIT:		args->cmd = VIDIOCGUNIT; break;
3078 	case LINUX_VIDIOCGCAPTURE:	args->cmd = VIDIOCGCAPTURE; break;
3079 	case LINUX_VIDIOCSCAPTURE:	args->cmd = VIDIOCSCAPTURE; break;
3080 	case LINUX_VIDIOCSPLAYMODE:	args->cmd = VIDIOCSPLAYMODE; break;
3081 	case LINUX_VIDIOCSWRITEMODE:	args->cmd = VIDIOCSWRITEMODE; break;
3082 	case LINUX_VIDIOCGPLAYINFO:	args->cmd = VIDIOCGPLAYINFO; break;
3083 
3084 	case LINUX_VIDIOCSMICROCODE:
3085 		error = fget(td, args->fd,
3086 		    cap_rights_init(&rights, CAP_IOCTL), &fp);
3087 		if (error != 0)
3088 			return (error);
3089 		error = copyin((void *) args->arg, &l_vcode, sizeof(l_vcode));
3090 		if (error) {
3091 			fdrop(fp, td);
3092 			return (error);
3093 		}
3094 		linux_to_bsd_v4l_code(&l_vcode, &vcode);
3095 		error = fo_ioctl(fp, VIDIOCSMICROCODE, &vcode, td->td_ucred, td);
3096 		fdrop(fp, td);
3097 		return (error);
3098 
3099 	case LINUX_VIDIOCGVBIFMT:	args->cmd = VIDIOCGVBIFMT; break;
3100 	case LINUX_VIDIOCSVBIFMT:	args->cmd = VIDIOCSVBIFMT; break;
3101 	default:			return (ENOIOCTL);
3102 	}
3103 
3104 	error = sys_ioctl(td, (struct ioctl_args *)args);
3105 	return (error);
3106 }
3107 
3108 /*
3109  * Special ioctl handler
3110  */
3111 static int
linux_ioctl_special(struct thread * td,struct linux_ioctl_args * args)3112 linux_ioctl_special(struct thread *td, struct linux_ioctl_args *args)
3113 {
3114 	int error;
3115 
3116 	switch (args->cmd) {
3117 	case LINUX_SIOCGIFADDR:
3118 		args->cmd = SIOCGIFADDR;
3119 		error = sys_ioctl(td, (struct ioctl_args *)args);
3120 		break;
3121 	case LINUX_SIOCSIFADDR:
3122 		args->cmd = SIOCSIFADDR;
3123 		error = sys_ioctl(td, (struct ioctl_args *)args);
3124 		break;
3125 	case LINUX_SIOCGIFFLAGS:
3126 		args->cmd = SIOCGIFFLAGS;
3127 		error = sys_ioctl(td, (struct ioctl_args *)args);
3128 		break;
3129 	default:
3130 		error = ENOIOCTL;
3131 	}
3132 
3133 	return (error);
3134 }
3135 
3136 static int
linux_to_bsd_v4l2_standard(struct l_v4l2_standard * lvstd,struct v4l2_standard * vstd)3137 linux_to_bsd_v4l2_standard(struct l_v4l2_standard *lvstd, struct v4l2_standard *vstd)
3138 {
3139 	vstd->index = lvstd->index;
3140 	vstd->id = lvstd->id;
3141 	memcpy(&vstd->name, &lvstd->name, sizeof(*lvstd) - offsetof(struct l_v4l2_standard, name));
3142 	return (0);
3143 }
3144 
3145 static int
bsd_to_linux_v4l2_standard(struct v4l2_standard * vstd,struct l_v4l2_standard * lvstd)3146 bsd_to_linux_v4l2_standard(struct v4l2_standard *vstd, struct l_v4l2_standard *lvstd)
3147 {
3148 	lvstd->index = vstd->index;
3149 	lvstd->id = vstd->id;
3150 	memcpy(&lvstd->name, &vstd->name, sizeof(*lvstd) - offsetof(struct l_v4l2_standard, name));
3151 	return (0);
3152 }
3153 
3154 static int
linux_to_bsd_v4l2_buffer(struct l_v4l2_buffer * lvb,struct v4l2_buffer * vb)3155 linux_to_bsd_v4l2_buffer(struct l_v4l2_buffer *lvb, struct v4l2_buffer *vb)
