1 // SPDX-License-Identifier: GPL-2.0 2 #include <linux/kmod.h> 3 #include <linux/netdevice.h> 4 #include <linux/etherdevice.h> 5 #include <linux/rtnetlink.h> 6 #include <linux/net_tstamp.h> 7 #include <linux/wireless.h> 8 #include <net/wext.h> 9 10 /* 11 * Map an interface index to its name (SIOCGIFNAME) 12 */ 13 14 /* 15 * We need this ioctl for efficient implementation of the 16 * if_indextoname() function required by the IPv6 API. Without 17 * it, we would have to search all the interfaces to find a 18 * match. --pb 19 */ 20 21 static int dev_ifname(struct net *net, struct ifreq __user *arg) 22 { 23 struct ifreq ifr; 24 int error; 25 26 /* 27 * Fetch the caller's info block. 28 */ 29 30 if (copy_from_user(&ifr, arg, sizeof(struct ifreq))) 31 return -EFAULT; 32 ifr.ifr_name[IFNAMSIZ-1] = 0; 33 34 error = netdev_get_name(net, ifr.ifr_name, ifr.ifr_ifindex); 35 if (error) 36 return error; 37 38 if (copy_to_user(arg, &ifr, sizeof(struct ifreq))) 39 return -EFAULT; 40 return 0; 41 } 42 43 static gifconf_func_t *gifconf_list[NPROTO]; 44 45 /** 46 * register_gifconf - register a SIOCGIF handler 47 * @family: Address family 48 * @gifconf: Function handler 49 * 50 * Register protocol dependent address dumping routines. The handler 51 * that is passed must not be freed or reused until it has been replaced 52 * by another handler. 53 */ 54 int register_gifconf(unsigned int family, gifconf_func_t *gifconf) 55 { 56 if (family >= NPROTO) 57 return -EINVAL; 58 gifconf_list[family] = gifconf; 59 return 0; 60 } 61 EXPORT_SYMBOL(register_gifconf); 62 63 /* 64 * Perform a SIOCGIFCONF call. This structure will change 65 * size eventually, and there is nothing I can do about it. 66 * Thus we will need a 'compatibility mode'. 67 */ 68 69 static int dev_ifconf(struct net *net, char __user *arg) 70 { 71 struct ifconf ifc; 72 struct net_device *dev; 73 char __user *pos; 74 int len; 75 int total; 76 int i; 77 78 /* 79 * Fetch the caller's info block. 80 */ 81 82 if (copy_from_user(&ifc, arg, sizeof(struct ifconf))) 83 return -EFAULT; 84 85 pos = ifc.ifc_buf; 86 len = ifc.ifc_len; 87 88 /* 89 * Loop over the interfaces, and write an info block for each. 90 */ 91 92 total = 0; 93 for_each_netdev(net, dev) { 94 for (i = 0; i < NPROTO; i++) { 95 if (gifconf_list[i]) { 96 int done; 97 if (!pos) 98 done = gifconf_list[i](dev, NULL, 0); 99 else 100 done = gifconf_list[i](dev, pos + total, 101 len - total); 102 if (done < 0) 103 return -EFAULT; 104 total += done; 105 } 106 } 107 } 108 109 /* 110 * All done. Write the updated control block back to the caller. 