1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3  *
4  * Copyright (c) 1994-1995 Søren Schmidt
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  *
16  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26  * SUCH DAMAGE.
27  */
28 
29 #include "opt_compat.h"
30 
31 #include <sys/cdefs.h>
32 __FBSDID("$FreeBSD: stable/12/sys/compat/linux/linux_ioctl.c 364712 2020-08-24 17:06:34Z trasz $");
33 
34 #include <sys/param.h>
35 #include <sys/systm.h>
36 #include <sys/sysproto.h>
37 #ifdef COMPAT_LINUX32
38 #include <sys/abi_compat.h>
39 #endif
40 #include <sys/capsicum.h>
41 #include <sys/cdio.h>
42 #include <sys/dvdio.h>
43 #include <sys/conf.h>
44 #include <sys/disk.h>
45 #include <sys/consio.h>
46 #include <sys/ctype.h>
47 #include <sys/fcntl.h>
48 #include <sys/file.h>
49 #include <sys/filedesc.h>
50 #include <sys/filio.h>
51 #include <sys/jail.h>
52 #include <sys/kbio.h>
53 #include <sys/kernel.h>
54 #include <sys/linker_set.h>
55 #include <sys/lock.h>
56 #include <sys/malloc.h>
57 #include <sys/proc.h>
58 #include <sys/sbuf.h>
59 #include <sys/socket.h>
60 #include <sys/sockio.h>
61 #include <sys/soundcard.h>
62 #include <sys/stdint.h>
63 #include <sys/sx.h>
64 #include <sys/sysctl.h>
65 #include <sys/tty.h>
66 #include <sys/uio.h>
67 #include <sys/types.h>
68 #include <sys/mman.h>
69 #include <sys/resourcevar.h>
70 
71 #include <net/if.h>
72 #include <net/if_var.h>
73 #include <net/if_dl.h>
74 #include <net/if_types.h>
75 
76 #include <dev/evdev/input.h>
77 #include <dev/usb/usb_ioctl.h>
78 
79 #ifdef COMPAT_LINUX32
80 #include <machine/../linux32/linux.h>
81 #include <machine/../linux32/linux32_proto.h>
82 #else
83 #include <machine/../linux/linux.h>
84 #include <machine/../linux/linux_proto.h>
85 #endif
86 
87 #include <compat/linux/linux_common.h>
88 #include <compat/linux/linux_ioctl.h>
89 #include <compat/linux/linux_mib.h>
90 #include <compat/linux/linux_socket.h>
91 #include <compat/linux/linux_timer.h>
92 #include <compat/linux/linux_util.h>
93 
94 #include <contrib/v4l/videodev.h>
95 #include <compat/linux/linux_videodev_compat.h>
96 
97 #include <contrib/v4l/videodev2.h>
98 #include <compat/linux/linux_videodev2_compat.h>
99 
100 #include <cam/scsi/scsi_sg.h>
101 
102 CTASSERT(LINUX_IFNAMSIZ == IFNAMSIZ);
103 
104 static linux_ioctl_function_t linux_ioctl_cdrom;
105 static linux_ioctl_function_t linux_ioctl_vfat;
106 static linux_ioctl_function_t linux_ioctl_console;
107 static linux_ioctl_function_t linux_ioctl_hdio;
108 static linux_ioctl_function_t linux_ioctl_disk;
109 static linux_ioctl_function_t linux_ioctl_socket;
110 static linux_ioctl_function_t linux_ioctl_sound;
111 static linux_ioctl_function_t linux_ioctl_termio;
112 static linux_ioctl_function_t linux_ioctl_private;
113 static linux_ioctl_function_t linux_ioctl_drm;
114 static linux_ioctl_function_t linux_ioctl_sg;
115 static linux_ioctl_function_t linux_ioctl_v4l;
116 static linux_ioctl_function_t linux_ioctl_v4l2;
117 static linux_ioctl_function_t linux_ioctl_special;
118 static linux_ioctl_function_t linux_ioctl_fbsd_usb;
119 static linux_ioctl_function_t linux_ioctl_evdev;
120 
121 static struct linux_ioctl_handler cdrom_handler =
122 { linux_ioctl_cdrom, LINUX_IOCTL_CDROM_MIN, LINUX_IOCTL_CDROM_MAX };
123 static struct linux_ioctl_handler vfat_handler =
124 { linux_ioctl_vfat, LINUX_IOCTL_VFAT_MIN, LINUX_IOCTL_VFAT_MAX };
125 static struct linux_ioctl_handler console_handler =
126 { linux_ioctl_console, LINUX_IOCTL_CONSOLE_MIN, LINUX_IOCTL_CONSOLE_MAX };
127 static struct linux_ioctl_handler hdio_handler =
128 { linux_ioctl_hdio, LINUX_IOCTL_HDIO_MIN, LINUX_IOCTL_HDIO_MAX };
129 static struct linux_ioctl_handler disk_handler =
130 { linux_ioctl_disk, LINUX_IOCTL_DISK_MIN, LINUX_IOCTL_DISK_MAX };
131 static struct linux_ioctl_handler socket_handler =
132 { linux_ioctl_socket, LINUX_IOCTL_SOCKET_MIN, LINUX_IOCTL_SOCKET_MAX };
133 static struct linux_ioctl_handler sound_handler =
134 { linux_ioctl_sound, LINUX_IOCTL_SOUND_MIN, LINUX_IOCTL_SOUND_MAX };
135 static struct linux_ioctl_handler termio_handler =
136 { linux_ioctl_termio, LINUX_IOCTL_TERMIO_MIN, LINUX_IOCTL_TERMIO_MAX };
137 static struct linux_ioctl_handler private_handler =
138 { linux_ioctl_private, LINUX_IOCTL_PRIVATE_MIN, LINUX_IOCTL_PRIVATE_MAX };
139 static struct linux_ioctl_handler drm_handler =
140 { linux_ioctl_drm, LINUX_IOCTL_DRM_MIN, LINUX_IOCTL_DRM_MAX };
141 static struct linux_ioctl_handler sg_handler =
142 { linux_ioctl_sg, LINUX_IOCTL_SG_MIN, LINUX_IOCTL_SG_MAX };
143 static struct linux_ioctl_handler video_handler =
144 { linux_ioctl_v4l, LINUX_IOCTL_VIDEO_MIN, LINUX_IOCTL_VIDEO_MAX };
145 static struct linux_ioctl_handler video2_handler =
146 { linux_ioctl_v4l2, LINUX_IOCTL_VIDEO2_MIN, LINUX_IOCTL_VIDEO2_MAX };
147 static struct linux_ioctl_handler fbsd_usb =
148 { linux_ioctl_fbsd_usb, FBSD_LUSB_MIN, FBSD_LUSB_MAX };
149 static struct linux_ioctl_handler evdev_handler =
150 { linux_ioctl_evdev, LINUX_IOCTL_EVDEV_MIN, LINUX_IOCTL_EVDEV_MAX };
151 
152 DATA_SET(linux_ioctl_handler_set, cdrom_handler);
153 DATA_SET(linux_ioctl_handler_set, vfat_handler);
154 DATA_SET(linux_ioctl_handler_set, console_handler);
155 DATA_SET(linux_ioctl_handler_set, hdio_handler);
156 DATA_SET(linux_ioctl_handler_set, disk_handler);
157 DATA_SET(linux_ioctl_handler_set, socket_handler);
158 DATA_SET(linux_ioctl_handler_set, sound_handler);
159 DATA_SET(linux_ioctl_handler_set, termio_handler);
160 DATA_SET(linux_ioctl_handler_set, private_handler);
161 DATA_SET(linux_ioctl_handler_set, drm_handler);
162 DATA_SET(linux_ioctl_handler_set, sg_handler);
163 DATA_SET(linux_ioctl_handler_set, video_handler);
164 DATA_SET(linux_ioctl_handler_set, video2_handler);
165 DATA_SET(linux_ioctl_handler_set, fbsd_usb);
166 DATA_SET(linux_ioctl_handler_set, evdev_handler);
167 
168 #ifdef __i386__
169 static TAILQ_HEAD(, linux_ioctl_handler_element) linux_ioctl_handlers =
170     TAILQ_HEAD_INITIALIZER(linux_ioctl_handlers);
171 static struct sx linux_ioctl_sx;
172 SX_SYSINIT(linux_ioctl, &linux_ioctl_sx, "Linux ioctl handlers");
173 #else
174 extern TAILQ_HEAD(, linux_ioctl_handler_element) linux_ioctl_handlers;
175 extern struct sx linux_ioctl_sx;
176 #endif
177 #ifdef COMPAT_LINUX32
178 static TAILQ_HEAD(, linux_ioctl_handler_element) linux32_ioctl_handlers =
179     TAILQ_HEAD_INITIALIZER(linux32_ioctl_handlers);
180 #endif
181 
182 /*
183  * hdio related ioctls for VMWare support
184  */
185 
186 struct linux_hd_geometry {
187 	u_int8_t	heads;
188 	u_int8_t	sectors;
189 	u_int16_t	cylinders;
190 	u_int32_t	start;
191 };
192 
193 struct linux_hd_big_geometry {
194 	u_int8_t	heads;
195 	u_int8_t	sectors;
196 	u_int32_t	cylinders;
197 	u_int32_t	start;
198 };
199 
200 static int
linux_ioctl_hdio(struct thread * td,struct linux_ioctl_args * args)201 linux_ioctl_hdio(struct thread *td, struct linux_ioctl_args *args)
202 {
203 	struct file *fp;
204 	int error;
205 	u_int sectorsize, fwcylinders, fwheads, fwsectors;
206 	off_t mediasize, bytespercyl;
207 
208 	error = fget(td, args->fd, &cap_ioctl_rights, &fp);
209 	if (error != 0)
210 		return (error);
211 	switch (args->cmd & 0xffff) {
212 	case LINUX_HDIO_GET_GEO:
213 	case LINUX_HDIO_GET_GEO_BIG:
214 		error = fo_ioctl(fp, DIOCGMEDIASIZE,
215 			(caddr_t)&mediasize, td->td_ucred, td);
216 		if (!error)
217 			error = fo_ioctl(fp, DIOCGSECTORSIZE,
218 				(caddr_t)&sectorsize, td->td_ucred, td);
219 		if (!error)
220 			error = fo_ioctl(fp, DIOCGFWHEADS,
221 				(caddr_t)&fwheads, td->td_ucred, td);
222 		if (!error)
223 			error = fo_ioctl(fp, DIOCGFWSECTORS,
224 				(caddr_t)&fwsectors, td->td_ucred, td);
225 		/*
226 		 * XXX: DIOCGFIRSTOFFSET is not yet implemented, so
227 		 * so pretend that GEOM always says 0. This is NOT VALID
228 		 * for slices or partitions, only the per-disk raw devices.
229 		 */
230 
231 		fdrop(fp, td);
232 		if (error)
233 			return (error);
234 		/*
235 		 * 1. Calculate the number of bytes in a cylinder,
236 		 *    given the firmware's notion of heads and sectors
237 		 *    per cylinder.
238 		 * 2. Calculate the number of cylinders, given the total
239 		 *    size of the media.
240 		 * All internal calculations should have 64-bit precision.
241 		 */
242 		bytespercyl = (off_t) sectorsize * fwheads * fwsectors;
243 		fwcylinders = mediasize / bytespercyl;
244 
245 		if ((args->cmd & 0xffff) == LINUX_HDIO_GET_GEO) {
246 			struct linux_hd_geometry hdg;
247 
248 			hdg.cylinders = fwcylinders;
249 			hdg.heads = fwheads;
250 			hdg.sectors = fwsectors;
251 			hdg.start = 0;
252 			error = copyout(&hdg, (void *)args->arg, sizeof(hdg));
253 		} else if ((args->cmd & 0xffff) == LINUX_HDIO_GET_GEO_BIG) {
254 			struct linux_hd_big_geometry hdbg;
255 
256 			memset(&hdbg, 0, sizeof(hdbg));
257 			hdbg.cylinders = fwcylinders;
258 			hdbg.heads = fwheads;
259 			hdbg.sectors = fwsectors;
260 			hdbg.start = 0;
261 			error = copyout(&hdbg, (void *)args->arg, sizeof(hdbg));
262 		}
263 		return (error);
264 		break;
265 	default:
266 		/* XXX */
267 		linux_msg(td,
268 			"ioctl fd=%d, cmd=0x%x ('%c',%d) is not implemented",
269 			args->fd, (int)(args->cmd & 0xffff),
270 			(int)(args->cmd & 0xff00) >> 8,
271 			(int)(args->cmd & 0xff));
272 		break;
273 	}
274 	fdrop(fp, td);
275 	return (ENOIOCTL);
276 }
277 
278 static int
linux_ioctl_disk(struct thread * td,struct linux_ioctl_args * args)279 linux_ioctl_disk(struct thread *td, struct linux_ioctl_args *args)
280 {
281 	struct file *fp;
282 	int error;
283 	u_int sectorsize, psectorsize;
284 	uint64_t blksize64;
285 	off_t mediasize, stripesize;
286 
287 	error = fget(td, args->fd, &cap_ioctl_rights, &fp);
288 	if (error != 0)
289 		return (error);
290 	switch (args->cmd & 0xffff) {
291 	case LINUX_BLKGETSIZE:
292 		error = fo_ioctl(fp, DIOCGSECTORSIZE,
293 		    (caddr_t)&sectorsize, td->td_ucred, td);
294 		if (!error)
295 			error = fo_ioctl(fp, DIOCGMEDIASIZE,
296 			    (caddr_t)&mediasize, td->td_ucred, td);
297 		fdrop(fp, td);
298 		if (error)
299 			return (error);
300 		sectorsize = mediasize / sectorsize;
301 		/*
302 		 * XXX: How do we know we return the right size of integer ?
303 		 */
304 		return (copyout(&sectorsize, (void *)args->arg,
305 		    sizeof(sectorsize)));
306 		break;
307 	case LINUX_BLKGETSIZE64:
308 		error = fo_ioctl(fp, DIOCGMEDIASIZE,
309 		    (caddr_t)&mediasize, td->td_ucred, td);
310 		fdrop(fp, td);
311 		if (error)
312 			return (error);
313 		blksize64 = mediasize;;
314 		return (copyout(&blksize64, (void *)args->arg,
315 		    sizeof(blksize64)));
316 	case LINUX_BLKSSZGET:
317 		error = fo_ioctl(fp, DIOCGSECTORSIZE,
318 		    (caddr_t)&sectorsize, td->td_ucred, td);
319 		fdrop(fp, td);
320 		if (error)
321 			return (error);
322 		return (copyout(&sectorsize, (void *)args->arg,
323 		    sizeof(sectorsize)));
324 		break;
325 	case LINUX_BLKPBSZGET:
326 		error = fo_ioctl(fp, DIOCGSTRIPESIZE,
327 		    (caddr_t)&stripesize, td->td_ucred, td);
328 		if (error != 0) {
329 			fdrop(fp, td);
330 			return (error);
331 		}
332 		if (stripesize > 0 && stripesize <= 4096) {
333 			psectorsize = stripesize;
334 		} else  {
335 			error = fo_ioctl(fp, DIOCGSECTORSIZE,
336 			    (caddr_t)&sectorsize, td->td_ucred, td);
337 			if (error != 0) {
338 				fdrop(fp, td);
339 				return (error);
340 			}
341 			psectorsize = sectorsize;
342 		}
343 		fdrop(fp, td);
344 		return (copyout(&psectorsize, (void *)args->arg,
345 		    sizeof(psectorsize)));
346 	}
347 	fdrop(fp, td);
348 	return (ENOIOCTL);
349 }
350 
351 /*
352  * termio related ioctls
353  */
354 
355 struct linux_termio {
356 	unsigned short c_iflag;
357 	unsigned short c_oflag;
358 	unsigned short c_cflag;
359 	unsigned short c_lflag;
360 	unsigned char c_line;
361 	unsigned char c_cc[LINUX_NCC];
362 };
363 
364 struct linux_termios {
365 	unsigned int c_iflag;
366 	unsigned int c_oflag;
367 	unsigned int c_cflag;
368 	unsigned int c_lflag;
369 	unsigned char c_line;
370 	unsigned char c_cc[LINUX_NCCS];
371 };
372 
373 struct linux_winsize {
374 	unsigned short ws_row, ws_col;
375 	unsigned short ws_xpixel, ws_ypixel;
376 };
377 
378 struct speedtab {
379 	int sp_speed;			/* Speed. */
380 	int sp_code;			/* Code. */
381 };
382 
383 static struct speedtab sptab[] = {
384 	{ B0, LINUX_B0 }, { B50, LINUX_B50 },
385 	{ B75, LINUX_B75 }, { B110, LINUX_B110 },
386 	{ B134, LINUX_B134 }, { B150, LINUX_B150 },
387 	{ B200, LINUX_B200 }, { B300, LINUX_B300 },
388 	{ B600, LINUX_B600 }, { B1200, LINUX_B1200 },
389 	{ B1800, LINUX_B1800 }, { B2400, LINUX_B2400 },
390 	{ B4800, LINUX_B4800 }, { B9600, LINUX_B9600 },
391 	{ B19200, LINUX_B19200 }, { B38400, LINUX_B38400 },
392 	{ B57600, LINUX_B57600 }, { B115200, LINUX_B115200 },
393 	{-1, -1 }
394 };
395 
396 struct linux_serial_struct {
397 	int	type;
398 	int	line;
399 	int	port;
400 	int	irq;
401 	int	flags;
402 	int	xmit_fifo_size;
403 	int	custom_divisor;
404 	int	baud_base;
405 	unsigned short close_delay;
406 	char	reserved_char[2];
407 	int	hub6;
408 	unsigned short closing_wait;
409 	unsigned short closing_wait2;
410 	int	reserved[4];
411 };
412 
413 static int
linux_to_bsd_speed(int code,struct speedtab * table)414 linux_to_bsd_speed(int code, struct speedtab *table)
415 {
416 	for ( ; table->sp_code != -1; table++)
417 		if (table->sp_code == code)
418 			return (table->sp_speed);
419 	return (-1);
420 }
421 
422 static int
bsd_to_linux_speed(int speed,struct speedtab * table)423 bsd_to_linux_speed(int speed, struct speedtab *table)
424 {
425 	for ( ; table->sp_speed != -1; table++)
426 		if (table->sp_speed == speed)
427 			return (table->sp_code);
428 	return (-1);
429 }
430 
431 static void
bsd_to_linux_termios(struct termios * bios,struct linux_termios * lios)432 bsd_to_linux_termios(struct termios *bios, struct linux_termios *lios)
433 {
434 	int i;
435 
436 	lios->c_iflag = 0;
437 	if (bios->c_iflag & IGNBRK)
438 		lios->c_iflag |= LINUX_IGNBRK;
439 	if (bios->c_iflag & BRKINT)
440 		lios->c_iflag |= LINUX_BRKINT;
441 	if (bios->c_iflag & IGNPAR)
442 		lios->c_iflag |= LINUX_IGNPAR;
443 	if (bios->c_iflag & PARMRK)
444 		lios->c_iflag |= LINUX_PARMRK;
445 	if (bios->c_iflag & INPCK)
446 		lios->c_iflag |= LINUX_INPCK;
447 	if (bios->c_iflag & ISTRIP)
448 		lios->c_iflag |= LINUX_ISTRIP;
449 	if (bios->c_iflag & INLCR)
450 		lios->c_iflag |= LINUX_INLCR;
451 	if (bios->c_iflag & IGNCR)
452 		lios->c_iflag |= LINUX_IGNCR;
453 	if (bios->c_iflag & ICRNL)
454 		lios->c_iflag |= LINUX_ICRNL;
455 	if (bios->c_iflag & IXON)
456 		lios->c_iflag |= LINUX_IXON;
457 	if (bios->c_iflag & IXANY)
458 		lios->c_iflag |= LINUX_IXANY;