3156 {
3157 	vb->index = lvb->index;
3158 	vb->type = lvb->type;
3159 	vb->bytesused = lvb->bytesused;
3160 	vb->flags = lvb->flags;
3161 	vb->field = lvb->field;
3162 	vb->timestamp.tv_sec = lvb->timestamp.tv_sec;
3163 	vb->timestamp.tv_usec = lvb->timestamp.tv_usec;
3164 	memcpy(&vb->timecode, &lvb->timecode, sizeof (lvb->timecode));
3165 	vb->sequence = lvb->sequence;
3166 	vb->memory = lvb->memory;
3167 	if (lvb->memory == V4L2_MEMORY_USERPTR)
3168 		/* possible pointer size conversion */
3169 		vb->m.userptr = (unsigned long)PTRIN(lvb->m.userptr);
3170 	else
3171 		vb->m.offset = lvb->m.offset;
3172 	vb->length = lvb->length;
3173 	vb->input = lvb->input;
3174 	vb->reserved = lvb->reserved;
3175 	return (0);
3176 }
3177 
3178 static int
bsd_to_linux_v4l2_buffer(struct v4l2_buffer * vb,struct l_v4l2_buffer * lvb)3179 bsd_to_linux_v4l2_buffer(struct v4l2_buffer *vb, struct l_v4l2_buffer *lvb)
3180 {
3181 	lvb->index = vb->index;
3182 	lvb->type = vb->type;
3183 	lvb->bytesused = vb->bytesused;
3184 	lvb->flags = vb->flags;
3185 	lvb->field = vb->field;
3186 	lvb->timestamp.tv_sec = vb->timestamp.tv_sec;
3187 	lvb->timestamp.tv_usec = vb->timestamp.tv_usec;
3188 	memcpy(&lvb->timecode, &vb->timecode, sizeof (vb->timecode));
3189 	lvb->sequence = vb->sequence;
3190 	lvb->memory = vb->memory;
3191 	if (vb->memory == V4L2_MEMORY_USERPTR)
3192 		/* possible pointer size conversion */
3193 		lvb->m.userptr = PTROUT(vb->m.userptr);
3194 	else
3195 		lvb->m.offset = vb->m.offset;
3196 	lvb->length = vb->length;
3197 	lvb->input = vb->input;
3198 	lvb->reserved = vb->reserved;
3199 	return (0);
3200 }
3201 
3202 static int
linux_to_bsd_v4l2_format(struct l_v4l2_format * lvf,struct v4l2_format * vf)3203 linux_to_bsd_v4l2_format(struct l_v4l2_format *lvf, struct v4l2_format *vf)
3204 {
3205 	vf->type = lvf->type;
3206 	if (lvf->type == V4L2_BUF_TYPE_VIDEO_OVERLAY
3207 #ifdef V4L2_BUF_TYPE_VIDEO_OUTPUT_OVERLAY
3208 	    || lvf->type == V4L2_BUF_TYPE_VIDEO_OUTPUT_OVERLAY
3209 #endif
3210 	    )
3211 		/*
3212 		 * XXX TODO - needs 32 -> 64 bit conversion:
3213 		 * (unused by webcams?)
3214 		 */
3215 		return EINVAL;
3216 	memcpy(&vf->fmt, &lvf->fmt, sizeof(vf->fmt));
3217 	return 0;
3218 }
3219 
3220 static int
bsd_to_linux_v4l2_format(struct v4l2_format * vf,struct l_v4l2_format * lvf)3221 bsd_to_linux_v4l2_format(struct v4l2_format *vf, struct l_v4l2_format *lvf)
3222 {
3223 	lvf->type = vf->type;
3224 	if (vf->type == V4L2_BUF_TYPE_VIDEO_OVERLAY
3225 #ifdef V4L2_BUF_TYPE_VIDEO_OUTPUT_OVERLAY
3226 	    || vf->type == V4L2_BUF_TYPE_VIDEO_OUTPUT_OVERLAY
3227 #endif
3228 	    )
3229 		/*
3230 		 * XXX TODO - needs 32 -> 64 bit conversion:
3231 		 * (unused by webcams?)