111 */ 112 ifc.ifc_len = total; 113 114 /* 115 * Both BSD and Solaris return 0 here, so we do too. 116 */ 117 return copy_to_user(arg, &ifc, sizeof(struct ifconf)) ? -EFAULT : 0; 118 } 119 120 /* 121 * Perform the SIOCxIFxxx calls, inside rcu_read_lock() 122 */ 123 static int dev_ifsioc_locked(struct net *net, struct ifreq *ifr, unsigned int cmd) 124 { 125 int err; 126 struct net_device *dev = dev_get_by_name_rcu(net, ifr->ifr_name); 127 128 if (!dev) 129 return -ENODEV; 130 131 switch (cmd) { 132 case SIOCGIFFLAGS: /* Get interface flags */ 133 ifr->ifr_flags = (short) dev_get_flags(dev); 134 return 0; 135 136 case SIOCGIFMETRIC: /* Get the metric on the interface 137 (currently unused) */ 138 ifr->ifr_metric = 0; 139 return 0; 140 141 case SIOCGIFMTU: /* Get the MTU of a device */ 142 ifr->ifr_mtu = dev->mtu; 143 return 0; 144 145 case SIOCGIFHWADDR: 146 if (!dev->addr_len) 147 memset(ifr->ifr_hwaddr.sa_data, 0, 148 sizeof(ifr->ifr_hwaddr.sa_data)); 149 else 150 memcpy(ifr->ifr_hwaddr.sa_data, dev->dev_addr, 151 min(sizeof(ifr->ifr_hwaddr.sa_data), 152 (size_t)dev->addr_len)); 153 ifr->ifr_hwaddr.sa_family = dev->type; 154 return 0; 155 156 case SIOCGIFSLAVE: 157 err = -EINVAL; 158 break; 159 160 case SIOCGIFMAP: 161 ifr->ifr_map.mem_start = dev->mem_start; 162 ifr->ifr_map.mem_end = dev->mem_end; 163 ifr->ifr_map.base_addr = dev->base_addr; 164 ifr->ifr_map.irq = dev->irq; 165 ifr->ifr_map.dma = dev->dma; 166 ifr->ifr_map.port = dev->if_port; 167 return 0; 168 169 case SIOCGIFINDEX: 170 ifr->ifr_ifindex = dev->ifindex; 171 return 0; 172 173 case SIOCGIFTXQLEN: 174 ifr->ifr_qlen = dev->tx_queue_len; 175 return 0; 176 177 default: 178 /* dev_ioctl() should ensure this case 179 * is never reached 180 */ 181 WARN_ON(1); 182 err = -ENOTTY; 183 break; 184 185 } 186 return err; 187 } 188 189 static int net_hwtstamp_validate(struct ifreq *ifr) 190 { 191 struct hwtstamp_config cfg; 192 enum hwtstamp_tx_types tx_type; 193 enum hwtstamp_rx_filters rx_filter; 194 int tx_type_valid = 0; 195 int rx_filter_valid = 0; 196 197 if (copy_from_user(&cfg, ifr->ifr_data, sizeof(cfg))) 198 return -EFAULT; 199 200 if (cfg.flags) /* reserved for future extensions */ 201 return -EINVAL; 202 203 tx_type = cfg.tx_type; 204 rx_filter = cfg.rx_filter; 205 206 switch (tx_type) { 207 case HWTSTAMP_TX_OFF: 208 case HWTSTAMP_TX_ON: 209 case HWTSTAMP_TX_ONESTEP_SYNC: 210 tx_type_valid = 1; 211 break; 212 } 213 214 switch (rx_filter) { 215 case HWTSTAMP_FILTER_NONE: 216 case HWTSTAMP_FILTER_ALL: 217 case HWTSTAMP_FILTER_SOME: 218 case HWTSTAMP_FILTER_PTP_V1_L4_EVENT: 219 case HWTSTAMP_FILTER_PTP_V1_L4_SYNC: 220 case HWTSTAMP_FILTER_PTP_V1_L4_DELAY_REQ: 221 case HWTSTAMP_FILTER_PTP_V2_L4_EVENT: 222 case HWTSTAMP_FILTER_PTP_V2_L4_SYNC: 223 case HWTSTAMP_FILTER_PTP_V2_L4_DELAY_REQ: 224 case HWTSTAMP_FILTER_PTP_V2_L2_EVENT: 225 case HWTSTAMP_FILTER_PTP_V2_L2_SYNC: 226 case HWTSTAMP_FILTER_PTP_V2_L2_DELAY_REQ: 227 case HWTSTAMP_FILTER_PTP_V2_EVENT: 228 case HWTSTAMP_FILTER_PTP_V2_SYNC: 229 case HWTSTAMP_FILTER_PTP_V2_DELAY_REQ: 230 case HWTSTAMP_FILTER_NTP_ALL: 231 rx_filter_valid = 1; 232 break; 233 } 234 235 if (!tx_type_valid || !rx_filter_valid) 236 return -ERANGE; 237 238 return 0; 239 } 240 241 /* 242 * Perform the SIOCxIFxxx calls, inside rtnl_lock() 243 */ 244 static int dev_ifsioc(struct net *net, struct ifreq *ifr, unsigned int cmd) 245 { 246 int err; 247 struct