459 	if (bios->c_iflag & IXOFF)
460 		lios->c_iflag |= LINUX_IXOFF;
461 	if (bios->c_iflag & IMAXBEL)
462 		lios->c_iflag |= LINUX_IMAXBEL;
463 
464 	lios->c_oflag = 0;
465 	if (bios->c_oflag & OPOST)
466 		lios->c_oflag |= LINUX_OPOST;
467 	if (bios->c_oflag & ONLCR)
468 		lios->c_oflag |= LINUX_ONLCR;
469 	if (bios->c_oflag & TAB3)
470 		lios->c_oflag |= LINUX_XTABS;
471 
472 	lios->c_cflag = bsd_to_linux_speed(bios->c_ispeed, sptab);
473 	lios->c_cflag |= (bios->c_cflag & CSIZE) >> 4;
474 	if (bios->c_cflag & CSTOPB)
475 		lios->c_cflag |= LINUX_CSTOPB;
476 	if (bios->c_cflag & CREAD)
477 		lios->c_cflag |= LINUX_CREAD;
478 	if (bios->c_cflag & PARENB)
479 		lios->c_cflag |= LINUX_PARENB;
480 	if (bios->c_cflag & PARODD)
481 		lios->c_cflag |= LINUX_PARODD;
482 	if (bios->c_cflag & HUPCL)
483 		lios->c_cflag |= LINUX_HUPCL;
484 	if (bios->c_cflag & CLOCAL)
485 		lios->c_cflag |= LINUX_CLOCAL;
486 	if (bios->c_cflag & CRTSCTS)
487 		lios->c_cflag |= LINUX_CRTSCTS;
488 
489 	lios->c_lflag = 0;
490 	if (bios->c_lflag & ISIG)
491 		lios->c_lflag |= LINUX_ISIG;
492 	if (bios->c_lflag & ICANON)
493 		lios->c_lflag |= LINUX_ICANON;
494 	if (bios->c_lflag & ECHO)
495 		lios->c_lflag |= LINUX_ECHO;
496 	if (bios->c_lflag & ECHOE)
497 		lios->c_lflag |= LINUX_ECHOE;
498 	if (bios->c_lflag & ECHOK)
499 		lios->c_lflag |= LINUX_ECHOK;
500 	if (bios->c_lflag & ECHONL)
501 		lios->c_lflag |= LINUX_ECHONL;
502 	if (bios->c_lflag & NOFLSH)
503 		lios->c_lflag |= LINUX_NOFLSH;
504 	if (bios->c_lflag & TOSTOP)
505 		lios->c_lflag |= LINUX_TOSTOP;
506 	if (bios->c_lflag & ECHOCTL)
507 		lios->c_lflag |= LINUX_ECHOCTL;
508 	if (bios->c_lflag & ECHOPRT)
509 		lios->c_lflag |= LINUX_ECHOPRT;
510 	if (bios->c_lflag & ECHOKE)
511 		lios->c_lflag |= LINUX_ECHOKE;
512 	if (bios->c_lflag & FLUSHO)
513 		lios->c_lflag |= LINUX_FLUSHO;
514 	if (bios->c_lflag & PENDIN)
515 		lios->c_lflag |= LINUX_PENDIN;
516 	if (bios->c_lflag & IEXTEN)
517 		lios->c_lflag |= LINUX_IEXTEN;
518 
519 	for (i=0; i<LINUX_NCCS; i++)
520 		lios->c_cc[i] = LINUX_POSIX_VDISABLE;
521 	lios->c_cc[LINUX_VINTR] = bios->c_cc[VINTR];
522 	lios->c_cc[LINUX_VQUIT] = bios->c_cc[VQUIT];
523 	lios->c_cc[LINUX_VERASE] = bios->c_cc[VERASE];
524 	lios->c_cc[LINUX_VKILL] = bios->c_cc[VKILL];
525 	lios->c_cc[LINUX_VEOF] = bios->c_cc[VEOF];
526 	lios->c_cc[LINUX_VEOL] = bios->c_cc[VEOL];
527 	lios->c_cc[LINUX_VMIN] = bios->c_cc[VMIN];
528 	lios->c_cc[LINUX_VTIME] = bios->c_cc[VTIME];
529 	lios->c_cc[LINUX_VEOL2] = bios->c_cc[VEOL2];
530 	lios->c_cc[LINUX_VSUSP] = bios->c_cc[VSUSP];
531 	lios->c_cc[LINUX_VSTART] = bios->c_cc[VSTART];
532 	lios->c_cc[LINUX_VSTOP] = bios->c_cc[VSTOP];
533 	lios->c_cc[LINUX_VREPRINT] = bios->c_cc[VREPRINT];
534 	lios->c_cc[LINUX_VDISCARD] = bios->c_cc[VDISCARD];
535 	lios->c_cc[LINUX_VWERASE] = bios->c_cc[VWERASE];
536 	lios->c_cc[LINUX_VLNEXT] = bios->c_cc[VLNEXT];
537 	if (linux_preserve_vstatus)
538 		lios->c_cc[LINUX_VSTATUS] = bios->c_cc[VSTATUS];
539 
540 	for (i=0; i<LINUX_NCCS; i++) {
541 		if (i != LINUX_VMIN && i != LINUX_VTIME &&
542 		    lios->c_cc[i] == _POSIX_VDISABLE)
543 			lios->c_cc[i] = LINUX_POSIX_VDISABLE;
544 	}
545 	lios->c_line = 0;
546 }
547 
548 static void
linux_to_bsd_termios(struct linux_termios * lios,struct termios * bios)549 linux_to_bsd_termios(struct linux_termios *lios, struct termios *bios)
550 {
551 	int i;
552 
553 	bios->c_iflag = 0;
554 	if (lios->c_iflag & LINUX_IGNBRK)
555 		bios->c_iflag |= IGNBRK;
556 	if (lios->c_iflag & LINUX_BRKINT)
557 		bios->c_iflag |= BRKINT;
558 	if (lios->c_iflag & LINUX_IGNPAR)
559 		bios->c_iflag |= IGNPAR;
560 	if (lios->c_iflag & LINUX_PARMRK)
561 		bios->c_iflag |= PARMRK;
562 	if (lios->c_iflag & LINUX_INPCK)
563 		bios->c_iflag |= INPCK;
564 	if (lios->c_iflag & LINUX_ISTRIP)
565 		bios->c_iflag |= ISTRIP;
566 	if (lios->c_iflag & LINUX_INLCR)
567 		bios->c_iflag |= INLCR;
568 	if (lios->c_iflag & LINUX_IGNCR)
569 		bios->c_iflag |= IGNCR;
570 	if (lios->c_iflag & LINUX_ICRNL)
571 		bios->c_iflag |= ICRNL;
572 	if (lios->c_iflag & LINUX_IXON)
573 		bios->c_iflag |= IXON;
574 	if (lios->c_iflag & LINUX_IXANY)
575 		bios->c_iflag |= IXANY;
576 	if (lios->c_iflag & LINUX_IXOFF)
577 		bios->c_iflag |= IXOFF;
578 	if (lios->c_iflag & LINUX_IMAXBEL)
579 		bios->c_iflag |= IMAXBEL;
580 
581 	bios->c_oflag = 0;
582 	if (lios->c_oflag & LINUX_OPOST)
583 		bios->c_oflag |= OPOST;
584 	if (lios->c_oflag & LINUX_ONLCR)
585 		bios->c_oflag |= ONLCR;
586 	if (lios->c_oflag & LINUX_XTABS)
587 		bios->c_oflag |= TAB3;
588 
589 	bios->c_cflag = (lios->c_cflag & LINUX_CSIZE) << 4;
590 	if (lios->c_cflag & LINUX_CSTOPB)
591 		bios->c_cflag |= CSTOPB;
592 	if (lios->c_cflag & LINUX_CREAD)
593 		bios->c_cflag |= CREAD;
594 	if (lios->c_cflag & LINUX_PARENB)
595 		bios->c_cflag |= PARENB;
596 	if (lios->c_cflag & LINUX_PARODD)
597 		bios->c_cflag |= PARODD;
598 	if (lios->c_cflag & LINUX_HUPCL)
599 		bios->c_cflag |= HUPCL;
600 	if (lios->c_cflag & LINUX_CLOCAL)
601 		bios->c_cflag |= CLOCAL;
602 	if (lios->c_cflag & LINUX_CRTSCTS)
603 		bios->c_cflag |= CRTSCTS;
604 
605 	bios->c_lflag = 0;
606 	if (lios->c_lflag & LINUX_ISIG)
607 		bios->c_lflag |= ISIG;
608 	if (lios->c_lflag & LINUX_ICANON)
609 		bios->c_lflag |= ICANON;
610 	if (lios->c_lflag & LINUX_ECHO)
611 		bios->c_lflag |= ECHO;
612 	if (lios->c_lflag & LINUX_ECHOE)
613 		bios->c_lflag |= ECHOE;
614 	if (lios->c_lflag & LINUX_ECHOK)
615 		bios->c_lflag |= ECHOK;
616 	if (lios->c_lflag & LINUX_ECHONL)
617 		bios->c_lflag |= ECHONL;
618 	if (lios->c_lflag & LINUX_NOFLSH)
619 		bios->c_lflag |= NOFLSH;
620 	if (lios->c_lflag & LINUX_TOSTOP)
621 		bios->c_lflag |= TOSTOP;
622 	if (lios->c_lflag & LINUX_ECHOCTL)
623 		bios->c_lflag |= ECHOCTL;
624 	if (lios->c_lflag & LINUX_ECHOPRT)
625 		bios->c_lflag |= ECHOPRT;
626 	if (lios->c_lflag & LINUX_ECHOKE)
627 		bios->c_lflag |= ECHOKE;
628 	if (lios->c_lflag & LINUX_FLUSHO)
629 		bios->c_lflag |= FLUSHO;
630 	if (lios->c_lflag & LINUX_PENDIN)
631 		bios->c_lflag |= PENDIN;
632 	if (lios->c_lflag & LINUX_IEXTEN)
633 		bios->c_lflag |= IEXTEN;
634 
635 	for (i=0; i<NCCS; i++)
636 		bios->c_cc[i] = _POSIX_VDISABLE;
637 	bios->c_cc[VINTR] = lios->c_cc[LINUX_VINTR];
638 	bios->c_cc[VQUIT] = lios->c_cc[LINUX_VQUIT];
639 	bios->c_cc[VERASE] = lios->c_cc[LINUX_VERASE];
640 	bios->c_cc[VKILL] = lios->c_cc[LINUX_VKILL];
641 	bios->c_cc[VEOF] = lios->c_cc[LINUX_VEOF];
642 	bios->c_cc[VEOL] = lios->c_cc[LINUX_VEOL];
643 	bios->c_cc[VMIN] = lios->c_cc[LINUX_VMIN];
644 	bios->c_cc[VTIME] = lios->c_cc[LINUX_VTIME];
645 	bios->c_cc[VEOL2] = lios->c_cc[LINUX_VEOL2];
646 	bios->c_cc[VSUSP] = lios->c_cc[LINUX_VSUSP];
647 	bios->c_cc[VSTART] = lios->c_cc[LINUX_VSTART];
648 	bios->c_cc[VSTOP] = lios->c_cc[LINUX_VSTOP];
649 	bios->c_cc[VREPRINT] = lios->c_cc[LINUX_VREPRINT];
650 	bios->c_cc[VDISCARD] = lios->c_cc[LINUX_VDISCARD];
651 	bios->c_cc[VWERASE] = lios->c_cc[LINUX_VWERASE];
652 	bios->c_cc[VLNEXT] = lios->c_cc[LINUX_VLNEXT];
653 	if (linux_preserve_vstatus)
654 		bios->c_cc[VSTATUS] = lios->c_cc[LINUX_VSTATUS];
655 
656 	for (i=0; i<NCCS; i++) {
657 		if (i != VMIN && i != VTIME &&
658 		    bios->c_cc[i] == LINUX_POSIX_VDISABLE)
659 			bios->c_cc[i] = _POSIX_VDISABLE;
660 	}
661 
662 	bios->c_ispeed = bios->c_ospeed =
663 	    linux_to_bsd_speed(lios->c_cflag & LINUX_CBAUD, sptab);
664 }
665 
666 static void
bsd_to_linux_termio(struct termios * bios,struct linux_termio * lio)667 bsd_to_linux_termio(struct termios *bios, struct linux_termio *lio)
668 {
669 	struct linux_termios lios;
670 
671 	memset(lio, 0, sizeof(*lio));
672 	bsd_to_linux_termios(bios, &lios);
673 	lio->c_iflag = lios.c_iflag;
674 	lio->c_oflag = lios.c_oflag;
675 	lio->c_cflag = lios.c_cflag;
676 	lio->c_lflag = lios.c_lflag;
677 	lio->c_line  = lios.c_line;
678 	memcpy(lio->c_cc, lios.c_cc, LINUX_NCC);
679 }
680 
681 static void
linux_to_bsd_termio(struct linux_termio * lio,struct termios * bios)682 linux_to_bsd_termio(struct linux_termio *lio, struct termios *bios)
683 {
684 	struct linux_termios lios;
685 	int i;
686 
687 	lios.c_iflag = lio->c_iflag;
688 	lios.c_oflag = lio->c_oflag;
689 	lios.c_cflag = lio->c_cflag;
690 	lios.c_lflag = lio->c_lflag;
691 	for (i=LINUX_NCC; i<LINUX_NCCS; i++)
692 		lios.c_cc[i] = LINUX_POSIX_VDISABLE;
693 	memcpy(lios.c_cc, lio->c_cc, LINUX_NCC);
694 	linux_to_bsd_termios(&lios, bios);
695 }
696 
697 static int
linux_ioctl_termio(struct thread * td,struct linux_ioctl_args * args)698 linux_ioctl_termio(struct thread *td, struct linux_ioctl_args *args)
699 {
700 	struct termios bios;
701 	struct linux_termios lios;
702 	struct linux_termio lio;
703 	struct file *fp;
704 	int error;
705 
706 	error = fget(td, args->fd, &cap_ioctl_rights, &fp);
707 	if (error != 0)
708 		return (error);
709 
710 	switch (args->cmd & 0xffff) {
711 
712 	case LINUX_TCGETS:
713 		error = fo_ioctl(fp, TIOCGETA, (caddr_t)&bios, td->td_ucred,
714 		    td);
715 		if (error)
716 			break;
717 		bsd_to_linux_termios(&bios, &lios);
718 		error = copyout(&lios, (void *)args->arg, sizeof(lios));
719 		break;
720 
721 	case LINUX_TCSETS:
722 		error = copyin((void *)args->arg, &lios, sizeof(lios));
723 		if (error)
724 			break;
725 		linux_to_bsd_termios(&lios, &bios);
726 		error = (fo_ioctl(fp, TIOCSETA, (caddr_t)&bios, td->td_ucred,
727 		    td));
728 		break;
729 
730 	case LINUX_TCSETSW:
731 		error = copyin((void *)args->arg, &lios, sizeof(lios));
732 		if (error)
733 			break;
734 		linux_to_bsd_termios(&lios, &bios);
735 		error = (fo_ioctl(fp, TIOCSETAW, (caddr_t)&bios, td->td_ucred,
736 		    td));
737 		break;
738 
739 	case LINUX_TCSETSF:
740 		error = copyin((void *)args->arg, &lios, sizeof(lios));
741 		if (error)
742 			break;
743 		linux_to_bsd_termios(&lios, &bios);
744 		error = (fo_ioctl(fp, TIOCSETAF, (caddr_t)&bios, td->td_ucred,
745 		    td));
746 		break;
747 
748 	case LINUX_TCGETA:
749 		error = fo_ioctl(fp, TIOCGETA, (caddr_t)&bios, td->td_ucred,
750 		    td);
751 		if (error)
752 			break;
753 		bsd_to_linux_termio(&bios, &lio);
754 		error = (copyout(&lio, (void *)args->arg, sizeof(lio)));
755 		break;
756 
757 	case LINUX_TCSETA:
758 		error = copyin((void *)args->arg, &lio, sizeof(lio));
759 		if (error)
760 			break;
761 		linux_to_bsd_termio(&lio, &bios);
762 		error = (fo_ioctl(fp, TIOCSETA, (caddr_t)&bios, td->td_ucred,
763 		    td));
764 		break;
765 
766 	case LINUX_TCSETAW:
767 		error = copyin((void *)args->arg, &lio, sizeof(lio));
768 		if (error)
769 			break;
770 		linux_to_bsd_termio(&lio, &bios);
771 		error = (fo_ioctl(fp, TIOCSETAW, (caddr_t)&bios, td->td_ucred,
772 		    td));
773 		break;
774 
775 	case LINUX_TCSETAF:
776 		error = copyin((void *)args->arg, &lio, sizeof(lio));
777 		if (error)
778 			break;
779 		linux_to_bsd_termio(&lio, &bios);
780 		error = (fo_ioctl(fp, TIOCSETAF, (caddr_t)&bios, td->td_ucred,
781 		    td));
782 		break;
783 
784 	/* LINUX_TCSBRK */
785 
786 	case LINUX_TCXONC: {
787 		switch (args->arg) {
788 		case LINUX_TCOOFF:
789 			args->cmd = TIOCSTOP;
790 			break;
791 		case LINUX_TCOON:
792 			args->cmd = TIOCSTART;
793 			break;
794 		case LINUX_TCIOFF:
795 		case LINUX_TCION: {
796 			int c;
797 			struct write_args wr;
798 			error = fo_ioctl(fp, TIOCGETA, (caddr_t)&bios,
799 			    td->td_ucred, td);
800 			if (error)
801 				break;
802 			fdrop(fp, td);
803 			c = (args->arg == LINUX_TCIOFF) ? VSTOP : VSTART;
804 			c = bios.c_cc[c];
805 			if (c != _POSIX_VDISABLE) {
806 				wr.fd = args->fd;
807 				wr.buf = &c;
808 				wr.nbyte = sizeof(c);
809 				return (sys_write(td, &wr));
810 			} else
811 				return (0);
812 		}
813 		default:
814 			fdrop(fp, td);
815 			return (EINVAL);
816 		}
817 		args->arg = 0;
818 		error = (sys_ioctl(td, (struct ioctl_args *)args));
819 		break;
820 	}
821 
822 	case LINUX_TCFLSH: {
823 		int val;
824 		switch (args->arg) {
825 		case LINUX_TCIFLUSH:
826 			val = FREAD;
827 			break;
828 		case LINUX_TCOFLUSH:
829 			val = FWRITE;
830 			break;
831 		case LINUX_TCIOFLUSH:
832 			val = FREAD | FWRITE;
833 			break;
834 		default:
835 			fdrop(fp, td);
836 			return (EINVAL);
837 		}
838 		error = (fo_ioctl(fp,TIOCFLUSH,(caddr_t)&val,td->td_ucred,td));
839 		break;
840 	}
841 
842 	case LINUX_TIOCEXCL:
843 		args->cmd = TIOCEXCL;
844 		error = (sys_ioctl(td, (struct ioctl_args *)args));
845 		break;
846 
847 	case LINUX_TIOCNXCL:
848 		args->cmd = TIOCNXCL;
849 		error = (sys_ioctl(td, (struct ioctl_args *)args));
850 		break;
851 
852 	case LINUX_TIOCSCTTY:
853 		args->cmd = TIOCSCTTY;
854 		error = (sys_ioctl(td, (struct ioctl_args *)args));
855 		break;
856 
857 	case LINUX_TIOCGPGRP:
858 		args->cmd = TIOCGPGRP;
859 		error = (sys_ioctl(td, (struct ioctl_args *)args));
860 		break;
861 
862 	case LINUX_TIOCSPGRP:
863 		args->cmd = TIOCSPGRP;
864 		error = (sys_ioctl(td, (struct ioctl_args *)args));
865 		break;
866 
867 	/* LINUX_TIOCOUTQ */
868 	/* LINUX_TIOCSTI */
869 
870 	case LINUX_TIOCGWINSZ:
871 		args->cmd = TIOCGWINSZ;
872 		error = (sys_ioctl(td, (struct ioctl_args *)args));
873 		break;
874 
875 	case LINUX_TIOCSWINSZ:
876 		args->cmd = TIOCSWINSZ;
877 		error = (sys_ioctl(td, (struct ioctl_args *)args));
878 		break;
879 
880 	case LINUX_TIOCMGET:
881 		args->cmd = TIOCMGET;
882 		error = (sys_ioctl(td, (struct ioctl_args *)args));
883 		break;
884 
885 	case LINUX_TIOCMBIS:
886 		args->cmd = TIOCMBIS;
887 		error = (sys_ioctl(td, (struct ioctl_args *)args));
888 		break;
889 
890 	case LINUX_TIOCMBIC:
891 		args->cmd = TIOCMBIC;
892 		error = (sys_ioctl(td, (struct ioctl_args *)args));
893 		break;
894 
895 	case LINUX_TIOCMSET:
896 		args->cmd = TIOCMSET;
897 		error = (sys_ioctl(td, (struct ioctl_args *)args));
898 		break;
899 
900 	/* TIOCGSOFTCAR */
901 	/* TIOCSSOFTCAR */
902 
903 	case LINUX_FIONREAD: /* LINUX_TIOCINQ */
904 		args->cmd = FIONREAD;
905 		error = (sys_ioctl(td, (struct ioctl_args *)args));
906 		break;
907 
908 	/* LINUX_TIOCLINUX */
909 
910 	case LINUX_TIOCCONS:
911 		args->cmd = TIOCCONS;
912 		error = (sys_ioctl(td, (struct ioctl_args *)args));
913 		break;
914 
915 	case LINUX_TIOCGSERIAL: {
916 		struct linux_serial_struct lss;
917 
918 		bzero(&lss, sizeof(lss));
919 		lss.type = LINUX_PORT_16550A;
920 		lss.flags = 0;
921 		lss.close_delay = 0;
922 		error = copyout(&lss, (void *)args->arg, sizeof(lss));
923 		break;
924 	}
925 
926 	case LINUX_TIOCSSERIAL: {
927 		struct linux_serial_struct lss;
928 		error = copyin((void *)args->arg, &lss, sizeof(lss));
929 		if (error)
930 			break;
931 		/* XXX - It really helps to have an implementation that
932 		 * does nothing. NOT!