3232 		 */
3233 		return EINVAL;
3234 	memcpy(&lvf->fmt, &vf->fmt, sizeof(vf->fmt));
3235 	return 0;
3236 }
3237 static int
linux_ioctl_v4l2(struct thread * td,struct linux_ioctl_args * args)3238 linux_ioctl_v4l2(struct thread *td, struct linux_ioctl_args *args)
3239 {
3240 	cap_rights_t rights;
3241 	struct file *fp;
3242 	int error;
3243 	struct v4l2_format vformat;
3244 	struct l_v4l2_format l_vformat;
3245 	struct v4l2_standard vstd;
3246 	struct l_v4l2_standard l_vstd;
3247 	struct l_v4l2_buffer l_vbuf;
3248 	struct v4l2_buffer vbuf;
3249 	struct v4l2_input vinp;
3250 
3251 	switch (args->cmd & 0xffff) {
3252 	case LINUX_VIDIOC_RESERVED:
3253 	case LINUX_VIDIOC_LOG_STATUS:
3254 		if ((args->cmd & IOC_DIRMASK) != LINUX_IOC_VOID)
3255 			return ENOIOCTL;
3256 		args->cmd = (args->cmd & 0xffff) | IOC_VOID;
3257 		break;
3258 
3259 	case LINUX_VIDIOC_OVERLAY:
3260 	case LINUX_VIDIOC_STREAMON:
3261 	case LINUX_VIDIOC_STREAMOFF:
3262 	case LINUX_VIDIOC_S_STD:
3263 	case LINUX_VIDIOC_S_TUNER:
3264 	case LINUX_VIDIOC_S_AUDIO:
3265 	case LINUX_VIDIOC_S_AUDOUT:
3266 	case LINUX_VIDIOC_S_MODULATOR:
3267 	case LINUX_VIDIOC_S_FREQUENCY:
3268 	case LINUX_VIDIOC_S_CROP:
3269 	case LINUX_VIDIOC_S_JPEGCOMP:
3270 	case LINUX_VIDIOC_S_PRIORITY:
3271 	case LINUX_VIDIOC_DBG_S_REGISTER:
3272 	case LINUX_VIDIOC_S_HW_FREQ_SEEK:
3273 	case LINUX_VIDIOC_SUBSCRIBE_EVENT:
3274 	case LINUX_VIDIOC_UNSUBSCRIBE_EVENT:
3275 		args->cmd = (args->cmd & ~IOC_DIRMASK) | IOC_IN;
3276 		break;
3277 
3278 	case LINUX_VIDIOC_QUERYCAP:
3279 	case LINUX_VIDIOC_G_STD:
3280 	case LINUX_VIDIOC_G_AUDIO:
3281 	case LINUX_VIDIOC_G_INPUT:
3282 	case LINUX_VIDIOC_G_OUTPUT:
3283 	case LINUX_VIDIOC_G_AUDOUT:
3284 	case LINUX_VIDIOC_G_JPEGCOMP:
3285 	case LINUX_VIDIOC_QUERYSTD:
3286 	case LINUX_VIDIOC_G_PRIORITY:
3287 	case LINUX_VIDIOC_QUERY_DV_PRESET:
3288 		args->cmd = (args->cmd & ~IOC_DIRMASK) | IOC_OUT;
3289 		break;
3290 
3291 	case LINUX_VIDIOC_ENUM_FMT:
3292 	case LINUX_VIDIOC_REQBUFS:
3293 	case LINUX_VIDIOC_G_PARM:
3294 	case LINUX_VIDIOC_S_PARM:
3295 	case LINUX_VIDIOC_G_CTRL:
3296 	case LINUX_VIDIOC_S_CTRL:
3297 	case LINUX_VIDIOC_G_TUNER:
3298 	case LINUX_VIDIOC_QUERYCTRL:
3299 	case LINUX_VIDIOC_QUERYMENU:
3300 	case LINUX_VIDIOC_S_INPUT:
3301 	case LINUX_VIDIOC_S_OUTPUT:
3302 	case LINUX_VIDIOC_ENUMOUTPUT:
3303 	case LINUX_VIDIOC_G_MODULATOR:
3304 	case LINUX_VIDIOC_G_FREQUENCY:
3305 	case LINUX_VIDIOC_CROPCAP:
3306 	case LINUX_VIDIOC_G_CROP:
3307 	case LINUX_VIDIOC_ENUMAUDIO:
3308 	case LINUX_VIDIOC_ENUMAUDOUT:
3309 	case LINUX_VIDIOC_G_SLICED_VBI_CAP:
3310 #ifdef VIDIOC_ENUM_FRAMESIZES
3311 	case LINUX_VIDIOC_ENUM_FRAMESIZES:
3312 	case LINUX_VIDIOC_ENUM_FRAMEINTERVALS:
3313 	case LINUX_VIDIOC_ENCODER_CMD:
3314 	case LINUX_VIDIOC_TRY_ENCODER_CMD:
3315 #endif
3316 	case LINUX_VIDIOC_DBG_G_REGISTER:
3317 	case LINUX_VIDIOC_DBG_G_CHIP_IDENT:
3318 	case LINUX_VIDIOC_ENUM_DV_PRESETS:
3319 	case LINUX_VIDIOC_S_DV_PRESET:
3320 	case LINUX_VIDIOC_G_DV_PRESET:
3321 	case LINUX_VIDIOC_S_DV_TIMINGS:
3322 	case LINUX_VIDIOC_G_DV_TIMINGS:
3323 		args->cmd = (args->cmd & ~IOC_DIRMASK) | IOC_INOUT;
3324 		break;
3325 
3326 	case LINUX_VIDIOC_G_FMT:
3327 	case LINUX_VIDIOC_S_FMT:
3328 	case LINUX_VIDIOC_TRY_FMT:
3329 		error = copyin((void *)args->arg, &l_vformat, sizeof(l_vformat));
3330 		if (error)
3331 			return (error);
3332 		error = fget(td, args->fd,
3333 		    cap_rights_init(&rights, CAP_IOCTL), &fp);
3334 		if (error)
3335 			return (error);
3336 		if (linux_to_bsd_v4l2_format(&l_vformat, &vformat) != 0)
3337 			error = EINVAL;
3338 		else if ((args->cmd & 0xffff) == LINUX_VIDIOC_G_FMT)
3339 			error = fo_ioctl(fp, VIDIOC_G_FMT, &vformat,
3340 			    td->td_ucred, td);
3341 		else if ((args->cmd & 0xffff) == LINUX_VIDIOC_S_FMT)
3342 			error = fo_ioctl(fp, VIDIOC_S_FMT, &vformat,
3343 			    td->td_ucred, td);
3344 		else
3345 			error = fo_ioctl(fp, VIDIOC_TRY_FMT, &vformat,
3346 			    td->td_ucred, td);
3347 		bsd_to_linux_v4l2_format(&vformat, &l_vformat);
3348 		copyout(&l_vformat, (void *)args->arg, sizeof(l_vformat));
3349 		fdrop(fp, td);
3350 		return (error);
3351 
3352 	case LINUX_VIDIOC_ENUMSTD:
3353 		error = copyin((void *)args->arg, &l_vstd, sizeof(l_vstd));
3354 		if (error)
3355 			return (error);
3356 		linux_to_bsd_v4l2_standard(&l_vstd, &vstd);
3357 		error = fget(td, args->fd,
3358 		    cap_rights_init(&rights, CAP_IOCTL), &fp);
3359 		if (error)
3360 			return (error);
3361 		error = fo_ioctl(fp, VIDIOC_ENUMSTD, (caddr_t)&vstd,
3362 		    td->td_ucred, td);
3363 		if (error) {
3364 			fdrop(fp, td);
3365 			return (error);
3366 		}
3367 		bsd_to_linux_v4l2_standard(&vstd, &l_vstd);
3368 		error = copyout(&l_vstd, (void *)args->arg, sizeof(l_vstd));
3369 		fdrop(fp, td);
3370 		return (error);
3371 
3372 	case LINUX_VIDIOC_ENUMINPUT:
3373 		/*
3374 		 * The Linux struct l_v4l2_input differs only in size,
3375 		 * it has no padding at the end.