net_device *dev = __dev_get_by_name(net, ifr->ifr_name); 248 const struct net_device_ops *ops; 249 250 if (!dev) 251 return -ENODEV; 252 253 ops = dev->netdev_ops; 254 255 switch (cmd) { 256 case SIOCSIFFLAGS: /* Set interface flags */ 257 return dev_change_flags(dev, ifr->ifr_flags); 258 259 case SIOCSIFMETRIC: /* Set the metric on the interface 260 (currently unused) */ 261 return -EOPNOTSUPP; 262 263 case SIOCSIFMTU: /* Set the MTU of a device */ 264 return dev_set_mtu(dev, ifr->ifr_mtu); 265 266 case SIOCSIFHWADDR: 267 if (dev->addr_len > sizeof(struct sockaddr)) 268 return -EINVAL; 269 return dev_set_mac_address(dev, &ifr->ifr_hwaddr); 270 271 case SIOCSIFHWBROADCAST: 272 if (ifr->ifr_hwaddr.sa_family != dev->type) 273 return -EINVAL; 274 memcpy(dev->broadcast, ifr->ifr_hwaddr.sa_data, 275 min(sizeof(ifr->ifr_hwaddr.sa_data), 276 (size_t)dev->addr_len)); 277 call_netdevice_notifiers(NETDEV_CHANGEADDR, dev); 278 return 0; 279 280 case SIOCSIFMAP: 281 if (ops->ndo_set_config) { 282 if (!netif_device_present(dev)) 283 return -ENODEV; 284 return ops->ndo_set_config(dev, &ifr->ifr_map); 285 } 286 return -EOPNOTSUPP; 287 288 case SIOCADDMULTI: 289 if (!ops->ndo_set_rx_mode || 290 ifr->ifr_hwaddr.sa_family != AF_UNSPEC) 291 return -EINVAL; 292 if (!netif_device_present(dev)) 293 return -ENODEV; 294 return dev_mc_add_global(dev, ifr->ifr_hwaddr.sa_data); 295 296 case SIOCDELMULTI: 297 if (!ops->ndo_set_rx_mode || 298 ifr->ifr_hwaddr.sa_family != AF_UNSPEC) 299 return -EINVAL; 300 if (!netif_device_present(dev)) 301 return -ENODEV; 302 return dev_mc_del_global(dev, ifr->ifr_hwaddr.sa_data); 303 304 case SIOCSIFTXQLEN: 305 if (ifr->ifr_qlen < 0) 306 return -EINVAL; 307 if (dev->tx_queue_len ^ ifr->ifr_qlen) { 308 unsigned int orig_len = dev->tx_queue_len; 309 310 dev->tx_queue_len = ifr->ifr_qlen; 311 err = call_netdevice_notifiers( 312 NETDEV_CHANGE_TX_QUEUE_LEN, dev); 313 err = notifier_to_errno(err); 314 if (err) { 315 dev->tx_queue_len = orig_len; 316 return err; 317 } 318 } 319 return 0; 320 321 case SIOCSIFNAME: 322 ifr->ifr_newname[IFNAMSIZ-1] = '\0'; 323 return dev_change_name(dev, ifr->ifr_newname); 324 325 case SIOCSHWTSTAMP: 326 err = net_hwtstamp_validate(ifr); 327 if (err) 328 return err; 329 /* fall through */ 330 331 /* 332 * Unknown or private ioctl 333 */ 334 default: 335 if ((cmd >= SIOCDEVPRIVATE && 336 cmd <= SIOCDEVPRIVATE + 15) || 337 cmd == SIOCBONDENSLAVE || 338 cmd == SIOCBONDRELEASE || 339 cmd == SIOCBONDSETHWADDR || 340 cmd == SIOCBONDSLAVEINFOQUERY || 341 cmd == SIOCBONDINFOQUERY || 342 cmd == SIOCBONDCHANGEACTIVE || 343 cmd == SIOCGMIIPHY || 344 cmd == SIOCGMIIREG || 345 cmd == SIOCSMIIREG || 346 cmd == SIOCBRADDIF || 347 cmd == SIOCBRDELIF || 348 cmd == SIOCSHWTSTAMP || 349 cmd == SIOCGHWTSTAMP || 350 cmd == SIOCWANDEV) { 351 err = -EOPNOTSUPP; 352 if (ops->ndo_do_ioctl) { 353 if (netif_device_present(dev)) 354 err = ops->ndo_do_ioctl(dev, ifr, cmd); 355 else 356 err = -ENODEV; 357 } 358 } else 359 err = -EINVAL; 360 361 } 362 return err; 363 } 364 365 /** 366 * dev_load - load a network module 367 * @net: the applicable net namespace 368 * @name: name of interface 369 * 370 * If a network interface is not present and the process has suitable 371 * privileges this function loads the module. If module loading is not 372 * available in this kernel then it becomes a nop. 373 */ 374 375 void dev_load(struct net *net, const char *name) 376 { 377 struct net_device *dev; 378 int no_module; 379 380 rcu_read_lock(); 381 dev = dev_get_by_name_rcu(net, name); 382 rcu_read_unlock(); 383 384 no_module = !dev; 385 if (no_module && capable(CAP_NET_ADMIN)) 386 no_module = request_module("netdev-%s", name); 387 if (no_module && capable(CAP_SYS_MODULE)) 388 request_module("%s", name); 389 } 390 EXPORT_SYMBOL(dev_load); 391 392 /* 393 * This function handles all "interface"-type I/O control requests. The actual 394 * 'doing' part of this is dev_ifsioc above. 395 */ 396 397 /** 398 * dev_ioctl - network device ioctl 399 * @net: the applicable net namespace 400 * @cmd: command to issue 401 * @arg: pointer to a struct ifreq in user space 402 * 403 * Issue ioctl functions to devices. This is normally called by the 404 * user space syscall interfaces but can sometimes be useful for 405 * other purposes. The return value is the return from the syscall if 406 * positive or a negative errno code on error. 407 */ 408 409 int dev_ioctl(struct net *net, unsigned int cmd, void __user *arg) 410 { 411 struct ifreq ifr; 412 int ret; 413 char *colon; 414 415 /* One special case: SIOCGIFCONF takes ifconf argument 416 and requires shared lock, because it sleeps writing 417 to user space. 418 */ 419 420 if (cmd == SIOCGIFCONF) { 421 rtnl_lock(); 422 ret = dev_ifconf(net, (char __user *) arg); 423 rtnl_unlock(); 424 return ret; 425 } 426 if (cmd == SIOCGIFNAME) 427 return dev_ifname(net, (struct ifreq __user *)arg); 428 429 /* 430 * Take care of Wireless Extensions. Unfortunately struct iwreq 431 * isn't a proper subset of struct ifreq (it's 8 byte shorter) 432 * so we need to treat it specially, otherwise applications may 433 * fault if the struct they're passing happens to land at the 434 * end of a mapped page. 435 */ 436 if (cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST) { 437 struct iwreq iwr; 438 439 if (copy_from_user(&iwr, arg, sizeof(iwr))) 440 return -EFAULT; 441 442 iwr.ifr_name[sizeof(iwr.ifr_name) - 1] = 0; 443 444 return wext_handle_ioctl(net, &iwr, cmd, arg); 445 } 446 447 if (copy_from_user(&ifr, arg, sizeof(struct ifreq))) 448 return -EFAULT; 449 450 ifr.ifr_name[IFNAMSIZ-1] = 0; 451 452 colon = strchr(ifr.ifr_name, ':'); 453 if (colon) 454 *colon = 0; 455 456 /* 457 * See which interface the caller is talking about. 458 */ 459 460 switch (cmd) { 461 /* 462 * These ioctl calls: 463 * - can be done by all. 464 * - atomic and do not require locking. 