933 		 */
934 		error = 0;
935 		break;
936 	}
937 
938 	case LINUX_TIOCPKT:
939 		args->cmd = TIOCPKT;
940 		error = (sys_ioctl(td, (struct ioctl_args *)args));
941 		break;
942 
943 	case LINUX_FIONBIO:
944 		args->cmd = FIONBIO;
945 		error = (sys_ioctl(td, (struct ioctl_args *)args));
946 		break;
947 
948 	case LINUX_TIOCNOTTY:
949 		args->cmd = TIOCNOTTY;
950 		error = (sys_ioctl(td, (struct ioctl_args *)args));
951 		break;
952 
953 	case LINUX_TIOCSETD: {
954 		int line;
955 		switch (args->arg) {
956 		case LINUX_N_TTY:
957 			line = TTYDISC;
958 			break;
959 		case LINUX_N_SLIP:
960 			line = SLIPDISC;
961 			break;
962 		case LINUX_N_PPP:
963 			line = PPPDISC;
964 			break;
965 		default:
966 			fdrop(fp, td);
967 			return (EINVAL);
968 		}
969 		error = (fo_ioctl(fp, TIOCSETD, (caddr_t)&line, td->td_ucred,
970 		    td));
971 		break;
972 	}
973 
974 	case LINUX_TIOCGETD: {
975 		int linux_line;
976 		int bsd_line = TTYDISC;
977 		error = fo_ioctl(fp, TIOCGETD, (caddr_t)&bsd_line,
978 		    td->td_ucred, td);
979 		if (error)
980 			break;
981 		switch (bsd_line) {
982 		case TTYDISC:
983 			linux_line = LINUX_N_TTY;
984 			break;
985 		case SLIPDISC:
986 			linux_line = LINUX_N_SLIP;
987 			break;
988 		case PPPDISC:
989 			linux_line = LINUX_N_PPP;
990 			break;
991 		default:
992 			fdrop(fp, td);
993 			return (EINVAL);
994 		}
995 		error = (copyout(&linux_line, (void *)args->arg, sizeof(int)));
996 		break;
997 	}
998 
999 	/* LINUX_TCSBRKP */
1000 	/* LINUX_TIOCTTYGSTRUCT */
1001 
1002 	case LINUX_FIONCLEX:
1003 		args->cmd = FIONCLEX;
1004 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1005 		break;
1006 
1007 	case LINUX_FIOCLEX:
1008 		args->cmd = FIOCLEX;
1009 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1010 		break;
1011 
1012 	case LINUX_FIOASYNC:
1013 		args->cmd = FIOASYNC;
1014 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1015 		break;
1016 
1017 	/* LINUX_TIOCSERCONFIG */
1018 	/* LINUX_TIOCSERGWILD */
1019 	/* LINUX_TIOCSERSWILD */
1020 	/* LINUX_TIOCGLCKTRMIOS */
1021 	/* LINUX_TIOCSLCKTRMIOS */
1022 
1023 	case LINUX_TIOCSBRK:
1024 		args->cmd = TIOCSBRK;
1025 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1026 		break;
1027 
1028 	case LINUX_TIOCCBRK:
1029 		args->cmd = TIOCCBRK;
1030 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1031 		break;
1032 	case LINUX_TIOCGPTN: {
1033 		int nb;
1034 
1035 		error = fo_ioctl(fp, TIOCGPTN, (caddr_t)&nb, td->td_ucred, td);
1036 		if (!error)
1037 			error = copyout(&nb, (void *)args->arg,
1038 			    sizeof(int));
1039 		break;
1040 	}
1041 	case LINUX_TIOCSPTLCK:
1042 		/* Our unlockpt() does nothing. */
1043 		error = 0;
1044 		break;
1045 	default:
1046 		error = ENOIOCTL;
1047 		break;
1048 	}
1049 
1050 	fdrop(fp, td);
1051 	return (error);
1052 }
1053 
1054 /*
1055  * CDROM related ioctls
1056  */
1057 
1058 struct linux_cdrom_msf
1059 {
1060 	u_char	cdmsf_min0;
1061 	u_char	cdmsf_sec0;
1062 	u_char	cdmsf_frame0;
1063 	u_char	cdmsf_min1;
1064 	u_char	cdmsf_sec1;
1065 	u_char	cdmsf_frame1;
1066 };
1067 
1068 struct linux_cdrom_tochdr
1069 {
1070 	u_char	cdth_trk0;
1071 	u_char	cdth_trk1;
1072 };
1073 
1074 union linux_cdrom_addr
1075 {
1076 	struct {
1077 		u_char	minute;
1078 		u_char	second;
1079 		u_char	frame;
1080 	} msf;
1081 	int	lba;
1082 };
1083 
1084 struct linux_cdrom_tocentry
1085 {
1086 	u_char	cdte_track;
1087 	u_char	cdte_adr:4;
1088 	u_char	cdte_ctrl:4;
1089 	u_char	cdte_format;
1090 	union linux_cdrom_addr cdte_addr;
1091 	u_char	cdte_datamode;
1092 };
1093 
1094 struct linux_cdrom_subchnl
1095 {
1096 	u_char	cdsc_format;
1097 	u_char	cdsc_audiostatus;
1098 	u_char	cdsc_adr:4;
1099 	u_char	cdsc_ctrl:4;
1100 	u_char	cdsc_trk;
1101 	u_char	cdsc_ind;
1102 	union linux_cdrom_addr cdsc_absaddr;
1103 	union linux_cdrom_addr cdsc_reladdr;
1104 };
1105 
1106 struct l_cdrom_read_audio {
1107 	union linux_cdrom_addr addr;
1108 	u_char		addr_format;
1109 	l_int		nframes;
1110 	u_char		*buf;
1111 };
1112 
1113 struct l_dvd_layer {
1114 	u_char		book_version:4;
1115 	u_char		book_type:4;
1116 	u_char		min_rate:4;
1117 	u_char		disc_size:4;
1118 	u_char		layer_type:4;
1119 	u_char		track_path:1;
1120 	u_char		nlayers:2;
1121 	u_char		track_density:4;
1122 	u_char		linear_density:4;
1123 	u_char		bca:1;
1124 	u_int32_t	start_sector;
1125 	u_int32_t	end_sector;
1126 	u_int32_t	end_sector_l0;
1127 };
1128 
1129 struct l_dvd_physical {
1130 	u_char		type;
1131 	u_char		layer_num;
1132 	struct l_dvd_layer layer[4];
1133 };
1134 
1135 struct l_dvd_copyright {
1136 	u_char		type;
1137 	u_char		layer_num;
1138 	u_char		cpst;
1139 	u_char		rmi;
1140 };
1141 
1142 struct l_dvd_disckey {
1143 	u_char		type;
1144 	l_uint		agid:2;
1145 	u_char		value[2048];
1146 };
1147 
1148 struct l_dvd_bca {
1149 	u_char		type;
1150 	l_int		len;
1151 	u_char		value[188];
1152 };
1153 
1154 struct l_dvd_manufact {
1155 	u_char		type;
1156 	u_char		layer_num;
1157 	l_int		len;
1158 	u_char		value[2048];
1159 };
1160 
1161 typedef union {
1162 	u_char			type;
1163 	struct l_dvd_physical	physical;
1164 	struct l_dvd_copyright	copyright;
1165 	struct l_dvd_disckey	disckey;
1166 	struct l_dvd_bca	bca;
1167 	struct l_dvd_manufact	manufact;
1168 } l_dvd_struct;
1169 
1170 typedef u_char l_dvd_key[5];
1171 typedef u_char l_dvd_challenge[10];
1172 
1173 struct l_dvd_lu_send_agid {
1174 	u_char		type;
1175 	l_uint		agid:2;
1176 };
1177 
1178 struct l_dvd_host_send_challenge {
1179 	u_char		type;
1180 	l_uint		agid:2;
1181 	l_dvd_challenge	chal;
1182 };
1183 
1184 struct l_dvd_send_key {
1185 	u_char		type;
1186 	l_uint		agid:2;
1187 	l_dvd_key	key;
1188 };
1189 
1190 struct l_dvd_lu_send_challenge {
1191 	u_char		type;
1192 	l_uint		agid:2;
1193 	l_dvd_challenge	chal;
1194 };
1195 
1196 struct l_dvd_lu_send_title_key {
1197 	u_char		type;
1198 	l_uint		agid:2;
1199 	l_dvd_key	title_key;
1200 	l_int		lba;
1201 	l_uint		cpm:1;
1202 	l_uint		cp_sec:1;
1203 	l_uint		cgms:2;
1204 };
1205 
1206 struct l_dvd_lu_send_asf {
1207 	u_char		type;
1208 	l_uint		agid:2;
1209 	l_uint		asf:1;
1210 };
1211 
1212 struct l_dvd_host_send_rpcstate {
1213 	u_char		type;
1214 	u_char		pdrc;
1215 };
1216 
1217 struct l_dvd_lu_send_rpcstate {
1218 	u_char		type:2;
1219 	u_char		vra:3;
1220 	u_char		ucca:3;
1221 	u_char		region_mask;
1222 	u_char		rpc_scheme;
1223 };
1224 
1225 typedef union {
1226 	u_char				type;
1227 	struct l_dvd_lu_send_agid	lsa;
1228 	struct l_dvd_host_send_challenge hsc;
1229 	struct l_dvd_send_key		lsk;
1230 	struct l_dvd_lu_send_challenge	lsc;
1231 	struct l_dvd_send_key		hsk;
1232 	struct l_dvd_lu_send_title_key	lstk;
1233 	struct l_dvd_lu_send_asf	lsasf;
1234 	struct l_dvd_host_send_rpcstate	hrpcs;
1235 	struct l_dvd_lu_send_rpcstate	lrpcs;
1236 } l_dvd_authinfo;
1237 
1238 static void
bsd_to_linux_msf_lba(u_char af,union msf_lba * bp,union linux_cdrom_addr * lp)1239 bsd_to_linux_msf_lba(u_char af, union msf_lba *bp, union linux_cdrom_addr *lp)
1240 {
1241 	if (af == CD_LBA_FORMAT)
1242 		lp->lba = bp->lba;
1243 	else {
1244 		lp->msf.minute = bp->msf.minute;
1245 		lp->msf.second = bp->msf.second;
1246 		lp->msf.frame = bp->msf.frame;
1247 	}
1248 }
1249 
1250 static void
set_linux_cdrom_addr(union linux_cdrom_addr * addr,int format,int lba)1251 set_linux_cdrom_addr(union linux_cdrom_addr *addr, int format, int lba)
1252 {
1253 	if (format == LINUX_CDROM_MSF) {
1254 		addr->msf.frame = lba % 75;
1255 		lba /= 75;
1256 		lba += 2;
1257 		addr->msf.second = lba % 60;
1258 		addr->msf.minute = lba / 60;
1259 	} else
1260 		addr->lba = lba;
1261 }
1262 
1263 static int
linux_to_bsd_dvd_struct(l_dvd_struct * lp,struct dvd_struct * bp)1264 linux_to_bsd_dvd_struct(l_dvd_struct *lp, struct dvd_struct *bp)
1265 {
1266 	bp->format = lp->type;
1267 	switch (bp->format) {
1268 	case DVD_STRUCT_PHYSICAL:
1269 		if (bp->layer_num >= 4)
1270 			return (EINVAL);
1271 		bp->layer_num = lp->physical.layer_num;
1272 		break;
1273 	case DVD_STRUCT_COPYRIGHT:
1274 		bp->layer_num = lp->copyright.layer_num;
1275 		break;
1276 	case DVD_STRUCT_DISCKEY:
1277 		bp->agid = lp->disckey.agid;
1278 		break;
1279 	case DVD_STRUCT_BCA:
1280 	case DVD_STRUCT_MANUFACT:
1281 		break;
1282 	default:
1283 		return (EINVAL);
1284 	}
1285 	return (0);
1286 }
1287 
1288 static int
bsd_to_linux_dvd_struct(struct dvd_struct * bp,l_dvd_struct * lp)1289 bsd_to_linux_dvd_struct(struct dvd_struct *bp, l_dvd_struct *lp)
1290 {
1291 	switch (bp->format) {
1292 	case DVD_STRUCT_PHYSICAL: {
1293 		struct dvd_layer *blp = (struct dvd_layer *)bp->data;
1294 		struct l_dvd_layer *llp = &lp->physical.layer[bp->layer_num];
1295 		memset(llp, 0, sizeof(*llp));
1296 		llp->book_version = blp->book_version;
1297 		llp->book_type = blp->book_type;
1298 		llp->min_rate = blp->max_rate;
1299 		llp->disc_size = blp->disc_size;
1300 		llp->layer_type = blp->layer_type;
1301 		llp->track_path = blp->track_path;
1302 		llp->nlayers = blp->nlayers;
1303 		llp->track_density = blp->track_density;
1304 		llp->linear_density = blp->linear_density;
1305 		llp->bca = blp->bca;
1306 		llp->start_sector = blp->start_sector;
1307 		llp->end_sector = blp->end_sector;
1308 		llp->end_sector_l0 = blp->end_sector_l0;
1309 		break;
1310 	}
1311 	case DVD_STRUCT_COPYRIGHT:
1312 		lp->copyright.cpst = bp->cpst;
1313 		lp->copyright.rmi = bp->rmi;
1314 		break;
1315 	case DVD_STRUCT_DISCKEY:
1316 		memcpy(lp->disckey.value, bp->data, sizeof(lp->disckey.value));
1317 		break;
1318 	case DVD_STRUCT_BCA:
1319 		lp->bca.len = bp->length;
1320 		memcpy(lp->bca.value, bp->data, sizeof(lp->bca.value));
1321 		break;
1322 	case DVD_STRUCT_MANUFACT:
1323 		lp->manufact.len = bp->length;
1324 		memcpy(lp->manufact.value, bp->data,
1325 		    sizeof(lp->manufact.value));
1326 		/* lp->manufact.layer_num is unused in Linux (redhat 7.0). */
1327 		break;
1328 	default:
1329 		return (EINVAL);
1330 	}
1331 	return (0);
1332 }
1333 
1334 static int
linux_to_bsd_dvd_authinfo(l_dvd_authinfo * lp,int * bcode,struct dvd_authinfo * bp)1335 linux_to_bsd_dvd_authinfo(l_dvd_authinfo *lp, int *bcode,
1336     struct dvd_authinfo *bp)
1337 {
1338 	switch (lp->type) {
1339 	case LINUX_DVD_LU_SEND_AGID:
1340 		*bcode = DVDIOCREPORTKEY;
1341 		bp->format = DVD_REPORT_AGID;
1342 		bp->agid = lp->lsa.agid;
1343 		break;
1344 	case LINUX_DVD_HOST_SEND_CHALLENGE:
1345 		*bcode = DVDIOCSENDKEY;
1346 		bp->format = DVD_SEND_CHALLENGE;
1347 		bp->agid = lp->hsc.agid;
1348 		memcpy(bp->keychal, lp->hsc.chal, 10);
1349 		break;
1350 	case LINUX_DVD_LU_SEND_KEY1:
1351 		*bcode = DVDIOCREPORTKEY;
1352 		bp->format = DVD_REPORT_KEY1;
1353 		bp->agid = lp->lsk.agid;
1354 		break;
1355 	case LINUX_DVD_LU_SEND_CHALLENGE:
1356 		*bcode = DVDIOCREPORTKEY;
1357 		bp->format = DVD_REPORT_CHALLENGE;
1358 		bp->agid = lp->lsc.agid;
1359 		break;
1360 	case LINUX_DVD_HOST_SEND_KEY2:
1361 		*bcode = DVDIOCSENDKEY;
1362 		bp->format = DVD_SEND_KEY2;
1363 		bp->agid = lp->hsk.agid;
1364 		memcpy(bp->keychal, lp->hsk.key, 5);
1365 		break;
1366 	case LINUX_DVD_LU_SEND_TITLE_KEY:
1367 		*bcode = DVDIOCREPORTKEY;
1368 		bp->format = DVD_REPORT_TITLE_KEY;
1369 		bp->agid = lp->lstk.agid;
1370 		bp->lba = lp->lstk.lba;
1371 		break;
1372 	case LINUX_DVD_LU_SEND_ASF:
1373 		*bcode = DVDIOCREPORTKEY;
1374 		bp->format = DVD_REPORT_ASF;
1375 		bp->agid = lp->lsasf.agid;
1376 		break;
1377 	case LINUX_DVD_INVALIDATE_AGID:
1378 		*bcode = DVDIOCREPORTKEY;
1379 		bp->format = DVD_INVALIDATE_AGID;
1380 		bp->agid = lp->lsa.agid;
1381 		break;
1382 	case LINUX_DVD_LU_SEND_RPC_STATE:
1383 		*bcode = DVDIOCREPORTKEY;
1384 		bp->format = DVD_REPORT_RPC;
1385 		break;
1386 	case LINUX_DVD_HOST_SEND_RPC_STATE:
1387 		*bcode = DVDIOCSENDKEY;
1388 		bp->format = DVD_SEND_RPC;
1389 		bp->region = lp->hrpcs.pdrc;
1390 		break;
1391 	default:
1392 		return (EINVAL);
1393 	}
1394 	return (0);
1395 }
1396 
1397 static int
bsd_to_linux_dvd_authinfo(struct dvd_authinfo * bp,l_dvd_authinfo * lp)1398 bsd_to_linux_dvd_authinfo(struct dvd_authinfo *bp, l_dvd_authinfo *lp)
1399 {
1400 	switch (lp->type) {
1401 	case LINUX_DVD_LU_SEND_AGID:
1402 		lp->lsa.agid = bp->agid;
1403 		break;
1404 	case LINUX_DVD_HOST_SEND_CHALLENGE:
1405 		lp->type = LINUX_DVD_LU_SEND_KEY1;
1406 		break;
1407 	case LINUX_DVD_LU_SEND_KEY1:
1408 		memcpy(lp->lsk.key, bp->keychal, sizeof(lp->lsk.key));
1409 		break;
1410 	case LINUX_DVD_LU_SEND_CHALLENGE:
1411 		memcpy(lp->lsc.chal, bp->keychal, sizeof(lp->lsc.chal));
1412 		break;
1413 	case LINUX_DVD_HOST_SEND_KEY2:
1414 		lp->type = LINUX_DVD_AUTH_ESTABLISHED;
1415 		break;
1416 	case LINUX_DVD_LU_SEND_TITLE_KEY:
1417 		memcpy(lp->lstk.title_key, bp->keychal,
1418 		    sizeof(lp->lstk.title_key));
1419 		lp->lstk.cpm = bp->cpm;
1420 		lp->lstk.cp_sec = bp->cp_sec;
1421 		lp->lstk.cgms = bp->cgms;
1422 		break;
1423 	case LINUX_DVD_LU_SEND_ASF:
1424 		lp->lsasf.asf = bp->asf;
1425 		break;
1426 	case LINUX_DVD_INVALIDATE_AGID:
1427 		break;
1428 	case LINUX_DVD_LU_SEND_RPC_STATE:
1429 		lp->lrpcs.type = bp->reg_type;
1430 		lp->lrpcs.vra = bp->vend_rsts;
1431 		lp->lrpcs.ucca = bp->user_rsts;
1432 		lp->lrpcs.region_mask = bp->region;
1433 		lp->lrpcs.rpc_scheme = bp->rpc_scheme;
1434 		break;
1435 	case LINUX_DVD_HOST_SEND_RPC_STATE:
1436 		break;
1437 	default:
1438 		return (EINVAL);
1439 	}
1440 	return (0);
1441 }
1442 
1443 static int
linux_ioctl_cdrom(struct thread * td,struct linux_ioctl_args * args)1444 linux_ioctl_cdrom(struct thread *td, struct linux_ioctl_args *args)
1445 {
1446 	struct file *fp;
1447 	int error;
1448 
1449 	error = fget(td, args->fd, &cap_ioctl_rights, &fp);
1450 	if (error != 0)
1451 		return (error);
1452 	switch (args->cmd & 0xffff) {
1453 
1454 	case LINUX_CDROMPAUSE:
1455 		args->cmd = CDIOCPAUSE;
1456 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1457 		break;
1458 
1459 	case LINUX_CDROMRESUME:
1460 		args->cmd = CDIOCRESUME;
1461 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1462 		break;
1463 
1464 	case LINUX_CDROMPLAYMSF:
1465 		args->cmd = CDIOCPLAYMSF;
1466 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1467 		break;
1468 
1469 	case LINUX_CDROMPLAYTRKIND:
1470 		args->cmd = CDIOCPLAYTRACKS;
1471 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1472 		break;
1473 
1474 	case LINUX_CDROMREADTOCHDR: {
1475 		struct ioc_toc_header th;
1476 		struct linux_cdrom_tochdr lth;
1477 		error = fo_ioctl(fp, CDIOREADTOCHEADER, (caddr_t)&th,
1478 		    td->td_ucred, td);
1479 		if (!error) {
1480 			lth.cdth_trk0 = th.starting_track;
1481 			lth.cdth_trk1 = th.ending_track;
1482 			copyout(&lth, (void *)args->arg, sizeof(lth));
1483 		}
1484 		break;
1485 	}
1486 
1487 	case LINUX_CDROMREADTOCENTRY: {
1488 		struct linux_cdrom_tocentry lte;
1489 		struct ioc_read_toc_single_entry irtse;
1490 
1491 		error = copyin((void *)args->arg, &lte, sizeof(lte));
1492 		if (error)
1493 			break;
1494 		irtse.address_format = lte.cdte_format;
1495 		irtse.track = lte.cdte_track;
1496 		error = fo_ioctl(fp, CDIOREADTOCENTRY, (caddr_t)&irtse,
1497 		    td->td_ucred, td);
1498 		if (!error) {
1499 			lte.cdte_ctrl = irtse.entry.control;
1500 			lte.cdte_adr = irtse.entry.addr_type;
1501 			bsd_to_linux_msf_lba(irtse.address_format,
1502 			    &irtse.entry.addr, &lte.cdte_addr);
1503 			error = copyout(&lte, (void *)args->arg, sizeof(lte));
1504 		}
1505 		break;
1506 	}
1507 
1508 	case LINUX_CDROMSTOP:
1509 		args->cmd = CDIOCSTOP;
1510 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1511 		break;
1512 
1513 	case LINUX_CDROMSTART:
1514 		args->cmd = CDIOCSTART;
1515 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1516 		break;
1517 
1518 	case LINUX_CDROMEJECT:
1519 		args->cmd = CDIOCEJECT;
1520 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1521 		break;
1522 
1523 	/* LINUX_CDROMVOLCTRL */
1524 
1525 	case LINUX_CDROMSUBCHNL: {
1526 		struct linux_cdrom_subchnl sc;
1527 		struct ioc_read_subchannel bsdsc;
1528 		struct cd_sub_channel_info bsdinfo;
1529 
1530 		error = copyin((void *)args->arg, &sc, sizeof(sc));
1531 		if (error)
1532 			break;
1533 
1534 		/*
1535 		 * Invoke the native ioctl and bounce the returned data through
1536 		 * the userspace buffer.  This works because the Linux structure
1537 		 * is the same size as our structures for the subchannel header
1538 		 * and position data.