3376 		 */
3377 		error = copyin((void *)args->arg, &vinp,
3378 				sizeof(struct l_v4l2_input));
3379 		if (error != 0)
3380 			return (error);
3381 		error = fget(td, args->fd,
3382 		    cap_rights_init(&rights, CAP_IOCTL), &fp);
3383 		if (error != 0)
3384 			return (error);
3385 		error = fo_ioctl(fp, VIDIOC_ENUMINPUT, (caddr_t)&vinp,
3386 		    td->td_ucred, td);
3387 		if (error) {
3388 			fdrop(fp, td);
3389 			return (error);
3390 		}
3391 		error = copyout(&vinp, (void *)args->arg,
3392 				sizeof(struct l_v4l2_input));
3393 		fdrop(fp, td);
3394 		return (error);
3395 
3396 	case LINUX_VIDIOC_QUERYBUF:
3397 	case LINUX_VIDIOC_QBUF:
3398 	case LINUX_VIDIOC_DQBUF:
3399 		error = copyin((void *)args->arg, &l_vbuf, sizeof(l_vbuf));
3400 		if (error)
3401 			return (error);
3402 		error = fget(td, args->fd,
3403 		    cap_rights_init(&rights, CAP_IOCTL), &fp);
3404 		if (error)
3405 			return (error);
3406 		linux_to_bsd_v4l2_buffer(&l_vbuf, &vbuf);
3407 		if ((args->cmd & 0xffff) == LINUX_VIDIOC_QUERYBUF)
3408 			error = fo_ioctl(fp, VIDIOC_QUERYBUF, &vbuf,
3409 			    td->td_ucred, td);
3410 		else if ((args->cmd & 0xffff) == LINUX_VIDIOC_QBUF)
3411 			error = fo_ioctl(fp, VIDIOC_QBUF, &vbuf,
3412 			    td->td_ucred, td);
3413 		else
3414 			error = fo_ioctl(fp, VIDIOC_DQBUF, &vbuf,
3415 			    td->td_ucred, td);
3416 		bsd_to_linux_v4l2_buffer(&vbuf, &l_vbuf);
3417 		copyout(&l_vbuf, (void *)args->arg, sizeof(l_vbuf));
3418 		fdrop(fp, td);
3419 		return (error);
3420 
3421 	/*
3422 	 * XXX TODO - these need 32 -> 64 bit conversion:
3423 	 * (are any of them needed for webcams?)
3424 	 */
3425 	case LINUX_VIDIOC_G_FBUF:
3426 	case LINUX_VIDIOC_S_FBUF:
3427 
3428 	case LINUX_VIDIOC_G_EXT_CTRLS:
3429 	case LINUX_VIDIOC_S_EXT_CTRLS:
3430 	case LINUX_VIDIOC_TRY_EXT_CTRLS:
3431 
3432 	case LINUX_VIDIOC_DQEVENT:
3433 
3434 	default:			return (ENOIOCTL);
3435 	}
3436 
3437 	error = sys_ioctl(td, (struct ioctl_args *)args);
3438 	return (error);
3439 }
3440 
3441 /*
3442  * Support for emulators/linux-libusb. This port uses FBSD_LUSB* macros
3443  * instead of USB* ones. This lets us to provide correct values for cmd.
3444  * 0xffffffe0 -- 0xffffffff range seemed to be the least collision-prone.
3445  */
3446 static int
linux_ioctl_fbsd_usb(struct thread * td,struct linux_ioctl_args * args)3447 linux_ioctl_fbsd_usb(struct thread *td, struct linux_ioctl_args *args)
3448 {
3449 	int error;
3450 
3451 	error = 0;
3452 	switch (args->cmd) {
3453 	case FBSD_LUSB_DEVICEENUMERATE:
3454 		args->cmd = USB_DEVICEENUMERATE;
3455 		break;
3456 	case FBSD_LUSB_DEV_QUIRK_ADD:
3457 		args->cmd = USB_DEV_QUIRK_ADD;
3458 		break;
3459 	case FBSD_LUSB_DEV_QUIRK_GET:
3460 		args->cmd = USB_DEV_QUIRK_GET;
3461 		break;
3462 	case FBSD_LUSB_DEV_QUIRK_REMOVE:
3463 		args->cmd = USB_DEV_QUIRK_REMOVE;
3464 		break;
3465 	case FBSD_LUSB_DO_REQUEST:
3466 		args->cmd = USB_DO_REQUEST;
3467 		break;
3468 	case FBSD_LUSB_FS_CLEAR_STALL_SYNC:
3469 		args->cmd = USB_FS_CLEAR_STALL_SYNC;
3470 		break;
3471 	case FBSD_LUSB_FS_CLOSE:
3472 		args->cmd = USB_FS_CLOSE;
3473 		break;
3474 	case FBSD_LUSB_FS_COMPLETE:
3475 		args->cmd = USB_FS_COMPLETE;
3476 		break;
3477 	case FBSD_LUSB_FS_INIT:
3478 		args->cmd = USB_FS_INIT;
3479 		break;
3480 	case FBSD_LUSB_FS_OPEN:
3481 		args->cmd = USB_FS_OPEN;
3482 		break;
3483 	case FBSD_LUSB_FS_START:
3484 		args->cmd = USB_FS_START;
3485 		break;
3486 	case FBSD_LUSB_FS_STOP:
3487 		args->cmd = USB_FS_STOP;
3488 		break;
3489 	case FBSD_LUSB_FS_UNINIT:
3490 		args->cmd = USB_FS_UNINIT;
3491 		break;
3492 	case FBSD_LUSB_GET_CONFIG:
3493 		args->cmd = USB_GET_CONFIG;
3494 		break;
3495 	case FBSD_LUSB_GET_DEVICEINFO:
3496 		args->cmd = USB_GET_DEVICEINFO;
3497 		break;
3498 	case FBSD_LUSB_GET_DEVICE_DESC:
3499 		args->cmd = USB_GET_DEVICE_DESC;
3500 		break;
3501 	case FBSD_LUSB_GET_FULL_DESC:
3502 		args->cmd = USB_GET_FULL_DESC;
3503 		break;
3504 	case FBSD_LUSB_GET_IFACE_DRIVER:
3505 		args->cmd = USB_GET_IFACE_DRIVER;
3506 		break;
3507 	case FBSD_LUSB_GET_PLUGTIME:
3508 		args->cmd = USB_GET_PLUGTIME;
3509 		break;
3510 	case FBSD_LUSB_GET_POWER_MODE:
3511 		args->cmd = USB_GET_POWER_MODE;
3512 		break;
3513 	case FBSD_LUSB_GET_REPORT_DESC:
3514 		args->cmd = USB_GET_REPORT_DESC;
3515 		break;
3516 	case FBSD_LUSB_GET_REPORT_ID:
3517 		args->cmd = USB_GET_REPORT_ID;
3518 		break;
3519 	case FBSD_LUSB_GET_TEMPLATE:
3520 		args->cmd = USB_GET_TEMPLATE;
3521 		break;
3522 	case FBSD_LUSB_IFACE_DRIVER_ACTIVE:
3523 		args->cmd = USB_IFACE_DRIVER_ACTIVE;
3524 		break;
3525 	case FBSD_LUSB_IFACE_DRIVER_DETACH:
3526 		args->cmd = USB_IFACE_DRIVER_DETACH;
3527 		break;
3528 	case FBSD_LUSB_QUIRK_NAME_GET:
3529 		args->cmd = USB_QUIRK_NAME_GET;
3530 		break;
3531 	case FBSD_LUSB_READ_DIR:
3532 		args->cmd = USB_READ_DIR;
3533 		break;
3534 	case FBSD_LUSB_SET_ALTINTERFACE:
3535 		args->cmd = USB_SET_ALTINTERFACE;
3536 		break;
3537 	case FBSD_LUSB_SET_CONFIG:
3538 		args->cmd = USB_SET_CONFIG;
3539 		break;
3540 	case FBSD_LUSB_SET_IMMED:
3541 		args->cmd = USB_SET_IMMED;
3542 		break;
3543 	case FBSD_LUSB_SET_POWER_MODE:
3544 		args->cmd = USB_SET_POWER_MODE;
3545 		break;
3546 	case FBSD_LUSB_SET_TEMPLATE:
3547 		args->cmd = USB_SET_TEMPLATE;
3548 		break;
3549 	case FBSD_LUSB_FS_OPEN_STREAM:
3550 		args->cmd = USB_FS_OPEN_STREAM;
3551 		break;
3552 	case FBSD_LUSB_GET_DEV_PORT_PATH:
3553 		args->cmd = USB_GET_DEV_PORT_PATH;
3554 		break;
3555 	case FBSD_LUSB_GET_POWER_USAGE:
3556 		args->cmd = USB_GET_POWER_USAGE;
3557 		break;
3558 	case FBSD_LUSB_DEVICESTATS:
3559 		args->cmd = USB_DEVICESTATS;
3560 		break;
3561 	default:
3562 		error = ENOIOCTL;
3563 	}
3564 	if (error != ENOIOCTL)
3565 		error = sys_ioctl(td, (struct ioctl_args *)args);
3566 	return (error);
3567 }
3568 
3569 /*
3570  * main ioctl syscall function
3571  */
3572 
3573 int
linux_ioctl(struct thread * td,struct linux_ioctl_args * args)3574 linux_ioctl(struct thread *td, struct linux_ioctl_args *args)
3575 {
3576 	cap_rights_t rights;
3577 	struct file *fp;
3578 	struct handler_element *he;
3579 	int error, cmd;
3580 