465 * - return a value 466 */ 467 case SIOCGIFFLAGS: 468 case SIOCGIFMETRIC: 469 case SIOCGIFMTU: 470 case SIOCGIFHWADDR: 471 case SIOCGIFSLAVE: 472 case SIOCGIFMAP: 473 case SIOCGIFINDEX: 474 case SIOCGIFTXQLEN: 475 dev_load(net, ifr.ifr_name); 476 rcu_read_lock(); 477 ret = dev_ifsioc_locked(net, &ifr, cmd); 478 rcu_read_unlock(); 479 if (!ret) { 480 if (colon) 481 *colon = ':'; 482 if (copy_to_user(arg, &ifr, 483 sizeof(struct ifreq))) 484 ret = -EFAULT; 485 } 486 return ret; 487 488 case SIOCETHTOOL: 489 dev_load(net, ifr.ifr_name); 490 rtnl_lock(); 491 ret = dev_ethtool(net, &ifr); 492 rtnl_unlock(); 493 if (!ret) { 494 if (colon) 495 *colon = ':'; 496 if (copy_to_user(arg, &ifr, 497 sizeof(struct ifreq))) 498 ret = -EFAULT; 499 } 500 return ret; 501 502 /* 503 * These ioctl calls: 504 * - require superuser power. 505 * - require strict serialization. 506 * - return a value 507 */ 508 case SIOCGMIIPHY: 509 case SIOCGMIIREG: 510 case SIOCSIFNAME: 511 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 512 return -EPERM; 513 dev_load(net, ifr.ifr_name); 514 rtnl_lock(); 515 ret = dev_ifsioc(net, &ifr, cmd); 516 rtnl_unlock(); 517 if (!ret) { 518 if (colon) 519 *colon = ':'; 520 if (copy_to_user(arg, &ifr, 521 sizeof(struct ifreq))) 522 ret = -EFAULT; 523 } 524 return ret; 525 526 /* 527 * These ioctl calls: 528 * - require superuser power. 529 * - require strict serialization. 530 * - do not return a value 531 */ 532 case SIOCSIFMAP: 533 case SIOCSIFTXQLEN: 534 if (!capable(CAP_NET_ADMIN)) 535 return -EPERM; 536 /* fall through */ 537 /* 538 * These ioctl calls: 539 * - require local superuser power. 540 * - require strict serialization. 541 * - do not return a value 542 */ 543 case SIOCSIFFLAGS: 544 case SIOCSIFMETRIC: 545 case SIOCSIFMTU: 546 case SIOCSIFHWADDR: 547 case SIOCSIFSLAVE: 548 case SIOCADDMULTI: 549 case SIOCDELMULTI: 550 case SIOCSIFHWBROADCAST: 551 case SIOCSMIIREG: 552 case SIOCBONDENSLAVE: 553 case SIOCBONDRELEASE: 554 case SIOCBONDSETHWADDR: 555 case SIOCBONDCHANGEACTIVE: 556 case SIOCBRADDIF: 557 case SIOCBRDELIF: 558 case SIOCSHWTSTAMP: 559 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 560 return -EPERM; 561 /* fall through */ 562 case SIOCBONDSLAVEINFOQUERY: 563 case SIOCBONDINFOQUERY: 564 dev_load(net, ifr.ifr_name); 565 rtnl_lock(); 566 ret = dev_ifsioc(net, &ifr, cmd); 567 rtnl_unlock(); 568 return ret; 569 570 case SIOCGIFMEM: 571 /* Get the per device memory space. We can add this but 572 * currently do not support it */ 573 case SIOCSIFMEM: 574 /* Set the per device memory buffer space. 575 * Not applicable in our case */ 576 case SIOCSIFLINK: 577 return -ENOTTY; 578 579 /* 580 * Unknown or private ioctl. 581 */ 582 default: 583 if (cmd == SIOCWANDEV || 584 cmd == SIOCGHWTSTAMP || 585 (cmd >= SIOCDEVPRIVATE && 586 cmd <= SIOCDEVPRIVATE + 15)) { 587 dev_load(net, ifr.ifr_name); 588 rtnl_lock(); 589 ret = dev_ifsioc(net, &ifr, cmd); 590 rtnl_unlock(); 591 if (!ret && copy_to_user(arg, &ifr, 592 sizeof(struct ifreq))) 593 ret = -EFAULT; 594 return ret; 595 } 596 return -ENOTTY; 597 } 598 } 599