1539 		 */
1540 		bsdsc.address_format = CD_LBA_FORMAT;
1541 		bsdsc.data_format = CD_CURRENT_POSITION;
1542 		bsdsc.track = 0;
1543 		bsdsc.data_len = sizeof(sc);
1544 		bsdsc.data = (void *)args->arg;
1545 		error = fo_ioctl(fp, CDIOCREADSUBCHANNEL, (caddr_t)&bsdsc,
1546 		    td->td_ucred, td);
1547 		if (error)
1548 			break;
1549 		error = copyin((void *)args->arg, &bsdinfo, sizeof(bsdinfo));
1550 		if (error)
1551 			break;
1552 		sc.cdsc_audiostatus = bsdinfo.header.audio_status;
1553 		sc.cdsc_adr = bsdinfo.what.position.addr_type;
1554 		sc.cdsc_ctrl = bsdinfo.what.position.control;
1555 		sc.cdsc_trk = bsdinfo.what.position.track_number;
1556 		sc.cdsc_ind = bsdinfo.what.position.index_number;
1557 		set_linux_cdrom_addr(&sc.cdsc_absaddr, sc.cdsc_format,
1558 		    bsdinfo.what.position.absaddr.lba);
1559 		set_linux_cdrom_addr(&sc.cdsc_reladdr, sc.cdsc_format,
1560 		    bsdinfo.what.position.reladdr.lba);
1561 		error = copyout(&sc, (void *)args->arg, sizeof(sc));
1562 		break;
1563 	}
1564 
1565 	/* LINUX_CDROMREADMODE2 */
1566 	/* LINUX_CDROMREADMODE1 */
1567 	/* LINUX_CDROMREADAUDIO */
1568 	/* LINUX_CDROMEJECT_SW */
1569 	/* LINUX_CDROMMULTISESSION */
1570 	/* LINUX_CDROM_GET_UPC */
1571 
1572 	case LINUX_CDROMRESET:
1573 		args->cmd = CDIOCRESET;
1574 		error = (sys_ioctl(td, (struct ioctl_args *)args));
1575 		break;
1576 
1577 	/* LINUX_CDROMVOLREAD */
1578 	/* LINUX_CDROMREADRAW */
1579 	/* LINUX_CDROMREADCOOKED */
1580 	/* LINUX_CDROMSEEK */
1581 	/* LINUX_CDROMPLAYBLK */
1582 	/* LINUX_CDROMREADALL */
1583 	/* LINUX_CDROMCLOSETRAY */
1584 	/* LINUX_CDROMLOADFROMSLOT */
1585 	/* LINUX_CDROMGETSPINDOWN */
1586 	/* LINUX_CDROMSETSPINDOWN */
1587 	/* LINUX_CDROM_SET_OPTIONS */
1588 	/* LINUX_CDROM_CLEAR_OPTIONS */
1589 	/* LINUX_CDROM_SELECT_SPEED */
1590 	/* LINUX_CDROM_SELECT_DISC */
1591 	/* LINUX_CDROM_MEDIA_CHANGED */
1592 	/* LINUX_CDROM_DRIVE_STATUS */
1593 	/* LINUX_CDROM_DISC_STATUS */
1594 	/* LINUX_CDROM_CHANGER_NSLOTS */
1595 	/* LINUX_CDROM_LOCKDOOR */
1596 	/* LINUX_CDROM_DEBUG */
1597 	/* LINUX_CDROM_GET_CAPABILITY */
1598 	/* LINUX_CDROMAUDIOBUFSIZ */
1599 
1600 	case LINUX_DVD_READ_STRUCT: {
1601 		l_dvd_struct *lds;
1602 		struct dvd_struct *bds;
1603 
1604 		lds = malloc(sizeof(*lds), M_LINUX, M_WAITOK);
1605 		bds = malloc(sizeof(*bds), M_LINUX, M_WAITOK);
1606 		error = copyin((void *)args->arg, lds, sizeof(*lds));
1607 		if (error)
1608 			goto out;
1609 		error = linux_to_bsd_dvd_struct(lds, bds);
1610 		if (error)
1611 			goto out;
1612 		error = fo_ioctl(fp, DVDIOCREADSTRUCTURE, (caddr_t)bds,
1613 		    td->td_ucred, td);
1614 		if (error)
1615 			goto out;
1616 		error = bsd_to_linux_dvd_struct(bds, lds);
1617 		if (error)
1618 			goto out;
1619 		error = copyout(lds, (void *)args->arg, sizeof(*lds));
1620 	out:
1621 		free(bds, M_LINUX);
1622 		free(lds, M_LINUX);
1623 		break;
1624 	}
1625 
1626 	/* LINUX_DVD_WRITE_STRUCT */
1627 
1628 	case LINUX_DVD_AUTH: {
1629 		l_dvd_authinfo lda;
1630 		struct dvd_authinfo bda;
1631 		int bcode;
1632 
1633 		error = copyin((void *)args->arg, &lda, sizeof(lda));
1634 		if (error)
1635 			break;
1636 		error = linux_to_bsd_dvd_authinfo(&lda, &bcode, &bda);
1637 		if (error)
1638 			break;
1639 		error = fo_ioctl(fp, bcode, (caddr_t)&bda, td->td_ucred,
1640 		    td);
1641 		if (error) {
1642 			if (lda.type == LINUX_DVD_HOST_SEND_KEY2) {
1643 				lda.type = LINUX_DVD_AUTH_FAILURE;
1644 				copyout(&lda, (void *)args->arg, sizeof(lda));
1645 			}
1646 			break;
1647 		}
1648 		error = bsd_to_linux_dvd_authinfo(&bda, &lda);
1649 		if (error)
1650 			break;
1651 		error = copyout(&lda, (void *)args->arg, sizeof(lda));
1652 		break;
1653 	}
1654 
1655 	case LINUX_SCSI_GET_BUS_NUMBER:
1656 	{
1657 		struct sg_scsi_id id;
1658 
1659 		error = fo_ioctl(fp, SG_GET_SCSI_ID, (caddr_t)&id,
1660 		    td->td_ucred, td);
1661 		if (error)
1662 			break;
1663 		error = copyout(&id.channel, (void *)args->arg, sizeof(int));
1664 		break;
1665 	}
1666 
1667 	case LINUX_SCSI_GET_IDLUN:
1668 	{
1669 		struct sg_scsi_id id;
1670 		struct scsi_idlun idl;
1671 
1672 		error = fo_ioctl(fp, SG_GET_SCSI_ID, (caddr_t)&id,
1673 		    td->td_ucred, td);
1674 		if (error)
1675 			break;
1676 		idl.dev_id = (id.scsi_id & 0xff) + ((id.lun & 0xff) << 8) +
1677 		    ((id.channel & 0xff) << 16) + ((id.host_no & 0xff) << 24);
1678 		idl.host_unique_id = id.host_no;
1679 		error = copyout(&idl, (void *)args->arg, sizeof(idl));
1680 		break;
1681 	}
1682 
1683 	/* LINUX_CDROM_SEND_PACKET */
1684 	/* LINUX_CDROM_NEXT_WRITABLE */
1685 	/* LINUX_CDROM_LAST_WRITTEN */
1686 
1687 	default:
1688 		error = ENOIOCTL;
1689 		break;
1690 	}
1691 
1692 	fdrop(fp, td);
1693 	return (error);
1694 }
1695 
1696 static int
linux_ioctl_vfat(struct thread * td,struct linux_ioctl_args * args)1697 linux_ioctl_vfat(struct thread *td, struct linux_ioctl_args *args)
1698 {
1699 
1700 	return (ENOTTY);
1701 }
1702 
1703 /*
1704  * Sound related ioctls
1705  */
1706 
1707 struct linux_old_mixer_info {
1708 	char	id[16];
1709 	char	name[32];
1710 };
1711 
1712 static u_int32_t dirbits[4] = { IOC_VOID, IOC_IN, IOC_OUT, IOC_INOUT };
1713 
1714 #define	SETDIR(c)	(((c) & ~IOC_DIRMASK) | dirbits[args->cmd >> 30])
1715 
1716 static int
linux_ioctl_sound(struct thread * td,struct linux_ioctl_args * args)1717 linux_ioctl_sound(struct thread *td, struct linux_ioctl_args *args)
1718 {
1719 
1720 	switch (args->cmd & 0xffff) {
1721 
1722 	case LINUX_SOUND_MIXER_WRITE_VOLUME:
1723 		args->cmd = SETDIR(SOUND_MIXER_WRITE_VOLUME);
1724 		return (sys_ioctl(td, (struct ioctl_args *)args));
1725 
1726 	case LINUX_SOUND_MIXER_WRITE_BASS:
1727 		args->cmd = SETDIR(SOUND_MIXER_WRITE_BASS);
1728 		return (sys_ioctl(td, (struct ioctl_args *)args));
1729 
1730 	case LINUX_SOUND_MIXER_WRITE_TREBLE:
1731 		args->cmd = SETDIR(SOUND_MIXER_WRITE_TREBLE);
1732 		return (sys_ioctl(td, (struct ioctl_args *)args));
1733 
1734 	case LINUX_SOUND_MIXER_WRITE_SYNTH:
1735 		args->cmd = SETDIR(SOUND_MIXER_WRITE_SYNTH);
1736 		return (sys_ioctl(td, (struct ioctl_args *)args));
1737 
1738 	case LINUX_SOUND_MIXER_WRITE_PCM:
1739 		args->cmd = SETDIR(SOUND_MIXER_WRITE_PCM);
1740 		return (sys_ioctl(td, (struct ioctl_args *)args));
1741 
1742 	case LINUX_SOUND_MIXER_WRITE_SPEAKER:
1743 		args->cmd = SETDIR(SOUND_MIXER_WRITE_SPEAKER);
1744 		return (sys_ioctl(td, (struct ioctl_args *)args));
1745 
1746 	case LINUX_SOUND_MIXER_WRITE_LINE:
1747 		args->cmd = SETDIR(SOUND_MIXER_WRITE_LINE);
1748 		return (sys_ioctl(td, (struct ioctl_args *)args));
1749 
1750 	case LINUX_SOUND_MIXER_WRITE_MIC:
1751 		args->cmd = SETDIR(SOUND_MIXER_WRITE_MIC);
1752 		return (sys_ioctl(td, (struct ioctl_args *)args));
1753 
1754 	case LINUX_SOUND_MIXER_WRITE_CD:
1755 		args->cmd = SETDIR(SOUND_MIXER_WRITE_CD);
1756 		return (sys_ioctl(td, (struct ioctl_args *)args));
1757 
1758 	case LINUX_SOUND_MIXER_WRITE_IMIX:
1759 		args->cmd = SETDIR(SOUND_MIXER_WRITE_IMIX);
1760 		return (sys_ioctl(td, (struct ioctl_args *)args));
1761 
1762 	case LINUX_SOUND_MIXER_WRITE_ALTPCM:
1763 		args->cmd = SETDIR(SOUND_MIXER_WRITE_ALTPCM);
1764 		return (sys_ioctl(td, (struct ioctl_args *)args));
1765 
1766 	case LINUX_SOUND_MIXER_WRITE_RECLEV:
1767 		args->cmd = SETDIR(SOUND_MIXER_WRITE_RECLEV);
1768 		return (sys_ioctl(td, (struct ioctl_args *)args));
1769 
1770 	case LINUX_SOUND_MIXER_WRITE_IGAIN:
1771 		args->cmd = SETDIR(SOUND_MIXER_WRITE_IGAIN);
1772 		return (sys_ioctl(td, (struct ioctl_args *)args));
1773 
1774 	case LINUX_SOUND_MIXER_WRITE_OGAIN:
1775 		args->cmd = SETDIR(SOUND_MIXER_WRITE_OGAIN);
1776 		return (sys_ioctl(td, (struct ioctl_args *)args));
1777 
1778 	case LINUX_SOUND_MIXER_WRITE_LINE1:
1779 		args->cmd = SETDIR(SOUND_MIXER_WRITE_LINE1);
1780 		return (sys_ioctl(td, (struct ioctl_args *)args));
1781 
1782 	case LINUX_SOUND_MIXER_WRITE_LINE2:
1783 		args->cmd = SETDIR(SOUND_MIXER_WRITE_LINE2);
1784 		return (sys_ioctl(td, (struct ioctl_args *)args));
1785 
1786 	case LINUX_SOUND_MIXER_WRITE_LINE3:
1787 		args->cmd = SETDIR(SOUND_MIXER_WRITE_LINE3);
1788 		return (sys_ioctl(td, (struct ioctl_args *)args));
1789 
1790 	case LINUX_SOUND_MIXER_INFO: {
1791 		/* Key on encoded length */
1792 		switch ((args->cmd >> 16) & 0x1fff) {
1793 		case 0x005c: {	/* SOUND_MIXER_INFO */
1794 			args->cmd = SOUND_MIXER_INFO;
1795 			return (sys_ioctl(td, (struct ioctl_args *)args));
1796 		}
1797 		case 0x0030: {	/* SOUND_OLD_MIXER_INFO */
1798 			struct linux_old_mixer_info info;
1799 			bzero(&info, sizeof(info));
1800 			strncpy(info.id, "OSS", sizeof(info.id) - 1);
1801 			strncpy(info.name, "FreeBSD OSS Mixer", sizeof(info.name) - 1);
1802 			copyout(&info, (void *)args->arg, sizeof(info));
1803 			return (0);
1804 		}
1805 		default:
1806 			return (ENOIOCTL);
1807 		}
1808 		break;
1809 	}
1810 
1811 	case LINUX_OSS_GETVERSION: {
1812 		int version = linux_get_oss_version(td);
1813 		return (copyout(&version, (void *)args->arg, sizeof(int)));
1814 	}
1815 
1816 	case LINUX_SOUND_MIXER_READ_STEREODEVS:
1817 		args->cmd = SOUND_MIXER_READ_STEREODEVS;
1818 		return (sys_ioctl(td, (struct ioctl_args *)args));
1819 
1820 	case LINUX_SOUND_MIXER_READ_CAPS:
1821 		args->cmd = SOUND_MIXER_READ_CAPS;
1822 		return (sys_ioctl(td, (struct ioctl_args *)args));
1823 
1824 	case LINUX_SOUND_MIXER_READ_RECMASK:
1825 		args->cmd = SOUND_MIXER_READ_RECMASK;
1826 		return (sys_ioctl(td, (struct ioctl_args *)args));
1827 
1828 	case LINUX_SOUND_MIXER_READ_DEVMASK:
1829 		args->cmd = SOUND_MIXER_READ_DEVMASK;
1830 		return (sys_ioctl(td, (struct ioctl_args *)args));
1831 
1832 	case LINUX_SOUND_MIXER_WRITE_RECSRC:
1833 		args->cmd = SETDIR(SOUND_MIXER_WRITE_RECSRC);
1834 		return (sys_ioctl(td, (struct ioctl_args *)args));
1835 
1836 	case LINUX_SNDCTL_DSP_RESET:
1837 		args->cmd = SNDCTL_DSP_RESET;
1838 		return (sys_ioctl(td, (struct ioctl_args *)args));
1839 
1840 	case LINUX_SNDCTL_DSP_SYNC:
1841 		args->cmd = SNDCTL_DSP_SYNC;
1842 		return (sys_ioctl(td, (struct ioctl_args *)args));
1843 
1844 	case LINUX_SNDCTL_DSP_SPEED:
1845 		args->cmd = SNDCTL_DSP_SPEED;
1846 		return (sys_ioctl(td, (struct ioctl_args *)args));
1847 
1848 	case LINUX_SNDCTL_DSP_STEREO:
1849 		args->cmd = SNDCTL_DSP_STEREO;
1850 		return (sys_ioctl(td, (struct ioctl_args *)args));
1851 
1852 	case LINUX_SNDCTL_DSP_GETBLKSIZE: /* LINUX_SNDCTL_DSP_SETBLKSIZE */
1853 		args->cmd = SNDCTL_DSP_GETBLKSIZE;
1854 		return (sys_ioctl(td, (struct ioctl_args *)args));
1855 
1856 	case LINUX_SNDCTL_DSP_SETFMT:
1857 		args->cmd = SNDCTL_DSP_SETFMT;
1858 		return (sys_ioctl(td, (struct ioctl_args *)args));
1859 
1860 	case LINUX_SOUND_PCM_WRITE_CHANNELS:
1861 		args->cmd = SOUND_PCM_WRITE_CHANNELS;
1862 		return (sys_ioctl(td, (struct ioctl_args *)args));
1863 
1864 	case LINUX_SOUND_PCM_WRITE_FILTER:
1865 		args->cmd = SOUND_PCM_WRITE_FILTER;
1866 		return (sys_ioctl(td, (struct ioctl_args *)args));
1867 
1868 	case LINUX_SNDCTL_DSP_POST:
1869 		args->cmd = SNDCTL_DSP_POST;
1870 		return (sys_ioctl(td, (struct ioctl_args *)args));
1871 
1872 	case LINUX_SNDCTL_DSP_SUBDIVIDE:
1873 		args->cmd = SNDCTL_DSP_SUBDIVIDE;
1874 		return (sys_ioctl(td, (struct ioctl_args *)args));
1875 
1876 	case LINUX_SNDCTL_DSP_SETFRAGMENT:
1877 		args->cmd = SNDCTL_DSP_SETFRAGMENT;
1878 		return (sys_ioctl(td, (struct ioctl_args *)args));
1879 
1880 	case LINUX_SNDCTL_DSP_GETFMTS:
1881 		args->cmd = SNDCTL_DSP_GETFMTS;
1882 		return (sys_ioctl(td, (struct ioctl_args *)args));
1883 
1884 	case LINUX_SNDCTL_DSP_GETOSPACE:
1885 		args->cmd = SNDCTL_DSP_GETOSPACE;
1886 		return (sys_ioctl(td, (struct ioctl_args *)args));
1887 
1888 	case LINUX_SNDCTL_DSP_GETISPACE:
1889 		args->cmd = SNDCTL_DSP_GETISPACE;
1890 		return (sys_ioctl(td, (struct ioctl_args *)args));
1891 
1892 	case LINUX_SNDCTL_DSP_NONBLOCK:
1893 		args->cmd = SNDCTL_DSP_NONBLOCK;
1894 		return (sys_ioctl(td, (struct ioctl_args *)args));
1895 
1896 	case LINUX_SNDCTL_DSP_GETCAPS:
1897 		args->cmd = SNDCTL_DSP_GETCAPS;
1898 		return (sys_ioctl(td, (struct ioctl_args *)args));
1899 
1900 	case LINUX_SNDCTL_DSP_SETTRIGGER: /* LINUX_SNDCTL_GETTRIGGER */
1901 		args->cmd = SNDCTL_DSP_SETTRIGGER;
1902 		return (sys_ioctl(td, (struct ioctl_args *)args));
1903 
1904 	case LINUX_SNDCTL_DSP_GETIPTR:
1905 		args->cmd = SNDCTL_DSP_GETIPTR;
1906 		return (sys_ioctl(td, (struct ioctl_args *)args));
1907 
1908 	case LINUX_SNDCTL_DSP_GETOPTR:
1909 		args->cmd = SNDCTL_DSP_GETOPTR;
1910 		return (sys_ioctl(td, (struct ioctl_args *)args));
1911 
1912 	case LINUX_SNDCTL_DSP_SETDUPLEX:
1913 		args->cmd = SNDCTL_DSP_SETDUPLEX;
1914 		return (sys_ioctl(td, (struct ioctl_args *)args));
1915 
1916 	case LINUX_SNDCTL_DSP_GETODELAY:
1917 		args->cmd = SNDCTL_DSP_GETODELAY;
1918 		return (sys_ioctl(td, (struct ioctl_args *)args));
1919 
1920 	case LINUX_SNDCTL_SEQ_RESET:
1921 		args->cmd = SNDCTL_SEQ_RESET;
1922 		return (sys_ioctl(td, (struct ioctl_args *)args));
1923 
1924 	case LINUX_SNDCTL_SEQ_SYNC:
1925 		args->cmd = SNDCTL_SEQ_SYNC;
1926 		return (sys_ioctl(td, (struct ioctl_args *)args));
1927 
1928 	case LINUX_SNDCTL_SYNTH_INFO:
1929 		args->cmd = SNDCTL_SYNTH_INFO;
1930 		return (sys_ioctl(td, (struct ioctl_args *)args));
1931 
1932 	case LINUX_SNDCTL_SEQ_CTRLRATE:
1933 		args->cmd = SNDCTL_SEQ_CTRLRATE;
1934 		return (sys_ioctl(td, (struct ioctl_args *)args));
1935 
1936 	case LINUX_SNDCTL_SEQ_GETOUTCOUNT:
1937 		args->cmd = SNDCTL_SEQ_GETOUTCOUNT;
1938 		return (sys_ioctl(td, (struct ioctl_args *)args));
1939 
1940 	case LINUX_SNDCTL_SEQ_GETINCOUNT:
1941 		args->cmd = SNDCTL_SEQ_GETINCOUNT;
1942 		return (sys_ioctl(td, (struct ioctl_args *)args));
1943 
1944 	case LINUX_SNDCTL_SEQ_PERCMODE:
1945 		args->cmd = SNDCTL_SEQ_PERCMODE;
1946 		return (sys_ioctl(td, (struct ioctl_args *)args));
1947 
1948 	case LINUX_SNDCTL_FM_LOAD_INSTR:
1949 		args->cmd = SNDCTL_FM_LOAD_INSTR;
1950 		return (sys_ioctl(td, (struct ioctl_args *)args));
1951 
1952 	case LINUX_SNDCTL_SEQ_TESTMIDI:
1953 		args->cmd = SNDCTL_SEQ_TESTMIDI;
1954 		return (sys_ioctl(td, (struct ioctl_args *)args));
1955 
1956 	case LINUX_SNDCTL_SEQ_RESETSAMPLES:
1957 		args->cmd = SNDCTL_SEQ_RESETSAMPLES;
1958 		return (sys_ioctl(td, (struct ioctl_args *)args));
1959 
1960 	case LINUX_SNDCTL_SEQ_NRSYNTHS:
1961 		args->cmd = SNDCTL_SEQ_NRSYNTHS;
1962 		return (sys_ioctl(td, (struct ioctl_args *)args));
1963 
1964 	case LINUX_SNDCTL_SEQ_NRMIDIS:
1965 		args->cmd = SNDCTL_SEQ_NRMIDIS;
1966 		return (sys_ioctl(td, (struct ioctl_args *)args));
1967 
1968 	case LINUX_SNDCTL_MIDI_INFO:
1969 		args->cmd = SNDCTL_MIDI_INFO;
1970 		return (sys_ioctl(td, (struct ioctl_args *)args));
1971 
1972 	case LINUX_SNDCTL_SEQ_TRESHOLD:
1973 		args->cmd = SNDCTL_SEQ_TRESHOLD;
1974 		return (sys_ioctl(td, (struct ioctl_args *)args));
1975 
1976 	case LINUX_SNDCTL_SYNTH_MEMAVL:
1977 		args->cmd = SNDCTL_SYNTH_MEMAVL;
1978 		return (sys_ioctl(td, (struct ioctl_args *)args));
1979 
1980 	}
1981 
1982 	return (ENOIOCTL);
1983 }
1984 
1985 /*
1986  * Console related ioctls
1987  */
1988 
1989 static int
linux_ioctl_console(struct thread * td,struct linux_ioctl_args * args)1990 linux_ioctl_console(struct thread *td, struct linux_ioctl_args *args)
1991 {
1992 	struct file *fp;
1993 	int error;
1994 
1995 	error = fget(td, args->fd, &cap_ioctl_rights, &fp);
1996 	if (error != 0)
1997 		return (error);
1998 	switch (args->cmd & 0xffff) {
1999 
2000 	case LINUX_KIOCSOUND:
2001 		args->cmd = KIOCSOUND;
2002 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2003 		break;
2004 
2005 	case LINUX_KDMKTONE:
2006 		args->cmd = KDMKTONE;
2007 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2008 		break;
2009 
2010 	case LINUX_KDGETLED:
2011 		args->cmd = KDGETLED;
2012 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2013 		break;
2014 
2015 	case LINUX_KDSETLED:
2016 		args->cmd = KDSETLED;
2017 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2018 		break;
2019 
2020 	case LINUX_KDSETMODE:
2021 		args->cmd = KDSETMODE;
2022 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2023 		break;
2024 
2025 	case LINUX_KDGETMODE:
2026 		args->cmd = KDGETMODE;
2027 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2028 		break;
2029 
2030 	case LINUX_KDGKBMODE:
2031 		args->cmd = KDGKBMODE;
2032 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2033 		break;
2034 
2035 	case LINUX_KDSKBMODE: {
2036 		int kbdmode;
2037 		switch (args->arg) {
2038 		case LINUX_KBD_RAW:
2039 			kbdmode = K_RAW;
2040 			break;
2041 		case LINUX_KBD_XLATE:
2042 			kbdmode = K_XLATE;
2043 			break;
2044 		case LINUX_KBD_MEDIUMRAW:
2045 			kbdmode = K_RAW;
2046 			break;
2047 		default:
2048 			fdrop(fp, td);
2049 			return (EINVAL);
2050 		}
2051 		error = (fo_ioctl(fp, KDSKBMODE, (caddr_t)&kbdmode,
2052 		    td->td_ucred, td));
2053 		break;
2054 	}
2055 
2056 	case LINUX_VT_OPENQRY:
2057 		args->cmd = VT_OPENQRY;
2058 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2059 		break;
2060 
2061 	case LINUX_VT_GETMODE:
2062 		args->cmd = VT_GETMODE;
2063 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2064 		break;
2065 
2066 	case LINUX_VT_SETMODE: {
2067 		struct vt_mode mode;
2068 		if ((error = copyin((void *)args->arg, &mode, sizeof(mode))))
2069 			break;
2070 		if (LINUX_SIG_VALID(mode.relsig))
2071 			mode.relsig = linux_to_bsd_signal(mode.relsig);
2072 		else
2073 			mode.relsig = 0;
2074 		if (LINUX_SIG_VALID(mode.acqsig))
2075 			mode.acqsig = linux_to_bsd_signal(mode.acqsig);
2076 		else
2077 			mode.acqsig = 0;
2078 		/* XXX. Linux ignores frsig and set it to 0. */
2079 		mode.frsig = 0;
2080 		if ((error = copyout(&mode, (void *)args->arg, sizeof(mode))))
2081 			break;
2082 		args->cmd = VT_SETMODE;
2083 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2084 		break;
2085 	}
2086 
2087 	case LINUX_VT_GETSTATE:
2088 		args->cmd = VT_GETACTIVE;
2089 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2090 		break;
2091 
2092 	case LINUX_VT_RELDISP:
2093 		args->cmd = VT_RELDISP;
2094 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2095 		break;
2096 
2097 	case LINUX_VT_ACTIVATE:
2098 		args->cmd = VT_ACTIVATE;
2099 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2100 		break;
2101 
2102 	case LINUX_VT_WAITACTIVE:
2103 		args->cmd = VT_WAITACTIVE;
2104 		error = (sys_ioctl(td, (struct ioctl_args *)args));
2105 		break;
2106 
2107 	default:
2108 		error = ENOIOCTL;
2109 		break;
2110 	}
2111 
2112 	fdrop(fp, td);
2113 	return (error);
2114 }
2115 
2116 /*
2117  * Implement the SIOCGIFNAME ioctl
2118  */
2119 
2120 static int
linux_ioctl_ifname(struct thread * td,struct l_ifreq * uifr)2121 linux_ioctl_ifname(struct thread *td, struct l_ifreq *uifr)
2122 {
2123 	struct l_ifreq ifr;
2124 	struct ifnet *ifp;
2125 	int error, ethno, index;
2126 
2127 	error = copyin(uifr, &ifr, sizeof(ifr));
2128 	if (error != 0)
2129 		return (error);
2130 
2131 	CURVNET_SET(TD_TO_VNET(curthread));
2132 	IFNET_RLOCK();
2133 	index = 1;	/* ifr.ifr_ifindex starts from 1 */
2134 	ethno = 0;
2135 	error = ENODEV;
2136 	CK_STAILQ_FOREACH(ifp, &V_ifnet, if_link) {
2137 		if (ifr.ifr_ifindex == index) {
2138 			if (IFP_IS_ETH(ifp))
2139 				snprintf(ifr.ifr_name, LINUX_IFNAMSIZ,
2140 				    "eth%d", ethno);
2141 			else
2142 				strlcpy(ifr.ifr_name, ifp->if_xname,
2143 				    LINUX_IFNAMSIZ);
2144 			error = 0;
2145 			break;
2146 		}
2147 		if (IFP_IS_ETH(ifp))
2148 			ethno++;
2149 		index++;
2150 	}
2151 	IFNET_RUNLOCK();
2152 	if (error == 0)
2153 		error = copyout(&ifr, uifr, sizeof(ifr));
2154 	CURVNET_RESTORE();
2155 
2156 	return (error);
2157 }
2158 
2159 /*
2160  * Implement the SIOCGIFCONF ioctl
2161  */
2162 
2163 static int
linux_ifconf(struct thread * td,struct ifconf * uifc)2164 linux_ifconf(struct thread *td, struct ifconf *uifc)
2165 {
2166 #ifdef COMPAT_LINUX32
2167 	struct l_ifconf ifc;
2168 #else
2169 	struct ifconf ifc;
2170 #endif
2171 	struct l_ifreq ifr;
2172 	struct ifnet *ifp;
2173 	struct ifaddr *ifa;
2174 	struct sbuf *sb;
2175 	int error, ethno, full = 0, valid_len, max_len;
2176 
2177 	error = copyin(uifc, &ifc, sizeof(ifc));
2178 	if (error != 0)
2179 		return (error);
2180 
2181 	max_len = MAXPHYS - 1;
2182 
2183 	CURVNET_SET(TD_TO_VNET(td));
2184 	/* handle the 'request buffer size' case */
2185 	if ((l_uintptr_t)ifc.ifc_buf == PTROUT(NULL)) {
2186 		ifc.ifc_len = 0;
2187 		IFNET_RLOCK();
2188 		CK_STAILQ_FOREACH(ifp, &V_ifnet, if_link) {
2189 			CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2190 				struct sockaddr *sa = ifa->ifa_addr;
2191 				if (sa->sa_family == AF_INET)
2192 					ifc.ifc_len += sizeof(ifr);
2193 			}
2194 		}
2195 		IFNET_RUNLOCK();
2196 		error = copyout(&ifc, uifc, sizeof(ifc));
2197 		CURVNET_RESTORE();
2198 		return (error);
2199 	}
2200 
2201 	if (ifc.ifc_len <= 0) {
2202 		CURVNET_RESTORE();
2203 		return (EINVAL);
2204 	}
2205 
2206 again:
2207 	/* Keep track of eth interfaces */
2208 	ethno = 0;
2209 	if (ifc.ifc_len <= max_len) {
2210 		max_len = ifc.ifc_len;
2211 		full = 1;
2212 	}
2213 	sb = sbuf_new(NULL, NULL, max_len + 1, SBUF_FIXEDLEN);
2214 	max_len = 0;
2215 	valid_len = 0;
2216 
2217 	/* Return all AF_INET addresses of all interfaces */
2218 	IFNET_RLOCK();
2219 	CK_STAILQ_FOREACH(ifp, &V_ifnet, if_link) {
2220 		int addrs = 0;
2221 
2222 		bzero(&ifr, sizeof(ifr));
2223 		if (IFP_IS_ETH(ifp))
2224 			snprintf(ifr.ifr_name, LINUX_IFNAMSIZ, "eth%d",
2225 			    ethno++);
2226 		else
2227 			strlcpy(ifr.ifr_name, ifp->if_xname, LINUX_IFNAMSIZ);
2228 
2229 		/* Walk the address list */
2230 		CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2231 			struct sockaddr *sa = ifa->ifa_addr;
2232 
2233 			if (sa->sa_family == AF_INET) {
2234 				ifr.ifr_addr.sa_family = LINUX_AF_INET;
2235 				memcpy(ifr.ifr_addr.sa_data, sa->sa_data,
2236 				    sizeof(ifr.ifr_addr.sa_data));
2237 				sbuf_bcat(sb, &ifr, sizeof(ifr));
2238 				max_len += sizeof(ifr);
2239 				addrs++;
2240 			}
2241 
2242 			if (sbuf_error(sb) == 0)
2243 				valid_len = sbuf_len(sb);
2244 		}
2245 		if (addrs == 0) {
2246 			bzero((caddr_t)&ifr.ifr_addr, sizeof(ifr.ifr_addr));
2247 			sbuf_bcat(sb, &ifr, sizeof(ifr));
2248 			max_len += sizeof(ifr);
2249 
2250 			if (sbuf_error(sb) == 0)
2251 				valid_len = sbuf_len(sb);
2252 		}
2253 	}
2254 	IFNET_RUNLOCK();
2255 
2256 	if (valid_len != max_len && !full) {
2257 		sbuf_delete(sb);
2258 		goto again;
2259 	}
2260 
2261 	ifc.ifc_len = valid_len;
2262 	sbuf_finish(sb);
2263 	error = copyout(sbuf_data(sb), PTRIN(ifc.ifc_buf), ifc.ifc_len);
2264 	if (error == 0)
2265 		error = copyout(&ifc, uifc, sizeof(ifc));
2266 	sbuf_delete(sb);
2267 	CURVNET_RESTORE();
2268 
2269 	return (error);
2270 }
2271 
2272 static int
linux_gifflags(struct thread * td,struct ifnet * ifp,struct l_ifreq * ifr)2273 linux_gifflags(struct thread *td, struct ifnet *ifp, struct l_ifreq *ifr)
2274 {
2275 	l_short flags;
2276 
2277 	linux_ifflags(ifp, &flags);
2278 
2279 	return (copyout(&flags, &ifr->ifr_flags, sizeof(flags)));
2280 }
2281 
2282 static int
linux_gifhwaddr(struct ifnet * ifp,struct l_ifreq * ifr)2283 linux_gifhwaddr(struct ifnet *ifp, struct l_ifreq *ifr)
2284 {
2285 	struct l_sockaddr lsa;
2286 
2287 	if (linux_ifhwaddr(ifp, &lsa) != 0)
2288 		return (ENOENT);
2289 
2290 	return (copyout(&lsa, &ifr->ifr_hwaddr, sizeof(lsa)));
2291 }
2292 
2293 
2294  /*
2295 * If we fault in bsd_to_linux_ifreq() then we will fault when we call
2296 * the native ioctl().  Thus, we don't really need to check the return
2297 * value of this function.
2298 */
2299 static int
bsd_to_linux_ifreq(struct ifreq * arg)2300 bsd_to_linux_ifreq(struct ifreq *arg)
2301 {
2302 	struct ifreq ifr;
2303 	size_t ifr_len = sizeof(struct ifreq);
2304 	int error;
2305 
2306 	if ((error = copyin(arg, &ifr, ifr_len)))
2307 		return (error);
2308 
2309 	*(u_short *)&ifr.ifr_addr = ifr.ifr_addr.sa_family;
2310 
2311 	error = copyout(&ifr, arg, ifr_len);
2312 
2313 	return (error);
2314 }
2315 
2316 /*
2317  * Socket related ioctls
2318  */
2319 
2320 static int
linux_ioctl_socket(struct thread * td,struct linux_ioctl_args * args)2321 linux_ioctl_socket(struct thread *td, struct linux_ioctl_args *args)
2322 {
2323 	char lifname[LINUX_IFNAMSIZ], ifname[IFNAMSIZ];
2324 	struct ifnet *ifp;
2325 	struct file *fp;
2326 	int error, type;
2327 
2328 	ifp = NULL;
2329 	error = 0;
2330 
2331 	error = fget(td, args->fd, &cap_ioctl_rights, &fp);
2332 	if (error != 0)
2333 		return (error);
2334 	type = fp->f_type;
2335 	fdrop(fp, td);
2336 	if (type != DTYPE_SOCKET) {
2337 		/* not a socket - probably a tap / vmnet device */
2338 		switch (args->cmd) {
2339 		case LINUX_SIOCGIFADDR:
2340 		case LINUX_SIOCSIFADDR:
2341 		case LINUX_SIOCGIFFLAGS:
2342 			return (linux_ioctl_special(td, args));
2343 		default:
2344 			return (ENOIOCTL);
2345 		}
2346 	}
2347 
2348 	switch (args->cmd & 0xffff) {
2349 
2350 	case LINUX_FIOGETOWN:
2351 	case LINUX_FIOSETOWN:
2352 	case LINUX_SIOCADDMULTI:
2353 	case LINUX_SIOCATMARK:
2354 	case LINUX_SIOCDELMULTI:
2355 	case LINUX_SIOCGIFNAME:
2356 	case LINUX_SIOCGIFCONF:
2357 	case LINUX_SIOCGPGRP:
2358 	case LINUX_SIOCSPGRP:
2359 	case LINUX_SIOCGIFCOUNT:
2360 		/* these ioctls don't take an interface name */
2361 		break;
2362 
2363 	case LINUX_SIOCGIFFLAGS:
2364 	case LINUX_SIOCGIFADDR:
2365 	case LINUX_SIOCSIFADDR:
2366 	case LINUX_SIOCGIFDSTADDR:
2367 	case LINUX_SIOCGIFBRDADDR:
2368 	case LINUX_SIOCGIFNETMASK:
2369 	case LINUX_SIOCSIFNETMASK:
2370 	case LINUX_SIOCGIFMTU:
2371 	case LINUX_SIOCSIFMTU:
2372 	case LINUX_SIOCSIFNAME:
2373 	case LINUX_SIOCGIFHWADDR:
2374 	case LINUX_SIOCSIFHWADDR:
2375 	case LINUX_SIOCDEVPRIVATE:
2376 	case LINUX_SIOCDEVPRIVATE+1:
2377 	case LINUX_SIOCGIFINDEX:
2378 		/* copy in the interface name and translate it. */
2379 		error = copyin((void *)args->arg, lifname, LINUX_IFNAMSIZ);
2380 		if (error != 0)
2381 			return (error);
2382 		memset(ifname, 0, sizeof(ifname));
2383 		ifp = ifname_linux_to_bsd(td, lifname, ifname);
2384 		if (ifp == NULL)
2385 			return (EINVAL);
2386 		/*
2387 		 * We need to copy it back out in case we pass the
2388 		 * request on to our native ioctl(), which will expect
2389 		 * the ifreq to be in user space and have the correct
2390 		 * interface name.