3581 #ifdef DEBUG
3582 	if (ldebug(ioctl))
3583 		printf(ARGS(ioctl, "%d, %04lx, *"), args->fd,
3584 		    (unsigned long)args->cmd);
3585 #endif
3586 
3587 	error = fget(td, args->fd, cap_rights_init(&rights, CAP_IOCTL), &fp);
3588 	if (error != 0)
3589 		return (error);
3590 	if ((fp->f_flag & (FREAD|FWRITE)) == 0) {
3591 		fdrop(fp, td);
3592 		return (EBADF);
3593 	}
3594 
3595 	/* Iterate over the ioctl handlers */
3596 	cmd = args->cmd & 0xffff;
3597 	sx_slock(&linux_ioctl_sx);
3598 	mtx_lock(&Giant);
3599 	TAILQ_FOREACH(he, &handlers, list) {
3600 		if (cmd >= he->low && cmd <= he->high) {
3601 			error = (*he->func)(td, args);
3602 			if (error != ENOIOCTL) {
3603 				mtx_unlock(&Giant);
3604 				sx_sunlock(&linux_ioctl_sx);
3605 				fdrop(fp, td);
3606 				return (error);
3607 			}
3608 		}
3609 	}
3610 	mtx_unlock(&Giant);
3611 	sx_sunlock(&linux_ioctl_sx);
3612 	fdrop(fp, td);
3613 
3614 	switch (args->cmd & 0xffff) {
3615 	case LINUX_BTRFS_IOC_CLONE:
3616 		return (ENOTSUP);
3617 
3618 	default:
3619 		linux_msg(td, "ioctl fd=%d, cmd=0x%x ('%c',%d) is not implemented",
3620 		    args->fd, (int)(args->cmd & 0xffff),
3621 		    (int)(args->cmd & 0xff00) >> 8, (int)(args->cmd & 0xff));
3622 		break;
3623 	}
3624 
3625 	return (EINVAL);
3626 }
3627 
3628 int
linux_ioctl_register_handler(struct linux_ioctl_handler * h)3629 linux_ioctl_register_handler(struct linux_ioctl_handler *h)
3630 {
3631 	struct handler_element *he, *cur;
3632 
3633 	if (h == NULL || h->func == NULL)
3634 		return (EINVAL);
3635 
3636 	/*
3637 	 * Reuse the element if the handler is already on the list, otherwise
3638 	 * create a new element.
3639 	 */
3640 	sx_xlock(&linux_ioctl_sx);
3641 	TAILQ_FOREACH(he, &handlers, list) {
3642 		if (he->func == h->func)
3643 			break;
3644 	}
3645 	if (he == NULL) {
3646 		he = malloc(sizeof(*he),
3647 		    M_LINUX, M_WAITOK);
3648 		he->func = h->func;
3649 	} else
3650 		TAILQ_REMOVE(&handlers, he, list);
3651 
3652 	/* Initialize range information. */
3653 	he->low = h->low;
3654 	he->high = h->high;
3655 	he->span = h->high - h->low + 1;
3656 
3657 	/* Add the element to the list, sorted on span. */
3658 	TAILQ_FOREACH(cur, &handlers, list) {
3659 		if (cur->span > he->span) {
3660 			TAILQ_INSERT_BEFORE(cur, he, list);
3661 			sx_xunlock(&linux_ioctl_sx);
3662 			return (0);
3663 		}
3664 	}
3665 	TAILQ_INSERT_TAIL(&handlers, he, list);
3666 	sx_xunlock(&linux_ioctl_sx);
3667 
3668 	return (0);
3669 }
3670 
3671 int
linux_ioctl_unregister_handler(struct linux_ioctl_handler * h)3672 linux_ioctl_unregister_handler(struct linux_ioctl_handler *h)
3673 {
3674 	struct handler_element *he;
3675 
3676 	if (h == NULL || h->func == NULL)
3677 		return (EINVAL);
3678 
3679 	sx_xlock(&linux_ioctl_sx);
3680 	TAILQ_FOREACH(he, &handlers, list) {
3681 		if (he->func == h->func) {
3682 			TAILQ_REMOVE(&handlers, he, list);
3683 			sx_xunlock(&linux_ioctl_sx);
3684 			free(he, M_LINUX);
3685 			return (0);
3686 		}
3687 	}
3688 	sx_xunlock(&linux_ioctl_sx);
3689 
3690 	return (EINVAL);
3691 }
3692