2391 		 */
2392 		error = copyout(ifname, (void *)args->arg, IFNAMSIZ);
2393 		if (error != 0)
2394 			return (error);
2395 		break;
2396 
2397 	default:
2398 		return (ENOIOCTL);
2399 	}
2400 
2401 	switch (args->cmd & 0xffff) {
2402 
2403 	case LINUX_FIOSETOWN:
2404 		args->cmd = FIOSETOWN;
2405 		error = sys_ioctl(td, (struct ioctl_args *)args);
2406 		break;
2407 
2408 	case LINUX_SIOCSPGRP:
2409 		args->cmd = SIOCSPGRP;
2410 		error = sys_ioctl(td, (struct ioctl_args *)args);
2411 		break;
2412 
2413 	case LINUX_FIOGETOWN:
2414 		args->cmd = FIOGETOWN;
2415 		error = sys_ioctl(td, (struct ioctl_args *)args);
2416 		break;
2417 
2418 	case LINUX_SIOCGPGRP:
2419 		args->cmd = SIOCGPGRP;
2420 		error = sys_ioctl(td, (struct ioctl_args *)args);
2421 		break;
2422 
2423 	case LINUX_SIOCATMARK:
2424 		args->cmd = SIOCATMARK;
2425 		error = sys_ioctl(td, (struct ioctl_args *)args);
2426 		break;
2427 
2428 	/* LINUX_SIOCGSTAMP */
2429 
2430 	case LINUX_SIOCGIFNAME:
2431 		error = linux_ioctl_ifname(td, (struct l_ifreq *)args->arg);
2432 		break;
2433 
2434 	case LINUX_SIOCGIFCONF:
2435 		error = linux_ifconf(td, (struct ifconf *)args->arg);
2436 		break;
2437 
2438 	case LINUX_SIOCGIFFLAGS:
2439 		args->cmd = SIOCGIFFLAGS;
2440 		error = linux_gifflags(td, ifp, (struct l_ifreq *)args->arg);
2441 		break;
2442 
2443 	case LINUX_SIOCGIFADDR:
2444 		args->cmd = SIOCGIFADDR;
2445 		error = sys_ioctl(td, (struct ioctl_args *)args);
2446 		bsd_to_linux_ifreq((struct ifreq *)args->arg);
2447 		break;
2448 
2449 	case LINUX_SIOCSIFADDR:
2450 		/* XXX probably doesn't work, included for completeness */
2451 		args->cmd = SIOCSIFADDR;
2452 		error = sys_ioctl(td, (struct ioctl_args *)args);
2453 		break;
2454 
2455 	case LINUX_SIOCGIFDSTADDR:
2456 		args->cmd = SIOCGIFDSTADDR;
2457 		error = sys_ioctl(td, (struct ioctl_args *)args);
2458 		bsd_to_linux_ifreq((struct ifreq *)args->arg);
2459 		break;
2460 
2461 	case LINUX_SIOCGIFBRDADDR:
2462 		args->cmd = SIOCGIFBRDADDR;
2463 		error = sys_ioctl(td, (struct ioctl_args *)args);
2464 		bsd_to_linux_ifreq((struct ifreq *)args->arg);
2465 		break;
2466 
2467 	case LINUX_SIOCGIFNETMASK:
2468 		args->cmd = SIOCGIFNETMASK;
2469 		error = sys_ioctl(td, (struct ioctl_args *)args);
2470 		bsd_to_linux_ifreq((struct ifreq *)args->arg);
2471 		break;
2472 
2473 	case LINUX_SIOCSIFNETMASK:
2474 		error = ENOIOCTL;
2475 		break;
2476 
2477 	case LINUX_SIOCGIFMTU:
2478 		args->cmd = SIOCGIFMTU;
2479 		error = sys_ioctl(td, (struct ioctl_args *)args);
2480 		break;
2481 
2482 	case LINUX_SIOCSIFMTU:
2483 		args->cmd = SIOCSIFMTU;
2484 		error = sys_ioctl(td, (struct ioctl_args *)args);
2485 		break;
2486 
2487 	case LINUX_SIOCSIFNAME:
2488 		error = ENOIOCTL;
2489 		break;
2490 
2491 	case LINUX_SIOCGIFHWADDR:
2492 		error = linux_gifhwaddr(ifp, (struct l_ifreq *)args->arg);
2493 		break;
2494 
2495 	case LINUX_SIOCSIFHWADDR:
2496 		error = ENOIOCTL;
2497 		break;
2498 
2499 	case LINUX_SIOCADDMULTI:
2500 		args->cmd = SIOCADDMULTI;
2501 		error = sys_ioctl(td, (struct ioctl_args *)args);
2502 		break;
2503 
2504 	case LINUX_SIOCDELMULTI:
2505 		args->cmd = SIOCDELMULTI;
2506 		error = sys_ioctl(td, (struct ioctl_args *)args);
2507 		break;
2508 
2509 	case LINUX_SIOCGIFINDEX:
2510 		args->cmd = SIOCGIFINDEX;
2511 		error = sys_ioctl(td, (struct ioctl_args *)args);
2512 		break;
2513 
2514 	case LINUX_SIOCGIFCOUNT:
2515 		error = 0;
2516 		break;
2517 
2518 	/*
2519 	 * XXX This is slightly bogus, but these ioctls are currently
2520 	 * XXX only used by the aironet (if_an) network driver.
2521 	 */
2522 	case LINUX_SIOCDEVPRIVATE:
2523 		args->cmd = SIOCGPRIVATE_0;
2524 		error = sys_ioctl(td, (struct ioctl_args *)args);
2525 		break;
2526 
2527 	case LINUX_SIOCDEVPRIVATE+1:
2528 		args->cmd = SIOCGPRIVATE_1;
2529 		error = sys_ioctl(td, (struct ioctl_args *)args);
2530 		break;
2531 	}
2532 
2533 	if (ifp != NULL)
2534 		/* restore the original interface name */
2535 		copyout(lifname, (void *)args->arg, LINUX_IFNAMSIZ);
2536 
2537 	return (error);
2538 }
2539 
2540 /*
2541  * Device private ioctl handler
2542  */
2543 static int
linux_ioctl_private(struct thread * td,struct linux_ioctl_args * args)2544 linux_ioctl_private(struct thread *td, struct linux_ioctl_args *args)
2545 {
2546 	struct file *fp;
2547 	int error, type;
2548 
2549 	error = fget(td, args->fd, &cap_ioctl_rights, &fp);
2550 	if (error != 0)
2551 		return (error);
2552 	type = fp->f_type;
2553 	fdrop(fp, td);
2554 	if (type == DTYPE_SOCKET)
2555 		return (linux_ioctl_socket(td, args));
2556 	return (ENOIOCTL);
2557 }
2558 
2559 /*
2560  * DRM ioctl handler (sys/dev/drm)
2561  */
2562 static int
linux_ioctl_drm(struct thread * td,struct linux_ioctl_args * args)2563 linux_ioctl_drm(struct thread *td, struct linux_ioctl_args *args)
2564 {
2565 	args->cmd = SETDIR(args->cmd);
2566 	return (sys_ioctl(td, (struct ioctl_args *)args));
2567 }
2568 
2569 #ifdef COMPAT_LINUX32
2570 static int
linux_ioctl_sg_io(struct thread * td,struct linux_ioctl_args * args)2571 linux_ioctl_sg_io(struct thread *td, struct linux_ioctl_args *args)
2572 {
2573 	struct sg_io_hdr io;
2574 	struct sg_io_hdr32 io32;
2575 	struct file *fp;
2576 	int error;
2577 
2578 	error = fget(td, args->fd, &cap_ioctl_rights, &fp);
2579 	if (error != 0) {
2580 		printf("sg_linux_ioctl: fget returned %d\n", error);
2581 		return (error);
2582 	}
2583 
2584 	if ((error = copyin((void *)args->arg, &io32, sizeof(io32))) != 0)
2585 		goto out;
2586 
2587 	CP(io32, io, interface_id);
2588 	CP(io32, io, dxfer_direction);
2589 	CP(io32, io, cmd_len);
2590 	CP(io32, io, mx_sb_len);
2591 	CP(io32, io, iovec_count);
2592 	CP(io32, io, dxfer_len);
2593 	PTRIN_CP(io32, io, dxferp);
2594 	PTRIN_CP(io32, io, cmdp);
2595 	PTRIN_CP(io32, io, sbp);
2596 	CP(io32, io, timeout);
2597 	CP(io32, io, flags);
2598 	CP(io32, io, pack_id);
2599 	PTRIN_CP(io32, io, usr_ptr);
2600 	CP(io32, io, status);
2601 	CP(io32, io, masked_status);
2602 	CP(io32, io, msg_status);
2603 	CP(io32, io, sb_len_wr);
2604 	CP(io32, io, host_status);
2605 	CP(io32, io, driver_status);
2606 	CP(io32, io, resid);
2607 	CP(io32, io, duration);
2608 	CP(io32, io, info);
2609 
2610 	if ((error = fo_ioctl(fp, SG_IO, (caddr_t)&io, td->td_ucred, td)) != 0)
2611 		goto out;
2612 
2613 	CP(io, io32, interface_id);
2614 	CP(io, io32, dxfer_direction);
2615 	CP(io, io32, cmd_len);
2616 	CP(io, io32, mx_sb_len);
2617 	CP(io, io32, iovec_count);
2618 	CP(io, io32, dxfer_len);
2619 	PTROUT_CP(io, io32, dxferp);
2620 	PTROUT_CP(io, io32, cmdp);
2621 	PTROUT_CP(io, io32, sbp);
2622 	CP(io, io32, timeout);
2623 	CP(io, io32, flags);
2624 	CP(io, io32, pack_id);
2625 	PTROUT_CP(io, io32, usr_ptr);
2626 	CP(io, io32, status);
2627 	CP(io, io32, masked_status);
2628 	CP(io, io32, msg_status);
2629 	CP(io, io32, sb_len_wr);
2630 	CP(io, io32, host_status);
2631 	CP(io, io32, driver_status);
2632 	CP(io, io32, resid);
2633 	CP(io, io32, duration);
2634 	CP(io, io32, info);
2635 
2636 	error = copyout(&io32, (void *)args->arg, sizeof(io32));
2637 
2638 out:
2639 	fdrop(fp, td);
2640 	return (error);
2641 }
2642 #endif
2643 
2644 static int
linux_ioctl_sg(struct thread * td,struct linux_ioctl_args * args)2645 linux_ioctl_sg(struct thread *td, struct linux_ioctl_args *args)
2646 {
2647 
2648 	switch (args->cmd) {
2649 	case LINUX_SG_GET_VERSION_NUM:
2650 		args->cmd = SG_GET_VERSION_NUM;
2651 		break;
2652 	case LINUX_SG_SET_TIMEOUT:
2653 		args->cmd = SG_SET_TIMEOUT;
2654 		break;
2655 	case LINUX_SG_GET_TIMEOUT:
2656 		args->cmd = SG_GET_TIMEOUT;
2657 		break;
2658 	case LINUX_SG_IO:
2659 		args->cmd = SG_IO;
2660 #ifdef COMPAT_LINUX32
2661 		return (linux_ioctl_sg_io(td, args));
2662 #endif
2663 		break;
2664 	case LINUX_SG_GET_RESERVED_SIZE:
2665 		args->cmd = SG_GET_RESERVED_SIZE;
2666 		break;
2667 	case LINUX_SG_GET_SCSI_ID:
2668 		args->cmd = SG_GET_SCSI_ID;
2669 		break;
2670 	case LINUX_SG_GET_SG_TABLESIZE:
2671 		args->cmd = SG_GET_SG_TABLESIZE;
2672 		break;
2673 	default:
2674 		return (ENODEV);
2675 	}
2676 	return (sys_ioctl(td, (struct ioctl_args *)args));
2677 }
2678 
2679 /*
2680  * Video4Linux (V4L) ioctl handler
2681  */
2682 static int
linux_to_bsd_v4l_tuner(struct l_video_tuner * lvt,struct video_tuner * vt)2683 linux_to_bsd_v4l_tuner(struct l_video_tuner *lvt, struct video_tuner *vt)
2684 {
2685 	vt->tuner = lvt->tuner;
2686 	strlcpy(vt->name, lvt->name, LINUX_VIDEO_TUNER_NAME_SIZE);
2687 	vt->rangelow = lvt->rangelow;	/* possible long size conversion */
2688 	vt->rangehigh = lvt->rangehigh;	/* possible long size conversion */
2689 	vt->flags = lvt->flags;
2690 	vt->mode = lvt->mode;
2691 	vt->signal = lvt->signal;
2692 	return (0);
2693 }
2694 
2695 static int
bsd_to_linux_v4l_tuner(struct video_tuner * vt,struct l_video_tuner * lvt)2696 bsd_to_linux_v4l_tuner(struct video_tuner *vt, struct l_video_tuner *lvt)
2697 {
2698 	lvt->tuner = vt->tuner;
2699 	strlcpy(lvt->name, vt->name, LINUX_VIDEO_TUNER_NAME_SIZE);
2700 	lvt->rangelow = vt->rangelow;	/* possible long size conversion */
2701 	lvt->rangehigh = vt->rangehigh;	/* possible long size conversion */
2702 	lvt->flags = vt->flags;
2703 	lvt->mode = vt->mode;
2704 	lvt->signal = vt->signal;
2705 	return (0);
2706 }
2707 
2708 #ifdef COMPAT_LINUX_V4L_CLIPLIST
2709 static int
linux_to_bsd_v4l_clip(struct l_video_clip * lvc,struct video_clip * vc)2710 linux_to_bsd_v4l_clip(struct l_video_clip *lvc, struct video_clip *vc)
2711 {
2712 	vc->x = lvc->x;
2713 	vc->y = lvc->y;
2714 	vc->width = lvc->width;
2715 	vc->height = lvc->height;
2716 	vc->next = PTRIN(lvc->next);	/* possible pointer size conversion */
2717 	return (0);
2718 }
2719 #endif
2720 
2721 static int
linux_to_bsd_v4l_window(struct l_video_window * lvw,struct video_window * vw)2722 linux_to_bsd_v4l_window(struct l_video_window *lvw, struct video_window *vw)
2723 {
2724 	vw->x = lvw->x;
2725 	vw->y = lvw->y;
2726 	vw->width = lvw->width;
2727 	vw->height = lvw->height;
2728 	vw->chromakey = lvw->chromakey;
2729 	vw->flags = lvw->flags;
2730 	vw->clips = PTRIN(lvw->clips);	/* possible pointer size conversion */
2731 	vw->clipcount = lvw->clipcount;
2732 	return (0);
2733 }
2734 
2735 static int
bsd_to_linux_v4l_window(struct video_window * vw,struct l_video_window * lvw)2736 bsd_to_linux_v4l_window(struct video_window *vw, struct l_video_window *lvw)
2737 {
2738 	memset(lvw, 0, sizeof(*lvw));
2739 
2740 	lvw->x = vw->x;
2741 	lvw->y = vw->y;
2742 	lvw->width = vw->width;
2743 	lvw->height = vw->height;
2744 	lvw->chromakey = vw->chromakey;
2745 	lvw->flags = vw->flags;
2746 	lvw->clips = PTROUT(vw->clips);	/* possible pointer size conversion */
2747 	lvw->clipcount = vw->clipcount;
2748 	return (0);
2749 }
2750 
2751 static int
linux_to_bsd_v4l_buffer(struct l_video_buffer * lvb,struct video_buffer * vb)2752 linux_to_bsd_v4l_buffer(struct l_video_buffer *lvb, struct video_buffer *vb)
2753 {
2754 	vb->base = PTRIN(lvb->base);	/* possible pointer size conversion */
2755 	vb->height = lvb->height;
2756 	vb->width = lvb->width;
2757 	vb->depth = lvb->depth;
2758 	vb->bytesperline = lvb->bytesperline;
2759 	return (0);
2760 }
2761 
2762 static int
bsd_to_linux_v4l_buffer(struct video_buffer * vb,struct l_video_buffer * lvb)2763 bsd_to_linux_v4l_buffer(struct video_buffer *vb, struct l_video_buffer *lvb)
2764 {
2765 	lvb->base = PTROUT(vb->base);	/* possible pointer size conversion */
2766 	lvb->height = vb->height;
2767 	lvb->width = vb->width;
2768 	lvb->depth = vb->depth;
2769 	lvb->bytesperline = vb->bytesperline;
2770 	return (0);
2771 }
2772 
2773 static int
linux_to_bsd_v4l_code(struct l_video_code * lvc,struct video_code * vc)2774 linux_to_bsd_v4l_code(struct l_video_code *lvc, struct video_code *vc)
2775 {
2776 	strlcpy(vc->loadwhat, lvc->loadwhat, LINUX_VIDEO_CODE_LOADWHAT_SIZE);
2777 	vc->datasize = lvc->datasize;
2778 	vc->data = PTRIN(lvc->data);	/* possible pointer size conversion */
2779 	return (0);
2780 }
2781 
2782 #ifdef COMPAT_LINUX_V4L_CLIPLIST
2783 static int
linux_v4l_clip_copy(void * lvc,struct video_clip ** ppvc)2784 linux_v4l_clip_copy(void *lvc, struct video_clip **ppvc)
2785 {
2786 	int error;
2787 	struct video_clip vclip;
2788 	struct l_video_clip l_vclip;
2789 
2790 	error = copyin(lvc, &l_vclip, sizeof(l_vclip));
2791 	if (error) return (error);
2792 	linux_to_bsd_v4l_clip(&l_vclip, &vclip);
2793 	/* XXX: If there can be no concurrency: s/M_NOWAIT/M_WAITOK/ */
2794 	if ((*ppvc = malloc(sizeof(**ppvc), M_LINUX, M_NOWAIT)) == NULL)
2795 		return (ENOMEM);    /* XXX: Linux has no ENOMEM here. */
2796 	memcpy(*ppvc, &vclip, sizeof(vclip));
2797 	(*ppvc)->next = NULL;
2798 	return (0);
2799 }
2800 
2801 static int
linux_v4l_cliplist_free(struct video_window * vw)2802 linux_v4l_cliplist_free(struct video_window *vw)
2803 {
2804 	struct video_clip **ppvc;
2805 	struct video_clip **ppvc_next;
2806 
2807 	for (ppvc = &(vw->clips); *ppvc != NULL; ppvc = ppvc_next) {
2808 		ppvc_next = &((*ppvc)->next);
2809 		free(*ppvc, M_LINUX);
2810 	}
2811 	vw->clips = NULL;
2812 
2813 	return (0);
2814 }
2815 
2816 static int
linux_v4l_cliplist_copy(struct l_video_window * lvw,struct video_window * vw)2817 linux_v4l_cliplist_copy(struct l_video_window *lvw, struct video_window *vw)
2818 {
2819 	int error;
2820 	int clipcount;
2821 	void *plvc;
2822 	struct video_clip **ppvc;
2823 
2824 	/*
2825 	 * XXX: The cliplist is used to pass in a list of clipping
2826 	 *	rectangles or, if clipcount == VIDEO_CLIP_BITMAP, a
2827 	 *	clipping bitmap.  Some Linux apps, however, appear to
2828 	 *	leave cliplist and clips uninitialized.  In any case,
2829 	 *	the cliplist is not used by pwc(4), at the time of
2830 	 *	writing, FreeBSD's only V4L driver.  When a driver
2831 	 *	that uses the cliplist is developed, this code may
2832 	 *	need re-examiniation.
2833 	 */
2834 	error = 0;
2835 	clipcount = vw->clipcount;
2836 	if (clipcount == VIDEO_CLIP_BITMAP) {
2837 		/*
2838 		 * In this case, the pointer (clips) is overloaded
2839 		 * to be a "void *" to a bitmap, therefore there
2840 		 * is no struct video_clip to copy now.
2841 		 */
2842 	} else if (clipcount > 0 && clipcount <= 16384) {
2843 		/*
2844 		 * Clips points to list of clip rectangles, so
2845 		 * copy the list.
2846 		 *
2847 		 * XXX: Upper limit of 16384 was used here to try to
2848 		 *	avoid cases when clipcount and clips pointer
2849 		 *	are uninitialized and therefore have high random
2850 		 *	values, as is the case in the Linux Skype
2851 		 *	application.  The value 16384 was chosen as that
2852 		 *	is what is used in the Linux stradis(4) MPEG
2853 		 *	decoder driver, the only place we found an
2854 		 *	example of cliplist use.
2855 		 */
2856 		plvc = PTRIN(lvw->clips);
2857 		vw->clips = NULL;
2858 		ppvc = &(vw->clips);
2859 		while (clipcount-- > 0) {
2860 			if (plvc == NULL) {
2861 				error = EFAULT;
2862 				break;
2863 			} else {
2864 				error = linux_v4l_clip_copy(plvc, ppvc);
2865 				if (error) {
2866 					linux_v4l_cliplist_free(vw);
2867 					break;
2868 				}
2869 			}
2870 			ppvc = &((*ppvc)->next);
2871 			plvc = PTRIN(((struct l_video_clip *) plvc)->next);
2872 		}
2873 	} else {
2874 		/*
2875 		 * clipcount == 0 or negative (but not VIDEO_CLIP_BITMAP)
2876 		 * Force cliplist to null.
2877 		 */
2878 		vw->clipcount = 0;
2879 		vw->clips = NULL;
2880 	}
2881 	return (error);
2882 }
2883 #endif
2884 
2885 static int
linux_ioctl_v4l(struct thread * td,struct linux_ioctl_args * args)2886 linux_ioctl_v4l(struct thread *td, struct linux_ioctl_args *args)
2887 {
2888 	struct file *fp;
2889 	int error;
2890 	struct video_tuner vtun;
2891 	struct video_window vwin;
2892 	struct video_buffer vbuf;
2893 	struct video_code vcode;
2894 	struct l_video_tuner l_vtun;
2895 	struct l_video_window l_vwin;
2896 	struct l_video_buffer l_vbuf;
2897 	struct l_video_code l_vcode;
2898 
2899 	switch (args->cmd & 0xffff) {
2900 	case LINUX_VIDIOCGCAP:		args->cmd = VIDIOCGCAP; break;
2901 	case LINUX_VIDIOCGCHAN:		args->cmd = VIDIOCGCHAN; break;
2902 	case LINUX_VIDIOCSCHAN:		args->cmd = VIDIOCSCHAN; break;
2903 
2904 	case LINUX_VIDIOCGTUNER:
2905 		error = fget(td, args->fd,
2906 		    &cap_ioctl_rights, &fp);
2907 		if (error != 0)
2908 			return (error);
2909 		error = copyin((void *) args->arg, &l_vtun, sizeof(l_vtun));
2910 		if (error) {
2911 			fdrop(fp, td);
2912 			return (error);
2913 		}
2914 		linux_to_bsd_v4l_tuner(&l_vtun, &vtun);
2915 		error = fo_ioctl(fp, VIDIOCGTUNER, &vtun, td->td_ucred, td);
2916 		if (!error) {
2917 			bsd_to_linux_v4l_tuner(&vtun, &l_vtun);
2918 			error = copyout(&l_vtun, (void *) args->arg,
2919 			    sizeof(l_vtun));
2920 		}
2921 		fdrop(fp, td);
2922 		return (error);
2923 
2924 	case LINUX_VIDIOCSTUNER:
2925 		error = fget(td, args->fd,
2926 		    &cap_ioctl_rights, &fp);
2927 		if (error != 0)
2928 			return (error);
2929 		error = copyin((void *) args->arg, &l_vtun, sizeof(l_vtun));
2930 		if (error) {
2931 			fdrop(fp, td);
2932 			return (error);
2933 		}
2934 		linux_to_bsd_v4l_tuner(&l_vtun, &vtun);
2935 		error = fo_ioctl(fp, VIDIOCSTUNER, &vtun, td->td_ucred, td);
2936 		fdrop(fp, td);
2937 		return (error);
2938 
2939 	case LINUX_VIDIOCGPICT:		args->cmd = VIDIOCGPICT; break;
2940 	case LINUX_VIDIOCSPICT:		args->cmd = VIDIOCSPICT; break;
2941 	case LINUX_VIDIOCCAPTURE:	args->cmd = VIDIOCCAPTURE; break;
2942 
2943 	case LINUX_VIDIOCGWIN:
2944 		error = fget(td, args->fd,
2945 		    &cap_ioctl_rights, &fp);
2946 		if (error != 0)
2947 			return (error);
2948 		error = fo_ioctl(fp, VIDIOCGWIN, &vwin, td->td_ucred, td);
2949 		if (!error) {
2950 			bsd_to_linux_v4l_window(&vwin, &l_vwin);
2951 			error = copyout(&l_vwin, (void *) args->arg,
2952 			    sizeof(l_vwin));
2953 		}
2954 		fdrop(fp, td);
2955 		return (error);
2956 
2957 	case LINUX_VIDIOCSWIN:
2958 		error = fget(td, args->fd,
2959 		    &cap_ioctl_rights, &fp);
2960 		if (error != 0)
2961 			return (error);
2962 		error = copyin((void *) args->arg, &l_vwin, sizeof(l_vwin));
2963 		if (error) {
2964 			fdrop(fp, td);
2965 			return (error);
2966 		}
2967 		linux_to_bsd_v4l_window(&l_vwin, &vwin);
2968 #ifdef COMPAT_LINUX_V4L_CLIPLIST
2969 		error = linux_v4l_cliplist_copy(&l_vwin, &vwin);
2970 		if (error) {
2971 			fdrop(fp, td);
2972 			return (error);
2973 		}
2974 #endif
2975 		error = fo_ioctl(fp, VIDIOCSWIN, &vwin, td->td_ucred, td);
2976 		fdrop(fp, td);
2977 #ifdef COMPAT_LINUX_V4L_CLIPLIST
2978 		linux_v4l_cliplist_free(&vwin);
2979 #endif
2980 		return (error);
2981 
2982 	case LINUX_VIDIOCGFBUF:
2983 		error = fget(td, args->fd,
2984 		    &cap_ioctl_rights, &fp);
2985 		if (error != 0)
2986 			return (error);
2987 		error = fo_ioctl(fp, VIDIOCGFBUF, &vbuf, td->td_ucred, td);
2988 		if (!error) {
2989 			bsd_to_linux_v4l_buffer(&vbuf, &l_vbuf);
2990 			error = copyout(&l_vbuf, (void *) args->arg,
2991 			    sizeof(l_vbuf));
2992 		}
2993 		fdrop(fp, td);
2994 		return (error);
2995 
2996 	case LINUX_VIDIOCSFBUF:
2997 		error = fget(td, args->fd,
2998 		    &cap_ioctl_rights, &fp);
2999 		if (error != 0)
3000 			return (error);
3001 		error = copyin((void *) args->arg, &l_vbuf, sizeof(l_vbuf));
3002 		if (error) {
3003 			fdrop(fp, td);
3004 			return (error);
3005 		}
3006 		linux_to_bsd_v4l_buffer(&l_vbuf, &vbuf);
3007 		error = fo_ioctl(fp, VIDIOCSFBUF, &vbuf, td->td_ucred, td);
3008 		fdrop(fp, td);
3009 		return (error);
3010 
3011 	case LINUX_VIDIOCKEY:		args->cmd = VIDIOCKEY; break;
3012 	case LINUX_VIDIOCGFREQ:		args->cmd = VIDIOCGFREQ; break;
3013 	case LINUX_VIDIOCSFREQ:		args->cmd = VIDIOCSFREQ; break;
3014 	case LINUX_VIDIOCGAUDIO:	args->cmd = VIDIOCGAUDIO; break;
3015 	case LINUX_VIDIOCSAUDIO:	args->cmd = VIDIOCSAUDIO; break;
3016 	case LINUX_VIDIOCSYNC:		args->cmd = VIDIOCSYNC; break;
3017 	case LINUX_VIDIOCMCAPTURE:	args->cmd = VIDIOCMCAPTURE; break;
3018 	case LINUX_VIDIOCGMBUF:		args->cmd = VIDIOCGMBUF; break;
3019 	case LINUX_VIDIOCGUNIT:		args->cmd = VIDIOCGUNIT; break;
3020 	case LINUX_VIDIOCGCAPTURE:	args->cmd = VIDIOCGCAPTURE; break;
3021 	case LINUX_VIDIOCSCAPTURE:	args->cmd = VIDIOCSCAPTURE; break;
3022 	case LINUX_VIDIOCSPLAYMODE:	args->cmd = VIDIOCSPLAYMODE; break;
3023 	case LINUX_VIDIOCSWRITEMODE:	args->cmd = VIDIOCSWRITEMODE; break;
3024 	case LINUX_VIDIOCGPLAYINFO:	args->cmd = VIDIOCGPLAYINFO; break;
3025 
3026 	case LINUX_VIDIOCSMICROCODE:
3027 		error = fget(td, args->fd,
3028 		    &cap_ioctl_rights, &fp);
3029 		if (error != 0)
3030 			return (error);
3031 		error = copyin((void *) args->arg, &l_vcode, sizeof(l_vcode));
3032 		if (error) {
3033 			fdrop(fp, td);
3034 			return (error);
3035 		}
3036 		linux_to_bsd_v4l_code(&l_vcode, &vcode);
3037 		error = fo_ioctl(fp, VIDIOCSMICROCODE, &vcode, td->td_ucred, td);
3038 		fdrop(fp, td);
3039 		return (error);
3040 
3041 	case LINUX_VIDIOCGVBIFMT:	args->cmd = VIDIOCGVBIFMT; break;
3042 	case LINUX_VIDIOCSVBIFMT:	args->cmd = VIDIOCSVBIFMT; break;
3043 	default:			return (ENOIOCTL);
3044 	}
3045 
3046 	error = sys_ioctl(td, (struct ioctl_args *)args);
3047 	return (error);
3048 }
3049 
3050 /*
3051  * Special ioctl handler
3052  */
3053 static int
linux_ioctl_special(struct thread * td,struct linux_ioctl_args * args)3054 linux_ioctl_special(struct thread *td, struct linux_ioctl_args *args)
3055 {
3056 	int error;
3057 
3058 	switch (args->cmd) {
3059 	case LINUX_SIOCGIFADDR:
3060 		args->cmd = SIOCGIFADDR;
3061 		error = sys_ioctl(td, (struct ioctl_args *)args);
3062 		break;
3063 	case LINUX_SIOCSIFADDR:
3064 		args->cmd = SIOCSIFADDR;
3065 		error = sys_ioctl(td, (struct ioctl_args *)args);
3066 		break;
3067 	case LINUX_SIOCGIFFLAGS:
3068 		args->cmd = SIOCGIFFLAGS;
3069 		error = sys_ioctl(td, (struct ioctl_args *)args);
3070 		break;
3071 	default:
3072 		error = ENOIOCTL;
3073 	}
3074 
3075 	return (error);
3076 }
3077 
3078 static int
linux_to_bsd_v4l2_standard(struct l_v4l2_standard * lvstd,struct v4l2_standard * vstd)3079 linux_to_bsd_v4l2_standard(struct l_v4l2_standard *lvstd, struct v4l2_standard *vstd)
3080 {
3081 	vstd->index = lvstd->index;
3082 	vstd->id = lvstd->id;
3083 	CTASSERT(sizeof(vstd->name) == sizeof(lvstd->name));
3084 	memcpy(vstd->name, lvstd->name, sizeof(vstd->name));
3085 	vstd->frameperiod = lvstd->frameperiod;
3086 	vstd->framelines = lvstd->framelines;
3087 	CTASSERT(sizeof(vstd->reserved) == sizeof(lvstd->reserved));
3088 	memcpy(vstd->reserved, lvstd->reserved, sizeof(vstd->reserved));
3089 	return (0);
3090 }
3091 
3092 static int
bsd_to_linux_v4l2_standard(struct v4l2_standard * vstd,struct l_v4l2_standard * lvstd)3093 bsd_to_linux_v4l2_standard(struct v4l2_standard *vstd, struct l_v4l2_standard *lvstd)
3094 {
3095 	lvstd->index = vstd->index;
3096 	lvstd->id = vstd->id;
3097 	CTASSERT(sizeof(vstd->name) == sizeof(lvstd->name));
3098 	memcpy(lvstd->name, vstd->name, sizeof(lvstd->name));
3099 	lvstd->frameperiod = vstd->frameperiod;
3100 	lvstd->framelines = vstd->framelines;
3101 	CTASSERT(sizeof(vstd->reserved) == sizeof(lvstd->reserved));
3102 	memcpy(lvstd->reserved, vstd->reserved, sizeof(lvstd->reserved));
3103 	return (0);
3104 }
3105 
3106 static int
linux_to_bsd_v4l2_buffer(struct l_v4l2_buffer * lvb,struct v4l2_buffer * vb)3107 linux_to_bsd_v4l2_buffer(struct l_v4l2_buffer *lvb, struct v4l2_buffer *vb)
3108 {
3109 	vb->index = lvb->index;
3110 	vb->type = lvb->type;
3111 	vb->bytesused = lvb->bytesused;
3112 	vb->flags = lvb->flags;
3113 	vb->field = lvb->field;
3114 	vb->timestamp.tv_sec = lvb->timestamp.tv_sec;
3115 	vb->timestamp.tv_usec = lvb->timestamp.tv_usec;
3116 	memcpy(&vb->timecode, &lvb->timecode, sizeof (lvb->timecode));
3117 	vb->sequence = lvb->sequence;
3118 	vb->memory = lvb->memory;
3119 	if (lvb->memory == V4L2_MEMORY_USERPTR)
3120 		/* possible pointer size conversion */
3121 		vb->m.userptr = (unsigned long)PTRIN(lvb->m.userptr);
3122 	else
3123 		vb->m.offset = lvb->m.offset;
3124 	vb->length = lvb->length;
3125 	vb->input = lvb->input;
3126 	vb->reserved = lvb->reserved;
3127 	return (0);
3128 }
3129 
3130 static int
bsd_to_linux_v4l2_buffer(struct v4l2_buffer * vb,struct l_v4l2_buffer * lvb)3131 bsd_to_linux_v4l2_buffer(struct v4l2_buffer *vb, struct l_v4l2_buffer *lvb)
3132 {
3133 	lvb->index = vb->index;
3134 	lvb->type = vb->type;
3135 	lvb->bytesused = vb->bytesused;
3136 	lvb->flags = vb->flags;
3137 	lvb->field = vb->field;
3138 	lvb->timestamp.tv_sec = vb->timestamp.tv_sec;
3139 	lvb->timestamp.tv_usec = vb->timestamp.tv_usec;
3140 	memcpy(&lvb->timecode, &vb->timecode, sizeof (vb->timecode));
3141 	lvb->sequence = vb->sequence;
3142 	lvb->memory = vb->memory;
3143 	if (vb->memory == V4L2_MEMORY_USERPTR)
3144 		/* possible pointer size conversion */
3145 		lvb->m.userptr = PTROUT(vb->m.userptr);
3146 	else
3147 		lvb->m.offset = vb->m.offset;
3148 	lvb->length = vb->length;
3149 	lvb->input = vb->input;
3150 	lvb->reserved = vb->reserved;
3151 	return (0);
3152 }
3153 
3154 static int
linux_to_bsd_v4l2_format(struct l_v4l2_format * lvf,struct v4l2_format * vf)3155 linux_to_bsd_v4l2_format(struct l_v4l2_format *lvf, struct v4l2_format *vf)
3156 {
3157 	vf->type = lvf->type;
3158 	if (lvf->type == V4L2_BUF_TYPE_VIDEO_OVERLAY
3159 #ifdef V4L2_BUF_TYPE_VIDEO_OUTPUT_OVERLAY
3160 	    || lvf->type == V4L2_BUF_TYPE_VIDEO_OUTPUT_OVERLAY
3161 #endif
3162 	    )
3163 		/*
3164 		 * XXX TODO - needs 32 -> 64 bit conversion:
3165 		 * (unused by webcams?)
3166 		 */
3167 		return (EINVAL);
3168 	memcpy(&vf->fmt, &lvf->fmt, sizeof(vf->fmt));
3169 	return (0);
3170 }
3171 
3172 static int
bsd_to_linux_v4l2_format(struct v4l2_format * vf,struct l_v4l2_format * lvf)3173 bsd_to_linux_v4l2_format(struct v4l2_format *vf, struct l_v4l2_format *lvf)
3174 {
3175 	lvf->type = vf->type;
3176 	if (vf->type == V4L2_BUF_TYPE_VIDEO_OVERLAY
3177 #ifdef V4L2_BUF_TYPE_VIDEO_OUTPUT_OVERLAY
3178 	    || vf->type == V4L2_BUF_TYPE_VIDEO_OUTPUT_OVERLAY
3179 #endif
3180 	    )
3181 		/*
3182 		 * XXX TODO - needs 32 -> 64 bit conversion:
3183 		 * (unused by webcams?)
3184 		 */
3185 		return (EINVAL);
3186 	memcpy(&lvf->fmt, &vf->fmt, sizeof(vf->fmt));
3187 	return (0);
3188 }
3189 static int
linux_ioctl_v4l2(struct thread * td,struct linux_ioctl_args * args)3190 linux_ioctl_v4l2(struct thread *td, struct linux_ioctl_args *args)
3191 {
3192 	struct file *fp;
3193 	int error;
3194 	struct v4l2_format vformat;
3195 	struct l_v4l2_format l_vformat;
3196 	struct v4l2_standard vstd;
3197 	struct l_v4l2_standard l_vstd;
3198 	struct l_v4l2_buffer l_vbuf;
3199 	struct v4l2_buffer vbuf;
3200 	struct v4l2_input vinp;
3201 
3202 	switch (args->cmd & 0xffff) {
3203 	case LINUX_VIDIOC_RESERVED:
3204 	case LINUX_VIDIOC_LOG_STATUS:
3205 		if ((args->cmd & IOC_DIRMASK) != LINUX_IOC_VOID)
3206 			return (ENOIOCTL);
3207 		args->cmd = (args->cmd & 0xffff) | IOC_VOID;
3208 		break;
3209 
3210 	case LINUX_VIDIOC_OVERLAY:
3211 	case LINUX_VIDIOC_STREAMON:
3212 	case LINUX_VIDIOC_STREAMOFF:
3213 	case LINUX_VIDIOC_S_STD:
3214 	case LINUX_VIDIOC_S_TUNER:
3215 	case LINUX_VIDIOC_S_AUDIO:
3216 	case LINUX_VIDIOC_S_AUDOUT:
3217 	case LINUX_VIDIOC_S_MODULATOR:
3218 	case LINUX_VIDIOC_S_FREQUENCY:
3219 	case LINUX_VIDIOC_S_CROP:
3220 	case LINUX_VIDIOC_S_JPEGCOMP:
3221 	case LINUX_VIDIOC_S_PRIORITY:
3222 	case LINUX_VIDIOC_DBG_S_REGISTER:
3223 	case LINUX_VIDIOC_S_HW_FREQ_SEEK:
3224 	case LINUX_VIDIOC_SUBSCRIBE_EVENT:
3225 	case LINUX_VIDIOC_UNSUBSCRIBE_EVENT:
3226 		args->cmd = (args->cmd & ~IOC_DIRMASK) | IOC_IN;
3227 		break;
3228 
3229 	case LINUX_VIDIOC_QUERYCAP:
3230 	case LINUX_VIDIOC_G_STD:
3231 	case LINUX_VIDIOC_G_AUDIO:
3232 	case LINUX_VIDIOC_G_INPUT:
3233 	case LINUX_VIDIOC_G_OUTPUT:
3234 	case LINUX_VIDIOC_G_AUDOUT:
3235 	case LINUX_VIDIOC_G_JPEGCOMP:
3236 	case LINUX_VIDIOC_QUERYSTD:
3237 	case LINUX_VIDIOC_G_PRIORITY:
3238 	case LINUX_VIDIOC_QUERY_DV_PRESET:
3239 		args->cmd = (args->cmd & ~IOC_DIRMASK) | IOC_OUT;
3240 		break;
3241 
3242 	case LINUX_VIDIOC_ENUM_FMT:
3243 	case LINUX_VIDIOC_REQBUFS:
3244 	case LINUX_VIDIOC_G_PARM:
3245 	case LINUX_VIDIOC_S_PARM:
3246 	case LINUX_VIDIOC_G_CTRL:
3247 	case LINUX_VIDIOC_S_CTRL:
3248 	case LINUX_VIDIOC_G_TUNER:
3249 	case LINUX_VIDIOC_QUERYCTRL:
3250 	case LINUX_VIDIOC_QUERYMENU:
3251 	case LINUX_VIDIOC_S_INPUT:
3252 	case LINUX_VIDIOC_S_OUTPUT:
3253 	case LINUX_VIDIOC_ENUMOUTPUT:
3254 	case LINUX_VIDIOC_G_MODULATOR:
3255 	case LINUX_VIDIOC_G_FREQUENCY:
3256 	case LINUX_VIDIOC_CROPCAP:
3257 	case LINUX_VIDIOC_G_CROP:
3258 	case LINUX_VIDIOC_ENUMAUDIO:
3259 	case LINUX_VIDIOC_ENUMAUDOUT:
3260 	case LINUX_VIDIOC_G_SLICED_VBI_CAP:
3261 #ifdef VIDIOC_ENUM_FRAMESIZES
3262 	case LINUX_VIDIOC_ENUM_FRAMESIZES:
3263 	case LINUX_VIDIOC_ENUM_FRAMEINTERVALS:
3264 	case LINUX_VIDIOC_ENCODER_CMD:
3265 	case LINUX_VIDIOC_TRY_ENCODER_CMD:
3266 #endif
3267 	case LINUX_VIDIOC_DBG_G_REGISTER:
3268 	case LINUX_VIDIOC_DBG_G_CHIP_IDENT:
3269 	case LINUX_VIDIOC_ENUM_DV_PRESETS:
3270 	case LINUX_VIDIOC_S_DV_PRESET:
3271 	case LINUX_VIDIOC_G_DV_PRESET:
3272 	case LINUX_VIDIOC_S_DV_TIMINGS:
3273 	case LINUX_VIDIOC_G_DV_TIMINGS:
3274 		args->cmd = (args->cmd & ~IOC_DIRMASK) | IOC_INOUT;
3275 		break;
3276 
3277 	case LINUX_VIDIOC_G_FMT:
3278 	case LINUX_VIDIOC_S_FMT:
3279 	case LINUX_VIDIOC_TRY_FMT:
3280 		error = copyin((void *)args->arg, &l_vformat, sizeof(l_vformat));
3281 		if (error)
3282 			return (error);
3283 		error = fget(td, args->fd,
3284 		    &cap_ioctl_rights, &fp);
3285 		if (error)
3286 			return (error);
3287 		if (linux_to_bsd_v4l2_format(&l_vformat, &vformat) != 0)
3288 			error = EINVAL;
3289 		else if ((args->cmd & 0xffff) == LINUX_VIDIOC_G_FMT)
3290 			error = fo_ioctl(fp, VIDIOC_G_FMT, &vformat,
3291 			    td->td_ucred, td);
3292 		else if ((args->cmd & 0xffff) == LINUX_VIDIOC_S_FMT)
3293 			error = fo_ioctl(fp, VIDIOC_S_FMT, &vformat,
3294 			    td->td_ucred, td);
3295 		else
3296 			error = fo_ioctl(fp, VIDIOC_TRY_FMT, &vformat,
3297 			    td->td_ucred, td);
3298 		bsd_to_linux_v4l2_format(&vformat, &l_vformat);
3299 		copyout(&l_vformat, (void *)args->arg, sizeof(l_vformat));
3300 		fdrop(fp, td);
3301 		return (error);
3302 
3303 	case LINUX_VIDIOC_ENUMSTD:
3304 		error = copyin((void *)args->arg, &l_vstd, sizeof(l_vstd));
3305 		if (error)
3306 			return (error);
3307 		linux_to_bsd_v4l2_standard(&l_vstd, &vstd);
3308 		error = fget(td, args->fd,
3309 		    &cap_ioctl_rights, &fp);
3310 		if (error)
3311 			return (error);
3312 		error = fo_ioctl(fp, VIDIOC_ENUMSTD, (caddr_t)&vstd,
3313 		    td->td_ucred, td);
3314 		if (error) {
3315 			fdrop(fp, td);
3316 			return (error);
3317 		}
3318 		bsd_to_linux_v4l2_standard(&vstd, &l_vstd);
3319 		error = copyout(&l_vstd, (void *)args->arg, sizeof(l_vstd));
3320 		fdrop(fp, td);
3321 		return (error);
3322 
3323 	case LINUX_VIDIOC_ENUMINPUT:
3324 		/*
3325 		 * The Linux struct l_v4l2_input differs only in size,
3326 		 * it has no padding at the end.
3327 		 */
3328 		error = copyin((void *)args->arg, &vinp,
3329 				sizeof(struct l_v4l2_input));
3330 		if (error != 0)
3331 			return (error);
3332 		error = fget(td, args->fd,
3333 		    &cap_ioctl_rights, &fp);
3334 		if (error != 0)
3335 			return (error);
3336 		error = fo_ioctl(fp, VIDIOC_ENUMINPUT, (caddr_t)&vinp,
3337 		    td->td_ucred, td);
3338 		if (error) {
3339 			fdrop(fp, td);
3340 			return (error);
3341 		}
3342 		error = copyout(&vinp, (void *)args->arg,
3343 				sizeof(struct l_v4l2_input));
3344 		fdrop(fp, td);
3345 		return (error);
3346 
3347 	case LINUX_VIDIOC_QUERYBUF:
3348 	case LINUX_VIDIOC_QBUF:
3349 	case LINUX_VIDIOC_DQBUF:
3350 		error = copyin((void *)args->arg, &l_vbuf, sizeof(l_vbuf));
3351 		if (error)
3352 			return (error);
3353 		error = fget(td, args->fd,
3354 		    &cap_ioctl_rights, &fp);
3355 		if (error)
3356 			return (error);
3357 		linux_to_bsd_v4l2_buffer(&l_vbuf, &vbuf);
3358 		if ((args->cmd & 0xffff) == LINUX_VIDIOC_QUERYBUF)
3359 			error = fo_ioctl(fp, VIDIOC_QUERYBUF, &vbuf,
3360 			    td->td_ucred, td);
3361 		else if ((args->cmd & 0xffff) == LINUX_VIDIOC_QBUF)
3362 			error = fo_ioctl(fp, VIDIOC_QBUF, &vbuf,
3363 			    td->td_ucred, td);
3364 		else
3365 			error = fo_ioctl(fp, VIDIOC_DQBUF, &vbuf,
3366 			    td->td_ucred, td);
3367 		bsd_to_linux_v4l2_buffer(&vbuf, &l_vbuf);
3368 		copyout(&l_vbuf, (void *)args->arg, sizeof(l_vbuf));
3369 		fdrop(fp, td);
3370 		return (error);
3371 
3372 	/*
3373 	 * XXX TODO - these need 32 -> 64 bit conversion:
3374 	 * (are any of them needed for webcams?)
3375 	 */
3376 	case LINUX_VIDIOC_G_FBUF:
3377 	case LINUX_VIDIOC_S_FBUF:
3378 
3379 	case LINUX_VIDIOC_G_EXT_CTRLS:
3380 	case LINUX_VIDIOC_S_EXT_CTRLS:
3381 	case LINUX_VIDIOC_TRY_EXT_CTRLS:
3382 
3383 	case LINUX_VIDIOC_DQEVENT:
3384 
3385 	default:			return (ENOIOCTL);
3386 	}
3387 
3388 	error = sys_ioctl(td, (struct ioctl_args *)args);
3389 	return (error);
3390 }
3391 
3392 /*
3393  * Support for emulators/linux-libusb. This port uses FBSD_LUSB* macros
3394  * instead of USB* ones. This lets us to provide correct values for cmd.
3395  * 0xffffffe0 -- 0xffffffff range seemed to be the least collision-prone.
3396  */
3397 static int
linux_ioctl_fbsd_usb(struct thread * td,struct linux_ioctl_args * args)3398 linux_ioctl_fbsd_usb(struct thread *td, struct linux_ioctl_args *args)
3399 {
3400 	int error;
3401 
3402 	error = 0;
3403 	switch (args->cmd) {
3404 	case FBSD_LUSB_DEVICEENUMERATE:
3405 		args->cmd = USB_DEVICEENUMERATE;
3406 		break;
3407 	case FBSD_LUSB_DEV_QUIRK_ADD:
3408 		args->cmd = USB_DEV_QUIRK_ADD;
3409 		break;
3410 	case FBSD_LUSB_DEV_QUIRK_GET:
3411 		args->cmd = USB_DEV_QUIRK_GET;
3412 		break;
3413 	case FBSD_LUSB_DEV_QUIRK_REMOVE:
3414 		args->cmd = USB_DEV_QUIRK_REMOVE;
3415 		break;
3416 	case FBSD_LUSB_DO_REQUEST:
3417 		args->cmd = USB_DO_REQUEST;
3418 		break;
3419 	case FBSD_LUSB_FS_CLEAR_STALL_SYNC:
3420 		args->cmd = USB_FS_CLEAR_STALL_SYNC;
3421 		break;
3422 	case FBSD_LUSB_FS_CLOSE:
3423 		args->cmd = USB_FS_CLOSE;
3424 		break;
3425 	case FBSD_LUSB_FS_COMPLETE:
3426 		args->cmd = USB_FS_COMPLETE;
3427 		break;
3428 	case FBSD_LUSB_FS_INIT:
3429 		args->cmd = USB_FS_INIT;
3430 		break;
3431 	case FBSD_LUSB_FS_OPEN:
3432 		args->cmd = USB_FS_OPEN;
3433 		break;
3434 	case FBSD_LUSB_FS_START:
3435 		args->cmd = USB_FS_START;
3436 		break;
3437 	case FBSD_LUSB_FS_STOP:
3438 		args->cmd = USB_FS_STOP;
3439 		break;
3440 	case FBSD_LUSB_FS_UNINIT:
3441 		args->cmd = USB_FS_UNINIT;
3442 		break;
3443 	case FBSD_LUSB_GET_CONFIG:
3444 		args->cmd = USB_GET_CONFIG;
3445 		break;
3446 	case FBSD_LUSB_GET_DEVICEINFO:
3447 		args->cmd = USB_GET_DEVICEINFO;
3448 		break;
3449 	case FBSD_LUSB_GET_DEVICE_DESC:
3450 		args->cmd = USB_GET_DEVICE_DESC;
3451 		break;
3452 	case FBSD_LUSB_GET_FULL_DESC:
3453 		args->cmd = USB_GET_FULL_DESC;
3454 		break;
3455 	case FBSD_LUSB_GET_IFACE_DRIVER:
3456 		args->cmd = USB_GET_IFACE_DRIVER;
3457 		break;
3458 	case FBSD_LUSB_GET_PLUGTIME:
3459 		args->cmd = USB_GET_PLUGTIME;
3460 		break;
3461 	case FBSD_LUSB_GET_POWER_MODE:
3462 		args->cmd = USB_GET_POWER_MODE;
3463 		break;
3464 	case FBSD_LUSB_GET_REPORT_DESC:
3465 		args->cmd = USB_GET_REPORT_DESC;
3466 		break;
3467 	case FBSD_LUSB_GET_REPORT_ID:
3468 		args->cmd = USB_GET_REPORT_ID;
3469 		break;
3470 	case FBSD_LUSB_GET_TEMPLATE:
3471 		args->cmd = USB_GET_TEMPLATE;
3472 		break;
3473 	case FBSD_LUSB_IFACE_DRIVER_ACTIVE:
3474 		args->cmd = USB_IFACE_DRIVER_ACTIVE;
3475 		break;
3476 	case FBSD_LUSB_IFACE_DRIVER_DETACH:
3477 		args->cmd = USB_IFACE_DRIVER_DETACH;
3478 		break;
3479 	case FBSD_LUSB_QUIRK_NAME_GET:
3480 		args->cmd = USB_QUIRK_NAME_GET;
3481 		break;
3482 	case FBSD_LUSB_READ_DIR:
3483 		args->cmd = USB_READ_DIR;
3484 		break;
3485 	case FBSD_LUSB_SET_ALTINTERFACE:
3486 		args->cmd = USB_SET_ALTINTERFACE;
3487 		break;
3488 	case FBSD_LUSB_SET_CONFIG:
3489 		args->cmd = USB_SET_CONFIG;
3490 		break;
3491 	case FBSD_LUSB_SET_IMMED:
3492 		args->cmd = USB_SET_IMMED;
3493 		break;
3494 	case FBSD_LUSB_SET_POWER_MODE:
3495 		args->cmd = USB_SET_POWER_MODE;
3496 		break;
3497 	case FBSD_LUSB_SET_TEMPLATE:
3498 		args->cmd = USB_SET_TEMPLATE;
3499 		break;
3500 	case FBSD_LUSB_FS_OPEN_STREAM:
3501 		args->cmd = USB_FS_OPEN_STREAM;
3502 		break;
3503 	case FBSD_LUSB_GET_DEV_PORT_PATH:
3504 		args->cmd = USB_GET_DEV_PORT_PATH;
3505 		break;
3506 	case FBSD_LUSB_GET_POWER_USAGE:
3507 		args->cmd = USB_GET_POWER_USAGE;
3508 		break;
3509 	case FBSD_LUSB_DEVICESTATS:
3510 		args->cmd = USB_DEVICESTATS;
3511 		break;
3512 	default:
3513 		error = ENOIOCTL;
3514 	}
3515 	if (error != ENOIOCTL)
3516 		error = sys_ioctl(td, (struct ioctl_args *)args);
3517 	return (error);
3518 }
3519 
3520 /*
3521  * Some evdev ioctls must be translated.
3522  *  - EVIOCGMTSLOTS is a IOC_READ ioctl on Linux although it has input data
3523  *    (must be IOC_INOUT on FreeBSD).
3524  *  - On Linux, EVIOCGRAB, EVIOCREVOKE and EVIOCRMFF are defined as _IOW with
3525  *    an int argument. You don't pass an int pointer to the ioctl(), however,
3526  *    but just the int directly. On FreeBSD, they are defined as _IOWINT for
3527  *    this to work.
3528  */
3529 static int
linux_ioctl_evdev(struct thread * td,struct linux_ioctl_args * args)3530 linux_ioctl_evdev(struct thread *td, struct linux_ioctl_args *args)
3531 {
3532 	struct file *fp;
3533 	clockid_t clock;
3534 	int error;
3535 
3536 	args->cmd = SETDIR(args->cmd);
3537 
3538 	switch (args->cmd) {
3539 	case (EVIOCGRAB & ~IOC_DIRMASK) | IOC_IN:
3540 		args->cmd = EVIOCGRAB;
3541 		break;
3542 	case (EVIOCREVOKE & ~IOC_DIRMASK) | IOC_IN:
3543 		args->cmd = EVIOCREVOKE;
3544 		break;
3545 	case (EVIOCRMFF & ~IOC_DIRMASK) | IOC_IN:
3546 		args->cmd = EVIOCRMFF;
3547 		break;
3548 	case EVIOCSCLOCKID: {
3549 		error = copyin(PTRIN(args->arg), &clock, sizeof(clock));
3550 		if (error != 0)
3551 			return (error);
3552 		if (clock & ~(LINUX_IOCTL_EVDEV_CLK))
3553 			return (EINVAL);
3554 		error = linux_to_native_clockid(&clock, clock);
3555 		if (error != 0)
3556 			return (error);
3557 
3558 		error = fget(td, args->fd,
3559 		    &cap_ioctl_rights, &fp);
3560 		if (error != 0)
3561 			return (error);
3562 
3563 		error = fo_ioctl(fp, EVIOCSCLOCKID, &clock, td->td_ucred, td);
3564 		fdrop(fp, td);
3565 		return (error);
3566 	}
3567 	default:
3568 		break;
3569 	}
3570 
3571 	if (IOCBASECMD(args->cmd) ==
3572 	    ((EVIOCGMTSLOTS(0) & ~IOC_DIRMASK) | IOC_OUT))
3573 		args->cmd = (args->cmd & ~IOC_DIRMASK) | IOC_INOUT;
3574 
3575 	return (sys_ioctl(td, (struct ioctl_args *)args));
3576 }
3577 
3578 /*
3579  * main ioctl syscall function
3580  */
3581 
3582 int
linux_ioctl(struct thread * td,struct linux_ioctl_args * args)3583 linux_ioctl(struct thread *td, struct linux_ioctl_args *args)
3584 {
3585 	struct file *fp;
3586 	struct linux_ioctl_handler_element *he;
3587 	int error, cmd;
3588 
3589 	error = fget(td, args->fd, &cap_ioctl_rights, &fp);
3590 	if (error != 0)
3591 		return (error);
3592 	if ((fp->f_flag & (FREAD|FWRITE)) == 0) {
3593 		fdrop(fp, td);
3594 		return (EBADF);
3595 	}
3596 
3597 	/* Iterate over the ioctl handlers */
3598 	cmd = args->cmd & 0xffff;
3599 	sx_slock(&linux_ioctl_sx);
3600 	mtx_lock(&Giant);
3601 #ifdef COMPAT_LINUX32
3602 	TAILQ_FOREACH(he, &linux32_ioctl_handlers, list) {
3603 		if (cmd >= he->low && cmd <= he->high) {
3604 			error = (*he->func)(td, args);
3605 			if (error != ENOIOCTL) {
3606 				mtx_unlock(&Giant);
3607 				sx_sunlock(&linux_ioctl_sx);
3608 				fdrop(fp, td);
3609 				return (error);
3610 			}
3611 		}
3612 	}
3613 #endif
3614 	TAILQ_FOREACH(he, &linux_ioctl_handlers, list) {
3615 		if (cmd >= he->low && cmd <= he->high) {
3616 			error = (*he->func)(td, args);
3617 			if (error != ENOIOCTL) {
3618 				mtx_unlock(&Giant);
3619 				sx_sunlock(&linux_ioctl_sx);
3620 				fdrop(fp, td);
3621 				return (error);
3622 			}
3623 		}
3624 	}
3625 	mtx_unlock(&Giant);
3626 	sx_sunlock(&linux_ioctl_sx);
3627 	fdrop(fp, td);
3628 
3629 	switch (args->cmd & 0xffff) {
3630 	case LINUX_BTRFS_IOC_CLONE:
3631 	case LINUX_FS_IOC_FIEMAP:
3632 		return (ENOTSUP);
3633 
3634 	default:
3635 		linux_msg(td, "ioctl fd=%d, cmd=0x%x ('%c',%d) is not implemented",
3636 		    args->fd, (int)(args->cmd & 0xffff),
3637 		    (int)(args->cmd & 0xff00) >> 8, (int)(args->cmd & 0xff));
3638 		break;
3639 	}
3640 
3641 	return (EINVAL);
3642 }
3643 
3644 int
linux_ioctl_register_handler(struct linux_ioctl_handler * h)3645 linux_ioctl_register_handler(struct linux_ioctl_handler *h)
3646 {
3647 	struct linux_ioctl_handler_element *he, *cur;
3648 
3649 	if (h == NULL || h->func == NULL)
3650 		return (EINVAL);
3651 
3652 	/*
3653 	 * Reuse the element if the handler is already on the list, otherwise
3654 	 * create a new element.
3655 	 */
3656 	sx_xlock(&linux_ioctl_sx);
3657 	TAILQ_FOREACH(he, &linux_ioctl_handlers, list) {
3658 		if (he->func == h->func)
3659 			break;
3660 	}
3661 	if (he == NULL) {
3662 		he = malloc(sizeof(*he),
3663 		    M_LINUX, M_WAITOK);
3664 		he->func = h->func;
3665 	} else
3666 		TAILQ_REMOVE(&linux_ioctl_handlers, he, list);
3667 
3668 	/* Initialize range information. */
3669 	he->low = h->low;
3670 	he->high = h->high;
3671 	he->span = h->high - h->low + 1;
3672 
3673 	/* Add the element to the list, sorted on span. */
3674 	TAILQ_FOREACH(cur, &linux_ioctl_handlers, list) {
3675 		if (cur->span > he->span) {
3676 			TAILQ_INSERT_BEFORE(cur, he, list);
3677 			sx_xunlock(&linux_ioctl_sx);
3678 			return (0);
3679 		}
3680 	}
3681 	TAILQ_INSERT_TAIL(&linux_ioctl_handlers, he, list);
3682 	sx_xunlock(&linux_ioctl_sx);
3683 
3684 	return (0);
3685 }
3686 
3687 int
linux_ioctl_unregister_handler(struct linux_ioctl_handler * h)3688 linux_ioctl_unregister_handler(struct linux_ioctl_handler *h)
3689 {
3690 	struct linux_ioctl_handler_element *he;
3691 
3692 	if (h == NULL || h->func == NULL)
3693 		return (EINVAL);
3694 
3695 	sx_xlock(&linux_ioctl_sx);
3696 	TAILQ_FOREACH(he, &linux_ioctl_handlers, list) {
3697 		if (he->func == h->func) {
3698 			TAILQ_REMOVE(&linux_ioctl_handlers, he, list);
3699 			sx_xunlock(&linux_ioctl_sx);
3700 			free(he, M_LINUX);
3701 			return (0);
3702 		}
3703 	}
3704 	sx_xunlock(&linux_ioctl_sx);
3705 
3706 	return (EINVAL);
3707 }
3708 
3709 #ifdef COMPAT_LINUX32
3710 int
linux32_ioctl_register_handler(struct linux_ioctl_handler * h)3711 linux32_ioctl_register_handler(struct linux_ioctl_handler *h)
3712 {
3713 	struct linux_ioctl_handler_element *he, *cur;
3714 
3715 	if (h == NULL || h->func == NULL)
3716 		return (EINVAL);
3717 
3718 	/*
3719 	 * Reuse the element if the handler is already on the list, otherwise
3720 	 * create a new element.
3721 	 */
3722 	sx_xlock(&linux_ioctl_sx);
3723 	TAILQ_FOREACH(he, &linux32_ioctl_handlers, list) {
3724 		if (he->func == h->func)
3725 			break;
3726 	}
3727 	if (he == NULL) {
3728 		he = malloc(sizeof(*he), M_LINUX, M_WAITOK);
3729 		he->func = h->func;
3730 	} else
3731 		TAILQ_REMOVE(&linux32_ioctl_handlers, he, list);
3732 
3733 	/* Initialize range information. */
3734 	he->low = h->low;
3735 	he->high = h->high;
3736 	he->span = h->high - h->low + 1;
3737 
3738 	/* Add the element to the list, sorted on span. */
3739 	TAILQ_FOREACH(cur, &linux32_ioctl_handlers, list) {
3740 		if (cur->span > he->span) {
3741 			TAILQ_INSERT_BEFORE(cur, he, list);
3742 			sx_xunlock(&linux_ioctl_sx);
3743 			return (0);
3744 		}
3745 	}
3746 	TAILQ_INSERT_TAIL(&linux32_ioctl_handlers, he, list);
3747 	sx_xunlock(&linux_ioctl_sx);
3748 
3749 	return (0);
3750 }
3751 
3752 int
linux32_ioctl_unregister_handler(struct linux_ioctl_handler * h)3753 linux32_ioctl_unregister_handler(struct linux_ioctl_handler *h)
3754 {
3755 	struct linux_ioctl_handler_element *he;
3756 
3757 	if (h == NULL || h->func == NULL)
3758 		return (EINVAL);
3759 
3760 	sx_xlock(&linux_ioctl_sx);
3761 	TAILQ_FOREACH(he, &linux32_ioctl_handlers, list) {
3762 		if (he->func == h->func) {
3763 			TAILQ_REMOVE(&linux32_ioctl_handlers, he, list);
3764 			sx_xunlock(&linux_ioctl_sx);
3765 			free(he, M_LINUX);
3766 			return (0);
3767 		}
3768 	}
3769 	sx_xunlock(&linux_ioctl_sx);
3770 
3771 	return (EINVAL);
3772 }
3773 #endif
3774